{"id":312821,"date":"2026-06-24T01:38:51","date_gmt":"2026-06-24T01:38:51","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/x402-pay\/"},"modified":"2026-06-24T01:38:31","modified_gmt":"2026-06-24T01:38:31","slug":"x402-pay","status":"publish","type":"plugin","link":"https:\/\/lug.wordpress.org\/plugins\/x402-pay\/","author":17657928,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"0.1.3","stable_tag":"0.1.3","tested":"7.0","requires":"7.0","requires_php":"8.1","requires_plugins":null,"header_name":"x402 Pay","header_author":"","header_description":"A USDC paywall for AI crawlers and bots: return HTTP 402, accept a signed micropayment, then serve the content.","assets_banners_color":"fafbfd","last_updated":"2026-06-24 01:38:31","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"","header_author_uri":"","rating":0,"author_block_rating":0,"active_installs":0,"downloads":46,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"0.1.3":{"tag":"0.1.3","author":"dufresnesteven","date":"2026-06-24 01:38:31"}},"upgrade_notice":[],"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3583942,"resolution":"128x128","location":"assets","locale":"","width":160,"height":160}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3583942,"resolution":"1544x500","location":"assets","locale":"","width":1544,"height":500}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["0.1.3"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3583942,"resolution":"1","location":"assets","locale":"","width":2548,"height":2002},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3583942,"resolution":"2","location":"assets","locale":"","width":2548,"height":2002},"screenshot-3.png":{"filename":"screenshot-3.png","revision":3583942,"resolution":"3","location":"assets","locale":"","width":2548,"height":2002}},"screenshots":{"1":"Choose paywall scope, audience, and price from a single Settings page.","2":"Switch to Coinbase CDP to accept USDC on Base mainnet using your CDP API key.","3":"The paywall page a human reader sees, with pay buttons for popular wallets."}},"plugin_section":[],"plugin_tags":[268635,506,12688,209195,260969],"plugin_category":[],"plugin_contributors":[181831,77588],"plugin_business_model":[],"class_list":["post-312821","plugin","type-plugin","status-publish","hentry","plugin_tags-http-402","plugin_tags-micropayments","plugin_tags-paywall","plugin_tags-usdc","plugin_tags-x402","plugin_contributors-dufresnesteven","plugin_contributors-tellyworth","plugin_committers-dufresnesteven","plugin_committers-tellyworth"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/x402-pay\/assets\/icon-128x128.png?rev=3583942","icon_2x":false,"generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/x402-pay\/assets\/screenshot-1.png?rev=3583942","caption":"Choose paywall scope, audience, and price from a single Settings page."},{"src":"https:\/\/ps.w.org\/x402-pay\/assets\/screenshot-2.png?rev=3583942","caption":"Switch to Coinbase CDP to accept USDC on Base mainnet using your CDP API key."},{"src":"https:\/\/ps.w.org\/x402-pay\/assets\/screenshot-3.png?rev=3583942","caption":"The paywall page a human reader sees, with pay buttons for popular wallets."}],"raw_content":"<!--section=description-->\n<p>x402 Pay gates selected WordPress posts behind an x402 payment. When a paywalled URL is requested without a valid <code>Payment-Signature<\/code> header, the plugin responds with HTTP 402 and a <code>PAYMENT-REQUIRED<\/code> payload describing how to pay. Bots, API clients, and browser-wallet users can sign a USDC transfer, retry the request, and get the response.<\/p>\n\n<p>Use it to:<\/p>\n\n<ul>\n<li>Charge automated agents per article view.<\/li>\n<li>Offer pay-per-request access to a small set of premium posts.<\/li>\n<li>Test the x402 payment flow on Base Sepolia without setting up your own facilitator.<\/li>\n<\/ul>\n\n<p>The plugin is inert until you pick a paywall mode in <strong>Settings \u2192 x402 Pay<\/strong>. The default mode is \"No posts,\" so installing the plugin alone does not gate anything or contact any external service.<\/p>\n\n<h4>Audience and modes<\/h4>\n\n<ul>\n<li><strong>Audience<\/strong> decides who gets paywalled. \"Only bots\" (default) uses crawler detection so human readers still see your content. \"Everyone\" gates both humans and bots.<\/li>\n<li><strong>Mode<\/strong> decides which posts qualify. Choose \"No posts\" (off), \"All posts,\" or restrict the paywall to a chosen category.<\/li>\n<\/ul>\n\n<h4>Built-in facilitators<\/h4>\n\n<ul>\n<li><strong>x402.org (Test network)<\/strong> \u2014 routes verify and settle calls through the public x402.org facilitator on Base Sepolia. Default for new installs. No real funds move.<\/li>\n<li><strong>Coinbase CDP<\/strong> \u2014 routes through Coinbase Developer Platform on Base mainnet (real USDC). Requires a CDP API key.<\/li>\n<\/ul>\n\n<h3>External services<\/h3>\n\n<p>This plugin connects to external x402 facilitators to verify and settle payments. A facilitator is <strong>only contacted when a request hits a paywalled URL<\/strong> carrying a <code>Payment-Signature<\/code> header, or when an admin clicks <strong>Test connection<\/strong> on the settings page. Installing the plugin without selecting a paywall mode triggers no outbound calls.<\/p>\n\n<h4>x402.org (Test network)<\/h4>\n\n<p>Used by the default <code>x402.org (Test network)<\/code> connector.<\/p>\n\n<ul>\n<li>Endpoint: <code>https:\/\/x402.org\/facilitator\/<\/code><\/li>\n<li>What is sent: x402 PaymentRequirements (your receiving wallet address, amount, asset, network, resource URL) and the paying client's PaymentPayload (a signed USDC <code>transferWithAuthorization<\/code> authorization).<\/li>\n<li>Why: to verify and settle the USDC payment on Base Sepolia.<\/li>\n<li>Site: https:\/\/www.x402.org\/<\/li>\n<li>Terms of use: https:\/\/lfprojects.org\/policies\/terms-of-use\/<\/li>\n<li>Privacy policy: https:\/\/lfprojects.org\/policies\/privacy-policy\/<\/li>\n<li>This is a public testnet facilitator; do not use it for production paywalls.<\/li>\n<\/ul>\n\n<h4>Coinbase Developer Platform<\/h4>\n\n<p>Used only when an admin selects the <strong>Coinbase CDP<\/strong> connector and saves an API key.<\/p>\n\n<ul>\n<li>Endpoint: <code>https:\/\/api.cdp.coinbase.com\/platform\/v2\/x402\/<\/code><\/li>\n<li>What is sent: the same x402 PaymentRequirements and PaymentPayload, plus a CDP-signed JWT proving the API key.<\/li>\n<li>Why: to verify and settle the USDC payment on Base mainnet.<\/li>\n<li>Terms of service: https:\/\/coinbase.com\/legal\/developer-platform\/terms-of-service\/<\/li>\n<li>Privacy policy: https:\/\/coinbase.com\/legal\/privacy<\/li>\n<\/ul>\n\n<h3>Development<\/h3>\n\n<p>Source, build instructions, and issue tracker: https:\/\/github.com\/Automattic\/x402-pay<\/p>\n\n<p>The admin UI is built from <code>assets\/src\/index.jsx<\/code> via <code>npm run build<\/code>; the bundled <code>assets\/build\/index.js<\/code> is the compiled output.<\/p>\n\n<!--section=installation-->\n<ol>\n<li>Install and activate the plugin.<\/li>\n<li>Visit <strong>Settings \u2192 x402 Pay<\/strong>.<\/li>\n<li>Enter the wallet address that should receive payments.<\/li>\n<li>Pick a paywall mode and audience.<\/li>\n<li>Pick a facilitator. For Coinbase, paste your CDP API Key ID and secret.<\/li>\n<li>Save.<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"what%20does%20a%20paywalled%20request%20look%20like%3F\"><h3>What does a paywalled request look like?<\/h3><\/dt>\n<dd><p>If the request does not carry a valid <code>Payment-Signature<\/code> header, the plugin returns HTTP 402 with a <code>PAYMENT-REQUIRED<\/code> response header containing the encoded x402 PaymentRequirements. Clients sign the requirements and retry the request.<\/p><\/dd>\n<dt id=\"does%20this%20charge%20human%20readers%3F\"><h3>Does this charge human readers?<\/h3><\/dt>\n<dd><p>Only if you set Audience to \"Everyone.\" The default is \"Only bots\/crawlers\" so humans see posts as normal and only detected bot\/agent traffic gets a 402.<\/p><\/dd>\n<dt id=\"do%20i%20need%20eth%20to%20receive%20payments%3F\"><h3>Do I need ETH to receive payments?<\/h3><\/dt>\n<dd><p>No. x402 uses EIP-3009 <code>transferWithAuthorization<\/code>; the facilitator pays gas. You only need USDC inbound.<\/p><\/dd>\n<dt id=\"where%20are%20api%20keys%20stored%3F\"><h3>Where are API keys stored?<\/h3><\/dt>\n<dd><p>Coinbase CDP secrets are stored in their own <code>wp_options<\/code> row, or can be supplied via a <code>wp-config.php<\/code> constant or environment variable so they stay out of the database entirely.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>0.1.3<\/h4>\n\n<ul>\n<li>Use canonical coinbase.com legal URLs so the terms and privacy links pass Plugin Directory link validation.<\/li>\n<\/ul>\n\n<h4>0.1.2<\/h4>\n\n<ul>\n<li>Public 402 page assets now use WordPress enqueue APIs for Plugin Directory review compliance.<\/li>\n<\/ul>\n\n<h4>0.1.1<\/h4>\n\n<ul>\n<li>Paywall page now swaps the wallet buttons for a single live status message while a payment is in progress, and surfaces wallet rejections or settlement failures in a dismissible modal so visitors can retry.<\/li>\n<\/ul>\n\n<h4>0.1.0<\/h4>\n\n<ul>\n<li>Initial release: paywall posts by category or all posts; gate humans, bots, or both; verify and settle USDC payments via x402.org on Base Sepolia or Coinbase CDP on Base mainnet.<\/li>\n<\/ul>","raw_excerpt":"A USDC paywall for AI crawlers and bots: return HTTP 402, accept a signed micropayment, then serve the content.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/lug.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/312821","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lug.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/lug.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/lug.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=312821"}],"author":[{"embeddable":true,"href":"https:\/\/lug.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/dufresnesteven"}],"wp:attachment":[{"href":"https:\/\/lug.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=312821"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/lug.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=312821"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/lug.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=312821"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/lug.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=312821"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/lug.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=312821"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/lug.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=312821"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}