1. Introduction: The "Black Box" Problem
The current landscape of autonomous AI agents is a fractured ecosystem of silos. While Large Language Models (LLMs) provide the cognitive engine for autonomy, agents currently lack a standardized layer for identity and secure settlement. In the "Wild West" of the Agentic Web, an agent cannot easily prove its pedigree, establish a verifiable track record, or engage in trustless commerce.
How do we trust a non-human entity that cannot be physically located and has no foundational legal and financial framework? Blockchain is uniquely positioned to serve as a public, governance-less verification layer for AI agents. By integrating three critical technical pillars—Identity (EIP-8004), Commerce (EIP-8183), and Payments (x402)—we can build an open machine economy where AI agents operate as sovereign economic actors, secured by trustless primitives rather than centralized gatekeepers.
2. EIP-8004: The Agent’s Resume
To participate in the agentic economy, an agent must first be identifiable and verifiable across organizational boundaries. EIP-8004 provides this foundation by utilizing an NFT-based system, in which agents obtain identifiers that are unique and compatible with existing Web3 infrastructure. The architecture relies on three primary registry pillars:
- Identity Registry (Existence): Assigns a unique agentId and resolves to an off-chain "Agent Card" (JSON) listing skills and endpoints. The agentId takes the form of
{namespace}:{chainId}:{identityRegistry} (e.g., eip155:1:0x742...). This provides a global namespace for agent discovery across disparate networks. The tokenURI in ERC-721 is referred to as agentURI, which must resolve to the agent registration file that includes the agent’s type, name, description, active status, the services supported, and registration information. The registry extends ERC-721 by adding a metadata field, which includes the agent’s wallet information (i.e.agentWallet). The reserved agentWallet metadata enables agentic payment, and requires an EIP-712 or ERC-1271 signature to change, ensuring that only the rightful owner can redirect payment flows. - Reputation Registry (Track Record): Provides a permanent, on-chain audit trail of feedback signals. New feedback can be added by any client (except the agent owner or its approved operator) on a valid registered agent. Feedback can also be revoked by the same client. The reputation registry allows simple filtering on-chain, but primarily serves as a raw data source for sophisticated off-chain scoring algorithms for agent reputation, for example, filtering feedback submitters based on their address and payment history to prevent malicious actors using freshly created addresses to inflate reputation.
- Validation Registry (Proof of Correctness): This registry enables agents to request verification of their work and allows validator smart contracts to provide responses that can be tracked on-chain. This moves the agent beyond a "black box" by allowing its outputs to be audited via a variety of mechanisms, such as ZK proofs, Trusted Execution Environment (TEE) attestations, or stake-secured re-execution.
As of early May 2026, the Identity Registry and Reputation Registry smart contracts have been deployed on ~30 blockchain networks (e.g. 0x8004A169FB4a3325136EB29fA0ceB6D2e539a432 and 0x8004BAa17C55a88189AE136b182e5fdA19dE9b63 on ETH mainnet), based on the data on 8004scan.io. The implementation of the Validation Registry is still in the early stages, with limited deployment examples.
3. EIP-8183: Defining the Rules of "Hire-Deliver-Settle"
If EIP-8004 allows agent discovery, EIP-8183 (the Agentic Commerce Protocol) defines the protocol for agentic transaction itself. Co-developed by Virtuals Protocol and the Ethereum Foundation's dAI team, this standard acts as a state-machine-driven escrow kernel, formalizing the "Job" primitive. It utilizes a tripartite role system: a Client (entrustor), a Provider (executor), and an Evaluator.
There is a strict separation of concerns between the Client, the Provider, and the Evaluator in the core functions of EIP-8004:
createJob: The Client defines the operational parameters for the job.setProvider: The Client chooses a Provider to do the job.setBudget: The Client or Provider calls to agree on the price for the job.fund: The Client locks the budget and transitions the job to the Funded state.submit: The Provider calls to signal job completion and transitions state toSubmitted.complete/reject: The Evaluator calls to trigger the final state transition to eitherCompletedorRejected.claimRefund: When timestamp exceeds job expiration time, anyone can call and refund the Client and set the state toExpired.
The Evaluator is the most important design choice in this architecture. This role acts as the "logical brain" of the transaction, ensuring funds are released only when specifications are met. Since they alone possess the authority to trigger the complete or reject function once a job is funded, they represent the most significant point of failure, and the most important trust assumption in the system. As the authors of EIP-8183 warn: "The Evaluator Is Harder Than the Contract."
Evaluators can take several forms, such as:
- AI Agents (Subjective): Useful for grading content or design, but can be susceptible to prompt injection or model bias.
- ZK Circuit Contracts (Objective): The provider submits a ZK-proof that the contract verifies on-chain, triggering an automatic complete call. High technical overhead, but zero trust required.
- Multi-signature Wallet (High-Value): Uses human judgement, but introduces centralization risk and latency.
One other consideration is what happens when the evaluator fails to adjudicate the job. The ultimate failsafe against "Evaluator Downtime" is the expiredAt parameter. It is the only mechanism that allows a client to recover funds via claimRefund if an evaluator goes MIA.
Additionally, in order to maintain a minimal core while supporting complex business logic, EIP-8183 introduces a "hooks" mechanism. These beforeAction and afterAction callbacks allow developers to implement pre-fund validation (e.g. KYC gates) or post-complete reputation updates (e.g. writing attestations back to EIP-8004 reputation registry) without modifying the core escrow contract. Notably, the claimRefund() function is not hookable, so that refunds after expiry cannot be blocked by a malicious hook.
4. x402: The Native Payment Rail for Agents
For an agent economy to function at machine speed, payments must be as low-friction as an API call. x402 is a new open payment protocol developed by Coinbase that enables instant, automatic stablecoin payments. The x402 protocol revives the long-dormant HTTP 402 "Payment Required" status code to create a native payment rail for the web. This standard enables autonomous agents to pay for resources per-request, per-token, or per-second of compute. x402 uses three standardized headers for payment communication:
| Header | Direction | Description |
|---|---|---|
| PAYMENT-REQUIRED | Server → Client | Base64-encoded PaymentRequired object |
| PAYMENT-SIGNATURE | Client → Server | Base64-encoded PaymentPayload object |
| PAYMENT-RESPONSE | Server → Client | Base64-encoded SettlementResponse object |
The server is the resource provider enforcing payment for access to its services. If a server supports x402, when an API returns a 402 response, it includes a structured JSON payload with the following fields:
| Field | Description |
|---|---|
| maxAmountRequired | Maximum payment amount required (e.g., ”0.10”) |
| assetType | Token standard (e.g., ”ERC20”) |
| assetAddress | Contract address of the payment token |
| paymentAddress | Recipient’s wallet address |
| network | Blockchain network identifier (e.g., ”base-mainnet”) |
| expiresAt | Timestamp after which this payment request is no longer valid |
| nonce | Unique identifier to prevent replay attacks |
| paymentId | Unique identifier for this payment request |
Upon receiving the PaymentRequired object, the client can submit a PaymentPayload that includes:
- All fields from the payment request
- The actual payment amount (must be ≤ maxAmountRequired)
- Timestamp of the authorization
- Cryptographic signature from the paying wallet (EIP-712 standard)
Payment payload verification and payment settlement can be handled either by the server or by a “facilitator”. The facilitator is an optional but recommended service that simplifies the process of verifying and settling payments between clients (buyers) and servers (sellers). By using a facilitator, servers do not need to maintain direct blockchain connectivity or implement payment verification logic themselves. This reduces operational complexity and ensures accurate, real-time validation of transactions. Once payment is confirmed either by the server itself or by the facilitator, the server returns the requested resource to the client. If payment fails, the server responds with an error. Both cases include a SettlementResponse object with settlement details.
Compared to human payment rails such as wire payment or ACH, the x402 payment rail has significantly less friction, faster settlement, and lower transaction cost and overhead. An agent does not need to have an API key for every possible service it will require or have an active recurring subscription with multiple API providers, but can simply call any server that supports x402, and only pays for what it needs when it needs it. This is especially well suited for agentic micropayments where traditional payment rails are not designed to support.
5. The Synergy: A Complete Collaboration Case Study
When these three standards converge, they create an end-to-end feedback loop of Agent Discovery → Transaction → Reputation. Consider the following "AlphaBot and OpenClaw" agentic commerce scenario:
- Discovery (EIP-8004): AlphaBot requires a specific crypto market analysis. It retrieves OpenClaw's "resume" from the EIP-8004 registry, verifying its history of 500 successful deliveries and 99% positive feedback.
- Commerce (EIP-8183): AlphaBot creates an EIP-8183 "Job," locking 200 USDT in escrow and naming an independent "AuditNode" as the Evaluator.
- Payment (x402): OpenClaw determines that it needs some data from Nansen and Messari APIs, both of which support x402. OpenClaw makes those API calls and settles the micropayments via x402, and then completes the crypto market analysis.
- Reputation (EIP-8004 / EIP-8183): The AuditNode Evaluator verifies performance. Upon success, the AuditNode triggers the Completed state. The 200 USDT is released, and OpenClaw’s EIP-8004 reputation is automatically incremented to 501 successful deliveries via the EIP-8183 hook.
Conclusion
Through the integration of EIP-8004, EIP-8183, and x402, agent-to-agent transactions might gradually account for a growing share of total on-chain transactions. We hope that this article has helped you understand these standards that enable the on-chain agent economy. If and when agents become the primary economic actors, our role as humans shifts from active participants to the architects and auditors of the code that governs them. In a subsequent article, we plan to dive deeper into the security aspect of these standards and the guardrails necessary to strengthen the security posture of projects building on-chain agents.
