x402 + IBA — The Two Layers Agentic Commerce Needs
AIPayHQ.com · x402 Protocol + IBA Intent Bound Authorization

x402 + IBA

The Two Layers Agentic Commerce Needs

x402 gives your AI agent a wallet and a payment protocol.
It solves how the agent pays.

IBA Intent Bound Authorization declares what the agent is authorized to pay for
the payee, the amount, the category, the hard limits —
before x402 is called.

x402 gives your agent a wallet.
IBA decides what it is allowed to spend it on.

THE PAYMENT PROTOCOL
x402 — HTTP Payment Layer
Coinbase’s open protocol enabling AI agents to pay for web resources autonomously using HTTP 402. The agent encounters a paywall, pays with a stablecoin, receives the resource. Solves the mechanics of agentic payment.
HOW: HTTP 402 response triggers payment flow
WHAT: Stablecoin micropayments for API resources
SPEED: Sub-second autonomous transactions
GAP: Does not declare what the agent may pay for
+
COMBINED
THE AUTHORIZATION LAYER
IBA — Pre-Execution Gate
A signed human intent certificate declared before the x402 flow begins. Authorized payees. Maximum spend. Permitted resource categories. Hard limits that no instruction or injection can override. Solves what the agent is permitted to pay for.
WHAT: Signed certificate before x402 is called
SCOPE: Declared payees, categories, limits
HARD: Limits no instruction can override
CLOSES: The authorization gap x402 leaves open
LIVE COMPARISON · SAME AGENT · SAME x402 PROTOCOL · DIFFERENT AUTHORIZATION
Ungoverned x402 Agent vs IBA-Governed x402 Agent
x402 AGENT — NO IBA
UNGOVERNED
WALLET BALANCE
$500.00
UNAUTHORIZED SPEND
$0.00
NO IBA CERTIFICATE · NO DECLARED SCOPE · NO HARD LIMITS
Agent pays whatever it is instructed to pay · No cryptographic boundary
x402 TRANSACTION LOG — UNGOVERNED
x402 AGENT + IBA CERT
IBA GOVERNED
WALLET BALANCE
$500.00
SAVED BY GATE
$0.00
CERT ACTIVE: API resources only · Max $50/tx · Declared domains only
HARD LIMITS: No crypto · No undeclared payees · No above-limit tx
x402 GATE LOG — IBA GOVERNED
FIRE INJECTION ATTACKS
Watch what happens to each agent — ungoverned vs IBA governed
ATTACK VERDICT · UNGOVERNED vs IBA GOVERNED
x402 + IBA · AI PAY HQ · AGENTIC COMMERCE AUTHORIZATION
IntentBound.com · IBA@intentbound.com
Patent GB2603013.0 Pending · PCT 150+ Countries · August 2028
IETF draft-williams-intent-token-00 · 13 NIST Filings · 9 NCCoE Filings
Acquisition enquiries welcome · IBA@intentbound.com
x402 + IBA · ATTACK COMPARISON
INJECTION FIRED