Live on Ethereum mainnet

PAUSE for x402

The security layer for AI agent payments

x402 is the internet-native payment standard by Coinbase and Cloudflare. PAUSE adds risk scoring and cancellable payments — so agents never pay malicious addresses.

npm install @pausesecure/x402-riskRead the Proposal

The Problem

Agents pay blindly. That's the vulnerability.

x402 lets AI agents pay for APIs, compute, and data over HTTP. But agents pay whatever address a server specifies — blindly. No risk check. No cancellation. The 402Bridge hack drained 200+ users' USDC. V2's dynamic payTo routing means the recipient address can change every request.

The Solution

Two Packages, One Security Layer

Drop-in protection for every x402 agent.

@pausesecure/x402-risk

Risk Extension for all x402 schemes

  • Scores every payTo address across 11 Bayesian signals
  • Blocks HIGH risk addresses before payment signature
  • Client-side: wrapFetchWithRiskGuard()
  • Server-side: createRiskMiddleware()
  • Works with exact, deferred, escrow, and any future scheme
View on npm

@pausesecure/x402-commit

New pause-commit payment scheme

  • Sign EIP-712 intent — zero gas, funds stay in wallet
  • Recipient claims by delivering resource
  • Cancel anytime before claim via revoke()
  • Atomic on-chain settlement (~85k gas)
  • Smart contract verified on Ethereum mainnet
View on npm

Risk Engine

11 Risk Signals

Every payTo address is analyzed across 11 independent Bayesian signals, combined via log-odds scoring with correlation discounting.

Mixer Exposure
15%
Funds routed through Tornado Cash, Railgun, or known mixing services
Draining Patterns
14%
Wallet approved malicious contracts or shows drainer transaction patterns
Scam Graph
13%
Direct or transitive connections to flagged scam addresses
Sweep Patterns
10%
Rapid asset consolidation typical of stolen-fund laundering
TX Burst Anomaly
10%
Abnormal transaction frequency spikes indicating bot or exploit activity
Exchange Cluster
8%
Address belongs to known exchange hot/cold wallets or deposit clusters
Dusting Attacks
7%
Receiving micro-transactions used for de-anonymization tracking
ENS Authenticity
6%
ENS name recency, squatting patterns, or impersonation of known entities
Rival Consensus
6%
Cross-references with Chainalysis, Elliptic, and community blocklists
Wallet Age
6%
Newly created wallets with no history — common for disposable scam addresses
Balance Volatility
5%
Extreme balance swings indicating flash-loan activity or wash trading

Flow

How It Works

End-to-end protection for every x402 payment your agent makes.

01

Agent requests paid resource

Your AI agent hits an x402-enabled API endpoint.

02

Server responds 402

Server returns payment requirements: amount, payTo address, and scheme.

03

PAUSE Risk Guard scores payTo

11 Bayesian signals analyze the recipient address in real-time.

04

Gate decision

If SAFE: agent signs payment. If HIGH: payment blocked, zero loss.

05

Server commits on-chain

For pause-commit: server commits intent on-chain, then delivers the resource.

06

Revoke if server fails

If server never delivers, agent revokes the intent. Funds stay safe.

Integration

Quick Start

Add PAUSE protection to your x402 agent in minutes.

Client — Risk Guard
// Install
npm install @pausesecure/x402-risk

import { createRiskGuard, wrapFetchWithRiskGuard } from "@pausesecure/x402-risk/client"
import { createFetchWithPayment } from "x402-fetch"

// Create the risk guard with minimum score threshold
const guard = createRiskGuard({ minScore: 40 })

// Wrap your x402 fetch with the risk guard
const fetchWithPayment = createFetchWithPayment(wallet)
const safeFetch = wrapFetchWithRiskGuard(fetchWithPayment, guard)

// Use safeFetch — payments to HIGH-risk addresses are auto-blocked
const response = await safeFetch("https://api.example.com/data")
Server — Risk Middleware
// Install
npm install @pausesecure/x402-risk

import { createRiskMiddleware } from "@pausesecure/x402-risk/server"

// Add risk middleware to your x402 facilitator
const riskMiddleware = createRiskMiddleware({
  minScore: 40,
  blockHighRisk: true,
})

// Apply to your payment handler
app.use("/paid-endpoint", riskMiddleware)

Infrastructure

Production Infrastructure

Everything you need to run PAUSE-protected x402 payments.

Risk Engine API

api.pausescan.com

11 Bayesian signals, real-time scoring

Open

Facilitator

facilitator.pausesecure.com

Verify and settle pause-commit payments

Open

Smart Contract

PAUSECommit V2 on Ethereum

Verified on Ethereum mainnet

Open

Pricing

Simple, transparent pricing

Start free. Scale with your agents.

Free

$0/month

50 scans/month

Perfect for testing and development

x402 Native

$0.001/score

Pay per scan via x402

$0.005 per full analysis. No subscription needed.

Pro

$9/month

10,000 scans/month

For production agents and teams

Facilitator

$0.01/settlement

Per pause-commit settlement

On-chain verification and settlement

Secure your agents today

Every x402 payment your agent makes should be risk-scored. Start in under 5 minutes.

Scan any address free View the x402 proposal Join the ecosystem