aisthetic·services/ agenttrust gateway
ExplorerProductDocsPricingSecurityEnterpriseSign inSign up free
Public proof

Mainnet canary, first real x402 settle.

On 2026-04-28 the AgentTrust gateway settled a 0.01 USDC x402 payment on Base mainnet against the Coinbase CDP facilitator. The verify-first invariant held, settle ran exactly once, no retry. The numbers below mirror the on-disk artefact pack 1:1.

Canary report, schema agenttrust.mainnet_canary.v1

generatedAt
2026-04-28T14:36:25.042Z
mode
execute
status
passed
amountUsd
0.01
networkHash
9c1e0701b317f00b
assetHash
8591ee9090c0c02c
facilitatorUrlHash
34730b14fe60f512
payToHash
fceb16a3a381cd18
verify.isValid
true
settle.succeeded
true
receiptIdHashShort
b96f23b2128ee875
payerAddressHash
d24522e305bf6bd8

What ran

  1. Throwaway Base mainnet wallet generated locally (private key never persisted to disk in cleartext).
  2. Funded with 2.61 USDC from the operator's primary.
  3. EIP-3009 transferWithAuthorization payload signed against USDC v2 domain on chainId 8453.
  4. Coinbase CDP facilitator POST /verify isValid: true.
  5. Coinbase CDP facilitator POST /settle ran once, succeeded.
  6. On-chain balance delta confirmed: throwaway USDC 2.606484 → 2.596484, primary USDC 2.00026 → 2.01026.
  7. Signed Ed25519 receipt issued; truncated id hash b96f23b2128ee875 recorded in the canary pack.

Hard rules

  • Settle exactly once, no retry. If verify returns isValid: false, settle never runs.
  • Network / asset / amount / payTo / facilitator all allowlisted. Mainnet refused without explicit operator approval flag.
  • Raw payment payload, payer key, JWT, Authorization header, X-Payment header, signed URL, cookie, full address never written to any artefact, only sha256-truncated hashes.
  • Throwaway wallet retired post-canary. The CDP API key rotated.
  • The canary artefact pack is kept gitignored on the operator's disk. Every claim on this page can be re-derived by replaying the documented mainnet canary runbook against your own throwaway wallet.

What this is not

  • Not a paid customer. No external merchant ran this. The throwaway → primary self-loop is operator-internal proof of the wire path.
  • Not enterprise GA. The production-billing surface remains not_launched.
  • Not a certification. AgentTrust holds no SOC 2 / ISO 27001 / HIPAA / PCI claim.
  • Not a permanent allowlist. Future mainnet calls go through the full per-call policy / risk / payment / receipt pipeline, not the canary shortcut.

Source: a gitignored mainnet-canary artefact pack on the operator's disk, plus the canary runbook and the architectural decisions log kept inside the AgentTrust repository. The bounded report shape is the same one mirrored on this page.

Verify your own receipt →Proof CenterSecurity posture