Forced Tender

x402 opens payment authorization at the HTTP layer while leaving execution, gas provision, compliance screening, chain choice, liquidity access, and operator continuity outside the protocol core. The central question is where legally consequential payment functions reside after authorization has been opened. Using Kahn and Roberds as the primary payment-system account, with CPSS-IOSCO, CPMI, Brunnermeier-James-Landau, and open-banking scholarship as supporting context, the analysis develops the concept of residual settlement. Residual settlement names the pattern in which protocol openness at the authorization layer coexists with concentration pressure in execution and compliance. x402, reviewed on the public record as of May 4, 2026 with settlement-layer, facilitator-ecosystem, and comparator surfaces extended to June 12, 2026, presents the configuration in unusually legible form, which is the basis of its selection as the case.

Card networks, ACH, SWIFT, and PSD2 already separate initiation from downstream execution and settlement. x402’s narrower configuration combines open HTTP authorization, public-chain stablecoin settlement, and residualized compliance burdens in a way that favors operators with existing licensing, merchant access, and operational capacity. For financial regulation, the implication is straightforward. Opening authorization leaves settlement power to be analyzed where the remaining payment work is performed.

Keywords: x402, machine payments, payment systems, stablecoins, compliance, PSD2, open banking, Kahn-Roberds, residual settlement, authorization.

x402 was launched to solve a concrete problem. Conventional card pricing makes sub-dollar machine payments irrational. Autonomous agents cannot use ordinary card or bank-account credentials as human consumers do. x402 responds by standardizing cryptographic authorization at the HTTP layer so that software agents can sign payment intent and merchants can respond in a machine-readable way (x402 Foundation n.d.-a; Cloudflare 2025b). The title reads the protocol’s status code institutionally: HTTP 402 makes tender a precondition the protocol compels, while the institutions that complete the compelled payment remain outside the protocol’s text.

The protocol’s technical core is relatively simple and, by public evidence reviewed on May 4, 2026, competently built. The harder institutional questions sit outside that core. Who simulates and broadcasts transactions? Who advances gas? Who performs OFAC screening, transaction monitoring, fraud review, and merchant policy enforcement? Which chain and which settlement asset become default? Which operator accumulates enough compliance, liquidity, and developer-installation advantage to become the practical center of the system?

Those are payment-system questions. Kahn and Roberds supply the starting point: payment systems allocate settlement work, liquidity, and compliance burdens across participants, and market structure follows that allocation as much as it follows user-facing initiation (Kahn and Roberds 2009).

Authorization-execution separation is familiar from card networks, ACH, SWIFT, and PSD2’s payment-initiation regime. x402 creates a more specific configuration in which open authorization coexists with residual operator functions that are expensive to replicate, especially once compliance, liquidity, and developer integration are combined (Arner, Buckley, and Zetzsche 2022; CPSS 2003).

That makes the case financial-regulatory and protocol-governance oriented at once. The central question is where a formally open payment surface relocates legally and economically decisive power. The argument developed here is that authorization opens while the most consequential regulatory and operational burdens remain downstream.

Williamson is useful at the margin but secondary. Compliance capacity exhibits asset-specific features: specialized personnel, licensed tools, regulatory relationships, and merchant-specific onboarding processes. The object is the allocation of payment-system functions after authorization has been opened, with Kahn-Roberds primary and Williamson serving as a secondary language for the compliance-capacity subproblem (Williamson 1985, 1991).

The method is functional-institutional reconstruction. It first identifies the function x402 formalizes, payment authorization at the HTTP layer, and then reconstructs the functions left outside that formalized core: verification, settlement submission, gas advancement, chain and asset selection, compliance screening, merchant onboarding, transaction monitoring, liquidity access, and continuity of service. The unit of analysis is the post-authorization burden profile created by the protocol architecture.

The evidence base has four layers. First, official protocol and platform materials establish the technical architecture: the x402 repository, x402 Foundation materials, Coinbase and Base facilitator documentation, Cloudflare’s x402 materials, and the Cantina audit. Second, official legal and regulatory materials establish the surrounding payment-stablecoin environment: the GENIUS Act, OCC, FDIC, FinCEN, OFAC, EBA PSD2/MiCA materials, Van Loon, and Treasury’s Tornado Cash delisting. Third, issuer, exchange, and infrastructure disclosures establish the commercial setting in which x402 is being deployed, including Circle and Coinbase disclosures. Fourth, public reporting and dashboards are used only for bounded adoption-context claims, not for a complete market-share reconstruction.

The method is comparative in a limited sense. Direct machine-payment comparators, including L402, AP2, and Stripe’s Machine Payments Protocol, show whether x402’s machine-payment design choices are unusual among adjacent protocols. Institutional-contrast comparators, including PSD2/PISP, card and ACH arrangements, SEPA Instant, and PIX, show how mature payment systems allocate compliance, reporting, dispute, settlement, and access functions through regulated institutional design. The governing comparison is between regulated initiation-and-execution bundles and open authorization with residual operator functions.

That comparison can be stated functionally:

The inference is deliberately bounded. The sources support claims about protocol design, documented facilitator burdens, visible default-path clustering, and the regulatory environment. Market-share measurement, durable monopoly, hidden commercial arrangements, and the viability of independent facilitators remain outside the proven record. The claim is structural and bounded: open authorization can coexist with concentration pressure where the expensive downstream payment functions remain residual.

That bounded claim generates one conditional, time-indexed prediction, and Part 8 binds the falsification conditions to it. Where open authorization combines with public-chain stablecoin settlement and residualized compliance, the facilitator layer should exhibit persistent or migrating concentration: as the GENIUS implementation rules are finalized and the regulatory perimeter completes, operator concentration should track the location of the compliance burden rather than dissolving with sponsor subsidies. Within an observation window running twenty-four months from finalization of the OCC, FDIC, and FinCEN/OFAC implementation rules, sustained facilitator plurality at comparable service grades would count against the mechanism; persistence of a narrow facilitator stack, or relocation of concentration to whichever layer carries the compliance interface, would count for it.

Sources are current to May 4, 2026, with the facilitator-ecosystem, settlement-layer, and L402 sources extended to June 12, 2026. Repository-level x402 architecture claims are pinned at commit, file, line, and hash level for the bounded protocol-design claims. Live legal, product, dashboard, adoption, and operator-specific materials are date-sensitive and should be read against the stated source date.

The x402 empirical base begins with a narrow, publicly inspectable protocol core. The repository pin is commit 85f6123f30dc3935c442dd5e7187d4d743fecad0. The EVM contract surface consists of Exact and Upto Permit2 proxy contracts over a shared base contract; the repository documents deterministic deployment, witness-bound destinations, and constrained settlement paths. The Cantina audit reviewed the three-contract scope at commit c0a80b76; the report records no Critical, High, or Medium findings, while identifying Low and Informational issues that it records as fixed in later commits. The interesting institutional problems sit around operation, compliance, and settlement path dependence, outside the narrow contract surface (x402 Foundation n.d.-a; Cantina 2026; x402 repository commit 85f6123f30dc3935c442dd5e7187d4d743fecad0, contract sources at contracts/evm/src/x402BasePermit2Proxy.sol, contracts/evm/src/x402ExactPermit2Proxy.sol, contracts/evm/src/x402UptoPermit2Proxy.sol).

The adoption record is used as active-deployment context. Public x402 materials show a live field, while current public reporting and dashboards remain too source-dependent to carry the central inference. Early visibility leaves open the separate question of whether an open protocol has produced plural operator structure (Cloudflare 2025a).

The Coinbase-linked economic path requires precise sourcing. Circle’s S-1 reports $907.9 million in distribution costs paid to Coinbase in 2024 under their commercial arrangements. Coinbase’s Q4 2024 shareholder letter reports $910 million in full-year 2024 stablecoin revenue. These are related but distinct figures, and the distinction matters. Together they show that stablecoin-linked payments sit inside an already meaningful revenue relationship between Circle and Coinbase. Coinbase’s Q4 2025 shareholder letter then places x402 in the same payments strategy as custom stablecoins, payment APIs, a B2B payments interface, Shopify Payments USDC on Base, and Coinbase Business. That product-positioning evidence places x402 within a preexisting commercial settlement stack without converting the point into market-share evidence (Circle Internet Group 2025; Coinbase Global 2025, 2026).

The empirical claim is correspondingly narrow. Adoption figures rest on public reporting and dashboard summaries, with no independent chain-level reconstruction prepared here. Revenue figures rest on issuer and partner disclosures, with no inferred operator economics. That is enough to support the argument about visible default-path clustering, but it would not support a stronger claim about total market share or hidden operator arrangements.

Base deepens the same pattern. Public x402 materials and Coinbase-hosted facilitator documentation repeatedly route the default production path through Base and USDC. The current record supports a bounded concentration-risk claim: x402 opens authorization while the most commercially coherent path still runs through a narrow stack at the compliance-bearing default, while the implementation layer has pluralized, as documented below (x402 Foundation n.d.-a, n.d.-b; Coinbase Developer Documentation n.d.-b).

Two channels must be held apart inside that claim. The first is compliance-capacity asymmetry, the core institutional claim of Part 5, whose evidence is the cost and obligation structure of the residual functions. The second is default status in reference documentation, a standards-economics channel in which the sponsor’s path becomes the production default because the canonical materials present it first. The channels carry different remedies (redistributing compliance capacity as against rewriting documentation) and different falsification profiles, and the present record evidences the second directly while evidencing the first through the regulatory analysis of Parts 5 and 6. The Circle and Coinbase figures above do incentive work across both channels rather than market-share work: an operator already earning at that scale from stablecoin distribution has a measurable interest in routing protocol defaults through its own settlement stack.

The settlement layer itself requires the same functional scrutiny, because a paper about residual settlement must state what settlement means on the default path. Base is an OP-Stack rollup whose sequencer is, in Coinbase’s own terms of service, "a node operated by Coinbase that receives, records, and reports transactions on Base," initially the only sequencer supporting the network, with Coinbase reserving the right to charge and modify sequencer fees (Base Documentation n.d.-a). Finality on the default path is staged: sequencer preconfirmation within roughly 200 milliseconds, layer-2 inclusion within seconds, batch posting to Ethereum within roughly two minutes, and Ethereum finality over the batch within roughly twenty minutes, with the seven-day fault-challenge window governing withdrawals to layer 1 rather than data-level finality (Base Documentation n.d.-b; Optimism Documentation n.d.). In the Principles' vocabulary, the money of settlement is a commercial liability of the issuer rather than central bank money, with the credit and liquidity exposure Principle 9 attaches to that choice, and settlement finality in the Principle 8 sense arrives in stages whose earliest and most commercially operative stage is a confirmation issued by the same operator that runs the dominant facilitator (CPSS-IOSCO 2012). Sequencer operation is also a disclosed revenue line: Coinbase’s first-quarter 2024 shareholder letter introduced "other transaction revenue," consisting of Base sequencer fees and payment-related revenue (Coinbase Global 2024). The deepest single point of execution dependence on the default path is therefore one legal person operating at three layers at once: facilitator, sequencer, and fiat access.

The facilitator field itself has pluralized at the implementation layer, and the record must say so. By mid-2026, independent production facilitators are documented (thirdweb, PayAI, Polygon Labs, Daydreams), and protocol stewardship moved to an x402 Foundation formally established under the Linux Foundation on April 2, 2026, with membership intent spanning incumbent card networks, processors, cloud platforms, and issuers (thirdweb n.d.; PayAI n.d.; Linux Foundation 2026). That plurality is the mechanism’s prediction rather than its refutation, because it sits where the functions are modularizable: verification and settlement submission are software, multiple operators now sell them, and at least one prices settlements at fractions of a cent. The sponsor’s facilitator differentiates on the non-modularizable remainder, advertising fee-free USDC settlement on Base together with sanctions and transaction screening on every transaction (x402 Foundation n.d.-c). Plurality at the software layer combined with concentration at the compliance-bearing, fee-subsidized default is the configuration residual settlement predicts, and the Part 2 prediction states the observation that would distinguish it from a transitional artifact.

Residual settlement names the pattern in which authorization is opened while the downstream payment functions remain institutionally allocated outside the protocol. In x402, those functions include execution, gas advancement, chain selection, stablecoin choice, compliance screening, merchant onboarding, transaction monitoring, and continuity of service (Kahn and Roberds 2009; Awrey 2022).

The term is a coined extension, and its relation to the established payments vocabulary should be stated exactly. In CPMI-IOSCO usage, residual attaches to risk that survives mitigation; the Principles' own categories for the present problem are tiered participation arrangements (Principle 19), under which direct participants carry obligations on behalf of indirect participants, and the oversight expectations applicable to critical service providers (Annex F), which reach operators outside the formal infrastructure (CPSS-IOSCO 2012). Residual settlement extends those two categories to a setting the Principles do not contemplate: an open protocol with no designated infrastructure operator, no participation agreement, and no oversight perimeter, in which the functions Principle 19 and Annex F assign to identifiable institutions cluster instead around whichever operators can bear them. The coinage marks that displacement rather than borrowing the Principles' authority.

Each residual function has a cost structure. Gas advancement requires working capital and reliable automation. Chain selection requires integration and risk judgment. Merchant onboarding requires support, contracts, and often licensing. Compliance requires sanctions screening, transaction-monitoring tools, merchant policy systems, legal review, and audit trails. Protocol openness leaves those cost structures intact.

Compliance is the clearest currently documented concentration channel. Merchant-grade compliance is expensive to replicate and difficult to modularize fully. It requires specialized staff, licensed analytics, reporting systems, policy infrastructure, and jurisdiction-specific legal posture. A protocol that leaves compliance residual therefore invites clustering at operators that already possess those capabilities. That is the core institutional claim (Williamson 1985, 1991; Vatiero 2022).

The word fully carries that claim, and it must be cashed out. The tool layer modularizes: transaction screening, sanctions-list checking, and monitoring are sold as services by specialized analytics vendors, and the regulated shell itself can be rented through sponsor-bank and licensed-operator programs. What does not modularize is the obligation structure: supervisory standing, lawful-order capacity, suspicious-activity judgment and filing duties, and the liability that attaches to the regulated position rather than to the tools. An operator can buy screening; it cannot buy the standing to bear the screening’s legal consequences. The proposed GENIUS implementation rules concentrate exactly those non-purchasable duties (blocking, freezing, rejecting, lawful-order compliance, reporting, record retention) at regulated issuers and the operational interfaces around them. Clustering therefore follows the non-modularizable remainder, and the concentration claim is a claim about where that remainder sits.

The operational content of that burden is easy to understate. Merchant-grade compliance extends beyond sanctions API calls into onboarding review, risk scoring, transaction monitoring, escalation paths, recordkeeping, suspicious-activity judgment, policy updates, and the ability to adapt quickly across jurisdictions and counterpart categories. Current U.S. implementation materials make that point more concrete for payment stablecoin issuers: proposed AML/CFT and sanctions rules would require technical capabilities to block, freeze, and reject impermissible transactions, comply with lawful orders, file suspicious-activity reports, retain transfer records, and maintain sanctions controls across payment-stablecoin activity. The direct addressees are payment stablecoin issuers, while the burden profile explains why the surrounding compliance environment rewards operators already able to interface with regulated issuers, screening systems, recordkeeping processes, and legal supervision (Coinbase Developer Documentation n.d.-a; Financial Crimes Enforcement Network 2026a, 2026b).

The Williamson adjacency is strongest at the narrow components section 3.4 identifies (merchant-specific onboarding sunk to counterparties; operator-attached authorizations), while the remainder of the compliance bundle concentrates through scale, scope, and regulatory entry cost. The analytical point remains payment-systemic, with Williamson serving as secondary support: a payment architecture that opens authorization while residualizing compliance predictably shifts competitive advantage toward already regulated or regulation-ready operators.

The result is correspondingly narrow. x402 illustrates how open authorization combined with public-chain stablecoin settlement can reproduce concentration pressure at the operator layer, with compliance serving as the best documented channel in the present record.

In the United States, the GENIUS Act was signed into law on July 18, 2025, creating the first federal framework for payment stablecoins. The law changed the legal environment materially. Any treatment of payment stablecoins as still awaiting a basic statutory frame is now outdated. At the same time, implementation remains incomplete, and the operator landscape is still shaped by transitional uncertainty, state money-transmission regimes, and enforcement history (United States Congress 2025; White House 2025).

That implementation lag matters for the mechanism. The statutory baseline is now clearer, but the operator burden has not been dissolved into a single settled compliance regime. The OCC’s February 2026 notice of proposed rulemaking, the FDIC’s April 2026 proposed rule for FDIC-supervised payment stablecoin issuers and insured depository institutions, and Treasury, FinCEN, and OFAC’s April 2026 AML/CFT and sanctions proposal all point in the same direction. Implementation is moving from statutory enactment into parallel agency specification. In practice, x402 therefore develops in a transitional zone: clearer than the pre-GENIUS environment, but still fragmented enough that existing compliance and licensing capacity remains a competitive advantage (Office of the Comptroller of the Currency 2026; Federal Deposit Insurance Corporation 2026; Financial Crimes Enforcement Network 2026a, 2026b).

The new AML/CFT and sanctions proposal is especially important for the mechanism. Its direct addressees are permitted payment stablecoin issuers, while its institutional effect reaches the assets and operators that make x402 usable in commerce. Payment-stablecoin flows are being built around compliance functions that require technical controls, reporting systems, record retention, lawful-order capacity, supervisory interfaces, and sanctions governance.

The enforcement-environment uncertainty must also be described precisely. SEC v. Coinbase was dismissed with prejudice in February 2025, while state actions persisted and Oregon filed a new case in April 2025. The result is fragmented oversight. On the payments side, the state money-transmission landscape remains heterogeneous. CSBS reports, as of its February 26, 2026 update, that thirty-one states have enacted the MTMA in full or in part, creating substantial harmonization without a single nationwide regime (Securities and Exchange Commission 2025; Conference of State Bank Supervisors 2026).

The European baseline also changed. PSD3 and the Payment Services Regulation reached political agreement in November 2025 and remained pending final adoption and application at the May 4, 2026 review. USDC, meanwhile, has been MiCA-compliant as an electronic money token since July 1, 2024 through Circle’s French EMI structure. The EBA’s February 2026 opinion is especially important because it clarifies that EMT transfers may still count as PSD2 payment transactions. MiCA therefore leaves payments-law analysis in place for stablecoin flows (European Banking Authority 2026).

That overlap is analytically valuable because it defeats an easy but wrong simplification. Stablecoin transfer in Europe is not exhausted by token-regulation status alone. The same flow can sit inside both an EMT framework and a payments-law framework. For x402, that means the legal burden is layered in a way that mirrors the institutional mechanism: even where authorization is technically open, execution and settlement remain embedded in multiple regulatory shells that reward actors already positioned to navigate them.

The OFAC environment changed as well. Tornado Cash was removed from the SDN list in March 2025 after Van Loon held that immutable smart contracts are not IEEPA property. For x402, the safer inference is targeted: compliance remains central, while broad claims about DeFi code and the older Tornado Cash sanctions posture require narrower language (Van Loon v Department of the Treasury, 122 F.4th 549 (5th Cir. 2024); United States Department of the Treasury 2025).

The statute supplies the clock for the Part 2 prediction. Implementing regulations are due by July 18, 2026, one year from enactment, and the Act takes effect at the earlier of January 18, 2027 or 120 days after the primary federal regulators issue final rules (United States Congress 2025). As of the June 2026 record, every major rule remains at the proposal stage, so the observation window opens at perimeter completion in late 2026 or early 2027. Whether residual settlement survives that completion is the structural question: if facilitator concentration dissolves once the implementation rules are final, the mechanism described here was a regulatory interregnum, and the contribution reduces to documenting it; if concentration persists or relocates to the layer carrying the compliance interface, the structural reading holds. The prediction makes the two readings observably distinct rather than rhetorical alternatives.

x402 now sits in a regulatory environment that is more structured than the pre-GENIUS baseline and still institutionally fragmented enough to reward operators with existing compliance, licensing, and legal-adaptation capacity. That is the regulatory setting in which residual settlement becomes visible.

The revised comparator structure has three tiers.

First, there are direct machine-payment protocol peers: x402, L402, AP2, and Stripe MPP. These are the systems that most directly share the problem of protocolized authorization for machine or agent-driven payment requests (x402 Foundation n.d.-a; Lightning Labs 2020; Google Agentic Commerce n.d.; Stripe n.d.).

Second, there are adjacent network programs: Mastercard Agent Pay and Visa Intelligent Commerce. These matter because incumbent networks are building agent-facing acceptance and trust layers inside governed payment-network environments (Mastercard 2025; Visa n.d.-a, n.d.-b).

The distinction is worth keeping sharp. Mastercard’s Agent Pay and Visa’s Trusted Agent Protocol are evidence that incumbent payment networks also recognize machine-facing identity, trust, and merchant acceptance as central design problems. They solve those problems inside governed network environments with branded rule systems and controlled participation. x402 is informative precisely because it tries to open authorization without importing that full institutional shell.

Third, there are institutional-contrast comparators: SEPA Instant and PIX. Their value is comparative, as institutional contrasts. They show how mature payment systems distribute compliance, reporting, dispute handling, and access governance through tightly specified institutional frameworks instead of leaving those tasks residual at an open operator layer (European Payments Council n.d.; Banco Central do Brasil n.d.).

This taxonomy matters because direct peers tell us whether x402 is unusual among machine-payment systems, while institutional contrasts show what kinds of governance burdens traditional payment systems internalize through regulated design.

The taxonomy earns its keep only when the closest comparison is run, and L402 is the natural experiment the field supplies. L402 opens the same HTTP 402 surface over a different substrate: settlement is bitcoin-denominated over Lightning, proof of payment is a cryptographic preimage, and the protocol path contains no stablecoin issuer, no screening intermediary, and no compliance-bearing facilitator role (Lightning Labs 2020, n.d.). Five years after release, its documented production usage centers on the sponsor’s own services, with a reference-implementation proxy and a small set of citable independent implementations (Lightning Labs 2026; Fewsats n.d.). The comparison cuts in two directions. Against the infancy objection, L402 shows that sponsor-centric concentration in an open HTTP-402 protocol does not dissolve with time alone; the open surface stayed open and the operator field stayed narrow. On the mechanism, the contrast isolates what the substrate adds: x402’s compliance-bearing stablecoin configuration is simultaneously what makes the protocol commercially legible to regulated commerce (the foundation’s membership list is the evidence) and what creates an obligation layer on which concentration can settle. L402 concentrates around an implementation; x402’s pressure point is an obligation structure, and that difference is the paper’s subject.

The residual-settlement claim would weaken under three conditions, and the three operationalize the Part 2 prediction on its stated clock. First, it would weaken if independent facilitators repeatedly demonstrated merchant-grade compliance, gas provision, and liquidity access at comparable cost and scale, eroding concentration pressure; the software-layer plurality documented in Part 4 leaves this condition open, because the independents compete on verification and settlement submission while the obligation structure stays with the compliance-bearing default. Second, it would weaken if merchants regularly switched operators across comparable service levels without meaningful installed-base or policy friction. Third, it would weaken if open authorization in practice generated durable execution-layer plurality, including sequencer-layer plurality on the default path, despite the current clustering. Each condition is to be assessed within the post-implementation window Part 2 states, so that the structural and transitional readings of the present concentration remain observably distinct.

For regulatory design, the diagnosis implies a choice between two perimeter architectures, and the trade-off should be stated rather than gestured at. A PISP-style answer licenses facilitators directly: initiation-adjacent operators receive a defined authorization category with access rights and conduct duties, which disciplines the operator layer at the cost of recreating, for an open protocol, the institutional shell whose absence defines it. An issuer-mediated answer runs obligations through the GENIUS implementation rules' addressees: permitted stablecoin issuers carry the compliance duties and discipline facilitators contractually through their operational interfaces, which fits the statute’s architecture at the cost of consolidating exactly the issuer-operator relationships in which the present concentration sits. The first answer treats facilitator concentration as a licensing gap; the second accepts it as the enforcement surface. Which is preferable depends on whether facilitator plurality is a regulatory objective or a market outcome to be left alone, and the stated prediction supplies the evidence that should inform the choice.

The scope is deliberately narrow. Payment-system openness at the authorization layer is insufficient, by itself, to guarantee plurality when execution, compliance, and liquidity remain residual and expensive. Coinbase’s position at the compliance-bearing default remains contingent, incomplete, and reversible, and protocol openness remains a meaningful design achievement whose market-structure consequences require separate analysis.

The protocol can have a narrow, audited authorization surface while economically consequential functions remain concentrated elsewhere. If that pattern persists, settlement work, compliance capacity, and operator continuity reside where the non-modularizable obligations sit, and the regulatory analysis of open payment protocols should begin from that location.