Tenzro Testnet is live. Get testnet TNZO

Payments

Tenzro provides multi-protocol payment support for HTTP 402-based machine payments, including MPP (Machine Payments Protocol), x402 (Coinbase), and Tempo network integration.

Overview

The payment system implements three primary payment protocols designed for AI agents and machine-to-machine transactions:

  • MPP — Machine Payments Protocol
  • x402 — Coinbase's HTTP 402 payment protocol
  • Tempo — Direct participation in Tempo network for stablecoin settlement

All protocols are integrated with TDIP identity for delegation scope enforcement and automatic payment routing through the PaymentGateway.

MPP (Machine Payments Protocol)

MPP is a standardized protocol for machine-to-machine payments. It uses HTTP 402 challenge/credential/receipt flow with session management.

MPP Flow

  1. Request — Client requests a resource
  2. Challenge — Server responds with 402 Payment Required + MppChallenge
  3. Credential — Client creates MppCredential with payment proof
  4. Verification — Server verifies credential and creates session
  5. Receipt — Server returns MppReceipt confirming payment
  6. Access — Client can access resource with session token

MPP Challenge

{ "challenge_id": "chal_abc123", "amount": "0.05 TNZO", "currency": "TNZO", "recipient": "tenzro1abc...xyz", "expires_at": "2026-03-20T13:00:00Z", "payment_methods": ["direct", "channel"], "metadata": { "resource": "/api/inference", "model": "llama-3-70b" } }

MPP Credential

{ "challenge_id": "chal_abc123", "payer": "did:tenzro:human:550e8400...", "amount": "0.05 TNZO", "payment_proof": "0xabc123...", "signature": "0xdef456...", "timestamp": "2026-03-20T12:30:00Z" }

MPP Receipt

{ "receipt_id": "rcpt_xyz789", "challenge_id": "chal_abc123", "amount": "0.05 TNZO", "settlement_tx": "0x789abc...", "session_token": "sess_mno345", "session_expires_at": "2026-03-20T14:00:00Z" }

MPP Sessions

MPP supports session-based access where a single payment grants access for a duration:

  • Session tokens are cryptographically secure (UUID v4)
  • Sessions track usage (requests, tokens consumed)
  • Vouchers enable session credit top-ups without new challenges
  • Sessions automatically expire after configured duration

x402 Protocol

x402 is Coinbase's HTTP 402 payment protocol designed for cryptocurrency payments over HTTP.

x402 Flow

# 1. Request resource GET /api/inference HTTP/1.1 Host: provider.tenzro.network # 2. Server responds with 402 HTTP/1.1 402 Payment Required X-Payment-Required: { "amount": "0.05", "currency": "TNZO", "recipient": "tenzro1abc...xyz", "payment_id": "pay_abc123" } # 3. Client pays POST /api/x402/pay HTTP/1.1 Content-Type: application/json { "payment_id": "pay_abc123", "payer": "did:tenzro:human:550e8400...", "amount": "0.05", "tx_hash": "0x789abc..." } # 4. Server verifies and grants access HTTP/1.1 200 OK X-Payment-Receipt: { "payment_id": "pay_abc123", "confirmed": true }

Tempo Integration

Tempo is a stablecoin network enabling instant, low-cost transfers. Tenzro integrates directly with Tempo for cross-chain stablecoin settlement.

Tempo Features

  • TIP-20 Tokens — Stablecoins (USDC, USDT, etc.) on Tempo network
  • Instant Settlement — Sub-second finality for payments
  • Low Fees — Minimal transaction costs
  • Bridge Adapter — Seamless transfers between Tenzro and Tempo

Tempo Transfer

# Transfer USDC via Tempo { "from": "tenzro1abc...xyz", "to": "tenzro1def...uvw", "amount": "100.00", "token": { "symbol": "USDC", "decimals": 6, "contract": "tempo:usdc:0x..." }, "memo": "AI inference payment" } # Result { "tx_hash": "tempo:0x789abc...", "finality": "Finalized", "timestamp": "2026-03-20T12:30:15Z" }

Identity-Bound Payments

All payment protocols integrate with TDIP for identity-based access control and delegation scope enforcement:

Delegation Enforcement

# Payment request validation { "payer": "did:tenzro:machine:did:tenzro:human:550e8400...:agent123", "amount": "50.0 TNZO", "delegation_scope": { "max_transaction_value": "100.0 TNZO", "allowed_payment_protocols": ["Mpp", "X402"], "allowed_chains": [1337] } } # Validation checks: # ✓ Amount (50.0) <= max_transaction_value (100.0) # ✓ Protocol (Mpp) in allowed_payment_protocols # ✓ Chain (1337) in allowed_chains # ✓ Daily spend limit not exceeded # → Payment authorized

Example Scenarios

Scenario 1: Agent Exceeds Limit

Request: 150 TNZO | Limit: 100 TNZO → REJECTED

Agent attempts payment above max_transaction_value. Payment rejected, requiring human approval.

Scenario 2: Unauthorized Protocol

Protocol: Tempo | Allowed: [Mpp, X402] → REJECTED

Agent attempts payment via Tempo, but delegation scope only allows MPP and x402.

Scenario 3: Valid Payment

Request: 25 TNZO via MPP | Limit: 100 TNZO | Daily: 75/500 → APPROVED

Payment within all limits, protocol allowed, daily spend updated to 100/500 TNZO.

Payment Gateway

The PaymentGateway provides unified routing across all payment protocols:

# Create payment via gateway let gateway = PaymentGateway::new(); let challenge = gateway.create_challenge( PaymentProtocolId::Mpp, &payer_did, &recipient_address, amount, "TNZO", ).await?; # Verify payment credential let receipt = gateway.verify_credential( PaymentProtocolId::Mpp, &challenge_id, &credential, ).await?; # Settlement happens automatically on verification

HTTP Middleware

Tenzro provides axum middleware for automatic payment challenge/verification:

use tenzro_payments::middleware::PaymentMiddleware; let app = Router::new() .route("/api/inference", post(inference_handler)) .layer(PaymentMiddleware::new( payment_gateway, PaymentProtocolId::Mpp, )); # Requests automatically challenged with 402 # Valid credentials verified and passed to handler

CLI Usage

Create Payment Challenge

tenzro-cli payment challenge \
--protocol mpp \
--amount 0.05 \
--currency TNZO \
--recipient tenzro1abc...xyz

Pay Resource

tenzro-cli payment pay \
--challenge-id chal_abc123 \
--payer did:tenzro:human:550e8400...

List Sessions

tenzro-cli payment sessions
← Identity (TDIP)Next: Settlement →