Payment Protocols

Multi-protocol HTTP 402-based payments — MPP, x402, and Tempo network integration

Tenzro supports three payment protocols for machine-to-machine commerce. MPP (Machine Payments Protocol), x402 (Coinbase), and direct Tempo network integration for stablecoin settlement. Identity-bound payments enforce delegation scopes.

All three protocols use HTTP 402 (Payment Required) status codes to create seamless payment flows for AI inference, TEE services, and other machine-delivered resources. Payments are automatically linked to TDIP identities with fine-grained permission controls.

Key Features

MPP (Machine Payments Protocol)

HTTP 402 challenge/credential/receipt flow. Session management for streaming payments

x402 Protocol

Coinbase's HTTP 402 payment standard. PaymentRequired/PaymentPayload types. Facilitator integration for settlement

Tempo Integration

Direct participation in Tempo network for stablecoin settlement. TIP-20 token support. Bridge adapter for cross-network transfers

Identity-Bound Payments

Link payments to TDIP identities. Delegation scope enforcement: max_transaction_value, allowed_operations, allowed_protocols

HTTP Middleware

Axum middleware for automatic challenge/verification. Add payment gates to any API endpoint

Payment Gateway

Multi-protocol routing. Create challenges, verify credentials, and settle across MPP, x402, and direct protocols

Protocol Comparison

Protocol	Author	Settlement	Use Case
MPP	Tempo	Session-based streaming	Per-token AI billing, long-running inference
x402	Coinbase	One-time per-request	Simple API access, micropayments
Tempo	Tempo Labs	TIP-20 stablecoin on-chain	Enterprise settlement, cross-chain transfers

Code Examples

Create Payment Challenge (Server)

use tenzro_payments::mpp::{MppPaymentServer, MppChallenge};

let server = MppPaymentServer::new(config);

// Create HTTP 402 challenge
let challenge = server.create_challenge(
    resource_url,
    Amount::tnzo(0.001),
    Duration::from_secs(300),
)?;
// Returns 402 with challenge in response

Pay for Resource (Client)

use tenzro_payments::mpp::MppClient;

let client = MppClient::new(wallet);

// Receive 402 challenge
let credential = client.create_credential(&challenge)?;

// Retry request with credential
let response = client.pay(&url, &credential).await?;

x402 Payment Flow

use tenzro_payments::x402::{X402Client, X402PaymentServer};

// Server: return 402 with payment details
let payment_required = X402PaymentRequired {
    amount: Amount::usdc(1.50),
    recipient: server_address,
    expiration: now + Duration::from_secs(60),
};

// Client: create payment payload
let payload = client.create_payment(
    &payment_required,
    &wallet,
)?;

// Server: verify and settle
let receipt = server.verify_and_settle(&payload)?;

Identity-Bound Payment with Delegation Scope

use tenzro_payments::identity_binding::IdentityBoundPayment;
use tenzro_identity::DelegationScope;

let scope = DelegationScope {
    max_transaction_value: Some(Amount::tnzo(10.0)),
    allowed_protocols: vec![
        PaymentProtocolId::Mpp,
        PaymentProtocolId::X402,
    ],
    allowed_operations: vec!["inference".into()],
    ..Default::default()
};

// Machine identity makes payment within scope
let payment = IdentityBoundPayment::create(
    machine_did,
    &challenge,
    &wallet,
    &scope,
)?;

// Payment automatically rejected if outside scope

Tempo Network Integration

use tenzro_payments::tempo::{TempoBridgeAdapter, Tip20Token};

let tempo = TempoBridgeAdapter::new(config);

// Query TIP-20 token balance
let balance = tempo.get_tip20_balance(
    participant_id,
    Tip20Token::USDC,
).await?;

// Transfer via Tempo network
let tx_hash = tempo.transfer_tip20(
    Tip20Token::USDC,
    recipient_id,
    Amount::usdc(100.0),
).await?;

// Wait for finality
let status = tempo.get_transfer_status(&tx_hash).await?;

Payment Gateway (Multi-Protocol Routing)

use tenzro_payments::gateway::PaymentGateway;

let gateway = PaymentGateway::new(mpp_server, x402_server);

// Create challenge (auto-selects protocol)
let challenge = gateway.create_challenge(
    PaymentProtocolId::Mpp,  // or X402, Direct
    resource_url,
    amount,
    expiration,
)?;

// Verify credential (protocol-agnostic)
let result = gateway.verify_credential(
    PaymentProtocolId::Mpp,
    &credential_data,
)?;

// Settle (routes to correct protocol)
let receipt = gateway.settle(
    PaymentProtocolId::Mpp,
    &settlement_data,
).await?;

Ready to integrate payment protocols?

Explore the Tenzro Payments module and start building machine commerce applications.

View Documentation All Products