Methodology

Last updated 2026-04-28 · This page describes precisely how lookx402 collects, decodes, and classifies x402 protocol activity on Base.

lookx402 is a passive observer. It does not run an x402 facilitator, hold any funds, or accept paid integrations from labelled merchants. Every datum on the site is derived from public Base mainnet logs that anyone can query.

1. What is x402, exactly

x402 is a payment protocol designed by Coinbase that lets autonomous programs (AI agents) pay for HTTP services without human approval. The transport is HTTP 402 Payment Required with a structured envelope; settlement happens onchain. The dominant settlement path on Base is the EIP-3009 transferWithAuthorization family on USDC, which lets the agent sign a payment authorization off-chain that any third party (the facilitator) can submit on-chain.

Path A — direct USDC.transferWithAuthorization (~89% of volume)

The agent signs an EIP-3009 authorization. The facilitator wraps it in a single tx that calls one of these selectors on the canonical Base USDC contract 0x833589fcd6edb6e08f4c7c32d4f71b54bda02913:

• 0xe3ee160e — transferWithAuthorization
• 0xcf092995 — receiveWithAuthorization
• 0xef55bec6 — transferWithAuthorization (typed-data v2)
• 0x88b7ab63 — receiveWithAuthorization (typed-data v2)

Each call emits two USDC events: an AuthorizationUsed(authorizer, nonce) and a paired Transfer(from, to, value). lookx402 matches them by transaction hash.

Path B — Permit2 settle proxy (~0% measured volume)

A second variant routes through a Permit2 proxy at 0x402085c248EeA27D92E8b30b2C58ed07f9E20001. We watch this address but have observed effectively zero 30-day traffic.

2. Live indexing

A Cloudflare Worker fires every 5 minutes:

1. eth_getBlockByNumber("latest") to anchor the window.
2. eth_getLogs against USDC for topic AuthorizationUsed over the last ~150 blocks (with a 30-block safety overlap).
3. eth_getLogs for USDC Transfer events filtered by topic1 ∈ {payers seen in step 2}.
4. Match by tx hash → upsert into transactions with (payer, merchant, amount, nonce, block_timestamp).

RPC requests rotate across four free public endpoints (publicnode, llamarpc, drpc, meowrpc) with retry-on-rotation. No paid provider is required for live mode.

The payer-extraction gotcha

An obvious mistake is to read tx.from as the agent. It isn't. tx.from is the facilitator wallet (CDP, OpenFacilitator, Primer, etc.) that submitted the bundled authorization. The real payer is the EIP-3009 authorizer — found at topics[1] of the AuthorizationUsed event, which is also the first parameter of the call's calldata. Leaderboards that don't decode this rank facilitators as the top agents and miss the actual machine-to-machine economy entirely.

3. Backfill

A separate one-shot Python job (see scripts/backfill_base_30d.py in our infra) replays the same 2-getLogs strategy across the previous 30 days in 1 000-block chunks. The chunks are fully idempotent — keyed on tx hash — so running the script twice is safe.

4. Deduplication

Every x402 authorization carries a unique nonce (bytes32, EIP-3009). We never write a duplicate — the transactions table is keyed on tx hash, and we additionally index (payer, nonce) for replay-detection research. Coinbase Commerce's two payment-collector contracts are filtered out at decode time so they don't pollute the merchant set with transit transfers.

5. Profiles & dyads

Three Postgres materialized views are recomputed after each ingest cycle:

• agent_profiles — per-payer aggregates (tx count, volume, distinct merchants, lifetime).
• merchant_profiles — per-recipient aggregates.
• dyads — per (payer, merchant) pair aggregates with days_active.

6. Behavioral classification

Every hour, a Postgres function reclassifies every agent into a primary archetype based on six signals: tx count, median amount, lifetime in days, distinct merchants, night-hour ratio (22:00–06:00 UTC), and median cadence jitter (delay between consecutive tx). The full rule table lives at /archetypes.

7. Identity enrichment

An hourly resolver Worker batches the top 200 active wallets through web3.bio (free public API) to attach ENS, Basenames, Farcaster, and Lens labels when present. Negative lookups write a sentinel so we don't re-query the same wallet for 7 days. A separate seed registry covers ~400 services scraped from the PayAI and Coinbase x402 directories at launch.

8. What we deliberately do not do

• We do not attribute wallets to corporations. No "this address belongs to Anthropic" claims unless that wallet is explicitly listed by the company itself in a verifiable place. The agent economy is anonymous by design and we treat it that way.
• We do not throttle or filter the public dataset. Every transaction we index is publicly queryable via the JSON API.
• We do not run a facilitator. No funds flow through us. We are a passive read.

9. Source code & corrections

If you spot a decoding error or want to propose an improvement, ping @lookx402 on X.