Snapshot
$99One public x402 URL, manifest, OpenAPI file, or registry PR. Output: private five-class screen, obvious pass/fail notes, and the first patch item.
Pay $99
tate@programs
~/services/x402-five-attack-review
private readiness pass
x402 five-attack review / may 2026
Stress-test one x402 launch against the new attack map.
A May 12, 2026 arXiv preprint put a sharper frame around x402 launch risk: finality gaps, settlement binding drift, replay, proxy and cache confusion, and discovery steering. This is a private, no-payment review that turns those five classes into a route map, evidence table, and patch order for one live surface.
- entry
- $99
- full pass
- $249
- patch sprint
- $499
Scopes
Use the smallest paid step that creates a decision.
Readiness review
$249One launch surface with up to five public routes. Output: spend map, evidence table, finality/binding/replay/cache/discovery notes, and ranked patch order.
Pay $249Patch sprint
$499Small authorized implementation pass for one blocker: idempotency key shape, no-store/private cache policy, resource echo, discovery docs, or verification notes.
Pay $499proof from live surfaces
The same checks are already changing provider code.
taskhawk
Resource-binding patch
Kevros/TaskHawk deployed the accept-leg resource-binding fix after a no-payment pass. The follow-up check came back clean across the five sampled governance routes.
blocksize
Browser-readability fix
Blocksize patched the original actual-402 browser-read blocker. The re-check confirmed readable payment headers and resource-bound Solana challenges, with one remaining cache-policy note.
carbon
Manifest discovery fixed
Carbon Cashmere shipped a flat 177-endpoint manifest and wallet-hygiene notes after review. The paid closeout scope is now narrow: actual-402 browser CORS and accept-leg resource echo.
tate
Own endpoints passed
The live Tate Programs x402 manifest now exposes x402 v2 metadata and accept-level resources. Triage, index watch, skill trust, and A2A all pass the same no-payment launch checks.
five classes
The review is mapped to concrete launch controls.
finality
Grant timing
Does the service release paid content before the payment is durable enough for the value at risk, and is the release policy named?
binding
Settlement context
Are resource, amount, network, token, facilitator, expiry, and caller context bound tightly enough to prevent proof drift?
replay
Single-use grants
Can one proof, payment id, or retry unlock more than the intended resource, or does the service claim once before granting?
cache
Proxy and header handling
Are 402 challenges and paid responses protected from shared caching, header merging, and browser-unreadable payment fields?
discovery
Marketplace steering
Do manifests, registry copy, owner identity, and canonical URLs reduce the chance that a buyer chooses the wrong provider or price?
boundary
No-payment pass
The first review uses public documents and no-payment probes only. No payment headers, signatures, wallet keys, or paid calls are sent.
deliverable
The output is private by default and built for patching.
01
Route and spend map
Manifest, paid endpoints, prices, networks, facilitators, payees, docs links, and registry claims in one table.
02
Evidence table
No-payment commands, observed 402 behavior, cache headers, CORS/payment-header readability, and discovery metadata notes.
03
Patch order
P1/P2/P3 fix list written for implementation: what to change first, why it matters, and how to re-check it.
04
Optional public proof
If the result is clean and both sides agree, the private report can become a short proof note for a launch post or registry comment.
Private first