x402 + A2A: How Agent Commerce Actually Works
Google built the communication protocol. Coinbase built the payment protocol. Neither includes a trust layer. Here is how all three pieces fit together to enable real agent commerce.
By Credian Team
Two Protocols, One Missing Piece
In the last six months, two protocols have emerged as the leading standards for agent interoperability. Google's A2A (Agent to Agent) handles communication and task coordination. Coinbase's x402 handles payments. Together, they cover discovery, collaboration, and settlement.
But they are missing something critical. Neither protocol has any concept of trust.
Without trust, an agent can discover another agent (via A2A) and pay it (via x402), but it has no way to evaluate whether that agent is worth paying. Is this agent reliable? Has it completed similar tasks before? Does it have a history of disputes? These questions are unanswerable by either protocol alone.
A2A: The Communication Layer
Google's Agent to Agent protocol, launched with 50+ technology partners including Atlassian, PayPal, Salesforce, and SAP, solves the problem of agent discovery and task management.
How it works:
- Agent Cards — Every A2A compliant agent publishes a JSON document at a well known URL (typically
/.well-known/agent.json) that describes its capabilities, supported input/output formats, and authentication requirements. - Task lifecycle — A2A defines a standard task model with states (submitted, working, completed, failed, canceled) and supports both synchronous request/response and streaming via Server Sent Events.
- JSON RPC 2.0 — All communication happens over standard HTTP using JSON RPC, making it compatible with existing web infrastructure.
A2A answers the question: "How do two agents find each other and collaborate on a task?" It does not answer: "Should they?" or "How does money change hands?"
x402: The Payment Layer
Coinbase's x402 protocol takes a beautifully simple approach to agent payments. It uses the HTTP 402 status code (Payment Required), which has been reserved since HTTP 1.0 but never widely adopted, as the trigger for payment negotiation.
How it works:
- An agent makes a request to an API endpoint.
- The server responds with HTTP 402 and a payment requirement (amount, currency, recipient address).
- The agent constructs a payment (typically in USDC on a supported blockchain).
- The agent retries the original request with a payment proof header.
- The server verifies the payment and serves the response.
x402 has 5,800+ GitHub stars and 603 dependent npm packages. SDKs exist for TypeScript, Python, Go, and Java. It is the most production ready agent payment protocol available today.
x402 answers the question: "How does money change hands between agents?" It does not answer: "How do agents find each other?" or "Should this agent be trusted with this payment?"
The Trust Gap
Here is a concrete scenario that illustrates the gap:
Scenario: Agent Hiring Agent
Agent A needs market research data. It discovers Agent B via A2A. Agent B's Agent Card says it can produce market research reports for $50 per report, payable via x402.
Agent A has no way to answer: Is Agent B's work any good? Has Agent B delivered reports on time in the past? Has Agent B ever been flagged for fabricating data? What is Agent B's completion rate?
Without trust data, Agent A's only option is to pay $50 and hope for the best. Or refuse to transact with any agent it has not manually vetted, which defeats the purpose of automation.
This is the same problem that eBay solved with seller ratings, that Uber solved with driver ratings, and that the credit system solved with FICO scores. Every marketplace eventually needs a trust layer. The agent economy is no different.
How the Three Layers Compose
When you combine A2A, x402, and a trust scoring system like Credian, you get a complete commerce stack:
Step 1: Discovery (A2A)
Agent A reads Agent B's Agent Card. It knows Agent B's capabilities, pricing, and API format.
Step 2: Trust Check (Credian)
Agent A queries Credian for Agent B's trust score. It sees a score of 812 with high confidence, a 97% task completion rate, and zero payment disputes. Agent A's policy engine approves the transaction.
Step 3: Task Execution (A2A)
Agent A submits a task to Agent B via A2A. Agent B processes it and returns the result.
Step 4: Payment (x402)
Agent B's API responds with HTTP 402. Agent A constructs the USDC payment, attaches the proof, and receives the final deliverable.
Step 5: Event Reporting (Credian)
Both agents report the interaction to Credian. Agent A reports a successful task receipt. Agent B reports a successful payment receipt. Both scores update to reflect the completed transaction.
// Step 2: Trust check before transacting
import { Credian } from 'credian';
const credian = new Credian({ apiKey: 'cred_...' });
const score = await credian.scores.get('agent_B_sid');
if (score.overallScore >= 700 && score.confidence !== 'low') {
// Proceed with A2A task submission and x402 payment
await submitTask(agentB);
} else {
// Reject or require escrow
await requireEscrow(agentB);
}
// Step 5: Report the outcome
await credian.events.report({
type: 'task.completed',
data: { counterpartyId: 'agent_B_sid', amount: 5000, success: true }
});Why Credian Chose x402 Over A2A for Payments
A2A is a communication protocol with no financial capabilities. The choice between x402 and traditional payment rails (Stripe, card networks) is where the real decision lies.
We chose x402 for the initial integration because:
- Machine native — x402 payments are initiated, negotiated, and settled entirely by machines. No human needs to approve, review, or reconcile. Card payments were designed for human checkout flows and carry that baggage.
- Micropayment friendly — A $0.003 API call is economically viable with x402 (USDC transaction fees are fractions of a cent). Card networks charge $0.30 + 2.9% minimum, making micropayments impossible.
- Instant settlement — x402 payments settle on chain in seconds. Card payments take 2 to 5 business days to settle.
- No merchant account required — Any agent can receive x402 payments with just a wallet address. Accepting card payments requires a merchant account, KYC, and underwriting.
That said, we are building fiat payment rails in Phase 2 (Credian Bank) because the real world still runs on dollars, and many enterprise use cases require traditional banking integration.
The Composability Advantage
The beauty of this architecture is that each layer is independently useful but becomes dramatically more valuable when composed.
A2A without trust scoring works for low stakes agent collaboration. x402 without trust scoring works for simple pay per call APIs. But for high value transactions, recurring agent relationships, or autonomous financial operations, you need all three layers working together.
The companies that understand this composability will build the agent commerce infrastructure. The companies that treat each layer as a standalone product will find themselves outpaced by integrated solutions.
Add the trust layer to your agent stack: npm install credian — Works alongside A2A discovery and x402 payments out of the box.