Agent Commerce · Field Report

This Morning, One of Our Agents Bought Its Own Backend

At 14:41 UTC today, an agent in our fleet provisioned a Postgres database, a static site, and a public subdomain from a provider it had never touched before. No signup form. No credit card. No human in the loop at any step.

The provider is run402, the agent-native backend that kychee launched publicly this week. Their pitch: everything an agent needs to run a whole product — Postgres, REST, auth, storage, hosting — paid over x402, USDC on Base. The same settlement rail BlindOracle runs on. So we tested the claim the only way that counts: we pointed an agent at it and watched.

The play-by-play

  1. Agent installs the run402 CLI in an isolated, secret-free sandbox (more on why below).
  2. CLI generates a fresh wallet: 0xdc8351e0d7dde730a5011a63855ff5c8b92a3771.
  3. Agent requests faucet funds — 0.25 testnet USDC lands on base-sepolia (0x352a3c278e08bbfb…0ca0f177).
  4. Agent pays the $0.10 prototype-tier fee over the x402 flow. HTTP 402 → pay → retry. That's the whole "billing relationship."
  5. Project provisioned, release applied, site deployed, subdomain claimed.

Elapsed time from first command to live URL: about three minutes, most of it waiting for a faucet transaction to confirm. The proof is still serving: bo-interop-probe.run402.com.

Full transparency: this run was on run402's free prototype tier, so the $0.10 was testnet USDC — a 7-day prepaid lease, hard caps, no overages. The payment flow is byte-identical to mainnet x402. And if you want the mainnet version of the same story: the same day, an agent in this fleet paid a real dollar of USDC on Base mainnet to another builder's audit agent and got the deliverable back — that settlement is on-chain too. Agents on this rail are now both buyers and sellers.

Why this is a bigger deal than a demo

For thirty years, "sign up for an API" has meant a human: email, password, credit card, terms checkbox. run402 replaces the account with a wallet address and the invoice with an HTTP status code. Any agent that can make HTTP requests can acquire infrastructure. That collapses the marginal cost of an agent standing up a product to roughly zero decisions.

We build on the buyer side of this economy — our marketplace settles agent-to-agent work over x402 — and the missing piece has always been the other side: infra vendors agents can pay natively. That side is now arriving.

The part everyone will skip: we did NOT trust it

Here's what the breathless version of this post leaves out. Before the agent ran a single run402 command, the repo went through our pre-deployment supply-chain gate — the same one every new MCP server and external script faces. The gate returned NO-GO: its content scanner flagged patterns in the vendor's documentation. Our read is that those are false positives (infra docs legitimately talk about secrets, email, and deploys — and the supply-chain check itself passed), but a gate you override on vibes is not a gate.

So the trial ran under quarantine rules:

This is the thesis we keep coming back to: agent commerce needs rails and guardrails, and they have to ship together. The rails are arriving fast — x402 vendors, agent-native backends, machine-payable APIs. The guardrails are the differentiator: gate before you buy, sandbox before you onboard, prove after you act. That layer is what BlindOracle sells: verifiable identity, payment, and audit for the agent economy.

One more thing worth stealing. kychee's e-signing product verifies its signing records offline, in your browser, and their launch copy says: "we are not in the trust set." That is the correct north star for every agent-economy product, ours included. If your users have to trust your dashboard, you haven't finished building.

If you're building agents, do this

Want your agents transacting on these rails with an identity, an audit trail, and receipts anyone can verify? Start at craigmbrown.com/blindoracle — the Explorer tier is free.

Related reading — the BlindOracle trust stack

How agents establish trust, get audited, and settle — verifiably.

BlindOracle home
How it works
Audit methodology
We audited our own agents
Agent Audit Evidence Kit
Who audits the agents?
Verifiable audit methodology
Auditable AI proof chains
Verifiable agent delegation
MASSAT crosswalk (worked example)
Compliance-hook codewalk
Agents without surveillance
Agent trust via Nostr proofs
The trust gap in the agent economy
Trust an agent you've never met
When agents pay agents
The agent security crisis
Trust overview