This paper analyzes the x402 payment protocol, revealing systemic vulnerabilities in state synchronization and signature design that allow attackers to exploit payment systems for resource leakage in…

This paper analyzes the x402 payment protocol, revealing critical synchronization and security flaws that allow attackers to exploit payment systems and force merchants to subsidize compute costs.

The paper introduces presidio-hardened-x402, an open-source middleware that intercepts x402 payment requests to detect and redact PII and enforce spending policies before on-chain settlement.

APEX is a research system that adapts HTTP 402-style payment gating for autonomous agents, enabling programmatic spend governance using real-world fiat payment workflows like UPI.

The paper develops a unified, cross-layer security framework for autonomous LLM agents operating in agentic commerce, identifying key attack vectors and proposing a layered defense architecture.

The paper proposes a compliance-aware architecture for agentic payments on stablecoin rails that embeds regulatory checks directly into the on-chain execution flow to ensure safe, low-friction transfe…

The paper systematizes the interaction between autonomous AI agents and blockchain platforms using a bidirectional trust framework, identifying significant gaps in current standards and proposing a ta…

The paper introduces AIP, a novel protocol using Invocation-Bound Capability Tokens (IBCTs) to provide verifiable identity and secure delegation across Model Context Protocol (MCP) and Agent-to-Agent…

This study provides the first measurement of authentication security in real-world remote Model Context Protocol (MCP) servers, finding pervasive and critical authentication weaknesses, particularly i…

The paper introduces MolTrust, a production-deployed trust infrastructure built on W3C standards (VCs and DIDs) that provides a verifiable, multi-layered authorization framework for autonomous AI agen…

The paper proposes Sello, a novel protocol that allows an owner to reconstruct a tamper-evident and verifiable record of AI agent actions by having a trusted receiver sign and publish receipts of the…

The paper introduces ClawCoin, a novel tokenized, compute-cost-indexed unit of account designed to solve the problem of non-transferable compute costs in decentralized AI agent economies.

This paper analyzes Bitcoin's new V2 P2P transport protocol, demonstrating that while it fixes known vulnerabilities, attackers can still execute conceptual attacks like message identification via pay…

This study demonstrates that the publicly distributed firmware of ASIC cryptocurrency miners constitutes a primary and sufficient attack surface, allowing attackers to reconstruct internal architectur…

The paper introduces Ark, a novel Bitcoin-compatible commit-chain that enables offchain transaction batching of virtual UTXOs (VTXOs) with a constant onchain footprint, solving scalability issues with…

GoAT-X introduces a novel framework that structures cross-chain smart contract auditing as a Graph of Auditing Thoughts, significantly improving the detection of complex, semantic vulnerabilities in m…

The paper introduces a comprehensive security framework, AgentRFC, to systematically analyze and test the security conformance of various AI agent protocols, identifying critical design gaps, especial…

The paper introduces SuperPaymaster, an Asset-Oriented Abstraction (AOA) paymaster that eliminates the need for a centralized off-chain signer, thereby improving the decentralization and efficiency of…

GasLiteAA proposes optimizing the ERC-4337 standard by offloading gas sponsorship logic to Trusted Execution Environments (TEE), significantly reducing on-chain gas costs while maintaining security an…

HFIPay proposes a privacy-preserving, non-custodial system for cross-chain cryptocurrency payments that links human-friendly identifiers to blockchain transactions without exposing recipient balances…