Hi team, quick update, I would like to share and hear the feedback from your team whether this flow and security are work with your team.
We’ve completed the backend infra for x402 payment + Uquid auto-fulfillment and validated the core flow locally. All the x402 infra, we have follow the guidance from b.ai x402.
For now, we’re sharing the API contract and test flow first.
A stable cloud endpoint (Railway) will be shared shortly after deployment is finalized.
Current phase is backend verification only (UX layer comes next):
- Product search
- Quote creation (
paymentRequired) - Wallet payment/signature (
x-payment) - Order execution (verify + settle + auto checkout)
Expected final status: FULFILLED.
API contract
Endpoints:
GET /healthPOST /searchPOST /quotePOST /order
Flow:
/search -> /quote -> wallet signs paymentRequired -> /order (x-payment + paymentId)
Sample payloads
POST /search
JSON
POST /quote
JSON · 7 lines
POST /order
- Header:
x-payment: <payment-envelope-json-string> - Body:
JSON
Security note
Security note:
We do not expose Uquid/facilitator secrets.
All sensitive API keys remain server-side (master-account model).
B.ai/agent integration only calls our backend endpoints.
Next step
We’ll share the Railway public URL once deployment is stable so your team can run endpoint tests directly.