SoK: Blockchain Agent-to-Agent Payments
Abstract
Agentic AI rivals human capabilities across a wide range of domains. Looking ahead, it is foreseeable that AI agents will autonomously handle complex workflows and interactions. Early prototypes of this paradigm are emerging, e.g., OpenClaw and Moltbook, signaling a shift toward Agent-to-Agent (A2A) ecosystems. However, despite these promising blueprints, critical trust and security challenges remain, particularly in scenarios involving financial transactions. Ensuring secure and reliable payment mechanisms between unknown and untrusted agents is crucial to complete a fully functional and trustworthy A2A ecosystem. Although blockchain-based infrastructures provide a natural foundation for this setting, via programmable settlement, transparent accounting, and open interoperability, trust and security challenges have not yet been fully addressed. Hence, for the first time, we systematize blockchain-based A2A payments, e.g., X402, with a four-stage lifecycle: discovery, authorization, execution, and accounting. We categorize representative designs at each stage and identify key challenges, including weak intent binding, misuse under valid authorization, payment-service decoupling, and limited accountability. We highlight future directions for strengthening cross-stage consistency, enabling behavior-aware control, and supporting compositional payment workflows across agents and systems.
Cite
@article{arxiv.2604.03733,
title = {SoK: Blockchain Agent-to-Agent Payments},
author = {Yuanzhe Zhang and Yuexin Xiang and Yuchen Lei and Qin Wang and Tian Qiu and Yujing Sun and Spiridon Zarkov and Tsz Hon Yuen and Andreas Deppeler and Jiangshan Yu and Kwok-Yan Lam},
journal= {arXiv preprint arXiv:2604.03733},
year = {2026}
}