01
FAILURE MODE
Spend is unbounded.
API keys are payment-blind. A leaked credential runs an inference loop for the entire billing cycle before anyone notices. Limits are bolted on. Damage is uncapped.
L402 / LIGHTNING / MAINNET
MCP + CLI
SHIPPING MAY 2026
Machines
pay machines
API keys were built for humans. AI agents are not human. Plannt is the Bitcoin-native access control layer for autonomous agents. Every request, a Lightning invoice. Every payment, a single-use credential.
01/THE PREMISE
02
FAILURE MODE
Symmetric, long-lived secret.
The same string that authenticates gets checked into a config file, pasted into a Slack thread, baked into a Docker image. API keys leak by default.
03
FAILURE MODE
Billing is bolted on.
Billing happens out-of-band, after the fact, against an invoice the agent never saw and never agreed to. Machines should not need an accountant.
∞
02/THE PROTOCOL / FIVE STEPS
01
Agent requests a protected endpoint. No credentials sent.
GET /v1/demo Authorization: (none)
02
Server responds 402 with a BOLT11 invoice and a macaroon.
402 Payment Required invoice: lnbc210n1... macaroon: AgEDLn...
03
Agent pays the invoice over Lightning. Preimage returned as proof.
→ lightning.pay()
← preimage: a3f9...b21e
04
Agent retries with
Authorization: L402 macaroon:preimage.GET /v1/demo Authorization: L402 macaroon:preimage
05
Server verifies
HMAC(root_key, payment_hash) == macaroon_id. Access granted. Token spent.200 OK x-l402: spent { result: ... }
⚡
03/LIVE ENDPOINTS / api.plannt.com
METHOD
PATH
DESCRIPTION
PRICE
GET
/v1/demo
Issues 402 with invoice + L402 token
21sats
GET
/v1/data
Returns protected payload on valid token
100sats
POST
/v1/generate
Submits prompt, returns GPT-4 inference
250sats
GET
/status
Health check
public
∞
04/QUICK START / THREE STROKES
$ curl -i https://api.plannt.com/v1/demo # no credentials. no headers. # the request itself is the trigger.
HTTP/1.1 402 Payment Required content-type: application/json { "error": "Payment Required", "invoice": "lnbc210n1p...", "format": "L402 <mac>:<preimage>" }
$ curl -i https://api.plannt.com/v1/demo \ -H "Authorization: L402 <mac>:<preimage>" HTTP/1.1 200 OK { "result": "verified" }
⚡
05/WHY THIS IS SECURE
Credentials are ephemeral.
The credential is generated, used, and consumed inside a single request cycle. It exists for less than a second.
Tokens are single-use.
Every token expires the moment it verifies. The replay window is zero. The idle window is zero.
Every request is pre-paid.
Each call requires a discrete Lightning invoice settled before access. Spend is capped at the cost of one request.
Verification is stateless.
Pure cryptography. HMAC(root_key, payment_hash) == macaroon_id. Stateless. Horizontal. Fast.
∞
06/SHIPPING NEXT / MAY 2026
IN BUILD
MAY 2026
Plannt MCP
A Model Context Protocol server that lets Claude, Cursor, and any MCP-compatible agent call Plannt-gated endpoints natively. No middleware. No glue code. The agent discovers, pays, and verifies in a single tool call.
$claude mcp add plannt
IN BUILD
MAY 2026
Plannt CLI
A single-binary command-line client. Pay an L402 invoice from your terminal,
retry the request with the resulting credential, and pipe the response into
whatever you would pipe a curl response into. The fastest way to feel the protocol.
$plannt get https://api.plannt.com/v1/demo
SEE WHAT'S SHIPPING→
v1.0.0 / OPEN SOURCE / MIT
Build something a machine can pay for.
The repo is open. The endpoints are live. Start in the terminal you already have open.