PLANNT L402 / LIGHTNING
PROBLEM MCP + CLI DOCS WHITEPAPER GITHUB ↗
01 / THE PROBLEM

API keys were not built for machines.

Every credential in production today assumes a human operator who provisioned it, a human operator who can rotate it, and a human operator who notices when the bill arrives. None of those assumptions hold once an autonomous agent is the principal.

01The human-shaped assumption

An API key is a long-lived symmetric secret. A person registers for an account, generates the credential, copies it into a config file, and rotates it on whatever cadence the policy demands. Every part of that ritual depends on a human in the loop. A human scopes it. A human stores it. A human revokes it when something goes wrong. The credential carries no native payment semantics. Billing is bolted on out-of-band, settled against an invoice the credential itself can neither generate nor agree to.

Autonomous agents do not fit this shape. An agent that needs to call an inference API at 03:00 cannot wait for a person to approve the request, scope a token, or authorize a top-up. The agent must acquire access at runtime, on its own, with no standing relationship to the service and no shared infrastructure beyond the open internet.

02The failure modes that follow

Static credentials leak. The same string that authenticates is the same string that ends up in a Slack thread, a public repo, a leaked Docker image. There is no cryptographic asymmetry to defend against exposure. Once it is out, it is out, and every downstream system trusts it equally.

Static credentials have no spending cap. A leaked key can run a training loop for the entire billing cycle. Limits are dashboards, not invariants. Damage is uncapped until a human notices.

Static credentials carry no payment metadata. The protocol cannot say what a request costs. The agent cannot consent to a price before the work is done. Settlement happens after the fact, against a bill the agent never saw and never agreed to. Machines should not need an accountant.

TRADITIONAL MODEL key issued → key stored → key leaked → bill arrives
PLANNT MODEL request made → invoice generated → payment verified → access granted → token spent

03What a machine-native credential looks like

L402 is a payment-native HTTP authentication scheme. When an agent hits a protected endpoint, the server responds with 402 Payment Required, a Lightning invoice, and a macaroon. The agent pays the invoice over Lightning, receives a payment preimage as cryptographic proof of payment, and retries the request with Authorization: L402 macaroon:preimage. The server verifies the preimage by math. Verification is stateless, sessionless, and grounded in a one-way function rather than a shared secret.

The credential is generated on demand. It carries a price. It is consumed in one use. The protocol expresses the payment in the same round trip as the access. There is no key to leak because there is no key. There is no runaway spend because every request is pre-paid. There is no out-of-band billing because the billing is the auth.

04Why Bitcoin Lightning, specifically

L402 needs three properties from its payment rail: final settlement in seconds, per-request granularity at sub-cent cost, and permissionless transit end-to-end. Bitcoin Lightning is the only network in production today that delivers all three. Sats settle in under a second. A 21-sat invoice costs a fraction of a US cent. The network operates without an issuer, an acquirer, a chargeback layer, or a compliance gate between the agent and the API.

Plannt is not multi-rail. Settlement is in sats. The unit of account and the credential share one trust assumption, because they are the same object. That property only survives on a payment network that is permissionless, programmable, and final. That network is Lightning.

05The deliberate choice

Other proposals exist. x402 is the largest of them, and it makes the opposite bet: payment-native HTTP, but on stablecoins, with the operational assumptions that follow. Issuer risk. Settlement layer politics. Gas. KYC gravity at the edges. That is a legitimate design choice. It is not the one Plannt is making.

Plannt is the Bitcoin-native option. Built for developers who want their access control credential and their unit of account to share the same trust assumptions. Built for agents that need to settle finally, instantly, in a unit nobody can freeze. Built for the half of the agent-builder community that reads tcpdump for fun and wants the protocol-pure choice.

If that is the half you are in, the API is at github.com/HashRails/plannt-api. The endpoints are live at api.plannt.com. Pay 21 sats and you are in.

VIEW THE API BACK TO PLANNT