Skip to main content

MPP payments

The Machine Payments Protocol (MPP) enables crypto-native, per-request payments on the Tempo blockchain. MPP is an additive payment method alongside Stripe — you choose which to use on each request.

How it works

MPP uses an HTTP 402 challenge/response flow:
  1. You send a request to the gateway.
  2. The server returns 402 Payment Required with a challenge containing the price, token, and recipient.
  3. You sign a Tempo transaction matching the challenge.
  4. You retry the request with the signed transaction as a credential in the Authorization header.
  5. The server verifies the payment on-chain and returns the response with a Payment-Receipt header.

Supported networks

Set TEMPO_TESTNET=true in your environment to use the testnet during development.

Plugin pricing

Each plugin has a fixed per-request price in USD, settled in pathUSD on Tempo.

Payment credential

After receiving a 402 challenge, build and sign a credential to send with your retry:

Authorization header format

Credential structure

402 challenge structure

When a payment is required, the server responds with:

Challenge fields

Verification

The server verifies your credential by checking:
  1. The transaction is hex-encoded and starts with the 0x76 type marker.
  2. The recipient address matches the expected recipient.
  3. The token address matches the expected currency (pathUSD).
  4. The amount matches the plugin price (within a 0.0001 tolerance).
  5. The nonce matches the original challenge nonce.
If verification fails, the server returns an error with a description of the mismatch.

Receipt

On success, the server returns:
  • A Payment-Receipt response header containing the transaction hash.
  • The payment.receipt field in the JSON response body.

Client usage

Use mppFetch to handle the full 402 flow automatically:

mppFetch options

mppFetch result

Check MPP support

You can check whether an endpoint supports MPP payments:
The function sends an OPTIONS request and checks for a WWW-Authenticate: Payment header.

Sessions

Payment sessions provide off-chain, per-call billing without an on-chain transaction for every request. This reduces latency to sub-100ms per call while still settling on-chain periodically.

How sessions work

  1. Open a session — deposit pathUSD (minimum 1.00,maximum1.00, maximum 100.00) into escrow via POST /api/wallet/sessions.
  2. Make gateway calls — include X-Session-Id and X-Wallet-Address headers on your gateway requests with X-Payment-Method: session. The gateway auto-debits your session balance using off-chain vouchers — no 402 round-trip needed.
  3. Automatic settlement — when accumulated vouchers reach $5.00 or after one hour, the server batches them into a single on-chain transaction.
  4. Close the session — call DELETE /api/wallet/sessions?sessionId=ses_... to settle any remaining vouchers and return unused funds.
You can also submit vouchers manually via POST /api/wallet/sessions/voucher if you need fine-grained control. When using the gateway with X-Payment-Method: session, voucher creation is handled automatically.

Session configuration

Session states

Session initialization

When opening a session, you must provide a viem Account to the tempo.session() call. If no account is provided, the SDK throws immediately with a descriptive error message and an example fix. This prevents cryptic errors during channel close.

Redis store for session state

By default, session state is stored in memory. For production deployments where you need persistence across restarts or across multiple server instances, use the Store.redis() adapter. It works with standard Redis clients including ioredis, node-redis, and Valkey.
The Redis adapter handles BigInt serialization automatically, so session voucher amounts are stored and retrieved without data loss.
Use the Redis store in any environment where your server may restart or where you run multiple instances behind a load balancer. Without persistent storage, active sessions are lost on restart.

When to use sessions vs. per-request MPP

  • Sessions are ideal for high-frequency agent calls where sub-100ms billing latency matters (e.g., chat, real-time orchestration).
  • Per-request MPP (the standard 402 flow) is better for infrequent or large-value calls where on-chain settlement per request is acceptable.
See the Wallet API — MPP payment sessions reference for the full endpoint documentation.

Troubleshooting

The plugin may not have a configured price. Only plugins listed in the pricing table above support MPP payments.
  • Ensure the challengeNonce matches the nonce from the 402 response.
  • Verify the transaction amount matches the challenge amount exactly.
  • Check that you are using the correct network (mainnet vs. testnet).
The transaction hex must begin with 0x76 (the Tempo transaction type marker). Ensure your signing implementation includes this prefix.