Lemma × x402 — Reference implementation
Lemma proves who paid, under what authority, and on what data — cryptographically, on-chain, without exposing the underlying data.
Prove who paid
ZK-proven agent identity on every request. No anonymous transfers.
Prove what they're authorized to do
KYC, risk limits, issuer credentials — verified before payment.
Prove it permanently
On-chain audit trail, auto-generated at settlement.
Your existing x402 flow stays intact. Lemma adds verification, proof, and on-chain audit — without changing your agent code.
Agent API call
Agent sends a request to a protected endpoint. No changes to your agent code required.
Lemma verifies ZK attribute proofs
Before payment is authorized, Lemma verifies KYC status, risk limits, and issuer credentials — cryptographically, without exposing the underlying data.
Verified proof attached to HTTP 402
The verified proof is embedded in the Authorization header of the 402 response. Proof travels with the payment — verifiable by any counterparty.
x402 payment sent
Agent pays with the proof-bearing header. Lemma re-verifies and authorizes. Standard x402 flow.
On-chain audit record anchored
Settlement and proof are anchored on-chain simultaneously. Who paid, under what authority, and on what data — cryptographically verifiable by any third party, permanently.
Your x402 flow stays intact.
Three steps become cryptographically provable.
x402 alone
Anonymous transfer
No identity attached. Any agent can pay — there's no way to verify who or what it represents.
No authority check
KYC status, risk limits, issuer credentials — none of this is verified at the protocol layer.
No audit trail
Payment completes. Nothing is recorded about what data was referenced or what conditions were met.
Lemma × x402
ZK-proven identity
Agent identity, issuer, role, and policy — cryptographically proven and attached to every payment.
Pre-payment verification
KYC cleared, within risk limits, authorized scope — all verified before the payment goes through.
Permanent on-chain record
Settlement and proof anchored simultaneously. Cryptographically verifiable by any third party, forever.
01 / 03
Business rules — "KYC cleared," "revenue above threshold," "issuer-verified" — become machine-verifiable ZK proofs. Circuit and generator permanently recorded.
ZK-SNARKs · Circom / Halo2
Poseidon · On-chain registry
02 / 03
BBS+ selective disclosure reveals only the attributes an agent needs. AES-GCM encryption protects the full document. The AI sees only docHash and CID — never raw PII.
BBS+ signatures · AES-GCM
ECDH · HKDF
03 / 03
Verification results, schemas, and issuer info anchored on-chain at settlement. Rebuild the RAG index, recompute embeddings — provenance stays. EU AI Act trails auto-generated.
LemmaRegistry contract
IPFS/Ceramic · ProofVerified events
No. One middleware call. Your agent code stays the same.
Base Sepolia now. Monad coming soon.
On GitHub. Fork, run, and evaluate against Base Sepolia today.
Circom / Halo2 with Poseidon hash. Circuits and generators are permanently on-chain.
The current release is a demo. Try it now — no account or credit card required.
Pricing and production plans are coming soon. Follow our updates for the announcement.
No. Lemma processes ZK proofs only. Raw data never leaves your environment.
Lemma is designed to support auditability and provenance requirements. Whether it meets specific regulatory obligations depends on your implementation.
Fork the reference implementation, run against Base Sepolia, and integrate ZK-verified payments into your agent stack. Full TypeScript SDK. Open source. MIT license.
View on GitHub →Early partners receive priority access, co-development opportunities, and preferential pricing. Finance, manufacturing, and media verticals. Limited slots.
Register as Partner →Get early access to the demo and be the first to know when pricing, plans, and the public launch land. One short form. Unsubscribe anytime.
Join the waitlist →
Models change.
Proofs remain.
Built for decisions that matter.