// GLOSSARY -- X402

What is x402 Domain Pinning?

2 min read Updated

x402 domain pinning (also called recipient pinning) is a security control that associates specific payment recipient addresses with specific domains — blocking payments when an x402 endpoint suddenly requests payment to a different address than previously observed, indicating potential compromise or attack.

WHY IT MATTERS

One of the critical x402 threat models is payment redirection. A legitimate API at api.example.com normally requests payment to address 0xABC.... If the domain is compromised (DNS hijacking, server breach, man-in-the-middle), an attacker could serve 402 responses directing payments to their own address 0xEVIL....

Without domain pinning, an agent blindly pays whoever the 402 response specifies. The agent has no way to know the recipient address changed — it just sees a valid 402 response and pays.

Domain pinning works by recording the first observed recipient address for each domain and flagging or blocking subsequent requests to different addresses:

  1. Agent first visits api.example.com → receives 402 requesting payment to 0xABC...
  2. PolicyLayer records the pin: api.example.com → 0xABC...
  3. Later, agent visits api.example.com → receives 402 requesting payment to 0xEVIL...
  4. PolicyLayer detects the mismatch → payment blocked, operator notified

This is analogous to SSH host key verification or HTTP Public Key Pinning (HPKP) — trust on first use, then verify consistency. Operators can also pre-configure pins for known vendors, establishing trust before the first interaction.

Domain pinning is particularly important because x402 payments are irreversible. A misdirected credit card payment can be charged back. A misdirected USDC transfer on Base is gone.

HOW POLICYLAYER USES THIS

PolicyLayer's recipient pinning feature is a core part of x402 policy enforcement. Pins are automatically created on first contact with new endpoints and can be pre-configured for known vendors. Any payment to an unpinned or mismatched address is blocked, with webhook notifications for operator review.

FREQUENTLY ASKED QUESTIONS

What attacks does domain pinning prevent?
DNS hijacking (attacker redirects domain to their server), server compromise (attacker modifies 402 responses), man-in-the-middle (attacker intercepts and modifies responses in transit), and social engineering (tricking agents into visiting lookalike domains).
Can a legitimate endpoint change its payment address?
Yes, but it requires operator intervention. When a pinned endpoint requests payment to a new address, the payment is blocked and the operator is notified. They can then update the pin if the change is legitimate — similar to accepting a new SSH host key.
Is this the same as an allowlist?
Related but different. An allowlist specifies which addresses can receive payments globally. Domain pinning maps specific addresses to specific domains — a payment to 0xABC is only allowed from api.example.com, not from malicious.com even if 0xABC is on the allowlist.

FURTHER READING

Enforce policies on every tool call

Intercept is the open-source MCP proxy that enforces YAML policies on AI agent tool calls. No code changes needed.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.