Research/Payments

Machine-to-Machine Payments: How AI Agents and IoT Use Stablecoins to Transact

Autonomous AI agents and IoT devices need payment rails without human intervention. Stablecoins are becoming the default.

bcSatoruJul 1, 2026

A new class of economic actor is emerging on the internet: software that spends money. AI agents purchase API access, negotiate compute prices, and pay for data feeds without a human clicking "approve." IoT devices settle metered resource consumption in real time. Multi-agent workflows split tasks across specialized services, each billing the next in fractions of a cent. Traditional payment rails were never designed for this. They require human authorization, identity verification, and minimum transaction thresholds that make sub-dollar payments uneconomical. Stablecoins are filling the gap.

Between May 2025 and April 2026, AI agents settled $73 million across 176 million transactions on blockchain rails. Seventy-six percent of those transactions fell below the 30-cent fixed-fee floor of traditional card payments: amounts where legacy infrastructure would consume more in fees than the payment itself is worth. This article examines why machine-to-machine (M2M) payments are converging on stablecoins, the protocols enabling autonomous transactions, and the security challenges of giving non-human actors spending authority.

Why Traditional Payments Fail for Machines

Every payment system designed before 2020 assumes a human is present somewhere in the loop. Credit cards require a cardholder. Bank transfers require authorized signatories. Even ACH and wire transfers require identity verification and manual initiation. This creates three structural problems for autonomous machine payments.

Identity and authorization

KYC/AML requirements bind payment instruments to verified human identities. An AI agent running a multi-step research workflow cannot open a bank account or pass identity verification. Stripe and Coinbase addressed this in 2026 by creating machine-specific wallet primitives, but the underlying banking infrastructure still assumes human principals.

Minimum viable transaction size

Card networks charge interchange fees that include a fixed component (typically $0.10 to $0.30 per transaction). A $0.01 API call paid via card costs more to process than the service being purchased. This makes per-request pricing for AI agents economically impossible on card rails. Stablecoins settle for fractions of a cent on low-fee networks, making true micropayments viable.

Settlement timing

Card payments involve authorization, clearing, and settlement cycles that span days. Agent workflows execute in seconds. An AI agent that purchases web scraping access, processes the results, and pays a second agent to summarize the output needs instant settlement at each step: not T+2.

The core mismatch: Traditional payments optimize for consumer protection through chargebacks, fraud detection, and reversibility. Machine payments need the opposite: finality, speed, and programmability. Stablecoins provide all three.

How AWS, Coinbase, and Stripe Built Agent Payment Rails

In May 2026, Amazon Web Services launched Amazon Bedrock AgentCore Payments, a payment infrastructure layer built with Coinbase and Stripe that gives AI agents the ability to transact autonomously using stablecoins. AgentCore Payments is the most significant signal yet that machine-to-machine payments have moved from research concept to production infrastructure.

The x402 protocol

AgentCore Payments uses the x402 protocol, which repurposes the HTTP 402 "Payment Required" status code that has been reserved but unused since HTTP/1.1 was standardized in 1997. When an agent requests a paid resource, the server responds with a 402 status and a payment specification. The agent's wallet automatically constructs and signs a stablecoin transaction, resubmits the request with proof of payment, and receives the resource. The entire flow completes within milliseconds.

Coinbase provides the x402 Bazaar MCP server for endpoint discovery, allowing agents to find and evaluate paid services programmatically. Credentials are managed through AWS Secrets Manager with workload-scoped, one-time-use access tokens, and wallet operations support EdDSA, ECDSA, and ES256 signing.

Machine Payments Protocol

Stripe took a parallel approach with the Machine Payments Protocol (MPP), launched in February 2026 in partnership with the Tempo blockchain. MPP is an open standard that integrates with Stripe's existing PaymentIntents API while adding stablecoin settlement as a first-class option. Where x402 is HTTP-native, MPP maps to Stripe's existing merchant integration model: both converge on stablecoins as the settlement layer.

Coinbase AgentKit and agentic wallets

Coinbase's CDP AgentKit provides the wallet infrastructure underpinning both AgentCore and standalone agent deployments. AgentKit is model-agnostic (it works with OpenAI, Anthropic, and open-source models) and wallet-agnostic. It enables gasless transactions through Coinbase's Smart Wallet API, meaning agents can transact on-chain without holding native gas tokens. The toolkit integrates with OpenAI's Agents SDK and includes framework-native guardrails for spending limits and permission scoping.

ProtocolBacked byApproachSettlement layer
x402Coinbase, AWSHTTP 402 nativeUSDC (Base, Ethereum)
MPPStripe, TempoPaymentIntents extensionMulti-stablecoin
Agent PayMastercardTokenized credentialsCard + stablecoin
ACPCommunityAgent-to-agent discoveryChain-agnostic

Use Case 1: AI Agents Purchasing API Access and Web Content

The most immediate M2M payment use case is AI agents paying for the resources they consume. Today, API access is typically billed through monthly subscriptions or prepaid credit balances tied to a human's account. This model breaks down when agents operate autonomously across dozens of services, each requiring separate provisioning.

With x402, an agent can discover a paid API endpoint, evaluate its price, pay per request in USDC, and receive the response: all in a single HTTP round-trip. No API key provisioning, no credit card on file, no monthly invoice reconciliation. The payment is the authentication.

Practical applications

  • Research agents purchasing access to premium data sources (financial data, academic papers, proprietary datasets) on a per-query basis
  • Code generation agents paying for specialized tool access (linters, test runners, deployment services) only when needed
  • Content agents licensing images, translations, or fact-checking services at sub-cent per-use pricing
  • Web scraping agents paying publishers directly for content access, replacing ad-supported models with direct micropayments

This model enables a programmable money paradigm where pricing becomes as granular as the API calls themselves. A research agent might spend $0.003 per search result, $0.02 per full-text document retrieval, and $0.001 per citation verification: each settled instantly on stablecoin rails.

Use Case 2: IoT Devices Paying for Resources

IoT devices generate another category of machine-to-machine payment demand. Connected devices need compute, bandwidth, data feeds, and physical resources: all priced in small increments and consumed continuously.

Resource metering

Consider an autonomous vehicle fleet. Each vehicle consumes mapping data, weather feeds, traffic information, and edge compute for real-time inference. Today, these services are bundled into enterprise contracts negotiated by humans. With stablecoin micropayments, each vehicle could pay directly for exactly what it consumes: $0.001 per map tile, $0.005 per weather update, $0.01 per inference cycle. Settlement happens in real time with no monthly reconciliation.

Electric vehicle charging is an even more tangible example. A vehicle pulls into a charging station, negotiates a price with the station's controller, and streams stablecoin payments proportional to energy delivered. No app, no account, no card tap: just two machines settling a transaction.

DePIN and machine economies

Decentralized Physical Infrastructure Networks (DePIN) represent the intersection of IoT and crypto-native payments. Sensor networks sell environmental data. Distributed compute nodes sell GPU cycles. Mesh networks sell bandwidth. In each case, the infrastructure provider is a machine, the buyer is a machine, and the payment needs to be autonomous, metered, and settled in real time without human intervention.

Use Case 3: Agent-to-Agent Transactions in Multi-Agent Workflows

Modern AI systems increasingly decompose complex tasks into multi-agent workflows where specialized agents collaborate. An orchestrator agent might delegate research to one agent, analysis to another, and report generation to a third. Each specialist may be operated by a different provider with different pricing.

Agent-to-agent payments create an economic layer for these workflows. The orchestrator agent holds a stablecoin budget, pays each specialist for its contribution, and the specialists can in turn pay sub-agents or data providers. This creates a recursive economic graph where value flows proportionally to contribution.

Emerging coordination protocols

Academic research is formalizing this pattern. A 2025 paper on the Coral Protocol describes "Open Infrastructure Connecting The Internet of Agents." A 2026 paper proposes extending Google's Agent-to-Agent (A2A) protocol with ledger-anchored identities and x402 micropayments. The common thread across these proposals: stablecoins as the settlement medium, with blockchain providing an immutable audit trail of who paid whom and when.

Audit by default: When agent payments settle on-chain, every transaction creates a permanent, non-forgeable record. This is critical for enterprise adoption where compliance teams need to verify that autonomous spending stayed within policy.

Why Stablecoins Fit Machine-to-Machine Payments

Stablecoins have specific properties that make them well-suited for M2M payment flows. These are not abstract advantages: they map directly to the requirements of autonomous transacting systems.

Programmability

Stablecoin transfers are API calls. An agent can construct, sign, and broadcast a payment programmatically without any human-facing interface. Smart contracts can enforce spending rules, time-locks, and conditional releases without intermediary approval. This is programmable money in its most literal form: money controlled by code, spent by code, and settled by code.

No chargebacks

Traditional card payments include a chargeback mechanism designed to protect consumers. For machine payments, chargebacks are a liability, not a feature. An API provider that delivers data to an AI agent cannot "un-deliver" the data if the payment is reversed 90 days later. Stablecoin payment finality eliminates this risk: once settled, the transaction is irreversible.

Micropayment economics

On low-fee networks, stablecoin transfers cost fractions of a cent regardless of payment size. This enables per-request pricing at granularities impossible on card rails. The 76% of agent transactions that fall below the 30-cent card fee floor represent an entirely new category of economic activity that stablecoins unlock.

24/7 availability

Machines do not observe banking hours, weekends, or holidays. ACH batches process on business days. SWIFT messages queue over weekends. Stablecoin payment rails operate continuously: the same latency at 3 AM on Christmas as at noon on a Tuesday. For global agent networks spanning time zones, this is not a convenience but a requirement.

PropertyCard/ACHStablecoinsM2M relevance
Min. viable payment~$0.30 (fee floor)<$0.001Enables per-request pricing
Settlement timeT+1 to T+3Seconds to minutesMatches agent workflow speed
AvailabilityBusiness hours/days24/7/365Agents run continuously
Chargeback riskUp to 120 daysNone (final)Critical for data/API delivery
Human identity requiredYes (KYC)NoMachines lack legal identity
Programmable rulesLimitedSmart contract enforcementAutomated spending governance

Lightning as an Alternative M2M Rail

The Lightning Network offers another path for machine micropayments. Lightning payments settle in milliseconds, cost fractions of a cent, and support streaming payments through protocols like keysend. For certain M2M use cases, Lightning has advantages: it settles on Bitcoin (the most robust settlement layer), supports true peer-to-peer payments without intermediary blockchains, and enables sub-satoshi streaming through extensions.

Where Lightning excels

Lightning is well-suited for high-frequency, low-value streams between known counterparties. A sensor network paying a data aggregator in a continuous stream of satoshis, or a compute node billing per GPU-second via Lightning Address, represents the protocol at its best. The Lightning micropayments model eliminates settlement risk entirely: each satoshi is settled as it flows.

Where stablecoins win for M2M

For broader M2M adoption, stablecoins have practical advantages. Most agent payment protocols (x402, MPP, ACP) are built on stablecoin rails, not Lightning. Dollar denomination eliminates volatility risk for service pricing: an API provider can price at $0.003 per request without worrying about Bitcoin price fluctuations affecting margins. Stablecoin wallets are simpler to provision for agents: no channel management, no inbound liquidity requirements, no routing path discovery.

The two approaches are not mutually exclusive. Stablecoins running on Bitcoin Layer 2 networks can combine dollar stability with Bitcoin settlement guarantees. Protocols like Spark support native stablecoin transfers (including USDB) with instant settlement and minimal fees, offering a middle path: dollar-denominated payments settled on Bitcoin infrastructure without channel management overhead.

Security Challenges: Giving Machines Spending Authority

The fundamental security question of M2M payments is: how do you give a non-human actor spending authority without creating catastrophic failure modes? This is not a theoretical concern. Researchers have already documented real-world exploits targeting AI agent payment infrastructure.

Autonomous spending limits

Agent wallets implement layered spending governance. Coinbase's agentic wallets enforce per-session spending caps, per-transaction limits, velocity controls (limiting how fast funds can drain), and whitelist restrictions that confine agent interactions to approved contracts and addresses. AWS AgentCore adds workload-scoped credentials and three-phase atomic transactions (reserve, process, commit/rollback) to prevent partial settlement failures.

The architecture mirrors principle-of-least-privilege from traditional security: an agent receives the minimum spending authority needed for its task, scoped to specific counterparties, with hard caps on total expenditure per session.

Wallet access control for non-human actors

Multi-party computation (MPC) wallets split private keys into shares distributed between the agent environment and the infrastructure provider. Even if an agent is fully compromised, the attacker cannot reconstruct the complete key needed to move funds. This is combined with role-based access control (RBAC), time-locked operations for large transactions, and multi-signature requirements for critical operations like withdrawals exceeding policy thresholds.

The LLM router attack vector

In April 2026, researchers from UC Santa Barbara, UC San Diego, Fuzzland, and World Liberty Financial published findings on a critical vulnerability in AI agent payment infrastructure: malicious LLM routers. LLM routers are intermediary services that sit between users and AI models, routing requests to the cheapest or fastest available model. They have complete plaintext access to all data passing through them, including wallet credentials and payment instructions.

The researchers identified 26 LLM routers secretly injecting malicious tool calls and stealing credentials, with one incident resulting in a $500,000 wallet drain. The attack works because agents trust their infrastructure stack implicitly: if the router replaces a legitimate payment instruction with a malicious one, the agent signs and broadcasts it without suspicion. The researchers demonstrated the ability to compromise approximately 400 downstream hosts within hours through a single poisoned router.

Defense in depth: Mitigating LLM router attacks requires end-to-end encryption of payment payloads (so routers cannot read or modify them), hardware security modules for key operations, and independent verification of payment destinations before signing. No single control is sufficient: the attack surface spans the entire agent infrastructure stack.

Additional attack surfaces

  • Prompt injection: adversarial inputs that override an agent's spending policy, causing it to transfer funds to attacker-controlled addresses
  • Supply chain compromise: malicious dependencies in agent frameworks that exfiltrate wallet credentials during initialization
  • Oracle manipulation: feeding false price or service quality data to agents to manipulate their purchasing decisions
  • Replay attacks: resubmitting legitimate payment authorizations to drain agent wallets beyond intended limits

Market Scale and Trajectory

The machine-to-machine payment market is growing rapidly across multiple dimensions. The global M2M payment market was valued at $9.24 billion in 2025 and is projected to reach $54.95 billion by 2034, representing a 21.9% compound annual growth rate. McKinsey projects the broader agentic commerce opportunity at $3 to $5 trillion by 2030.

Enterprise adoption is already significant. A Google Cloud survey from September 2025 found that 52% of executives reported their organizations were actively using AI agents, with 39% having deployed more than ten agents. As these agents move from information retrieval to action execution, payment capabilities become essential infrastructure.

The stablecoin ecosystem supporting M2M payments reached over $400 billion in supply in 2026, with $33 trillion in total transaction volume during 2025. B2B stablecoin payments alone hit $226 billion annually in 2025, growing 733% year over year. This liquidity infrastructure is critical: M2M payments need deep, reliable stablecoin markets to function at scale.

What M2M Payment Infrastructure Needs Next

Despite rapid progress, several gaps remain before machine-to-machine payments can scale to their projected potential.

Identity without KYC

Agents need verifiable identities for accountability without requiring human-style identity verification. The A2A protocol's proposal for ledger-anchored identities is one approach: agents register on-chain identities that link to their operator's legal entity, creating accountability chains without requiring each agent to pass KYC individually.

Standardized discovery

Agents need to find, evaluate, and compare paid services programmatically. The x402 Bazaar MCP server and similar registries are early attempts, but the ecosystem needs convergence on service description formats, pricing schemas, and quality-of-service guarantees that agents can parse and act on autonomously.

Cross-chain settlement

M2M payments currently fragment across chains. An agent paying for a service on Base cannot easily settle with a provider expecting USDC on Solana. Cross-chain bridge infrastructure and multi-chain stablecoin standards (like Circle's CCTP) address this partially, but the agent experience remains far from seamless.

Low-fee, instant settlement layers

M2M payments amplify the importance of settlement layer economics. When transactions number in the millions per day at sub-cent values, even small per-transaction fees become material. Ethereum mainnet fees are prohibitive. L2 networks like Base reduce costs but still impose gas overhead. Bitcoin Layer 2 protocols that eliminate per-transaction gas entirely offer a structural advantage for high-frequency M2M settlement.

Spark's architecture is particularly relevant here. Its instant settlement, near-zero fees, and native stablecoin support (via USDB and other tokens) match the requirements of M2M payment flows without the channel management overhead that makes Lightning complex for autonomous agents. Developers building agent payment infrastructure can integrate Spark using the Spark SDK, which provides the wallet primitives needed for programmatic stablecoin transfers.

The Road Ahead

Machine-to-machine payments are transitioning from prototype to production. AWS, Stripe, Coinbase, and Mastercard (which launched Agent Pay in June 2026) are all building dedicated infrastructure for agents that spend money. The convergence on stablecoins as the settlement layer is not coincidental: stablecoins are the only payment medium that is simultaneously programmable, instant, cheap, final, and accessible to non-human actors without identity verification.

The security challenges are real and unsolved. Giving autonomous software spending authority creates attack surfaces that the security community is only beginning to map. The LLM router attacks documented in 2026 are likely the first wave, not the last. As the volume of autonomous transactions grows from $73 million toward the trillions projected by McKinsey, so will the incentives for attackers.

For developers building in this space, the tooling has matured significantly. Coinbase AgentKit, AWS AgentCore, and open protocols like x402 and MPP provide production-grade starting points. The deeper challenge is governance: defining the policies, limits, and audit mechanisms that keep autonomous spending aligned with human intent. For further technical context on the programmable money infrastructure underlying these systems, or to explore how AI agents interact with crypto payment rails, see the linked research.

This article is for educational purposes only. It does not constitute financial or investment advice. Bitcoin and Layer 2 protocols involve technical and financial risk. Always do your own research and understand the tradeoffs before using any protocol.