How does NLx402 use Phantom wallet signatures?

Users sign a short message with Phantom to prove control of a wallet. NLx402 verifies the signature server-side, anonymously registers the wallet, and issues 402 quotes and API keys bound to that address—without collecting personal information or traditional login credentials.

Which Solana tokens can I use with NLx402?

NLx402 is designed to work with any supported Solana token registered with your backend, including THRT, SOL, USDC and other SPL tokens that appear in the connected wallet.

How does NLx402 prevent tampering with 402 quotes?

Every NLx402 quote is bound to a single-use nonce and a security hash that encodes the mint, amount, recipient and expiration time. When a client pays on-chain, the server verifies the transaction details and compares them to the original hash. If anything is changed, the hash fails and the unlock is rejected.

Do you charge a fee to use NLx402?

No. NLx402 is free to use and operated by the Perkins Cybersecurity Educational Fund as a nonprofit, privacy-first x402 facilitator. There are no per-transaction facilitator fees, and support is funded through sponsors and optional donations.

NLx402: Nonce Locked x402

Q: What is NLx402 (Nonce Locked x402)?

NLx402 is a free, nonprofit Solana 402 paywall facilitator that issues nonce-locked, hash-bound quotes for token payments. Each quote encodes the mint, amount, recipient and expiry in a security hash and is verified against the on-chain receipt before protected data is unlocked.

Meet NLx402 (Nonce Locked x402) — a hash-bound 402 quote with a single-use nonce and fast expiration. Every quote is tied to a specific Solana payment intent and validated against the on-chain receipt using a Phantom wallet signature, not a traditional login.

NLx402 is designed as a Solana paywall API for Traceix and THRT: you use Phantom to anonymously register and obtain an API key, and then get explicit server-side verification that the mint, amount, recipient, and expiry match the original quote before any 402-protected data is unlocked — all with zero facilitator fees.

! Trust nobody, not even the blockchain.

NLx402 treats the blockchain as just one signal. Quotes are locked to a nonce, hash, and expiry and re-verified server-side before anything is accepted — with anonymous wallet-based registration instead of accounts or passwords.

THRT overview

Waiting for Phantom wallet…

Checking NLx402 API status…

Show debug payloads (dev only)

NLx402 at a glance

Hash-bound quotes: Each NLx402 quote is tied to a specific security hash that encodes the mint, amount, recipient, and expiry for your Solana token payment.
Single-use nonce: Quotes carry a single-use nonce issued per wallet. Once redeemed or expired, it's invalid forever, reducing replay risk for 402 payments.
Fast expiration: Quotes are time-boxed. Even if a signature leaks, the underlying Solana payment intent decays quickly, keeping your paywall safer.
Receipt verification: Server-side code verifies the on-chain receipt. If a client swaps mint, amount, or recipient, the hash fails and the Solana transaction is rejected for unlock.

Kept free thanks to our sponsors

NLx402 is operated by PCEF and stays 100% free of facilitator fees thanks to organizations and individuals who support open security tooling.

Loading sponsors…

Want to help keep NLx402 free?

Sponsor us

What is NLx402 (Nonce Locked x402) for Solana?

NLx402 is a Nonce Locked x402 quote flow for Solana tokens and Traceix. It issues short-lived, hash-bound quotes for 402-style paywall payments that can be verified independently of the client using on-chain Solana receipts and a server-side security hash.

Instead of trusting the browser, you lock every quote to a wallet, nonce, mint, amount, and expiry. NLx402 then verifies the Phantom-signed wallet registration and the Solana transaction before your API releases any protected resource — keeping users anonymous while keeping payments tamper-resistant.

Step 1

Issue a 402 quote

Backend generates a 402 quote: wallet, mint, amount, expiry, and a random nonce. All of this is folded into a security hash that NLx402 stores server-side.

Step 2

Verify & unlock the paywall

Server checks the on-chain receipt and the hash. If anything changed — mint, amount, destination, or nonce — the unlock is rejected and the 402 endpoint stays protected.

Step 3

Pay on-chain with Solana

Client pays the quote on-chain using the token they selected (any supported Solana token, for example THRT, SOL, or USDC). The transaction reference and wallet are captured and sent back to the server with the hash.

Technical overview (for implementers)

At a protocol level, NLx402 is a three-stage pattern built around a wallet-bound API key, a single-use nonce, and a server-side security hash:

Anonymous wallet registration. The user signs a short message in Phantom that includes a nonce and timestamp. NLx402 verifies the signature server-side, binds a short-lived session to the wallet address, and mints an API key that is effectively wallet_id + selected_mint — no email, username, or password required.
Nonce-locked quote + security hash. When your backend requests a 402 quote with that API key, NLx402 looks up the registered wallet and mint, calculates the required token amount for your logical price, generates a random nonce and expiry, and derives a deterministic security hash over the quote fields. That hash is stored server-side and associated with the nonce.
Tamper detection via re-derived hash. Before any on-chain payment is honored, your client (or server) sends the quote back to NLx402 as verification input. NLx402 rebuilds the quote on its side, re-derives the same security hash, and compares it to the original. If any field was altered — amount, mint, recipient, nonce, or expiry — verification fails and that nonce can’t be used to unlock anything.
On-chain receipt + nonce gating. Once a quote has been verified, your backend calls the protected resource with a payment header that contains the Solana transaction and nonce. NLx402 checks that the nonce was previously verified, hasn’t expired, hasn’t been used before, and that the on-chain transfer matches the locked quote (mint, amount, destination). Only then is the 402 resource released.

The end result: your application only needs to care about a wallet_id, a token mint, and an API key. NLx402 handles nonce lifecycles, security hashes, and transaction validation so your paywall remains anonymous, deterministic, and hard to tamper with.

NLx402 FAQ

Common questions about the NLx402 Solana 402 paywall API, Phantom wallet signature flow, and how nonce-locked quotes work with Traceix and THRT while keeping users anonymous.

Is NLx402 only for THRT or any Solana token?

NLx402 is built to be token-agnostic. It works great with THRT, but you can also register and accept other Solana tokens like SOL, USDC, or custom SPL mints as long as they are supported by your backend.

Do I need Phantom to use NLx402?

Phantom is the primary wallet used in this reference flow. You sign a message once to prove wallet ownership, and NLx402 uses that signature to anonymously register your wallet and issue an API key—no username, password, or KYC required.

What happens if someone tampers with the quote?

If a client changes the mint, amount, or recipient before paying on-chain, the transaction will not match the original security hash stored by NLx402. The verification step fails and the 402-protected resource is never unlocked.

Do you charge a fee?

No. NLx402 is free to use thanks to the generous sponsors of PCEF. If you'd like to support ongoing development, donations in any Solana token are welcome at the $THRT treasury wallet: GwtbzDh6QHwVan4DVyUR11gzBVcBT92KjnaPdk43fMG5. All donations are tax-deductible and help fund continuous improvements to NLx402 and Traceix.