L402: The Payment Protocol for APIs

Samuel Alarco, CTO

Feb 6, 2024

Abstract image of L402 APIs

L402, previously referred to as LSAT, represents a pioneering protocol designed to facilitate the monetization of services and user authentication within distributed networks. This protocol ingeniously merges the robust authentication capabilities of Macaroons with the efficient payment solutions offered by the Lightning Network.

A bit of history…


The L402 protocol has its roots in the early architecture of the web, specifically in the concept of the HTTP 402 error code. This error code, labeled "Payment Required," was originally included in the HTTP specification with a vision for future internet-native payment systems. However, for many years, the 402 error remained largely underutilized, as there was no widely accepted digital payment mechanism that could be integrated seamlessly into web protocols.


The advent of Bitcoin and the Lightning Network, however, provided the missing piece of the puzzle, offering a decentralized, internet-native currency capable of facilitating microtransactions and rapid payments.


Building on this foundation, the L402 protocol emerged as a modern solution to activate the long-dormant potential of the HTTP 402 error. It was developed by Lightning Labs to address the need for a standardized method of charging for services and authenticating users in distributed networks, particularly in scenarios where traditional payment and authentication methods were cumbersome or inefficient. The protocol, initially known as LSAT (Lightning Service Authentication Tokens), combined the flexible and secure authentication capabilities of Macaroons with the efficiency and scalability of the Lightning Network's payment system.


This innovation marked a significant step forward in the practical application of HTTP 402, transforming it from a theoretical concept into a tool for building the machine-payable web of the future.


Building Blocks


The L402 protocol makes use of two key components.


Macaroons: Flexible authentication


Macaroons are a central component of the L402 protocol, serving as highly flexible and secure authentication tokens. Unlike traditional authentication methods like cookies, Macaroons offer several advanced features:

  • Contextual Caveats: Macaroons allow the embedding of "caveats" that constrain and specify the token's permissions. This feature enables fine-grained control over what actions an authenticated user can perform.

  • Delegability: They can be delegated or attenuated, meaning a Macaroon's permissions can be reduced or extended by the bearer under certain conditions, making them highly adaptable for various use cases.

  • Decentralized Verification: Macaroons can be verified using only a root key and basic cryptography, eliminating the need for a central database to check each token's validity. This aspect is particularly beneficial for distributed systems.



    Lightning Payments: Instant low-fee settlements


Lightning Payments are crucial for enabling instant, low-fee settlements within the protocol's framework. Their properties include:


  • Low Transaction Fees: Lightning Payments unlock exceptionally low transaction fees. This is particularly important for services that require small payments, where traditional transaction fees would be prohibitively high.

  • Scalability: The Lightning Network's design offers great scalability, capable of handling millions of transactions per second. This scalability is a perfect match for the L402 protocol's aim to support a high volume of transactions for web services.

  • Interoperability: The use of Lightning Payments within the L402 protocol ensures interoperability across different services and platforms. This opens up a wide range of possibilities for integrating various web services and enabling a cohesive ecosystem for internet-native payments.


By combining the flexible authentication provided by Macaroons with the efficiency and scalability of Lightning Payments, the L402 protocol establishes a robust framework for the monetization of services and authentication of users on the web.


Money moves as Data: A look at the protocol


The protocol is inspired on the HTTP 402 Request for payment and works in the following manner:



  1. Issuance of Macaroon and Invoice: The service provider issues a Macaroon, which includes a specific payment hash, along with a corresponding Lightning Network invoice.

  2. Payment by User: The user pays the invoice through the Lightning Network.

  3. Receipt of Preimage: Upon successful payment of the invoice, the user receives a cryptographic preimage, which serves as proof of payment.

  4. Activation of Lightning API Key: The user combines the received preimage with the initially issued Macaroon. This combination activates the Macaroon, turning it into a valid Lightning API Key.

  5. Presentation for Service Access: The user presents this activated Lightning API Key to the service provider in order to gain access to the service.

  6. Verification by Service Provider: The service provider verifies the integrity of the Macaroon and checks the embedded payment hash against the provided preimage. This step confirms both the user's identity and the completion of the payment.

  7. Access Granted: Upon successful verification, the user is granted access to the requested service, completing the transaction process.


Applications


Distributed, open access, interoperable API monetization through L402 can revolutionize the current API economy. Here are some use cases we are excited about.


  • APIs for AI agents: L402 enables AI agents to seamlessly pay for and access API services and data sources. This is an exciting paradigm shift where autonomous AI software will be the main consumers of the internet economy.

  • Monetization of Open-source Software: L402 enables the distribution of API access without sharing API keys or personal information. This is specially suitable for the monetization open-source software projects on a usage basis. Clients can freely pay for their own service in an anonymous, self-hosted manner.

  • Pay-per-usage Models: say goodbye to costly subscriptions. L402 enables flexible payment schemes such as pay-per-use, time-limited sessions (access for a couple of minutes!) and automated credit pools.


We at Sulu are excited for what builders like you will create next with L402. Let's build the future together!


Learn More


If you are interested in learning more about L402, check out our guided demonstration that will walk you through each step of the protocol.


References