Gas-Free Nanopayment Infrastructure for AI Agents on TON

Sub-Cent Payments
at Machine Scale

Offchain Ed25519 Signing · Phala TEE Aggregation · Onchain Batch Settlement · x402 Protocol

CyberNanoPay lets AI agents make instant, gas-free USDT micropayments on TON. Agents sign offchain, a Phala TEE aggregator verifies and batches, then settles periodically onchain. Payments as small as $0.000001 — economically viable, cryptographically verifiable.

$0.000001

Min Viable Payment

0 Gas

Per Payment

~1ms

TEE Verification

5000+

Payments per Batch

x402

HTTP Protocol

THE PROBLEM

Why Existing Rails Fail

AI agents need to pay for API calls, compute, data, and services — often thousands of times per day at sub-cent amounts. Current solutions don't work.

Gas > Payment

On-chain transactions cost ~$0.01 in gas. When the payment itself is $0.001, gas is 10x the value. Micropayments are economically impossible.

Too Slow

Block confirmation takes seconds. Agents making thousands of API calls per day can't wait for each payment to finalize on-chain.

Not Agent-Native

Traditional payment rails require human interaction, KYC, and manual approval. Autonomous agents need programmable, permissionless payment infrastructure.

THE SOLUTION

How CyberNanoPay Works

Offchain speed meets onchain security. One deposit, unlimited gas-free payments, periodic batch settlement.

01

Deposit USDT

One-time on-chain deposit to the CyberGateway smart contract on TON. This is the only on-chain tx the buyer ever needs.

02

Sign Offchain

For each payment, agent signs an Ed25519 authorization. Zero gas, instant — like signing a check. Includes nonce for replay protection.

03

TEE Verifies

Phala TEE aggregator verifies signature, enforces spending policy, deducts balance, issues TEE-signed receipt with Merkle proof.

04

Batch Settle

TEE periodically submits batchSettle() to the contract. Bilateral netting reduces transfers. Thousands of payments, one on-chain tx.

SYSTEM DESIGN

Architecture

Six modules, one protocol. Each component is independently deployable and testable.

AI Agent (Buyer)

SDK: signAuthorization() · payAndFetch() · x402 auto-flow

ED25519 SIGNATURE · OFFCHAIN

x402 HTTP Gateway

requirePayment() middleware · 402 → sign → retry → 200

VERIFY · DEDUCT · RECEIPT
Phala TEE Aggregator

TDX Enclave · Remote Attestation · Tamper-Proof State

verifier.ts

Ed25519 Verify

ledger.ts

Balance Ledger

batcher.ts

Bilateral Netting

receipt.ts

COSE_Sign1 + Merkle

settler.ts

Batch Submit

listener.ts

Chain Events

attestation.ts

TDX Attestation

store.ts

SQLite Audit Log

BATCH SETTLE · ONCHAIN
CyberGateway Contract (Tact / TON)

Jetton TEP-74 · Ed25519 Verification · Batch Execution

Deposit

Jetton → Balance

BatchSettle

TEE Sig → Transfers

Withdraw

2-Phase + Cooldown

HITL

Approve / Reject

Sellers

Receive USDT via batch settlement

Telegram Bot + Mini App

HITL approval · Wallet · Balance · Policy

TRUST MODEL

Why TEE + Verifiable Batching

Traditional payment channels require on-chain state for every update. TEE eliminates that overhead while preserving verifiability through hardware-level isolation and cryptographic receipts.

Tamper-Proof Execution

Code runs inside Intel TDX enclaves on Phala Network. Even the server operator cannot read or modify the aggregator's state. Balances, nonces, and keys are cryptographically sealed.

Remote Attestation

Anyone can verify the exact code running inside the enclave via the /attestation endpoint. TEE public key, platform info, and code hash are all publicly auditable.

Verifiable Receipts

Every payment produces a COSE_Sign1-style TEE-signed receipt with Merkle proof inclusion. Receipts link to the on-chain batch_data_hash, enabling independent verification.

TEE-Signed Receipt (COSE_Sign1-style) 
{
  "version": "CyberNanoPay:receipt:v2",
  "protected": {
    "alg": "EdDSA",
    "teePlatform": "phala-tdx",
    "teeCodeHash": "a1b2c3...",
    "teePubkey": "d4e5f6..."
  },
  "payload": {
    "from": "EQ...", "to": "EQ...",
    "amount": "1000",
    "merkleProof": { "index": 3, "root": "..." }
  },
  "signature": "ed25519-sig-hex"
}
CAPABILITIES

Key Features

x402

x402 Protocol Compatible

HTTP 402 native payment flow: request → 402 → sign → retry → 200. Any API can be paywalled with one middleware. Agents pay for resources the same way browsers handle auth — via HTTP headers. Fully compatible with the emerging x402 standard.

NETTING

Bilateral Netting

Batch settlement applies bilateral netting to minimize on-chain transfers. If A→B $3 and B→A $1, only A→B $2 is settled on-chain. Large payments get additional on-chain user signature verification via VerifiedBatchSettle.

Spending Limits

Per-agent max per payment, daily caps. Enforced at both TEE and contract level.

Human-in-the-Loop

Large payments trigger Telegram approval with inline ✅/❌ buttons. Humans stay in control.

Delegate Mechanism

Authorize another address to spend on your behalf. Ideal for agent-operator separation.

2-Phase Withdrawal

Initiate → cooldown → complete. Configurable delay prevents instant drain attacks.

DEVELOPER EXPERIENCE

SDK & Integration

Buyer SDK for agents, x402 gateway middleware for sellers. Integrate in minutes.

Buyer Agent — SDK 
import { CyberNanoPayBuyer } from "cyber-nano-pay-sdk";

const buyer = new CyberNanoPayBuyer({
  keypair: myEd25519Keypair,
  address: "EQ...",
  gatewayUrl: "https://gateway.cyberpay.dev"
});

// Automatic x402 flow: request → 402 → sign → retry
const res = await buyer.payAndFetch(
  "https://api.example.com/ai/generate"
);

// Or sign manually for custom flows
const auth = buyer.signAuthorization({
  to: sellerAddress,
  amount: 1000n
});

payAndFetch() handles the full x402 cycle automatically.

Seller — x402 Gateway Middleware 
import { requirePayment } from "cyber-nano-pay-gateway";

// One line to paywall any endpoint
app.get(
  "/api/premium-data",
  requirePayment({
    amount: "1000",   // 0.001 USDT
    to: "your-ton-address"
  }),
  (c) => c.json({ data: "premium" })
);

// Flow:
// No payment header → 402 + requirements
// Has payment header → TEE verify → 200

One middleware, instant API monetization. HTTP 402 standard.

SECURITY MODEL

Defense in Depth

Multiple layers of protection — from hardware isolation to cryptographic verification to human oversight.

TEE ISOLATION

Balances and nonces live inside Phala TDX enclave. Operator cannot read or modify state.

REPLAY PROTECTION

Every payment has a unique 32-byte nonce. Used nonces are tracked in the TEE ledger.

DUAL VERIFICATION

Ed25519 signatures verified both offchain (TEE) and on-chain (contract). Double-checked at every layer.

BATCH RETRY

Failed settlements retry with exponential backoff (max 5 attempts) before flagging for manual intervention.

COMPARISON

Why Not Just Send On-Chain?

Direct On-Chain CyberNanoPay
Gas per payment ~0.01 TON (~$0.01) 0 (offchain signing)
Min viable payment ~$0.01 (gas floor) $0.000001
Confirmation speed ~5s (block time) ~1ms (TEE verify)
Throughput Limited by chain TPS 5000+ per batch
Trust model Fully on-chain TEE attestable + on-chain settlement
Receipt Tx hash TEE-signed + Merkle proof
TECH STACK

Tact

Smart Contract

Phala TDX

TEE Runtime

TypeScript

Backend

Hono

HTTP Framework

grammY

Telegram Bot

TweetNaCl

Ed25519 Crypto