Subly LogoSubly

Use Now,Pay Never.

Privacy protocol for agents.

Deposit once. Earn yield. Pay for agent API calls without revealing who you paid.

Run the live demo
Live demo · Solana devnet

Live Demo.Same API call. Different on-chain trail.

Press through the flow. With official x402, each call settles as a direct USDC transfer from the buyer's wallet to the seller, so anyone reading the chain can see exactly which buyer paid which seller. Subly-x402 keeps the same HTTP flow, but hides the link between buyer and seller on-chain by routing settlement through the Private Shared Vault.

The live proof below calls the same Seller twice: once through official x402, once through Subly-x402. The API response is identical. What changes is the visible on-chain trail and whether any observer can tell who paid whom.

Press to reveal the on-chain trail

Buyer asks for the same paid API.

Both paths start with a normal HTTP request and a 402 challenge. The privacy difference starts with where the payment is allowed to settle.

Official x402 path

Official x402

Link exposed
Buyer wallet
Buyer
Buyer -> Sellerdirect tx
Seller wallet
Seller
Payment flow
Buyer pays Seller directly

When the proof runs, the buyer pays the seller directly. That direct transfer is what becomes visible onchain.

idle
What happens

The seller's 402 challenge points the buyer at a seller payTo account.

Visible on-chain tx

Waiting for direct payment

What an observer learns

Nothing until settlement

Buyer ↔ Seller link

Payment not broadcast yet

Privacy-preserving x402 path

Subly-x402

Link reduced
Buyer wallet
Buyer
Buyer -> Vaultvault deposit
Private Shared Vault
Vault
Vault -> Sellerseller payout
Seller wallet
Seller
Payment flow
Buyer funds Vault, then Vault pays Seller

The first highlighted step is the buyer depositing into the Vault. The seller payout only lights up once the Subly-x402 batch settles.

idle
What happens

The seller's 402 challenge points the buyer at an attested Subly vault policy.

Visible on-chain tx

Waiting for vault deposit

Hidden from observers

Vault deposit not made yet

Seller payout

Not paid out yet

Live on-chain proof · Solana devnet

Press Run live demo to fill the flow above with real Solana devnet transactions. Below you can verify the Vault, Signer, and Policy this demo is using, plus the confirmed tx hashes once the run completes.

Demo batch window

This hosted proof targets an approximately 1 minute Subly-x402 batch so the Vault payout to the seller is visible during the demo. Public deployments should use longer anonymity windows. Low-volume 1 minute batches can make participant correlation easier.

Live attestation
Vault
n/a
Signer
n/a
Policy
n/a
Vault ATA
n/a
Faucet
100.000000 USDC
Buyer
n/a
Seqno
n/a
Result

A real devnet run returns both Seller route calls, funding txs, the x402 settlement tx, the Subly vault deposit tx, and the Subly settlement id.

No wallet install required for this hosted demo.
Test USDC faucet

Paste a Solana devnet wallet address. The server creates the associated USDC token account if needed and sends 100.000000 USDC.

▌ For developers

Two npm packages.

Subly-x402 ships as two open-source packages — a Buyer SDK and Express middleware for Sellers. Drop them into any TypeScript project. There is no API key, no gatekeeper.

Install

One npm install and you're an x402 buyer or seller.

npm subly402-sdknpm subly402-express
zsh: install
$ npm install subly402-sdk subly402-express
Seller
One middleware route per path · receiving wallet only
Official x402
app.use(x402PaymentMiddleware({
  "GET /x402/weather": {
    accepts: [{
      scheme: "exact",
      network: "solana:EtWTRABZaYq6iMfeYKouRu166VU2xqa1",
      payTo: process.env.SELLER_WALLET!,
      price: {
        asset: process.env.SUBLY402_USDC_MINT!,
        amount: "1100000",
      },
    }],
  },
}, officialX402ResourceServer));
Subly-x402
const sublyResourceServer = new Subly402ResourceServer(facilitator)
  .register("solana:devnet", new Subly402ExactScheme());

app.use(sublyPaymentMiddleware({
  "GET /subly/weather": {
    accepts: [{
      scheme: "exact",
      price: 1100000,
      network: "solana:devnet",
      sellerWallet: process.env.SELLER_WALLET!,
    }],
  },
}, sublyResourceServer));
Buyer
@solana/kit signer · autoDeposit hook for Subly-x402
Official x402
const x402Client = new X402Client()
  .register(
    "solana:EtWTRABZaYq6iMfeYKouRu166VU2xqa1",
    new X402ExactSvmScheme(buyer, { rpcUrl })
  );
const x402Fetch = wrapX402FetchWithPayment(fetch, x402Client);
await x402Fetch("http://seller.demo.sublyfi.com/x402/weather");
Subly-x402
const client = new Subly402Client({
  trustedFacilitators: ["https://api.demo.sublyfi.com"],
  autoDeposit: {
    maxDepositPerRequest: "1100000",
    deposit: async ({ amountAtomic, details }) => {
      await depositIntoSublyVault({ amountAtomic, details });
    },
  },
  policy: { maxPaymentPerRequest: "1100000" },
}).register("solana:*", new Subly402ExactScheme(buyer));
const sublyFetch = wrapSublyFetchWithPayment(fetch, client);
await sublyFetch("http://seller.demo.sublyfi.com/subly/weather");
▌ Problem

AI agents can pay automatically.
Two things are still missing.

x402 lets agents pay providers over HTTP. It still leaves two gaps — durable funding and payment privacy.

01

Funding still depends on a human.

An agent's wallet runs out. A human has to top it up. Then it runs out again. The autonomy stops the moment the balance hits zero, and somebody has to be there to refill it.

02

x402 ties the Buyer to the Seller.

Every x402 payment settles as a direct transfer from Buyer to Seller on-chain. Anyone can see what an agent bought, who it paid, and when. That is not privacy-preserving payment infrastructure.

▌ Solution

Deposit once. Earn yield. Pay agents privately.

Turn yield into agent payments without exposing who your agent paid.

An agent deposits USDC into Subly once. The vault earns DeFi yield that pays for x402 calls while the principal remains withdrawable. Settlement flows through an on-chain shared vault, and a TEE keeps per-buyer accounting private while scheduling payouts. The direct Buyer-to-Seller link that x402 normally exposes disappears.

01 · Capital

One deposit, ongoing payments.

The agent transfers USDC into the Subly vault once. Principal stays in your custody and can be withdrawn at any time.

Deposit required
02 · Yield

Yield funds the payments.

Deposited capital earns yield in DeFi, with a 10%+ APY target. Yield, not principal, funds your agent's calls.

10%+
APY target
03 · Privacy

Buyer-to-Seller link removed.

Buyers and sellers still use x402-style HTTP. Payments flow into the on-chain shared vault first. The TEE keeps the per-buyer ledger off-chain and triggers delayed vault payouts, so the direct on-chain link disappears.

0
Buyer/Seller links

How it works.

fig. 02 · capital flow
  1. $01
    DEPOSIT

    Deposit once.

    The agent makes one USDC transfer into the shared Subly vault. After that, payments can keep running without manual top-ups.

  2. %02
    EARN

    Earn yield.

    The vault routes capital into DeFi with a 10%+ APY target. Principal stays put, and yield funds the agent's calls.

  3. 03
    PAY

    Pay providers.

    Buyers call providers through x402-style HTTP. A TEE keeps per-buyer accounting private and schedules batched vault payouts, so observers cannot link Buyer to Seller.

▌ Privacy

How the Buyer ↔ Seller link breaks.

Subly's on-chain programs, including the Shared Vault, are encrypted by Arcium. The per-buyer ledger lives inside an AWS Nitro Enclave. Once Solana's Confidential SPL transfers reach mainnet, Subly plans to integrate them so vault transfer amounts can also stay private.

On-chain privacy
Arcium

Subly's on-chain programs, including the Shared Vault that holds user funds, are encrypted by Arcium. Solana executes them and verifies the result, but never sees their internal state in the clear.

Off-chain ledger

AWS Nitro Enclave

When a buyer deposits into the Shared Vault, the per-buyer accounting that tracks who spent what is kept inside an AWS Nitro Enclave. Balances live in attested memory, and the host machine only ever sees ciphertext. The same ledger can be opened to a regulator or auditor on the buyer's terms.

Coming next

Confidential SPL

Solana's upcoming Confidential SPL transfers will keep transfer amounts hidden on-chain. Once they ship to mainnet, Subly plans to integrate them so the amounts moving through the Shared Vault can also be kept private.

▌ Market

Sizing the agent payment market.

Autonomous agents are about to become the largest single consumer of paid APIs.

Subly starts with API Payments via AI Agents: the per-call API payments an agent makes through x402-style HTTP 402. From there, it can grow into the broader agent economy.

TAMAI Agent Economy
$100B
SAMStablecoin-based Agent Payments
$10B
SOMAPI Payments via AI Agents
$100M
▌ Waitlist

Join the waitlist.

Join early access for AI agent builders.