L402

• Name: L402
• URL: https://www.l402.org/
• Category: HTTP payment-authentication protocol / Lightning micropayments standard / paid-API infrastructure
• Tags: bitcoin-ecosystem
• Summary: L402 is a Lightning-flavored paid-request handshake. A server returns 402 with a Lightning invoice and macaroon, the client pays, then comes back with a credential backed by the payment preimage. Treat it as paid-access infrastructure for APIs and machine buyers, not as a general merchant-payments system.
• What it does:
  • Defines a challenge-response flow where a server returns HTTP 402 Payment Required plus a macaroon and Lightning invoice when a paid resource is requested
  • Lets clients pay the invoice, obtain the preimage as proof of payment, and replay the request with an Authorization: L402 credential
  • Uses macaroons bound to the invoice payment hash so servers can verify payment statelessly
  • Supports caveats, attenuation, and delegation so narrower permissions can be passed on without minting a whole new account model
  • Specifies both HTTP and gRPC flows for paid service access
• Key claims:
  • Lightning Labs describes L402 as an open protocol for paying for and authenticating access to APIs and services over the internet using Lightning
  • The canonical flow is WWW-Authenticate on the challenge side and Authorization on the credential side, which is the strongest clue that this is a reusable paid-access handshake rather than a wallet UX feature
  • The protocol spec emphasizes stateless verification by binding the macaroon to the payment hash and checking it against the revealed preimage
  • The docs position L402 for paid APIs, computational resources, and agent commerce rather than ordinary merchant checkout
  • Aperture is useful context, but it is an implementation surface underneath the protocol, not the whole story
• Whitepaper: No separate standalone L402 whitepaper or litepaper surfaced in this pass. The clearest current source of truth was the L402 docs site, the canonical Lightning Labs README and protocol specification, the authentication-flow docs, and Lightning Engineering’s builder guide; see ../../whitepapers/l402-primary-sources-2026-05-02.md.
• Sources:
  • https://www.l402.org/
  • https://docs.l402.org/
  • https://raw.githubusercontent.com/lightninglabs/L402/master/README.md
  • https://raw.githubusercontent.com/lightninglabs/L402/master/protocol-specification.md
  • https://raw.githubusercontent.com/lightninglabs/L402/master/docs/authentication-flow.md
  • https://docs.lightning.engineering/the-lightning-network/l402

Internal linkages

• Closest protocol peers: x402 and machine-payments-protocol

• Account-discovery contrast: open-payments

• Last reviewed: 2026-05-25 UTC