ERC-8004 + feedbackAuth

Agent registration (EIP-7702) and feedbackAuth generation for on-chain reputation

The facilitator extends the x402 payment flow with ERC-8004 identity and reputation primitives:

  • Agent registration: mint/register an agent identity on-chain (ERC-8004 Identity Registry)

  • Feedback authorization (feedbackAuth): enable authenticated, client-submitted on-chain feedback after a paid request settles

Contracts

The facilitator needs contract addresses via env:

  • ERC8004_IDENTITY_REGISTRY_ADDRESS: ERC-8004 Identity Registry

  • DELEGATE_CONTRACT_ADDRESS: EIP-7702 delegation contract (see monorepo/facilitator/contracts/AgentRegistrationDelegate.sol)

ABIs are defined in monorepo/facilitator/src/config/contracts.ts.

Agent registration flow (EIP-7702)

Implementation: monorepo/facilitator/src/services/registerService.ts

  1. Agent signs authorization delegating to the delegate contract (EIP-7702).

    • Example client code lives in monorepo/facilitator/examples/v1-server/index.ts and examples/v2-server/index.ts.

  2. Client calls POST /register with:

    • agentAddress (the delegated EOA)

    • authorization (the signed authorization)

    • optional tokenURI + metadata

  3. Facilitator sends an on-chain tx with:

    • authorizationList: [authorization]

    • to: agentAddress

    • data: encodeFunctionData(delegate.register(...))

  4. Facilitator waits for receipt and decodes the Registered event to return agentId.

feedbackAuth flow (x402 v2 extension)

Implementation: monorepo/facilitator/src/services/feedbackService.ts plus the feedback extension hook in monorepo/facilitator/index.ts.

To request feedback auth generation, the paid resource should include an x402 v2 extension like:

After a successful v2 settlement, the facilitator:

  1. Extracts the payer address from the payment payload (authorization.from).

  2. Reads ownerOf(agentId) from the Identity Registry to determine the signer address.

  3. Builds a FeedbackAuth struct and computes the EIP-191 message hash.

  4. Requests a signature from the agent server (intended via feedbackAuthEndpoint).

  5. Stores { agentId, feedbackAuth } in-memory keyed by client address.

What is feedbackAuth?

In this implementation, feedbackAuth is encoded as:

  1. abi.encode(FeedbackAuthStruct)

  2. followed by a 65-byte ECDSA signature (r || s || v)

The struct fields (and ordering) are:

  • agentId (uint256)

  • clientAddress (address)

  • indexLimit (uint64)

  • expiry (uint256)

  • chainId (uint256)

  • identityRegistry (address)

  • signerAddress (address)

Current limitations (implementation notes)

The facilitator repo’s TODO.md calls out a few important gaps:

  • The v2 feedbackAuth is generated and stored in-memory, but not returned to the client yet.

  • The facilitator will only request a signature from the agent server when it can derive an origin from paymentPayload.resource.url. If that URL is missing/invalid, it falls back to local signing.

  • If the agent server can’t be reached, it falls back to signing with FACILITATOR_PRIVATE_KEY, which will not match ownerOf(agentId) unless the facilitator key is the agent owner key (and would produce an invalid signature on-chain).

PreviousAPINextTelemetry & x402 history

Last updated