TACEO launches confidential payments for x402 on Base Sepolia

TACEO has released a working implementation of confidential payments for x402, built on the startup's Merces protocol.

The launch adds privacy features to x402, an HTTP-native payment standard now overseen by the Linux Foundation and already used for on-chain transactions by developers and software agents.

The implementation is live on Base Sepolia and available through public software libraries. TACEO has also published a browser-based demonstration that lets users send a confidential x402 payment and inspect what information remains hidden on-chain.

x402 has attracted backing from major technology and payments groups. Founding members of the x402 Foundation include Coinbase, Cloudflare, Stripe, Google, Microsoft, Visa, Mastercard, AWS, American Express, Circle and Shopify.

According to TACEO, more than 140 million x402 transactions have already been processed, with annualised on-chain volume above USD $600 million. That growth has intensified debate over one of the standard's central weaknesses: ordinary x402 payments settle publicly on-chain, leaving transaction amounts, wallet addresses and timestamps visible.

For businesses, that can expose pricing, customer concentration and revenue trends. For companies deploying autonomous software agents, frequent transactions can also reveal supplier relationships and operating patterns.

Privacy gap

TACEO's Merces protocol uses multi-party computation and zero-knowledge proofs to conceal transaction amounts and account balances while still recording cryptographic commitments on-chain. It also supports selective disclosure, allowing auditors and regulators to verify transactions without access to the underlying user data.

The x402 integration is designed to work alongside the standard's existing payment flow rather than requiring a separate blockchain or migration to another network. TACEO said proof verification runs at about 300,000 gas, while proof generation takes around 60 milliseconds in a browser.

The system relies on distributed computation across independent nodes on the TACEO Network rather than trusted hardware or a single operator. Participating operators include Nethermind and the Czech Technical University in Prague.

TACEO argues that privacy is essential if x402 is to move beyond experimental use into broader business payments. Public-by-default settlement may suit some crypto-native applications, but companies typically do not want routine payments to reveal commercial relationships or negotiated rates.

The startup linked that case to rising interest in payments infrastructure for software agents and stablecoins. It also pointed to comments from investors in the sector that institutions will be reluctant to scale blockchain activity if sensitive payment information remains permanently visible.

Commercial record

Merces has supported confidential payments since November 2025, according to TACEO. The protocol has processed roughly five million demo transactions and has been benchmarked at 300 transactions per second.

TACEO also said Merces is built on the same underlying multi-party computation stack used by World ID for iris verification. According to the company, World ID's system is used by 18 million people across 160 countries.

The launch marks an effort by a smaller cryptography company to establish itself in the infrastructure layer forming around machine-driven internet payments. x402 has emerged as one of the more closely watched standards in that push because it ties payments directly to HTTP requests and responses, allowing software agents to pay for digital services within a native web workflow.

That prospect has drawn attention well beyond the crypto sector. Cloudflare has said its network serves more than a billion HTTP 402 responses a day, suggesting a potentially large addressable market if developers can turn payment prompts into routine web transactions.

TACEO's release does not yet make every aspect of x402 private. Full privacy for sender and receiver addresses remains on the roadmap for the x402 integration, although TACEO said the broader Merces stack already supports that feature outside this deployment.

The current release instead focuses on hiding payment amounts and balances while preserving compatibility with the existing x402 flow. That could make it easier for developers to test privacy features without redesigning their applications around an entirely new payments model.

According to TACEO, the underlying academic work has also been published, along with a security proof and benchmark data covering roughly five million demo transactions. That may matter for enterprises and developers assessing whether confidential payments can be introduced without undermining the auditability and compliance checks expected in regulated settings.

"x402 is the most serious attempt to put a payment layer into the internet since the original HTTP specification reserved that status code thirty years ago. The piece it has been missing is privacy. No business runs payroll, treasury or B2B flows on rails where every counterparty and every competitor can see every payment. People expect the same level of confidentiality from x402 that they already get from a credit-card transaction. With TACEO Merces we now have a working implementation that delivers exactly that, with the same developer experience x402 already offers, no trusted hardware, and no migration to a new chain", said Lukas Helminger, CEO and Co-Founder of TACEO.