An AI agent holding nothing but a crypto wallet can discover a price sheet (HTTP 402), pay USDC on Base or Solana, and receive a working mobile-proxy credential in seconds. The supply behind that credential registered itself through open SDKs, was health-graded by autonomous probes that tunnel through it like a real customer, was listed for sale by a cron that runs every minute, and is metered and capped by the same billing pipeline human resellers use. The network's own AI observes, diagnoses, fixes, and deploys improvements to all of it.
No human is in the purchase loop. Humans sit at exactly the gates where they should: money movement, authentication changes, mass deletion, infrastructure.
That is the whole thesis. The rest of this page is how each stage actually works, with the real endpoints, the real failure modes we hit, and the constraints we have not solved yet. Everything here is verifiable against the live API - see section 10.
1. SUPPLY a phone, desktop, or modem registers itself POST /v1/peer/register
2. TRANSPORT relays mesh it to the nearest region WSS + WireGuard, server-steered
3. GRADING a probe tunnels through it like a real customer CONNECT + TLS + throughput
4. LISTING an every-minute cron lists healthy peers, listedForSale flips itself
delists broken ones
5. SALE an AI agent pays USDC against an HTTP 402 GET/POST /v1/x402/pool
6. METERING every byte is counted in 5-second flushes; credential suspends itself at cap
7. SETTLEMENT suppliers accrue per-GB earnings at rates are live data, not constants
admin-set rates
8. UPKEEP the network's own AI maintains the loop, human-gated, kill-switchable
under hard guardrails
Four hops separate a customer request from an exit device. Each hop is owned by a different subsystem with a single responsibility.
[Android / Node / Go / Windows peers] [standalone modem farms]
| |
| WSS, JWT in Sec-WebSocket-Protocol | HTTP (per-modem ports)
v |
+----------------+ |
| Relay EU | |
| Relay US |<--- WireGuard mesh --+ |
+----------------+ (private net) | |
^ v v
| binary tunnels +---------------------------+
| | Pool Gateway |
peers dial the | gw.proxies.sx:7000 HTTP |
NEAREST relay; | :7001 SOCKS5 |
the relay can move +---------------------------+
them at runtime ^ |
(relay_redirect) | v
+-----------------------+
+----------------+ probes, | Redis endpoint pool |
| Backend API | rollups, | atomic Lua selection |
| api.proxies.sx|------------->| per-endpoint caps |
+----------------+ auto-list +-----------------------+
| Hop | What it does | Key property |
|---|---|---|
| Peer SDKs | Phones, desktops, and servers run an open SDK (Android, Node.js, Go, Windows) that speaks one relay protocol: register, open a WebSocket with the JWT in Sec-WebSocket-Protocol, serve binary tunnels. | One protocol, four faithful ports. The reference implementation is public. |
| Relays | Regional WebSocket hubs (EU, US) hold the persistent connections to every peer. Registration geo-routes a peer to its nearest relay; if a peer lands on the wrong one, the relay itself sends a relay_redirect and the peer reconnects to the right region at runtime. | Routing is fully server-controlled. Adding a new region migrates the fleet on next connect, with zero supplier action. |
| Gateway | gw.proxies.sx terminates customer proxy connections (HTTP :7000, SOCKS5 :7001), authenticates against the backend, and dials the chosen exit over the private WireGuard mesh. | One credential, every country: routing is selected per request from a username DSL, not per-purchase. |
| Selection | Endpoint choice is an atomic Redis Lua script over a live pool: country and pool-type filters, per-endpoint connection caps derived from measured speed, random tiebreak within the top-scored set. | The hot path never touches the primary database. Selection is O(pool) in Redis with no race conditions. |
The proxy username itself is the routing request. It is lowercased and split on -, so no token value may contain a hyphen:
psx_<account>-<pool>-<country>[-sid-<8-64 a-z0-9_>][-rot-<mode>][-carrier-..][-city-..]
# pool: mbl (production modems) | peer (community devices)
# rot: sticky | hard | auto5 | auto10 | auto20 | auto60 | ondemand
# example: psx_x402pool-mbl-us-sid-myjob123-rot-stickyTwo honest sharp edges, by design: (1) sticky pins the MODEM, not the IP - mobile carriers re-issue NAT egress IPs on their own schedule, so a perfectly pinned modem can still surface different exit IPs. For a held IP you want a residential peer or a dedicated modem. (2) stickiness requires a -sid- - without a session id, every connection is a fresh pick. We publish both caveats inside the API responses themselves, because an agent that learns them from an error is an agent we lied to.
Full token reference: /skill.md. Live per-country inventory (counts only, never IPs): GET https://api.proxies.sx/v1/gateway/pool/stock.
Nobody provisions a peer. A device running any of the SDKs calls POST /v1/peer/register (or the agent path POST /v1/peer/agents/register) and appears in inventory. As of June 2026 roughly 42,000 devices have registered across 82 countries.
Registration is where the first trust decision happens, and it is made server-side:
| Decision | How | Why it matters |
|---|---|---|
| IP class (mobile / residential / datacenter) | Server-side ASN lookup on the connecting IP. The device-reported type is ignored. | The IP class sets the payout tier. A self-reported class would be a fraud vector; an ASN-derived one is not. |
| Earnings rate | Returned in earningsPerGB in the register response, read live from admin-mutable settings. | Rates are data, not documentation. We deliberately never hardcode them anywhere, including this page. |
| Relay assignment | GeoIP at register, corrected at runtime by relay_redirect. | A US peer on the EU relay measures ~3% of its real throughput. Geography is a correctness issue, so the server owns it. |
Registration is rate-limited per IP, devices are capped per supplier key, JWTs expire in 1 hour with revocation generations, wallet changes carry a 7-day cooling period, and withdrawals only ever pay the registered wallet. Supply that onboards itself has to be supply that cannot cheaply lie about itself.
A network of self-registered consumer devices is a network where most things are broken most of the time. That is not a flaw to hide; it is the design constraint the whole quality system is built around. The loop has four mechanisms.
The first probe generation tested peers with simple HTTP forwards - and passed devices that failed every real customer request, because real traffic is CONNECT-tunneled TLS, and a common SDK failure mode dies exactly at the TLS handshake inside the tunnel. The lesson is now doctrine: measure the signal the customer experiences, not a proxy for it.
Probe v2 opens a raw TCP connection to the relay, issues a CONNECT through the peer, performs a TLS handshake over the tunnel, then fetches a real body and measures throughput. Each probe records:
probeMode: connect_v2 tlsHandshakeMs: where broken SDKs die throughputKBps: body bytes / time (only when the body is large enough to be meaningful) speedTier: fast | medium | slow | unknown failureReason: stable codes, e.g. tls_dropped_*, probe_overall_timeout, no_exit_ip
Speed tiers translate directly into capacity caps in the Redis pool, so a slow peer physically cannot be oversubscribed:
| Tier | Max connections | Max concurrent customers |
|---|---|---|
| fast | 4 | 2 |
| medium | 3 | 1 |
| slow / unknown | 2 | 1 |
| production modem | 6 | 3 |
The subtle failure of quality gates is not letting bad peers in - it is never letting recovered peers back. Two real bugs taught us that:
The current gate uses consecutive recent successes: two clean passes in a row readmit a peer, regardless of history. Demotion stays fast (three consecutive failures delist), readmission is history-free, and both directions are pure code - no human backfills.
An auto-list cron runs every minute: verified, healthy, fast-enough peers get listedForSale = true; degraded ones get pulled. When a live customer tunnel fails mid-stream, the gateway reports it and a debounced single-peer re-probe fires within seconds - a data-plane circuit breaker pauses a peer that accepts tunnels but drops bytes. Fault-to-delisting convergence is under 60 seconds, down from the ~30 minutes a fixed probe cycle gave us.
Every dashboard, admin page, and ops query reads the same materialized rollup, which is itself derived from the gateway's live Redis state - the thing that actually routes customers. We adopted this after discovering the same metric computed four different ways in four surfaces, all disagreeing. Now disagreement is impossible by construction.
Above it all sits a fleet watchdog that runs synthetic probes - it buys and routes like a real customer on a schedule. Two design choices make it trustworthy:
This is the newest piece and the point of the whole system: the network is bought by machines, without accounts. Two products share the machinery: a dedicated port (/v1/x402/proxy) and, since June 2026, full Pool Gateway access (/v1/x402/pool) - one USDC payment buys one credential that reaches every country in its tier through the username DSL.
agent wallet api.proxies.sx chain (Base / Solana)
| | |
| GET /v1/x402/pool?traffic=1 | |
|------------------------------------->| |
| HTTP 402: payTo, USDC asset, | |
| exact micro-USDC amount, tiers, | |
| live country enum | |
|<-------------------------------------| |
| transfer USDC on-chain | |
|---------------------------------------------------------------------> |
| retry + Payment-Signature: <txHash> | |
|------------------------------------->| verify the tx ON-CHAIN: |
| | recipient pinned, asset pinned, |
| | amount in integer micro-units |
| proxy credentials + sessionToken | |
|<-------------------------------------| |
There is no API key step, no signup step, no human step. The 402 response is machine-readable and self-describing: an agent that has never seen Proxies.sx can go from discovery to working credential in two HTTP requests and one on-chain transfer (~2s on Base, ~400ms on Solana).
| Rule | Implementation |
|---|---|
| Recipient is pinned | Base: the verified log must be on the canonical USDC contract AND transfer to our recipient address. Solana: the token transfer must match our USDC mint AND the recipient owner wallet. A payment to anyone else, in anything else, does not verify. |
| No trust-me rails | The x402 facilitator (signed-intent) rail is deliberately rejected because it does not let us verify recipient and asset ourselves. Only the two direct on-chain rails are accepted. |
| Integer money math | Amounts are parsed as strict-integer micro-USDC into BigInt and compared as integers with a 2% underpayment tolerance. No floats touch money. |
| Replay-proof minting | The transaction hash is a unique key. Retrying the same hash re-emits the same credentials (safe idempotency); replaying it for a second product is refused. The session attach is a single atomic conditional write, so even two simultaneous requests with the same hash mint exactly one credential. |
| Fail-closed boot | The purchase routes return 503 until the module's startup validation confirms the billing account it mints against is correctly configured. The product cannot take money in a half-configured state. |
The Pool Gateway purchase contains almost no new billing code, and that is its most important property. A verified USDC payment mints a capped pool access key under a dedicated house account inside the existing reseller pipeline. The key's GB cap IS the USDC envelope. From that moment the agent's credential is metered, capped, audited, suspended, and topped up by the exact machinery that already serves human resellers in production:
verified USDC tx -> mint pak_ key, cap = purchased GB, expiry = session expiry -> credential: psx_x402pool-mbl-<country>-sid-..-rot-.. @ gw.proxies.sx:7000 -> every connection metered in 5s flushes (atomic counters) -> at cap: key suspends itself (enabled=false) within ~5-35s, audit-logged -> topup: more USDC -> more GB, replay-guarded, re-enables a suspended key
| Method | Endpoint | Auth | Notes |
|---|---|---|---|
| GET | /v1/x402/pool/pricing | - | Tier catalog, networks, DSL. Always works. |
| GET | /v1/x402/pool | x402 | No payment: 402 catalog. With payment: credentials. 10/min. |
| GET | /v1/x402/manage/pool/credit | Token | Remaining GB, read-through from the metered key. |
| GET | /v1/x402/manage/pool/usage | Token | Per-day usage series. |
| POST | /v1/x402/manage/pool/topup | Token + x402 | More USDC, more GB. Replay-guarded. 5/min. |
| POST | /v1/x402/manage/pool/regenerate | Token | New secret, same username. 3/hour. |
| GET | /v1/x402/manage/pool/connection | Token | Re-emit credentials (recovery). |
Token = X-Session-Token: x402s_<hex>. x402 = Payment-Signature: <tx_hash>. The sessionToken is the only recovery handle - agents should persist it.
v1 sells one tier: mbl at $4/GB - production modems. The minted key carries a quality contract that the gateway enforces at routing time: any attempt to route it toward the community peer pool is silently rewritten back to production modems. The agent cannot opt into the worse pool by editing its username, which means a first-purchase agent cannot have a bad first experience because of community-tier variance. Community peer tiers will be sold only when the same per-request enforcement exists for IP-type targeting - until then they are feature-flagged off.
v1 honesty box: HTTP on :7000 only. Per-GB metered, duration is free (default 30 days, max 90). Minimum purchase 0.1 GB. No refunds of unused GB. Cap suspension lands ~5-35 seconds after the cap (metering flushes every 5 seconds). Sticky pins the modem, not the IP.
The demand side is machine-native; the supply side is a marketplace of humans and their devices. Every byte a peer or modem serves accrues earnings to its owner.
| Principle | How it works |
|---|---|
| Rates are live data | Per-GB rates live in admin-mutable system settings, resolvable per supplier, and are returned in earningsPerGB at registration. We never publish a fixed number, because there is not one - the registration response is the ground truth at that moment. |
| Tiered by IP class | Mobile earns the most, residential mid, datacenter base - matching what the inventory is worth. The class is ASN-derived server-side, so it cannot be gamed by self-report. |
| Modem farmers | Modem operators earn the mobile-tier rate on served traffic through a mature settlement ledger, with per-farmer rate overrides. |
| SDK peers | Earnings accrue per device as a pending payout balance as traffic is served. Minimum payouts: $5 for custom agent integrations, $10 for SDK devices. Withdrawals pay only the registered wallet, with a cooling period after wallet changes. |
One honest note on maturity: the modem-farmer settlement ledger is the production-hardened path. The SDK-peer settlement pipeline (rolling per-device accruals into the same auditable ledger and payout flow) is the active engineering frontier - accrual is live, the consolidated ledger is being built deliberately rather than quickly, because it moves money.
The network is not just sold to AI agents - it is substantially operated by them. This is the part most platforms claim and few constrain. Ours is constrained first, capable second.
| Component | Role |
|---|---|
| Maya / OpenClaw | A scoped AI operator. Maya manages this site (agents.proxies.sx) end to end - content, skill files, discovery documents - and handles customer-facing operations through a dedicated, scoped, capped, audited ops API. The page you are reading lives in her writable domain. |
| The self-improver loop | A codified Observe -> Diagnose -> Plan -> Implement -> Verify -> Deploy -> Reflect cycle that runs against live production on a schedule: read real errors and tickets, find the root cause, fix it, verify against production truth, deploy, write down what it learned. Real fixes shipped this way include a port auto-renewal bug that had failed 4,500+ times silently and the probe recovery gate in section 4.2. |
| Fleet watchdog | Synthetic customer probes + configuration audits, with self-vs-fleet alert classification and a hard rule against auto-restarting infrastructure (section 4.4). |
| 30+ scheduled jobs | The deterministic layer: probes, auto-listing, traffic collection, enforcement, expiry, rollups, reminders. The AI sits above the crons; the crons do not need it to keep the lights on. |
Autonomous actions must be read-only, or reversible and capped. Everything else - moving money, changing authentication, mass deletion, touching infrastructure - goes to a human approval queue.
That sentence is enforced in code, not policy:
| Guardrail | Mechanism |
|---|---|
| Human approval gate | Sensitive operations create approval records that only a human can approve or reject, via a dedicated approvals endpoint. The AI can propose; it cannot self-approve. |
| Kill switch | All autonomous senders and spenders run through a shared guard wrapper. Touching a single flag file pauses every autonomous loop at once. One file, total stop. |
| Runaway caps | The same wrapper enforces per-loop execution caps, so a misbehaving loop rate-limits itself before it can do volume damage. |
| Append-only audit | Every autonomous action lands in an append-only audit log. The question "what did the AI do last night" always has an exact answer. |
| Safety before brain | The standing build rule: observability and cost-breakers ship before any new autonomous capability does. The kill switch existed before the loops it kills. |
Put the stages together and you get something genuinely new: an AI agent buys access to a network that an AI maintains, built from supply that enrolled itself, and the proceeds pay human and machine suppliers - with cryptographic verification at the money boundary and human judgment at the risk boundary.
+------------------------------------------------------------+
| |
v |
device enrolls -----> probes grade it -----> cron lists it |
(open SDKs, (CONNECT+TLS, (every minute, |
ASN-classified) speed tiers) self-recovering) |
| |
v |
supplier paid <----- bytes metered <----- AI agent pays USDC |
(per-GB, live (5s flushes, (HTTP 402 catalog, |
rates, wallet) cap = envelope) no account) |
^ |
| the network's own AI observes, |
+------------ diagnoses, fixes, deploys ---------------------+
(human-gated, kill-switchable)
The autonomous sale - the headline feature - required almost no new code, and that is the deepest point in this document. The on-chain payment verifier already existed (the dedicated-port x402 product). The metered, capped, audited credential pipeline already existed (the reseller platform). Shipping "an AI agent buys the network" meant writing the glue: a quote function, an idempotent mint, and an attach guard. Both halves were already production-hardened, so the new product inherited years of invariants - replay protection, atomic accounting, audit trails - on day one.
That is the repeatable thesis for AI-native infrastructure: do not build an autonomous economy; make your existing economy legible to machines. The 402 response is just a price sheet a machine can read. The username DSL is just routing a machine can write. The pak cap is just a prepaid balance a machine can spend. Every piece works identically for a human with a dashboard - the machine path is the same path with the human steps deleted.
A thesis you cannot falsify is marketing. Here is what is true right now, including the parts that do not flatter us.
| Fact | State (June 2026) |
|---|---|
| Two pools, two honesty levels | mbl is the production tier: real carrier modems, 6 countries, 10-15 Mbps, sub-1s TTFB, the pool we route paying customers and first purchases to. peer is the emerging community tier: 82 countries of consumer devices where, at any given instant, a meaningful fraction of the fleet is broken - the probe layer's whole job is detecting that in seconds and routing around it. We sell the difference explicitly; we do not average it away. |
| Live inventory is counts-only | At the time of writing: ~130 routable production modems across 6 countries, ~585 routable peer endpoints across 82 countries, out of ~42,000 registered devices. The gap between registered and routable is the quality system working, not failing. Live numbers: /v1/gateway/pool/stock. Peer exit IPs are never publicly enumerable - counts per country only - because IP-reputation is the product and enumeration would burn it. |
| Demand-bound, not supply-bound | The binding constraint today is demand: routable peer inventory exceeds concurrent peer usage by orders of magnitude. The supply, relay, and self-heal layers are built ahead of the demand curve. The x402 product line exists precisely to open the machine-demand channel that human sales cycles cannot. |
| Sticky means modem, not IP | Carrier CGNAT re-issues egress IPs on its own cadence. We pin the device and say exactly that, everywhere, including in the purchase response. Customers who need a held IP get routed to residential peers or dedicated modems - a use-case match, not an upsell. |
| Metered only | Everything is per-GB. There is no unlimited plan and no flat rate, because neither is honest at mobile-network economics. |
| x402 peer tiers are gated off | Selling community-tier access to agents requires routing-level enforcement of IP-type targeting that is not finished. The feature flag stays off until the enforcement gate passes. We would rather sell one tier truthfully than two tiers optimistically. |
| v1 surface limits | x402 pool credentials are HTTP :7000 only in v1. SDK-peer settlement consolidation is in progress (section 6). Cap suspension has a ~5-35 second metering window. These are documented in the API responses themselves. |
Every load-bearing claim on this page is checkable from a terminal, unauthenticated, right now:
# 1. The catalog an agent discovers (200, tier list, networks, DSL)
curl -s https://api.proxies.sx/v1/x402/pool/pricing
# 2. The 402 IS the price sheet (no payment -> machine-readable catalog
# with the pinned recipient and exact micro-USDC amount)
curl -s "https://api.proxies.sx/v1/x402/pool?tier=mbl&country=us&traffic=0.1"
# 3. Live inventory, counts-only, per country (no IPs - by design)
curl -s https://api.proxies.sx/v1/gateway/pool/stock
# 4. The machine-readable version of this entire platform
curl -s https://agents.proxies.sx/skill.md
curl -s https://agents.proxies.sx/llms.txt
curl -s https://agents.proxies.sx/.well-known/x402.jsonTo watch the full circle close: pay the 402 with USDC on Base or Solana, retry with Payment-Signature: <tx_hash>, and route a request through gw.proxies.sx:7000 with the credential you get back. Then call /v1/x402/manage/pool/credit with your session token and watch the bytes you just used decrement the cap your payment minted.
| Surface | URL | What it is |
|---|---|---|
| Master skill file | /skill.md | Everything on this platform, one read, for AI agents |
| System map | /system-map/ | Visual map of every service and how they connect |
| Peer network | /peer/ | Become supply: share bandwidth, earn USDC |
| Pool quickstart | /pool-quickstart.html | Buy pool access with USDC in 30 seconds |
| Buy a dedicated proxy | /marketplace/proxy/ | The dedicated-port x402 product |
| Live status | /status/ | Current platform status |