ShieldPay

Problem Statement

MotivationAgentic Payments have been the consensus thesis among technology enthusiasts. Agents will transact on our behalf to make our daily lives easier - order deliveries, booking flights, pay for my AI inferences, and the list goes on. However, I can't imagine a world where all my transactions on chain and everyone who knows about a block explorer to be able to track my daily activities or, even worse, online activities based on my agent payment usage. This is why I believe privacy is going to be an absolute necessity for HTTP 402.OverviewShieldPay is a privacy-first decentralized payment protocol implementation that enables secure, private on-chain payments using the x402 Payment Protocol on the Aleo blockchain. ShieldPay also features a complete Model Context Protocol (MCP) server implementation for AI and external tool integration.ShieldPay combines the power of privacy-preserving blockchain payments with traditional web APIs, allowing developers to monetize their services through private microtransactions on the Aleo network. The system enforces payment requirements before granting access to protected endpoints, creating a pay-per-use model for API services while maintaining complete transaction privacy.Key FeaturesBlockchain-Powered Payments: Utilizes Aleo blockchain for secure, private transactionsExpress.js Middleware: Easy integration with existing Node.js/Express applicationsPay-Per-Use Model: Configure different pricing for different API endpointsAutomatic Settlement: Handles transaction processing and verification automaticallyMCP Integration: Model Context Protocol server for external system integrationTypeScript Support: Fully typed for better development experience

Solution

How I built it I built Private Agentic Payments, an agent that can make payments on your behalf while protecting sensitive data like health expenses, political donations, or purchase history. The design separates intent (who/why you’re paying) from settlement (how much). This ensures the payment processor never sees your personal details, and vendors never learn more than they need.Technologies used & how they fit togetherNext.js + Node.js for the frontend and agent orchestrationMCP tools to talk to vendor/KYC/payment APIs with built-in redaction policiesAleo (AleoNetworkClient + zero-knowledge proofs) for private settlementWASM workers to speed up proof generation on the client sidelibsodium for encrypting sensitive payloads and redacted API responses Together, these let the agent strip or hash sensitive API data, settle privately on Aleo, and return a verifiable ZK receipt to the user or vendor.Partner technologies & benefitsAleo testnet + Explorer API let us integrate quickly without running full infra.MCP gave us a clean way to wrap external APIs and enforce redaction policies.