Payment Integration

How Gao Browser handles x402 payment flows, fee transparency, and settlement display — without ever holding funds or executing unsigned transactions.

Overview#

Payment is a first-class capability in Gao Browser, not a bolt-on. The browser handles the full x402 HTTP payment flow natively — surfacing trust signals, displaying fees, requiring user approval, and confirming settlement — while delegating all actual fund movement to Layer 4 (Gao Payment).

The browser never holds funds. Every settlement requires an explicit user signature. Settlement is handled by Layer 4 — Gao Payment.

x402 Flow in Browser#

When a user navigates to a payment-gated resource:

1. Browser requests resource (GET /api/premium-data)  
  
2. Server returns HTTP 402:  
   X-Gao-Payment-Details: {  
     payee_domain: "api.service.gao",  
     amount:       "0.01 USDC",  
     network:      "base",  
     expires_in:   300  
   }  
  
3. Browser detects 402 → enters payment flow:  
   ├── Resolves payee_domain: api.service.gao  
   ├── Retrieves trust level: ✅ Business Verified  
   ├── Displays payment confirmation UI  
   └── Awaits user approval  
  
4. User approves → browser submits to Layer 4 (Gao Payment)  
  
5. Layer 4 settles → returns canonical receipt  
  
6. Browser retries request with X-Gao-Payment-Proof header  
  
7. Server validates receipt → serves resource  
  
8. Browser displays: ✅ Payment confirmed · receipt available

---

### Payment Confirmation UI

Before any payment is executed, the browser displays a confirmation screen with full information:

┌─────────────────────────────────────────────────┐
│ Payment Required │
│ │
│ Paying: api.service.gao │
│ ✅ Business Verified │
│ Service Corp Inc · San Francisco │
│ │
│ Amount: 0.01 USDC │
│ Network: Base │
│ Fee: ~$0.001 (estimated) │
│ Total: 0.011 USDC │
│ │
│ This payment grants access to: │
│ /api/premium-data (one request) │
│ │
│ [Cancel] [Approve and Pay] │
└─────────────────────────────────────────────────┘

For Level 0 (Unverified) payees, the confirmation screen shows a mandatory warning:

┌─────────────────────────────────────────────────┐
│ ⚠️ Payment to Unverified Domain │
│ │
│ unknown-api.gao has not been verified by Gao. │
│ We cannot confirm who will receive this │
│ payment. │
│ │
│ [Cancel] [I understand — proceed anyway] │
└─────────────────────────────────────────────────┘

“Proceed anyway” is a secondary, non-default action. The Unverified warning cannot be suppressed regardless of the page’s content or instructions.

---

### Risk Tier Display

The browser surfaces the risk tier for every payment action:

Tier

Browser behavior

Tier 0–1

Auto-approved within policy; subtle status indicator

Tier 2

In-browser confirmation dialog; user must tap/click Approve

Tier 3

Full-screen authorization required; human out-of-band approval

Tier 3 payments pause the browser flow and display:

┌─────────────────────────────────────────────────┐
│ Authorization Required │
│ │
│ This payment requires authorization from: │
│ owner@merchant.gao │
│ │
│ An authorization request has been sent. │
│ This page will continue when approved. │
│ │
│ [Cancel payment] │
└─────────────────────────────────────────────────┘

Fee Transparency#

The browser always shows full fee breakdown before the user approves:

Amount:           $50.00 USDC  
Network fee:      ~$0.001 ETH (gas)  
Protocol fee:     $0.025 USDC  
─────────────────────────────  
Total:            $50.026 USDC + $0.001 ETH gas

No hidden fees. If the fee calculation changes between display and execution (gas price spike), the browser re-shows the updated amount before proceeding.

Receipt Display#

After settlement confirmation, the browser stores and displays the canonical receipt:

✅ Payment Confirmed  
  
Receipt:  rcpt_pay_abc123  
Paid to:  merchant.gao  ✅ Business Verified  
Amount:   $50.00 USDC  
Network:  Base  
Block:    19,823,401  
Time:     2026-04-15 14:32:07 UTC  
  
[View on-chain]  [Download receipt]  [Share]

Receipts are stored in Gao Workspace (L1) and accessible to both parties. The on-chain transaction hash is always shown and linked to the block explorer.

Human-Initiated Payments#

For user-initiated payments (not x402):

User types: pay merchant.gao $50 USDC  
        ↓  
Browser resolves merchant.gao → trust level + proxy address  
        ↓  
Payment confirmation displayed (full fee breakdown)  
        ↓  
User approves → Layer 4 executes  
        ↓  
Receipt displayed

The browser supports natural language payment commands in the address bar:

• pay merchant.gao 50 USDC

• send 0.1 ETH to alex.gao

• pay booking.clinic.gao

Payment History#

The browser maintains a session-level payment history accessible via the toolbar. Full receipt history is stored in Gao Workspace (L1) and persists across sessions.

Recent payments:  
  ✅ merchant.gao     $50.00 USDC   2 min ago  
  ✅ api.service.gao  $0.01  USDC   15 min ago  
  ✅ booking.spa.gao  $80.00 USDC   Yesterday

---

### What the Browser Does NOT Do

-   **Does not hold funds** — all value stays in the user’s wallet
    
-   **Does not execute unsigned transactions** — every payment requires a wallet signature
    
-   **Does not store private keys** — key management is the wallet’s responsibility
    
-   **Does not suppress trust warnings** — even if the page requests it
    
-   **Does not modify receipts** — receipts are produced by Layer 4 and are immutable
    

---

_Payment integration in Gao Browser delegates execution to Gao Payment (Layer 4). For the full payment settlement lifecycle, see the Layer 4 documentation._