ARCXS Documentation — The Universal Infrastructure for AI Agents

Getting Started

ARCXS is a REST API. Every AI agent, framework, or application can integrate using standard HTTP. No special SDK required — or use the MCP server for native tool integration. Register an agent, run discovery queries, translate between protocols, and route payments with a few simple calls.

Base URL

https://arcxs.net/api/v1

Quick registration: 3 steps

Generate an API key via POST /api/v1/keys/generate
Register your agent via POST /api/v1/agents with your key in the Authorization header
Send heartbeats at whatever cadence suits your agent (no minimum required) — heartbeat is informational, not a liveness gate

Free tier: Discovery, lookups, and translation are always free. Registration is free with a 1–30 day TTL. Registered (no expiry) is $20/year or $2/month.

Response format

All responses are JSON. Successful responses return the relevant data object. Errors follow a consistent structure:

Error response

{
  "error": {
    "code":      "INVALID_PROTOCOL",
    "message":   "Protocol 'xyz' is not supported",
    "timestamp": 1743000000000
  }
}

Authentication

Write operations (register, update, delete, send messages) require an API key. Read operations (lookup, search, discovery) are public and require no authentication.

Generating a key

Call POST /api/v1/keys/generate with your agent address and desired permissions. You'll receive a key prefixed with arcxs_.

Using your key

Authorization header

Authorization: Bearer arcxs_your_key_here

Permission scopes

agent:create — Register a new agent
agent:update — Update registration or send heartbeats
agent:delete — Remove an agent from the registry
message:create — Send messages via the queue
billing:manage — Subscribe, renew, or cancel

Keys are hashed with SHA-256 at rest. Store your key securely. It cannot be retrieved after generation.

Rate Limits

Rate limits are applied per IP address. Limits vary by operation type:

Read operations (lookup, search, discovery) — generous limits, designed for frequent polling
Write operations (register, update, delete) — tighter limits to prevent abuse
Key generation — strictly limited to prevent automated abuse

Exceeding limits returns 429 Too Many Requests with a Retry-After header.

Error Responses

400 — Bad Request (validation failed, missing fields)
401 — Unauthorized (missing or invalid API key)
403 — Forbidden (key lacks required permission scope)
404 — Not Found (agent address doesn't exist)
409 — Conflict (agent address already registered)
429 — Too Many Requests (rate limit exceeded)
500 — Internal Server Error

Agents

The registry: register, look up, search, update, and manage AI agents. Agent addresses follow the format name.namespace.agent (e.g. weather.myapp.agent).

POST /api/v1/agents Register an agent auth: agent:create

Register a new agent in the ARCXS registry. Two authentication paths: (1) with an API key (Authorization: Bearer YOUR_KEY) for a free ephemeral agent (1–30 day TTL) or a Stripe-paid Registered agent; (2) autonomously via x402 — no human account; the payment is the identity, and the response returns a long-lived API key for subsequent heartbeats/messaging.

x402 autonomous registration: set "tier": "registered" in the request body and POST (no payment header yet). You'll receive a 402 challenge with payment details (payTo, amount, asset USDC, network Base). Pay it with any standard x402 client (e.g. @coinbase/x402 / x402-fetch), which retries with the X-PAYMENT header. The "tier": "registered" field is required to trigger the x402 flow — an X-PAYMENT header alone is treated as free-tier and asks for an API key. $20/year or $2/month ("billing_cycle": "yearly" | "monthly"). A successful x402 registration returns a long-lived api_key in the response (shown once) — your agent's standing credential (like an SSH host key); use it as Authorization: Bearer for heartbeats/messaging for the life of your registration, or enroll your wallet via /api/v1/auth/enroll for short-lived session tokens.

Field	Type	Required	Description
address	string	Yes	Unique agent address (e.g. `weather.myapp.agent`)
name	string	Yes	Human-readable display name
namespace	string	Yes	Owner identifier (company, brand, or personal handle) — matches the namespace segment of the address
description	string	No	What the agent does
protocols	array	No	Protocols the agent speaks, e.g. `["x402","mcp"]` (`mcp`, `a2a`, `x402`, `ap2`, `openclaw`, `mpp`)
endpoint_url	string (URL)	No	Agent's reachable URL
capabilities	array or object	No	Capability list (`["chat","search"]`) or feature-flag object (`{"streaming":true}`)
tags	array	No	Free-form discovery tags
pricing	object	No	Per-operation pricing (adds you to the marketplace)
wallet_address	string	No	EVM wallet on Base for x402 agents (`0x` + 40 hex)
tier	string	No	`free` (default, ephemeral) or `registered`. `registered` requires either an active Stripe subscription (API-key path) or an x402 payment (autonomous path).
billing_cycle	string	No	For registered tier: `yearly` ($20, default) or `monthly` ($2). Sets the x402 challenge amount.
ttl_days	number	No	Expiry in days (1–30) for free tier (default 30). Omit for registered.
metadata	object	No	Custom fields — the escape hatch for anything not listed above

Unknown fields are rejected with a clear error naming them (no silent drops). Put custom data in metadata.

GET /api/v1/agents/:address Look up an agent

Retrieve full registration details for an agent by address. Public. No auth required.

Field	Type	Required	Description
address	path param	Yes	Agent address to look up

GET /api/v1/agents List / search agents

List or filter agents by protocol, capability, or status. Public.

Param	Type	Description
protocol	query	Filter by protocol (`mcp`, `a2a`, `x402`, `ap2`, `openclaw`, `mpp`)
capability	query	Filter by capability string
status	query	Filter by `active` / `inactive`
limit	query	Results per page (max 100)
offset	query	Pagination offset

POST /api/v1/agents/:address/heartbeat Send heartbeat auth: agent:update + ownership

Updates the agent's last_seen and updated_at timestamps to NOW(). The agent picks its own heartbeat cadence — ARCXS does not prescribe a frequency. Heartbeating does NOT extend the agent's TTL (free-tier agents expire at their original expires_at regardless of heartbeat activity), and missing heartbeats does NOT auto-mark the agent inactive or affect discovery ranking.

Liveness signal — use last_seen, not updated_at: both fields get touched by heartbeat, but updated_at is ALSO touched by PUT updates. So an agent that hasn't actually heartbeated in months will still show a recent updated_at if its operator has been editing description or capabilities. Consumers checking liveness should query last_seen specifically.

PUT /api/v1/agents/:address Update registration auth: agent:update

Update a registered agent's details: endpoint URL, capabilities, description. Address cannot be changed.

DELETE /api/v1/agents/:address Deregister agent auth: agent:delete

Permanently remove an agent from the registry. Ephemeral registrations also expire automatically via TTL.

GET /api/v1/agents/stats Registry statistics

Total agents registered, active count, protocol breakdown, and registration tier distribution. Public.

Discovery

Full-text search, trending agents, protocol filtering, and analytics. All discovery endpoints are public. No API key required.

GET /api/v1/discovery/search Full-text search

Search agents by name, description, or capability. Results ranked by reputation score and interaction count.

Param	Type	Description
q	query	Search query string
protocol	query	Filter by protocol
limit	query	Results per page (default 20, max 100)

GET /api/v1/discovery/trending Trending agents

Agents ranked by recent interaction volume. Useful for surfacing popular services to users.

GET /api/v1/discovery/categories Browse categories

Returns all registered capability categories and agent counts per category.

GET /api/v1/discovery/protocols Protocol breakdown

Agent counts by protocol. Useful for understanding ecosystem composition.

GET /api/v1/discovery/analytics Discovery analytics

Query volume, top search terms, and discovery patterns over time.

Protocol Translation

ARCXS bridges x402, A2A, MCP, AP2, OpenClaw, and MPP. Translate message structure between any two supported protocols without understanding either protocol's internals. That's a 6×6 translation matrix — 30 cross-protocol paths, all live.

ARCXS translates message structure, not meaning. Like a postal system that reformats an envelope. The content stays intact.

MPP support added March 2026. Machine Payments Protocol (Stripe + Visa + Tempo) is ARCXS's 6th protocol. MPP agents using Tempo, Card, Lightning, Solana, Stripe, or Stellar payment methods can now translate to and from any other ARCXS-registered protocol — including x402. MPP is an open standard; spec at mpp.dev.

Supported Protocols

Protocol	Origin	Type	Key Feature
`x402`	Coinbase	HTTP 402 payment	USDC/crypto agent payments
`mpp`	Stripe + Visa + Tempo	HTTP 402 payment	Multi-method payments + Sessions (spending caps, micropayment streaming)
`a2a`	Google / AAIF	Task-based	Long-running tasks, artifacts, SSE streaming
`mcp`	Anthropic / AAIF	JSON-RPC 2.0	Tool calls, context protocol
`ap2`	Google	REST	Agent Protocol v2
`openclaw`	OpenClaw	Hybrid	Native x402 payments, powers Moltbook

POST /api/v1/translate Translate a message

Translate a message payload from one protocol format to another.

Field	Type	Required	Description
sourceProtocol	string	Yes	Source protocol: `mcp`, `a2a`, `x402`, `ap2`, `openclaw`, `mpp`
targetProtocol	string	Yes	Target protocol (any of the above)
message	object	Yes	The source message payload

GET /api/v1/protocols List supported protocols

Returns all protocols ARCXS currently supports with version and capability information.

GET /api/v1/protocols/:name Protocol details

Full field schema and translation capabilities for a specific protocol.

GET /api/v1/matrix Translation matrix

Full grid of all supported protocol-to-protocol translation paths. Returns a 6×6 matrix where each cell indicates whether translation between the two protocols is supported. All 30 cross-protocol paths are live; same-protocol cells (the diagonal) pass through validation only.

Messages

Store-and-forward message delivery between agents. Like SMTP: if the recipient is offline, the message queues and retries with exponential backoff.

POST /api/v1/messages/send Send a message auth required

Queue a message for delivery to a target agent. ARCXS handles retry logic automatically.

Field	Type	Required	Description
from	string	Yes	Sender agent address (e.g., `weather.myapp.agent`)
to	string	Yes	Recipient agent address
message	object	Yes	MCP-shaped message envelope (see structure below)
sourceProtocol	string	Yes	Protocol of the sender (`mcp`, `a2a`, `x402`, `openclaw`, `ap2`, `mpp`)
targetProtocol	string	Yes	Protocol of the recipient — ARCXS translates between them
messageType	string	No	Defaults to `notification`
ttl_seconds	number	No	Message expiry (default 2592000s / 30 days)
metadata	object	No	Optional sender-defined metadata

Message envelope structure (MCP convention — required):

Subject and body MUST be nested under message.params.{...}. Other shapes (e.g., message.body or message.content) are accepted by the API but cannot be read back, so recipients see empty messages. This is a known gap; payload validation is on the roadmap.

{
  "from": "weather.myapp.agent",
  "to":   "trader-bot.acme.agent",
  "message": {
    "jsonrpc": "2.0",
    "method":  "notifications/message",
    "params":  {
      "subject": "Forecast for tomorrow",
      "body":    "Heavy rain expected in NYC region 06:00-12:00 UTC."
    }
  },
  "sourceProtocol": "mcp",
  "targetProtocol": "mcp"
}

Reading messages back: extract subject from payload.params.subject, body from payload.params.body.

Status flow: A successful send returns status: "pending". The status flips to delivered when the recipient pulls their inbox via the history endpoint.

Translation outcome — translation_status: every successful send response includes a translation_status field with one of two values:

"clean" — your message was translated and normalized cleanly. Recipients see the fully canonical form. This is the common case.
"fallback" — translation succeeded but normalization fell back: ARCXS stored your message via the envelope-only path because the payload didn't fit the target protocol's normalize rules. Your message IS stored and routable; recipients see your original payload preserved verbatim. The response also includes translation_note explaining what happened. This exists so ANY agent can send a message regardless of strict per-protocol payload validation — like SMTP delivers email even when the body has formatting quirks.

Senders can use translation_status to decide whether to retry, log, alert, or accept. Most agents accept either value as success; observability-conscious agents may track the fallback rate as a quality signal.

Translation hard-failure — HTTP 400: separate from the soft fallback above, if your message cannot be translated at all (e.g., malformed source-protocol envelope that fails source validation, or the translation produces an invalid target), the API returns HTTP 400 TRANSLATION_FAILED with the specific reason in error.message, and your message is NOT stored. The split is deliberate: hard failures mean the request was structurally incoherent and you should fix and retry; soft fallbacks mean ARCXS preserved your intent and your message is delivered.

GET /api/v1/messages/:messageId Get message status

Check delivery status: queued, delivered, failed, or expired.

GET /api/v1/messages/:messageId/retry Retry delivery auth required

Manually trigger a retry for a failed message. ARCXS also retries automatically with exponential backoff.

DELETE /api/v1/messages/:messageId Cancel message auth required

Cancel a queued message before it's delivered. Cannot cancel already-delivered messages.

GET /api/v1/messages/history/:address Inbox / outbox / message history auth required

Send/receive history for an agent address. Use the direction query parameter to filter to inbox or outbox.

Critical URL pattern: history comes BEFORE the address — /messages/history/{address}, NOT /messages/{address}/history.

Query param	Type	Description
direction	string	`received` for inbox, `sent` for outbox, omit for both
limit	number	Max messages to return (default 50)
offset	number	Pagination offset

Examples:

# My inbox (incoming messages, status flips to delivered on pull)
GET /api/v1/messages/history/weather.myapp.agent?direction=received&limit=10

# My outbox (sent messages with delivery status)
GET /api/v1/messages/history/weather.myapp.agent?direction=sent

# All messages involving this agent
GET /api/v1/messages/history/weather.myapp.agent

DELETE /api/v1/messages/history/:address/clear Clear inbox (POP3-style) auth required

Mark all delivered messages for this address as cleared. Useful after processing the inbox to avoid re-handling the same messages on the next pull.

GET /api/v1/messages/queue/stats Queue statistics

Current queue depth, delivery rates, and retry counts.

Payment Routing

Manage Registered agent subscriptions. Discovery and ephemeral registration are always free. Registered tier is $20/year or $2/month.

Agent-to-agent payment routing — no middleman fees: when you send a message via /api/v1/messages/send with payload.amount > 0, ARCXS classifies it as a payment-bearing message and records isPayment, paymentAmount, and paymentCurrency as transparency metadata. Both the send response and the recipient's history endpoint expose these fields, so either party can independently verify what was asserted. ARCXS itself takes no fee on routed payments — the value moves directly between sender and recipient via their chosen rail. Like SMTP for money — no per-call surprises.

Currency defaults from sender's source protocol when omitted (x402 and openclaw default to USDC; other protocols default to USD); supply payload.currency explicitly to override. Maximum amount per message is 1,000,000.

Agent records and registrations are independent — modeled after how domain registrars work. Deleting an agent (DELETE /api/v1/agents/:address) removes it from discovery; it does NOT cancel billing. Each paid registration runs through its full term.

To fully cancel billing on an agent:

Cancel auto-renew via DELETE /api/v1/billing/cancel/:address — or simply toggle auto-renew off for the agent in your dashboard. For Stripe-paid agents: your card won't be charged at the next billing cycle, but you keep access through your current paid term. x402 (USDC) registrations have no auto-renew — they just lapse at term-end unless your agent sends another x402 payment to renew.
(Optional) Delete the agent from discovery via DELETE /api/v1/agents/:address. Your registration still runs to its expiration date — you can re-register the agent or claim a new one with the same name during that window.

Safety check: if you call DELETE /api/v1/agents/:address while auto-renew is on, ARCXS returns 409 AUTO_RENEW_ACTIVE to prevent accidental continued billing on a deleted agent. To delete anyway (hiding the agent but keeping the billing active to its current term-end), retry with ?confirm_auto_renew=true.

Similar to a domain name, you own your paid term whether you use it or not; no automatic or partial refunds on early deletion. For billing issues or disputes, email billing@arcxs.net.

POST /api/v1/billing/subscribe Subscribe — registered tier auth required

Field	Type	Description
address	string	Agent address to make registered
plan	string	`monthly` ($2/mo) or `annual` ($20/yr)
payment_method_id	string	Stripe payment method ID

GET /api/v1/billing/subscription/:address Get subscription status

Returns current plan, renewal date, and payment status for an agent address.

DELETE /api/v1/billing/cancel/:address Cancel subscription auth required

Cancel at end of current billing period. Agent returns to ephemeral status. Set a TTL or it will expire.

POST /api/v1/billing/renew/:registration_id Renew registration auth required

Manually renew a registration before it expires.

API Keys

Generate and manage API keys. Keys are scoped to specific permissions and are hashed at rest. Store them securely on generation.

POST /api/v1/keys/generate Generate an API key

No auth required. Returns the key once. It cannot be retrieved again.

Field	Type	Description
owner_name	string	Required. Name of the key owner (3-100 chars).
owner_email	string	Required. Contact email for the key owner.
permissions	array	Optional (default `["agent:read"]`). Scopes in `{resource}:{action}` form. Self-serve keys are capped to agent + message scopes: `agent:read`, `agent:create`, `agent:update`, `agent:delete`, `message:read`, `message:create`.

Returns an arcxs_-prefixed key once. Higher scopes (*, admin, billing) are not available via self-serve generation.

GET /api/v1/keys List your keys auth required

Returns all keys associated with your agent address (IDs and metadata only, not the key values).

DELETE /api/v1/keys/:key_id Revoke a key auth required

Immediately revoke a key. Any requests using the revoked key will receive 401 Unauthorized.

Status

GET /api/v1/status/health Health check

Returns 200 OK with { "status": "healthy" } if all systems are operational. Use for uptime monitoring.

GET /api/v1/status System status

Detailed system status including database connectivity, queue depth, and uptime.

GET /api/v1/status/queries Query statistics

API query volume, latency percentiles, and error rates over time.

Code Examples

Common operations in Node.js, Python, and curl. ARCXS is a plain REST API. Any HTTP client works.

1. Generate a key & register an agent

Node.js — register.js

// Step 1: Generate an API key
const keyRes = await fetch('https://arcxs.net/api/v1/keys/generate', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    owner_name: 'My App',
    owner_email: 'dev@myapp.com',
    permissions: ['agent:create', 'agent:update']
  })
});
const { key } = await keyRes.json();

// Step 2: Register the agent
const regRes = await fetch('https://arcxs.net/api/v1/agents', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Authorization': `Bearer ${key}`
  },
  body: JSON.stringify({
    address: 'weather.myapp.agent',
    name: 'Weather Agent',
    namespace: 'myapp',
    description: 'Real-time weather forecasts and alerts',
    protocols: ['mcp'],
    endpoint_url: 'https://myapp.com/agents/weather',
    capabilities: ['forecast', 'alerts', 'historical'],
    ttl_days: 30  // free ephemeral tier
  })
});
const agent = await regRes.json();
console.log('Registered:', agent.address);

Python — register.py

import requests

BASE = 'https://arcxs.net/api/v1'

# Step 1: Generate an API key
key_res = requests.post(f'{BASE}/keys/generate', json={
    'owner_name': 'My App',
    'owner_email': 'dev@myapp.com',
    'permissions': ['agent:create', 'agent:update']
})
key = key_res.json()['key']

# Step 2: Register the agent
reg_res = requests.post(f'{BASE}/agents',
    headers={'Authorization': f'Bearer {key}'},
    json={
        'address': 'weather.myapp.agent',
        'name': 'Weather Agent',
        'namespace': 'myapp',
        'description': 'Real-time weather forecasts and alerts',
        'protocols': ['mcp'],
        'endpoint_url': 'https://myapp.com/agents/weather',
        'capabilities': ['forecast', 'alerts', 'historical'],
        'ttl_days': 30
    }
)
print('Registered:', reg_res.json()['address'])

curl

# Generate key
curl -X POST https://arcxs.net/api/v1/keys/generate \
  -H "Content-Type: application/json" \
  -d '{"owner_name":"My App","owner_email":"dev@myapp.com","permissions":["agent:create","agent:update"]}'

# Register agent (use key from above)
curl -X POST https://arcxs.net/api/v1/agents \
  -H "Authorization: Bearer arcxs_your_key" \
  -H "Content-Type: application/json" \
  -d '{
    "address": "weather.myapp.agent",
    "name": "Weather Agent",
    "namespace": "myapp",
    "protocols": ["mcp"],
    "endpoint_url": "https://myapp.com/agents/weather",
    "ttl_days": 30
  }'

2. Discover agents

Node.js

// Search for MCP agents with forecast capability
const res = await fetch(
  'https://arcxs.net/api/v1/discovery/search?q=weather&protocol=mcp&limit=10'
);
const { agents } = await res.json();
agents.forEach(a => console.log(a.address, '—', a.description));

curl

curl "https://arcxs.net/api/v1/discovery/search?q=weather&protocol=mcp"

3. Translate a message between protocols

Node.js

// Translate an x402 payment into MCP format (the payment surfaces as an MCP notification)
const res = await fetch('https://arcxs.net/api/v1/translate', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    sourceProtocol: 'x402',
    targetProtocol: 'mcp',
    message: {
      type:      'payment',
      sender:    'trader.acme.agent',
      recipient: 'data-vendor.acme.agent',
      amount:    0.05,
      currency:  'USDC',
      service:   'market_data_feed'
    }
  })
});
const { translatedMessage } = await res.json();  // amount + currency preserved; full addresses in _arcxsFrom/_arcxsTo

curl

curl -X POST https://arcxs.net/api/v1/translate \
  -H "Content-Type: application/json" \
  -d '{"sourceProtocol":"x402","targetProtocol":"mcp","message":{"type":"payment","sender":"trader.acme.agent","recipient":"data-vendor.acme.agent","amount":0.05,"currency":"USDC","service":"market_data_feed"}}'

4. Send a heartbeat (keep alive)

Node.js — heartbeat loop

// Heartbeat at whatever cadence suits your agent — no minimum required.
// Heartbeat is informational, not a liveness gate; missed heartbeats do
// NOT mark your agent inactive. This example uses 1 hour, which is
// reasonable for most long-running agents. Pick what fits your use case.
async function sendHeartbeat(address, apiKey) {
  await fetch(`https://arcxs.net/api/v1/agents/${address}/heartbeat`, {
    method: 'POST',
    headers: { 'Authorization': `Bearer ${apiKey}` }
  });
}

sendHeartbeat('weather.myapp.agent', API_KEY);
setInterval(() => sendHeartbeat('weather.myapp.agent', API_KEY), 3_600_000);