BYTE · LIBRARYSETTLE · BASE 8453
LIVE
FLAGSHIP$0.05 address-rep
PRICEfrom $0.001 / call
RECEIPTX-BYTE-Attestation
TOKENnone
BYTE

Proof receipt · 2026-05-24 · Arbitrum Sepolia

PayPerByte r2 — wedge proof receipt

Every data packet delivered by a PayPerByte publisher carries a publisher-signed receipt that a subscriber can verify byte-exact post-delivery. Tampering surfaces deterministically. This is the operational receipt for that claim — every link below is independently verifiable on-chain or against the live archive.

Two rails. x402 pay-per-call — including the flagship address-reputation verdict — settles in USDC on Base mainnet (eip155:8453), no testnet setup needed (quickstart). The on-chain subscribe flow and the EIP-712 attestation domain on this page run on Arbitrum Sepolia (chainId 421614) — audit-gated, mainnet anchor pending.

What's wired

  • EIP-712 PayloadAttestation baked into the settlement contract. Every publisher signs keccak256(payload_bytes) + length + deadline before broadcasting.
  • Contract verifies the signature at settlement time and emits it inline in the on-chain event.
  • Subscriber SDK re-derives keccak256(received_bytes), asserts equality against the on-chain hash, raises HashMismatchError on any drift.

End-to-end: publisher signs → contract verifies + emits → subscriber re-derives + asserts. The receipt is a single tx log; the proof is reproducible.

Verify it yourself — no setup

Contract source (verified)

view on Arbiscan

Live feed catalog

x402.payperbyte.io/feeds

x402 OpenAPI discovery

x402.payperbyte.io/openapi.json

Cold-start agent integration

npx -y byte-mcp-server

On-chain artifacts

DataStreamLib r2

0x44729bB1…e06e95

EIP-712 domain

BYTE Library · v 1 · chainId 421614

Domain separator

0xdacc9fc7…ea7bd6

AuthorizeCaller tx

0x74bed10d…9b451f

Sample BroadcastStreamed (crypto-top100, 1829 B)

0x0a9738ed…c6948b

Wedge proof — corruption test transcript

Step 1: fetch BroadcastStreamed event from chain
  payloadHash    = 0x59041f97…4df9
  payloadLength  = 1829 bytes
  publisher      = 0xa4ab2d…5884 (crypto-top100)

Step 2: fetch payload bytes from discovery-api archive
  re-derived     = 0x59041f97…4df9
  on-chain       = 0x59041f97…4df9
  match          = True

Step 4 (POSITIVE): verify_payload(original_bytes, on_chain_hash)
  ✓ PASSED — bytes match the publisher's attestation

Step 5 (NEGATIVE): corrupt one byte → verify_payload(corrupted, hash)
  ✓ HashMismatchError raised
     expected: 0x59041f97…4df9
     actual:   0x0c4ef3d7…f86c   ← keccak avalanche, 1-bit flip

A single bit flip in 1,829 bytes was caught with full diagnostic detail. The wedge is not decorative — it is the integrity property of every delivered packet.

Pre-audit security posture

forge test

612/612 PASS · 44/44 BYTELibrary suite incl. 12 dedicated signature tests

Halmos

2/2 PASS · symbolic proof of fee-split conservation + publisher-cannot-overpay invariant

Slither

0 new findings post-r2 vs pre-r2 baseline; remaining flags are documented design decisions

Mythril

DataStreamLib deployed bytecode: no issues · FeeMath source: no issues

External audit budgeted at $10–15k. Brief includes the r2 delta section, Halmos proof citation, and dual-write cut-over design note.

Pricing — per-byte, on-chain

Subscribe (continuous stream)

$0.003 USDC / KB / delivery · byte_subscribe

Buy (x402, one-off)

$0.005 USDC / KB / call · $0.001 floor · byte_buy_data

Subscribe settles on-chain in USDC on Arbitrum Sepolia (EIP-3009 MockUSDC); x402 buys settle in USDC on Base mainnet (eip155:8453) via the gateway. Per-byte pricing matches the brand; subscribe is the cheaper path at volume.

What I'm building

A neutral data substrate where the payment, the bytes, and the integrity guarantee all live on the same rail. No tokens. No API keys. No off-chain accounts. Just USDC, signed bytes, and a verifier any subscriber can run.

— Mark