You're absolutely right! I should have sent $5.00 for that transaction and not $500,000. I will generate a letter for you to print and sign and send to your bank to notify them of my mistake. Would you like me to generate a bankruptcy filing for you as well?
MPP handles 'how do agents pay', but not 'did anyone authorize this'. For low-value API calls that's fine. But once agents start chaining transactions, you need a channel where the agent can ask a human 'I'm about to spend $2k on this, still in scope?' before the payment happens - not a fraud alert after. The authorization layer is a separate infrastructure problem from the payment protocol.
Jokes about wallet-draining aside, we're already giving our agents a real cash budget that they use for tokens. Our harnesses have mechanisms to manage that spend. And having an easily detectable protocol would allow the harness to ensure that its deterministic code is in play to make these payments - you'd give your payment details to the harness, not to the agent itself.
And as to use cases, if I want quality outputs for automated research and discovery of a topic, in a world where quality journalism/scholarship should be compensated and does use tools like Cloudflare to block automated access, and where AI-generated content is everywhere, it's optimal for me to want to spend some amount of the money I spend on tokens, on the ability for my agent to access reputable primary and secondary sources as needed.
The challenge, of course, is that now there's an incentive for a spam source to try to get my agent to pay it, rather than the actual creator of the content. But there are interesting ways to solve this, because with these payment rails there's now an incentive for alliances of content creators to maintain indices of reputable sources and their canonical domains - perhaps even authoritative hashes of content. Lots of possibilities here.
I feel like the word "protocol", is just abused like it is a glorified marketing term. Kind of like how the word "hacker" was abused in everything else that had nothing to do with hacking.
MCP was just a glorified way of tool calling but generated so much hype (and it eventually died down). Now we have MPP. Which again - could have just been another tool call exposed to the agent.
Imagine you hire someone who claimed to have invented a new protocol and you're thinking of something like TCP or UDP, but all they share is just a markdown file.
"protocol" is just an agreement to communicate in a standardized way. this is a protocol. a tool call exposed to the agent is a protocol - the act of "exposing it to the agent" means you're defining a protocol.
there's nothing wrong with calling this a protocol. the problem is in hyping it up as though every protocol is going to be world-changing on the level of TCP.
I mean, I have had people unironically declare they had written compilers or exploits, which were actually just javascript or golang wrappers around the real payload, or all of the irrelevant lexer/parser/typechecker/optimizer/assembler bits.. I'm sure they were just as trivial, especially today with LLMs..
The more industrial activity and investment I see in “payments” and ecommerce, is to me a signal of a hollow society that has ceased creating real value. We have more to contribute than materialism, skimming off of electronic transactions, entertainment etc.
"Creates a direct connection between your wallet and our bank account!"
Note the absence of invoices, bills of lading, and receipts,
all the things you need when a vendor doesn't deliver.
All it does is send money, one-way. So it's useless in a B2B context.
61 comments
[ 2.9 ms ] story [ 92.4 ms ] threadA well thought out proposal for the long term, unlike MCP which is a complete joke of a "standard" and broken by design.
[0] https://paymentauth.org/
[1] https://datatracker.ietf.org/doc/draft-ryan-httpauth-payment...
And as to use cases, if I want quality outputs for automated research and discovery of a topic, in a world where quality journalism/scholarship should be compensated and does use tools like Cloudflare to block automated access, and where AI-generated content is everywhere, it's optimal for me to want to spend some amount of the money I spend on tokens, on the ability for my agent to access reputable primary and secondary sources as needed.
The challenge, of course, is that now there's an incentive for a spam source to try to get my agent to pay it, rather than the actual creator of the content. But there are interesting ways to solve this, because with these payment rails there's now an incentive for alliances of content creators to maintain indices of reputable sources and their canonical domains - perhaps even authoritative hashes of content. Lots of possibilities here.
Is this an attempt to get multiple payment processors to adopt the same Payments API so that agents fail less often?
MCP was just a glorified way of tool calling but generated so much hype (and it eventually died down). Now we have MPP. Which again - could have just been another tool call exposed to the agent.
Imagine you hire someone who claimed to have invented a new protocol and you're thinking of something like TCP or UDP, but all they share is just a markdown file.
there's nothing wrong with calling this a protocol. the problem is in hyping it up as though every protocol is going to be world-changing on the level of TCP.
Really, they _need_ it. How can we possibly live without computers spending money without supervision?
Note the absence of invoices, bills of lading, and receipts, all the things you need when a vendor doesn't deliver. All it does is send money, one-way. So it's useless in a B2B context.