Every payment you make is a choice. Which rails. Which intermediary. How much visibility you keep.
You may have thought carefully about this. Most people haven’t.
Now you’re delegating that choice to an agent.
HTTP 402 — “Payment Required” — was reserved in the early web’s protocol stack, waiting for digital money to arrive. It waited thirty years. AI agents are filling it now. There are already 15,000 paid API endpoints built for agents to discover and transact with. Three competing protocols fighting for the rail. The agents are already paying.
The question isn’t which protocol wins. The question is: who authorized the agent?
When you pay, you consent. When an agent pays on your behalf, the consent is buried in configuration files and developer defaults. You approved the agent. You did not approve every payment it makes.
Sovereignty isn’t just about choosing the right rails. It’s about knowing what runs on them — and who decides that when you’re not watching.
The defaults are being set right now. Ask the question before someone else answers it for you.