The Unit of Value Moved. The Cost Model Didn’t.

The transaction layer is shipping. The contract layer is still being designed.

--

Stripe Sessions opened this week at Moscone West in San Francisco. Agentic commerce, stablecoin settlement, AI-native checkout design, the next wave of revenue models. The main stage covers what agents can do. The harder question is what agents cost to operate, who absorbs that cost, and who shapes the contracts that do not exist yet.

The free web was never free.

Press enter or click to view image in full size

You Already Paid for the Free Web. With Your Identity.

The internet you used for twenty years was priced in PII.

Every search, every click, every product page you browsed, every ad you scrolled past was a transaction. You didn’t pay in dollars. You paid in behavioral data, location signals, purchase intent, household income inference, and identity fragments that were aggregated, sold, resold, and used to fund the infrastructure you thought you were getting for nothing. Most people never understood the size of that exchange. The platforms understood it precisely.

That model is being re-priced.

Agents do not consume ads the way humans do. They do not reliably generate impressions, dwell time, or behavioral exhaust in the formats the current ad economy was built to monetize. An agent executing a purchase goes straight to structured data, matches against constraints, and transacts. The attention economy was built on the assumption that humans browse and can be influenced while browsing. It has less grip on a buyer that does not browse.

Gartner’s April 2026 forecast puts worldwide IT spending at $6.31 trillion this year, up 13.5%, with data center systems alone growing 55.8%. That is the infrastructure side of the shift: AI demand is showing up as capital and operating cost, not as another ad-supported abstraction. Bryan Catanzaro, Nvidia’s VP of applied deep learning, told Axios: “For my team, the cost of compute is far beyond the costs of the employees.” According to reporting from The Information, Uber’s CTO Praveen Neppalli Naga said his company’s full 2026 AI budget was “blown away already” by April, four months into the fiscal year, driven by token costs from Claude Code adoption across 84% of Uber’s engineering org, with monthly per-engineer API costs running between $500 and $2,000. The cost structure that was hidden inside surveillance capitalism is now visible on the invoice, and it is large.

The free web subsidy is weakening. It is not disappearing cleanly. The replacement model is being rebuilt around access, structured data, attribution, and machine-mediated transaction fees. The direction is clear: someone is going to pay per action, per token, per inference, per transaction. The question is who, how much, and whether they can see what they are paying for.

A Seat Has One Cost. An Agent Action Has Five.

When you buy a SaaS seat, the pricing model is legible. One user, one monthly fee. The user may do very little or a great deal. The pricing does not track the activity. You carry the slack.

Outcome-adjacent pricing claims to fix that. You pay per outcome, per completion, per agent task. No slack. No waste. Salesforce’s Agentforce now offers Flex Credits: $500 per 100,000 credits, with common Agentforce actions metered through that pool. That sits alongside existing seat licenses, while $2 per-conversation pricing remains available as a separate model. You cannot run both in the same org. The seat is not gone. It is under pressure, and the new pricing layers expose something the seat model smoothed over: what work actually costs. Each action is metered individually. Each action is also one line in a workflow that may have twenty more lines you did not see before you signed.

The problem is that an agent action is not a single event. It is a sequence of hops across systems, each consuming tokens, making API calls, calling downstream agents, waiting for responses, processing failures, and retrying. A procurement agent routing a purchase request through an approval workflow might touch an identity system, a budget verification system, a vendor catalog, a contract repository, and a payment execution layer before anything settles. Five hops. Five systems. Five authorization checks. Token consumption at every step.

This is not theoretical. OpenAI’s Agents SDK traces execution at the span level: LLM generation spans, tool call spans, function spans, guardrail spans, handoff spans. Each is a discrete cost event inside a single “completed task.” Anthropic’s engineering guidance is explicit that growing tool inventories push token costs before the model starts the real work, and that intermediate results passed through context windows can add tens of thousands of tokens per loop. AWS documentation adds the same warning: tool parameters, tool-use blocks, tool-result blocks, and system prompts for tool use all increment the meter.

If the vendor prices on the completed outcome, the five hops are invisible in the invoice. But they are not invisible in the cost structure. Bain is direct about what this creates: outcome-based pricing without trace transparency transfers architecture risk to the buyer. You pay for whatever orchestration the vendor happened to build. Sometimes that is fair. Sometimes it is architecture debt wrapped in clean pricing.

The customers who understand the hop count before signing an outcome-adjacent contract are the ones who can negotiate terms that reflect actual cost. The ones who sign on the outcome framing without reading the hop count will discover the economics in the invoice.

The Free Picture Is About to Cost a Penny

Thirty years ago, content on the web was free because it was subsidized by your attention, which was monetized by advertising, which was made possible by the scale of your behavioral data being harvested without explicit consent or compensation. Photographers, writers, musicians, and researchers uploaded their work into a system that paid them in exposure and paid itself in surveillance.

Agents break that supply chain on both ends.

Agents do not reliably generate the impressions, clicks, or dwell time the current ad model was built to monetize. Sponsored placement, preferred merchant feeds, and ranking auctions will adapt. The ad model will not vanish. It will be recompiled into agent ranking, attribution agreements, and preferred fulfillment paths. The point is not that influence disappears. The point is that the meter changes. But the transition creates a gap. The working thesis: the old monetization surface is shrinking faster than the new one is being built. On the production side, AI systems are already consuming creator content as training data, retrieval context, or inference-time input, which means original creators often supply economic inputs to AI systems without clear authorization, attribution, compensation, or recourse.

One likely pressure valve is real-time micropayments at the action layer. Not a subscription. Not a license. A payment at the moment of use, for the specific use, settled instantly.

x402 is one credible start. HTTP 402 was a status code reserved for “Payment Required” and never implemented. Coinbase revived it as an open protocol for programmatic, chain-agnostic micropayments. An agent hits an endpoint, gets a 402 response, pays the micro-fee with a signed payment payload, and gets access. No human in the loop. No invoice. Payment as a function call. Stripe now documents x402 for machine-to-machine payments, including per-use charges as low as 0.01 USDC, which means it is crossing from crypto-native experimentation into mainstream payment infrastructure.

But x402 solves the request-payment loop. It does not yet solve the full commercial lifecycle: subscriptions, disputes, corrections, delegated refunds, multi-party settlement, and authorization state across hops.

Real commerce is bidirectional. Merchants need to issue refunds. Subscriptions need to be managed. Disputes need to be raised. What comes after x402 is not one protocol. It is a commercial lifecycle layer: low-cost settlement, refund paths, subscription state, dispute handling, multi-party reconciliation, and authorization context that survives multiple hops. Stablecoin rails may handle some merchant settlement flows. Payment-channel models may fit high-frequency per-call API access. Card-token models will persist where chargebacks, fraud tooling, and enterprise finance controls matter. The winning protocol matters. But the design direction is already visible: value is moving to the action layer, and settlement has to follow it. What does not yet exist are the commercial contracts, the merchant tooling, the dispute resolution mechanisms, and the identity layer that tells every party in the transaction who authorized the original payment and under what scope.

You cannot hand a credit card to an agent and call this solved. What you need is a scoped, revocable, delegatable payment credential that works in both directions, with an expiry, a defined refund path, and an audit trail that survives multiple hops.

Discovery Does Not Survive This Transition Intact

Adobe reported that AI-originated traffic to U.S. retail sites grew 393% year over year in Q1 2026. AI traffic converted 42% better than non-AI traffic in March 2026. At the same time, Adobe found that retail product pages averaged a machine-readability visibility score of 66 out of 100.

393% traffic growth. 66 out of 100 on machine-readability. That gap is the merchant problem.

Agents doing the buying do not browse. They query structured data, match against constraints, rank options against criteria the human set when configuring the agent’s preferences, and execute. What signals the agent reads, how it weights them, and which data structures it can actually access determine which merchants are visible at all.

OpenAI’s Agentic Commerce Protocol is the connective layer between merchants and shoppers in ChatGPT, designed to ingest structured catalog data and surface relevant products in context. The merchant guidance is explicit: richer product feeds improve placement, accuracy, and freshness. OpenAI’s current merchant guidance says it is moving away from standalone Instant Checkout and prioritizing product discovery with merchant-owned checkout experiences. The discovery layer is becoming more important. The single-point-of-transaction model is not where this is heading.

The long-tail merchant argument is this: businesses that built customer relationships on human browsing behavior, visual merchandising, brand storytelling, and the slow accumulation of search ranking are facing a reset they did not see coming. None of those advantages transfer cleanly to an agent-mediated environment because agents do not respond to the things those advantages were built to influence.

This is not a total reset overnight. Existing merchant sites still matter. What is changing is the gatekeeper. Machine-readable commerce data is becoming a new required layer on top of the web. The requirement is not only SEO. It is supplier qualification for an enterprise procurement system. Structured pricing. Current inventory signals. Capability descriptions that match the schema the major agent runtimes index. The merchants who treat it as infrastructure work will arrive with competitive positions intact. The ones who wait will find the abstraction answers the discoverability question in ways that do not favor them.

Authority Is the Commerce Layer Nobody Priced

On April 28, the day before Stripe Sessions opened, the FIDO Alliance announced new workstreams for trusted AI agent interactions. The release framed the problem directly: how users securely delegate actions to agents, how boundaries are established between user-initiated and agent-initiated actions, and how agent-initiated commerce can rely on secure delegation and verifiable authorization. FIDO’s own framing is explicit that today’s authentication and authorization models were built for direct human interaction, not delegated agent-initiated actions.

A major industry standards body is only now formalizing these mechanisms. The transaction layer is shipping. The authority layer is still being designed.

When an agent executes a purchase, someone authorized it to act. That authorization has a scope. A duration. An inheritance structure: if the agent calls a sub-agent to handle logistics, what portion of the original authorization transfers? These are not edge cases. They are the operating conditions of every agentic commerce transaction.

The current protocol work addresses parts of this. Google’s AP2 formalizes Checkout Mandates and Payment Mandates with cryptographic proof of possession and signed receipts. Stripe’s shared payment tokens can be seller-specific, amount-bounded, time-bounded, and revoked. Universal Commerce Protocol includes OAuth 2.0 identity linking so platforms can act on behalf of buyers. The infrastructure is being built.

What none of the current protocols fully solves is the multi-hop inheritance problem. Tracing authorization scope across an orchestrating agent, its sub-agents, and the downstream tools they invoke, in a way that is interoperable and inspectable by every counterparty in the chain. That gap is where the authority problem lives.

The blast radius of a mis-scoped agent does not look like a breach. It looks like unexpected spend, vendor relationships the company did not intend to establish, commitments made in the company’s name by an agent that technically had the access to make them. The harm is economic and contractual, and it accumulates quietly.

The Five Questions the Commerce Stack Cannot Answer Yet

Who authorized this action? Not who has access. Who specifically delegated the authority to act in this context, at this time, for this purpose.

What scope did that authorization carry? The agent might be authorized to purchase office supplies. Was that scoped to consumables under a certain amount, or to anything the agent classified as an office supply?

When does the authorization expire? Token budgets have expiration mechanics. Authorization scopes often do not. An agent authorized to execute a vendor relationship in Q1 may still carry that authorization in Q3 if nobody revoked it.

What can be revoked, and how fast? A payment mandate can be cancelled before settlement in some implementations. An authorization that has already produced commitments, contracts, or vendor relationships cannot be cancelled the way a charge can be disputed.

Who is accountable when the chain breaks? If an orchestrating agent calls sub-agents that call tools that make purchases outside the intended scope, the accountability question is not answered by the transaction record. It requires tracing the delegation chain back to where it deviated.

The mandate and token systems address versions of the first two at the moment of transaction execution. The rest are gaps. Gaps that determine who absorbs the cost when the chain breaks.

What SaaS Vendors Should Do Before the Standards Settle

The protocols are not finished. x402 solves the request-payment loop but not the full commercial lifecycle. AP2 and ACP address important pieces of transaction intent and merchant connectivity but leave multi-hop delegation inheritance unresolved. The FIDO Alliance agent authorization workstreams are active now. The standards are being written while products are already shipping. The vendors who show up in those rooms will have a durable advantage over the ones who wait to implement whatever ships.

The action is not “wait for the spec.” The action is to build toward the primitives that are clearly going to matter regardless of which protocol wins.

Instrument execution traces. Every agent workflow should emit span-level telemetry: what called what, in what order, at what token cost, with what outcome, and after how many retries. Not for billing today. For when your customer asks why their token budget is gone in three days.

Define billable actions before pricing them. “Per outcome” is not a contract. A completed task, a successful API response, a human-approved decision node, a failed retry, and an abandoned workflow are different economic events. Write the definition before the customer signs.

Bind scope to credentials. Every agent should carry explicit limits: what it can do, what it cannot do, how long the authority lasts, and how revocation works. This may not be a compliance requirement everywhere yet. It will become a buyer requirement first.

Model bidirectional payment flows now. Simple agent payments are not enough for subscriptions, refunds, disputes, usage overages, or multi-party settlement. Know where your seams are before a customer finds them.

Show up in the standards rooms. FIDO, W3C Verifiable Credentials, the Linux Foundation A2A governance track. These are where the future contract language is being shaped. One person who understands your product’s authorization model and shows up consistently is worth more than a year of watching finished specs and reacting.

The companies that win this transition will not be the ones that merely accept agent payments. They will be the ones that can answer, in real time: what action was authorized, under what scope, at what cost, through which hops, with what revocation path, and with whose accountability.

That is the contract now.

The scope is the new contract. Write yours before someone else writes it for you.

A.J. Jacobi writes on AI infrastructure, governance architecture, and sustainable systems design. She advises on authorization design and agentic commerce architecture. https://substack.com/@globaladventurists