Sam Altman’s World today rolled out a developer toolkit aimed at one of the internet’s next trust problems: how websites can tell whether an AI agent is acting for a real person or as part of a bot swarm.
The company said its new AgentKit beta lets developers attach a cryptographic proof of a unique human to an AI agent. It enables websites to distinguish “human-backed” agents from automated traffic. The product plugs into x402, the HTTP-based payments standard launched by Coinbase in May 2025 and later backed by a joint x402 Foundation effort with Cloudflare.
The launch arrives as merchants and platforms brace for a sharp rise in autonomous software making decisions and purchases online.
According a McKinsey study, agentic commerce could represent $3 trillion to $5 trillion in global consumer commerce by 2030. Another study by Bain estimates AI agents could drive 15% to 25% of U.S. e-commerce sales by the end of the decade.
That growth is creating a new infrastructure problem. Most websites still treat automated traffic as suspicious by default, a posture shaped by years of scraping, spam and denial-of-service attacks. World’s pitch is that the next wave of automation will include legitimate assistants acting for real consumers, and that the web needs a way to admit those agents without opening the door to swarms controlled by a single actor.
How does it work? According to the details shared by the company, a verified World ID holder registers an agent wallet through an onchain registry called AgentBook. When that agent hits a website that supports x402, the site can ask for payment, proof of unique human backing, or both. If the proof checks out, the site can grant access, apply a discount or offer a limited free-trial allocation tied to the underlying person rather than to each individual bot or wallet. World’s developer docs say usage counters can be tracked per human per endpoint, meaning multiple agents tied to one person would share the same allowance.
The above image illustrates the idea in simple terms. An agent arrives at a site using AgentKit, the site checks the agent’s registration through AgentBook, and then routes the request based on the result. Human-backed agents can be granted access or discounts, while unregistered agents can be limited or denied. That design matters because the distinction World is trying to introduce is not whether software is automated, but whether that automation can be traced back cryptographically to a unique human without revealing that person’s identity.
“Payments are the ‘how’ of agentic commerce, but identity is the ‘who,’” Erik Reppel, head of engineering at Coinbase Developer Platform and founder of x402, said in a statement shared with AlexaBlockchain.
“By integrating World ID with the x402 protocol, developers now have a complete trust stack: a way for agents to pay for what they need and a way for platforms to verify there is a real human behind the wallet,” Erik added.
This aligns with Coinbase’s own positioning of x402 as a way for APIs, apps and AI agents to make stablecoin payments directly over HTTP.
The move is notable partly because x402 by itself was designed around payment as access control. Coinbase said when it introduced the protocol that it enables stablecoin payments directly over HTTP using the long-unused “402 Payment Required” status code, allowing agents and services to pay programmatically for data, APIs and software. Cloudflare also describes x402 as a standard for charging and paying for resources without accounts, sessions or API keys.
But micropayments do not solve every abuse problem. A malicious actor with enough economic incentive can still spin up thousands of agents and pay a few cents per request if the payoff is large enough. In that sense, World’s add-on is less about payments than about Sybil resistance — the ability to know how many distinct humans are behind a cluster of software agents. That distinction becomes critical in use cases like ticketing, restaurant reservations, promo claims, limited free trials and ranking systems, where one person operating 1,000 bots is very different from 1,000 people each using one bot.
The timing also reflects how quickly the broader agentic-commerce stack is forming. Since 2025, Coinbase has pushed x402 and adjacent tooling for autonomous wallets and payments, while Cloudflare has added x402 support to its agents tooling.
Google, meanwhile, introduced the Universal Commerce Protocol earlier this year as an open standard for agentic commerce and said it is compatible with the Agent Payments Protocol, or AP2, for agentic payments support. Google’s cloud team has described AP2 as a protocol combining programmable payments with A2A and MCP-style interoperability for AI agents.
That means World’s launch is a sign that identity is joining payments and messaging as a core layer of the agent web. If x402 and AP2 are trying to answer how software agents pay, World is trying to answer who those agents represent.
There is precedent for the idea, though not at this scale or with the same architecture. BrightID, for example, has long offered a privacy-focused “proof of uniqueness” system intended to help applications enforce one-person-one-account access without relying on conventional identity documents. Academic and industry work on “personhood credentials” has also argued for privacy-preserving systems that let users prove they are real people without disclosing broader personal information.
World itself has been moving in this direction for more than a year. In January 2025, the company published material on AI agents and proof of human. World executives saw delegated proof-of-personhood for agents as a logical next step for the network. More recently, World has framed proof of human as increasingly necessary in an internet where AI agents and bots are taking over more traffic and interactions.
World network now spans more than 160 countries and counts more than 16 million verified humans. That installed base gives World a potentially meaningful distribution advantage if developers decide they need a reusable proof-of-human layer for AI agents.
Even so, World enters the market with baggage. Since launch, the project formerly known as Worldcoin has drawn scrutiny from privacy regulators over its biometric verification model. In 2024, Spain temporarily banned Worldcoin’s iris-scanning operations, Portugal ordered a halt to data collection, and Hong Kong directed the company to cease operations over privacy concerns. Spain’s data watchdog later ordered deletion of iris scan data collected since the service launched.
The commercial case for the product is easier to see. Platforms want to let useful agents in, but not at the cost of losing control over abuse, inventory or ranking integrity. The tension is no longer theoretical. In a recent devlopment, California federal judge temporarily blocked Perplexity AI’s shopping agent from accessing Amazon, with Amazon arguing the agent unlawfully accessed customer accounts and disguised automated activity as human browsing. This dispute shows the broader legal and commercial fight over how autonomous software should interact with websites.
In that context, World’s AgentKit may appeal less as a crypto feature than as a traffic-governance tool. A merchant could allow an AI assistant to book a table, buy a ticket or test an API, while still enforcing one-person limits. A publisher or discovery platform could accept agent-driven submissions or ranking signals while reducing the risk of one actor flooding the system. A telecom or authentication service could tie scarce resources, such as temporary numbers or free verification attempts, to a unique person rather than to an unlimited number of bots. Those are practical controls that payments alone do not provide.
There is one additional wrinkle: naming. Coinbase already has its own product called AgentKit, a separate framework introduced in 2024 to help developers build onchain AI agents. World’s Agent Kit beta is a different product entirely, even though it integrates with Coinbase’s x402 ecosystem.
Why the launch matters? The industry has spent the past year building rails for agents to talk, pay and transact. What has been missing is a broadly reusable way to express that an agent represents a single human without forcing that person to expose their full identity. If agentic commerce is going to move from demos to scaled consumer and enterprise use, that gap will need to be closed. World is betting that proof of unique human becomes one of the core primitives for doing it.
The article “Can Websites Trust AI Agents? Sam Altman’s World Thinks AgentKit Is the Answer” was first published on AlexaBlockchain. Read the complete article here: https://alexablockchain.com/World-Introduces-AgentKit-Beta/
Read Also: MoneyGram, Pairpoint and eToro Back Midnight’s Privacy Blockchain Before Mainnet
Disclaimer: The information provided on AlexaBlockchain is for informational purposes only and does not constitute financial advice. Read complete disclaimer here.
Image Credits: World, Shutterstock, Canva, Wiki Commons
