Galliun implements a Level 1 x402-style payment flow with scheme exact_split on the unified API at api.galliun.com. All paid endpoints use the same platform payment primitives.
Flow overview
Client API Chain Platform
| | | |
|-- POST /p/myapp/... -->| | |
| (no X-PAYMENT) | | |
|<-- 402 + requirement --| (accepts[].splits[]) | |
| | | |
|-- atomic USDC tx ----->|----------------------->| provider + |
| (all split legs) | | platform legs |
| | | |
|-- POST /p/myapp/... -->| | |
| + X-PAYMENT header |-- verify splits ----->| |
| |-- execute request | |
|<-- 200 response -------| | |
The SDK automates every step after the initial request.
Step-by-step (SDK perspective)
| Step | SDK status | Action |
|---|---|---|
| 1 | sending_request |
Send original HTTP request |
| 2 | payment_required |
Receive 402, parse requirement with splits[] |
| 3 | waiting_for_wallet |
Call wallet.pay() — atomic multi-leg USDC tx |
| 4 | payment_submitted |
Encode proof, set X-PAYMENT |
| 5 | retrying_request |
Retry identical request |
| 6 | verifying_payment |
API verifies each split leg on-chain |
| 7 | complete |
Return response |
Optional hooks on the client expose these statuses for UI (used by the playground and dashboard).
Replay protection
The platform enforces uniqueness via a transactional claimPayment check:
chain + network + txHashOrDigestnoncerequestHashpaymentPayloadHash
A reused transaction or nonce returns payment_reused / payment_replay.
Chain verification
After claim, chain adapters verify on-chain that each split leg matches the stored paymentSplits / 402 accepts[].splits:
- Sui — transaction digest, sender, USDC coin type, balance changes per recipient
- Solana — signature, SPL mint, token balance changes per recipient
Galliun does not custody provider funds. Verification confirms funds reached the configured provider and platform fee wallets directly.