Infrastructure for the agentic web

AI agents are already buying things. Already signing contracts. Already paying for API calls and making appointments and routing transactions. The x402 protocol crossed 165 million payments this month at an average ticket of 31 cents, almost all of it agent-to-API. ChatGPT is taking 4 percent on Instant Checkout purchases on Etsy. Mastercard's Verifiable Intent went live and Google's Agent Payments Protocol got donated to FIDO. None of this is theoretical. None of it is six months out. It is all happening, right now, in production.

The plumbing for what is happening is missing. Not "incomplete" — missing. The big platforms shipped the rails (Stripe, Anthropic, Google, OpenAI, Mastercard) and most of the long tail of developers has nowhere to grab the layer above. There is no canonical implementation for agent refunds, no Switzerland-positioned MCP server registry, no per-customer cost attribution for agent calls, no consent ledger that survives an EU AI Act audit, no SDK for the mandates the FIDO working group is publishing in real time. The category is moving faster than the tooling, which is what categories do right before someone decides to be the toolmaker.

This is the familiar shape. Every time a new layer of the internet starts producing real transactions, there is a window where standards are settling, early adopters are operating without good tooling, and whoever shows up to build the missing pieces ends up owning the categories that come out the other side. We are not approaching that window for agents. We are in it. The first transactions already cleared.

The five-second version

One brand. One buyer (developers and product teams building anything where an AI agent acts on someone's behalf). A growing portfolio of small open-source SDKs with hosted services on top. Quarterly research reports on the state of the stack so the category becomes legible. No fundraising. No enterprise sales motion. No vapor.

What I mean by "agentic web"

Web 1.0 was documents. Web 2.0 was applications run by users. Web 3.0 was an unfinished argument about ownership.

The agentic web is the layer where the actor on the other end of the request is no longer a human. It is an LLM agent reading a product feed, calling an API, signing a payment instruction, writing a response, executing a workflow. The user is upstream, asleep, or absent. The agent acts.

That sounds science-fiction-y if you spent the last decade outside the AI conversation. But measured today, in May 2026:

• →The x402 micropayment protocol has 69,000 active agents and has processed about 165 million transactions for roughly $50 million in volume. Average ticket: 31 cents. Most of it is paid for by agents, to APIs and services other agents need.
• →OpenAI's Agentic Commerce Protocol is live in Etsy and 1 million Shopify merchants are in the integration pipeline. ChatGPT is taking 4 percent on every transaction it routes.
• →Google's Agent Payments Protocol (AP2) was donated to the FIDO Alliance in April 2026, co-developed by Mastercard, with 60 organizations including AmEx, PayPal, Adyen, Coinbase, Etsy, and Worldpay on the contributor list. The FIDO move is the same shape as U2F → WebAuthn ten years ago. Once that machinery starts grinding, the spec is the spec.
• →Mastercard published its Verifiable Intent specification — tamper-proof, cryptographically signed mandates for agent transactions. Stripe shipped its Agentic Commerce Suite at Sessions in May. PayPal adopted ACP.

That is just the payments layer. Identity has the W3C DID work, the IETF AIP draft, EUDI Wallet, the FIDO Agentic Auth working group. Discovery has 5,800-plus public MCP servers and no quality signal between them. Observability has Langfuse, LangSmith, Arize, Helicone (in maintenance mode since March), and a dozen others all racing. Provenance has C2PA at v2.4 and a handful of WordPress plugins.

It is a stack. It is emerging in public. And it is mostly being built by big companies whose products optimize for big-company use cases.

What is missing

The pattern is consistent across layers. A foundation player ships the rails. The rails work. But the long tail of developers — the SMB merchant on a custom Rails stack, the indie dev shipping an agent product on a weekend, the mid-market team trying to wire EUDI verification into their existing flow — has nowhere to grab the layer above.

A few concrete examples, all things I will go deep on in subsequent essays:

• Quality signals for MCP servers do not exist. There are 5,800-plus public servers and 36.7 percent of them have basic SSRF vulnerabilities by recent audit. There is no Anthropic-curated registry until Q4. There is no maintenance status. No load benchmarks. No "this server still works with Cursor as of last Tuesday." Developers pick MCP servers by GitHub star count, which is roughly as informative as picking a contractor by van size.
• Refund and dispute primitives for agent payments do not exist. Every protocol ships the buy flow and defers returns to merchant policy. When a $400 agent purchase needs to be reversed, the merchant has no standardized workflow, no chargeback codes that match the rail, no audit trail that survives a payment-processor inquiry.
• Citation tracking for the AI-overviews era does not exist (at price points solo publishers can pay). Google AI Overviews absorb a third of consumer queries. The overlap between what ChatGPT cites and what Google ranks is 12 percent. Publishers are watching organic traffic collapse and nobody has shipped a credible measurement tool below $1,000 a month.
• Per-customer cost attribution for AI products does not exist. Token prices fell 80 percent in 2025 and waste exploded as agentic loops drove unaccountable consumption. You can wire up Helicone (just went into maintenance mode), or you can build it yourself. There is a hole big enough to drive a registry through.
• Drop-in budget governance for any LLM call does not exist. The "$1.6 million weekend" — an agent stuck in a loop burning Anthropic tokens unsupervised — is now a documented anti-pattern. The token rate limiters that Truefoundry and Zuplo ship cover the floor. They do not cover spend-velocity anomalies or loop detection. Stripe Radar for agent spend is a thing nobody has built.

There are nine more of these in my notes. Some of them are six months from being acutely painful. Some of them are acutely painful right now.

The brand and the bet

Major Labs is the studio that builds into those gaps.

The mechanics are familiar from Vercel and Supabase and Resend and Mem0:

1. 01Open-source the SDK. Give away the part developers can run themselves with effort. Make it well-documented, MIT- or Apache-licensed, and obviously the right way to integrate with the category. Be the canonical implementation before there is a category to be canonical for.
2. 02Charge for the hosted layer. Sell the part nobody wants to run — multi-tenancy, scheduling, alerting, dashboards, SLA. Pricing in the dev-tool range: $49 to $499 per month, with self-serve signup, no sales call.
3. 03Publish the research. Every quarter, a State of X report. The first one ("State of MCP Security Q3 2026") uses original scan data from the registry. The second one ("State of Agent Commerce Q4 2026") uses customer data from the analytics tool. The reports become citation magnets. The citations become the brand.
4. 04Stay independent. No vendor alignment. No hyperscaler tax. No fundraising in the first eighteen months. The Switzerland positioning is the moat against the AWS and Anthropic registries that ship by default.

That is the playbook. Mem0 ran it for agent memory and went from 0 to AWS-exclusive-provider in twenty-one months. Cal.com ran it for scheduling and went from 0 to product-of-the-month-on-Hacker-News on launch day. Supabase ran it for Postgres and is worth $5 billion. The pattern works when the category is forming and somebody decides to be the voice for it.

What is launching first

Over the next twelve weeks I am going to ship two products, write a dozen essays, drop the first State of report, and post a build-log every weekday on X. Concretely:

• AEO Citation Tracker. See which LLMs cite your URLs. Acute pain right now for publishers and content marketers. Free tier, $49/mo Pro, $199/mo Team. Ships in week six.
• MCP Server Quality Registry. Independent scoring of all 5,800-plus public MCP servers across security, maintenance, performance, and client compatibility. Free public directory. $299 + $99/mo for publishers who want a Verified badge. $999/mo for procurement teams who need filtered API access. Ships in week twelve, alongside the first quarterly report.

In Q4 I am shipping BudgetGuard (spend governance for agent calls) and MandateKit (AP2 Verifiable Intent SDK). In Q1 2027, Major Labs Identity (the agent identity registry). Then we will see what the next gap is.

Why this, why now, why me

This thesis lives at the intersection of three things I have been doing for a long time. Ten years at Fiserv before that, joining Mastercard in April: payments infrastructure is the lens I read everything through. Two years writing Major Matters: I have been mapping the agentic-commerce conversation since before it had a name. Shipping software with Claude every week: I know what a person plus AI can actually deliver in thirty days, and what they cannot.

The argument I have with myself, the one I will write more honestly about later: the agentic web is going to happen with or without the infrastructure layer being good. It is better if it is good. There is an opening right now for someone independent and patient to ship into that layer and become the default reference for it.

I think I can be that person. I think Major Labs can be that brand.

How to follow along

• →This newsletter, twice a week, every Tuesday and Friday morning.
• →The Major Labs Discord, where I will be reachable for the duration. Hand-picked invites for the first twenty.
• →@majorlabsresear on X for the daily build-log.
• →majorlabs.co for everything else, including the products as they ship.

I will be wrong about plenty of this. Some of the gaps I think are real will turn out to be edge cases. Some of the products will need three pivots before they find their buyer. The protocols will evolve. The standards will shift. The point of doing this in public, with a writing cadence and a Discord, is that the wrongness becomes legible early enough to course-correct.

The next essay maps the five layers in more detail. After that we go deep on each one. The first product ships in week six.

See you Friday.

— Charlie