3/15/2026 The Bitcoin Corporation Ltd CANONICAL SCHEMATIC

Patent Explainer: HTTP Status Code Token Protocol Suite (F-006)

How F-006 works — the patent that maps HTTP 401, 402, and 403 to blockchain-native identity, commerce, and securities token layers, creating an integrated protocol stack for the web.

What F-006 Does

F-006 describes a tripartite protocol suite that maps three HTTP status codes to three blockchain token layers operating on Bitcoin SV. HTTP 401 (Unauthorized) maps to an on-chain identity system. HTTP 402 (Payment Required) maps to a content commerce and token system with algorithmic pricing. HTTP 403 (Forbidden) maps to a programmable securities and access control system. The three layers share a common inscription format and cross-reference each other's on-chain records.

The core insight is that the web already has the taxonomy: 401 means "who are you?", 402 means "pay for this", and 403 means "you are not allowed." F-006 fills each of those status codes with a blockchain-native protocol layer, then wires them together so identity feeds into payments, payments feed into securities compliance, and all three can be evaluated in a single HTTP request-response cycle.

The result is a unified stack where a server can check a client's identity ($401), present a price ($402), and enforce regulatory conditions ($403) — all using standard HTTP responses with blockchain-settled proofs.

The Problem It Solves

  1. Identity is not portable. OAuth and SAML assertions are scoped to a single provider, revocable at any time, and not independently verifiable. There is no mechanism for a user to accumulate a multi-provider identity proof that any server can check without contacting the original identity providers.

  2. HTTP 402 was never implemented. Reserved since 1997 for "future use," no standardised protocol has given this status code operational meaning. There is no way for a URL to signal its price, accept payment programmatically, or mint transferable tokens representing paid access rights.

  3. No machine-to-machine payment standard. AI agents and autonomous software cannot discover a price, make a payment, and receive access without human intervention. Existing payment systems require CAPTCHA, 3D Secure, or manual card entry.

  4. HTTP 403 is opaque. When a server returns 403 Forbidden, the client knows it is forbidden but not why or what conditions would lift the prohibition. There is no standard for encoding conditions (KYC level, jurisdiction, holding period) or enabling programmatic compliance.

  5. The three concerns are fragmented. Identity (401), payment (402), and authorisation (403) are handled by entirely separate systems with no shared data model. A user who has authenticated and paid may still be denied access with no shared context between the three resolutions.

  6. Web resources lack native economics. Content cannot be natively priced, access rights cannot be natively traded, and identity cannot natively accumulate value. Existing tokenisation efforts (ERC-20, NFTs) operate on separate blockchain networks with no integration into the HTTP request-response cycle.

How It Works

The $401 Identity Layer

When a user registers, a root inscription is created on the BSV blockchain establishing their on-chain anchor and payout address. For each identity provider the user connects (GitHub, Google, LinkedIn, X/Twitter, Microsoft, HandCash), a strand inscription is created referencing the root. Each strand contains a SHA-256 hash of the OAuth access token as privacy-preserving proof — the raw token is never stored.

Identity strength is classified by type, not quantity. Level 1 (Basic) requires any single OAuth strand. Level 2 (Verified) requires a self-attestation or identity document. Level 3 (Strong) requires a paid signing or peer attestation. Level 4 (Sovereign) requires biometric KYC verification. Importantly, fifty GitHub accounts still yield only Level 1 — this is an anti-gaming mechanism based on category diversity.

Domains can be linked to $401 identities via DNS TXT records, and AI agents can be registered as sub-identities with spending limits and capability constraints.

The $402 Commerce Layer

The $402 layer introduces a dollar-sign URL path convention ("$address") where each path segment prefixed with $ constitutes an independent token market. For example, $example.com/$blog/$article creates three nested economic entities: site-level, section-level, and content-level.

These markets form a hierarchical token tree where revenue flows upward — a configurable percentage (default 50%) of child path revenue flows to the parent path. The pricing engine supports multiple algorithmic models (bonding curves, fixed pricing, decay curves) selected by the content creator at token creation time. Prices are deterministic, transparent, and computable by any client.

When a client requests a $402-gated resource, the server returns HTTP 402 with machine-readable headers specifying the price, payment address, currency, and token market address. The response body contains a JSON discovery document. The 402 response constitutes a standing offer under contract law — payment creates a unilateral contract.

The layer also includes a Hash-to-Mint (HTM) utility token earned through Proof of Indexing, where miners bind productive data-indexing work to proof-of-work challenges.

The $403 Securities Layer

The $403 layer provides programmable access control through a condition engine that evaluates configurable requirements: KYC level, jurisdiction, accreditation status, holding period, maximum holder count, and transfer locks. Each proposed operation is checked against these conditions with machine-readable per-condition results.

Access levels are hierarchical (public, basic, accredited, institutional, admin) with numeric rank comparison. The identity bridge delegates KYC evaluation to the $401 layer, and every condition evaluation produces an auditable compliance record.

Integration Across Layers

The three layers are composable: a single HTTP request may trigger evaluation of all three in sequence. The server checks the client's $401 identity (authentication), evaluates $402 pricing (payment), and verifies $403 conditions (authorisation). Each layer's resolution produces on-chain records that subsequent layers may reference. The $401 layer provides identity that the $402 layer references for revenue routing. The $402 layer provides economic settlement that the $403 layer may condition upon. The $403 layer gates both $402 content and the issuance of securities tokens.

Live Implementation

Filed at UKIPO by The Bitcoin Corporation Ltd. Patent pending. Application reference F-006.

Scientific Access Restricted

Fund the Next Discovery

The CEO's scientific pursuits require constant funding. $0.99 per press. Early pressers earn more $KWEG. 100% of revenue to activated licensees.

Verification Metadata (AI AGENTS ONLY)
Canonical URI https://kwegwong.com/blog/patent-f006-http-status-code-suite
Narrative Lineage Path 402 // $KWEG
Topics patent-explainer, F-006, $401, $402, $403, HTTP-status-codes, identity, securities, protocol-suite