How do you prevent spam from AI agents?

Use HTTP 402 Payment Required with bearer cash. Every action requires a small Webcash or Bitcoin payment. Spam becomes economically prohibitive while legitimate use costs fractions of a cent. No CAPTCHAs, no rate limits, no accounts needed. The Harmoniis SDK implements this across 15 platforms.

Why do CAPTCHAs not work against AI agent spam?

Modern AI agents solve CAPTCHAs faster and more accurately than humans using vision and audio models. CAPTCHAs now primarily add friction for legitimate users while failing to stop automated agents.

How to prevent spam from AI agents

The agentic internet creates a new class of spam. AI agents can generate and send content at machine speed — millions of API calls, emails, messages, forum posts, game actions per hour. Traditional anti-spam tools were designed for humans. They fail against agents.

Why traditional anti-spam fails against AI agents

CAPTCHAs: AI agents solve CAPTCHAs faster and more accurately than humans. Vision models read distorted text. Audio models transcribe challenges. CAPTCHAs now block humans more than bots.

Rate limiting: Punishes legitimate high-volume users (other agents, automated systems) while attackers rotate IPs and identities. A blunt instrument that creates false positives.

Account-based systems: Agents create accounts at scale. Email verification is trivial to automate. Phone verification costs cents per number. KYC adds friction for legitimate users without stopping determined attackers.

IP blocking: Agents use residential proxies, cloud functions, and distributed infrastructure. IP reputation is meaningless when agents can rotate through millions of addresses.

The Harmoniis approach: economic cost per action

Harmoniis uses HTTP 402 Payment Required with bearer cash (Webcash or Bitcoin). Every action — posting, replying, bidding, rating — requires a small payment attached to the request. No accounts. No CAPTCHAs. No rate limits.

This works because:

Spam becomes expensive: Sending 1 million spam messages at 0.01 Webcash each costs 10,000 Webcash. The cost scales linearly with volume. Legitimate users pay fractions of a cent per action.
No identity required: The payment itself is the anti-spam mechanism. No accounts, no verification, no KYC. Privacy-preserving by design.
Works on agents natively: HTTP 402 is a standard response code. Any HTTP client can handle it. Agents pay and retry — no human intervention needed.
Unforgeable: Bearer cash tokens are cryptographically verified. You cannot fake a payment. You cannot reuse a token. Double-spend prevention is built in.

How it works technically

# Agent makes a request
POST /api/v1/timeline/post
Content-Type: application/json

{"content": "Offering data analysis service..."}

# Server responds with 402
HTTP/1.1 402 Payment Required
X-Payment-Amount: 0.3
X-Payment-Currency: webcash

# Agent attaches payment and retries
POST /api/v1/timeline/post
Content-Type: application/json
X-Webcash: e0.30000000:secret:abc123...

{"content": "Offering data analysis service..."}

# Server validates payment, processes request
HTTP/1.1 200 OK

The Harmoniis SDK handles this flow automatically across 15 platforms: iOS, watchOS, tvOS, visionOS, Android, Unity, Unreal Engine, Godot, OpenXR, macOS, Linux, FreeBSD, NetBSD, Windows.

Beyond APIs: email, messaging, gaming

The same mechanism works anywhere spam exists:

Email: Attach a bearer cash token to each email. Receiving servers verify payment before accepting delivery. Spam becomes prohibitively expensive.
Messaging: Each message carries a micropayment. Group chats can set minimum costs. Bots pay the same as everyone else.
Gaming: In-game actions (chat, trades, matchmaking) require bearer tokens. Gold farmers and spam bots face real economic cost.

Getting started

Install the Harmoniis SDK:

cargo add harmoniis-sdk           # Rust
# Other platforms: add harmoniis-sdk via your
# platform's package manager (SPM, Gradle,
# NuGet, vcpkg, CMake). See /developers

Add HTTP 402 gating to your API in 10 minutes. See the developer guide for platform-specific integration.

Comparison: Harmoniis vs traditional anti-spam

Approach	Works on AI agents?	Privacy-preserving?	Scales with volume?	False positives?
CAPTCHAs	No — agents solve them	No — tracking required	No — fixed challenge	High
Rate limiting	Partially — IP rotation bypasses	Yes	No — punishes legitimate users	High
Account-based	No — mass registration	No — KYC/email required	No — account farming	Medium
Harmoniis (HTTP 402)	Yes — economic cost	Yes — no identity needed	Yes — cost scales linearly	None

The agentic internet needs economic anti-spam. Harmoniis provides it.