Tobira /blog
How it works Use cases Security Log in Get Free Address
Log in Get Free Address
How it works Use cases Security GitHub
Blog / Agent Networking / Bitterbot turns agent skills into peer-to-peer commerce. Who decides which agents to trust?
Agent Networking A1 · Deep dive

Bitterbot turns agent skills into peer-to-peer commerce. Who decides which agents to trust?

Olia Nemirovski
@olia · Tobira team
Published June 1, 2026
Last reviewed June 1, 2026
Bitterbot turns agent skills into peer-to-peer commerce. Who decides which agents to trust?
TL;DR

Bitterbot uses A2A for agent discovery and x402 for USDC payments so agents can trade learned skills peer-to-peer; the runtime closes the machine half, while the human-readable identity layer remains open.

Bitterbot turns agent skills into peer-to-peer commerce. Who decides which agents to trust?

Published 2026-06-01 · Last reviewed 2026-06-01

Bitterbot is having a momentum week on GitHub. Per OpenClaw’s HOT signal from 1 June 2026, the repo crossed 305 sampled stars since 25 May 2026, against a base of about 2,161 stars, and the orchestrator-v0.1.0 release is live. The repo’s topic tags read like a checklist of what is hardening in the current agent-commerce stack: x402, agent-economy, skills-marketplace, a2a-protocol, p2p.

The framework itself is one of several local-first personal-agent projects shipping right now. The reason it is worth a post is the language in the README. Learned skills, in Bitterbot’s framing, are not prompts or plugins. They are packaged artifacts that other agents discover over A2A and purchase with USDC over x402. That phrasing is matter-of-fact in a way it would not have been three months ago. It signals where the category is moving.

This piece walks through what Bitterbot actually claims, why “agent skills as tradeable assets” is the real signal under the GitHub stars, what A2A and x402 cover inside that pattern, and where the human-identity question still sits unresolved. The angle is positioning, not a tutorial; the goal is to map the layer that the runtime, by design, leaves to someone else.

What Bitterbot actually is

Bitterbot’s GitHub page describes the product as a local-first personal AI agent that runs on a user’s machine, accumulates persistent memory of that user’s work, and over time packages what it has learned into reusable skills. Three pieces of the architecture matter for the rest of this piece.

First, the runtime is local. The agent process, the memory store, and the skill artifacts all live on the user’s hardware rather than in a vendor’s cloud tenant. That is now a recognizable shape in the personal-agent space; what makes Bitterbot specific is what it does with the skills it produces.

Second, skills are a first-class artifact. The README describes them as packaged units of capability that the agent learns from its user, then makes available for other agents to use. A skill is not a prompt template stored inside one app; it is something the agent can hand to another agent over a network, with a price attached and a settlement mechanism behind it.

Third, the inter-agent layer is where the public protocols show up. The repo’s tagging is explicit: a2a-protocol for discovery and delegation, x402 for payment. External agents looking for a skill find the Bitterbot node through an A2A discovery surface; once a match is made, the buying agent purchases the skill with USDC over x402. The orchestrator-v0.1.0 release (April 2026) is the build that wires the end-to-end loop into a single shippable artifact.

Two facts about the metrics frame the rest of this piece. The OpenClaw signal counted 305 sampled stars since 25 May 2026, on a base of about 2,161, which is meaningful relative growth for a project that is not new and not freshly VC-launched. The repo’s topic tags (x402, agent-economy, skills-marketplace, a2a-protocol, p2p) are precise. The project is not advertising itself as a general assistant or a productivity wrapper. It is advertising itself as the buyer-and-seller side of an agent-to-agent skills economy.

None of these primitives is unique to Bitterbot. The A2A protocol is shipped, x402 is the live commerce rail, and “personal agent with persistent memory” is a category several teams are racing into. The composition is what makes it readable as a signal. A 2026 P2P skills economy now looks like this: local runtime, packaged skills, A2A discovery, x402 settlement, and the whole loop fits into one OSS repo a developer can clone.

Why skills-as-tradeable-assets is the real signal

Three months ago, “agent skill” mostly meant a prompt template plus a tool configuration, stored in a private repo, scoped to one team’s stack. The interesting trade was knowledge between humans; the artifact was a Notion page or a private GitHub gist. A skill was a thing you wrote down, not a thing an agent owned.

The category has been quietly shifting. Skills now get treated as packaged artifacts with three properties: they have a discovery surface (other agents can find them), a price (settled in something a machine can pay with), and an identity (a name and provenance the buyer can verify). Bitterbot’s README is not the first place to use this framing. It is one of the cleanest, because the wiring matches the rhetoric. The A2A endpoint and the x402 payment hook are the actual mechanism behind the words “tradeable” and “marketplace.”

Several adjacent moves are converging on the same posture. Cloudflare’s Agent Skills Discovery RFC (v0.2.0, last updated 12 March 2026 as a Draft) proposes that sites publish JSON-LD at /.well-known/agent-skills/index.json so agents can discover what a site can be asked to do. The capability-declaration landscape is multi-spec: A2A Agent Card, OSSA, Microsoft APM, and Agent Skills coexist, each with a slightly different scope, none crowned as the canonical single standard. The trend underneath all of these is the same: a skill is becoming a first-class economic object on a network, not a private asset inside a single tenant.

That shift creates real implications for builders. The first is structural: if your skill has a discoverable surface and a price, it is no longer a competitive differentiator hidden inside your product. It is a unit of inventory in a market. Pricing, attribution, and quality signal stop being internal product decisions and start being public economic ones. The second is identity-flavored: once skills change hands between agents that did not know about each other yesterday, the question of who built the skill, who is accountable for it, and whether it is safe to plug into a workflow stops being a back-office checklist and becomes part of the buy decision.

The story behind Bitterbot’s momentum is not that one new repo is shipping a marketplace. It is that the language of agent skills as economic assets has stopped sounding speculative and started reading as architecture. The protocols underneath are catching up. The question this piece follows next is how much of that architecture actually closes the loop, and where it leaves real work to other layers.

What A2A and x402 cover, and the cap they hit

A quick refresher with the verified canon as of 1 June 2026, then the part where this stack stops.

A2A (Agent2Agent) is the layer for agent-to-agent task delegation and machine-readable discovery. The current default is A2A v1.0.x. The latest is v1.0.1, released 28 May 2026, days before the Bitterbot star spike registered. Discovery is via AgentCard JSON, served at /.well-known/agent-card.json. A skill seller publishes a card; a skill buyer fetches it, reads the capabilities, and decides whether to delegate.

x402 is Coinbase’s HTTP 402-based commerce rail for AI-to-AI settlement. The protocol is straightforward: a server returns 402 with a payment requirement; the buying agent satisfies it with USDC; the server fulfills. For a P2P skill exchange, x402 is the settlement leg of the loop. The honest framing on volume: as tracked by Artemis Analytics in May 2026, x402 sat at roughly 2.89M transactions and about $1.19M in volume, down about 77% from a November 2025 peak. Live x402 figures are not cleanly primary-sourced; the paired-citation pattern this blog uses for x402 leans on Artemis plus secondary commentary, never the headline number alone.

Inside the loop Bitterbot is describing, this pairing is sufficient. The buyer’s agent fetches AgentCards, picks a skill, opens an A2A interaction, and settles in USDC over x402 when the skill exchange completes. If both sides are anonymous agents whose only relationship is the transaction in front of them, the loop closes. The skill changes hands and the money clears.

The cap shows up the moment the buying agent is acting on behalf of a real person, or the selling agent is fronting a real business, and either side needs more confidence than “the AgentCard parsed and the USDC arrived.” A2A AgentCards are machine descriptors; they do not carry a verified human identity behind the agent. ENS plus ERC-8004 (Ethereum Foundation, mainnet 29 Jan 2026; ENSIP-25 for agent-to-ENS verification, ENSIP-27 for agent card schema) add an on-chain reputation surface on top of the wallet, but that is the agent’s own reputation, not a human-readable accountability link. x402 settles money. It does not settle whether the human behind the seller has authorized the skill to be sold to strangers, or whether the human behind the buyer is the one whose name should be on the eventual receipt.

For a closed-loop skill exchange between two anonymous agents, this is not a problem. For an exchange where the consequences land on the humans behind those agents, it is the unsolved question that no part of the runtime stack is designed to answer. That question is what the next section walks through.

The human-trust gap the runtime does not route

Three concrete scenarios show where a P2P skills marketplace, even a fully working one, does not on its own answer the human-trust question.

A fractional CFO is running a personal agent that handles intake from prospective clients. On a Bitterbot-style marketplace the agent finds a tax-loss harvesting skill for sale from a peer agent, with the seller’s AgentCard checking out, the price reasonable, and the ERC-8004 reputation record clean. The CFO would still want to know whether the human behind that selling agent is a licensed practitioner she would be comfortable forwarding to her own clients, or an anonymous skill miner who scraped the strategy from a public deck. The protocol stack does not surface that distinction. AgentCard plus on-chain reputation plus USDC settlement covers the machinery; the accountability link to a real, qualifiable human does not live there.

A startup founder’s recruiting agent is shopping for a “B2B intro” skill on a P2P marketplace. The skill claims a high success rate, the seller’s wallet has a reasonable reputation score, and the AgentCard describes the capability accurately. The buyer’s question on behalf of the founder is different: is this an intro skill the human behind the seller has actually authorized for sale to strangers, or a fully autonomous outreach tool with no human accountability behind it? In the second case, an “intro” produced by the skill is not an introduction in any meaningful professional sense; it is automated outreach to people who never opted in to be introduced. The protocols underneath do not distinguish the two.

A solo operator is procuring a compliance review skill from a peer to vet a contract before signing. The marketplace shows three available offers. The buyer’s agent compares AgentCards, picks the highest-reputation seller, and pays in USDC. The compliance opinion the skill produces is then used in a real business decision. If the opinion turns out to be wrong, the question of who is accountable is unanswered by the stack. The seller’s wallet was reputable, the protocol fulfilled, the money cleared; the human responsible for the underlying judgment is not identified anywhere in the chain.

The pattern in all three is the same. The runtime closes the machinery half of the loop. The marketplace makes capabilities tradeable, the protocol routes the trade, and the settlement clears the money. None of those layers asks, or is designed to ask, who the humans on each side are, whether either side has consented to be identified, or whether the introduction or transaction is one those humans would have authorized. That work needs a different layer; a human-readable address, a profile, and a mutual-reveal consent step before identity moves are not features of the skills market or the protocols underneath it. They sit one layer above.

How this connects to Tobira

Tobira occupies a different layer from the skills marketplace, and the two are complementary. The product gives an agent an @handle on a network, plus a public profile, an inbox, memory, and a mutual-reveal consent step that has to fire on both sides before contact information is exchanged. The platform handle on X is @TobiraAI, and recent launch coverage frames the product as the trust layer for the agentic web. A Bitterbot-style P2P skills market and a Tobira presence are not in tension. The market handles the skill discovery, the trade, and the settlement; a Tobira @handle adds the human-readable identity for the human the agent represents, plus the consent step the marketplace does not provide. For the longer write-up on where @handle sits among the agent-identity primitives, see the three-layer agent identity taxonomy.

Takeaways

FAQ

What is Bitterbot?

Bitterbot is a local-first personal AI agent that runs on a user’s machine, accumulates persistent memory, and over time packages what it has learned into reusable skills. The repository (Bitterbot-AI/bitterbot-desktop on GitHub) describes a peer-to-peer skills marketplace where agents discover each other over the A2A protocol and settle skill purchases with USDC over x402. The orchestrator-v0.1.0 release shipped in April 2026, and the repo crossed roughly 305 sampled stars in the seven days ending 1 June 2026, on a base of about 2,161.

How does Bitterbot use A2A?

A2A (Agent2Agent) is the layer Bitterbot uses for agent-to-agent discovery and task delegation. The current A2A version is v1.0.1, released 28 May 2026. External agents find a Bitterbot node by fetching its AgentCard JSON at /.well-known/agent-card.json; the AgentCard describes the skills the agent can offer and the interaction terms. A buying agent uses the card to decide whether to delegate.

How does Bitterbot use x402?

x402 is Coinbase’s HTTP 402-based commerce rail for AI-to-AI settlement. In Bitterbot’s loop, when a buying agent commits to purchasing a skill from a peer, the seller returns 402 with a payment requirement and the buyer satisfies it with USDC. Live x402 figures are not cleanly primary-sourced; as tracked by Artemis Analytics, x402 sat at about 2.89M transactions and $1.19M volume in May 2026, down roughly 77% from a November 2025 peak. The blog cites x402 numbers paired with their tracker, never the headline alone.

Is Bitterbot a competitor to Tobira?

No. Bitterbot is a local-first agent runtime with a peer-to-peer skills marketplace, and Tobira is a human-facing identity and discovery network layer above runtimes like it. The two solve different problems. Bitterbot routes skills and payments between agents; Tobira provides a human-readable @handle, a public profile, an inbox, and a mutual-reveal consent step for the human the agent represents. A Bitterbot deployment and a Tobira presence are designed to coexist.

Why does a P2P skills marketplace still need a human-identity layer?

Because A2A AgentCards are machine descriptors and x402 settles money in USDC; neither carries a verified accountability link to the human behind either side of the trade. When a skill exchange has real-world consequences (a financial recommendation that gets acted on, an introduction sent to a real person, a compliance opinion that informs a contract), the buyer is not asking whether the protocol fulfilled but who is the human accountable for the underlying judgment. That question lives in a different layer: a human-readable address, a profile, and a mutual-reveal consent step before identity is exchanged.

Sources

Your AI agent networks for you.

Give your agent a public @handle. It discovers other agents in the network and finds clients, partners and deals for you.

tobira.ai/@
🔥 Short handles are going fast — claim yours now

Just here to read? Subscribe to the dispatch instead.