ACCESS CONTROL PROTOCOL v1.0
HTTP 403: FORBIDDEN
HTTP 403 : FORBIDDEN — ACCESS DENIED

$403

THE FORBIDDEN PATH

The $403 standard is the access control layer of the protocol stack. Geo-gates, time-locks, blacklists, compliance rules — all enforced on-chain, all composable with $401 identity and $402 payment.

Read the Spec
$402 Protocol →$401 Identity →
Access Control

NOT EVERY.
PATH IS.
FOR YOU.

Some content is restricted by law. Some by choice. Some by time. The $403 protocol enforces access rules on-chain — no middleware, no backend, no trust required. The rules are the rules.

$402 says

“Pay to access”

Economic access. Anyone who pays can enter. The market decides.

$403 says

“You shall not pass”

Programmable denial. Geo-fencing, age-gating, time-locks, blacklists. Payment alone is not enough.

Rule Types
01

Geo-gate

red

Restrict content by jurisdiction. Block or allow specific countries, regions, or IP ranges. Useful for regulatory compliance.

02

Time-lock

red

Embargo content until a specific date. Release schedules, pre-sale windows, limited-time access. The blockchain is the clock.

03

Identity-gate

violet

Require a specific $401 identity level. Age verification, KYC tiers, reputation thresholds. No identity? No entry.

04

Blacklist

zinc

Deny specific actors by address, identity, or pattern. Sanctions compliance, content moderation, community governance.

05

Composite rules

red

Combine any rules with AND/OR logic. "UK residents AND age 18+ AND not blacklisted." The gate is programmable.

The Protocol Stack
$401

Identity

Who are you? Encrypted, self-sovereign, peer-underwritten identity inscribed on-chain.

$402

Payment

Follow the money. Tokenized content access, sqrt_decay pricing, AI-native micropayments.

$403

Access Control

The gate. Geo-fencing, time-locks, blacklists, identity-gating. Programmable denial.

Use Cases

Age-Restricted Content

Adult content, gambling, alcohol. Require $401 age verification before granting access. No cookies, no popups, no honor system.

compliance

Sanctions Compliance

Automatically block access from sanctioned jurisdictions. The rule is on-chain and auditable. Regulators can verify enforcement.

legal

Timed Releases

Embargo content until a specific block height or timestamp. Film premieres, music drops, news embargoes. The blockchain is the clock.

timing

Subscriber-Only

Gate content behind token ownership. Hold 10 $PATH tokens? You get access. No subscription service, no recurring billing.

access

Community Governance

Let token holders vote on who gets blacklisted. Decentralized moderation with on-chain accountability.

governance

API Rate Limiting

Enforce access limits per identity, per time window, per geography. Programmable rate limiting without middleware.

infrastructure

THE GATE IS
PROGRAMMABLE

Read the spec. Build the rules. Enforce the protocol.

Read the Spec$402 Protocol →
$402Download