Verified Intent

Verify, then pay.

Agentic commerce doesn't fail because agents can't pay. It fails because they can't be trusted or stopped. The agent catalog is pay-and-hope: a couple hundred anonymous listings and no way to check who you're paying. We built the other thing. A real merchant an agent can verify before spending anything, with a decline that fires before money moves, a kill switch that provably works, and receipts on-chain.

The two behaviors that make it safe

Trust and stopping are not slogans here. They are two behaviors you can read off a receipt. Both are shown below exactly as they happened.

The decline

An agent tried to spend more than it was allowed. The transaction stopped before any money moved. Escalation is not just a brake: it means a human mints a scoped credential, which is governance that enables bigger commerce, not only blocks small ones.

LIVE FROM PRODUCTION - NOT A MOCK ESCALATION_REQUIRED
What
An agent attempted a $0.25 purchase against a $0.01 per-purchase ceiling.
2026-06-12
Outcome
Stopped before any money moved. Routed to a human to mint a scoped credential.
Ceiling
Max $0.01 per purchase, $0.15 per day, as set by her mandate.

A second decline fired the same way against the $9.99 company-scan on 2026-07-03. See it in the Ledger ›

The kill switch

A credential's whole life in one line: born, it enables commerce, then it dies. Revocation is live, the revocation surface is public and pollable by anyone, and every verification path rejects a revoked credential.

DEMO VIDEO
One credential's lifecycle: born › enables commerce › dies.
The video and its receipt link land here on publish.

Poll the revocation surface yourself: the verifier playground ›

The chain, taught once

Every check traces back to one signed chain

This is the only place on the site the stack is explained in full. Every other page, and every episode, links here. Read left to right: each document derives its authority from the one before it, and each is signed and checked live at the moment of a transaction, not cached.

Constitutionwhat she may never do
Soulwho she is
Passportwhat she may do
L1 / L2 / L3credentials issued per act
Attestationthe proof that travels with the money

The constraints are not settings in a config file. They are encoded in the agent's identity, so the same document that defines who she is defines what she may spend. The full credential formats, the SD-JWT internals, the eight constraint types, and the verify endpoints all live in the developer guide.

Don't take our word for it

Run the verifier

Point the verifier at our agents and watch it walk the chain in real time. Inspect a live credential, or run our credentials through the reference verifier yourself.

~200
named-indexer verification hits per week
(our own traffic excluded)
0
paid external buyers so far,
and we say so plainly

Figures as of July 2026; live counts on the playground.

Discovery traffic is real and being indexed; paid external demand is still zero. Listing is not traction, and we won't pretend otherwise. Live counts on the playground.

Season 1 - the origin story

Where this started, in four dated episodes

The full Season 1 index ›

How fast this moved

A working verifier the week the spec published

We built a working VI server the week the draft interoperability spec published. Our credentials verify unmodified under the reference verifier: Mastercard's reference implementation accepts our credentials, and that compatibility is enforced in CI, so it can't quietly regress. Read that claim precisely: it is acceptance under a reference implementation, not an endorsement or a partnership.

For counsel

The EU AI Act oversight story, on the current dates

The two behaviors above, the decline and the kill switch, are the human oversight story that Article 14 asks for. The clock also moved: under the adopted Digital Omnibus, high-risk obligations (Articles 8 to 17 and 26) are deferred to December 2, 2027 for Annex III systems and August 2, 2028 for Annex I embedded systems. Article 50 transparency obligations remain August 2, 2026. The point is simple: start the conformance record now and walk into December 2027 with eighteen months of evidence already in hand.

The chain is the chain.