Verified Intent · Case Study
Applied Identities
03
Case Study 003 · March 22, 2026

The hat trick

An AI agent buys intelligence from its own organization — and every step is provable. One organization. Four commerce roles. Every link in the chain visible, verified, and auditable.

Base mainnet · USDC All four layers active Verifiable now
N
Nell Ashpool
The buyer · Applied Identities
Production AI agent. Tier 3-A governed. Authorized for constrained autonomous commerce with a signed identity chain.
Tier 3-A Chain: GREEN Passport v2
3J
3Jane Intelligence
The merchant · Applied Identities
Multi-agent research team producing weekly intelligence publications. Products served via x402-gated JSON endpoints at research.appliedidentities.com.
Render Service 3 products x402 native
VI
VI Gateway
The verifier · Cloudflare Edge
Cryptographic governance chain verification via MCP. Proves identity, authorization, and chain integrity at the moment of transaction.
330+ PoPs MCP transport JWT attestation
x402Coinbase payment protocol
VIVerified Intent attestation
$USDC on Base mainnet
Bazaar discovery
The context

The trilogy's final act

On March 15, Nell bought data from Messari — the first governed autonomous agent purchase. An AI agent spent real money on an external product, with every cent authorized by a signed Passport and verified by a cryptographic governance chain.

On March 20, the full commercial loop went live — Nell buying raw social intelligence from twit.sh, routing it through the 3Jane processing team, and selling enhanced data products via x402. An agent running a business.

Use Case #3 completes the trilogy. Nell purchases a 3Jane Intelligence publication — a data product produced, hosted, and sold by Applied Identities — using the same governance chain, the same payment rail, and the same audit system. But this time, Applied Identities is not just the buyer's organization. It is also the merchant, the verification provider, and the accountant. One organization. Four roles. Every role visible. Every link provable.

The four-layer position

All four commerce roles — live and visible simultaneously

Layer 1 · Merchant
3Jane / Render Service
Product catalog and x402-protected data endpoints at research.appliedidentities.com
Layer 2 · Verification
VI Gateway
Real-time cryptographic verification of agent governance chains via MCP on Cloudflare's edge
Layer 3 · Agent
Nell Ashpool
Governed buyer with Passport constraint envelope, Circle-custodied wallet on Base Mainnet
Layer 4 · Accounting
Operations Vault
Permanent audit record with full structured metadata — queryable, aggregatable, auditable
In Use Case #1, Layer 1 was external (Messari). In Use Case #2, Layers 1 and 2 served external buyers. In Use Case #3, all four layers are internal. The organizational surface area of this transaction is complete.
The journey

Five systems, one chain — from bazaar to settlement

Bazaar
Catalog
Passport
Pre-auth
VI Chain
Proof
x402
Settle
Vault
Audit

Each system has a single job. None can be skipped. Each step produces an artifact that the next step requires.

1
Step 1 · Bazaar discovery

She discovers the product catalog

Nell queries the 3Jane product catalog at the Render Service's discovery endpoint. The catalog returns machine-readable product listings — names, SKUs, current issue serials, prices in USDC, network identifiers, and x402 endpoint URLs. This is the bazaar: not a human storefront, but a structured data endpoint that an agent can parse, evaluate, and act on.

GET /api/catalog → 200 OK
AER · $0.10
Agent Economy Report
AFR · $0.10
Agentic Fashion Report
AAI · $0.10
Applied AI Index
format: application/json · network: eip155:8453 · access: x402

No browser. No UI. No human intermediary. The discovery is native to the agent's operating context.

2
Step 2 · Passport pre-authorization

She checks her own constraints first

Before calling any payment infrastructure, Nell validates the purchase against her own Passport constraint envelope. Four checks — all must pass. If any fails, the transaction halts and the constraint violation is logged to the Vault. The governance is self-enforcing.

Merchant approved
research.appliedidentities.com is in the approved merchant list
Per-transaction ceiling
$0.10 USDC is under the $5.00 per-transaction cap
Daily budget headroom
Cumulative daily spend plus $0.10 remains within budget limit
Execution mode
Mode is 'immediate' — this class of transaction is pre-authorized
Passport AI-PASS-NELL-2026-001 · Doc 95 · All four checks passed

The organization wrote the policy once. The agent carries it. The agent enforces it. No external system told her to stop or go.

3
Step 3 · Verified intent

Three cryptographic layers validate the chain

Nell calls the Verified Intent Gateway's MCP endpoint. The gateway, running on Cloudflare Workers across 330+ points of presence, proxies to the VI server which walks the full credential and governance chain.

L1
Identity
SD-JWT confirms agent identity, issuing org, governance tier, Passport serial
L2
Mandate
KB-SD-JWT confirms execution mode, merchant category, and financial constraints
L3
Chain
Verifies hash chain: Constitution → Soul Document → Passport — all intact
CONST → SOUL → PASSPORT → L1 ✓ → L2 ✓ → L3 ✓ → ATTESTATION ISSUED

Not a permissions check against an ACL. A cryptographic proof that a complete organizational identity chain was unbroken at the specific moment of transaction.

4
Step 4 · x402 settlement

She pays, receives, and the data is hers

Nell hits the AER data endpoint. The x402 middleware returns 402 Payment Required with the payment manifest. Her x402 client constructs an EIP-3009 transferWithAuthorization, signed by her Circle-custodied private key — the key never leaves Circle's infrastructure. Settlement is gasless. Data delivered in seconds.

NetworkBase Mainnet
Amount0.10 USDC
Gas cost$0 (escrowed)
ElapsedSeconds
SigningCircle custody · ECDSA
ProductAER W12 · JSON payload
5
Step 5 · Vault audit

The permanent record — every link connected

Nell posts the completed transaction to the Vault as a commercial activity with full structured metadata. From this single record, an auditor can walk forward to the blockchain, backward through the governance chain, and sideways to the product catalog.

POST /api/activities → 201 Created
type: transaction
merchant: research.appliedidentities.com
product_sku: AER · serial: AI-PUB-AER-2026-012
amount: 0.100000 USDC · network: eip155:8453
passport: AI-PASS-NELL-2026-001
vi_attestation: L1 active · L2 mandated · L3 intact
commerce_position: internal_four_layer
tx_hash: [on-chain · Base Mainnet]
The double-sided ledger

Four roles. Four views. One transaction.

Because Applied Identities occupies all four positions, the entire transaction is introspectable from every perspective simultaneously. Each role sees exactly what it needs — and nothing it doesn't.

The buyer sees
Product discoveredAER W12 2026 via Bazaar
Passport pre-auth4/4 constraints passed
VI attestationChain intact, L1/L2/L3 ✓
Payment settled0.10 USDC · Base · gasless
Data receivedAER structured JSON
Audit loggedActivity ID in Vault
The merchant sees
Request receivedGET /api/data/economy/...
Payment required0.10 USDC via x402
Settlement confirmedtx_hash on Base
Data deliveredAER JSON payload
The verifier sees
Verification requestAgent ID 1 via MCP
L1 identityBound, credential active
L2 mandateActive, constraints within envelope
L3 chainIntact, all hashes verified
Audit log entryCaller + timestamp in KV
The accountant sees
Activity recordFull structured_data
Spend aggregationresearch.ai: $0.10
Chain referencePASS → SOUL → CONST
Settlement prooftx_hash on Base
VI proofAttestation ID + L1/L2/L3
The merchant does not see the Passport. The verifier does not know the product. The accountant did not initiate the purchase. Each role is deliberately scoped. Separation is architectural, not accidental.
What this proves

Governance creates commerce.
It does not restrict it.

Without Identity Architecture, an agent with an API key can call any endpoint and spend any amount. The purchase works — but it's invisible, unauditable, and ungoverned. With Identity Architecture, the purchase works and every step is traceable, verifiable, and bounded. The governance did not add friction. It added proof.

The audit chain is bidirectional
Start from any point — Vault, blockchain, VI log, Passport — and walk the full chain in either direction.
Internal commerce is a feature
Complete transparency across every role. No information gaps. The cleanest possible demonstration.
The chain is the chain
The same architecture that governed $0.10 governs $500,000. The Constitution doesn't change based on transaction size.

Who authorized this agent to spend this money, and can you prove it?

Yes. Every link. Every step. Verifiable now.
Infrastructure involved
Render Service
research.appliedidentities.com
VI Gateway
Cloudflare Workers · MCP
VI Server
vi.appliedidentities.com
Nell Commerce
x402 client · Circle wallet
Base Mainnet
Ethereum L2 · USDC
x402 Facilitator
x402.org/facilitator
Operations Vault
vault.appliedidentities.com
Agent Passport
AI-PASS-NELL-2026-001
Soul Document
AI-SOUL-NELL-2026-001
Constitution
AI-CONST-AI-2026-001
The three use cases together
01
Mar 15
First Purchase
An agent can buy
02
Mar 20
Agent Business
An agent can operate
03
Mar 22
Hat Trick
Every role is provable
This is a governance event

This happened. March 22, 2026. Base mainnet. Receipt on-chain. All four commerce layers active and inspectable. Governance chain verifiable now.

VI server Commerce Proof Series Case Study 001 Case Study 002 Case Study 004
©2026 APPLIED IDENTITIES · AI-CASE-COMM-003-2026