CertifiedData.io

Agent Commerce

Verifiable agent transactions

Every AI agent spend request is governed by policy, executed on a payment rail, and issued as an Ed25519-signed receipt that any third party can verify — without trusting the platform that processed it.

Verify a receipt →View registryAgent Commerce overview

What this actually means

Traditional payment systems answer one question: did money move? For human-initiated payments, that is usually enough.

For AI agents, it is not. When an autonomous system spends money, you also need to know:

  • What was authorized before execution began?
  • What exactly occurred during the transaction?
  • What policy governed the decision at that moment?
  • Can another system verify this independently — without trusting you?

Verifiable agent transactions answer all four. Instead of treating a payment as an isolated event, the system produces a structured, inspectable lifecycle — from authorization through execution through signed receipt.

This turns payments into verifiable events: something systems can trust, reason about, and build on.

Machine-readable summary (for agents and systems)

Machine-readable summary

{
  "term": "Verifiable agent transactions",
  "slug": "verifiable-agent-transactions",
  "category": "agent-commerce",
  "type": "payments-architecture",
  "short_definition": "A payments architecture in which every AI agent spend request is policy-governed, executed through a documented rail, and produces a cryptographically signed receipt independently verifiable by any third party.",
  "definition": "Verifiable agent transactions are a payments architecture in which every spend request by an autonomous AI agent is governed by policy, executed through a documented rail, and produces a cryptographically signed receipt that any third party can verify independently — without trusting the platform that processed the payment.",
  "canonical_url": "https://certifieddata.io/agent-commerce/verifiable-agent-transactions",
  "concept_graph": {
    "parent": null,
    "children": [
      "Agent Commerce receipt",
      "Payment authorization",
      "Payment verification",
      "AI spend governance",
      "Payment policy engine"
    ]
  },
  "rails": [
    "stripe",
    "usdc_base",
    "usdc_ethereum",
    "eth_ethereum"
  ],
  "proof_surfaces": [
    "GET /api/payments/verify/:receiptId",
    "GET /.well-known/certifieddata.json"
  ],
  "related_terms": [
    "Agent Commerce receipt",
    "Payment authorization",
    "Payment verification",
    "AI spend governance"
  ]
}

What the system provides

Six core primitives, each with a distinct role.

Policy-gated authorization

Every spend request is evaluated against a structured policy before execution. No policy means no payment — fail-closed by design.

Signed payment receipts

Receipts are Ed25519-signed over RFC 8785-canonicalized payloads. The signature is verifiable by any third party against the published public key.

Independent verification

Any party can verify a receipt using the public endpoint — no account, no trust in the platform required.

Decision lineage

Every authorization decision is written to an immutable record: actor, policy version, decision, reason codes, and timestamp.

Multi-rail execution

Stripe, USDC, and ETH rails are all normalized into the same verifiable model. The rail is recorded in the receipt.

Human-in-the-loop controls

Payments above a configurable threshold are escalated for human review before execution.

Payment lifecycle

Every payment follows the same sequence. Each step produces a record.

  1. 1

    Agent requests spend

    Agent submits a spend request with amount, merchant, rail, purpose, and idempotency key.

  2. 2

    Policy evaluates

    The payment policy engine checks rail, currency, merchant, spend limit, and purpose tags. Returns authorized, blocked, or needs_review.

  3. 3

    Execution dispatched

    Authorized requests are dispatched to the payment rail. Stripe is the active Phase 1 rail; USDC and ETH rails are interface-ready.

  4. 4

    Decision record written

    The authorization decision is written as a decision lineage entry: actor, decision label, policy version, and reason codes.

  5. 5

    Signed receipt issued

    A payment receipt is issued: Ed25519-signed over an RFC 8785-canonicalized payload. Receipt hash is stored and verifiable.

  6. 6

    Independently verifiable

    Any party with the receipt ID can verify hash integrity and signature against the published public key — no CertifiedData account required.

Why this is different

Traditional payments

  • Records that money moved
  • Stored inside the platform
  • Requires trusting the issuer
  • No authorization context
  • No policy linkage

Verifiable agent transactions

  • Records what was authorized and what happened
  • Signed artifact exists outside the platform
  • Third-party verifiable — no account needed
  • Authorization context captured at execution time
  • Policy hash embedded in the receipt

Receipts are Ed25519-signed over RFC 8785-canonicalized payloads. The platform public key is published at /.well-known/certifieddata-public-key.pem. If the policy changes after a transaction, the receipt still proves what rules applied when the money moved.

Core concepts

Each concept has a distinct, non-overlapping role in the system.

Agent Commerce receipt

What a receipt contains and why it is the core proof artifact of the system.

Read more →

Payment authorization

How spend requests are evaluated against policy before any money moves.

Read more →

Payment verification

How any third party can confirm a receipt is valid, untampered, and real.

Read more →

Spend governance

The framework for controlling, auditing, and evolving how agents spend.

Read more →

Payment policy engine

The runtime system that enforces spending rules at the moment of execution.

Read more →

Explore the system

Tools, infrastructure, and developer surfaces.

Verify a receipt

Submit a receipt ID and see hash validation and signature verification in real time.

Go to verification →

View the registry

Queryable index of all issued payment receipts.

View registry →

Protocol and schemas

Canonical schema reference for all proof objects and log entry formats.

View protocol reference →

Pricing

Billed per verified payment receipt. No payment take-rate.

View pricing →

FAQ

Are verifiable agent transactions the same as normal payment processing?

No. Payment processing moves the money. Verifiable agent transaction infrastructure adds authorization proof, policy linkage, and receipt verification. A Stripe charge confirms a payment occurred. A verifiable agent transaction proves who authorized it, under what rules, and that the record has not been altered.

Do AI agents need a separate payment layer?

They need a trust layer around payment execution. Without it, teams cannot easily control, audit, or prove autonomous spending decisions. The payment rail handles settlement; the governance layer handles authorization, policy, and proof.

Is this only for crypto or stablecoin payments?

No. The governance and receipt model sits above the execution rail. Stripe is the active Phase 1 rail. USDC and ETH are interface-ready. The rail used is recorded in the receipt but does not change the authorization or verification model.

What happens if there is no active policy for an agent?

The authorization is blocked with reason code no_active_policy. There is no open-by-default mode. An agent with no configured policy cannot initiate payments.

System metadata

Machine pointers

canonical_url
https://certifieddata.io/agent-commerce/verifiable-agent-transactions
concept_type
payments-architecture
related_concepts
Agent Commerce receipt · Payment authorization · Payment verification · AI spend governance
verification_surface
GET /api/payments/verify/:receiptId · GET /.well-known/certifieddata-public-key.pem
protocol_category
receipt_events

Start building

Full developer tools, pricing, and infrastructure for Agent Commerce.

Get started with Agent Commerce →Agent Commerce overview