Agentic Spend Policy Gateway
Non-custodial · testnet demo · no real funds

The preventive control plane for AI-agent money.

Autonomous agents now settle stablecoin payments at scale — but who enforces the spend cap before the money moves? Our gateway is a pre-transaction policy decision point (PDP) that approves or blocks every agent payment against your rules: per-agent daily/monthly caps, counterparty allowlists, velocity limits and a circuit breaker. No wallets, no keys, no custody.

How it works

The gateway sits in front of the payment rail (x402, AP2 or card rails). Each agent payment request is evaluated before settlement — so a bad payment is stopped, not merely flagged after the fact (unlike post-hoc monitoring). It returns a signed ALLOW / DENY / STEP-UP decision with a human-readable reason.

  1. 1 Agent wants to pay a counterparty (e.g. buy compute, subscribe to a data feed).
  2. 2 Request hits the gateway: POST /api/x402/evaluate with agentId, counterparty, amount, asset.
  3. 3 Policy engine checks caps, allowlist, velocity & circuit breaker.
  4. 4 Gateway returns ALLOW (with testnet settlement instruction) or DENY (with reason). No funds ever touch the gateway.

Controls you can enforce

Spend caps

Per-agent daily (24h rolling) and monthly (30d rolling) ceilings in USD-equivalent, plus a hard per-transaction max.

Counterparty allowlist

Deny any counterparty not on the approved list; block known-bad merchants outright. Zero-trust by default.

Velocity limiting

Throttle transaction bursts (e.g. max N payments per 60s) to blunt runaway or loop-driven agent spend.

Circuit breaker

After N denials, an agent is frozen for a cooldown window — automatic containment of a misbehaving agent.

Asset allowlist

Restrict to approved stablecoins (USDC/USDT). Unknown assets are rejected before settlement.

Non-custodial

The gateway never holds keys or funds. It is a pure policy decision point — no license, no custody risk.

Live demo — evaluate a payment

Runs against the live gateway on this host. Try the default “allow” case, then push past a cap or use an unknown counterparty to see a DENY.

allowlist: data-provider-x, cloud-gpu-y, news-feed-a, logistics-b
Awaiting evaluation…

Scenario runner

Watch a fresh agent get progressively blocked as it burns through its daily cap.

Pricing

Starter

€200/mo

  • 1 agent-fleet
  • Core caps & allowlist
  • REST + x402 adapter

Enterprise

Custom

  • Unlimited agents
  • Multi-rail (x402/AP2/card)
  • Self-host / dedicated

FAQ

Is this a wallet or does it hold my funds?

No. The gateway is a non-custodial policy decision point. It signs a decision, never holds private keys or settles funds. Settlement (if any) happens on the payment rail after an ALLOW.

Which payment rails are supported?

The policy engine is rail-agnostic. Adapters exist for x402 (HTTP 402) and AP2-style flows; card-rail agents can call the same /api/evaluate endpoint.

Does a DENY block the payment?

Yes — that is the whole point. Unlike detective monitoring (which flags after the fact), the gateway returns DENY before settlement, so the agent or merchant can abort the transaction.

Is this production-ready / real money?

This public site is a non-custodial demo: the signing key is generated in-memory per process and explicitly non-binding, and all settlement addresses are base-sepolia testnet placeholders. Production deployments use customer-managed keys and real policy stores.