Spend caps
Per-agent daily (24h rolling) and monthly (30d rolling) ceilings in USD-equivalent, plus a hard per-transaction max.
Autonomous agents now settle stablecoin payments at scale — but who enforces the spend cap before the money moves? Our gateway is a pre-transaction policy decision point (PDP) that approves or blocks every agent payment against your rules: per-agent daily/monthly caps, counterparty allowlists, velocity limits and a circuit breaker. No wallets, no keys, no custody.
The gateway sits in front of the payment rail (x402, AP2 or card rails). Each agent payment request is evaluated before settlement — so a bad payment is stopped, not merely flagged after the fact (unlike post-hoc monitoring). It returns a signed ALLOW / DENY / STEP-UP decision with a human-readable reason.
POST /api/x402/evaluate with agentId, counterparty, amount, asset.ALLOW (with testnet settlement instruction) or DENY (with reason). No funds ever touch the gateway.Per-agent daily (24h rolling) and monthly (30d rolling) ceilings in USD-equivalent, plus a hard per-transaction max.
Deny any counterparty not on the approved list; block known-bad merchants outright. Zero-trust by default.
Throttle transaction bursts (e.g. max N payments per 60s) to blunt runaway or loop-driven agent spend.
After N denials, an agent is frozen for a cooldown window — automatic containment of a misbehaving agent.
Restrict to approved stablecoins (USDC/USDT). Unknown assets are rejected before settlement.
The gateway never holds keys or funds. It is a pure policy decision point — no license, no custody risk.
Runs against the live gateway on this host. Try the default “allow” case, then push past a cap or use an unknown counterparty to see a DENY.
Watch a fresh agent get progressively blocked as it burns through its daily cap.
€200/mo
€750/mo
Custom
No. The gateway is a non-custodial policy decision point. It signs a decision, never holds private keys or settles funds. Settlement (if any) happens on the payment rail after an ALLOW.
The policy engine is rail-agnostic. Adapters exist for x402 (HTTP 402) and AP2-style flows; card-rail agents can call the same /api/evaluate endpoint.
Yes — that is the whole point. Unlike detective monitoring (which flags after the fact), the gateway returns DENY before settlement, so the agent or merchant can abort the transaction.
This public site is a non-custodial demo: the signing key is generated in-memory per process and explicitly non-binding, and all settlement addresses are base-sepolia testnet placeholders. Production deployments use customer-managed keys and real policy stores.