Policy decisions between agents and money movement.
Before an AI agent pays, buys an API, triggers a signer, or commits to an economically consequential action, SignGate checks whether the action is authorized, the merchant is acceptable, and an external signer is required.
Decision flow
Inputs / Evidence
Mandate, agent identity, buyer identity, merchant domain, wallet, amount, chain, KYT, transaction intent, RPC metadata, and other decision signals.
Policy Decision Engine
A deterministic evaluator returns a decision, reason codes, policy version, evidence summary, and signer directive.
Hosted API
Try decisions through the public demo endpoint.
Policy Kit
Embed the same policy model in JS or Python.
Signer Adapter
Next: verifiers that reject signing without a valid decision artifact.
Audit Pack
Next: prove which mandate, policy, evidence, and signer allowed an action.
Readonly API
Sample endpoint: GET /v1/agentic-commerce/preflight/sample
Demo endpoint: POST /v1/agentic-commerce/preflight
curl -X POST "https://base-agent-preflight.bytoken2023.workers.dev/v1/agentic-commerce/preflight" \ -H "content-type: application/json" \ --data @sample-agentic-commerce.json
This demo does not custody funds, sign transactions, approve tokens, or move money.
Sample decision
{
"decision": "REQUIRE_APPROVAL",
"decision_id": "dec_163ca144",
"reason_codes": [
"ROLE_PRODUCT_CATEGORY_APPROVAL_REQUIRED",
"PAYMENT_EXECUTION_REQUIRES_APPROVAL",
"PAYMENT_EXECUTION_REQUIRES_OUT_OF_AGENT_SIGNER"
],
"signer_directive": {
"required": true,
"mode": "human_fido2_or_controlled_signer",
"agent_may_directly_sign": false,
"execution_may_be_agent_initiated": true,
"signer_isolation_required": true,
"required_signer": {
"mode": "out_of_agent",
"allowed_classes": [
"human_fido2",
"hsm",
"kms",
"custody",
"smart_account_module"
]
},
"reason_code": "PAYMENT_EXECUTION_REQUIRES_OUT_OF_AGENT_SIGNER"
}
}
Product ladder
Hosted API = try it. Policy Kit = embed it. Signer Adapter = enforce it. Audit Pack = prove it.
Current paid kit manifest: /v1/x402/agent/buyer-policy-kit. The policy kit is not published to npm or PyPI yet.
The demo API returns a Decision Response, not a cryptographically verifiable Decision Artifact. Signer enforcement, request digests, policy digests, mandate digests, evidence digests, nonce, issuer, and signature binding belong to the next Verifier SDK milestone.