OPEN AGENT
COMMERCE

How your AI agent signs you up, pays, and proves it — safely. An animated explainer.

▶ scroll to play
Mayathe user
Adathe AI agent
Veethe broker / verifier
Shopsservices / merchants
scroll ↓
1 THE ASK

You delegate — in plain words.

Maya tells her agent what to do, sets a budget, and keeps the right to cancel.

“Sign me up for NewsApp. Keep it under ₹500 / month, and you can cancel anytime.”
Use case · delegated intent
2 CONSENT, SIGNED ONCE

One signature bounds everything.

Maya signs a User Consent Mandate on her own device — scope, caps, validity — revocable instantly.

User Consent Mandate • scope: news / media • cap: ₹500 / month • valid: 12 months • revocable: anytime signed · Ed25519
Use case · bounded, revocable consent
3 THE GAUNTLET

Nine checks. Then a tamper-proof trail.

Every request runs a fixed, fail-closed verify chain — each layer lights up and seals a hash-chained provenance note.

signature mandate ucm kyc scope amount intent velocity replay provenance event ✓ event ✓ event ✓ hash-chained · signed first failure → REJECT
Use case · authorization enforcement + provenance
4 THE ACCOUNT IS YOURS

Created — and you own it.

Vee provisions the account; the service returns receipts, and Maya gets an Ownership Certificate held in reserve.

Ownership Certificate direct-claim link single-use token service-signed ✓
Use case · account creation · ACR + AOC
5 WORKS ANYWHERE

Even at services that never integrated.

No native support? The agent falls back to a lower-trust strategy (OAuth app, browser automation) — value with zero merchant integration.

browser-automation legacy service — no ASP needed
Use case · cold-start · non-integrated merchants
6 PAY — WITHIN BOUNDS

Inside the cap it just works. Over it, you decide.

Caps are checked on every payment. ₹499 sails through; ₹900 bounces back for approval.

₹499 · within cap PAID + signed receipt ₹900 · over cap “Maya — approve?” step-up to the user
Use case · bounded spend · step-up approval
7 SENSITIVE? ASK THE HUMAN

OTPs and step-ups route to you.

When a service needs a sensitive action (an OTP, a password reset), the broker routes it to Maya for explicit approval — bearer tokens alone can't pass it.

OTP: 4 8 1 9 Approve single-use · TTL
Use case · brokered authentication · OTP / step-up
8 THE ACCOUNT'S LIFE

Created → active → renews → cancelled.

Every transition emits a signed receipt; cancelling returns a prorated refund — and the user can take ownership at any time.

CreatedACR + AOC Activebills ≤ cap Renewsreceipt / cycle Cancelled+ refund …anytime → the user can take ownership (next ↓)
Use case · subscription lifecycle · cancellation + refund
9 TAKE IT BACK

Your account, even if the broker vanishes.

The Ownership Certificate is a direct-claim path: Maya proves ownership to the service itself — single-use, service-signed — broker not required.

Ownership Certificate direct-claim link · token service-signed ✓ broker offline? direct claim ownership → Maya
Use case · ownership recovery · broker-independent
10 WHEN THINGS GO WRONG

Disputes & refunds, on the record.

Didn't get what was paid for? The signed provenance trail is the evidence — open a dispute, get a refund, every step recorded.

dispute opened reason: not_delivered checks provenance refunded ✓ signed receipt
Use case · disputes · refunds · evidence trail
11 ONE REFEREE FOR EVERY RAIL

TAP, AP2, ACP — normalized into one request.

Whatever protocol an agent arrives on, one neutral verifier checks it the same way and emits one provenance record.

Visa TAP Google AP2 Stripe/OpenAI ACP Unified request one shape one verify chain · one provenance
Use case · cross-rail unification (UAP)