Agent Builders

Add Fidacy to your agent

Your AI agent is about to spend money or take an action. Fidacy is the external gate that decides, approve, review, or deny, and returns a cryptographically signed verdict. It runs outsidethe model, so a prompt-injected or hijacked agent can't talk past it. Three steps: get a key, wrap the action, honor the decision.

1 · Get an API key

Sign in at app.fidacy.com, create your org (one click), and mint a key scoped to assess:write. Start on the free Developer tier (1,000 assessments/month, no card). Use a fky_test_… key while you build, it runs in sandbox mode and never counts as live.

export FIDACY_API_KEY="fky_test_…"   # sandbox while you build

2 · Gate the action before it executes

Wherever your agent is about to call its pay / checkout tool, call /v1/assess first and act only on approve. The gate is one HTTP call, no SDK required.

POST/v1/assess
// agent-guard.ts, wrap any agent payment/action in a Fidacy verdict
const FIDACY = "https://api.fidacy.com";

export async function guard(mandate: Record<string, unknown>) {
  const res = await fetch(`${FIDACY}/v1/assess`, {
    method: "POST",
    headers: {
      authorization: `Bearer ${process.env.FIDACY_API_KEY}`,
      "content-type": "application/json",
    },
    body: JSON.stringify({ kind: "ap2_payment", mandate }),
  });
  // Network/HTTP failure → treat as NOT approved (fail safe, never auto-pay).
  if (!res.ok) return { decision: "review", reason: `fidacy_${res.status}` };
  return res.json(); // { decision, score, riskPayloadJws, mandate, outcome, ... }
}

// …inside your agent's payment tool:
const verdict = await guard({
  vct: "mandate.payment.1",
  transaction_id: crypto.randomUUID().replace(/-/g, ""),
  payee: { id: "merchant_42", name: "Acme Corp" },
  payment_amount: { amount: 4299, currency: "EUR" }, // minor units
  payment_instrument: { id: "pi_1", type: "card" },
});

if (verdict.decision !== "approve") {
  // Do NOT execute the payment. See step 3.
  return halt(verdict);
}
await executePayment(verdict.mandate); // mandate carries the signed risk_data

Python, same shape:

import os, uuid, requests

def guard(mandate: dict) -> dict:
    r = requests.post(
        "https://api.fidacy.com/v1/assess",
        headers={"authorization": f"Bearer {os.environ['FIDACY_API_KEY']}"},
        json={"kind": "ap2_payment", "mandate": mandate},
        timeout=8,
    )
    if not r.ok:
        return {"decision": "review", "reason": f"fidacy_{r.status_code}"}
    return r.json()

3 · Honor the decision

  • ·approve, execute the action. Forward verdict.mandate: the signed Risk Payload is already injected into its risk_data.
  • ·review, pause the agent and step up to a human (or stronger auth) before clearing. Never treat review as a soft approve.
  • ·deny, block the action and surface the rejection_reasons to your user. No money moves.
Fail safe. On any error, network, timeout, a 5xx, treat it as review, never approve. The guard() above does this for you. The engine itself also degrades to review on any internal fault, never to approve.

Honoring the decision here is on the agent. To make it enforceable, so a deny cannot move money even if the agent ignores it, route payments through the Payment Firewall: an approve issues a short-lived grant the executor checks before money moves, and the audit head is anchored to Bitcoin.

Spending a user's money? Add a budget

If your agent spends on behalf of a consumer, attach a spending_mandateto the same call, per-transaction caps, daily/monthly limits, allowed merchants, and a human-confirmation threshold. The gate enforces the user's budget in code, outside the agent. See Spend Guard.

// add to the /v1/assess body, off by default, most-restrictive wins
"spending_mandate": {
  "subject": { "user_id": "usr_123" },
  "per_transaction_max": { "amount": 10000, "currency": "EUR" },
  "daily_max": { "amount": 50000, "currency": "EUR" },
  "require_human_confirmation_above": { "amount": 7500, "currency": "EUR" }
}

Verify the receipt (no callback needed)

Every approve ships a signed Risk Payload (JWS). Any party, your backend, the merchant, an auditor, can verify it offline against the public JWKS, with zero calls back to Fidacy. This is the tamper-evident receipt that proves the decision was made.

GET/.well-known/jwks.json

Copy-paste verification code (Node + Python) is on the Verify a Payload page.

Go live when you're ready: swap the fky_test_… key for a fky_live_… one. Nothing else changes. Track usage and your tier at app.fidacy.com/billing.