For enterprise

Adopt agents at scale. Without owning the liability.

Your competitors are deploying AI agents that do real work: procurement, payouts, subscriptions, vendor management. What's holding your rollout back isn't the technology. It's that when an agent moves money, a person inside your company has to sign for it, and today that person has nothing to sign with. Fidacy gives them something to sign with.

The three sentences that stall every rollout

Finance

“Who eats the loss when the agent pays a fraudulent invoice?”

Nobody, because it doesn't settle. The firewall denies any payment outside the signed mandate before money moves. And for the payments that do move, the signed grant states exactly what was authorized, so a dispute is decided by evidence instead of by whoever shouts loudest.

Compliance

“What do I hand the auditor when they ask what the agents did?”

A tamper-evident audit trail, hash-chained and anchored to Bitcoin. The auditor verifies it against public keys and the public chain. They do not have to trust your logs, your vendor, or us.

Legal

“If the agent goes rogue, are we exposed on every action it took?”

Your exposure has a boundary, the mandate. Actions inside it carry a grant you can point to. Actions outside it were denied, and you hold signed proof of the denial. That boundary is what lets counsel say yes.

Every stalled agent program dies in one of those three meetings. Which means the market for agents at scale belongs to whoever can walk into those meetings with proof. That's the layer Fidacy is.

What you're actually buying

Four controls that turn “trust the agent” into “verify the action”.

01

The mandate, your policy as a signed object

You define what each agent may do: payees, per-transaction cap, total budget, currencies, categories, validity window. It's a signed document, versioned, revocable in one call. Not a wiki page someone forgot to update.

02

The firewall, deny-by-default at the moment of action

Every money-moving call is checked against the mandate before it executes. Lookalike payee, duplicate invoice, over-cap, out-of-window: denied. The failure mode is money that does not move, never money that moves wrong.

03

The grant, a per-action authorization that assigns liability

Each allowed action gets an Ed25519-signed grant bound to the exact payee, amount, currency and invoice, verifiable offline by anyone against published keys. The Fidacy Grant is an open spec. No valid grant, no settlement.

04

The audit, evidence your auditor verifies without trusting you

Every decision, allow and deny alike, lands in a hash-chained log whose checkpoints are anchored to the Bitcoin blockchain. Rewriting history would mean rewriting Bitcoin. That's what turns logs into evidence.

The Fidacy Grant Liability Rule, v1

“A payment executed with a valid Fidacy Grant was authorized, and responsibility follows the mandate. A payment executed without one was not, and responsibility follows whoever executed it.”

One sentence, adopted by reference in a contract or platform terms, and the scariest question in agentic payments (“who is liable?”) has a mechanical answer. Card networks did this with 3-D Secure: authenticate the transaction and the fraud liability shifts. The grant does the same for agent actions. The spec is open, the verification runs offline, and it does not require Fidacy to exist for a grant to verify.

Read the open spec

Compliance

Built for the record-keeping duties that are coming.

The EU AI Act expects automatically generated logs and traceability from high-risk AI systems. Financial regulators already expect you to explain any movement of money. Fidacy produces exactly that artifact: a complete, tamper-evident record of what each agent was authorized to do and what it actually did, independently verifiable.

We are honest about what this is: evidence, on demand, from day one. It is not a certification, and we won't pretend otherwise. Your auditor gets cryptographic proof instead of screenshots of a dashboard.

And it goes past payments. The same anchored chain accepts any artifact your process has to defend later: a contract, a medical prescription, an insurance claim, an audio recording. The file is hashed on your machine and never uploaded; the hash is anchored to Bitcoin. Months later, one lookup proves whether the document in front of you is byte-for-byte the one that existed then. Artifact anchoring ships in the same install.

Deployment

Nothing to migrate. Nothing to custody.

  • Local-first.The firewall runs inside your agent's process, on your infrastructure. Decisions happen in-process, no external call on the hot path.
  • Non-custodial. Fidacy never touches, holds or routes your money. We issue verdicts and proof. Your rails stay your rails, your PCI scope stays where it is.
  • Rail-agnostic. Works in front of any payment method your agents use today: cards, transfers, stablecoins, internal ledgers. If the agent can call it, the firewall can gate it.
  • Adopted bottom-up. The same firewall your engineers can install today, free, with one command. Your pilot probably already exists inside your own building.

1,927

Agent actions gated, all time

3,415

Signed verdicts issued

#956,663

Latest Bitcoin anchor block

Live from the production engine. Verify them yourself at api.fidacy.com/v1/pulse.

The question is no longer “can we trust the agents?” It's “can we prove what we authorized?” With Fidacy, yes.

A pilot is one agent, one mandate, one week. Your engineers install the same free firewall thousands of builders run today, you point one real workflow at it, and at the end you hold a signed, anchored record you can put in front of finance, compliance and legal. That record is the yes.