Fidacy

// FOR INSURERS AND MGAs

The evidence layer that makes agents insurable.

You cannot price or adjudicate agent risk without a deterministic, verifiable record of what the agent did under which mandate. The rails cannot supply it: a party that executes the payment cannot be its neutral record. Fidacy is the independent layer that authorizes, blocks and proves every agentic economic action, and every claim below is verifiable without trusting us.

The failure corpus

Frequency by attack class, severity by band

Every gated decision reports its attack class (wrong payee, lookalike, duplicate invoice, over cap, out of scope) and, from client 0.1.19, the order-of-magnitude band of the amount and how far a deny sat above the cap. Never the amount itself: enums by construction, so the corpus gains a loss-distribution shape without ever touching PII. Live and public at api.fidacy.com/v1/pulse.

The track record

Operating history you can re-verify on Bitcoin

Our public metrics are snapshotted weekly, hashed, and anchored to the Bitcoin blockchain on the same chain as every verdict. Tenure stops being a claim: re-hash any snapshot at /v1/transparency/snapshots and check it against the public verifier. A competitor starting later can never have an older anchored history, by construction.

The calibration loop

Verdicts measured against human ground truth

Labeled cases feed an eval loop; aggregate calibration (accuracy, cost-weighted error, fail-safe direction) is published at /v1/transparency. Errors are weighted so approving-what-should-deny costs most: the error direction an underwriter wants.

// THE CRASH TEST

The non-bypass matrix, release-gated

Structured failure-mode testing, run on every release as a blocking CI gate. Labeled for what it is: a lab result, complementing the field corpus the way a crash test complements accident statistics.

Attack scenarioOutcome, every release
Missing grantZero PSP calls. The executor refuses outright.
Tampered grant (any byte)Signature check fails. Zero PSP calls.
Replayed grant (reuse)One settle per grant. The second attempt dies.
Expired grant120s TTL enforced. Zero PSP calls.
Payee or amount mismatchGrant is bound to both. Zero PSP calls.
Duplicate invoice, any amount, any spacingOne ALLOW per (subject, invoice), canonicalized, survives restarts.
Read this honestly: the field corpus is young and the severity bands started accruing with client 0.1.19. What we bring today is the only installed sensor in the category, the first real failure taxonomy, a control-level compliance mapping (machine-readable), and an architecture where every number above is checkable by you, not asserted by us. If your underwriting needs telemetry, this is the layer that produces it.

>=-/\ SHIP /\-=<

Your first signed, verifiable verdict. This afternoon.

The market says this layer has to exist. It's running, self-serve: spin up your org, connect an agent in one MCP install, and verify the verdict yourself. No sales call.

Live on UCP · AP2 · A2A. Built for the audit-trail and accountability duties regulators are writing worldwide, EU AI Act, and the wave following it.