Fidacy

// GET STARTED

Your first verified payment, in three calls.

Fidacy is a hosted decision API. You add one call at the moment an agent is about to act or pay, and get back a signed approve, review, or deny that anyone can verify against public keys.

The gate

Not installed in your infra. Called at the decision point.

Fidacy is a hosted API you call at the moment of action. One call in, one signed verdict back. You branch on the answer.

assess.ts
const v = await fidacy.assess({ mandate });
if (v.decision === 'approve') proceed();
if (v.decision === 'review')  stepUp();
if (v.decision === 'deny')    block();
Six steps

Onboarding, from zero to integrated.

01

Spin up your org

Self-serve at app.fidacy.com, no sales call. Your org is isolated by row-level security with its own keys. Pick your side: acceptor (you receive agent payments) or payer (your agents pay, with Know-Your-Agent plus Spend Guard).

02

Create a test key

Settings, API keys, mode test. The fky_test_ prefix is sandbox, never billed.

03

First call: assess and verify

Install the SDK, assess a mandate, then verify the signature yourself against the public JWKS.

npm i @fidacy/sdk @fidacy/verify
04

Register your agents

An unregistered agent is anonymous and gets denied. In the console, open Agents and click Register agent: it creates the agent, generates its key, and gives you a cnf to paste into the mandate so the engine recognizes it. Deny becomes approve.

05

Configure

Policies (your rules), Spend Guard (limits plus step-up), and Webhooks (signed events).

06

Go live

Swap the test key for a live key. Usage-based billing, metered per assessment.

Install

Assess, then verify it yourself.

index.ts
import { Fidacy } from '@fidacy/sdk';
const fidacy = new Fidacy({ apiKey: process.env.FIDACY_API_KEY });

const v = await fidacy.assess({ mandate });              // signed approve / review / deny
const { valid } = await fidacy.verify(v.riskPayloadJws); // verify it yourself

Works with the SDK, raw HTTP, or protocol-native (UCP, AP2, A2A) where the verdict rides the protocol.

For an MCP-native agent, skip the code: npx -y @fidacy/mcp ships the signed verdict and the payment firewall in one install. See the MCP docs.

Who it is for

One verdict, both sides of the transaction.

Merchants & platforms

Accept agent payments without inheriting agent risk.

Agent operators

Let agents transact within signed limits, with a verifiable passport.

PSPs & wallets

A neutral risk verdict beside your settlement.

Compliance & disputes

Portable, signed evidence an agent was authorized.

Anti-abuse

Tell a legit agent from a bot by credential, not by an arms race.

What to expect

Fast, metered, and verifiable by anyone.

Latency

Millisecond verdicts on the deterministic hot path.

Pricing

Test keys free, live keys metered per assessment.

Verifiable

Every verdict signed (EdDSA JWS), checkable against public keys. A public transparency endpoint publishes accuracy and policy version, so you can verify the quality, not just the signature.

Auditable

Every decision lands in a tamper-evident, hash-chained audit whose head is anchored to Bitcoin, so no party, including Fidacy, can rewrite it.

Enforceable

For real payments the firewall is a hard gate: ALLOW mints a short-lived grant the executor verifies before money moves, DENY means no grant and no money.

Scope

It blocks effects outside the signed mandate. It does not read the agent's intent or move funds.

Ship today

Three calls to your first verified payment.