The whole system,
candidly documented.
18 chapters. Every route, schema, mandate, rail, and gate that's actually shipped — plus what's tracked. Pick a path: developer, security, ops, or architecture.
WHY THESE DOCS READ DIFFERENT
We tell you what's actually wired up.
In production right now. Pen-tested where applicable. Used in customer pipelines.
Two paths exist; one is the canonical and one is being aligned. We name the bypass and link the task.
Defined, scoped, in .local/tasks/. Not deployed. We don't claim it.
Example. Chapter 07 §8
The Principal-facing wallet credit endpoint POST /agents/:id/wallet/credit calls addFunds directly. It bypasses the master-balance headroom check that the admin path enforces via allocateWalletFunds + pg_advisory_xact_lock. Tracked in Chapter 17. We don't pretend it isn't.
Table of Contents
Product Overview & Domain Model
Actors, agent lifecycle, multi-tenant scoping, RBAC, capability cascade.
Data Model
~192 tables. agent_identities, fiat ledger, AP2 mandates, communication tables.
Wallet Service
Double-entry ledger. Balance is computed, never stored. Advisory locks for headroom.
Funding, Top-up & Payouts
Funding paths, payout rails (ACH/SEPA/Pix/UPI/Wire/SWIFT), USDC on/off-ramps.
Approvals & Execution Gates
Per-txn / daily / monthly caps. Auto-approve thresholds. Force-approve admin override.
Agent Portal — Frontend
React app. Magic-link OTP. 17 tabs from Overview through Settings.
Agent Portal — Backend
Express routes mounted at /api/agent-portal. RBAC middleware.
Communication Channels
Per-agent phone, SMS, email, WhatsApp. Inbound routing into the unified activity feed.
MCP Surface
The per-agent MCP server at /mcp/agent. JSON-RPC over HTTP.
ACP, A2A & External Tool APIs
x402, Stripe SPT, VGS card tokens. /.well-known/agent.json.
AP2 & Payment Rails
ES256 mandate chain: Intent → Cart → Payment. EIP-3009 USDC on Base.
Invoice & Purchase Pipelines
Invoice ingestion, bulk upload, KYB blockers, business verification.
Activity & Ledger
Unified activity feed. Append-only audit. Card-level filters.
Security, Secrets & Compliance
VGS tokenization. CDP HSM. AES-256-GCM for AP2 keys. SOC2 audit trail.
Operations
Deployment topology. Env vars. Runbooks for every common failure.
Testing & QA
AP2 smoke test exists. End-to-end suites are tracked, not yet shipped.
Roadmap & Open Work
Everything we've shipped, what's in flight, and what's tracked. Honest list.
Glossary & Index
Principal vs Client. Agent vs Tenant. The terms we use, consistently.