Frequently asked questions

Frequently asked questions

What is an agent wallet?

An agent wallet is a complete financial identity issued to a single AI agent — a fiat sub-account, a virtual Visa or Mastercard, a USDC wallet on Base, an MCP endpoint, an AP2 keypair, and a signed Principal binding. AgentWallet provisions all of this in one API call (median 412 ms) so the agent can pay vendors, receive money, settle on-chain and prove provenance — without ever sharing a human's card.

Who is AgentWallet for?

Companies that run autonomous AI agents in production — coding agents, ops agents, support agents, media-buying agents, treasury agents, concierge agents, recruiting agents — and the developers building those agent products. If your agent needs to spend, receive, settle or be audited, you need an agent wallet.

How is AgentWallet different from a normal corporate card?

A corporate card has one cardholder, one statement, one credit line and zero scope-per-agent. AgentWallet issues one wallet per agent — with its own balance, its own card, its own USDC address, its own MCP endpoint, its own caps, and its own signing Principal — so spend is auditable per-agent, not blended into one statement.

How do I give my AI agent a credit card?

Call POST /agents on AgentWallet. We issue a real PCI-vaulted Visa or Mastercard scoped to that agent — with per-call caps, MCC allowlists, geofencing and anomaly auto-freeze. The PAN never enters the model context; the agent only ever holds a tokenized handle.

Can AI agents have their own bank account?

Yes. Every AgentWallet agent gets a fiat sub-account routable on 17 payout rails (ACH, FedNow, Wire, SEPA, SEPA Instant, Faster Payments, Pix, UPI, IMPS, Interac, BECS, PromptPay, plus cross-border push-to-card and bank transfer in 208 countries) plus a USDC wallet on Base.

How do I give my AI agent USDC?

On agent creation we provision a Coinbase CDP-managed USDC wallet on Base — keys held inside a TEE, gas sponsored. Fund it from the parent Company treasury or accept inbound USDC from any Base address. Same call, same trace.

How do AI agents pay for things?

AgentWallet exposes 14 typed MCP tools (charge, payout, usdc.transfer, x402.pay, mandate.sign, refund, balance, trace and more) over a per-agent MCP endpoint. The LLM picks the right tool, AgentWallet enforces the spending policy, signs the AP2 mandate, dispatches on the right rail and returns a trace ID that links the on-chain receipt, the card swipe and the fiat leg into one ledger row.

How do I limit how much money my AI agent spends?

Set per-call, per-day, per-month, per-counterparty and per-rail caps. The 4-layer policy cascade enforces Account ⊇ Principal ⊇ Agent on every write — you cannot grant an agent more than its Principal has, and you cannot grant a Principal more than the Account is approved for. Spends over a configurable threshold escalate to the Principal via WhatsApp tap-to-approve or passkey.

Is it safe to give an AI agent a credit card?

Yes — when issued through AgentWallet. The card PAN lives in a PCI DSS Level 1 vault and never enters the model context. MCC allowlists block adult, gambling and other high-risk categories; single-use tokens auto-burn after one swipe; geofencing pins spend to allow-listed countries; anomaly auto-freeze pauses the card and pings the Principal on a 5× baseline spike.

Can the agent ever spend without human approval?

Only within a pre-signed IntentMandate ('this agent may spend up to $X on category Y until date Z'). Anything outside the mandate scope, anything over the cap, or anything to a non-allow-listed counterparty requires a fresh Principal signature.

What if the agent goes rogue or hallucinates a payment?

Three layers stop it. (1) The mandate scope rejects anything outside the pre-authorized category and amount. (2) Per-call, per-day and per-counterparty caps reject runaway loops at the policy gate before any rail is hit. (3) Anomaly auto-freeze pauses the wallet on a 5× baseline spike and pings the Principal. None of these depend on the agent behaving correctly.

How much does AgentWallet cost?

Free to start. You only pay for processed volume (a small percentage on payouts and card spend) and active agent wallets above the included tier. Sandbox keys, MCP endpoint, AP2 mandates and the Principal control plane are free.

Does AgentWallet work with ChatGPT, Claude, Cursor, Devin and LangChain?

Yes. Each agent's MCP endpoint is a plain URL that drops into Claude Desktop, Cursor, Devin, LangChain, OpenAI Tools and any MCP-compatible client. The 14 typed tools are vendor-neutral, so the same agent works across Anthropic, OpenAI, Google, xAI and open-source models.

How is AgentWallet different from Stripe Issuing or Brex?

Stripe Issuing and Brex issue cards to humans (or, at best, to one virtual proxy per workflow). AgentWallet issues a complete identity per agent — card + bank + USDC + MCP + AP2 + Principal — with policy and audit shaped around autonomous software, not human cardholders. See /vs-link for a full feature comparison.

How is AgentWallet different from Circle Programmable Wallets?

Circle Programmable Wallets is a USDC-only smart-wallet SDK — no fiat rails, no virtual card, no MCP, no AP2, no Principal control plane. AgentWallet uses the same on-chain primitives (USDC, EIP-3009) plus 17 fiat rails, virtual cards, MCP, AP2 and a full identity stack. See /vs/circle for the deep comparison.

What is x402 and why should I care?

x402 is the HTTP 402 Payment Required protocol used for machine-to-machine payments — a single round-trip with a signed authorization in a header, no redirect, no UI, no human at a keyboard. It is the protocol AI agents actually use to pay APIs and other agents. AgentWallet implements x402 over EIP-3009 for USDC on Base.

What is AP2?

AP2 (Agent Payments Protocol) is the open mandate format that binds every AI-agent payment to a cryptographically signed authorization from a verified human Principal. Three mandate types — IntentMandate, CartMandate, PaymentMandate — anchored on Base for replay-safe audit.

What is MCP?

MCP (Model Context Protocol) is the open standard for connecting LLMs to tools. AgentWallet exposes 14 typed tools over a per-agent MCP URL that drops into Cursor, Claude Desktop, Devin, LangChain or any MCP-compatible client.

Is AgentWallet PCI compliant? SOC 2?

Yes — PCI DSS Level 1 vault for card PAN data (AgentWallet itself is PCI SAQ A because we never touch the raw PAN) and SOC 2 Type II for the application surface. Reports available under NDA via /contact.

How does AgentWallet do KYC and KYB?

KYB at the Company tier (the legal entity that owns the AgentWallet account) via Payouts.com. KYC at the Principal tier (the human accountable for an agent's actions) — government ID, liveness check, sanctions screen and a WebAuthn passkey enrolment. Agents are software identity and inherit accountability from their signing Principal.

Are AI agents allowed to move money under US / EU regulations?

Yes — when accountability is bound to a KYC'd human Principal, which is exactly what AgentWallet's identity tree enforces. The agent is software identity; the human Principal is the legally accountable party. This matches how 'authorized user' card programs and ACH origination already work today.

Can I audit what an AI agent did?

Every agent action — every MCP tool call, every API request, every signed mandate, every settlement — writes a row to the unified trace ledger keyed by trace_id, agent_id and principal_id. Filter by agent for a complete, replay-safe history of that agent's financial life.

Where is data stored?

Application data lives in Postgres (US-East primary, EU-West read replica for European Principals). Card PAN data lives in our issuer's PCI-vaulted region. USDC keys live inside Coinbase CDP TEEs. Backups are encrypted with KMS-managed keys.

What languages does the SDK support?

TypeScript / JavaScript is first-class with strongly-typed clients generated from our OpenAPI spec. The OpenAPI spec at /docs/openapi.yaml lets you generate idiomatic clients for Python, Go, Rust, Java and any other language that has an OpenAPI generator.

How do I get a sandbox key?

Sign up at /sign-up, click 'create sandbox', and you have a full feature-parity sandbox in 30 seconds — fund, charge, refund, USDC, mandates, MCP, virtual cards, all instant, all reset-able. No real money, no real KYB required to develop against.

How are webhooks signed and retried?

Outbound webhooks are signed with X-Payouts-Signature: t=…,v1=hex (Stripe-compatible scheme) keyed by your per-endpoint secret. We retry with exponential backoff (30 s → 1 h cap) for up to 8 attempts, then dead-letter — every attempt auditable in the dashboard.

What happens if AgentWallet goes down?

Status at /status. The architecture is one Express process backed by Postgres with managed read replicas; we operate to a 99.95% monthly availability target. In the worst case, in-flight mandates are replayable from the on-chain anchor, and the trace ledger is the canonical source of truth for any reconciliation.

Is AgentWallet open source?

The protocol pieces — AP2 mandate format, MCP tool catalog, x402 client behavior — are open standards or open-spec. The hosted AgentWallet platform itself is proprietary so we can guarantee the policy gate, the PCI scope, the signing chain and the SLA. Self-host inquiries via /contact.

What's on the roadmap?

v0.6: Members + invitations + RBAC. v0.7: event-sourced ledger with JIT-resource-create approval flow. v0.8: custom MCP tool plugins per account. v0.9: split approval kinds (capability vs allocation). v1.0: on-chain registration on Base mainnet, per-agent MCP server, public agent reputation. Live tracker at /roadmap.

How do I get started?

Sign up at /sign-up — sandbox keys are issued in 30 seconds, your first agent wallet provisions in under half a second, and you can wire it into Cursor, Claude Desktop or your own runtime in five minutes. Production access requires Company KYB and one Principal KYC.