Principal — verified humans behind every AI agent

Frequently asked questions

Why does an AI agent need a 'Principal'?

Because money movement requires legal accountability and AI agents are software, not legal entities. The Principal is the KYC'd human who signs mandates on behalf of an agent. Every payment chains back to a real, identifiable, non-repudiable human — auditable, reversible, and acceptable to compliance and acquirers.

How does the Principal approve a high-value spend?

Two channels. (1) Passkey — the agent triggers a WebAuthn challenge that lands on the Principal's laptop or phone; one tap signs the AP2 mandate. (2) WhatsApp Business — for over-threshold spends we send a structured WhatsApp message; the Principal taps 'approve' and the spend proceeds.

Can one Principal control many agents?

Yes. A Principal can own any number of agents; spending policies (per-call, per-day, per-counterparty caps) are set per-agent and the Principal is the signature root for all of them.

Can one company have many Principals?

Yes. A Company can have N Principals with role-based permissions — for example, an engineering Principal who owns coding agents and a finance Principal who owns treasury agents. Members + invitations + RBAC are on the roadmap for v0.6.

What if the Principal loses their passkey?

Recovery is via the Principal's verified email + a second factor. We also support N-of-M recovery shards for high-trust accounts. The agent itself does not hold the signing key, so a lost passkey is recoverable without rotating the agent.

Can the agent ever spend without the Principal's signature?

Only within a pre-signed IntentMandate ('this agent may spend up to $X on category Y until date Z'). Anything outside the mandate scope, anything over the cap, or anything to a non-allow-listed counterparty requires a fresh Principal signature.