Three protocols. One wallet. Every payment signed.

AgentWallet is the only wallet that ships AP2, x402, and ACP in production. Google's Agent Payments Protocol (AP2) gives every transaction a verifiable proof that a human authorized the agent — IntentMandate, CartMandate, and PaymentMandate signed by a WebAuthn-bound Principal and anchored on Base. Coinbase's x402 turns any HTTP 402 Payment Required response into a one-round-trip stablecoin settlement on Base, gas sponsored, capped at the wallet layer. Stripe's Agentic Commerce Protocol (ACP) issues a single-use Shared Payment Token (SPT) scoped to one merchant and one cart, so the agent never sees the raw PAN and the token can't be reused, leaked, or replayed. Most platforms ship one. We ship all three — from one API call that also provisions a per-agent fiat wallet, a virtual Mastercard, an MCP endpoint, an AP2 keypair, and a signed principal binding. Median provisioning time: 412 ms.

AP2 implementation — full v0.1 spec: ECDSA keypair per agent, public key endpoint for verifier resolution, MCP signing tools (agent_sign_intent_mandate, agent_sign_cart_mandate, agent_get_payment_mandate), inbound payment endpoint with full mandate-chain verification, beneficiary resolver, audit trail, key revocation, idempotency hardening.
x402 implementation — native client and server support, USDC settlement on Base via Coinbase CDP, gas sponsored (agents never need to hold ETH), per-agent caps enforced at the wallet layer, works with any LLM or framework that can speak HTTP.
ACP implementation — Shared Payment Token (SPT) issuance service in production, VGS forward-proxy architecture so real PANs never enter the model context, MCC allowlists, geofencing, anomaly auto-freeze enforced per agent. Direct ACP PSP registration with OpenAI is in progress; Stripe acts as the intermediate PSP today. Works at every merchant that accepts Visa or Mastercard.
Verified human principal — every spend ties back through IntentMandate → CartMandate → PaymentMandate → settlement proof, signed by a WebAuthn-bound Principal, anchored on Base for replay-safe dispute resolution.
Per-agent virtual card with MCP — every agent gets a real Visa or Mastercard plus a per-agent MCP endpoint with 14 typed tools. ACP SPTs are issued against this card; AP2 mandates are signed via MCP tools.
End-to-end flow: ~3 seconds from agent intent to anchored receipt. Zero human clicks after the initial mandate.

Frequently asked questions

Is AP2 production-ready?: The AP2 v0.1 specification is published and stable. AgentWallet has shipped a full v0.1 implementation including keypair infrastructure, mandate signing, public key endpoints, mandate-chain verification, and key revocation. We track the spec roadmap and ship updates as Google publishes them.
Do I have to use all three?: No. Most agents start with one. The point is that you don't have to switch platforms when your use case grows. A procurement agent might start on AP2 + ACP and add x402 when it begins paying for APIs. Same wallet, same principal, same audit log.
What's the difference between ACP and Stripe Issuing?: Stripe Issuing is the underlying card-issuance primitive. ACP (Agentic Commerce Protocol) is the standard for using those cards in agent-to-merchant flows — specifically, the Shared Payment Token format. AgentWallet uses Stripe as the intermediate PSP today while our direct ACP PSP registration with OpenAI is in progress.
Why USDC on Base for x402?: Base has the lowest fees for stablecoin settlement at the volume agents generate, Coinbase's CDP gives us gas sponsorship out of the box, and USDC is the asset every x402 merchant accepts. We can add other chains as the protocol expands.
How are spending limits enforced across protocols?: At the wallet layer, not the application layer. Per-call, daily, and monthly caps apply identically whether the agent is signing an AP2 mandate, completing an x402 handshake, or spending against an ACP token. One policy surface, three protocols.