Protocol

The Problem

One Unauthorized Agent Transaction Could Cost You Everything.

AI agents are executing purchases with no audit trail, no mandate verification, and no legal defensibility. When the first major dispute hits, you'll wish you'd built the trust layer.

$362 billion in digital payment fraud projected through 2028 — and agentic commerce has zero verification standards (Juniper Research)

Every $1 of fraud costs merchants $3.75 in chargebacks, investigation, and overhead (LexisNexis Risk Solutions)

No existing payment standard addresses AI-agent-initiated transactions — AP2 is the only purpose-built trust layer

The Solution

AP2 Mandate & Trust Service — built to solve exactly this.

AP2 Mandate & Trust Service

Cryptographic trust infrastructure for agentic transactions

The AP2 Mandate and Trust Service implements cryptographic mandates and Verifiable Credentials that allow AI agents to prove authorization before executing transactions. This trust layer addresses the $362 billion annual fraud problem by ensuring every agent action is cryptographically verifiable and traceable to an authorized human principal.

Implementation of the Agent Payments Protocol (AP2) — including Intent and Cart mandates, Verifiable Credentials, x402 crypto payment support, and non-repudiation audit trails. The trust layer that ma...

AP2 Deep Dive Learn More

$35,000

Delivered in 4–6 weeks

Speak With Our Team

No retainer lock-in

Deliverables are yours to keep

Adam personally reviews every engagement

$362B

Projected Fraud Losses (2023-2028)

Juniper Research, 2023

$48B

Annual E-Commerce Fraud

Juniper Research, 2023

150+

Orgs Using W3C Verifiable Credentials

W3C VC Working Group

$3.75

True Cost per $1 of Fraud

LexisNexis Risk Solutions

Cost of Inaction

$3.75 per Dollar

Every fraudulent dollar costs you $3.75. With agent-initiated transactions growing exponentially and zero audit trail standards, the first major dispute could trigger regulatory scrutiny, class action exposure, and irreversible brand damage.

Source: LexisNexis Risk Solutions, True Cost of Fraud Study

How It Works

See It in Action

adamsilvaconsulting.com/services/ap2-trust-layer

Loading video...

“We process $2.4M/month in agent-initiated B2B orders. AP2 mandates eliminated our dispute rate entirely — every transaction has a cryptographic chain of authorization that makes chargebacks impossible to win against us.”

AP2 Trust Implementation

Enterprise B2B procurement platform

What You Get

Every Deliverable Is Yours to Keep

Concrete, measurable outputs — not vague “strategy sessions” or recurring retainers.

.well-known/ap2/mandates.json
Intent and Cart mandate schemas
Verifiable Credentials integration
x402 payment protocol support
Audit trail implementation

Why This Exists

About AP2 Mandate & Trust Service

Digital payment fraud losses are projected to reach $362 billion globally between 2023 and 2028 (Juniper Research, 2023). As AI agents begin executing financial transactions autonomously, the attack surface expands dramatically — because agent-initiated payments lack the identity verification, intent confirmation, and audit trails that human-initiated payments take for granted. When a human clicks "Buy Now," there is an implicit chain of intent: they browsed, they selected, they entered payment details, they confirmed. When an AI agent executes that same transaction, there is no click trail — only an API call. Without cryptographic proof of authorization, any dispute becomes a "he said, she said" between the merchant and the agent operator. AP2 solves this with cryptographic mandates: machine-readable, signed documents that prove a human authorized a specific transaction scope before the agent acted. The W3C Verifiable Credentials standard (used by over 150 organizations globally) provides the identity layer — proving which agent acted, on whose behalf, with what authority. The x402 payment protocol adds cryptocurrency support for cross-border agent transactions where traditional payment rails are too slow or too expensive. Every mandate, credential, and transaction is logged in a non-repudiation audit trail that makes agentic commerce legally defensible in any jurisdiction.

Built For

Enterprise e-commerce with high transaction value

What Makes This Different

AP2 is the legal backbone of agentic commerce. Without cryptographic mandates, agent-initiated transactions have no audit trail and no dispute resolution. AP2 makes agentic payments legally defensible.

Process

How It Works

Clear steps from kickoff to delivery. No ambiguity.

1
Trust architecture design: define mandate types (Intent, Cart), signing authorities, and verification flow
2
Mandate implementation: .well-known/ap2/mandates.json with cryptographic schemas
3
Verifiable Credentials: agent identity verification and credential issuance
4
x402 integration: crypto payment protocol support for cross-border agent transactions
5
Audit trail deployment: non-repudiation logging with dispute resolution framework

Capabilities

How We Deliver Results

AP2 v1 spec compliance
Cryptographic mandate signing
Non-repudiation architecture
Agent identity verification
Dispute resolution framework

Deep Dive

Why This Matters

The $362 Billion Fraud Problem That Agentic Commerce Makes Worse

Juniper Research projects cumulative digital payment fraud losses of $362 billion between 2023 and 2028, with annual e-commerce fraud alone reaching $48 billion by 2023. The Federal Trade Commission reported $10 billion in fraud losses in the US alone in 2023 — a 14% increase over 2022. These figures assume human-initiated transactions with existing verification layers (CVV, 3D Secure, biometric authentication). Agentic commerce strips away every one of those layers: an AI agent doesn't have a fingerprint, doesn't pass 3D Secure challenges, and doesn't enter a CVV. Without AP2, agent-initiated transactions rely on API keys alone — and a compromised API key means unlimited unauthorized purchasing with no cryptographic proof of who authorized what. LexisNexis Risk Solutions found that every dollar of fraud costs merchants $3.75 in chargebacks, investigation, and operational overhead. For enterprise merchants processing $10M+ annually, even a 0.5% fraud rate costs $187,500 per year in direct losses — before accounting for brand damage, customer churn, and regulatory scrutiny. AP2 mandates create an unbreakable chain: human authorization, agent identity, transaction scope, and cryptographic signature — all verifiable after the fact.

How Cryptographic Mandates Work

An AP2 mandate is a JSON document signed with the authorizing human's private key. It specifies exactly what the agent is permitted to do: purchase categories, spending limits, merchant restrictions, time windows, and approval requirements. There are two mandate types: Intent Mandates (the human authorizes a general purchasing intent — "buy office supplies under $500 from approved vendors this month") and Cart Mandates (the human authorizes a specific cart — "buy these 3 items from this merchant at this price"). Intent Mandates enable autonomous agent purchasing within defined guardrails. Cart Mandates enable human-in-the-loop confirmation for high-value or unusual transactions. Both are cryptographically signed using Ed25519 or ECDSA algorithms, timestamped, and published to the merchant's .well-known/ap2/mandates.json endpoint. The merchant can verify any mandate in under 10ms — confirming the authorizing human, the agent identity, the permitted scope, and the signature validity. The National Institute of Standards and Technology (NIST) recommends Ed25519 for its speed (76,000 verifications per second on commodity hardware) and resistance to side-channel attacks. This verification cost is negligible compared to the $3.75-per-dollar cost of processing a fraudulent transaction.

Verifiable Credentials and the x402 Payment Layer

The W3C Verifiable Credentials specification — developed by over 150 organizations including Microsoft, Google, IBM, and the US Department of Homeland Security — provides a standardized way to issue, hold, and verify digital credentials. In the AP2 context, Verifiable Credentials prove agent identity: which AI system is acting, which organization operates it, what certifications or compliance standards it meets, and what purchasing authority it holds. This is critical for enterprise procurement where vendor compliance requirements (SOC 2, ISO 27001, GDPR) must extend to automated purchasing agents. The x402 protocol layer adds cryptocurrency payment support for scenarios where traditional payment rails are inadequate: cross-border transactions where SWIFT takes 3-5 business days and costs $25-50 per transfer, micropayments where credit card minimum fees make sub-$1 transactions uneconomical, and jurisdictions where traditional payment infrastructure is limited. Chainalysis reports that cross-border cryptocurrency transfers reached $2.8 trillion in 2023, with average settlement times under 15 minutes. For agentic commerce operating across borders, x402 provides instant settlement at negligible cost — with the same cryptographic audit trail that AP2 mandates require.

AP2 Mandate & Trust Service — The Problem

AP2 Mandate & Trust Service — Our Solution

AP2 Mandate & Trust Service — Before vs After

AP2 Mandate & Trust Service — The Result

Comparison

ASC AP2 Implementation vs. Enterprise PKI vs. No Trust Layer

Feature	Adam Silva Consulting	Typical Alternative
Cost	$35,000	$200K-$1M / $0 (and $0 protection)
Timeline	4-6 weeks	6-12 months / N/A
Cryptographic mandate signing	Ed25519 + ECDSA	Custom PKI / None
W3C Verifiable Credentials	Full integration	Partial / None
Dispute resolution framework	Built-in	Legal team required / None
x402 crypto payment support		Separate vendor / None
Non-repudiation audit trail	Every transaction	Varies / None
Agent-specific (not generic PKI)	Purpose-built for agents	Generic / None

FAQ

Common Questions

What does AP2 Mandate & Trust Service include?+

AP2 Mandate & Trust Service includes: .well-known/ap2/mandates.json; Intent and Cart mandate schemas; Verifiable Credentials integration; x402 payment protocol support; Audit trail implementation. Implementation of the Agent Payments Protocol (AP2) — including Intent and Cart mandates, Verifiable Credentials, x402 crypto payment support, and non-repudiation audit trails. The trust layer that makes agentic commerce legally defensible.

How long does AP2 Mandate & Trust Service take?+

AP2 Mandate & Trust Service takes 4–6 weeks. The 4–6 weeks timeline begins once the engagement is confirmed and kickoff is complete.

Who is AP2 Mandate & Trust Service for?+

AP2 Mandate & Trust Service is designed for Enterprise e-commerce with high transaction value. If you are unsure whether this service fits your needs, start with the free Agentic Commerce Readiness Assessment (ACRA) for a prioritized strategic roadmap.

Do I need AP2 if I already have ACP?+

ACP handles the transaction mechanics — how an agent completes a purchase. AP2 handles the trust layer — proving the agent was authorized to make that purchase. Without AP2, you have no cryptographic proof of authorization, no audit trail for disputes, and no legal defensibility if a transaction is contested. For low-value transactions, the risk may be acceptable. For enterprise commerce, AP2 is essential.

What happens if a mandate is compromised?+

Mandates are scoped and time-limited by design. A compromised Intent Mandate can only be used within its defined spending limits, merchant restrictions, and time window. Cart Mandates are single-use. Mandate revocation is supported — the authorizing human can invalidate any mandate instantly, and merchants verify revocation status before processing.

Is x402 required?+

No — x402 is optional and only relevant for businesses processing cross-border transactions or micropayments where traditional payment rails are inadequate. Most clients start with fiat-only AP2 mandates and add x402 later if their use case requires it.

Honest Talk

If Your Average Transaction Is Under $50, You Probably Don't Need This.

Skip This If...

Your transactions are low-value and chargebacks are an acceptable cost of business
You don't plan to support AI agent purchasing within 2 years
You operate in a single country with simple payment requirements

This Is For You If...

Enterprise B2B with high-value transactions where a single dispute could cost $100K+
You're already implementing ACP and need the trust layer to make it legally defensible
Regulatory compliance requires cryptographic audit trails for automated transactions

$35,000 — no retainer lock-in, no recurring surprises.

Hub

Agent Payments Protocol (AP2) Hub

Protocol

AP2 Protocol Deep Dive