Skip to content

LedgerFlow

The Missing Authz Layer for x402 AI Payments.

LedgerFlow is a compact, verifiable authorization protocol that completes the x402 payment standard for AI agent transactions. While x402 defines how agents pay for resources, it does not define how agents are authorized to pay — and that is exactly the gap LedgerFlow fills.

Why LedgerFlow?

AI agents are autonomously spending real money. Every API call, every model invocation, every data purchase — agents need to pay. But without a standardized authorization layer, there is no way to:

  • Bound an agent's spending authority to specific merchants, tools, and amounts
  • Delegate limited payment rights from humans to agents with cryptographic guarantees
  • Audit every payment decision with a tamper-proof proof-of-authorization
  • Settle across diverse rails — on-chain, exchange, or traditional gateway — through a single protocol

LedgerFlow solves all of this by adding a thin, verifiable authorization layer on top of x402.

The Key Insight

x402 is the settlement protocol. LedgerFlow is the authorization protocol. Together, they form the complete payment stack for the AI economy.

Merchants never need to change their x402 implementation. LedgerFlow data travels inside x402 extension fields. The Facilitator handles the rest.

How It Works

[ Human / Issuer ]
    |
    | issues LedgerFlow warrant
    v
[ AI Agent ]
    |
    | 1. Receives x402 PaymentRequired
    | 2. Selects an x402 offer
    | 3. Attaches LedgerFlow authz extension
    v
[ Merchant Server ]
    |
    | x402 middleware + LedgerFlow verifier
    v
[ Extended x402 Facilitator ]
    |
    | routes to settlement rail
    v
[ Settlement Complete ]

Core Features

Feature Description
Warrant Format Self-contained, signed, short-lived authorization tokens
Constraint System Merchant allowlists, tool scopes, spending limits, delegation depth
Proof-of-Authorization Cryptographic proof binding to the exact x402 quote and HTTP request
x402 Native Data travels inside extensions["ledgerflow"] — no protocol changes
Multi-Rail Settlement Route payments to EVM, Solana, exchanges, or traditional gateways
Replay Protection Nonce-based with atomic TTL storage
Delegation Chain Bounded depth delegation from human to agent to sub-agent

Get Started

  • Overview — The problem, the solution, and how LedgerFlow fits
  • Protocol — The warrant format, proof model, and wire specification
  • Quick Start — Issue your first warrant in minutes
  • x402 Integration — How LedgerFlow extends x402 without changing it
  • Security — Replay protection, revocation, and threat model

Project Status

LedgerFlow is in active development. The protocol specification is stable. The Rust reference implementation is progressing through its implementation phases.

License

Apache-2.0