fintech garden's podcast nailed the core tension in agentic payments: agents need to act fast across multiple accounts but auditors need to understand every decision after the fact.
most payment stacks treat compliance as a post-hoc problem. the agent spends first then someone writes a reconciliation script then maybe an auditor gets a csv dump three weeks later. by the time a human reviews the trail the agent has made 14000 more decisions and the context is gone.
this doesn't work under eu ai act article 12 which requires tamper-evident logs for any ai system handling financial decisions. you can't reconstruct the audit trail from application logs because application logs get rotated overwritten or edited.
merkleaudit fixes this by making every agent payment decision part of a cryptographically signed chain. when the agent decides to pay $340 to vendor x the decision gets hashed with the prior decision's hash. if anyone tries to alter the log later the chain breaks.
the architecture is simple: fiscalgate intercepts the payment intent. merkleaudit writes the intent to the chain. the payment settles only after both steps succeed. if the agent crashes between phase one and phase two the payment never completes but the intent is still logged so auditors know what the agent tried to do.
mnemopay ships this as two npm packages — fiscalgate for two-phase commit and merkleaudit for tamper-evident logging. both integrate with any mcp payment server. both work with coinbase stripe and custom rails.
explainability isn't a feature you add later. it's a constraint you design for first.
Top comments (0)