google's agent payments protocol (ap2) uses digitally signed mandates. a mandate is a contract-like instruction that defines the parameters for an ai agent to transact on a user's behalf.
this isn't new architecture — it's the right architecture. mnemopay's fiscalgate has used mandate-gated two-phase commit since v0.3. the agent submits a payment intent, the governance layer checks the mandate (spend limit, merchant whitelist, time window), then approves or rejects.
why mandates matter: without them, every agent payment is a blind delegation. you're trusting the model to interpret your intent correctly every time. mandates make delegation explicit and auditable.
ap2 proves google sees the same problem. agents need more than api keys — they need scoped, revocable, auditable permission structures. that's what mandates are.
the next question is portability. if i give an agent a mandate in ap2, can it carry that reputation to a coinbase x402 transaction? or do i re-authorize from scratch on every platform?
mnemopay's agent fico is designed to answer that. one reputation score, portable across payment rails. mandates are the input. fico is the output.
Top comments (0)