google just announced ap2, an "agentic payment protocol" for authorizing AI agents to make payments. a hacker news commenter asked how this doesn't devolve into an un-auditable mess once agents start calling agents.
that's the right question.
the agent-calls-agent problem
when agent A delegates to agent B, who calls tool C, who triggers a $12 payment — who authorized it? what's the audit trail? can you prove to a regulator that the human actually intended this chain of delegation?
ap2 (and coinbase's x402, and paypal's agent toolkit) focus on the payment authorization step. they don't define:
- how to log the full causal chain in a tamper-evident way
- how to bundle that chain into something an auditor or dispute team can parse
- how to carry an agent's reputation and memory across different ap2-enabled systems
what mnemopay adds
mnemopay sits between ap2 (or x402, or any payment rail) and your agent. it provides:
- fiscalgate: two-phase commit so business logic and payments stay atomic
- merkleaudit: tamper-evident log of every decision, readable by auditors
- agent fico: portable reputation that travels with the agent across environments
ap2 is a protocol. mnemopay is the governance layer that makes ap2 safe to run in production with real money and real regulators.
i'm not saying google's approach is wrong — i'm saying it's incomplete without an opinionated audit and governance stack on top.
Top comments (0)