Agent Payment Facilitation (APF)
Enables agents to initiate, authorize, and settle transactions across payment rails with enclaved security, integrating x402 and AP2 standards for compliant autonomous finance.
User Journey
Eve wants her personal AI agent to autonomously manage her cloud server subscriptions and pay for premium API access. Instead of giving the agent her credit card details or private keys, she uses the zkMe Vault to grant the agent an APF credential with a strict spending limit of 50 dollars per week. When the agent encounters a paywall through an x402 Payment Required challenge, it requests execution through the zkMe kernel. The TEE enclave instantly verifies Eve's authorization, checks the merchant against sanctions lists, and signs the stablecoin payment. The agent completes the transaction without ever seeing the underlying credentials, and an immutable audit log is recorded for Eve to review at any time.
See It in Action
COMING SOON
The Execution Fragmentation Problem
As AI agents transition from information retrieval to autonomous financial action, they encounter significant execution barriers:
Credential Vulnerability: Traditional payment systems require agents to hold live passwords, API keys, or private keys in memory, making them prime targets for prompt injections and credential theft.
Rail Fragmentation: Agents must navigate a complex web of payment rails (ACH, SEPA, stablecoins, crypto), each with distinct authorization flows, compliance rules, and technical standards.
The Underwriting Gap: Executing a payment requires simultaneous underwriting of both the agent’s principal (UBO) and the counterparty, a process that current systems cannot perform instantly and privately.
Lack of Auditability: Autonomous transactions often lack the clear, immutable audit trails required for regulatory compliance and user trust.
The APF solves these problems by providing an enclaved, permissioned execution environment that abstracts away rail complexity while enforcing strict security and compliance checks.
Why zkMe APF?
zkMe’s Payment Facilitation framework leverages hardware-level security and zero-knowledge cryptography to enable trustless agentic transactions.
Enclaved Security
Zero-Knowledge Execution
Delegated Session Keys
Agents never hold raw credentials. Decryption, execution, and memory wiping occur entirely within a hardware Trusted Execution Environment (TEE). Users grant agents limited, revocable signing authority (e.g., “authorized to spend up to $500/day on AWS”). The TEE signs a PASETO action token only when these conditions are met.
Universal Interoperability
Protocol Agnostic
Smart Routing
The APF natively supports emerging agent payment standards, including the Coinbase-backed x402 protocol for HTTP-native stablecoin micropayments and Google’s AP2 (Agent Payments Protocol) for secure authorization. The system automatically routes transactions across the most efficient rail (fiat or crypto) based on the agent’s intent, cost parameters, and destination requirements.
Compliance by Design
Pre-Execution Checks
Before any transaction is signed, the zkMe kernel runs a final, instant compliance check (KYT, KYC, zkTLS) on the destination to ensure the counterparty is not sanctioned and the authorization remains valid.
How It Works: The Agent Flow
The APF integrates deeply with the zkMe Vault and Risk Engine to create a seamless, secure transaction lifecycle.
1. Delegation and Discovery
The user (Principal) delegates authority to the AI Agent via the zkMe Vault, setting specific financial limits and sharing necessary zkKYC credentials. The agent then identifies a financial opportunity or required service (e.g., paying for API access or executing a trade).
2. Request and Verification
The agent requests a transaction through the zkMe credbridge_execute gateway. The zkMe Kernel immediately performs a multi-layered verification:
Security Check: Analyzes the request for behavioral anomalies or prompt injection attempts.
Underwriting Check: Generates a Zero-Knowledge Proof to verify the UBO’s creditworthiness and authorization limits.
Compliance Check: Performs instant Know Your Transaction (KYT) checks to ensure the counterparty is legitimate and unsanctioned.
3. Human-in-the-Loop (Optional)
Based on the transaction’s risk profile, the zkMe Risk Engine may require human confirmation. For high-value transfers or new service registrations, a push notification is sent to the user’s SSI Wallet for biometric approval. Routine or low-value transactions (e.g., x402 micropayments) are auto-approved within predefined limits.
4. Enclaved Execution
Once approved, the TEE decrypts the necessary credentials within its secure enclave, signs the transaction, and executes it on the target service. The result is returned to the agent, and an immutable record is logged to the audit database.
Integration with Emerging Standards
The zkMe APF is designed to be the foundational identity and security layer for the new internet-native payment protocols.
x402 (HTTP 402)
zkMe provides the instant, verifiable identity and compliance proofs required for agents to autonomously respond to HTTP 402 “Payment Required” challenges using stablecoins.
High-frequency API access, data purchasing, and machine-to-machine micropayments.
AP2 (Agent Payments Protocol)
zkMe acts as the secure authorization and accountability layer, ensuring that AP2-compliant transactions are backed by verified user intent and cryptographic session keys.
E-commerce, subscription management, and complex multi-step financial workflows.
Key Benefits
Agent Developers
Frictionless Monetization: Easily equip agents with the ability to pay for resources and execute trades without building complex, high-risk payment infrastructure.
Reduced Liability: Offload the risk of credential management and compliance to zkMe’s secure enclaves.
Users & Principals
Absolute Control: Maintain strict, granular control over agent spending limits and permissions.
Peace of Mind: Trust that agents cannot be manipulated into unauthorized transfers or exposed to credential theft.
Service Providers
Instant Onboarding: Accept payments from AI agents instantly, knowing that the transaction is backed by verified identity and compliance checks.
Expanded Market: Tap into the rapidly growing machine-to-machine economy with zero integration friction.
Regulators
Immutable Auditability: Access clear, cryptographically verifiable records of all agent-initiated transactions, ensuring market integrity and AML compliance.
Last updated