xMandate Control Plane

The trust control plane for machine execution.

Constrain what agents can do. Attest what they did. Verify it anywhere.

Talk to xMandateView the SAR SDK
Trust Lifecycle
01Constrain
scopeagent:billing-service
allowstripe.charge, stripe.refund
limit$10,000 per session
02Execute
actionstripe.charge
amount$2,400.00
agent0x7f3a…8b2c
time2026-03-16T14:23:08Z
03Attest
verdict✓ COMPLIANT
hashSHA-256:e3b0c4…98fc
sigEd25519:8f3a…c9d1
04Verify
status✓ INDEPENDENTLY VERIFIED
scopeany party · any system
designed to work across
x402MPPMCPA2AEnterprise

The missing layer in the agent stack.

Agents can discover tools, interoperate across runtimes, and initiate payments. But no neutral layer answers the three questions every enterprise, protocol, and counter-party needs answered.

{ }

What was allowed?

Who authorized this agent to act, and under what constraints?

>>

What happened?

What did the agent actually execute, and is there cryptographic proof?

What can be verified?

Can a third party independently confirm the outcome without trusting the executor?

Where xMandate sits.

A neutral trust layer between agent runtimes and payment rails — not replacing either, verifying both.

Principals & Agents

Who initiates actions and under what authority

MCPA2ALangChainCustom
xMandate Trust Layer
Policy
Attestation
Verification
Payment & Execution Rails

Where settlement and delivery happen

x402MPPStripeAPIs

From policy to proof in three steps.

Every agent action follows the same trust lifecycle — declare what is allowed, produce cryptographic proof of what happened, verify independently.

01Declare policy
{
"scope": "agent:billing",
"actions": [
"stripe.charge",
"stripe.refund"
],
"constraints": {
"max_amount": 10000,
"require_receipt": true
}
}
02Execute & attest
▸ action stripe.charge
▸ amount $2,400.00
▸ policy billing.transfer.max
▸ verdict COMPLIANT
✓ Receipt signed
sar:xm:9d2e8f...4a7b
Ed25519:8f3a2b...c9d1
03Verify downstream
▸ verify sar:xm:9d2e8f...4a7b
✓ policy COMPLIANT
✓ signature VALID
✓ timestamp 2026-03-14T10:32:00Z
✓ status VERIFIED

Built for the surfaces that matter.

xMandate sits above protocols and runtimes as a neutral trust layer.

xMandate Control Plane
Payment Protocols

Agent Commerce

Attestation before settlement for machine-native payments — x402, MPP, and any payment rail where proof of execution matters.

MCP

Tool-Using Agents

Policy enforcement and receipts for every tool invocation.

A2A

Multi-Agent Systems

Verification primitives for cross-agent trust.

Enterprise

Internal Workflows

Audit trails and governance for internal agent deployments.

Open Source

xmandate-sar-formatter

An independent TypeScript SAR implementation, available on GitHub and npm. Validated against the published fixtures and shared in the SAR proposal discussion.

  • Published on npm
  • Portable cryptographic receipts
  • Deterministic receipt identity
  • Validated against published SAR fixtures
  • Offline verification
  • Node and edge runtime compatible
View on GitHubView on npm
example.ts
import { signReceipt, hashTaskId }
from "xmandate-sar-formatter";
const receipt = await signReceipt({
task_id_hash: await hashTaskId("task-123"),
verdict: "PASS",
confidence: 1.0,
reason_code: "BOM_COMPLIANT",
ts: new Date().toISOString(),
verifier_kid: "my-key-01",
}, { privateKey: myEd25519Key });
// receipt.receipt_id → "sha256:9d2e..."
// receipt.sig → "base64url:p--H..."

Agent infrastructure is standardizing.
Trustworthy execution is not.

Talk to xMandateExplore the SAR SDK