Major Labs · Agent payments

Verify the mandate before the money moves.

Clearpoint is the neutral service that answers one question for any party with no contract with the issuer: did the user authorize this, and is that authorization still live?

Become a design partner Read the API

An AP2 mandate is a signed instruction. Clearpoint checks it is genuine, in scope, unexpired, and not revoked, then returns a reason and a receipt. Neutral, rail-agnostic, priced per verification at the moment a charge clears.

What you get back

A signed verdict

Allow or deny, with a machine-readable reason code your systems can act on.

AUTHORIZED · MANDATE_REVOKED · …

A revocation status

Query whether a mandate is still live. Revocation overrides every other check.

GET /revocations/{id}

A hash-chained receipt

Every verdict is sealed into a tamper-evident chain anyone can re-verify.

WitnessKit · sha256 chain

Try it

The mandate

Buy only from Trusted Office Supplies, up to $50 per purchase. Signed.

ACTIVE

Decision

—

Pick a transaction above. One mandate, checked four ways, sealed into a receipt.

Receipt logchain verified ✓

No receipts yet.

Illustrative demo. Receipts are real sha256 hash chains computed in your browser. The production service runs the same four checks on the open MandateKit and WitnessKit primitives.

Two modes

Trusted

You supply the issuer keys you accept. Clearpoint enforces authenticity: the mandate was signed by an issuer you trust.

issuer_verified: true

Integrity-only

No keys needed. Clearpoint confirms the mandate is intact, in scope, unexpired, and not revoked.

issuer_verified: false

Revocation overrides everything. A revoked mandate is never authorized.

The API

# verify a charge against a mandate
curl -s https://clearpoint.majorlabs.co/verify \
  -H "X-API-Key: acme" \
  -d '{
    "mandate": { … signed AP2 mandate … },
    "transaction": {
      "merchant": "Trusted Office Supplies",
      "amount": { "value": 40, "currency": "USD" }
    },
    "trusted_keys": ["<issuer-pubkey>"]
  }'

# the verdict
{
  "decision": "allow",
  "reason_code": "AUTHORIZED",
  "mandate_id": "03b7…fc38",
  "signature_valid": true,
  "issuer_verified": true,
  "revoked": false,
  "receipt": {
    "seq": 0,
    "hash": "fa3c…b1d2"
  }
}

Endpoints: POST /verify · POST /revoke · GET /revocations/{id} · GET /receipts/verify. Reason codes:

AUTHORIZEDMANDATE_REVOKEDSIGNATURE_INVALIDISSUER_UNTRUSTEDMERCHANT_NOT_ALLOWEDAMOUNT_OVER_LIMITMANDATE_EXPIREDCATEGORY_NOT_ALLOWEDMANDATE_NOT_YET_VALIDMALFORMED_MANDATE

Who it is for

Merchants & PSPs

Confirm an agent's mandate is genuine and live before you accept the charge.

Agent builders

Prove your agent acted within a signed mandate, with a receipt to show for it.

Networks & standards

A neutral, rail-agnostic verifier to anchor trust without picking a winner.

Built on open primitives

Clearpoint rides two open-source Major Labs primitives: MandateKit for AP2-tagged signing and verification, and WitnessKit for the hash-chained receipts. Both are live on PyPI and npm. The same four-check spine powers Break the Agent.

Honest scope. v1 verifies signature, scope, and expiry, checks a hosted revocation list, and returns signed receipts. Multi-rail adapters and automatic cross-issuer revocation propagation are next, with design partners.