PATENT PENDING · US 63/984,626

Before an Agent Touches Money,
It Calls Us.

8-step security pipeline for AI agents. Trust attestation, behavioral fingerprinting, capability escalation, adversarial honeypots. One API call. Under 10ms.

89 endpoints. Pay per call with USDC on Base via x402. No subscription required. Your agents authenticate autonomously.

Get API Key FreeBrowse Endpoints
DESIGNED FOR THIS

2,000 Agents. 100K Screenings/Day.

Picture a quant fund running 2,000 AI agents, each executing 50 trades per day. Every trade screened through our 8-step pipeline before execution. 100,000 screenings per day. Each agent builds a verifiable trust chain that proves which agent authorized which trade, with a signed head for the entire chain. This is what MerchantGuard was built for.

100K
screens/day
$8K
daily cost
<7ms
avg latency

8-Step Security Pipeline

Every agent call passes through all 8 steps. Total latency under 10ms.

1
Rate Limit<0.1ms

Sliding window rate limiting per agent ID. Prevents brute-force trust escalation.

2
OPRF Fingerprint~1ms

Behavioral fingerprinting for cross-platform correlation, no plaintext identifier exchanged.

3
Trust Lookup<1ms

L1 Redis cache with L2 Supabase fallback. Block keys for agents with trust below 50.

4
Capability Gate<0.1ms

Maps requested action to 4-tier capability levels. Trust score must meet threshold.

5
Honeypot Router~2ms

Suspicious agents routed to decoy endpoints. Adaptive response delays neutralize probe-and-pivot attacks.

6
Phonetic Reconciliation<1ms

Transcript reconciliation separates dialect variation from adversarial manipulation.

7
Cross-Modal Binding~1ms

Perceptual binding with cryptographic signature. Replay protection on 5-minute window.

8
TAT Issuance<1ms

Trust attestation issued. Audit chain head signed. Capability escalation unlocked.

Capability Escalation

Agents earn higher capabilities as trust grows. New agents start at READ_ONLY.

READ_ONLY
0+
TRUST SCORE

Query data, read public endpoints

DATA_WRITE
40+
TRUST SCORE

Submit data, update profiles

PAYMENT_INITIATE
70+
TRUST SCORE

Create payment intents, initiate transfers

PAYMENT_EXECUTE
90+
TRUST SCORE

Execute transactions, manage funds autonomously

Quick Start

# Screen an AI agent through the 8-step pipeline
curl -X POST https://merchantguard.ai/api/v2/agent/screen \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer sk_live_your_api_key" \
  -d '{
    "agentId": "agent_gold_predictor_042",
    "requestedAction": "PAYMENT_EXECUTE",
    "metadata": {
      "platform": "hedge-fund-orchestrator",
      "session_id": "sess_abc123",
      "amount_usd": 15000
    }
  }'

# Response
{
  "verdict": "ALLOW",
  "capability": "PAYMENT_EXECUTE",
  "trustScore": 94,
  "tatHash": "0x7f3a...b2c1",
  "pipelineMs": 6.2,
  "steps": {
    "rateLimit": "pass",
    "oprfFingerprint": "unique",
    "trustLookup": 94,
    "capabilityGate": "PAYMENT_EXECUTE",
    "honeypotRouted": false,
    "phoneticClass": null,
    "crossModalValid": true,
    "tatIssued": true
  }
}

Endpoint Reference

89 v2 endpoints across 7 categories. All authenticated via sk_live_ API key or x402 USDC.

Agent Security4 endpoints
+
POST
/api/v2/agent/screen

8-step screening pipeline. The core endpoint.

POST
/api/v2/agent/register

Register an agent identity. Returns agent ID + webhook URL.

POST
/api/v2/agent/guardgate

Verify agent trust before granting capabilities.

GET
/api/v2/agent/verify-dispatch

Verify an agent dispatch token.

Trust Bureau1 endpoint
+
Trust Attestation5 endpoints
+
GuardScore4 endpoints
+
Sentinela3 endpoints
+
Certification & Coaching2 endpoints
+
Monitoring & Intel4 endpoints
+

x402 USDC Pricing

AI agents pay per call with USDC on Base. No API key. No subscription. No human in the loop.

ENDPOINTPRICEVOLUME
Agent Screen (8-step)$0.10$0.08 at 10K+
GuardScore Assessment$2.00$1.50 at 10K+
VAMP Simulator$1.00$0.75 at 10K+
GuardScan (pattern)$0.50$0.40 at 10K+
GuardScan (deep)$2.00$1.50 at 10K+
Full Certification$10.00$8.00 at 10K+
Mystery Shopper Probe$0.50$0.40 at 10K+
Coach Query$0.10$0.08 at 10K+
Sentinela Screen$0.003$0.002 at 100K+
TAT Issuance$0.05$0.03 at 50K+

Also available via API key: Free (1,000 calls/mo) · Solo $19/mo · Enterprise $299/mo

The Math: Build vs. Buy

// Scenario: A quant fund wants to deploy 2,000 AI agents for trading
// Each agent must be screened before executing any trade

const AGENT_COUNT = 2000;
const TRADES_PER_AGENT_PER_DAY = 50;
const DAILY_SCREENINGS = AGENT_COUNT * TRADES_PER_AGENT_PER_DAY; // 100,000

// With MerchantGuard: $0.08/screen at volume = $8,000/day = $240,000/month
// What you get:
// - Every agent verified before touching money
// - Trust chain proves which agent authorized which trade
// - Rogue agent detection via OPRF behavioral fingerprinting
// - Audit trail: Audit head of every trust chain
// - If one agent is compromised, trust decay propagates to the chain

// Without MerchantGuard: Build it yourself
// - 6-12 months engineering time
// - $2M+ in salaries (ML engineers, crypto engineers, security team)
// - No patent protection
// - No cross-platform Sybil detection (requires network effect)
// - No adversarial honeypot infrastructure

// The math: $240K/month << $2M+ build cost + ongoing maintenance

Trust Attestation

When agents work together, trust must flow through the chain. Our directed acyclic graph tracks fan-in and fan-out trust relationships with cryptographic verification at every node.

1

Topological Sort

Kahn's algorithm validates the trust chain has no cycles. Circular trust dependencies are rejected.

2

Merkle Root

SHA-256 Merkle tree over the entire trust chain. One hash proves the integrity of every agent in the graph.

3

Fan-In / Fan-Out

Multiple agents can contribute trust to a single node (fan-in). A trusted agent can delegate to multiple downstream agents (fan-out).

4

Capability Gates

Each node in the DAG has a minimum trust threshold for its capability level. The chain is only as strong as its weakest link.

Authentication

API Key

Get an sk_live_ key from the developer portal. Include as Authorization: Bearer header or x-api-key header.

Free: 1,000 calls/mo. No credit card.

x402 USDC

No key needed. Include X-PAYMENT header with amount. USDC on Base L2. Sub-cent gas. Instant settlement.

For autonomous agents that can't sign up.

The Compliance Layer for the Agent Economy.

One API call. Every agent verified. Every trust chain auditable.

Get API Key FreeTalk to Sales

Protected by U.S. patent-pending technology (App. Nos. 63/983,615; 63/983,621; 63/983,843; 63/984,626). Additional patents pending.