PRIVATE.ME PLATFORM

xMicroPay: Autonomous Agent Payment Authorization

Threshold-controlled payment authorization for AI agents. Agents can initiate transactions but require multi-party approval for amounts exceeding configurable limits.

AI/ML COMING SOON XorIDA Powered

Section 01

The Problem

Autonomous AI agents are making purchasing decisions, but giving agents unrestricted payment authority creates unacceptable financial risk.

Agentic commerce is projected to reach $50B, but organizations have no cryptographic way to limit agent spending. Policy-based controls are bypassable. Shared payment credentials mean one compromised agent can drain accounts.

Manual human-in-the-loop approval for every transaction defeats the purpose of autonomous agents. What’s needed is configurable threshold authorization: auto-approve small transactions, require multi-party approval for large ones.

The Old Way

Section 02

The PRIVATE.ME Solution

xMicroPay provides threshold-controlled payment authorization where agents can autonomously approve transactions below configurable limits and escalate to multi-party approval above them.

Payment authorization tokens are XorIDA-split across designated approvers. Transactions below the threshold auto-approve with the agent’s DID signature. Transactions above require K-of-N approver signatures via xLock push-auth.

Every transaction is recorded in an HMAC-chained audit trail with amount, parties, approval chain, and timestamps. Spending limits are enforced cryptographically, not by policy.

The New Way

Section 03

How It Works

xMicroPay combines DID identity, threshold authorization, and HMAC-chained audit to create a cryptographically enforced payment control layer for autonomous agents.

Key Security Properties

Spending limits are cryptographically enforced via threshold authorization. No single agent or approver can authorize payments above the threshold. Every transaction is DID-signed and HMAC-chained.

Payment Channel Architecture

xMicroPay implements bidirectional payment channels with XorIDA-split channel state. Payment channels enable instant, fee-free transactions between parties by minimizing settlement events.

Channel Setup: Two parties establish a channel by committing funds to a multi-signature wallet. The initial channel state (balance distribution) is XorIDA-split into K-of-N shares and distributed to designated custodians. Each party holds a threshold of shares enabling them to prove their balance without reconstructing the full state.

State Updates: Each micropayment updates the tentative balance distribution. Both parties sign the new state, which is split and distributed to custodians. No settlement occurs until channel close. Updates settle in under one second with sub-penny fees. State updates use Hashed Timelock Contracts (HTLCs) to ensure atomicity.

Multi-hop Routing: Payments can route through intermediary channels without requiring direct channels between sender and receiver. If Alice has a channel with Bob and Bob has one with Carol, Alice can pay Carol by routing through Bob. HTLCs ensure all-or-nothing settlement across the route. Atomic transfers reduce counterparty risk across intermediaries.

Channel Lifecycle

Open: Parties commit funds and establish initial XorIDA-split state. Dual-funded channels allow both parties to contribute capital, reducing blockchain footprint. Channel factories enable multiple users to share a single transaction for opening numerous channels, reducing costs by 90 percent for high-volume users.

Update: Off-chain state updates occur instantly. Each update is threshold-signed and HMAC-chained to the previous state. State channels support thousands of updates per second per channel.

Close/Settle: Either party can initiate channel closure. The final state is reconstructed from K-of-N shares, verified via HMAC chain, and settled. Time-locked refunds protect against unresponsive counterparties. Hierarchical channels enable flexible off-chain resizing without on-chain transactions.

Dispute Resolution

If parties disagree on channel state, the HMAC-chained audit trail provides tamper-evident evidence. The most recent mutually-signed state is considered authoritative. Time-locked refunds ensure funds are not held hostage by uncooperative parties. Penalization mechanisms discourage broadcasting stale states.

<1s

State update latency

$0.001

Typical fee

12M+

Monthly txns (2026)

Section 04

Use Cases

💳

Agentic Commerce

Agent Purchasing

Let AI agents make purchases with configurable spending limits and threshold approval.

Payments

🏢

Enterprise

Corporate Procurement

Require multi-party approval for high-value AI-initiated purchases.

Procurement

📋

Compliance

Payment Audit Trail

HMAC-chained record of every agent-initiated transaction for SOX compliance.

SOX

🛡️

Risk

Fraud Prevention

Cryptographic spending caps prevent compromised agents from draining accounts.

Risk

Section 05

Integration

Quick Start

import { PaymentGate } from '@private.me/xmicropay';

const gate = await PaymentGate.create({
  agentDid: agent.did,
  autoApproveLimit: 100, // USD
  threshold: { approvers: 2, of: 3 }
});
const auth = await gate.authorize(txn);

PaymentGate.create(opts): Promise<Result<PaymentGate, PayError>>

Creates a threshold-controlled payment gate for an agent. Transactions below the auto-approve limit are signed automatically; those above require K-of-N approval.

Section 06

Security Properties

Property	Mechanism	Guarantee
Authorization	Threshold K-of-N	✓ Cryptographic enforcement
Spending limits	Per-agent DID-bound	✓ Non-bypassable
Audit	HMAC-chained ledger	✓ Tamper-evident
Authentication	Ed25519 + xLock	✓ Push-auth approval

$50B

Agentic commerce

K-of-N

Threshold auth

HMAC

Chained audit

VERIFIED BY XPROVE

Verifiable Data Protection

Every operation in this ACI produces a verifiable audit trail via xProve. HMAC-chained integrity proofs let auditors confirm that data was split, stored, and reconstructed correctly — without accessing the data itself.

XPROVE AUDIT TRAIL

Every XorIDA split generates HMAC-SHA256 integrity tags. xProve chains these into a tamper-evident audit trail that proves data was handled correctly at every step. Upgrade to zero-knowledge proofs when regulators or counterparties need public verification.

Read the xProve white paper →

GET STARTED

Ready to deploy xMicroPay?

Talk to Ren, our AI sales engineer, or book a live demo with our team.

Book a Demo

VERIFIABLE WITHOUT CODE EXPOSURE

Ship Proofs, Not Source

xMicropay generates cryptographic proofs of correct execution without exposing proprietary algorithms. Verify integrity using zero-knowledge proofs — no source code required.

XPROVE CRYPTOGRAPHIC PROOF

Download proofs:

Tier 1 HMAC (~0.7KB)
Tier 2 Commit-Reveal (~0.5KB)
Tier 3 IT-MAC (~0.3KB)
Tier 4 KKW ZK (~0.4KB)

Verify proofs online →

Use Cases

🏛️

REGULATORY

FDA / SEC Submissions

Prove algorithm correctness for distributed systems without exposing trade secrets or IP.

Zero IP Exposure

🏦

FINANCIAL

Audit Without Access

External auditors verify secure operations without accessing source code or production systems.

FINRA / SOX Compliant

🛡️

DEFENSE

Classified Verification

Security clearance holders verify distributed systems correctness without clearance for source code.

CMMC / NIST Ready

🏢

ENTERPRISE

Procurement Due Diligence

Prove security + correctness during RFP evaluation without NDA or code escrow.

No NDA Required

Deployment Options

🌐

SaaS Recommended

Fully managed infrastructure. Call our REST API, we handle scaling, updates, and operations.

Zero infrastructure setup
Automatic updates
99.9% uptime SLA
Enterprise SLA available

View Pricing →

📦

SDK Integration

Embed directly in your application. Runs in your codebase with full programmatic control.

npm install @private.me/xmicropay
TypeScript/JavaScript SDK
Full source access
Enterprise support available

Get Started →

🏢

On-Premise Upon Request

Enterprise CLI for compliance, air-gap, or data residency requirements.

Complete data sovereignty
Air-gap capable deployment
Custom SLA + dedicated support
Professional services included

Request Quote →

Enterprise On-Premise Deployment

While xMicropay is primarily delivered as SaaS or SDK, we build dedicated on-premise infrastructure for customers with:

Regulatory mandates — HIPAA, SOX, FedRAMP, CMMC requiring self-hosted processing
Air-gapped environments — SCIF, classified networks, offline operations
Data residency requirements — EU GDPR, China data laws, government mandates
Custom integration needs — Embed in proprietary platforms, specialized workflows

Includes: Enterprise CLI, Docker/Kubernetes orchestration, RBAC, audit logging, and dedicated support.

Contact sales for assessment and pricing →