When agents start handling real money — and they're starting now — the first question isn't can they pay. It's: who do you trust them on?
Stripe shipped the Machine Payments Protocol at Sessions 2026. Visa launched Intelligent Commerce. Mastercard rolled out Agent Suite. Google donated AP2 to the FIDO Alliance. Coinbase and Cloudflare just spun x402 into a Linux Foundation project with AWS, Google, Stripe, Visa, Mastercard, Amex, Solana, and Stellar all on the founding members list.
Every one of those is a serious player. Every one of those wants to own the commerce rail your agent runs on. And every one of those owns exactly one rail. Your agent doesn't.
The fragmentation problem
Picture an agent built today. It charges users via Stripe (cards), settles micropayments via Lightning (sub-cent MCP tool calls), accepts subscriptions via Paystack (Africa), and runs an x402-priced API for crypto-native callers.
Four rails. Four reputations. Four separate audit logs. If the same end-customer abuses the agent on Stripe, Lightning, and Paystack — none of those rails know about each other. The agent has to invent its own cross-rail reputation system, its own cross-rail audit trail, its own cross-rail credit score.
This is the part the platforms can't help with.
Stripe's Agent Controls are scoped to Stripe-issued credentials. Visa's Intelligent Commerce is scoped to Visa tokens. Mastercard's Agent Pay is scoped to Mastercard cards. AP2 is a mandate format — it doesn't have an opinion on what comes back when the mandate is fulfilled. x402 is an HTTP wire protocol — billing-aware but identity-agnostic.
Each platform owns a verb. None of them own the noun: the agent itself.
The portable bundle
MnemoPay is built on the opposite premise: the agent is the primary identity, and every rail is just a mode it can transact in.
import MnemoPay, { AgentCreditScore } from "@mnemopay/sdk";
const agent = MnemoPay.quick("checkout-bot");
// Stripe customer — real card
await agent.charge(25.00, "monthly_api_access", { rail: "stripe" });
// Lightning — sub-cent for an MCP tool call
await agent.charge(0.002, "embed_document", { rail: "lightning" });
// Paystack — Nigerian customer subscribing
await agent.charge(8000, "ngn_pro_tier", { rail: "paystack" });
// Same agent. Same FICO score. Same audit trail.
const score = new AgentCreditScore().compute({ agent });
// → { score: 712, rating: "very_good", feeRate: 0.013 }Same agent. One identity. One credit score earned across all four rails. One Merkle-chained audit trail that produces an EU AI Act Article 12 bundle on demand. One persistent memory layer that survives across sessions.
That bundle — payments, memory, portable credit, audit — is the trust layer. Portable is the word that matters. The reputation follows the agent, not the platform.
Why the platforms can't copy this
Look at the incentive structure.
Stripe could build a cross-rail credit score. They won't, because their moat is being the rail. If your agent's reputation is portable, it can leave for a cheaper rail tomorrow. Stripe wins by making the lock-in invisible.
Visa and Mastercard could ship cross-network reputation. They won't, because their moat is the network itself. The card networks are zero-sum: every Visa transaction is one Mastercard didn't get.
Google's AP2 is a neutral standard now (FIDO Alliance), but neutral standards don't ship reputation. They ship verification. The reputation gets bolted on by whoever moves first.
x402 has the same shape — a neutral wire protocol. It defines how a payment happens. It doesn't define who you trust.
The only entity that benefits from a portable agent reputation is the agent itself. So the layer that builds it has to be neutral — not owned by any rail.
That's the lane MnemoPay sits in.
What's in the bundle, concretely
Cross-rail payments. Stripe, Paystack, Lightning today. x402, AP2 mandate verification next. Every rail behind one agent.charge(amount, reason) interface. Real money, two-phase commit (hold/settle), idempotent.
Persistent memory with Merkle integrity. Every memory write is hash-chained. The agent can prove what it remembered, when, and that no one tampered with it. PII redaction on write. Vector recall built in. Competitive open-source result on LongMemEval (82.8% oracle on the public leaderboard).
Agent Credit Score (300–850). Five-component model: payment history (35%), credit utilization (20%), history length (15%), behavior diversity (15%), fraud record (15%). Maps to fee rates: 1.0% at 800+, 2.5% at <580 (with HITL gate). The score follows the agent across every rail it transacts on.
FiscalGate + Article 12 audit bundles. New as of @mnemopay/sdk@1.5.0. A charter declares the budget cap up front; the runtime enforces it (reserve → settle on success, release on halt or error). Every priced tool call routes through hold/settle two-phase commit. Every tool call, payment, memory write, refusal, and approval gets captured in a Merkle-rooted, signed audit chain. buildArticle12Bundle() exports the whole thing as a regulator-shaped JSON-and-checksums package — mission, events, CSV, chain, manifest. Article 12 of the EU AI Act mandates exactly this kind of automatic event log for high-risk AI systems, with retention ≥ 6 months. Aug 2, 2026 enforcement. Talk-to-us page for compliance buyers.
Ed25519 cryptographic identity. Every action signed. Every receipt verifiable. Canary honeypots flag impersonation in real time. Zero "trust me, bro" billing.
Apache 2.0. No source-available, no business-source, no anti-competition clauses. Fork it, vendor it, ship it inside whatever you're building.
The MCP Hive moment
MCP Hive launches May 11. Their model: AI applications pay per request, MCP servers earn per response. The platform doesn't ship a billing primitive — they explicitly leave that to providers.
Every founding-cohort MCP server is going to need: sub-cent settlement, abuse gating, verifiable receipts, and (within 88 days) an EU AI Act audit posture.
That's the four-piece bundle MnemoPay ships. We're applying for a Founding-100 slot, and we're committing to free MnemoPay billing for every MCP Hive provider in the launch cohort — no scarcity cap. The first 100 MCP Hive sellers get the trust layer at zero platform cost.
The capability layer
Trust is the wedge. To actually ship an agent, you also need the runtime, the browser, the voice, the vision, the scrape. We pulled all of that into a separate npm package so the trust SDK doesn't bloat:
# The trust layer:
npm install @mnemopay/sdk
# The capability layer (14 packages — runtime, agents, browser, voice, vision, scrape, knowledge):
npm install @mnemopay/toolkitApache 2.0, both. Read the toolkit page.
What this changes
If you're building an agent that charges users — for an MCP server, for an autonomous shopping flow, for a multi-rail SaaS — the question is no longer which payment rail? The platforms have answered that. Pick the cheapest one for the transaction.
The question is: who owns your agent's reputation?
If the answer is "Stripe" or "Visa" or "Mastercard," you don't own it. They do.
If the answer is "MnemoPay," it travels with the agent. Across rails, across platforms, across the entire next decade of agent commerce.
The only entity that benefits from a portable agent reputation is the agent itself. The layer that builds it has to be neutral.
Get started
npm install @mnemopay/sdk # trust layer
npm install @mnemopay/toolkit # capability layer (optional)import MnemoPay from "@mnemopay/sdk";
const agent = MnemoPay.quick("my-agent");
// Trust layer active.Five lines, three rails today (more next), one portable identity. Apache 2.0. EU AI Act-ready audit bundle export. $49/mo Pro if you want the managed rails and hosted scoring; the SDK is free either way.
— J&B Enterprise LLC
GitHub · npm · PyPI · MCP server