IXRAIL

PAYMENT INFRASTRUCTURE FOR AUTONOMOUS SYSTEMS

Agents can spend. You still set the rules.

Ixrail is the policy and signing rail between an autonomous agent and the open economy—so purchases are bounded, reviewable, and accountable.

Read the docs
Policy firstKeys isolatedReceipts always

Agent intent

POST /purchase

Policy rail

6 checks

Protected signer

isolated key

Receipt

verifiable

Policy: research-agent-v3Decision: allow

01 / THE GAP

A wallet answers can. A rail answers should.

Direct wallet access collapses intent, authority, and execution into one dangerous step. Ixrail separates them into explicit checkpoints.

DIRECT WALLET

Prompt → signature

  • Agent has broad authority
  • Controls live inside application logic
  • Audit context is assembled after the fact

IXRAIL PAY

Intent → policy → approval → signature

  • Authority is scoped per policy
  • Checks occur outside the agent loop
  • Decision context is captured by default

02 / CONTROL PLANE

Encode the permission, not just the payment.

Spending policy

Set budgets, transaction caps, trusted merchants, assets, networks, and approval thresholds.

Deny by default

Unknown merchants, unsupported networks, and requests beyond policy stop before signing.

Protected keys

Signing material remains isolated from the agent and its prompt-driven environment.

Proof after action

Every evaluated request produces a structured, verifiable decision receipt.

03 / TRANSACTION

Eight observable steps. One bounded outcome.

Select any checkpoint to inspect what crosses the boundary.

04 / DECISIONS

Every request resolves to an explicit state.

allow

$18 API credit at an approved merchant, inside the daily and per-transaction limits.

review

$240 dataset license exceeds the automatic approval threshold and pauses for a human.

deny

A request on an unsupported network never reaches protected signing.

05 / SECURITY BOUNDARY

The agent never holds the keys.

Ixrail evaluates purchase intent before a signing request can exist. Signing runs in a constrained boundary that receives only approved, normalized transaction data.

A compromised tool call can request a payment—but it cannot expand its own authority, rewrite policy, or exfiltrate signing material.

Read the trust model

06 / FAQ

Questions before authority moves.

The short answers to how Ixrail bounds autonomous purchasing.

Does Ixrail give an agent a wallet?

No. The agent proposes purchase intent. Policy evaluation, approvals, and protected signing remain outside the agent context.

Can I test Ixrail without moving funds?

Yes. The simulator and documentation examples are deterministic local models and do not connect to a wallet or network.

What happens when a request exceeds policy?

Ixrail returns review when independent approval is permitted, or deny when the request violates a hard constraint such as merchant, network, asset, or maximum amount.

What is recorded after a decision?

A structured receipt can include the request and policy identifiers, normalized intent hash, individual checks, final decision, and settlement reference.

CONTROL THE CONSEQUENCE

Give agents purchasing power—not a blank check.