Programmable agent spending · Built on Stellar
Give your agent a prepaid card. The blockchain holds the limits.
Agent Card is a programmable USDC account for AI agents. You set a daily cap and a per-transaction max. Your agent pays for APIs via x402 — the protocol that turns HTTP 402 into real stablecoin payments. Anything over the limit gets rejected by the Stellar validator set. Not by your code, not by a prompt, not by hope.
- ~12 seconds to deploy
- Reloadable with USDC
- Non-custodial, zero keys held
The problem
Agents can reason. They can't be trusted with a wallet.
Your agent can plan, write code, and call tools. Then it hits a paywall: an API that wants cents per request. Everything stops. You can't hand it your credit card. You can't share an API key without paying for every abuse. You can't build a rolling spending cap in application code and trust it to survive one prompt injection.
What you actually want is a card with a hard ceiling. A daily budget the agent can burn through freely, a per-transaction max that caps any single bad decision, and the certainty that no SDK override, no clever prompt, and no jailbreak can push the number higher. That's what Stellar gives you for free, if you know how to wire it up. Agent Card wires it up for you.
For your agent
Send your AI agent to get a card.
Paste this prompt into Claude Code, Cursor, ChatGPT, or any LLM-driven IDE that can fetch a URL. It reads the skill, walks you through wallet connection, deploys the card, writes the signer file into your project, and funds it on testnet. You confirm. It does the rest.
How it works
Five steps. One of them is literally “wait.”
Deploy, fund, wire, pay, enforced. If Claude Code does the whole thing, you watch a progress bar for ninety seconds.
Deploy the card
Connect a Stellar wallet. Pick a label, a daily cap, and a per-transaction max. Sign three transactions. ~12 seconds, ~0.06 XLM in testnet fees. You get back a contract ID and a scoped Ed25519 signer key for your agent.
Fund it with USDC
Paste the contract ID into the Circle testnet faucet. The card holds USDC, not XLM, and the balance lives on the contract itself. Top it up again whenever you want: just send more USDC to the same address.
Drop the signer into your project
One file (402md-signer.ts) plus six environment variables. Or paste the skill.md prompt into Claude Code and let it do the whole thing: create the card, write the file, install the packages, set the env vars.
import { createStellarCardSigner } from "./402md-signer";Your agent pays for x402 APIs
Your agent fetches a priced URL. The signer attaches an authorization payload. OpenZeppelin’s public facilitator settles the payment on Stellar. The resource comes back. No subscriptions, no API keys, no monthly bills. Pay-per-call, in USDC.
await payClient.fetch("https://your-x402-api.example/search");The chain enforces the cap
Every payment is checked against the card’s spending rules before it lands on Stellar. If the requested amount plus today’s spend is over the daily budget, the validator set rejects the transaction. No error handling, no guard clause. The rule is math, and the network is the one enforcing it.
In plain English
The four words you need to know.
Not to use Agent Card. For that, you need zero. Just so the rest of this page reads cleanly.
- Stellar
- A fast, low-fee L1 blockchain. Payments settle in ~5 seconds for a fraction of a cent, and USDC is native. The only chain where paying a penny for an API call actually makes sense.
- Soroban
- Stellar’s smart contract platform. Your card is a Soroban contract: it holds the USDC, stores the spending rules, and runs the auth check on every payment.
- x402
- HTTP status 402 (“Payment Required”) turned into a real protocol. A server returns a price. A client pays in stablecoins. The server returns the resource. It works over plain HTTPS, which makes it the first payment rail that feels native to how agents already talk to the web.
- Smart Account + Spending Policy
- Instead of a personal keypair, your card is an OpenZeppelin Smart Account with a Spending Limit Policy attached. Every transaction the agent signs is checked against the policy on the contract before it lands. The policy tracks spent-per-window and rejects anything over.
The guarantee
What the blockchain does that your code can't.
The agent never touches your wallet. It only holds a narrow, scoped key. Every payment it tries to make is checked against the card's spending rules before it lands on Stellar. Anything over the daily cap gets rejected by the Stellar validator set.
No SDK to override. No admin panel to disable. No prompt that talks it out of $10. If Agent Card disappeared tomorrow, your card would keep working. It talks directly to Stellar and to OpenZeppelin's public facilitator. We never hold a key, never pay a fee, never sit in the runtime path of a payment.
- 1
Agent signs a payment
signAuthEntry() - 2
Smart account runs auth check
__check_auth - 3
Spending policy checks the window
spent_this_period + amount > spending_limit - 4
Validator set rejects the transaction
SpendingLimitExceeded
Guarantee enforced by the Stellar validator set.
Questions we expected
The ones we heard before the demo.
- Is this mainnet?
- Testnet only. Built for the Stellar x402 hackathon (April 2026). The contracts, signer, and policy are the same primitives you’d use on mainnet once x402 launches there. The deploy is one env flag away.
- Can I reload the card?
- Yes. The balance lives on the contract itself, so topping up is just sending more USDC to the card address. The daily cap controls velocity, not total balance.
- What happens if my agent gets prompt-injected?
- Worst case: the attacker drains the day’s budget. No prompt, no jailbreak, no tool call can raise the cap or reach into your main wallet. If you’re worried, rotate the scoped signer key from the dashboard. The card keeps working, the old key dies.
- Do I have to trust 402.md?
- No. We never hold a key, never sit in the runtime path of a payment, never charge a fee. Your agent talks directly to Stellar and OpenZeppelin’s public facilitator. If this site disappeared tomorrow, your card would keep working.
- What wallets does it work with?
- Any SEP-43 Stellar wallet for the owner: Freighter, xBull, Albedo, Lobstr. The agent holds its own Ed25519 signer; no wallet involved on the agent side.
- What about the per-transaction max?
- Separate from the daily cap. The per-tx max caps any single bad decision (one runaway query, one miscounted batch). The daily cap caps the total blast radius. Both are enforced by the same on-chain spending rule, on every transaction.
Two minutes to a card your agent can't drain.
Open the dashboard and answer five questions. Or paste one URL into your agent and watch it do the whole setup for you. Either way, you end up with the same card, the same on-chain guarantees, and the same contract ID.