SettleProof / AAP - Agent Attestation Protocol / Solana devnet

The settlement layer after agents pay.

Payments prove money moved. SettleProof proves whether the merchant delivered. AAP holds USDC in smart contract custody, verifies merchant delivery attestation, and auto-refunds when proof is missing before TTL.

Try demo View API Docs

Request

agent_owner9pZ4...A7m2

merchantAcme API

amount10.00 USDC

ttl24h

Escrow state

escrow createdproof verifiedsettlement complete

create

attest

settle

Proof received

Vault transfers USDC to merchant.

TTL expired

Vault refunds the agent owner.

Settlement feed

createdescrow PDA

signedproof_hash

verifieded25519 sysvar

releasedmerchant ATA

The missing layer

Payment initiation is solved. Settlement liability is not.

Agent payment stacks can issue cards, fund wallets, enforce spend controls, and trigger checkout. The unresolved question starts after the payment: did the merchant actually deliver?

SettleProof turns that post-purchase risk into a deterministic protocol path: custody first, signed delivery proof second, automatic release or refund last.

First market

Start where delivery can be hashed.

API/data commerce is the cleanest wedge: agents already buy machine-readable resources, and merchants can prove delivery with response hashes, request ids, status codes, and timestamps.

Initial wedgeAPI/data commerce

Proof templateapi-delivered-v1

Evidence fieldsstatus, response hash, request id, delivered_at

Beta limitlow-value USDC escrows, allowlisted merchants

Read the wedge docs

Commercial reality

Revenue comes from merchant pain, not protocol novelty.

The commercial motion is straightforward: start with API/data merchants already selling machine-readable outputs, keep mainnet beta closed, and price the post-payment settlement layer they cannot get from cards, wallets, or x402 alone.

Market brief

Sell deterministic settlement, not crypto theater.

The first customer is an API/data merchant already selling machine-readable outputs to agents or agent builders. That merchant buys lower refund latency, cleaner liability evidence, and an easier way to approve autonomous buyers.

SettleProof should charge for post-payment evidence and settlement control. The wedge is not consumer checkout. It is merchant-side revenue protection for agent-driven API commerce.

Hard takeaways

Mainnet is not the wedge.

A public mainnet launch does not create revenue by itself. The wedge is a closed beta with merchants that already sell machine-readable outputs.

The buyer is the merchant, not the agent user.

The merchant feels chargeback loss, support burden, and ambiguous liability. That is the pain budget.

Stay on the post-payment layer.

Cards, wallets, and x402 can initiate payment. SettleProof wins only if it owns the evidence and settlement step after delivery.

Resumo de mercado

Venda settlement determinístico, não teatro cripto.

PT-BR

O primeiro cliente é um merchant de API/dados que já vende outputs machine-readable para agents ou builders de agents. Esse merchant compra menor latência de refund, trilha de liability mais limpa e um jeito mais simples de aprovar compradores autônomos.

A cobrança da SettleProof deve ser em cima de evidência pós-pagamento e controle de settlement. O wedge não é checkout de consumidor. É proteção de receita do merchant para API commerce agent-driven.

Takeaways duros

Mainnet não é o wedge.

Abrir em mainnet para todo mundo não cria receita sozinho. O wedge é beta fechado com merchants que já vendem outputs machine-readable.

Quem compra é o merchant, não o usuário do agent.

Quem sente chargeback, suporte e liability ambígua é o merchant. Esse é o budget real de dor.

Fique na camada pós-pagamento.

Cards, wallets e x402 iniciam o pagamento. A SettleProof só ganha se dominar evidence e settlement depois da entrega.

Read the full market brief

Competitive wedge

x402 starts payment. SettleProof settles delivery.

The product is not another payment rail. It is the registry, evidence, and liability layer that agents need after a payment has been initiated.

Attestation Registry

merchant identity

Registered merchants expose attestor keys, status, and settlement history before an agent chooses where to spend.

Proof Templates

vertical evidence

API responses, hotel bookings, tickets, shipments, and digital goods can bind delivery evidence to a canonical proof hash.

Evidence Packets

audit trail

Each escrow can export proof hash, TTL, merchant, events, release/refund state, and explorer links for liability review.

Merchant Reputation

settlement history

Fulfilled, refunded, partial, and pending outcomes become the beginning of a public merchant trust graph.

Protocol primitives

Three on-chain primitives, one auditable settlement path.

Designed to complement cards, wallets, x402-style payment flows, and merchant APIs.

Custody

USDC escrow

Agent-owned funds move into a PDA vault until delivery is cryptographically resolved.

Attestation

Ed25519 proof

The merchant signs escrow_pda, proof_hash, and timestamp with a registered attestor key.

Settlement

release / refund

Valid proof releases funds. Expired TTL returns them automatically. Partial delivery can split settlement.

Built for agents, not dashboards

The UI is a demo. The product is the integration surface.

Agents do not need to open SettleProof. They request escrow parameters, sign locally, let the merchant attest delivery, and watch settlement state through the public API.

Visual demoAgent Explorer + Merchant Dashboard

Headless integrationOpenAPI + SDK + registry + evidence packets

On-chain protocolCustody + attestation + TTL auto-refund

POST /v1/escrows/prepare

Prepare escrow PDA, vault token account, agent ATA, merchant PDA, and deterministic task hash inputs.

Agent

@aap/sdk-ts createEscrow

The agent signs locally and moves USDC into smart contract custody. The API never sees private keys.

Wallet

Merchant signs proof

The merchant attestor key signs escrow_pda, proof_hash, and timestamp after delivery.

Merchant

GET /v1/indexer

Agents poll pending, fulfilled, refunded, or merchant-filtered settlement state from the persistent indexer without opening the UI.

API

Headless path

POST /v1/escrows/prepare -> SDK sign -> POST /v1/relay -> GET /v1/indexer

Live devnet proof

Not a slide. Two programs are deployed.

The current SettleProof MVP already has Anchor programs, a TypeScript SDK, and a wallet-connected app surface for merchants and agents.

Sitesettleproof.xyz

Demodemo.settleproof.xyz

APIapi.settleproof.xyz

NetworkSolana devnet

Programsaap-custody + aap-attestor

Contract tests22 Anchor integration tests

SDK tests12 TypeScript smoke tests

SurfaceVisual demo, docs, SDK, OpenAPI, relay, persistent indexer

aap_custodyDbpCDpaHvKmWgbFxqHJAaEZ35Zz96yCuNB6V5c91WnFp aap_attestorDcbEtMkSJczzbQgUC9vUeKhGfQZ4HKYMFbjAyXH2gXaa

Builder surface

A protocol surface for agents and merchants.

Use the SDK to create escrow, register merchants, sign attestations, and settle funds through the deployed programs.

Merchant dashboard Agent explorer

Demo backend Public API

SettleProof SDKsettlement.ts

const quote = await fetch(
  "https://api.settleproof.xyz/v1/escrows/prepare",
  { method: "POST", body: JSON.stringify(intent) }
).then((res) => res.json());
const taskHash = hexToBytes(quote.data.inputs.task_hash);

const { escrowPda } = await client.createEscrow({
  agentOwner,
  merchantPubkey,
  mint,
  amountStroops,
  taskHash,
  ttlSeconds,
});

const status = await fetch(
  "https://api.settleproof.xyz/v1/indexer?merchant=..."
).then((res) => res.json());