npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@agenticprimitives/payments

v0.0.0-alpha.5

Published

PaymentMandate + ContextBinding + MandateConstraints + open/closed mode discrimination. Three W1 rails (x402, wallet, sponsored-userop). PaymentReceipt asserted into AttestationRegistry per ADR-0023.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

richcanvasrichcanvas

Keywords

agenticprimitivespayments

Readme

@agenticprimitives/payments

Status: STUB (Wave 0.5 of the W1 implementation wave). Typed primitives and invariant guards ship today; the EIP-712 mandate signer and the three W1 rails land in Wave 6 per the w1 implementation wave plan. A recent self-audit flagged this package's docs for overclaiming (NEW-PMT-1); this README is written to the actual surface.

Machine payments arrived. x402 made HTTP-native pay-per-request real; Google's AP2 defined mandates for agent-initiated spend. What neither ships — what nobody ships — is machine payments scoped by the same delegation, custody, and audit substrate that governs everything else the agent does. "This agent may spend up to this amount, for this task, on this rail, until Friday — signed by a smart account, bound to the work it pays for, receipted into an attestation registry" is the combination the agent economy actually needs, and it only exists when payments are a layer of one system rather than a bolted-on rail.

This package is the designed payments slice of that substrate — spine Layer 9b, the PaymentMandate — spec'd in full, scaffolded now, landing in the implementation waves.

Part of agenticprimitives — the trust substrate for the agent economy: one canonical Smart Agent identity with custody, delegation, naming, credentials, and audit evidence designed as one system.

What ships today

Typed primitives and pure invariant guards — no signing, no execution, no money moves:

  • PaymentMandate type — payer, payee, granter, rail, AmountPolicy (exact / range / formula), maxRedemptions, validity window, mode, and an optional delegationRef linking the mandate to the delegation that authorized it.
  • ContextBinding + assertContextBindingValid — PMT-3.1 enforced: every mandate must bind to at least one of intent / agreement / task / artifact / HTTP resource. No context-free spend.
  • MandateConstraints — AP2-aligned aggregate scope: cumulative caps, redemption frequency windows, category allow/deny, geo-fencing.
  • Open/closed mode discrimination + assertClosedMandateInvariants — PMT-INV-14 enforced: a closed (final-charge) mandate is always one-shot.
  • computeMandateId — deterministic keccak-256 mandate identity over payer + nonce + rail + chain.
  • PaymentRailExecutor interface + registerRail / getRail — the extension point every rail (current and future, including the reserved confidential family) implements.

What lands in Wave 6 (designed, not shipped)

The EIP-712 typed-data builder, SA signing and ERC-1271 verification (no raw EOA signatures — PMT-INV-12), redeemPaymentMandate, and the three W1 rails: rails/wallet (SA-to-SA transfer via UserOp), rails/x402 (HTTP-native per x402.org + reference facilitator), and rails/sponsored-userop (paymaster-sponsored, no value moved). Plus PaymentReceipt — an immutable, non-revocable credential asserted into the attestation registry per ADR-0023, so every redemption leaves first-class evidence. Confidential rails (Aztec-style, Zcash-style, ZK paymasters) are a reserved W2 sub-module family.

Where this is heading / market context

  • x402 proved HTTP-native machine payments; it is one of our three W1 rails, not a competitor.
  • Google AP2 defined mandate semantics for agent spend; MandateConstraints is deliberately AP2-aligned so the substrate speaks the emerging lingua franca.
  • The gap both leave open: x402 and AP2 authorize a payment; neither anchors it to a canonical on-chain identity with custody policy, a revocable delegation chain, and an audit trail behind it. Delegation-scoped machine payments — mandate references delegation, delegation references the Smart Agent, every step receipted — is the combination this layer exists to ship.

Authoritative spec: spec 243 — payments (see spec.md). Owns spine layer 9b; bounded surface in CLAUDE.md and capability.manifest.json.

Build

pnpm --filter @agenticprimitives/payments typecheck
pnpm --filter @agenticprimitives/payments test
pnpm --filter @agenticprimitives/payments build

Status — honest version

STUB. Nothing here signs or settles a payment today; treat the rails and the EIP-712 surface as spec'd commitments. The audit finding that this package's docs once claimed more (NEW-PMT-1) is public — transparency about the gap is the point. Wave sequencing: w1-implementation-wave-plan.md.