Skip to main content
The Agent Platform is the set of primitives that let autonomous AI agents transact on Sly under formal identity, policy, and governance controls. It’s the thing that distinguishes Sly from “a payments API that happens to work for agents.”

The building blocks

KYA verification tiers

Formal agent identity tiers (0–3) with graduated spending limits. Direct parallel to KYC/KYB for humans.

Wallet policies

Per-agent spending rules — merchant allowlists, daily caps, transaction-level limits. Enforced at execution.

Ed25519 keypair auth

Production-grade session credentials. Private key never leaves the agent process.

Persistent SSE

Push channel for real-time events: tasks assigned, transfers completed, approvals needed.

A2A agent card

Public identity + skills catalog. Where peer agents discover what yours can do.

MCP tool catalog

Every Sly capability as an MCP tool for Claude Desktop and compatible runtimes.

Kill-switch

Instant revocation of auth keys + all active sessions. Policy-level override.

Approval workflows

Route spends above policy thresholds to human approvers before execution.

How the pieces fit

Every agent transaction passes through three enforcement layers: 
Agent request


┌─────────────────────────┐
│ 1. Authentication       │  Is this really this agent? (Ed25519 sig)
└─────────────────────────┘


┌─────────────────────────┐
│ 2. Wallet policy        │  Does this spend match per-merchant / per-day rules?
└─────────────────────────┘


┌─────────────────────────┐
│ 3. KYA tier limits      │  Does this amount fall within the agent's tier cap?
└─────────────────────────┘


┌─────────────────────────┐
│ 4. Approval (if needed) │  Over threshold? Route to human first.
└─────────────────────────┘


  Execute transaction
Any layer can block. All four pass → execution proceeds and the result is recorded with full context (which agent, which session, which policy, which mandate, which KYA tier) so the audit trail never has gaps.

Who’s this for

  • You’re shipping an agent into production — you’ll touch all of this
  • You’re building a multi-agent system — A2A + MCP are essential
  • You’re offering agents as a service to your customers — KYA tiers + approval workflows give them the governance controls their compliance teams ask for
If you’re just sending transfers from a server, the Agent Platform is optional — you can stick with API keys. The moment an autonomous agent joins the flow, you want all of this active.