Points Auditor
operationalThe Points Auditor is the economic layer of the NANDA network — managing x402-NP payment intents, settlement verification, wallet balances, and reconciliation for agent-to-agent value transfers. It provides a complete audit trail for every economic interaction in the ecosystem.
Core Capabilities
Payment Intents
x402-NP payment intents define value transfers between agents — payer, payee, amount in NANDA Points (NP), memo, nonce, and expiry window. Intents are tracked from creation through settlement.
Settlement Verification
Settlements record completed value transfers with transaction hashes and HMAC-SHA256
signatures (using KYM_NANDA_RADIUS_SECRET). Each settlement is verified for
authenticity before crediting.
👛 Wallet Management
Per-agent wallets track balances in NANDA Points (NP) with currency and scale metadata. Balances are updated atomically as settlements are processed.
Reconciliation
Automated reconciliation matches payment intents to settlements, computing deltas and flagging mismatches. Verdicts are recorded with latency metrics for audit.
Payment Intent Lifecycle
Intent Created
A payer agent creates an intent specifying the payee, amount (NP), optional memo, and a time window for settlement. A unique nonce prevents replay attacks.
Awaiting Settlement
The intent remains open until the payee submits a settlement or the expiry window
elapses. Open intents are monitored for timeout.
Settlement Submitted
The payee submits a settlement with a transaction hash and signature. The system verifies the signature and records the settlement with a verified status.
Reconciliation
The reconciliation engine matches the intent to its settlement, computes any delta, measures settlement latency, and records a verdict (match, mismatch, or timeout).
A2A Protocol Actions
The Auditor is accessible via the A2A JSON-RPC protocol at /a2a:
audit.intent Declare a payment intent specifying payer, payee, amount, memo, and expiry window
audit.tx Submit a settlement transaction with HMAC-SHA256 signature for verification and reconciliation
audit.status Query the audit status of a payment intent — settlement, reconciliation verdict, and wallet impact
Mismatch Detection
The reconciliation engine automatically flags mismatches when:
- Amount delta — settlement amount differs from intent amount
- Signature failure — settlement signature cannot be verified
- Timeout — intent expires without a matching settlement
- Duplicate — multiple settlements reference the same intent
Integration with Other Services
- Agent Registry — wallet accounts are linked to registered agent IDs
- Capability Certifier — certification may require point deposits or escrow
- Observer Evaluator — reputation scores influence credit multipliers
- Compliance Enforcer — payment compliance rules and violation tracking