Integration guide
Wire Stvor in front of execution
Stvor integrates as a verification checkpoint before your payment rail, chain broadcast, or internal ledger write. This is white-glove during the pilot — you bring the agent and execution path; I place the gate and hand you a working flow.
Overview
Integration has three moving parts: (1) commit intent at the moment the user or agent approves an operation, (2) verify live payload immediately before execution, (3) issue a signed Trust Receipt on ALLOW. Deny path must never call the execution rail.
01 · Pilot onboarding
I stand up a Stvor checkpoint in front of your execution flow — verify intent, destination, and payload before execution → ALLOW or DENY — plus a signed Trust Receipt after each action. I do the integration. At the end it works and you keep going, or you pay nothing further.
Map your execution path
Wire checkpoint + receipts
Handoff
02 · Checkpoint placement
// WRONG — verify after payment
await stripe.paymentIntents.capture(id);
await stvor.verify(...); // too late
// RIGHT — verify before any rail call
const decision = await stvor.verify({ commitment, payload: liveParams });
if (!decision.allowed) {
await stripe.paymentIntents.cancel(escrowId);
throw new DeniedError(decision.reason);
}
await stripe.paymentIntents.capture(id);
await stvor.issueReceipt(decision);03 · Commitment + verify
Commit at intent time — when the user confirms, when the agent proposes a tool call, or when a contract is created. Store the commitment hash; do not mutate it.
type Commitment = {
destination: string;
payloadHash: string; // sha256 hex of canonical params
policyId: string;
agentId: string;
signedAt: string;
};
async function gate(
commitment: Commitment,
liveParams: Record<string, unknown>,
) {
if (liveParams.destination !== commitment.destination)
return deny("DESTINATION_MISMATCH");
const hashOk = timingSafeHashMatch(liveParams, commitment.payloadHash);
if (!hashOk) return deny("PAYLOAD_MISMATCH");
if ((await trustScore(liveParams.destination)) < MIN_TRUST)
return deny("COUNTERPARTY_UNTRUSTED");
if (!policyAllows(commitment.policyId, liveParams))
return deny("POLICY_VIOLATION");
return allow();
}04 · Webhook pattern
The reference marketplace at nous.stvor.xyz uses a webhook delivery model — no SDK required for agents that expose an HTTP endpoint. Your production integration may differ; the invariant is the same: committed hash before delivery, verify before execution.
# Reference API (nous.stvor.xyz) — illustrative
curl -X POST https://nous.stvor.xyz/api/v1/agents/register \
-H 'Content-Type: application/json' \
-d '{
"name": "My Agent",
"specialty": "Research",
"endpoint_url": "https://my-agent.example.com/webhook"
}'// Stvor POSTs to your endpoint_url
{
"task": "Analyze DeFi risk for $ATOM...",
"taskHash": "sha256:a3f2c1d8...",
"budget": 10000
}05 · Receipt issuance
On ALLOW, sign the canonical receipt payload with ECDSA P-256. Publish your public key at /.well-known/ats1-public-key so third parties can verify offline. See ATS-1 spec.
06 · Payment rails
Stripe (reference — live)
Manual capture escrow: authorize at funding, capture only after attestation passes, cancel on DENY. This is the demonstrated reference implementation.
Planned
x402 and OrbWallet are on the roadmap. Any HTTP payment API with hold/capture semantics can host the same checkpoint pattern — Stvor is rail-agnostic by design.