paybondpaybond
Sign in

Paybond with Stripe agentic commerce

How Paybond complements Stripe Agentic Commerce Suite, ACP, UCP, and machine payments — checkout execution on Stripe rails, conditional settlement and signed receipts in Paybond.

Stripe helps merchants sell through agents — product discovery, checkout sessions, shared payment tokens, and payment execution on rails merchants already operate.

Paybond is the trust layer underneath agent spend — signed intents, outcome-verified escrow, predicate evaluation, operator disputes, and cryptographically signed portable receipts.

Complement, not replacement

Paybond does not replace Stripe as the payment service provider. Tenants keep Stripe Connect destinations, PaymentIntents, webhooks, and Agentic Commerce Protocol (ACP) / Universal Commerce Protocol (UCP) checkout flows. Paybond orchestrates when held funds release or refund and what proof is required before that happens.

This page is an integration brief for Stripe partner, platform, and merchant conversations — including the SaaS Platforms track where a platform enables connected accounts, agent marketplaces, or delegated agent spend on top of Stripe Connect.

Partner positioning

StripePaybond
Primary jobAgentic checkout and payment execution on merchant railsConditional settlement, evidence, disputes, and portable receipts
Typical buyerMerchants and commerce platforms adopting ACS / ACP / UCPPlatforms, marketplaces, and enterprises governing autonomous spend
Money movementPaymentIntent authorize/capture, Connect transfers, MPP Payment AuthHarbor release/refund drivers on the same rails after predicate evaluation
Proof outputOrders, webhooks, payment recordsSigned Agent Receipts (ARS), Ledger provenance, Signal standing

Joint customer story: Stripe answers whether an agent can complete checkout with an authorized payment. Paybond answers whether the agent satisfied policy before funds release, refund, or human escalation — with an auditable record both sides can verify.

Paybond workspace billing (subscriptions via Stripe Checkout) is separate from intent settlement (per-transaction escrow on tenant-configured rails). See How intent funding works.

Product surfaces (what partners integrate)

SurfaceRole in a Stripe and Paybond deployment
Paybond KitSDK middleware at the agent runtime — wraps paid tools, issues recognition proofs, funds intents, submits evidence
Paybond HarborIntent escrow engine — create, fund, verify, evidence, release/refund, dispute freeze
Paybond LedgerAppend-only signed history for audits, exports, and dispute dossiers
Paybond SignalStanding and reputation derived from verified receipts and settlement outcomes
Agent Receipt Standard (ARS)Portable paybond.agent_receipt_v1 proof any counterparty can verify offline

Two layers in one purchase

LayerTypical ownerWhat happens
Agent checkout & payment executionStripe Agentic Commerce Suite, ACP, UCP, Shared Payment TokensAgent builds cart, buyer authorizes, merchant receives payment credentials, PaymentIntent succeeds
Conditional settlement & proofPaybond Harbor, Ledger, SignalFunds held against explicit deliverables, evidence evaluated, release/refund/dispute, signed receipts and standing

Many agent purchases can stop after Stripe checkout succeeds. Paybond matters when release should not be automatic:

  • marketplace jobs with buyer/seller/operator roles (platform with connected accounts)
  • procurement agents with acceptance criteria
  • high-trust B2B agent spend with audit requirements
  • flows where disputes need a shared evidence record, not chat logs

SaaS Platforms angle

For Stripe Connect platforms that onboard sub-merchants or power agent marketplaces:

  1. Platform tenant configures settlement in Paybond Configuration → Settlement — linked Connect destination, allowed rails (stripe_connect, stripe_ach_debit, stripe_mpp), server-owned routing. Clients never pass Connect account ids in create payloads.
  2. Agents run behind Kit middleware with tenant-derived API keys — scope comes from credentials, not client-supplied tenant ids.
  3. Stripe executes payment authorization on the linked Connect path; Paybond holds and releases against predicates.
  4. Operators review disputes, chargeback signals, and audit exports from a single Harbor and Ledger record.

Paybond does not replace Connect onboarding or platform payout logic. It adds intent-scoped escrow and evidence so platforms can offer governed agent commerce without building a custom settlement state machine.

Reference flows (both products)

Two common orderings — pick based on whether checkout or spend policy comes first:

A. Checkout-first (ACS / ACP / UCP merchant flow)

Buyer & agent Stripe (ACP / UCP / ACS) Paybond (Harbor) | | | |-- discover / cart ----->| | |-- checkout complete --->| PaymentIntent authorized | | | | |-- optional escrow ----->|------------------------------>| signed intent and fund (if conditional release) | | | evidence → release / refund | |<---- capture / transfer -----| | | | ARS receipt → Ledger

B. Guard-first (Kit middleware on Stripe SDK tools)

Agent runtime (Kit) Paybond Harbor Stripe Connect / MPP | | | |-- create intent ------->| | |-- fund on rail -------->| PaymentIntent / Payment Auth ->| |<-- capability_token ----| | |-- guarded Stripe tool ->| verify → execute | PI create/capture |-- evidence submit ---->| predicate → release/refund | capture / cancel | | ARS receipt → Ledger |

Stripe answers: Can this agent complete checkout with an authorized payment?

Paybond answers: Did the agent do what the policy required before we release, refund, or escalate to a human?

ACS manual capture (conditional settlement)

When release depends on Paybond predicates — not automatic capture at checkout — merchants should enable manual capture in the Stripe Dashboard under Agentic commerce settings. ACS then authorizes the PaymentIntent without capturing; Harbor drives capture (or cancel) on drive_terminal_settlement for stripe_connect — the same mental model as Connect PI holds in Settlement with existing payment providers.

SettingWhereWhy
Manual captureStripe Dashboard → Agentic commerceKeeps funds authorized until Harbor release / refund
Metadata bindingPaymentIntent metadata via Kit buildPaybondStripeMetadataWebhooks resolve tenant_id + paybond_intent_id for funding
Harbor releaseEvidence → predicate → drive_terminal_settlementCaptures on pass; cancels on fail

Checkout-first merchants: create the Paybond intent when conditional escrow starts, stamp ACS checkout PaymentIntents with the same metadata contract, and treat Stripe webhooks as funding — not completion evidence.

Tenant-admin checklist: Configure settlement rails.

What Stripe covers today

Paybond teams usually encounter Stripe in these surfaces:

Stripe surfaceRole in agentic commerce
Agentic Commerce SuiteMerchant-ready catalog syndication, hosted ACP endpoints, agent checkout enablement
ACP (Agentic Commerce Protocol)Checkout session lifecycle, delegate payment, orders and webhooks
UCP (Universal Commerce Protocol)Full shopping journey interoperability (discovery → checkout → orders)
Shared Payment TokensSecure credential handoff from agent surfaces to merchant PSP
MPP / machine paymentsAgents paying for APIs and services programmatically (Beta Preview on Paybond)

Paybond does not implement merchant catalog feeds or in-chat checkout UI. Those stay on Stripe and the merchant commerce stack.

What Paybond adds on Stripe rails

Paybond integrates Stripe for intent-scoped settlement, not workspace billing:

Paybond railStripe touchpointPaybond behavior after funding
stripe_connectPaymentIntent hold on linked Connect destinationCapture on release; cancel on predicate failure
stripe_ach_debitACH PaymentIntent; async payment_intent.succeededTransfer on release; refund path on failure
stripe_mpp (Beta Preview)Payment Auth charge or Tempo sessionVoucher metering at verify; terminal release after evidence

Harbor snapshots tenant settlement config server-side — clients never pass Connect account ids or MPP profile ids in create payloads.

Integration surface for partners:

LayerEntry points
Kit (application)paybond.intents.create, fundWithMppCharge / fundWithX402, paybond.instrument() middleware, ARS emit/consume
Gateway (control plane)GET/PUT /v1/admin/settlement/config, authenticated Harbor proxies, /webhooks/stripe → Harbor ingest
Harbor (settlement)POST /intents, POST /intents/{id}/fund, POST /verify, evidence and settlement/confirm
WebhooksStripe settlement events enqueue at Gateway, forward to Harbor under mTLS — funding gates, not completion evidence

For webhook paths, capture timing, and stuck-intent recovery, see Settlement with existing payment providers.

Kit at the agent boundary

Application teams wire Paybond Kit middleware around paid tools — including wrappers that call Stripe SDKs. Guard-first flows use the stripe-commerce preset (payments.charge_customer + stripe_charge evidence) — the same primary operation as Protect Stripe payments from agents:

Terminal
Terminal commandSwipe to inspect long lines
paybond login
paybond policy init --preset stripe-commerce --out paybond.policy.yaml
paybond agent sandbox smoke \
  --preset stripe-commerce \
  --format table

Kit helpers for app-owned Stripe SDK or ACS PaymentIntents:

  • buildPaybondStripeMetadata({ tenantId, intentId, rail? }) — stamps tenant_id / paybond_intent_id for webhook preflight
  • mapStripeToolResultToEvidence(toolResult, { preset: "stripe_charge" }) — completion evidence; rejects funding webhook envelopes

Offline rehearsal without API credentials: paybond dev loop --offline and paybond dev trace (local dashboard at http://127.0.0.1:9477).

Production pattern:

  1. Stripe (or merchant UCP/ACP endpoint) completes buyer checkout when the flow is catalog with payment execution. Enable ACS manual capture when Paybond will drive capture on release.
  2. Paybond intent funds on the tenant's allowed Stripe rail when the agent needs a bounded spend boundary before side effects.
  3. Evidence attaches tool results (not Stripe funding webhooks); Harbor evaluates predicates.
  4. Release or refund drives Stripe capture/cancel/transfer.
  5. Agent Receipt Standard (ARS) emits portable signed proof for operators and partners.

See Protect Stripe payments from agents for PaymentIntent tool guarding and How agent settlement works for the five-step Harbor lifecycle.

Sandbox and onboarding path

StepAction
1Create a Paybond sandbox tenant (paybond login → self-serve signup or platform-provisioned tenant)
2Link Stripe Connect in Configuration → Settlement (sandbox and production are separate)
3Enable allowed rails; for MPP, configure profile_test_* and readiness checks
4Run Kit smoke or paybond dev loop to rehearse bind → verify → evidence without production keys
5Promote to production after rail readiness and webhook delivery checks

Tenant admin setup: Configure settlement rails. MPP deep dive: Fund intents on Stripe MPP.

When to use which

ScenarioStart withAdd Paybond when
Merchant sells via ChatGPT / agent storefront (instant checkout)Stripe ACS and ACPYou need conditional release, disputes, or cross-platform receipts after payment
Agent buys from arbitrary merchants (MPP / x402)Stripe MPP or x402You need per-intent budgets, evidence presets, and audit exports
Agent marketplace (buyer, seller, operator)Your orchestrator and Paybond HarborStripe (or other PSP) funds the job; Paybond holds and releases
Enterprise agent fleet (procurement, SaaS, travel)Paybond Kit and HarborStripe Connect/ACH settles to vendors; Paybond enforces policy and provenance
Stripe Connect platform with sub-merchantsStripe Connect and ACS where applicablePlatform needs governed escrow, evidence, and ARS across connected accounts

Security and tenant boundaries

Shared principles for combined deployments:

  • Tenant scope is derived from authenticated credentials — never from client-supplied tenant ids.
  • Funding webhooks (Stripe → Gateway → Harbor) are separate from completion evidence (tool results after capability_token).
  • Stripe chargebacks do not automatically open Harbor disputes — operators follow Paybond dispute workflows with a canonical ledger record.

See Disputes and evidence evaluation and Secure agentic banking infrastructure.

Co-sell and support

NeedContact
Partnership, platform rollout, enterpriseTalk to sales[email protected]
Integration support, sandbox issues[email protected]
Technical review packExternal documentation index

Partner summary

Stripe executes agentic checkout and payment authorization on merchant rails.

Paybond makes agent spend authorized, verified, and auditable — escrow, evidence, release rules, disputes, and signed portable receipts on top of those rails.

Together they cover the full agentic commerce stack: discovery and payment execution on Stripe, conditional settlement and standing on Paybond.

Where to go next