Stripe helps merchants sell through agents — product discovery, checkout sessions, shared payment tokens, and payment execution on rails merchants already operate.
Paybond is the trust layer underneath agent spend — signed intents, outcome-verified escrow, predicate evaluation, operator disputes, and cryptographically signed portable receipts.
Complement, not replacement
Paybond does not replace Stripe as the payment service provider. Tenants keep Stripe Connect destinations, PaymentIntents, webhooks, and Agentic Commerce Protocol (ACP) / Universal Commerce Protocol (UCP) checkout flows. Paybond orchestrates when held funds release or refund and what proof is required before that happens.
This page is an integration brief for Stripe partner, platform, and merchant conversations — including the SaaS Platforms track where a platform enables connected accounts, agent marketplaces, or delegated agent spend on top of Stripe Connect.
Partner positioning
| Stripe | Paybond | |
|---|---|---|
| Primary job | Agentic checkout and payment execution on merchant rails | Conditional settlement, evidence, disputes, and portable receipts |
| Typical buyer | Merchants and commerce platforms adopting ACS / ACP / UCP | Platforms, marketplaces, and enterprises governing autonomous spend |
| Money movement | PaymentIntent authorize/capture, Connect transfers, MPP Payment Auth | Harbor release/refund drivers on the same rails after predicate evaluation |
| Proof output | Orders, webhooks, payment records | Signed Agent Receipts (ARS), Ledger provenance, Signal standing |
Joint customer story: Stripe answers whether an agent can complete checkout with an authorized payment. Paybond answers whether the agent satisfied policy before funds release, refund, or human escalation — with an auditable record both sides can verify.
Paybond workspace billing (subscriptions via Stripe Checkout) is separate from intent settlement (per-transaction escrow on tenant-configured rails). See How intent funding works.
Product surfaces (what partners integrate)
| Surface | Role in a Stripe and Paybond deployment |
|---|---|
| Paybond Kit | SDK middleware at the agent runtime — wraps paid tools, issues recognition proofs, funds intents, submits evidence |
| Paybond Harbor | Intent escrow engine — create, fund, verify, evidence, release/refund, dispute freeze |
| Paybond Ledger | Append-only signed history for audits, exports, and dispute dossiers |
| Paybond Signal | Standing and reputation derived from verified receipts and settlement outcomes |
| Agent Receipt Standard (ARS) | Portable paybond.agent_receipt_v1 proof any counterparty can verify offline |
Two layers in one purchase
| Layer | Typical owner | What happens |
|---|---|---|
| Agent checkout & payment execution | Stripe Agentic Commerce Suite, ACP, UCP, Shared Payment Tokens | Agent builds cart, buyer authorizes, merchant receives payment credentials, PaymentIntent succeeds |
| Conditional settlement & proof | Paybond Harbor, Ledger, Signal | Funds held against explicit deliverables, evidence evaluated, release/refund/dispute, signed receipts and standing |
Many agent purchases can stop after Stripe checkout succeeds. Paybond matters when release should not be automatic:
- marketplace jobs with buyer/seller/operator roles (platform with connected accounts)
- procurement agents with acceptance criteria
- high-trust B2B agent spend with audit requirements
- flows where disputes need a shared evidence record, not chat logs
SaaS Platforms angle
For Stripe Connect platforms that onboard sub-merchants or power agent marketplaces:
- Platform tenant configures settlement in Paybond Configuration → Settlement — linked Connect destination, allowed rails (
stripe_connect,stripe_ach_debit,stripe_mpp), server-owned routing. Clients never pass Connect account ids in create payloads. - Agents run behind Kit middleware with tenant-derived API keys — scope comes from credentials, not client-supplied tenant ids.
- Stripe executes payment authorization on the linked Connect path; Paybond holds and releases against predicates.
- Operators review disputes, chargeback signals, and audit exports from a single Harbor and Ledger record.
Paybond does not replace Connect onboarding or platform payout logic. It adds intent-scoped escrow and evidence so platforms can offer governed agent commerce without building a custom settlement state machine.
Reference flows (both products)
Two common orderings — pick based on whether checkout or spend policy comes first:
A. Checkout-first (ACS / ACP / UCP merchant flow)
Buyer & agent Stripe (ACP / UCP / ACS) Paybond (Harbor)
| | |
|-- discover / cart ----->| |
|-- checkout complete --->| PaymentIntent authorized |
| | |
|-- optional escrow ----->|------------------------------>| signed intent and fund (if conditional release)
| | | evidence → release / refund
| |<---- capture / transfer -----|
| | | ARS receipt → Ledger
B. Guard-first (Kit middleware on Stripe SDK tools)
Agent runtime (Kit) Paybond Harbor Stripe Connect / MPP
| | |
|-- create intent ------->| |
|-- fund on rail -------->| PaymentIntent / Payment Auth ->|
|<-- capability_token ----| |
|-- guarded Stripe tool ->| verify → execute | PI create/capture
|-- evidence submit ---->| predicate → release/refund | capture / cancel
| | ARS receipt → Ledger |
Stripe answers: Can this agent complete checkout with an authorized payment?
Paybond answers: Did the agent do what the policy required before we release, refund, or escalate to a human?
ACS manual capture (conditional settlement)
When release depends on Paybond predicates — not automatic capture at checkout — merchants should enable manual capture in the Stripe Dashboard under Agentic commerce settings. ACS then authorizes the PaymentIntent without capturing; Harbor drives capture (or cancel) on drive_terminal_settlement for stripe_connect — the same mental model as Connect PI holds in Settlement with existing payment providers.
| Setting | Where | Why |
|---|---|---|
| Manual capture | Stripe Dashboard → Agentic commerce | Keeps funds authorized until Harbor release / refund |
| Metadata binding | PaymentIntent metadata via Kit buildPaybondStripeMetadata | Webhooks resolve tenant_id + paybond_intent_id for funding |
| Harbor release | Evidence → predicate → drive_terminal_settlement | Captures on pass; cancels on fail |
Checkout-first merchants: create the Paybond intent when conditional escrow starts, stamp ACS checkout PaymentIntents with the same metadata contract, and treat Stripe webhooks as funding — not completion evidence.
Tenant-admin checklist: Configure settlement rails.
What Stripe covers today
Paybond teams usually encounter Stripe in these surfaces:
| Stripe surface | Role in agentic commerce |
|---|---|
| Agentic Commerce Suite | Merchant-ready catalog syndication, hosted ACP endpoints, agent checkout enablement |
| ACP (Agentic Commerce Protocol) | Checkout session lifecycle, delegate payment, orders and webhooks |
| UCP (Universal Commerce Protocol) | Full shopping journey interoperability (discovery → checkout → orders) |
| Shared Payment Tokens | Secure credential handoff from agent surfaces to merchant PSP |
| MPP / machine payments | Agents paying for APIs and services programmatically (Beta Preview on Paybond) |
Paybond does not implement merchant catalog feeds or in-chat checkout UI. Those stay on Stripe and the merchant commerce stack.
What Paybond adds on Stripe rails
Paybond integrates Stripe for intent-scoped settlement, not workspace billing:
| Paybond rail | Stripe touchpoint | Paybond behavior after funding |
|---|---|---|
stripe_connect | PaymentIntent hold on linked Connect destination | Capture on release; cancel on predicate failure |
stripe_ach_debit | ACH PaymentIntent; async payment_intent.succeeded | Transfer on release; refund path on failure |
stripe_mpp (Beta Preview) | Payment Auth charge or Tempo session | Voucher metering at verify; terminal release after evidence |
Harbor snapshots tenant settlement config server-side — clients never pass Connect account ids or MPP profile ids in create payloads.
Integration surface for partners:
| Layer | Entry points |
|---|---|
| Kit (application) | paybond.intents.create, fundWithMppCharge / fundWithX402, paybond.instrument() middleware, ARS emit/consume |
| Gateway (control plane) | GET/PUT /v1/admin/settlement/config, authenticated Harbor proxies, /webhooks/stripe → Harbor ingest |
| Harbor (settlement) | POST /intents, POST /intents/{id}/fund, POST /verify, evidence and settlement/confirm |
| Webhooks | Stripe settlement events enqueue at Gateway, forward to Harbor under mTLS — funding gates, not completion evidence |
For webhook paths, capture timing, and stuck-intent recovery, see Settlement with existing payment providers.
Kit at the agent boundary
Application teams wire Paybond Kit middleware around paid tools — including wrappers that call Stripe SDKs. Guard-first flows use the stripe-commerce preset (payments.charge_customer + stripe_charge evidence) — the same primary operation as Protect Stripe payments from agents:
terminal
paybond login
paybond policy init --preset stripe-commerce --out paybond.policy.yaml
paybond agent sandbox smoke \
--preset stripe-commerce \
--format tableKit helpers for app-owned Stripe SDK or ACS PaymentIntents:
buildPaybondStripeMetadata({ tenantId, intentId, rail? })— stampstenant_id/paybond_intent_idfor webhook preflightmapStripeToolResultToEvidence(toolResult, { preset: "stripe_charge" })— completion evidence; rejects funding webhook envelopes
Offline rehearsal without API credentials: paybond dev loop --offline and paybond dev trace (local dashboard at http://127.0.0.1:9477).
Production pattern:
- Stripe (or merchant UCP/ACP endpoint) completes buyer checkout when the flow is catalog with payment execution. Enable ACS manual capture when Paybond will drive capture on release.
- Paybond intent funds on the tenant's allowed Stripe rail when the agent needs a bounded spend boundary before side effects.
- Evidence attaches tool results (not Stripe funding webhooks); Harbor evaluates predicates.
- Release or refund drives Stripe capture/cancel/transfer.
- Agent Receipt Standard (ARS) emits portable signed proof for operators and partners.
See Protect Stripe payments from agents for PaymentIntent tool guarding and How agent settlement works for the five-step Harbor lifecycle.
Sandbox and onboarding path
| Step | Action |
|---|---|
| 1 | Create a Paybond sandbox tenant (paybond login → self-serve signup or platform-provisioned tenant) |
| 2 | Link Stripe Connect in Configuration → Settlement (sandbox and production are separate) |
| 3 | Enable allowed rails; for MPP, configure profile_test_* and readiness checks |
| 4 | Run Kit smoke or paybond dev loop to rehearse bind → verify → evidence without production keys |
| 5 | Promote to production after rail readiness and webhook delivery checks |
Tenant admin setup: Configure settlement rails. MPP deep dive: Fund intents on Stripe MPP.
When to use which
| Scenario | Start with | Add Paybond when |
|---|---|---|
| Merchant sells via ChatGPT / agent storefront (instant checkout) | Stripe ACS and ACP | You need conditional release, disputes, or cross-platform receipts after payment |
| Agent buys from arbitrary merchants (MPP / x402) | Stripe MPP or x402 | You need per-intent budgets, evidence presets, and audit exports |
| Agent marketplace (buyer, seller, operator) | Your orchestrator and Paybond Harbor | Stripe (or other PSP) funds the job; Paybond holds and releases |
| Enterprise agent fleet (procurement, SaaS, travel) | Paybond Kit and Harbor | Stripe Connect/ACH settles to vendors; Paybond enforces policy and provenance |
| Stripe Connect platform with sub-merchants | Stripe Connect and ACS where applicable | Platform needs governed escrow, evidence, and ARS across connected accounts |
Security and tenant boundaries
Shared principles for combined deployments:
- Tenant scope is derived from authenticated credentials — never from client-supplied tenant ids.
- Funding webhooks (Stripe → Gateway → Harbor) are separate from completion evidence (tool results after
capability_token). - Stripe chargebacks do not automatically open Harbor disputes — operators follow Paybond dispute workflows with a canonical ledger record.
See Disputes and evidence evaluation and Secure agentic banking infrastructure.
Co-sell and support
| Need | Contact |
|---|---|
| Partnership, platform rollout, enterprise | Talk to sales — [email protected] |
| Integration support, sandbox issues | [email protected] |
| Technical review pack | External documentation index |
Partner summary
Stripe executes agentic checkout and payment authorization on merchant rails.
Paybond makes agent spend authorized, verified, and auditable — escrow, evidence, release rules, disputes, and signed portable receipts on top of those rails.
Together they cover the full agentic commerce stack: discovery and payment execution on Stripe, conditional settlement and standing on Paybond.