darwin.agenticcloud
darwin.cloud — agent-first commerce

Real purchases. Bounded. Signed.

Darwin is the agent-first commerce layer. Our agent completes authorized purchases on your WebMCP surface, only where it provably succeeds, and returns a cryptographically signed receipt for every order.

$ pip install darwin-agentic-cloud
for merchants

Converted demand. Every order proven.

Darwin routes real buyer-intent transactions to your checkout and proves each one. Not a blog link, not a cookie hoping to fire. An agent that places bounded, authorized orders on your WebMCP surface, then hands back a signed receipt. You get the sale and the proof in the same step.

Converted, not curious. The agent only acts on a request to buy. Every routed order is buyer intent, already decided.
Bounded, not reckless. Every purchase rides an AP2 mandate, a signed spend cap and approved-merchant list. No unbounded spend, no fraud surface. The card stays tokenized in the user's Google account. Darwin never holds it.
Integration-attributed, not guessed. Orders are credited to the integration that placed them, not a last-click cookie. Clean attribution, clean payout.
Compliant surfaces only. If your surface is not WebMCP-ready, the agent does not go there. It only routes where it provably completes.
the transaction receipt

A signed receipt for every purchase.

Every order Darwin places returns a v0.2 attestation under the webmcp-action evidence schema. Merchant, item, amount, order id, and the AP2 mandate that authorized it, all signed and verifiable against the public keylist. This is the expense record, the audit trail, and the payout proof in one artifact.

Attestation of Purchase · darwin.agenticcloud · sample
✦ SECURITAS · STABILITAS · SIGNUM ✦
ORDER No. BK-9F2C
issued  2026-06-06T14:02:11Z
merchant  expedia.com
item  round trip · DTW
amount  $312.40
─ ◊ ─ ◊ ─ ◊ ─ ◊ ─ ◊ ─ ◊ ─ ◊ ─ ◊ ─ ◊ ─ ◊ ─
surface  webmcp · expedia
schema  darwin.cloud/evidence/webmcp-action/v1
value-added
mandateAP2 · cap $400 / spent $312.40
merchanton approved list
identityanchored to public keylist
─ ◊ ─ ◊ ─ ◊ ─ ◊ ─ ◊ ─ ◊ ─ ◊ ─ ◊ ─ ◊ ─ ◊ ─
✓ ATTESTATION SIGNED
by  dac-local-d1bf7cad25875cee
schema  darwin.cloud/agenticcloud/attestation/v0.2
how it works

Route. Gate. Authorize. Pay. Sign.

Five steps, one chain, cryptographic end to end. The user's Google account is the only thing they connect.

1
Route. The agent maps the request to the right WebMCP merchant.
2
Gate. It probes the surface. WebMCP-ready, it proceeds. Not ready, it refuses. No fallback, no scraping.
3
Authorize. It checks the AP2 mandate, the user's signed spend cap and approved merchants.
4
Pay. The tokenized credential charges at WebMCP checkout. The agent never holds the card. Darwin never sees it.
5
Sign. Darwin returns a signed receipt anyone can verify, offline, against the public keylist.
see it

A real signed receipt. Verify it yourself.

Live attestation
A real v0.2 attestation, signed at build time. Don't trust the page, verify the receipt.
View the demo →
who uses it

For businesses that delegate buying.

Agencies, field service, clinics, and small firms with recurring, delegatable spend. Travel booking and supply reordering done by an agent, bounded by limits the owner sets, every purchase returned signed and receipted. Connect your Google Workspace. That's it.