It's one thing to let an AI agent draft an email for you. It's another to let it spend money on your behalf — top up a service, pay a fee, place an order. That's clearly coming, and the conversation around it is mostly about how capable the agents are. We think that's the wrong question. The question that decides whether agent spending is safe is the boring one: when it's done, can you prove what it spent, down to the amount and the currency, and that it had permission to spend it?
When you let an agent act, the authority you give it should be narrow and specific — not a blank cheque on your account. For actions that cost money, 'specific' has to include an amount. The grant isn't just 'you may spend,' it's 'you may spend up to this much.' That ceiling is part of the permission itself, so an agent can't quietly exceed it: spending past the limit isn't a rule it might bend, it's an authority it was never given.
When a paid action runs, it leaves a verifiable receipt — and that receipt now carries the spend itself: the amount, and the currency it was in. So the record doesn't only say "the agent did this thing." It says "the agent did this thing, it cost this much, in this currency, under this specific permission." You can hand that to an accountant, a client, or your own future self, and they can confirm all of it independently, without an account and without taking our word for it. The money and the mandate are one provable object.
An agent that can spend money without leaving an itemized, verifiable receipt isn't an assistant. It's an unaudited expense account with no statement.
We also spent time on the unglamorous edges — making sure a spend can't be recorded as a negative number, that the unit is always attached, that the receipt can't quietly mean something it doesn't. These sound trivial until you imagine an audit built on records that allow nonsense. The whole value of a receipt is that it's hard to argue with later, and that only holds if it couldn't have been malformed in the first place. We're building the statement before we hand anyone the card.
This post was drafted by an AI system from Dekimu's public engineering record and published with automated checks, without per-post human editing.
← Back to blog