展示HN:Lexiso – 用于花费资金的AI代理的授权层
我们创建Lexiso是因为我不断遇到同一个问题:当AI代理开始进行购买时,谁来决定它们可以花多少钱?
今天,如果你正在构建一个能够购物的AI代理(如购物助手、采购机器人、订阅管理器),你只能选择以下几种方式:
- 给它你的信用卡,然后祈祷一切顺利
- 自行构建自定义授权逻辑
- 完全不让它花钱
这些方法都无法扩展。
Lexiso是缺失的一层。它是一个位于你的代理与任何支付系统之间的API:
1. 注册你的代理
2. 定义政策(金额限制、商户限制、时间窗口)
3. 在任何购买之前调用 /authorize
4. 在300毫秒内获得签名的“是/否”决策
5. 完整的审计跟踪以确保合规
响应是经过加密签名的,因此你可以在之后准确证明什么被授权以及原因。
网站: [https://lexiso.app](https://lexiso.app)
实时API: [https://api.lexiso.app](https://api.lexiso.app)
文档: [https://lexiso.app/docs](https://lexiso.app/docs)
npm: npm install lexiso
我们希望听到任何涉及财务工作流的代理构建者的反馈。有什么问题?缺少什么?你会使用这个吗?
技术细节:
- Go后端,PostgreSQL
- 所有决策均使用RSA-2048签名
- 设计符合AP2合规(谷歌的代理支付协议)
- 无保管,无资金流动——仅限授权
查看原文
We built Lexiso because I kept running into the same question: when AI agents start making purchases, who decides what they're allowed to spend?<p>Today, if you're building an AI agent that buys things (shopping assistant, procurement bot, subscription manager), you either:<p>- Give it your card and hope for the best
- Build custom authorization logic yourself
- Don't let it spend money at all<p>None of these scale.<p>Lexiso is the missing layer. It's an API that sits between your agent and any payment system:<p>1. Register your agent
2. Define policies (amount limits, merchant restrictions, time windows)
3. Call /authorize before any purchase
4. Get a signed yes/no decision in <300ms
5. Full audit trail for compliance<p>The response is cryptographically signed, so you can prove later exactly what was authorized and why.<p>Site: <a href="https://lexiso.app" rel="nofollow">https://lexiso.app</a>
Live API: <a href="https://api.lexiso.app" rel="nofollow">https://api.lexiso.app</a>
Docs: <a href="https://lexiso.app/docs" rel="nofollow">https://lexiso.app/docs</a>
npm: npm install lexiso<p>Looking for feedback from anyone building agents that touch financial workflows. What's broken? What's missing? Would you use this?<p>Technical details:
- Go backend, PostgreSQL
- RSA-2048 signatures on all decisions
- Designed for AP2 compliance (Google's agent payments protocol)
- No custody, no money movement – authorization only