Capability · POC 03

Programmable Rulebook Enforcement

Catena Labs describes 'embedding policy controls directly into programmable money.' This simulator demonstrates how ACK's rulebook concept extends into a full capability envelope with jurisdiction-aware presets and dual-layer enforcement.

Regulatory Framework

The Capability Envelope Model

Every agent operates within a machine-readable capability envelope that defines spending limits, permitted assets, allowed actions, and temporal bounds. This 5-check pipeline ensures that each transaction is evaluated against multiple independent compliance dimensions before execution.

The Five Capability Checks:

  1. Per-Transaction Limit: No single transaction exceeds the limit (e.g., $10K/tx)
  2. Daily Limit: Cumulative spending in a 24h window does not exceed the limit (e.g., $50K/day)
  3. Asset Permitted: Only designated asset types are allowed (e.g., USDC only)
  4. Action Permitted: Only specified actions are authorized (e.g., transfer, swap, but not stake)
  5. Temporal Bounds: The agent can only act within its valid time window (e.g., not before 9am, not after 5pm)

Jurisdiction-aware presets encode regulatory requirements as default capability envelopes:

  • US Retail Agent: $10K/tx, $50K/day, USDC only, transfer + swap permitted — GENIUS Act compliant
  • EU Cross-Border Agent: €1K Travel Rule threshold, MiCA-compliant assets, €25K/day, restricted to EU counterparties
  • High-Value Settlement Agent: $1M/tx, restricted to transfer/settlement only, 24h temporal window, settlement desk hours only

Regulatory Citations: ACK Rulebook specification; AML/CFT transaction limit requirements; FATF R.16 Travel Rule; MiCA asset classification

Interactive Exploration

Capability Simulator

Define an agent's capability envelope on the left. Construct a test transaction on the right. See real-time evaluation below. Try exceeding a spending limit, using an unpermitted asset, or requesting a forbidden action to see how each capability check evaluates independently.

Capability Simulator

Define an agent's capability envelope and test transactions against it

Agent Capability Envelope

$5,000
$25,000
Active: 2026-03-012026-06-01

Test Transaction

Evaluation Result

TRANSACTION APPROVED
All capability checks passed
Per-Transaction Limit
Rule
$5,000
Requested
$3,500
Daily Limit
Rule
$25,000
Requested
$3,500
Asset Permitted
Rule
USDC, USDT
Requested
USDC
Action Permitted
Rule
transfer
Requested
transfer
Temporal Bound
Rule
2026-03-01 → 2026-06-01
Requested
2026-04-03

System Architecture

Eight-Stage ACK-Pay Authorization Flow

The capability flow shows how a payment request traverses the ACK-Pay negotiation pipeline. At Stage 4 (Capability Evaluation), the agent checks the transaction against its capability envelope. At Stage 6 (Session Key Validation), the smart contract enforces the boundary on-chain. At Stage 8 (Settlement), the transaction is finalized. Each stage includes compliance checkpoints that feed into the next stage.

KYA CAPABILITY FLOW
ACK-Pay Negotiation & Authorization
P-601 · KYA CAPABILITY FLOW
null → policypolicy → codecode → policy1Payment RequestAgent receives payment request from merchant or user intentN/A3Service DiscoveryResolve merchant DID, discover payment methods via service endpointsPOLICY-ENFORCED4Capability EvaluationEvaluate payment terms against agent capability envelope — spending limits, permitted assets, temporal boundsPOLICY-ENFORCED6Session Key ValidationERC-4337 validates session key permissions and spending limit on CDP Smart WalletCODE-ENFORCED7Token TransferUSDC transfer executes on Base L2 — final and immutableCODE-ENFORCED8Receipt IssuedACK-Pay Receipt VC issued — cryptographic proof of completed commercePOLICY-ENFORCED
Code-Enforced (filled)
Policy-Enforced (dashed)
Monitor Checkpoint

Compliance Mapping

How Capabilities Satisfy Regulatory Requirements

Regulatory Requirement Authority How ACK Capability Satisfies It
Transaction Limits AML/CFT Guidance Per-transaction and daily limits are encoded in the capability envelope and enforced at both policy (L4) and code (L3) layers.
Asset Restrictions MiCA, GENIUS Act The asset-permitted check restricts agents to compliant asset types. Cross-border agents enforce jurisdiction-specific asset whitelists.
Action Control ACK Rulebook The action-permitted check restricts each agent to specified operations (transfer, swap, stake, etc.). High-value agents may be restricted to settlement only.
Temporal Bounds Risk Management Best Practice Agents can be configured to operate only within specific time windows (e.g., business hours). Critical for risk containment and audit trail clarity.
Travel Rule Compliance FATF R.16 Cross-border capability envelopes enforce originator/beneficiary information collection and €1K threshold triggers for inter-bank transfers.