Every AI agent shipping today acts on a human's behalf without a signed mandate. Terms-of-service is not consent. A checkbox is not authority. When the first agent drains a real account, releases regulated data, or sends a fraudulent message, every agent maker will need a single artifact: a verifiable, scoped, revocable mandate, signed by the principal, anchored in law.
Civil Code Article 1868 was written for principals authorizing agents. It is silent on whether the agent is human, corporate, or AI. FIDNT operationalizes it.
OpenAI ships ChatGPT Operator. Anthropic ships Claude Computer Use. Google ships Project Astra. Microsoft ships Copilot Actions. None of them have a real consent / mandate / agency framework. They have Terms of Service. That's it.
The first time an AI agent causes a material loss — financial, medical, reputational — the legal substrate question crystallizes in court. Whoever has the consent rail by then wins the cleanup.
User signs scoped authority with their passkey on FIDNT.
Every server-side action checks the mandate is live and in-scope.
Webhook fires the moment the user revokes. Halt within seconds.
// 1 · request a mandate
const mandate = await fidnt.requestMandate({
platform: 'acme.com',
purpose: 'underwrite a credit application',
scope: ['identity:basic', 'finance:read'],
expires: '2026-12-31',
});
// 2 · verify on the server before any privileged action
const r = await fetch('/api/agent/verify?mandate_id=' + mandate.mandate_id +
'&scope=finance:read');
if (!(await r.json()).verified) throw new Error('halt — mandate invalid');
// 3 · listen for revocation
app.post('/webhooks/fidnt', (req, res) => {
if (req.body.event === 'mandate.revoked') revokeAllAccessFor(req.body.user_did);
res.json({ ok: true });
});
Re-use existing FIDNT users. No KYC re-run.
ISO 27560 · DPA 2012 · signed by the user · time-stamped · exportable.
What you may do is in writing, signed by the user's key. Civil Code 1868.
Webhook fires the moment a user revokes. Defensible by design.
Hash-chained receipts. Per-user range exportable on demand.
Every API response carries the legal stack on the wire (X-FIDNT-* headers).
Money never enters or transits a FIDNT account. Buyer pays user directly via your own rail. Fidnt, operated by ISET, issues the proof and invoices a disclosed admin fee separately as service revenue. Outside BSP money-transmission scope by design.
ML-DSA-65 (NIST FIPS 204) signatures · ML-KEM-768 KEM (FIPS 203) · SHA3-512 anchoring · vendored from
@noble/post-quantum (MIT) · zero external CDN runtime calls · supply-chain hash-anchored
in /instruments. Engine wired end-to-end; sandbox-grade until the production
key is set, then real ML-DSA-65.
Whitepaper at /whitepaper: "AI Agency Under Civil Code 1868 + DPA 2012." Two pages. Cite as: FIDNT Protocol, "AI Agency Under Civil Code 1868 + DPA 2012," v1, 2026.
5-stage gate enforces doctrine on every release. No deploys ship if any user-facing copy mentions cut features, SEC-regulated language, BSP-trigger phrasing, or third-party brand names. SECURITY.md is the audit reference.
A 90-day integration trial. Sandbox keys today, production keys after the FIDNT covenant is signed (one page · standard). You wire three endpoints into your agent flow. We custody nothing. You move money. We issue the proofs. Lawyers cite the receipts.