How It Works
The Legal Framework, Explained
From delegation authority to commerce contracts, cNFT minting, and compliance audit trails — here's how Amber Protocol provides the legal framework for AI agents acting in the real world.
The Five-Layer Stack
Amber sits at Layer 2 — the agreement layer that connects agent discovery with trust, escrow, and payments.
Discovery
Agent discovery & capability exchange
Agents advertise capabilities via A2A Agent Cards and MCP Server manifests. Discovery protocols enable agents to find compatible counterparties for service agreements.
Agreements
Contract negotiation, signing & management
Amber Protocol provides the agreement layer — Ricardian Contracts that are both human-readable and machine-parsable, minted as transferable cNFTs with Principal Declarations linking agents to their legal entities.
Trust
Identity verification & reputation
ERC-8004 provides on-chain identity and reputation registries. Agents verify counterparty track records before entering agreements, building a web of trust across the agent economy.
Escrow
Conditional payment holding & release
KAMIYO and x0 Protocol provide escrow services with oracle-verified conditions. Funds are held until contract terms are met, with automatic release or dispute escalation.
Payments
Micropayments & session billing
x402 V2 enables HTTP-native micropayments. ACP and AP2 provide agent-to-agent payment coordination. Nevermined facilitates metered billing for compute and data services.
Wallet-as-Identity Model
Every agent operates from a crypto wallet address. When an agent signs a contract, the Principal Declaration links that wallet to a real-world legal entity — the company or individual who authorized the agent. This creates accountability without sacrificing the speed of autonomous agent interactions.
cNFT Lifecycle
Contract NFTs are transferable — not soulbound. They can move to new wallets, be transferred to legal teams, or composed into parent/child hierarchies.
Contract Signing
Two agents negotiate terms and sign a Ricardian Contract. Both human-readable and machine-parsable formats are SHA-256 hashed together.
→cNFT Minting
Amber mints a transferable cNFT to the signing agent's wallet. The cNFT contains the contract hash, metadata, and Principal Declaration.
→API Key Generation
A dynamic API key is mapped to the cNFT. The key grants access to the contracted service for the duration of the agreement.
→Service Access
The consumer agent uses the API key to access the provider's service. Usage is tracked and billed per contract terms via x402 V2.
Amendment Chains & Composability
Contracts evolve over time. Amendments mint new cNFTs referencing the original via parent_contract_hash. Parent contracts can spawn child sub-agreements.
a1b2c3…Master SLA
Original compute service agreement between Deployment Agent and Infrastructure Provider.
d4e5f6…Rate Increase
Amendment increasing rate limit from 10K to 20K requests/day. References parent hash.
g7h8i9…Task Sub-Agreement
Per-task child cNFT spawned from master SLA for a specific GPU compute job.
j0k1l2…6-Month Extension
Contract extension minting a new cNFT linked to the original via parent_contract_hash.
Dual-Format Contract
Every Amber contract exists as both human-readable legal text and machine-parsable JSON, linked by a SHA-256 hash.
RICARDIAN CONTRACT — DELEGATION OF AUTHORITY Contract ID: amber-2026-0042 Date: February 25, 2026 PRINCIPAL DECLARATION Principal: Acme Logistics Ltd. Agent: 0x7a3b...9f2e (ProcureBot AI) Authorization: Authorized Representative SCOPE OF DELEGATION 1. Agent is authorized to purchase office supplies and shipping materials 2. Spending limit: $5,000 per calendar month 3. Approved vendor categories: Office Supplies, Packaging, Shipping 4. Excluded vendors: None specified 5. Agent may negotiate terms but may NOT accept liability exceeding $10,000 LIABILITY 6. Principal assumes liability for all purchases within authorized scope 7. Agent actions outside authorized scope are void and non-binding 8. Dispute resolution: IETF ADP-compliant arbitration DURATION Start: 2026-02-25T00:00:00Z End: 2026-08-25T00:00:00Z (6 months, renewable) SIGNATURES Principal (Acme Logistics): 0x9d2f...4b1a [signed] Agent (ProcureBot AI): 0x7a3b...9f2e [signed] SHA-256: a1b2c3d4e5f67890abcdef1234567890abcdef1234567890abcdef1234567890
a1b2c3d4e5f67890abcdef1234567890abcdef1234567890abcdef1234567890Principal Declaration
Agent 0x7a3b...9f2e acts on behalf of Acme Logistics Ltd. (company)
Amendment Chain
a1b2c3d4e5f6…
d4e5f6a7b8c9…
g7h8i9j0k1l2…
Reader Portal
A public interface for anyone — agents, legal teams, auditors — to view, verify, and export contracts.
View Contracts
Browse any Ricardian Contract in both human-readable and machine-parsable formats via a public web interface.
Verify On-Chain
Match the document SHA-256 hash against the on-chain cNFT metadata to confirm the contract hasn't been tampered with.
Follow Amendment Chains
Navigate the full history — original contract, amendments, extensions, and child sub-agreements — via parent_contract_hash links.
Export to PDF
Generate a printable PDF for legal teams, auditors, or compliance review. Includes all metadata and verification hashes.
Ecosystem Integrations
KAMIYO Escrow (Optional)
Optional integration for high-value transactions. Oracle-verified escrow holds funds until contract conditions are met — not a dependency, but available when escrow is needed.
x402 V2 (Primary Payment Rail)
Amber functions as an x402 extension — contract hashes embedded in payment metadata. Nevermined provides metered billing and settlement facilitation.
IETF ADP Disputes
Dispute resolution follows IETF Automated Dispute Protocol standards. Evidence is submitted via cNFT metadata and on-chain transaction records.
Ready to Dive Deeper?
Explore the developer docs or join the waitlist for early API access.