An interoperability bridge, not a rebuild. Our existing trust model — signed consent, hash-chained audit, revocable mandates — travels through to the AP2 ecosystem unchanged, and back the other way.
Announced by Google in September 2025 and aligned with roughly sixty partner organizations — card networks, wallets, and payment service providers — AP2 defines a common way for an AI agent to prove that the human it represents has authorized a specific payment, to a specific merchant, for a specific amount. The current spec is v0.2.0, published in April 2026.
The user's authorization is captured as a cryptographically signed credential. No agent can fabricate intent or change scope after the fact.
The spec carries authority, not money. Merchants settle through whichever rail they already use — cards, bank transfers, anything in between.
The format is portable across implementations. An agent built by one party can transact with a merchant integrated by another, with verifiable receipts on both sides.
Vyana already has a payment protocol — APP — used today by agents to provision and pay across developer infrastructure. Instead of replacing it, we added a thin layer that translates between APP and AP2 at the edge. Everything inside the platform stays the same.
Every AP2 mandate is signed by the same cryptographic keys that sign Vyana's native authorizations. No new trust root. No second security model to audit.
Vyana accepts payments from agents built on AP2, and pays merchants that speak AP2. The translation runs in both directions, transparently to either side.
The verification chain, the audit trail, the receipts, the consent model — none of it changes. The adapter sits at the edge; the platform doesn't notice it's there.
The AP2 spec describes a chain of three signed authorizations — intent, cart, and payment. Vyana handles each of them, then maps the result onto the same payment plumbing the native path uses.
The agent arrives with a chain of cryptographically signed credentials describing the user's intent, the specific cart being purchased, and the payment that should execute. Each link in the chain is independently verifiable.
We check every signature, confirm the chain is bound to a known holder, and refuse anything that doesn't add up. Once it's clean, the request is translated into Vyana's internal model — where the same controls that govern our native payments take over.
Money moves through whichever payment rail the merchant already operates. Both sides receive a signed receipt — in their own protocol's shape — closing the audit trail.
Interoperability without compromise. Every guarantee Vyana makes today about agent-mediated spend continues to hold when the request enters or exits through the AP2 side.
The User Consent Mandate remains the single root of authority. Agents derive permissions from it; nothing else.
Every verification step is recorded into a tamper-evident chain, signed by the broker, queryable end to end.
Users revoke at any moment — a mandate, a scope, a device. The change propagates everywhere instantly.
Both protocols' receipts are issued and verifiable — agents and merchants get back proofs they can each independently check.
Vyana's place in the AP2 ecosystem is the same place we set out to occupy in the wider agent economy: the trusted boundary where consent is verified, payments authorized, and receipts proven on both sides.