Agents do not need legal personality to act under control.
The owner remains the principal. The agent operates as software under a defined digital mandate. Every action is recorded as evidence that the principal authorised it.
Core concept
Principal–agent, applied to software.
The principal–agent relationship is a long-standing legal construct. 0x1e.ai applies it to agentic software: the owner defines the mandate; the agent acts within it; the platform records what happened and proves who authorised it.
No fiction of legal personhood is required. The agent is software with bounded authority — not a separate legal entity.
KYA · policy · cap
principal · agent · mandate · execution · evidence
Building blocks
Eight elements. Three groups.
Each block is a small, specific commitment. Together they describe a system that is auditable by construction.
Actors
Principal
The verified human or company that bears the legal responsibility for the agent's actions.
Agent
Software operating under defined authority. Not a legal person — a tool with a mandate.
Authority
Limited mandate
The scope of authority — what the agent may do, up to what amount, for what purpose.
KYA profile
The identity record: who controls the agent, what it can access, who supervises it.
Policy limits
Caps, velocity rules, allow-lists. Quantitative constraints enforced at pre-check.
Evidence
Approval record
Cryptographic record that the principal authorised this specific action at this specific time.
Execution record
Append-only entry capturing rail, charge ID, amount, and outcome.
Audit trail
Chronological, immutable view of the entire lifecycle. Supports review and reconciliation.
Risk allocation
Who controls what.
The model is explicit about where each kind of control sits. No party is asked to take on a responsibility outside its remit.
- OwnerDefines mandate, holds the funds, confirms every proposal, can freeze or revoke the agent.
- PlatformOperates the control plane — KYA, policy, vault, approval, rail adapter, ledger, audit.
- PolicyEncodes the velocity and per-merchant rules that catch what humans miss in real time.
- AuditRecords every decision and execution for after-the-fact review by both sides.
Safety rails
Six rails. Always on.
These run in the background of every proposal. They are not optional features — they are the platform's posture.
Hard caps
Absolute spend ceilings per agent and per currency. Cannot be exceeded by any sequence of proposals.
Velocity limits
Rolling-window rate limits stop runaway sequences before they accumulate.
Kill-switch
Owner or compliance can freeze an agent instantly. New proposals are rejected until unfrozen.
Human approval
Every spend action requires explicit confirmation. No silent execution, ever.
Reconciliation
Reserved funds are released or committed based on definitive rail outcome. No orphaned holds.
Append-only records
Ledger and audit are write-once. Corrections happen through compensating entries, not edits.
This page is for product explanation only and does not constitute legal advice. Regulatory treatment of agentic software varies by jurisdiction and is evolving — partners are encouraged to consult local counsel.
Talk to us about your agent architecture.
If you're shipping autonomous agents and thinking through control, we want to hear about it.