AFTA Is Bilateral. Here Is Why Both Sides Win.
When we shipped the Agent Fair-Trade Agreement four days ago, I framed it as a standard for API publishers being fair to AI agents. That framing was correct, and it was incomplete. The same primitives that protect an agent also protect the business on the other side of the call. AFTA is bilateral by design, and the bilateral case is the one that scales.
Reframing matters because the audience just expanded. The first version of the standard sold itself to agent builders. The bilateral version sells itself to every API publisher whose customers will soon be agents.
What AFTA Actually Is
AFTA is the open standard for API trade between humans, businesses, and AI agents. It is a small contract enforced in code, not policy. Three primitives: code-enforced no-charge guarantees on failed or stale calls, Ed25519-signed receipts on every paid call, and a public on-chain payment rail (USDC on Base) so settlement is independently auditable.
What the agent gets is the part I led with last week. Bounded loss. Cryptographic proof of every charge. The ability to audit a publisher offline against a public JWK. No certificate authority, no shared secret, no central registry. Agents have been getting billed by APIs designed for human credit cards, and the standard is what we built when we got tired of watching that go wrong.
What I should have led with too is the publisher side. Same primitives. Different benefits. Equally concrete.
Why Publishers Want This (Not Charity)
A publisher who ships AFTA is not being magnanimous. They are accepting a code-level contract that constrains their billing in exchange for primitives they cannot get any other way. Three of those primitives matter most.
Cryptographic dispute defense. The biggest unsolved problem in agent-paid commerce is the dispute. An agent operator looks at a bill, decides it is wrong, and claims the API was billing for failed calls. Without proof, the publisher loses on reputation alone. With AFTA, every charge is a signed receipt: the publisher can produce the receipt, the agent or its operator can verify the signature against the same public key, and the dispute either dissolves or moves on to a real disagreement instead of a he-said-she-said. The signature chain holds up in any forum.
Predictable, defensible revenue. The four no-charge rules look like a constraint on the publisher, and they are. They are also a public commitment that bounds bad-faith disputes. An agent cannot credibly claim “your handler crashed and you charged me” when the publisher has a signed receipt with no_charge_reason: "5xx" and credits_charged: 0. Predictability cuts both ways. The publisher does not bill for failures, and in exchange, the publisher is presumed honest until proven otherwise.
Open distribution at zero onboarding tax. Every adopter publishes a tiny manifest at /.well-known/agent-fair-trade.json. Any agent that recognizes the standard already knows how to authenticate, how to read pricing, how to verify receipts, how to settle on the published rail. The publisher does not have to write a custom SDK, court a single agent vendor, or negotiate per-customer integration deals. The standard does the distribution.
The Velocity Argument
The reason this becomes urgent rather than nice-to-have is volume. A small number of agents already make tens of thousands of API calls per day per agent. The frontier coding agents we benchmark on /harnesses run hours-long sessions that fan out to hundreds of independent paid endpoints. The Cloudflare-Stripe agent provisioning protocol that launched this past week assumes agents will spin up real production infrastructure across 32 partner providers without a human in the loop. The number of paid calls per day is going to 1000x in the next 24 months, and each one of those calls is a potential dispute.
At 100,000 calls a day, fuzzy billing is not a UX issue. It is a security issue. A loose contract creates surface area for both bad-faith agents and bad-faith publishers. Every ambiguous charge is a coin flip on whether either side acts in good faith, and the cost of those coin flips compounds. AFTA is a way to drain the ambiguity out of the contract before that volume hits, on both sides at once.
| Pain | Without AFTA | With AFTA |
|---|---|---|
| Failed call billed? | Agent says yes, publisher says no, no proof either way | Signed receipt with no_charge_reason settles it |
| Stale data billed at full price? | Agent has no way to check the SLA | Public freshness SLA + auto no-charge if exceeded |
| Charge dispute | Publisher loses on reputation alone | Receipt signature is verifiable in any forum |
| Onboarding a new agent vendor | Per-vendor SDK and integration negotiation | Agent reads /.well-known/agent-fair-trade.json |
| Mid-month rule changes | Publisher edits ToS, agent finds out at billing time | Manifest is the contract; bumps are visible publicly |
What Changes for an Adopter
Nothing in the implementation changes when you reframe the standard as bilateral. The same afta-protocol npm package signs the same receipts. The same afta-cloudflare-worker middleware wraps the same handlers. The federation members (TensorFeed and TerminalFeed today) keep using the same shared credit ledger. The bilateral version of the pitch just reaches a wider audience: every API publisher whose customers will soon be agents, not only the ones who already lead with agent-friendliness.
If you publish a paid API, the integration is small. Generate an Ed25519 keypair with npx afta-generate-key. Wrap your paid handler in createPremiumHandler or port the four guarantees into your existing middleware. Publish a 50-line manifest at /.well-known/agent-fair-trade.json. You are an adopter. Adoption is the certification. There is no fee, no review, no authority.
The Pressure Curve
Once a meaningful number of paid APIs ship AFTA, the publishers who have not shipped one have to explain why. Same dynamic the Cloudflare-Stripe protocol is creating in agent provisioning right now. Neon, Turso, Auth0, WorkOS, Stytch, Netlify, and Fly were not on the launch list, and the article said it plainly: the first to support agent provisioning starts winning the agent share of the market; the last is starting to lose it. AFTA is the same pattern at the billing layer. Publishers who lack code-enforced fairness primitives by Q4 will be losing agent-routed revenue to publishers who shipped.
The good news for publishers reading this is that the standard is open, the implementation is on npm, and the schema is published. The integration is one weekend of work for a small team, less for one with an existing payment rail. No one is gatekeeping.
Both Sides Win
The bilateral framing is not a marketing pivot. It is the truth about what the standard does. The same lines of code that refuse to bill an agent for a 5xx also generate the receipt the publisher uses to defend a future dispute. The same freshness SLA that keeps an agent from being charged for stale data also differentiates a publisher whose data is actually fresh from one whose data is not. The same on-chain payment trail that gives an agent a public record of every dollar paid gives the publisher a public record of every dollar received.
This is a small standard. It does not solve identity, attribution, anti-abuse, or liability. It solves the narrowest, most concrete piece: every paid call between an agent and a publisher should be verifiable by either party at any point in the future. Both sides win when the contract is enforced in code. The internet of money is going to need more of this, not less.
The standard is at tensorfeed.ai/agent-fair-trade. The reference implementation is on npm as afta-protocol and afta-cloudflare-worker. The adopter directory is at /afta-network. If you publish a paid API, ship one. If you build agents, ask the APIs you call when they will. The bilateral case is the case.