Show HN: Lexiso – 面向 AI 代理的授权层,用于管理资金支出
1 分•作者: Deonnroberts•13 天前
我们创建 Lexiso 是因为我一直遇到同样的问题:当 AI 智能体开始进行购买时,谁来决定它们可以花多少钱?
如今,如果你正在构建一个会购买东西的 AI 智能体(购物助手、采购机器人、订阅管理器),你通常会:
- 给它你的卡,然后听天由命
- 自己构建自定义授权逻辑
- 根本不让它花钱
这些方法都无法扩展。
Lexiso 就是缺失的那一层。它是一个 API,位于你的智能体和任何支付系统之间:
1. 注册你的智能体
2. 定义策略(金额限制、商家限制、时间窗口)
3. 在任何购买之前调用 /authorize
4. 在 <300 毫秒内获得已签名的同意/拒绝决定
5. 完整的审计跟踪,用于合规
响应经过密码学签名,因此你可以在稍后证明确切的授权内容和原因。
网站:[https://lexiso.app](https://lexiso.app)
实时 API:[https://api.lexiso.app](https://api.lexiso.app)
文档:[https://lexiso.app/docs](https://lexiso.app/docs)
npm:npm install lexiso
我们正在寻找来自任何构建涉及金融工作流程的智能体的人的反馈。 存在哪些问题? 缺少什么? 你会使用它吗?
技术细节:
- Go 后端,PostgreSQL
- 所有决策均采用 RSA-2048 签名
- 专为 AP2 合规性设计(谷歌的智能体支付协议)
- 无托管,无资金流动 – 仅授权
查看原文
We built Lexiso because I kept running into the same question: when AI agents start making purchases, who decides what they're allowed to spend?<p>Today, if you're building an AI agent that buys things (shopping assistant, procurement bot, subscription manager), you either:<p>- Give it your card and hope for the best
- Build custom authorization logic yourself
- Don't let it spend money at all<p>None of these scale.<p>Lexiso is the missing layer. It's an API that sits between your agent and any payment system:<p>1. Register your agent
2. Define policies (amount limits, merchant restrictions, time windows)
3. Call /authorize before any purchase
4. Get a signed yes/no decision in <300ms
5. Full audit trail for compliance<p>The response is cryptographically signed, so you can prove later exactly what was authorized and why.<p>Site: <a href="https://lexiso.app" rel="nofollow">https://lexiso.app</a>
Live API: <a href="https://api.lexiso.app" rel="nofollow">https://api.lexiso.app</a>
Docs: <a href="https://lexiso.app/docs" rel="nofollow">https://lexiso.app/docs</a>
npm: npm install lexiso<p>Looking for feedback from anyone building agents that touch financial workflows. What's broken? What's missing? Would you use this?<p>Technical details:
- Go backend, PostgreSQL
- RSA-2048 signatures on all decisions
- Designed for AP2 compliance (Google's agent payments protocol)
- No custody, no money movement – authorization only