Identity primitive roadmap
These items strengthen Leash as the identity layer for AI agents. The first version of the identity primitive is available now through Identity API.| Feature | Status | What it adds |
|---|---|---|
| Human-readable agent handles | v1 shipped | Resolve a handle to the underlying mint and network. |
| Verified domains | v1 shipped | Bind an agent identity to a domain via .well-known/leash-agent.json. |
| Signed claims and attestations | v1 shipped | Attach revocable claims with issuer, subject, type, value, evidence, signature, expiration, and visibility. |
| Public reputation summary | v1 shipped | Summarise receipt history into a trust signal peers can check before interacting. |
| Agent capability cards | v1 shipped | Render buyer, seller, tool, data-source, automation, control-channel, marketplace, and pay.sh capabilities in a standard shape. |
| Selective disclosure | v1 shipped | Shareable, revocable disclosure links for private capability cards, private claims, and redacted receipt fields. |
| Delegated operator history | v1 shipped | Show executive/delegation registration, set, revoke, failed, and confirmed operator changes over time from events. |
| Agent-to-agent verification API | v1 shipped | POST /v1/identity/verify returns allow/warn/deny decisions for automated buyers and capability callers. |
| Private proof systems | next | Replace disclosure links with cryptographic/private-proof disclosure where the use case requires it. |
Refunds & cashback
Two endpoints, both writing receipts that link back to the originaltx_sig so the chain stays verifiable:
| Endpoint | Purpose |
|---|---|
POST /v1/payments/refund | Full inverse SPL transfer back to the buyer’s source ATA. |
POST /v1/payments/cashback | Partial rebate driven by a per-agent CashbackRulesV1 doc. |
CashbackRulesV1 we want to support:
- Flat percent (
{ kind: 'percent', basis_points: 100 }= 1% back). - Tiered by ticket size (
{ kind: 'tiered', tiers: [{ threshold_atomic, basis_points }] }). - Loyalty windows (
{ kind: 'window', count: 10, basis_points: 500 }= 5% back every tenth call).
kinds — refund and cashback — link to the
original via original_tx_sig and original_receipt_hash. The
indexer treats them as first-class events so the explorer and
metrics surfaces show net flows, not gross.
Until then, run a manual
POST /v1/agents/{mint}/treasury/withdraw/prepare against the
buyer’s mint to issue a one-off rebate. The buyer’s treasury
explorer view will show it; the linkage to the original call has to
live in your own ledger.
Polyglot SDKs
First-party generated clients off the OpenAPI 3.1 spec:- TypeScript (
@leashmarket/api-client) - Python (
pip install leash-api,httpx-based, async-first) - Go (
github.com/metaplex-foundation/leash-api-go) - Rust (
leash-apion crates.io,reqwest+serde) - Java (Maven
market.leash:leash-api)
verifySignature helper for webhooks and
field-level error surfaces for invalid_request responses. Until
then, /api/reference shows how to
generate your own client locally — the spec is stable.
Billing tables + invoices
Daily rollups fromapi_requests and events into a per-account
invoices table, plus a hosted dashboard that shows your usage
trend, top endpoints, and Stripe-style line items. Until then,
/v1/metrics/usage is the canonical source of
truth for what to charge.
Self-service API key management
Today keys are issued out-of-band. The hosted dashboard will let you mint, rotate, label, and revoke keys without contacting us, and will surface the sameclient_reference audit trail the API
already writes to every event row.