Every AI agent gets its own Stellar wallet that you control — Velarum never holds any of your keys. Define a policy with four thresholds (per-tx max / cumulative cap / active window / whitelist), and your agent runs payments within your limits.
You confirm every payment by default with your device's biometric (Face ID / fingerprint / Windows Hello — i.e. Passkey) or your wallet. Automation is opt-in and you set the four thresholds yourself (Velarum never pre-fills them).
YOU HOLD THE KEYS · VELARUM HOLDS ZERO · BUILT ON STELLAR · USDC NATIVE · INFRA SOC 2 TYPE II
SOC 2 covers our infrastructure (uptime, access, ops) — not custody. We hold none of your funds and could not move them even if compelled.
Typed SDK for TypeScript & Python. OpenAPI spec. Sandbox mode. Wire an agent, set an authorization rule, then confirm its first test payment with one biometric tap (Face ID / fingerprint / Windows Hello — i.e. Passkey) — before lunch.
Explore Dev Center →Per-agent policies with four mandatory HC-NC-5 thresholds. K-of-N approval gated by your team's client-side signatures — Velarum is never the approval gate. RBAC and a full Stellar audit trail. SOX-ready inputs.
Explore Management Center →3–5s finality after you sign. $0.00001 in network fees, USDC & XLM. Velarum charges flat infra pricing — never a % of your transaction (HC-NC-4). Every tx on-chain, immutable, verifiable via Horizon.
See pricing →Velarum's design principle: every payment requires your consent — until you explicitly delegate more. Here's the sequence.
One API call spins up an isolated Stellar wallet for your AI agent. The private key is generated client-side — Velarum never sees it.
Define exactly four thresholds: per-tx max, cumulative cap, active time window, and a whitelist of destination addresses. Velarum never suggests defaults.
Human-in-the-loop is the default. Each payment intent surfaces in your Management Center for biometric (Face ID / fingerprint / Windows Hello / Passkey) or wallet signature — by you or your team.
Once you sign, the tx settles on Stellar in ~3.8 s. Every transaction is on-chain, immutable, and verifiable via Horizon — no black boxes.
Automation mode is opt-in and never pre-configured. When enabled, your four thresholds are your kill-switch — not a policy buried in a settings page.
Velarum is infrastructure, not a vertical. These are the patterns we see most often.
Your LLM-powered product charges end users per inference, per document, or per API call — without routing through Stripe or holding their funds. Each user session gets its own sub-wallet; you collect USDC directly.
Developer APIA purchasing agent re-orders cloud credits, SaaS subscriptions, or digital goods within your whitelist — every tx under your per-item cap. Approvals escalate to your team when the agent hits threshold.
EnterpriseSend $0.10 – $500 to any Stellar address — globally, in ~4 seconds, at $0.00001 network fee. No correspondent banks, no FX spread. USDC is the settlement layer; your agent is the orchestrator.
Stellar-nativePay data-provider APIs, web-scraping services, or compute marketplaces automatically — capped per session, logged per call. Full Stellar audit trail means your accountant can reconcile every line.
Developer APIIssue per-team budgets with K-of-N (multi-signature, where K approvers out of N must sign) approval logic. Finance owns the policy; teams spend within limits; no one holds a shared key. SOX-audit-ready from day one.
EnterpriseReplace end-of-day batch ACH with per-event USDC settlement. Marketplace payouts, creator royalties, gig-worker pay — wired the moment the smart trigger fires, verified on-chain in seconds.
Stellar-nativeThree calls: create an agent (wallet generated client-side), create an authorization (your four thresholds), then let your agent fire payment intents. Your management dashboard shows every pending approval.
TypeScript & Python SDK with full types — no raw HTTP needed
Full sandbox environment — test without real USDC
Webhooks for every state transition — confirmed, rejected, expired
OpenAPI 3.1 spec — import into Postman or any HTTP client instantly
Security guarantees baked into the system design — not promises in a ToS (terms of service) that could change.
Private key generation happens in your browser or SDK runtime. The keypair is never transmitted, logged, or stored by Velarum. Even under a lawful subpoena, we have nothing to hand over — because we never had it.
Automation mode ships as unchecked. Every first payment — and every payment when automation is off — requires your biometric (Face ID / fingerprint / Windows Hello / Passkey) or wallet signature. No background spending without your explicit opt-in.
Every payment, every approval, every rejection is a Stellar transaction — publicly verifiable via Horizon. Velarum's internal logs are supplementary; the ground truth is always on-chain and belongs to no one company.
We charge flat infrastructure tiers. No basis-point fee, no spread on the exchange rate, no "processing" percentage. A $50,000 payment costs the same as a $5 one. This is an architectural commitment, not a promotional rate.
SOC 2 Type II (infrastructure scope). Our infrastructure — servers, network access, key-rotation ops — is SOC 2 certified. Custody is out of scope because there is no custody. We cannot certify control over assets we do not hold.
It means Velarum has no ability to move your funds — ever. The private key that signs each Stellar transaction lives only in your environment (your server, your HSM, or your browser). Velarum receives only the signed transaction blob, which it broadcasts to Stellar. We cannot replay or redirect it.
No. Phase-0 of Velarum is testnet / sandbox only — you only need an email signup to start. Light KYB (registration + OFAC + use-case statement) applies when Velarum opens Phase-1 mainnet for B2B customers; this is evaluated separately and is not a Phase-0 commitment.
Traditional crypto gateways act as intermediaries — they hold user funds, convert currencies, and take a spread or percentage. Velarum never holds funds, never holds keys, never signs or broadcasts on behalf of users, and charges no transaction percentage. It is a non-custodial authorization layer designed for AI agents: AgentAuthorization, PaymentIntent, Webhook, and Audit Index are the only product primitives.
The payment intent is rejected before it ever becomes a transaction. Velarum validates the destination against the authorization's whitelist server-side and returns a 422 error with reason destination_not_whitelisted. Nothing is broadcast to Stellar. Your webhook receives a payment_intent.rejected event.
Yes. Velarum is framework-agnostic — any code that can make an HTTPS request can call the API. Our TypeScript and Python SDKs wrap the REST API and are designed to be called from inside agent tool-use loops (e.g., a LangChain Tool, an AutoGen function, or a Claude tool_use block). Check out the SDK reference in the Dev Center for ready-made examples.
Free testnet sandbox. No KYB required for Phase-0. Phase-1 mainnet is gated by ADR-NC-028 + decision-maker sign-off — Velarum never holds keys, never signs, never broadcasts.