[MINUTES] CCG Atlantic Weekly 2026-03-31 from meetings@w3c-ccg.org on 2026-04-01 (public-credentials@w3.org from April 2026)

From: <meetings@w3c-ccg.org>
Date: Tue, 31 Mar 2026 17:01:22 -0700
To: public-credentials@w3.org
Message-ID: <CA+ChqYcNExWD0rb6i3R1vM_gacVkRRUcs1_ZuhWjVFKhcf6KPw@mail.gmail.com>
This meeting of the CCG Atlantic Weekly featured a presentation by Ankit
Agarwal and Mike Jones from Skyfire on "KYA Pay: Agentic Identity and
Payments." The core of the discussion revolved around the challenges of
programmatic traffic on the internet, distinguishing legitimate agents from
malicious bots, and the need for a standardized way for agents to identify
themselves and their human principals. KYA Pay proposes a JOT token as an
envelope for verified identity and payment information, aiming to enable
agents to navigate external systems with greater autonomy and to overcome
existing bot blocking mechanisms. The presenters showcased several demos
illustrating how KYA Pay tokens can be used for website navigation, MCP
server access, and with existing payment infrastructure like credit cards
and stablecoins. The discussion also touched upon the interoperability with
W3C standards and the broader agentic internet ecosystem.

*Topics Covered:*

   - *Introduction and Administrative Items:* The meeting began with
   standard introductions, a reminder of the CCG code of ethics, IP notes, and
   call recording policies.
   - *Guest Presentation: KYA Pay:* Ankit Agarwal and Mike Jones presented
   on KYA Pay, a protocol designed to address the challenges of agentic
   identity and payments in the digital world.
   - *The Problem of Bot Blocking:* The presenters highlighted how
   programmatic traffic from legitimate agents is often blocked due to the
   inability to distinguish them from malicious bots, hindering agent adoption.
   - *KYA Pay Protocol:* KYA Pay proposes using JOT tokens to carry
   verified identity and payment information, enabling recipients to
   distinguish human-authorized agents from unidentified bots.
   - *Agent Identity and Human Principles:* The protocol focuses on
   securely sharing identity data rather than defining it, allowing for
   runtime decisions by recipients about agent access.
   - *Token Schemas (Identity and Payment):* The JOT token structure was
   explained, including extensible fields for human identity, agent platform,
   and agent identity, as well as separate schemas for payment settlement.
   - *Demos of KYA Pay in Action:* Several live demos showcased KYA Pay's
   application in e-commerce shopping agents, programmatic MCP server access,
   and workflow automation platforms.
   - *Comparison with X42 Payments:* The presenters contrasted KYA Pay's
   broader identity and settlement-agnostic approach with X42's more
   crypto-focused, wallet-to-wallet payment facilitation.
   - *Interoperability with W3C Standards:* Discussion explored how KYA Pay
   relates to ongoing work at W3C, particularly concerning DIDs, token
   exchange, and authorization capabilities.
   - *Agentic Internet Workshop:* An upcoming workshop on May 1st was
   highlighted as an opportunity to further explore agentic concepts.

*Action Items:*

   - The CCG will adopt the proposed DKR (DID Key Recovery) work item.
   - Will Abramson will comment on the issue for the DKR work item, and
   Manu Sporny will assist in spinning up the repository.
   - Ankit Agarwal will share a link to the slide deck of the KYA Pay
   presentation.
   - Dmitri Zagidulin will follow up on sharing links related to W3C's
   agentic work.
   - Skyfire will continue to engage with the CCG on the KYA Pay initiative.

Text:
https://meet.w3c-ccg.org/archives/w3c-ccg-ccg-atlantic-weekly-2026-03-31.md

Video:
https://meet.w3c-ccg.org/archives/w3c-ccg-ccg-atlantic-weekly-2026-03-31.mp4
*CCG Atlantic Weekly - 2026/03/31 11:56 EDT - Transcript* *Attendees*

Alex Higuera, Ankit Agarwal, Benjamin Young, Brent Zundel, Craig DeWitt,
Dmitri Zagidulin, Elaine Wooton, Erica Connell, Greg Bernstein, Gregory
Natran, Harrison Tang, Hiroyuki Sano, Ivan Dzheferov, JeffO - HumanOS,
Jennie Meier, Kaliya Identity Woman, Kayode Ezike, Manu Sporny, Michael B.
Jones, Parth Bhatt, Rob Padula, shintaro den, Ted Thibodeau Jr, Will
Abramson
*Transcript*

Will Abramson: Hi and Mike. How you doing?

Will Abramson: Thanks for joining us.

Ankit Agarwal: for you.

Will Abramson: Can you hear me? Okay. Yeah.

Ankit Agarwal: Yes. Yes. Thank you for having us.

Will Abramson: We'll give folks a few more minutes to trickle in and then
we just have sort of a quick few minutes of intros and stuff and then I'll
hand over to you and…

Will Abramson: you can present and then a few 10 minutes for questions 15
minutes that would be great.

Ankit Agarwal: Sounds good.

Ankit Agarwal: Perfect. Yeah, sounds good. Thank you.

Will Abramson: Thank you.

Will Abramson: Also just to note, I'm going to have to drop about 10 two or
52 today. I wonder Ben Benjuin Ben, do you reckon would you be able to just
close out the call for me? you going to be around till the end? I have to
run for a train unfortunately and…

Benjamin Young: Nothing more than saying thanks for coming.

Will Abramson: my mood's not available today. Just wrap that.

Benjamin Young: Right. That sounds easy enough.

Will Abramson: I don't think Manage the queue. Whatever. Yeah,…

Benjamin Young: Lot of fun.

Will Abramson: I appreciate that. Thank you. hold one minute.

Will Abramson: Okay, I think we can get started at least doing this admin
stuff. So, welcome everybody to today's credentials community group Today
we have Ankit joining us from Guyire is it? he's going to talk to us about
your agent identity and payments and I believe he's joined with by Mike
Jones. so before I hand over to them I'll just go through the
administrative stuff. first up code of ethics and professional conduct.

Will Abramson: So let's continue to treat everyone with respect and create
a friendly environment for us all to continue to participate and learn from
each other in second IP note. So anyone's welcome to participate in these
calls. However, all substantiative contributors to any CCG work items must
be members of the CCG with all IPR agreements signed. so if you're unsure
about anything just reach out to me or Mmood or Denin any of the chairs and
we can point you in the right direction. second call notes. So these calls
are recorded and by Gemini I believe and the transcription and recording is
made available I think 24 hours after the call.

Will Abramson: Just be aware of that. And if you want the transcription or
recording, just watch out for that email to the CCG mailing list. second,
so introductions or reintroductions. Is there anybody new to the community
today who wants to say hello or…

Will Abramson: hasn't been here for a while like want to say hi?

Michael B. Jones: I'll say hello.

Michael B. Jones: I'm Mike Jones. many of I haven't been on a CCG call in a
while. I'm a consultant to Skyfire in the endeavor we're talking about
today in that I am an expert in creating standards and some of the
standards that I've created actually get used and solve problems which I'm
proud of.
00:05:00

Michael B. Jones: Many of me from the verifiable credentials working group
or many things further a field including ITF where I helped create jot and…

Michael B. Jones: I see many of you at IAW which will be in about a month
and Craig Dit also is with us from Skyfire.

Will Abramson: Great.

Craig DeWitt: Thanks, yeah, just a quick note on myself. my name is Craig
Dwit.

Craig DeWitt: I'm a co-founder of Skyfire, and we are really happy to be
talking to you today. we see a ton of opportunity in this space, and we're
seeing a lot of traction, and so excited to tell you more about KYA and,
kind of take this forward. So, thank you all.

Will Abramson: Thanks, And welcome back, Mike. so just a couple more things
before I hand over to you, Ankit. announcements and Are there any
announcements or reminders from anybody in the community they want to share
with the group today? I know.

Michael B. Jones: Good difference.

Manu Sporny: Yeah, just a real quick update on the verifiable credential
working group. so as everyone know the group has been rechartered through
2028 with lots of new work items. the group is going to now start meeting
every single week. The verifiable credential working group is meeting every
single week. We have 20 specifications that we're trying to take through
the standards process which is a lot as Mike can attest. that means that a
lot of the work is going to be done in parallel. We're going to have five
different groups meeting in parallel to move all these specifications
forward. this group has incubated some specifications.

Manu Sporny: we're in the process of handing it over to the working group,
which means that probably starting next week, the current community group
calls for each one of those work items will transition over to official
working group calls. We will keep the same link to try and not be
disruptive. people can still join the same place. we're going to try to
keep the same time with one exception. the verifiable credentials for
recognized entities call will probably switch to 400 p.m. Eastern to
accommodate the folks in Australia that need to make the call. so basically
all that to say keep a eye on the CCG calendar.

Manu Sporny: In the BCWG calendar we will be updating them. they will be
transitioning over to working group calls. If you have not joined the
working group or rejoin the working group, you have to do that as soon as
possible. if you don't have an affiliation and you want to be an invited
expert, please submit an invited expert form. It's a way of participating
in the work without being represented by a company or without representing
a company. So just a heads up that's going to all start happening next week.

Manu Sporny: Please make sure that you join the appropriate groups and the
appropriate meetings. That's it.

Will Abramson: Great. Thanks man for that update.

Will Abramson: And the last topic before I hand over is work items. so I do
have one thing that I would like to discuss with the group and maybe with
you Mario, but we have a proposed work item for DKR did Q recovery. This is
the proposal.

Will Abramson: is from Amir Hamid who I think can't join these calls due to
the time zone challenges. I think this passes all the criteria and I'm in
mind to adopt it but I just wanted to share with the group in case anybody
has any concerns. I know manu digital bazar signed up to sponsor this work.
so I think this is just sort of a formality really. We will accept it
unless there are people on the call who are strongly opposed. More

Manu Sporny: Plus one just to give a background for folks that may be new
to the call. this specification is about how you recover a decentralized
identifier if you lose your keys or something bad happens. and there is not
one way to do it. There are multiple ways that we're talking about doing
key recovery here. one of them being a set of another one that have to be
put together for you to recover it. So a social recovery based mechanism
where you depend on trusted guardians or family members to recover it.
another one is seedbased recovery.

Manu Sporny: So, you print something on a piece of paper and put it in a
fireproof safe and you can use that seed to recover the dead if you lose
your keys. And then an enterprise-based recovery mechanism where if you're
big organization, you depend on the organization whoever they depend on to
recover the cryptographic material. So that's what the spec is about. we
expect it to be broadly applicable to any DID method and…
00:10:00

Manu Sporny: eventually to be merged into the core DID specification.

Will Abramson: Okay, wonderful.

Will Abramson: Thanks, M. So, I think that's it. The CCG will adopt this.
I'll comment on the issue and then maybe you can help spin up the repo for
the work. Great. Okay. Thanks. Thanks. chor, over Sorry for the delay.

Ankit Agarwal: No worries. Thank you so all I'm going to go ahead share my
window. all right. Okay. I'm just going to kind of keep it in this kind of
mode just so that I can switch tabs without to show demos and stuff. So
firstly Harrison and Will thank you so much for inviting us to talk about
KYA pay. really appreciate the invite.

Ankit Agarwal: looking forward to the conversation and really exploring how
we can kind of work together at a high level we see KY and VCs as
complimentary and yeah so really excited I guess most of you already know
Mike Jones so really glad to have him working with us. and then Craig is
here as well. So the three of us will be presenting. that's us with
Skyfire. We also that I will share a link and then we also have a
consortium website at kyapay.org.

Ankit Agarwal: so far we've kind of built up an industry consortium of
users of a bunch of people or vendors that are involved in this entire life
cycle of agentic identity and payments where an agent for the consumer
needs to consume a service or a website or an API or something. So in this
path you have agentic platforms that are building the agents or running the
agents. You have bot managers. you have fraud vendors. You have identity
providers.

Ankit Agarwal: everyone that is involved in either blocking malicious
traffic or ging down the road managing agents on behalf of users, things
like that. in terms of an agenda, this is what I wanted to propose. so, we
start with yky pay, we go through the vanilla use case. This was kind of
the first thing that kind of kicked off this is what we wanted to build at
Skyfire and this is what kicked off our effort with the protocol. then I'll
jump into the token schemas, go into some demos. we have several more use
cases that we can go into and then finally end with where we are on
standard interoperating. we actually have an interoperation example with as
well.

Ankit Agarwal: so in terms of questions in terms of direction please feel
free to raise your hand or stop me or however there's a lot to cover and
I'm just kind of experimenting with this kind of flow. but happy to take it
in any direction, answer questions as they come up. and kind of just, keep
things fun and certainly looking for feedback and learning from you all as
well as we take this forward. so having said that, let me start with why
KY. So we see this evolution of software agents, right?
00:15:00

Ankit Agarwal: and software agents. The way we see it are the next level of
automation. And automation has been here for a long time since the 70s with
Unix jobs etc. Right. And now we find ourselves in the software agentic
world with LLMs triggering a software process simply by using your language
just with a prompt versus having to actually code something or even using a
no low code platform to create an automation requires some technical skill.

Ankit Agarwal: But we're at this place where with LLMs automations can have
reasoning you can trigger them with just a prompt things like that. So as
these agents move from basic automation to true autonomy and I use that
term very broadly when you talk autonomy yeah there's a lot of ways to look
at that. they need a standardized way to identify themselves and their
human principles to external systems.

Michael B. Jones: The internet didn't have identity in the first place.

Ankit Agarwal: And this is really important because the internet wasn't
really designed for the longest time it was human good, bot and that's what
the internet was designed for. that's right. Exactly.

Ankit Agarwal: so that's kind of where we see this beginning. and that's
why we feel that it's really important for agents to be able to identify
the human principles on whose behalf they're doing something. so in terms
of operational barriers currently agents struggle to use discover and use
services because essentially you can't distinguish them from malicious
bots. It's programmatic traffic at the end of the day. and it all looks the
same. and so they get blocked.

Ankit Agarwal: So it's really hard to get, agents working across domains
because there's no good way to identify them. as Mike said, internet wasn't
designed with identity. So what we designed was and this is the solution
we're proposing was KYA pay. the idea is that there is a jot token, right?
And this is a fairly common practice. dots are really used everywhere even
to exchange data at runtime. so the idea here is that this token acts as a
standard envelope that carries verified identity and payment information,
right?

Ankit Agarwal: And one caveat, we designed this protocol together, because
we actually came from a payments background and…

Michael B. Jones: Thank you.

Ankit Agarwal: we started working on payments and we quickly realized that
payments without identity are a non-starter because any reputable business
relationship will not accept anonymous payments. and so it's designed
together but as we go through a standardization process we're fully
cognizant that the KYA piece and the pay piece might take diverging paths.

Ankit Agarwal: so the idea here is that by sharing the human principle data
via secure jot profile the request then that is received by the producer
essentially has a strong signal of human presence right and then what this
enables then is for the recipient to distinguish between human legitimate
agent and a potentially unidentified bot, And so this bot bucket kind of
splits into two at a high level. and so then these agents can then access
the services.

Ankit Agarwal: crucially, KY does not define identity because agent
identity is still evolving and there's a lot of questions about how you
attribute a consistent and steady identity to a software process that is
essentially ephome and it doesn't have a face, it doesn't have a thumb
print, things like that, so the idea here is that the envelope provides
this information and then the recipient can make a decision at runtime with
valid human identity information or business information whether they even
want this agent as a user or a customer or whatever that relationship is
right.
00:20:00

Ankit Agarwal: And the goal here with KYA pay is as opposed to say oath
right because that comes up a lot like ooth is about pre-chestration where
if you control both sides or both sides are already talking to each other
and have a relationship yes then oath makes sense because you start with
authentication but the question we're trying to answer with KY is how do
you create that account in the first place? Right? So, if I'm a net new
customer for a service, how do I get that account created? How do I get
access to that service? And then down the road, yeah, OOTH I can use for
repeated access. but how do I get that initial access to begin with? so,
scope and flexibility.

Ankit Agarwal: So again KY focuses on securely sharing identity data rather
than defining it entirely. sort of carry out that and payments might go
their own route and so this is really what we're shooting for right so
unlike traditional tools like I was saying that require pre-chestrated
workflows we want a world where agents can operate with greater autonomy
navigate external systems and I say without human intervention but I don't
mean that they just willy-nilly do anything. I should have probably written
this point better. there is the concept of authorization, right?

Ankit Agarwal: And there's this whole dialogue going about intent consent
versus authorization and that's kind of I think complimentary work that we
will also do and again would love to collaborate on but the idea here is
that really for agents to be useful they really have to be able to do
things that I can do so as a human I can go access any website I can
discover new things and agents have to be able to do that as well to really
unlock their full potential, Because you have agents, you want them to be
deterministic so you can trust what they do, but you also want them to be
probabilistic so that they can be creative and discover new things and
suggest, new things for you to do or suggest answers, things like that,
right?

Ankit Agarwal: And so we have to kind of find that middle ground where we
can kind of build trust that they will do things correctly and correctly is
also a loaded term. correct a lot of times means did they do things the way
I would have done them then it's correct and if they did things the way I
wouldn't do it then maybe it's not correct. things like that.

Ankit Agarwal: So yeah so I'll just pause here. This was a big slide and I
really wanted to set the context correctly. are there any questions or
anything I can answer or any thoughts anyone wants to share?

Michael B. Jones: I'll make a clarifying comment.

Michael B. Jones: The claims about the human don't mean that the human is
present right now. They provide a vehicle for assigning responsibility to
the identified human in the context of the agentic interactions and actions.

Ankit Agarwal: That's and so to Mike's point there are a human in the loop
where I'll just say human present and then there are human not present kind
of present card not present but where the human is not present there is
still that concept of authorization. so the agent is authorized to do what
it's doing on behalf of the human. So in terms of use cases like this is
the kind of the vanilla flow that kind of kicked off this whole effort on
our end.

Ankit Agarwal: and the first point is what we discussed earlier the whole
thing was overcoming these bot blocks, right? so the idea behind KY was we
need to address this issue where the security infrastructure flags
legitimate agents as malicious bots because ultimately they're all
programmatic access and they all look the same. so the idea behind KYA pay
is we want to convey this verified identity and payment credential data
which then provides a strong signal that a request is human authorized or
the human is present maybe authorized the way I've written here is not
entirely correct is it's present because authorization obviously there's a
concept of that as well which is complimentary to providing the identity
data and
00:25:00

Ankit Agarwal: And this also enables the recipient to selectively filter
the traffic. Right? So crucially KYA pay token is not like an all access
pass. It's providing the identity and it's providing really the business
and the human identity versus just a signature or something like that that
is still kind of anonymous. because we want the recipient services to be
able to make runtime decisions that hey do I want to onboard this new user
or this new customer.

Ankit Agarwal: just like they do with humans where we fill out a form we
enter our details and then the business can make a business decision versus
just like hey I have a key or I have a UU ID identifier let me in and it's
like hold on I don't really know who is behind this agent is it Mike Jones
is it Craig Dit is will

Ankit Agarwal: because that's where I make my business relationship. and so
then the idea is for access parity where legitimate agents or I struggle to
even use the word legitimate because that is very loaded but essentially an
agent acting on behalf of a human can interact with services which were
previously restricted. so this is how it works.

Ankit Agarwal: at a high level you have the user principle you have the AI
agent there may not to some degree or the other an LLM involved. there is a
token issuer. so this is a role just like with Oath You have a role for a
token issuer and it could be an identity issuer it could be a payment
issuer. It could be both in one. so the agent creates the token at runtime.
So obviously the human business or the human individual is onboarded by the
token issuer so that they can attest to that human's identity. and this
follows a KYB process. and so then the agent can create identity tokens or
payment tokens or both at runtime and pass them on in their requests to the
recipient.

Ankit Agarwal: which could be a web server, it could be an MCP server, it
could be whatever programmatic interface is exposed. and so then this
intermediate layer which is all of the web security infrastructure can
inspect the token and make a decision whether to allow it through or not.
and then that information if it's a pay token it can be potentially charged
for example if it's a credit card or something like that it could be
charged if this requires account creation or login or something like that
then the identity information can be used with a CIM to enable that as so
with that I'll jump into the token itself.

Ankit Agarwal: so the KY token so it's really important it's a layered and
extensible identity. so what we have started with is identifying the human
principle which actually could be a human business as well. then there is
an optional intermediate identity which is the agent platform. So the way
we see this is, I could be, for example, a member or a paying member of
Consumer Reports. and that's kind of the agent platform. And then Consumer
Reports has all of this research they do on products that might be useful
to me. and they also actually have an agent which can go out and buy refer
products to me.

Ankit Agarwal: And so we distinguish between the platform that is kind of
hosting or running or maybe developed these agents from the actual agent
instance itself which is kind of like the software process right and there
could be thousands of these software processes on this agent platform and
so we have the human identity the agent identity and so I'll jump into the
token itself Yeah, Demetri, go ahead.

Dmitri Zagidulin: Hi really enjoying the presentation so far. I wanted to
ask about the emphasis on the human rather than operator or principle. what
about cases where the operator is a business or an organization where there
isn't a single human?
00:30:00

Ankit Agarwal: Yeah, really good question.

Ankit Agarwal: So there are a lot of cases like this that we already see
where there are enterprises that are now using agents to automate
enterprise processes which require them to I don't know go out to their
vendors and download invoices run reconciliations with their banks and
stuff like that literally. So in this case that this is why the human
identity it could be a human individual or it could be a business.

Ankit Agarwal: So, for example, Coca-Cola, going out to Home Depot, this
completely made up example to download its invoices for, I don't know,
warehouses that they're building or something like that, And so, in this
case, the h Coca-Cola would go through a contracting process or an identity
verification process with the token issuer and identify itself with and
then what information is collected etc is collected by the issuer of course
we're also working on complimentary standards where recipients can
advertise hey these are the identity information that I need as well so we
need to work that out some more we have some ideas of how that discovery
works but

Ankit Agarwal: that's how we're thinking about it. And so in this case and
the way the protocol works for example even though it's Coca-Cola there
might still be some manager or operator or something like that at Coca-Cola
ultimately I'll say I'll use the word responsible for that agent or
benefiting from that agent or something or the contact person for that
agent and that's again where the layer identity comes in. So even that
information can be part of the token. So if the agent misbehaves then the
recipient has some way to identify the responsible party to figure things
out. So Demetri did that kind of answer your question?

Dmitri Zagidulin: Yes. Yes, I think so.

Ankit Agarwal: Okay.

Ankit Agarwal: So coming on to the identity and the token itself. So it's a
jot. so it has all the standard jot fields the keys algorithms the issuer
issued at expires at These are all kind of tags primarily controlled by the
issuer. and then this is So the human identity and this is extensible. So
in this example here it's an email there's a platform identity so to
Demetri's questions of question like someone in this case it's a shopping
agent so it has a name it has a pl contact address things like that.

Ankit Agarwal: there's also the concept of verifiers. So there is the
issuer but they could also use different kind of verification logic to
verify different entities. and so again this is the extensibility of the
platform of the token. So you can have concepts like verifiers in there as
well. and then there's the agent identity. and this is just an example of
something that we've done right now is we kind of focused on IP addresses,
because that's what an HTTP request usually comes down to with the source
IP. But like I said, this is a field of research. and we just want this
identity to be transportable from A to B. not necessarily define it just
yet. yep.

Ankit Agarwal: So that's the pay token high level I'll just say again we
want to allow for multiple settlement schemes. So today you can have stable
coins, you can have cards honestly you can do any coin probably down the
road we might have banks doing account to account. the token schema looks
kind of similar all the standard jot stuff but then everything you see here
is very payment So amounts, currencies, what type of payment if it's a
credit card then it would have to be like a PCI exempt card credential.
00:35:00

Ankit Agarwal: So they're working with a bunch of the card networks and
they are working on agentic tokens which are PCIexempt one-time used u card
credentials then that can be generated but then otherwise Skyfire itself
also does settlement or offers settlement via USDC in which case the
payment data looks like that we do that via custodial wallets. There's a
bunch of other ways to do it that probably would involve some kind of escro
system. cool. So, with that, I'm ready to go into some demos. I know we
have only about 20 minutes left. we wanted to leave some time for
questions, but I'm happy to pause at any time to take questions. So, I'll
start with a demo of an commerce shopping agent.

Ankit Agarwal: so this is on YouTube as well. I'll share the links of
course. but here is an example. So here we've built a sample chat agent.
and we've asked it hey, find me the best Bose headphones, right? And so a
lot of standard stuff that agents do, it thinks through the query, uses an
LLM, figures out that it has a tool to, search boast.com. goes out searches
boast.com and finds a bunch of headphones to use. the question is how did
it actually get access to boast.com otherwise boast.com is generally
blocking scraping and other botlike access to protect its website.

Ankit Agarwal: and so that's where the agent had tools on the back end.
there is a tool for example to create a KYA or a pay token or both. it used
that it added that to all its requests. one thing I neglected to mention
early on is that, just in general, what we're seeing today is there's a lot
of talk about protocols and programmatic API based agents using MCP or
maybe down the road A2A, things like that. but what we see today really is
like, MCP is still evolving very quickly, but still evolving.

Ankit Agarwal: A2A is much further back in terms of practical deployment
and and so what we're actually seeing is that there's a lot of websites
already. and even a lot of APIs with open API spec specifications. So,
we're actually seeing a lot of use agents computer use agents to navigate
websites or using essentially converting open API specs just like you can
convert an MCP server tools list to local tools to use them.

Ankit Agarwal: And so in this case the way this agent works that we built
actually uses a browser use agent to navigate the website and in that
browser use agent it's creating tokens for each request to the website and
so then the security vendors can inspect the traffic and confirm that there
is a human present here and this is a legitimate request with an intent to
purchase essentially so I'll keep going. So here we get a list of products
to buy. So what we're now going to see is that authorization which is kind
of complimentary.

Ankit Agarwal: So what we're going to see is authorization the way the card
networks do it. we think essentially all the conversations that we've been
part of have been along the same lines where authorizations are collected
at runtime like this or they can potentially also be and so in this case
authorization is collected via pass keys for that particular amount. and
that particular product and that particular merchant. and once that
authorization is collected, and that payment credential then is issued in
the token. this is kind of just what I showed the token has that
information. and then another browser use agent is used to actually do the
checkout.
00:40:00

Ankit Agarwal: And that browser use agent is using the KYA token in the
header to access the website and is also using oops sorry pause and is also
using the payment credentials from the pay token to actually plug in the
payment right and then down the road if this was MCP or A2A what have you
once again the tokens can be used for that identity. one of the things
we've done with MCP for example is that MCP has outsourced its
authentication and authorization to essentially an oath o server that's the
recommended approach and…

Ankit Agarwal: what we have done with oath vendors like octa and ai is that
we have implemented token exchange which actually is an oath standard as
well as an RFC which actually might the author of that you can exchange yep

Michael B. Jones: One of several,…

Michael B. Jones: but Yes.

Ankit Agarwal: and so we've actually implemented that where using a KYA
token you can get an OOTH token and then you can access an MCP server. and
then payments etc are also tokens they can be passed programmatically. so
that's the second demo I wanted to show was actually one that we have done
with one of our partners. So, I'm actually going to bring up the live demo
and I'm going to start running it. I'm going to do a very kind of silly
prompt. What is the weather in Sacramento today? and I'm going to come
back. I ran this earlier.

Ankit Agarwal: but what I wanted to show you was like so what it's doing is
step one this is now a programmatic agent as opposed to the browser use
agents which you s saw before. So this is actually using an MCP server. So
DAP here has implemented a production MCP server where they accept KY and
pay tokens. and DAP here is how should I say it like an authorized data
aggregator and stellar. So they actually license data from data owners and
then make it available for essentially sales via an MCP server and they
accept micro payments so people can actually get specific pieces of data
that they want versus having to buy data in bulk or having to scrape it or
anything like that. Right?

Ankit Agarwal: So what this agent is doing is it's step one is how do you
discover the seller right so we expect that there will be a lot of
registries that expose MCP servers MCP itself as a re layered registry
concept and there will be private registries curated registries what have
you because agents will have to discover these things and you can't load
all registries just because of the limitations on context windows etc with
LLMs right So they will have to be discoverable. They will have to be
mountable in a sense and then unmountable as so in this case Skyfire
because it's a payment provider it has onboarded DAP here as well. So we
also ultimately function as a registry of sorts as well.

Ankit Agarwal: So in this case, the agent uses us to discover, hey, is
there a seller of this kind of weather data? And it discovers Dapio service
requires a KYA token to query it to access it. They don't just let any
anonymous access So the agent creates a KYA token. obviously in this case,
the part that's hidden is we didn't really onboard me, but that's what
would happen in a real production case. it creates the token and then it
queries Dapia service or MCP server for everything that Dapier has to sell
and it's got prices etc etc. It chooses the tool using the LLM to use.

Ankit Agarwal: it figures out the price what it's going to cost in this
case I guess it was free maybe and it created a token and then this is the
decoding and then actually it passed the token to Dapia service to get the
response and so then it got the weather right I can run this with other
examples getting the price of a stock what have you as well so that's and
last demo I'll run through is something we built with another customer of
ours, build is a platform where anyone can build automated workflows and
essentially sell them to anybody else using Skyfire KY tokens KY tokens in
general.
00:45:00

Ankit Agarwal: So in this example, we built an agent that uses a couple of
these tools that are available for purchase and kind of how should I say
consumption based pricing just as many times as you use them. you pay for
them. and so in this case I prompted the agent to conduct research on a
company on Visa. So I'm a financial analyst. I need to research a company.
and I want the latest greatest data set. so I use this agent. I say, "Hey,
get me the latest company and competitor research on Visa in this case."
And so in this case, the agent on the right, so this is kind of the user
experience on the left and on the right is kind of what's going on
underneath the covers. So in this case, once again, this agent is using
Skyfire as a registry.

Ankit Agarwal: But it uses a fine sellers tool. figures out that hey there
are tools I can use to do this and they require to be paid. So it goes
ahead it creates the tokens. this is what the token looks like. this is
what I was mentioning earlier.

Ivan Dzheferov: One minute.

Ankit Agarwal: So as opposed to MCP exposes open API spe not for its APIs
but rather all the tools that people build on bullship. They automatically
create open API specs and expose them if they want. and so in this case the
agent is then using a converter to convert an open API spec to sorry was
there a question? Okay.

Ankit Agarwal: And then using that open API spec, it basically makes the
request passes the KY token in the header gets a response puts that
together and that's what you see the end result. So yeah so those are the
demos I had planned.

Ankit Agarwal: Any questions on any of that?

Will Abramson: I maybe have a question.

Will Abramson: Thank I don't So I don't understand this.

Ankit Agarwal: Yes, go ahead.

Will Abramson: Sorry, you want to go?

Ivan Dzheferov: Sorry, I accidentally pressed my headphone.

Will Abramson: Okay.

Ivan Dzheferov:

Ivan Dzheferov: Sorry to interrupt you.

Will Abramson: No problem.

Ivan Dzheferov: tends to see.

Will Abramson: I was wondering about the difference. Maybe you can compare
the difference between X42 payments and X42 I think that's more like
cryptocurrency based…

Ankit Agarwal: Yep. Yeah.

Will Abramson: but maybe you can contrast them for me just so Mhm.

Ankit Agarwal: Yeah. Absolutely. So X402 is exactly like you said is very
crypto focused and at least when we looked at it there wasn't much of an
identity layer in that it was more wallet payment and I'll also ask Craig
if you want to jump in Craig but it was more wallet to wallet payment and
there wasn't much of an identity layer the way we dis designed

Ankit Agarwal: KYA pay is really to be settlement agnostic. so we do see a
path where the identity data in KYA can be paired with X42 as well as the
kind of the settlement scheme potentially to allow that because again KYA
pay is more like getting that data across to the recipient…

Ankit Agarwal: but in a verified and trusted so that's kind of how I see
it, but Craig may jump in as well.

Craig DeWitt: Yeah, that's it.

Craig DeWitt: X42 is really just a way of facilitating a crypto-based
payment primarily with stable coins within a request. from my background, I
was at Ripple for 8 years in the early days and I completely built out the
settlement mechanism there. and at least for this group, what I found was
the value movement. So X42 that's just like how do you get crypto from one
side to the other? That's actually The really hard part of the payment is
who's involved in this transaction? what is the identity?

Craig DeWitt: At least right now, one of the stumbling blocks with X42
there's no serious company out there that I've found that is willing to
just accept pseudo anonymous payments in exchange for access or services.
And this is really where KYA comes in really nicely regardless of the
settlement mechanism of you are able to know exactly…

Will Abramson: Great. Thanks.

Craig DeWitt: the platform is, and who's the user that is authorizing that
payment.
00:50:00

Craig DeWitt: So this is interoperable with X42, but primarily what we see
today is card-based payments.

Ankit Agarwal: And…

Ankit Agarwal: another thing we'll also mention is at least all the use
cases for X42 we've seen are very much like you want to call this API okay
pay me some micro amount to access the API and then you're done. And what
we see is a lot of business is really about not necessarily just paying for
a one-time use, but potentially paying a subscription or paying a large
amount or paying in installments or what have you.

Ankit Agarwal: and again that's the kind of stuff we want to enable with
KYA pay where businesses can charge in how whatever payment scheme they
want and with whatever terms they want not necessarily just like a request
response and then you're done. because that doesn't really work for
everybody. some of the examples I showed you kind of were like that. So
there's definitely a use case. but a lot of what we see is also not just
pay as you go but other kind of payment models as well and correct said we
see a lot of card stuff as well and again KY is meant to be agnostic of
that it's really getting that data to B

Ankit Agarwal: Okay.

Will Abramson: Great. Thanks.

Will Abramson: So does anyone else have any questions for the team?

Ankit Agarwal: So, I'll just go ahead.

Michael B. Jones: I'll ask one.

Michael B. Jones: There's a number of W3C specification experts on the
call. How do you see this work or the topic of the work relating to things
happening at the W3C? I mean, I'm obviously aware of the web payments
group,…

Michael B. Jones: but I'm not as familiar with the agentic stuff happening
in the W3C. so, educate all of us, please, including me.

Will Abramson: Good question.

Will Abramson: Dimmitri.

Dmitri Zagidulin: So, I want to I lower my hand in case somebody knows more
about the Agentic community group at W3C.

Will Abramson: All right.

Dmitri Zagidulin: In case somebody wants to hop on. the reason I raised my
hand is the way I see the spec intersecting with some of the work at W3C
probably in three different areas. One is of course the usage of DIDs as an
identifier option for humans, organizations and agents and I think the
Skyfire team and Mike are aware of that part of the ds are an option.

Dmitri Zagidulin: Second one being the token exchange sort of workflow of
exchanging verifiable credentials for KA pay tokens or vice versa right so
just converting from one to the other and the third one diving into the
question of authorization permissions like…

Michael B. Jones: C can somebody put a link to that community group in the
chat?

Dmitri Zagidulin: how this would interplay with rich scopes how would it
interplay with something like authorization capabilities or ZCAPS. but I am
curious if somebody knows more about the agentic work specifically at W3C.

Dmitri Zagidulin: Yes. Sun type.

Benjamin Young: and we're down to about five minutes.

Benjamin Young: Has stepped out and left me with the Q management. does
anybody else have other questions or thoughts on Mike's question?

Ankit Agarwal: I think we'll follow up on what Dmitri shared and said. I
did want to mention also that Dmitri and Kala are also contributors to Y.
we worked with them early on and got a lot of feedback and things from them
as all right. let's see. so I'll just kind of quickly end with we have the
website kyapay.org.
00:55:00

Ankit Agarwal: so we invite you all to take a look the jot profile is the
first kind of draft we've submitted to the IETF for standardization as Mike
and Dmitri talked about there's a bunch of other things the token exchange
we also did some work with Katana Labs where they are entirely based on VCs
and exactly like what Dmitri said where we made them interoperable and you
can exchange a VC per KY token and vice versa. to go any which technology
stack you happen to use. yeah so I think I'll stop here. Mike or Craig, do
you guys want to share any last thoughts?

Craig DeWitt: yeah that the last thing I'll wrap up with is one thank you
guys very much for thank you everyone here for I should say for having us I
think somebody put in something around like hey this is similar to what was
presented xyz before I think the one thing that's fairly unique ique about
Skyfire is that over the last call it 18 months we've gone out and we have
done the hard work of getting acceptance from the majority of today's web
bot off web providers the bot managers and the security providers not just
at the bot management piece but also at the account management piece for
the ATO providers who do account protection as well as the checkout fraud
protection folks and so I think there's already a very interesting

Craig DeWitt: network of live substantial internet infrastructure providers
that are accepting these tokens.

Craig DeWitt: And I think the big opportunity is we're really excited to
work with you guys or work with the folks here to actually figure out how
do we take this to the next step because we're seeing that adoption on the
acceptance side and we're starting to see that adoption on the demand side
for issuance. So I want to say thank you to everybody here and looking
forward working through this

Benjamin Young: Yeah, thanks for coming guys and…

Benjamin Young: thanks for those presentations. we'd love to hear more
about it on the credentials community group. I think Ed had asked about
seeing this a link to the slide deck would be helpful for folks to continue
to dig in. and we're happy to see you on these calls in the future.

Craig DeWitt: Thanks.

Benjamin Young: Thanks so much everybody. go ahead Juliet.

Ankit Agarwal: Thank you.

Kaliya Identity Woman: Just to say if you want to dive into all this aentic
stuff, we have the aentic internet workshop on May 1st following IIW. So,
it's another opportunity to weave all these things together and hopefully
some coherence will emerge.

Michael B. Jones: And Skyfire recently became a sponsor of the theic
identity workshop or…

Benjamin Young: Yeah, sound.

Kaliya Identity Woman: They did. it's a dentic internet, but yes, it's all
good.

Michael B. Jones: sorry too many of the good words.

Kaliya Identity Woman: Yes. Too many good words, but thanks

Benjamin Young: Thanks everybody.

Michael B. Jones: right, y'all. Bye.

Ankit Agarwal: Thank you so much.

Benjamin Young: Take care.

Ankit Agarwal: Really appreciate it, guys. Nice meeting everybody. Bye.
Meeting ended after 00:58:50 👋

*This editable transcript was computer generated and might contain errors.
People can also change the text after it was created.*
Received on Wednesday, 1 April 2026 00:01:33 UTC