Offline payment permissions

When agents or terminals operate without real-time connectivity, AffixIO can issue short-lived permission tokens that are cryptographically bound to a specific amount, merchant, and time window. The token is validated locally where possible; when connectivity returns, it is reconciled and a nullifier check prevents replay.

How it works

Before going offline (or in a low-connectivity window), your system requests an offline permission token from AffixIO. The token encodes the maximum amount, allowed merchant(s), and expiry. The terminal or agent stores the token and can honour transactions within those bounds without calling AffixIO. When the device reconnects, it submits the token (or a commitment) for reconciliation. AffixIO runs a nullifier check so the same token cannot be used again, then records the outcome and issues an audit event.

API surface

Offline flows use the same control plane as online: agents, delegations, and trust policies. Additional endpoints cover queue creation, queue retrieval, commit, nullifier check, and reconcile. See the API reference for POST /v1/offline/transactions, GET /v1/offline/queues/:deviceId, POST /v1/offline/nullifiers/check, and POST /v1/offline/nullifiers/reconcile. NIOR circuits such as nior_offline_trust and nior_offline_compliance support offline trust scoring and compliance checks.

Related

Agent Permissions · Delegated payments · Developer docs · Offline payment verification