AFFIXIO
Spent-proof
Double spend prevention for credentials
A valid credential presented twice is a classic failure mode for tickets, payments, and agent permissions. AffixIO spent-proof patterns mark a presentation consumed so a second use fails verify.
Definition
Double spend prevention for credentials ensures a presented proof cannot authorise a second time once it has been marked spent at the verifier.
Field note. Double-spend on credentials shows up as duplicate charges or entry fraud after offline windows close.
Spent-proof mechanics
At present and verify, the verifier records that this proof presentation is consumed under policy. A second present returns deny. Online and offline designs differ in how spent state is stored, but the rule is the same.
See double-spend prevention pages for ticket and payment examples.
Where to require it
Single-entry tickets, single-use payment permissions, and one-shot agent delegations. Not every credential must be single-use. Long-lived membership proofs may allow multiple presents with different anti-replay controls.
Choose spent-proof when the business rule is one authorisation per artefact.
Production wiring for credential double-spend prevention
Place issue at consent or policy satisfaction, then verify at the first external boundary. Deny should return a stable code for support. Allow should attach Merkle metadata to the record your finance or ops team already stores.
When WAN is unreliable, run local verify with cached keys and sync Merkle inclusion later. Offline QR and edge agents use the same spent-proof rules as online gates.
Chargeback gap
Valid twice is still fraud
Signature validity alone does not stop replay. Without spent-proof, a photographed QR or captured token works again.
Photographed tickets
Screenshots admit a second entry.
Captured agent tokens
Replay authorises a second payment or tool call.
Shared links
Bearer URLs circulate beyond the intended subject.
Offline ambiguity
Edge scanners need local spent state, not only cloud flags.
Spent-proof rule
Spent-proof credentials that block double redemption
Reusable credentials without spent-proof rules let the same proof pay twice or enter twice after a sync delay. AffixIO marks proofs spent at first successful verify.
Mark single-use credentials
Tickets, one-shot pays, delegations.
Enable spent-proof
At issue and verify.
Test double present
Expect deny on second use.
Monitor spent-state health
Especially on offline scanners.
Pilot gates
Readiness checks for credential double-spend prevention
- Inventory credentials that must be single-use.
- Enable spent-proof on those issue paths.
- Train door staff on second-scan deny.
- Include spent-proof in sandbox test plans.
- Review offline spent-state sync.
Common questions
Questions on credential double-spend prevention
Is spent-proof only for payments?
No. Tickets, access, and agent permissions use the same idea.
What about refunds and re-entry?
Re-issue a new credential. Do not reuse a spent presentation.
Offline scanners?
Local spent-state with later sync. See offline gate docs.
Where is the product page?
/double-spend-prevention/
Product links
Pages that support credential double-spend prevention
Infrastructure
More infrastructure briefs
Test credential spent-proof rules
Run double-present scenarios in sandbox, then confirm verify rejects replayed proofs at your boundary.