Back to blog

The headless wallet

17 June 2026· 5 min readagentic-aiaiethics
The headless wallet

A box of groceries is sitting on your doorstep, and you did not order it. Inside: oily fish, a bag of spinach, a tub of magnesium, and none of the biscuits you actually wanted. The receipt explains itself. Your sleep has been broken all week, your last blood panel came back low on omega-3, and your glucose ran high, so this is the basket your body needs. You never opened an app. You never reached for your card. Something read your health, decided what you should eat, bought it, and sent it round. Your first thought is not "how convenient." It is "who paid for this?"

For thirty years, every payment system I have touched was built to stop exactly that, to make sure no purchase went through until a human proved they were present: passwords, one-time codes, the grainy traffic-light squares, the little "I am not a robot" box. In a single month, four of the biggest names in finance started building the opposite.

On 11 June, Visa wired its payment network straight into ChatGPT, so an agent can find the flight and pay for it while Visa handles authorisation and fraud. The day before, Mastercard launched Agent Pay for Machines, rails for agents to pay one another in fractions of a cent, with thirty-plus partners signed on. Two weeks earlier, Robinhood opened agentic trading and a credit card to retail customers: a ring-fenced account a bot trades inside, and a card it can spend while you sleep. Then Coinbase shipped "Coinbase for Agents", a command-line tool and an MCP endpoint a terminal agent can call to trade and pay for research, no login required.

For three decades finance optimised to prove a human was present. This month it started racing to prove a robot is authorised.

That sounds like a small reframe. It is a different security model. The question is no longer "is there a person here?" but "is this the right agent, acting inside the mandate its owner signed, with an identity the network can verify?" Hence the vocabulary that landed all at once: verifiable intent, signed mandates, isolated agentic accounts, one-tap kill switches. Google's Agent Payments Protocol, now backed by sixty-plus organisations, is built around cryptographically signed mandates precisely because, as Forbes put it, an autonomous agent breaks the old assumption that a human clicked buy.

The consumer unlock is a command line, not an app

The part I keep turning over: the way this reaches ordinary people is not a glossy app but plumbing. Robinhood's agentic account is an MCP server. Coinbase ships a CLI alongside its MCP. Stripe's money-movement tools install from the command line. The interface to your broker, your card and your bank is quietly becoming a headless service any agent can call while you are asleep.

So the future on offer is not "an AI that helps you shop". It is a standing instruction: keep my portfolio aligned to this thesis, pay my software bills under a cap I set, buy the concert ticket when it drops below a price I name, and settle the small data and compute payments along the way. Money becomes programmable, and the program runs without a screen. The early traction is not trivial: one tracker counts roughly 69,000 active agents already moving stablecoins over Coinbase's x402 rails.

What it feels like from the other side

The reaction I trust most is the unfiltered one. On the Reddit thread about Visa's move, past 240 comments, the loudest voices were not breathless. One declared full confidence in AI's ability to mess things up; another pictured the agent quietly taking out a loan in their name while they slept. It reads as a joke until you sit with the question underneath: when the bot overspends at 3am, who carries it, the brokerage or the company that built the agent?

Map that onto the people involved and it sharpens. For consumers, the convenience is real, and so is the loss of the pause a checkout screen used to force. For banks, the threat is disintermediation: a Capco partner warned American Banker that customers may soon open their AI agent instead of their banking app, and whoever enrols the agent owns the relationship. TD Bank reckons 55% of Americans already use AI to help manage their money, up from 10% a year ago. For regulators, the risk model assumed a human in the loop, and that assumption just walked out.

Healthcare should be watching closely, because that box on the doorstep is the sharp end of all this. The upside is real: staying proactive about your health stops being a chore and becomes a standing order in the background. The trouble is that it is also where the mandate question gets hardest. You agreed to delegate the spending. Did you also agree to let your bloodwork choose your shopping basket, and to let the agent, the grocer and the payment network see the health data behind it? My old 3am nurse test still applies. Can a tired human understand what the agent bought and why, trust it without standing over it, and switch it off with one hand? If the answer is no, the kill switch is theatre, and so is the consent.

Next experiment: before you let any agent touch real money or real care, write its mandate like a contract: one line on what it may buy, one hard spending cap, one rule for when it must stop and ask, and one record of every decision and why. If you cannot write those four lines, you are not ready to hand it the wallet.

💥 May this inspire you to demand a mandate before you hand over the keys.