Finance integration
A $42,000 wire pauses until a real human signs.
A finance bot, leaked session, or AI agent can never pass this gate. The wire is bound to a passkey assertion on Asha's device - and only on Asha's device, signing only this wire.
Before: HIGH
After: LOW
The signatureAccount approval is no longer enough. Human approval is the gate.
High-risk action · pending
wire_9281
$0.00
USD · queued for release
BeneficiaryGreenLeaf Designs LLC
Account****8821
Routing****0451
MemoInvoice INV-2026-77 · branding work
Submitted byapi token · ap-bot · 18:21:54
AR
Asha Raman
VP Operations · Acme AI Labs · wire-approval scope
Policy in effect
WebAuthn assertion bound to wire amount + beneficiary
5-minute challenge TTL · one-time use · replay rejected
Audit-logged, SOC2-exportable
Counter monotonicity enforced (forks rejected)
What an attacker sees
The bot has the API token. It tries.
POST /api/wires/release HTTP/1.1
X-Org: acme-ai
X-Wire: wire_9281
Authorization: Bearer ap_bot_eyJxx…
// missing X-Manav-Proof header
Blocked at the gate
Policy require_human_signature_for: wire ≥ $1000 rejects the call with HTTP 428 - funds never move.
What manav sees
Audit row written even on failure.
{
"event": "HIGH_RISK_ACTION_BLOCKED",
"reason": "NO_HUMAN_SIGNATURE",
"actor": "ap_bot",
"target": "wire_9281",
"amount": 42000,
"severity": "critical"
}
SOC analyst sees a paged alert. Wire still safe.
Engineer · 5 min
Keep the tour going.
Next: Slack admin change - Promoting a bot to owner needs a human signature.