Delegate API billing to AI agents.

Hide the API key and billing authority

Prove within scope, the AI may call the API

You want an AI agent to call external APIs (SaaS, payments, data), without the risk of handing it the API key. With Lemma, "billing ceiling," "allowed APIs" and "validity" become a scoped delegation — via x402, inside scope the agent runs autonomously, outside it stops.

Developers · All industries · IT / DevOps 2 min read

live in production since 2025 · Public-infrastructure PoC in production · ETHGlobal AI Agents 2026 Finalist

01 · THE PROBLEM

Three voices from the front line.

Developer

“We want to avoid the risk of handing an AI agent the API key — delegate with scope instead”
IT

“We want real-time control over the billing of the APIs the AI uses”
Security

“We want to structurally eliminate the risk of API-key leakage”

02 · THE SHIFT

Hand over the source, or just the facts?

Change what reaches the AI, and the leakage risk goes with it.

Without Lemma

Hand over the original

api_key:: sk-proj-…
endpoint:: /v1/chat/completions
cost:: $0.05
agent:: AI-003
total_month:: $124.50

↓ all of it goes to the AI / outside

With Lemma

Hand over just the facts

agent:: did:lemma:agent-AI-003
delegatedBy:: did:lemma:org-acme-dev
role:: api_caller
spendLimitUSDC:: 100
scope:: x402://api.openai.com/*
validUntil:: 2026-06-30T23:59:59Z
ZK verified:: ✓ VALID

↓ only the necessary facts to the AI

An org or developer issues a signed delegation with a billing ceiling, allowed APIs and validity — without handing the agent the API key itself. x402 middleware checks authority via Trust402 before each call, executing inside scope and stopping before anything outside it. Without disclosing keys or billing authority, the fact "called within scope" can be independently verified.

See the technical details ↗

03 · HOW TO CHOOSE

Choose on three criteria.

Only work that needs all three at once — pass without exposing, independent verification, tamper-proof — is Lemma's domain.

Method	Pass without exposing	Independent verification	Tamper-proof
Access control only	△	✗	✗
Masking / anonymization	△	✗	✗
Encryption only	✓	✗	✗
Lemma (ZK proof)the only one with all 3	✓	✓	✓

04 · HOW IT WORKS

What's next

We enter through delegation design and a PoC, and stay alongside you through to operations.

A 30-minute review — identify the APIs you want the AI agent to call and the expected billing ceiling.
Design the delegation — define the combination of spendLimitUSDC + scope (API endpoint) + validUntil.
Verify up front with x402 middleware — place a Trust402 authority check in front of each API call.
Prove one path via a PoC — implement billing control for one API in 4 weeks, confirming in-scope execution and out-of-scope stops.
Hands-on support through operations — existing plan tiers (Civic / Critical / Compliance) serve only as a cost reference; the setup and pricing are designed together.

Tell us one workflow where you want the AI to call an API but fear handing over the key, in the first 30 minutes. No disclosure of the API key required.

05 · RELATED

Related use cases

Still have questions? See the FAQ →

The bigger picture

The bigger picture this use case belongs to.

We map use scenarios across industries and workflows by the four axes.

See use scenarios for Agent Authority in Solutions →

TRY LEMMA

Run it yourself.

No sales call needed — start hands-on with Lemma's products.

Try Seal → Trust402 reference implementation →