April 30, 2026

Stripe answered the trust question yesterday. On April 29, the company opened up Link's wallet to agents and shipped the Link CLI as the developer surface. The mechanics are the part to study. An agent constructs a spend request specifying the merchant name, URL, line items, and a context string explaining the purchase. The user receives a notification on web, iOS, or Android and either approves or rejects it. On approval, Link issues a single-use virtual card or a Shared Payment Token, valid for that one transaction, with the user's actual card details never leaving the Link wallet. Stripe cites more than 200 million consumers already in Link's network, which means the rails do not need to be bootstrapped. They are already there.

Patrick Collison demonstrated the mechanic the same day by handing Claude a budget. "I asked Claude to buy itself a gift," he wrote on X. "It chose HTTPZine on Gumroad." The framing is small on purpose. A single self-directed purchase by an AI model, approved synchronously by a human, completed against a real merchant. Anthropic's model picked the gift. Stripe's CLI created the credential. The user approved the spend. The merchant was paid in real money. That is the entire stack of agentic commerce shrunk to a Gumroad receipt, and it shipped two weeks after American Express committed to underwriting agent errors. The trust scaffolding the industry has been promising for months is now installable from npm.

The Link CLI lands in the same week Stripe used its Sessions 2026 conference to launch 288 products aimed at AI economic infrastructure. Inside that bundle, the agent wallet is the piece that resolves the question consumers keep asking. Who is liable when an agent buys something they did not authorize. Stripe's answer is structurally simple. The agent never sees the real card. Each purchase requires synchronous approval. The credential dies after one use. Spending limits and pre-approved categories sit on the roadmap, but the launch ships with the most conservative posture, which is exactly the posture trust requires at zero. American Express took the consumer side of the same question two weeks ago by promising to absorb chargebacks. Stripe is now answering the developer side by removing the credential exposure entirely.

The fortnight from April 14 to April 29 will read in retrospect as the moment the agentic commerce trust stack closed. AmEx insured the loss. Visa, Mastercard, and Stripe shipped the rails. Anthropic and OpenAI built the agents. And Stripe just made the wallet itself agent-native at consumer scale. The remaining work is not technical. It is the slower question of which merchants restructure their product data so the 200 million Link consumers' agents can find them. Patrick Collison's HTTPZine purchase is a demo, but the receipt is real, and once a system can produce real receipts, the only question left is volume.