Skip to main content
The agentic OS for money movement in LATAM

Your agent decides where money goes.We make sure it gets there.

CodeSpar is the money movement runtime your agent runs on. Mandates, routing, escrow, reconciliation and audit on every transaction. From checkout to procurement, payroll, treasury and cross-border. Commerce is the wedge; money movement is the platform.

CommerceProcurement / APPayroll + payoutsTreasuryCross-border
agent-checkout.ts
import { codespar } from "@codespar/sdk";

// one session. every money movement primitive.
const session = await codespar.create({ preset: "latam" });

await session.send(
  "Pay R$1,500 to the supplier via Pix and issue the NF-e"
);

//  routed · settled · sealed · receipt rcp_8f2a91
Control Recordsandbox
mandatecm_gWEZ…onN · cap R$50,000 · verified
routePix · BRL · policy pass · 0.4s
settleE2E f81c…9a2 · R$1,500.00
invoiceNFS-e bound · nfe_31ab…77
auditsealed · hash-chained ✓
A Control Record binds mandate, route, settlement, fiscal document and audit seal on every transaction.
<1sroute decisionmandatesENFORCED112+providers in one catalogsandboxOPEN6countries covered126MCP servers in the registryLIVE14meta-tools, one surfaceaudit chainSEALEDZeroraw keys exposed2,837automated tests

How it works

Every transaction closes with a verifiable record.

Four layers the human-first stack never shipped. CodeSpar runs them as one runtime.

01

Mandate

A signed authorization that answers the hard question: can this agent spend this amount, for this purpose, on whose behalf? Capped, HMAC-signed, revocable in one call.

02

Route

Policy picks the rail: Pix, boleto, card or USDC. Sub-second decision, no raw keys exposed.

03

Settle

The rail executes and the receipt binds payee, price and the Pix endToEndId.

04

Audit

A hash-chained ledger with the fiscal documents attached. An answer for the CFO, not a log file.

Know the agent. Trust the money.How KYA works

Security, outside the model

Prompt injection can't move your money.

It can hijack what the agent tries to do. Not what it can. Every payment runs inside a mandate you signed, with caps, a recipient allowlist, and an expiry, validated on our servers, outside the model. Worst case, the agent spends inside the envelope you already approved.

See the threat model
Signed mandateHMAC
CapR$ 500
Payeesallowlist
Expiry24h
Enforced server-side, outside the model

Why a runtime

It is a matrix, not a rail.

Agent payments fragment across protocols with no winner. Each country is its own rails, its own fiscal regime, its own settlement currency, its own license. An SDK is one cell in that grid; CodeSpar is the runtime over the whole grid.

Agent protocols · no winner yet
MCPACPUCPAP2x402MPP
BRMXARCO
RailsPix · boletoSPEI · CoDiTransf. 3.0PSE · Transfiya
FiscalNF-e · SEFAZCFDI · SATAFIPDIAN
ChannelWhatsAppWhatsAppWhatsAppWhatsApp
CurrencyBRL · USDCMXN · USDCARS · USDCCOP · USDC
RegulatorBCBBanxicoBCRASFC
an SDK is one cell
One governed runtime across the grid

One surface

The agent writes intent. The runtime routes the rail.

112+ providers across six countries behind one canonical tool surface. The agent never learns a provider API and never touches a key.

codespar_discovercodespar_shopcodespar_walletcodespar_paycodespar_chargecodespar_checkoutcodespar_invoicecodespar_shipcodespar_notifycodespar_crypto_paycodespar_issuecodespar_ledgercodespar_kyccodespar_manage_connections
For Agents

Works with your agent.

Connect over MCP with no code, or install a one-line adapter and call getTools(session). Either way your agent gains a LATAM commerce rail.

One platform. Two ways in.

The rails are free.The mandate is the product.

Open Source

MCP Servers

Every LatAm API your agent needs, wrapped as an MCP server. npm install, configure env vars, your agent transacts. Free and MIT licensed.

Payments: Zoop, Asaas, PagSeguro, Stripe ACP, Pix
Fiscal: NF-e, NFS-e, NFC-e via Nuvem Fiscal, Focus NFe
Logistics: Melhor Envio, Correios, VTEX
Communication: Z-API, Evolution API, Zenvia
Banking: Stark Bank, Open Finance
ERP: Omie, Bling, Tiny
$ npm install @codespar/mcp-zoop
Start on open sourceCLONE · RUN · YOUR KEYS
Enterprise

Money Movement Orchestration

The Complete Loop. One agent, six APIs, zero human intervention. Policies, mandates, routing, escrow and audit, managed for you.

Complete Loop: cobrar → NF-e → despachar → notificar → ERP → conciliar
Payment Router: every rail, 12 currencies, cheapest route
Programmable Wallets: per-agent fund pools, mandate-gated debits
Policy Engine: per-agent budgets, deny-lists, time windows
HMAC Mandates: signed, time-limited, revocable
Escrow: milestone-based release, dispute resolution
Audit Trail: immutable hash chain, export-ready
Talk to usMANDATE · ROUTE · AUDIT
FAQ

Your questions, answered.

Yes for the governance runtime: mandates, policy checks, routing and the audit ledger run on every call today. Money movement is sandbox-first while production settlement comes online with our licensed partners. Open the sandbox and see it run.

A signed, revocable authorization: this agent, acting for this principal, up to this budget, on these rails. Mandates are HMAC-signed, carry per-transaction and total caps, and die the moment you revoke them. Every payment the runtime executes traces back to one.

The policy engine checks every call against the mandate before money moves: allowlisted payees, per-transaction caps, budgets. A call outside policy simply does not execute. Revoke the mandate and the agent is done on its next call, and the ledger shows exactly what it did before.

No. Settlement runs on licensed payment institutions that we integrate as rails; CodeSpar is the governance and orchestration layer on top. Wallet balances live at the licensed partner, wrapped in our mandate and audit machinery.

112+ providers across six countries in Latin America. Brazil is the deepest today: Pix, boleto, NF-e, WhatsApp, ERP and Open Finance. Mexico brings SPEI and CFDI, with Argentina, Colombia and USDC rails alongside. The catalog is public, so you can check your rail before you commit.

Depth over breadth. A generic toolkit gives your agent a Pix QR code; this runtime validates CPF and CNPJ, issues the NF-e, handles rejection codes and reconciles to the ERP. Governance is the product, not an add-on: mandates, policy and the audit chain sit under every call. And Stripe's toolkit is US-first, while this is built for the rails Latin America actually runs on.

Any MCP client (Claude, Cursor, Codex, ChatGPT) connects with one command, and eleven framework adapters cover LangChain, CrewAI, Vercel AI SDK, LlamaIndex and more. On payment protocols we run MCP in production and are building across AP2, ACP and x402, so you do not have to bet on a winner.

Every MCP server and the SDK are MIT and free forever: self-host them with your own keys. You pay when we run the money for you: usage-based pricing on the managed runtime, enterprise plans when you need SLAs and compliance. You pay when you settle, nothing before.

115 MCP servers live in the official MCP Registry, plus the SDK: MIT on npm, no asterisks. Run them yourself with your own provider credentials and never talk to us. The managed tier exists for the part you should not rebuild: credential custody, mandates and the audit trail.

Every transaction seals into a hash-chained ledger with the fiscal documents attached, so an auditor can reconstruct who authorized what, under which budget and policy. Tenant data is isolated and we operate under LGPD. When the CFO or the regulator asks, the answer is one record, not a log export.

Your agent is ready to run the business.Is your stack?

Start free on open source. Upgrade when you need the orchestration layer.

The Agentic OS for Money Movement in LATAM | CodeSpar