Your agent decides
where money goes.We make sure it gets there.
CodeSpar is the money movement runtime your agent runs on. Mandates, routing, escrow, reconciliation and audit on every transaction. From checkout to procurement, payroll, treasury and cross-border. Commerce is the wedge; money movement is the platform.
import { codespar } from "@codespar/sdk";
// one session. every money movement primitive.
const session = await codespar.create({ preset: "latam" });
await session.send(
"Pay R$1,500 to the supplier via Pix and issue the NF-e"
);
// ✓ routed · settled · sealed · receipt rcp_8f2a91One runtime, every flow
Commerce is the wedge. Money movement is the platform.
The same governed runtime that checks out a cart runs procurement, payroll, treasury and cross-border. One mandate model, one router, one audit chain.
How it works
Every transaction closes with a verifiable record.
Four layers the human-first stack never shipped. CodeSpar runs them as one runtime.
Mandate
A signed authorization that answers the hard question: can this agent spend this amount, for this purpose, on whose behalf? Capped, HMAC-signed, revocable in one call.
Route
Policy picks the rail: Pix, boleto, card or USDC. Sub-second decision, no raw keys exposed.
Settle
The rail executes and the receipt binds payee, price and the Pix endToEndId.
Audit
A hash-chained ledger with the fiscal documents attached. An answer for the CFO, not a log file.
Know the agent. Trust the money.How KYA works →
Security, outside the model
Prompt injection can't move your money.
It can hijack what the agent tries to do. Not what it can. Every payment runs inside a mandate you signed, with caps, a recipient allowlist, and an expiry, validated on our servers, outside the model. Worst case, the agent spends inside the envelope you already approved.
See the threat modelWhy a runtime
It is a matrix, not a rail.
Agent payments fragment across protocols with no winner. Each country is its own rails, its own fiscal regime, its own settlement currency, its own license. An SDK is one cell in that grid; CodeSpar is the runtime over the whole grid.
One surface
The agent writes intent. The runtime routes the rail.
112+ providers across six countries behind one canonical tool surface. The agent never learns a provider API and never touches a key.
Works with your agent.
Connect over MCP with no code, or install a one-line adapter and call getTools(session). Either way your agent gains a LATAM commerce rail.
One platform. Two ways in.
The rails are free.The mandate is the product.
MCP Servers
Every LatAm API your agent needs, wrapped as an MCP server. npm install, configure env vars, your agent transacts. Free and MIT licensed.
Money Movement Orchestration
The Complete Loop. One agent, six APIs, zero human intervention. Policies, mandates, routing, escrow and audit, managed for you.
The commerce loops teams ship first.
All use casesAccounts payable agent
Invoice to paid to reconciled, without the approval inbox
WhatsApp commerce bot
Conversational checkout that settles in chat
Cross-border payout orchestrator
Pay sellers, contractors, suppliers in local currency
Fiscal compliance autopilot
NF-e, CFDI, Factura issued automatically
Support refund agent
Ticket to refund in under a minute
Contractor payroll agent
The monthly payout run, inside caps, on Pix
Your questions, answered.
Yes for the governance runtime: mandates, policy checks, routing and the audit ledger run on every call today. Money movement is sandbox-first while production settlement comes online with our licensed partners. Open the sandbox and see it run.
A signed, revocable authorization: this agent, acting for this principal, up to this budget, on these rails. Mandates are HMAC-signed, carry per-transaction and total caps, and die the moment you revoke them. Every payment the runtime executes traces back to one.
The policy engine checks every call against the mandate before money moves: allowlisted payees, per-transaction caps, budgets. A call outside policy simply does not execute. Revoke the mandate and the agent is done on its next call, and the ledger shows exactly what it did before.
No. Settlement runs on licensed payment institutions that we integrate as rails; CodeSpar is the governance and orchestration layer on top. Wallet balances live at the licensed partner, wrapped in our mandate and audit machinery.
112+ providers across six countries in Latin America. Brazil is the deepest today: Pix, boleto, NF-e, WhatsApp, ERP and Open Finance. Mexico brings SPEI and CFDI, with Argentina, Colombia and USDC rails alongside. The catalog is public, so you can check your rail before you commit.
Depth over breadth. A generic toolkit gives your agent a Pix QR code; this runtime validates CPF and CNPJ, issues the NF-e, handles rejection codes and reconciles to the ERP. Governance is the product, not an add-on: mandates, policy and the audit chain sit under every call. And Stripe's toolkit is US-first, while this is built for the rails Latin America actually runs on.
Any MCP client (Claude, Cursor, Codex, ChatGPT) connects with one command, and eleven framework adapters cover LangChain, CrewAI, Vercel AI SDK, LlamaIndex and more. On payment protocols we run MCP in production and are building across AP2, ACP and x402, so you do not have to bet on a winner.
Every MCP server and the SDK are MIT and free forever: self-host them with your own keys. You pay when we run the money for you: usage-based pricing on the managed runtime, enterprise plans when you need SLAs and compliance. You pay when you settle, nothing before.
115 MCP servers live in the official MCP Registry, plus the SDK: MIT on npm, no asterisks. Run them yourself with your own provider credentials and never talk to us. The managed tier exists for the part you should not rebuild: credential custody, mandates and the audit trail.
Every transaction seals into a hash-chained ledger with the fiscal documents attached, so an auditor can reconstruct who authorized what, under which budget and policy. Tenant data is isolated and we operate under LGPD. When the CFO or the regulator asks, the answer is one record, not a log export.
Your agent is ready to run the business.Is your stack?
Start free on open source. Upgrade when you need the orchestration layer.