Skip to content
Oris Docs
Sign in Get API Key

FAQ

What is Oris?

A cryptographic compliance layer for autonomous AI agent payments. Oris signs the proof that a payment is authorized, screened, and accountable. Networks consume the proof. Regulators consume the proof. The money itself moves through the developer’s existing payment relationship.

Does Oris hold funds?

No. Oris is non-custodial. Funds stay with your custody provider (Turnkey, Fireblocks, Circle, or self-hosted). Oris only signs the compliance proof.

Does Oris need a money-transmitter license?

No. Oris does not move money. The license obligation stays with the developer and the rails they use.

What does the SDK do?

Three things:

  1. Wraps the 171 REST endpoints behind typed methods.
  2. Builds and signs the Ed25519 authenticated request payload.
  3. Exposes the oris.protocol namespace for L8 verifier and offline verification.

How long does a payment take?

End-to-end p95 is under 100 ms from agent.pay() to the verifier verdict. The on-chain settlement latency then depends on the rail (1 to 12 seconds for Base, 0.4 s for Solana, several seconds for card rails).

What chains are supported?

Ten today: Ethereum, Base, Polygon, Arbitrum, Avalanche, BNB Chain, Optimism, Celo, Solana, Tron. Card and gateway rails (Stripe, Visa, AWS, x402, Coinbase Agent) are partner-led.

Is the verifier open source?

Yes. The reference verifier is published as a Docker image. Networks can run their own inside their perimeter. The contract is bytecode-compatible with the Solidity reference.

What happens if Veris is down?

The engine fails closed. No attestation, no bundle. Cached attestations within their 60-second TTL continue to satisfy in-flight bundles. New payments queue or reject depending on configuration.

How is the audit log tamper-evident?

Every row is SHA-256 hash-chained to the previous row. Every hour the chain head is Merkle-anchored to OrisAuditLogRegistry on Base. Tampering with any row breaks the next row’s link, and the next anchor commit makes the divergence visible.

Can a regulator decrypt the sealed envelope alone?

No. Envelopes use AGE threshold encryption (typically 3-of-5). Unsealing requires a quorum signature. No single party, including Oris, can decrypt.

What is the SDK version policy?

The public API is frozen on the wire. New endpoints land in minor releases. Removals require a major version. The oris.protocol namespace is additive.

How do I upgrade SDKs?

Minor and patch releases are backward compatible. Pin to a specific version in production, update at your cadence:

pip install "oris-sdk==0.2.0"
npm install oris-sdk@0.4.0

What is the ZK upgrade (v2)?

A ZK proof boundary at L4. The bundle wire format stays the same (196-byte public inputs). Only the proof_type field changes. SDK code does not change.

Where to go next