Skip to main content
Amla Labs

The missing layer for 
AI agent  actions

Agents are taking real actions: payments, refunds, database writes, agent-to-agent delegation and handoffs.

Current auth asks "do you have the token?"

Amla asks "are you the authorized continuation of this transaction?"

Cryptographic authorization chains Authority that attenuates Signed receipts for every action

Request early access Read our thesis

Agents have moved beyond text—they issue refunds, process payouts, adjust limits, update records.

Amla gives you the primitives to let them act safely:

Authorization Chains

Cryptographically signed chains that define who can act next, under what constraints. Authority only attenuates—violations are detectable.

Action Gateway

Every agent action is verified against the chain before it hits Stripe, your database, or your core systems.

Know Your Agent

Tamper-proof receipts so you can answer "who did what, under which authority, and when?" for every action.

Drop-in SDK. Authorization bound to execution, not secrets. Infrastructure-grade guarantees.

Developer-first

Built for developers who ship fast

Install via npm, start chains with simple API calls, and let agents act with scoped authority. Security handled, not hand-rolled.

Installable via npm/pip (coming soon)
Issue chains, validate signatures, wrap actions
Works with any agent framework
agent.ts
import { Amla } from "@amla/sdk";

const amla = new Amla({
  apiKey: process.env.AMLA_KEY
});

// 1) Start a secure chain for a decision
const chain = await amla.chains.begin({
  decision_id: "C_482193",
  max_amount: 100,
  ttl: "5m"
});

// 2) Trust Plane verifies chain,
//    then executes
const result = await amla.actions.execute({
  chain_id: chain.id,
  actor: "support_bot",
  intent: "refund",
  connector: "stripe.refund",
  amount: 75
});

// result.receipt → signed, auditable record

The enforcement plane for agent actions

A modern control layer for agentic workflows that touch money and high-stakes state.

1. AUTHORIZATION CHAINS

Hash-linked authority chains

Short-lived, cryptographically signed chains that encode who is allowed to act next, what they can do, and when it expires.

Authority is proven as a continuation of a specific transaction, not just possession of a bearer token.

2. ACTION GATEWAY

Verify before execute

A gateway that sits between agents and your real systems. Agents present chain + context + requested action.

Amla verifies signatures, constraints, and limits before letting anything through.

3. OBSERVABILITY

Verifiable records

You can't trust what you can't see. Amla turns every action into a verifiable record.

Per-action receipts, searchable event stream, and per-workflow summaries. From "black box agent" to Know Your Agent.

SDK + Trust Plane + Observability

Three components that work together.

Amla SDK

Install via npm or pip

Generate authorization chains
Wrap agent actions
Works with any agent framework

Amla Trust Plane

Hosted verification layer

Verify chain signatures
Enforce constraints & limits
Securely execute actions

Amla Observability

Audit trails & console

Signed receipts for every action
Per-workflow chain viewer
Reports for ops, risk, and compliance
THE NEW STANDARD

Built for the KYA era (Know Your Agent)

Enterprises already know KYC and KYB. The next decade adds KYA—Know Your Agent.

Agents need verifiable identities , not anonymous API keys.

Every action needs a provable link back to a principal, a policy, and a chain of approvals.

Regulators and risk teams will demand traceability , not just "the model did it".

Amla lets you assign each agent a cryptographic identity, enforce a constrained power envelope via authorization chains, and issue short-lived warrants with signed receipts for every action they take.

Aligned with: EU AI Act traceability Visa & Mastercard agent frameworks Financial services audit requirements

Use Cases

Wherever agents take high-stakes actions—payments, account changes, approvals—Amla provides the same safety layer.

Claims & Payouts

Let a claim copilot propose decisions and trigger payouts, while Amla enforces policy limits and logs every approval chain.

Refunds & Account Fixes

Let support agents (human or AI) issue scoped refunds, credits, and account fixes, without ever touching raw Stripe or CRM keys.

Finance & Ops Agents

Let back-office agents adjust limits, pay vendors, or fix ledger entries, with strict per-action limits and signed authorization trails.

See our insurance claims demo

Agents became powerful. Their permissions didn't.

API keys are too broad and too easy to leak.

IAM/RBAC enforces conditions centrally and can't cryptographically bind them across delegation hops.

Agent platforms are exploding but lack KYA-grade enforcement and audit.

Enterprises need signed authority + receipts for every agent action.

Amla provides the missing action-layer primitives.

Your agents are already acting.

Can you prove what they did?

We're working with early design partners to build the authorization layer for agentic systems. If you're deploying agents that take real actions, we'd like to talk.

Become a design partner Read our thesis