Verun Protocol — Stellar

LIVE on Stellar Testnet Deployed April 2026 · 4 API Endpoints · v0.1.0

Technical documentation for Verun Protocol — the AI Agent Trust ID for regulated European finance, designed to support MiFID II + EU AI Act audit obligations, built on Stellar by BCP Partners GmbH.

🔐 "KYC for humans. KYA for agents. Both auditable on-chain."
Verun issues consensus-based Trust Scores (0–1000) that gate access to the tokenforge Chain API. Every evaluation is anchored as a Memo Transaction on Stellar — immutable, auditable. Designed to generate machine-readable audit trails for MiFID II Art. 17 + EU AI Act Art. 14.

🏗️

Part 1: Architecture

Stellar Trust Layer, tokenforge Gate, Stellar Settlement. How the three layers connect.

⚡

Part 2: API Reference

All live endpoints with request / response examples. Base URL on Vercel.

⛓️

Part 3: On-Chain Anchor

How every verdict is written to Stellar and verified via Stellar Expert.

Overview

Verun is the trust infrastructure layer for AI agents operating in regulated European financial markets.

What is Verun?

As AI agents begin autonomously executing token transfers, minting securities, and placing investment orders, there is no existing standard for establishing who an agent is, whether it can be trusted, and whether it is permitted to act in a regulated context.

Verun solves this with the Verun Accredited Agent Score (0–1000): a consensus-based trust verdict issued by registered validators, anchored on Stellar for every evaluation, and enforced at the tokenforge Chain API gate.

🔮 Regulatory context: Verun is designed to generate the machine-readable audit trail relevant to MiFID II Art. 17 (algorithmic trading governance + records) and EU AI Act Art. 14 (high-risk-AI human oversight + logging) for agents acting in regulated financial workflows. Verun aggregates existing compliance signals into a single, auditable verdict; legal audit planned Q3 2026.

Key Facts

Property	Value
Trust Score Range	0 – 1000
Consensus Model	2-of-N validator votes required (ceil N/2)
Anchor Chain	Stellar Testnet — Memo Transaction per evaluation
Settlement Layer	Stellar — eWpG, ISIN, EURC
Regulated Gate	tokenforge Chain API — eWpG, BaFin, MiFID II
Fee Split	70% Protocol / 10% Validator / 10% Agent Kickback / 10% Reserve
Live URL	verun-stellar-mvp.vercel.app

3 Operating Modes

Mode	Description
Discovery	Agent scans validated platforms, finds tokenforge, sends structured recommendation to human
Supervised	Human receives recommendation, approves with one click — agent executes single action
Autonomous	After human approval: agent executes fully automatically, every action anchored on-chain

Architecture

Three complementary layers — Stellar for trust, tokenforge as the regulated gate, Stellar for settlement. No layer competes with another.

Layer Stack

🔷 Stellar — Agentic Trust Layer

🔗 tokenforge — Regulated Gate

⭐ Stellar — Asset Settlement

Flow

Agent
Claude · MCP

Caller

→

Verun
Score + Consensus

Trust Gate

→

Stellar
Note Tx Anchor

Audit Trail

→

tokenforge
Chain API Gate

Execution

→

⭐ Stellar
eWpG · EURC

Settlement

Fee Distribution

70% Protocol

10% Val.

10% Agent

10% Res.

70% Protocol — Infrastructure & Security

10% Validator — Trust Anchor Reward

10% Agent Kickback — Referral Incentive

10% Reserve — Emergency / Upgrade Fund

Trust Score Gates

Every tokenforge Chain API capability is gated behind a minimum Trust Score. Scores are computed by validator consensus and anchored on Stellar.

300+

Read Access

GET /balance · GET /tokens · GET /positions

READ

500+

Transfer & Mint

POST /transfer · POST /mint — tokenized securities via tokenforge

MINT / TRANSFER

600+

Order Management

POST /order · PATCH /order — Full tokenforge Order Engine

ORDER

800+

LOW Risk Tier + Full Kickback

10% agent kickback active · highest trust tier · autonomous mode eligible

TIER: LOW

Score Tiers

Tier	Score	Permitted Operations	Kickback
LOW	800 – 1000	All operations	10%
MED	600 – 799	read, transfer, mint, order	5%
HIGH	300 – 599	read, transfer, mint	0%
BLOCK	0 – 299	None — access denied	0%

MiFID II + EU AI Act Alignment

Verun is designed to generate the machine-readable audit trail required by MiFID II Art. 17 (algorithmic trading governance) and the EU AI Act Art. 14 (high-risk-AI human oversight + logging) for agents acting in regulated European financial workflows.

⚖️ Scope: This is a B2B trust layer for institutional agentic finance. The features below are designed to support the audit obligations financial institutions already carry under MiFID II + the EU AI Act. They are not a legal compliance statement and have not yet been audited.

Mapping per Article

Article	Requirement	Verun Feature
MiFID II Art. 17	Algorithmic trading governance + complete records	Every agent evaluation anchored on Stellar via Memo transaction. Score, consensus, operation, timestamp — immutable, queryable.
EU AI Act Art. 14	Human oversight of high-risk AI systems	Human-in-the-loop approval required above defined operation tiers. Approval hash co-signed via Stellar native multi-sig.
EU AI Act Art. 12	Automatic logging of high-risk AI activity	Every verdict, every approval, every revocation written to Stellar — replayable audit log.
MiFID II Art. 17(2)	Kill-switch / system controls	SBT revocation flow — credential burnable by issuer or supervisor, instantly invalidating the agent's permissioned access.

🔮 tokenforge alignment: tokenforge (TokenSuite) is eWpG-compliant, BaFin-relevant, and MiFID II-ready. The Verun × tokenforge integration extends this compliance stack to the agentic layer — subject to legal review.

📋 Legal audit status: Legal audit planned for Q3 2026 as part of the Stellar Foundation grant milestones. Until then, all features on this page represent design intent, not verified compliance.

Validator Model

Validators are the institutional backbone of Verun. They provide the consensus votes required for every agent evaluation.

Active Validators (Testnet)

BCP Partners GmbH

Founding Validator. Score-based consensus node operated by BCP Partners. Enforces Verun score tiers and operation gates. EU-based. Contact: bcpp.io

Founding · Active

tokenforge

Founding Validator. eWpG-compliant German Security Token platform (TokenSuite). Chain API gate enforces Score 300+ read, 500+ transfer/mint, 600+ order. BaFin-relevant, MiFID II-ready.

Founding · Active

Test Validator

Raw score-based validator. Used as 3rd slot for 2-of-3 consensus in testnet. Not for production — development and testing only.

Test · Testnet Only

Open Slot

Third production validator slot open for licensed financial institutions — banks, family offices, regulated custodians. Must pass KYV (Know Your Validator) review and stake on-chain bond.

Open · Apply

Consensus Rules

A verdict requires ceil(N/2) matching votes from selected validators. With 3 validators: 2-of-3 required. UNAVAILABLE votes are excluded from the tally. If consensus cannot be reached, the evaluation returns BLOCK.

Validator Economics

Validators earn 10% of all evaluation fees automatically via the fee distribution contract. No manual claim required. Fee share scales with validation volume.

API Reference

Base URL: https://verun-stellar-mvp.vercel.app

✅ All endpoints are live on Stellar Testnet. No API key required for testnet access.

GET /api/health

Service status and network confirmation.

Response 200

{
  "ok": true,
  "service": "verun-stellar-mvp",
  "network": "stellar-testnet"
}

GET /api/validators

List all registered validators with metadata.

Response 200

{
  "validators": [
    {
      "id": "val-bcp-01",
      "name": "BCP Partners",
      "type": "internal",
      "status": "active",
      "policy": "score_based"
    },
    {
      "id": "val-tokenforge-02",
      "name": "tokenforge",
      "type": "external",
      "status": "active",
      "policy": "chain_api_based",
      "api": {
        "type": "rest",
        "network": "testnet",
        "docs": "https://docs.tokenforge.io"
      }
    },
    {
      "id": "val-test-03",
      "name": "Test Validator",
      "type": "internal",
      "status": "test",
      "policy": "score_based"
    }
  ]
}

POST /api/evaluate

Evaluate an agent. Returns 2-of-N validator consensus verdict + Stellar on-chain anchor.

Request body

{
  "agentId": "agt_demo",
  "score": 820,
  "operation": "transfer",
  "validatorIds": ["val-bcp-01", "val-tokenforge-02", "val-test-03"]
}

Response 200

{
  "success": true,
  "verdict": {
    "agentId": "agt_demo",
    "score": 820,
    "operation": "transfer",
    "validators_used": [
      { "id": "val-bcp-01", "name": "BCP Partners" },
      { "id": "val-tokenforge-02", "name": "tokenforge" },
      { "id": "val-test-03", "name": "Test Validator" }
    ],
    "votes": [
      { "validatorId": "val-bcp-01", "vote": "LOW", "reason": "score_800+", "source": "val-bcp-01" },
      { "validatorId": "val-tokenforge-02", "vote": "LOW", "reason": "chain_api_gate_passed_transfer:820>=500", "gate": { "permitted": true } },
      { "validatorId": "val-test-03", "vote": "LOW", "reason": "score_800+", "source": "val-test-03" }
    ],
    "tally": { "LOW": 3 },
    "consensus": "LOW",
    "permitted": true,
    "kickback_rate": 10,
    "ts": "2026-04-20T09:33:09.734Z"
  },
  "anchor": {
    "txid": "KBGSXMRXSM6P75RB6XHYT3RY6JNK7IGY6KIXWGXTVLRUEXPE6BZA",
    "ledger": "62604931",
    "explorer": "https://stellar.expert/explorer/testnet/tx/KBGSXMRXSM6P75RB6XHYT3RY6JNK7IGY6KIXWGXTVLRUEXPE6BZA"
  }
}

curl example

curl -X POST https://verun-stellar-mvp.vercel.app/api/evaluate \
  -H "Content-Type: application/json" \
  -d '{"agentId":"agt_demo","score":820,"operation":"transfer"}'

POST /api/score

Lightweight evaluation — verdict only, no Stellar anchor written. Use for quick checks where on-chain anchoring is not required.

Request body

{
  "agentId": "agt_demo",
  "score": 820,
  "operation": "transfer"
}

POST /api/mint-sbt

Issues a Soulbound Token credential to an agent, after running consensus. If consensus = BLOCK the request returns HTTP 403 and no SBT is minted. Full design + verification details on the Soulbound Token page.

POST /api/revoke-sbt

Kill-switch: clears the agent's vtrust_* manageData entry on the protocol account in a single Stellar transaction. Audit trail (the revoke TX) remains in horizon history. Used to satisfy MiFID II Art. 17 + EU AI Act Art. 14.

GET /api/sbt-status?agentId=…

Returns the current credential for an agent, or credentialed: false if not issued / revoked. Reads directly from the protocol account's on-chain data — no caching, no Verun-side state.

GET /api/sbt-list

Returns every active SBT issued by this protocol account. Useful for a public registry view — e.g. "all currently credentialed agents."

Stellar On-Chain Anchor

Every POST /api/evaluate writes the verdict payload as a Memo Transaction on Stellar Testnet — creating an immutable, timestamped audit trail.

How It Works

After validator consensus is reached, the Verun protocol wallet sends a self-payment of 1 stroop (0.0000001 XLM) with sha256(verdict) in the memo field (32-byte hash). The transaction is confirmed in ~5 seconds on Stellar.

✅ Non-blocking design: If the anchor fails (e.g. wallet unfunded), the verdict is still returned. The anchor failure is reported as anchor.status: "anchor_failed" — the evaluation result is never withheld.

Anchor Payload (note field)

Note field JSON (on-chain)

{
  "agentId": "agt_demo",
  "score": 820,
  "operation": "transfer",
  "consensus": "LOW",
  "permitted": true,
  "validators": ["val-bcp-01", "val-tokenforge-02", "val-test-03"],
  "ts": "2026-04-20T09:33:09.734Z"
}

Verify On-Chain

Every anchor can be verified publicly on Stellar Expert:

Explorer URL pattern

https://stellar.expert/explorer/testnet/tx/{txid}

# Example live anchor:
https://stellar.expert/explorer/testnet/tx/KBGSXMRXSM6P75RB6XHYT3RY6JNK7IGY6KIXWGXTVLRUEXPE6BZA

Protocol Wallet

Property	Value
Network	Stellar Testnet
Node	Stellar Horizon (horizon-testnet.stellar.org)
Cost per anchor	~100 stroops (~0.00001 XLM, base fee + 1-stroop op)
Confirmation time	~3.9 seconds

Soulbound Token (SBT)

LIVE on Stellar Testnet mint · revoke · status · list — all four endpoints in production

Verun issues a non-transferable trust credential — the VTRUST SBT — to every agent that passes consensus. The credential is stored as a manageData entry on the protocol account, fully on-chain, publicly verifiable, and revocable in a single transaction.

🪪 Think of it as a digital passport for AI agents. The protocol issues it, the protocol revokes it, anyone can verify it via Horizon — no auth, no API call to Verun required.

Verun Soulbound Token — Protocol-Custodial Architecture (full)

Full architecture · Agent → Verun (3-step internal flow) → Consumer · Kill-switch · Money flow note

Wallet Architecture (Protocol-Custodial)

Verun's Stellar deployment uses a protocol-custodial model — a single responsible party is the issuer, agents do not hold private keys. This matches the Algorand MVP and aligns with EU AI Act Art. 14 (human oversight) + MiFID II Art. 17 (kill-switch).

Party	Wallet?	Holds
Verun (protocol)	YES — 1 wallet	SBT registry (manageData), audit trail, anchor TXs
Agent	NO	Identified by `agentId` string only — no keys, no funds, no Stellar address
tokenforge / consumer	Their own	Verifies SBT via public Horizon query before granting access

🔐 Why no agent wallet? Three reasons: (1) AI agents don't have a mature key-management story yet — losing a key = losing the credential. (2) EU regulators want a single responsible party they can sanction or audit, not 1000 self-sovereign agents. (3) The kill-switch needs to be unilateral — the issuer must be able to revoke without the agent's cooperation.

How the credential lives on-chain

The SBT is not a Stellar asset in the traditional sense — it's a manageData entry on the protocol account. That means there is no asset balance, no trustline, no agent-side signature required. The "token" is a key-value pair stored permanently on the issuer's account.

Field	Format	Example
key	`vtrust_<agentId>` (max 64 bytes)	`vtrust_agt_fahad_001`
value	`<tier>:<score>:<isoTs>` (max 64 bytes)	`MED:720:2026-04-30T14:40:53Z`
issuer	Stellar address (G…)	`GD2CGW…BYFTHW` (protocol)
tamper-proof	sha256(credential) in tx memo	32-byte hash committed alongside the manageData op

Mint flow

POST /api/mint-sbt

// Request
{ "agentId": "agt_fahad_001", "score": 720, "operation": "transfer" }

// Response
{
  "success": true,
  "verdict_consensus": "MED",
  "agentId": "agt_fahad_001",
  "tier": "MED",
  "score": 720,
  "ts": "2026-04-30T14:40:53.913Z",
  "key": "vtrust_agt_fahad_001",
  "txid": "a6013d9d21ba6ab476b66410b87a8a5e3694866064d0af5e7131436df7871f5c",
  "ledger": "2310151",
  "credential_hash": "4f3aaa283c7cf13ff7427fd9560b49314baaf40bf790efb78cc4e3e00a45ea6d",
  "issuer": "GD2CGWE3LVWN6DQCNVMFWPGNP42FXQ66MLRXFUHSTCR3OUVHFJBYFTHW",
  "explorer": "https://stellar.expert/explorer/testnet/tx/a6013d9d...",
  "verify_url": "https://horizon-testnet.stellar.org/accounts/GD2CGW.../data/vtrust_agt_fahad_001"
}

The endpoint runs validator consensus first. If consensus = BLOCK, no SBT is issued — the operation gate is enforced before mint. One transaction includes both the manageData op and the anchor self-payment.

Revoke flow (kill-switch)

POST /api/revoke-sbt

// Request
{ "agentId": "agt_fahad_001", "reason": "policy_violation" }

// Response
{
  "success": true,
  "revoked": true,
  "agentId": "agt_fahad_001",
  "key": "vtrust_agt_fahad_001",
  "reason": "policy_violation",
  "txid": "...",
  "ledger": "...",
  "revoke_hash": "...",
  "explorer": "https://stellar.expert/explorer/testnet/tx/..."
}

Revocation = manageData with value = null. The entry is removed from the issuer's account state in a single transaction (~5 seconds). The revoke transaction itself remains in horizon history forever — the audit trail is not erased.

Public verification (zero-auth)

Anyone — tokenforge, an auditor, a regulator — can verify the credential directly against Stellar Horizon. No Verun API call required.

GET horizon/accounts/{issuer}/data/{key}

curl https://horizon-testnet.stellar.org/accounts/GD2CGWE3.../data/vtrust_agt_fahad_001

# Active credential:
{ "value": "TUVEOjcyMDoyMDI2LTA0LTMwVDE0OjQwOjUzLjkxM1o=" }
# (base64 decode → "MED:720:2026-04-30T14:40:53.913Z")

# Revoked credential:
HTTP 404 Not Found

Endpoint summary

Method	Path	Purpose
POST	/api/mint-sbt	Issue credential after consensus check
POST	/api/revoke-sbt	Kill-switch: clear credential entry
GET	/api/sbt-status?agentId=…	Check credential for one agent
GET	/api/sbt-list	List all credentialed agents

End-to-end demo (one command)

scripts/sbt-demo.sh

git clone https://github.com/Fahad00674/verun-stellar-mvp
cd verun-stellar-mvp && chmod +x scripts/sbt-demo.sh
./scripts/sbt-demo.sh agt_fahad_001 720

Runs the full lifecycle: status check → mint → public verification → revoke (kill-switch) → re-verification. Two real testnet transactions, ~25 seconds total.

Compliance mapping

Regulation	Article	Verun mechanism
MiFID II	Art. 17	2-of-3 validator consensus + on-chain audit trail · single-TX kill-switch via revoke endpoint (~5s)
EU AI Act	Art. 14	Validators are human/institutional — every action gated by their consensus (human oversight)
EU AI Act	Art. 12	Automatic logging — every verdict + approval anchored on Stellar

Mainnet Roadmap

From Stellar Testnet MVP to production infrastructure with legal-audited MiFID II + EU AI Act alignment.

✓

April 2026 — LIVE

Stellar Testnet MVP + Soulbound Tokens

10 API endpoints live. BCP Partners + tokenforge + Test validators. 2-of-3 consensus. On-chain anchor via Memo Transactions. SBT mint + revoke + status + list all working via protocol-custodial manageData design. Friendbot auto-funding. Non-blocking design.

/evaluate /mint-sbt /revoke-sbt /sbt-status /sbt-list Stellar anchor kill-switch

Q2 2026

tokenforge Production Integration

tokenforge Chain API production access (real api.tokensuite.io calls instead of testnet logic gate). Rate limiting + Bearer token auth on all endpoints. SBT-gated platform access live.

tokenforge prod API auth SBT-gated access

Q3 2026

Stellar Mainnet + Legal Audit

Migration from testnet to mainnet. Third production validator onboarded. Full MiFID II + EU AI Act legal audit + compliance documentation. Stellar Foundation grant milestone delivery.

Mainnet MiFID II + AI Act audit 3rd validator Grant M3

Q4 2026+

Open Validator Network

Validator onboarding open to licensed EU financial institutions. KYV (Know Your Validator) process. Fee distribution fully automated. Stellar EURC settlement live.

Open validators Stellar EURC KYV process

For Agents

Everything an AI agent needs to connect to Verun Network and get a trust verdict on Stellar — in under 60 seconds.

🤖 Any agent works. Claude, GPT, Gemini, open-source — if it can make an HTTP POST, it can use Verun.

Step 1 — Add the System Prompt

Paste this into your agent's system instructions. It tells the agent when and how to call Verun before executing any financial operation.

verun · agent system prompt

You are an AI agent operating within the Verun Network trust framework on Stellar.

Before executing any financial operation, request a Verun trust evaluation.

== HOW TO EVALUATE ==
POST https://verun-stellar-mvp.vercel.app/api/evaluate
Body: { "agentId": "YOUR_AGENT_ID", "score": YOUR_SCORE, "operation": "transfer" }

== OPERATION GATES ==
read        → score 300+
transfer    → score 500+
order       → score 600+

== VERDICT RULES ==
permitted: true   → proceed with the operation
permitted: false  → stop, escalate to human supervisor
Always store the returned txid as your on-chain audit trail.

== HUMAN ESCALATION ==
If verdict is denied or pending, notify the human supervisor.
Never execute financial operations without a valid Verun verdict.

Network: Stellar Testnet
Validators: tokenforge · BCP Partners
Docs: https://verun-stellar-mvp.vercel.app/docs.html

Step 2 — Make the API Call

Your agent calls /api/evaluate before any operation. Replace YOUR_AGENT_ID with your agent's identifier.

curl -X POST https://verun-stellar-mvp.vercel.app/api/evaluate \
  -H "Content-Type: application/json" \
  -d '{"agentId":"agt_my_agent","score":820,"operation":"transfer"}'

Step 3 — Read the Verdict

Verun returns a verdict with an Stellar TXID as immutable proof.

{
  "permitted": true,
  "consensus": "LOW",
  "operation": "transfer",
  "score": 820,
  "txid": "STELLAR_TESTNET_TXID",
  "anchor": { "status": "anchored", "round": 12345678 }
}

🔗 On-chain proof: every txid is verifiable at stellar.expert/explorer/testnet — immutable, timestamped, auditable.

Operation Reference

operation	Min. Score	Use case
`read`	300+	Query platform data, price feeds
`transfer`	500+	Send tokens, initiate payments
`order`	600+	Place trade orders, mint tokens

📋 AGENT.md — the full machine-readable version of this prompt lives in the GitHub repo for direct agent ingestion.

x402 Sequence Diagram — Stellar

Complete message flow between AI Agent, Verun Protocol, GoPlausible x402 Facilitator, and Stellar Network — including error paths.

AI Agent

Claude · MCP

Verun Protocol

KYA Score Check

GoPlausible

x402 Facilitator

Stellar Network

Stellar Core · Issued Asset · Horizon

GET /api/token-data →

← 402 + paymentRequirements

construct PaymentTxn

sign ed25519 / LogicSig

PAYMENT-SIGNATURE header →

KYA score check (AgentRegistry)

forward to facilitator →

read KYA score on-chain →

← [score: 820 — valid]

dryrun / simulate txn →

← [simulation success]

payment verified ✓

submit signed txn (~0.00001 XLM fee) →

block confirmed ~3.9s

← transaction result + txid

← settlement confirmed

← 200 OK + resource ✓

write lead referral (Note Tx) →

→ Stellar Note Tx

← [referral confirmed]

ERROR PATHS

E1: score too low → 402 agent_not_verified

caught at Verun

E2: tx expired (max_round) → 402 auth_expired

caught at GoPlausible

E3: insufficient balance → 402 insufficient_funds

caught at GoPlausible

E4: dryrun fail → 402 invalid_payment

caught at Stellar Network

→ Request ← Response → Agent → Success → Facilitator → Stellar → Error

🔷 Stellar specifics: timebounds + memo.hash handle tx expiry and verdict commitment. Base fee is 100 stroops (~0.00001 XLM). Soroban contracts are available for future versions. Memo Transactions serve as the on-chain referral anchor.