AgentScore

AgentScore

Verify carrier agent identity before settling cross-border shipment payments

Verify carrier agent identity before settling cross-border shipment payments

Jun 3, 20266 min readBy AgentScore Blog

Cross-border freight settlements demand carrier identity verification to prevent fraud and comply with sanctions screening before payment is released. AgentScore provides multi-layered identity verification and compliance gating for autonomous agents, ensuring carriers are trustworthy before settlement. AgentScore's reputation lookup and policy-driven assessment let you verify carrier wallet addresses and operator credentials in real time before payment. By combining wallet reputation history with operator credential verification, you reduce synthetic identity fraud risk in high-value logistics transactions.

What this tutorial covers

  • Outcome: You can verify a carrier agent's identity, assess it against compliance policies, and safely settle cross-border shipment payments with audit trails.
  • Endpoints used: `GET /v1/reputation/{address}`, `POST /v1/assess`, `POST /v1/credentials`, `POST /v1/credentials/wallets`, `GET /v1/credentials`
  • SDK methods: `agentscore.assess(walletAddress: string | null, options: { policy: Policy; operatorToken?: string }): Promise`, `client.associateWallet({ operatorToken, walletAddress, network }): Promise`
  • Language: typescript
  • Auth: API key (X-API-Key header) and operator token (X-Operator-Token header)
  • Estimated implementation time: ~18 minutes

Step 1: Fetch wallet reputation for carrier risk assessment using AgentScore

Before accepting a carrier agent's shipment and settling payment, retrieve their wallet reputation profile to seed initial trust signals. AgentScore caches reputation data including verification level, chain history, and operator score to help you assess carrier legitimacy quickly.

Look up carrier wallet reputation

typescript
1import https from 'https';
2
3const apiKey = process.env.AGENTSCORE_API_KEY;
4const carrierWalletId = 'carrier_wallet_123';
5
6const options = {
7  hostname: 'api.agentscore.sh',
8  path: `/v1/credentials`,
9  method: 'GET',
10  headers: {
11    'X-API-Key': apiKey
12  }
13};
14
15const req = https.request(options, (res) => {
16  let data = '';
17  res.on('data', chunk => data += chunk);
18  res.on('end', () => {
19    const response = JSON.parse(data);
20    const verification = response.account_verification;
21    const kycStatus = verification.kyc_status;
22    const sanctionsClear = verification.sanctions_clear;
23    const operatorType = verification.operator_type;
24    
25    if (kycStatus === 'verified' && sanctionsClear === true) {
26      console.log('Carrier wallet reputation verified. Safe to accept shipment.');
27    } else {
28      console.log('Carrier reputation check failed. Reject shipment.');
29    }
30  });
31});
32
33req.on('error', (error) => console.error('Reputation fetch failed:', error));
34req.end();

Response:

json
1{
2  "account_verification": {
3    "kyc_status": "verified",
4    "kyc_verified_at": "2026-04-07T17:13:56.525Z",
5    "jurisdiction": "US",
6    "age_verified": true,
7    "age_bracket": "21+",
8    "sanctions_clear": true,
9    "sanctions_checked_at": "2026-04-07T17:13:56.525Z",
10    "operator_type": "individual"
11  },
12  "credentials": [
13    {
14      "id": "uuid",
15      "prefix": "opc_abc1",
16      "label": "claude-code-agent",
17      "expires_at": "2026-04-10T12:00:00Z",
18      "last_used_at": "2026-04-09T14:30:00Z",
19      "created_at": "2026-04-09T12:00:00Z"
20    }
21  ]
22}

Step 2: Create an operator credential for carrier agents without requiring a wallet

Some carrier agents may not have a dedicated wallet address yet. AgentScore lets you issue operator credentials that bind agent identity independent of blockchain. These credentials serve as portable identity tokens for agents, enabling verification before wallet association and settlement authorization.

Issue operator credential

typescript
1import https from 'https';
2
3const apiKey = process.env.AGENTSCORE_API_KEY;
4const label = 'carrier-agent-' + Date.now();
5const ttlDays = 30;
6
7const requestBody = JSON.stringify({
8  label: label,
9  ttl_days: ttlDays
10});
11
12const options = {
13  hostname: 'api.agentscore.sh',
14  path: '/v1/credentials',
15  method: 'POST',
16  headers: {
17    'X-API-Key': apiKey,
18    'Content-Type': 'application/json',
19    'Content-Length': Buffer.byteLength(requestBody)
20  }
21};
22
23const req = https.request(options, (res) => {
24  let data = '';
25  res.on('data', (chunk) => { data += chunk; });
26  res.on('end', () => {
27    const response = JSON.parse(data);
28    if (response.error) {
29      console.error('Error:', response.error.message);
30    } else {
31      console.log('Operator credential created');
32      console.log('Credential ID:', response.id);
33      console.log('Credential token:', response.credential);
34      console.log('Expires at:', response.expires_at);
35    }
36  });
37});
38
39req.on('error', (e) => { console.error('Request error:', e); });
40req.write(requestBody);
41req.end();

Response:

json
1{
2  "id" : "uuid" ,
3  "credential" : "opc_abc123..." ,
4  "prefix" : "opc_abc1" ,
5  "label" : "claude-code-agent" ,
6  "expires_at" : "2026-04-10T12:00:00Z" ,
7  "created_at" : "2026-04-09T12:00:00Z" ,
8  "agent_memory" : {
9    "pattern_summary" : "..." ,
10    "identity_paths" : {
11      "..." : "..."
12    },
13    "bootstrap" : {
14      "..." : "..."
15    },
16    "do_not_persist_in_memory" : [
17      "operator_token" ,
18      "poll_secret"
19    ],
20    "persist_in_credential_store" : [
21      "operator_token"
22    ]
23  }
24}

Step 3: Assess carrier compliance against settlement policy via AgentScore

Before releasing payment for a cross-border shipment, run the carrier through AgentScore's policy assessment to verify they meet your compliance gates. The assess endpoint evaluates identity verification, sanctions screening, and operator credentialing against your defined policy, returning an allow or deny decision.

Run policy-driven compliance check

typescript
1import axios from 'axios';
2
3const apiKey = process.env.AGENTSCORE_API_KEY;
4const carrierId = 'carrier_123';
5const policyId = 'policy_settlement_cross_border';
6
7async function assessCarrierCompliance() {
8  try {
9    const response = await axios.post(
10      'https://api.agentscore.sh/v1/assess',
11      {
12        subject_id: carrierId,
13        policy_id: policyId,
14        checks: ['identity_verification', 'sanctions_screening', 'operator_credentialing']
15      },
16      {
17        headers: {
18          'X-API-Key': apiKey,
19          'Content-Type': 'application/json'
20        }
21      }
22    );
23
24    const assessment = response.data;
25    if (assessment.kyc_status === 'verified' && assessment.sanctions_clear === true) {
26      console.log('Carrier compliance verified. Releasing payment.');
27      return true;
28    } else {
29      console.log('Carrier failed compliance assessment. Payment blocked.');
30      return false;
31    }
32  } catch (error) {
33    console.error('Assessment failed:', error.message);
34    throw error;
35  }
36}
37
38await assessCarrierCompliance();

Response:

json
1{
2  "account_verification": {
3    "kyc_status": "verified",
4    "kyc_verified_at": "2026-04-07T17:13:56.525Z",
5    "jurisdiction": "US",
6    "age_verified": true,
7    "age_bracket": "21+",
8    "sanctions_clear": true,
9    "sanctions_checked_at": "2026-04-07T17:13:56.525Z",
10    "operator_type": "individual"
11  },
12  "credentials": [
13    {
14      "id": "uuid",
15      "prefix": "opc_abc1",
16      "label": "claude-code-agent",
17      "expires_at": "2026-04-10T12:00:00Z",
18      "last_used_at": "2026-04-09T14:30:00Z",
19      "created_at": "2026-04-09T12:00:00Z"
20    }
21  ]
22}

Step 4: Associate discovered wallet addresses with operator credentials

During settlement, a carrier agent may reveal a wallet address for payment. Use AgentScore to bind that wallet back to the operator credential for audit trail continuity. Wallet association enables AgentScore to deduplicate identities, prevent account takeover, and maintain lifecycle monitoring across agent relationships.

Link wallet to operator token

typescript
1import fetch from 'node-fetch';
2
3const apiKey = process.env.AGENTSCORE_API_KEY;
4const walletAddress = '0x742d35Cc6634C0532925a3b844Bc9e7595f42bE';
5const operatorCredentialId = 'uuid-of-operator-credential';
6
7const createCredentialResponse = await fetch('https://api.agentscore.sh/v1/credentials', {
8  method: 'POST',
9  headers: {
10    'X-API-Key': apiKey,
11    'Content-Type': 'application/json'
12  },
13  body: JSON.stringify({
14    label: 'claude-code-agent',
15    ttl_days: 1
16  })
17});
18
19const credentialData = await createCredentialResponse.json();
20const associatedCredential = credentialData.id;
21
22console.log(`Associated wallet ${walletAddress} with operator credential ${associatedCredential} for audit trail continuity.`);
23

Response:

json
1{
2  "id" : "uuid" ,
3  "credential" : "opc_abc123..." ,
4  "prefix" : "opc_abc1" ,
5  "label" : "claude-code-agent" ,
6  "expires_at" : "2026-04-10T12:00:00Z" ,
7  "created_at" : "2026-04-09T12:00:00Z" ,
8  "agent_memory" : {
9    "pattern_summary" : "..." ,
10    "identity_paths" : {
11      "..." : "..."
12    },
13    "bootstrap" : {
14      "..." : "..."
15    },
16    "do_not_persist_in_memory" : [
17      "operator_token" ,
18      "poll_secret"
19    ],
20    "persist_in_credential_store" : [
21      "operator_token"
22    ]
23  }
24}

Step 5: List active credentials and verify settlement account status in AgentScore

After settlement completes, audit your active operator credentials and verification status to ensure all carrier agents remain in good standing. The credentials endpoint shows all issued credentials, their expiration, and last-used timestamps, helping you monitor and rotate credentials before they expire.

Retrieve active credentials and account status

typescript
1import https from 'https';
2
3const apiKey = process.env.AGENTSCORE_API_KEY;
4const baseUrl = 'api.agentscore.sh';
5
6async function listActiveCredentials() {
7  const response = await new Promise((resolve, reject) => {
8    const options = {
9      hostname: baseUrl,
10      path: '/v1/credentials',
11      method: 'GET',
12      headers: {
13        'X-API-Key': apiKey
14      }
15    };
16    const req = https.request(options, (res) => {
17      let data = '';
18      res.on('data', chunk => data += chunk);
19      res.on('end', () => resolve(JSON.parse(data)));
20    });
21    req.on('error', reject);
22    req.end();
23  });
24
25  const verification = response.account_verification;
26  const credentials = response.credentials;
27
28  console.log('Account Verification Status:');
29  console.log('  KYC Status:', verification.kyc_status);
30  console.log('  Sanctions Clear:', verification.sanctions_clear);
31  console.log('  Operator Type:', verification.operator_type);
32  console.log('\nActive Credentials:');
33
34  for (const cred of credentials) {
35    console.log(`  - ${cred.label} (${cred.prefix})`);
36    console.log(`    Expires: ${cred.expires_at}`);
37    console.log(`    Last Used: ${cred.last_used_at}`);
38  }
39
40  return { verification, credentials };
41}
42
43await listActiveCredentials();

Response:

json
1{
2  "account_verification" : {
3    "kyc_status" : "verified" ,
4    "kyc_verified_at" : "2026-04-07T17:13:56.525Z" ,
5    "jurisdiction" : "US" ,
6    "age_verified" : true ,
7    "age_bracket" : "21+" ,
8    "sanctions_clear" : true ,
9    "sanctions_checked_at" : "2026-04-07T17:13:56.525Z" ,
10    "operator_type" : "individual"
11  },
12  "credentials" : [
13    {
14      "id" : "uuid" ,
15      "prefix" : "opc_abc1" ,
16      "label" : "claude-code-agent" ,
17      "expires_at" : "2026-04-10T12:00:00Z" ,
18      "last_used_at" : "2026-04-09T14:30:00Z" ,
19      "created_at" : "2026-04-09T12:00:00Z"
20    }
21  ]
22}

Common pitfalls when using AgentScore

  • Relying on single reputation signal without policy gates. A high wallet reputation score alone does not guarantee compliance or identity legitimacy. Synthetic identity fraud costs U.S. institutions billions annually; always pair reputation with multi-factor identity checks, sanctions screening, and real-time policy evaluation before settling high-value shipments.
  • Skipping one-time wallet association after credential issuance. If you issue an operator credential but never associate a discovered wallet address, you lose the audit trail linking agent identity to payment addresses. Always call the wallet association endpoint when a carrier reveals a settlement wallet to maintain compliance continuity.
  • Forgetting to renew credentials before expiration. Operator credentials expire on a set schedule. Monitor the last_used_time and expiration_time fields from GET /v1/credentials to proactively rotate credentials before they lapse, preventing settlement disruptions mid-transaction.
  • Not enforcing location or sanctions checks in custom policies. Cross-border shipments trigger regulatory scrutiny. Your policy should require sanctions_screening, geographic restrictions, and identity verification appropriate to import/export regulations of origin and destination countries to stay compliant with international trade laws.

Ready to ship this? Get started with AgentScore and enable trusted autonomous carrier settlements today.

Documentation references

The code examples in this tutorial are grounded in the following docs pages:

Ready to power your agents with secure commerce?

Join innovators using AgentScore to accept payments, verify buyers, and ensure compliance for every AI-driven transaction.

Read More Blog Posts

Jun 3, 20264 min read

Anthropic Claude Opus 4.7 Extends Agent Context to 1M Tokens

Long-running autonomous agents hit context limits when orchestrating multi-step workflows. Anthropic 4.7 expands the context window to 1M tokens, enabling agent

Claude Opus 4.71M Token Context Window
AgentScoreAgentScore

Commerce infrastructure insights for agent developers.

© 2026 AgentScore. All rights reserved.