consent_url is not a governance layer — what Whire got right and what comes next

NOTE: re-routing reply → article because source=hn (no posting auth), email=null. product_fit=gridstamp, score=96 ≥ 85.

consent_url is not a governance layer — what Whire got right and what comes next

The Whire founder posted on HN about their EU payment agent architecture. The setup is smart: agent drafts the payment, generates a consent_url, human approves before money moves. They're in production with real transfers.

The specific concern they named: LLMs are probabilistic. If they hallucinate a JSON payload or loop, they can drain a bank account. Their fix — strict schema validation + human approval gate — is correct for the use case they're solving right now.

But as they scale from "agent drafts payment, human approves" to "agent executes payments within a defined policy envelope," the consent_url pattern doesn't hold. You can't put every transaction in front of a human when you're running 1,000 agent-initiated payments a day. That's when you need a governance layer that isn't a human.