ORDiN Authority Layer

Execution-Time
Authority
at the point of
Consequence.

ORDiN inserts a runtime authority check before sensitive actions commit. It returns PERMITTED, DENIED, or STEP-UP REQUIRED, emits an AuthorityReceipt, and leaves enforcement local to the customer.

Execution only happens after judgment.

<100ms
Decision latency
$0.002+
Per decision
5tiers
By complexity
Signed receipts 99.99% SLA SOC 2 Type II Deterministic
ordin · AuthorityReceipt
POST /v1/authorize

What ORDiN is not.

Identity proves the actor. Access opens the door. Wallet policy signs the transaction. ORDiN checks whether the action should happen now.

Deterministic Decision Engine
Verifies cryptographic proofs, evaluates auditable rules, returns PERMITTED / DENIED / STEP-UP REQUIRED. Every decision is deterministic and explainable.
Deterministic · Auditable · Explainable
AuthorityReceipt
Every decision produces a signed, time-bound receipt. Partners can audit exactly what was decided, when, and why.
Signed · Time-bound · Receipted
Tiered Policy Complexity
From atomic credential checks ($0.002) to multi-factor regulated enforcement ($0.08+). Pricing scales with decision weight, not volume alone.
5 Tiers · Complexity-based pricing
Step-Up Orchestration
When a decision needs more — sanctions refresh, re-verification, human approval — ORDiN triggers external workflows and charges accordingly.
External workflows · Pass-through pricing
Credential Reuse
Verified credentials are checked, not re-issued. Stateless verification means costs scale efficiently and margins expand with volume.
Stateless · Efficient · High-margin
Scales With Your Platform
You pay only when ORDiN enforces. Costs scale with platform activity — transactions, agent actions, permission checks — not with onboarding or seat counts.
Pay-per-decision · Activity-driven · Predictable

Five steps, one pre-commit boundary.

Integrate at your execution points. Get standardized decisions. Enforce locally before commit.

01

Receive

Receive actor, action, context, policy, and evidence at the point where a sensitive action is about to commit.

npm install @ordin/protocol
02

Check

Your system calls ordin.authorize() with the action, amount, context, policy, and evidence. No unnecessary identity data leaves your environment.

const decision = await ordin.authorize({
  action: 'transfer.execute',
  amount: 4200
})
03

Decide

ORDiN runs the runtime authority check and returns PERMITTED, DENIED, or STEP-UP REQUIRED.

Decision is external. Enforcement stays in your environment.

AuthorityReceipt
PERMITTED ttl: 300s sig: 0x3f...
04

Receipt

ORDiN emits an AuthorityReceipt tied to the action, decision, policy context, and time window.

05

Enforce

Your system enforces locally before commit. ORDiN gives judgment; the customer keeps execution control.

High-consequence actions ORDiN governs first.

ORDiN starts in hybrid financial infrastructure: treasury movements, settlement steps, cross-system transfers, and other irreversible value-moving actions. Old approval should not move new money.

Treasury movement Tier 02 · standard
Check authority before funds move.
01subjectagt_0x8f3a…c291
02actiontransfer.execute · $4,200
03policyceiling $5k/24h · within bounds
04proofagent_legitimate · binding_ok
05resultPERMITTED · TTL 300s
PERMITTED

AuthorityReceipt returned. Your system executes the transfer locally. ORDiN gives judgment but never holds funds.

Settlement step Tier 02 · standard
Resolve conditions before irreversible commit.
01subjectagt_0xa2e7…40bb
02actionwithdraw.execute · $48,200
03policyceiling $5k/24h · EXCEEDED
04reasonover_ceiling · daily_limit
05resultDENIED · over_ceiling
DENIED

Signed DENIED receipt. Action is rejected before execution. No funds move. Decision is auditable for regulators and the operator.

Cross-system transfer Tier 05 · orchestrated
Carry one authority model across mixed environments.
01subjectagt_0x4c8e…7710
02actioncounterparty.add · JP→KY
03policyhigh-risk region · needs sanctions_refresh
04workflowexternal: sanctions_refresh.pending
05resultSTEP-UP REQUIRED · sanctions_check
STEP-UP REQUIRED

ORDiN requests fresh evidence before the original action re-evaluates against current conditions.

Every sensitive action gets an AuthorityReceipt.

The AuthorityReceipt records the decision, ties it to the action, and supports local enforcement before commit.

Receipt
Decision
artifact

Decision state, actor, action, policy version, evidence reference, TTL, and signature.

Customer side
Local
enforcement

The customer stores the receipt and enforces before commit inside their own environment.

Price by decision weight, not volume alone.

Not all decisions are equal. A simple credential check is lighter than a multi-factor regulated approval. Pricing reflects the shape of the decision — more clauses, more credentials, more sensitivity = higher tier. Decisions are measured in Standard Decision Units (SDUs) — 1 SDU ≈ $0.01 of usage value, benchmarked to a standard execution-time authorization.

Tier 01 — atomic checks.

Single-purpose, low-risk, deterministic gates. One or two simple rules evaluated against a single credential. Sub-10ms decisions. High volume, low weight.

Credential presence Revocation check Basic gating
Per decision
$0.002–$0.005

Usage pools typically consume 1 SDU per decision at this tier.

Tier 02 — standard execution-time auth.

Two to five policy rules. Amount bands, jurisdiction checks, time-window gates. The working tier for most production workloads.

DeFi gating Marketplace actions Delegation
Per decision
$0.005–$0.015

~2–5 SDUs per decision.

Tier 03 — multi-factor enforcement.

Five to ten policy clauses. Conditional logic, step-up branching, multiple credentials combined. For institutional and multi-party use cases.

Treasury ops Institutional trading Multi-party approvals
Per decision
$0.015–$0.03

~6–10 SDUs per decision.

Tier 04 — regulated policy evaluation.

Advanced, regulated, high-assurance policy. Dense logic, bespoke tuning, compliance-aligned rule sets for enterprises in regulated markets.

Enterprise compliance Regulated trading High-assurance
Per decision
$0.03–$0.08+

~11–25 SDUs per decision. Custom tuning available.

Tier 05 — orchestrated step-up.

Core decision fee plus external vendor pass-through plus workflow premium. When a decision needs more than ORDiN alone — a sanctions refresh, KYT pull, or live re-verification.

Sanctions refresh KYT lookup Re-verification
Per decision
Core + external

Tier-3 core fee plus pass-through cost of the external workflow plus orchestration premium.

Interactive · Decision complexity calculator

What tier is your decision?

Toggle the characteristics that apply to your use case. The score determines which pricing tier your decisions fall into.

Complexity score
0 / 10
Suggested tier
Tier 1 — Atomic
Price range
$0.002 – $0.005

Your minimum = prepaid usage.

Your monthly commitment isn't a platform fee — it's a prepaid usage block measured in Standard Decision Units (SDUs). Simpler decisions consume less. Heavier decisions consume more. You're not paying for access. You're paying for decisions.

Pilot / Starter
$2,000/month
~200,000 SDUs included
One clear use case, limited policy scope, early production rollout. Prove the model in a real environment.
Growth / Active
$5,000/month
~500,000 SDUs included
Multiple protected actions, meaningful usage, broader rollout across live flows. Default tier for serious customers.
Enterprise
$12,500+/month
~1.25M SDUs included
Regulated environments, denser policy logic, custom requirements, heavier support. Enterprise pricing may adjust for Tier 3+ heavy mixes.

Control what executes next.