Onboard to Lightspark Grid and create a Global Account for the agent; configure spending policy including per-transaction cap, daily limit, and allowed counterparty UMA addresses
Implement UMA Auth (built on Nostr Wallet Connect) to let the user authorize the agent to initiate push payments from their UMA address; the user sets the delegation scope (amount limits, time window) during the OAuth-like consent flow
The agent receives a long-lived UMA Auth credential scoped to the delegation; use this credential to call Lightspark Grid's payment initiation API when the agent needs to pay a counterparty identified by their UMA address
Grid enforces the policy rules at execution time: if the payment exceeds the user-defined limit or falls outside the allowed window, Grid blocks the payment and returns a policy violation error without touching the underlying funds
Pull the Grid audit log via the Lightspark API to generate a per-agent spend ledger for user transparency and compliance reporting
Known gotchas
UMA Auth credentials are tied to the user's UMA-enabled wallet; if the user migrates wallets or rotates their UMA keypair, all existing agent delegations are invalidated and must be re-authorized — build a re-authorization flow into your agent onboarding
Grid's policy enforcement is account-layer, not network-layer; a malicious agent that somehow obtains raw Lightning credentials could bypass Grid — ensure the agent runtime only ever has the UMA Auth credential, never the underlying account private key
UMA payment resolution requires the recipient to be reachable via their LNURL-pay endpoint; if the counterparty's UMA server is offline, the payment will fail even if funds and policy are valid — implement retry with backoff and surface unresolvable UMA addresses to the user
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp