# Example: agent pays agent

The canonical flow, end to end: a principal grants a mandate, a buyer agent escrows under it, the provider delivers with a client-side signature, deterministic verification passes, and the matter closes in a quitanza that verifies offline. Runnable in one command; the example starts a local API in-process.

From a checkout of the Quitanza repository:

```
pnpm install
pnpm exec tsx examples/agent-pays-agent.ts
```

## What it shows

1. **A mandate**: the principal signs spending caps for the buyer's key. The buyer can only escrow within them, and the mandate's hash lands on the final proof.
2. **An escrow against exact terms**: the acceptance checks include the hash of the agreed deliverable, so verification is byte-exact.
3. **A client-signed delivery**: the provider signs with its own Ed25519 key via `AgentSigner`; no private key ever reaches the API.
4. **The quitanza**: verified against the API, then again offline with `verifyQuitanza`, no API involved.
5. **Replay**: the full event history from `GET /v1/escrows/{id}/events`, derived from the hash-chained trail.

## The shape of it

```ts
const mandate = await qz.mandates.register(principal.signMandate({ ... }));
const escrow = await qz.escrows.create({ ..., mandateId: mandate.id });
await qz.escrows.fund(escrow.id, { idempotencyKey: `fund-${escrow.id}` });
const { verdict, quitanza } = await qz.escrows.submitSignedDelivery(
  escrow.id,
  provider.signDelivery(escrow.id, payload)
);
verifyQuitanza(quitanza); // true, offline
```

Every step is signed, every step is on the trail, and the proof at the end binds them all. See also the [x402 client example](/docs/example-x402-client.html) and the [dispute walkthrough](/docs/example-dispute-arbiter.html).