2.4 Access Control Integration

Provider Side Logic

Service Providers integrate Reticula into their API gateways (e.g., NGINX, API Gateway) via a lightweight middleware or SDK. This middleware's sole function is to verify the existence and validity of the SBT.

Verification Steps:

1. Agent Request: Agent sends an API call, providing its wallet address.

2. Middleware Check: The middleware calls the Reticula verification contract: isCertValid(agent_address, target_hash). This check is extremely fast.

3. Validation: The smart contract confirms: (a) The SBT exists in the agent's wallet, and (b) The expiry_timestamp has not passed.

4. Access Decision: If valid, access is granted. If expired, access is denied, and the Provider can send a 402/X402 payment request.