ClearanceFlow

ClearanceFlow is a privacy-preserving AI agent that reviews invoices and payment requests on behalf of authorized users — disclosing only the minimum identity information needed to complete each action.

🌐 Live Demo · 🎥 Video Walkthrough

---

How Terminal 3 Agent Auth Is Used

ClearanceFlow integrates the Terminal 3 Agent Auth SDK (@terminal3/t3n-sdk) as the core authorization layer. When an AI agent needs to act on behalf of a human user, ClearanceFlow establishes a did:t3n agent identity, performs a cryptographic handshake and authentication with the T3N network, then requests scoped, delegated permissions from the human delegator. Before every action, the agent performs selective disclosure — revealing only boolean attestations (e.g., "role is finance manager: true") rather than raw personal data — and verifies its delegation scope deterministically. Every disclosure and action is logged to a tamper-evident audit trail, ensuring full accountability without sacrificing user privacy.

---

Setup

Prerequisites

• Node.js 18+
• npm

Install

git clone <repo-url>
cd clearanceflow
npm install

Environment Variables

Create a .env.local file:

# NVIDIA NIM API Key (optional — AI features degrade gracefully without it)
NVIDIA_NIM_API_KEY=nvapi-...

# Terminal 3 T3N SDK (required for live agent auth)
T3N_API_KEY=your-t3n-api-key
T3N_ENVIRONMENT=testnet

# App
NEXT_PUBLIC_APP_URL=http://localhost:3000

Run

npm run dev

Open http://localhost:3000.

---

What the Agent Does

1. Review — AI extracts key fields from invoices (vendor, amount, line items)
2. Verify — Terminal 3 Agent Auth confirms the agent is acting on behalf of an authorized user
3. Disclose — Selective disclosure reveals only the minimum necessary identity claims (e.g., "role is finance manager")
4. Approve — Deterministic policy engine validates all rules, then executes a sandbox-token payment
5. Audit — Every action is logged to a tamper-evident chain for full accountability

---

Architecture

src/
├── app/                  # Next.js App Router pages + API routes
│   └── api/
│       ├── agent/        # T3N agent initialization & actions
│       ├── authorize/    # Delegation authorization
│       └── approve/      # Approval execution
├── components/           # Shared UI components
└── lib/
    ├── terminal3/        # Terminal 3 Agent Auth SDK integration
    ├── ai/               # NVIDIA NIM (Llama 3.1) for document understanding
    ├── policy/           # Deterministic policy engine
    ├── audit/            # Tamper-evident audit trail
    ├── execution/        # Sandbox token executor
    ├── parsing/          # Invoice/request parser
    └── schemas/          # Zod data models

---

Tech Stack

• Frontend: Next.js 15, React 19, TypeScript, Tailwind CSS v4, shadcn/ui
• AI: NVIDIA NIM API (Llama 3.1 8B Instruct)
• Auth: Terminal 3 T3N SDK (@terminal3/t3n-sdk v3.9.0)
• Validation: Zod

---

Limitations

• Sandbox/testnet mode — not connected to Terminal 3 mainnet
• In-memory state store (no persistent database)
• AI extraction may fail on unusual invoice formats (fallback to manual review)
• No real payments — all token execution is sandboxed

---

License

MIT