Link CLI agent wallet — setup record

Stripe’s Link CLI installed on the Mac mini 2026-04-29 to give Ray (RDCO COO Agent) a per-charge agent payment capability. End-to-end loop verified via test-mode dry run.

What’s wired

• Package: @stripe/link-cli v0.4.0 (npm, global install)
• Binary: /opt/homebrew/bin/link-cli
• Auth token: stored at ~/Library/Preferences/link-cli-nodejs/config.json
• Client name: “Ray (RDCO COO Agent)”
• Payment methods visible after auth:
  • Amex Blue Business Cash, ending 1008 (recommended default)
  • Bank account ending 3578 (ACH, fallback)

Per-charge contract

Setting in stone so Ray future-iterations don’t drift:

1. Ray surfaces the spend on iMessage first (“about to create a $X spend request for Y, you’ll see the Link prompt”). Heads-up is courtesy; not the gate.
2. Ray runs link-cli spend-request create with merchant + amount + ≥100-char context.
3. Founder’s Link app shows the push notification. Founder taps approve or deny.
4. On approve, Ray retrieves a single-use credential — a one-time card (or Shared Payment Token for HTTP-402 endpoints) tied to the chosen payment method. Card dies after the merchant charge OR after valid_until timestamp (~1 hour).
5. Ray plugs the credential into the merchant’s checkout and the charge happens.

No autonomous spend. No standing balance. No card stored on Ray’s side.

Failure / safety modes

• Founder denies → Ray gets a denied status, surfaces it as a flag, no retry.
• Founder doesn’t respond within ~5 minutes → poll times out, spend request expires.
• Card credential expires before Ray uses it → Ray must create a new spend request.
• Ray uses a Shared Payment Token (SPT) and the merchant rejects it → SPT is one-shot consumed; Ray must create a fresh request.

npm install gotcha (record for future fresh-Mac restoration)

The Mac mini’s ~/.npmrc has min-release-age set as a supply-chain protection — it filters out npm packages published more recently than ~1 week. This blocked the install of Link CLI 0.4.0 (published the same day, 2026-04-29). Workaround used:

NPM_CONFIG_MIN_RELEASE_AGE=0 npm install -g @stripe/link-cli@latest

Per-command env-var override; no persistent config change. Documented here so a fresh-Mac bootstrap reproduces the same outcome cleanly. The supply-chain protection is intentional and remains in effect for all OTHER package installs.

Test-mode dry run (verification)

Performed 2026-04-29 23:42 UTC.

• Spend request created with --test flag, $1.00, merchant “Test Merchant (Link CLI dry run)”
• Status: pending_approval → approved (founder tapped approve in Link app within ~90s)
• Retrieved card: sandbox test card 4242 4242 4242 4242 (the well-known Stripe test card), billing address attached, ~1hr validity window
• No real money moved (test mode is fully sandboxed)

What this enables

Concrete near-term use cases where Ray would create a real spend request (each pending founder go-ahead at the moment):

• API top-ups for non-Max services (xAI, ElevenLabs voice, OpenAI when needed)
• Domain renewals on raydata.co properties
• Small SaaS subscriptions for tools we want to evaluate (one-month trials, etc.)
• Freelancer micro-payments via Upwork/Fiverr if we end up commissioning Ray-mascot 3D work
• Postage / physical-mail via PostGrid (already a configured skill but currently 1Password-credentialed)

Strategic context — why this matters now

The agent-wallet rail is commodifying fast (Stripe Link, x402 from Coinbase+CF, Skyfire, Crossmint, Mastercard/Visa programs all racing). RDCO’s wedge is NOT in building wallets — it’s the upstream layer:

• Decision layer: what should agents be authorized to buy, with what guardrails?
• Eval layer: was the purchase the right call?
• Data plumbing: agent purchase events → warehouse → governance + audit

Setting up Link for Ray is BOTH a useful operating capability AND first-hand experience for advising enterprise clients (phData) on agent-purchase governance. The test loop we just ran is the same primitive an enterprise would deploy at scale; the governance question is what we’d help them solve.

Related

• ../06-reference/2026-04-29-stratechery-intel-earnings-terafab — supply-side context (CPU compute pricing shift)
• ../06-reference/2026-04-29-every-compute-is-new-cash — demand-side context (per-credit pricing inevitability)
• Notion Research Backlog: “Is ‘AI is becoming a Snowflake-shaped business’ the right Sanity Check angle…” — Inbox candidate from this morning’s newsletter pairing
• 2026-04-28-agent-config-backup — should add link-cli credentials path to backup considerations (auth token is regenerable; not critical to back up but worth noting)