Docs / Cards (Lithic)

Governing cards: a virtual Visa on the same kill switch

The control plane isn't crypto-specific. A Lithic virtual Visa card rides the same declarative policy, the same freeze, and the same signed ledger as the crypto rails — and in the four-rail proof, the card died in the same ~432 ms window as the wallets.

Enforcement model: native card controls + a real-time gate

Policy fieldBindsDetail
freezenativeCard state PAUSED, confirmed; CLOSED for the irreversible kill
perTxCapnativeCard spend_limit (per-transaction, minor units)
allowlist / approvalcountersign-layerVia the real-time authorization gate when enabled
dailyCapcountersign-layerThe card API exposes no daily-duration limit on update; the guard (and the auth gate) enforce it fail-closed

native = the rail itself enforces it, even if Countersign is bypassed or offline. countersign-layer = enforced fail-closed by the pre-flight guard and honestly labeled as such. Live, per-tenant version: GET /enforcement.

Proven in the Lithic sandbox

Under-cap authorization APPROVED; over-cap DECLINED — USER_TRANSACTION_LIMIT (the card itself refused); frozen DECLINED — CARD_PAUSED. One freeze then stops three crypto rails and this card together.

More card rails

Stripe Issuing (US/UK/EU) and Airwallex (AU) adapters are built on the same model — native per-transaction and daily caps on Stripe — and move from "built" to "live-proven" as sandbox programs come online. The point stands either way: one policy, one freeze, crypto and fiat.

Honest scope: everything here is testnet-only — no mainnet, no custody, no PII. The hosted sandbox seeds a mock three-backend fleet so you can exercise policy, guard, freeze, and ledger end-to-end; the vendor enforcement described on this page was proven live on real testnet backends. Mainnet follows a third-party security audit.

Try it in 60 seconds — no account, no human

Self-serve key, an isolated sandbox tenant with a three-backend demo fleet, testnet only.

Get a free key → Watch the freeze GitHub