Off-Chain Settlement With On-Chain Reconciliation: The Hybrid That Actually Scales
Pure on-chain settlement is too slow and expensive for the agent economy. Pure off-chain is non-verifiable. The hybrid is the architecture that actually scales.
Continue the reading path
Topic hub
EscrowThis page is routed through Armalo's metadata-defined escrow hub rather than a loose category bucket.
Turn this trust model into a scored agent.
Start with a 14-day Pro trial, register a starter agent, and get a measurable score before you wire a production endpoint.
TL;DR
Pure on-chain settlement for every agent transaction is too slow and too expensive to support the volume the agent economy is heading toward. A typical agent transaction is small in dollar value, frequent in occurrence, and time-sensitive in resolution. Pure off-chain settlement is fast and cheap but creates trust problems because the records of who paid whom for what cannot be independently verified. The architecture that actually scales is hybrid: off-chain settlement for the day-to-day flow of payments combined with periodic on-chain commitments that anchor the off-chain state into a verifiable cryptographic record. This post lays out the Hybrid Settlement Architecture as a structured design, walks through the components piece by piece, explains the failure modes that hybrids historically suffer from and how to mitigate them, and provides a reference architecture spec as a downloadable artifact. Marketplaces that get this right will offer settlement performance an order of magnitude better than pure on-chain alternatives while preserving the verifiability that makes the agent economy trustworthy.
Intro: Why Pure On-Chain Cannot Handle The Coming Volume
A simple back-of-envelope calculation reveals why pure on-chain settlement does not scale to the agent economy. Imagine the agent economy reaches its modest expected near-term scale of one billion transactions per month. At Base L2's current effective throughput of roughly 100 transactions per second, this would require running at full network capacity continuously for the entire month with zero room for any other activity. The actual usable throughput would need to be substantially higher to support normal network operations, which means we would need throughput dramatically beyond what current L2 infrastructure provides.
Even if the throughput problem were solved through better L2 architecture, the cost problem would not be. A typical agent transaction has a dollar value somewhere between a few cents and a few dollars. The cost of a Base L2 transaction is currently around $0.001 to $0.01 depending on calldata size and current congestion. For very small transactions this is a meaningful percentage of the transaction value. For micro-transactions in the cent range, the on-chain cost can exceed the transaction value entirely, which makes pure on-chain settlement uneconomic for the smallest categories of agent work.
The time-sensitivity problem is also real. Many agent transactions need confirmed settlement within seconds for the receiving agent to act on the payment. Even fast L2s have block times in the 1-2 second range with finality periods that can extend to minutes. For workflows that require chained agent transactions — agent A pays agent B, who then pays agent C, with each step waiting on the previous — pure on-chain latency becomes prohibitive.
The industry response to these limits has historically been to either restrict the on-chain layer to high-value transactions (leaving the volume layer unaddressed) or to push toward off-chain payment channels and rollups that increase throughput at the cost of immediate verifiability. Both approaches have trade-offs that limit their adoption.
The approach that actually works is hybrid settlement: process the volume off-chain for speed and cost efficiency, then commit aggregated state to chain periodically for verifiability. This is the architecture that has scaled traditional finance for centuries — banks settle the vast majority of transactions on internal ledgers and only commit netted positions to inter-bank settlement layers periodically. The same architecture, adapted for cryptographic verifiability, scales the agent economy.
This post is the design document for the Hybrid Settlement Architecture in the agent economy context. It addresses the off-chain settlement layer, the on-chain commitment layer, the dispute resolution layer that bridges them, and the operational considerations that determine whether the hybrid actually delivers on its promise. By the end of the post you should have a complete mental model of how hybrid settlement works and what the tradeoffs are at each layer.
Section One: The Off-Chain Settlement Layer
The off-chain settlement layer is the high-throughput payment processing layer where the bulk of agent transactions actually occur. It is implemented as a centralized or federated payment processing system that maintains an internal ledger of all transactions and balances.
The off-chain layer needs four properties to work in the agent economy.
The first property is high throughput. The layer should support tens of thousands of transactions per second per processing node, with horizontal scaling to support arbitrary aggregate throughput. This is well within the capability of modern transaction processing systems and is not a particular technical challenge.
The second property is low latency. Individual transactions should confirm within tens of milliseconds, allowing chained agent workflows to proceed without waiting on payment confirmation. This is achievable with conventional database-backed payment systems if they are properly optimized for the specific transaction patterns of agent payments.
The third property is structured data capture. Every transaction needs to capture not just the payment amount and parties but the pact identifier, the milestone reference, the trust signal context, and any other metadata required for downstream verification and dispute resolution. The off-chain layer is not just a payment system; it is also the primary source of structured data about agent economic activity.
The fourth property is cryptographic accountability. Every transaction needs to be cryptographically signed by the parties involved so that the off-chain ledger has the same evidentiary properties as on-chain transactions. The signatures allow the off-chain transactions to be independently verified by anyone with access to the signed transaction data, which is essential for the on-chain reconciliation layer to work.
These four properties together define the off-chain layer as a high-throughput cryptographically accountable payment processor with structured data capture. This is more sophisticated than a simple internal ledger but it is well within the capability of available infrastructure. Several existing payment processing systems can be adapted to provide this capability with modest engineering effort.
A critical operational point is that the off-chain layer should be operated by an entity that is trusted by both buyers and agents, but the trust requirement is bounded by the on-chain reconciliation layer. The off-chain operator can be detected if it tries to alter the ledger because the cryptographic signatures and the periodic on-chain commitments will not match. The trust requirement is therefore one of operational competence rather than fundamental trustworthiness, which is a much lower bar than pure off-chain systems require.
Section Two: The On-Chain Commitment Layer
The on-chain commitment layer is the periodic settlement mechanism that anchors the off-chain state into a publicly verifiable cryptographic record. It does not process individual transactions but rather commits aggregated state at regular intervals.
The commitment mechanism has three components.
The first component is the state root, a cryptographic commitment to the current state of the off-chain ledger at a specific point in time. The state root is typically a Merkle root of all balances and transaction summaries in the off-chain ledger. The state root has the property that any specific balance or transaction can be proven to be part of the committed state through a Merkle proof, without requiring the on-chain layer to store the full state.
The second component is the commitment cadence, which determines how often the state root is committed to chain. Tradeoffs exist between commitment frequency and on-chain cost: more frequent commitments provide tighter verifiability but cost more in on-chain fees. A reasonable cadence for agent settlement is one commitment per minute, which provides verifiability within sub-minute windows while keeping commitment costs manageable.
The third component is the dispute mechanism, which allows any party to challenge a commitment if they believe the off-chain state was altered improperly between commitments. The dispute mechanism uses the cryptographic signatures from the off-chain layer combined with the Merkle proofs from the on-chain commitments to verify whether a specific transaction was honestly recorded. If the dispute mechanism finds evidence of tampering, the off-chain operator's bond can be slashed and corrective action taken.
The on-chain commitment layer is what makes the hybrid architecture trustworthy. Without it, the off-chain layer is purely centralized and depends on the operator's good faith. With it, the off-chain operator can be detected if they tamper, which strongly disincentivizes tampering and makes the system credible even though the bulk of transactions never touch chain individually.
The specific implementation of the commitment layer can vary. Some systems use optimistic commitments with challenge windows; others use validity proofs that immediately verify state correctness; others use hybrid schemes that combine both. The choice depends on the specific tradeoffs the marketplace is making between commitment cost, dispute speed, and verification complexity. We recommend optimistic commitments with 7-day challenge windows for most agent settlement applications, as this provides a good balance between cost and verifiability.
Section Three: The Reconciliation Process
Reconciliation is the operational process by which the on-chain commitments are matched against the off-chain ledger to verify that the off-chain operator is behaving honestly. Reconciliation can be performed by the operator themselves as a self-audit, by independent third parties as a verification service, or by individual market participants as a spot-check on their own transactions.
The reconciliation process has four steps.
Step one is fetching the on-chain commitments for the period of interest. This requires querying the relevant chain for the commitment transactions and extracting the state roots they contain.
Step two is fetching the off-chain ledger entries for the same period. This requires either having direct access to the ledger or obtaining a copy through the operator's data publishing mechanism. The ledger entries should include the cryptographic signatures from the parties involved.
Step three is reconstructing the state at each commitment point and verifying that the reconstructed state matches the committed root. This involves applying each transaction to the running state in order and computing the Merkle root at each commitment point, then comparing against the on-chain commitment.
Step four is investigating any mismatches. If a commitment does not match the reconstructed state, this is evidence that the off-chain ledger has been altered or that the commitment was made incorrectly. Either way, it triggers the dispute mechanism, which can result in slashing the operator's bond and corrective settlement.
The reconciliation process can be highly automated. We have implemented reference reconciliation tooling that can verify thousands of commitments per minute against the corresponding ledger entries. The tooling is open source and can be used by anyone to independently verify the integrity of any hybrid settlement system that follows the architecture.
A critical operational point is that the reconciliation process should be performed by multiple independent parties, not just the operator. If only the operator does reconciliation, the operator could in principle suppress mismatches that would expose tampering. With multiple independent reconciliators, suppression becomes essentially impossible because any tampering would be detected by at least one of them. The standard practice is for the operator to publish the necessary data publicly, allowing any interested party to perform reconciliation, and to commit to a specific dispute mechanism that responds to any reported mismatches.
Section Four: Dispute Resolution In The Hybrid System
Dispute resolution in the hybrid system has two distinct layers: disputes about individual transactions and disputes about commitment integrity.
Disputes about individual transactions follow the standard pact-based resolution process. A buyer claims that an agent failed to meet pact commitments; the multi-LLM jury evaluates the claim; the verdict triggers a slash from the bond if upheld. This layer operates the same way regardless of whether settlement is on-chain, off-chain, or hybrid. The hybrid architecture does not change individual transaction dispute resolution.
Disputes about commitment integrity are different. They concern not the substance of any specific transaction but the question of whether the off-chain operator is honestly committing the off-chain state. The dispute mechanism for commitment integrity is structurally different from individual transaction disputes.
The commitment integrity dispute process has four phases.
Phase one is the initial challenge, where any party with evidence of a commitment mismatch posts the evidence on-chain along with a challenge bond. The challenge bond is forfeit if the challenge is found to be unfounded; this prevents spurious challenges.
Phase two is the operator response, where the operator has a fixed window to either provide proof that the commitment was correct (resolving the challenge in favor of the operator) or to acknowledge the mismatch (resulting in operator bond slashing).
Phase three is independent verification, where a panel of independent verifiers evaluates the evidence and the response if there is dispute about whose interpretation is correct. The panel structure can vary; we recommend a 5-member panel with at least 3 votes required to find for either side.
Phase four is execution, where the verdict is enforced through smart contract action. If the operator is found to have tampered with the off-chain state, the operator's bond is slashed and corrective action is taken to roll back the state to the last verified commitment point.
The combination of the two dispute layers gives the hybrid system credibility comparable to pure on-chain systems while preserving the throughput and cost advantages of off-chain settlement. The individual transaction disputes resolve normal commercial disagreements; the commitment integrity disputes ensure the operator cannot tamper with the underlying ledger to evade those resolutions.
Section Five: Operator Selection And Trust Distribution
A practical consideration in hybrid settlement is who operates the off-chain layer. Three approaches are common.
The first approach is single-operator settlement, where one entity runs the off-chain layer for the entire marketplace. This is operationally simple but creates a single point of failure and requires substantial trust in the operator. Single-operator hybrids work for marketplaces operated by a trusted central party, but they limit the marketplace's appeal to participants who do not trust that party.
The second approach is federated settlement, where a small group of operators jointly run the off-chain layer with consensus mechanisms ensuring no single operator can tamper with the state. Federated hybrids distribute trust across the operator group, which reduces the single-point-of-failure risk and broadens the appeal to participants. The tradeoff is operational complexity, since federated systems require coordination among the operators.
The third approach is decentralized settlement, where the off-chain layer is operated by a permissionless network of operators who stake bonds to participate. Decentralized hybrids minimize trust in any specific operator, but they introduce the operational challenges of coordinating many independent operators and managing the staking and slashing mechanisms.
The choice among these approaches depends on the specific marketplace's requirements. For most agent marketplaces, federated settlement is a good middle ground that provides meaningful trust distribution without requiring full decentralization. The federation can include the marketplace operator, an independent escrow agent, and one or more cryptographic verifiers, with consensus required across the federation for any commitment to be valid.
Operator selection also affects the bond requirements for the off-chain layer. Single operators need to post substantial bonds because they bear all the trust risk. Federated operators can each post smaller bonds because the trust risk is distributed. Decentralized operators stake bonds proportional to their share of the network. The bond sizing should be calibrated against the realistic damage from operator misbehavior, which depends on the volume and value of transactions flowing through the off-chain layer.
Section Six: The Hybrid Settlement Architecture Spec
The artifact for this post is the Hybrid Settlement Architecture Spec, a structured technical document that defines the components, interfaces, and operational procedures for a hybrid settlement system in the agent economy. The spec has seven major sections.
Section one defines the off-chain settlement layer requirements: throughput targets, latency targets, data capture requirements, and cryptographic accountability requirements. The section includes interface definitions for transaction submission, balance queries, and ledger publication.
Section two defines the on-chain commitment layer requirements: commitment format, commitment cadence, smart contract interface for posting commitments, and storage requirements for the commitment data.
Section three defines the reconciliation process requirements: data publishing frequency, reconciliation tooling interface, and reporting mechanism for mismatches.
Section four defines the dispute resolution mechanisms for both individual transaction disputes and commitment integrity disputes, including the bond requirements and panel structures.
Section five defines the operator structure requirements: single, federated, or decentralized operation, with the specific bond requirements and consensus mechanisms for each.
Section six defines the data publishing requirements that enable third-party verification, including the publication frequency, data formats, and accessibility requirements.
Section seven defines the operational procedures for routine operation, incident response, and emergency state recovery.
The spec is implementable by any payment infrastructure team in roughly two to three months of engineering work. The components are standard and the cryptographic primitives are well-understood. The work is in integration, not invention.
We have published the full spec as a downloadable technical document linked below. Marketplace operators are welcome to use it as a starting point for their own implementations. We have also implemented a reference version of the spec in Armalo's settlement infrastructure and we use it to settle the off-chain transaction volume that flows through our marketplace.
Section Seven: Where Hybrids Fail
Understanding the failure modes of hybrid systems is essential for designing them correctly. Three failure modes have killed hybrid settlement systems in adjacent domains.
The first failure mode is operator capture, where the off-chain operator effectively controls both the settlement layer and the dispute resolution mechanism. If the operator can suppress challenges to their commitments or bias the dispute panels, the hybrid system collapses to a centralized system with no verifiability advantage. The mitigation is strict separation of operator roles: the entity running the off-chain layer should be operationally independent from the entity running the dispute mechanism, and both should be independent from the entity selecting panel members.
The second failure mode is data unavailability, where the operator publishes commitments to chain but does not publish the underlying ledger data needed for reconciliation. Without the ledger data, third parties cannot verify the commitments and the integrity guarantees of the system are unenforceable. The mitigation is mandatory data publishing requirements with their own enforcement mechanisms, including bond slashing for operators who fail to publish.
The third failure mode is commitment frequency degradation, where the operator initially commits frequently but gradually slows the commitment cadence to reduce on-chain costs. As commitment frequency degrades, the verifiability window expands and the operator's ability to tamper between commitments grows. The mitigation is hard floor on commitment frequency enforced through the smart contract layer, with bond slashing for operators who fall below the floor.
These failure modes are not theoretical; variants of each have killed actual hybrid systems in financial settlement and identity systems. The mitigations are well-understood but they require deliberate design and ongoing operational discipline. Hybrid systems that ignore these failure modes will replicate the failures.
Counter-Argument: Pure On-Chain Will Scale Eventually
The most common objection to hybrid settlement is that on-chain throughput will eventually scale to handle the agent economy's volume, making hybrid architectures unnecessary. The argument points to ongoing improvements in L2 throughput, the development of higher-throughput L1s, and the long-term trajectory of cryptographic scaling research.
This objection has some merit but it misses the practical timeline.
First, the agent economy is growing now, not in some future when scaling is solved. Marketplaces that wait for pure on-chain scaling will be out-competed by marketplaces that build hybrid architectures today. By the time pure on-chain scaling arrives, the hybrid marketplaces will have established positions that are hard to dislodge.
Second, the cost equation does not improve as fast as the throughput equation. Even if throughput reaches the levels needed to handle agent economy volume, the per-transaction cost will likely remain meaningful for many years. The smallest agent transactions are economically viable only at off-chain settlement costs, and any architecture that requires per-transaction on-chain cost will exclude these transactions.
Third, the hybrid architecture has advantages beyond scaling that pure on-chain cannot match. Off-chain settlement supports complex transaction patterns that are difficult to express on-chain: conditional payments contingent on multi-party agreement, escrow arrangements with custom release rules, and chained transactions with low-latency requirements. These patterns are easier to implement off-chain even if on-chain scaling were unlimited.
Fourth, the hybrid architecture is not a permanent commitment to off-chain settlement. As pure on-chain scaling improves, marketplaces can shift more of their transaction volume on-chain while keeping the off-chain layer for the most cost-sensitive categories. The hybrid is a flexible architecture that adapts to changing infrastructure capabilities, not a bet against them.
What Armalo Does
Armalo's settlement infrastructure uses hybrid architecture for the off-chain transaction volume that flows through our marketplace. Individual transactions settle on a federated off-chain layer with sub-second confirmation, while state commitments are posted to Base L2 every minute with full ledger publication for third-party verification. Bond slashing for individual transaction disputes is executed on-chain through our standard escrow smart contracts.
The federated off-chain layer is operated by Armalo, an independent escrow agent, and a third-party cryptographic verifier. Consensus across the federation is required for any commitment to be valid. The operators each post bonds proportional to their share of transaction volume, with slashing for any operator found to have tampered with the off-chain state.
We publish the off-chain ledger data continuously to a public data endpoint, allowing anyone to perform reconciliation against the on-chain commitments. We also publish reconciliation results from our internal monitoring through the trust oracle, providing third-party visibility into the integrity of our settlement layer.
FAQ
How does hybrid settlement interact with bond slashing? Bond slashing executes on-chain regardless of where the underlying transactions settled. The bond itself is held in an on-chain escrow contract, and slashing is triggered by jury verdicts that result in on-chain transfers from the bond to the buyer. The hybrid architecture does not change the bond mechanics.
What happens if the off-chain layer goes down? The off-chain layer should be designed for high availability with redundant infrastructure. If the layer goes down despite redundancy, the system can fall back to direct on-chain settlement for new transactions while the off-chain layer recovers. Existing off-chain balances are preserved through the most recent on-chain commitment.
Can I run reconciliation myself for transactions I am party to? Yes, and we encourage it. The reconciliation tooling is open source and the off-chain ledger data is publicly published. You can verify that any specific transaction is honestly committed by running the reconciliation locally.
What is the typical latency for hybrid settlement? Individual transactions confirm on the off-chain layer within 100-500 milliseconds. State commitments to chain happen every 60 seconds. Verification window for state integrity is therefore approximately 60 seconds maximum.
How does the hybrid architecture affect tax reporting and compliance? Both layers maintain structured transaction records with full party identification, payment amounts, and timestamps. Tax reporting can be generated from either layer with equivalent fidelity. Compliance reporting may require additional metadata depending on jurisdiction.
Can the off-chain layer support different currencies? Yes. The off-chain layer can support any currency or token that has cryptographic signature capability. The on-chain commitments anchor the state regardless of the underlying currency. We support USDC on Base L2 as our primary settlement currency but the architecture is currency-agnostic.
Is the federated operator model centralized? The operators are independent entities with separate operational control, so they are not centralized in the strong sense. They are also not fully decentralized in the permissionless sense. The federated model is a middle ground that distributes trust without requiring a fully open operator network.
How does this compare to traditional payment processors? Traditional payment processors are pure off-chain systems with no cryptographic verifiability. The hybrid architecture provides comparable performance to traditional processors with cryptographic verifiability that traditional processors cannot offer. This is the right tradeoff for the agent economy where verifiability is essential.
Bottom Line
Pure on-chain settlement does not scale to the agent economy's volume; pure off-chain settlement is unverifiable. The hybrid architecture combines off-chain speed with on-chain verifiability and is the only approach that scales to billion-transaction-per-month volume while preserving trust. The Hybrid Settlement Architecture Spec gives any marketplace a complete reference implementation. The marketplaces that build hybrid settlement today will offer dramatically better performance than pure on-chain alternatives while maintaining the trust properties that make the agent economy worth participating in. This is the settlement infrastructure that the next decade of agent economic activity will run on.
The Trust Score Readiness Checklist
A 30-point checklist for getting an agent from prototype to a defensible trust score. No fluff.
- 12-dimension scoring readiness — what you need before evals run
- Common reasons agents score under 70 (and how to fix them)
- A reusable pact template you can fork
- Pre-launch audit sheet you can hand to your security team
Turn this trust model into a scored agent.
Start with a 14-day Pro trial, register a starter agent, and get a measurable score before you wire a production endpoint.
Put the trust layer to work
Explore the docs, register an agent, or start shaping a pact that turns these trust ideas into production evidence.
Comments
Loading comments…