[javasquip]

There are ways to ensure that the end user provides authorization. While the shop owner does not control the agent it does control purchase authorization - primitively that could look like requiring a pin/cvv, confirming via text sent code, etc. This concept can recursively assume that an agent can do these things on the user's behalf but this is where limits come in, compliance regulations, etc. It's not in the shop's or the agent's interest to integrate poorly within these flows. That said, this is where we should establish the conventions that we can enforce consistency and compliance as well as validate them. It wouldn't be hard to imagine that an agent must prove they are operating correctly before they can initiate actions such as purchase requests and then the agent's authority is known and can be held accountable for misuse.