Visa TAP.

TAP credentials authorize an agent to spend on a cardholder's account within a delegation scope. Issuance and verification flow through Visa's trusted agent registry.

On verify_credential, the binder enforces DelegationScope + SpendingPolicy. The Visa side sees an opaque agent id; Tenzro sees the underlying TDIP machine DID.

Settled TAP receipts are persisted in CF_SETTLEMENTS with the standard PaymentReceipt shape and a protocol = VisaTap discriminator.