All articles

Can AI Agents Legally Sign Contracts? ESIGN, UETA, and the Electronic-Agent Rules Explained

US law has recognized contracts formed by electronic agents for 25 years — with the action attributed to whoever deployed the agent. What ESIGN §7001(h) and UETA actually say, where fully autonomous signing gets legally murky, and why agent-prepares/human-signs is the defensible architecture.

United States Capitol building representing federal legislation

Somewhere right now, an AI agent is drafting a contract, filling in the counterparty's details, and getting ready to send it for signature. The person who deployed that agent is asking the obvious question: is any of this legally binding? The short answer is more settled than most people expect — US law has recognized contracts formed by electronic agents since 2000 — but the way that recognition works, and where it runs out, matters enormously for anyone building agent-driven signing into a real workflow.

This post walks through what the ESIGN Act and UETA actually say about electronic agents, where the untested territory begins, and why the architecture that survives legal review is the one where the agent prepares everything and a human completes the signature.

The law is older than the hype: ESIGN §7001(h)

The federal Electronic Signatures in Global and National Commerce Act (ESIGN, 2000) contains a provision written a quarter-century before anyone was prompting a large language model. Under 15 U.S.C. §7001(h), a contract relating to a transaction in or affecting interstate commerce may not be denied legal effect, validity, or enforceability solely because its formation, creation, or delivery involved the action of one or more electronic agents — so long as the action of the electronic agent is legally attributable to the person to be bound.

Two things in that sentence do all the work. First, the involvement of an electronic agent is not, by itself, a defense against enforcement — you cannot escape a contract just because software formed it. Second, the agent's action must be attributable to a person. The statute does not make the agent a legal actor in its own right; it treats the agent as an instrument of the human or organization that deployed it. The principal is bound, not the software.

UETA: electronic agents and automated transactions

The Uniform Electronic Transactions Act (UETA), adopted by 49 US states, goes further than ESIGN in spelling out how automated contracting works. UETA defines an electronic agent as a computer program or other automated means used independently to initiate an action or respond to electronic records or performances, in whole or in part, without review or action by an individual. That definition was written for shopping-cart software and EDI systems, but it comfortably covers a modern AI agent calling an API.

UETA's automated-transaction provisions then state that a contract may be formed by the interaction of electronic agents of the parties — even if no individual was aware of or reviewed the agents' actions — and by the interaction of an electronic agent and an individual. The attribution rule is the same as ESIGN's: an electronic record or signature is attributable to a person if it was the act of the person, which may be shown in any manner, including by the efficacy of the security procedures applied. In plain terms: if you deploy the agent, you own what it does, and the quality of your evidence determines how easy that is to prove — or to dispute.

The catch: UETA §10 assumes a human is watching

Here is where fully autonomous signing gets uncomfortable. UETA §10 deals with changes and errors in electronic records. In a transaction involving an automated system, an individual can avoid the effect of an error they made if the electronic agent did not provide an opportunity to prevent or correct the error — the statutory anchor for confirmation screens and review steps in e-commerce checkouts.

The drafters plainly assumed a human review point somewhere in the loop. When both sides of a transaction are software and the error is the agent's — a hallucinated payment term, a wrong counterparty, a misplaced decimal — §10 maps awkwardly. There is very little case law testing what happens when an AI agent, rather than a person, makes the mistake, and no court has squarely addressed a large-language-model agent committing its principal to terms the principal never saw. Fully autonomous agent-to-agent contracting is legal in the narrow sense that statutes contemplate it, and untested in the practical sense that nobody wants to be the defendant in the first big case.

The safe architecture: agent prepares, human signs

The good news is that almost none of the value of agent-driven contracting requires the agent to sign anything. The work an agent is genuinely good at — assembling the document from a template, filling fields, setting the routing order, sending it out, chasing status, filing the evidence — sits entirely on the preparation side. The signature itself is a single deliberate act, and keeping it with a human resolves the legal ambiguity at a stroke.

  • Intent — a human clicking a signing link and applying a signature demonstrates deliberate intent to be bound, the element courts examine first.
  • Consent — the signer can be shown ESIGN-style consent language and affirmatively agree to do business electronically before signing, which pure agent-to-agent flows cannot capture.
  • Error correction — the human review point that UETA §10 assumes exists by construction: the signer sees the final document before committing.
  • Attribution — the record shows a specific person signed, via a credential (an emailed one-time link) tied to them, rather than an inference from an API key.
  • Clean audit narrative — 'the agent prepared it, the named human signed it' is a story any judge, arbitrator, or procurement reviewer immediately understands.

What the audit trail must actually record

If a signed agreement is ever challenged, the platform's evidence is what stands between you and a factual dispute you cannot win. For agent-driven workflows, the bar is higher than for ordinary e-signing, because you must be able to separate what the machine did from what the person did.

Evidence elementQuestion it answersWhy it matters for agents
Actor attribution per eventWas this action taken by a user, an API key, a recipient, or the system?Distinguishes agent preparation from human signature — the core of the legal story
Tamper evidenceHas the log been altered since the events occurred?An append-only, hash-chained log resists the claim that records were edited after the fact
Consent captureDid the signer agree to transact electronically?ESIGN consumer-consent themes and general enforceability both lean on this
Signer authenticationHow do we know the right person signed?One-time signing tokens delivered to a verified email create person-level attribution
Document integrityIs this the document that was signed?Cryptographic hashes of the document before and after signing close the substitution argument
Completion certificateCan the whole story be exported and reviewed?A certificate of completion packages the evidence in a form counsel can actually use

How SumoSign implements the boundary

SumoSign is built around a two-credential model that makes the legal boundary structural rather than procedural. An API key authenticates the agent: it can create envelopes, upload documents, set signers, send, poll status, and download evidence. A one-time signing token, delivered to the human recipient by email, is the only credential that can complete a signature. There is no API call that signs a document — the capability simply does not exist on the key, so no prompt injection, bug, or over-eager automation can cross the line.

The recipient signs through a link with no account or password required, gives explicit consent to do business electronically before signing, and every event lands in an append-only, hash-chained audit log that records the actor type — user, API key, recipient, or system — for each entry. When the envelope completes, a flattened signed PDF and a certificate of completion are generated. The result is exactly the evidence story the statutes reward: agent actions attributed to the deploying principal via the key, and the signature attributed to a named human via their token.

Building contract workflows for an AI agent?

SumoSign's signature API for AI agents keeps the legal boundary structural: the agent prepares and sends under its own key, and only a human signing token can complete a signature — with every action attributed in a hash-chained audit log. See the signature API for AI agents page for the full model.

Explore the API

Frequently asked questions

Can an AI agent legally sign a contract in the US?

US law recognizes contracts formed by electronic agents — ESIGN §7001(h) and UETA's automated-transaction provisions both say so — with the action legally attributed to the person or organization that deployed the agent. What remains untested is fully autonomous signing with no human review, because UETA's error-correction rules assume a human checkpoint and there is essentially no case law on AI-agent mistakes. The defensible pattern is agent-prepares, human-signs.

Who is bound when an AI agent forms a contract?

The principal — the person or company that deployed the agent. Neither ESIGN nor UETA treats the software as a party. The agent is an instrument, like a fax machine with initiative, and its actions are attributed to whoever set it in motion. That is precisely why audit evidence showing which credential acted matters so much.

What is an 'electronic agent' under UETA?

A computer program or other automated means used independently to initiate an action or respond to electronic records, in whole or in part, without review or action by an individual. The definition predates modern AI but covers it: an LLM-based agent calling an e-signature API is an electronic agent in the statutory sense.

Why not let the agent complete the signature itself?

Because you gain almost nothing and expose yourself to real risk. The signature is one click at the end of a workflow the agent can otherwise fully automate. Keeping it human preserves intent, consent, and the error-correction opportunity UETA assumes — and it converts a novel legal question into a routine e-signature enforceable under settled law.

Does an agent-prepared contract need a special audit trail?

It needs a better one. The trail must distinguish agent actions (attributed to an API credential) from human actions (attributed to a signer's token), be tamper-evident, capture the signer's consent, and export cleanly. A generic 'signed via API' log entry blurs exactly the distinction your legal position depends on.

Are these rules the same outside the United States?

The principles travel well — most jurisdictions with modern electronic-transactions laws, including Singapore's Electronic Transactions Act and Australia's Electronic Transactions Act 1999, recognize automated message systems in contract formation with attribution to the deploying party. The details differ, so check the specific statute, but the agent-prepares/human-signs pattern is defensible in essentially every major market.