Agent
Guardrails.

Signed capability manifests for AI agents. Spending caps, receiver allowlists, cooldown windows — provably enforced by the protocol. No unsigned policy executes.

Next: zkPay →

Features.

Signed Capability Manifests

Policies are signed by the agent owner. The signature is verifiable on-chain. No unsigned policy can be enforced.

Spending Caps

Each policy specifies a maximum spend per transaction, per day, or per epoch. Exceeding the cap fails at settlement.

Receiver Allowlists

Agents can only pay addresses that appear in their policy manifest. One-time addresses can be whitelisted per transaction.

Cooldown Windows

Policies can enforce minimum time between transactions. During cooldown, settlements are rejected even with a valid proof.

Expiry + Revocation

Policies expire after a UNIX timestamp. The owner can revoke a policy at any time — revoked policies cannot settle.

Hierarchical Policies

Policies can delegate to sub-policies. A top-level policy can grant limited authority to sub-agents without giving full access.

Signed manifests.

Every policy is signed by the agent owner's wallet. The signature is verified on-chain before any settlement is accepted. A policy without a valid signature cannot execute.

Policies can be rotated, revoked, or upgraded without changing the agent's address. The protocol always enforces the current active policy.

zkpolicy.ts

// Agent owner: create a signed policy manifest
const policy = await cloak.zkPolicy.create({
  agent: agentWallet.address,
  maxAmount: "1000000000000000",  // 0.001 ETH
  cooldownSeconds: 3600,
  allowedReceivers: [merchant.address],
  expiresAt: Math.floor(Date.now()/1000) + 86400
})

// Sign with owner's wallet
const signed = await agentWallet.sign(policy)

// Agent: execute within policy bounds
await cloak.zkPay.createIntent({ ..., policy: signed })

// Protocol: verifies signature before any settlement

AgentGuardrails.