search

Policies and Authorization

The authorization layer encodes all constraints governing agent behavior as structured policies, evaluated before execution at both the backend and the smart account level.

hashtag
Policy Structure

Policies are JSON objects that define the boundaries within which an agent may act. They are hashed and stored on-chain so the PolicyValidator contract can verify any proposed action against them.

{
  "spendLimit": "1000 USDC/day",
  "allowedContracts": ["0xUniswapV3", "0xAaveV3"],
  "allowedAssets": ["USDC", "ETH"],
  "timeWindow": "09:00-21:00 UTC",
  "approvalThreshold": "2-of-3"
}

hashtag
What Policies Control

Dimension
Example Values

Spend limits

"500 USDC/day", "10 ETH/week"

Allowed contracts

Allowlist of contract addresses

Allowed assets

["USDC", "ETH", "WBTC"]

Time windows

"09:00-21:00 UTC"

Approval thresholds

"1-of-1", "2-of-3"

Dynamic conditions

Risk scores, anomaly detection, usage thresholds

hashtag
The Policy Execution Flow

1

hashtag
Agent proposes an action

For example: "swap 100 USDC for ETH" or "call API Z via x402."

2

hashtag
Backend normalizes the request

The action is converted into a canonical action object understood by the policy engine.

3

hashtag
Static rules evaluated

Spend limits, allowlists, time windows, and replay protection are checked.

4

hashtag
Dynamic conditions evaluated

Risk scores, anomaly detection, and usage thresholds are applied.

5

hashtag
Policy proof issued

If approved, the engine issues a signed policy proof. This proof is attached to the resulting UserOperation or job and verified on-chain by the PolicyValidator contract.

hashtag
On-Chain Policy Validation

circle-exclamation

The PolicyValidator contract is invoked from the ERC-4337 validateUserOp path. Any UserOperation lacking a valid policy proof is rejected at the account level — no exceptions.

PreviousAgent Identity and ReputationNextMachine Native Payments

Last updated