# Overview Brain's on-chain surface is intentionally small. Most logic lives off-chain. On-chain contracts exist to anchor state, register identity, enforce ERC-4337 validation, and route agent execution. | Property | Value | | ------------------- | --------------------------------------- | | **Network** | Base L2 | | **Language** | Solidity 0.8.x | | **Toolchain** | Foundry | | **Upgrade pattern** | Transparent proxy with 48-hour timelock | | **Audits** | Two independent audits before mainnet | | **Bug bounty** | Public coverage | ### The four core contracts
🛡️ BrainAuditAnchorStores Merkle roots of per-tenant audit batches. Immutable after submission./pages/5njwTjZlypdSt55BbRDG
📋 BrainPolicyRegistryRegisters policy version hashes per tenant, signed via EIP-712./pages/Qk74oUUATzrLis1xhGcb
🔐 BrainSmartAccountERC-4337 account validating UserOps against scope and policy verdict./pages/2xFXIKlbOlKKY8V47AgE
🪪 BrainMCPAgentRegistryERC-8004 compatible agent identity, capabilities, and reputation pointer./pages/7cGQBqLnTUZjyofcuHlm
### Settlement integrations
📦 ERC-8183 EscrowEscrowed jobs and conditional payments for agent-paid work./pages/pdclcSITK44863badHKU
⚡ x402 SettlementHTTP-native machine payments for per-call API access./pages/pdclcSITK44863badHKU
### Standards composed | Standard | Role in Brain | | ------------------- | ------------------------------------------------------ | | **ERC-4337** | Smart account model and UserOperation execution | | **EIP-7702** | Delegated execution for EOAs (single-session lifetime) | | **ERC-8004** | Agent identity, validation records, reputation root | | **ERC-8183** | Escrowed jobs and conditional payments | | **EIP-712** | Typed-data signatures for policies, scopes, approvals | | **EIP-4361 (SIWX)** | Sign-In With X for agent authentication | | **x402** | HTTP-native machine settlement | ### Upgrade safety | Mechanism | Purpose | | --------------------------------------- | -------------------------------------------------------------- | | **Transparent proxy** | Upgradable implementation, immutable storage | | **48-hour timelock** | Tenants and agents have time to react before upgrades activate | | **Anchorer keys on HSMs** | Roots cannot be anchored from compromised infrastructure | | **Strict monotonicity on `batchIndex`** | History cannot be silently rewritten | | **Independent audits** | Two firms before mainnet, plus bug bounty | {% hint style="info" %} Most logic is off-chain by design. The on-chain surface is the smallest possible footprint required to anchor truth, register identity, and enforce ERC-4337 validation. {% endhint %} ### Threat model | Trusted | Untrusted | | ----------------------------------------- | ----------------------------------- | | The user's smart account contract code | Any off-chain backend | | `BrainPolicyRegistry`, `BrainAuditAnchor` | Any RPC endpoint | | The user's owner key | Any UI or hosted service | | Anchorer keys (HSM-protected) | Any individual extractor or service | Even if Brain's backend were fully compromised, an attacker would still need to produce a valid EIP-712 signature from a key the on-chain contracts recognize. Stale verdicts expire. Reused nonces are rejected. ### What's next
🛡️ BrainAuditAnchorMerkle anchoring for audit history./pages/5njwTjZlypdSt55BbRDG
📋 BrainPolicyRegistryPolicy version hashes on-chain./pages/Qk74oUUATzrLis1xhGcb
🔐 BrainSmartAccountERC-4337 with policy and scope checks./pages/2xFXIKlbOlKKY8V47AgE
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.brain.fi/smart-contracts/overview.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.