Permission + spending control layer for AI agent payments on Celo
Most agent stacks force a bad choice:
- give your bot full wallet control (unsafe) ❌
- approve every transaction manually (not autonomous) ❌
AgentPolicyKit gives a third option:
✅ programmable policies onchain
✅ least-privilege execution
✅ instant revoke / pause
✅ auditable logs for every action
AgentPolicyKit is a security-first middleware (contracts + SDK) that lets AI agents execute onchain payments on Celo under verifiable policies (limits, allowlists, time windows, and instant revocation).
contracts/
├─ PolicyRegistry.sol # Create / update / revoke agent policies
└─ ExecutionGuard.sol # Validate each action before execution
sdk/
└─ TypeScript SDK # createPolicy, executeWithPolicy, revokePolicy
demo/
└─ Autonomous Payroll Agent# cUSD payouts under policy constraints
docs/
├─ ONE_LINER_SUBMISSION.md
├─ ARCHITECTURE_DIAGRAM.md
├─ BUILD_CHECKLIST_48H.md
└─ PITCH_DECK_5_SLIDES.md- No blind trust in agents
- Fail-closed validation (if policy check fails, tx fails)
- Scoped permissions (amount, recipient, method, time)
- Emergency controls (pause/revoke now)
- Auditability by default (allow/deny events)
flowchart LR
O[Owner / Multisig] -->|createPolicy/revokePolicy| PR[PolicyRegistry.sol]
A[Agent Runtime] -->|executeWithPolicy| EG[ExecutionGuard.sol]
PR -->|policy lookup| EG
EG -->|if valid| T[Target contracts on Celo]
EG -->|emit logs| L[(Audit Events)]
- 💸 contributor payroll in cUSD
- 🏦 treasury ops with daily limits
- 🛒 commerce automations (whitelisted merchants)
- 📅 recurring payouts under policy windows
| Criterion | How AgentPolicyKit scores |
|---|---|
| Technical Innovation | Onchain policy engine for autonomous agent finance |
| Developer Experience | Minimal SDK + templates for common payment flows |
| Security & Trust Minimization | Least privilege, revocation, audit logs |
| Real-World Applicability | Immediate use in payroll/treasury/agent commerce |
See: docs/BUILD_CHECKLIST_48H.md
Quick milestones:
- contracts v1
- SDK v1
- payroll demo
- 2-min demo video
- Karma + submission assets
Autonomous systems should increase human agency, not wallet risk.
No hype wrappers. No trust-me security.
Just clear policy rails for bots that move real money.