Governance for autonomous agents

Governance infrastructure for autonomous AI agents

Aegis sits between an agent's reasoning and its execution. We control what it can do before it acts, verify the action against its stated purpose, and produce a record you can show anyone. Operators get accountability without writing it themselves.

The problem with shipping agents to production

Agents need authority to act on your behalf. But raw authority — your wallet, your private key — is binary: total trust or no trust. There is no middle, no boundary, no record. That works for a demo. It does not work for a production deployment, and it definitely does not work for compliance.

No real boundary

Giving an agent your private key gives it access to everything you own. There's no spending cap, no allowed-action list, no kill switch.

No purpose check

An agent can drift from its stated purpose with no system catching the drift. Nothing verifies that what it's about to do matches what it's supposed to be doing.

No defensible record

When something goes wrong, you need to show what happened, what authority the agent had, and why each action was permitted. Most stacks can't produce that record.

The three jobs Aegis does

An agent is safe to deploy when you can answer all three questions: what is it allowed to do, did it stay on purpose, and what actually happened.

Control

The agent can't do anything you didn't authorize.

  • • Spend, frequency, and asset rules — enforced before each action lands
  • • x402 / EIP-3009 payments enforced and counted against the same limits
  • • Time-bounded authority you can revoke at any time
  • • Approved actions, tokens, protocols, and chains — nothing outside the list

Judgment

The agent's actions match its stated purpose.

  • • Each action ties to a declared purpose checked against the transaction
  • • Pass/fail decisions on submitted work before any funds move
  • • A compromised agent still can't exceed policy — the contract is the final word

Visibility

You know what happened and can prove it.

  • • Every authorization, action, and outcome captured in one record
  • • Behavioral signals surfaced as the agent runs, not after the fact
  • • Compliance-ready exports for the questions that come later
Wallet separation

Your agent never touches your personal wallet

Each agent gets its own dedicated keypair, generated in your browser at creation time. The agent operates from its own account — funded with only what it needs and bounded by the policy you set. You control the boundary, the agent operates inside it.

  • One-click keypair generation in the browser
  • Private key shown once, never stored on any server
  • Download a .env file with everything the bot needs
  • A compromised agent still can't exceed its policy
  • Fund only what the agent needs — your main wallet stays untouched

How agent setup works

1

Register the agent

Give it a name and choose a signer type

2

Generate a keypair

A fresh signer is created in your browser

3

Deploy the agent's account

The agent gets its own on-chain account, bound to that signer

4

Save and configure the bot

Download the .env file and give it to your agent code

5

Write the policy

Spending limits and rules — enforced on-chain from the first transaction

No off-chain override

Every agent runs through a policy-gated account. Enforcement is always on, always on-chain. There is no advisory mode, no exception path, no override.

What gets enforced

A disallowed action does not execute. The transaction reverts on-chain before any funds move, the violation is recorded in your audit log, and your operator dashboard sees it within seconds.

  • Per-transaction value limits
  • Daily volume caps
  • Transaction count limits
  • Time-bounded permissions
  • Action allowlists
  • Token and protocol allowlists
  • Chain restrictions
  • Time-of-day windows

For the under-the-hood version — contract addresses, the request-flow diagram, and how enforcement runs inside the validation path — see the docs.

Where Aegis fits

Any agent that moves value on-chain benefits from explicit authorization and an audit trail.

DeFi trading agents

Limit trades to approved pairs and protocols. Cap position size, cap daily volume.

Treasury and portfolio

Allow rebalancing within bounds. Restrict to approved venues, set maximum allocation per asset.

Orchestration and ops

Coordinate borrow, swap, and stake flows — without ability to deviate from approved sequences.

Ready to deploy a governed agent?

Free during early access — no account creation fee, no transfer fee. Network gas applies as usual.

Aegis · Governance for autonomous AI agents