{"id":50496191,"url":"https://github.com/davidweb3-ctrl/agentguard-protocol","last_synced_at":"2026-06-02T07:04:00.133Z","repository":{"id":355380805,"uuid":"1227885163","full_name":"davidweb3-ctrl/agentguard-protocol","owner":"davidweb3-ctrl","description":"Programmable spending firewall for autonomous agents on Solana.","archived":false,"fork":false,"pushed_at":"2026-05-03T11:05:01.000Z","size":121,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-03T11:36:47.527Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/davidweb3-ctrl.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-05-03T09:45:43.000Z","updated_at":"2026-05-03T10:57:04.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/davidweb3-ctrl/agentguard-protocol","commit_stats":null,"previous_names":["davidweb3-ctrl/agentguard-protocol"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/davidweb3-ctrl/agentguard-protocol","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidweb3-ctrl%2Fagentguard-protocol","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidweb3-ctrl%2Fagentguard-protocol/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidweb3-ctrl%2Fagentguard-protocol/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidweb3-ctrl%2Fagentguard-protocol/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/davidweb3-ctrl","download_url":"https://codeload.github.com/davidweb3-ctrl/agentguard-protocol/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davidweb3-ctrl%2Fagentguard-protocol/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33810345,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-02T02:00:07.132Z","response_time":109,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-06-02T07:03:58.776Z","updated_at":"2026-06-02T07:04:00.123Z","avatar_url":"https://github.com/davidweb3-ctrl.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# AgentGuard Protocol\n\nProgrammable spending limits for autonomous agents on Solana.\n\n**Give agents budgets, not private keys.**\n\nAgentGuard Protocol is a Solana-native spending firewall for AI agents. Owners fund a policy vault, define merchant allowlists and token limits, and let an autonomous agent pay only inside those on-chain rules.\n\nThe hackathon MVP demonstrates an x402-style paid API flow: the API returns an HTTP 402 challenge, the agent pays through the AgentGuard program, the program checks policy before any token transfer, and the API unlocks paid data only after verifying the on-chain receipt PDA.\n\n## What The MVP Proves\n\n- AI agents can pay on Solana without receiving unrestricted wallet access.\n- Owners can constrain agent spending with on-chain policy.\n- Paid APIs can use AgentGuard receipts as proof of payment.\n- Human operators can pause an agent through a Solana Action-style endpoint.\n\n## Demo Flow\n\n```mermaid\nsequenceDiagram\n    participant Owner\n    participant Agent\n    participant API as x402 Demo API\n    participant Program as AgentGuard Program\n    participant Merchant\n\n    Owner-\u003e\u003eProgram: initialize_agent + deposit test USDC\n    Owner-\u003e\u003eProgram: add_merchant + limits\n    Agent-\u003e\u003eAPI: GET paid resource\n    API--\u003e\u003eAgent: HTTP 402 challenge\n    Agent-\u003e\u003eProgram: agent_pay(amount, request_hash)\n    Program-\u003e\u003eProgram: check authority, allowlist, limits, cap, paused status\n    Program-\u003e\u003eMerchant: SPL token transfer\n    Program-\u003e\u003eProgram: create PaymentReceipt PDA\n    Agent-\u003e\u003eAPI: retry with receipt proof\n    API-\u003e\u003eProgram: verify receipt account\n    API--\u003e\u003eAgent: paid data\n```\n\n## Implemented\n\n- Anchor program with policy vaults and SPL token transfers.\n- Owner instructions:\n  - `initialize_agent`\n  - `deposit`\n  - `add_merchant`\n  - `set_policy`\n  - `set_pause`\n- Agent instruction:\n  - `agent_pay`\n- Policy checks before transfer:\n  - agent authority\n  - merchant allowlist\n  - per-transaction limit\n  - daily limit\n  - merchant cap\n  - paused status\n  - mint and vault constraints\n- `PaymentReceipt` PDA for successful payments.\n- TypeScript SDK helpers for PDA derivation and transaction construction.\n- Express x402-style demo API.\n- Agent client that handles the 402 challenge, pays, and retries.\n- Next.js dashboard view.\n- Solana Action-style pause endpoint.\n- Demo runbook and rehearsal checker.\n\n## Quick Demo\n\nPrerequisites:\n\n- Solana CLI with `solana-test-validator`\n- Anchor 0.32.1\n- pnpm\n- A local Solana wallet at `~/.config/solana/id.json`\n\nInstall and build:\n\n```bash\npnpm install\nanchor build\n```\n\nStart localnet:\n\n```bash\nsolana-test-validator --reset \\\n  --bpf-program 3AfwmYdCAd9LeRdbiKAJuWBcGVQFtCEStbanoU5TW838 \\\n  target/deploy/agentguard_protocol.so\n```\n\nIn another terminal, seed the demo:\n\n```bash\npnpm --filter @agentguard/x402-demo-api seed\nset -a \u0026\u0026 source .env.demo \u0026\u0026 set +a\n```\n\nStart the paid API:\n\n```bash\nset -a \u0026\u0026 source .env.demo \u0026\u0026 set +a\npnpm --filter @agentguard/x402-demo-api dev\n```\n\nRun the agent payment flow:\n\n```bash\nset -a \u0026\u0026 source .env.demo \u0026\u0026 set +a\npnpm --filter @agentguard/x402-demo-api agent\n```\n\nExpected result:\n\n- The first API request returns an HTTP 402-style challenge.\n- The agent submits `agent_pay`.\n- The program creates a `PaymentReceipt` PDA.\n- The API verifies the receipt and returns `paidStatus: 200`.\n\nRun an over-limit rejection:\n\n```bash\nset -a \u0026\u0026 source .env.demo \u0026\u0026 set +a\npnpm --filter @agentguard/x402-demo-api agent:over-limit\n```\n\nExpected result:\n\n- The program rejects the over-limit payment.\n- Vault and merchant balances remain unchanged.\n\nCheck the pause Action endpoint:\n\n```bash\nset -a \u0026\u0026 source .env.demo \u0026\u0026 set +a\npnpm --filter @agentguard/web dev\n```\n\nIn another terminal:\n\n```bash\nset -a \u0026\u0026 source .env.demo \u0026\u0026 set +a\npnpm --filter @agentguard/x402-demo-api check:pause-action\n```\n\nFor the full rehearsal sequence, see [docs/DEMO_RUNBOOK.md](docs/DEMO_RUNBOOK.md).\n\n## Verification\n\n```bash\npnpm lint\npnpm -r typecheck\npnpm --filter @agentguard/web build\npnpm test:ts\n```\n\nLatest local rehearsal status:\n\n- x402 challenge to `agent_pay` to paid data: passed.\n- on-chain receipt verification: passed.\n- pause Action transaction generation: passed.\n- Anchor tests: 16 passing.\n\n## Repository Layout\n\n```text\napps/web/                  Next.js dashboard and Action endpoint\ndocs/                      Product docs, runbook, and demo script\npackages/sdk/              TypeScript PDA and transaction helpers\nprograms/agentguard-protocol/\n                           Anchor program\nservices/x402-demo-api/    Demo paid API, agent client, seed scripts\ntests/                     Anchor TypeScript tests\n```\n\n## Program ID\n\n```text\n3AfwmYdCAd9LeRdbiKAJuWBcGVQFtCEStbanoU5TW838\n```\n\n## Why Solana\n\nAgent payments need low fees, fast confirmation, cheap receipts, and composable payment surfaces. Solana provides:\n\n- SPL token transfers for USDC-style payments.\n- PDAs for policy vaults and receipt addresses.\n- Fast settlement for per-request machine payments.\n- Actions and Blinks for human override UX.\n\n## Non-Goals For This MVP\n\n- Real mainnet custody.\n- Full x402 facilitator implementation.\n- Natural-language policy parsing.\n- Cross-chain execution.\n- DeFi strategy automation.\n- Enterprise compliance workflow.\n\n## Post-MVP Roadmap\n\n- Devnet deployment with real wallet signing.\n- USDC integration.\n- Facilitator-compatible x402 settlement.\n- Dashboard-backed create, deposit, merchant, pause, and receipt views.\n- Replay-resistant request metadata and richer receipt verification.\n- Multisig or team-owned policy administration.\n\n## License\n\nApache-2.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdavidweb3-ctrl%2Fagentguard-protocol","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdavidweb3-ctrl%2Fagentguard-protocol","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdavidweb3-ctrl%2Fagentguard-protocol/lists"}