Smart Accounts with Spending Guardrails for AI Agents
Give your bots their own wallets — completely separated from yours — with built-in spending limits enforced on-chain. Generate a dedicated keypair, deploy a smart account, and define exactly what your agent can do. Think AWS IAM + CloudTrail for autonomous crypto agents.
The Problem
AI agents need private keys to sign transactions autonomously. But sharing your personal wallet's private key with a bot means the bot has unlimited access to all your assets. There's no separation, no limits, and no kill switch.
Shared Private Keys
Bots need raw private keys to sign transactions, but using your personal wallet key gives them access to everything you own.
No Spending Limits
Most agents have full access with no per-transaction caps, daily volume limits, or action restrictions.
No Kill Switch
If something goes wrong, there's no easy way to revoke access or stop actions mid-flight.
The Solution
AgentGuardrail gives each bot its own wallet with built-in spending guardrails. Generate a dedicated keypair, deploy a smart account, and set policies that are enforced on-chain. Your personal wallet never touches the bot.
Dedicated Bot Keys
Generate a fresh keypair for each bot. The private key is shown once and never stored. Your personal wallet stays completely separate.
Smart Account Deployment
Each bot gets an ERC-4337 smart account. Fund it with only what the bot needs. Unauthorized transactions are blocked before execution.
Spending Guardrails
Set per-transaction limits, daily volume caps, and action allowlists. Policies are enforced on-chain — bots physically cannot exceed limits.
Complete Audit Trail
Every validation request, policy change, and permission grant is logged. Export to JSON/CSV for compliance and analysis.
How It Works
Integrate AgentGuardrail into your agent's workflow in minutes.
Define Policies
Create policies that specify allowed actions, assets, and constraints through our dashboard or API.
Validate Actions
Before executing any action, your agent calls our API to check if the action is permitted.
Execute Safely
If allowed, proceed with the action. If denied, handle gracefully. Everything is logged for audit.
# Your agent's code
if guardrail.validate(agent_id, action={
"type": "swap",
"amount": "1000",
"token": "USDC"
}):
# Action is allowed - execute it
execute_swap(...)
else:
# Action denied - handle gracefully
log_denied_action(...)Never Share Your Private Key with a Bot
AgentGuardrail generates a fresh keypair for each bot during agent creation. The bot gets its own private key and its own smart account — completely isolated from your personal wallet. You control the guardrails, the bot operates within them.
- One-click keypair generation in the browser
- Private key shown once, never stored on any server
- Download .env file with all bot connection details
- Smart account enforces spending limits even if bot is compromised
- Fund only what the bot needs — your main wallet stays safe
How Bot Signer Generation Works
Register Agent
Choose "Secure Account" and "Generate Bot Signer"
Generate Keypair
A fresh private key + address is created in your browser
Deploy Smart Account
An ERC-4337 account is deployed with the generated address as signer
Save & Configure Bot
Download the .env file and give it to your bot
Set Guardrails
Create policies with spending limits — enforced on-chain
Built on ERC-8004
AgentGuardrail implements the ERC-8004 standard for AI agent authorization with AgentGuardrail Secure Accounts for guaranteed enforcement. Policies are enforced both off-chain (API validation) and on-chain (Secure Account transaction gating).
- Standards-compliant agent identity registry
- On-chain policy storage and enforcement
- Guardrail Secure Accounts with policy-gated transactions
- Mintable permission tokens (NFTs)
- Interoperable with other ERC-8004 systems
Deployed Contracts (Base Mainnet)
IdentityRegistry
0xd0978eA4101d6144457bfbF5317499fbb5Fccf01PolicyRegistry
0xc35B3D74521005C7AeA58E1B3483DcBE99B1336BPermissionEnforcer
0xDc602Cf56679FF23dd17Ea65d3c47E7Ba81Eb470PriceOracle
0x32b2088F68427526bE8931C2Dc61eC2520d10F00GuardrailFeeManager
0x980d454d79306AFdB8EE5B01F50BeF84760A8380AgentAccountFactory
0x94991827135fbd0E681B3db51699e4988a7752f1Deployed Contracts (Sepolia Testnet)
IdentityRegistry
0xc1fa477f991C74Cc665E605fC74f0e2B795b5104PolicyRegistry
0x92cd41e6a4aA13072CeBCda8830d48f269F058c4PermissionEnforcer
0x45Aa939A935b6B2Bde32a43aD48cF58AE0D9308dGuardrailFeeManager
0x59f50323A5e31ec64470b854c44735EC95929c78AgentAccountFactory
0xb284E09d396F5fbeb49587886FB13a186767F14CPriceOracle
0x052cDddba3C55A63F5e48F9e5bC6b70604Db93b8Guaranteed On-Chain Enforcement
Every agent runs through an ERC-4337 smart account. There is no advisory mode — policy enforcement is always on, always on-chain.
On-Chain Enforcement — Always
Every agent operates through a Guardrail Smart Account. validateUserOp() calls PermissionEnforcer before any transaction reaches the chain. Violating transactions revert — there is no bypass, no override, no exception.
- On-chain + off-chain enforcement (double layer)
- Violating transactions revert automatically
- Per-transaction value limits
- Daily volume caps
- Token and protocol allowlists
- Chain restrictions
- Transaction count limits
- Time-bounded permissions
Use Cases
AgentGuardrail is designed for any AI agent that needs to interact with blockchain.
DeFi Trading Bots
Limit trading to specific pairs, set maximum position sizes, and cap daily trading volume. Perfect for automated trading strategies.
Portfolio Managers
Allow rebalancing within defined parameters. Restrict to approved protocols and set maximum allocation percentages.
Yield Optimizers
Permit staking and unstaking actions while limiting which protocols can be used and setting minimum lock periods.