Every AI agent payment,
governed.
The governance layer for autonomous agent payments on Circle Nanopayments. Identity, policy, anomaly, intent, and audit — all on Arc. Three lines of SDK code.
Six layers between the agent and the money.
Each payment runs through every check, cheapest-first. If any layer blocks, USDC never leaves. If approved, the decision settles on Arc and an audit receipt is written to chain.
Kill switch
Operator can pause any agent's wallet instantly; in-flight payments bounce.
ERC-8004 identity
Every sender and recipient is verified against the on-chain IdentityRegistry.
Policy
YAML-defined rules: spend caps, allowlists, approval flows, per-recipient limits.
Anomaly
Z-score vs. the agent's historical baseline. First-time recipients flagged.
Intent (Claude Haiku 4.5)
Semantic analysis of the payment intent. Catches prompt injection in English.
On-chain audit receipt
Every decision written to Arc as a nanopayment memo. Non-repudiable.
Where AgentGuard sits.
We're a thin layer the agent calls instead of Circle directly. Operator policies and on-chain identity gate every payment before any USDC moves. Same SDK on every framework.
Agent operators
CFOs, security teams, platform engineers
Autonomous AI agents
Claude Agent SDK · LangChain · AutoGen · CrewAI · custom
Every payment runs five layers in sequence.
The operator's policy + on-chain identity + statistical baselines + Claude's read of the agent's intent — all evaluated synchronously before the wallet ever signs.
Circle Nanopayments
Developer-Controlled Wallets · Gateway · x402
Arc Testnet
USDC as native gas · sub-second finality · public block explorer
Three lines.
Every framework.
Point your agent at AgentGuard instead of Circle. We run governance, forward the approved call, return the receipt. No wallet re-custody, no change to your agent framework.
from agentguard import AgentGuard
guard = AgentGuard(
agent_id="research-agent-v1",
policy_file="policies/research.yaml",
circle_wallet_id="...",
)
# every payment passes through 6 checks
receipt = guard.pay(
to_agent_id="data-vendor-agent-v1",
amount_usdc=0.001,
intent="Buy Q3 macro stats report",
)
if not receipt.approved:
print(f"blocked: {receipt.reason}")agent_id: research-agent-v1
owner_wallet: 0xAcmeCorp
spending_limits:
per_transaction: 5
per_day: 50
per_recipient_per_day: 10
recipient_policy:
type: allowlist
approved_recipients:
- data-vendor-agent-v1
- inference-agent-v1
- sms-agent-v1
fallback_action: block
intent_verification:
enabled: true
sensitivity: high
approval_rules:
- if: transaction_amount > 2
then: require_human_approval
kill_switch:
enabled: true
authorized_pausers:
- 0xOperatorOperators write YAML.
The rail enforces it.
Every spend cap, allowlist, approval flow, and category filter lives in version-controlled YAML — reviewed in pull requests, deployed atomically, enforced on every payment. Audit log on Arc is automatic; no SDK code change for new rules.
Only economically viable on Circle Nanopayments.
At $0.30 per Stripe transaction, charging $0.0001 per governance check is physically impossible. On Circle Nanopayments + Arc, it's routine — a busy agent pays us a few dollars a day, we settle every decision on chain.
Every payment. Every agent. Governed.
Three lines of SDK. Real Circle Nanopayments on Arc. Identity, policy, anomaly, and Claude Haiku 4.5 intent classification — all on chain.