Protocol Overview
Aegis Protocol is a Solana smart contract built with Anchor that provides policy-based transaction execution for AI agents.
Program Details
Program ID (Devnet): ET9WDoFE2bf4bSmciLL7q7sKdeSYeNkWbNMHbAMBu2ZJ
Framework: Anchor 0.30.1
Language: Rust
Core Features
Policy Enforcement
- Daily Spending Limits - Maximum lamports per 24-hour period
- Address Whitelist - Up to 20 approved recipients
- Vault Pausing - Emergency stop for all transactions
Override System
- Manual Approvals - Owners can approve blocked transactions
- Expiration - Overrides expire after 1 hour (configurable)
- On-Chain State - All overrides stored on-chain
Fee Collection
- Protocol Fees - 0.05% (5 basis points) on all transactions
- Treasury PDA - Fees collected to single treasury account
- Minimum Fee - 5000 lamports (0.000005 SOL)
Account Structure
VaultConfig
Main vault configuration account storing:
- Owner and agent signer keys
- Daily limit and spent amount
- Whitelist (20 addresses max)
- Vault state (paused/active)
- Override nonce counter
PendingOverride
Override request accounts storing:
- Destination and amount
- Block reason
- Expiration timestamp
- Approval status
FeeTreasury
Singleton treasury for protocol fees.
Instructions
| Instruction | Description | Signer |
|---|---|---|
initialize_vault | Create new vault | Owner |
execute_guarded | Execute owner-signed tx | Owner |
execute_agent | Execute agent-signed tx | Agent |
create_override | Request manual approval | Owner/Agent |
approve_override | Approve override | Owner |
execute_approved_override | Execute approved tx | Owner |
update_daily_limit | Change daily limit | Owner |
add_to_whitelist | Add whitelisted address | Owner |
remove_from_whitelist | Remove from whitelist | Owner |
pause_vault | Emergency pause | Owner |
resume_vault | Resume paused vault | Owner |
update_agent_signer | Rotate agent key | Owner |
Events
All state changes emit events for Guardian monitoring:
VaultCreated- New vault initializedTransactionExecuted- Successful transactionTransactionBlocked- Policy violationOverrideCreated- Override requestedOverrideApproved- Owner approvedPolicyUpdated- Configuration changedVaultPaused/VaultResumed- Emergency controlsAgentSignerUpdated- Key rotation
Security Model
On-Chain Guarantees
- ✅ All policy checks happen on-chain
- ✅ Agent cannot bypass policies
- ✅ Owner cannot be impersonated
- ✅ Fees cannot be avoided
- ✅ Integer overflow protection
- ✅ Account ownership verification
Checked Arithmetic
All arithmetic uses checked operations:
let new_spent = vault.spent_today
.checked_add(amount)
.ok_or(AegisError::ArithmeticOverflow)?;Next Steps
- Architecture - System design
- Accounts - PDA structures
- Instructions - All instructions
- Errors - Error codes
- Security - Security model