Covenant

Covenant is an operational trust layer for AI agents that quote markets, reconcile treasuries, or drive wallet-facing flows. Before a sensitive transaction is executed, it is evaluated against versioned policies (limits, protocols, pairs, memo/threat signals, and scoring). Each check returns a clear allow or block with a human-readable reason and persists audit-grade records—so teams can reconcile what autonomy tried to do, not argue from logs after the fact. The product couples a focused dashboard (overview metrics, Live Demo replay, Agent Studio simulations, Policies authoring with optional natural-language compile, threat/event views) with a thin REST API and SDK-style integration (POST /api/check) suitable for backends and workers. Partner-style integrations (Uniswap Trading API health via server-side keys, optional Gensyn AXL topology, optional 0G Storage uploads for receipts) illustrate how Covenant stays behind a single API boundary while proving real protocol connectivity—not a slideshow.

Covenant splits a React + Vite single-page client from a Node + Express API. The frontend uses wallet context for workspace identity and navigates routed sections (Overview, Policies, Agent Studio, Live Demo, Threat Logs, Integrations, Account). Policy evaluation, scoring, natural-language compilation, deterministic demo scenarios, and persistence live in server modules (engine, covenant store, JSON/JSONL files for policies, decisions, events, scores). POST /api/check is the core integration surface: it loads policies and threats, runs evaluateCheck, updates scores, appends a hash-chained decision record, emits events, and triggers optional webhooks and 0G audit blob upload when configured. Integrations are isolated in small modules (e.g. Uniswap quote/probe, AXL HTTP client, 0G TS SDK + ethers). A TypeScript SDK package wraps the same /api/check contract for non-browser clients. The hacky-notable bit is that the defense isn’t one regex: layered memo-based injection detection, threat signatures, spend / velocity circuit breakers, and a compound score that feeds the next decision, that’s where the system earns ‘firewall’ instead of checkbox. We kept real side effects behind the API: when configured, ALLOW paths can fan out to webhooks plus 0G Storage audit blobs via the official SDK - same decision object the UI surfaced, now durable off-box.