HumanSign

HumanSign is a policy + human-consent layer for AI agent wallets. An agent gets an on-chain spending vault with per-transaction and daily limits: under the limit it pays autonomously; over the limit the payment pauses and lands on the owner's phone as a one-tap, gas-sponsored, biometric approval in their World App — settled on-chain. Every agent is named via ENS and identified via ERC-8004, so each approval becomes a verifiable on-chain audit trail. Any AI agent integrates through a single MCP tool — no contract or signing knowledge needed. Live on World Chain mainnet.

Contracts in Foundry/Solidity (OpenZeppelin SignatureChecker + EIP-712): SpendGuard is a token-agnostic policy vault with two paths — executePayment (autonomous, under-limit) and approveIntent + executeApprovedPaymentOnchain (human-approved, over-limit). The interesting hack: World App disallows signTypedData, and a World App smart-account signature can't be verified on testnet (the account only deploys on World Chain mainnet), so we moved to mainnet and pivoted from off-chain signatures to on-chain approval — the owner's World App sends a gas-sponsored approveIntent transaction (which also deploys their smart account), and the backend reads approvedIntents straight from the chain (the contract is the source of truth). A mock seller uses HTTP 402 (x402); the agent pays and the seller verifies the USDC Transfer event in the receipt. Identity: ERC-8004 on-chain tokenURI agent card + ENS on Ethereum mainnet (humansign.eth subnames with erc8004/vault/policy text records). Distribution: a Model Context Protocol server exposes it to any AI agent via one buy_data tool. Stack: Foundry, World Chain, @worldcoin/minikit-js, World ID, ENS, ERC-8004, viem, Fastify, Next.js, MCP.