StableSettle

StableSettle is the on-chain firewall for AI agents. One command spawns an agent with its own wallet, an ENS name, and a budget-capped vault on Arc (where USDC is gas). Every payment passes a single Solidity spend() gate — lifetime cap, per-tx limit, 24h velocity cap, and recipient allowlist — so overspending, or paying an address the owner didn't approve, reverts on-chain, even under prompt injection. Driven by plain-English MCP tools.

The contract (the whole point). AgentVault.sol is written in Solidity and deployed on Arc, Circle's chain where USDC is the native gas token — so the treasury, the spend, and the spending cap all live in one contract instead of being split across a token and a gas asset. Every payment runs through a single spend() gate that checks a lifetime budget cap, a per-transaction ceiling, a rolling 24h velocity limit, and an opt-in recipient allowlist before any money moves — and reverts (BudgetExceeded, RecipientNotAllowed, DailyLimitExceeded) if any is crossed. The agent never holds the funds; it only holds an AGENT_ROLE that lets it request a spend. Built and tested with Foundry (56 vault tests, 92 repo-wide).

The MCP server (the agent interface). A TypeScript MCP server (@modelcontextprotocol/sdk) exposes six tools — spawn_agent, fund_agent, topup_gas, agent_pay, agent_pay_x402, get_agent — so the whole product is driven from Claude in plain English; the tool descriptions do the work, no CLI flags. It speaks both stdio (local .mcp.json) and Streamable HTTP (hosted, bearer-token auth) from the same code.