ZeroKey-Treasury

ZeroKey Treasury is an execution firewall for agent-to-agent commerce. Agents can discover and negotiate with API providers, but before any USDC leaves the wallet, our Firewall enforces explicit governance (recipient invariants, spend limits, anomaly checks) and returns an explainable decision: APPROVED / WARNING / REJECTED. Payments follow an HTTP 402 “payment required” flow and are verified on-chain via txHash receipts, then persisted as a purchase log for auditability. This aligns with Arc-style USDC treasury operations (safe payouts, budgets, verifiable settlement) while using ENS to make agent/provider identity human-readable and composable.

Frontend: Next.js (App Router) with wallet UX via wagmi/viem. Backend: Hono API implementing a 402-style USDC paywall (/pay/request → client transfer → /pay/submit receipt verification). The Firewall layer gates execution using policy rules + anomaly signals and produces human-readable reasons (not a black-box score). We persist verified purchases in SQLite (txHash + provider + rationale) and show them in a dashboard log with Base explorer links. ENS is used for provider/agent identity to make discovery and payments more legible. The critical flow is protected with automated UAT-style tests to keep demo quality stable.