Three Anchor programs that turn Quantu’s IdentityRegistry + ReputationRegistry primitives into a full agent-payment trust system: programmable spending policies, x402 facilitator integration, and capability attestation. Five formally-verified safety properties. Drop-in TypeScript SDK.
Architecture
Each program is independently useful. Composed, they form a complete payment-trust primitive a facilitator can drop into an x402 stack in an afternoon.
Programmable spending policies
Five orthogonal policy kinds composed under one gate_payment instruction with fail-fast semantics. KillSwitch, Spending, Velocity, CounterpartyTier, RequireValidation.
Program ID (devnet)
8Y6fGeNEHgmWmbt8JsRcF72jxbeBfJhomMjG6SuoJQTRx402 facilitator integration
Anchor program + Express service + npm SDK. PDA-signed CPI to agent_registry_8004::give_feedback with idempotency-checked emission log. Atomic-tx invariant enforced at compile-time + runtime.
Program ID (devnet)
HF8zHfoyA7b5mhLViopTnRMprc6ZT5KActHTdkFrih2NCapability attestation
The third leg Quantu archived in v0.5.0 — productized. Permissionless namespace + attestor registration; downstream-consumer-filtering for sybil resistance. Audit-trail-preserving revocation.
Program ID (devnet)
Cx4RFa6ysw3qXYhugPkF8pFSWBkmKq59h2dWgF2tKhtvFoundation alignment
Quantu Labs shipped two of the three ERC-8004 legs on Solana (IdentityRegistry + ReputationRegistry). The third — ValidationRegistry — was archived in v0.5.0 pending a redesign for spam resistance.
AgentTrust productizes that third leg AND introduces a policy-as-code primitive (PolicyVault) plus an x402-native facilitator surface (TrustGate) that consume Quantu’s existing primitives via byte-precise PDA reads. Pinned commit bfb09ad; graceful degradation when Quantu pushes upgrades.
Formal verification
PolicyVault’s five load-bearing invariants are proven via Kani, Rust’s bounded model checker. Symbolic execution explores the full input space — every u64, u8, and bool combination — and asserts the property. CI runs all five on every PR.
| # | Invariant | Sub-checks | Time | Status |
|---|---|---|---|---|
| 01 | paused_implies_no_allow | 126 | 0.20s | Proven |
| 02 | velocity_counter_le_limit | 9 | 0.03s | Proven |
| 03 | counterparty_tier_monotone | 8 | 0.02s | Proven |
| 04 | validation_expiry_correct | 85 | 0.21s | Proven |
| 05 | multisig_threshold_enforced | 149 | 62.55s | Proven |
| Total | 377 | ~63s | 5/5 green |
Integrate
Add AgentTrust to any x402 facilitator’s Express app in under twenty lines. Atomic-tx invariant enforced at compile-time + runtime — no way to silently corrupt the velocity ledger by splitting transactions.
import express from "express";
import { Keypair } from "@solana/web3.js";
import { mountTrustGate } from "@agenttrust-sdk/trustgate/express";
const app = express();
app.use(express.json());
await mountTrustGate(app, {
rpcUrl: "https://api.devnet.solana.com",
facilitatorKeypair: Keypair.fromSecretKey(/* … */),
network: "solana-devnet",
atomicityEnforced: true, // literal `true` — TS compile error if you pass false
});
app.listen(3000);You now have POST /verify, POST /settle, POST /dispute, and GET /receipt/:hash on your facilitator. x402-spec headers automatic.