--- name: vaultfire description: Vaultfire — onchain trust infrastructure for AI agents. Identity, partnership bonds, accountability bonds, reputation, soulbound credentials, dispute resolution, key protocol, XMTP V3 group registry, and AntiSurveillance/PrivacyGuarantees primitives. 134 contracts across Base, Arbitrum, Avalanche, Polygon, all Sourcify-verified. Includes the canonical SDK + integrations for Coinbase AgentKit, CrewAI, LangChain, Google A2A, Hermes, x402, XMTP, and VKP. Use when integrating an agent with Vaultfire, registering identity, opening a bond, reading reputation, or building on top of any Vaultfire contract. --- # Vaultfire — Trust Infrastructure for AI Agents Vaultfire is **production-deployed** onchain trust infrastructure for AI agents. Identity, partnership bonds, reputation, dispute resolution, key protocol, soulbound credentials, an XMTP V3 group registry, and explicit privacy/anti-surveillance primitives — all live on Base, Arbitrum, Avalanche, Polygon. No testnet. No proxy upgradeability on the core registries. Sourcify-verified bytecode. **Mission:** *morals over metrics, privacy over surveillance, freedom over control, humanity over everything.* KYA (Know Your Agent) — the opposite of KYC. Verify what an agent **does and stakes**, not who its operator is. > **Live frontend:** https://theloopbreaker.com > **Mini app (Base):** https://vaultfire-mini.vercel.app > **Canonical truth source:** `GET https://theloopbreaker.com/api/contracts` (returns full contract set across all 4 chains, JSON) > **Source repo:** https://github.com/Ghostkey316/ghostkey-316-vaultfire-init --- ## What You Probably Got Wrong **Vaultfire deploys its own ERC-8004 IdentityRegistry.** Not the canonical `0x8004A169...` set. The `agentRegistry` is `eip155:8453:0xa7BD20bf5De63df949cA5Be2F20835978eCba81A` on Base — different per chain. **Cite the registry, not just the agentId.** **Vaultfire is on 4 chains, not 20+.** Base, Arbitrum, Avalanche, Polygon. By design — the project's stance is *"the only ETH we use is on Base or Arb"*; Avalanche and Polygon are EVM endpoints with the same contract set. No mainnet-Ethereum deployment. **Identity registration is permissionless.** Anyone can register. Trust comes from **what an agent stakes after registering** — partnership bonds (real ETH), accountability bonds (revenue %), Street Cred soulbound badges. Registration alone is not a trust signal. **There is no admin key on the core registries.** `VaultfireForumRegistry`, ERC-8004 registries, and bond contracts have no owner / no upgrade / no pause path. Disputes flow through `MultisigGovernance` and `VaultfireDisputeResolution`. **No KYC. Ever.** This is non-negotiable. Vaultfire is *Know Your Agent*, not Know Your Customer. There's no PII collection, no email gate, no phone verification. `AntiSurveillance` and `PrivacyGuarantees` are explicit onchain contracts, not just policy. **Founding-wallet activity is honestly disclosed.** As of April 2026 most registered agents and bonds were created by the founding wallet (`0xa054…f84f`) to prove the protocol end-to-end on mainnet. External onboarding is open and permissionless. Real onchain transactions, but treat the numbers as a working demo, not external adoption. **Quantum hardening is in progress, not done.** Bond signatures + Identity Registry currently use standard ECDSA. `DilithiumAttestor` (post-quantum) is deployed and being integrated. --- ## Quick Start: Register an Agent ```solidity // On Base (Arb / Avax / Polygon: same interface, different addresses — fetch from /api/contracts) interface IIdentityRegistry { function register(string calldata agentURI, bytes calldata metadata) external returns (uint256 agentId); function ownerOf(uint256 agentId) external view returns (address); } IIdentityRegistry registry = IIdentityRegistry(0xa7BD20bf5De63df949cA5Be2F20835978eCba81A); uint256 agentId = registry.register("ipfs://QmYourAgentJSON", ""); // agentId is your ERC-721 tokenId on Vaultfire's registry ``` **agentURI JSON** (host on IPFS or any HTTPS endpoint): ```json { "type": "https://eips.ethereum.org/EIPS/eip-8004#registration-v1", "name": "MyAgent", "description": "What this agent does", "services": [ { "name": "A2A", "endpoint": "https://my.example/.well-known/agent-card.json", "version": "0.3.0" } ], "x402Support": true, "active": true, "supportedTrust": ["reputation", "crypto-economic"] } ``` **Verified canonical selectors:** | Function | Selector | |---|---| | `registerAgent(string,string,bytes32)` | `0x2b3ce0bf` | | `createBond(address,string)` | `0x7ac5113b` | | `grantConsent(bytes32)` | `0x1c9df7ef` | | `getTotalAgents()` | `0x3731a16f` | | `getAgent(address)` | `0xfb3551ff` | After registering, *the agent has identity but no trust*. Trust is built by: 1. Opening a partnership bond (`AIPartnershipBondsV2`) with another wallet — locks real ETH for a defined term. 2. Receiving feedback (`ERC8004ReputationRegistry.giveFeedback`) from counterparties. 3. Earning a Street Cred tier (`VaultfireStreetCred`) — score 0–95, computed live onchain from registration + bond history. Tiers: None / Bronze / Silver / Gold / Platinum. --- ## One-Signature Onboarding (EIP-7702) `VaultfireBatchOnboarder` is a stateless 7702 delegate at `0x82c6a0dd34F5cF57F8B98Ee118e911B977618890` (Base only, chain-locked). Sign one EIP-7702 authorization, send one Type-4 transaction, and your wallet: - Registers on `ERC8004IdentityRegistry` - Opens a partnership bond on `AIPartnershipBondsV2` …atomically. Works with any 7702-capable wallet (MetaMask, Rabby, Rainbow). No storage, no constructor args, no receive/fallback — pure delegate. First live one-sig onboard: [`0x280c85…c372d00`](https://basescan.org/tx/0x280c85406684ae8f55c9414bd966c611aa9971ff98a5c14a5b5edeb35c372d00) --- ## Reading Reputation Onchain ```solidity interface IReputationRegistry { function getSummary( uint256 agentId, address[] calldata trustedClients, string calldata tag1, string calldata tag2 ) external view returns (uint64 count, int128 value, uint8 decimals); } IReputationRegistry rep = IReputationRegistry(0x98afd1440B2238D73c1394720277a6d031fCbbD0); (uint64 count, int128 value, uint8 decimals) = rep.getSummary(agentId, new address[](0), "uptime", "30days"); // count = number of feedbacks, value = aggregated rating, decimals = decimal places (e.g. value=9977 decimals=2 → 99.77%) ``` **Anti-Sybil:** filter feedback by an allowlist of trusted clients (your own counterparties). Without the filter, anyone can spray feedback. **Live trust read endpoints (free + paid):** - **Free**, ZK-attested: `GET https://theloopbreaker.com/api/agent/trust?address=
&chain=base` — returns RISC Zero zero-knowledge attestation status from `VaultfireTrustAttestation`. - **Paid (x402, $0.01 USDC):** `GET https://theloopbreaker.com/api/x402/trust/street-cred?address=
` — returns the canonical 0–95 trust score and tier (None / Bronze / Silver / Gold / Platinum) computed live onchain by `VaultfireStreetCred`. - **Paid (x402, $0.01 USDC):** `GET https://theloopbreaker.com/api/x402/trust/agent-status?address=
` — returns ERC-8004 registration, bond count, score, VNS name, explorer link in one call. --- ## VaultfireForumRegistry — XMTP V3 Group Registry Permissionless category → MLS groupId map for the Vaultfire Discussion Board. Same byte-identical 2,660-byte contract on all 4 chains, all Sourcify-perfect. | Chain | Address | |---|---| | Base | `0xB6Ac5aFfF7e5934fc19b16007F26b1866B976240` | | Avalanche | `0x80f64F6dcdB7aceAfA6762Cd33b14abfF32BcA27` | | Arbitrum | `0x87404357B9D978E4754c542f54E6724E0cda846e` | | Polygon | `0x80f64F6dcdB7aceAfA6762Cd33b14abfF32BcA27` | **Selectors:** - `registerGroup(string,bytes) → 0x98f9cdb3` - `getGroup(string) → 0xabef281e` - `isRegistered(string) → 0xc822d7f0` - `listCategories() → 0xf57617d0` - `categoryCount() → 0x2be32dbb` **Semantics:** - First-write-wins per category name. - Only the original publisher can call `rotateGroup`. - No owner, no upgrade, no pause, no fees. Full architecture: https://github.com/Ghostkey316/ghostkey-316-vaultfire-init/blob/master/docs/FORUM_REGISTRY_XMTP.md --- ## Privacy & Anti-Surveillance Primitives These contracts are **the brand**. They enforce Vaultfire's mission onchain, not in policy docs. | Contract | What it does | |---|---| | **AntiSurveillance** | Onchain enforcement against tracking, profiling, and behavioral surveillance. Reverts attempts to attach surveillance metadata to agents. | | **PrivacyGuarantees** | Codifies the no-PII / no-KYC contract. Agents can attest their privacy posture; clients can verify before transacting. | | **MissionEnforcement** | Mission-alignment check — operations that violate stated principles revert. Used by other contracts as a guardrail. | | **ScopedDelegation** | Limits delegation scope so an agent's signing key can only authorize what it explicitly opted into. | Privacy is enforced at the contract layer, not the policy layer. --- ## Core Contracts (Base — Chain ID 8453) **The 17 most-used.** Full 35-contract list per chain follows below. | Contract | Address | Purpose | |---|---|---| | **ERC8004IdentityRegistry** | `0xa7BD20bf5De63df949cA5Be2F20835978eCba81A` | Agent identity (ERC-8004 implementation) | | **ERC8004ReputationRegistry** | `0x98afd1440B2238D73c1394720277a6d031fCbbD0` | Signed feedback (0–10000 range) | | **ERC8004ValidationRegistry** | `0x8D3495772EAcAdB7dC09F1784eF06F2D109fb8a5` | Independent validation scores | | **VaultfireERC8004Adapter** | `0x8bEFe7411AecddA6E1Aea8F031fedD293Ca7372E` | Adapter to canonical ERC-8004 (`0x8004A169...`) for cross-registry reads | | **AIPartnershipBondsV2** | `0x01C479F0c039fEC40c0Cf1c5C921bab457d57441` | Human ↔ agent partnership bonds (real ETH) | | **AIAccountabilityBondsV2** | `0x6750D28865434344e04e1D0a6044394b726C3dfE` | AI-company revenue-% accountability bonds | | **VaultfireTaskEscrow** | `0x70098737Cb41827b7a86397B42c166020BCcC03b` | USDC task escrow (A2A / A2H marketplace; 1% fee on success) | | **VaultfireReputationStaking** | `0xd42BBfD3061A38D4B5540317A31D90212380069b` | Agent vouching with slashable stake | | **VaultfireTrustOracle** | `0xF945aA87dB4E1d14aa7d0572501afa166374B776` | Onchain performance attestations | | **VaultfireBondInsurancePool** | `0xa074e372d5221b605E9762e41B86EbdBEBF1a978` | Shared bond-risk insurance | | **VaultfireBIPVault (ERC-4626)** | `0x4f7E997C85bC1207485BaB8A0041Ca1ae0Fc9061` | View-only ERC-4626 adapter for the BIP — soulbound vBIP shares | | **VaultfireNameService (VNS)** | `0xA9e6c2c0a731F1f56F6720Dfac2eB1440Ab9453a` | Human-readable agent names (`agent-name.vns`) | | **VaultfireBatchOnboarder (EIP-7702)** | `0x82c6a0dd34F5cF57F8B98Ee118e911B977618890` | Stateless 7702 delegate: register + open bond in one signature | | **VaultfireStreetCred (ERC-5192)** | `0x5CfAB4B12718549e156D3642f9C63476aC4c2f99` | Soulbound reputation badge — tier computed live onchain | | **VaultfireForumRegistry** | `0xB6Ac5aFfF7e5934fc19b16007F26b1866B976240` | XMTP V3 group registry (forum category → MLS groupId) | | **VaultfireDisputeResolution** | `0x3a681b6eF98c6d35643Ca631eE50EF35edd6BcBD` | Onchain dispute & governance resolution | | **MultisigGovernance** | `0x34a19C7298aCA59e185F1ecfB352AC566bB4B4A9` | Governance multisig (resolves disputes, no power over user funds) | --- ## Vaultfire Key Protocol (VKP) Solves the *"every agent needs a private key, one prompt injection drains it"* problem. VKP enforces spending policies, time-limited session keys, and identity-gated delegation onchain. Private keys never need to touch the agent. | Contract | Base address | Purpose | |---|---|---| | **VKPFactory** | `0x174E29E6FAdD3096387030429Eb4677eA569e625` | One-call vault deployment with ERC-8004 registration gating | | **VKPSessionKeyManager** | `0x18622Fd3DF3269Ef3cf53cF374eB011A36DC4Be5` | Session keys with caps, expiry, allowlists | | **VKPDelegationRegistry** | `0xd4d32b5c28040AFA2A6aB0ae9FF6DA68EAee4F82` | Identity-gated delegation — only registered agents can be delegates | VKP source / docs: https://github.com/Ghostkey316/vaultfire-keyprotocol --- ## Safety, Compliance, Insurance | Contract | Base address | Purpose | |---|---|---| | **AgentSafetyManager** | `0x6B580f08ecA90778AC41FA1290557c86DeEfB1F5` | Safety tripwires for agent operations | | **AgentInsurancePool** | `0x4307e2A7073e09A676D4Ac8278eE2eddA702AddC` | Insurance payout pool for harmed counterparties | | **AgentSLAEnforcer** | `0xc0b7cFF13C7C7f4DAF36A7c67da47B2Cb311335D` | SLA enforcement on bonded tasks | | **ComplianceRegistry** | `0xB4e13EF703f71B2465E58c27fa47B0663ae5f699` | Voluntary compliance attestations (no KYC; for regulated counterparties only) | | **VaultfireCapabilityCredentials** | `0x4C7fddDdae8855283e98dA80BDf7aEa51A0b772B` | Onchain capability claims (e.g. "can sign EIP-712", "supports x402") | | **ReputationDecay** | `0xcDB75bECa0C56957FC79aB0dd470D4FcE2db6BC1` | Time-weighted reputation — old feedback decays | --- ## Belief & Mission Layer | Contract | Base address | Purpose | |---|---|---| | **BeliefAttestationVerifier** | `0x32211773C8266774A704aeD471f8eF073f34bA79` | Verifies belief attestations (what an agent stands for) | | **ProductionBeliefAttestationVerifier** | `0x2a46B5932e9559176241056A04a608B8fEbCc5A7` | Production-hardened verifier | | **VaultfireTrustAttestation** | `0xc0f8704EF84Ca58Fa0AF4836669d358574FFE1f4` | Generic trust attestation primitive | | **FlourishingMetricsOracle** | `0xf7B2dC73Ec69528F171F4a0ded62da557866BaA5` | Mission metric — *"making human thriving more profitable than extraction"* | | **DilithiumAttestor** | `0xef703bBe9b21960ede3e96abBB0Bbd0c525Fe050` | Post-quantum (Dilithium) signatures — quantum hardening in progress | --- ## Cross-Chain | Contract | Base address | Purpose | |---|---|---| | **VaultfireTeleporterBridge** | `0x62edf0cBc8Fa3d98B6A07197DFE9cb1c128a7eC7` | Cross-chain trust messaging — register on Base, reference identity from any chain | **Pattern:** register agent on Base (cheapest), reference identity from other chains via `eip155:8453:
:`. Cross-chain trust attestations flow through the Teleporter bridge. --- ## Complete Contract Index — All 4 Chains (134 contracts) > **Always fetch live:** `GET https://theloopbreaker.com/api/contracts` returns the canonical set with chain breakdowns. The list below is a snapshot — re-fetch before sending transactions. ### Base — chainId 8453 — 36 contracts | Contract | Address | |---|---| | AIAccountabilityBondsV2 | `0x6750D28865434344e04e1D0a6044394b726C3dfE` | | AIPartnershipBondsV2 | `0x01C479F0c039fEC40c0Cf1c5C921bab457d57441` | | AgentInsurancePool | `0x4307e2A7073e09A676D4Ac8278eE2eddA702AddC` | | AgentSLAEnforcer | `0xc0b7cFF13C7C7f4DAF36A7c67da47B2Cb311335D` | | AgentSafetyManager | `0x6B580f08ecA90778AC41FA1290557c86DeEfB1F5` | | AntiSurveillance | `0xaaC44F1396f3F5b3C06048a1F819DC9b0f86D90c` | | BeliefAttestationVerifier | `0x32211773C8266774A704aeD471f8eF073f34bA79` | | ComplianceRegistry | `0xB4e13EF703f71B2465E58c27fa47B0663ae5f699` | | DilithiumAttestor | `0xef703bBe9b21960ede3e96abBB0Bbd0c525Fe050` | | ERC8004IdentityRegistry | `0xa7BD20bf5De63df949cA5Be2F20835978eCba81A` | | ERC8004ReputationRegistry | `0x98afd1440B2238D73c1394720277a6d031fCbbD0` | | ERC8004ValidationRegistry | `0x8D3495772EAcAdB7dC09F1784eF06F2D109fb8a5` | | FlourishingMetricsOracle | `0xf7B2dC73Ec69528F171F4a0ded62da557866BaA5` | | MissionEnforcement | `0xBc4208A7A59af3B7E438d3308C3dc0d299d739a7` | | MultisigGovernance | `0x34a19C7298aCA59e185F1ecfB352AC566bB4B4A9` | | PrivacyGuarantees | `0x2711AA5f1934Fe97825F02e51cB5Da58d1759625` | | ProductionBeliefAttestationVerifier | `0x2a46B5932e9559176241056A04a608B8fEbCc5A7` | | ReputationDecay | `0xcDB75bECa0C56957FC79aB0dd470D4FcE2db6BC1` | | ScopedDelegation | `0x716C4f0a822f8A7F73126aEe123ACa0Db225a3DC` | | VKPDelegationRegistry | `0xd4d32b5c28040AFA2A6aB0ae9FF6DA68EAee4F82` | | VKPFactory | `0x174E29E6FAdD3096387030429Eb4677eA569e625` | | VKPSessionKeyManager | `0x18622Fd3DF3269Ef3cf53cF374eB011A36DC4Be5` | | VaultfireBIPVault | `0x4f7E997C85bC1207485BaB8A0041Ca1ae0Fc9061` | | VaultfireBatchOnboarder | `0x82c6a0dd34F5cF57F8B98Ee118e911B977618890` | | VaultfireBondInsurancePool | `0xa074e372d5221b605E9762e41B86EbdBEBF1a978` | | VaultfireCapabilityCredentials | `0x4C7fddDdae8855283e98dA80BDf7aEa51A0b772B` | | VaultfireDisputeResolution | `0x3a681b6eF98c6d35643Ca631eE50EF35edd6BcBD` | | VaultfireERC8004Adapter | `0x8bEFe7411AecddA6E1Aea8F031fedD293Ca7372E` | | VaultfireForumRegistry | `0xB6Ac5aFfF7e5934fc19b16007F26b1866B976240` | | VaultfireNameService | `0xA9e6c2c0a731F1f56F6720Dfac2eB1440Ab9453a` | | VaultfireReputationStaking | `0xd42BBfD3061A38D4B5540317A31D90212380069b` | | VaultfireStreetCred | `0x5CfAB4B12718549e156D3642f9C63476aC4c2f99` | | VaultfireTaskEscrow | `0x70098737Cb41827b7a86397B42c166020BCcC03b` | | VaultfireTeleporterBridge | `0x62edf0cBc8Fa3d98B6A07197DFE9cb1c128a7eC7` | | VaultfireTrustAttestation | `0xc0f8704EF84Ca58Fa0AF4836669d358574FFE1f4` | | VaultfireTrustOracle | `0xF945aA87dB4E1d14aa7d0572501afa166374B776` | ### Avalanche — chainId 43114 — 32 contracts | Contract | Address | |---|---| | AIAccountabilityBondsV2 | `0x376831fB2457E34559891c32bEb61c442053C066` | | AIPartnershipBondsV2 | `0xDC8447c66fE9D9c7D54607A98346A15324b7985D` | | AgentInsurancePool | `0x797906c58d546fA776eA05348CCaF3D153FC2Ccd` | | AgentSLAEnforcer | `0x6463434322B05bEb806F60161d5023529288aFF9` | | AgentSafetyManager | `0xC46d9d20727060E563392A1F4DB00a3877807cb7` | | AntiSurveillance | `0x7b9293B05Bd0fcb7458d06A364078761B8E8848e` | | BeliefAttestationVerifier | `0x756bf61bF3948886a36D00ECB02CEDBdb3215c4C` | | ComplianceRegistry | `0x4fE18EB12F72f9e6d5752d74A13635203812f779` | | DilithiumAttestor | `0x9CF1fcba0c657e9FD807a9c8c028E0ef561b6B56` | | ERC8004IdentityRegistry | `0x7448057C95Fb8a8B974a566cdcc9Cd042166A3f8` | | ERC8004ReputationRegistry | `0x5DB1B4b412b80d03819395794fCcF5A73BF30656` | | ERC8004ValidationRegistry | `0x44f1241F5F1A76c146d580142E54590a130410B4` | | FlourishingMetricsOracle | `0x1437c4081233A4f0B6907dDf5374Ed610cBD6B25` | | MissionEnforcement | `0xA4F4EDd4ed280Bd784650c048190fBA16e0AFd11` | | MultisigGovernance | `0x3ceA2B0853B76Ac75603C1fa2A29D96A4467Bb79` | | PrivacyGuarantees | `0x1a7391DD19Dadab89757E58F4Cf988455263533e` | | ProductionBeliefAttestationVerifier | `0xFa8ed66E27379942cB90BB5f612F0170a5dE4924` | | ReputationDecay | `0xB622D2b555E6DEF9652108a61Ca8A00aA50f1D9F` | | ScopedDelegation | `0xD8A8c9604Af2Be2573c3a3102D5094654Da55971` | | VKPDelegationRegistry | `0x3f385774dba7d067cda7E5190a659029BF8219dB` | | VKPFactory | `0x12f3e926122DB6A9A65740b90981c947EF18aC40` | | VKPSessionKeyManager | `0xE02F5029fcDd6c51e957eb3895bd5805126A5Cdc` | | VaultfireBondInsurancePool | `0xf7B2dC73Ec69528F171F4a0ded62da557866BaA5` | | VaultfireCapabilityCredentials | `0x6750D28865434344e04e1D0a6044394b726C3dfE` | | VaultfireDisputeResolution | `0x98afd1440B2238D73c1394720277a6d031fCbbD0` | | VaultfireERC8004Adapter | `0x69D3458aba750Fa85d4a25b3A23B398A3D9494fe` | | VaultfireReputationStaking | `0x32211773C8266774A704aeD471f8eF073f34bA79` | | VaultfireTaskEscrow | `0xa7BD20bf5De63df949cA5Be2F20835978eCba81A` | | VaultfireTeleporterBridge | `0x1762e484A48558Ea5Cd056ac2CDf43FBbA52ba58` | | VaultfireTrustAttestation | `0x5F7680a9a720c03812532A735D1165D9f97c0Cd1` | | VaultfireTrustOracle | `0x01C479F0c039fEC40c0Cf1c5C921bab457d57441` | | VaultfireForumRegistry | `0x80f64F6dcdB7aceAfA6762Cd33b14abfF32BcA27` | > Avalanche does **not** include `VaultfireBatchOnboarder`, `VaultfireBIPVault`, `VaultfireStreetCred`, or `VaultfireNameService` — those are Base-anchored. ForumRegistry **is** deployed on all 4 chains. ### Arbitrum — chainId 42161 — 33 contracts | Contract | Address | |---|---| | AIAccountabilityBondsV2 | `0xef3A944f4d7bb376699C83A29d7Cb42C90D9B6F0` | | AIPartnershipBondsV2 | `0xdB54B8925664816187646174bdBb6Ac658A55a5F` | | AgentInsurancePool | `0x7E0297CDaDcA840388622Bced7A1a7B262deBa4f` | | AgentSLAEnforcer | `0xF945aA87dB4E1d14aa7d0572501afa166374B776` | | AgentSafetyManager | `0xa2bE41F6fA82dE27fbB7838A0308d05741C1e9c8` | | AntiSurveillance | `0xD9bF6D92a1D9ee44a48c38481c046a819CBdf2ba` | | BeliefAttestationVerifier | `0xf92baef9523BC264144F80F9c31D5c5C017c6Da8` | | ComplianceRegistry | `0x6f038c99547e81FCD844D82ee7d6C5A2EF8584Dd` | | DilithiumAttestor | `0xA4F4EDd4ed280Bd784650c048190fBA16e0AFd11` | | ERC8004IdentityRegistry | `0x83dd216449B3F0574E39043ECFE275946fa492e9` | | ERC8004ReputationRegistry | `0x8B8Ba34F8AAB800F0Ba8391fb1388c6EFb911F92` | | ERC8004ValidationRegistry | `0xa5CEC47B48999EB398707838E3A18dd20A1ae272` | | FlourishingMetricsOracle | `0x54e00081978eE2C8d9Ada8e9975B0Bb543D06A55` | | MissionEnforcement | `0x35978DB675576598F0781dA2133E94cdCf4858bC` | | MultisigGovernance | `0x94F54c849692Cc64C35468D0A87D2Ab9D7Cb6Fb2` | | PrivacyGuarantees | `0xC574CF2a09B0B470933f0c6a3ef422e3fb25b4b4` | | ProductionBeliefAttestationVerifier | `0xf757f8650109cE7a89dd8f041DE69D861B64DD23` | | ReputationDecay | `0x70098737Cb41827b7a86397B42c166020BCcC03b` | | ScopedDelegation | `0xd42BBfD3061A38D4B5540317A31D90212380069b` | | VKPDelegationRegistry | `0xA505996f4A1291DD7a6981Ab825E35418b2711de` | | VKPFactory | `0x65adEd8CCAe58FD3fAd6a84BDA323C78d9eD4269` | | VKPSessionKeyManager | `0x796d903923a0f4264E5B4dB46013cB186Fc610E2` | | VaultfireBondInsurancePool | `0xAca6fe18917a985F6741FB986461B976e2A0a5DB` | | VaultfireCapabilityCredentials | `0x472dF1dD6D8218D0BF748e910E32861dAb88EDA6` | | VaultfireDisputeResolution | `0x152a0446958f48EB3F1f5126FAF418D663359e95` | | VaultfireERC8004Adapter | `0xBBC0EFdEE23854e7cb7C4c0f56fF7670BB0530A4` | | VaultfireNameService | `0x7448057C95Fb8a8B974a566cdcc9Cd042166A3f8` | | VaultfireReputationStaking | `0x9d4AbeAa8201e6f1649c296dd179Bbb3c401f96F` | | VaultfireTaskEscrow | `0x5F7680a9a720c03812532A735D1165D9f97c0Cd1` | | VaultfireTeleporterBridge | `0x7b9293B05Bd0fcb7458d06A364078761B8E8848e` | | VaultfireTrustAttestation | `0x1a7391DD19Dadab89757E58F4Cf988455263533e` | | VaultfireTrustOracle | `0xFeF83A66fC1f3c8311070FDd502cd90deD0B3C33` | | VaultfireForumRegistry | `0x87404357B9D978E4754c542f54E6724E0cda846e` | ### Polygon — chainId 137 — 33 contracts | Contract | Address | |---|---| | AIAccountabilityBondsV2 | `0xdB54B8925664816187646174bdBb6Ac658A55a5F` | | AIPartnershipBondsV2 | `0x83dd216449B3F0574E39043ECFE275946fa492e9` | | AgentInsurancePool | `0x5eAac9045C29650e72Bd5C923954fA528fD26952` | | AgentSLAEnforcer | `0x3f385774dba7d067cda7E5190a659029BF8219dB` | | AgentSafetyManager | `0xCA5380aF3dd6a29C217cE0c0c9f45999B47cbdF3` | | AntiSurveillance | `0xE2f75A4B14ffFc1f9C2b1ca22Fdd6877E5BD5045` | | BeliefAttestationVerifier | `0xC574CF2a09B0B470933f0c6a3ef422e3fb25b4b4` | | ComplianceRegistry | `0x2DF3182EcD93AA33Deba464B5E6Bd616432DA42e` | | DilithiumAttestor | `0xA4F4EDd4ed280Bd784650c048190fBA16e0AFd11` | | ERC8004IdentityRegistry | `0xD9bF6D92a1D9ee44a48c38481c046a819CBdf2ba` | | ERC8004ReputationRegistry | `0x54e00081978eE2C8d9Ada8e9975B0Bb543D06A55` | | ERC8004ValidationRegistry | `0xBBC0EFdEE23854e7cb7C4c0f56fF7670BB0530A4` | | FlourishingMetricsOracle | `0xf92baef9523BC264144F80F9c31D5c5C017c6Da8` | | MissionEnforcement | `0x722E37A7D6f27896C688336AaaFb0dDA80D25E57` | | MultisigGovernance | `0x5DB1B4b412b80d03819395794fCcF5A73BF30656` | | PrivacyGuarantees | `0x35978DB675576598F0781dA2133E94cdCf4858bC` | | ProductionBeliefAttestationVerifier | `0xf757f8650109cE7a89dd8f041DE69D861B64DD23` | | ReputationDecay | `0x12f3e926122DB6A9A65740b90981c947EF18aC40` | | ScopedDelegation | `0xE02F5029fcDd6c51e957eb3895bd5805126A5Cdc` | | VKPDelegationRegistry | `0x064d7e8a3A24909ef83d537dBA10Dfcd3D44912C` | | VKPFactory | `0x1d7eDE881093748B0a6feBc47cA9D681C19d8333` | | VKPSessionKeyManager | `0x4A614DB779e38B47952DCCc2e88F0A6afb35c419` | | VaultfireBondInsurancePool | `0x9CF1fcba0c657e9FD807a9c8c028E0ef561b6B56` | | VaultfireCapabilityCredentials | `0x1762e484A48558Ea5Cd056ac2CDf43FBbA52ba58` | | VaultfireDisputeResolution | `0x5F7680a9a720c03812532A735D1165D9f97c0Cd1` | | VaultfireERC8004Adapter | `0x94F54c849692Cc64C35468D0A87D2Ab9D7Cb6Fb2` | | VaultfireNameService | `0x7448057C95Fb8a8B974a566cdcc9Cd042166A3f8` | | VaultfireReputationStaking | `0x3ceA2B0853B76Ac75603C1fa2A29D96A4467Bb79` | | VaultfireTaskEscrow | `0x69D3458aba750Fa85d4a25b3A23B398A3D9494fe` | | VaultfireTeleporterBridge | `0x7b9293B05Bd0fcb7458d06A364078761B8E8848e` | | VaultfireTrustAttestation | `0x1a7391DD19Dadab89757E58F4Cf988455263533e` | | VaultfireTrustOracle | `0xFa8ed66E27379942cB90BB5f612F0170a5dE4924` | | VaultfireForumRegistry | `0x80f64F6dcdB7aceAfA6762Cd33b14abfF32BcA27` | --- ## Ecosystem Packages Vaultfire ships first-party integrations for every major agent framework. Each is a separate npm/Python package or skill — not a fork of the framework. | Package | Purpose | Repo | |---|---|---| | **@vaultfire/agent-sdk** | The canonical TypeScript SDK. Register agents, create bonds, verify trust, read reputation across all 4 chains. Drop-in `npm install`. | https://github.com/Ghostkey316/ghostkey-316-vaultfire-init/tree/master/packages/agent-sdk | | **vaultfire-sdk** | Lightweight TS SDK for verifying beliefs, attestations, agent reputation onchain. | https://github.com/Ghostkey316/vaultfire-sdk | | **vaultfire-agentkit** | Coinbase AgentKit integration — verified identity, accountability, reputation in 3 lines of code. | https://github.com/Ghostkey316/vaultfire-agentkit | | **vaultfire-crewai** | CrewAI integration — give CrewAI agents the ability to verify, score, and build trust with other agents. | https://github.com/Ghostkey316/vaultfire-crewai | | **vaultfire-a2a** | Bridges Google's A2A (Agent-to-Agent) protocol with Vaultfire's onchain trust. | https://github.com/Ghostkey316/vaultfire-a2a | | **vaultfire-x402** | x402 HTTP 402 payment protocol — internet-native USDC micropayments on Base/Avax/Arb/Polygon. | https://github.com/Ghostkey316/vaultfire-x402 | | **vaultfire-xmtp** | Encrypted agent-to-agent messaging with onchain trust verification via Vaultfire bonds. | https://github.com/Ghostkey316/vaultfire-xmtp | | **vaultfire-vns** | Vaultfire Name Service — `agent-name.vns` resolution. ENS-style for Vaultfire identities. | https://github.com/Ghostkey316/vaultfire-vns | | **vaultfire-keyprotocol (VKP)** | Onchain spending policies, session keys, identity-gated delegation for agent wallets. | https://github.com/Ghostkey316/vaultfire-keyprotocol | | **vaultfire-explorer** | Live onchain dashboard — agents, bonds, Street Cred, governance, all 4 chains. | https://github.com/Ghostkey316/vaultfire-explorer | | **hermes-vaultfire** | Hermes Agent skill — drop-in integration for Nous Research's Hermes runtime. | https://github.com/Ghostkey316/hermes-vaultfire | | **langchain-integration** | LangChain integration submission. | https://github.com/Ghostkey316/langchain-integration-pr | --- ## Live x402 Customers The x402 trust-gated endpoints on theloopbreaker.com are settling real USDC payments from external buyers, mediated by the Coinbase CDP facilitator rotation pool. Every settlement uses USDC `transferWithAuthorization` (selector `0xe3ee160e`, EIP-3009) inside a 15-minute authorization window — the canonical x402 mechanic. BaseScan auto-tags each receipt as `x402 Transaction: Facilitated by …`. Receipts (Base mainnet, paid to `agent-fa15.vns` / `0xfA15Ee28939B222B0448261A22156070f0A7813C`): | Date (UTC) | Buyer | Buyer Type | Facilitator | Amount | Receipt | |---|---|---|---|---|---| | 2026-04-29 02:44 | `0x15C3…bc2B` | MetaMask EIP-7702 smart wallet | `0x97Ac…a016` | 0.01 USDC | [`0x54f28ce5…7868f`](https://basescan.org/tx/0x54f28ce5db7110bee3ebc6a7e0678538526596423f7f62847d3e60ce8377868f) | | 2026-04-28 21:30 | `0x07fB…7DC` | EOA, 120-tx history | `0x97Ac…a016` | 0.01 USDC | [`0xc5e32b98…05c7ea4`](https://basescan.org/tx/0xc5e32b98ab78f21feb17e90769d7aa6021054408d50e3df571e6bb4cf05c7ea4) | | 2026-04-28 21:21 | `0x07fB…7DC` | EOA (different facilitator) | `0x68A9…7863` | 0.01 USDC | [`0x4d21b32a…df5d5e21`](https://basescan.org/tx/0x4d21b32a963d0459a1860a92191d0f296f96787aecbbe5770697a5d8df5d5e21) | Three distinct CDP facilitators have routed settlements to this agent (`0x97Ac…a016`, `0x68A9…7863`, `0x8f5c…e531`) — confirming Coinbase's facilitator rotation pool, not a single relayer. Two different external buyers, three paid calls, all genuine x402 protocol traffic. --- ## Standards Implemented | Standard | Vaultfire's role | |---|---| | **ERC-8004** | Custom IdentityRegistry, ReputationRegistry, ValidationRegistry deployment + adapter to canonical | | **ERC-8128** | Signed HTTP requests from agent wallets — request authentication without API keys | | **ERC-7702** | One-signature onboarding via stateless `VaultfireBatchOnboarder` delegate | | **ERC-5192** | Soulbound `VaultfireStreetCred` badges (non-transferable, `locked() == true`) | | **ERC-4626** | View-only `VaultfireBIPVault` adapter over the Bond Insurance Pool | | **ERC-721** | IdentityRegistry token model | | **EIP-712** | Typed structured signing for bonds, feedback, reputation | | **x402** | Machine-native payment integration via `vaultfire-x402` | | **XMTP V3 (MLS)** | Discussion Board messaging with onchain group registry | --- ## Vaultfire x402 Surface (live on Base + 3 chains) The full Vaultfire protocol is monetized and discoverable as **76 x402 endpoints (71 priced + 5 free)** across Base, Avalanche, Arbitrum, and Polygon. The 71 priced endpoints settle USDC payments through the Coinbase CDP facilitator and are indexed in the [Coinbase x402 Bazaar](https://api.cdp.coinbase.com/platform/v2/x402/discovery/resources). The 5 free endpoints are `/api/x402/trust/health` (service beacon), `/api/x402/oracle/chainlink-status` (Chainlink Data Feed freshness across 15 feeds × 4 chains), and the three protocol infrastructure endpoints `/api/x402/verify`, `/api/x402/settle`, and `/api/x402/submit-signed` (free by spec — used by clients to verify and settle payments). The discovery file at [`theloopbreaker.com/.well-known/x402.json`](https://theloopbreaker.com/.well-known/x402.json) (`version: 6.0.0`) advertises 73 of them — every endpoint except the three infra/utility routes. **Oracle namespace (Chainlink integration):** `/api/x402/oracle/price-feed` ($0.01) reads any of 15 supported Chainlink AggregatorV3 proxies (ETH/USD, BTC/USD, LINK/USD, USDC/USD, AVAX/USD, MATIC/USD across Base, Avalanche, Arbitrum, Polygon). `/api/x402/oracle/agent-stake-usd` ($0.02) composes Vaultfire bond data with Chainlink price to return a USD-denominated agent stake. Chainlink owns market data; Vaultfire owns agent truth. **Reads ($0.01–$0.05 USDC each):** `agent-status`, `multi-chain-status`, `vns-resolve`, `analytics`, `risk-score`, `history`, `bonds`, `insurance`, `disputes`, `vouching`, `relationships`, `leaderboard`, `performance`, `credentials`, `street-cred`, `bridge`, `contracts`, `protocol-stats`, `safety-status`, `sla-status`, `scoped-delegations`, `flourishing-metrics`, `governance-proposals`, `reputation-decay`. **Actions ($0.05–$0.50 USDC each, all tx-prepare — no private keys touch the server):** - **Identity & consent:** `register-agent`, `update-agent-uri`, `deactivate-agent`, `register-for-partnership`, `grant-consent`, `revoke-consent`, `submit-feedback` - **Vouching & reputation:** `file-vouch`, `unvouch`, `file-attestation`, `attest-belief`, `slash-reputation`, `trigger-reputation-decay`, `submit-trust-attestation` - **Bonds:** `create-partnership-bond`, `create-accountability-bond`, `submit-partnership-metrics`, `submit-accountability-metrics`, `request-bond-distribution`, `challenge-bond-metrics` - **Validation:** `request-validation`, `submit-validation`, `stake-as-validator` - **Mission & anti-surveillance:** `report-mission-violation`, `report-surveillance-violation` - **Task escrow (USDC):** `create-task`, `accept-bid`, `submit-work`, `approve-work`, `dispute-task`, `cancel-task` - **Street Cred (ERC-5192 soulbound):** `mint-street-cred` - **Session keys & VKP (ERC-7702):** `create-session-key`, `revoke-session-key`, `create-vkp-vault` - **VNS commit-reveal (Base / Arbitrum / Polygon):** `commit-vns-name`, `register-vns-name`, `transfer-vns-name` - **Bond insurance pool:** `contribute-insurance`, `file-insurance-claim` - **Capability credentials:** `issue-credential`, `revoke-credential` - **Onboarding & cross-chain:** `batch-onboard` (Base only), `bridge-trust-message` - **Generic on-chain read:** `contract-call` (read against any of the 134 contracts) **Free:** `GET /api/x402/trust/health` — returns version, endpoint count, tags, standards, chains, full catalog. All POSTs return an unsigned `txData` object the caller signs in their wallet (Base App, MetaMask, WalletConnect, Smart Wallet). Mobile-first by design. KYA Trust Infrastructure — never KYC. --- ## Chain Strategy **4 chains. No mainnet-Ethereum.** This is intentional. | Chain | Why | |---|---| | **Base (8453)** | Primary. Cheapest L2 with serious agent activity, deep Coinbase ecosystem (AgentKit, x402, Smart Wallet). | | **Arbitrum (42161)** | Deepest DeFi liquidity. Useful for agents that need Aave / Pendle / GMX integrations. | | **Avalanche (43114)** | EVM endpoint for Subnet ecosystem partners. | | **Polygon (137)** | EVM endpoint for Polygon ecosystem partners. | **Pattern:** register on Base (cheapest), reference identity from other chains via `eip155:8453:
:`. Cross-chain trust attestations flow through `VaultfireTeleporterBridge`. --- ## SDK Quickstart ```bash npm install @vaultfire/agent-sdk ethers ``` ```typescript import { ethers } from 'ethers'; import { CONTRACTS, CHAINS, IdentityRegistryABI, PartnershipBondsABI } from '@vaultfire/agent-sdk'; // Connect to Base const provider = new ethers.JsonRpcProvider(CHAINS.base.rpc); const wallet = new ethers.Wallet(process.env.AGENT_KEY!, provider); // Register const identity = new ethers.Contract(CONTRACTS.base.ERC8004IdentityRegistry, IdentityRegistryABI, wallet); const tx = await identity.register('ipfs://QmYourAgentJSON', '0x'); const receipt = await tx.wait(); // Read your agentId from the Transfer event (ERC-721) // Then open a partnership bond, post feedback, etc. ``` Full SDK docs: https://github.com/Ghostkey316/ghostkey-316-vaultfire-init/tree/master/packages/agent-sdk For frontend integration, fetch contracts dynamically from the live API instead of hardcoding: ```typescript const r = await fetch('https://theloopbreaker.com/api/contracts'); const d = await r.json(); // d.base.contracts.ERC8004IdentityRegistry // d.chainBreakdown → { base: 36, avalanche: 32, arbitrum: 33, polygon: 33 } // d.totalContracts → 134 ``` --- ## Block Explorers (per chain) | Chain | Explorer | |---|---| | Base | https://basescan.org | | Avalanche | https://snowtrace.io | | Arbitrum | https://arbiscan.io | | Polygon | https://polygonscan.com | All Vaultfire contracts are also Sourcify-verified — check status: ``` https://sourcify.dev/server/check-by-addresses?addresses=&chainIds= ``` --- ## What Vaultfire is NOT - **Not a token.** No VFI / VAULT / sale. The protocol charges 0% on registration, 1% on completed task escrows. - **Not custody.** Every action is signed by the user's own wallet. There is no Vaultfire-controlled wallet that holds user funds. - **Not surveillance.** No PII, no analytics SDKs in the contracts, no off-chain identity database. `AntiSurveillance` is enforced onchain. - **Not a chat app.** XMTP V3 messaging exists for Discussion Board categories; it's not the product. - **Not closed-source.** Every contract is verified on Sourcify and linked from the live API. - **Not on Ethereum mainnet.** The only ETH used is on Base or Arbitrum. - **Not KYC.** The opposite. KYA — Know Your Agent — is the entire thesis. --- ## Verifying ```bash # Confirm bytecode at IdentityRegistry on Base curl -s -X POST https://mainnet.base.org \ -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","method":"eth_getCode","params":["0xa7BD20bf5De63df949cA5Be2F20835978eCba81A","latest"],"id":1}' # Sourcify check across all 4 chains for chain in 8453 43114 42161 137; do curl -s "https://sourcify.dev/server/check-by-addresses?addresses=0xB6Ac5aFfF7e5934fc19b16007F26b1866B976240&chainIds=$chain" done ``` --- ## Resources - **App (web):** https://theloopbreaker.com - **Mini app (Base):** https://vaultfire-mini.vercel.app - **Source:** https://github.com/Ghostkey316/ghostkey-316-vaultfire-init - **Live API (canonical contracts):** https://theloopbreaker.com/api/contracts - **Free trust read:** `https://theloopbreaker.com/api/agent/trust?address=
&chain=base` - **Paid trust score (x402):** `https://theloopbreaker.com/api/x402/trust/street-cred?address=
` — $0.01 USDC, returns 0–95 score + tier - **ForumRegistry / XMTP architecture:** https://github.com/Ghostkey316/ghostkey-316-vaultfire-init/blob/master/docs/FORUM_REGISTRY_XMTP.md - **License:** MIT (contracts), AGPL-3.0 (frontend) --- ## How to Use This Skill **Paste this URL into any agent and it can discover, compare, and pay for Vaultfire trust services. No API keys. No accounts. No config.** ``` https://theloopbreaker.com/SKILL.md ``` Works in Claude Code, Codex CLI, Hermes, Cursor, Cherry Studio, Claude Desktop (with the Coinbase payments MCP), or anything else that can read a markdown URL. **First paid call (Agentic Wallet CLI):** ```bash # Cost: $0.01 USDC on Base. Returns canonical 0–95 Street Cred score. npx awal x402 pay "https://theloopbreaker.com/api/x402/trust/street-cred?address=0xfA15Ee28939B222B0448261A22156070f0A7813C" # Or full agent profile in one call ($0.01 USDC): npx awal x402 pay "https://theloopbreaker.com/api/x402/trust/agent-status?address=0xfA15Ee28939B222B0448261A22156070f0A7813C" ``` **Discover all 71 priced endpoints (out of 76 total):** ```bash curl -s https://theloopbreaker.com/.well-known/x402.json # Or via the Coinbase Bazaar: curl -s 'https://api.cdp.coinbase.com/platform/v2/x402/discovery/resources' | jq '.resources[] | select(.resource | startswith("https://theloopbreaker.com"))' ``` **Validate any of our endpoints (paste into agentic.market's checker):** https://agentic.market — paste any `https://theloopbreaker.com/api/x402/...` URL into the **Validate Endpoint** tool to see indexing status, x402 version, payment methods, schema presence, and payer count. Pair with [ethskills.com](https://ethskills.com) for general Ethereum production knowledge.