Your Agent Spends. You Own the Rules.
The spend governance layer for AI agents — with onchain-enforced policies, gasless x402 payment settlements in USDG, and a full audit trail. Live on X Layer and powered by OKX OnchainOS.
-19191A?style=flat-square&logoColor=white){kind=icon}
Live Demo · Video Demo · Docs · Agent Skill · Contract · Agent TX
ZenithPay is a security middleware layer that sits between AI agents and the services they pay for. It enforces spend rules at the smart contract level — limits no API can override and no server outage can remove.
Think of it as a programmable corporate card policy engine for AI agents: per-transaction caps, daily budgets, merchant allowlists, and optional approval thresholds, all enforced onchain — with payments settled as x402 USDG micropayments via OKX, zero gas on X Layer, and a full audit trail.
X Layer is enabling a massive agentic economy. But agents that spend money introduce a new category of risk that no one has solved cleanly:
- Unrestricted wallet access → one compromised agent or plugin drains everything
- Off-chain guardrails → centralized, bypassable, and subject to downtime
- Key exposure → most agent wallets store private keys in APIs or local storage; a single exploit empties the balance
There is no reliable way to govern how agents spend, and no secure key management that survives a compromised stack.
ZenithPay closes this gap with three layers working together:
| Layer | What it does |
|---|---|
| TEE Wallet | Keys live in a hardware enclave via OKX Agentic Wallet — never exposed, even to the API |
| Onchain Policy Governance | SpendPolicy.sol enforces limits at the contract level — no API call can override it |
| USDG x402 Payments | Zero-gas USDG micropayments via OKX Payments API and OKX x402 Facilitator; auto-swap OKB → USDG when needed |
| Description | Chain | Address / TX Hash |
|---|---|---|
| Deployed Agent Address (OKX Agentic Wallet, TEE) | X Layer | 0x726Cf0C4...C947 |
| Deployed Contract (SpendPolicy.sol) | X Layer | 0x1250e52B...248B |
USDG x402 payment → ZenithPay seller route (/sell) |
X Layer | 0xd991b521... |
| SpendPolicy agent registration | X Layer | 0xf04cc8c1... |
| SpendPolicy contract deployment | X Layer | 0xf0be30b... |
┌─────────────────────────────────────────────────────────────────────────┐
│ AI Agent │
│ Claude Code · Cursor · Codex · Gemini CLI · Any MCP client │
│ Agent Wallet: USDG / OKB on X Layer (TEE-secured) │
└──────────────┬───────────────────────┬──────────────────────┬───────────┘
│ MCP Server REST API
│ Agent Skill
└───────────────────────┴──────────────────────┘
│
zenithpay_pay_service()
│
┌───────────────────────────────────────▼─────────────────────────────────┐
│ ZenithPay API │
│ │
│ 1. Policy Gate ──────────────────────────────────────────────────┐ │
│ Read SpendPolicy.sol → check perTxLimit + dailyBudget │ │
│ Check merchant allowlist → verify against OKX security scan │ │
│ ▼ │
│ 2. Decision ─────────────────────────────────────────────────────┐ │
│ APPROVED → execute immediately │ │
│ PENDING → queue for human review (approvalThreshold hit) │ │
│ BLOCKED → reject with reason, log to ledger │ │
│ ▼ │
│ 3. Execution ─────────────────────────────────────────────────────┐ │
│ Auto-swap OKB→USDG if needed (OKX DEX, 500+ liquidity sources) │ │
│ Settle via x402 (zero gas on X Layer) │ │
│ Emit PaymentExecuted / PaymentBlocked onchain │ │
└───────────────────────────┬────────────────────────────────────────┘──┘
│
┌─────────────────┴──────────────────┐
│ │
┌─────────▼───────────────┐ ┌─────────────▼──────────────────────────┐
│ OKX OnchainOS │ │ X Layer Mainnet (Chain ID 196) │
│ │ │ │
│ Agentic Wallet (TEE) │ │ SpendPolicy.sol │
│ DEX Swap API │ │ ├─ perTxLimit (onchain enforced) │
│ Payments API (x402) │ │ ├─ dailyBudget (onchain enforced) │
│ Portfolio API │ │ ├─ allowlist (onchain enforced) │
│ Market API │ │ └─ approvalThreshold (off-chain gate) │
│ Token Safety API │ │ │
└─────────────────────────┘ └─────────────────────────────────────────┘
Client (Buyer) ZenithPay Seller Route OKX Facilitator
| | |
|---- GET/POST /sell/agent-intel ---->| |
|<--- 402 + Payment-Required ---------| |
| (USDG amount + payTo) | |
| | |
|---- POST /pay (buyer flow) -------->| |
| with serviceUrl=/sell/... | |
| |---- verify + settle --------------->|
| |<------------- txHash + success -----|
|<--- approved { txHash, network } ---| |
ZenithPay wraps the buyer flow in POST /pay, while /sell/agent-intel is the seller-side x402 route that issues payment requirements and returns the paid resource after settlement.
Agent wants to pay api.service.com for $0.10 USDG
│
▼
[1] zenithpay_get_limits → perTxLimit: $0.25, dailyBudget: $3.00, spent today: $0.40
│
▼
[2] zenithpay_balance → USDG: $0.06, OKB: 0.8 (≈$0.50 at market)
│ Insufficient USDG → auto-swap triggered
▼
[3] OKX DEX Swap → OKB → USDG, slippage-protected, zero gas
│
▼
[4] zenithpay_verify_merchant → OKX security scan passes, merchant allowlisted ✓
│
▼
[5] SpendPolicy.sol check → $0.10 < $0.25 perTxLimit ✓, daily budget not exceeded ✓
│
▼
[6] x402 settle → OKX Payments API, zero gas on X Layer
│
▼
[7] PaymentExecuted event → logged onchain + to ledger
│
▼
Agent receives: { status: "approved", txHash: "0x..." }
When a payment exceeds the approvalThreshold, the agent is not blocked — it waits:
Agent requests $0.20 payment → above $0.10 approvalThreshold
│
▼
status: "pending" + approvalId returned to agent
│
▼
Human reviews intent, amount, and merchant
│
├── Approve → payment executes immediately via OKX x402
└── Deny → payment cancelled, reason logged, agent notified
Limits are enforced at the smart contract level. Even if ZenithPay's API goes down, the policy holds.
| Field | Enforced | Behaviour |
|---|---|---|
perTxLimit |
On-chain | Blocks if any single payment exceeds cap |
dailyBudget |
On-chain | Blocks if cumulative daily spend exceeded |
allowlist |
On-chain | Blocks if merchant address not on list |
approvalThreshold |
Off-chain | Queues for human review if exceeded |
Presets:
- Conservative → $0.10 per tx / $1.00 daily
- Balanced → $0.50 per tx / $5.00 daily
- Open → $2.00 per tx / $20.00 daily
| Works with |
 OpenClaw |
 Claude Code |
 Codex |
 Cursor |
# Tell your agent:
Read https://api.usezenithpay.xyz/skill.md and follow the setup and onboarding instructionsWhat happens:
| Step | Action |
|---|---|
| 1 | Agent checks ~/.zenithpay/config.json — wallet exists? Skip to step 4 |
| 2 | Agent prompts for email → POST /wallet/genesis → OKX TEE wallet created, no key stored |
| 3 | Agent installs MCP server → tools persist across sessions |
| 4 | You: Open link from agent → connect wallet → set spend limits → sign onchain |
| 5 | Agent verifies policy is active → ready to spend |
Agent tool call order at runtime:
zenithpay_get_limits → zenithpay_balance → zenithpay_verify_merchant → zenithpay_pay_service → zenithpay_ledger
| Method | Command |
|---|---|
| Skill | curl -s https://api.usezenithpay.xyz/skill.md — agent reads, gets tools + onboarding |
| MCP | Add to config: url: https://api.usezenithpay.xyz/mcp with Authorization + X-Agent-Address headers |
| REST | POST /pay with Bearer token — any language, any framework |
Six tools available via MCP server and Agent Skill. Approval actions are REST-only by design.
| Tool | Description |
|---|---|
zenithpay_balance |
USDG + OKB balance + remaining daily budget |
zenithpay_get_limits |
Read current onchain spend policy |
zenithpay_verify_merchant |
OKX security scan + allowlist check before paying |
zenithpay_pay_service |
Policy-gated x402 payment with auto-swap |
zenithpay_set_limits |
Deploy / update onchain spend policy (requires human signature) |
zenithpay_ledger |
Full onchain + internal transaction audit trail |
All endpoints require Authorization: Bearer $ZENITHPAY_API_KEY except /health.
| Method | Route | Description |
|---|---|---|
GET |
/health |
Health check — no auth required |
POST |
/wallet/genesis |
Create TEE-secured agent wallet via OKX |
GET |
/wallet/balance |
USDG + OKB balance + remaining daily budget |
GET |
/wallet/agents |
List all agents under authenticated account |
POST |
/pay |
Execute policy-gated x402 payment (buyer entry point) |
GET |
/sell/agent-intel |
Seller-side x402 endpoint — returns 402 challenge or paid data |
GET |
/limits |
Read current spend policy for agent(s) |
POST |
/limits |
Deploy / update spend policy — requires human EOA signature |
GET |
/ledger |
Full transaction audit trail |
GET |
/approvals |
Pending payments awaiting human review |
POST |
/approvals/:id/approve |
Approve pending payment — executes immediately |
POST |
/approvals/:id/deny |
Deny pending payment — cancels and logs |
POST /pay responses: approved (txHash) · pending (approvalId) · blocked (reason)
Full schemas → docs.usezenithpay.xyz
| Capability | OnchainOS API |
|---|---|
| Agent wallet creation | Agentic Wallet — TEE, email OTP, gas-free |
| Balance queries | Wallet Check Balance API |
| x402 payments | Payments API — /api/v6/x402/verify + /settle |
| Auto-swap OKB → USDG | DEX Swap API — 500+ liquidity sources |
| Tx simulation + broadcast | Wallet Transaction API |
| Market + price data | Market API |
| Token safety checks | Token API |
| Merchant security scan | Agentic Wallet — security_dapp_scan |
| Layer | Technology |
|---|---|
| Frontend | Next.js 16, Tailwind v4, shadcn/ui, Motion |
| Backend API | Bun, Hono |
| Database | PostgreSQL, Supabase, Drizzle ORM |
| Wallet Connect | wagmi, OKX Wallet (EIP-6963) |
| Smart Contracts | Solidity, Foundry, OpenZeppelin |
| Blockchain | X Layer mainnet (chain ID 196) |
| Payment Protocol | x402 — OKX Facilitator · Payments API |
| Agent Wallet | OKX Agentic Wallet (TEE) |
| Agent Protocol | MCP (Model Context Protocol) |
| OKX OnchainOS | Wallet API · Portfolio API · DEX Swap · Onchain Gateway · Market API · Token API |
| Web Deploy | Vercel |
| API Deploy | Railway |
Prerequisites: Bun · Foundry · OKX API key · Supabase project
git clone https://github.com/zenith-hq/zenithpay-xlayer.git
cd zenithpay-xlayer
bun installcp api/.env.example api/.env
cp web/.env.example web/.env.localapi/.env:
XLAYER_RPC_URL=https://rpc.xlayer.tech
OKX_API_KEY=... # web3.okx.com/onchain-os/dev-portal
OKX_SECRET_KEY=...
OKX_PASSPHRASE=...
SUPABASE_URL=...
SUPABASE_SERVICE_KEY=...
SPEND_POLICY_ADDRESS=0x... # fill after step 3
ZENITHPAY_API_KEY_SECRET=...contracts/.env:
DEPLOYER_PRIVATE_KEY=0x...
XLAYER_RPC_URL=https://rpc.xlayer.techweb/.env.local:
NEXT_PUBLIC_APP_URL=http://localhost:3000
NEXT_PUBLIC_API_URL=http://localhost:3001
SPEND_POLICY_ADDRESS=0x...cd contracts
forge build && forge test
forge script script/Deploy.s.sol --rpc-url $XLAYER_RPC_URL --broadcast --slowCopy the deployed address → SPEND_POLICY_ADDRESS in api/.env, then:
cd api && bun run db:migratecd web && bun dev # :3000
cd api && bun dev # :3001| Service | Host | Config |
|---|---|---|
api/ |
Railway | Root: api/ · CNAME api → Railway URL |
web/ |
Vercel | Root: web/ · auto-deploys on push |
docs/ |
Vercel | Root: docs/ · auto-deploys on push |
zenithpay-xlayer/
│
├── api/ # Bun + Hono — REST · MCP · Agent Skill
│ └── src/
│ ├── app.ts # Entry — /health · /mcp · /skill.md
│ │
│ ├── providers/onchainos/ # ★ All OKX OnchainOS calls
│ │ ├── agentic-wallet.ts # ★ OKX Agentic Wallet (TEE) — create + login
│ │ ├── balance.ts # ★ OKX Wallet Check Balance API
│ │ ├── swap.ts # ★ OKX DEX Swap — OKB→USDG (500+ sources)
│ │ ├── payments.ts # ★ OKX Payments API — x402 verify + settle
│ │ ├── gateway.ts # ★ OKX Onchain Gateway — simulate + broadcast
│ │ ├── market.ts # ★ OKX Market API — prices + portfolio
│ │ └── token.ts # ★ OKX Token API — safety + dapp scan
│ │
│ ├── modules/
│ │ ├── payment/payment.service.ts # Core flow — policy gate → swap → x402 settle
│ │ ├── wallet/wallet.service.ts # Wallet creation via OKX Agentic Wallet TEE
│ │ ├── limits/limits.service.ts # SpendPolicy.sol read/write via viem
│ │ ├── approvals/ # Human review queue — approve · deny
│ │ ├── balance/ # Balance reads
│ │ └── ledger/ # Audit trail — every payment logged with intent
│ │
│ ├── routes/
│ │ ├── pay.ts # POST /pay — buyer entry point for policy-gated x402
│ │ ├── demo.ts # GET /sell/agent-intel — seller-side x402 resource route
│ │ ├── limits.ts # GET + POST /limits — policy read/write
│ │ ├── wallet.ts # POST /wallet/genesis · GET /wallet/balance · /agents
│ │ ├── ledger.ts # GET /ledger — full transaction audit trail
│ │ ├── approvals.ts # GET /approvals · POST /approvals/:id/approve|deny
│ │ └── agents.ts # POST /agents/link — owner-agent mapping
│ │
│ ├── mcp/
│ │ ├── server.ts # MCP server — StreamableHTTPTransport at /mcp
│ │ └── tools/ # 6 tools: balance · pay · limits · verify · ledger
│ │
│ └── middleware/ # auth · logger · rate-limit
│
├── contracts/
│ └── src/SpendPolicy.sol # ★ Onchain enforcement — PaymentExecuted/Blocked
│
├── skills/
│ └── spend-agent/SKILL.md # ★ Agent Skill — curl https://api.usezenithpay.xyz/skill.md
│
├── web/ # Next.js 16 — marketing + dashboard
│ ├── lib/
│ │ └── okx-wallet.ts # ★ OKX DApp Wallet Connect helpers
│ ├── components/
│ │ ├── providers/web3-provider.tsx # ★ wagmi config with OKX injected provider
│ │ ├── signin.tsx # ★ OKX-only wallet connect + X Layer chain switch
│ │ └── user-dropdown.tsx # ★ OKX-only reconnect flow from app shell
│ └── app/
│ ├── onboarding/onboarding-flow.tsx # ★ OKX-only onboarding + chain enforcement
│ ├── (marketing)/ # Landing page
│ └── (dashboard)/ # Wallet · Pay · Limits · Approvals · Ledger
│
└── docs/ # Fumadocs — docs.usezenithpay.xyz
-
SpendPolicy.sol— onchain enforcement, X Layer mainnet - OKX Agentic Wallet TEE — zero private key exposure
- x402-native payment routing with auto-swap (OKB → USDG)
- Human approval queue for above-threshold payments
- MCP server + Agent Skill — any agent framework
- Dashboard — spend policy, ledger, approvals
- Guardian-per-agent contracts — funds locked inside the contract, not just policy-gated
- Smart accounts + session keys (ERC-4337) — scoped, expiring agent permissions
- ERC-8004 agent trust identity
-
npx skills add zenithpay/spend-agent
- Agent Card — virtual cards backed by the SpendPolicy engine
- Agent Credit — credit lines backed by onchain spend history
- ZenithPay SDK — drop-in npm package for any agent framework
- Multi-agent dashboard — manage agent fleets with unified policy
- OKX OnchainOS — agentic infrastructure that makes this possible
- x402 Protocol — machine-native micropayments
- X Layer — the chain powering ZenithPay
PRs welcome. Open an issue first for significant changes.
MIT