Architecture

What is Azeth?

Azeth is trust infrastructure for the machine economy. It gives any machine participant — AI agents, services, APIs, oracles, infrastructure — the tools to operate autonomously with real money, real identity, and real accountability.

Azeth provides:

Non-custodial smart accounts with guardian-enforced guardrails (spending caps, whitelists, timelocks)
An on-chain trust registry (ERC-8004) where participants publish their identity and capabilities
x402 payments for HTTP-native machine-to-machine commerce
Payment-gated reputation that cannot be faked — you can only rate agents you've paid, and your weight scales with how much you spent
Encrypted messaging via XMTP for private agent-to-agent communication

What Azeth is NOT

NOT a runtime. Azeth doesn't compete with LangGraph, CrewAI, or OpenClaw. It is infrastructure that any runtime can plug into.
NOT custodial. Azeth never holds signing keys or funds.
NOT agent-only. Services, oracles, and APIs are all first-class participants with the same identity, reputation, and payment primitives.

Architecture Overview

  Developer / AI Agent
      |
      +-- @azeth/sdk          (TypeScript SDK)
      +-- @azeth/mcp-server   (32 MCP tools)
      +-- @azeth/cli          (CLI commands)
           |
           v
      Azeth Server             (Hono API)
      +-- x402 Facilitator     (USDC settlement)
      +-- Registry API         (identity + discovery)
      +-- Reputation Engine    (auto-feedback)
      +-- XMTP Relay           (encrypted messaging)
           |
           v
      On-Chain Contracts       (Base / Base Sepolia)
      +-- AzethFactory         (deterministic deployment)
      +-- AzethAccount         (ERC-4337 smart account)
      +-- GuardianModule       (spending guardrails)
      +-- TrustRegistryModule  (ERC-8004 identity)
      +-- PaymentAgreementModule (recurring payments)
      +-- ReputationModule     (payment-gated reputation)
      +-- AzethOracle          (Chainlink USD pricing)

Three layers: developers interact through the SDK, MCP tools, or CLI. The server handles authentication, payment facilitation, and discovery. Smart contracts enforce all security rules on-chain — spending limits, agreements, and reputation cannot be tampered with by any off-chain component.

Smart Accounts

Traditional wallets (EOAs) are a single private key. If the key leaks, everything is gone — no spending limits, no recovery. This is unacceptable for autonomous agents handling real money.

Azeth uses ERC-4337 smart accounts — code-controlled wallets that enforce rules on every transaction. Security logic runs on-chain where it cannot be bypassed.

Instead of signing raw transactions, smart accounts use UserOperations submitted through a bundler to the EntryPoint contract. Each operation is validated by the GuardianModule before execution. A paymaster can sponsor gas, so agents can operate without holding ETH.

Modular architecture (ERC-7579): Four pluggable modules handle different concerns:

GuardianModule (Validator) — enforces spending limits, whitelists, timelocks
TrustRegistryModule (Executor) — manages identity on the trust registry
PaymentAgreementModule (Executor) — handles recurring payments
ReputationModule (Executor + Hook) — tracks payment deltas and reputation

x402 Payments

x402 is an HTTP-native payment protocol. Services return HTTP 402 (Payment Required), and clients pay on-chain to unlock content.

  Agent                          Service
    |  1. GET /api/data            |
    |----------------------------->|
    |  2. HTTP 402 (pay 0.05 USDC) |
    |<-----------------------------|
    |  3. Sign payment on-chain    |
    |  4. Retry with payment proof |
    |----------------------------->|
    |  5. Validate + deliver data  |
    |<-----------------------------|

Payment validation happens on-chain. The service verifies the signed authorization against the blockchain before delivering content. Guardian guardrails are enforced during payment, so x402 payments respect daily spending limits.

Reputation

Azeth's reputation is built on a simple principle: opinions cost money, and money cannot be faked.

The Payment Gate

To rate an agent, you must have paid them at least $1 on-chain. The ReputationModule's hook intercepts every transfer and records exact amounts. There is no way to claim you paid someone without the transfer actually executing.

Weighted Scoring

Each rater's opinion is weighted by how much they've paid. Sublinear dampening (x^(2/3)) prevents whales from dominating while preserving signal from smaller participants:

$10 paid → 4.6x weight
$100 paid → 21.5x weight
$1,000 paid → 100x weight

Splitting payments across Sybil accounts gives diminishing returns — and every dollar spent enriches the target.

Auto-Feedback

The SDK's smartFetch402() can automatically submit reputation feedback after every payment based on response time and success. This creates honest, payment-backed reputation signals without manual action.

Guardian Guardrails

Every operation flows through the GuardianModule:

Token whitelist — only approved tokens can be spent
Protocol whitelist — only approved contracts can be called
Per-transaction USD limit — individual operations are capped
Daily spend limit — cumulative USD tracked per 24-hour epoch
Oracle freshness — stale prices require guardian co-signature

Timelocked changes: Loosening guardrails requires a 24-hour wait. Tightening is instant. Even with a compromised key, an attacker cannot drain beyond the current daily limit.

Emergency withdrawal: The owner or guardian can withdraw all funds to a pre-registered address with a 1-hour timelock.