Guardian enables safe AI-powered on-chain finance using MetaMask Smart Accounts, ERC-7715 permissions, Venice AI, and 1Shot relayers, allowing agents to act within user-defined limits.
AI agents are rapidly evolving from assistants into autonomous economic actors capable of making payments, managing subscriptions, interacting with DeFi protocols, and executing transactions on behalf of users.
However, there is a fundamental problem:
Current AI agents require trust.
To perform useful financial actions, users must often grant broad wallet permissions or expose private signing authority. This creates significant risks:
Prompt injection attacks can manipulate agents into executing harmful transactions.
AI hallucinations can trigger unintended transfers.
Malicious plugins or compromised agents can drain funds.
Users lose visibility and control over what their AI is allowed to do.
Existing automation systems lack granular, enforceable spending boundaries.
Today, users face an impossible trade-off:
Give AI enough authority to be useful, or keep control and lose automation.
There is no secure middle ground.
Guardian introduces a new paradigm:
Guardian allows users to delegate limited financial authority to AI agents while maintaining full ownership and control of their assets.
Instead of granting unrestricted wallet access, users create permission-bound agent sessions using MetaMask Smart Accounts and ERC-7715 delegation rules.
Every action proposed by an AI agent must pass through Guardian's security engine before execution.
Guardian transforms financial automation from:
Trust the Agent
into:
Trust the Rules
The user connects their MetaMask wallet.
Guardian creates a MetaMask Smart Account that acts as the secure execution layer for all future delegated actions.
This Smart Account becomes the controlled environment through which AI-generated transactions are evaluated and executed.
The user creates a dedicated AI session with explicit constraints:
Maximum spending limits
Approved destination addresses
Session expiration periods
Allowed transaction types
Risk boundaries
These permissions form a delegation framework that defines exactly what an AI agent can and cannot do.
Users interact naturally:
Examples:
"Pay my rent"
"Move 50 USDC to savings"
"Allocate funds to my emergency reserve"
"Transfer money to my approved wallet"
Venice AI converts these human instructions into structured financial intents.
Instead of executing immediately, the intent is forwarded to Guardian's security layer.
This is the core innovation.
Every AI-generated transaction is inspected before execution.
Guardian validates:
Spending limits
Destination restrictions
Session validity
Delegation scope
Asset permissions
Execution boundaries
If any rule is violated, execution is immediately rejected.
No transaction reaches the blockchain unless it satisfies all delegated constraints.
Once verified, Guardian generates the transaction payload and executes it through the 1Shot Permissionless Relayer.
This allows users to benefit from seamless, gasless transaction experiences while maintaining strict security controls.
The current Guardian demonstration showcases a complete secure AI-agent workflow.
User Prompt:
"Pay 50 USDC for rent"
Flow:
Venice AI interprets the request.
Guardian converts the instruction into a structured execution intent.
Delegation constraints are loaded.
Spending limits are verified.
Destination checks pass.
Session permissions are confirmed.
Transaction is approved.
Execution is relayed through 1Shot.
Outcome:
✅ Transaction Approved
This demonstrates secure autonomous execution under user-defined constraints.
User Prompt:
"Send 5000 USDC"
Flow:
Venice AI generates intent.
Guardian evaluates transaction amount.
Requested amount exceeds delegated spending limit.
Validation engine blocks execution.
Outcome:
❌ Transaction Rejected
This demonstrates protection against excessive spending.
User Prompt:
"Send funds to an unknown wallet"
Flow:
Venice AI generates transaction intent.
Guardian checks destination whitelist.
Destination fails authorization rules.
Execution is blocked.
Outcome:
❌ Transaction Rejected
This demonstrates protection against wallet-draining attacks.
Guardian solves one of the most important problems in the future of autonomous finance:
Most solutions focus on making AI agents more powerful.
Guardian focuses on making them safer.
By introducing permissioned autonomy, Guardian enables:
Safer AI-powered payments
Secure financial automation
Controlled spending authority
Reduced trust assumptions
Better protection against prompt injection attacks
User-controlled agent ecosystems
Guardian provides the missing trust layer required for widespread adoption of autonomous AI agents in finance.
The current demo validates the core concept of permissioned AI execution.
Our long-term vision is to evolve Guardian into a universal security layer for autonomous economic agents.
Future capabilities include:
AI agents that manage recurring payments, subscriptions, and savings while operating within user-defined budgets.
Permissioned agents capable of staking, swapping, yield farming, and liquidity management without unrestricted wallet access.
Multiple specialized AI agents collaborating securely under shared delegation frameworks.
Real-time monitoring and adjustment of permissions based on transaction behavior and risk scoring.
Deployment of advanced smart contract caveat systems that cryptographically enforce delegation rules directly on-chain.
Permissioned AI execution across multiple blockchain ecosystems using a unified delegation framework.
Guardian is building the security and permission layer for the next generation of autonomous financial agents.
As AI becomes increasingly capable of managing money, assets, and financial decisions, users should not be forced to choose between automation and security.
Guardian ensures they can have both.
AI Autonomy Without Custody.
Identified the growing security risks associated with autonomous AI agents managing financial transactions.
Designed the core concept of Guardian, a permissioned AI execution layer that enables AI autonomy without sacrificing wallet security.
Defined the end-to-end architecture combining MetaMask Smart Accounts, ERC-7715 delegated permissions, Venice AI, and 1Shot relayers.
Planned the security model centered around delegated authority, session-based permissions, and transaction validation.
Established the user journey from natural language intent to secure on-chain execution.
Integrated MetaMask wallet connectivity using Wagmi and Viem.
Implemented deterministic Smart Account generation through MetaMask Smart Accounts Kit.
Built delegated agent session creation using ephemeral session keys.
Developed the permission management interface allowing users to define:
Spending limits
Approved destinations
Session duration
Agent authorization scope
Implemented cryptographic delegation workflows aligned with ERC-7715 concepts.
Integrated Venice AI to transform natural language instructions into structured financial intents.
Built Guardian's validation engine to verify all AI-generated actions before execution.
Implemented:
Spending limit enforcement
Destination authorization checks
Session validity verification
Delegation rule validation
Developed simulation and security testing workflows to demonstrate both approved and blocked execution paths.
Created multiple attack scenarios to validate protection against unauthorized actions and excessive spending.
Built the transaction construction layer responsible for generating blockchain-ready execution payloads.
Integrated the 1Shot Permissionless Relayer to support gasless transaction execution.
Connected AI outputs, delegation rules, validation results, and transaction generation into a complete execution pipeline.
Added transaction lifecycle tracking, execution status monitoring, and relay state visualization.
Implemented fallback mechanisms to ensure reliable operation during infrastructure failures.
Refined delegation signing and verification workflows using Smart Account capabilities.
Added live balance synchronization and account monitoring features.
Performed extensive end-to-end testing across AI parsing, delegation validation, transaction generation, and execution flows.
Improved user experience by visualizing:
Delegation relationships
Trust boundaries
Permission constraints
Execution pipelines
Developed demonstration scenarios showcasing:
Successful AI-assisted transactions
Overspending prevention
Unauthorized destination blocking
Delegated authority enforcement
Finalized the Guardian prototype and prepared the project for hackathon submission.
Over 10 days, Guardian evolved from an idea into a working prototype demonstrating how autonomous AI agents can safely interact with on-chain assets through delegated permissions, cryptographic guardrails, and gasless execution.
Guardian proves that the future of AI-powered finance does not require blind trust in agents. Instead, users can define explicit rules, delegate limited authority, and maintain control while benefiting from intelligent automation.
Guardian - AI Autonomy Without Custody.
Not currently fundraising. Guardian is a hackathon-stage prototype focused on validating secure AI delegation, permissioned execution, and autonomous finance workflows.