Choose Your Integration
If you are deciding between the Conto SDK, the OpenClaw skill, the Hermes skill, x402, and MPP, start here. The right path usually comes down to three questions:- Where does your agent run?
- Who holds the wallet keys?
- Are you making one-off payments or repeated protocol-native API payments?
Quick Decision Matrix
Choose the Control Surface First
Conto SDK / REST API
Choose the SDK or REST API when you own the agent runtime and want the most direct integration.- Best for custom backends, agent orchestration services, LangChain/OpenAI wrappers, and custom tools.
- Works well with both managed wallets and agent-held external wallets.
- Gives you the cleanest path to custom approval handling, policy creation, analytics, and audit automation.
OpenClaw Skill
Choose OpenClaw when your agent already lives inside OpenClaw and typically uses an external wallet or wallet MCP tools.- Install is fast through ClawHub (
npx clawhub install conto), which installs the helper script with the skill. - The most common pattern is
approve -> transfer -> confirm. - Requires
curl,jq, andpython3onPATHfor the helper; invoke it withbash skills/conto/conto-check.sh. - Best when you want Conto to be the policy gate while your existing OpenClaw wallet stack keeps execution.
- Lets the assigned human owner list, approve, or deny pending payment reviews in the OpenClaw conversation. Final approvals auto-send managed wallets; external wallets return a constrained send-and-confirm handoff.
Hermes Skill
Choose the Nous Hermes skill when your agent is already running on Hermes and you want Conto policy enforcement to feel native in that workflow.- Installs through Hermes well-known skill discovery (
hermes skills install well-known:... --force) after you review the install scan. - Good fit for natural-language policy management and wallet-aware agent operations.
- Requires
curl,jq, andpython3onPATHfor the helper; invoke it withbash ~/.hermes/skills/conto/conto-check.sh. - Supports the same underlying Conto approval and policy engine as the SDK flow.
MCP Server
Choose MCP when a human operator, analyst, or assistant needs to inspect trust, policies, alerts, and agent state alongside the runtime integrations above.- Good fit for finance, ops, and security teams.
- Complements SDK, OpenClaw, and Hermes rather than replacing them.
Then Choose the Payment Rail
You can mix these choices. For example, a Hermes or OpenClaw agent can still use x402 or MPP; the
framework choice decides the control surface, while x402 and MPP decide the payment rail.
batchItems. Session budget checks use the recorded sessionId, so use a stable session
identifier for the lifetime of one paid API session.
Wallet Model: Integrated vs External
If your agent already has wallet tools in OpenClaw or Hermes, the external model is often the fastest
adoption path. If you want fewer moving parts, integrated wallets are usually the cleanest production
setup.
External wallets can still use the same policy engine, approval workflows, and audit trail. The
difference is that Conto governs the flow that goes through Conto. It does not cryptographically
block a direct transfer your signer makes outside Conto.
Canonical Examples
1. Custom agent with managed execution
- Runtime: custom backend
- Wallet model: integrated
- Rail: standard onchain payment
- Flow:
POST /api/sdk/payments/requestwithautoExecute: true - Best for: vendor payments, infra spend, low-latency production flows
2. OpenClaw agent with external wallet controls
- Runtime: OpenClaw
- Wallet model: external
- Rail: standard onchain payment
- Flow:
POST /api/sdk/payments/approve -> transfer -> POST /api/sdk/payments/{id}/confirm - Best for: teams that already have wallet MCP tools and want to add guardrails without re-architecting
3. Hermes agent paying APIs with x402
- Runtime: Hermes
- Wallet model: usually external
- Rail: x402
- Flow:
402 challenge -> /api/sdk/x402/pre-authorize -> pay -> retry -> /api/sdk/x402/record - Best for: controlled pay-per-call API buying
4. SDK integration for high-frequency MPP sessions
- Runtime: custom backend
- Wallet model: integrated or external
- Rail: MPP
- Flow:
pre-authorize deposit -> open session -> repeated charges -> close session -> record settlement - Best for: repeated calls to the same service where per-call onchain settlement would be wasteful
5. AgentScore-gated merchant checkout
- Runtime: custom backend or skill-driven agent
- Wallet model: usually integrated
- Rail: standard onchain payment
- Flow:
request -> VERIFICATION_REQUIRED (if needed) -> human verifies -> auto resume -> execute - Best for: agent purchases that must prove the human behind the agent passed merchant compliance checks
Decision Tree
Related Guides
Architecture Patterns
See the core payment, approval, x402, and MPP diagrams
Recipes
Copy-paste commands for SDK, OpenClaw, Hermes, x402, MPP, approvals, and trust
Approval Workflows
Add four-eyes review and escalation paths
Trust Scoring
Understand counterparty risk, verification, and trust-based controls