Skip to main content

Securing Agents with Policies

An agent without policies is an open wallet. This guide walks through configuring the policies, alerts, and controls that make Conto valuable in production, from basic spend caps to x402 micropayment budgets.

Prerequisites

An active agent with a linked wallet
Familiarity with the payment request/execute flow (Quickstart)

How Policies Work

Before diving in, three rules to remember:
  1. AND logic: All assigned policies are evaluated. The most restrictive outcome wins.
  2. First deny stops: If any policy returns DENY, evaluation stops immediately.
  3. Wallet limits first: Wallet-level per-transaction/daily/weekly/monthly limits are checked before policy rules.

Layer 1: Spending Limits

The foundation. Every production agent should have spend caps.

Daily Budget

Prevents a runaway agent from draining the wallet in a single day.
1

Create the policy

Go to PoliciesCreate Policy.
2

Add rule

The agent can spend up to $100 per day across all transactions. Resets at midnight UTC.
3

Assign to agent

Go to the agent’s Permissions tab and assign this policy.

Per-Transaction Cap

Prevents any single large transaction, even if the daily budget has room. Add this as a second rule in the same policy, or create a separate policy. Both approaches work. Conto evaluates all rules regardless.

Human Approval for Large Payments

Automatically escalate payments above a threshold for human review. Payments over $50 show up in Pending Approvals in the dashboard. The agent receives REQUIRES_APPROVAL and can poll or use webhooks to check status.
A common pattern: set MAX_AMOUNT to 200(harddenyabove)andREQUIREAPPROVALABOVEto200 (hard deny above) and REQUIRE_APPROVAL_ABOVE to 50 (human review in the middle). Payments under 50flowautomatically,50 flow automatically, 50-200needapproval,andabove200 need approval, and above 200 are blocked outright.

Layer 2: Counterparty Controls

Control who your agent can pay, not just how much.

Allowlist Known Recipients

Only permit payments to pre-approved addresses.
1

Create the policy

2

Add rule

Only addresses in this list can receive payments. All others are denied.

Block Specific Addresses

Alternatively, allow all recipients except specific blocked ones:

Trust Score Threshold

Require counterparties to have a minimum trust score before receiving payments: New, unknown counterparties start with a low trust score. As transaction history builds, their score increases. See Trust Providers for how scoring works.

Layer 3: Time Controls

Restrict when your agent can make payments.

Business Hours Only

1

Create the policy

2

Add time window rule

3

Add day-of-week rule

Both rules must pass (AND logic). Payments outside business hours or on weekends are denied.
Policy-rule time windows use the server’s local time. Use wallet-level time windows when you need an explicit IANA timezone such as America/New_York.

Blackout Periods

Block payments during specific date ranges (holidays, maintenance windows):

Layer 4: x402 Micropayment Controls

If your agent pays for APIs using the x402 protocol, add dedicated micropayment policies.

Cap Per API Call

Prevent a single expensive API call from draining the budget: No single x402 payment can exceed $0.10.

Budget Per Service

Limit total spending on a specific API service: Total spend per service domain cannot exceed $50.

Allowlist Approved Services

Only allow x402 payments to known API providers: Payments to any other x402 service domain are denied.

Layer 5: Alerts

Policies prevent bad transactions. Alerts tell you when something interesting happens. Go to Alerts in the sidebar and configure:

x402-Specific Alerts

If using x402 micropayments, also enable:

Putting It Together: Example Configuration

Here’s a production-ready policy stack for a typical AI agent: With this stack, the agent can:
  • Automatically pay up to $25 to known recipients during business hours
  • Request human approval for 2525-50 payments
  • Never exceed 50inasingletransactionor50 in a single transaction or 200/day
  • Pay for x402 APIs up to 0.10/calland0.10/call and 20/service

Verifying Your Policies

After setting up, verify with the setup endpoint:
The policies array shows all active policies and their rules. Run a few test transactions to confirm enforcement before going live.

Troubleshooting

Policies must be assigned to the agent in the Permissions tab. Creating a policy doesn’t apply it automatically. Also verify the policy status is ACTIVE (not DRAFT or DISABLED).
Policies stack with AND logic. If you have 5 restrictive policies, the agent must pass all of them. Review each policy’s rules and consider loosening thresholds or removing redundant policies.
Organization-level policies apply to all agents and stack with agent policies. If an org policy caps transactions at 25,anagentlevelpolicyallowing25, an agent-level policy allowing 100 won’t override it. Check with your org admin.
Wallet-level limits (set when linking a wallet) are checked first and separately from policies. If the wallet per-transaction limit is 10butyourpolicyallows10 but your policy allows 50, the wallet limit wins. Edit wallet limits from the agent detail page.

Next Steps

Recipes

Copy-paste policy configurations for common scenarios

Advanced Policies

x402, MPP, geographic, and DeFi policy rules

Trust Providers

Counterparty trust scoring and verification

Policy Testing

Step-by-step policy enforcement testing