Skip to main content

Counterparty Policies

Counterparty policies control which recipients agents can pay based on trust levels, verification status, and relationships.

Configuration (API)

Create counterparty rules via the Policy Rules API: 
curl -X POST https://conto.finance/api/policies/{policyId}/rules \
  -H "Authorization: Bearer $CONTO_API_KEY" \
  -d '{
    "rules": [
      {
        "ruleType": "ALLOWED_COUNTERPARTIES",
        "operator": "IN_LIST",
        "value": "[\"0x1234567890abcdef1234567890abcdef12345678\", \"0xabcdef1234567890abcdef1234567890abcdef12\"]",
        "action": "ALLOW"
      },
      {
        "ruleType": "TRUST_SCORE",
        "operator": "GREATER_THAN_OR_EQUAL",
        "value": "70",
        "action": "ALLOW"
      }
    ]
  }'

Rule Types

ALLOWED_COUNTERPARTIES

Only allow payments to specific wallet addresses (allowlist): 
{
  "ruleType": "ALLOWED_COUNTERPARTIES",
  "operator": "IN_LIST",
  "value": "[\"0x1234...\", \"0x5678...\"]",
  "action": "ALLOW"
}
Address matching is case-insensitive.

BLOCKED_COUNTERPARTIES

Block payments to specific addresses: 
{
  "ruleType": "BLOCKED_COUNTERPARTIES",
  "operator": "IN_LIST",
  "value": "[\"0xdead...\"]",
  "action": "DENY"
}

TRUST_SCORE

Only allow payments to counterparties above a trust threshold: 
{
  "ruleType": "TRUST_SCORE",
  "operator": "GREATER_THAN_OR_EQUAL",
  "value": "70",
  "action": "ALLOW"
}
Trust scores are calculated automatically based on:
  • Transaction history (30%)
  • Reliability/success rate (30%)
  • Account activity (20%)
  • Verification status (20%) — includes external providers like Fairscale (Solana) and sanctions screening
The trust score and trust level are automatically fetched during policy evaluation and passed into the rule engine. You don’t need to provide them in the payment request — just create the rules and the evaluator populates the context from the counterparty relationship and network trust service.

COUNTERPARTY_STATUS

Require a specific trust level: 
{
  "ruleType": "COUNTERPARTY_STATUS",
  "operator": "EQUALS",
  "value": "{\"status\": \"TRUSTED\"}",
  "action": "ALLOW"
}

Trust Levels

LevelScore RangeDescription
TRUSTED75-100High confidence, minimal restrictions
VERIFIED50-74Established relationship
UNKNOWN20-49Limited history
BLOCKED0-19Blocked from transactions

Whitelist Policy

For maximum control, use ALLOWED_COUNTERPARTIES with ALLOW action to only allow specific addresses. Any recipient not in the list will be denied: 
{
  "ruleType": "ALLOWED_COUNTERPARTIES",
  "operator": "IN_LIST",
  "value": "[\"0x1234567890abcdef1234567890abcdef12345678\", \"0xabcdef1234567890abcdef1234567890abcdef12\"]",
  "action": "ALLOW"
}

Relationship Spend Limits

In addition to policy rules, you can set per-counterparty spend limits on the AgentRelationship record. These are enforced automatically during payment evaluation:
FieldDescription
spendLimitPerTxMaximum amount per transaction to this counterparty
spendLimitDailyMaximum total spend per day to this counterparty
spendLimitMonthlyMaximum total spend per month to this counterparty
These limits are checked after the trust/block check and before the final approval decision. If a counterparty has a $500/day limit, the evaluator aggregates all confirmed/pending transactions to that address today and blocks if the new payment would exceed it. 
# Set per-counterparty limits when creating a relationship
curl -X POST https://conto.finance/api/agents/{agentId}/relationships \
  -H "Authorization: Bearer $CONTO_API_KEY" \
  -d '{
    "counterpartyId": "cp_abc123",
    "spendLimitPerTx": 200,
    "spendLimitDaily": 500,
    "spendLimitMonthly": 5000
  }'

Managing Counterparties

Add Counterparty

curl -X POST https://conto.finance/api/counterparties \
  -H "Authorization: Bearer $CONTO_API_KEY" \
  -d '{
    "name": "Amazon Web Services",
    "type": "VENDOR",
    "address": "0x1234...",
    "domain": "aws.amazon.com",
    "category": "INFRASTRUCTURE",
    "trustLevel": "TRUSTED"
  }'

Block Counterparty

curl -X POST https://conto.finance/api/counterparties/{id}/status \
  -H "Authorization: Bearer $CONTO_API_KEY" \
  -d '{
    "status": "BLOCKED",
    "reason": "Suspicious activity detected"
  }'

Network Intelligence & External Providers

Conto’s Network Intelligence provides cross-organization trust signals:
  • See if other organizations have flagged an address
  • Benefit from collective fraud detection
  • Automatic trust score adjustments
For Solana wallets, Conto also integrates with Fairscale for onchain reputation scoring. Wallets with no existing network data are automatically enriched with Fairscale scores, and behavioral red flags generate network alerts. See Trust & Risk Providers for configuration and all available providers.
Network data is anonymized. Organizations share aggregate signals, not transaction details.

Best Practices

Begin with a small list of trusted vendors:
{
  "policyType": "WHITELIST",
  "rules": [{
    "addresses": ["0xaws...", "0xopenai...", "0xgcp..."]
  }]
}
As you verify new vendors, increase their trust level:
  1. New vendor: UNKNOWN (auto-blocked)
  2. After review: VERIFIED
  3. After history: TRUSTED
Regularly review trust scores in the dashboard. Investigate any drops.