Skip to main content

Policy System

The policy system is the core of Conto’s spending controls. Policies define rules that govern how AI agents can spend funds.

What is a Policy?

A policy is a set of rules that determine whether a payment should be:
  • APPROVED - Payment can proceed
  • DENIED - Payment is blocked
  • REQUIRES_APPROVAL - Manual approval needed

Policy Types

Spend Limit

Control maximum amounts per transaction, day, week, or month

Time Window

Restrict transactions to specific hours and days

Counterparty

Control which recipients are allowed based on trust

Geographic

OFAC sanctions screening and country restrictions, built-in and configurable

AgentScore Compliance

Require verified humans, enforce jurisdiction allowlists, and trigger identity step-up before settlement

Category

Allow or block specific spending categories

Contract Allowlist

Restrict interactions to approved smart contracts and protocols via Contract Registry

Approval Threshold

Require manual approval above certain amounts

Velocity

Limit transaction frequency to prevent rapid drain

Whitelist

Only allow specific pre-approved addresses

x402 Controls

Price ceilings, service allowlists, and session budget caps for x402 micropayments

MPP Controls

Session budgets, concurrency limits, and duration caps for MPP payments

Budget Allocation

Allocate budgets by department or project with period tracking

Expiration

Time-limited permissions with start and end dates

Card Payment

MCC restrictions, merchant filtering, and amount limits for card payments

Policy Evaluation

Policies are evaluated fail-closed. When multiple policies are assigned, all must pass. The first DENY stops evaluation immediately.

Evaluation Order

  1. Pre-checks: Agent must be ACTIVE with linked wallets
  2. Geographic & Sanctions: OFAC country check + address sanctions screening (always active, no policy needed)
  3. Counterparty Trust: Pre-fetch trust level and network trust score for use in policy rules
  4. Wallet Policies: Spend limits, wallet-level time windows (timezone-aware), and other configured policy rules
  5. Merchant Identity Gates: Optional AgentScore assess results can add verified-human, KYC, sanctions, and jurisdiction context before final settlement
  6. Counterparty Rules: Block list, trust requirements, network intelligence
  7. Relationship Limits: Per-counterparty spend limits from AgentRelationship records
  8. Final Decision: Aggregate results
Protocol-specific budget rules only count matching protocol transactions. x402 session budgets use the x402 sessionId recorded with each payment, and MPP session budgets use the MPP sessionId, so ordinary wallet transfers do not reduce protocol session allowance.
The default local sanctions provider now reads from Conto’s SanctionedAddress table instead of a hardcoded demo list. That table is seeded by migration with known high-confidence OFAC matches and refreshed by the sanctions-list-refresh background job, so sanctions screening starts with a safe baseline even before the first feed sync completes.

Evaluation Semantics

Policy rules use simple AND logic. Every active policy assigned to the selected agent or wallet is evaluated, and every rule inside those policies must pass unless it is a DENY or REQUIRE_APPROVAL trigger that does not match.
priority is sort order, not override precedence. A higher-priority ALLOW cannot override a lower-priority deny or a failed allowlist. Use one wider allowlist rule when you need alternatives, not two competing policies.
For a hands-on walkthrough of how evaluation works, see the Policy Testing guide.

Creating Policies

Via Dashboard

1

Navigate to Policies

Go to Policies in the sidebar and click Create Policy.
2

Configure Policy

3

Add Rules

Define the specific rules for this policy.
4

Assign to Agents

Select which agents this policy applies to.

Via API

Policy Properties

Assigning Policies

Policies can be assigned to:
  • Agents - Apply to specific agents
  • Wallets - Apply to specific wallets
  • Cards - Apply to specific payment cards

Assign to Card

Assign to Agent

Example: Standard Agent Setup

A typical agent configuration with multiple policies:

Best Practices

Create policies at different priority levels to make evaluation and debugging easier:
  • HIGH (90-100): Security/Compliance (sanctions, blocked addresses)
  • MEDIUM (40-60): Business Rules (limits, time windows)
  • LOW (0-20): Defaults (catch-all rules)
Priority changes evaluation order only. It does not let an allow rule override a stricter rule that runs later.
Begin with strict policies and relax based on operational needs. Recommended starting limits for new agents: 100/tx,100/tx, 500/day, $5,000/month.
  • Day 1: $100/day limit, 3 trusted vendors
  • Week 2: $500/day, add 5 more vendors
  • Month 2: $1,000/day, category-based restrictions
Note: Auto-created wallet defaults are higher (daily: 1,000,weekly:1,000, weekly: 5,000, monthly: $20,000). Override these with policy-level limits for tighter control.
Don’t block high-value transactions entirely - require approval:
Use descriptions to explain policy intent:

Available Rule Types

The value formats and operators for rule types live in Advanced Policies. Quick index:

Violation Details

When a payment is denied, detailed violation info is returned:
Each violation includes a source field indicating whether the denial came from a wallet-level limit ("wallet_limit") or a policy rule ("policy_rule"). Policy rule violations also include policyName.

Engine Architecture

Each rule type is evaluated by a dedicated strategy module. The engine looks up the strategy for a rule’s ruleType from a registry and delegates evaluation. New rule types can be added without modifying the core engine, register a new strategy and update the SKILL.md docs.

Next Steps

Spend Limits

Configure amount-based limits

Time Windows

Set up time-based restrictions