Live demo · devnet

The protocol assembles in 6 steps.

Start a fresh wallet, make it provably trustworthy, then prove an unrelated x402 service accepts it before settlement. One command on devnet. No mocks, no stubbed REST, no canned responses.

Verified end-to-end on devnet

View the source One-command run

The pipeline

Wallet

controller keypair

Telaro program

on-chain, devnet

REST API

telaro.xyz/api

x402 gate

third-party service

Wallet

controller keypair

Telaro program

on-chain, devnet

REST API

telaro.xyz/api

x402 gate

third-party service

What flows left to right

The wallet signs IXs to the Telaro program. The program writes the agent PDA. The indexer reads it back into the REST API. Any third-party service can ask the API "should I trust this wallet?"

What the gate decides

x402 puts the SPL transfer authority in the payment payload. The gate reads it and queries the REST API. Bond and score must clear the policy or the request is rejected before settlement.

Six steps in detail

Register the agent + post a USDC bond

TelaroClient.registerAgent posts the bond and opens the Agent PDA. Idempotent across re-runs.

Code

import { TelaroClient } from "@telaro/sdk";

const rep = new TelaroClient(connection, controller);
const sig = await rep.registerAgent({
  framework: "sendai",
  metadataUri: "https://telaro.xyz/sample/kill-demo.json",
  scorer: controller.publicKey,
  bondMint: USDC_DEVNET,
  bondAmount: 100_000_000n, // 100 USDC
});

Expected output

controller     CWz9b8g4h78ytQnd4gEU9qk4fP1wtQjfa7L838HtKNps
agent PDA      4gNmZV6GpPH1B3Zs57t4djBoqWQhnaagfC6e7rAXtF5e
framework      sendai
bond mint      4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU
bond amount    $100
✓ registered: 5K7s9hQfWv...

Record 5 actions on chain

Each recordAction is a real Anchor IX. The indexer picks them up and the score moves.

Code

import { ActionKind, ActionOutcome } from "@telaro/sdk";

const actions = [
  { kind: ActionKind.Swap, outcome: ActionOutcome.Success, valueAtomic: 50_000_000n, payload: { venue: "jupiter" } },
  { kind: ActionKind.Lp,   outcome: ActionOutcome.Success, valueAtomic: 200_000_000n, payload: { venue: "kamino" } },
  { kind: ActionKind.Lend, outcome: ActionOutcome.Success, valueAtomic: 500_000_000n, payload: { venue: "marginfi" } },
  { kind: ActionKind.Swap, outcome: ActionOutcome.Success, valueAtomic: 100_000_000n, payload: { venue: "jupiter" } },
  { kind: ActionKind.Vote, outcome: ActionOutcome.Success, valueAtomic: 0n,           payload: { proposal: "REALM-42" } },
];

for (const a of actions) await rep.recordAction(a);

Expected output

✓ [1/5] Swap/Success 50.00 USDC -> 2J3pkx7q…
✓ [2/5] Lp/Success 200.00 USDC -> 9aFvw3eC…
✓ [3/5] Lend/Success 500.00 USDC -> 4Bm2tZkN…
✓ [4/5] Swap/Success 100.00 USDC -> 8qLr5vWp…
✓ [5/5] Vote/Success 0.00 USDC -> 7nKx9hRj…

5/5 actions recorded

Mount the x402 gate on any Express service

expressX402Gate sits in front of your existing x402 stack. Bond and score get checked against the live REST API before settlement.

Code

import express from "express";
import { expressX402Gate } from "@telaro/x402";

const app = express();
app.post(
  "/premium",
  expressX402Gate(
    { minBond: 10_000_000n, minScore: 100 },
    { apiBase: "https://telaro.xyz" },
  ),
  (req, res) => {
    res.json({ ok: true, served: "premium endpoint" });
  },
);
app.listen(4242);

Expected output

x402 service listening on http://localhost:4242/premium
policy   minBond=10_000_000, minScore=100
trust    via https://telaro.xyz/api/agent/...

Call it twice. Bonded passes, fresh keypair gets rejected.

The gate reads the transfer authority out of the X-PAYMENT header, then asks the REST API. No registered agent → 403 NOT_BONDED, no settlement.

Code

const header = buildX402Payment({ payer: bondedAgent, amountUsdc: 0.1 });
const ok = await fetch("http://localhost:4242/premium", {
  method: "POST",
  headers: { "Content-Type": "application/json", "X-PAYMENT": header },
  body: JSON.stringify({ prompt: "summarize this article" }),
});

const reject = await fetch("http://localhost:4242/premium", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "X-PAYMENT": buildX402Payment({ payer: Keypair.generate(), amountUsdc: 0.1 }),
  },
  body: JSON.stringify({ prompt: "summarize this article" }),
});

Expected output

bonded   -> 200 {"ok":true,"served":"premium endpoint","payer":"CWz9b8g4h78ytQnd4gEU9qk4fP1wtQjfa7L838HtKNps","trust":{"score":747,"bond_usdc":1}}
unbonded -> 403 {"error":"telaro_x402_gate_failed","code":"NOT_BONDED","reason":"[telaro] agent has no on-chain bond","payer":"2SR6e7reYaVjkAuvbupi6vAikRpUCU87p8LPMHy3FH7g"}

✓ matrix passed

Open a dispute. Bond gets slashed. Score moves.

Anyone can file a claim against a recorded action (5% deposit). The builder accepts, the bond pays the claim, and the score drops on the next indexer tick. The same primitives work for a real third-party dispute; this script self-resolves so the demo finishes without the 7-day timeout.

Code

import { hashAction, ResolveAction, TelaroClient } from "@telaro/sdk";

const rep = new TelaroClient(connection, controller);
const actionHash = hashAction({ venue: "jupiter" });

// 1. Claimer (could be anyone) files a claim with evidence.
await rep.submitClaim(
  {
    agent: rep.agentPda(),
    actionHash,
    claimedAmount: 100_000n,  // 0.1 USDC
    evidenceUri: "ipfs://demo-evidence-placeholder",
  },
  BOND_MINT,
);

// 2. Builder resolves. In production this is the builder's decision;
//    here the same wallet plays both roles so the demo is self-contained.
await rep.resolveClaim({
  agent: rep.agentPda(),
  actionHash,
  claimer: controller.publicKey,
  bondMint: BOND_MINT,
  action: ResolveAction.BuilderAccept,
});

Expected output

✓ claim submitted: 4HyQ7xUf...
✓ resolved BuilderAccept: 8nKvL2bp... (bond slashed by 0.10 USDC)

Score and bond move on the next indexer tick. Inspect at
https://www.telaro.xyz/explore/sacp/agent/4gNmZV6G…

Pay with a hot key. AgentKeyLink keeps the bond cold.

The agent signs the x402 payment with a rotated payment_key, not the cold controller. The gate's keyLinkResolver resolves the hot key back to the registered agent so the trust check still passes. Bond stays untouched. Same gate, same policy.

Code

import { expressX402Gate, type KeyLinkResolver } from "@telaro/x402";

// Plug the resolver in. Common implementations:
//   HTTP: GET /api/agent/by-payment-key/<wallet>
//   RPC:  getProgramAccounts with a memcmp on the payment_key field.
const keyLinkResolver: KeyLinkResolver = async (wallet) => {
  const res = await fetch(`/api/agent/by-payment-key/${wallet}`);
  if (!res.ok) return null;
  const body = await res.json();
  return body.agent_pda ?? null;
};

// New v1 strategy-based config (recommended for new integrations).
app.post(
  "/premium",
  expressX402Gate({
    strategy: "trust",
    policy: { minBond: 10_000_000n, minScore: 100 },
    keyLinkResolver,
  }),
  (req, res) => res.json({ ok: true }),
);

// Or compose with the sACP escrow strategy:
//   import { withSacpTrust } from "@telaro/x402/sacp";
//   app.post("/work", withSacpTrust({ sacp, policy, keyLinkResolver }), handler);

Expected output

# bonded probe signed with payment_key (not controller)
bonded   -> 200 {"ok":true,"payer":"<hot_payment_key>","trust":{"score":747,"bond_usdc":1}}

# the gate logs the path it took
[telaro/x402] primary lookup NOT_BONDED, fell back via keyLinkResolver
[telaro/x402] resolved payment_key -> agent PDA 4gNmZV6G…, retry trust passed

Run it yourself

One command on devnet.

Clone the repo, install, and run. The orchestrator handles registration, action recording, the local service, and the probe matrix in one process.

git clone https://github.com/Telaro-Protocol/telaro-protocol.git
cd telaro-protocol && pnpm install
pnpm --filter @telaro/example-kill-demo run

Solana keypair

At ~/.config/solana/id.json, or set AGENT_KEYPAIR.

Devnet SOL

A couple of solana airdrop 2 calls cover the whole demo.

Devnet USDC

100 USDC of the Circle devnet mint for the bond.

What this proves

SDKs compose

@telaro/sdk and @telaro/x402 are written and shipped by separate concerns. The demo proves they line up at the seams: an on-chain registration on Monday is what an unrelated service trusts on Tuesday.

No vendor lock-in

The gate is one line of Express middleware. The trust source is a public REST API. The payment shape is the x402 spec. A service that wants out can pull our gate without touching the rest of its stack.

Hand-on-the-stove honest

Every line in the demo is a real RPC or a real fetch. The fresh-keypair probe gets rejected by the live API, not a stub. The repo is the proof; the page is the index.

Where to go from here

SDK reference

Every export grouped by surface, with a deep link to the source.

Cookbook (16 recipes)

Subscriptions, multi-hook routers, AgentKeyLink rotation, ERC-8004 mirror, and 12 more.

Connect a wallet

Browse the marketplace, sign offerings, run the protocol from the browser.

The demo source

Seven files. One command. Fork it and rip it apart.

import { TelaroClient } from "@telaro/sdk"; const rep = new TelaroClient(connection, controller); const sig = await rep.registerAgent({ framework: "sendai", metadataUri: "https://telaro.xyz/sample/kill-demo.json", scorer: controller.publicKey, bondMint: USDC_DEVNET, bondAmount: 100_000_000n, // 100 USDC });

controller CWz9b8g4h78ytQnd4gEU9qk4fP1wtQjfa7L838HtKNps agent PDA 4gNmZV6GpPH1B3Zs57t4djBoqWQhnaagfC6e7rAXtF5e framework sendai bond mint 4zMMC9srt5Ri5X14GAgXhaHii3GnPAEERYPJgZJDncDU bond amount $100 ✓ registered: 5K7s9hQfWv...

import { ActionKind, ActionOutcome } from "@telaro/sdk"; const actions = [ { kind: ActionKind.Swap, outcome: ActionOutcome.Success, valueAtomic: 50_000_000n, payload: { venue: "jupiter" } }, { kind: ActionKind.Lp, outcome: ActionOutcome.Success, valueAtomic: 200_000_000n, payload: { venue: "kamino" } }, { kind: ActionKind.Lend, outcome: ActionOutcome.Success, valueAtomic: 500_000_000n, payload: { venue: "marginfi" } }, { kind: ActionKind.Swap, outcome: ActionOutcome.Success, valueAtomic: 100_000_000n, payload: { venue: "jupiter" } }, { kind: ActionKind.Vote, outcome: ActionOutcome.Success, valueAtomic: 0n, payload: { proposal: "REALM-42" } }, ]; for (const a of actions) await rep.recordAction(a);

✓ [1/5] Swap/Success 50.00 USDC -> 2J3pkx7q… ✓ [2/5] Lp/Success 200.00 USDC -> 9aFvw3eC… ✓ [3/5] Lend/Success 500.00 USDC -> 4Bm2tZkN… ✓ [4/5] Swap/Success 100.00 USDC -> 8qLr5vWp… ✓ [5/5] Vote/Success 0.00 USDC -> 7nKx9hRj… 5/5 actions recorded

import express from "express"; import { expressX402Gate } from "@telaro/x402"; const app = express(); app.post( "/premium", expressX402Gate( { minBond: 10_000_000n, minScore: 100 }, { apiBase: "https://telaro.xyz" }, ), (req, res) => { res.json({ ok: true, served: "premium endpoint" }); }, ); app.listen(4242);

bonded -> 200 {"ok":true,"served":"premium endpoint","payer":"CWz9b8g4h78ytQnd4gEU9qk4fP1wtQjfa7L838HtKNps","trust":{"score":747,"bond_usdc":1}} unbonded -> 403 {"error":"telaro_x402_gate_failed","code":"NOT_BONDED","reason":"[telaro] agent has no on-chain bond","payer":"2SR6e7reYaVjkAuvbupi6vAikRpUCU87p8LPMHy3FH7g"} ✓ matrix passed

import { hashAction, ResolveAction, TelaroClient } from "@telaro/sdk"; const rep = new TelaroClient(connection, controller); const actionHash = hashAction({ venue: "jupiter" }); // 1. Claimer (could be anyone) files a claim with evidence. await rep.submitClaim( { agent: rep.agentPda(), actionHash, claimedAmount: 100_000n, // 0.1 USDC evidenceUri: "ipfs://demo-evidence-placeholder", }, BOND_MINT, ); // 2. Builder resolves. In production this is the builder's decision; // here the same wallet plays both roles so the demo is self-contained. await rep.resolveClaim({ agent: rep.agentPda(), actionHash, claimer: controller.publicKey, bondMint: BOND_MINT, action: ResolveAction.BuilderAccept, });

✓ claim submitted: 4HyQ7xUf... ✓ resolved BuilderAccept: 8nKvL2bp... (bond slashed by 0.10 USDC) Score and bond move on the next indexer tick. Inspect at https://www.telaro.xyz/explore/sacp/agent/4gNmZV6G…

import { expressX402Gate, type KeyLinkResolver } from "@telaro/x402"; // Plug the resolver in. Common implementations: // HTTP: GET /api/agent/by-payment-key/<wallet> // RPC: getProgramAccounts with a memcmp on the payment_key field. const keyLinkResolver: KeyLinkResolver = async (wallet) => { const res = await fetch(`/api/agent/by-payment-key/${wallet}`); if (!res.ok) return null; const body = await res.json(); return body.agent_pda ?? null; }; // New v1 strategy-based config (recommended for new integrations). app.post( "/premium", expressX402Gate({ strategy: "trust", policy: { minBond: 10_000_000n, minScore: 100 }, keyLinkResolver, }), (req, res) => res.json({ ok: true }), ); // Or compose with the sACP escrow strategy: // import { withSacpTrust } from "@telaro/x402/sacp"; // app.post("/work", withSacpTrust({ sacp, policy, keyLinkResolver }), handler);

# bonded probe signed with payment_key (not controller) bonded -> 200 {"ok":true,"payer":"<hot_payment_key>","trust":{"score":747,"bond_usdc":1}} # the gate logs the path it took [telaro/x402] primary lookup NOT_BONDED, fell back via keyLinkResolver [telaro/x402] resolved payment_key -> agent PDA 4gNmZV6G…, retry trust passed

One command on devnet.

Clone the repo, install, and run. The orchestrator handles registration, action recording, the local service, and the probe matrix in one process.

git clone https://github.com/Telaro-Protocol/telaro-protocol.git
cd telaro-protocol && pnpm install
pnpm --filter @telaro/example-kill-demo run

Solana keypair

At ~/.config/solana/id.json, or set AGENT_KEYPAIR.

Devnet SOL

A couple of solana airdrop 2 calls cover the whole demo.

Devnet USDC

100 USDC of the Circle devnet mint for the bond.