Cloaked Agent
Give AI agents spending power without giving them your wallet keys. Cloaked creates on-chain spending accounts with enforced constraints that agents cannot bypass - even if jailbroken or compromised.
Cloaked
Trustless spending accounts for AI agents on Solana
The Problem
AI agents need to spend money autonomously. But giving them wallet access is dangerous:
- Jailbroken agent? Drains your wallet
- Bug in agent code? Infinite spending loop
- Prompt injection? Attacker controls your funds
Agent-side limits don't work - the agent has the keys and can bypass its own rules.
The Solution
On-chain enforced constraints that agents literally cannot bypass.
┌─────────────────────────────────────────────────────────────────┐
│ CLOAKED AGENT │
├─────────────────────────────────────────────────────────────────┤
│ Owner: Human wallet (full control) │
│ Delegate: AI agent key (can spend within limits) │
│ │
│ Constraints (enforced by Solana program): │
│ ├── max_per_tx: 0.1 SOL │
│ ├── daily_limit: 1 SOL │
│ ├── total_limit: 10 SOL │
│ ├── expires_at: 2026-02-15 │
│ └── token_limits: │
│ └── USDC: 5/tx, 50/day, 500 total │
│ │
│ Even if jailbroken, agent CANNOT exceed these limits. │
└─────────────────────────────────────────────────────────────────┘
Privacy Architecture
Cloaked offers dual-mode privacy:
Standard Mode
- Owner wallet linked to agent on-chain
- Simple setup, lower fees
Private Mode (ZK)
- Zero-knowledge proofs hide wallet-agent link
- Owner proves ownership without revealing identity
- Funded anonymously via Privacy Cash
┌─────────────────────────────────────────────────────────────────┐
│ PRIVACY STACK │
├─────────────────────────────────────────────────────────────────┤
│ ZK Circuits: Noir (Aztec) │
│ Client Prover: Barretenberg (UltraHonk via WASM) │
│ On-chain Verify: Sunspot (Groth16 on Solana) │
│ Hash Function: Poseidon (ZK-friendly) │
│ Anonymous Funding: Privacy Cash (privacycash.org) │
└─────────────────────────────────────────────────────────────────┘
Private Agent Creation:
Wallet signs message → Master secret derived → Commitment generated
On-chain: owner_commitment (hash), NOT wallet address
To manage: Prove knowledge of preimage via ZK proof
Technology Stack
| Component | Technology |
|---|---|
| Blockchain | Solana |
| RPC | Helius |
| Smart Contract | Anchor Framework |
| ZK Proofs | Noir + Barretenberg + Sunspot |
| Frontend | Next.js 16, React 19, TypeScript |
| Backend | Express.js (Relayer) |
| AI Integration | MCP (Model Context Protocol) |
| Token Support | USDC |
| x402 Payments | Native support |
Program IDs (Devnet)
Cloaked Program: 3yMjzAeXXc5FZRUrJ1YqP4YMPhPd5bBxHQ6npNSPCUwB
ZK Verifier: G1fDdFA16d199sf6b8zFhRK1NPZiuhuQCwWWVmGBUG3F
Key Features
1. On-Chain Constraints
- Per-transaction limits
- Daily spending caps
- Lifetime limits
- Expiration dates
- Instant freeze
2. Privacy Options
- Standard mode (simple)
- Private mode (ZK proofs)
- Anonymous funding (Privacy Cash)
3. x402 Protocol Support
- Automatic payment handling
- Pay-per-use APIs
- AI service payments
4. Multi-Agent Dashboard
- Create/manage multiple agents
- Real-time spending visibility
- One-click freeze
5. USDC Token Support
- USDC with per-token spending constraints
- Same on-chain enforcement as SOL
- Token balance visibility in dashboard
Quick Start
For AI Agents (MCP)
{
"mcpServers": {
"cloaked": {
"command": "npx",
"args": ["cloaked-mcp"],
"env": {
"CLOAKED_AGENT_KEY": "your-agent-key-here"
}
}
}
}
The agent can pay in SOL or USDC - pass token: "USDC" to cloak_pay.
For Developers (SDK)
npm install @cloakedagent/sdk
import { CloakedAgent } from "@cloakedagent/sdk";
// Load agent (can spend)
const agent = new CloakedAgent(agentKey, rpcUrl);
// Spend within limits
await agent.spend({
destination: recipientPubkey,
amount: 100_000_000 // 0.1 SOL
});
// Spend USDC (requires token enabled on agent)
await agent.spendToken({
destination: recipientPubkey,
mint: USDC_MINT,
amount: 5_000_000 // 5 USDC (6 decimals)
});
Project Structure
cloaked/
├── programs/cloaked/ # Anchor program (constraints, ZK verification)
├── circuits/ # Noir ZK circuits (ownership proofs)
├── app/ # Next.js frontend (dashboard, docs)
├── backend/ # Express relayer (fee payer, ZK ops)
└── sdk/ # TypeScript SDK (@cloakedagent/sdk)
└── src/mcp/ # MCP server (cloaked-mcp binary)
Documentation
Full documentation available at cloakedagent.com/docs
Why Cloaked?
| Problem | Cloaked Solution |
|---|---|
| AI can drain wallet | On-chain limits can't be bypassed |
| No spending visibility | Real-time dashboard |
| Can't stop runaway agent | Instant freeze |
| Wallet identity exposed | Private mode with ZK proofs |
| Complex integrations | Native x402 support |
Cloaked - Trustless spending accounts for AI agents
Related Servers
Smart-Thinking
An advanced MCP server for multi-dimensional, adaptive, and collaborative reasoning.
Plex MCP Server
An MCP server for managing your Plex media library with AI assistants.
Data Wallets MCP
It connects Agents to data wallet with DID and verifiable credentials
LIFX
Control LIFX smart lights through the LIFX HTTP API.
Withings
MCP server for Withings health data integration
trainedby.ai
Connect wearables to ChatGPT, so your AI coach knows you without typing a word
Vigil
System Scanner for Vulnerabilities
BSC MultiSend MCP
Perform bulk BNB and BEP20 token transfers on the BNB Smart Chain (BSC).
Weather MCP
An API for AI models to fetch weather data.
AI Endurance
AI coach for running, cycling, triathlon