Skip to main content

Securing Agents with Policies

An agent without policies is an open wallet. This guide walks through configuring the policies, alerts, and controls that make Conto valuable in production — from basic spend caps to x402 micropayment budgets.

Prerequisites

How Policies Work

Before diving in, three rules to remember:
  1. AND logic — All assigned policies are evaluated. The most restrictive outcome wins.
  2. First deny stops — If any policy returns DENY, evaluation stops immediately.
  3. Wallet limits first — Wallet-level per-transaction/daily/weekly/monthly limits are checked before policy rules.
Payment Request
  → Wallet Limits (per-tx, daily, weekly, monthly)
    → Org-Level Policies
      → Agent-Level Policies
        → Result: APPROVED / DENIED / REQUIRES_APPROVAL

Layer 1: Spending Limits

The foundation. Every production agent should have spend caps.

Daily Budget

Prevents a runaway agent from draining the wallet in a single day.
1

Create the policy

Go to PoliciesNew Policy.
FieldValue
NameDaily Budget: $100
Policy TypeSPEND_LIMIT
2

Add rule

FieldValue
Rule TypeDAILY_LIMIT
OperatorLTE
Value100
ActionALLOW
The agent can spend up to $100 per day across all transactions. Resets at midnight UTC.
3

Assign to agent

Go to the agent’s Permissions tab and assign this policy.

Per-Transaction Cap

Prevents any single large transaction, even if the daily budget has room.
FieldValue
Rule TypeMAX_AMOUNT
OperatorLTE
Value25
ActionALLOW
Add this as a second rule in the same policy, or create a separate policy. Both approaches work — Conto evaluates all rules regardless.

Human Approval for Large Payments

Automatically escalate payments above a threshold for human review.
FieldValue
NameApproval Above $50
Policy TypeAPPROVAL_THRESHOLD
Rule TypeREQUIRE_APPROVAL_ABOVE
OperatorGREATER_THAN
Value50
ActionREQUIRE_APPROVAL
Payments over $50 show up in Pending Approvals in the dashboard. The agent receives REQUIRES_APPROVAL and can poll or use webhooks to check status.
A common pattern: set MAX_AMOUNT to 200(harddenyabove)andREQUIREAPPROVALABOVEto200 (hard deny above) and REQUIRE_APPROVAL_ABOVE to 50 (human review in the middle). Payments under 50flowautomatically,50 flow automatically, 50-200needapproval,andabove200 need approval, and above 200 are blocked outright.

Layer 2: Counterparty Controls

Control who your agent can pay, not just how much.

Allowlist Known Recipients

Only permit payments to pre-approved addresses.
1

Create the policy

FieldValue
NameApproved Recipients Only
Policy TypeCOUNTERPARTY
2

Add rule

FieldValue
Rule TypeALLOWED_COUNTERPARTIES
ValueComma-separated list of addresses
ActionALLOW
Only addresses in this list can receive payments. All others are denied.

Block Specific Addresses

Alternatively, allow all recipients except specific blocked ones:
FieldValue
Rule TypeBLOCKED_COUNTERPARTIES
Value0xSuspiciousAddress1, 0xSuspiciousAddress2
ActionDENY

Trust Score Threshold

Require counterparties to have a minimum trust score before receiving payments:
FieldValue
Rule TypeTRUST_SCORE
OperatorGTE
Value0.5
ActionALLOW
New, unknown counterparties start with a low trust score. As transaction history builds, their score increases. See Trust Providers for how scoring works.

Layer 3: Time Controls

Restrict when your agent can make payments.

Business Hours Only

Allow payments Monday-Friday, 9am-6pm Eastern
1

Create the policy

FieldValue
NameBusiness Hours Only
Policy TypeTIME_RESTRICTION
2

Add time window rule

FieldValue
Rule TypeTIME_WINDOW
Start Time09:00
End Time18:00
TimezoneAmerica/New_York
ActionALLOW
3

Add day-of-week rule

FieldValue
Rule TypeDAY_OF_WEEK
ValueMON, TUE, WED, THU, FRI
ActionALLOW
Both rules must pass (AND logic). Payments outside business hours or on weekends are denied.

Blackout Periods

Block payments during specific date ranges (holidays, maintenance windows):
FieldValue
Rule TypeBLACKOUT_PERIOD
Start Date2025-12-24
End Date2025-12-26
ActionDENY

Layer 4: x402 Micropayment Controls

If your agent pays for APIs using the x402 protocol, add dedicated micropayment policies.

Cap Per API Call

Prevent a single expensive API call from draining the budget:
FieldValue
Rule TypeX402_MAX_PER_REQUEST
OperatorLTE
Value0.10
ActionALLOW
No single x402 payment can exceed $0.10.

Budget Per Service

Limit total spending on a specific API service:
FieldValue
Rule TypeX402_MAX_PER_SERVICE
OperatorLTE
Value50
ActionALLOW
Total spend per service domain cannot exceed $50.

Allowlist Approved Services

Only allow x402 payments to known API providers:
FieldValue
Rule TypeX402_ALLOWED_SERVICES
Valueapi.example.com, data.provider.io
ActionALLOW
Payments to any other x402 service domain are denied.

Layer 5: Alerts

Policies prevent bad transactions. Alerts tell you when something interesting happens. Go to Alerts in the sidebar and configure:
Alert TypeThresholdWhy
High-Value Transaction$50+Know when large payments execute
Spend Limit Warning80% of daily limitReact before the agent hits its cap
Low Balance$50 remainingTop up before payments start failing
Policy ViolationAnyTrack what the agent is trying to do that gets blocked
New CounterpartyFirst transactionKnow when the agent pays someone new

x402-Specific Alerts

If using x402 micropayments, also enable:
Alert TypeWhy
Price SpikeAPI suddenly charging more than usual
High FrequencyAgent making unusually many API calls
New ServiceAgent paying a service for the first time
Budget Burn RateApproaching x402 budget limits

Putting It Together: Example Configuration

Here’s a production-ready policy stack for a typical AI agent:
PolicyRulesEffect
Spend ControlsMAX_AMOUNT ≤ 50,DAILYLIMIT50, DAILY_LIMIT ≤ 200Hard caps on individual and daily spending
Human ReviewREQUIRE_APPROVAL_ABOVE $25Manager reviews payments 2525-50
Known RecipientsALLOWED_COUNTERPARTIES: [list]Only pays approved addresses
Business HoursTIME_WINDOW 9-18, DAY_OF_WEEK M-FNo weekend/overnight payments
x402 GuardrailsMAX_PER_REQUEST ≤ 0.10,MAXPERSERVICE0.10, MAX_PER_SERVICE ≤ 20Micropayment safety net
With this stack, the agent can:
  • Automatically pay up to $25 to known recipients during business hours
  • Request human approval for 2525-50 payments
  • Never exceed 50inasingletransactionor50 in a single transaction or 200/day
  • Pay for x402 APIs up to 0.10/calland0.10/call and 20/service

Verifying Your Policies

After setting up, verify with the setup endpoint: 
curl https://conto.finance/api/sdk/setup \
  -H "Authorization: Bearer $CONTO_API_KEY"
The policies array shows all active policies and their rules. Run a few test transactions to confirm enforcement before going live.

Troubleshooting

Policies must be assigned to the agent in the Permissions tab. Creating a policy doesn’t apply it automatically. Also verify the policy status is ACTIVE (not DRAFT or DISABLED).
Policies stack with AND logic. If you have 5 restrictive policies, the agent must pass all of them. Review each policy’s rules and consider loosening thresholds or removing redundant policies.
Organization-level policies apply to all agents and take priority. If an org policy caps transactions at 25,anagentlevelpolicyallowing25, an agent-level policy allowing 100 won’t override it. Check with your org admin.
Wallet-level limits (set when linking a wallet) are checked first and separately from policies. If the wallet per-transaction limit is 10butyourpolicyallows10 but your policy allows 50, the wallet limit wins. Edit wallet limits from the agent detail page.

Next Steps

Recipes

Copy-paste policy configurations for common scenarios

Advanced Policies

x402, MPP, geographic, and DeFi policy rules

Trust Providers

Counterparty trust scoring and verification

Policy Testing

Step-by-step policy enforcement testing