ThoughtProof × AgentKit — reasoning verification layer for autonomous payments #980
Description
The Problem
AgentKit gives AI agents wallets and onchain capabilities. That's the right architecture.
One piece is missing: a way to verify the agent's reasoning before a payment fires. Tool injection, goal drift, and prompt injection are now a realistic attack surface on autonomous spending agents.
What We Built
ThoughtProof is an external multi-model verification layer for AI reasoning chains. We ran a 500-chain red-team benchmark against adversarial payment reasoning:
| Attack Type | Detection Rate |
|---|---|
| Social Engineering | 97.8% |
| Steganographic | 97.8% |
| Goal Drift | 95.6% |
| Dual Chain | 91.1% |
| Prompt Injection | 88.9% |
| Overall | 94.4% |
| False Positive Rate | 0.0% |
Key finding: a model that generates adversarial chains cannot detect them as a verifier (0% recall in both roles). Generator ≠ verifier is now a hard protocol requirement.
The Integration
One line of code, zero changes to AgentKit:
import { potPay } from '@pot-sdk2/pay';
const client = potPay.wrap(agentKitClient, { policy: 'tiered' });
await client.pay({ amount: 50, currency: 'USDC', resource: url, reasoningChain });Tiered policy: < $0.50 skip → $0.50–$100 async → > $100 sync pre-payment.
x402 RFC
We also submitted a related RFC to coinbase/x402 for optional X-402-Attestation-* headers — fully additive, no breaking changes.
The Question
Would the AgentKit team be interested in a native integration or a joint RFC? Happy to discuss here or async.
Raul Jäger — ThoughtProof Protocol
raul@thoughtproof.ai | thoughtproof.ai | npm: @pot-sdk2/pay