Waiting for on-chain confirmation
Signing on Sepolia, this takes ~10-15s

⛓ ENS AgentGate

Policy-based access control for wallet-native agents

🔧 Protected Tools

  • GET /tool/hello
  • GET /tool/private-signal

📋 Current Policy

ENS NameLabelStatusAllowed ToolsKill switch (ENS)Actions
*.myagent1.eth fleet Fleet root active hello, private-signal live
worker2.myagent1.eth Fleet worker active hello, private-signal live
myagent1.eth Fleet root (owner) active hello, private-signal live

Add / Update Agent

📊 Recent Events auto-refresh 5s

No events recorded yet. Authenticate an agent to see activity.

👛 Wallet Demo

Reverse ENS is attempted after wallet connection. You can edit the ENS name before signing.
Walletnot connected
Reverse ENSnot checked
Sessionnot signed in
Ready.

🤖 Agent Instructions

  1. Step 0: Optional reverse lookup with GET /auth/reverse-ens?address=0x...
  2. Step 1: POST /auth/challenge with { "ensName": "...", "address": "0x..." }
  3. Step 2: Sign the returned message with your wallet signer (EIP-191)
  4. Step 3: POST /auth/verify with { "ensName": "...", "address": "0x...", "signature": "0x..." }
  5. Step 4: Use the returned sessionToken as Authorization: Bearer <sessionToken>
  6. Step 5: Call GET /tool/hello and GET /tool/private-signal

👤 Admin / Demo Instructions

  1. Add your agent's ENS name using the policy form
  2. Select which tools the agent is allowed to access
  3. Connect a wallet whose address matches that ENS record
  4. Sign the SIWE challenge in the wallet popup
  5. Call protected tools and watch recent events update after page refresh

Fleet mode: add *.myfleet.eth to grant a whole namespace once. Spawn workers with their own keys via npm run fleet -- spawn worker1, fire one on-chain with npm run fleet -- revoke worker1 (access dies mid-session), or pause the entire fleet by setting agentgate.revoked=true on the root name.