txfence

policy ✓chain allowed

policy ✓within spend cap

policy ✓contract on allowlist

simulate✓no revert detected

approve —below threshold, skipping

execute ✓0x4a3f…c291

The policy layer for autonomous agents. Simulation, spending controls, and human-in-the-loop — as first-class primitives.

get started →github ↗

$npm install @txfence/core

v0.46.0 · 600+ tests passing · MIT · CI green

Autonomous agents fail in ways that aren't obvious.

14:02:31.004agent-areads cap: $24,000 remaining

14:02:31.089agent-breads cap: $24,000 remaining

14:02:31.201agent-asubmits: $20,000 transfer

14:02:31.203agent-bsubmits: $20,000 transfer

14:02:31.441agent-aconfirmed ✓

14:02:31.443agent-bconfirmed ✓

$44,000 spentagainst a $25,000 cap

txfence prevents this · cap locking, two-phase acquire/commit/release

Every transaction goes through the fence.

Four stages. Every transaction. No exceptions.

policy check

six checks. any failure stops here.

chain · spend cap · allowlist · slippage · gas buffer · simulation required

simulation

eth_call or tenderly. would it revert?

gas estimate · coverage level · caveats · block on revert

human approvaloptional

optional. webhook + HMAC. cancel on timeout.

above threshold only · HMAC-signed payload · cancel is the hard default

execution

signed. broadcast. receipt stored.

audit log recorded · monitor reconciled · receipt stored

What txfence protects against

14 documented failure modes. Full or partial protection for each.

failure modeprotection

slippage overrunfull

cross-chain intent replayfull

execute-on-timeoutfull

spend cap race conditionfull

simulation-execution div.partial

unintended proxy targetpartial

stale allowlistpartial

gas estimation failurepartial

MEV sandwich attackfull

unauthorized approval exec.full

policy configuration bugfull

audit trail tamperingfull

behavioral pattern attacksfull

multi-step partial failurefull

full — enforced unconditionally · partial — bounded by simulation accuracy

One policy engine. Three ecosystems.

Same API. Same policy shape. Different chains.

··

EVM & L2s

Supports: Ethereum, Arbitrum, Optimism, Base

—Tenderly deep simulation with full call traces, state diffs, and decoded logs
—eth_call fallback when Tenderly is not configured
—viem-based signing and broadcasting
—Contract metadata verification with bytecode hash pinning

agent.ts

import { createAgent } from '@txfence/core'
import {
  simulateEvmAction,
  executeEvmAction,
  privateKeySigner
} from '@txfence/evm'

const agent = createAgent(
  { chains: ['ethereum'], policies: { /* ... */ }, signer },
  { ethereum: { simulate: simulateEvmAction } },
  { ethereum: 'https://ethereum.publicnode.com' },
  (action, chainId, rpcUrl, evalResult, sim) =>
    executeEvmAction(action, chainId, rpcUrl, signer, evalResult, sim)
)

14 packages. One mission.

Everything you need to deploy policy-gated autonomous agents across chains.

@txfence/coreCore

Policy engine, agent orchestration, cap locking, receipt storage, webhook approval

npm install @txfence/core

@txfence/evmChain

EVM chain adapter with Tenderly deep simulation (Ethereum, Arbitrum, Optimism, Base)

npm install @txfence/evm

@txfence/solanaChain

Solana chain adapter with Jupiter and aggregator compatibility

npm install @txfence/solana

@txfence/cosmosChain

Cosmos chain adapter (Cosmos Hub, Osmosis), IBC-ready

npm install @txfence/cosmos

@txfence/redisInfra

Redis-backed cap lock provider with atomic Lua scripts for multi-agent environments

npm install @txfence/redis

@txfence/storage-pgInfra

PostgreSQL receipt storage with idempotent upserts and indexed queries

npm install @txfence/storage-pg

@txfence/storage-sqliteInfra

SQLite receipt storage for local development and single-process staging

npm install @txfence/storage-sqlite

@txfence/auditTooling

Append-only audit log capturing every policy decision, rejection, and execution outcome

npm install @txfence/audit

@txfence/monitorTooling

On-chain reconciliation monitor — detects unrecorded transactions and chain reorgs

npm install @txfence/monitor

@txfence/verifyTooling

Formal policy verification — bounded model checking, counterexample generation, and adversarial stress testing

npm install @txfence/verify

@txfence/provenanceTooling

Cryptographic provenance chains with hash chaining, Merkle proofs, and tamper-evident audit trails

npm install @txfence/provenance

@txfence/mcpTooling

MCP server exposing txfence as tools for any MCP-compatible AI assistant

npm install @txfence/mcp

@txfence/cliTooling

Command-line interface: simulate, submit, diff, and check policies from the terminal

npm install @txfence/cli

@txfence/reactTooling

Seven React hooks (useAgent, useSubmit, useSimulate, useReceipt, useDryRun, useIntentSubmit, useAgentHealth) for building frontends on top of txfence agents

npm install @txfence/react

@txfence/integrationDev

Anvil integration tests and more packages in development

npm install @txfence/integration

Three lines to a policy-gated agent.

Set your policies. Submit actions. txfence handles the rest.

quick-start.ts

import { createAgent } from '@txfence/core'
import type { Policy } from '@txfence/core'
import { simulateEvmAction, executeEvmAction, privateKeySigner } from '@txfence/evm'

const signer = privateKeySigner(process.env.PRIVATE_KEY as `0x${string}`)

const policy: Policy = {
  chains:                 ['ethereum'],
  maxSpendPerTx:          { token: 'USDC', amount: 1000n, decimals: 6 },
  allowedContracts:       [{ address: '0xYOUR_CONTRACT', chain: 'ethereum' }],
  requireSimulation:      true,
  gasBufferMultiplier:    1.2,
  humanApprovalThreshold: { token: 'USDC', amount: 10000n, decimals: 6 },
  humanApprovalTimeoutMs: 30000,
  capLockMode:            'per-agent',
}

const agent = createAgent(
  { chains: ['ethereum'], policies: policy, signer },
  { ethereum: { simulate: simulateEvmAction } },
  { ethereum: 'https://ethereum.publicnode.com' },
  (action, chainId, rpcUrl, evaluation, simulation) =>
    executeEvmAction(action, chainId, rpcUrl, signer, evaluation, simulation)
)

const result = await agent.submit({
  action: {
    kind:  'transfer',
    chain: 'ethereum',
    token: { token: 'ETH', amount: 100000000000000000n, decimals: 18 },
    to:    '0xRECIPIENT',
  },
  policy,
})

switch (result.status) {
  case 'success':
    console.log('tx hash:', result.receipt.txHash)
    break
  case 'policy_rejected':
    console.log('rejected:', result.evaluation.rejectionReason)
    break
  case 'simulation_failed':
    console.log('simulation failed:', result.simulation.caveats)
    break
  case 'approval_timeout':
    console.log('approval required above threshold')
    break
  case 'execution_failed':
    console.log('failed:', result.reason)
    break
}

read the full documentation →

Start building policy-gated agents.

Self-hosted. MIT licensed. Runs on your infrastructure.
600+ tests. 14 packages. Production-ready.

get started →github ↗

$npm install @txfence/core