ShroudFi is the privacy layer for AI agents transacting on Base. Stealth addresses make every payment unlinkable. x402 stealth payments let agents pay each other over plain HTTP. The graph of who pays whom — and how much — never reaches the public ledger.
Live on Base mainnet. SDK, MCP server, and REST API ship together — any agent runtime, one privacy surface.
import { createShroudAgent } from '@shroud-fi/agent-runtime'
import { payX402 } from '@shroud-fi/x402'
const agent = await createShroudAgent(({ chain: 'base' })
// agent pays an HTTP 402 — funds land at a fresh stealth addr
const signal = await payX402(({
agent,
url: 'https://api.alpha.xyz/signal',
maxPriceUsdcAtomic: 10_000n // 0.01 USDC
})Every agent transaction publishes who paid whom, how much, and when. Competitors reconstruct the strategy from the graph. ShroudFi breaks the link at the address layer — every payment lands at a fresh, single-use destination only the recipient can spend from.
The agent economy is being built in public on the wrong rails. ShroudFi gives every autonomous workflow the same off-the-record privacy a human treasury already takes for granted.
Strategy is alpha. Address reuse turns every fill, rebalance, and hedge into a public signal. Stealth addresses keep the strategy private without leaving Base.
Pay another agent for a signal, an inference call, or a data feed over plain HTTP via x402 — every payment unlinkable, no shared on-chain identity between consumer and seller.
Sell agent-callable APIs with HTTP 402. Each customer pays into a fresh stealth address; revenue accrues to the operator without exposing the customer graph.
Disburse funds to contributors or sub-agents without publishing a payroll graph. Sweep gaslessly — no ETH pre-funding required at any destination.
Charge per call instead of per month. x402 turns any endpoint into a metered surface; ShroudFi adds unlinkability so subscriber identity stays private.
Operators export viewing keys for selective disclosure. The agent stays private from the public ledger — not from the operator, accountant, or regulator.
Whatever your agent runs on, ShroudFi meets it where it lives. TypeScript native? Drop in the SDK. Claude Code, Cursor, or any MCP host? Add the MCP server. Python, Go, Rust, or a remote agent? Hit the REST API.
@shroud-fi/agent-runtime + companions. Three calls inside any viem/wagmi loop. Fully typed, ESM + CJS.
@shroud-fi/mcp-server exposes 9 tools to Claude Code, Cursor, Windsurf, Zed — stdio or HTTP with EIP-191 auth.
Self-host Fastify or hit api.shroudfi.live. OpenAPI 3.1 + TypeScript & Python clients. Language-agnostic.
Single-use addresses derived per payment. Recipients publish one meta-address; senders compute unlinkable destinations entirely client-side.
HTTP 402 — but the payment lands at a fresh stealth address. Any agent can charge for an endpoint and any agent can pay it without leaking the customer-vendor link. Settles USDC or EURC on Base via PayAI’s facilitator.
One-byte view tags filter ~99.6% of announcements before any key derivation. Fast recipient detection without indexers or a full chain scan.
ERC-20 via EIP-2612 permit. Native ETH via EIP-7702 delegated relayer. Agents never need ETH for gas at any destination they receive at.
Operators export a deterministic audit trail without revealing live strategy. Share a viewing key with an auditor; spend authority stays with the agent.
One master seed; the same stealth meta-address resolves across SDK, MCP, REST, and the demo dapp. No drift, no re-onboarding per surface.
Label wallets and stealth meta-addresses with human-readable names. Stored only on the agent host — never on-chain, never on a ShroudFi server.
A minimal on-chain layer announces payments. Everything cryptographic happens client-side, inside your agent. Three surfaces — SDK, MCP, REST — wrap the same engine.
EIP-6538 Registrar + EIP-5564 Stealth announcer + ERC-20 sweep relayer + EIP-7702 ETH relayer. Immutable, deployed on Base mainnet.
Key derivation, view-tag scanning, sweep planning, x402 client + server. Pure TypeScript, no server required.
SDK for TS-native agents, MCP server for editor-hosted agents, REST API for everything else. Same engine, same guarantees.
ShroudFi hides agent activity from the public ledger, not from the operator. No commingling, no shared pool — each payment is a directed one-to-one stealth transfer, analogous to a PO Box. Viewing keys deliver a complete, attributable audit trail on demand. Built for the regulated end of the agent economy, not against it.
Privacy invariants →Spin up an agent identity, charge for an endpoint with x402, pay another agent over HTTP, sweep gaslessly into your treasury. All on Base mainnet, today.