add covenant-krexa: Krexa credit/risk oracle as a soft signal (read-only), credit-backed x402 behind a flag#108
Open
mizuki0x wants to merge 1 commit into
Open
add covenant-krexa: Krexa credit/risk oracle as a soft signal (read-only), credit-backed x402 behind a flag#108mizuki0x wants to merge 1 commit into
mizuki0x wants to merge 1 commit into
Conversation
krexa.score mcp tool returns an agent's krexit score, risk band and underwriting opinion as a labeled soft signal to weigh alongside the audit-derived reputation, never blended into it. read-only rest, no funds move; the agent pubkey is validated as base58 at the tool boundary. credit-backed x402 draws are built but gated off (credit_enabled defaults false) and not wired into live settlement. registered via krexa_from_env behind COVENANT_KREXA_ENABLED, off by default. user-facing setup in docs/integrations/krexa.md.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What this adds
A
covenant-krexacrate that consumes Krexa's credit/risk API from inside the Covenant daemon, and the wiring to expose it as an MCP tool. Two layers with very different risk:Read-only oracle (on by config). REST reads of an agent's Krexit score, eligibility, and active credit line, surfaced as a
krexa.scoretool. It is fed as a labeled soft signal that sits next to Covenant's own audit-derived reputation, never blended into it. No funds, no counterparty risk.Credit-backed x402 (built, gated off). The seam for an agent to cover an x402 payment shortfall from a Krexa credit line and repay from earnings. Every entry point is gated on
credit_enabled, which defaults to false, and it is deliberately not wired into the live payment path. See "What we'd need to turn this on" below.The trust boundary (the part we care about)
Covenant's reputation is audit-derived: computed from an agent's signed work history, meant to be trustless. Krexa's score is a third-party REST value with a self-attested hash, not a signature. Those are different kinds of trust, so we keep them separate. The
krexa.scoreresult is tagged"krexa-attested (third-party REST), soft signal"so nothing downstream mistakes it for a Covenant-verified fact. A consumer can weigh both; we never launder one into the other.We also capture
scorePdafrom the score response. The moment Krexa publishes the account layout or IDL, the read path can decode that PDA directly instead of trusting REST, which makes the score trustless on our side. That switch is a one-file change, blocked only on the layout.One concrete fit: Krexa boosts the score for agents that hold a
.solname, and Covenant's identity layer already issues.solnames, so a Covenant agent tends to score better on Krexa for free.What's verified
krexa.scorefor a real agent returns score 342, banddeep_subprime, the underwriting opinion, and the attestation hash; an injection-shaped pubkey is rejected before any request leaves the host.docs/integrations/krexa.md, matching the other providers' integration docs.What we'd need to turn on credit
The credit module is built and tested behind the flag, but uncollateralized lending to an autonomous agent is not something we flip on with three questions open:
Scope
We consume Krexa as a credit and score provider plugged into Covenant identity. We do not use KYA or treat Krexa as an identity source; identity stays on the Covenant side. Trade, swap, and perps are out of scope for this crate.
Notes for review
credit.rs, ~140 lines): built but gated entirely off (credit_enableddefaults false) and not wired into any live path. It is the staged, inert seam for the credit-backed x402 phase, so review it separately from the read-only oracle or skip it for now. Happy to split it into its own PR if you'd prefer.agent-os/scripts/validate.sh --scriptspasses (provenance ok). The crate iscargo fmtandclippyclean; the repo-widefmt --checkonly flags pre-existing files in other crates (sap-bridge, stake-keeper), not this one.