AI Market Microstructure Engine (AIMME)

The “man-in-the-middle” (MITM) concept is extremely relevant when you connect it to the SEC case
AI Agent Detects Anomalies
FINRA Personnel Approval Results in Immutable Ledger for Future SEC Audit Reports

Inspiration

"Agent" Outputs and Private key handling are the biggest trust and security bottleneck in financial-grade automated workflows. We were inspired to remove direct key exposure from app servers for keys like Blockchain Private Key by combining Auth0 identity with a Token Vault signing model, so approvals can be strongly authenticated, policy-controlled, and auditable.

What it does

AIMME uses Auth0-authenticated user context to request secure transaction signing from Token Vault instead of using POLYGON_PRIVATE_KEY directly in the web app runtime. Operators can approve events from the Ledger Audit UI, and the signing request is delegated to Vault with user/session context, idempotency keys, and org-aware policy checks. The result is a safer approval path with clear transaction status and traceability.

Auth0 Tenant

dev-islurxnfunwhje6i

How we built it

Multi-Org Support: We integrated Auth0 Organizations to handle multiple tenants, each with its own roles and access boundaries.
Token Vault Signing Mode: Using environment flags (POLYGON_SIGNING_MODE=vault), approval actions are routed through server APIs that:
- Resolve the Auth0 session, role, and organization claims
- Fetch an Auth0 access token with the appropriate imprint scope and audience
Org-Level Controls: We added feature flags to manage organization-level permissions (e.g., a disabled org list) to block approvals before any signing call is executed.
Initially we used Firebase to get started on concept and then replaced with Auth0 for multi tenant and token auth innovation.
Included SDLC best practices - CI/CD, BDD test cases, Infrastructure as Code using CDK

Challenges we ran into

The hardest part was aligning identity, policy, and signing orchestration end-to-end:

Auth0 custom claims availability/shape (role/org role mapping consistency),
choosing reliable claim keys across tenants/environments,
preventing fallback paths from unintentionally bypassing org policy,
handling asynchronous tx lifecycle cleanly without “Approving...” stalls,

Accomplishments that we're proud of

We eliminated the need to keep raw private keys in the normal approve request path when Vault mode is enabled. We delivered a practical Auth0 + Token Vault integration with:

role-aware/operator-only approval behavior,
org-aware approval disable controls,
clear UI feedback and server enforcement,
durable ledger persistence and status resolution,
production deployment with observability-friendly logging patterns.

What we learned

Identity-driven signing is not just an auth feature; it is a systems design problem across claims, policy, UX, and infra. We learned that:

claim normalization and debugging visibility are essential,
policy must be enforced server-side (not only UI-side),
idempotency and async status updates are mandatory for resilient approval UX,
feature-flagged migration from local keys to vault signing reduces rollout risk.

What's next for AI Market Microstructure Engine (AIMME)

hardware-backed key custody integrations via Vault,
automated policy tests and runtime health checks for vault/auth dependencies,
richer admin UI for org policy management (including vault disable rules).

BlogPost

Securing AI Agents in AIMME with Auth0 Token Vault

Building AIMME (AI Market Microstructure Engine) exposed a critical challenge: how do you let AI agents act on sensitive financial signals without ever exposing credentials?

In capital markets, even a small lapse in control can lead to major compliance failures. AI agents that ingest market events and generate trading or surveillance signals must operate within strict boundaries. This is where the Auth0 Token Vault became central to our design.

We structured AIMME as a multi-tenant system using Auth0 Organizations, enabling each firm to operate in an isolated environment with clearly defined roles such as trader, analyst, and ops. However, the real innovation came from introducing a Token Vault-based execution layer.

Instead of allowing AI agents or frontend applications to directly access private keys or APIs, all execution requests are routed through a secure backend. When a trader approves a signal, the system requests an Auth0-issued access token scoped specifically for that action. This token is then used to perform the operation such as recording a signal on-chain without ever exposing the underlying credentials.

This approach enforces a strong separation between decision-making (AI agents) and execution (Token Vault). It also enables organization-level controls, where certain tenants can be restricted from executing actions entirely, ensuring governance across environments.

To make this visible, we built an operator dashboard that streams Auth0 token issuance events alongside blockchain transaction logs. This creates a complete audit trail: from authenticated user → token issuance → secure execution → immutable record.

Our key insight is simple but powerful: AI agents should never hold secrets; they should request permission to act.

Auth0 Token Vault allowed us to implement this model cleanly, making AIMME not just intelligent, but secure, compliant, and enterprise-ready.