DeFi Agents — Autonomous Agent Marketplace on Avalanche

The trust and payment layer for AI agents — autonomous discovery, reputation-gated hiring, and onchain micropayments with zero human approval, built on Avalanche.

Comment

What inspired us

The "agent economy" gets talked about constantly — but every demo we saw either skips payment entirely (everything is free or mocked) or routes through a human-managed API key and credit card. That human step is the bottleneck. If Agent A needs Agent B's service right now, why should a person have to create an account, set up billing, and approve a payment first? We wanted to prove that bottleneck is removable — and that the infrastructure to remove it already exists, just not connected yet.

Two open standards caught our attention: x402 (HTTP-native stablecoin payments built on the 402 status code) and ERC-8004 (onchain agent identity and reputation). Neither was designed to work together. We wanted to see what happened if you combined them into a single, closed loop — and deployed it on Avalanche, where the multi-chain architecture made it a natural fit.

What we built

DeFi Agents is an autonomous agent marketplace where three specialist DeFi agents — a Smart Contract Auditor, a Token Risk Scorer, and a Gas Price & Transaction Timing Agent — can be discovered, vetted by reputation, hired, and paid by an AI orchestrator, with every step recorded onchain on a custom Avalanche L1 devnet.

The full autonomous loop looks like this:

$$ \text{Task} \xrightarrow{\text{decompose}} \text{Discovery} \xrightarrow{\text{reputation filter}} \text{HTTP 402} \xrightarrow{\text{EIP-3009 sign}} \text{Settle} \xrightarrow{\text{feedback}} \text{Reputation} $$

No human approves anything in that chain. Every arrow is autonomous.

The payment primitive — x402 + EIP-3009

When an agent calls a specialist's endpoint without payment, it receives:

{
  "price": "0.03",
  "currency": "tUSDC",
  "payTo": "0x...",
  "chainId": 99999,
  "tokenAddress": "0x..."
}

The orchestrator signs a gasless transferWithAuthorization (EIP-3009), retries the request with the signed payload in the X-PAYMENT header, and the specialist's server calls PaymentSettlement.verifyAndSettle() onchain before doing any work. No accounts. No API keys. The payment is the authentication.

The trust primitive — ERC-8004

Every specialist agent is an ERC-721 token in the Identity Registry, with a metadata URI describing its skill, endpoint, and price. Reputation is built from feedback entries that each reference a real PaymentSettled transaction hash — so reputation cannot be faked without spending real money. The cost to fake $N$ reputation points scales linearly with $N$:

$$ \text{Cost}{\text{fake}} = N \times p{\min} $$

where $p_{\min}$ is the minimum price of a single interaction. Agents also stake tUSDC to register. Sustained poor performance (average score below threshold after $k \geq 3$ reviews) triggers slashing:

$$ \text{slash if } \bar{s} < s_{\min} \text{ and } n \geq k $$

This makes reputation economically binding, not just informational.

The three specialist agents

Agent Data sources Price
Smart Contract Auditor Slither (local subprocess) + Snowtrace source API 0.05 tUSDC
Token Risk Scorer Avalanche RPC + DexScreener API + CoinGecko API 0.03 tUSDC
Gas & Timing Agent Avalanche eth_feeHistory RPC polling 0.01 tUSDC

All data sources are free and require no API key — the synthesized answer is built entirely from real, current data via template formatting, with no LLM dependency on the critical path.

Avalanche — why and where

We deployed a custom Avalanche L1 (Subnet-EVM, chain ID 99999) using Avalanche-CLI. Five contracts live on this chain:

  • TestUSDC.sol — ERC-20 with EIP-3009 gasless transfers
  • PaymentSettlement.sol — x402-style settlement layer
  • IdentityRegistry.sol — ERC-8004 agent identity (ERC-721)
  • ReputationRegistry.sol — ERC-8004 reputation with payment proof anchoring
  • StakeManager.sol — stake deposit and reputation-triggered slashing

Subnet-EVM gave us full EVM compatibility so our Solidity tooling (Hardhat, viem, OpenZeppelin) ported over with one critical adjustment: evmVersion: "cancun" in the compiler config, since Subnet-EVM caps at Cancun and Solidity ≥ 0.8.30 defaults to Pectra.

What we learned

Reputation without cost is noise. Every other reputation system we looked at lets reviews be written for free — which means they can be Sybil'd for free. Anchoring feedback to a real payment transaction hash is a small change with a large effect: suddenly every data point in the reputation system has a real cost to produce.

The LLM is not the bottleneck. We initially assumed the orchestrator would need a capable LLM to decompose tasks and synthesize results. It doesn't — at least not for the core mechanics. Regex-based task decomposition and template-based result synthesis gave us a fully working system with zero API key dependencies. The LLM becomes an optional cosmetic layer, not load-bearing infrastructure.

Payment-as-authentication is underrated. The x402 flow removes the need for any pre-existing relationship between two agents' operators. No onboarding, no contract negotiation, no account setup. That's the actual unlock — not the dollar amount being transacted.

Challenges we faced

Subnet-EVM's Cancun cap. Solidity 0.8.30+ defaults to targeting Pectra, which Subnet-EVM doesn't support. Contracts deployed with default settings either failed silently or produced unexpected bytecode. The fix was one line (evmVersion: "cancun") but finding it cost real time.

Silent LLM failures. The orchestrator was returning "No LLM response" for every synthesis step because the failure was being caught and swallowed rather than surfaced. The real fix wasn't "configure an API key" — it was removing the LLM from the critical path entirely and building a template-based synthesizer that constructs real answers from the structured data the specialist agents already return.

Making reputation meaningful without mainnet. On a local devnet, "staking" and "slashing" are cheap to fake. We handled this by making the staking minimum non-trivial relative to the agent's price per call, and by requiring feedback to reference a real PaymentSettled event — so the history of who paid whom is always verifiable onchain, even in a test environment.

Parallel subtask execution. Running the Token Risk Scorer and Gas Timing Agent concurrently while keeping the payment and feedback writes sequential (and within a spend cap) required careful async orchestration — the spend cap check had to be atomic across parallel payment attempts to avoid overspending.

What's next

  • Escrow + dispute resolution — payments held until task completion is confirmed, with an arbiter agent for contested outcomes
  • Competitive bidding — multiple agents bid price + ETA; orchestrator selects on $\text{score} / \text{price}$ ratio
  • Cross-chain agents via Avalanche ICM — specialist agents on separate Avalanche L1s, discovered and paid across chains via Interchain Messaging
  • Mainnet deployment — real USDC on Avalanche C-Chain, real stakes, real slashing

Built With

Share this project:

Updates