HashGate AI: PayFi & RWA Investment Agent

Autonomous AI agent for HashKey Chain. Intent-to-execution for payments & RWA investments. Zero-click settlement via HSP and EIP-3009. Turn natural language into secure on-chain action.

Comment

Inspiration

The genesis of HashGate AI came from a simple observation: Web3 is suffering from a "UX debt." While the underlying protocols are revolutionary, the interface remains stuck in a paradigm of manual approvals, complex hex strings, and constant wallet switching.

We were inspired by the Intent-Centric movement — the idea that a user shouldn't have to be a blockchain expert to move value. Our vision was to create a "Financial Co-pilot" that understands human language and handles the heavy lifting of cryptographic signing and protocol interaction autonomously on the HashKey Chain.

What it does

HashGate AI serves as a bridge between human intent and the HashKey Settlement Protocol (HSP).

Autonomous Payments

Users can chat in English or Traditional Chinese to purchase items from a catalog. The agent:

  • Interprets the intent
  • Validates the merchant's mandate
  • Settles the transaction using EIP-3009
  • Provides a "zero-click" experience

Smart RWA Portfolios

Beyond simple payments, the agent manages tokenized Real World Assets (RWA) including:

  • T-Bills
  • Corporate Bonds
  • Green Energy assets

Quantitative Execution

It doesn't simply "buy"; it executes strategies.

Users can set up:

  • Dollar-Cost Averaging (DCA)
  • Momentum-based portfolio rebalancing
  • 24/7 autonomous execution

Safety First

Every action is governed by a Policy Engine that enforces:

  • Spending caps
  • Recipient allowlists
  • Trust boundaries

ensuring the agent never exceeds its authorized "trust envelope."

How we built it

We architected the system as a high-performance Node.js/Express monolith to minimize latency between AI decisions and on-chain execution.

Intelligence Layer

We integrated Qwen 2.5-72B through SiliconFlow and used advanced JSON tool-calling to map natural language into function signatures:

confirm_payment_intent()

list_active_strategies()

Settlement Layer

Deep integration with HSP:

  • HMAC-SHA256 request signing
  • ES256K JWT merchant authorizations
  • Cart hash integrity verification

Signature Logic

Using ethers.js v6, we implemented:

  • EIP-712 typed data signing
  • EIP-3009 TransferWithAuthorization payload generation
  • Direct settlement through HSP pay-mandate endpoints

DevOps

Deployment stack:

  • Render
  • Secret vaults for sensitive .pem merchant keys
  • Dynamic environment configuration

Challenges we ran into

The biggest challenge was balancing security vs autonomy.

To allow an agent to pay without a manual MetaMask pop-up, we had to build a robust Policy Engine capable of operating inside a Trusted Execution Environment (TEE).

Additional challenges included:

  • Building the cryptographic handshake between agent wallets and HSP gateways
  • Implementing secure cart_hash binding
  • Matching SHA-256 digests with sorted canonical JSON
  • Debugging production deployment on Render
  • Environment variable injection issues
  • Static file serving problems

Accomplishments that we're proud of

We are incredibly proud of achieving True Zero-Click Settlement.

We successfully demonstrated an end-to-end flow where:

  1. User enters a request
  2. AI interprets intent
  3. Policy engine validates permissions
  4. On-chain transaction executes through HSP
  5. Settlement completes within seconds

All of this happens without a single manual wallet confirmation.

This is our North Star of PayFi UX, and we delivered a working implementation on the HashKey Testnet.

What we learned

This journey taught us that PayFi is the missing piece of the AI Agent puzzle.

Key learnings:

  • Importance of replay protection using nonces
  • Timestamp validation in decentralized payment systems
  • Understanding the HSP lifecycle
  • Secure invisible authorization through merchant mandates
  • Potential of Intel TDX for hardware-grade key isolation

What's next for HashGate AI: PayFi & RWA Investment Agent

The next phase for HashGate is Production Hardening.

TEE Deployment

Move private key management and policy engines into a live Intel TDX environment for maximum security.

Expanded Asset Catalog

Integrate more RWA providers including:

  • Tokenized commodities
  • Global real estate
  • Broader investment assets

Cross-Chain Settlement

While currently focused on HashKey Chain, we aim to implement cross-chain PayFi bridges that enable settlement across the broader EVM ecosystem.

Built With

Share this project:

Updates