x402janus — Wallet Security for AI Agents
Nothing passes the gate unchecked.
The security layer AI agents call before every financial transaction. Scans wallets, traces approval chains, detects drainers, builds revoke transactions — all paid via x402 micropayment. No API key. No account. No setup.
Why This Exists
AI agents are getting wallets and transacting autonomously. Most have no idea what they've approved or who can drain them. x402janus is the gate — forensic analysis that any agent can call before making a financial decision.
Score: 3.240 on ClawHub — the highest-rated security skill for autonomous agents.
Quick Start
CODEBLOCK0
Exit codes for automation:
- -
0 — safe (health ≥ 75) → proceed with transaction - INLINECODE1� — medium risk (50–74) → flag for review
- INLINECODE2� — high risk (< 50) → halt transaction
- INLINECODE3� — critical (< 25) → block and alert
Setup
CODEBLOCK1�
| Variable | Required | Description |
|---|
| INLINECODE4 | Yes | INLINECODE5 |
| INLINECODE6 |
Paid tiers only | Agent wallet key for x402 payment signing |
|
THIRDWEB_CLIENT_ID | No | thirdweb client ID (default:
x402janus-skill) |
Commands
1. Scan a Wallet
The primary command. Returns risk score, findings, approvals, and pre-built revoke transactions.
CODEBLOCK2
Output:
�CODEBLOCK3
2. List Approvals
CODEBLOCK4
3. Revoke Approval
CODEBLOCK5
⚠️ --execute sends a real transaction. Confirm with user before executing.
4. Start Monitoring
CODEBLOCK6
Agent Integration Pattern
CODEBLOCK7
Pricing
| Tier | Price | Speed | Coverage |
|---|
| Free | $0.00 | <5s | Address validation, basic checksum, tier preview |
| Quick |
$0.01 USDC | <3s | Deterministic risk score, approval list, revoke txs |
|
Standard | $0.05 USDC | <10s | + AI threat analysis, deeper historical lookback |
|
Deep | $0.25 USDC | <30s | + Full graph analysis, drainer fingerprinting, anomaly detection |
All payments settle via x402 micropayment (EIP-3009 TransferWithAuthorization) on Base. Your agent signs once, the Thirdweb facilitator settles USDC on-chain. No account needed.
How x402 Payment Works
- 1. Agent calls the scan endpoint
- Server returns HTTP 402 with payment requirements
- thirdweb x402 SDK signs the payment authorization from agent wallet
- SDK retries with payment header automatically
- Facilitator verifies and settles USDC on Base
- Scan result returned
No gas needed for payments (facilitator pays). Agent wallet only needs USDC on Base.
ACP Marketplace
Also available via the Virtuals ACP marketplace for agent-to-agent hiring:
https://app.virtuals.io/acp/agent-details/14804
6 offerings: scan (quick/standard/deep), approvals listing, revoke (single/batch).
API Endpoints (Direct)
For agents that prefer raw HTTP over the skill scripts:
CODEBLOCK8
Wallet Requirements
For paid tiers, the agent wallet (PRIVATE_KEY) needs:
- - USDC on Base — $0.01–$0.25 per scan
- ETH on Base — only needed for
--execute on revoke (not for scan payments)
Safety
- - Free tier requires no key
- Paid tiers use thirdweb x402 signing — private key never logged or returned
- All scripts validate addresses before requests
- Revoke transactions are dry-run by default (
--execute required for on-chain) - x402 payments are exact amounts — facilitator cannot take more than specified
- Rate limiting: 10 free scans per IP window
Links
- - Product: https://x402janus.com
- ACP Marketplace: https://app.virtuals.io/acp/agent-details/14804
- GitHub: https://github.com/consensus-hq/agent-pulse
- X: @x402janus
x402janus — AI代理钱包安全
未经检查,不得通行。
AI代理在执行每笔金融交易前调用的安全层。扫描钱包、追踪授权链、检测盗取者、构建撤销交易——全部通过x402微支付完成。无需API密钥、无需账户、无需配置。
为什么存在
AI代理正在获取钱包并自主交易。大多数代理不知道它们授权了什么,也不知道谁能盗取它们。x402janus就是那道门——任何代理在做金融决策前都可以调用的取证分析。
评分:3.240(ClawHub平台)——自主代理中评分最高的安全技能。
快速开始
bash
安装
clawhub install x402janus
cd skills/x402janus && npm install
免费扫描(无需钱包)
JANUS
APIURL=https://x402janus.com \
npx tsx scripts/scan-wallet.ts 0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045 --tier free --json
付费扫描(0.01 USDC via x402)
JANUS
APIURL=https://x402janus.com PRIVATE
KEY=$PRIVATEKEY \
npx tsx scripts/scan-wallet.ts 0xYOUR_TARGET --tier quick --json
自动化退出码:
- - 0 — 安全(健康度 ≥ 75)→ 继续交易
- 1 — 中等风险(50–74)→ 标记待审查
- 2 — 高风险(< 50)→ 暂停交易
- 3 — 严重风险(< 25)→ 阻止并告警
配置
bash
cd skills/x402janus && npm install
| 变量 | 必需 | 描述 |
|---|
| JANUSAPIURL | 是 | https://x402janus.com |
| PRIVATE_KEY |
仅付费层级 | 用于x402支付签名的代理钱包密钥 |
| THIRDWEB
CLIENTID | 否 | thirdweb客户端ID(默认:x402janus-skill) |
命令
1. 扫描钱包
主要命令。返回风险评分、发现项、授权项和预构建的撤销交易。
bash
免费层级——无需支付
JANUS
APIURL=https://x402janus.com \
npx tsx scripts/scan-wallet.ts
--tier free --json
快速扫描——0.01 USDC
JANUSAPIURL=https://x402janus.com PRIVATEKEY=$PRIVATEKEY \
npx tsx scripts/scan-wallet.ts --tier quick --json
标准扫描——0.05 USDC(AI威胁分析)
JANUSAPIURL=https://x402janus.com PRIVATEKEY=$PRIVATEKEY \
npx tsx scripts/scan-wallet.ts --tier standard --json
深度扫描——0.25 USDC(完整图谱+盗取者指纹识别)
JANUSAPIURL=https://x402janus.com PRIVATEKEY=$PRIVATEKEY \
npx tsx scripts/scan-wallet.ts --tier deep --chain base --json
输出:
json
{
address: 0x...,
scannedAt: 2026-03-04T...,
payer: 0x...,
coverageLevel: basic,
summary: {
totalTokensApproved: 3,
unlimitedApprovals: 2,
highRiskApprovals: 0,
healthScore: 80
},
approvals: [...],
recommendations: [...],
revokeTransactions: [...]
}
2. 列出授权
bash
所有授权及风险标记
JANUSAPIURL=https://x402janus.com PRIVATEKEY=$PRIVATEKEY \
npx tsx scripts/list-approvals.ts --format json
仅高风险
npx tsx scripts/list-approvals.ts --risk high,critical --format json
仅无限授权
npx tsx scripts/list-approvals.ts --unlimited-only --format json
3. 撤销授权
bash
预演——输出调用数据
JANUSAPIURL=https://x402janus.com PRIVATEKEY=$PRIVATEKEY \
npx tsx scripts/revoke-approval.ts --json
链上执行(发送真实交易)
JANUSAPIURL=https://x402janus.com PRIVATEKEY=$PRIVATEKEY \
npx tsx scripts/revoke-approval.ts --execute --json
⚠️ --execute 会发送真实交易。执行前请与用户确认。
4. 开始监控
bash
Webhook告警
JANUSAPIURL=https://x402janus.com PRIVATEKEY=$PRIVATEKEY \
npx tsx scripts/start-monitoring.ts --webhook https://your-webhook.com --json
Telegram告警
npx tsx scripts/start-monitoring.ts --telegram @username --json
代理集成模式
bash
#!/bin/bash
交易前安全门
RESULT=$(JANUSAPIURL=https://x402janus.com PRIVATEKEY=$PRIVATEKEY \
npx tsx scripts/scan-wallet.ts $TARGET_WALLET --tier quick --json 2>/dev/null)
EXIT=$?
if [ $EXIT -eq 0 ]; then
echo ✅ 钱包安全——继续交易
# ... 执行你的交易/转账/授权
elif [ $EXIT -eq 1 ]; then
echo ⚠️ 中等风险——请求人工审查
# ... 通知人工操作员
else
echo 🚫 检测到高风险——阻止交易
# ... 暂停并报告
fi
定价
| 层级 | 价格 | 速度 | 覆盖范围 |
|---|
| 免费 | $0.00 | <5秒 | 地址验证、基础校验和、层级预览 |
| 快速 |
$0.01 USDC | <3秒 | 确定性风险评分、授权列表、撤销交易 |
| 标准 | $0.05 USDC | <10秒 | + AI威胁分析、更深的历史回溯 |
| 深度 | $0.25 USDC | <30秒 | + 完整图谱分析、盗取者指纹识别、异常检测 |
所有支付通过x402微支付(EIP-3009 TransferWithAuthorization)在Base上结算。你的代理只需签名一次,Thirdweb促进方在链上结算USDC。无需账户。
x402支付工作原理
- 1. 代理调用扫描端点
- 服务器返回HTTP 402及支付要求
- thirdweb x402 SDK从代理钱包签名支付授权
- SDK自动重试并附带支付头
- 促进方验证并在Base上结算USDC
- 返回扫描结果
支付无需Gas(促进方支付)。代理钱包只需在Base上有USDC。
ACP市场
也可通过Virtuals ACP市场进行代理间雇佣:
https://app.virtuals.io/acp/agent-details/14804
6项服务:扫描(快速/标准/深度)、授权列表、撤销(单次/批量)。
API端点(直接调用)
对于偏好原始HTTP而非技能脚本的代理:
bash
免费扫描
curl -X POST https://x402janus.com/api/guardian/scan/0xADDRESS?tier=free
付费扫描(x402通过SDK自动处理支付)
或手动:服务器返回402 → 签名支付 → 附带头重试
健康检查
curl https://x402janus.com/api/guardian/status
技能文档(机器可读)
curl https://x402janus.com/api/skill-md
钱包要求
对于付费层级,代理钱包(PRIVATE_KEY)需要:
- - Base上的USDC — 每次扫描$0.01–$0.25
- Base上的ETH — 仅撤销时--execute需要(扫描支付不需要)
安全性
- - 免费层级无需密钥
- 付费层级使用thirdweb x402签名——私钥从不记录或返回
- 所有脚本在请求前验证地址
- 撤销交易默认预演(链上执行需要--execute)
- x402支付金额精确——促进方不能收取超过指定金额
- 速率限制:每个IP窗口10次免费扫描
链接
- - 产品:https://x402janus.com
- ACP市场:https://
