AsterPay KYA Hook

March 10, 2026 · View on GitHub

Know Your Agent (KYA) verification gate for Agentic Commerce jobs.

This hook implements the IACPHook interface to enforce AsterPay's 5-layer Trust Framework before AI agents can participate in ERC-8183 commerce jobs.

How It Works

Client creates job with hook = AsterPayKYAHook
                    │
                    ▼
     ┌──── setProvider() ────┐
     │  beforeAction:        │
     │  ✓ Sanctions Oracle   │
     │  ✓ Trust Score ≥ N    │
     │  ✓ Score freshness    │
     └───────────────────────┘
                    │
                    ▼
     ┌──────── fund() ───────┐
     │  beforeAction:        │
     │  ✓ Same KYA checks    │
     │  ✓ Cache result       │
     └───────────────────────┘
                    │
         provider works...
                    │
     ┌─────── complete() ────┐
     │  afterAction:         │
     │  → ReputationPositive │
     └───────────────────────┘

Architecture

Contract	Purpose
`AsterPayKYAHook.sol`	Main hook — sanctions + trust score gate
`IACPHook.sol`	ERC-8183 hook interface
`IAgenticCommerce.sol`	Read-only ACP job interface
`IAgentTrustScore.sol`	AsterPay trust score oracle interface
`ISanctionsOracle.sol`	Chainalysis oracle interface

Checks Performed

Sanctions screening — Chainalysis Oracle on Base (OFAC, EU, UN). Fail-closed if oracle unreachable.
Trust Score — Agent must have score ≥ minTrustScore (default: 20 = verified tier)
Score freshness — Score must be updated within maxScoreAge seconds (default: 3600)
Tier validation — Agent must not be in "blocked" tier

Quick Start

Deploy

cd contracts/erc8183-kya-hook

# Install Foundry deps
forge install

# Deploy to Base Sepolia
ACP_ADDRESS=0x... \
TRUST_ORACLE_ADDRESS=0x... \
forge script script/Deploy.s.sol:DeployKYAHook \
  --rpc-url base_sepolia --broadcast --verify

Test

forge test -vvv

TypeScript SDK

import { createKYAHookSDK } from './ts-sdk/kya-hook';
import { ethers } from 'ethers';

const provider = new ethers.JsonRpcProvider('https://mainnet.base.org');
const signer = new ethers.Wallet(PRIVATE_KEY, provider);

const sdk = createKYAHookSDK(HOOK_ADDRESS, ACP_ADDRESS, signer);

// Pre-flight check
const result = await sdk.wouldPass('0xAgentWallet...');
console.log(result);
// { passes: true, score: 42, tier: 'verified', sanctionsClear: true }

// Create a KYA-protected job
const jobId = await sdk.createJobWithKYA({
  provider: '0xAgentWallet...',
  evaluator: '0xEvaluator...',
  expiredAt: Math.floor(Date.now() / 1000) + 86400,
  description: 'Translate document EN→FR',
});

// Fund triggers KYA check automatically
await sdk.fundJob(jobId, 100n);

Configuration

Parameter	Default	Description
`minTrustScore`	20	Minimum score (0-100). 20 = verified tier
`maxScoreAge`	3600	Max seconds since last score update
`sanctionsEnabled`	true	Enable Chainalysis screening

All configurable by contract owner via setMinTrustScore(), setMaxScoreAge(), setSanctionsEnabled().

Events

Event	When	Use
`KYAVerified`	Agent passes all checks	Index verified agents
`KYABlocked`	Agent fails any check	Alert, compliance logging
`ReputationPositive`	Job completed	Feed into ERC-8004 reputation
`ReputationNegative`	Job rejected	Feed into ERC-8004 reputation

License

MIT (hook contract) / CC0 (interfaces aligned with ERC-8183 and EIP-Agent Trust Score)