Policy engine

The policy engine sits between the agent and the payment rail. Every operation goes through it before anything moves.

How it evaluates

For each incoming request, the policy engine checks three things in order:

Scopes — does this key have permission to perform this operation?
Allowlist — if configured, is the destination in the allowed list?
Threshold — is the amount under the auto-execute limit?

If all checks pass below the threshold, the transfer executes immediately. If the amount exceeds the threshold, execution pauses and the account owner receives a WhatsApp notification.

Threshold

The threshold is set per API key in ARS. It defines the maximum amount that executes without human approval.

amount < threshold  →  executes automatically (~2.4s)
amount ≥ threshold  →  pauses, sends WhatsApp notification

Example: threshold of 10000 means any transfer under $10,000 ARS runs automatically. $10,000 or above requires approval.

Scopes

Scopes limit what an API key can do. Assign only the scopes an agent actually needs.

Scope	What it allows
`transfer:write`	Initiate transfers
`balance:read`	Read current wallet balance
`transactions:read`	List transaction history

Attempting an operation without the required scope returns 403 Forbidden.

Allowlist

An optional list of CVU/CBU/alias values that the key is allowed to send to. If configured, any transfer to a destination not on the list is rejected before reaching the threshold check.

Use allowlists for agents that should only ever pay specific counterparts — e.g., a supplier payment agent that should only send to known vendor accounts.

Per-key isolation

Each API key has its own independent policy. Revoking one key, changing its threshold, or updating its allowlist has no effect on other keys or the wallet itself.

This means you can have:

One key for a Claude agent with a $5,000 threshold and read/write scopes
Another key for a monitoring agent with only balance:read
A third key for a supplier payment agent with an allowlist of 3 vendors