Tools

Tools: Essential Guide: Human-in-the-Loop: 3 Ways to Approve Your Agent's Transactions

2026-04-02 0 views admin
Tools: Essential Guide: Human-in-the-Loop: 3 Ways to Approve Your Agent's Transactions

Why Agent Transaction Approval Matters

The 3-Layer Security Architecture

Layer 1: Session Authentication and Default-Deny Policies

Layer 2: 4-Tier Security Based on Transaction Risk

Layer 3: Multiple Approval Channels

1. WalletConnect Integration

2. Telegram Bot Notifications

3. Push Relay for Custom Integrations

Real-World Security Scenarios

Dry-Run Mode: Test Before You Execute

Implementation: Getting Started with Secure Agent Wallets

What's Next Giving an AI agent access to a crypto wallet is like handing your car keys to a teenager. Sure, they might be a great driver most of the time, but do you really want to find out what happens when they're not? The same principle applies to autonomous AI agents handling real money—you need guardrails, oversight, and the ability to slam the brakes when something goes wrong. AI agents are getting smarter, but they're not getting more cautious. They'll happily execute any transaction that seems reasonable based on their training, whether it's swapping tokens, approving unlimited spending, or interacting with unvetted smart contracts. Without proper controls, a single prompt injection, logic error, or market manipulation could drain your entire treasury. The challenge isn't just technical—it's about maintaining control over your funds while still allowing agents the autonomy they need to be useful. You want your trading bot to capitalize on arbitrage opportunities, but not to YOLO your entire position into a meme coin because it misunderstood context. You want your DeFi agent to optimize yields, but not to deposit funds into an unaudited protocol that launched yesterday. This is where human-in-the-loop systems become critical. By requiring human approval for high-risk transactions, you maintain the speed and efficiency of automation while adding a crucial safety valve for situations that require human judgment. WAIaaS implements a three-layer security model that progressively filters transactions based on risk: Every AI agent operates through a session token with limited permissions. The policy engine uses a default-deny approach—transactions are blocked unless explicitly allowed by configured policies. With 21 policy types available, you can create precise rules. For example, the CONTRACT_WHITELIST policy ensures agents can only interact with contracts you've pre-approved, while SPENDING_LIMIT implements amount-based tiers that automatically escalate high-value transactions to human review. WAIaaS classifies every transaction into one of four security tiers: INSTANT, NOTIFY, DELAY, or APPROVAL. This happens automatically based on your configured policies. When a transaction requires human approval, WAIaaS offers three different channels to reach you: WalletConnect provides a familiar mobile wallet experience for approving agent transactions. Your agent initiates a transaction, and you receive a standard wallet approval request on your phone. The key advantage here is security through familiarity—you're using the same approval flow you already know and trust from existing DeFi interactions. For developers who live in Telegram, the built-in bot sends transaction approval requests directly to your DM. You can review transaction details and approve/reject with inline buttons, all without leaving your chat interface. The 7-stage transaction pipeline ensures proper validation, authentication, policy checking, optional delays, execution, and confirmation—with human approval seamlessly integrated at the appropriate stage. The push-relay service provides a webhook-based notification system that you can integrate with any external service—Slack, Discord, email, SMS, or your own custom dashboard. This flexibility means you can build approval workflows that fit your existing operational procedures. Consider these practical examples of how the multi-layer approach protects against different risk scenarios: Prompt Injection Attack: An attacker tricks your agent into attempting a large token transfer. The transaction hits the SPENDING_LIMIT policy, gets classified as APPROVAL tier, and pauses for human review. You see the suspicious recipient address and reject the transaction. Smart Contract Vulnerability: Your agent tries to interact with a newly deployed DeFi protocol that hasn't been audited. The CONTRACT_WHITELIST policy blocks the transaction entirely since the contract isn't pre-approved. Market Manipulation: During extreme market volatility, your trading agent attempts to execute a series of high-value swaps. The RATE_LIMIT policy triggers after the first few transactions, forcing a cooling-off period and human review of the strategy. Token Approval Abuse: Your agent tries to approve unlimited token spending for a DEX interaction. The APPROVE_AMOUNT_LIMIT policy blocks unlimited approvals and enforces specific amount limits you've configured. Before committing to any transaction, you can simulate it using the dry-run API: This shows you exactly what policies would trigger, which security tier the transaction would fall into, and what approvals would be required—all without risking any funds. Setting up human-in-the-loop controls takes just a few steps: The system is designed to be secure by default—even if you forget to configure specific policies, the default-deny approach means your agent can't access funds or contracts you haven't explicitly allowed. Human-in-the-loop transaction approval is just the foundation of secure agent operations. WAIaaS also provides features like cross-chain bridging, DeFi position monitoring, and integration with 14 different protocols—all with the same security-first approach. To dive deeper into the technical implementation or start building your own secure agent workflows, check out the full documentation and examples at https://github.com/minhoyoo-iotrust/WAIaaS or visit the official site at https://waiaas.ai. Templates let you quickly answer FAQs or store snippets for re-use. Hide child comments as well For further actions, you may consider blocking this person and/or reporting abuse

Command

Copy

$ -weight: 500;">curl -X POST http://localhost:3100/v1/policies \ -H 'Content-Type: application/json' \ -H 'X-Master-Password: <password>' \ -d '{ "walletId": "<wallet-uuid>", "type": "ALLOWED_TOKENS", "rules": { "tokens": [ {"address": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v", "symbol": "USDC", "chain": "solana"} ] } }' -weight: 500;">curl -X POST http://localhost:3100/v1/policies \ -H 'Content-Type: application/json' \ -H 'X-Master-Password: <password>' \ -d '{ "walletId": "<wallet-uuid>", "type": "ALLOWED_TOKENS", "rules": { "tokens": [ {"address": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v", "symbol": "USDC", "chain": "solana"} ] } }' -weight: 500;">curl -X POST http://localhost:3100/v1/policies \ -H 'Content-Type: application/json' \ -H 'X-Master-Password: <password>' \ -d '{ "walletId": "<wallet-uuid>", "type": "ALLOWED_TOKENS", "rules": { "tokens": [ {"address": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v", "symbol": "USDC", "chain": "solana"} ] } }' -weight: 500;">curl -X POST http://localhost:3100/v1/policies \ -H 'Content-Type: application/json' \ -H 'X-Master-Password: <password>' \ -d '{ "walletId": "<wallet-uuid>", "type": "SPENDING_LIMIT", "rules": { "instant_max_usd": 10, "notify_max_usd": 100, "delay_max_usd": 1000, "delay_seconds": 300, "daily_limit_usd": 500 } }' -weight: 500;">curl -X POST http://localhost:3100/v1/policies \ -H 'Content-Type: application/json' \ -H 'X-Master-Password: <password>' \ -d '{ "walletId": "<wallet-uuid>", "type": "SPENDING_LIMIT", "rules": { "instant_max_usd": 10, "notify_max_usd": 100, "delay_max_usd": 1000, "delay_seconds": 300, "daily_limit_usd": 500 } }' -weight: 500;">curl -X POST http://localhost:3100/v1/policies \ -H 'Content-Type: application/json' \ -H 'X-Master-Password: <password>' \ -d '{ "walletId": "<wallet-uuid>", "type": "SPENDING_LIMIT", "rules": { "instant_max_usd": 10, "notify_max_usd": 100, "delay_max_usd": 1000, "delay_seconds": 300, "daily_limit_usd": 500 } }' # Agent initiates transaction -weight: 500;">curl -X POST http://127.0.0.1:3100/v1/transactions/send \ -H "Authorization: Bearer wai_sess_<token>" \ -d '{"type": "TRANSFER", "to": "recipient", "amount": "5000"}' # Transaction enters APPROVAL tier due to high amount # WalletConnect session displays transaction details # You approve/reject via your mobile wallet # Agent initiates transaction -weight: 500;">curl -X POST http://127.0.0.1:3100/v1/transactions/send \ -H "Authorization: Bearer wai_sess_<token>" \ -d '{"type": "TRANSFER", "to": "recipient", "amount": "5000"}' # Transaction enters APPROVAL tier due to high amount # WalletConnect session displays transaction details # You approve/reject via your mobile wallet # Agent initiates transaction -weight: 500;">curl -X POST http://127.0.0.1:3100/v1/transactions/send \ -H "Authorization: Bearer wai_sess_<token>" \ -d '{"type": "TRANSFER", "to": "recipient", "amount": "5000"}' # Transaction enters APPROVAL tier due to high amount # WalletConnect session displays transaction details # You approve/reject via your mobile wallet # Configure webhook endpoint -weight: 500;">curl -X POST http://localhost:3100/v1/notifications \ -H 'X-Master-Password: <password>' \ -d '{ "type": "webhook", "endpoint": "https://your-server.com/approve-transaction", "events": ["transaction.approval_required"] }' # Configure webhook endpoint -weight: 500;">curl -X POST http://localhost:3100/v1/notifications \ -H 'X-Master-Password: <password>' \ -d '{ "type": "webhook", "endpoint": "https://your-server.com/approve-transaction", "events": ["transaction.approval_required"] }' # Configure webhook endpoint -weight: 500;">curl -X POST http://localhost:3100/v1/notifications \ -H 'X-Master-Password: <password>' \ -d '{ "type": "webhook", "endpoint": "https://your-server.com/approve-transaction", "events": ["transaction.approval_required"] }' -weight: 500;">curl -X POST http://127.0.0.1:3100/v1/transactions/send \ -H "Authorization: Bearer wai_sess_<token>" \ -d '{ "type": "TRANSFER", "to": "recipient-address", "amount": "0.1", "dryRun": true }' -weight: 500;">curl -X POST http://127.0.0.1:3100/v1/transactions/send \ -H "Authorization: Bearer wai_sess_<token>" \ -d '{ "type": "TRANSFER", "to": "recipient-address", "amount": "0.1", "dryRun": true }' -weight: 500;">curl -X POST http://127.0.0.1:3100/v1/transactions/send \ -H "Authorization: Bearer wai_sess_<token>" \ -d '{ "type": "TRANSFER", "to": "recipient-address", "amount": "0.1", "dryRun": true }' -weight: 500;">git clone https://github.com/minhoyoo-iotrust/WAIaaS.-weight: 500;">git cd WAIaaS -weight: 500;">docker compose up -d -weight: 500;">git clone https://github.com/minhoyoo-iotrust/WAIaaS.-weight: 500;">git cd WAIaaS -weight: 500;">docker compose up -d -weight: 500;">git clone https://github.com/minhoyoo-iotrust/WAIaaS.-weight: 500;">git cd WAIaaS -weight: 500;">docker compose up -d # Install CLI -weight: 500;">npm -weight: 500;">install -g @waiaas/cli # Initialize and create wallet waiaas init waiaas -weight: 500;">start waiaas wallet create --name "secure-agent" --chain solana # Install CLI -weight: 500;">npm -weight: 500;">install -g @waiaas/cli # Initialize and create wallet waiaas init waiaas -weight: 500;">start waiaas wallet create --name "secure-agent" --chain solana # Install CLI -weight: 500;">npm -weight: 500;">install -g @waiaas/cli # Initialize and create wallet waiaas init waiaas -weight: 500;">start waiaas wallet create --name "secure-agent" --chain solana # Set spending limits with escalating approvals waiaas quickset --mode mainnet # This creates default policies including spending limits and token whitelists # Set spending limits with escalating approvals waiaas quickset --mode mainnet # This creates default policies including spending limits and token whitelists # Set spending limits with escalating approvals waiaas quickset --mode mainnet # This creates default policies including spending limits and token whitelists # WalletConnect waiaas owner connect # Telegram (follow setup prompts) waiaas notification setup # Custom webhooks via API (see documentation) # WalletConnect waiaas owner connect # Telegram (follow setup prompts) waiaas notification setup # Custom webhooks via API (see documentation) # WalletConnect waiaas owner connect # Telegram (follow setup prompts) waiaas notification setup # Custom webhooks via API (see documentation) # Your agent gets a session token and can now make secure transactions # Low amounts execute instantly, high amounts require your approval # Your agent gets a session token and can now make secure transactions # Low amounts execute instantly, high amounts require your approval # Your agent gets a session token and can now make secure transactions # Low amounts execute instantly, high amounts require your approval - INSTANT: Low-risk transactions (under $10 in this example) execute immediately - NOTIFY: Medium-risk transactions (under $100) execute but trigger notifications - DELAY: High-risk transactions (under $1,000) are queued for a 5-minute delay, giving you time to cancel - APPROVAL: Very high-risk transactions require explicit human approval before execution - Deploy WAIaaS with Docker: - Create a wallet with initial policies: - Configure security policies: - Set up approval channels (choose one or all): - Test with your agent:

🏷️ Tags

toolsutilitiessecurity toolsessentialguidehumanapproveagenttransactions

More from Tools

Tools: Essential Free Tools for Professional Network Monitoring and Troubleshooting (2026)

Tools: Essential Free Tools for Professional Network Monitoring and Troubleshooting (2026)

2026-04-02 0
Tools: Update: Setting Up a NAS for the First Time: Storage, Backups, and Remote Access

Tools: Update: Setting Up a NAS for the First Time: Storage, Backups, and Remote Access

2026-04-02 0
Tools: Why Your WordPress Plugins Are a Security Nightmare (And How to Fix It)

Tools: Why Your WordPress Plugins Are a Security Nightmare (And How to Fix It)

2026-04-02 0
Tools: Best DevOps Course in Pune: Ultimate Guide to DevOps with AWS for 2026 devops in pune

Tools: Best DevOps Course in Pune: Ultimate Guide to DevOps with AWS for 2026 devops in pune

2026-04-02 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views