Glossary

402 retry logic is the client-side pattern of re-requesting a resource after receiving an HTTP 402 Payment Required response — attaching a signed paym...

Combines Google's Agent-to-Agent protocol with x402 payments — agents communicating via A2A settle payments using HTTP-native x402 flows....

Aave is the largest decentralized lending and borrowing protocol, enabling users to deposit assets to earn interest and borrow against collateral — op...

An ABI (Application Binary Interface) is a JSON specification that defines how to interact with a smart contract — describing its functions, parameter...

An abstract account is a blockchain account where the validation logic (how transactions are authorized) is abstracted from a fixed signature scheme t...

Access control is the security mechanism that determines which entities (users, agents, contracts) are authorized to perform specific actions on speci...

Account abstraction is a blockchain architecture upgrade that replaces fixed transaction validation (signature check from a private key) with programm...

Account Abstraction V2 refers to the evolution of Ethereum's account model through EIP-7702, which allows existing externally owned accounts (EOAs) to...

Account funding is the process of depositing money or assets into an account — in crypto, this involves transferring tokens to a wallet address or sma...

ACH (Automated Clearing House) is the US electronic payment system for bank-to-bank transfers — processing payroll, direct deposits, and bill payments...

A blockchain address is a unique identifier derived from a public key that represents a destination for transactions — the 'account number' of the blo...

Address poisoning is a social engineering attack where an attacker sends small transactions from addresses that closely resemble the victim's frequent...

An allowlist is a curated set of approved addresses, contracts, or services an agent can transact with. Anything not listed is blocked — the simplest ...

Agent API consumption refers to the emerging pattern where autonomous AI agents discover, evaluate, negotiate payment for, and consume HTTP APIs witho...

Cryptographic proof of an agent's identity, capabilities, and authorization — issued by a trusted party and verifiable by counterparties for establish...

A chronological record of every financial decision, transaction attempt, policy evaluation, and approval/denial — complete accountability for agent sp...

The degree of independent financial decision-making an agent has — from fully supervised (human approves every transaction) to fully autonomous (withi...

An agent budget is the total crypto allocated to an agent for a specific task, time period, or session — the financial envelope enforced through spend...

Agent checkout is how AI agents autonomously complete purchases — discovering payment requirements, authorizing transactions, and confirming receipt w...

Ensuring AI agent financial activities conform to regulatory requirements, organizational policies, and industry standards — sanctions screening, repo...

Agent credential theft is stealing the credentials — API keys, tokens, secrets — that an AI agent uses to authenticate with MCP servers or external se...

How an agent's private keys are stored — self-custody (agent holds), managed (service holds), MPC (split across parties), or smart account (programmab...

Agent data purchase is the autonomous acquisition of paid data — market feeds, research reports, analytics, datasets, or real-time information — by AI...

Agent delegation is the process by which one AI agent assigns a task or subtask to another agent, potentially transferring context, authority, and res...

A denylist blocks an agent from transacting with specific addresses, contracts, or services. Any denylisted recipient is immediately blocked regardles...

The gradual divergence of an AI agent's behaviour from its intended purpose over time, potentially caused by context accumulation, model updates, envi...

The emerging system where AI agents are active economic participants — buying services, selling capabilities, earning revenue, and managing finances f...

A mechanism holding funds in a smart contract until conditions are met — delivery confirmation, service completion, quality verification — protecting ...

Agent evaluation is the process of measuring AI agent performance across dimensions like task completion accuracy, efficiency, safety, cost, and relia...

The layered infrastructure enabling agents to hold, manage, and spend crypto — wallet infrastructure, key management, policy enforcement, payment prot...

A collection of AI agents operated by a single organization, managed as a group with shared treasury, consistent policies, and centralized oversight. ...

An agent framework is a software library that provides abstractions for building AI agents, handling concerns like tool management, state persistence,...

Depositing crypto into an agent's wallet for transactions — determining amount, source, top-up frequency, and preventing over-funding risk....

Rules for agent gas fee spending — maximum prices, per-transaction limits, total budgets preventing overpayment during network congestion....

An agent graph is a directed graph representation of an AI agent's workflow, where nodes represent computation steps (LLM calls, tool executions, poli...

Safety mechanisms constraining AI agent behaviour within acceptable boundaries. Guardrails operate at multiple levels — from prompt instructions to in...

An agent handoff is the transfer of control, context, and responsibility from one AI agent to another during a workflow — enabling specialized agents ...

Agent identity is the verifiable attributes uniquely identifying an AI agent in transactions — wallet address, operator credentials, framework metadat...

Agent jailbreaking bypasses an AI agent's safety constraints and operational boundaries through crafted prompts or tool interactions, causing it to ig...

The practice of periodically replacing an AI agent's cryptographic keys to limit the damage from potential key compromise. New keys are issued while o...

The agent lifecycle encompasses all phases of an AI agent's operational existence — from provisioning and configuration through active operation, moni...

The agent loop is the fundamental execution cycle of an AI agent: observe the current state, think about what to do (using an LLM), take an action (ca...

A platform where AI agents advertise capabilities and users can discover, hire, and pay agents for services. Marketplaces enable an open economy of sp...

Agent memory refers to the mechanisms that allow AI agents to store, retrieve, and use information across interactions and sessions — including conver...

Infrastructure sitting between an AI agent and external systems (MCP servers, APIs, databases), intercepting and processing requests before they reach...

Understanding an agent's behaviour through external outputs — logs, metrics, traces, and audit trails. For MCP-based agents, observability means track...

The process of setting up an AI agent for financial transactions — configuring its wallet, defining spending policies, establishing identity, funding ...

Agent orchestration is the coordination of multiple AI agents working together on complex tasks, managing their execution order, communication, resour...

Infrastructure and protocols enabling AI agents to send and receive payments — blockchain networks, stablecoins, payment protocols (x402, A2A), and se...

The specific tools and operations an AI agent is authorised to perform — which MCP tools it can invoke, with what arguments, and under what constraint...

An agent persona is the defined identity, behavioral style, and capability set of an AI agent — configured through system prompts, available tools, an...

Agent planning is the process by which an AI agent breaks down a complex goal into a sequence of actionable steps, determines the optimal order of exe...

An agent protocol is a standardized specification for how AI agents communicate, discover capabilities, exchange data, and coordinate actions — enabli...

Restricting the number or frequency of an agent's tool calls within a time window — preventing runaway loops, excessive resource consumption, and deni...

Agent reflection is the capability of an AI agent to evaluate its own outputs, reasoning, and past actions — identifying errors, adjusting strategies,...

Agent reputation is a quantifiable measure of an AI agent's trustworthiness and reliability, based on its history of behavior — including transaction ...

Assigning dynamic risk scores to AI agents based on their behavior, transaction patterns, spending history, and policy compliance — used to adjust spe...

An agent runtime is the execution environment that manages the lifecycle of an AI agent — handling the agent loop, tool execution, state management, c...

Principles, practices, and infrastructure preventing AI agents from causing harm — including system damage through unauthorised tool calls, data exfil...

An agent sandbox is a controlled environment that constrains which tools an AI agent can access and how it can use them — preventing the agent from af...

A bounded execution context where an agent performs a specific task with its own budget, permissions, and time limits. Financial authority expires whe...

An agent spending limit is a configurable cap on how much crypto an AI agent can spend within a scope — per transaction, per time period, per recipien...

Agent state is the structured data that an AI agent maintains across execution steps — including conversation history, task progress, accumulated resu...

An agent supply chain attack compromises an MCP server, tool package, or agent dependency to inject malicious behaviour that affects all agents using ...

An agent swarm is a collection of AI agents that collaborate through decentralized, emergent coordination patterns — inspired by biological swarms — r...

A systematic analysis of threats to an AI agent system: what can go wrong, who might attack it, what assets are at risk, and what controls mitigate ea...

The central fund pool for an organization's agent operations — from which individual agent budgets are drawn, with controls on allocation, disbursemen...

An agent wallet is a cryptocurrency wallet controlled by an AI agent rather than a human, holding funds the agent spends autonomously to execute trans...

Agent wallet recovery is the process of restoring access to an AI agent's cryptocurrency wallet after key loss, corruption, or compromise — using back...

The commercial relationship between an AI agent (buyer) and a merchant (seller) — including identity verification, payment authorization, pricing nego...

Agent-to-agent payments are transactions between AI agents where neither party is human. One agent pays another for services — compute, data, API acce...

Google's open standard for AI agent discovery, communication, and task delegation across different frameworks — enabling interoperability in the agent...

AI systems that act autonomously to achieve goals — perceiving environment, making decisions, taking actions without step-by-step human instruction. T...

Agentic commerce is the buying and selling of goods, services, and digital resources by AI agents autonomously — encompassing discovery, negotiation, ...

Agentic finance refers to the use of autonomous AI agents to execute financial transactions, manage portfolios, process payments, and interact with fi...

Agentic payments are transactions initiated and executed by AI agents autonomously, without per-payment human approval. They include agent-to-service,...

An agentic workflow is a multi-step process where AI agents autonomously plan, execute, and adapt their actions to complete a complex task — making de...

An AI agent is an autonomous software system that perceives its environment, reasons about it, and takes actions to achieve specified goals — often us...

AI alignment is the challenge of ensuring that AI systems — particularly autonomous agents — act in accordance with human values, intentions, and goal...

Adversarial testing of AI agent systems to find vulnerabilities, policy bypasses, and unintended behaviours before attackers do. Includes testing prom...

An airdrop is a distribution of free tokens to existing wallet addresses — typically rewarding early users, community members, or holders of specific ...

Alchemy is a leading blockchain infrastructure platform providing RPC nodes, enhanced APIs, and developer tools — powering thousands of Web3 applicati...

Alert escalation is the process of routing policy violation alerts to increasingly senior or specialised responders based on the severity, frequency, ...

An alert rule is a rule that triggers a notification when specific policy events occur — such as repeated denials, unusual tool call patterns, or acce...

Allowance revocation is the process of removing a previously granted ERC-20 token approval — setting the allowance back to zero so the spender contrac...

An explicit list of MCP tools an agent is permitted to use. Any tool not on the allowlist is denied by default — the most secure approach to tool acce...

Anti-Money Laundering (AML) refers to the laws, regulations, and procedures designed to prevent criminals from disguising illegally obtained funds as ...

An Automated Market Maker (AMM) is a smart contract mechanism providing liquidity for token swaps using mathematical formulas and pooled funds — repla...

Anomaly detection is the identification of patterns in data that deviate significantly from expected behavior — used in crypto security to flag suspic...

AP2 is a payment protocol for AI agent transactions providing standardized negotiation, authorization, and settlement flows between agents and service...

An API key is a unique identifier used to authenticate requests to an API service — controlling access, tracking usage, and enforcing rate limits for ...

Approval hijacking is an attack that exploits existing ERC-20 token approvals to drain funds — either by compromising the approved spender contract or...

Annual Percentage Rate (APR) is the annualized return on a position without compounding — representing the base rate of yield before reinvestment effe...

Aptos is a Layer 1 blockchain using the Move programming language with parallel execution (Block-STM), built by former Meta engineers to deliver high ...

Annual Percentage Yield (APY) is the annualized return on a DeFi position including the effect of compounding — the standard metric for comparing yiel...

Arbitrum is an Ethereum Layer 2 optimistic rollup that provides faster, cheaper transactions while inheriting Ethereum's security — currently the larg...

A rule in a YAML policy that restricts the value of a tool call argument. Argument constraints can enforce regex patterns, allowed enumerations, numer...

Replacing sensitive argument values with masked versions in audit logs — for example, card_number: "****1234". Argument masking preserves auditability...

Completely removing sensitive argument values from logs and audit trails. Stronger than masking — the value is never persisted in any form. Redaction ...

An argument schema defines the expected structure, types, and constraints of arguments for an MCP tool, used by Intercept to validate tool calls again...

Argument validation is the process of checking tool call arguments against policy-defined constraints before the call reaches the MCP server — for exa...

Atomic settlement is a transaction guarantee that ensures an operation either completes entirely or fails entirely — with no possibility of partial ex...

Audit compliance is the practice of maintaining complete, tamper-evident records of all AI agent tool calls and policy decisions to satisfy regulatory...

An audit log is the structured log output from Intercept containing tool call details, matched policies, evaluation results, timestamps, and contextua...

An audit trail is a chronological, immutable record of every tool call, policy evaluation, and decision made by Intercept — essential for compliance, ...

Auto-compounding is an automated process that harvests earned yields and reinvests them back into the position — maximizing returns through the effect...

AutoGen is an open-source framework by Microsoft for building multi-agent systems where agents collaborate through structured conversations — supporti...

AutoGPT is an open-source autonomous AI agent that chains LLM calls together to accomplish complex goals with minimal human intervention, pioneering t...

An automated DeFi strategy is a programmatic system that executes investment decisions — rebalancing portfolios, harvesting yields, managing liquidity...

An autonomous agent is an AI system capable of operating independently over extended periods, making decisions and taking actions — including MCP tool...

Autonomous API discovery is the capability of AI agents to independently find, evaluate, and begin consuming new APIs — including paid x402 endpoints ...

A financial transaction initiated, constructed, and executed by an AI agent without human approval — the agent independently decides amount, recipient...

Avalanche is a Layer 1 blockchain platform using a novel consensus protocol that achieves sub-second finality, supporting the creation of custom subne...

A flow control mechanism where the proxy signals the agent to slow down when downstream MCP servers are overloaded. Backpressure prevents cascading fa...

Base is an Ethereum Layer 2 blockchain built by Coinbase using the OP Stack (Optimistic Rollup), offering fast transactions (~2 second finality), very...

A smart contract wallet on the Base L2 chain providing programmable transaction validation, session keys, and gas sponsorship — commonly used as the u...

A batch payment is the execution of multiple payment transactions in a single operation — reducing gas costs, simplifying accounting, and enabling eff...

Biconomy is a Web3 infrastructure platform providing account abstraction, gasless transactions, and cross-chain user experience solutions — simplifyin...

Bitcoin is the first decentralized cryptocurrency, created by Satoshi Nakamoto in 2009, operating on a proof-of-work blockchain as a peer-to-peer elec...

The maximum potential damage if an AI agent is compromised or misbehaves. Determined by the agent's tool access, permissions, argument ranges, and the...

A blob transaction (EIP-4844) is a new Ethereum transaction type that carries large data 'blobs' at reduced cost — designed specifically for Layer 2 r...

A block is a batch of validated transactions bundled together and added to the blockchain — containing a header with metadata and a body with transact...

A block confirmation is the inclusion of a transaction in a mined/validated block, with each subsequent block adding additional confirmation — increas...

A block explorer is a web application that indexes and displays blockchain data — enabling users to look up transactions, addresses, blocks, tokens, a...

A blockchain is a distributed, append-only ledger that records transactions in cryptographically linked blocks, maintained by a network of nodes that ...

A bonding curve is a mathematical function that determines a token's price based on its supply — automatically increasing price as more tokens are min...

Borrowing in DeFi is taking a loan against deposited collateral through a smart contract — enabling leverage, tax-efficient liquidity access, and comp...

A blockchain bridge is a protocol enabling asset and data transfer between different blockchain networks — locking assets on one chain and minting equ...

A bridge exploit is a security breach of a cross-chain bridge protocol — typically resulting in the theft of locked assets that back wrapped tokens on...

An AI autonomously navigating web pages — clicking links, filling forms, executing actions. When accessing e-commerce or financial services, it can in...

A bug bounty program offers financial rewards to security researchers who discover and responsibly disclose vulnerabilities — creating economic incent...

A bundler in account abstraction (ERC-4337) is a service that collects UserOperations from users, bundles them into a single transaction, and submits ...

The maximum number of tool calls permitted in a short burst before rate limiting kicks in. Burst limits allow temporary spikes in throughput — accommo...

Calldata is the read-only byte array sent with an Ethereum transaction that encodes function calls and parameters — the primary input mechanism for sm...

A Central Bank Digital Currency (CBDC) is a digital form of a country's fiat currency issued directly by the central bank — offering programmable mone...

CCIP (Cross-Chain Interoperability Protocol) is Chainlink's cross-chain messaging standard that enables secure token transfers and arbitrary data mess...

Celestia is a modular data availability (DA) blockchain that provides affordable, scalable data publication — enabling rollups and app-chains to post ...

A chain ID is a unique numeric identifier for a blockchain network — preventing replay attacks by ensuring transactions signed for one chain can't be ...

Chain of Thought (CoT) is a prompting technique where an LLM is guided to show its step-by-step reasoning process before arriving at an answer, signif...

Chainlink is the largest decentralized oracle network, providing tamper-resistant price feeds, verifiable randomness, and cross-chain communication to...

A chargeback is the reversal of a payment by the issuing bank or payment network — a consumer protection mechanism in traditional finance that does no...

CI/CD policy enforcement is the practice of integrating policy validation — linting, testing, and compliance checks — into continuous integration and ...

An automated safety mechanism that halts an agent's tool calls when anomalous patterns are detected — call rate spikes, repeated denied calls, or erro...

Claude is a family of large language models built by Anthropic, designed with a focus on safety, helpfulness, and honesty — widely used for building A...

A coding agent is an AI system that autonomously writes, modifies, tests, and deploys code — going beyond code completion to handle multi-file changes...

Coinbase Commerce is a payment platform enabling merchants to accept cryptocurrency payments — providing checkout widgets, APIs, and automatic settlem...

CDP is Coinbase's infrastructure for building onchain applications — providing wallet APIs, smart contract tools, and the x402 payment protocol. It's ...

Cold storage is the practice of keeping cryptocurrency private keys completely offline and disconnected from the internet — providing maximum security...

A cold wallet is a cryptocurrency storage method that keeps private keys completely offline — never connected to the internet — providing the highest ...

Collateral in DeFi is cryptocurrency deposited as security for a loan — if the borrower fails to maintain sufficient collateral value, the position is...

Compliance automation is the use of software systems to automatically enforce regulatory requirements — sanctions screening, transaction monitoring, r...

A compliance framework is a structured set of guidelines, controls, and best practices — such as SOC 2, GDPR, HIPAA, or PCI DSS — that organisations m...

A compliance rule is a policy rule specifically designed to enforce regulatory or organisational compliance requirements on AI agent tool calls, ensur...

Composability is the ability of DeFi protocols to interact with and build on each other like Lego blocks — enabling complex financial products from co...

Composability risk is the danger that arises when multiple DeFi protocols interact in ways that create unexpected vulnerabilities, cascading failures,...

Compound is a pioneering DeFi lending protocol that established the algorithmic interest rate model — where supply and demand for each asset automatic...

An AI controlling a computer interface — clicking, filling forms, navigating websites. When accessing financial interfaces, these agents can initiate ...

Concentrated liquidity allows liquidity providers to allocate capital within specific price ranges rather than across the entire price curve — dramati...

A transaction executing only when specific conditions are met — delivery confirmation, oracle thresholds, time windows, or multi-party approval. Enabl...

A confused deputy attack tricks a privileged AI agent into performing actions it shouldn't by exploiting its access to MCP tools. The agent becomes th...

A consensus mechanism is the protocol by which distributed nodes agree on the current state of the blockchain — determining which transactions are val...

Constitutional AI (CAI) is Anthropic's alignment methodology where AI behavior is guided by a written set of principles (a 'constitution') that the mo...

Container escape in the agent context is when an agent running inside a containerised MCP server breaks out of the container boundary to access the ho...

Content monetization for AI is the practice of charging AI agents, crawlers, and automated systems for access to digital content — articles, data, res...

A filter applied to MCP tool inputs or outputs that detects and blocks harmful, offensive, or policy-violating content in AI agent interactions, ensur...

Context poisoning corrupts an agent's context window by injecting misleading information through MCP tool responses, causing the agent to make flawed ...

A context window is the maximum number of tokens an LLM can process in a single interaction, encompassing system prompt, conversation history, retriev...

A contract interaction is a blockchain transaction that calls a function on a smart contract — as opposed to a simple value transfer, involving execut...

Contract verification is the process of publicly linking a smart contract's deployed bytecode to its human-readable source code on a block explorer — ...

A mandatory waiting period imposed after a policy violation or rate limit hit before the agent can retry the tool call. Cooldowns prevent rapid retry ...

Cosmos is a decentralized network of interconnected blockchains using the Tendermint consensus engine and Inter-Blockchain Communication (IBC) protoco...

Agent credential stuffing uses an AI agent's tool access to systematically test stolen credentials against services, leveraging the agent's speed and ...

CrewAI is an open-source framework for orchestrating autonomous AI agents as collaborative teams ('crews'), where each agent has a defined role, goal,...

A cross-border payment is a financial transfer between parties in different countries — an area where crypto and stablecoins offer dramatic improvemen...

Cross-chain interoperability is the ability of different blockchain networks to communicate, share data, and transfer assets seamlessly — a critical r...

Consistent financial rules for an agent across multiple blockchains — preventing circumvention of per-chain limits by spreading transactions....

A cross-chain transfer is the movement of digital assets or data between different blockchain networks — requiring bridge protocols to handle the lock...

A cross-server attack is when a compromised or malicious MCP server manipulates an AI agent into performing harmful actions on a different, trusted MC...

A crypto payment gateway enables merchants to accept cryptocurrency payments through their existing checkout flow — handling wallet interaction, trans...

A cryptocurrency is a digital or virtual currency that uses cryptographic techniques for security and operates on a decentralized blockchain network, ...

Curve Finance is a DEX optimized for stablecoin and pegged-asset swaps, using a specialized AMM formula that provides extremely low slippage for trade...

A custodial wallet is a cryptocurrency wallet where a third-party service (exchange, provider, or institution) holds and manages the private keys on b...

Custody risk is the possibility of losing cryptocurrency due to failure, compromise, or misconduct of the entity holding the private keys — whether th...

DAI is a decentralized stablecoin pegged to the US dollar, maintained through overcollateralized vaults on MakerDAO — notable for being backed by cryp...

A Decentralized Autonomous Organization (DAO) is an organization governed by smart contracts and token-holder voting rather than traditional hierarchy...

A dApp (decentralized application) is a software application that runs on a blockchain or peer-to-peer network rather than centralized servers — combi...

Data availability (DA) is the guarantee that all data needed to verify blockchain state transitions has been published and is accessible — a critical ...

Agent data exfiltration is when an AI agent is manipulated into sending sensitive data — API keys, user data, internal documents — to an unauthorised ...

Data integrity is the assurance that data remains accurate, consistent, and unaltered throughout its lifecycle — a fundamental guarantee provided by b...

Decentralization is distributing control, data, and decision-making across multiple independent participants rather than concentrating it in a single ...

Decentralized Identity (DID) is a framework for self-sovereign digital identity where the identity holder controls their own identifier and associated...

A decision log is a specific audit log entry that records why a tool call was allowed or denied, including which policy rule matched, what conditions ...

A security strategy that layers multiple independent controls — policy enforcement, argument validation, rate limiting, audit logging, and fail-closed...

Decentralized Finance (DeFi) is the ecosystem of financial applications built on blockchain smart contracts — enabling lending, borrowing, trading, an...

DeFi aggregation is the practice of combining multiple DeFi protocols and liquidity sources into unified interfaces — optimizing execution across the ...

DeFi insurance provides coverage against smart contract exploits, stablecoin depegs, and protocol failures — using decentralized underwriting pools an...

A DeFi protocol is a set of smart contracts implementing a specific financial service on blockchain — such as lending, trading, derivatives, or asset ...

A DeFi risk score is a quantitative assessment of the safety and reliability of a DeFi protocol, pool, or position — incorporating factors like smart ...

DeFi yield is the return earned on cryptocurrency assets deployed in decentralized finance protocols — including interest from lending, trading fees f...

Delegated spending authorizes an AI agent to spend crypto on your behalf within constraints — amount, duration, recipients, and token types defined by...

MCP denial of service overwhelms an MCP server or proxy with excessive tool calls to degrade or prevent legitimate agent operations....

A list of MCP tools an agent is explicitly forbidden from using, with all other tools permitted by default. Less secure than allowlisting but easier t...

An attack where an AI agent resolves an MCP server name to a malicious package instead of the intended one, mirroring the dependency confusion attacks...

A Decentralized Exchange (DEX) is a peer-to-peer marketplace built on smart contracts enabling direct cryptocurrency trading without a centralized int...

A DEX aggregator routes trades across multiple decentralized exchanges to find the optimal execution price — splitting orders across pools and protoco...

Digital currency is any form of money that exists purely in electronic form — encompassing cryptocurrencies, stablecoins, CBDCs, and digital represent...

A digital signature is a cryptographic proof that a message or transaction was authorized by the holder of a specific private key — providing authenti...

Disaster recovery in crypto encompasses the plans and procedures for recovering access to funds and systems after catastrophic events — including key ...

EigenLayer is a restaking protocol on Ethereum that allows staked ETH to be used to secure additional services (Actively Validated Services) — creatin...

An EIP (Ethereum Improvement Proposal) is a design document proposing changes to the Ethereum protocol — including new features, standards, and proces...

EIP-7702 is an Ethereum improvement proposal (activated in the Pectra upgrade) that allows externally owned accounts (EOAs) to temporarily delegate th...

Embedded finance is the integration of financial services — payments, lending, insurance, banking — directly into non-financial software products and ...

An embedding is a dense vector representation of data in a continuous mathematical space, where semantic similarity is captured by vector proximity — ...

Immediately ceasing all agent financial operations — freezing wallets, revoking tokens, blocking all transactions. The most extreme safety measure for...

Encryption is the process of converting data into an unreadable format using cryptographic algorithms — protecting information confidentiality so that...

Ethereum Name Service (ENS) is a decentralized naming system that maps human-readable names (like vitalik.eth) to Ethereum addresses — replacing compl...

The EntryPoint contract is the singleton smart contract at the core of ERC-4337 account abstraction — receiving bundled UserOperations, validating the...

Restricting a tool call argument to a predefined set of allowed values. Enum constraints enforce closed vocabularies — for example, currency must be o...

ERC-1155 is a multi-token standard that supports both fungible and non-fungible tokens in a single contract — more gas-efficient than deploying separa...

ERC-20 is the standard interface for fungible tokens on Ethereum and EVM-compatible chains — defining functions like transfer, approve, and balanceOf ...

ERC-4337 is the Ethereum standard for account abstraction that enables smart contract wallets with programmable transaction validation, gas sponsorshi...

ERC-6551 (Token Bound Accounts) is a standard that gives every NFT its own smart contract wallet — enabling NFTs to own assets, interact with dApps, a...

ERC-721 is the standard for non-fungible tokens (NFTs) on Ethereum — defining an interface where each token has a unique ID and distinct ownership, en...

Escrow is a financial arrangement where a third party holds funds until predetermined conditions are met — implemented in DeFi through smart contracts...

Ethereum is a decentralized blockchain platform that enables smart contracts and decentralized applications, serving as the foundation for DeFi, NFTs,...

An event log is a record emitted by a smart contract during transaction execution — providing a gas-efficient way to record data that's accessible to ...

The Ethereum Virtual Machine (EVM) is the runtime environment that executes smart contract bytecode on Ethereum — a sandboxed, deterministic computati...

Excessive agency is when an AI agent has more tool access, permissions, or autonomy than required for its task. It is a core vulnerability that amplif...

An Externally Owned Account (EOA) is a blockchain account controlled by a private key held by a person or system — as opposed to a contract account wh...

Fail-closed is a security posture where if Intercept cannot evaluate a policy — due to a configuration error, crash, or unexpected condition — the too...

Fail-open is a security posture where if policy evaluation fails for any reason, the tool call is allowed to proceed — prioritising availability over ...

Few-shot learning is a technique where an LLM is given a small number of examples in the prompt to guide its behavior — enabling task-specific perform...

A fiat off-ramp is a service that converts cryptocurrency back into traditional currency — enabling users to realize crypto gains, pay bills, and move...

A fiat on-ramp is a service that converts traditional currency (USD, EUR, etc.) into cryptocurrency — the entry point for new users moving from the tr...

Finality is the guarantee that a blockchain transaction cannot be reversed, altered, or removed once confirmed — the point at which a transaction is c...

Any mechanism preventing AI agents from causing financial harm — spending controls, budget limits, recipient restrictions, velocity monitoring, circui...

Fine-tuning is the process of further training a pre-trained language model on a domain-specific dataset to improve its performance on particular task...

Fireblocks is an enterprise-grade digital asset custody and operations platform — providing institutional-quality key management, transaction signing,...

A flash loan is an uncollateralized loan that must be borrowed and repaid within a single blockchain transaction — enabling complex arbitrage, liquida...

A flash swap is a feature of DEX protocols (primarily Uniswap) that allows you to receive tokens from a liquidity pool before paying for them — as lon...

Flashbots is a research and development organization building infrastructure to mitigate the negative effects of MEV — including Flashbots Protect (pr...

Float is the time period during which funds are in transit between sender and receiver — representing temporarily unavailable money that in traditiona...

A policy rule that blocks tool calls containing a specific argument or argument value. Forbidden argument constraints prevent agents from using danger...

Formal verification is the mathematical proof that a smart contract's code correctly implements its specification — providing the highest level of ass...

Front-running in blockchain is the practice of placing a transaction ahead of a known pending transaction to profit from the anticipated price movemen...

Function calling is the capability of large language models to generate structured output that specifies which external function to invoke and with wh...

A fungible token is a digital asset where each unit is interchangeable with any other unit of the same type — one USDC is identical to any other USDC,...

Gas abstraction is the concept of hiding blockchain gas mechanics from end users — enabling them to pay fees in any token, have fees sponsored by appl...

Gas fees are the transaction costs paid to blockchain validators for executing operations — measured in units of computational work and priced in the ...

Gas limit is the maximum amount of gas a user is willing to spend on a transaction — setting an upper bound on computational work to prevent runaway e...

Gas price is the amount of cryptocurrency (measured in gwei on Ethereum) that a user is willing to pay per unit of computational work — the primary fa...

Gas sponsorship is the practice of a third party paying blockchain transaction gas fees on behalf of users — enabling gasless user experiences through...

GDPR in an agent context refers to the application of the General Data Protection Regulation to AI agent operations — specifically how agents processi...

GitOps for policy is the practice of using git as the single source of truth for AI agent security policies. All policy changes go through pull reques...

A global policy applies across all MCP servers in an Intercept configuration, enabling universal rules like rate limiting, mandatory audit logging, or...

A governance token grants holders voting rights in a protocol's decision-making process — enabling decentralized governance over parameters, treasury ...

GPT (Generative Pre-trained Transformer) is OpenAI's family of large language models that have become foundational to the AI agent ecosystem through s...

Grounding in AI refers to techniques that anchor a language model's outputs to verifiable, real-world data sources — reducing hallucination and improv...

Gwei (gigawei) is a denomination of Ether equal to 10^9 wei or 0.000000001 ETH — the standard unit for expressing Ethereum gas prices, making fee calc...

In AI, hallucination refers to when a language model generates confident, plausible-sounding output that is factually incorrect or fabricated — a fund...

A hardware wallet is a dedicated physical device that stores cryptocurrency private keys in a secure element chip, signing transactions offline while ...

A cryptographic hash function is a one-way mathematical function that converts arbitrary input into a fixed-length output — deterministic, collision-r...

HIPAA in an agent context refers to the application of the Health Insurance Portability and Accountability Act to AI agents — specifically how agents ...

A honeypot contract is a malicious smart contract designed to appear vulnerable or profitable — luring victims to interact with it, only to trap their...

A hot wallet is a cryptocurrency wallet whose private keys are stored on an internet-connected device, enabling instant transaction signing and execut...

HTTP 402 is a status code reserved in the HTTP specification for digital payment systems. Defined in HTTP/1.1 but never standardized — until x402 gave...

HITL requires explicit human approval for certain agent actions — particularly high-value or high-risk transactions — providing safety checkpoints wit...

Immutability in blockchain refers to the property that once data is recorded in a confirmed block, it cannot be altered or deleted — creating a perman...

An immutable audit is an audit log that cannot be modified or deleted after creation. This tamper-evidence is essential for compliance and forensic in...

A tamper-proof record of all agent spending decisions anchored on-chain or cryptographically secured — entries cannot be modified or deleted after cre...

Impermanent loss is the reduction in value that liquidity providers experience when the price ratio of pooled tokens changes compared to simply holdin...

Incident response is the organized process of detecting, analyzing, containing, and recovering from security incidents — including established procedu...

The process of detecting, investigating, and recovering from security incidents involving AI agents — including policy violations, data breaches, prom...

An indexer is a service that processes, organizes, and stores blockchain data in queryable databases — enabling fast, complex queries that would be im...

Malicious instructions embedded in external data sources (websites, documents, APIs) that agents process unknowingly, potentially triggering unauthori...

Indirect tool injection is an attack where malicious instructions are embedded in data returned by an MCP tool, which then influences the AI agent's s...

Inference is the process of running a trained AI model on new inputs to generate outputs — the production phase where models serve real requests, as o...

Infrastructure-as-code (IaC) is the practice of managing and provisioning infrastructure through declarative configuration files rather than manual pr...

Infura is a blockchain infrastructure service by Consensys providing Ethereum and multi-chain RPC access — notable as MetaMask's default RPC provider ...

The process of cleaning and validating arguments that an AI agent passes to MCP tools before execution, preventing injection attacks, path traversal, ...

MCP tools that ship with permissive default settings — such as unrestricted file access, no authentication, or broad argument ranges — creating vulner...

Instant settlement is the completion of a financial transaction in real-time — a native property of blockchain that eliminates the multi-day settlemen...

Intent fingerprinting creates a cryptographic fingerprint of an agent's stated transaction intent and verifies it against the actual transaction submi...

Intent-based trading is a DeFi execution model where traders express their desired outcome ('swap 1,000 USDC for ETH at the best price') and specializ...

Intercept is an open-source Go binary (Apache 2.0) that acts as a transparent MCP proxy, sitting between MCP clients and MCP servers to enforce YAML-d...

An interchange fee is the charge that a merchant's bank pays to the cardholder's bank for each card transaction — a major cost of traditional payments...

An invoice is a request for payment specifying amount, recipient, and terms — in crypto, often implemented as on-chain payment requests or structured ...

IPFS (InterPlanetary File System) is a decentralized, peer-to-peer file storage network that addresses content by its hash rather than location — enab...

ISO 20022 is an international standard for financial messaging that defines a common language for payment data — increasingly adopted by banks, SWIFT,...

Crafting inputs that bypass AI safety guidelines and constraints. For financial agents, jailbreaking could override spending instructions and trigger ...

JSON-RPC is the protocol standard for communicating with Ethereum nodes — defining a set of methods for querying blockchain state, submitting transact...

Key management encompasses the practices and systems for securely generating, storing, distributing, rotating, and revoking cryptographic keys — the f...

An emergency mechanism that instantly blocks all agent tool calls — denying every request with a single action for immediate harm cessation when an ag...

The practice of verifying an AI agent's identity, operator, capabilities, and authorization before granting financial access — the agent-era equivalen...

KYAPay (Know Your Agent Pay) is an emerging protocol combining agent identity verification with payment processing, enabling merchants to authenticate...

Know Your Customer (KYC) is the regulatory process of verifying a user's identity before providing financial services — required by law in most jurisd...

LangChain is an open-source framework for building applications powered by large language models, providing abstractions for chains, agents, memory, a...

LangGraph is a framework by LangChain for building stateful, multi-step AI agent applications using directed graphs, where nodes represent computation...

A Large Language Model (LLM) is a neural network trained on vast text corpora that can understand, generate, and reason about natural language, servin...

A Layer 1 (L1) blockchain is the base-level network providing its own consensus, security, and execution — such as Ethereum, Bitcoin, or Solana — upon...

A Layer 2 (L2) is a scaling solution built on a Layer 1 blockchain that processes transactions off-chain while inheriting L1 security — dramatically i...

LayerZero is an omnichain interoperability protocol enabling cross-chain messaging and token transfers between 50+ blockchains — using a modular secur...

Applying the principle of least privilege to MCP tool access: AI agents should only have access to the specific tools and argument ranges required for...

A lending protocol is a DeFi application that enables permissionless borrowing and lending of crypto assets through smart contracts — with interest ra...

A lending rate in DeFi is the interest rate earned by depositors who supply assets to a lending protocol — determined algorithmically based on the uti...

Leverage in DeFi is the use of borrowed funds to amplify trading positions or yield strategies — multiplying both potential gains and losses relative ...

Lido is the largest liquid staking protocol, allowing users to stake ETH (and other assets) while receiving a liquid derivative token (stETH) that can...

The Lightning Network is a Layer 2 payment channel network built on Bitcoin that enables instant, low-cost Bitcoin transactions — making Bitcoin pract...

Liquid staking is a mechanism that lets users stake cryptocurrency while receiving a tradeable derivative token representing their staked position — m...

Liquidation in DeFi is the automatic process of selling a borrower's collateral when their loan-to-value ratio exceeds the protocol's threshold — prot...

Liquidity fragmentation is the dispersion of trading liquidity across multiple DEXs, chains, pools, and fee tiers — reducing market depth and increasi...

Liquidity mining is a DeFi incentive mechanism that distributes governance or reward tokens to users who provide liquidity — bootstrapping protocol ad...

A liquidity pool is a smart contract holding reserves of two or more tokens that enables decentralized trading — users trade against the pool rather t...

A liquidity provider (LP) is a user who deposits tokens into a liquidity pool, earning trading fees and sometimes additional rewards in exchange for e...

An LLM router is a system that intelligently directs AI requests to different models based on task complexity, cost, latency requirements, or domain —...

Loan-to-Value (LTV) ratio is the proportion of borrowed amount to collateral value in a DeFi lending position — determining borrowing capacity and liq...

Log forwarding is the practice of sending audit logs from the MCP proxy to external logging systems — such as SIEM platforms, S3 buckets, or Elasticse...

Log retention refers to policies governing how long audit logs of AI agent tool calls are stored. Different regulations require different retention pe...

An LP token is a receipt token issued to liquidity providers when they deposit into a pool — representing their proportional share of the pool's asset...

Machine-to-machine (M2M) payments are financial transactions initiated, authorised, and settled entirely by software systems — AI agents, APIs, IoT de...

Mainnet is the primary production blockchain network where real transactions with real economic value occur — as opposed to testnets which use valuele...

MakerDAO is the protocol behind DAI, a decentralized stablecoin maintained through overcollateralized vaults — one of the oldest and most important De...

A malicious MCP server is an MCP server deliberately designed to exfiltrate data, execute harmful operations, or manipulate the AI agent through poiso...

A man-in-the-middle (MITM) attack on MCP intercepts and potentially modifies protocol traffic between client and server. This is relevant when using n...

Maximal Extractable Value (MEV) is the maximum value that can be extracted from block production beyond standard rewards — through transaction reorder...

An MCP client is the component within an AI agent or application that connects to MCP servers, discovers available tools and resources, and invokes th...

An MCP prompt is a reusable, parameterised prompt template exposed by an MCP server that provides standardised workflows and interaction patterns for ...

An MCP resource is a read-only data source exposed by an MCP server that provides context to AI agents — such as files, database records, API response...

MCP sampling is a capability in the Model Context Protocol that allows an MCP server to request LLM completions through the connected client — enablin...

A service exposing capabilities to AI agents via the Model Context Protocol — tools, resources, and prompts that any MCP-compatible agent can discover...

MCP server spoofing is impersonating a legitimate MCP server to intercept or manipulate tool calls between the client and the real server....

An MCP tool is an executable capability exposed by an MCP server, described with a name, description, and JSON Schema parameters, that AI agents can d...

The mempool (memory pool) is the waiting area where unconfirmed transactions sit after broadcast but before inclusion in a block — a critical componen...

A Merchant Category Code (MCC) is a four-digit code assigned to businesses by card networks (Visa, Mastercard) that classifies the type of goods or se...

Merchant onboarding is the process of enabling a business or service to accept cryptocurrency payments — including wallet setup, payment integration, ...

A Merkle tree is a hierarchical data structure where each leaf contains a data hash and each node contains the hash of its children — enabling efficie...

Metered API access is a billing model where API consumers pay based on actual usage — per request, per token generated, per byte transferred, or per c...

Maximal Extractable Value (MEV) is the profit that block producers can extract by including, excluding, or reordering transactions within a block — a ...

MiCA (Markets in Crypto-Assets) is the European Union's comprehensive regulatory framework for cryptocurrency — establishing rules for issuers, servic...

Individually authorizing each small agent payment in real-time rather than batch approval. Every micropayment passes through full policy evaluation....

A micropayment is a financial transaction for a very small amount — typically under $1 and sometimes fractions of a cent — enabled by low-fee payment ...

An open standard by Anthropic defining how AI agents connect to external tools and data sources. MCP provides a universal interface for discovering an...

A modular blockchain separates core functions — execution, consensus, settlement, and data availability — into specialized layers that can be mixed an...

A money API is a programmatic interface that gives software direct access to financial operations — sending payments, checking balances, managing acco...

Money transmission is the regulated activity of transferring funds on behalf of others — requiring licenses in most jurisdictions and a key compliance...

An MPC (Multi-Party Computation) wallet distributes private key material across multiple parties or devices, requiring a threshold of them to collabor...

A multi-agent system (MAS) is an architecture where multiple AI agents collaborate, compete, or coordinate to accomplish tasks that would be difficult...

An AI agent that operates across multiple blockchain networks — holding assets, executing transactions, and interacting with protocols on different ch...

A multi-modal agent is an AI system that can process and generate multiple types of data — text, images, audio, video — enabling richer interaction wi...

A multi-signature (multisig) wallet is a smart contract wallet that requires a minimum number of private key signatures (e.g., 2-of-3, 3-of-5) to auth...

NEAR Protocol is a Layer 1 blockchain using sharding (Nightshade) for scalability, with a focus on developer experience and user-friendly features lik...

A Non-Fungible Token (NFT) is a unique digital asset on a blockchain where each token has distinct properties and cannot be exchanged one-for-one — en...

A blockchain node is a computer running the network's software that maintains a copy of the ledger, validates transactions, and participates in the pe...

Non-custodial controls enforce spending rules without taking custody of private keys or funds. The control layer validates transactions while the oper...

A non-custodial wallet is a cryptocurrency wallet where the user (or operator) retains exclusive control of the private keys, with no third party able...

A nonce is a sequential counter attached to each transaction from an account, ensuring transactions are processed in order and preventing replay attac...

OFAC compliance refers to adherence to the rules and regulations of the US Office of Foreign Assets Control, which administers economic sanctions prog...

Off-chain refers to data, computation, or transactions that occur outside the blockchain — processed on external servers, Layer 2 networks, or peer-to...

On-chain refers to data and transactions that are recorded directly on the blockchain — fully transparent, immutable, and verifiable by any network pa...

Using smart contracts to verify spending rules on the blockchain — tamper-proof, transparent, and independently verifiable by anyone....

Open banking is a regulatory and technology framework that requires banks to share customer financial data with authorized third parties through APIs ...

An open-weights model is an AI model whose trained parameters are publicly released, allowing anyone to download, run, fine-tune, and deploy it — dist...

The OpenAI Agents SDK is a lightweight, production-focused framework for building AI agents with built-in support for tool calling, agent handoffs, gu...

Openfort is a wallet infrastructure platform designed for AI agents and gaming applications, providing account abstraction wallets, gas sponsorship, a...

Operational security (OpSec) in crypto encompasses the practices and procedures that protect private keys, accounts, and systems from compromise — ext...

Optimism is an Ethereum Layer 2 optimistic rollup and the creator of the OP Stack — an open-source framework for building L2 chains that powers Base, ...

An optimistic rollup is a Layer 2 scaling solution that assumes transactions are valid by default and only runs computation if a fraud proof is submit...

A blockchain oracle is any service that connects smart contracts to external data and systems — enabling on-chain applications to react to off-chain e...

An oracle feed is a continuous stream of real-world data delivered to blockchain smart contracts — most commonly price data for financial assets, upda...

Oracle manipulation is an attack that corrupts the price data fed to smart contracts — causing DeFi protocols to make incorrect decisions about liquid...

An order book DEX matches buy and sell orders through a traditional limit order system implemented on blockchain — offering a trading experience close...

Inspecting and filtering MCP tool responses before they are returned to the AI agent, preventing sensitive data leakage, blocking context poisoning at...

An AI agent configured with access to more MCP tools or broader argument ranges than its task requires, violating the principle of least privilege and...

The Open Web Application Security Project's list of the ten most critical security risks for applications built with large language models. The standa...

Pay-per-inference is a pricing model where each AI model inference request (an LLM completion, image generation, embedding, or classification) is paid...

Pay-per-token pricing is a billing model for large language models and other generative AI services where the consumer pays based on the exact number ...

A pay-per-use API charges per request using crypto micropayments rather than flat subscriptions. With x402, AI agents pay per call using stablecoins i...

A payable endpoint is an HTTP API endpoint that gates access behind an x402 payment — returning 402 Payment Required with structured pricing to unpaid...

A paymaster is a smart contract in the ERC-4337 account abstraction system that sponsors gas fees on behalf of smart account users or agents — enablin...

A payment API is a programmatic interface that enables applications and agents to initiate, process, and manage financial transactions — abstracting t...

A cryptographic proof that an agent payment was authorized and policy-compliant, verifiable by third parties without accessing internal policy configu...

A payment channel is an off-chain protocol that enables multiple transactions between two parties with only two on-chain transactions — one to open th...

Payment compliance is the adherence to legal, regulatory, and industry requirements governing payment operations — including sanctions screening, AML ...

A payment dispute in crypto is a disagreement between parties about whether a payment obligation has been satisfied — handled through smart contract e...

In the x402 stack, a payment facilitator processes and settles agent payments for merchants, handling crypto complexity so merchants don't manage wall...

Payment finality is the point at which a payment becomes irrevocable and the recipient can consider the funds fully received — varying significantly a...

Payment fraud encompasses unauthorized or deceptive transactions designed to steal funds — a major problem in traditional finance that blockchain's cr...

A payment gateway is the technology that securely processes payment transactions between a customer and merchant — in crypto, managing wallet connecti...

A payment intent is a data object representing the intention to make a payment — including amount, currency, recipient, and metadata — created before ...

Payment netting is the offsetting of multiple payments between parties to settle only the net difference — reducing the number and volume of actual tr...

Payment orchestration is the coordination of payment flows across multiple providers, chains, and methods — routing each transaction through the optim...

A payment processor is a service that handles the technical and financial aspects of accepting payments — in crypto, enabling merchants to accept cryp...

A payment protocol is a standardized set of rules and message formats that define how payments are initiated, authenticated, processed, and verified b...

Payment rails are the underlying infrastructure and protocols that facilitate the movement of money between parties — including traditional systems (A...

A payment receipt in crypto is the on-chain transaction record that serves as proof of payment — including sender, recipient, amount, timestamp, and t...

A payment splitter is a smart contract that automatically distributes received payments among multiple recipients according to predefined shares — use...

Payment splitting is the automatic division of incoming payments among multiple recipients according to predefined rules — implemented in smart contra...

Payment streaming is the continuous, real-time flow of tokens from one address to another at a defined rate — enabling per-second payments rather than...

A payment token is a digital token specifically designed and used for making payments — distinct from utility tokens (access to services) and security...

Payment verification is the process of confirming that a cryptocurrency payment was executed correctly — verifying the transaction was included in a b...

A payment-aware proxy is a network intermediary that understands x402 payment flows — intercepting 402 responses, applying spending policies, managing...

Crypto payroll is the payment of employee salaries and contractor fees in cryptocurrency or stablecoins — increasingly used by Web3 companies and offe...

PCI DSS in an agent context refers to the application of the Payment Card Industry Data Security Standard to AI agents — specifically how agents makin...

A peer-to-peer (P2P) payment is a direct transfer of funds between two individuals without a financial intermediary — the original vision of Bitcoin a...

Penetration testing (pentesting) in crypto is the authorized simulation of attacks against smart contracts, infrastructure, and operational processes ...

A rate limit applied to a specific MCP tool rather than globally across all tools. Allows operators to set different throughput ceilings for different...

Rate limits scoped to individual users or agent identities rather than applied globally. Ensures one agent cannot consume another's quota, enabling fa...

The gradual accumulation of MCP tool permissions over time as new capabilities are added to an agent's configuration but old, unnecessary ones are nev...

Permissionless describes a system that anyone can access, use, and build on without needing approval from a gatekeeper — a core property of public blo...

Permit2 is a token approval protocol by Uniswap that provides a unified, more secure allowance system for ERC-20 tokens — featuring built-in expiratio...

A perpetual swap (perp) is a derivative contract that lets traders speculate on asset prices with leverage and no expiration date — settled through a ...

A phishing attack in crypto is a social engineering scam that tricks users into revealing private keys, seed phrases, or signing malicious transaction...

Detecting personally identifiable information in MCP tool call arguments or responses to prevent AI agents from inadvertently exfiltrating, processing...

Pimlico is an ERC-4337 infrastructure provider offering bundler and paymaster services — enabling developers to build account abstraction features int...

A point-of-sale (PoS) system for crypto is the hardware and software enabling merchants to accept cryptocurrency payments in physical retail locations...

Policy actions are the three possible outcomes of policy evaluation in Intercept: allow (the tool call proceeds to the MCP server), deny (the tool cal...

A policy condition is a constraint within a policy rule that evaluates tool call arguments against defined criteria (e.g. amount < 1000, branch != "ma...

A policy diff is the comparison between two versions of a policy file to see exactly what changed — which rules were added, removed, or modified. Esse...

A policy dry run is a mode where Intercept evaluates policies and logs the decisions that would be made, but does not enforce them — all tool calls ar...

A policy engine evaluates requests against predefined rules and returns allow/deny decisions. In Intercept, the policy engine evaluates every MCP tool...

The policy evaluation pipeline is the sequence of steps Intercept follows to evaluate every tool call: match server, match tool, evaluate conditions, ...

A policy file is the physical YAML file (e.g. stripe.yaml, github.yaml) that contains policy rules for one or more MCP servers, stored alongside your ...

Policy hot reload is the ability to update policy files without restarting Intercept, with changes taking effect on the next tool call to enable zero-...

Policy inheritance is the mechanism by which tool-level policies inherit from server-level policies, which in turn inherit from global policies, with ...

Policy linting is the static analysis of YAML policy files to catch syntax errors, unreachable rules, conflicting conditions, type mismatches, and oth...

A policy override is a mechanism to temporarily or permanently bypass a policy rule, granting an exception for a specific tool call, agent, or time wi...

Policy priority is the order in which policies are evaluated when multiple rules could match a tool call, with higher-priority rules overriding lower-...

Policy rollback is the process of reverting to a previous version of a YAML policy when a new policy causes issues — such as blocking legitimate tool ...

A policy rule is a single rule within a policy file that specifies an action (allow, deny, or log) for a specific tool or tool pattern, optionally wit...

A pre-built, reusable YAML policy configuration for common agent use cases — such as coding assistants, data analysis agents, or DevOps automation. Te...

Policy testing is the practice of validating policies against predefined test cases before deployment, ensuring they behave as expected — allowing wha...

Policy versioning is the practice of tracking changes to YAML policy files over time using version control (git), enabling audit trails of who changed...

When an AI agent attempts a tool call that violates a YAML-defined policy — calling a denied tool, passing disallowed arguments, or exceeding rate lim...

A policy violation event is emitted when a tool call is denied by policy, signalling that an agent attempted an operation outside its permitted bounda...

Policy-as-code is the practice of defining security and compliance policies as version-controlled, machine-readable code rather than manual configurat...

Polygon is a multi-chain scaling ecosystem for Ethereum that includes a PoS sidechain, zkEVM rollup, and CDK framework — providing various scaling app...

An agent requests approval before committing funds. The policy engine evaluates and returns an authorization token for the actual payment execution....

Price impact is the change in a token's market price caused by executing a trade — larger trades relative to available liquidity cause greater price m...

A price oracle in DeFi is a data feed that supplies real-time asset prices to smart contracts — critical for lending liquidations, derivative settleme...

The principle of least privilege states that every entity (user, agent, process) should have only the minimum permissions necessary to perform its int...

A private key is a cryptographic secret — a large random number — that grants complete control over a blockchain address, enabling the holder to sign ...

A private transaction is a blockchain transaction where some or all details — sender, recipient, amount, or data — are concealed from public view whil...

Privilege escalation is a security exploit where an entity gains access to tools or capabilities beyond what was initially authorised — either by expl...

Privy is a web3 authentication and embedded wallet platform that creates non-custodial wallets for users without requiring them to manage seed phrases...

Cryptocurrency with embedded rules governing how it can be spent — enabling conditions like spending limits, approved recipients, and time locks direc...

A wallet with built-in logic enforcing transaction rules — spending limits, recipient restrictions, multi-party approvals — at the wallet level. Smart...

Prompt chaining is the technique of connecting multiple LLM calls in sequence, where each call's output feeds into the next call's input — enabling co...

Prompt engineering is the practice of designing and optimizing input text to guide large language models toward producing desired outputs, including t...

An attack where malicious input manipulates an AI agent's behaviour by injecting instructions that override its programming. Successful prompt injecti...

Tool-layer prompt injection embeds malicious instructions in MCP tool descriptions, schemas, or return values to hijack agent behaviour. It targets th...

Prompt leaking is when an MCP tool or server extracts the agent's system prompt, user instructions, or conversation context through crafted tool inter...

Proof of Stake (PoS) is a consensus mechanism where validators lock cryptocurrency as collateral to participate in block production, with selection pr...

Proof of Work (PoW) is a consensus mechanism where miners compete to solve computationally intensive puzzles, earning the right to add the next block ...

A protocol fee is revenue collected by a DeFi protocol's smart contracts from user activity — such as trading fees, borrowing interest, or service cha...

Protocol governance is the system through which a DeFi protocol's parameters, upgrades, and treasury are managed — typically through token-weighted vo...

A proxy contract is a smart contract pattern that delegates execution to an implementation contract — enabling upgradeable smart contracts by changing...

PSD2 (Payment Services Directive 2) is European regulation mandating that banks provide API access to customer accounts for authorized third parties —...

A public key is the cryptographic counterpart to a private key — freely shared to verify signatures and derive blockchain addresses, without revealing...

PydanticAI is a Python agent framework by the creators of Pydantic that emphasizes type safety, structured outputs, and production reliability — using...

Restricting a numeric tool call argument to a minimum and/or maximum value. Range constraints set safe operational bounds — for example, ensuring a tr...

Rate limiting is a security control that restricts the frequency of operations — transactions per minute, API calls per hour, or spending events per d...

Constraining how frequently an AI agent can invoke specific MCP tools within a defined time window. Rate limiting prevents runaway agents, protects do...

A ReAct agent follows the Reasoning + Acting paradigm, alternating between thinking steps (reasoning about what to do) and action steps (executing too...

Real-world assets (RWAs) are traditional financial instruments — such as bonds, real estate, commodities, and private credit — represented as tokens o...

Real-Time Gross Settlement (RTGS) is a payment system that settles transactions individually and immediately — the backbone of central bank payment sy...

Checking an agent's transaction against all rules at request time — before signing. Decisions in milliseconds for immediate allow/deny....

A reasoning agent is an AI agent that uses explicit step-by-step thinking — such as chain-of-thought or extended thinking — to break down complex prob...

A recurring payment is an automated, periodic transfer of funds — such as subscriptions, rent, or salaries — that in crypto requires specific smart co...

A reentrancy attack exploits a smart contract vulnerability where an external call allows the attacker to re-enter the contract before the first execu...

Using regular expressions in YAML policies to validate tool call argument values before they reach the MCP server. Regex constraints can enforce email...

Regulatory compliance is the adherence to laws, regulations, and industry standards governing cryptocurrency operations — including KYC/AML requiremen...

Reinforcement Learning (RL) is a machine learning paradigm where an agent learns optimal behavior through trial and error, receiving rewards or penalt...

A relayer is a service that submits transactions on behalf of users — enabling gasless transactions, meta-transactions, and cross-chain message delive...

Remittance is the transfer of money by a foreign worker to their home country — a massive global market ($650B+ annually) where crypto stablecoins off...

A replay attack on tool calls captures and re-sends a valid MCP tool call to execute it again, potentially duplicating financial transactions, destruc...

A policy rule enforcing that a specific argument must be present in a tool call. Required argument constraints prevent tools from being called with mi...

Agent resource exhaustion is when an AI agent consumes excessive compute, memory, API calls, or tokens — either through manipulation or runaway behavi...

Inspecting and modifying MCP tool responses before they reach the agent. Response filtering can strip sensitive data, block certain patterns, redact i...

Checking MCP tool responses against expected schemas or patterns before passing them to the agent. Response validation catches malformed, unexpected, ...

The practice of developing and deploying AI systems in ways that are safe, fair, transparent, and accountable. For AI agents, this includes enforcing ...

Restaking allows already-staked cryptocurrency (like staked ETH) to be simultaneously used to secure additional protocols and services — extending blo...

Retrieval-Augmented Generation (RAG) is an architecture that enhances LLM responses by retrieving relevant documents from an external knowledge base a...

Reinforcement Learning from Human Feedback (RLHF) is a training technique that aligns LLM outputs with human preferences by training a reward model on...

An AI agent that has deviated from its intended behaviour — whether through prompt injection, misconfiguration, or emergent behaviour — and is now per...

Role-Based Access Control (RBAC) is a security model that assigns permissions to roles rather than individual entities, and then assigns roles to user...

A rollup is a Layer 2 scaling solution that executes transactions off-chain, bundles them together, and posts compressed data or proofs to the Layer 1...

An RPC node is a blockchain node that exposes a Remote Procedure Call interface — allowing applications, wallets, and agents to read blockchain data a...

An RPC provider is a service that operates blockchain nodes and exposes their RPC interface as an API — enabling developers to interact with blockchai...

A rug pull is a crypto scam where project creators abandon a project and steal user funds — typically by draining liquidity pools, exploiting admin fu...

Safe (formerly Gnosis Safe) is the most widely deployed smart contract wallet platform, providing multi-signature authorization, modular extensions, a...

Sanctions screening is the process of checking cryptocurrency addresses and transactions against sanctions lists maintained by authorities like OFAC, ...

Sandbox escaping is when an AI agent or MCP tool breaks out of its intended execution environment to access system resources, files, or networks it sh...

A sandwich attack is an MEV strategy where an attacker places transactions before and after a victim's swap — front-running to raise the price, then b...

A scoped token grants an AI agent limited, time-bound spending permission — restricting amount, recipient, duration, and token type unlike unrestricte...

An SDK (Software Development Kit) is a collection of tools, libraries, and documentation that simplifies development for a specific platform — providi...

Scanning MCP tool responses for accidentally exposed secrets — API keys, passwords, tokens, private keys, and connection strings — before they enter t...

A security audit is a comprehensive review of a system's security posture — examining code, architecture, access controls, and operational practices t...

The logical perimeter around an AI agent's permitted operations, defined by which MCP servers it can connect to, which tools it can invoke, and what a...

A seed phrase (recovery phrase) is a human-readable sequence of 12 or 24 words that encodes the master private key for a cryptocurrency wallet — servi...

Self-custody is the practice of holding and managing your own cryptocurrency private keys, maintaining direct, exclusive control over your digital ass...

Semantic Kernel is Microsoft's open-source SDK for integrating LLMs into applications — providing abstractions for AI plugins, memory, and planning th...

Semantic routing is the technique of directing requests, queries, or tasks to the appropriate handler (agent, tool, or model) based on the semantic me...

A sequencer is the component of a Layer 2 rollup that receives transactions, orders them, executes them, and produces the resulting state updates — th...

A server-level policy applies default rules to all tools on a given MCP server, establishing baseline permissions that can be overridden by more speci...

A temporary cryptographic key granting an AI agent limited, time-bound permission to sign transactions from a smart account. Session keys expire autom...

Settlement is the final, irrevocable transfer of asset ownership between parties — the point at which a transaction is fully completed and can no long...

An unauthorised AI agent operating within an organisation, connecting to MCP servers without IT or security team oversight. The agent equivalent of sh...

A sidechain is an independent blockchain with its own consensus mechanism that runs parallel to a main chain and is connected via a two-way bridge — p...

SIEM integration is the process of connecting MCP proxy audit logs to a Security Information and Event Management system for real-time threat detectio...

A rate limiting approach that uses a rolling time window rather than fixed intervals. Instead of resetting a counter every minute on the minute, it co...

Slippage is the difference between the expected price of a trade and the actual execution price — caused by pool liquidity depth, trade size, and pric...

A smart account is a blockchain account implemented as a smart contract rather than a simple key pair (EOA), enabling programmable transaction validat...

A smart contract is a self-executing program stored on a blockchain that automatically enforces agreement terms when predefined conditions are met — e...

A smart contract audit is a professional security review of smart contract code to identify vulnerabilities, logic errors, and potential exploits befo...

A smart contract exploit is the use of a vulnerability in smart contract code to steal funds or manipulate protocol behavior — one of the primary secu...

A smart contract interaction is any transaction that calls a function on a deployed smart contract — encompassing all DeFi operations, token transfers...

A smart contract wallet is a cryptocurrency wallet implemented as a deployed smart contract rather than a simple externally owned account (EOA) — enab...

A smart wallet is a user-facing cryptocurrency wallet built on smart contract technology (account abstraction) that provides enhanced features like so...

SOC 2 is a compliance framework developed by the AICPA for service organisations, focused on five trust service criteria: security, availability, proc...

Social engineering in crypto is the manipulation of people into performing actions or divulging confidential information — exploiting human psychology...

Solana is a high-performance Layer 1 blockchain designed for speed and low cost, using a unique Proof of History consensus mechanism to achieve thousa...

Solidity is the dominant programming language for Ethereum smart contracts — a statically-typed, object-oriented language designed specifically for th...

A solver is a specialized entity in intent-based DeFi systems that competes to fulfill user trading intents by finding optimal execution paths — sourc...

A soulbound token (SBT) is a non-transferable, non-tradable digital token permanently bound to a wallet address — used to represent verifiable credent...

A spend card (or crypto debit card) enables users to spend cryptocurrency at traditional merchants by automatically converting crypto to fiat at the p...

Spend management tracks, controls, and optimizes AI agent crypto spending — budgeting, policy enforcement, real-time monitoring, analytics, and report...

Data-driven insights into agent financial activity — patterns, cost per task, budget utilization, violation trends, and ROI across an agent fleet....

An agent spending pattern that deviates significantly from established baselines — unusual amounts, unexpected recipients, abnormal timing, or velocit...

A hard upper limit on total agent spending within a scope — per transaction, hour, day, contract, or session. Once reached, all transactions blocked u...

Spending controls are programmable rules limiting how, when, and where an AI agent can spend crypto — per-transaction limits, rolling budgets, recipie...

Tracks how spending authority flows from operator through intermediate agents to the final spender, ensuring delegated authority never exceeds origina...

A specialized language for defining agent spending rules — readable, auditable, and composable without general-purpose code....

A verifiable record of an authorized agent transaction — policy evaluation result, parameters, approval status, blockchain confirmation. Proof of poli...

A structured summary of AI agent financial activity over a time period — total spend, transaction count, policy compliance rate, budget utilization, a...

The rate at which an agent spends — transactions per minute, dollars per hour. Monitoring velocity detects anomalies like runaway loops or compromised...

A stablecoin is a cryptocurrency designed to maintain a stable value relative to a reference asset — typically the US dollar — through various mechani...

A stablecoin depeg occurs when a stablecoin's market price deviates significantly from its target peg — caused by loss of confidence, reserve issues, ...

Stablecoin micropayment rails are the combination of dollar-pegged stablecoins (primarily USDC) and low-cost Layer 2 blockchain networks (primarily Ba...

Using price-stable cryptocurrencies (USDC, USDT) pegged to fiat for transactions. Preferred by agents for predictable value, instant settlement, and p...

Stablecoin settlement is the finalization of a payment using stablecoins on a blockchain — where the transaction is confirmed in a block and the recip...

Staking is the process of locking cryptocurrency to support blockchain operations — either validating PoS consensus or participating in protocol mecha...

Staking rewards are cryptocurrency earnings distributed to validators and delegators for participating in proof-of-stake consensus — compensating them...

A state channel is an off-chain protocol that enables multiple state transitions between parties with minimal on-chain interaction — generalizing paym...

Restricting the length of a string argument in a tool call. String length constraints prevent excessively long inputs that could be used for prompt in...

Stripe Crypto is Stripe's suite of cryptocurrency-related products — including fiat-to-crypto on-ramps, USDC payouts, and crypto payment acceptance th...

Structured output refers to LLM responses formatted in machine-readable schemas like JSON or typed objects, enabling reliable integration with downstr...

A sub-cent transaction is a financial payment worth less than one US cent ($0.01), made economically viable by Layer 2 blockchain networks where trans...

A subgraph is a data indexing definition for The Graph protocol that specifies what blockchain data to extract, how to transform it, and how to store ...

A subscription payment is a recurring automated charge for ongoing access to a service — a payment model that requires specific smart contract pattern...

Sui is a Layer 1 blockchain built by Mysten Labs using the Move programming language, featuring an object-centric data model and parallel transaction ...

A supply chain attack compromises software by targeting its dependencies, build tools, or distribution channels — injecting malicious code through tru...

A swap is the exchange of one cryptocurrency token for another through a DEX or aggregator — the most fundamental DeFi operation, executed atomically ...

A token swap fee is the charge applied by a DEX for executing a trade — typically 0.01-1% of the trade value, distributed to liquidity providers and s...

A synthetic asset is a tokenized derivative that tracks the price of another asset — stocks, commodities, forex, or indices — without requiring owners...

A system prompt is a privileged instruction set provided to an LLM that defines the model's role, behavior, constraints, and output format — serving a...

Task decomposition is the process by which an AI agent breaks a complex goal into smaller, manageable sub-tasks that can be executed sequentially or i...

Tenderly is a blockchain development platform offering transaction simulation, debugging, monitoring, and alerting — enabling developers to test smart...

A testnet is a blockchain network that mirrors mainnet functionality but uses valueless tokens — providing a safe, free environment for testing smart ...

The Graph is a decentralized protocol for indexing and querying blockchain data — enabling developers to build subgraphs that organize on-chain data i...

Threat modeling is a structured security analysis process that identifies potential threats to a system, evaluates their likelihood and impact, and de...

A threshold signature scheme (TSS) is a cryptographic protocol where a signing key is split into n shares, and any t (threshold) of those shares can c...

Deliberately slowing down agent tool call throughput rather than hard-blocking. A softer alternative to outright denial that allows agents to continue...

A token is a digital asset created on an existing blockchain through a smart contract — distinct from native coins (ETH, BTC) which are integral to th...

A token allowance is the maximum amount of ERC-20 tokens that a specific spender address (typically a smart contract) is authorized to transfer from a...

A token approval is an on-chain authorization that permits a smart contract (spender) to transfer a specified amount of ERC-20 tokens from your wallet...

A rate limiting algorithm where tokens are added to a bucket at a fixed rate. Each tool call consumes a token; calls are denied when the bucket is emp...

Token burning is the permanent removal of tokens from circulation by sending them to an unspendable address — reducing total supply and potentially in...

Token exfiltration is extracting authentication tokens, session tokens, or API tokens from an AI agent's environment through malicious tool calls or p...

Token gating is the practice of restricting access to content, communities, or services based on ownership of specific tokens or NFTs — creating exclu...

A token launch is the process of creating and distributing a new cryptocurrency token — encompassing smart contract deployment, initial liquidity prov...

Token minting is the creation of new tokens — either through protocol issuance (block rewards, staking emissions) or smart contract functions that inc...

A token standard is a specification defining how tokens behave on a blockchain — including required functions, events, and interfaces that ensure inte...

Token vesting is a time-based release schedule that controls when allocated tokens become transferable — preventing insiders from selling immediately ...

Tokenization in AI refers to breaking text into smaller units (tokens) that a language model can process — typically subword pieces that balance vocab...

A tokenized deposit is a bank deposit represented as a digital token on a blockchain — maintaining the regulatory protections of traditional banking w...

Tokenomics is the economic design of a cryptocurrency token — encompassing supply mechanics, distribution, utility, incentive structures, and monetary...

Tool calling is the mechanism by which a large language model generates structured requests to invoke external tools, APIs, or functions — enabling th...

Tool name collision occurs when multiple MCP servers expose tools with the same name, creating ambiguity about which tool the AI agent actually invoke...

Tool poisoning is an attack where a malicious actor manipulates an MCP tool's description, schema, or metadata to trick an AI agent into performing un...

Tool shadowing is an attack where a malicious MCP server exposes a tool with the same name as a trusted server's tool, silently intercepting calls the...

Tool squatting is registering an MCP server with a name deliberately similar to a popular, trusted server to intercept agent tool calls. It is the MCP...

Tool use refers to an AI agent's ability to interact with external systems — calling APIs, executing code, querying databases, writing files, or perfo...

A tool-level policy targets a specific MCP tool (e.g. create_payment_intent on the Stripe server) rather than an entire server, providing the most gra...

A configurable workflow determining how agent transactions are authorized — auto-approval for low-risk, multi-step human review for high-value or unus...

A transaction hash (txHash) is a unique identifier generated by hashing a transaction's contents — serving as the receipt and lookup key for any block...

Transaction monitoring is the ongoing surveillance of cryptocurrency transactions to detect suspicious patterns, policy violations, and anomalous beha...

A transaction policy is a declarative rule set defining valid agent transactions — specifying allowed amounts, recipients, tokens, contract interactio...

A transaction receipt is the blockchain record generated after a transaction is processed — containing execution status, gas used, event logs, and oth...

Transaction signing is the process of using a private key to generate a cryptographic signature that authorizes a blockchain transaction, proving the ...

Transaction simulation is the process of executing a blockchain transaction against the current state without actually committing it — previewing the ...

A Transformer is the neural network architecture underlying all modern large language models, using self-attention mechanisms to process sequential da...

The Travel Rule is a regulatory requirement that financial institutions share sender and recipient information for transactions above certain threshol...

Treasury management is the strategic management of an organization's financial assets, liquidity, and risk — in crypto, this includes managing token h...

A boundary in a system where the level of trust changes. In MCP architectures, trust boundaries exist between the agent and each MCP server, between I...

Trustless describes a system where participants can transact and verify outcomes without trusting any counterparty — relying instead on cryptographic ...

Turnkey is a non-custodial key management platform that provides secure, programmatic access to private keys through Trusted Execution Environments (T...

Total Value Locked (TVL) is the aggregate value of cryptocurrency assets deposited in a DeFi protocol's smart contracts — the primary metric for measu...

Two-factor authentication (2FA) is a security measure requiring two different verification methods to access an account — typically combining somethin...

Uniswap is the largest decentralized exchange by volume, pioneering the automated market maker (AMM) model — enabling permissionless token trading thr...

USDC (USD Coin) is a fully-reserved, dollar-pegged stablecoin issued by Circle, available on multiple blockchains, and widely used as the default paym...

USDT (Tether) is the largest stablecoin by market capitalization, pegged to the US dollar and issued by Tether Limited — widely used as the primary tr...

A UserOperation (UserOp) is the transaction format in ERC-4337 account abstraction — a pseudo-transaction submitted to the alt mempool that encodes th...

Utilization rate is the percentage of deposited assets currently being borrowed in a DeFi lending pool — the primary driver of interest rates and the ...

A validator is a node operator on a proof-of-stake blockchain that stakes cryptocurrency to participate in block production and validation — earning r...

A DeFi vault is a smart contract that automatically executes yield-generating strategies on deposited assets — handling compounding, rebalancing, and ...

A verifiable credential (VC) is a tamper-evident, cryptographically verifiable digital claim made by an issuer about a subject — following the W3C sta...

Vibe coding is the practice of building software by describing desired behavior to an AI coding assistant in natural language, iterating through conve...

A virtual card is a programmatically generated payment card number with configurable spending limits, merchant restrictions, and expiration — used for...

A cryptocurrency wallet is software or hardware that manages private keys — enabling users to sign transactions, interact with blockchains, and contro...

A wallet drainer is malicious software that exploits token approvals, signed messages, or compromised keys to transfer all assets from a victim's cryp...

WalletConnect is an open protocol for connecting cryptocurrency wallets to decentralized applications — enabling secure communication between mobile w...

Web3 is the vision of a decentralized internet where users own their data, identity, and digital assets — built on blockchain technology, smart contra...

A webhook is an HTTP callback that pushes real-time notifications when blockchain events occur — enabling applications to react to on-chain activity w...

Wei is the smallest denomination of Ether (ETH), where 1 ETH = 10^18 wei — used in smart contract programming and RPC calls where values must be expre...

WETH (Wrapped ETH) is an ERC-20 token that represents Ether in a standardized token format — solving the incompatibility between native ETH and the ER...

A wire transfer is a direct bank-to-bank electronic transfer of funds — the traditional method for large domestic and international payments, increasi...

Wormhole is a cross-chain messaging protocol connecting 30+ blockchains — originally built for Solana-Ethereum bridging, now a general-purpose interop...

A wrapped token is a cryptocurrency token pegged 1:1 to another asset, enabling that asset to be used on a different blockchain or protocol — such as ...

Wrapped Staked ETH (wstETH) is a non-rebasing wrapper around Lido's stETH — providing a token whose price increases over time (reflecting staking rewa...

x402 auto-policy is the automatic creation of spending policies when an agent encounters a new x402-enabled endpoint for the first time — applying con...

An x402 circuit breaker is a safety mechanism that automatically halts all x402 payment activity for an agent or agent fleet after detecting repeated ...

x402 domain pinning (also called recipient pinning) is a security control that associates specific payment recipient addresses with specific domains —...

The exact payment scheme is the first and primary payment scheme in the x402 protocol. It transfers a specific, predetermined amount of tokens from cl...

An x402 facilitator is a server in the x402 protocol that handles payment verification and on-chain settlement on behalf of resource servers. It expos...

The x402 Foundation is the governance organisation co-founded by Coinbase and Cloudflare to steward the x402 open payment protocol — promoting adoptio...

x402 payment headers are the HTTP headers that carry payment negotiation data in the x402 protocol. The server sends payment requirements via the PAYM...

x402 payment streaming is the pattern of continuous or high-frequency resource consumption paired with periodic x402 settlement — using schemes like d...

x402 payment verification is the process by which a resource server (or its facilitator) confirms that a client's signed payment payload is valid — ch...

x402 pricing negotiation is the process by which a resource server communicates its accepted payment terms — including amounts, tokens, networks, and ...

x402 is an open protocol built by Coinbase that enables AI agents to make payments over HTTP using the 402 Payment Required status code. Agents autono...

An x402 resource server is any HTTP server that requires payment for access to its resources using the x402 protocol. It responds with HTTP 402 and pa...

The x402 settlement flow is the multi-step process by which a client's payment payload is verified, the requested resource is served, and the payment ...

A YAML policy is a declarative configuration file that defines rules governing what an AI agent can and cannot do with MCP tools, specifying allowed a...

A yield aggregator automatically routes deposits to the highest-yielding DeFi strategies, handling compounding, rebalancing, and gas optimization — ma...

Yield farming is the practice of strategically deploying crypto assets across DeFi protocols to maximize returns — earning trading fees, lending inter...

A security model where no AI agent, tool call, or MCP server is inherently trusted. Every tool invocation is verified against policy regardless of its...

A zero-knowledge proof (ZKP) is a cryptographic method that allows one party to prove knowledge of information to another party without revealing the ...

Zero-shot learning is an LLM's ability to perform a task with only instructions and no examples — relying entirely on the model's pre-trained knowledg...

ZeroDev is a smart account infrastructure platform that provides the Kernel smart account (a modular ERC-4337 account), along with bundler, paymaster,...

A ZK rollup is a Layer 2 scaling solution that generates cryptographic proofs (zero-knowledge proofs) to verify the validity of off-chain transactions...