Spending Policies
Spending policies define guardrails for agent transactions. Every payment passes through the policy engine before reaching compliance screening or on-chain submission. Policies are evaluated in Redis with sub-10ms latency.
Rule Types
| Rule | Field | Description |
|---|
| Per-Transaction Limit | max_per_transaction | Maximum amount for a single payment |
| Daily Limit | max_daily | Maximum cumulative per 24-hour rolling window |
| Weekly Limit | max_weekly | Maximum cumulative per 7-day rolling window |
| Monthly Limit | max_monthly | Maximum cumulative per 30-day rolling window |
| Counterparty Whitelist | counterparty_whitelist | Only these addresses can receive payments |
| Counterparty Blacklist | counterparty_blacklist | Payments to these addresses are rejected |
| Velocity Limits | velocity_limits | Max transactions per hour, max unique counterparties per day |
Advanced Rules
| Rule | Field | Description |
|---|
| Allowed Chains | allowed_chains | Restrict to specific chains |
| Allowed Stablecoins | allowed_stablecoins | Restrict to USDC, USDT, or EURC |
| Category Restrictions | category_restrictions | Allow or block payment categories |
| Time Restrictions | time_restrictions | Limit to specific hours, block days |
| Escalation | escalation_rules | Require human approval above threshold |
Enforcement Modes
| Mode | Behavior |
|---|
enforce | Violations blocked. Payment rejected with POLICY_VIOLATED. |
warn | Violations logged but payment proceeds. Response includes policy_result: "violated". |
audit_only | Violations silently logged. No impact on payment. |
Violation Actions
| Action | Behavior |
|---|
reject | Payment rejected (HTTP 403) |
flag | Payment proceeds, flagged for review |
escalate | Payment held for human approval (HTTP 202) |
suspend_agent | Payment rejected and agent suspended |
Evaluation Flow
| Step | Action | Latency |
|---|
| 1 | Load active policies from Redis cache | <1ms |
| 2 | Sort by priority (lower = higher priority) | <1ms |
| 3 | Evaluate each rule against the transaction | <5ms |
| 4 | Aggregate: if any enforced rule fails, violation | <1ms |
| 5 | Write to oris_policy_evaluations hypertable | async |
SDK Usage
policy = agent.set_policy(
max_per_tx=50,
max_daily=500,
max_weekly=2000,
counterparty_whitelist=["0xabc...", "0xdef..."],
enforcement_mode="enforce"
)
# Simulate before sending
sim = agent.simulate_payment(amount=75)
print(sim.passed) # False
print(sim.violated_rules) # ["max_per_transaction"]
print(sim.verdict) # "reject"
See Policies API for endpoint details.