npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@yault/aesp

v0.2.0

Published

Agent Economic Sovereignty Protocol — defining how AI agents operate economically under human sovereignty

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

yaxyzyaxyz

Keywords

aespagenteconomicsovereigntyprotocolyalletyaultmcpa2aap2privacycontext-isolationephemeral-address

Readme

AESP - Agent Economic Sovereignty Protocol

Defining how AI agents operate economically under human sovereignty.

Website | npm

What Is AESP

AESP is a TypeScript SDK and MCP integration layer for agent payments under explicit human control. It is designed so that agents can execute economic actions while humans retain full economic sovereignty.

Core principles:

  • Policy-gated execution -- every spend action is bounded by configurable policy rules (per-tx limits, daily/weekly/monthly budgets, address allowlists, time windows).
  • Human override path -- risky actions are escalated to a review queue instead of being auto-approved.
  • Verifiable commitments -- execution context can be tied to EIP-712 signed intent, enabling on-chain settlement guarantees.
  • Practical integration -- MCP tools expose vault operations to AI agent frameworks; subpath exports let you import only what you need.

Install

npm install @yault/aesp

Requires Node.js >= 18.

Quick Start

Add to Claude Desktop

Add the following to your Claude Desktop config (claude_desktop_config.json):

{
  "mcpServers": {
    "yault": {
      "command": "npx",
      "args": ["-y", "@yault/aesp"],
      "env": {
        "YAULT_API_KEY": "sk-yault-..."
      }
    }
  }
}

Add to Claude Code

claude mcp add yault -- npx -y @yault/aesp

Then set the environment variable YAULT_API_KEY in your shell or .claude/settings.json.

Run standalone

export YAULT_API_KEY="sk-yault-..."
yault-mcp                  # if installed globally
npx @yault/aesp            # via npx

Get your API key

Go to yault.xyz to create an account and obtain your API key (sk-yault-*). The key is tied to your vault — each user manages their own key. Agent developers do not need a key unless they are also vault users; it is the end-user who configures their own key in the MCP client.

Use SDK modules

import { PolicyEngine } from '@yault/aesp/policy';
import { getAllMCPTools } from '@yault/aesp/mcp';
import { NegotiationStateMachine } from '@yault/aesp/negotiation';

const engine = new PolicyEngine(storageAdapter);
await engine.load();

const tools = getAllMCPTools(); // 6 MCP tool definitions

Modules

AESP is organized into subpath exports so you can import only what you need:

| Subpath | Description | |---------|-------------| | @yault/aesp | Unified re-export of all modules | | @yault/aesp/types | Shared type definitions (AgentExecutionRequest, TransferPayload, ChainId, etc.) | | @yault/aesp/policy | Policy engine with 8-check evaluation, budget tracking, and policy change classification | | @yault/aesp/identity | Agent identity derivation, certificate creation, and hierarchy management | | @yault/aesp/negotiation | Offer/counter-offer state machine with session management | | @yault/aesp/commitment | EIP-712 structured commitment builder for dual-signed agreements | | @yault/aesp/review | Human-in-the-loop review queue with freeze/unfreeze controls | | @yault/aesp/mcp | MCP tool definitions, argument validation, and server router | | @yault/aesp/a2a | Agent-card builder for cross-agent discovery (A2A protocol) | | @yault/aesp/crypto | Cryptographic helpers: signing, encryption, hashing, ZK proof bridge | | @yault/aesp/privacy | Context tagging, ephemeral address pools, and consolidation scheduling |

MCP Tools

The stdio server exposes 6 backend-connected tools:

| Tool | Method + Endpoint | Purpose | |------|-------------------|---------| | yault_check_balance | GET /api/vault/balance/:address | Read a wallet vault balance | | yault_deposit | POST /api/vault/deposit | Deposit underlying into vault | | yault_redeem | POST /api/vault/redeem | Redeem vault shares | | yault_transfer | POST /api/vault/transfer | Transfer vault allocation (parent to sub-account) | | yault_check_authorization | GET /api/vault/agent-authorization | Read operator/allowance status | | yault_get_balances | GET /api/vault/balances/:address | Read multi-balance breakdown |

Backend Requirements

The MCP server is a thin API client. It expects a Yault backend providing:

  • GET /api/vault/balance/:address
  • GET /api/vault/balances/:address
  • GET /api/vault/agent-authorization
  • POST /api/vault/deposit -- { address, amount }
  • POST /api/vault/redeem -- { address, shares }
  • POST /api/vault/transfer -- { from_address, to_address, amount, currency? }

Authentication: Authorization: Bearer sk-yault-* via YAULT_API_KEY env variable.

Security Model

AESP is built around "bounded autonomy":

  • Agent API keys should be policy-bound before spend execution.
  • Spending controls should include per-tx and rolling limits (daily/weekly/monthly).
  • Destination constraints should be allowlist-driven where applicable.
  • Sensitive operations should stay outside broad agent key scopes.
  • Human escalation remains the fallback for policy violations.

For vulnerability reporting, see SECURITY.md.

Related Packages

| Package | Description | |---------|-------------| | @yault/elizaos-plugin-aesp | ElizaOS plugin wrapping AESP for agent frameworks |

Development

Run tests:

npm test

Build TypeScript:

npm run build:ts

Build with WASM (requires acegf-wallet as a sibling repo, or set ACEGF_ROOT):

npm run build:wasm
npm run build:ts

See CONTRIBUTING.md for the full development guide.

License

This project is licensed under the Apache License 2.0. See LICENSE for the full text.