Replay Protection
Every tx_hash can only be used once. Full on-disk tracking.
Server-Side Validation
All prices and amounts checked on server. Never trust client input.
Rate Limiting + Brute Force
30 req/min per key. IP blocking on abuse. Max 3 free keys per IP.
Input Sanitization
Blocks common injection patterns on all agent inputs.
We log suspicious activity and maintain an auditable security event trail.
The system is designed so autonomous agents can interact safely without human babysitting.