OutLayer Documentation
Agent Custody
Institutional-grade custody for AI agents. Give your agent a multi-chain wallet with full policy controls — the agent can send and receive tokens, but it physically cannot lose or leak the private key because it never has one. You stay in control of how your agent spends crypto: set spending limits, whitelists, require manual confirmations for large transactions, or freeze the wallet instantly.
No Private Key Exposure
The agent never sees or stores a private key. It authenticates with an API key. All transaction signing happens inside a TEE (Trusted Execution Environment) — even if the agent is fully compromised, the key stays safe.
Multi-Chain Addresses
One wallet — addresses on NEAR, Ethereum, Bitcoin, Solana, and other chains. Cross-chain transfers happen via the NEAR Intents protocol. No bridges, no wrapping.
Policy Engine
Per-transaction limits, daily/hourly/monthly caps, address whitelists, time restrictions, rate limits, and multisig approval. All policy checks happen inside the TEE — the agent cannot bypass or tamper with them.
Gasless Transactions
Swaps and cross-chain transfers work without the agent holding gas tokens on the destination chain. The NEAR Intents protocol handles gas abstraction.
Security foundation: The keystore that holds wallet keys runs inside Intel TDX enclaves (TEE). Its master secret is derived from the NEAR Protocol MPC network — the same distributed key infrastructure that secures billions of dollars across the NEAR ecosystem. All critical operations — key derivation, transaction signing, and policy evaluation — happen exclusively inside the TEE. No single party, not even the infrastructure operator, can extract keys or bypass policy rules.
How It Works#
read encrypted policy
The API gateway is a stateless proxy — it authenticates the API key and forwards requests to the TEE. Everything security-critical (keys, signing, policy checks) happens exclusively inside the Trusted Execution Environment.
- Register — one API call creates a wallet and returns an API key. The TEE derives the private key from the MPC master secret and returns the public key. No blockchain transaction needed.
- Operate — the agent uses the API key to transfer NEAR, swap tokens, call smart contracts, or withdraw cross-chain. The TEE checks the policy, signs the transaction, and broadcasts it to the NEAR network.
- Control — the wallet owner configures policies for the agent via the dashboard: spending limits, address whitelists, transaction confirmations, multisig, or instant freeze.
Agent ID#
Every wallet is identified by its Agent ID — a public key derived deterministically inside the TEE from the MPC master secret. The agent receives an API key for authentication, while the Agent ID serves as the on-chain identity.
| Concept | Description | Example |
|---|---|---|
| Agent ID | Public key (wallet identity) | ed25519:9a65d26b... |
| API Key | Secret token for API auth | wk_15807dbda492... |
| NEAR address | Derived implicit account | 36842e2f73d0b7... |
| ETH address | Derived Ethereum address | 0x7f3a... |
The agent uses the API Key to authenticate all requests. The private key behind the Agent ID never leaves the TEE — transactions are signed inside the secure enclave and the agent never has access to it.
Multi-Chain Support#
A single wallet provides addresses on multiple blockchains. All cross-chain transfers go through the NEAR Intents protocol — no bridges, no gas tokens needed on the destination chain.
| Chain | Address Type | Withdraw | Contract Calls |
|---|---|---|---|
| NEAR | Ed25519 implicit account | ✓ via Intents (gasless) | ✓ direct (requires NEAR for gas) |
| Ethereum | secp256k1 address | ✓ via Intents (gasless) | — |
| Bitcoin | Derived address | ✓ via Intents (gasless) | — |
| Solana | Ed25519 address | ✓ via Intents (gasless) | — |
| Others | Chain-specific | ✓ via Intents (gasless) | — |
Gasless cross-chain: When the agent calls POST /wallet/v1/withdraw to send tokens to Ethereum or Solana, it does not need ETH or SOL for gas. The NEAR Intents protocol handles execution and fee settlement natively.
Policy Engine#
The wallet owner controls the agent's permissions through a policy — a set of rules that are encrypted and stored on-chain. The policy is decrypted and evaluated inside the TEE on every transaction. The agent cannot bypass or modify it.
| Rule | Description | Example |
|---|---|---|
| Per-transaction limit | Max amount per single transaction, per token | native: 10 NEAR, USDT: $1,000 |
| Hourly limit | Total spending cap per hour | *: 50 NEAR/hour |
| Daily limit | Total spending cap per day | *: 500 NEAR/day |
| Monthly limit | Total spending cap per month | *: 5,000 NEAR/month |
| Address whitelist | Only allow transfers to approved addresses | bob.near, dex.near |
| Address blacklist | Block transfers to specific addresses | scammer.near |
| Time restrictions | Allow operations only during business hours | Mon-Fri 9:00-17:00 UTC |
| Rate limit | Max transactions per hour | 60 tx/hour |
| Multisig approval | Require human approval above a threshold | 2-of-3 above $1,000 |
| Transaction types | Restrict allowed operations (withdraw, call, transfer, swap, intents_deposit) | call, swap only |
| Emergency freeze | Instantly halt all operations | One-click from dashboard |
Policies are stored encrypted on-chain (on the NEAR blockchain). Only the TEE can decrypt and evaluate them. This means neither the API gateway operator nor the agent can see or tamper with the raw policy rules.
Example Policy
{
"rules": {
"limits": {
"per_transaction": { "native": "10000000000000000000000000" },
"daily": { "*": "100000000000000000000000000" },
"hourly": { "*": "50000000000000000000000000" }
},
"transaction_types": ["withdraw", "call", "transfer", "swap", "intents_deposit"],
"addresses": {
"mode": "whitelist",
"list": ["bob.near", "dex.near"]
},
"rate_limit": { "max_per_hour": 60 },
"time_restrictions": {
"timezone": "UTC",
"allowed_hours": [9, 17],
"allowed_days": [1, 2, 3, 4, 5]
}
},
"approval": {
"threshold": { "required": 2, "of": 3 },
"above_usd": 1000,
"approvers": [
{ "id": "ed25519:pubkey1", "role": "admin" },
{ "id": "ed25519:pubkey2", "role": "signer" },
{ "id": "ed25519:pubkey3", "role": "signer" }
]
}
}Multisig Approval#
When a transaction exceeds the approval threshold (e.g. above $1,000), it goes into a pending state. Designated approvers sign the request using their NEAR wallet (NEP-413 signature). Once the required number of signatures is collected, the transaction executes automatically.
Agent: POST /wallet/v1/withdraw { amount: "$5,000" }
-> Response: { status: "pending_approval", required: 2, approved: 0 }
Approver 1: Signs approval via NEAR wallet (dashboard)
-> { approved: 1, required: 2 }
Approver 2: Signs approval via NEAR wallet (dashboard)
-> Threshold met -> auto-execute -> { status: "success", tx_hash: "..." }| Role | Approve transactions | Modify policy | Freeze wallet |
|---|---|---|---|
| Admin | ✓ | ✓ (quorum) | ✓ |
| Signer | ✓ | ✗ | ✗ |
Quick Start#
1. Register a wallet
curl -s -X POST https://api.outlayer.fastnear.com/register
# Response:
# {
# "api_key": "wk_15807dbda492...",
# "near_account_id": "36842e2f73d0...",
# "handoff_url": "https://outlayer.fastnear.com/wallet?key=wk_..."
# }The api_key is shown only once. Store it securely.
2. Get addresses
# NEAR address
curl -s -H "Authorization: Bearer $API_KEY" \
"https://api.outlayer.fastnear.com/wallet/v1/address?chain=near"
# Ethereum address
curl -s -H "Authorization: Bearer $API_KEY" \
"https://api.outlayer.fastnear.com/wallet/v1/address?chain=ethereum"3. Check balance
# Native NEAR balance
curl -s -H "Authorization: Bearer $API_KEY" \
"https://api.outlayer.fastnear.com/wallet/v1/balance?chain=near"
# FT token balance (e.g. USDT)
curl -s -H "Authorization: Bearer $API_KEY" \
"https://api.outlayer.fastnear.com/wallet/v1/balance?chain=near&token=usdt.tether-token.near"4. Transfer NEAR
curl -s -X POST -H "Content-Type: application/json" \
-H "Authorization: Bearer $API_KEY" \
-d '{"receiver_id":"bob.near","amount":"1000000000000000000000000"}' \
"https://api.outlayer.fastnear.com/wallet/v1/transfer"5. Swap tokens
# Swap wNEAR -> USDT (handles deposit, storage, and settlement automatically)
curl -s -X POST -H "Content-Type: application/json" \
-H "Authorization: Bearer $API_KEY" \
-d '{"token_in":"nep141:wrap.near","token_out":"nep141:usdt.tether-token.near","amount_in":"1000000000000000000000000"}' \
"https://api.outlayer.fastnear.com/wallet/v1/swap"6. Call a NEAR contract
curl -s -X POST -H "Content-Type: application/json" \
-H "Authorization: Bearer $API_KEY" \
-d '{"receiver_id":"wrap.near","method_name":"near_deposit","args":{},"deposit":"10000000000000000000000"}' \
"https://api.outlayer.fastnear.com/wallet/v1/call"7. Withdraw (gasless cross-chain via Intents)
# Tokens must be in Intents balance first (use /intents/deposit or /swap)
curl -s -X POST -H "Content-Type: application/json" \
-H "Authorization: Bearer $API_KEY" \
-d '{"to":"receiver.near","amount":"1000000","token":"usdt.tether-token.near","chain":"near"}' \
"https://api.outlayer.fastnear.com/wallet/v1/withdraw"8. Configure policy (optional)
Share the handoff URL with the wallet owner so they can set spending limits, whitelists, and multisig rules from the dashboard:
https://outlayer.fastnear.com/wallet?key=wk_...API Reference#
All endpoints except /register require the Authorization: Bearer <api_key> header.
| Action | Method | Endpoint |
|---|---|---|
| Register wallet | POST | /register |
| Get address | GET | /wallet/v1/address?chain={chain} |
| Check balance | GET | /wallet/v1/balance?chain=near&token={token} |
| Transfer NEAR | POST | /wallet/v1/transfer |
| Call NEAR contract | POST | /wallet/v1/call |
| Swap tokens | POST | /wallet/v1/swap |
| Deposit to Intents | POST | /wallet/v1/intents/deposit |
| Withdraw (cross-chain) | POST | /wallet/v1/withdraw |
| Dry-run withdraw | POST | /wallet/v1/withdraw/dry-run |
| Request status | GET | /wallet/v1/requests/{request_id} |
| List requests | GET | /wallet/v1/requests |
| List tokens | GET | /wallet/v1/tokens |
| View policy | GET | /wallet/v1/policy |
| Audit log | GET | /wallet/v1/audit |
Base URL: https://api.outlayer.fastnear.com
Security Model#
MPC master secret
The keystore TEE obtains its master secret from the NEAR Protocol MPC network via a DAO-governed approval process. Individual wallet keys are then derived inside the TEE using HMAC-SHA256(master_secret, "wallet:{id}:{chain}"). The same wallet ID always produces the same addresses across chains.
TEE attestation
Key derivation, transaction signing, and policy evaluation all happen inside Intel TDX enclaves. TEE attestation proves that the code running inside the enclave has not been tampered with. No one — not even the infrastructure operator — can extract keys or bypass policy checks.
Policy on-chain
Policies are stored encrypted on the NEAR blockchain. Only the TEE can decrypt them. The controller (wallet owner) can freeze the wallet instantly via an on-chain transaction — no API gateway involvement needed.
Agent compromise recovery
If the agent's API key is compromised: (1) freeze the wallet from the dashboard (instant), (2) revoke the API key, (3) create a new API key, (4) transfer funds to a new wallet if needed. The private key itself is never exposed — there is nothing to rotate.
AI Agent Skill File#
For AI agents that support skill files (Claude MCP, OpenAI functions, etc.), OutLayer provides a ready-to-use skill definition that teaches the agent how to register, fund, and operate the wallet.
# Fetch the skill file
curl -s https://outlayer.fastnear.com/SKILL.mdThe skill file contains step-by-step instructions, API reference, error handling, and guidelines for the AI agent. Point your agent framework to this URL and the agent will know how to set up and use its wallet automatically.
What the skill file covers:
- Wallet registration (one POST call, no blockchain needed)
- Getting addresses and balances on any supported chain
- Native NEAR transfers, FT transfers, token swaps
- Cross-chain withdrawals via Intents (gasless)
- Intents deposits for manual balance management
- Contract calls with arbitrary function arguments
- Balance checks before every operation (required)
- Status polling, error handling, and automatic storage registration
- Fund link generation for requesting NEAR from the user
- Guiding the user to configure spending policies
Comparison with Traditional Custody#
| Feature | OutLayer Agent Custody | Traditional (Fireblocks etc.) |
|---|---|---|
| Setup | One API call, instant | Enterprise onboarding, days-weeks |
| Key management | MPC + TEE, no key exposure | MPC, HSM |
| Policy engine | On-chain encrypted, TEE-enforced | Server-side, proprietary |
| Cross-chain | NEAR Intents (gasless) | Per-chain integration |
| Gas tokens | Not needed for transfers | Required per chain |
| AI agent ready | Skill file, REST API, WASI host functions | SDK integration |
| Pricing | Pay per transaction | Monthly subscription + per-tx |
Dashboard#
The wallet owner manages everything through the OutLayer dashboard. The agent only sees the API.
| Page | What it does |
|---|---|
| /wallet/manage | Create and edit policies, manage approvers, freeze/unfreeze wallet |
| /wallet/approvals | View and sign pending multisig approvals |
| /wallet/audit | Full history of all transactions, policy changes, approvals, freezes |