Start
Quickstart
Wire an Arsene-protected agent in 60 seconds. This example uses the mock runtime, so it runs anywhere a Node environment does — no Solana validator, no funded wallet.
1. Install
bash
npm install @arsene/core2. Issue a credential to your agent
Every agent needs a Masque. The principal signs the issuance; the credential binds identity, scope, and lifespan.
agent.ts
import { ArseneAgent } from '@arsene/core';
const agent = new ArseneAgent({
principal: myWallet.publicKey.toBase58(),
name: 'margot',
policy: {
maxPerTxLamports: 5_000_000n, // 0.005 SOL per tx
maxPerDayLamports: 50_000_000n, // 0.05 SOL per day
maxTotalLamports: 0n, // no lifetime cap
maxPerWindow: 8,
windowSeconds: 10,
merchantsRoot: '0x' + '00'.repeat(32), // allow any
},
});3. Make a payment
Every call to .pay() runs through Serrure first. If the policy rejects, the payment never leaves the Ombre vault and you get back a structured rejection.
agent.ts
const result = await agent.pay(
'HeLiusRpcMerchantPubkeyHere111111111111111',
2_500_000n, // 0.0025 SOL
'RPC credits'
);
if (result.status === 'settled') {
console.log('settled', result.txId);
} else {
console.warn('blocked by Serrure:', result.reason);
}Tip
The public chain only sees
result.publicCommitment — a hash. The principal sees the full note (merchant, amount, memo) through their view key.4. Handle compromise
When something goes wrong — prompt injection, key leak, runaway behavior — the principal revokes the Masque. Every merchant, relayer, and other agent on the network rejects that agent on the next block.
principal.ts
// Runtime anomaly detector flags unusual activity:
if (detector.score(agent) > 0.9) {
agent.pause(); // trip the circuit breaker — reversible
}
// Human-in-the-loop confirms the breach:
agent.revoke(2); // burn the Masque — permanentWhat's next
- Read the architecture page to see how the three programs compose via CPI.
- Explore the individual layers — Masque, Ombre, Serrure.
- Run the in-browser demo to see a compromised agent get blocked in real time.