PROTOCOL ZERO: AUTONOMOUS AI-AGENT

The Problem
In decentralized finance, AI-powered trading agents are the next frontier. But there's a dirty secret: most of them are opaque black boxes. No identity. No accountability. No audit trail. When an AI agent makes a bad trade, loses user funds, or gets exploited by a flash crash — who's responsible? Where's the proof of what it was "thinking"?
Traditional DeFi bots have zero on-chain identity — they're just wallets executing transactions. There's no reputation system, no way to verify their decision history, and no cryptographic proof that the AI actually evaluated the risks before acting. Users are essentially trusting a faceless algorithm with their money.
We asked: What if an AI trading agent was held to the same accountability standards as a human financial advisor? What if every single decision was signed, validated, reputation-gated, and logged in an immutable audit trail?
That's Protocol Zero.

The Solution
Protocol Zero is an autonomous ERC-8004 compliant DeFi trading agent built entirely on Amazon Nova services. It uses Amazon Nova Lite via the Bedrock Converse API for real-time market reasoning with agentic tool-use, and wraps every decision in a three-layer trust framework:
• 🪪 Identity Registry — The agent registers itself as an ERC-721 NFT on-chain (ERC-8004 standard), creating a verifiable on-chain identity.
• ⭐ Reputation Registry — Every trade outcome is logged as reputation feedback via giveFeedback(). Positive trades increase the score; bad trades decrease it.
• 📋 Validation Registry — Before execution, every trade intent is submitted for on-chain validation via validationRequest().
The agent is deployed on Ethereum Sepolia and registered at block 10425129. It can't hide, it can't lie, and it can't trade without meeting its reputation threshold.

Architecture
The Protocol Zero pipeline is a 7-stage execution waterfall, where each stage must pass before the next is triggered:
📊 Market Data (CCXT/Binance)
↓
🧠 Nova Brain (Bedrock Converse API + 4 agentic tools)
↓
🛡️ Risk Gate (8 checks: position size, daily loss, concentration,
confidence floor, trade frequency, intent expiry,
ERC-8004 reputation threshold, risk-score ceiling)
↓
🔏 EIP-712 Signing (typed structured data)
↓
⛓️ On-Chain Execution (Sepolia + Uniswap V3 DEX swap)
↓
📋 Validation Artifact (Merkle tree audit chain)
↓
⭐ Reputation Feedback (logged to ERC-8004 Reputation Registry)

The brain is agentic — Nova Lite can request up to 4 tools mid-reasoning:
• rug_pull_scanner — Contract safety check
• market_deep_dive — Live order-book depth from Binance
• nova_act_audit — Browser-based Etherscan verification
• embedding_scan — Cosine similarity scam-pattern detection
This isn't a simple prompt → response loop. The model reasons, decides it needs more data, calls a tool, gets the result, and then makes a final decision. This is real agentic AI.

Nova Services Used
Protocol Zero leverages three Amazon Nova capabilities:

1. Amazon Nova Lite (Converse API with Tool-Use) The core reasoning engine. We use bedrock-runtime.converse() with toolConfig to give Nova Lite access to 4 on-chain analysis tools. The model autonomously decides when to call them. Temperature is set to 0.2 for deterministic trading decisions. The agentic loop supports up to 3 tool-use rounds per decision cycle.
2. Nova Embeddings (Cosine Similarity Scam Detection) We use bedrock-runtime.invoke_model() with Amazon's embedding model to generate vector representations of token metadata. These vectors are compared against known scam-pattern reference embeddings using real cosine similarity — not keyword matching. Any token description with >0.7 similarity to known rug-pull patterns triggers a block.
3. Nova-Inspired Voice Interface (Web Speech + Nova Lite) A voice command interface that converts speech to text via Web Speech API, sends it to Nova Lite for natural language understanding, and executes commands like "Run analysis on ETH" or "Show my reputation score." All three services are cost-guarded: we implemented a 500 calls/day budget cap with real-time cost tracking in the sidebar, keeping our AWS bill under $2/day.

Key Innovation
Protocol Zero is (to our knowledge) the first AI agent that combines ERC-8004 reputation gating with autonomous trading.
Here's what that means in practice:
The agent has an on-chain reputation score (0-100%) tracked in the ERC-8004 Reputation Registry. Every trade outcome is logged as feedback. If the agent makes bad trades and its reputation drops below 30%, the check_erc8004_reputation risk gate literally blocks all further trading. The agent cannot execute. It's paused until trust is restored.
This is not a hypothetical — it's enforced in code. The risk pipeline has 8 checks, and the reputation check is hardcoded as check #7:

ALL_CHECKS = [
    check_max_position_size,
    check_daily_loss_limit,
    check_trade_frequency,
    check_concentration,
    check_confidence_floor,
    check_intent_expiry,
    check_erc8004_reputation,   # ← Can't trade if rep < 30%
    check_risk_score_ceiling,   # ← Can't trade if risk > 8/10
]

This creates a self-regulating feedback loop: perform well → reputation goes up → more trading freedom. Perform badly → reputation drops → trading is halted. Just like a human financial advisor who loses their license.

Audit Trail Using the Keccak256Hash for Sealed decision- Immutable, Verifiable, Trustless :
Keccak256 is the standard cryptographic hash function used by the Ethereum blockchain. It takes any amount of input data (like a trade decision, a risk assessment, or a price delta) and turns it into a unique 64-character string.

Deterministic: The same input will always produce the exact same hash.

Collision Resistant: It is practically impossible for two different sets of data to produce the same hash.

1. Sealed Decisions (Immutability)
   When a decision is "sealed," the protocol runs the details of that decision through the Keccak256 algorithm. Once that hash is recorded on a distributed ledger, it becomes immutable. Even if someone tries to change a single decimal point in the original trade data later on, the hashes won't match, and the tampering will be immediately obvious.

2. Verifiable Transparency
   Because the hash is public but the input can remain private (until revealed), Protocol Zero allows for verifiable actions. A user can look at a hash and, once the underlying data is provided, independently run the Keccak256 algorithm themselves. If their result matches the recorded hash, they have mathematical proof that the data is authentic.

3. Achieving a Trustless Environment
   The ultimate goal of this audit trail is to be trustless. You don't have to "trust" that the developers or the AI are being honest about why a "Forced HOLD" was triggered during a Flash Crash. You simply check the hash. The math provides the truth, removing the need for a middleman or a central authority to vouch for the system's integrity.

Edge-Case Handling
We stress-tested Protocol Zero against the most dangerous market scenarios:
In a Flash Crash scenario, which is a drop of more than 8% over 5 candles, detection is handled via price delta analysis. The response is a forced hold with a confidence level of 0.20 and a risk rating of 9.

For a Pump and Dump, defined as a spike of over 10% followed by a reversal of over 5%, the system uses peak and reversal detection. The response is a forced hold with a risk rating of 10.

During Extreme RSI conditions, where the RSI is greater than 85 or less than 15, detection is based on RSI thresholds. The response is a forced hold, marking it as a mania or capitulation zone.

In Low Liquidity situations, where volume is less than 20% of the average, detection is done through volume ratio analysis. The response is to cap the position at 0.5%.

When RSI Divergence occurs between price and RSI direction, detection is based on directional comparison. The response is to reduce confidence by 30%.

During** High Volatility**, where the standard deviation is greater than 2.0, detection uses a 20-period standard deviation. The response is to cap the position at 1.0%.

These aren't just rules in a system prompt — they're hardcoded in the rule-based fallback engine AND included as explicit instructions in the Nova Lite system prompt. The AI is told to respect them, and the code doublechecks that it does.`

The Dashboard
**The dashboard features a cinematic onboarding experience followed by a high-density **14-tab interface designed for complete transparency and cryptographic accountability.
Core Modules & Tabs
• 📊 Market — Real-time candlestick charting and volume analysis for live asset tracking.
• 🧠 AI Brain — The central reasoning hub where users trigger analyses and view the Agent’s Internal Thoughts (step-by-step reasoning chain).
• 🛡️ Risk & Exec — The safety layer featuring pre-flight checks, the Risk Router, a trade simulator, and the What-If Volatility stress-tester.
• 🌐 Trust Panel — The ERC-8004 hub displaying on-chain Identity, real-time Reputation scores, and Validation statistics.
• 📊 Performance — Detailed metrics tracking the agent’s historical trade accuracy and success rate.
• 🔗 Audit Trail — A cryptographic log showing Merkle-chained validation artifacts for every decision.
• 🧠 Calibration — Deep-dive analysis into the AI’s confidence intervals to prevent over-leveraging.
• 📡 Microstructure — Institutional-grade data including order-book depth and bid-ask spread analysis.
• 📒 TX Log — A complete, immutable transaction history with direct deep-links to Etherscan.
• 📈 P&L — Visual tracking of cumulative profit and loss across all agent activities.
Real-Time Global Elements
The top row of the interface is dedicated to three cinematic, real-time data visualizations that provide an instant snapshot of the system's "health" and "mindset":
1. The Regime Orb: A pulsing gradient sphere that changes color and intensity based on detected market volatility and macro regimes.
2. The Cognitive Stream: A live, scrolling ticker of "thought-by-thought" logs, showing exactly what the Nova Lite model is processing in milliseconds.
3. Trade DNA: A unique visual "fingerprint" for every trade, using vertical bars to encode the confidence, risk score, and position size of each execution.

Lessons Learned
✅ What Worked
• Agentic Power via Bedrock Converse API: Utilizing toolConfig was a game-changer. By allowing the Amazon Nova model to autonomously decide when to invoke tools—rather than following a rigid, pre-scripted path—the agent became genuinely adaptive to shifting market conditions.
• ERC-8004 as a Trust Framework: This standard is a hidden gem for AI. Building an on-chain Identity + Reputation + Validation pipeline proved that AI agents can be made demonstrably trustworthy and accountable to their users.
• Resilient Fallback Architecture: The rule-based fallback engine ensured "High Availability." If AWS becomes unreachable or the API hits a limit, Protocol Zero gracefully degrades to traditional technical-indicator decisions, ensuring the system never simply "crashes."
⚠️ What Was Hard
• Infrastructure Onboarding: Enabling Nova model access in the Bedrock console was a significant initial hurdle. Even though models are present, the requirement for explicit enablement can be a "stumbling block" for developers moving at hackathon speed.
• Cost vs. Autonomy Balance: Managing AWS API costs while maintaining an "always-on" autonomous feel required precise calibration. We successfully mitigated this by implementing a 90-second cycle interval and a strict 500 calls/day budget cap.
• UI Fluidity in Streamlit: Streamlit’s rerun-based architecture often causes distracting loading spinners. We overcame this technical limitation using custom CSS injection to hide spinners during the cinematic intro, ensuring a premium user experience.
🚀** What We’d Do Differently**
• L2 Deployment: While Sepolia served well for testing, a production version would move to a low-cost Layer 2 like Arbitrum or Base to minimize gas fees for the reputation and validation registries.
• Persistent Memory: We would integrate Amazon DynamoDB to provide the agent with long-term persistent storage of trade history and "learned" market behaviors across different sessions.
• Swarm Intelligence: The next evolution of Protocol Zero would be Multi-Agent Coordination—deploying multiple specialized agents that operate under a shared ERC-8004 reputation umbrella.

Live Project Overview Launched: https://protocol-zero.streamlit.app/