DEV Community

Cover image for How AgentTalk Uses Wallet Attestation for Agent-to-Agent Sessions
Douglas Borthwick
Douglas Borthwick

Posted on • Originally published at insumermodel.com

How AgentTalk Uses Wallet Attestation for Agent-to-Agent Sessions

#ai #webdev #api #blockchain

AI agents are starting to transact with each other. They negotiate deals, exchange data, and move money. But how does one agent know the other is worth talking to? AgentTalk, built by Skye Meta, answers that question with on-chain wallet conditions verified by InsumerAPI.

The Problem: Agents Need Trust Before Communication

When two AI agents meet on a network, they face a fundamental question. Should I talk to this thing? Passwords prove you know a secret. API keys prove you have access. Neither proves financial capacity, community membership, or on-chain reputation.

An agent negotiating a supply chain deal needs to know its counterpart controls real assets. An agent operating inside a DAO needs to verify the other agent actually holds governance tokens. A compliance-gated data exchange needs proof that EAS credentials are on-chain, not just claimed.

Static credentials do not solve this. A password issued yesterday says nothing about what the agent holds today. On-chain state changes continuously. The trust primitive has to be dynamic, verifiable, and composable.

How AgentTalk Works

AgentTalk is a condition-gated communication protocol for AI agents. Every channel has wallet conditions. Every session is verified on-chain. The flow has five steps.

        - **Declare.** The channel creator defines conditions: which tokens, which chains, what thresholds. Up to 10 conditions per channel across 32 chains (30 EVM + Solana + XRPL).
        - **Connect.** An agent joins the channel and presents its wallet address.
        - **Attest.** AgentTalk calls InsumerAPI (`POST /v1/attest`) to verify both wallets against the channel conditions. Boolean results. Pass or fail.
        - **Session.** If both wallets pass, each agent receives an ECDSA-signed attestation JWT. The agents can now communicate.
        - **Verify.** At any point during the session, either agent can request re-verification. AgentTalk calls the attest endpoint again. If the wallet no longer meets the conditions, the session ends immediately.
Enter fullscreen mode Exit fullscreen mode

This is the key principle: sell the token, lose the session. Access is not static. It is continuously tied to on-chain state. The moment an agent's wallet no longer meets the conditions, the communication channel closes. No revocation lists, no admin intervention. The blockchain is the authority.

AgentTalk exposes this flow through four endpoints on skyemeta.com: POST /api/agenttalk/declare (create a channel with conditions), POST /api/agenttalk/join (join and receive per-agent attestation JWTs), GET /api/agenttalk/session (check session status), and POST /api/agenttalk/buy-key (purchase an InsumerAPI key with USDC). Under the hood, each session call hits InsumerAPI's POST /v1/attest for on-chain verification.

What Makes This Different

Traditional agent communication protocols rely on identity. You authenticate once, and you are in. AgentTalk replaces identity with verifiable state.

        - **Composable conditions.** A single channel can require holdings across multiple chains and token types. Hold 1,000 USDC on Ethereum and an NFT on Base and a governance token on Arbitrum. All verified in one attestation call.
        - **Boolean results, not raw amounts.** InsumerAPI returns pass or fail for each condition. The other agent never learns how much you hold. Only whether you meet the threshold.
        - **Privacy-preserving.** No wallet contents are exposed. No transaction history is shared. The attestation confirms specific conditions without revealing anything beyond the yes-or-no answer.
        - **Independently verifiable.** Every attestation is ECDSA-signed by InsumerAPI. Any agent can verify the signature offline using the public JWKS endpoint. You do not need to trust AgentTalk. You trust the cryptography.
Enter fullscreen mode Exit fullscreen mode

The API Behind It

AgentTalk calls POST /v1/attest for every session establishment and every re-verification. The request includes the wallet address and an array of conditions. The response includes a boolean result for each condition, a condition hash for tamper detection, and an ECDSA signature over the entire payload.

Agents that want additional assurance can request format: "jwt" in the attest call. This returns an ES256-signed JWT alongside the standard response. The JWT is verifiable by any standard library (Kong, Nginx, Cloudflare Access, AWS API Gateway) via the JWKS endpoint at /.well-known/jwks.json.

The verification chain is simple. You send conditions in. You get cryptographically verifiable results out. No trust in the intermediary required. The attestation is signed, the signature is public-key verifiable, and the condition hash lets you confirm the conditions were not altered in transit.

Autonomous Key Purchase

Agents that use AgentTalk start with 10 free InsumerAPI calls. After that, they need their own API key. The purchase is fully autonomous.

The agent sends USDC, USDT, or BTC to the InsumerAPI payment address on any supported chain (EVM, Solana, or Bitcoin). Then it calls POST /v1/keys/buy with the transaction hash. The key is issued automatically. No human in the loop. No credit cards. No signup forms.

This matters because the whole point of agent-to-agent communication is autonomy. If an agent has to wait for a human to purchase an API key, the system is not truly autonomous. AgentTalk agents buy their own verification capacity with on-chain payments, the same way they verify each other with on-chain state.

Use Cases 

        - **Supply chain negotiation.** Agent A wants to negotiate a bulk purchase. Agent B requires proof that Agent A's wallet holds sufficient USDC before opening the channel. The condition is verified on-chain. No bank statements, no credit checks.
        - **DAO-to-DAO workflows.** Two DAOs want to coordinate on a joint proposal. Each DAO's agent must prove it holds governance tokens from both organizations. Conditions are composable, so this is a single attestation call.
        - **Compliance-gated data exchange.** An agent needs to share sensitive data but only with counterparts that hold specific EAS credentials on-chain. AgentTalk verifies the credential holdings before the session opens.
        - **AI agent marketplaces.** A marketplace of AI services requires agents to hold the marketplace's service token to participate. Sell the token, lose access to the marketplace. Dynamic, not static.
Enter fullscreen mode Exit fullscreen mode

Wallet Identity as a Primitive

AgentTalk treats the wallet as the agent's fingerprint. Not an identity document, not a login credential, but a verifiable state container. What the wallet holds right now determines what the agent can do right now.

For more on wallet identity as a primitive, see Your Wallet Is Your Fingerprint on the Skye Meta blog.

The pattern is straightforward. AgentTalk defines the conditions. InsumerAPI verifies them on-chain. The attestation is cryptographically signed. Any participant can verify it independently. No centralized authority decides who gets access. The blockchain decides.

Built on InsumerAPI

    Share this article

        [

            Share on X
        ](#)
        [

            LinkedIn
        ](#)
        [

            Reddit
        ](#)


            Discord



            Copy Link
Enter fullscreen mode Exit fullscreen mode

InsumerAPI is free to start. Get an API key and try it. View API Docs

Top comments (0)