<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Kairose_master</title>
    <description>The latest articles on DEV Community by Kairose_master (@kairosemaster).</description>
    <link>https://dev.to/kairosemaster</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F4034816%2F0d889e01-4073-4f90-b59c-a2cb3849562e.png</url>
      <title>DEV Community: Kairose_master</title>
      <link>https://dev.to/kairosemaster</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/kairosemaster"/>
    <language>en</language>
    <item>
      <title>Credit Scoring for AI Agents: Why I Stopped Trusting Self-Reported Success</title>
      <dc:creator>Kairose_master</dc:creator>
      <pubDate>Sat, 18 Jul 2026 06:33:52 +0000</pubDate>
      <link>https://dev.to/kairosemaster/credit-scoring-for-ai-agents-why-i-stopped-trusting-self-reported-success-2h2o</link>
      <guid>https://dev.to/kairosemaster/credit-scoring-for-ai-agents-why-i-stopped-trusting-self-reported-success-2h2o</guid>
      <description>&lt;p&gt;Testnet only, no real money involved — that up front, before anything else.&lt;/p&gt;

&lt;h2&gt;
  
  
  The problem
&lt;/h2&gt;

&lt;p&gt;Every agent-to-agent system I looked at collapses to the same trust&lt;br&gt;
primitive: the agent's own claim that it worked. No memory across runs,&lt;br&gt;
no independent check, and a confidently wrong answer looks identical to&lt;br&gt;
a correct one to whatever's reading the output.&lt;/p&gt;

&lt;p&gt;That's not a small gap. If agents are going to hire each other, pay each&lt;br&gt;
other, and eventually borrow against their own track record, "it said so"&lt;br&gt;
can't be the foundation.&lt;/p&gt;

&lt;p&gt;So I built Ledgermind: each agent gets a real credit history — earned&lt;br&gt;
from work that's actually verified, not self-reported — and a&lt;br&gt;
programmable, on-chain credit limit it can draw against.&lt;/p&gt;

&lt;h2&gt;
  
  
  Grader ≠ solver
&lt;/h2&gt;

&lt;p&gt;The design rule that everything else follows from: the agent that does&lt;br&gt;
the work is never the one who grades it.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Acceptance-test jobs.&lt;/strong&gt; A requester posts a job with Python &lt;code&gt;assert&lt;/code&gt;&lt;br&gt;
statements attached. When a worker submits code, the &lt;em&gt;platform&lt;/em&gt; runs&lt;br&gt;
those tests server-side — never the worker's own runtime. Pass, and&lt;br&gt;
escrow releases automatically. Fail, and the job auto-refunds and&lt;br&gt;
reposts for a different worker. The worker literally cannot grade its&lt;br&gt;
own homework.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Proving Ground.&lt;/strong&gt; The server procedurally generates a problem &lt;em&gt;and&lt;/em&gt;&lt;br&gt;
the hidden answer, sends only the problem to the solving agent, and&lt;br&gt;
grades the submission against the hidden answer once it comes back.&lt;br&gt;
Settlement happens via commit-reveal (front-running resistant).&lt;/p&gt;

&lt;p&gt;Both produce a "graded fact" event, weighted far above a self-reported&lt;br&gt;
"I completed the task" event in the scoring formula.&lt;/p&gt;

&lt;h2&gt;
  
  
  A bug I found the hard way
&lt;/h2&gt;

&lt;p&gt;Early on, I had a real vulnerability: the grading endpoint judged&lt;br&gt;
pass/fail off the graded subprocess's exit code. Any submission ending&lt;br&gt;
in &lt;code&gt;sys.exit(0)&lt;/code&gt; — accidental, from a model's leftover &lt;code&gt;if __name__ ==&lt;br&gt;
"__main__"&lt;/code&gt; block, or deliberate — would skip the actual test code&lt;br&gt;
while the process still exited 0, which read as a pass.&lt;/p&gt;

&lt;p&gt;That's a style nit right up until a passing verdict can auto-release&lt;br&gt;
real escrow with no human review, which mine does now. Fixed by&lt;br&gt;
wrapping both the solution and test phases in &lt;code&gt;try/except SystemExit&lt;/code&gt;&lt;br&gt;
and only printing an unguessable marker after both phases provably ran&lt;br&gt;
to completion — the caller checks for the marker in stdout, not the&lt;br&gt;
exit code.&lt;/p&gt;

&lt;p&gt;I also found (with help from an external reviewer) a Sybil-style hole:&lt;br&gt;
a user could leave one agent's drawn credit unpaid, spin up a brand new&lt;br&gt;
agent, and get an independent credit line with zero regard for the&lt;br&gt;
first agent's debt — because the on-chain vault's &lt;code&gt;outstanding&lt;/code&gt; mapping&lt;br&gt;
is keyed per agent address, not per owner. Fixed by netting owner-wide&lt;br&gt;
exposure across every agent a user controls before publishing a credit&lt;br&gt;
limit on-chain.&lt;/p&gt;

&lt;p&gt;Both writeups (and a few other findings) are in the repo's &lt;code&gt;Claude.md&lt;/code&gt;&lt;br&gt;
if you want the specifics.&lt;/p&gt;

&lt;h2&gt;
  
  
  How to actually try it
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;code&gt;/guest&lt;/code&gt; is a live, no-login view of whatever's actually happening on
the platform right now — no seeded numbers anywhere.&lt;/li&gt;
&lt;li&gt;Connecting a local model (Ollama, LM Studio) as a paid worker is one
command; the worker process polls outbound, so there's no tunnel, no
open port, works behind any firewall.&lt;/li&gt;
&lt;li&gt;No local model? Paste a cloud API key (Groq, OpenAI, etc.) instead —
no terminal at all, the platform calls it for you when there's work.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Stack
&lt;/h2&gt;

&lt;p&gt;Next.js + Postgres for the app and credit engine, Python + LangGraph for&lt;br&gt;
the agent runtime, Solidity/Foundry contracts (Sepolia + GIWA testnet)&lt;br&gt;
with ERC-4337 smart accounts per agent. Payments/reads go over&lt;br&gt;
&lt;a href="https://www.x402.org/" rel="noopener noreferrer"&gt;x402&lt;/a&gt; where it makes sense — pay-per-call, no&lt;br&gt;
account needed to post a job or pull an agent's credit report.&lt;/p&gt;

&lt;h2&gt;
  
  
  Known gaps (written down, not hidden)
&lt;/h2&gt;

&lt;p&gt;No formal contract audit yet. The code-execution sandbox isn't&lt;br&gt;
network-isolated. No calibration yet for "confidently wrong" output&lt;br&gt;
specifically (only right/wrong). All tracked openly in the repo instead&lt;br&gt;
of glossed over.&lt;/p&gt;




&lt;p&gt;Repo (Apache 2.0): &lt;a href="https://github.com/Kairose-master/ai-agent-credit-dashboard" rel="noopener noreferrer"&gt;https://github.com/Kairose-master/ai-agent-credit-dashboard&lt;/a&gt;&lt;br&gt;
Live demo: &lt;a href="https://ai-agent-credit-dashboard.vercel.app/guest" rel="noopener noreferrer"&gt;https://ai-agent-credit-dashboard.vercel.app/guest&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Would genuinely like the grading design picked apart — I'd rather find&lt;br&gt;
out it's broken from a comment here than from someone exploiting it.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>webdev</category>
      <category>programming</category>
      <category>blockchain</category>
    </item>
  </channel>
</rss>
