7-Stage Pipeline Security: How AI Agents Validate Transactions Before Execution

Giving an AI agent a wallet without guardrails is like giving a toddler a credit card—it won't end well. WAIaaS solves this with a 7-stage transaction pipeline that validates every action before execution, ensuring your AI agents can trade DeFi positions and handle payments without compromising your funds. Instead of hoping your agent won't make catastrophic mistakes, you get 3 layers of security with explicit approval workflows.

Why Transaction Validation Matters for AI Agents

AI agents are powerful but unpredictable. They might misinterpret instructions, fall victim to prompt injection attacks, or simply make logical errors that cost you money. Traditional wallet solutions assume human oversight for every transaction—but that defeats the purpose of automation.

The stakes are real: unvalidated AI agents could drain wallets, approve unlimited token spending, or interact with malicious contracts. Yet blocking AI agents entirely kills their utility. What you need is intelligent validation that allows legitimate automation while preventing catastrophic losses.

WAIaaS 7-Stage Pipeline: Security by Design

WAIaaS processes every transaction through a 7-stage pipeline that validates, authorizes, and executes with appropriate human oversight. Here's how it works:

Stage 1: Validation

The system validates transaction structure, chain compatibility, and basic sanity checks. Invalid transactions die here before consuming resources.

# Example: AI agent attempts to send tokens
curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "TRANSFER",
    "to": "recipient-address",
    "amount": "0.1"
  }'

Stage 2: Authentication

Session-based authentication ensures only authorized agents can initiate transactions. WAIaaS uses 3 auth methods:

• sessionAuth (JWT HS256): AI agents with scoped permissions
• ownerAuth (SIWS/SIWE): Fund owners for approvals
• masterAuth (Argon2id): System administrators

Stage 3: Policy Engine (The Critical Layer)

This is where WAIaaS shines. The policy engine evaluates 21 policy types across 4 security tiers:

# Create spending limits with 4-tier security
curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 100,
      "notify_max_usd": 500,
      "delay_max_usd": 2000,
      "delay_seconds": 900,
      "daily_limit_usd": 5000
    }
  }'

Stage 4: Wait (Delay Enforcement)

Transactions requiring delays are queued with cancellation windows. This prevents rushed decisions and gives owners time to intervene.

Stage 5: Execute

Only validated, authorized, policy-compliant transactions reach execution. The system builds and signs transactions using the appropriate wallet infrastructure.

Stage 6: Confirm

Transaction monitoring ensures completion and handles failures gracefully.

Stage 7: Complete

Final state updates, notifications, and cleanup.

Default-Deny Security Model

WAIaaS follows default-deny: transactions are blocked unless explicitly allowed. This prevents agents from:

# Block unauthorized tokens (default-deny)
curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "ALLOWED_TOKENS",
    "rules": {
      "tokens": [
        {
          "address": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
          "symbol": "USDC",
          "chain": "solana"
        }
      ]
    }
  }'

Without explicit token allowlists, agents cannot transfer any tokens. Similar rules apply to contract interactions and spending approvals.

4 Security Tiers Explained

WAIaaS classifies transactions into 4 tiers based on risk:

INSTANT: Execute immediately (small amounts, whitelisted recipients)
NOTIFY: Execute immediately, send notification (medium amounts)
DELAY: Queue for specified delay, then execute (large amounts, cancellable)
APPROVAL: Require human approval via WalletConnect/Telegram/Push (very large or high-risk)

Transaction amounts determine tier assignment automatically:

{
  "instant_max_usd": 10,    // <= $10: INSTANT
  "notify_max_usd": 100,    // <= $100: NOTIFY  
  "delay_max_usd": 1000,    // <= $1000: DELAY (15min default)
  "delay_seconds": 900,     // > $1000: APPROVAL required
  "daily_limit_usd": 5000
}

Policy Types for Comprehensive Protection

WAIaaS supports 21 policy types covering every risk vector:

• SPENDING_LIMIT: Amount-based tier assignment
• ALLOWED_TOKENS: Default-deny token whitelist
• CONTRACT_WHITELIST: Default-deny contract interaction
• APPROVED_SPENDERS: Default-deny token approvals
• WHITELIST: Recipient address restrictions
• RATE_LIMIT: Transaction frequency limits
• TIME_RESTRICTION: Allowed trading hours
• LENDING_LTV_LIMIT: Max loan-to-value for DeFi
• PERP_MAX_LEVERAGE: Futures leverage limits
• X402_ALLOWED_DOMAINS: Auto-payment domain whitelist

And 11 more specialized policies for comprehensive coverage.

Human-in-the-Loop Approval Channels

For APPROVAL-tier transactions, WAIaaS provides 3 signing channels:

1. Push Relay: Web-based approval interface
2. Telegram Bot: Mobile notifications with approve/deny buttons
3. WalletConnect: Hardware wallet integration

# Check approval status
curl -X GET http://127.0.0.1:3100/v1/transactions/<tx-id> \
  -H "Authorization: Bearer wai_sess_<token>"

# Owner approves via signature
curl -X POST http://127.0.0.1:3100/v1/transactions/<tx-id>/approve \
  -H "X-Owner-Signature: <ed25519-or-secp256k1-signature>" \
  -H "X-Owner-Message: <signed-message>"

Dry-Run Simulation for Risk Assessment

Before executing any transaction, you can simulate outcomes:

curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "TRANSFER",
    "to": "recipient-address",
    "amount": "0.1",
    "dryRun": true
  }'

This shows exactly what would happen without spending gas or moving funds.

Quick Start: Secure AI Agent Setup

Here's how to deploy a secured AI trading agent:

1. Install and Initialize

npm install -g @waiaas/cli
waiaas init
waiaas start

1. Create Wallet with Policies

# Create wallet
waiaas wallet create --name trading-bot --chain solana

# Set spending limits
curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: <password>" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 50,
      "daily_limit_usd": 1000
    }
  }'

1. Deploy with Docker

git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
cd WAIaaS
docker compose up -d

1. Connect AI Agent

# Create session for agent
waiaas session create --wallet-id <wallet-uuid>

# Agent can now make validated transactions
curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{"type": "TRANSFER", "to": "...", "amount": "0.01"}'

1. Monitor via Admin UI Open http://127.0.0.1:3100/admin to monitor transactions, adjust policies, and manage approvals.

The result: your AI agent can execute legitimate trades and payments while comprehensive policies prevent catastrophic losses.

What's Next

The 7-stage pipeline ensures your AI agents operate safely within defined boundaries. Start with restrictive policies and gradually expand permissions as you gain confidence in your agent's behavior.

Ready to secure your AI agent wallets? Check out the full implementation on GitHub or explore deployment options at waiaas.ai.