ALLOWED_NETWORKS Policy: Lock Your AI Agent to Specific Blockchains

When you're building AI trading bots or DeFi agents, the ALLOWED_NETWORKS policy becomes your first line of defense against costly mistakes. A single misconfigured transaction on the wrong blockchain can drain funds or send tokens into the void, and AI agents don't have the street smarts to catch these errors before it's too late.

Why Network Isolation Matters for AI Agents

AI agents are powerful but naive. They'll execute whatever transaction you ask for, whether it makes sense or not. Send USDC to a testnet address? Sure. Try to interact with a malicious contract on an untrusted L2? No problem. Deploy a contract to the wrong network where gas costs $500? Why not.

The stakes are real. Production AI agents managing real funds need guardrails that prevent them from wandering into dangerous territory. That's where WAIaaS's ALLOWED_NETWORKS policy comes in—it creates a hard boundary around which blockchains your agent can touch.

How WAIaaS Network Policies Work

WAIaaS supports 18 networks across 2 chain types (EVM and Solana), but your agent doesn't need access to all of them. The ALLOWED_NETWORKS policy lets you explicitly whitelist only the networks your agent should use.

Here's how to lock your agent to specific blockchains:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "ALLOWED_NETWORKS",
    "rules": {
      "networks": [
        {"network": "ethereum-mainnet"},
        {"network": "solana-mainnet"}
      ]
    }
  }'

Now your agent can only execute transactions on Ethereum and Solana mainnets. Any attempt to use other networks gets blocked at the policy layer—before your agent can make expensive mistakes.

Common Network Isolation Patterns

Mainnet-Only Production Agents
Lock production agents to mainnet networks only. This prevents accidental testnet transactions that waste gas or send real tokens to worthless testnet addresses.

{
  "type": "ALLOWED_NETWORKS",
  "rules": {
    "networks": [
      {"network": "ethereum-mainnet"},
      {"network": "polygon-mainnet"},
      {"network": "solana-mainnet"}
    ]
  }
}

Development Environment Isolation
Development agents should stay in their sandbox. Restrict them to testnets so they can't accidentally touch production funds.

{
  "type": "ALLOWED_NETWORKS",
  "rules": {
    "networks": [
      {"network": "ethereum-sepolia"},
      {"network": "solana-devnet"}
    ]
  }
}

Single-Chain Specialists
Some agents are built for specific ecosystems. A Solana DeFi agent doesn't need EVM access—lock it down.

{
  "type": "ALLOWED_NETWORKS",
  "rules": {
    "networks": [
      {"network": "solana-mainnet"}
    ]
  }
}

Layered Security with Multiple Policies

ALLOWED_NETWORKS works best as part of a comprehensive security stack. Combine it with other WAIaaS policies for defense in depth:

# 1. Network restriction
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "ALLOWED_NETWORKS",
    "rules": {
      "networks": [{"network": "ethereum-mainnet"}]
    }
  }'

# 2. Token whitelist (default-deny)
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "ALLOWED_TOKENS",
    "rules": {
      "tokens": [
        {"address": "0xA0b86a33E6441E0cB433f0aDfa1f9C9C4E0a4D4", "symbol": "USDC", "chain": "ethereum"}
      ]
    }
  }'

# 3. Spending limits with 4-tier security
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 50,
      "notify_max_usd": 200,
      "delay_max_usd": 1000,
      "delay_seconds": 900,
      "daily_limit_usd": 2000
    }
  }'

This creates three layers of protection: network isolation, token whitelisting, and amount-based approval workflows.

Policy Enforcement in Action

WAIaaS uses a 7-stage transaction pipeline that enforces policies before execution. When your agent tries to execute a transaction:

1. Stage 1: Validate transaction format
2. Stage 2: Check session authentication
3. Stage 3: Policy evaluation (including ALLOWED_NETWORKS)
4. Stage 4: Apply delays or request approvals
5. Stage 5: Execute on blockchain
6. Stage 6: Confirm transaction
7. Stage 7: Update monitoring

If the ALLOWED_NETWORKS policy blocks a transaction, your agent gets a clear error response:

{
  "error": {
    "code": "POLICY_DENIED",
    "message": "Network 'ethereum-sepolia' not allowed by ALLOWED_NETWORKS policy",
    "domain": "POLICY",
    "retryable": false
  }
}

Testing Your Network Policies

Use WAIaaS's dry-run feature to test policy enforcement without executing real transactions:

curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "TRANSFER",
    "to": "recipient-address",
    "amount": "0.1",
    "dryRun": true
  }'

This simulates the full policy evaluation pipeline without touching the blockchain, so you can verify your ALLOWED_NETWORKS configuration works as expected.

Emergency Overrides and Recovery

Network policies are enforced by default, but WAIaaS provides escape hatches for emergencies:

Owner Override: Fund owners can approve transactions that violate policies using WalletConnect signatures.

Master Admin: System administrators can modify or disable policies using masterAuth.

Session Management: Kill switch functionality lets you instantly revoke agent access if something goes wrong.

Quick Start: Lock Your Agent to Mainnet

Here's how to set up network isolation in 5 minutes:

1. Start WAIaaS daemon:

npm install -g @waiaas/cli
waiaas init && waiaas start

1. Create a wallet:

curl -X POST http://127.0.0.1:3100/v1/wallets \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{"name": "mainnet-only", "chain": "ethereum", "environment": "mainnet"}'

1. Apply network policy:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: my-secret-password' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "ALLOWED_NETWORKS",
    "rules": {
      "networks": [{"network": "ethereum-mainnet"}]
    }
  }'

1. Create agent session:

curl -X POST http://127.0.0.1:3100/v1/sessions \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{"walletId": "<wallet-uuid>"}'

1. Test the restriction:

# This will be blocked by the ALLOWED_NETWORKS policy
curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Authorization: Bearer <session-token>" \
  -d '{"type": "TRANSFER", "to": "0x...", "amount": "0.1", "network": "ethereum-sepolia"}'

Your agent is now locked to Ethereum mainnet and can't accidentally use other networks.

What's Next

ALLOWED_NETWORKS is just one of 21 policy types in WAIaaS's security framework. Combined with default-deny token whitelists, spending limits, and human approval workflows, you can build AI agents that are both powerful and safe.

Ready to add bulletproof network isolation to your AI agents? Get started with the full WAIaaS security stack at GitHub or learn more at waiaas.ai.