Talk to salesDocsBuild on Ditto
For AI Agents

Give your agent the power to act on-chain.
Not your keys.

Autonomous agents are great at deciding what to do. Handing them a private key to do it is how wallets get drained. Ditto separates the two: your agent expresses intent, and Ditto executes it within scoped, revocable permissions you define — simulated, consensus-validated, and slashing-secured.

Become a design partner Read the Docs

Separate the right to decide from the right to execute

Your agent expresses intent — swap, pay, rebalance. It never holds your key, never signs, and can't move funds on its own. Ditto executes that intent through scoped, revocable session-key permissions you grant once: which actions, which contracts, which chains. So a bad inference stops being catastrophic — an instruction outside those permissions simply never executes, and the blast radius is capped by design, not by hoping the model behaves.

  • The agent holds a capability, not your key
  • Scoped, revocable session-key permissions
  • Out-of-scope actions can't execute — blast radius capped

Autonomy inside guardrails

    • Your agent never holds your key

      It receives scoped, revocable session-key permissions — a capability, not custody of your funds.

    • Out-of-scope actions can't execute

      Permissions are bounded to the actions you authorize; anything outside that scope simply won't run.

    • Simulated before settlement

      The operator network simulates every intent against live on-chain state before anything becomes irreversible.

    • Consensus, not a single signer

      No single actor pushes a transaction through alone — a decentralized operator set must reach 66%+ agreement to execute.

    • Slashing-backed accountability

      Operators restake on EigenLayer and Symbiotic and are penalized for misbehavior — trustless, not "trust me".

    • Bring your own agent

      Any LLM or agent framework can drive it through the Ditto SDK and its ready-made AI-agent skill.

    • Multi-chain

      Agents operate across Ethereum, Base, Arbitrum, Polygon, and Optimism.

    What your agent can finally do safely

    • Autonomous rebalancingAn agent monitors market conditions and rebalances a portfolio or vault to target weights — within strict, pre-set bounds. It can adjust; it can't run off with the assets.
    • Agent-driven paymentsSettle invoices, payroll, or recurring transfers on a schedule or trigger — to the destinations you authorized, and nowhere else.
    • Conditional DeFi strategiesExecute yield, hedging, or DCA strategies across chains when conditions are met — every action simulated and validated before it lands.
    • Intent → executionTranslate an agent's goal into concrete triggers and batched on-chain steps through the SDK — no keeper scripts to run.
    • Model-agnosticDrive it from any LLM or agent framework using the Ditto SDK and its AI-agent skill.

    Building an agent that needs to touch money? Let's talk.

    We're onboarding a small group of design partners building autonomous on-chain agents. If that's you, we'll work directly with your team on permission design and integration.

    Become a design partner

    Prefer email?
    info@dittonetwork.io

    Tell us what your agent needs to do on-chain — we'll help you scope it safely.

    On-Chain Execution for AI Agents FAQ

    Become a design partner
    • How does an agent act on-chain without holding my key?

      It expresses intent; Ditto executes through scoped, revocable session-key permissions you grant once. The agent receives a capability — not your private key — and never signs for itself.

    • What stops a compromised agent from draining funds?

      Session-key permissions are bounded to the actions you authorize. An instruction outside that scope — "send everything to an unknown address" — doesn't match and never executes.

    • Is it non-custodial?

      Yes. You keep custody of your assets, the agent never gains open-ended control, and permissions can be revoked at any time.

    • Does the network really check every action?

      Operators independently simulate each intent against live on-chain state, and 66%+ consensus is required to execute. Operators restake on EigenLayer and Symbiotic and are slashed for misbehavior.

    • Which LLMs or agent frameworks work?

      Any that can call the SDK or use its AI-agent skill — the integration is model-agnostic. Agents run across Ethereum, Base, Arbitrum, Polygon, and Optimism.

    • How do I get access?

      We're working with a small group of design partners first. Reach out and we'll scope your agent's permissions and integration with you.

    Explore what else can be built with Ditto.

    What will you automate next?