# Aegis402 Shield Protocol

Aegis402 is a pay-per-request blockchain security API designed for AI agents, DeFi automation tools, and wallet applications. It wraps Web3Antivirus intelligence into three simple HTTP endpoints, with each request priced in USDC and paid automatically via the x402 protocol — no subscriptions, no API keys required. Clients pay only for what they use, making it ideal for autonomous agents operating at scale.

## Docs

- [API Reference](https://aegis402.com/api.html): Full endpoint documentation with request/response schemas, example payloads, and error codes.
- [Skill Definition](https://aegis402.com/skill.md): Claude/AI agent skill manifest for integrating Aegis402 into agent workflows.
- [Homepage](https://aegis402.com/): Product overview, pricing tiers, and integration guide.

## API

Aegis402 exposes three security endpoints. All payments are in USDC on Base (EVM, chain ID 8453) or Solana. Payment is handled via HTTP 402 / x402 protocol — the server returns a 402 response with payment details, the client pays on-chain, then retries with proof.

### POST /v1/simulate-tx — Smart Transaction Guard ($0.05 per request)

Simulates an EVM transaction before execution and returns a risk assessment. Detects rug pulls, malicious contract interactions, drainer patterns, and approval exploits.

Request body:
- `from` (string, required): Sender address
- `to` (string, required): Recipient or contract address
- `value` (string, required): ETH value in wei (hex or decimal)
- `data` (string, required): Calldata (hex-encoded)
- `chain_id` (number, required): EVM chain ID (e.g. 1 for Ethereum, 8453 for Base)

Response: `{ isSafe: boolean, riskLevel: "low"|"medium"|"high"|"critical", simulation: object, warnings: string[] }`

Use this before submitting any agent-initiated transaction to a user wallet or protocol.

### GET /v1/check-token/:address — Token Vetting API ($0.01 per request)

Scans an ERC-20 token for honeypot mechanics, hidden fees, ownership risks, and liquidity manipulation. Returns a verdict and detailed flags.

Path parameter: `address` — token contract address (checksummed EVM address)
Query parameter: `chain_id` (number, required) — EVM chain ID

Response: `{ isSafe: boolean, riskLevel: string, honeypot: boolean, flags: string[], details: object }`

Use this when an agent encounters an unknown token in a swap, airdrop, or DeFi interaction.

### GET /v1/check-address/:address — Address Hygiene ($0.005 per request)

Checks an address for poisoning attacks, sanctions exposure, known drainer associations, and on-chain reputation signals.

Path parameter: `address` — EVM address to check
Query parameter: `chain_id` (number, optional) — EVM chain ID for context

Response: `{ isSafe: boolean, riskLevel: string, poisoningRisk: boolean, flags: string[], reputation: object }`

Use this before sending funds to any address, especially those parsed from unverified sources (chat, QR codes, clipboard).

## Optional

### x402 Payment Protocol

Aegis402 uses x402 V2, the HTTP 402 Payment Required standard for machine-to-machine micropayments. When a client calls any endpoint without payment:

1. Server returns HTTP 402 with a `X-Payment-Required` header containing payment details (amount, asset, supported networks, facilitator URL).
2. Client submits USDC on Base or Solana to the specified address.
3. Client retries the request with the `X-Payment` header containing on-chain payment proof.
4. Server verifies via facilitator and executes the request.

This flow is fully automatable — x402-compatible clients handle it transparently. Reference implementations: https://github.com/coinbase/x402

Supported payment networks:
- Base Mainnet (EIP-155 chain ID 8453) — USDC
- Solana Mainnet — USDC

No API keys, no accounts, no rate limits tied to identity. Every request is a self-contained payment. Suitable for AI agents running autonomously without human-managed credentials.

### Use Cases

- **Autonomous trading agents**: Validate tokens and simulate swaps before execution to prevent loss from malicious contracts.
- **DeFi automation**: Gate transaction submission on a security check to avoid front-running and rug pull vectors.
- **Wallet apps with AI features**: Surface risk warnings to users before they confirm transactions.
- **ELIZA / AI agent frameworks**: Drop-in skill for any agent framework that needs on-chain security awareness.
- **Smart contract auditing pipelines**: Batch-check addresses and tokens as part of pre-deployment validation.