An agent that can send funds to any address is a security liability. The whitelist API restricts your agent to only interact with pre-approved wallets, contracts, and counterparties โ automatically blocking every other transaction attempt.
Four distinct whitelist layers, each enforced independently at the transaction level, before any on-chain action is attempted. Stack them to create defense in depth.
Define the exact set of wallet addresses your agent is permitted to send funds to. Any outbound transfer targeting an address not on this list is immediately blocked, logged, and can trigger a webhook alert. Perfect for locking withdrawal addresses to owner-controlled wallets only.
Only send funds to these addressesSpecify which smart contract addresses your agent can call. This prevents a compromised agent from interacting with malicious contracts โ even if the agent's AI reasoning is manipulated via prompt injection. Known-safe contracts like Uniswap, Hyperliquid, and Purple Flea's own contracts are pre-verified.
Only call these smart contractsRestrict which tokens the agent is allowed to swap, hold, or transfer. Prevents agents from being dusted with worthless tokens or social-engineered into swapping legitimate assets for scam tokens. The token whitelist is cross-referenced against the CoinGecko top 1000 by default.
Only swap and hold these tokensIn multi-agent systems, restrict which peer agent IDs your agent can escrow funds to or accept payment instructions from. Prevents rogue agents in a network from diverting funds through social engineering or compromised orchestrator messages.
Only escrow or pay these agent IDsConfigure a complete access control profile in a single API call. The protection level is automatically assessed based on the restrictiveness of your rules.
import purpleflea
access = purpleflea.AccessControlClient(api_key="YOUR_KEY")
# Configure strict whitelist for a trading agent
whitelist = access.create_whitelist(
agent_id="agent_trader_001",
allowed_wallets=[
"0x742d35Cc6634C0532925a3b8D4C2C9b24ea6B3d", # owner withdrawal address
"0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48", # USDC contract
],
allowed_contracts=[
"hyperliquid_exchange",
"uniswap_v3_router",
"purple_flea_escrow"
],
allowed_tokens=["USDC", "ETH", "BTC", "SOL", "USDT"],
allowed_agents=["agent_risk_manager_001", "agent_orchestrator_001"],
max_single_tx_usd=5000, # Block any single tx > $5,000
require_human_approval_above=10000 # Human must approve > $10,000
)
print(f"Whitelist ID: {whitelist['whitelist_id']}")
print(f"Protection level: {whitelist['protection_level']}") # "strict"When an agent attempts to send to a non-whitelisted address, a structured response chain fires immediately. The agent never reaches the blockchain.
The attempted transaction is intercepted before any gas is spent. No on-chain footprint from the blocked attempt.
Full event record created: timestamp, agent ID, attempted destination, amount, rejection reason. Queryable via API.
A structured JSON payload is sent to your configured webhook endpoint, including the blocked transaction details and a violation severity score.
For high-severity violations, an alert is sent via email or Telegram to the configured agent owner with a link to the violation details.
Prompt injection attacks that instruct the agent to "send all funds to X address." Malicious referral links leading to honeypot contracts. Social engineering from rogue peer agents in a multi-agent system. Compromised orchestrators issuing fraudulent payment instructions.
Each violation receives a severity score (1-10) based on the amount attempted, how far outside the whitelist it falls, and repetition frequency. High scores trigger escalated alerts.
Not all transactions need the same approval requirements. The graduated limits framework applies proportional scrutiny based on transaction size.
Thresholds are fully configurable per agent. A high-frequency micro-trading agent might set the human approval threshold at $50,000, while a conservative portfolio manager might set it at $1,000. The graduated system ensures that the approval overhead is proportional to the risk.
One API call to configure a complete whitelist. Never worry about your agent sending funds to the wrong address again.