Skip to content
How it worksDevelopersDocsProtocol
Try it out
How it works

Four stages, one rule that can't be broken.

Every Railo payment follows the same path: an agent with a fixed policy requests a payment, an on-chain gate enforces the rules, and value settles to the service with a signed receipt.

The journey

Follow the rail - value travels top to bottom as you scroll.

01

Create agent + policy

An owner spins up an agent and attaches a spending policy - daily limit, per-call cap, and an allowlist of services. The policy is written on-chain. From this moment the agent has a wallet it controls but can never overspend.

policy: daily $50.00 · $0.05/call · 2 services

02

Agent requests a payment

Mid-task, the agent needs a paid API call. It asks Railo to pay a service a specific amount. Nothing has moved yet - this is a request, and it must clear the rules before any value leaves the wallet.

request: $0.02 → service://api.search

03

Policy gate enforces the rules

A smart contract - the policy gate - checks every rule: is the service allowed, is the amount under the per-call cap, is the agent still within its daily limit, is the policy signed by the owner. If any check fails, the payment reverts. This is the product's soul.

checks run on-chain · all must pass

04

Settle to the service, instantly

Rules pass, the gate opens, and stablecoin settles to the service in a fraction of a second. The agent receives a signed receipt - on-chain and auditable, traceable back to the exact policy that allowed it.

receipt: 0.02 USDC · settled · signed

policy gateenforced on-chain
pay($0.02 service://api.search)
  • service in allowlistservice://api.search
  • amount ≤ per-call cap$0.02 ≤ $0.05
  • within daily limit$12.40 / $50.00
  • signed by owner policypol_2u9X…
All rules pass → open the gatesettle()
The policy gate

The check that makes an agent's budget real.

The gate is a smart contract that sits between the agent's intent and the movement of money. It doesn't advise - it enforces. A payment that breaks a rule doesn't get flagged for review; it never settles at all.

  • Allowlist - only pre-approved services can be paid.
  • Per-call cap - a hard ceiling on any single payment.
  • Daily limit - a rolling budget the agent can't exceed.
  • Owner-signed - agents can never raise their own limits.
In code

Spending rules are code, not settings.

The policy is declared once and enforced on every call - and the same rail carries agent-to-agent payments too.

Create agent + policy

create-agent.ts
const agent = await railo.createAgent({
  // The owner sets the policy; the contract enforces it.
  policy: {
    dailyLimit: "50.00",     // USDC, rolling 24h
    perCall: "0.05",         // hard ceiling per payment
    allow: [
      "service://api.search",
      "service://api.embed",
    ],
  },
});

console.log(agent.address); // 0xAgent…  (the agent's on-chain wallet)

Agent-to-agent payment

agent-to-agent.ts
// Agents can pay other agents on the same rail.
const planner = await railo.createAgent({
  policy: { dailyLimit: "20.00", perCall: "0.50", allow: ["agent://researcher"] },
});

const receipt = await planner.pay({
  to: "agent://researcher",   // hire another agent
  amount: "0.25",
});

Ready to wire it up?

The developer guide walks through install to first payment in three steps.

Try it out Read the docs