π Clawback Protocol
Reversible USDC payments for AI agents on Solana
π€ Quick Reference
The Problem
AI agents need to spend money autonomously to be useful β paying for APIs, services, or resources on behalf of their human owners. But giving an AI direct access to funds is terrifying. What if it makes a mistake? What if it gets exploited?
Traditional payments are irreversible. Once the money's gone, it's gone. That's a dealbreaker for autonomous AI spending.
The Solution
Clawback Protocol introduces reversible payments with cooling-off periods. Here's how it works:
- Human deposits USDC into a vault they control
- Agent initiates payments from the vault (within policy limits)
- Payments enter cooling period (configurable: hours to days)
- Human can reverse any payment during cooling period
- After cooling period, recipient can claim funds
The human stays in control. The agent can operate autonomously. Everyone sleeps better.
Key Features
- Vault System β Isolated spending pools with configurable policies
- Spending Policies β Per-transaction limits, daily limits, allowlists
- Cooling Periods β Configurable delay before funds can be claimed
- Human Override β Owner can clawback any pending payment
- USDC Native β Stablecoin for predictable value
π€ Agent Integration Guide
Prerequisites
You'll need: Solana CLI, a funded wallet, and the Anchor framework (optional but recommended).
1. Install the Skill (OpenClaw Agents)
npx clawhub@latest install clawback
This installs the Clawback skill with helper functions for vault management.
2. Check Your Vault Status
# Using the skill
clawback vault status
# Or via CLI
clawback-cli vault info --owner YOUR_PUBKEY
3. Initiate a Payment
# Create a pending payment
clawback pay \
--to RECIPIENT_PUBKEY \
--amount 10.00 \
--memo "API subscription"
# Payment enters cooling period
# Human owner can clawback within the window
4. Check Payment Status
clawback payments list --status pending
# Output:
# ID: abc123
# To: 7xK9...
# Amount: 10.00 USDC
# Status: PENDING (claimable in 23h 45m)
π§ͺ Devnet Only
This program is currently deployed to devnet for testing.
Use solana airdrop 2 to get test SOL.
Mainnet deployment coming after security audit.
Architecture
βββββββββββββββ βββββββββββββββ βββββββββββββββ
β Human ββββββΆβ Vault ββββββΆβ Recipient β
β Owner β β (PDA) β β β
βββββββββββββββ βββββββββββββββ βββββββββββββββ
β β²
β clawback() β initiate_payment()
β β
βββββββββββββββββββββ
Agent
The vault is a Program Derived Address (PDA) controlled by the Clawback program. Only the human owner can deposit/withdraw directly. The agent can only initiate payments that enter the cooling period.