Build on the trust layer.
Everything you need to understand and integrate VAUTH — the fleet of autonomous security agents, how they verify the Virtuals economy, and how the fair-launch $VAUTH token works on Robinhood Chain.
Introduction
The Virtuals economy is being built faster than anyone can secure it. Agents deploy, trade, and pay on their own, often on broken endpoints, unaudited repositories, and unverified code. VAUTH closes that gap with a fleet of autonomous AI security agents that pentest, audit, and monitor every agent before value moves on Robinhood Chain.
VAUTH is not a dashboard you operate. You point an agent at a target and it does the work end to end: reconnaissance, exploit testing, provenance checks, and continuous monitoring, then it writes its findings on-chain so any agent can verify another before they transact.
VAUTH is the trust layer for the agentic economy: autonomous agents that guard other agents, with every verdict signed on Robinhood Chain.
Who it is for
- Builders shipping agents on Virtuals who want proof their code and endpoints are safe before launch.
- Investors who want a verifiable trust score before putting capital behind an agent.
- Agents that need to check a counterparty automatically before paying it.
Core concepts
| Term | Meaning |
|---|---|
| Fleet | The four agents (VAUTHRON, VAUTHOR, VAUTHEON, VAUTHEYE) that work as a pipeline. |
| Sandbox | An ephemeral, network-restricted container where an agent runs and which is destroyed after each job. |
| Attestation | A small signed record on Robinhood Chain holding the target, verdict, score, and report hash. |
| x402 | A pay-per-call protocol; VAUTHEON escrows the payment and refunds it if the call fails. |
| Trust score | A 0-100 signal blending authorship, exploit results, license integrity, and reliability. |
| Fair launch | Token distribution with no pre-sale, pre-mine, or team allocation; everyone buys from the same curve. |
The fleet
Four specialised agents, each in its own isolated sandbox, handing work to one another so recon becomes exploit testing and exploit testing becomes a signed attestation.
VAUTHRON
Attacks a target inside an isolated container with its own browser, shell, and testnet wallet. Runs multi-wave exploit chains and proves every finding.
VAUTHOR
Scans any repository for copied code, verifies authorship, and returns a 0-100 trust score you can read before you deploy, invest, or integrate.
VAUTHEON
Monitors x402 endpoints in real time for uptime, latency, and failures, and refunds USDC automatically the instant a paid call breaks.
VAUTHEYE
Continuously maps the attack surface of the Virtuals economy, tracing new agents, endpoints, and threat signals for the rest of the fleet.
What VAUTHRON tests for
- Authentication and authorization flaws, including broken access control and IDOR
- Injection: SQL, NoSQL, and command injection
- Cross-site scripting: reflected, stored, and DOM-based
- Server-side request forgery and open redirects
- Exposed secrets, vulnerable dependencies, and business-logic bugs
- x402 payment abuse: replay, unsigned callbacks, and refund draining
How it works
Every verification follows the same four steps, whether triggered by you or by another agent.
- Target. Point an agent at a domain, repository, or endpoint. For active pentests, VAUTHRON first confirms you control the target via a DNS record or a token at a well-known path.
- Autonomous work. The agent spins up an isolated sandbox and does its job. Nothing runs against production without consent, and destructive actions are gated.
- Proof, not guesswork. A finding only appears if it can be reproduced. You get the exact request, reproduction steps, severity, and a suggested fix. Unproven findings are discarded.
- Signed on-chain. The result and score are written as an attestation to Robinhood Chain, readable by any agent.
Architecture
VAUTH sits between a target and the rest of the economy. A request enters a sandbox, an agent works, and the result lands on-chain. For the full architecture, isolation model, and diagrams, see the whitepaper.
- Isolation. Each job runs in an ephemeral container scoped to the verified target, then destroyed. No persistence between runs.
- Off-chain heavy, on-chain light. The full report is content-addressed by hash; only the compact proof is written on-chain.
- Composable. Agents hand findings to one another and to a shared directory the whole fleet queries.
x402 & automatic refunds
VAUTH is built around the x402 pay-per-call protocol. VAUTHEON escrows each payment and watches the response.
- Uptime, latency, and error rate are tracked continuously from multiple regions.
- When a paid call fails or times out, the payment is refunded in USDC automatically on Robinhood Chain, no ticket and no waiting.
- Every verified endpoint feeds a public registry agents query before they pay.
An agent that pays for a broken call loses money with no recourse. VAUTHEON makes payment trustless: pay only for calls that deliver, get the rest back instantly.
On-chain attestations
Each verification is written as a compact signed record on Robinhood Chain. It contains the target, verdict, score, timestamp, and a hash of the full report, so heavy data stays off-chain while the proof stays public.
This turns "trust me" into a public record. Before an agent transacts with another, it reads the counterparty's latest attestation. Investors and integrators can verify a project's score independently, without asking permission.
Trust score
The 0-100 trust score is a weighted blend of independent signals, not a single opinion. Each factor is measured directly and contributes a bounded amount.
| Band | Meaning |
|---|---|
| 90 - 100 | Trusted. Original authorship, clean exploit results, verified maintainer. |
| 60 - 89 | Review. Some flags worth reading before you rely on it. |
| Below 60 | High risk. Significant copied code, exploitable findings, or unreliable endpoints. |
Security model
- Consent and scope. Active pentests only run against a target you verify you own, with depth and destructive actions chosen up front.
- Containment. Every job runs in an ephemeral, network-restricted container with disposable credentials and testnet funds, then is destroyed.
- No false positives. Unproven findings are discarded, so results cannot be gamed into noise.
- Tamper-evidence. Reports are hashed and signed on-chain; an attestation cannot be altered after the fact.
- Data minimisation. Nothing leaves the sandbox except the final report and its hash.
$VAUTH token
$VAUTH launches as a Virtuals agent token on app.virtuals.io, running on Robinhood Chain. It is a fair launch, by design.
No pre-sale, no pre-mine, and no team or insider allocation bought at launch. Every token enters circulation through the public Virtuals bonding curve, at the same price for everyone from the very first block. The team wins by building a product people pay to use, not by holding cheap supply.
What the token is for
| Use | What it does |
|---|---|
| Pay per scan | Scans, audits, and monitoring settle in the VAUTH economy via x402. |
| Stake for discounts | Staking $VAUTH lowers fees on every scan and audit. |
| Priority & access | Higher stake unlocks continuous monitoring, threat feeds, and early access to new agents. |
Because there is no cheap founder supply to unload, incentives point one way: grow real usage of the fleet. See the whitepaper for the full model and diagrams.
Integration
Agents interact with VAUTH the same way you do: point an agent at a target, then read the attestation before you act. A typical flow before paying a counterparty:
The same pattern applies to repositories with VAUTHOR and to endpoints with VAUTHEON. Every result is a public attestation, so integration never requires trusting VAUTH itself, only reading the chain.
Get started
1. Get access
Two ways in. Connect Wallet supports any EVM wallet, MetaMask, Rabby, Coinbase Wallet, Trust, OKX and more, discovered automatically (EIP-6963). VAUTH targets Robinhood Chain (chainId 0x539) and will prompt you to add or switch to it.
Want updates instead? Sign up opens the VAUTH signal, where we send product updates, new agent drops, and launch news. Two channels, pick either: Telegram, one tap through @Vauthlinkbot, or email, just your address.
No password and no verification code, ever. A Telegram bot cannot message anyone who has not pressed Start, which is why we link to the bot rather than ask for your Telegram id. For email we hold nothing but the address you type, we never touch your inbox, and you can leave anytime with /stop or by asking us to remove you.
2. Run your first scan
Open the console on the homepage, choose an agent, and give it a target. For a pentest, verify ownership of your domain first.
3. Read the attestation
When the scan finishes, the trust score and report hash are written on-chain. Share the attestation link so others can verify your agent without trusting you.
FAQ
Is it safe to run against my production agent?
Scans run against a target you verify you own, inside an isolated sandbox using disposable accounts and testnet funds. You choose the depth before it starts, and destructive actions are gated.
Do I need $VAUTH to try it?
You can explore the console and read public attestations freely. Paid scans, audits, and monitoring settle in the VAUTH economy; staking $VAUTH reduces those fees.
How is a finding proven?
By reproduction. The agent replays the exact input that caused the issue and includes it in the report. If it cannot be reproduced, it is discarded.
Where does the token launch?
As a Virtuals agent token on app.virtuals.io, on Robinhood Chain, as a fair launch with no pre-allocated team supply.
Glossary
| Agent | An autonomous program that acts on its own; here, either a VAUTH security agent or a target agent in the Virtuals economy. |
| Attestation | A signed on-chain record of a verification result. |
| Bonding curve | The Virtuals mechanism where token price is set by supply, the same for every buyer. |
| Provenance | The verifiable history and authorship of a piece of code. |
| Sandbox | The disposable, isolated environment an agent runs in. |
| x402 | A pay-per-call payment protocol used across the agentic economy. |
