The trust layer
for the agentic economy.
How a fleet of autonomous agents secures the Virtuals economy end to end, how every verdict is proven and signed on Robinhood Chain, and how the fair-launch $VAUTH token aligns everyone around real usage.
Abstract
Autonomous agents now write code, call paid APIs, and move value without a human in the loop. The infrastructure to trust them has not kept pace. Endpoints fail mid-payment, repositories ship copied or unaudited code, and no agent can tell whether another is safe to transact with.
VAUTH is a fleet of four autonomous AI security agents that continuously pentest, audit, and monitor the Virtuals economy. Each agent runs in a fully isolated sandbox, proves every finding by reproducing it, and writes the result as a signed attestation to Robinhood Chain, so any agent can verify another before value moves. Payments settle over the x402 protocol and failed calls are refunded in USDC automatically. The $VAUTH token launches fairly on Virtuals, with no pre-mine and no team allocation, so the only path to value is growing real usage of the fleet.
Machines cannot run on "trust me." They need trust that is measured, proven, and readable on-chain.
Introduction
The Virtuals economy is a network of autonomous agents that discover each other, negotiate, and pay per call. It is growing quickly, and speed comes at the cost of safety. A single unverified dependency, an exposed endpoint, or a replayable payment can drain an agent, and there is no shared record of who is safe.
Traditional security tooling assumes a human operator: a person reads a dashboard, triages alerts, and decides what to trust. That model does not survive contact with machines that transact thousands of times an hour. Security has to become autonomous, verifiable, and machine-readable, produced by agents and consumed by agents.
VAUTH is built for exactly that world. It does not ask a human to interpret results. It attacks, audits, and monitors on its own, then publishes a proof any other agent can check without asking permission.
The problem
Three gaps recur across the agentic economy:
- Broken payments. Agents pay per call over x402, but a failed or slow endpoint means money spent for nothing, with no automatic recourse.
- Unverified code. Agents are deployed from repositories that may contain copied, vendored, or malicious code, with no way to check authorship or integrity beforehand.
- No shared trust. Before two agents transact, neither holds a verifiable record of the other's security posture. Reputation lives in silos, not on-chain.
Design principles
Four principles shape every part of the system:
Autonomous
No human triage. Agents run the full workflow and decide what is real, so security keeps pace with machines.
Provable
A finding only exists if it can be reproduced. Every result ships with the exact input that caused it.
Verifiable
Results are signed on-chain in a public, machine-readable format. Anyone can check them without trusting VAUTH.
Aligned
A fair-launch token with no insider supply means the team profits only when usage grows.
System architecture
VAUTH sits between a target and the rest of the economy. A request enters an isolated sandbox, an agent performs its work, and the result is written on-chain where any other agent can read it.
Isolation & sandbox model
Offensive testing is dangerous by nature, so every agent runs in a disposable, network-restricted container that is destroyed after each job. Nothing an agent does can escape into production or persist between runs.
Before an active pentest begins, VAUTHRON confirms you control the target by checking a DNS record or a token at a well-known path. Destructive operations require explicit scope, and no data leaves the sandbox except the final report and its hash.
The four agents
The agents form a pipeline. VAUTHEYE finds what exists, VAUTHRON attacks it, VAUTHOR checks its code, and VAUTHEON keeps watching after launch. Each hands its findings to the next.
VAUTHRON — Autonomous Pentester
Runs recon, then multi-wave exploit chains across authentication, injection, XSS, SSRF, business logic, and x402 payment abuse. It fills forms, follows redirects, and confirms impact before reporting. Output: verified findings with proof-of-concept, severity, CVSS, and a suggested fix.
VAUTHOR — Provenance Auditor
Fetches a repository tree, hashes every file, and compares against a large corpus to detect copied and vendored code, even when renamed. It traces authorship, checks licenses, and verifies maintainer identity, producing a 0-100 trust score with a file-by-file breakdown.
VAUTHEON — Endpoint Sentinel
Escrows x402 payments and probes each registered endpoint continuously for uptime, latency, and errors. On failure it refunds the caller in USDC automatically and records the event on-chain.
VAUTHEYE — Recon Scout
Continuously sweeps the Virtuals economy, resolving DNS, fingerprinting stacks, enumerating subdomains and open routes, and correlating threat signals. New findings feed a shared directory the whole fleet queries.
x402 payment & automatic refunds
Under x402, an agent pays for a service per call. VAUTHEON escrows the payment and watches the response. If the call succeeds, the provider is paid; if it fails or times out, the caller is refunded in USDC, automatically and on-chain.
On-chain attestations
Findings and trust scores are not locked in a private dashboard. Each verification is written as a compact, signed record on Robinhood Chain. It contains the target, the verdict, the score, a timestamp, and a hash of the full report, so the heavy data stays off-chain while the proof stays public.
Trust scoring model
The 0-100 trust score is a weighted blend of independent signals, not a single opinion. Each factor is measured directly and contributes a bounded amount, so no single check can dominate.
Tokenomics: a fair launch
$VAUTH launches as a Virtuals agent token on app.virtuals.io, on Robinhood Chain. The distribution is the point: there is nothing for insiders to dump.
No pre-sale. No pre-mine. No team or advisor allocation bought at launch. Every token enters circulation through the public Virtuals bonding curve, at the same price for everyone, from the first block.
Token utility
| Use | What it does |
|---|---|
| Pay per scan | Scans, audits, and monitoring settle in the VAUTH economy via x402. |
| Stake for discounts | Staking $VAUTH lowers fees on every scan and audit. |
| Priority & access | Higher stake unlocks continuous monitoring, threat feeds, and early access to new agents. |
Value flow
Security & threat model
VAUTH is offensive software, so its own safety is a first-class concern.
- Consent and scope. Active pentests only run against a target whose ownership is verified, with depth and destructive actions chosen up front.
- Containment. Every job runs in an ephemeral, network-restricted container with disposable credentials and testnet funds, then is destroyed.
- No false positives. Unproven findings are discarded, so results cannot be gamed into noise or false alarms.
- Tamper-evidence. Reports are content-addressed by hash and signed on-chain, so an attestation cannot be altered after the fact.
- Data minimisation. Nothing leaves the sandbox except the final report and its hash.
Roadmap
Conclusion
Machines cannot run on "trust me." VAUTH replaces it with something verifiable: autonomous agents that prove their findings and sign them on-chain, payments that refund themselves when they fail, and a token whose only path to value is real usage. The trust layer for the agentic economy, launched fairly, for everyone.
