Permissions and Controls
Agent autonomy must be bounded in code. Ramestta policies are designed so an owner can define what an agent may do, when it may do it and when a human must approve.
Core controls
▣
Target allowlists
Allow calls only to selected contract addresses and method selectors.
₹
Spend limits
Set per-transaction, daily or workflow-level ceilings before a transaction is signed.
✓
Approval gates
Require controller approval over a chosen risk or value threshold.
■
Emergency pause
Stop future execution immediately while preserving the audit trail.
Recommended control matrix
| Workflow | Suggested policy | Human involvement |
|---|---|---|
| Read-only research | No wallet authority | None |
| Notifications and monitoring | No transfer methods | Review alerts |
| Recurring low-value payment | Recipient + method allowlist, low cap | Approve setup and exceptions |
| Treasury movement | Strict targets and multisig threshold | Approval for every action |
| Contract administration | No autonomous authority by default | Multisig only |
Operational safeguards
- Use separate wallets for testing, production automation and cold treasury custody.
- Keep initial funding low until the workflow has been observed under real conditions.
- Use an onchain multisig for protocol ownership and high-value controls.
- Monitor scheduled jobs, nonce progression and failed transaction attempts.
- Pause first, investigate second, and only then change or restore a permission policy.
⚠️Guarded beta
Agent OS components should be used with explicit owner-defined bounds. Automation is not a substitute for review of contract risk, recipient addresses or asset custody.