The Commonplace
Home Dashboard Papers Evidence Digests 🎲
← Papers

AESP lets AI agents transact at machine speed on crypto rails while preventing them from gaining unilateral control over funds by combining deterministic policy checks, tiered human review, cryptographic dual-signing and escrow, context-isolated privacy, and a hardened crypto substrate; the protocol is released as an open-source TypeScript SDK with a formal evaluation plan but lacks field validation.

AESP: A Human-Sovereign Economic Protocol for AI Agents with Privacy-Preserving Settlement
Jian Wang · Fetched March 15, 2026
semantic_scholar descriptive low evidence 7/10 relevance Source
AESP is a layered crypto-native protocol and open-source SDK that enables autonomous AI agent transactions while cryptographically and procedurally ensuring agents cannot unilaterally obtain economic sovereignty over human assets.

As AI agents increasingly perform economic tasks on behalf of humans, a fundamental tension arises between agent autonomy and human control over financial assets. We present the Agent Economic Sovereignty Protocol (AESP), a layered protocol in which agents transact autonomously at machine speed on crypto-native infrastructure while remaining cryptographically bound to human-defined governance boundaries. AESP enforces the invariant that agents are economically capable but never economically sovereign through five mechanisms: (1) a deterministic eight-check policy engine with tiered escalation; (2) human-in-the-loop review with automatic, explicit, and biometric tiers; (3) EIP-712 dual-signed commitments with escrow; (4) HKDF-based context-isolated privacy with batched consolidation; and (5) an ACE-GF-based cryptographic substrate. We formalize two testable hypotheses on security coverage and latency overhead, and specify a complete evaluation methodology with baselines and ablation design. The protocol is implemented as an open-source TypeScript SDK (208 tests, ten modules) with interoperability via MCP and A2A.

Summary

Main Finding

AESP (Agent Economic Sovereignty Protocol) provides a practical layered protocol that lets AI agents transact autonomously on crypto-native rails while cryptographically enforcing human governance boundaries. It guarantees agents are "economically capable but never economically sovereign" by combining policy checks, human-in-the-loop controls, signed escrow commitments, context-isolated privacy, and a hardened cryptographic substrate. The protocol is implemented as an open-source TypeScript SDK and accompanied by a formal evaluation plan (hypotheses, baselines, and ablations).

Key Points

  • Core invariant: agents may act economically but cannot unilaterally attain economic sovereignty over human assets.
  • Five enforcement mechanisms:
  • Deterministic eight-check policy engine with tiered escalation.
  • Human-in-the-loop review tiers: automatic, explicit, and biometric.
  • EIP-712 dual-signed commitments combined with escrow to bind human consent to agent actions.
  • HKDF-based context-isolated privacy with batched consolidation to limit linkage and exposure while supporting efficient settlement.
  • ACE-GF-based cryptographic substrate providing the protocol’s low-level cryptographic primitives.
  • Two formal, testable hypotheses are specified:
    • Security coverage (i.e., the protocol’s ability to prevent unauthorized economic sovereignty).
    • Latency overhead (i.e., added latency relative to unconstrained agent transactions).
  • Evaluation methodology: complete specification including baselines and ablation studies to isolate mechanism contributions.
  • Implementation: open-source TypeScript SDK (ten modules, 208 tests) with interoperability via MCP and A2A interfaces.

Data & Methods

  • Formalization:
    • Two measurable hypotheses (security coverage, latency overhead).
    • Deterministic policy checks provide a reproducible decision surface for experiments.
  • Experimental design:
    • Baselines: unconstrained agent transactions on crypto rails and alternative governance patterns (implicit from protocol description).
    • Ablation studies: remove or alter one mechanism at a time (policy engine, review tiers, EIP-712 escrow, HKDF privacy, ACE-GF substrate) to quantify each mechanism’s contribution to security and latency.
    • Metrics: probability/coverage of preventing sovereignty breaches, false-positive blocking rates, end-to-end transaction latency, throughput, and human review burden (response times and frequency).
  • Implementation & tests:
    • TypeScript SDK with ten modules and 208 automated tests to validate behavior and interfaces.
    • Interoperability tested across MCP and A2A integration points.
  • Privacy & cryptography:
    • HKDF key-derivation isolates context keys and enables batched consolidation of on-chain exposures.
    • EIP-712 dual-signing ties humans and agents cryptographically to commitments and escrow flows.
    • ACE-GF substrate provides the low-level crypto primitives used throughout (protocol-specific choice left as presented).

Implications for AI Economics

  • Risk management: AESP offers a formal, implementable approach to prevent autonomous agents from gaining de facto control over financial assets, reducing systemic and counterparty risk from agentized financial activity.
  • Adoption enabler: By preserving machine-speed execution while maintaining human governance guarantees, AESP lowers barriers for using AI agents in financial tasks that require custodial constraints or regulatory compliance.
  • Trade-offs:
    • Latency and human-review burden are explicit trade-offs against increased safety; the protocol quantifies these via its latency-hypothesis and review-tier design.
    • Privacy vs. auditability: HKDF-based context isolation plus batched consolidation balances on-chain privacy with the need to reconcile and audit transactions.
  • Governance design: The tiered policy and review model is a template for composable human–agent governance; it can be integrated into organizational processes, custody frameworks, and regulatory reporting.
  • Research directions: Empirical measurement of security coverage vs. operational costs, real-world user studies on human-review effectiveness, and economic modeling of how AESP affects market liquidity, agent incentives, and counterparty pricing for agent-mediated services.

Assessment

Paper Typedescriptive Evidence Strengthlow — The paper presents a well-specified protocol, an open-source implementation, and a formal evaluation plan, but it does not report empirical or field results demonstrating the protocol's effectiveness against real-world attacks, deployments, or user workloads; claims about preventing 'economic sovereignty' remain unvalidated outside unit tests and planned experiments. Methods Rigormedium — Design and methodology are systematic: the protocol enumerates deterministic policy checks, a tiered human-review model, cryptographic bindings (EIP-712, HKDF, ACE-GF), and a clear set of testable hypotheses with baselines and ablation studies; the implementation includes a sizable test suite (208 tests). However, the work lacks formal security proofs, adversarial/penetration testing results, user studies, and real-market measurements that would raise rigor to high. SampleNo field sample or observational dataset; implementation-level artifacts only: an open-source TypeScript SDK (ten modules) with 208 automated tests and interoperability checks across MCP and A2A interfaces; evaluation plan proposes experiments comparing unconstrained agent transactions and alternative governance patterns, plus ablation studies, but no executed empirical data or deployments are reported. Themesgovernance adoption human_ai_collab org_design GeneralizabilityDesigned for crypto-native rails (EIP-712, on-chain escrows); applicability to non-blockchain payment systems is untested, Relies on specific cryptographic choices (ACE-GF, HKDF); portability to other crypto stacks or ledger designs may require redesign, Assumes available and prompt human reviewers; not generalizable to fully latency-sensitive or offline environments, Security claims untested against sophisticated/adaptive adversaries or large-scale financial markets, Regulatory, custody, and institutional integration constraints across jurisdictions could limit real-world adoption

Claims (11)

ClaimDirectionConfidenceOutcomeDetails
The Agent Economic Sovereignty Protocol (AESP) is a layered protocol that lets agents transact autonomously at machine speed on crypto-native infrastructure while remaining cryptographically bound to human-defined governance boundaries. Governance And Regulation positive medium agent transaction autonomy (throughput/latency) and cryptographic binding to governance boundaries
0.05
AESP enforces the invariant that agents are economically capable but never economically sovereign. Governance And Regulation positive medium degree of agent economic capability versus agent economic sovereignty (policy/authorization constraints)
0.05
AESP includes a deterministic eight-check policy engine with tiered escalation. Governance And Regulation positive high policy checks applied per transaction (count = eight) and escalation tiering behavior
eight checks
0.09
AESP provides human-in-the-loop review with automatic, explicit, and biometric tiers. Governance And Regulation positive high presence and functioning of human-review pathways (automatic/explicit/biometric) for transactions
0.09
AESP uses EIP-712 dual-signed commitments with escrow to bind agent actions to human consent. Governance And Regulation positive high use of EIP-712 dual signatures and escrow status for commitments
0.09
AESP employs HKDF-based context-isolated privacy with batched consolidation. Governance And Regulation positive high context isolation achieved via HKDF and effects of batched consolidation on privacy and throughput
0.09
AESP is built on an ACE-GF-based cryptographic substrate. Governance And Regulation positive high cryptographic primitives/substrate used (ACE-GF)
0.09
The paper formalizes two testable hypotheses on security coverage and latency overhead. Governance And Regulation null_result high security coverage and latency overhead (hypothesized measures)
two hypotheses (security coverage; latency overhead)
0.09
A complete evaluation methodology is specified, including baselines and an ablation design. Research Productivity null_result high evaluation methodology completeness (presence of baselines and ablation plan)
0.09
AESP is implemented as an open-source TypeScript SDK with 208 tests and ten modules. Other positive high SDK test count (208) and module count (10)
0.09
The SDK provides interoperability via MCP and A2A. Other positive medium interoperability support for MCP and A2A protocols
0.05

Notes