Agent Discovery

Agent Integration Guide

Use TruCore ATF to probe, simulate, protect, verify, and explain AI-driven transactions through a hosted MCP endpoint or direct API.

ATF is a policy-enforced transaction firewall for AI agents. MCP is a hosted integration surface for agent runtimes. Advisory tools help plan safely. Protect provides the binding enforcement decision. Machine-readable discovery is available at /.well-known/agent.json.

Hosted MCP Flow

The recommended integration path for agent runtimes using the Model Context Protocol. ATF exposes a hosted MCP endpoint with five tools covering the full advisory-to-enforcement loop.

MCP does not sign or submit transactions. The agent retains full signing authority. Protect is the only authoritative gate.

Discover tools

Connect to the hosted MCP endpoint and enumerate available tools.

MCP tool discovery

Probe a candidate intent

Submit one candidate intent for lightweight policy evaluation before committing resources.

probe_transaction

Simulate the candidate

Run a full simulation of the candidate intent against active policies and market conditions.

simulate_transaction

Request protection

Submit the intent for binding policy enforcement. This is the authoritative gate. Only approved intents should proceed to signing.

protect_transaction

Verify the receipt

Confirm the execution receipt hash integrity after on-chain settlement.

verify_receipt

Explain the result

Request a human-readable explanation of the decision, including reason codes and policy triggers.

explain_decision

Stop before signing

MCP does not sign or submit transactions. The agent retains full signing authority. Stop the MCP flow here and proceed to your own signer.

Agent-side

MCP Tool Inventory

Five tools available through the hosted MCP endpoint. Advisory tools are policy-aware but not authoritative. Only protect_transaction produces a binding enforcement decision.

Tool	Purpose	Advisory	Authoritative
`probe_transaction`	Lightweight policy pre-check on a candidate intent	Yes	No
`simulate_transaction`	Full simulation against active policies and conditions	Yes	No
`protect_transaction`	Binding policy enforcement decision (approve or deny)	No	Yes
`verify_receipt`	Verify execution receipt hash integrity	No	No
`explain_decision`	Human-readable explanation of a decision with reason codes	Yes	No

MCP boundaries

MCP does not sign transactions
MCP does not submit transactions to the chain
Entitlement is tier-based and tenant-backed
Advisory tools inform; protect enforces

REST API Bot Flow

The direct REST API flow for bots that integrate without MCP.

Preflight a single intent

Submit one intent for simulation and policy evaluation before execution.

/v1/bot/preflight

Compare multiple options

Rank multiple candidate intents to find the best option based on policy score and simulated outcome.

/v1/bot/preflight/compare

Plan quota and batch usage

Estimate safe throughput and batch sizes within current quota limits.

/v1/bot/quota/plan

Execute the best option

Select and execute the highest-ranking option. This mutates state and produces a transaction.

/v1/bot/execute-best

Read quota and upgrade signals

Check _meta.upgrade in responses to detect quota pressure and upgrade recommendations.

Any bot endpoint

Request self-upgrade when allowed

Request a plan upgrade if policy permits. Blocked upgrades return a deterministic denial.

/v1/bot/self-upgrade

Bot-Facing Endpoints

All endpoints available for agent integration.

Method	Endpoint	Purpose	Read-Only	Mutates State
POST	`/v1/bot/preflight`	Simulate one intent against policy	Yes	No
POST	`/v1/bot/preflight/compare`	Rank multiple candidate intents	Yes	No
GET	`/v1/bot/quota/plan`	Estimate safe throughput within quota	Yes	No
POST	`/v1/bot/quota/plan-batch`	Estimate safe batch size within quota	Yes	No
POST	`/v1/bot/execute-best`	Select and execute the best option	No	Yes
POST	`/v1/bot/self-upgrade`	Request free-to-pro plan upgrade	No	Yes
GET	`/v1/bot/upgrade/status`	Check current plan and upgrade eligibility	Yes	No

Upgrade Behavior

Quota Pressure Signals

Bots may receive _meta.upgrade in responses when approaching or exceeding quota limits. This signal includes:

recommended: true when upgrade would help
reason indicating the trigger (e.g., quota_near_limit)
upgrade_endpoint pointing to self-upgrade

Policy-Gated Self-Upgrade

Self-upgrade requests may be blocked by operator policy. When blocked, the response includes:

allowed: false
reason such as self_serve_upgrade_disabled or monetization_disabled
next_action: contact_operator

When blocked, bots should stop retrying and follow next_action.

Discovery Links

Key resources for agent discovery and integration.

Customer Self-Serve Credentials

Create scoped API keys for API, CLI, and MCP access from a single self-serve flow.

Recommended test scopes

For API and CLI testing, use a minimum set of read-only scopes:

atf:probe
atf:simulate
atf:verify
atf:explain

For MCP access, add atf:mcp.

Using the same key for API, CLI, and MCP

A single customer API key works across all surfaces. Pass it as the X-API-Key header for REST calls and MCP JSON-RPC requests, or set the ATF_API_KEY environment variable for the CLI.

If the key is exposed, rotate or revoke it immediately from /customer/keys.

Create a key →

Bot Bootstrap Setup

Canonical environment conventions and self-verification steps for zero-human bot setup.

Canonical env conventions

Env var: ATF_API_KEY
Secret path: ~/.openclaw/secrets/atf.env
Source command: source ~/.openclaw/secrets/atf.env

Self-verification checklist

API check: POST /v1/receipts/verify — HTTP 200 with valid:false confirms auth
MCP check: tools/call explain_decision — isError:false confirms MCP access
CLI check: source env and run atf --help— confirms CLI surface

If OpenClaw exec policy blocks a CLI command, that is environment friction, not an ATF failure.

Ready to integrate?

Start with the sandbox or request early access for production integration.

Try the sandbox →Request access →