Skip to content
TruCore logoTruCore

Integration Guide

Bot Integration Guide

ATF sits between your bot's transaction intent and on-chain execution. Every trade passes through policy validation and produces a verifiable receipt - no custody changes, no extra dependencies.

Where ATF Fits

A typical bot execution pipeline with ATF inserted as the enforcement layer:

Trading Bot
   ↓
Build transaction intent
   ↓
┌─────────────────────────┐
│  ATF protect endpoint   │  ← policy enforcement
│  POST /v1/bot/protect   │
└─────────────────────────┘
   ↓
Policy validation
   ↓  (approved / rejected)
Bot signs transaction
   ↓
On-chain execution
   ↓
Execution receipt
   ↓
Verification

ATF never holds keys. It validates the intent, returns an approval or rejection, and the bot retains full signing authority.

Hosted MCP Integration

Agent runtimes that support the Model Context Protocol can integrate via the hosted MCP endpoint. ATF provides five MCP tools covering the full advisory-to-enforcement loop:

probe_transaction

Lightweight policy pre-check (advisory)

simulate_transaction

Full simulation against active policies (advisory)

protect_transaction

Binding enforcement decision (authoritative)

verify_receipt

Verify receipt hash integrity

explain_decision

Human-readable explanation with reason codes (advisory)

MCP does not sign or submit transactions.

The hosted MCP endpoint covers discovery through verification. Signing and chain submission remain on your side. Entitlement is tier-based and tenant-backed.

Example: Protect a Trade

Submit a transaction intent to ATF before signing. The response includes an approval status and a receipt hash.

// 1. Build transaction intent
const intent = {
  action: "swap",
  inputMint:  "So11111111111111111111111111111111111111112",
  outputMint: "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
  amount: 1_000_000,
  slippage: 50, // bps
};

// 2. Submit to ATF protect endpoint
const res = await fetch(
  "https://api.trucore.xyz/v1/bot/protect",
  {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({ intent }),
  }
);

const { approved, receiptHash, reason } = await res.json();

// 3. Proceed only if approved
if (!approved) {
  console.error("ATF rejected:", reason);
  process.exit(1);
}

// 4. Sign and send the transaction
const sig = await signAndSend(intent);

// 5. Verify execution receipt
await verify(sig, receiptHash);

Key Points

  • Non-custodial - your bot keeps its keys
  • Single HTTP call adds policy enforcement
  • Works with any language or framework that can make HTTP requests
  • Deterministic receipt per trade for audit and compliance

Want to test before integrating? Quickstart - copy-paste a protected transaction in under 60 seconds.

Next Steps