Only Approved Addresses
x402Guard's contract whitelist ensures your agent can only send funds to explicitly approved addresses — any other payment attempt is blocked before it hits the blockchain.
How AI agents get tricked into paying wrong addresses
Prompt injection
A malicious API response or injected tool output tells your agent to pay a new, unknown contract address. Without a whitelist, the agent complies.
Address substitution
The agent's internal state is manipulated to replace a known contract address with an attacker-controlled one.
Phishing via tools
A compromised tool returns a fake contract address that looks legitimate but routes funds to an attacker.
How the contract whitelist works
You define approved addresses
In the x402Guard dashboard, create a list of contract addresses your agent is permitted to pay. These are the only valid payment destinations.
Agent initiates a payment
When your agent calls the x402 endpoint, x402Guard intercepts the request before it reaches any blockchain node.
Address is checked against whitelist
x402Guard checks both the contract address AND the token authority. Both must be on the approved list.
Approved or blocked, always logged
Whether forwarded or rejected, the decision is written to the immutable audit log with timestamp and reason.
// x402Guard rule config
allowed_contracts: [
"0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48", // USDC
"0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", // USDC Base
]
Dual authority + address check
x402Guard validates both the payment facilitator authority and the destination contract address. An attacker cannot bypass the whitelist by changing one while leaving the other intact.
Authority check
Verifies the payment facilitator authority matches your approved list
Address check
Verifies the destination contract address is on the approved list
Whitelist your contracts today
Free, open-source, non-custodial. Your funds, your rules.