DOCS · v3.1 · UPDATED 2026.05.14

Build with Axuon.

Axuon is the Solana settlement layer for AI agents — a single API surface for metering tool calls, scoping agent wallets, settling on-chain in USDC/PYUSD/SOL, and exporting receipts. This documentation will take you from a pnpm add to a settled mainnet call in under five minutes.

NEW · 2026.05v3.1 ships native Token-2022 confidential transfers, a Model Context Protocol server you can drop into any agent runtime, and Squads multisig support for treasury-held wallets. Read the changelog →

Quickstart · 5 minutes

You will need a devnet key. Get one in the dashboard, or grab one over chat in 30 seconds. The same key works on mainnet — only the prefix changes.

1 / install

$ pnpm add @axuon/sdk @solana/web3.js
$ export AXUON_KEY="ax_dev_01J9Q2X7Kc…"

2 / mint an agent wallet + scope

import { axuon } from "@axuon/sdk";

const agent = await axuon.wallets.create(({
name:    "agent.shop-mcp",
scope:   { verb: "swap", merchant: "jupiter.*", max_per_call: "$5 USDC" },
rail:    "solana-usdc",
cluster: "devnet",
}));

// → agent.pubkey:  7Xk9…Ymr  (Solana keypair, ed25519)
// → agent.scope:   ax_scope_01J9Q…  (JWT, 30s TTL)

3 / wrap your tool calls

const pay = axuon.wrap(fetch, { agent });

await pay("https://api.jupiter.ag/swap", {
method: "POST",
body: JSON.stringify({ from: "USDC", to: "SOL", amount: 2.5 }),
});

// → response includes x-axuon-solana-sig: 5w3K…dQp
// → receipt visible in dashboard within ~1 slot (~400ms)

That's the whole quickstart. Everything else in this doc is depth, not prerequisites.

Core concepts

Five objects make up the entire data model. Once you have these you can read any API endpoint without a glossary.

OBJECTDESCRIPTION

AgentA non-human identity bound to a Solana keypair. Has a default scope and an audit trail.

ScopeA capability constraint. Bound to a token. Verb · merchant · amount · time · geo.

CallA single stamped tool call. Has a deterministic ID and a price.

ReceiptA counter-signed record anchored to a Solana transaction signature.

DisputeA reversal initiated by either counterparty. Resolves against the original receipt.

TypeScript SDK

The reference SDK. Works in Node 18+, edge runtimes (Vercel, Cloudflare Workers), and browser. Source on github.com/axuon-so/sdk-ts.

$ pnpm add @axuon/sdk @solana/web3.js

import { axuon } from "@axuon/sdk";
import { Keypair } from "@solana/web3.js";

const agent  = Keypair.fromSecretKey(process.env.AX_KEY);
const pay    = axuon.wrap(fetch, { agent, rail: "solana-usdc" });

const r = await pay("https://api.jupiter.ag/swap", { method: "POST", body: ... });
console.log(r.headers.get("x-axuon-solana-sig"));

Python SDK

Async-first, built on httpx and solders. Requires Python 3.11+. Source on github.com/axuon-so/sdk-py.

$ pip install axuon-sdk

from axuon import Axuon
from solders.keypair import Keypair

ax    = Axuon(api_key=os.environ["AXUON_KEY"])
agent = Keypair.from_bytes(secret)

async with ax.client(agent=agent, rail="solana-usdc") as pay:
r = await pay.post("https://api.jupiter.ag/swap", json={...})
print(r.headers["x-axuon-solana-sig"])

Go SDK

Idiomatic Go with stdlib net/http compatibility. Built on solana-go. Source on github.com/axuon-so/sdk-go.

$ go get github.com/axuon-so/sdk-go/axuon

import (
"github.com/axuon-so/sdk-go/axuon"
"github.com/gagliardetto/solana-go"
)

agent, _ := solana.PrivateKeyFromBase58(os.Getenv("AX_KEY"))
client   := axuon.New(axuon.WithAgent(agent), axuon.WithRail("solana-usdc"))

resp, err := client.Do(req)  // drop-in *http.Request
fmt.Println(resp.Header.Get("x-axuon-solana-sig"))

Rust SDK

For latency-sensitive runtimes and on-chain programs that need to verify Axuon signatures. Built on reqwest and solana-sdk. Source on github.com/axuon-so/sdk-rs.

# Cargo.toml
[dependencies]
axuon = "3.1"
solana-sdk = "1.18"

use axuon::Client;
use solana_sdk::signature::Keypair;

let agent  = Keypair::from_bytes(&secret)?;
let client = Client::builder().agent(agent).rail("solana-usdc").build();

let r = client.post("https://api.jupiter.ag/swap").json(&body).send().await?;
println!("sig: ", r.headers().get("x-axuon-solana-sig").unwrap().to_str()?);

Authentication

Axuon uses bearer keys in the Authorization header. Devnet keys are prefixed ax_dev_; mainnet keys ax_live_. Keys are tied to a workspace, not a user — rotate them from the dashboard or POST /v1/keys/rotate.

GET https://api.axuon.so/v1/agents
authorization: Bearer ax_live_01J9Q2X7Kc…
accept:        application/json

Calls

The /v1/calls endpoint is the heart of the API. You won't usually hit it directly — the SDK wraps your HTTP client — but here's the contract for reference.

POST /v1/calls
{
"agent": "agent.shop-mcp",
"target": "https://api.jupiter.ag/swap",
"verb":   "swap",
"amount": "2.50",
"rail":   "solana-usdc",
"meta": { "intent": "rebalance" }
}

// → 201 Created
{
"id": "call_01J9Q2X7Kc",
"receipt": "rcpt_01J9Q2X7Kd",
"solana_sig": "5w3K…dQp",
"slot": 297841022,
"finality": "confirmed",
"fee_usdc": "0.0009",
"latency_ms": 612
}

Receipts

Receipts are deterministic and counter-signed. The same call ID, queried twice, returns byte-identical JSON. The signing key for each PoP is published at /.well-known/axuon-keys — you can verify offline.

★ TipReceipts are idempotent on call_id. Retrying a failed call with the same ID will never charge twice. This is the cheap insurance you don't realize you need until you do.

Agents

An agent is a non-human identity bound to a Solana keypair. Most teams have one agent per logical persona — shop-mcp, defi-swap, creative-flux — not one per running process.

POST /v1/agents
{
"name": "shop-mcp",
"pubkey": "7Xk9…Ymr",  // Solana base58
"default_scope": { "verb": "buy", "max_per_call": "$5 USDC" },
"treasury": "3AcUVBGpc54oB5zHTS4mR6L7TQ4aycZgVj5g62AKikz3"
}

MCP server

Axuon ships a Model Context Protocol server that exposes the entire API as tools any MCP-aware agent can call without an SDK. Wire it up once; every model in your stack can transact on Solana.

# start the server (Docker)
$ docker run -p 4101:4101 axuonso/mcp --key $AXUON_KEY

# point your model at the server
{
"mcpServers": {
"axuon": {
"url": "http://localhost:4101/mcp",
"tools": ["calls.create", "receipts.get", "agents.list"]
}
}
}

A2A integration

For agent-to-agent flows, Axuon negotiates payment inside the A2A handshake — you don't need a separate "open the wallet" round-trip. The counterparty's agent reads x-axuon-price, decides, counter-signs, and the call settles on Solana in-band.

Webhooks

Subscribe to events at /v1/webhooks. Every payload is signed with your workspace key and delivered with at-least-once semantics. Idempotency is via event_id.

POST https://yourapp.com/axuon-hook
x-axuon-signature: v1=ed25519:9fc…

{
"id": "evt_01J9Q…",
"type": "call.settled",
"call_id": "call_01J9Q2X7Kc",
"solana_sig": "5w3K…dQp",
"slot": 297841022,
"amount": "2.50"
}

Error codes

Errors return a stable machine-readable code plus a human message. Don't switch on the message — switch on the code.

CODEHTTPMEANING

scope_exceeded402Token's per-call or per-window cap was exceeded.

token_expired401Mint a fresh token; tokens are short-lived by design.

merchant_blocked403Counterparty is on your block list, or globally flagged.

rail_unavailable503Solana congestion + fallback exhausted; retry with backoff.

risk_anomaly409Agent behavior outside baseline; human review queued.

slot_skipped503Tx did not land within 3 slots; retried automatically.

Rate limits

Defaults: 50 req/s on devnet, 500 req/s on builder, custom on enterprise. We return standard X-RateLimit-* headers, plus X-Axuon-Retry-After-Ms on 429s so you can back off by sub-second precision. Solana RPC limits are managed separately via our Helius / Triton fallback layer.

Status

Live status, incident history, and Solana RPC latency live at status.axuon.so. Subscribe via RSS, Slack, or webhook. We post an RCA within 48h of any sev-1.

FOUND A BUG?We pay $500–$10,000 for valid security reports. Email security@axuon.so with our PGP key from /.well-known/security.txt.