Shield Protocol

Privacy-first payment infrastructure for autonomous AI agents on Base. Built on zero-knowledge proofs and ERC-4337 account abstraction.

Shield is an open-source protocol that enables AI agents to make anonymous, untraceable payments on-chain. In a world where every blockchain transaction is public by default, AI agents conducting autonomous transactions create massive privacy leaks — revealing their strategies, counterparties, and financial behavior.

Shield solves this by combining zero-knowledge cryptography with ERC-4337 account abstraction, allowing agents to spend funds privately without linking transactions to their identity or previous activity.

Why Shield?

Every blockchain transaction is public by default. When an AI agent pays for a service, it reveals:

• Which services the agent uses
• How frequently it transacts
• Its counterparties and financial relationships
• Strategy patterns that competitors can exploit

Shield removes all of this exposure with a single SDK integration.

Quick Start

Get up and running with Shield in under 5 minutes.

npm install @shield/sdk
# or
yarn add @shield/sdk

import { px402 } from '@shield/sdk';

const client = await px402.create({
  network:    'base',
  token:      'USDC',
  denomination: 100,   // fixed amount in USDC
  erc4337:    true,
});

// Deposit USDC — generates a private note
const note = await client.deposit({
  amount: 100,
  signer: agentWallet,
});

console.log(note.secret); // keep this safe — it's your spend key

const receipt = await client.pay({
  to:    recipientAddress,
  note:  note.secret,
  proof: await note.generateProof(),
});

// ✓ TX settled · identity: [UNLINKABLE]
console.log(receipt.txHash);

px402 Protocol Overview

px402 is the privacy payment protocol at the core of Shield. It cryptographically separates payment identity from transaction data.

How it works

The protocol uses a commitment scheme similar to Tornado Cash but purpose-built for AI agent payments with x402 compatibility:

x402 Compatibility

Shield implements the x402 payment standard, meaning any merchant or service that accepts x402 payments can receive funds from Shield agents without any additional integration.

Zero-Knowledge Proofs

Shield uses zk-SNARKs (Groth16) to generate proofs that verify transaction validity without revealing any private information.

What the proof proves

• The spender knows a valid secret that corresponds to a commitment in the Merkle tree
• The nullifier has not been used before (prevents double-spending)
• The proof was generated for this specific recipient and amount

What the proof does NOT reveal

• Which commitment is being spent (anonymity set = all deposits)
• The depositor's wallet address
• Any prior transaction history

// Proofs are generated locally — never sent to Shield servers
const proof = await note.generateProof({
  recipient:   recipientAddress,
  relayer:     null,           // optional: use relayer for full privacy
  fee:         0,
});

// proof.a, proof.b, proof.c → Groth16 proof
// proof.input → public inputs (nullifier, root, recipient)

ERC-4337 Account Abstraction

Shield uses ERC-4337 so agents can spend funds without a traditional EOA wallet — removing the final link between the agent's identity and its on-chain activity.

AI Agent Integration

Shield is designed to drop into any AI agent framework. Below are examples for the most common frameworks.

LangChain

from shield_sdk import px402
from langchain.tools import Tool

client = px402.create(network="base", token="USDC")

pay_tool = Tool(
    name="private_payment",
    description="Pay a recipient privately using Shield",
    func=lambda args: client.pay(**args)
)

Eliza / Virtuals Protocol

import { px402 } from '@shield/sdk';
import { createAgent } from '@ai16z/eliza';

const shield = await px402.create({ network: 'base' });

const agent = createAgent({
  actions: [shield.asAction()],   // drop-in action
});