A Ethereum Magicians proposal for an asset-enforced spending mandate suggests token-level controls for delegated spending, including wallet activity from AI agents.
TL; DR
- Ethereum developers are discussing an asset-level spending mandate for delegated wallets.
- The idea is to limit agent spending with limits, expiration dates, allowed tokens, and withdrawal rules.
- The proposal focuses on more secure AI agent and delegated onchain payments.
- It is still an early discussion draft and not a final ERC standard.
A proposal for delegated onchain spending
Ethereum developers are starting to grapple with a practical problem that will only get worse: what happens when autonomous agents, delegated wallets, or third-party scripts are allowed to move funds? In a normal wallet flow, the user signs each transaction. In an agent-driven flow, the user can grant permission once and expect the software to act within certain limits.
The asset-enforced spending mandate proposal seeks to place these limits at the token level. Instead of relying solely on a wallet, session key, or application policy, the asset itself would consult a port before allowing transfers. That gate could enforce rules such as per-transaction limits, expiration dates, allowed tokens, and withdrawal status.
Why the asset layer matters
The main design idea is that the controls should travel with the token, and not just with a specific wallet interface. If an AI agent’s key is compromised, or if a session goes wrong, the token can still reject transfers that exceed the approved mandate. That’s important because many onchain losses happen when approvals are too broad and users don’t fully understand what they’ve authorized.
The proposal describes a small interface that can see whether an address is secured and whether a transfer is allowed. More importantly, it introduces a machine-readable vocabulary of speech. Instead of simply rolling back a failed transfer with little context, the system could say whether the request failed because there was no mandate, the mandate has expired, it has been revoked, the token is disallowed, or the amount has exceeded the transaction limit.
AI agents raise the stakes
Wallets for AI agents are still in their early stages, but the direction is clear. If bots are expected to rebalance portfolios, pay bills, manage treasury subaccounts, or interact with DeFi protocols, users will need more than a simple yes-or-no approval. They need boundaries that are readable, enforceable, and revocable.
That puts this proposal in the same broad family as account abstraction, delegated signing, and regulated pre-transfer token controls. It does not attempt to solve identity, compliance, or every possible consent issue. Instead, it focuses on a narrow security primitive: what a holder is allowed to spend, enforced by ownership rather than the agent’s good behavior.
Still early, but on time
The proposal is not a final ERC and is not included in Ethereum’s standard process. It’s launching for early feedback, which means details may change or never make it into production. Still, the timing is remarkable. Crypto is moving toward more automated wallets, more tokenized assets, and more delegated transaction flows. Without stricter consent controls, the convenience of agent funding could quickly turn into a new attack surface.
For Ethereum builders, the important question is whether spending limits should be primarily in wallets, apps, or assets. This proposal states that the token contract itself should play a role. If implemented in some form, this could make AI agent payments more secure without forcing each application to build its own consent system from scratch.
This article was written by the News Desk and edited by Samuel Rae.