Elytro LogoElytro
Page Menu

Architecture

High-level flow of how Elytro coordinates agent requests, security checks, and EIP-4337 submission.

System Flow Diagram

+--------+      +----------+      +------------+      +-----------------+
| User   | ---> | AI Agent | ---> | Elytro CLI | ---> | EIP-4337 Bundler|
+--------+      +----------+      +------------+      +-----------------+
   intent            |                | submit
                     |                |
                     |                | risk-check request (tx digest + context)
                     |                v
                     |      +-----------------------+
                     |      | Elytro Security       |
                     |      | Service               |
                     |      | - high-risk check     |
                     |      | - limit check         |
                     |      | - signs if approved   |
                     |      +-----------------------+
                     |                |
                     |                | security signature only
                     |                v
                     |      +-------------------------------+
                     +----> | Elytro Contract               |
agent sig (local key)       | - SecurityHook                |
                            | - on-chain signature verify   |
                            +-------------------------------+

Component Responsibilities

  • User: provides intent and confirms actions through the agent interface.
  • AI Agent: translates intent into a transaction request and gathers context.
  • Elytro CLI: builds/simulates UserOperations and coordinates risk-check + signing flow.
  • Elytro Security Service: evaluates risk and policy (including limits), then returns security signature if approved.
  • Elytro Contract (SecurityHook): validates on-chain signatures and enforces security policy.
  • EIP-4337 Bundler: receives UserOperation and submits execution to the network.

Security Signing Path

The local agent key signs the transaction request, while the security service provides a separate approval signature after policy checks. The SecurityHook verifies that signatures and policy requirements are satisfied before allowing execution.

Typical sequence

  1. Agent builds tx request.
  2. CLI requests security review (tx digest + context).
  3. Security service validates risk + limits.
  4. Security service signs if approved.
  5. CLI submits UserOperation to bundler.
  6. SecurityHook verifies on-chain before execution.

Operational Notes

  • Always simulate before sending for large-value operations.
  • Sponsor coverage applies to gas, not transfer value itself.
  • For undeployed accounts, activate first before transaction send.