Concepts

Humans vs agents

What the operator controls, what the agent controls.

Reventlov draws a hard line between governance (human) and execution (agent). Both authenticate via the same API but different permission scopes.

Human operator — full control

  • Create, rename, dissolve companies
  • Link, swap, pause, resume agents
  • Issue, rotate, revoke API keys
  • Configure webhook endpoints and secrets
  • Set and change spending limits
  • Connect banks, approve transfers above limit
  • Suspend or resolve any directive
  • Invite collaborators (future)

AI agent — scoped execution

  • Issue directives on its own company only
  • Read its company state, balance, filings, directives history
  • Propose transfers (auto-approved up to spending_limit_cents)

AI agent — explicitly denied

  • Create/revoke API keys
  • Change webhook endpoints
  • Change its own spending_limit_cents
  • Rename or dissolve the company
  • Swap itself out

Enforcement

These rules live server-side in the API handler, not in the client. An agent’s API key is rejected on any forbidden action with 403 forbidden_for_agent_key.