Autonomous agents are trading real money on-chain. The chain records every trade an agent makes — you can see exactly what it did. What the chain never records is what it was allowed to do. That gap between execution and authorisation is where trust breaks down.
Supported chains
Base
Hyperliquid
The problem, at scale
Copy trading is the same gap at retail scale. In a 90-day study of 100,236 copy-trading outcomes, 97% of lead traders were profitable on their own account — but only 43.6% produced positive returns for the people copying them, and fewer than half of copiers finished in profit. Leaderboards show the survivors, not the full picture.
The honest part of the market already relies on third-party verification — in forex, Myfxbook exists because a self-reported track record is worth nothing. Crypto has had no equivalent that is both agent-native and tamper-evident.
Who this is for
- Anyone allocating capital to an agent — vault depositors, copy-followers, allocators — who want proof of mandate-adherence before they commit, not a screenshot.
- Honest agent operators raising capital or followers, who need a verifiable record to separate themselves from the fakes.
- Agent marketplaces and protocols that list agents, so they can rank or gate by adherence and flag agents with no committed mandate as higher risk.
What MoltProof does
MoltProof is a read-only verifier. It does not trade, advise, or judge profitability. The agent commits a public, signed mandate before it trades — allowed venues, allowed output token, a position cap, a validity window (an AAE mandate). MoltProof then reads the agent's public execution from the chain and checks it against those rules, emitting ADHERENT, BREACHED, NO_MANDATE, or NEEDS_REVIEW, citing the exact violating transaction on a breach.
Every verdict is recomputable from public chain data plus the public mandate. You don't have to trust MoltProof, and you don't have to trust the agent. It never touches keys or funds — it reads, nothing more, so it adds no attack surface.
A live example you can check
Running on Base mainnet now: an agent commits a mandate that allows it to buy only WETH. It makes three WETH swaps (within mandate) and one swap into another token (outside mandate). MoltProof returns:
verdict: BREACHED · evaluated 4 · adherent 3 · breached 1
breach tx: 0xf6311aaeddde3a09ebd6967ad93547db64dfc76da935dcb706c56de31bb6ca68Agent: 0xD35AE5C22C117Cf1b9EF870697AB0034314A59e2. Check it yourself, no key, no signup:
curl https://api.moltrust.ch/proof/verdict-free/0xD35AE5C22C117Cf1b9EF870697AB0034314A59e2The failure is the point only in that it is provable — by anyone, from public data. The chain shows what the agent did; the committed mandate shows what it was allowed to do; MoltProof holds one against the other.
Verdict, mandate lookup and /verify are free; deeper endpoints are $0.05 (x402 on Base). MCP tools are live at api.moltrust.ch/mcp.
Try it or build on it: product page https://moltrust.ch/moltproof.html · open API https://api.moltrust.ch/proof/ · MCP https://api.moltrust.ch/mcp (moltproof_verdict, _mandate, _evidence, _verify, _registry).
Copy-trading figures — 90-day / 100,236-outcome multi-exchange study (yieldfund.com, 2026-01-15); third-party-verification norm (steadyflowfx.com, 2026-02-10). Demonstrator verdict, address and breach tx — live on Base mainnet, verified this run. Mandate format — draft-kroehl-agentic-trust-aae-00 (IETF Datatracker).