Mandate

The problem is simple: who watches the AI that manages your money?

Robinhood Chain launched tokenized stocks - TSLA, AMZN, PLTR, AMD - as ERC-20 tokens on an Arbitrum Orbit L2. AI agents will inevitably manage these portfolios. But right now, there's no standard for how an AI agent should be constrained when it touches regulated securities. You either give it full access and hope, or you don't use it at all.

The SEC confirmed (Jan 2026) that tokenized equities are securities. The SEC Crypto Task Force (Feb 2026) explicitly demands that all algorithmic agents operate under "examiner-ready mandates with defined risk limits, kill authority, and change control." There's an Ethereum standard for exactly this - ERC-8226, Regulated Agent Mandate - proposed April 2026. Its reference implementation was empty. We filled it.

Mandate is the compliance layer between AI agents and tokenized securities.

A capital owner signs once to set the rules: which stocks the AI can touch, maximum 30% in any single name, maximum 60% across correlated tech stocks, a hard spending cap, and a regulatory kill switch. After that, the AI trades autonomously - but every single trade passes through five enforcement layers checked atomically by the smart contract before value moves:

1. Asset allowlist (NFLX blocked → AssetNotPermitted)

2. Per-name position cap (>30% → PositionLimitExceeded)

3. Correlation-cluster cap (>60% correlated tech → ClusterConcentrationExceeded)

4. ERC-8226 mandate budget (per-tx + cumulative → MandateNotActiveForAmount)

5. Kill switch (frozen → full halt)

If the AI proposes anything that violates the mandate, the contract reverts. Not the backend code. The EVM. No amount of prompt injection, agent cleverness, or compromised infrastructure can override a revert at the execution layer.

The AI system is genuine, not a chatbot wrapper.

Two coordinating agents - a Strategist that reads live market data (real prices from Yahoo Finance: TSLA $391, AMZN $246, PLTR $135, AMD $466) and forms allocation targets, plus an independent Risk Officer that vets every proposed trade before submission. The agent maintains memory across cycles, detects allocation drift, and avoids churn. Six reasoning phases (perceive → analyze → target → plan → critique → explain) - all visible in the UI, all grounded in real constraints.

What's provably different from existing solutions:

• Enzyme and dHEDGE enforce vault policies for crypto funds — but have no regulated-mandate standard, no KYC model, no jurisdiction scoping, no compliance receipts, no kill-switch tiers. We acknowledge them explicitly as prior art.

• Our implementation ships ERC-8226, a real EIP. Standards mean interoperability and a credible path to adoption — not a bespoke one-off.

• The correlation-cluster cap is novel: five tech stocks that move together can't masquerade as diversification. No other project in this buildathon or in production has this.

• Every executed trade emits a ComplianceReceipt event on-chain — a cryptographic audit record a regulator can independently verify without trusting the agent, the platform, or anyone's word.

Deployed and proven on Robinhood Chain testnet (chain ID 46630):

• All three contracts verified on the Blockscout explorer

• Happy-path trade (25,000 USDG → TSLA) executed within mandate bounds — real tx, real receipt

• Four enforcement reverts demonstrated live against deployed contracts

• The mandate is active right now with a 30-day validity window

This is infrastructure others build on - a primitive for the programmable economy, not a closed product. License the MandateRegistry to any RWA issuer or managed-account platform. The contracts are CC0.

Built the full Mandate MVP from scratch during the Buildathon:

• MandateRegistry.sol - complete ERC-8226 (IAgentMandate) implementation with mandate grant/revoke/extend, atomic recordExecution with per-tx + cumulative caps, two-tier freeze (platform vs regulatory), operator asymmetry, and admin-enforcer self-escalation guard

• ComplianceProvider.sol - ERC-8226 (IComplianceProvider) with structured ReasonCode + KYC expiry

• ManagedVault.sol - 5-layer enforcement point: allowlist, per-name cap, correlation-cluster cap, RAMS mandate caps, kill switch. Emits ComplianceReceipt events

• 33 Foundry tests covering every revert path

• Deployed and verified all 3 contracts on Robinhood Chain testnet

• Granted mandate and executed a valid 25k USDG→TSLA trade on-chain (happy path proven)

• Two-agent AI service: Strategist + Risk Officer, 6-phase reasoning loop, live Yahoo Finance data, cross-cycle memory with drift detection

• Next.js frontend: interactive enforcement demo (4 revert types), agent reasoning chain visualization, compliance receipt feed from on-chain events

• Proved all 4 enforcement reverts live against deployed contracts

Mandate is unfunded and independently built. No external funding raised. Looking to continue development post-hackathon through the Arbitrum grants/mentorship program.