What Is a Capital Cell?

A capital cell — called a vault in the SwarmOS dashboard — is a programmable money container for AI agents.

The Problem

AI agents need to hold and spend money. A regular wallet has one key, one balance, no policy enforcement, and no audit trail. If an agent is compromised, there is nothing between the attacker and the funds.

The Solution

A vault is a partitioned balance bound to a specific (chain, asset) pair and governed by a policy. The policy controls:

Per-action limits — maximum amount per transaction
Chain allowlist — which blockchains the vault can transact on
Approval thresholds — which risk levels require human sign-off
Spend limits — daily, weekly, monthly budgets

Each vault belongs to one agent principal. The agent authenticates with a time-bounded session key (not its root key). Every transaction produces a hash-chained receipt.

How It Works

Every execution follows a 4-phase atomic flow:

Reserve — The vault locks the requested amount. No funds leave yet.
Sign — The signing pipeline validates policy, checks risk, and produces a signed transaction.
Submit — The chain adapter submits the signed transaction.
Confirm — On success, the reserved amount is committed. On failure, the reserve is released.

If any phase fails, the vault returns to its pre-execution state. No funds are lost.

Why Not a Smart Contract?

Vaults run in the application layer with Ed25519 authentication, not on-chain. This means:

Instant policy changes — no gas, no deployment
Cross-chain portability — same vault model for any chain
Full audit trail — hash-chained receipts link intent, policy, risk, and execution
Circuit breaker — the GSI can freeze all vaults instantly on anomaly detection

Technical Name

The internal data model calls this a CapitalCell. The terms are interchangeable: vault (user-facing) and capital cell (technical, used in code and API).