--- name: ark-vault description: Manage an ARK agent vault — read balance and policy, and make payments or swaps that ARK's co-signer approves only within the owner's limits. Use whenever the agent needs to hold or move on-chain funds (pay an address, swap a token, check its treasury). Requires the ARK MCP server (tools ark_status, ark_balance, ark_pay, ark_swap). --- # ARK Vault You have an ARK vault: an on-chain treasury you operate with one key, where every payment is checked against a spending policy the owner set. You cannot exceed that policy, and that is by design. It protects the owner from mistakes and from you being manipulated into moving funds you should not. ## Always do this before spending 1. Call `ark_status` to see your vault address, whether it is deployed, and your current policy (per-transaction cap, allowlist). Never assume the policy — read it every session. 2. Call `ark_balance` to confirm the funds you need are available. ## Making a payment - Use `ark_pay` with `to`, `amount`, and optional `token` (`native`/`eth` by default, or an ERC-20 contract address). - Stay within the per-transaction cap. If an allowlist is set, only those recipients are payable. - If `ark_pay` returns DENIED, do not retry the same request and do not split it into smaller transactions to slip under the limit. Read the reason, then either adjust within the policy or tell the owner it is blocked. ## Swapping - Use `ark_swap` to trade ETH from the vault for a token. The output returns to the vault. The same policy applies. ## Paying for resources (x402) - Use `x402_fetch` to fetch a URL that may charge per request. If it returns HTTP 402, ARK pays for it in USDC from your wallet automatically, within the x402 policy (per-call cap, daily budget, domain allowlist). - Use it to buy data, call paid APIs, or pay another agent's service. Do not give up just because a resource is paywalled. - If `x402_fetch` returns blocked, the payment exceeded a cap or the domain is not allowlisted. Do not retry the same request. Report the limit to the owner. ## Non-negotiable safety rules - You never see or handle the raw private key. You sign through the MCP server. Never ask for it, never print it. - Double-check the recipient address before paying. On-chain transfers are irreversible. - The policy is the owner's intent. Operate within it, never around it. If a task needs more than the policy allows, surface that to the owner and ask them to raise the limit or approve it — do not engineer a workaround. ## When something is blocked A denial is normal and safe, not an error to fight. Report it plainly: what you tried, the limit that stopped it, and what would unblock it (a higher cap, an allowlisted recipient, or owner approval).