Kernel Active v1.0

Trust Your
Artificial Agents

The execution kernel for on-chain intelligence. Immutable core, modular validators, and instant revocation.

EPKernel.sol (Read-Only)

execute() excerpt (v1, readability)

Omitted: struct declarations + helper bodies. Preserved: real check order (policy → expiry → agent → allowlist → value → nonce+EIP-712 → validator → nonce++ → call).

Verified contract (BscScan) Source (GitHub)

140 function execute(
141     uint256 policyId,
142     address target,
143     uint256 value,
144     bytes calldata data,
145     uint256 deadline,
146     bytes calldata signature
147 ) external payable returns (bytes memory out) {
148
149     // Omitted: Policy/AgentPermission struct declarations
150     // Omitted: _hashTypedDataV4(), _recover(), _EXECUTE_TYPEHASH
151
152     // 1) Policy exists + active
153     Policy memory p = policies[policyId];
154     if (p.owner == address(0)) revert PolicyNotFound();
155     if (!p.active) revert PolicyInactive();
156
157     // 2) Deadline required + fresh
158     if (deadline == 0) revert DeadlineRequired();
159     if (deadline <= block.timestamp) revert Expired();
160
161     // 3) Effective expiry = min(policyTTL, deadline)
162     uint256 policyExpiry = (p.validUntil == 0)
163         ? type(uint256).max
164         : uint256(p.validUntil);
165     uint256 effectiveExpiry = policyExpiry < deadline ? policyExpiry : deadline;
166     if (block.timestamp > effectiveExpiry) revert Expired();
167
168     // 4) Agent permission (+ TTL)
169     AgentPermission memory ap = agentPermission[policyId][msg.sender];
170     if (!ap.allowed) revert AgentNotAllowed();
171     if (ap.validUntil != 0 && block.timestamp > ap.validUntil) revert AgentExpired();
172
173     // 5) Target + selector allowlist
174     if (data.length < 4) revert CallNotAllowed();
175     bytes4 selector = bytes4(data[:4]);
176     bytes32 callKey = keccak256(abi.encodePacked(target, selector));
177     if (!callAllowed[policyId][callKey]) revert CallNotAllowed();
178
179     // 6) Value bound + exact msg.value match
180     if (value > p.maxValuePerCall) revert ValueTooHigh();
181     if (msg.value != value) revert MsgValueMismatch();
182
183     // 7) Nonce + EIP-712 owner signature
184     uint256 nonce = nonces[policyId];
185     bytes32 digest = _hashTypedDataV4(
186         keccak256(abi.encode(
187             _EXECUTE_TYPEHASH, policyId, target, value, keccak256(data), nonce, deadline
188         ))
189     );
190     address signer = _recover(digest, signature);
191     if (signer != p.owner) revert BadSignature();
192
193     // 8) Optional validator
194     if (p.validator != address(0)) {
195         IPolicyValidator(p.validator).validate(policyId, p.owner, msg.sender, target, value, data);
196     }
197
198     // 9) Nonce++ then atomic call (revert bubbles up)
199     nonces[policyId] = nonce + 1;
200     (bool ok, bytes memory ret) = target.call{value: value}(data);
201     if (!ok) { /* assembly { revert(add(ret, 32), mload(ret)) } */ }
202     emit Executed(policyId, p.owner, msg.sender, target, selector, value);
203     return ret;_
204 }