Put Nishvault before sendTransaction

Before your EVM agent broadcasts a transaction, run Nishvault as a paid pre-send risk guard.

This page is for the builder who already has an agent, bot, worker, or wallet client and wants Nishvault in front of the actual send path, not beside it.

If the builder has not confirmed trust yet, send them to /first-unpaid-402 before asking for a paid retry.

If the builder still needs to choose the right runtime entrypoint, send them to /start-here first and then bring them back here.

Entrypoint handoff

The readable path is: https://nishvault.com explains trust, https://nishvault.com/go/integrations redirects into the live API host, then the same host serves discovery, quickstart, and the first unpaid 402.

Choose the exact send slot first

Do not scan every example. Pick the exact runtime that already owns broadcast, copy that wrapper, and stay on one paid next step afterward.

AgentKit / walletProvider.sendTransaction

Best first fit for AgentKit issue #1167, awesome-x402, and generic sendTransaction visitors coming from ecosystem listings.

Open the AgentKit wrapper

viem

Use this when walletClient.sendTransaction is already live.

Open the viem wrapper

ethers

Use this when signer.sendTransaction is the last call before broadcast.

Open the ethers wrapper

Agent step / MCP tool

Use this when a job, queue worker, or tool step decides to send.

Open the agent-step wrapper

Three ways to install the pre-send guard

Pick the one that matches the exact place your agent would otherwise broadcast.

1. `viem` pre-send wrapper

import { createViemPreflightGuard } from "nishvault-preflight-buy";

const guardedSendTransaction = createViemPreflightGuard({
  walletClient,
  buyerKey: process.env.X402_BUYER_PRIVATE_KEY,
  sellerUrl: "https://api.nishvault.com",
});

const { preflight, txHash } = await guardedSendTransaction({
  account: walletClient.account,
  to: "0x2222222222222222222222222222222222222222",
  data: "0x",
  value: "0x0",
});

This is the closest integration to a real sendTransaction workflow when your runtime already uses viem.

2. `ethers` signer wrapper

import { createEthersPreflightGuard } from "nishvault-preflight-buy";

const guardedSendTransaction = createEthersPreflightGuard({
  signer,
  buyerKey: process.env.X402_BUYER_PRIVATE_KEY,
  sellerUrl: "https://api.nishvault.com",
});

const { preflight, txHash } = await guardedSendTransaction({
  to: "0x2222222222222222222222222222222222222222",
  data: "0x",
  value: "0x0",
});

Use this when your signer already owns the broadcast path and you want the guard directly in front of signer.sendTransaction(...).

3. Agent tool step

import { createAgentGuardStep } from "nishvault-preflight-buy";

const guardedStep = createAgentGuardStep({
  buyerKey: process.env.X402_BUYER_PRIVATE_KEY,
  sellerUrl: "https://api.nishvault.com",
  mapInputToTransaction: (job) => ({
    from: job.sender,
    to: job.target,
    data: job.calldata,
    value: job.value ?? "0x0",
  }),
  runStep: async (job, { preflight }) => executeJob(job, preflight),
});

Use this when your “agent” is a broader step runner, MCP tool, or queue consumer and the send decision needs one paid guard before execution.

One-shot install intent

If you already have calldata, copy the published guard command and put it in the same workflow slot where your script would send.

npx --package nishvault-preflight-buy nishvault-guard-tx -- --seller-url https://api.nishvault.com --to 0x2222222222222222222222222222222222222222 --data 0x --value 0x0

Advanced wrappers

AgentKit / generic `sendTransaction` / EIP-1193 provider

import { createEip1193PreflightGuard } from "nishvault-preflight-buy";

const guardedSendTransaction = createEip1193PreflightGuard({
  provider: window.ethereum,
  account: "0x1111111111111111111111111111111111111111",
  buyerKey: process.env.X402_BUYER_PRIVATE_KEY,
  sellerUrl: "https://api.nishvault.com",
});

const { preflight, txHash } = await guardedSendTransaction({
  from: "0x1111111111111111111111111111111111111111",
  to: "0x2222222222222222222222222222222222222222",
  data: "0x",
  value: "0x0",
});

This is the shortest browser-wallet or wallet-provider pattern when your runtime works through provider.request({ method: "eth_sendTransaction" }) or walletProvider.sendTransaction.

Programmatic preflight

import { preflightTransactionRequest } from "nishvault-preflight-buy";

const preflight = await preflightTransactionRequest({
  buyerKey: process.env.X402_BUYER_PRIVATE_KEY,
  sellerUrl: "https://api.nishvault.com",
  transaction: {
    from: "0x1111111111111111111111111111111111111111",
    to: "0x2222222222222222222222222222222222222222",
    data: "0x",
    value: "0x0",
  },
});

if (!preflight.ok) throw new Error(`Preflight failed: ${preflight.status}`);

Use this when your runtime already owns transaction assembly and only needs one paid preflight before broadcast.

Local repo command

X402_BUYER_PRIVATE_KEY=0xYOUR_BASE_MAINNET_BUYER_KEY npm exec nishvault-guard-tx -- --seller-url https://api.nishvault.com --to 0x2222222222222222222222222222222222222222 --data 0x --value 0x0

First unpaid 402 for the no-wallet proof step.
Builder start here for runtime-to-entrypoint choice.
Quickstart for the one paid buyer CLI.
Example flows and recipes only if you still need workflow fit.