AI in DeFi is only useful if it can be trusted not to do something spectacularly stupid with real assets.Documentation Index
Fetch the complete documentation index at: https://docs.dzap.io/llms.txt
Use this file to discover all available pages before exploring further.
Core principle
Reasoning and execution should not be treated as the same thing. A model may understand what a user wants. That does not mean it should be free to execute it without structured checks.Execution classes
| Class | Examples | Typical confirmation |
|---|---|---|
| Read | balances, prices, positions | none |
| Advisory | routes, suggestions, analysis | none |
| Build | route building, transaction assembly | low |
| Simulate | dry-run execution | low |
| Execute | swap, bridge, deposit, zap | explicit |
| Privileged | approvals, policy changes, high-impact actions | strict |
Pre-execution checks
Before any execute-class action, the runtime evaluates:- Token and chain correctness
- Route sanity
- Slippage constraints
- Approval and allowance state
- Gas reasonability
- Simulation success
- Risk flags + policy boundaries
Safe execution pipeline
Runtime responsibilities
A production-grade runtime owns:- Session lifecycle
- Wallet context
- Auth boundaries
- Permission tiers
- Signing controls
- Policy enforcement
- Scheduling context
- Audit logs
What’s available today vs. gated
Available today
- Read-class tools, Advisory tools, Build tools — no confirmation.
- Execute-class tools — with confirmation in CLI/SDK-AI; visible in MCP-aware clients.
- Session-scoped key handling.
Gated by policy or rollout
- Privileged tools (admin, multi-tenant policy) — partner-only for now.
- Cross-application policy bundles — in design.