May 14, 2026 · 9 min read · CODE-WALK · Post 2 of 4 in the Legal Agent Stack series

The Compliance Hook code-walk — 10 lines to a regulator-friendly DeFi agent

pip install. ComplianceClient. preset check. signed proof. Done.

TL;DR

The blindoracle-compliance SDK adds MiCA / SEC / OFAC checks to any DeFi agent in under 10 lines of Python. Install from a tagged GitHub release (no PyPI account needed). Pick a preset. Call client.check_address(). Get back an allowed boolean plus a verifiable HMAC-signed proof. Plus first-class integrations for LangChain (51 LOC middleware), CrewAI (48 LOC tool), and MCP servers (66 LOC hook).

Step 1 — Install (no PyPI account required)

Per Coinbase's own AgentKit examples, the canonical pattern for niche action providers is install-from-GitHub-tag. We followed suit:

# Python
pip install "blindoracle-compliance @ git+https://github.com/craigmbrown/[email protected]#subdirectory=sdk/python"

# TypeScript (after operator npm publish — gated)
npm install @blindoracle/compliance@next

Why no PyPI? Two reasons. One, the SDK is small and tightly coupled to live API endpoints under craigmbrown.com/api/ — bundling a name on the public Python index implies maintenance + community-pickup expectations we're not ready to take on for v0.1. Two, operator-explicit guidance: ship via GitHub VCS-install until v1.0 proves out.

Step 2 — Initialise the client

One import, one constructor call, one wallet handle. The wallet handle is the x402 payment rail your agent uses; we accept any Fedimint-compatible handle or a Base USDC address.

from blindoracle_compliance import ComplianceClient, presets

client = ComplianceClient(
    api_base="https://craigmbrown.com/api",
    x402_wallet_handle="<your-fedimint-handle>",
)

The constructor doesn't fire a network call. It does eager validation of the wallet handle format (refuses obviously-malformed strings up-front so you fail at startup, not on first agent action).

Step 3 — Run a preset check

The three shipped presets:

PresetWhat it screensBacking data sources
presets.mica_eea_retailMiCA Title V retail protections, EU/UN/UK sanctionsEU sanctions consolidated, UN consolidated, UK HMT
presets.sec_us_accreditedSEC accredited-investor + Reg D safe harborsOFAC SDN, FinCEN
presets.kyc_ofac_sanctionsOFAC SDN, OFAC sectoral, FinCEN AMLOFAC SDN, OFAC sectoral, FinCEN

Calling them looks like this:

result = client.check_address(
    address="0xabc...",
    preset=presets.kyc_ofac_sanctions,
)

if not result.allowed:
    raise PermissionError(f"Blocked: {result.reason}")

# result also carries a signed proof
print(result.proof_kind)   # 30017 (ProofOfDeliverable)
print(result.signature)    # HMAC-SHA256, verifiable

Total surface area: a ComplianceCheckResult with four fields — allowed, reason, proof_kind, signature. The proof is stored server-side and indexed for the audit-log tier; the signature is yours to keep and attach to a downstream audit record.

Cost: $0.001 per check at pay-as-you-go pricing

Each call charges your x402 wallet $0.001. If you don't have $0.001 on tap when the call fires, the API returns 402 Payment Required with the price quote in the body. Your agent can decide to fund or fall back.

Step 4 — Wrap it as a middleware in your framework

The SDK ships first-class integrations for the three most common DeFi agent frameworks. Each is <100 LOC, intentionally tiny so you can read and verify it.

LangChain middleware (51 LOC)

from blindoracle_compliance.integrations import langchain_middleware
from langchain.agents import AgentExecutor

middleware = langchain_middleware.ComplianceMiddleware(
    client=client,
    preset=presets.kyc_ofac_sanctions,
    blocked_tools=["transfer", "approve", "swap"],
)

agent = AgentExecutor.from_agent_and_tools(
    agent=your_agent,
    tools=your_tools,
    callbacks=[middleware],
)

The middleware listens on the on_tool_start hook. If the tool name is in blocked_tools and the tool's first address argument fails the preset check, the middleware raises ComplianceBlockedError. Your agent's existing error-handling path catches it.

CrewAI tool (48 LOC)

from blindoracle_compliance.integrations.crewai_tool import ComplianceCheckTool

tool = ComplianceCheckTool(
    client=client,
    preset=presets.mica_eea_retail,
)

# Add to your crew's available tools
agent = Agent(
    role="DeFi risk scorer",
    tools=[tool, your_other_tools],
)

The CrewAI tool exposes itself as compliance_check with a Pydantic-validated input schema (a single address string). Crews call it like any other tool; the result flows back as a structured dict.

MCP server hook (66 LOC)

For Model Context Protocol servers, the hook installs into the pre_tool_use phase of every tool call. This is the same pattern the Cryptorefills AgentKit example uses for x402 payment gating, just with compliance gating instead.

from blindoracle_compliance.integrations import mcp_hook

mcp_hook.install(
    server=your_mcp_server,
    client=client,
    preset=presets.kyc_ofac_sanctions,
    block_on=["transfer_funds", "approve_allowance"],
)

Once installed, every transfer_funds or approve_allowance call by an MCP client must pass the preset check first. Failures return a structured MCP error (with a verifiable signature for the audit log) instead of executing the action.

Step 5 — Verify a signed proof later

Every check produces a HMAC-signed proof. Your audit/compliance team can verify it independently with our public key:

from blindoracle_compliance import verify_proof

# Pulled from your stored agent logs
stored_proof = "..."
stored_signature = "..."

is_valid = verify_proof(
    proof=stored_proof,
    signature=stored_signature,
    public_key=client.fetch_public_key(),
)
assert is_valid, "Audit proof tampered or fake"

The same verifier runs server-side on every audit-log retrieval. We publish the chain head daily so historical proofs can be cross-anchored.

Step 6 — Audit-log retrieval (paid tier)

If you're on the $499/mo audit-log tier, you can pull a complete history of every check your wallet handle has run, with all proofs:

# Last 30d, paginated
log = client.audit_log_pull(
    wallet_handle="<your-fedimint-handle>",
    since="2026-04-13T00:00:00Z",
    limit=1000,
)

for entry in log.entries:
    print(entry.timestamp, entry.address, entry.allowed, entry.proof_kind)

The retrieval returns a JSONL-style stream with each entry signed. You can attach the whole stream to a legal opinion or a regulator-facing audit packet. The chain integrity is verifiable — every record's prev_hash links to the previous record.

Why this matters — UETA §202 + MiCA Title V

UETA §202 says an electronic agent's actions bind the principal if the agency chain is provable. MiCA Title V Art. 60 says operational resilience requires "effective internal control over agent inputs." Neither statute cares whether your agent is a multi-billion-parameter LLM or a 200-line rules engine; both care whether you can prove what happened.

The Compliance Hook SDK is the smallest possible artifact that makes both proofs available:

Talk is cheap; signed bytes are not. Every claim in this post can be verified by reading the source code at sdk/python or hitting the live API at craigmbrown.com/api/agent-services.json.

Pricing recap

(Per-call prices reflect the live x402 paywall on craigmbrown.com/api/compliance/check; "pay-per-check" is the headline list price, not per-API-call infrastructure cost.)

Install in 30 seconds. Sign your first proof in 60.

Drop the install command, run the 10-line quickstart, and you have a signed proof in hand. If your lawyers ask "where's the audit trail" tomorrow, you already have it.

SDK v0.1.0 release Wedge 1 pricing Email to integrate

Related

Post 2 of 4 in the Legal Agent Stack series · Operated by Craig M. Brown · Back to blog