Introducing Guard-Railed Yield Agents
Most agent frameworks are built for one-shot transactions. The action is atomic, the outcome is immediate, and the scope is narrow.
Yield management is structurally different. When you deposit into a lending protocol or stake tokens, you're beginning an ongoing relationship with a position, not completing a transaction. Rates move, risk profiles shift, new opportunities emerge, and concentrations develop.
Managing yield well requires sustained attention. It's the kind of work an AI agent is genuinely suited to — monitoring rates across protocols, calculating whether a rotation justifies the gas cost, surfacing opportunities a human would miss. But agents operating autonomously over longer time horizons and larger positions require a different kind of infrastructure than agents executing one-time swaps.
Today we're shipping the solution for agentic onchain yield management. Your agent can now monitor and act on 2,900+ yield opportunities across 80+ chains, and you decide, before the agent ever acts, exactly what it's allowed to do. And if you want to keep a human in the loop on every transaction, semi-autonomous flows are available.
Example Use Case
You deploy a yield agent. You configure it to rotate USDC across Aave, Morpho, and Compound on Ethereum, Base, and Arbitrum, with a cap of $10,000 per transaction and an allowlist that includes only those three protocols.
You prompt the agent to optimize your stablecoin portfolio. It notices USDC on Morpho Base is paying 3.51% while your position on Aave Ethereum is earning 1.9%. Rotation cost: $1.82. Annualized gain on the $10,000 position: $161. Costs are recovered in under a day.
It builds the transaction. Privy checks it against your policy: amount, chain, contract, recipient. It passes. The transaction is signed and broadcast, and your portfolio is earning optimized yield between the protocols and assets you select.
AgentKit x Privy
Yield.xyz and Privy are now integrated into a single agent stack, with each system handling a distinct layer of the problem.
Yield.xyz AgentKit gives agents access to 2,900+ yield opportunities across 80+ chains through a remote MCP server. The agent uses it to discover opportunities, compare rates, and construct the exact transactions needed to act. It covers staking, liquid staking, restaking, lending, vaults, and liquidity provision across Ethereum, Base, Arbitrum, Solana, and beyond.
Privy handles everything that touches keys. Wallet creation, policy enforcement, signing, and broadcast all happen inside Privy's Trusted Execution Environment. The private key is never assembled until every policy rule has been evaluated and passed.
Autonomous and Semi-Autonomous Operating Modes
Users have optionality with regards to how much autonomy their agent has. Autonomous mode allows agents to execute transactions within user-specified parameters, while semi-autonomous mode keeps transaction approvals fully in the hands of users.
In autonomous mode, the agent operates within a policy envelope you define before any wallet is created. It monitors positions, identifies opportunities, and executes within those bounds without requiring your attention on individual transactions. The policy is the authorization layer. It's enforced inside Privy’s Trusted Execution Environment before any signing takes place, which means it's not something the agent can reason around or that a compromised application layer could bypass.
In semi-autonomous mode, the agent does the same analytical work and transaction building, but it holds every transaction for human review. A key quorum becomes the wallet's cryptographic owner at creation time. Every transaction the agent wants to submit is routed to a designated approver on the Privy dashboard and sits pending until they sign off. Each pending transaction is submitted as an intent via Privy's Intents API, which expires after 72 hours if not approved.
Semi-autonomous mode requires a Privy Enterprise plan. Autonomous mode is available on all plans.
The Policy Engine
Both modes are governed by Privy's policy engine. Policies are composable and evaluated inside the Trusted Execution Environment before the private key is assembled. Available controls include:
- Spend caps: per transaction and per rolling time window
- Chain restrictions: lock the wallet to specific networks
- Contract allowlists: approved contract addresses only
- Recipient controls: allowlists and denylists for outgoing transfers
- Method-level restrictions: specify which RPC methods the wallet may call
An example configuration: max 5,000 USDC per transaction, Ethereum and Arbitrum only, Aave and Morpho vault contracts only. Everything outside that envelope is rejected by Privy’s policy engine before it ever reaches the chain.
In semi-autonomous mode, the policy and the approval gate are enforced independently. A transaction must satisfy both.
Get started
Autonomous mode: configure your Privy credentials, define your policy, create your wallet, and fund it. You can interface with the agent through Claude or any MCP-compatible agent.
Semi-autonomous mode requires a few additional steps on the Privy dashboard: an active Enterprise plan, an MFA-enrolled approver, and a key quorum set up under Wallet Infrastructure → Authorization Keys. Once you pass the key quorum ID to the agent, it provisions the wallet with the quorum as owner. The approval workflow is active from the first transaction.
Full documentation, the GitHub repository, and setup guides for both modes are linked below.
- Privy Recipe: https://docs.privy.io/recipes/yield/yield-agentkit-guide
- AgentKit x Privy docs: https://docs.yield.xyz/docs/yieldxyz-agentkit-privy-skill
- GitHub repository: https://github.com/stakekit/agentkit