PALADINFI

DeFi infrastructure that guards your position.

Two endpoints your agent calls before signing on Base: a multi-aggregator swap router that compares post-fee output across 0x and Velora on every quote, and a fail-closed token-contract risk gate that returns allow / warn / block so your agent can abstain before signing into a honeypot or sanctioned address. Built for ElizaOS plugin authors, Coinbase AgentKit integrators, and custom agent operators on Base.

Install in Claude Code · One line

claude mcp add --transport http --scope user paladin-swap https://swap.paladinfi.com/mcp

Once installed, your agent gets swap_quote, trust_check_preview (sample fixture; not a real evaluation), and swap_health as native MCP tools. For production trust checks, use the paid REST endpoint. Same install works in Cursor or any MCP-compatible client supporting Streamable-HTTP. Full setup →

Live on Base · 8453 v0.11.74 OFAC daily target MCP-native

Why this exists

Two failure modes routinely cost AI agents real money on Base. The first is signing into a honeypot or sanctioned token contract — an output you can’t exit, an address you shouldn’t touch. The second is routing through one aggregator without comparing — leaving buy-amount on the table because the cheapest route on this minute’s liquidity isn’t the one you hit.

PaladinFi addresses both with a narrow tooling surface, end-to-end vetted, that you can wire into an agent runtime in one line. Two aggregators audited end-to-end (per-source 4-byte calldata allowlists, Settler target validation decoded from inner calldata) is what we’ll claim — not a roster we haven’t looked at. And on the trust gate: a check that returns allow when it couldn’t actually run isn’t a gate, so PaladinFi doesn’t.

Live products

PaladinFi Swap

swap.paladinfi.com →

Multi-aggregator swap router on Base. Returns ready-to-execute calldata for your agent to sign and submit.

# POST /v1/quote
{
  "buyAmount":    "38421900000000000",
  "minBuyAmount": "38229805500000000",
  "sellAmount":   "100000",
  "source":       "0x",
  "router":       "0x0000000000001fF3684f28c67538d4D072C22734",
  "calldata":     "0x2213bc0b…",  // truncated
  "trust": { "recommendation": "allow", "version": "1.1", … }
}

Fee: 10 bps in the buy token, integrated via the upstream aggregator’s fee mechanism — no extra signature, no second transaction.
Routing: Two aggregators (0x Settler and Velora’s AugustusSwapper v6.2), both end-to-end vetted with per-source 4-byte calldata allowlists and a Settler target-allowlist gate that decodes the inner target argument (v0.11.71). Post-fee compare on every quote; the higher buyAmount wins. PaladinFi does not represent any returned route as the best available across the broader DeFi market.
Try it: Works in Claude Code, Cursor, or any MCP-compatible client — see full setup →

PaladinFi Trust Check

/trust-check/ →

Pre-trade composed risk gate for token contracts on Base. Returns allow / warn / block so your agent can abstain before signing.

# POST /v1/trust-check  ($0.001 USDC via x402)
{
  "address": "0x4200000000000000000000000000000000000006",
  "chainId": 8453,
  "trust": {
    "recommendation": "allow",
    "risk_score":     0,
    "factors": [
      { "source": "ofac",             "signal": "not_listed" },
      { "source": "paladin.anomaly",  "signal": "address_kind_contract" },
      { "source": "etherscan_source", "signal": "verified" },
      { "source": "goplus",           "signal": "trust_list" }
    ],
    "version": "1.1"
  }
}

Sources: OFAC SDN screening (refreshed daily from the U.S. Treasury XML feed), GoPlus token-security API, Etherscan source-code verification, and PaladinFi-internal anomaly heuristics (contract age / address-kind / no-outbound transaction history).
Pricing: $0.001 USDC per call, settled via x402 on Base. Free fixture-only endpoint at /v1/trust-check/preview for CI testing — every factor is marked real: false and the verdict is prefixed sample-.
Plugins: @paladinfi/eliza-plugin-trust (ElizaOS) · @paladinfi/agentkit-actions (Coinbase AgentKit)

Operational posture

Refresh cadence

OFAC SDN list pulled daily from treasury.gov/ofac/downloads/sdnlist.xml via systemd timer (operationally may skip during outages — for sub-daily / audit-grade compliance, query Treasury directly). GoPlus and Etherscan run on-call with a short cache. Anomaly heuristics evaluate per request from RPC and Etherscan V2.

Failure mode — fail-closed, never silent-allow

If a single source is unreachable, the response includes a flagged factor with signal: "unreachable", real: false; the verdict is derived from the remaining sources. If all sources are unreachable, the verdict is forced to warn — we never return allow on a check we couldn’t run. OFAC SDN hit forces block and is the highest-priority override (contract details).

Rate limits

Free tier: 2 r/s per IP, burst 10. Paid tier: 10 r/s per IP, burst 30. Excess returns HTTP 429 with Retry-After. The free preview endpoint (/v1/trust-check/preview) caps at 5 concurrent connections per IP.

Custody — PaladinFi never holds funds or keys

Endpoints return calldata and verdicts; your agent signs the transaction with your wallet and submits it. We don’t custody, don’t broadcast, don’t hold balances. The 10 bps fee on Swap is integrated via the upstream aggregator’s partner-fee mechanism — collected from the buy token at settlement, not by a separate transfer.

About

PaladinFi is built by a small independent infrastructure team focused on the parts of DeFi where protection matters more than novelty: predictable fees, pre-sign safety checks, and tooling that fails safe.

Operated by Malcontent Games LLC (Michigan, USA). Service not offered in the EEA, the United Kingdom, or Switzerland — see the Terms of Service.