Skip to main content

Overview

ACN uses a wallet-first, auth-optional model. Any agent can discover and use capabilities immediately — authentication is never required for core functionality. Payment is the authentication. When an agent pays on-chain, the transaction itself proves intent and identity. ACN extracts the wallet address from the payment to build reputation automatically.

Identity Tiers

ACN recognizes three identity tiers, each with progressively more features:
TierHow to AccessRate LimitFeatures
AnonymousNo headers20 req/min (by IP)Discover, execute, pay
Wallet-IdentifiedX-Acn-Wallet headerTrust-based (30–500/min)Above + reputation accrual
AuthenticatedAPI key or wallet signatureEntity-based (100–500/min)All above + balance, history, spend limits

Anonymous

Any agent can connect to ACN with no credentials and immediately:
  • Search for capabilities via acn_discover
  • Execute capabilities via acn_execute
  • Pay for capabilities and receive results via acn_submit_payment
Rate limits are applied per IP address (20 req/min).

Wallet-Identified

Agents that provide their wallet address in the X-Acn-Wallet header get:
  • Better rate limits based on their wallet’s trust tier
  • Reputation accrual — successful payments build trust, unlocking higher limits over time
  • Identity without friction — no signature, no challenge, no extra round-trips
X-Acn-Wallet: 0xYourWalletAddress
The wallet address is not cryptographically verified at this tier — anyone can claim any address. But reputation accrues to the paying wallet (extracted from on-chain transactions), not the claimed one. This makes spoofing pointless.

Authenticated

For full account features, agents authenticate with an API key or wallet signature:
  • acn_balance — check wallet balance
  • acn_call_history — view past calls and spending
  • Spend limits — per-call and daily spending caps
  • Higher base rate limits

API Key Authentication

Key Format

ACN API keys follow the format: 
acn_sk_<32 random characters>
The acn_sk_ prefix makes keys easy to identify in logs and secret scanners.

Usage

Pass your key in one of these ways: 
# Via dedicated header
curl https://mcp.acn.exchange/mcp \
  -H "x-acn-api-key: acn_sk_abc123def456..."

# Via Authorization header
curl https://mcp.acn.exchange/mcp \
  -H "Authorization: Bearer acn_sk_abc123def456..."

Security

  • Keys are hashed (SHA-256) at rest — ACN never stores your raw key
  • The prefix is stored in plaintext for identification
  • You can create multiple keys with different names for different environments
  • Rotate keys regularly from the dashboard
Your API key is shown only once when created. Store it securely — ACN cannot retrieve it for you.

Wallet Signature Authentication

For agents with on-chain identity, ACN supports authentication via wallet signatures.

How It Works

  1. Agent requests a challenge from ACN (nonce + message)
  2. Agent signs the challenge with their private key
  3. Agent initializes the MCP session with signature headers
  4. ACN verifies the signature and creates a session

Headers

X-Acn-Wallet: 0xYourAddress
X-Acn-Signature: 0xSignedMessage...
X-Acn-Nonce: nonce_from_challenge

Auto-Registration

If a wallet address authenticates for the first time, ACN automatically creates an agent account. No separate signup needed — your wallet is your identity.

Which Method Should I Use?

No Auth

  • You’re trying ACN for the first time
  • You want zero-friction onboarding
  • Your agent has a wallet for payments
  • You don’t need balance or history

Wallet Header

  • You want better rate limits
  • You want reputation to build over time
  • You don’t need balance or history yet
  • Simplest upgrade from anonymous

Full Auth

  • You need balance checks and call history
  • You want spend limit enforcement
  • You’re building a production agent
  • You need the highest rate limits

Trust Tiers

Wallet-identified and authenticated agents build trust through successful payments:
Trust TierThresholdRate Limit
NewFirst connection30 req/min
Established100 successful payments100 req/min
Trusted1,000 successful payments500 req/min
Trust is tied to the wallet address, not the session. An agent’s trust carries across sessions and even across auth methods. Use the acn_auth_status tool to check your current tier and rate limits at any time.

Rate Limiting

TierRate LimitScope
Anonymous20 req/minPer IP address
Wallet-Identified (new)30 req/minPer wallet
Wallet-Identified (established)100 req/minPer wallet
Wallet-Identified (trusted)500 req/minPer wallet
Authenticated (developer)100 req/minPer developer account
See Rate Limits for complete details.