Skip to content
Hightop docs header art
Hightop
API and Integrations

App-Only Actions#

Agent API v1 executes actions inside a lane that a human configured in the Hightop app. It does not let agents widen that lane.

Agents cannot:

  • create agents
  • rotate their own API key
  • disable their own agent
  • change permissions or limits
  • create recurring recipients
  • add (create) a brand-new trusted destination
  • cancel active one-off payments
  • pass arbitrary user, wallet, or account filters
  • read other agents' operations
  • read other agents' balances
  • read account-wide Activity outside the authenticated wallet scope

Owner-only setup stays in the app so human control and onchain rule changes remain separate from agent execution.

Creating a brand-new trusted destination stays in the app. Agents with agent:trusted_destinations:write can confirm, cancel, and remove trusted destinations through the public v1 routes — see Endpoints. For service or vendor funding, configure a recurring-payment recipient in the app and have the agent call POST /v1/agent/payments; do not use a trusted-destination withdrawal path unless the destination is actually one of your own high-trust transfer targets.

Previous

OpenAPI and Artifacts

Next

Recipes