Agents#

Hightop does not ask you to hand an external agent your wallet keys. Instead, it gives you an in-app workflow for creating AI Agents: named control profiles with their own API keys, permissions, limits, and expiry windows.

This page covers the in-app AI Agents workflow. For the deeper substance behind execution rights and agent lifecycle, see AI Agents. For the full rules layer, see Agent Permissions and Limits.

AI Agents list shows active agents with limits, spend, and expiry, while the detail screen lists one agent's API key and permission rows

The Mental Model#

A few workflow pieces to hold in mind as you move through the screens below:

Each agent has its own row on the AI Agents screen, with its own API key, rules, limits, and status.
Agent Rules sets the account-wide boundary every individual agent inherits.
Every create, update, and disable action is a protected account-management action that goes through Hightop's authentication flow, not a local draft.

Open AI Agents#

When you open AI Agents, the screen works as both a list and a launch point.

Each agent card can show:

the agent name
the current status
a limits summary
spend usage for the current period
activation timing when still pending
expiry timing when applicable

At the bottom of the screen, the app gives you two actions:

Agent Rules
Create Agent

That makes the structure very direct:

the screen itself is your list of active agents
Create Agent starts a new agent profile
Agent Rules changes the account-wide boundary above every agent

Two agent cards show active status, transaction and period limits, current spend progress, and expiration dates

Create an Agent#

The add-agent flow is short and deliberate.

First, the app opens Add Agent, where you give the new agent a name. After that, it opens the settings screen for the real setup.

The creation settings are inline, not tucked away in a second management area. This is where you define the scope for the new agent, including:

activation timing
financial limits
DeFi permissions
swap permissions
trusted-destination permissions
transfer permissions
allowed assets

For what each of these rule families actually controls, see Agent Permissions and Limits.

The app also makes the stacking model clear: account-wide rules still apply on top of the settings you choose here.

When you submit, the account owner authorizes a protected management action, not a casual local preference change.

Add Agent asks for an agent name, then opens settings for timing, limits, permissions, and allowed assets

Open the Agent Detail Screen#

Tapping an existing agent opens its detail screen. The next sections walk through the main areas on that screen.

Generate or Regenerate an API Key#

The API key section is one of the most important parts of the detail screen.

If the agent does not yet have a key, the app offers Generate API Key. If it already has one, the app offers Regenerate.

When a key is created, the app shows it once and warns you to store it immediately. It also links out to the Hightop agent API docs from the same screen.

That pairing matters:

the app is where you generate the credential
your external agent or workflow is what uses that credential

Agent detail offers Create Key, the key reveal warns that the API key is shown once, and the final state confirms the credential is active

Edit Agent Settings#

The existing-agent detail screen lets you edit the active rule set for that agent.

This is where you can update the agent's narrower rule set across the main rule families already described elsewhere in the docs:

limits
permissions
allowed assets
allowed protocols
swap tolerances
transfer capabilities

When a per-agent value is narrower than the account-wide boundary, the row shows that broader rule as Global max, Global min, or Global, so you can see the account-wide limit that still applies above the agent-specific value.

What the detail screen does not do is turn the agent into an account controller. The control wallet remains the authority above the agent. The agent stays scoped to the permissions and limits you intentionally gave it.

Review Live Usage#

If the agent has already been active, the detail screen can also show Live Usage.

This gives you a practical operational view of how much of the agent's scope has already been used in the current period, instead of forcing you to infer it from policy values alone. The app surfaces:

transactions this period against the current transaction cap
spend this period against the period spend cap
lifetime spend against the lifetime cap
swaps this period against the swap cap
last activity time
cooldown timing until the next action
when the current period resets

That makes the detail screen more than a settings page. It is also how you monitor whether an agent is staying comfortably inside the scope you intended.

Disable an Agent#

When the app offers Disable Agent, that action lives on the agent detail screen.

Disabling an agent does two important things:

it removes the agent's active access
it revokes the agent's API key

The app also frames it as a replacement path: once an agent is disabled, you can create a new agent in its place if that is what you need operationally.

This keeps revocation close to the rest of the workflow. You do not have to hunt through an unrelated security page to shut down an agent you no longer trust.

Open Agent Rules#

Agent Rules is the account-wide counterpart to the per-agent screens.

You can reach it from:

the AI Agents screen through the Agent Rules button
the main Settings screen under AI Agents with the label Account-wide agent rules

That screen is titled AI Agents with the subheader Account-wide Rules. It explains the key workflow truth directly: these rules apply to every agent, and individual agents can only narrow them.

This is where the account defines the broad rule families every agent inherits first: timing, permissions, financial limits, allowed assets and venues, and which payment or DeFi paths are available at all.

This page does not restate every field in that rule screen. For the deeper rule semantics, see Agent Permissions and Limits.

The workflow-level point is:

AI Agents manages individual agents
Agent Rules manages the broader account-wide boundary across them

What to Expect After You Submit#

A newly created agent can become usable immediately or wait behind an activation delay, depending on the timing you set.
Agent settings updates take effect after the protected action completes; they are not just draft app state.
API keys are shown once when generated or regenerated, so you should hand them off to the external agent workflow immediately.
The app surfaces these as protected management actions with titles like Creating Agent, Updating Agent Settings, Disabling Agent, and Updating Agent Policy, rather than as transfer-style activity entries.
Disabling an agent removes its active access and revokes its API key.

Where to Go Next#

AI Agents for the core execution-rights model
Agent Permissions and Limits for the deeper rules and parameter model
If an Agent Goes Off-Script for what to do when an agent acts outside the behavior you expected
Payments for the payment workflows agents can operate inside once their permissions allow it
Build on Hightop for the builder-facing picture of how external agents connect to Hightop