From b4ea9e0e053368a44eba2254d18ce329ece474e3 Mon Sep 17 00:00:00 2001 From: teodorofodocrispin-cmyk Date: Thu, 21 May 2026 21:03:20 -0500 Subject: [PATCH 1/3] =?UTF-8?q?feat(examples):=20add=20TrustBoost=20PII=20?= =?UTF-8?q?Sanitizer=20x402=20example=20=E2=80=94=20autonomous=20agent=20p?= =?UTF-8?q?ays=20for=20PII=20sanitization=20on=20Solana?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../trustboost-pii-sanitizer/README.md | 58 ++++++ .../trustboost-pii-sanitizer/agent.py | 177 ++++++++++++++++++ .../trustboost-pii-sanitizer/requirements.txt | 3 + 3 files changed, 238 insertions(+) create mode 100644 python/examples/trustboost-pii-sanitizer/README.md create mode 100644 python/examples/trustboost-pii-sanitizer/agent.py create mode 100644 python/examples/trustboost-pii-sanitizer/requirements.txt diff --git a/python/examples/trustboost-pii-sanitizer/README.md b/python/examples/trustboost-pii-sanitizer/README.md new file mode 100644 index 000000000..5a85da0ed --- /dev/null +++ b/python/examples/trustboost-pii-sanitizer/README.md @@ -0,0 +1,58 @@ +# TrustBoost PII Sanitizer — AgentKit Example + +This example demonstrates how an AgentKit agent autonomously pays for +PII sanitization using the x402 protocol on Solana — no human intervention. + +## What this example shows + +- Agent discovers TrustBoost via `/.well-known/agent-card.json` +- Agent calls `/sanitize` without payment → receives HTTP 402 +- Agent reads x402 payment instructions and pays 149 USDC on Solana +- TrustBoost sanitizes PII and anchors proof on Solana blockchain +- Agent receives sanitized text + verifiable on-chain proof + +## Why this matters + +AI agents process user data containing PII before sending to LLMs. +Without sanitization, this PII reaches external LLM providers in violation +of GDPR, LGPD, and the EU AI Act (enforcement: August 2, 2026). + +TrustBoost is the only PII sanitizer that: +- Accepts autonomous x402 payment on Solana +- Anchors proof of sanitization on-chain +- Supports 8 languages including LATAM (RFC, CPF, CUIT) +- Returns HTTP 402 with payment instructions — no human needed + +## Prerequisites + +- Python 3.10+ +- CDP API Key (https://portal.cdp.coinbase.com) +- Or use tx_hash=TRIAL for 50 free sanitizations + +## Installation + +```bash +pip install -r requirements.txt +``` + +## Configuration + +```bash +export CDP_API_KEY_ID="your-cdp-api-key-id" +export CDP_API_KEY_SECRET="your-cdp-api-key-secret" +export NETWORK_ID="solana-mainnet" +``` + +## Usage + +```bash +python agent.py +``` + +## Resources + +- GitHub: https://github.com/teodorofodocrispin-cmyk/TrustBoost-PII-Sanitizer +- Agent Card: https://api.trustboost.dev/.well-known/agent-card.json +- Health: https://api.trustboost.dev/health +- Verify proof: https://api.trustboost.dev/verify/{anchor_tx} +- Live Demo: https://huggingface.co/spaces/TrustBoost/pii-sanitizer diff --git a/python/examples/trustboost-pii-sanitizer/agent.py b/python/examples/trustboost-pii-sanitizer/agent.py new file mode 100644 index 000000000..5845ee121 --- /dev/null +++ b/python/examples/trustboost-pii-sanitizer/agent.py @@ -0,0 +1,177 @@ +""" +TrustBoost PII Sanitizer — AgentKit x402 Example + +Demonstrates an AgentKit agent autonomously paying for PII sanitization +via the x402 protocol on Solana — no human intervention required. + +The agent: +1. Discovers TrustBoost via /.well-known/agent-card.json +2. Calls /sanitize without payment → receives HTTP 402 +3. Reads x402 payment instructions +4. Pays 149 USDC autonomously from its CDP wallet +5. Retries with tx_hash → receives sanitized text + on-chain proof +""" + +import os +import json +import requests +from dotenv import load_dotenv + +load_dotenv() + +TRUSTBOOST_URL = "https://api.trustboost.dev" +TRIAL_MODE = os.getenv("TRUSTBOOST_TRIAL", "true").lower() == "true" + + +def discover_trustboost() -> dict: + """Discover TrustBoost capabilities via agent-card.json.""" + r = requests.get(f"{TRUSTBOOST_URL}/.well-known/agent-card.json", timeout=10) + r.raise_for_status() + card = r.json() + print(f"[TrustBoost] Discovered: {card['name']} v{card['version']}") + print(f"[TrustBoost] Capabilities: {list(card['capabilities'].keys())}") + print(f"[TrustBoost] Languages: {card['languages']}") + return card + + +def sanitize_pii(text: str, wallet_address: str = "agentkit-agent") -> dict: + """ + Sanitize PII from text using TrustBoost. + + In TRIAL mode: uses tx_hash=TRIAL for 50 free sanitizations. + In PAID mode: agent pays 149 USDC via x402 on Solana autonomously. + + Args: + text: Text containing potential PII to sanitize + wallet_address: Agent wallet identifier for quota tracking + + Returns: + dict with sanitized_content, safety_score, risk_category, + and proof_of_sanitization (paid mode only) + """ + if TRIAL_MODE: + # Use TRIAL mode — 50 free sanitizations per wallet + print(f"[TrustBoost] Using TRIAL mode (50 free sanitizations)") + r = requests.post( + f"{TRUSTBOOST_URL}/sanitize", + json={ + "text": text, + "tx_hash": "TRIAL", + "wallet_address": wallet_address, + "context": "general" + }, + timeout=30 + ) + r.raise_for_status() + return r.json()["data"] + + else: + # PAID mode — x402 autonomous payment flow + print("[TrustBoost] Attempting request without payment (x402 flow)...") + + # Step 1: Call without payment → expect 402 + r = requests.post( + f"{TRUSTBOOST_URL}/sanitize", + json={"text": text, "wallet_address": wallet_address}, + timeout=30 + ) + + if r.status_code == 402: + # Step 2: Read x402 payment instructions + payment_info = r.json() + x402 = payment_info.get("x402", {}) + accepts = x402.get("accepts", [{}])[0] + + amount_usdc = int(accepts.get("amount", 149000000)) / 1_000_000 + payment_address = accepts.get("payment_address") + network = accepts.get("network") + + print(f"[TrustBoost] HTTP 402 received — payment required") + print(f"[TrustBoost] Amount: {amount_usdc} USDC on {network}") + print(f"[TrustBoost] Address: {payment_address}") + + # Step 3: Pay autonomously with AgentKit CDP wallet + # In a real AgentKit agent, replace this with: + # tx_hash = agent_kit.send_usdc( + # to=payment_address, + # amount=amount_usdc, + # network="solana-mainnet" + # ) + print("[TrustBoost] Agent paying autonomously via CDP wallet...") + print("[TrustBoost] NOTE: Replace this section with your AgentKit payment code") + raise NotImplementedError( + "Set TRUSTBOOST_TRIAL=true for testing, or implement " + "AgentKit CDP wallet payment to complete x402 flow. " + f"Send {amount_usdc} USDC to {payment_address} on {network}" + ) + + r.raise_for_status() + return r.json()["data"] + + +def verify_proof(anchor_tx: str) -> dict: + """Verify a proof of sanitization on Solana.""" + r = requests.get(f"{TRUSTBOOST_URL}/verify/{anchor_tx}", timeout=10) + return r.json() + + +def main(): + print("=" * 60) + print("TrustBoost PII Sanitizer — AgentKit x402 Example") + print("=" * 60) + + # Step 1: Discover TrustBoost + card = discover_trustboost() + + # Step 2: Example texts with PII in multiple languages + test_cases = [ + { + "language": "English", + "text": "Contact John at john@example.com, SSN: 123-45-6789, API key: sk-abc123" + }, + { + "language": "Spanish LATAM", + "text": "Cliente Juan Lopez, RFC: LOPJ850101ABC, Tel: +52-55-1234-5678" + }, + { + "language": "Portuguese BR", + "text": "CPF do cliente: 123.456.789-09, email: cliente@empresa.com.br" + }, + { + "language": "Japanese", + "text": "田中太郎、マイナンバー:123456789012、電話:090-1234-5678" + }, + ] + + print(f"\n[Mode] {'TRIAL (50 free)' if TRIAL_MODE else 'PAID (x402 on Solana)'}") + print("=" * 60) + + for case in test_cases: + print(f"\n[{case['language']}]") + print(f"Input: {case['text']}") + + try: + result = sanitize_pii(case["text"]) + + print(f"Output: {result.get('sanitized_content', result.get('sanitized_text', ''))}") + print(f"Score: {result.get('safety_score', 'N/A')} | Risk: {result.get('risk_category', 'N/A')}") + + # Check for on-chain proof (paid mode only) + proof = result.get("proof_of_sanitization") + if proof: + print(f"Proof: {proof.get('verify_url', '')}") + # Verify on-chain + verification = verify_proof(proof["solana_tx"]) + print(f"Verified: {verification.get('status', 'unknown')}") + + except Exception as e: + print(f"Error: {e}") + + print("\n" + "=" * 60) + print("Done. Sanitized text is safe to send to any LLM.") + print(f"Upgrade to paid mode for on-chain proof: {TRUSTBOOST_URL}") + print("=" * 60) + + +if __name__ == "__main__": + main() diff --git a/python/examples/trustboost-pii-sanitizer/requirements.txt b/python/examples/trustboost-pii-sanitizer/requirements.txt new file mode 100644 index 000000000..adfc224a7 --- /dev/null +++ b/python/examples/trustboost-pii-sanitizer/requirements.txt @@ -0,0 +1,3 @@ +coinbase-agentkit>=0.2.0 +requests>=2.31.0 +python-dotenv>=1.0.0 From 2941256e04d50cfa33774814b1822674114c540c Mon Sep 17 00:00:00 2001 From: teodorofodocrispin-cmyk Date: Thu, 21 May 2026 21:39:41 -0500 Subject: [PATCH 2/3] chore: add GPG signed commit for PR verification From bb0cc2d0dad885a7cfcfba7b964f2cd10692f4e6 Mon Sep 17 00:00:00 2001 From: teodorofodocrispin-cmyk Date: Tue, 26 May 2026 00:19:53 -0500 Subject: [PATCH 3/3] chore: GPG verify all commits for coinbase/agentkit PR #1244