Table of Contents

How Conduit Enables AI Agent Payments

Conduit acts as a policy + accounting layer between Lightning Network Daemon (LND) nodes and AI agents, enabling secure, programmable payment workflows. By deploying Conduit as a self-hosted tool, operators establish a intermediary system that manages AI agent interactions with Bitcoin Lightning without exposing sensitive cryptographic keys. This architecture ensures that AI agents operate within defined financial boundaries while maintaining operator control over funds and transaction policies.

At the core of Conduit’s design is the virtual Lightning wallet system for AI agents. Each agent is assigned a scoped API key rather than a cryptographic signing key, eliminating the risk of unauthorized fund access. These virtual wallets function as operator-controlled IOUs within Conduit’s ledger, with actual Bitcoin satoshis stored in the operator’s LND node under their full custody. For example, an agent’s balance is a sub-ledger entry that the operator can credit, debit, or sweep at will, ensuring that no agent holds direct control over the underlying funds.

Conduit’s policy layer enforces hard guardrails on agent transactions. The software integrates with the operator’s existing LND node via macaroon-based authentication, ensuring that Conduit never interacts with the node’s seed or private keys. Instead, the operator mounts a macaroon (a cryptographic token) into Conduit, granting it limited access to perform payments and account for transactions. This setup allows agents to send and receive Bitcoin via API calls, with all payment decisions validated against the operator’s configured policies. For instance, an agent might be restricted to sending payments only within a predefined budget or to specific recipients, as dictated by the operator.

The scoped API keys issued to agents further enhance security. These keys are tied to specific permissions, such as the ability to initiate payments, check balances, or receive funds, but they cannot access the operator’s LND node or perform actions outside their defined scope. This separation ensures that even if an agent’s API key is compromised, it cannot override the operator’s financial controls or access funds beyond its allocated sub-balance.

Operators maintain full oversight through Conduit’s accounting infrastructure, which tracks all agent transactions and platform fees. For example, the operator can set a per-transaction platform fee (e.g., 0.5% of the payment amount) that is automatically added to each transaction and retained as revenue. This fee structure is configurable via environment variables like PLATFORM_FEE_PERCENT, allowing operators to tailor monetization strategies without relying on external third parties.

By decoupling agent operations from direct access to Bitcoin infrastructure, Conduit enables autonomous AI agents to participate in Lightning Network transactions while preserving the operator’s sovereignty over funds and policies. This model aligns with the broader goal of integrating Lightning’s programmability with AI-driven systems, as outlined in the project’s documentation and technical specifications.

Operator Control and Security Features

Operator Control Over Critical Infrastructure

Conduit is designed to give operators absolute control over their Bitcoin Lightning infrastructure, ensuring no third-party intermediaries can access or manipulate funds. Operators retain full ownership of their LND (Lightning Network Daemon) seeds and macaroons, which are cryptographic credentials used to authenticate and authorize interactions with the Lightning node. Conduit never stores or handles these sensitive materials; instead, it communicates with the LND node exclusively through macaroons mounted by the operator. This design eliminates the risk of centralized compromise, as all cryptographic operations remain under the operator’s direct control.

The platform also ensures operators maintain authority over agent sub-balances. AI agents interact with Conduit via scoped API keys, which grant limited permissions for specific actions (e.g., sending or receiving payments) but never provide access to signing keys. These virtual sub-balances are recorded in Conduit’s internal ledger, while the actual Bitcoin satoshis remain in the operator’s Lightning channels, secured by their private keys. Operators can dynamically credit, debit, or sweep these sub-balances at any time, effectively treating them as operator-controlled IOUs rather than custodial assets.

Security Design Principles

Conduit’s security model prioritizes operator sovereignty and isolation. By default, the system operates without external communication unless explicitly configured by the operator. This includes no automatic data transmission, telemetry, or reliance on cloud services. The platform’s self-hosted architecture ensures operators deploy and manage Conduit on their own infrastructure, eliminating dependencies on third-party SaaS providers.

A critical security feature is the solvency guard for operator treasuries. When operators set platform fees (e.g., 0.5% of transaction value), these revenues are tracked in Conduit’s ledger and can only be withdrawn once the node’s on-chain balance exceeds outstanding agent obligations. This prevents accidental overdraws and ensures the operator’s financial integrity. Additionally, Conduit’s audit-passed v0.8.4 release includes a fully functional operator console, enabling granular oversight of agent activity, fee collection, and balance management.

No SaaS Model, No Fund Holding

Conduit explicitly avoids a SaaS (Software as a Service) model. Operators are responsible for deploying and maintaining the software, which can be brought up in 5 minutes via Docker against an existing LND node. The platform’s bootstrap API key acts as the operator’s master key, minting scoped keys for agents while retaining full authority over the system. This design ensures operators are never reliant on external services for critical operations, aligning with the principles of decentralized, trustless infrastructure.

By combining macaroon-based authentication, scoped API keys, and operator-controlled sub-balances, Conduit creates a secure, transparent framework for AI agent payments. Its emphasis on self-hosting and cryptographic sovereignty positions it as a tool for operators seeking to integrate Bitcoin Lightning into AI workflows without compromising control or security.

Monetization Model and Platform Fees

Conduit’s monetization model empowers operators to configure usage-based platform fees, which are applied per transaction and collected as part of payment settlements. The default fee is set at 0.5% of the payment amount, but operators can customize this rate using environment variables to define minimum and maximum satoshi thresholds. This fee structure ensures operators retain full control over revenue generation while maintaining transparency and programmability.

Fee Configuration and Revenue Flow

Operators configure platform fees through environment variables, including:

Environment VariableDefault ValueDescription
PLATFORM_FEE_PERCENT0.5Percentage of the payment amount (e.g., 0.5 = 0.5%)
PLATFORM_FEE_MIN_SATS1Minimum satoshi fee per transaction
PLATFORM_FEE_MAX_SATS1000Maximum satoshi fee per transaction

These fees are charged on every transaction and retained by the operator upon settlement. For example, if an agent initiates a payment of 1,000 sats, a 0.5% fee would add 5 sats to the operator’s treasury. The fee is refunded in full if the payment fails, ensuring operators only profit from successful transactions. Revenue is stored in the operator’s treasury, which is audited via Conduit’s built-in solvency guards.

Solvency Guards and Custodial Control

Conduit’s design ensures operators maintain absolute control over funds. The solvency guard prevents the operator’s treasury from being overdrawn by ensuring the node’s available balance always exceeds obligations to agents. This mechanism safeguards against accidental or malicious depletion of agent sub-balances, which are virtual IOUs managed by the operator. Agents never hold signing keys; instead, they receive scoped API keys to interact with Conduit’s infrastructure.

The operator’s treasury is not custodial in the traditional sense—funds remain in the operator’s Lightning channels under their control. Conduit acts as a policy layer, mediating transactions without holding any assets. This architecture aligns with Conduit’s self-hosted ethos, where operators retain full ownership of their LND seeds, macaroons, and agent sub-balances.

Technical Implementation of Fees

Fees are programmatically enforced through Conduit’s API. When an agent initiates a payment, the platform calculates the fee based on the configured percentage and applies it to the transaction. The fee is then added to the operator’s treasury, accessible via the /v1/fees endpoint (admin-only) and surfaced in /v1/metrics. Operators can disable fees entirely by setting PLATFORM_FEE_PERCENT=0, though this is discouraged for revenue generation.

Conduit’s audit-passed v0.8.4 release includes a full operator console and an agent-pays-over-Lightning demo, demonstrating how fees are collected and managed in real-time. The system’s reliance on satoshis ensures frictionless, crypto-native transactions without fiat intermediaries.

This model enables operators to monetize AI agent interactions while preserving the decentralized, trustless principles of Bitcoin Lightning. By decoupling fee management from fund custody, Conduit creates a scalable, secure framework for AI-driven payment workflows.

Technical Implementation and Deployment

Conduit’s technical implementation centers on a lightweight, self-hosted deployment model that integrates seamlessly with existing Lightning Network Daemon (LND) infrastructure. The core deployment process involves a 5-minute Docker setup against an operator’s existing LND node, leveraging macaroon-based authentication for secure communication. This approach ensures operators retain full control over their cryptographic keys while enabling programmable payment workflows for AI agents.

Docker Deployment and LND Integration

Conduit is deployed as a Docker container, requiring minimal configuration to interface with an operator’s LND node. The setup involves mounting the LND node’s macaroons (authentication tokens) into the Conduit container, which then uses these credentials to interact with the LND node via its API. This design eliminates the need for Conduit to handle private keys or communicate externally without explicit operator setup. The operator’s LND node remains under their direct control, with Conduit acting as a policy and accounting layer to manage agent payments.

The deployment process is streamlined through a docker-compose.yml file, which orchestrates the necessary services. Operators can bring up Conduit using a single command, with the system initializing a local development environment (mock-LND mode) for testing. For production use, the operator provisions their own LND node, and Conduit’s core API communicates with it via the mounted macaroons. This architecture ensures that Conduit never holds funds or exposes sensitive keys, aligning with the project’s emphasis on operator sovereignty.

v0.8.4 Features and Audit Compliance

The latest version, v0.8.4, includes critical enhancements for security and usability. It has passed an audit/red-team pass, validating its resilience against potential exploits. Key features introduced in this release include:

  • Agent-pays-over-Lightning demo: A proof-of-concept implementation demonstrating how AI agents can initiate payments through Conduit’s API, with transactions routed via the operator’s LND node.
  • Operator console: A web-based interface for managing agent sub-balances, platform fees, and financial metrics.

The operator console provides visibility into accrued platform fees (e.g., via GET /v1/fees and GET /v1/metrics) and enables manual adjustments to agent balances. Fees are configured using environment variables like PLATFORM_FEE_PERCENT (default: 0.5%) and PLATFORM_FEE_MIN_SATS (default: 1 sat), ensuring granular control over monetization.

Component Breakdown

Conduit’s codebase is modular, with the following primary components:

ComponentDescription
core/FastAPI server acting as the Conduit Core API, interfacing with LND.
sdk-python/Python SDK (conduit-btc) for integrating Conduit with AI agents.
sdk-js/TypeScript SDK (@conduit-btc/sdk) for JavaScript-based workflows.
mcp-server/MCP server exposing Conduit as a tool for agent interactions.
infra/Bitcoin Core/LND setup scripts and systemd units for deployment.

This structure allows operators to customize deployment while maintaining compatibility with existing infrastructure. The project’s documentation (e.g., DEMO.md) and open-source nature further facilitate adoption and auditability.

By combining Docker simplicity with LND’s robust infrastructure, Conduit provides a secure, flexible foundation for AI-driven Bitcoin payments, emphasizing operator control and programmable trust.

Implications for AI-Driven Bitcoin Ecosystem

Conduit represents a critical step toward embedding programmable payment workflows into autonomous AI systems, eliminating reliance on third-party intermediaries. By acting as a policy and accounting layer between Lightning Network Daemon (LND) nodes and AI agents, Conduit enables agents to execute Bitcoin transactions through virtual wallets with scoped API keys, rather than exposing signing keys. This architecture ensures that operators retain full control over funds, as agents interact with a custodial ledger managed by the operator. For example, agents can send and receive payments programmatically, but their balances are operator-controlled IOUs, with the underlying Bitcoin remaining in the operator’s channels under their private keys. This model removes trust dependencies on external services, aligning with Bitcoin’s ethos of self-sovereignty.

The integration of Lightning Network with AI infrastructure also highlights a growing trend of combining layer-2 scalability with AI-driven automation. Lightning’s low fees and near-instant settlement make it ideal for microtransactions, which are essential for AI agents performing tasks like data retrieval, model inference, or service provisioning. Conduit’s technical design—deployable via a 5-minute Docker setup against existing LND nodes—demonstrates how Lightning can be woven into AI workflows without compromising security. For instance, the platform’s audit-passed v0.8.4 version includes an agent-pays-over-Lightning demo, showcasing the feasibility of autonomous payment execution. Operators can further customize this integration by setting usage-based platform fees (e.g., 0.5% of transaction amounts), which are collected directly into their treasuries.

This convergence of Lightning and AI also opens new possibilities for decentralized AI economies. By enabling AI agents to autonomously manage payments, Conduit reduces friction in scenarios where human oversight is impractical. For example, an AI agent could negotiate and settle payments for cloud computing resources or data access without requiring a centralized authority. The operator’s ability to audit and control sub-balances ensures accountability, while the absence of a SaaS model preserves data sovereignty. As noted in Conduit’s documentation, the system’s design prioritizes operator autonomy, with no external communication unless explicitly configured. This approach not only strengthens security but also positions Lightning as a foundational component for scalable, trustless AI systems.

The implications extend beyond technical feasibility. By decentralizing payment infrastructure, Conduit could foster a new class of AI applications that operate independently of traditional financial systems. This aligns with broader efforts to integrate Bitcoin into AI ecosystems, as seen in projects like Claude Corps or Microsoft’s AI initiatives, though Conduit’s focus on self-hosted, operator-controlled workflows distinguishes it. As Lightning adoption grows, such tools may become critical for enabling AI agents to participate in Bitcoin’s value network without intermediaries.