SENTINEL Docs

How It Works

Understand the Sentinel architecture and data flow.

Architecture Overview

Sentinel sits between your agent code and the x402 client. It intercepts payment events (before and after) to enforce budgets and log audit records. It does not modify the payment flow itself — x402 handles the actual payment; Sentinel adds visibility and control.

SDK Wrapper Flow

  1. Your agent calls secureFetch(url) (the Sentinel-wrapped fetch)
  2. Sentinel passes the request to the underlying x402 fetch
  3. When x402 returns a payment requirement (402), Sentinel evaluates it against the budget policy before payment
  4. If allowed: payment proceeds, then Sentinel logs the record to audit storage
  5. If blocked: Sentinel throws SentinelBudgetError and no payment occurs

Data Flow Diagram

Agent Code
    │
    ▼ secureFetch(url)
wrapWithSentinel
    │
    ├─► BudgetManager.evaluate()  ──► allowed? ──► x402 fetch ──► payment
    │         │
    │         └─► blocked? ──► SentinelBudgetError (no payment)
    │
    └─► after payment ──► AuditLogger.log() ──► StorageBackend
                                              │
                                              ├─► MemoryStorage
                                              ├─► FileStorage
                                              └─► ApiStorage (POST /api/v1/events)

The storage backend is pluggable. Use in-memory for development, file for local persistence, or API for centralized audit at api.valeo.money.