Budget Controls vs Payment Code Preflight

Agents that can spend money need budget controls. They also need a payment-code

preflight before the code ships.

Budget Controls

Budget controls limit what a live system can spend:

• per-agent spend caps
• per-recipient limits
• approval thresholds
• retry and rate limits
• circuit breakers
• wallet or processor-side controls

These controls reduce live blast radius. They do not prove that every payment

path in the repo is guarded before merge.

Payment Code Preflight

Monarch Doctor runs before go-live:

npx @monarch-shield/x402 doctor --ci --strict

Doctor catches detectable payment execution that is not inside

checkBeforePayment or a guarded callback. It is meant to fail the build before

unsafe agent-payment code reaches production.

Use Both

Use budget controls for runtime spend limits. Use Monarch Doctor as the local

and CI gate for the code that can initiate payment.

Moltbank controls budgets. Monarch checks the payment code path before it ships.

Those jobs are complementary: one constrains live spend, the other blocks unsafe

payment code from merging without preflight.

Monarch does not claim to replace runtime policy, wallet controls, fraud

prevention, settlement checks, or provider compliance. It is the launch gate for

payment-code safety before money-moving code ships.

Related Pages

• ai-agent-payment-preflight.md
• wallet-send-safety-check.md
• hosted-proof.md