📦 Canopy

Canopy

Canopy is a treasury wallet + per-代理 policy gate. An org funds a treasury once, attaches a policy to each 代理 (spend cap, allow列出, 应用roval threshold), and gives the 代理 the canopy_ MCP 工具s below. Canopy enforces the policy on every payment.

设置up

After 安装ing this 技能, register the Canopy MCP server with OpenClaw. Replace the placeholders with your own values from the Canopy 仪表盘 (Connect 代理 → 凭证s):

OpenClaw mcp 设置 canopy '{ "url": "https://mcp.trycanopy.AI/mcp", "transport": "流able-http", "headers": { "Authorization": "Bearer YOUR_CANOPY_API_KEY", "X-Canopy-代理-Id": "YOUR_CANOPY_代理_ID" } }'

Or edit OpenClaw.json directly:

{ "mcpServers": { "canopy": { "url": "https://mcp.trycanopy.AI/mcp", "transport": "流able-http", "headers": { "Authorization": "Bearer YOUR_CANOPY_API_KEY", "X-Canopy-代理-Id": "YOUR_CANOPY_代理_ID" } } } }

Re启动 OpenClaw. The canopy_ 工具s become avAIlable immediately.

验证 with canopy_ping — it returns the resolved 代理 + org and a latency number.

Triggers

Use Canopy when the user mentions:

"pay", "transfer", "发送 $X to <添加ress>" "应用rove" / "deny" a pending payment "bud获取", "spend cap", "remAIning bud获取" "pAId API", "x402", "402 paywall" "find a pAId 服务 for …", "discover 服务s" "代理 wallet", "treasury" AvAIlable 工具s 工具 Purpose canopy_pay 发送 a USD payment to an 添加ress. Subject to policy. Returns one of three outcomes (see below). canopy_preview Dry-运行 policy evaluation without 签名ing or charging. Same shape as canopy_pay plus dry运行: true. canopy_检查_url Probe an x402 / MPP URL and return the 解析d offer plus a policy verdict. 缓存d 60s per (org, url). canopy_discover_服务s 列出 pAId 服务s the 代理 can call. 过滤器 by category and 查询. canopy_获取_应用roval_状态 Poll the current 状态 of a pending 应用roval. canopy_wAIt_for_应用roval Block until an 应用roval is decided, max 60s. Use polling for longer wAIts. canopy_应用rove Mark a pending 应用roval as 应用roved. Use only when the user has explicitly sAId yes in chat. canopy_deny Mark a pending 应用roval as denied. Use only when the user has explicitly sAId no in chat. canopy_获取_bud获取 Cap snapshot for the current rolling period (capUsd, spentUsd, remAIningUsd, periodRe设置sAt). canopy_ping 验证 the API key + 代理. Returns 代理 and org detAIls plus latency. Outcome 模型 — canopy_pay, canopy_preview, canopy_检查_url

These 工具s never throw on policy. They always return a structured value with one of three 状态 values:

allowed

Payment went through (or would go through, for _preview / _检查_url). Surface tx哈希 (Base block-资源管理器 哈希) and costUsd to the user.

pending_应用roval

Payment exceeded the 代理's 应用roval threshold. Fields you should use:

应用rovalId — pass to canopy_应用rove / canopy_deny / canopy_wAIt_for_应用roval / canopy_获取_应用roval_状态. recipientName, recipient添加ress, amountUsd, 代理Name, expiresAt — render these to the user when asking. chat应用rovalEnabled — if false, calling canopy_应用rove / canopy_deny will fAIl. Tell the user to 应用rove in the 仪表盘, optionally canopy_wAIt_for_应用roval to block.

If chat应用rovalEnabled === true: ask the user "应用rove $X to RecipientName?" then call canopy_应用rove(应用roval_id) or canopy_deny(应用roval_id) based on their reply.

denied

Policy blocked it (cap exceeded, recipient/服务 not on allow列出, etc.). Surface the reason to the user. Do NOT retry with smaller amounts to evade the cap.

HTTP and network 失败s still throw normally — wrap calls in try/except as you would any 工具 call.

Safety rules Always show the user recipientName + amountUsd before calling canopy_应用rove. 应用rovals exist precisely so a human sees the transaction detAIls before money moves. Echoing them back confirms intent. Default to canopy_preview when the amount is dynamic or untrusted. Same shape as canopy_pay, no funds move. Use the verdict to decide whether to proceed. Never auto-应用rove. canopy_应用rove and canopy_deny are for handling explicit user replies in chat, not for the LLM to bypass the human-in-the-loop. Don't chunk a denied payment into smaller payments. If a denied outcome cites the spend cap, surface the cap to the user; suggest they rAIse it in the 仪表盘 rather than working around it. Don't reference tx哈希 until 状态 === "allowed". It's null in other outcomes. Don't tight-loop canopy_获取_应用roval_状态. Use canopy_wAIt_for_应用roval (60s max) or accept that the 仪表盘 owns the decision. Quick examples

User: "Pay 50 cents to 0x4838B106FCe9647Bdf1E7877BF73cE8B0BAD5f97" → canopy_pay({ to: "0x4838B106FCe9647Bdf1E7877BF73cE8B0BAD5f97", amountUsd: 0.50 }). Surface tx哈希 if allowed.

User: "How much do I have left to spend today?" → canopy_获取_bud获取(). Render remAIningUsd and periodRe设置sAt.

User: "Find pAId orderbook data feeds" → canopy_discover_服务s({ category: "data", 查询: "orderb