Architecture

Overview

y0.exchange is a non-custodial AI-to-Blockchain infrastructure platform. The core architecture ensures that y0 never holds, stores, or accesses user private keys.

┌─────────────┐     ┌──────────────┐     ┌───────────────────┐     ┌──────────────────┐
│  AI Agent    │────>│  MCP Server  │────>│  Signing Service   │────>│  User's Device   │
│  (Claude,    │     │  (y0-mcp)    │     │  (tx builder +     │     │  (mobile/web/tg) │
│   GPT, etc.) │     │              │     │   approval queue)  │     │                  │
└─────────────┘     └──────────────┘     └───────────────────┘     └──────────────────┘
                           │                       │                        │
                     Builds unsigned          Stores unsigned         User reviews tx
                     tx request               tx in queue             and SIGNS with
                                                                     their own wallet
                                                                            │
                                                                            ▼
                                                                     Signed tx sent
                                                                     to blockchain

Signing Flow (Step by Step)

AI agent calls a write tool (e.g. swap, send) via MCP protocol
MCP server validates parameters, fetches quote/route, builds an unsigned transaction
Signing Service receives the unsigned tx, assigns a txId, stores it in approval queue with status pending
Notification Router sends a signing request to the user’s device (push notification / WebSocket / Telegram)
User’s device displays transaction details in human-readable form:
- What: “Swap 1.5 ETH → 3,200 USDC on Uniswap”
- Estimated gas: “$2.40”
- Expiration: 5 minutes
User reviews and signs the transaction using their own wallet
Signed transaction is broadcast to the blockchain from the user’s device
MCP server receives the tx hash and returns result to the AI agent

What y0 Servers Know vs Don’t Know

y0 servers KNOW	y0 servers NEVER know
Wallet public address	Private keys
Unsigned transaction data	Seed phrases
Transaction status (pending/done)	Wallet passwords
Token balances (public on-chain data)	Signing credentials
Gas estimates	Privy MPC key shards

Three-Tier Approval Model

Tier	When	User Action
Auto-execute	Within ERC-4337 session key limits	None — session key signs automatically
Quick approve	Above session key limit, known tokens	Biometric confirm (Face ID / fingerprint)
Full review	Large amounts, unknown contracts	Manual review + explicit sign

Open Core Licensing

Component	License	Rationale
MCP Server	MIT	Core AI integration, must be auditable
JS/TS SDK	MIT	Client library
Python SDK	MIT	LangChain/AutoGPT ecosystem
Signing UI	MIT	Users must verify what they sign
Signing Service	Proprietary	Core product value
Notification Router	Proprietary	Managed infrastructure
AI Assistant	Proprietary	Premium B2B feature

Components

MCP Server (`@y0exchange/mcp`)

npm package that exposes y0 as tools for AI agents via the Model Context Protocol. Supports stdio and HTTP transports.

6 read-only tools
4 write tools
All 10 tools available on Free tier
MIT-licensed

Signing Service

REST API + WebSocket server that builds unsigned transactions and manages the approval queue.

Fastify + PostgreSQL + Drizzle ORM
Transaction builders: swap (0x/1inch), send, bridge (LI.FI), approve
WebSocket notifications for real-time approval
5-minute configurable timeout

Signing UI

React components for transaction review and signing. Embedded in the web app, mobile app, and Telegram Mini App.

Transaction detail display
Approve / Reject buttons
Wallet provider integration (Privy, Reown, MetaMask)
MIT-licensed

Quick Start Overview