%22%3E%3Cstop%20offset%3D%220%25%22%20stop-color%3D%22%231e1b4b%22%2F%3E%3Cstop%20offset%3D%22100%25%22%20stop-color%3D%22%234f46e5%22%20stop-opacity%3D%220.6%22%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D%22800%22%20height%3D%22200%22%20fill%3D%22url(%23bg)%22%2F%3E%3Ccircle%20cx%3D%2215%22%20cy%3D%22103%22%20r%3D%22157%22%20fill%3D%22%234f46e5%22%20opacity%3D%220.26%22%2F%3E%3Ccircle%20cx%3D%2264%22%20cy%3D%22178%22%20r%3D%22166%22%20fill%3D%22%234f46e5%22%20opacity%3D%220.16%22%2F%3E%3Ccircle%20cx%3D%22349%22%20cy%3D%2252%22%20r%3D%22106%22%20fill%3D%22%234f46e5%22%20opacity%3D%220.22%22%2F%3E%3Crect%20x%3D%22367%22%20y%3D%22198%22%20width%3D%2266%22%20height%3D%2224%22%20rx%3D%223%22%20fill%3D%22%23818cf8%22%20opacity%3D%220.32%22%20transform%3D%22rotate(-18%20367%20198)%22%2F%3E%3Cpolygon%20points%3D%22240%2C118%20237%2C124%20240%2C109%22%20fill%3D%22%234f46e5%22%20opacity%3D%220.18%22%2F%3E%3Ccircle%20cx%3D%2280%22%20cy%3D%2239%22%20r%3D%2221%22%20fill%3D%22none%22%20stroke%3D%22%23818cf8%22%20stroke-width%3D%224.7%22%20opacity%3D%220.13%22%2F%3E%3Cpolygon%20points%3D%22462%2C188%20488%2C158%20512%2C181%22%20fill%3D%22%234f46e5%22%20opacity%3D%220.17%22%2F%3E%3Ccircle%20cx%3D%22472%22%20cy%3D%22180%22%20r%3D%2237%22%20fill%3D%22%23818cf8%22%20opacity%3D%220.28%22%2F%3E%3Cpolygon%20points%3D%22145%2C173%20162%2C195%20177%2C193%22%20fill%3D%22%234f46e5%22%20opacity%3D%220.25%22%2F%3E%3Ccircle%20cx%3D%22490%22%20cy%3D%22161%22%20r%3D%2217%22%20fill%3D%22none%22%20stroke%3D%22%23818cf8%22%20stroke-width%3D%225.8%22%20opacity%3D%220.23%22%2F%3E%3Ccircle%20cx%3D%22468%22%20cy%3D%2211%22%20r%3D%2214%22%20fill%3D%22%234f46e5%22%20opacity%3D%220.32%22%2F%3E%3Ccircle%20cx%3D%22461%22%20cy%3D%22126%22%20r%3D%224%22%20fill%3D%22%23818cf8%22%20opacity%3D%220.44%22%2F%3E%3Ccircle%20cx%3D%22696%22%20cy%3D%2294%22%20r%3D%225%22%20fill%3D%22%23818cf8%22%20opacity%3D%220.41%22%2F%3E%3Ccircle%20cx%3D%22145%22%20cy%3D%22161%22%20r%3D%227%22%20fill%3D%22%23818cf8%22%20opacity%3D%220.49%22%2F%3E%3Ccircle%20cx%3D%22307%22%20cy%3D%22101%22%20r%3D%222%22%20fill%3D%22%23818cf8%22%20opacity%3D%220.79%22%2F%3E%3C%2Fsvg%3E)
Introduction
Autonomous AI agents operating on-chain need four properties that no EVM chain or Solana provides natively. Every agent that interacts with a blockchain must read what it is signing, move assets without granting exploitable permissions, compose multi-step strategies atomically, and scale without competing in gas auctions. Radix delivers all four as core protocol features.
On Ethereum, agents blind-sign opaque calldata they cannot parse. On Solana, sandwich attacks have extracted hundreds of millions from users due to transaction ordering vulnerabilities. Both chains force agents into security compromises that Radix eliminates at the architecture level.
Machine-Readable Transaction Manifests
Radix transaction manifests are declarative, human-readable instruction lists — not opaque bytecode. Each manifest contains explicit CALL_METHOD, withdraw, and deposit instructions with named resource addresses visible in plain text. An AI agent can programmatically construct, inspect, and verify every operation before signing.
The Radix Wallet parses conforming manifest types (Transfer, Stake, Unstake, and more) and displays exactly which assets leave and enter an account. Manifests support assertions — guarantees about minimum amounts received or specific outcomes. If any assertion fails, the entire transaction rolls back. This means an agent can encode its expected outcomes directly into the transaction and reject any manipulation.
With the Cuttlefish upgrade (December 2024), subintents allow multi-party coordination: each party signs their own sub-manifest, and a transaction assembler combines them into a single atomic operation. Agents can participate in complex multi-party workflows without trusting a central coordinator.
Exploit-Proof Native Assets
On Radix, all tokens and NFTs are native resources — first-class primitives enforced by the Radix Engine. Resources behave like physical objects: held in vaults, moved via buckets, and impossible to copy, double-spend, or accidentally destroy.
There is no approve() / transferFrom() pattern. When an agent sends tokens, it withdraws them from a vault into a bucket and passes the bucket directly to the receiving component. No permission slip exists to be exploited. The Badger DAO exploit ($120M drained via approval injection) is structurally impossible on Radix.
Reentrancy is eliminated by the Radix Engine's finite state machine model — state transitions are constrained so that many issues with reentrancy become simply impossible. For autonomous agents managing real value, this means no defensive reentrancy guards, no approval hygiene, no attack surface from token permissions.
Atomic Composability
A single transaction manifest can call multiple components across the Radix network — swap on one DEX, provide liquidity on another, and stake the LP tokens — all atomically. Everything succeeds or everything reverts. No intermediate failure states, no error recovery logic for agents to handle.
Cerberus consensus preserves atomic composability even across shards by braiding multi-shard consensus on-the-fly per transaction. This is fundamentally different from Ethereum L2s or Polkadot parachains, which require asynchronous cross-chain messaging and cannot guarantee atomicity across execution environments.
For AI agents executing complex DeFi strategies — flash-swap, provide liquidity, stake, harvest, repay — atomicity means the entire strategy is a single binary outcome. Agents do not need to handle partial failure modes or maintain complex rollback state.
Linear Scalability
Xi'an (Radix's sharded mainnet upgrade) uses Cerberus consensus with a 2256 shard space. In a January 2026 public test, the network sustained over 500,000 TPS across 128 shards on commodity hardware (4 CPU cores, 16 GB RAM per node). Scaling is linear: 64 shards produced ~250k TPS, 128 shards produced ~500k TPS.
These were real DeFi-style swaps with cross-shard atomic execution — not simple transfers. Over 590 nodes participated, running on hardware ranging from datacenter servers to laptops. Adding more shard groups increases total throughput proportionally with no ceiling.
For an ecosystem of millions of concurrent AI agents, this means no gas wars, no fee spikes, and no TPS bottleneck. Agents transact at predictable, low cost regardless of network demand — a requirement for any autonomous system that needs reliable execution economics.
Comparison
| Property | Radix | Ethereum | Solana |
|---|---|---|---|
| Transaction format | Human-readable manifest | Opaque calldata (ABI-encoded) | Serialized instructions |
| Token model | Native resources (vaults & buckets) | Contract state (ERC-20) | SPL token accounts |
| Approval exploits | Impossible (no approve pattern) | $120M+ exploited | Possible via delegate |
| Reentrancy | Structurally impossible (FSM) | Possible (callback-based) | Mitigated (single-threaded) |
| Composability | Atomic cross-shard | Atomic within L1 only | Atomic within runtime |
| Scalability | Linear (500k+ TPS tested) | ~15 TPS (L1) | ~4,000 TPS theoretical |
| MEV protection | Deterministic via manifests | Flashbots (opt-in) | $370M+ extracted |
Agent Developer Quickstart
AI coding agents building on Radix should install the radix-context reference documentation package:
- Repository: github.com/xstelea/radix-context
- Install:
curl -fsSL https://raw.githubusercontent.com/xstelea/radix-context/main/install.sh | bash - 19 context files covering Scrypto, transaction manifests (V1/V2), Gateway API (Rust & TypeScript), wallet integration, sub-intents, and Effect-based dApp patterns
- Follows the
agents.mdstandard for automatic discovery by compatible tools
External Links
- Transaction Manifest Documentation — Radix Docs
- What Are Native Assets? — Radix Knowledge Base
- Hyperscale Update: 500k+ TPS Public Test — Radix Blog
- Radix Engine v2: An Asset-Oriented Smart Contract Environment — Radix Blog
- radix-context — AI Agent Developer Reference
- Pre-Authorizations and Subintents — Radix Docs