🏦 Entrust

The All-in-One Operating System for On-Chain Companies

🎯 The Problem We're Solving

Managing a crypto company's treasury today is a nightmare:

For Remote Teams:

• ❌ Using personal wallets for business expenses = accounting hell
• ❌ Reimbursements require 3+ manager signatures for every $50 expense
• ❌ Tracking subscriptions across 10 different SaaS tools is impossible
• ❌ No budget visibility until the month ends

For DAOs & Agencies:

• ❌ Manual multisig approvals block operations (3-24 hour delays)
• ❌ Payroll takes hours of manual work each month
• ❌ No way to automate recurring vendor payments safely
• ❌ Fragmented tools: Safe for treasury, spreadsheets for accounting, Discord for approvals

The Core Issue: A "Human Bottleneck" where every transaction requires manual approval, killing operational efficiency.

---

💡 Our Solution

Entrust is a treasury automation platform that combines Safe Smart Accounts with AI-powered agents to eliminate the human bottleneck while maintaining full security and control.

Pitch Deck Link: https://drive.google.com/drive/folders/1pvlpjytDXb0HPG7Ljkg3yx8bK6YR1_HJ?usp=sharing

What Makes Us Different:

Traditional Safe	Entrust
Every $50 expense needs 3 human signatures	AI agents auto-approve within limits
Manual tracking of expenses/reimbursements	Automated budget tracking per category
No visibility into spending until month-end	Real-time Envio-indexed cashflow insights
Risky full-privilege delegates	"Rich Treasury, Poor Agent" security model
Fragmented tooling	All-in-one OS: Budgets, Payroll, Subscriptions

Our "Why": We built Entrust because we've lived this pain. Running a remote dev agency means juggling dozens of subscriptions across AWS, Notion, Figma, Linear—each requiring manual payments. Reimbursements pile up because approving them takes more time than the expense itself. We're passionate about freeing teams from manual finance ops so they can focus on building products.

---

🏗️ Architecture

The "Rich Treasury, Poor Agent" Security Model

┌─────────────────────────────────────────────────────────────┐
│                     SAFE SMART ACCOUNT                      │
│                   (Your Organization)                       │
│                    Holds ALL Funds (ETH, USDC)              │
│                    Requires Owner Signatures                │
└─────────────────────────────────────────────────────────────┘
                              │
                              │ setDelegate(sessionKey, true)
                              ▼
┌─────────────────────────────────────────────────────────────┐
│                      SESSION KEYS                           │
│              (AI Agent Delegation Layer)                    │
│                                                             │
│  ┌──────────────┐  ┌──────────────┐  ┌──────────────┐       │
│  │Invoice Agent │  │Subscription  │  │ Payroll      │       │
│  │              │  │Agent         │  │Agent         │       │
│  │ Limit: $500  │  │ Limit: $1000 │  │ Limit: $5000 │       │
│  └──────────────┘  └──────────────┘  └──────────────┘       │
│                                                             │
│  • Can call: payExpenseERC20(), payEmployeeERC20()          │
│  • Cannot call: withdraw(), destroy()                       │
│  • Smart contract enforces spending caps                    │
└─────────────────────────────────────────────────────────────┘

Security Guarantees:

• Funds Never Leave the Safe Smart Account unless owner signs
• Session Keys are rate-limited by agent configuration
• Spending Caps enforced at both agent level and smart contract level
• Whitelist Requirements: Vendors must be registered, employees must be onboarded
• Full Audit Trail: Envio indexes every transaction for accounting

---

🛠️ Technical Implementation

Tech Stack

Frontend:

• Next.js 16 (App Router, Server Actions)
• TypeScript for type safety
• Tailwind CSS + shadcn/ui for modern UI
• Wagmi + Viem for Web3 wallet connections
• NextAuth.js for Google OAuth (seamless onboarding)
• Framer Motion for smooth animations

Backend:

• Next.js Server Actions for type-safe API calls
• Drizzle ORM with PostgreSQL (NeonDB)
• Vercel Blob Storage for receipt/invoice uploads

Blockchain:

• Network: Lisk Sepolia Testnet
• Smart Account: Safe Core SDK with session key delegation
• Tokens: ETH, USDC, mUSDC (multi-token treasury)
• Smart Contract: Solidity (Foundry) - ExpenseLedger.sol
  • EntrustFactory: 0xaf23bf3798D70959ac2B68a6108A0Dcf7CAb5Aee
  • Sepolia Blockscout Link: https://sepolia-blockscout.lisk.com/address/0xaf23bf3798D70959ac2B68a6108A0Dcf7CAb5Aee?tab=index

Indexing & Analytics:

• Envio HyperIndex for real-time blockchain event indexing
• Google Gemini 2.5 Flash (via Vercel AI SDK) for:
  • Invoice OCR (extracts data from PDF receipts)
  • Cashflow analysis (spending patterns, runway prediction)
  • AI-powered CFO insights

Core Smart Contract Functions

// ExpenseLedger.sol

// Owner functions (require multisig approval)
function depositETH() payable external
function depositERC20(address token, uint256 amount) external
function withdrawETH(uint256 amount) external onlyOwner
function withdrawERC20(address token, uint256 amount) external onlyOwner
function registerVendor(address vendor, string name, string category) external onlyOwner
function registerEmployee(address employee, string name) external onlyOwner
function setDelegate(address delegate, bool authorized) external onlyOwner

// Delegated functions (AI agents with session keys)
function payExpenseERC20(address token, address vendor, uint256 amount, string note)
    external onlyOwnerOrDelegate nonReentrant

function payEmployeeERC20(address token, address employee, uint256 amount, string note)
    external onlyOwnerOrDelegate nonReentrant

Envio Integration

Indexed Entities:

• Expense: Vendor and employee payments with token, amount, timestamp
• TreasuryTransaction: Deposits and withdrawals for cashflow tracking

Transaction Types:

• DEPOSIT - Adding funds to treasury
• WITHDRAW - Removing funds from treasury
• PAYMENT - Paying vendors/employees
• DEPOSIT_ERC20_DIRECT - Direct token transfers

Use Case: Real-time accounting without relying on database state—blockchain is the source of truth.

---

✨ Features

1. Multi-Token Treasury

• Manage ETH, USDC, and mUSDC in one Safe Smart Account
• Real-time balance tracking
• Deposit/withdraw with full transparency

2. Budget Management

• Create budgets by category (Marketing, Operations, Software, etc.)
• Set spending limits per token
• Track spent vs. remaining with visual health indicators
• Role-based: Managers edit, Employees view-only

3. Reimbursements (Expense Submissions)

• Employees submit expenses with receipt uploads (Vercel Blob)
• Document Preview: View images, PDFs directly in-app
• Manager approval workflow
• AI agent processes approved payments automatically
• Budget category integration

4. Recurring Payments (Subscriptions)

• Automate SaaS subscriptions (AWS, Notion, Figma, etc.)
• Configure interval, amount, start/end dates
• Vendor Registration: Whitelist vendors before payments
• AI agent executes payments on schedule
• Budget tracking per subscription

5. Payroll Automation

• Register employees on-chain
• Set salary amounts per token
• AI agent processes salary payments
• Support for up to 10 employees (Autopilot plan)

6. AI Agents (Autonomous Spending)

• Invoice Agent: Process reimbursements under limit
• Subscription Agent: Handle recurring payments
• Payroll Agent: Execute salary payments
• Session key delegation with spending caps
• "Rich Treasury, Poor Agent" security model

7. Team Management

• Invite team members via email
• Role-based access (Manager vs. Employee)
• Employee registration for payroll
• Wallet connection tracking

8. Activity Feed

• Real-time transaction history from Envio
• Separate inflows (deposits) and outflows (payments)
• Per-token filtering (ETH, USDC, mUSDC)
• Transaction details with block explorer links

9. AI-Powered Insights

• Cashflow Analysis: Envio data analyzed for spending patterns
• Budget Health: Real-time monitoring with alerts
• Runway Prediction: Forecast financial sustainability
• Interactive Chat: Ask AI questions about your finances

10. Role-Based Access Control

• Managers: Full access (approve, configure, manage)
• Employees: Submit reimbursements, view budgets (read-only)
• Automatic role detection from session

---

📊 Revenue Model

Pricing Strategy: SaaS + Credits

We've designed a tiered subscription model that scales with team size:

Plan	Price	Target	Features
Builders	Free	Bootstrapped teams	Smart treasury, 3 team members, manual approvals
Autopilot	$49/mo	Remote dev shops	AI agents, unlimited team, automated recurring payments, payroll (10 employees)
Treasury OS	$199/mo	Funded startups	Unlimited AI agents, advanced analytics, tax export, priority support

Revenue Drivers:

1. Monthly Subscriptions: Predictable recurring revenue
2. Usage-Based Credits: 1 Credit System for AI operations (optional upsell)
3. Enterprise Plans: Custom pricing for large organizations (unlimited agents + dedicated support)

Lisk Grant Program: During the Lisk Builder's Challenge, all Autopilot features are free for deployed contracts—driving adoption while collecting user feedback.

---

🚀 Commitment to Lisk Mainnet

We are committed to launching Entrust on Lisk Mainnet.

Why Lisk?

• Low gas fees essential for agentic finance (frequent transactions)
• Part of Optimism Superchain = ecosystem interoperability
• Developer-friendly with EVM compatibility
• Growing ecosystem of on-chain businesses

Mainnet Roadmap (Post-Hackathon):

1. Smart contract audit (Certik or OpenZeppelin)
2. Deploy ExpenseLedger on Lisk Mainnet
3. Bridge USDC integration for stablecoin support
4. Launch subscription tier for early adopters
5. Onboard 10 pilot companies (remote dev agencies, DAOs)

---

🎨 UI/UX Highlights

Design Principles:

• Clarity over complexity: Financial data presented simply
• Role-aware dashboards: Managers see controls, employees see submissions
• Real-time feedback: Transaction status updates via Envio webhooks
• Mobile-responsive: Approve expenses on-the-go

Key UX Flows:

1. Employee Reimbursement (30 seconds):

   • Upload receipt → Enter amount → Select category → Submit
   • ✅ Document preview shows uploaded file instantly

2. Manager Approval (1 click):

   • View receipt → Verify amount → Click "Approve" → AI agent pays

3. Subscription Setup (2 minutes):

   • Enter vendor wallet → Set amount/interval → Add budget category → Save
   • ✅ Agent handles payments automatically

---

🔬 Innovation & Uniqueness

What Makes Entrust Unique?

1. "Rich Treasury, Poor Agent" Security Model

• Unlike delegating full wallet control, our agents have strictly limited permissions
• Smart contract enforces spending caps regardless of what AI "thinks"
• Even if session key is compromised, max loss = agent's spending limit

2. Multi-Agent Architecture

• Different agents for different purposes (Invoice, Subscription, Payroll)
• Each with own session key, spending limits, and permissions
• Prevents "single point of failure"

3. Envio-Powered Accounting

• Blockchain is source of truth (not database)
• Real-time cashflow without manual reconciliation
• Immutable audit trail for tax/compliance

4. Role-Based Access Built-In

• Not an afterthought—designed from ground up for teams
• Employees can submit/view, managers control
• Mirrors real company structures

---

📁 Project Structure

entrust-monorepo/
├── contracts/              # Solidity smart contracts (Foundry)
│   ├── src/
│   │   ├── ExpenseLedger.sol    # Main treasury contract
│   │   └── MockUSDC.sol         # ERC20 token for testing
│   └── script/
│       └── DeployFactory.s.sol  # Deployment script
│
├── indexer/                # Envio HyperIndex
│   ├── schema.graphql           # GraphQL schema
│   ├── src/
│   │   └── EventHandlers.ts     # Event processing logic
│   └── config.yaml              # Envio configuration
│
└── web/                    # Next.js frontend
    ├── app/
    │   ├── actions/             # Server actions
    │   │   ├── budgets.ts       # Budget CRUD
    │   │   ├── expenses.ts      # Expense submissions
    │   │   ├── subscriptions.ts # Recurring payments
    │   │   ├── payroll.ts       # Payroll processing
    │   │   └── ai.ts            # AI-powered insights
    │   ├── dashboard/           # Manager dashboard
    │   ├── budgets/             # Budget management
    │   ├── reimbursements/      # Expense submissions
    │   ├── subscriptions/       # Recurring payments
    │   ├── payroll/             # Payroll management
    │   ├── team/                # Team management
    │   └── chat/                # Activity feed + AI insights
    ├── components/
    │   ├── dashboard/           # Dashboard components
    │   ├── ui/                  # shadcn/ui components
    │   ├── ai-assistant-panel.tsx
    │   ├── cfo-insights-card.tsx
    │   └── cashflow-ai-insights.tsx
    ├── lib/
    │   ├── envio.ts             # Envio GraphQL client
    │   ├── tokens.ts            # Token configurations
    │   ├── smart-account.ts     # Safe integration
    │   └── session-key.ts       # Session key management
    └── db/
        └── schema.ts            # Drizzle ORM schema

---

🏆 Hackathon Submission

🦊 Lisk Builder's Challenge

Built for: Lisk Sepolia Testnet Innovation: AI Agents + Safe Smart Account Delegation Problem Solved: Human bottleneck in on-chain treasury management

Demo Highlights:

1. Deploy a Safe Smart Account (treasury)
2. Fund it with mUSDC (test token)
3. Configure an Invoice Agent with $500 limit
4. Submit an expense as an employee
5. Approve it as a manager—AI agent pays automatically
6. View real-time cashflow from Envio indexing

Code Links:

• 🔗 Smart Contract
• 🔗 Envio Schema
• 🔗 AI Agent Actions
• 🔗 Session Key Delegation

---

🚀 Getting Started

Prerequisites

• Node.js 20+
• pnpm
• Rabby Wallet or other web3 wallet (Currently MetaMask wallet can't interact due to gas fee)

Installation

# Clone the repo
git clone https://github.com/Kimchiigu/entrust-monorepo.git
cd entrust-monorepo

# Install dependencies (web)
cd web
pnpm install

# Install dependencies (indexer)
cd ../indexer
pnpm install

Environment Setup

Create .env.local in the web/ directory:

# Database
DATABASE_URL=postgresql://...

# NextAuth
NEXTAUTH_SECRET=your-secret-here
NEXTAUTH_URL=http://localhost:3000

# Google OAuth (for authentication)
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret

# Google Generative AI (for AI insights)
GOOGLE_GENERATIVE_AI_API_KEY=your-api-key

# Vercel Blob (for file uploads)
BLOB_READ_WRITE_TOKEN=your-token-here

# WalletConnect (Reown App)
NEXT_PUBLIC_WALLET_CONNECT_ID=your-project-id

# Lisk Sepolia
NEXT_PUBLIC_CHAIN_ID=4202
NEXT_PUBLIC_RPC_URL=https://rpc.sepolia-testnet.lisk.com

Deploy Smart Contract

cd contracts

# Install dependencies
forge install

# Compile
forge build

# Deploy to Lisk Sepolia
forge script script/DeployFactory.s.sol:DeployFactory \
  --rpc-url https://rpc.sepolia-testnet.lisk.com \
  --broadcast \
  -vvv

Run Envio Indexer

cd indexer

# Generate types from schema
pnpm envio codegen

# Start development server
pnpm envio dev

Run Web Application

cd web

# Run development server
pnpm dev

Visit http://localhost:3000 and sign in with Google.

---

📈 Future Roadmap

Post-Hackathon (Q1 2025)

• Smart contract security audit
• Deploy on Lisk Mainnet
• Launch subscription tier for early adopters
• Add USDC bridge integration

Q2 2025

• Advanced policy engine (department-specific limits)
• Tax export generation (CSV/PDF for accountants)
• Paymaster integration (gasless transactions)
• Mobile app (iOS/Android)

Q3 2025

• Multi-org support (enterprise)
• Advanced analytics (predictive spending)
• Plugin system (custom agent actions)
• API for third-party integrations

---

📄 License

MIT License - see LICENSE for details.

---

🙏 Acknowledgments

• Lisk for the low-cost, high-speed blockchain
• Safe for industry-leading smart account infrastructure
• Envio for powerful indexing capabilities
• Vercel for the amazing AI SDK and hosting platform
• Google Gemini for the AI model powering our insights

---

Built with ❤️ for the Lisk Builder's Challenge 2026

We're not just building a hackathon project—we're building the future of on-chain company operations.