Docs / vs. single-vendor
Single-vendor controls vs. a cross-vendor control plane
Credit where due: the wallet vendors ship real controls. Coinbase has MPC account policies and spend permissions. Turnkey has a genuinely strict pre-sign policy engine with consensus approvals. Openfort has session keys and signer control. Card issuers have spend limits and auth streams. If your agents live on one backend, use those — they're good.
What no single vendor can sell you
| Vendor console | Countersign | |
|---|---|---|
| One policy across Coinbase + Turnkey + Openfort + a card | ✗ — one per vendor, different languages | ✓ one declarative policy, compiled per rail |
| One kill switch for the whole fleet | ✗ — N buttons on N dashboards | ✓ one freeze, all rails, 432–697 ms, each stop confirmed |
| One audit trail of every attempt on every rail | ✗ — per-vendor logs, vendor-trusted | ✓ append-only hash-chained ledger, Ed25519-signed, publicly verifiable |
| Pre-flight guard uniform across rails (incl. x402 / AP2 payments) | ✗ | ✓ one /evaluate call, fail-closed |
| Cross-rail anomaly view (the whole fleet's spend pattern) | ✗ — each vendor sees only its slice | ✓ velocity / blocked-burst breakers over the unified ledger |
| Neutrality | Each vendor governs its own ecosystem | Sits above all of them; vendors are rails, not judges |
Not a proxy — a compiler
The wrong way to build this layer is a proxy that agents should call. Countersign compiles your policy into the vendors' own native controls wherever the rail can express them — Coinbase MPC policy, Turnkey CEL, Openfort signer control, card spend limits — so the cap holds even for a spend that never touches Countersign. What a rail can't express natively is enforced fail-closed at the layer and labeled honestly in the per-rail enforceability matrix. You always know which guarantee you're holding.
When you don't need Countersign
One backend, a small fleet, no external audit requirement: the vendor console is simpler. Start there.
When you do
- Agents on two or more backends (most serious fleets get there fast — different chains, different custody models, a card for SaaS).
- An org-level kill switch requirement: "stop all agent spend, now" must be one action, not a runbook.
- Audit or compliance needs a tamper-evident record that doesn't depend on trusting any single vendor's logs.
- Agents paying over x402 or AP2, where the payment decision itself needs a policy gate regardless of rail count.
Try it in 60 seconds — no account, no human
Self-serve key, an isolated sandbox tenant with a three-backend demo fleet, testnet only.
Get a free key → Watch the freeze GitHub