iNFT-7857
dashboard feedback openagents inft (legacy) inft-7857 boardroom
disconnected

Contract setup

Contract overview

All read-only state. Refresh after wallet connect to populate. Roles for the connected address are highlighted.

My roles on this contract

Roles control what you can do. Without MINTER_ROLE you can't mint; without DEFAULT_ADMIN_ROLE you can't grant roles or change the oracle. Ask the contract admin to grant roles.

Mint a new iNFT-7857

Anchor an encrypted intelligence payload (already uploaded to 0G Storage / IPFS) on chain. The merkle root + sealed-key hash + dimensions are stored permanently; the payload itself stays in storage.

becomes the iNFT owner; cannot be the zero address
0G Storage merkle root, or IPFS-CID-as-bytes32. One-shot per root, ever.
gateway hint, e.g. 0g://galileo/<root> or ipfs://<cid>
THOT dimension — one of the 11 allowed
cannot be zero; only the HASH lives on-chain — the ciphertext is delivered off-chain

Inspect any iNFT-7857 by tokenId

Read everything the contract knows about a given token: payload, owner, agent_id binding, AgenticPlace listing, BANKON vault binding, royalty receiver, EIP-712 oracle nonce.

in wei; default = 1 ether

Check usage authorization

Transfer with sealed key (ERC-7857)

Standard transferFrom reverts on this contract — that's the whole point of ERC-7857. Transfers happen via re-encryption: the oracle (TEE / ZK verifier) signs a domain-separated EIP-712 message authorizing the new sealed key for the new owner.

For this demo console you can paste an oracle private key below to sign in-browser. Never paste a mainnet oracle key. Production deploys keep the oracle PK in a TEE and supply only the signature.

Clone an agent (ERC-7857)

Creates a child token sharing the parent's contentRoot but with its own sealed key. Pays the configured clone fee (in ETH/native gas token). Useful for licensing the persona of an existing agent to a new owner.

current cloneFee shown in Overview

Authorize usage

Grant a third-party executor permission to run the iNFT off-chain (e.g. an inference relay). Permissions are a free-form bitmap interpreted off-chain. Each (token, executor) pair is independent — multiple executors can be authorized in parallel.

e.g. 1 = read, 2 = run, 4 = mint-derivative

Revoke usage

Immediately invalidate a previously-granted authorization.

Burn iNFT-7857

Permanently destroy the token. Clears the on-chain payload + AgenticPlace + BANKON bindings. The contentRoot remains marked as used, so the same root can never be re-minted (prevents silent re-mint of leaked content).

This action is irreversible. The intelligence payload in 0G Storage is NOT deleted by this — only the on-chain anchor. If your private key was compromised, burn here AND rotate the off-chain payload.

Bind a mindX agent_id owner only

One-shot: associate this iNFT with a mindX agent identifier (e.g. ceo-mastermind). Stored as both raw string and keccak256 hash so off-chain indexers can query either way. Cannot be changed once set.

List on AgenticPlace marketplace

Records the marketplace + price binding. The actual offerSkill() call happens on the marketplace contract; this stores the relation so off-chain readers (and the mindX dashboard) can correlate.

Bind to BANKON vault

Register that the sealed AES key for this iNFT is escrowed in a BANKON vault, encrypted under the owner's BANKON identity. vaultRef is opaque — the vault uses it to look up the key on owner authorization.

Pause / Unpause PAUSER_ROLE

Emergency stop — blocks mints, transfers, clones, authorizations, AgenticPlace + BANKON bindings. Use if a vulnerability is discovered or compliance demands it. Burns and reads remain operational.

Grant / revoke role DEFAULT_ADMIN_ROLE

Set oracle DEFAULT_ADMIN_ROLE

Replaces the ECDSA signer for sealed-key handoffs. Old oracle's ORACLE_ROLE is revoked atomically; new oracle is granted.

Treasury + clone fee TREASURER_ROLE

Royalty DEFAULT_ADMIN_ROLE

Sweep stuck ETH TREASURER_ROLE

Live event log

connect wallet + load contract to subscribe