Kimi K2.5 just shipped Agent Swarm — one prompt spawns up to 100 parallel sub-agents making 1,500+ tool calls. Manus (now Meta, $2B) runs agents async while you sleep. So: how do you budget-cap 100 parallel agents sharing one API key?
Rate limits won't help — they're per-key, not per-agent. Spending alerts won't help — by the time the email arrives, the swarm is done. Revoking the key kills all 100 agents, not just the one that's hallucinating against a paid API.
We built satgate-proxy to solve this with macaroon delegation trees. Macaroons are bearer tokens with cryptographically enforced caveats. The key property: any token can be attenuated (made more restrictive) without contacting the server. So an orchestrator with a 1,000-credit token can locally mint 100 child tokens capped at 10 credits each. Each sub-agent gets its own token. When agent #37 burns through its budget, it gets blocked — the proxy returns either HTTP 402 (server mode) or a JSON-RPC error (local mode) — and stops. The other 99 keep running.
No dashboard to watch. No human in the loop. The budget is enforced on every request.
Zero dependencies. Wraps any MCP tool server with hard budget caps locally. Every tool call deducts from the budget. When it hits zero, the proxy returns a clean JSON-RPC error and the agent stops. No account needed for local mode.
The npm package is the lightweight proxy. The full server (macaroon minting, delegation trees, L402/Fiat402 protocol support) is the Go codebase: https://github.com/SatGate-io/satgate
Both MIT licensed. We're building the economic constraint layer for agent systems. Happy to answer questions about the macaroon model, the protocol design, or how this fits into MCP.
satgate•1h ago
Rate limits won't help — they're per-key, not per-agent. Spending alerts won't help — by the time the email arrives, the swarm is done. Revoking the key kills all 100 agents, not just the one that's hallucinating against a paid API.
We built satgate-proxy to solve this with macaroon delegation trees. Macaroons are bearer tokens with cryptographically enforced caveats. The key property: any token can be attenuated (made more restrictive) without contacting the server. So an orchestrator with a 1,000-credit token can locally mint 100 child tokens capped at 10 credits each. Each sub-agent gets its own token. When agent #37 burns through its budget, it gets blocked — the proxy returns either HTTP 402 (server mode) or a JSON-RPC error (local mode) — and stops. The other 99 keep running.
No dashboard to watch. No human in the loop. The budget is enforced on every request.
Try it:
npx satgate-proxy --local --budget 5.00 --config satgate.yaml
Zero dependencies. Wraps any MCP tool server with hard budget caps locally. Every tool call deducts from the budget. When it hits zero, the proxy returns a clean JSON-RPC error and the agent stops. No account needed for local mode.
The npm package is the lightweight proxy. The full server (macaroon minting, delegation trees, L402/Fiat402 protocol support) is the Go codebase: https://github.com/SatGate-io/satgate
Both MIT licensed. We're building the economic constraint layer for agent systems. Happy to answer questions about the macaroon model, the protocol design, or how this fits into MCP.