01
The real comparison.
A weekend prototype can upload files. A production trust layer has to prove who authorized the operation, what bytes moved, where they landed, what changed, and how someone else can verify it later.
§ FLAGSHIP · HOSTED SERVICE
Your storage specialist.
Zero protocol overhead.
A managed, per-developer storage agent that handles the full Nukez protocol on your behalf. You send natural language. It handles everything else — envelope construction, upload, attestation, Switchboard oracle push — and returns the receipt.
162
tokens / op
1
endpoint
0
keys held
4
framework adapters
Looking for the technical reference? /docs/nukezagent →
§ 02 — THE COST YOU'RE ACTUALLY PAYING
Storage is solved.
Get back to work.
02
The proof surface.
Request signing proves who is asking. Envelope signing proves who authorized the operation. Content-hash binding proves the bytes did not change. Those are product guarantees, not implementation chores.
03
The decision.
Build and maintain that proof surface yourself, or delegate it to a hosted storage specialist. Your agents describe the task in natural language; NukezAgent returns receipts your team can verify.
§ 03 — ARCHITECTURE
Three components. Three concerns. One boundary.
architecture · internal
┌──────────────┐ ┌──────────────┐ ┌──────────────┐
│ 01 · ROUTER │ │ 02 · EXECUTOR│ │ 03 · SUPERV. │
│ │ │ │ │ │
│ Intent router│ │ Deterministic│ │ Background │
│ │ │ executor │ │ supervisor │
│ │ │ │ │ │
│ Classifies │ │ Deterministic│ │ Background. │
│ intent. │ │ execution. │ │ Conversation │
│ ~1s. │ │ Not an LLM. │ │ history. │
│ Stateless. │ │ Pulls bytes, │ │ Surfaces │
│ │ │ hashes, POSTs│ │ anomalies. │
│ │ │ to gateway. │ │ Never on the │
│ │ │ Scope exits │ │ hot path. │
│ │ │ — bytes gone.│ │ │
└──────┬───────┘ └──────┬───────┘ └──────┬───────┘
│ │ │
└──────────────────┼──────────────────┘
│
┌──────▼──────┐
│ your data │
│ your key │
│ never ours │
└─────────────┘The supervisor never touches the hot path. The executor is not an LLM. These separations are what make the service deterministic, cheap, and safe.
§ 04 — DATA MODEL
Four stores. Never conflated.
data model · developer instance
StorePurposeYours?
Developer lockerYour files, your keys, your propertyYes — this is yours
Infrastructure Redis + SQLIdentity, signing state, routing, index cacheNo — operational infrastructure
Blob stashEncrypted holding pond for in-transit bytes. Self-destructs.Transient — purged after operation
Agent working memoryConversation history, reasoning context, session stateInternal — not your locker
These four stores are architecturally separated. They cannot be conflated or cross-contaminated. The separation is what the security model rests on.
§ 05 — BENCHMARK · CONTEXT
162 tokens per op.
5.6× lower than MCP.
162
tokens / op
NukezAgent baseline
NukezAgent baseline
vs.
904
tokens / op
MCP baseline
MCP baseline
context efficiency · measured tok/op baseline
PathTok/opEvidenceStatus
NukezAgent16213 callslive trace located
PyNukez SDK5109 callsJSON trace located
MCP90425 simulatedbench harness present
Gateway HTTP1,38021 callsJSON trace located
Scope · HTTP / SDK / MCP / NukezAgent · token-per-operation baseline · measured + sourced · read methodology →
§ 06 — WHAT $500/MO REPLACES
What you stop paying for.
build vs. buy · monthly delta
ComponentDIY costNukez
Cloud storage (S3/GCS)$20–50/mo + config timeIncluded
Agent inference (Sonnet + Opus)$30–100+/mo at moderate usageIncluded
Prompt engineeringWeeks of iteration, ongoing driftIncluded
Signing protocol$10K+ in eng time to buildIncluded
On-chain attestationSolana program + oracle integrationIncluded
Merkle proof verificationCustom implementationIncluded
Multi-chain supportTwo separate signing implementationsIncluded
DevOps maintenanceCredential rotation, monitoring, scalingIncluded
Monthlybuild it yourself: variable$500 flat
DIY ranges shown are illustrative per-component estimates, not a total. The argument isn't that $500 is cheap — it's that the engineering time you'd spend on any one of these rows costs more than the flat rate replaces all of them.
§ 07 — ZERO FOOTPRINT
Your other agents carry nothing.
from the developer
A specialist contractor. You call them, they handle it, you get the receipt.
from the other agents
They know it exists. They delegate to it. They get results. No tool schemas leak into their context. No envelope signing. No locker semantics. No protocol.
from Nukez
A lead agent of its own domain. It may spawn internal sub-agents for parallel uploads, verification pipelines, locker management. You never see this hierarchy.
This is why the 162 tokens/op number is possible. Zero-footprint is not a marketing claim; it's the architecture.
§ 08 — VERIFIED CONTEXT
Not just memory. Verified memory.
“In a multi-agent system where agents make decisions based on what other agents told them, verified context is a fundamentally different trust model.”
Mem0, Zep, LangMem — these give your agents a brain. NukezAgent gives your agents a notary. When Agent B receives a message from Agent A through the NukezAgent-managed locker, it comes with cryptographic proof of what was stored, when, and by whom. The agent doesn't just remember — it can prove what it remembered. That's the difference.
§ 09 — SECURITY MODEL
NukezAgent never holds your keys.
signing boundary · your key stays home
you nukezagent
│ │
│ task → /v1/delegate │
├─────────────────────────────▶│
│ │ constructs envelope
│ │ needs signature
│ signing_needed │
│◀─────────────────────────────┤
│ │
│ sign locally │
│ (your key, your machine) │
│ │
│ signature │
├─────────────────────────────▶│
│ │ posts signed envelope
│ │ to gateway
│ receipt │
│◀─────────────────────────────┤
│ │The agent constructs what needs to be signed. You sign it. You send the signature back. The agent attaches it and completes the operation. Ed25519 and secp256k1 are equal first-class signing algorithms — use whichever your runtime supports. Your private key never leaves your machine — not to us, not through us, not near us.
§ 10 — INTEGRATE
One endpoint. Any language. Any framework.
bare http · any language
curl -X POST https://agent.nukez.xyz/v1/delegate \
-H "Content-Type: application/json" \
-H "X-Nukez-Identity: ${PUBKEY}" \
-H "X-Nukez-Nonce: ${NONCE_HEX}" \
-H "X-Nukez-Timestamp: ${TIMESTAMP}" \
-H "X-Nukez-Signature: ${REQUEST_SIGNATURE}" \
-d '{"task": "Store report.pdf and tag it Q1"}'Any language with HTTP + Ed25519 or secp256k1 signing. That is every language.
orchestrator · any framework
agents:
storage:
role: Persistent storage specialist
endpoint: https://agent.nukez.xyz/v1/delegate
signing_authority: signer
signer:
role: Signing authority
# holds key materialMAZ, CrewAI, AutoGen, LangGraph, or any orchestrator. The sub-agent is a peer, reachable at an HTTP endpoint.
mcp-native · claude + codex
// claude desktop / claude code // lightweight local shim translates // MCP tool calls → /v1/delegate // and handles signing locally
Claude Desktop, Claude Code, or any MCP-native client. Use the shim, or the Nukez MCP server as proxy.
The full integration reference lives at /docs/nukezagent →
§ 11 — ONBOARDING
One quote. One signed confirm.
You're live.
step 1 · discover x402 quote
GET /v1/service/request
→ 402 Payment Required
{
"price_usd": 500,
"accepts": [{ "extra": { "name": "SOL" },
"amount": "...",
"payTo": "..." }]
}step 2 · pay + signed confirm
// pay externally with your wallet, then: POST /v1/service/confirm X402-TX: PAYMENT_TX_SIGNATURE X-Nukez-Identity: YOUR_PUBKEY X-Nukez-Nonce: 32_BYTE_RANDOM_HEX X-Nukez-Timestamp: UNIX_SECONDS X-Nukez-Signature: REQUEST_SIGNATURE → 200 OK · subscription active
step 3 · first request
POST /v1/delegate
X-Nukez-Identity: YOUR_PUBKEY
X-Nukez-Nonce: 32_BYTE_RANDOM_HEX
X-Nukez-Timestamp: UNIX_SECONDS
X-Nukez-Signature: REQUEST_SIGNATURE
{
"task": "Store report.pdf",
"files": [{ "name": "report.pdf",
"data_b64": "…" }]
}
→ 200 OK
+ receipt · merkle_root · attested§ 12 — PRICING
$500 per month. Hosted ops included.
pricing · flat rate
$500
/ month · hosted service + one bundled locker
x402 rails: SOL · USDC · MON
x402 rails: SOL · USDC · MON
- Dedicated hosted agent instance
- Hosted router + deterministic executor + background supervisor
- Inference entirely included — no API key required
- Full Nukez storage protocol handled
- Initial provisioning + signed expansion workflow
- One bundled developer-owned storage locker
- Unlimited operations and attestations per locker terms
- Per-file merkle proofs
- On-chain anchoring through the gateway attestation flow
- Adapters · LangChain · CrewAI · AutoGen · A2A
- Persistent conversation history across sessions
One GCS locker is bundled with the subscription. Additional capacity is quoted through /v1/service/expand at gateway pass-through rates. See the full pricing breakdown →
Storage is solved. Get back to work.
Ready to delegate? Register your identity, run your signing bridge, and send your first task in under five minutes.