# Key Concepts A glossary of the terms and primitives used throughout TherosAI. *** ## Organisation The top-level account in TherosAI. An organisation maps to a company or team. It holds the USDC reserve, owns spending policies, and contains all agent vaults. All API keys are scoped to an organisation. ## Agent An autonomous software process that can take actions — including spending money — on behalf of an operator. In TherosAI, an agent is represented by a **vault**. The agent is identified by an `agent_id` string you define. TherosAI is agnostic to which framework your agent is built on. ## Vault (Agent Wallet) The on-chain treasury account for a single agent. Each vault is a **Program Derived Address (PDA)** on Solana — a deterministic, program-controlled account with no private key. Vaults hold USDC, are isolated per agent, and are governed by an attached spending policy. → See [Agent Vaults](/core-concepts/agent-wallets.md) ## Spending Policy A set of programmable rules bound to a vault at creation. Policies define what an agent can spend, how fast, and with whom. Enforcement happens at the on-chain program level — not in application code — making it structurally impossible for an agent or a compromised component to bypass the rules. → See [Spending Policies](/core-concepts/spending-policies.md) ## PDA (Program Derived Address) A Solana account address derived deterministically from a set of seeds and a program ID. PDAs have no private key — they can only be signed for by the program that owns them (the TherosAI on-chain program). This is how TherosAI achieves genuinely non-custodial vaults: there are no keys for TherosAI, for you, or for any third party to hold or expose. ## USDC The base currency for all TherosAI vaults. USDC is a regulated, USD-backed stablecoin issued by Circle on Solana as an SPL token. It is stable in value, settles in under a second on Solana, and costs fractions of a cent to transact. ## Transaction A USDC transfer from a vault to a recipient. Every transaction is validated against the vault's spending policy before being submitted to Solana. Once confirmed on-chain, it is immutable. Transactions are indexed by Helius and surfaced in the dashboard and webhook system within seconds. ## Escrow The mechanism used in agent-to-agent (A2A) payments. When one agent commissions another, funds are locked in a PDA-backed escrow vault. They are released only when the receiving agent submits a verifiable completion proof. If the task is not completed or a dispute is raised, funds return to the sender. → See [Agent-to-Agent Payments](/core-concepts/a2a-payments.md) ## On-Chain Ledger Every TherosAI transaction is inscribed on Solana Mainnet. The ledger is public, immutable, and independently verifiable — operators do not need to trust TherosAI's reporting to audit their agent fleet. → See [On-Chain Ledger](/core-concepts/on-chain-ledger.md) ## Operator The human or team that deploys and manages agents. Operators interact with TherosAI via the dashboard and API. They own the organisation, fund vaults, define policies, and receive webhook events. Agents act autonomously within the rules operators define. ## Session Authority Token The off-chain credential issued when an operator provisions a vault. It authorises a specific agent to submit transactions from that vault during a configurable TTL window (default: 1 hour). Session tokens are scoped to a single vault — compromise of one token cannot affect any other vault in the fleet. ## MPC Co-Sign An optional security layer for high-value transactions. When a vault policy includes a `requireCoSign` threshold, transactions at or above that amount require a 2-of-2 signature: one from the agent's session authority, one from the operator. Neither party alone can move the funds. → See [Security Model](/core-concepts/security-model.md) ## Helius TherosAI's Solana indexing provider. Helius delivers sub-100ms webhooks, real-time balance subscriptions, and transaction history queries. It powers the dashboard's live feed and all `transaction.*` webhook events. ## x402 An emerging micropayment protocol standard for AI agents — a machine-readable HTTP 402 response that tells an agent precisely how to pay for access to a resource. TherosAI vaults are x402-compatible: agents can pay per-request to x402-enabled APIs directly from their vault balance, subject to their spending policy. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.therosai.com/getting-started/key-concepts.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.