# Zyfai's New Security Proxy System: Same Trust Model with Improved Execution 

> Learn How Zyfai is Making Session Keys Actually Usable for the Agentic Economy.

**Published by:** [Zyfai](https://blog.zyf.ai/)
**Published on:** 2025-12-24
**Categories:** yield, agent, neobanks, stablecoins, defi, defai
**URL:** https://blog.zyf.ai/zyfais-new-security-proxy-system-same-trust-model-with-improved-execution

## Content

In the Agentic Economy, trust is essential. But usability ultimately determines whether trust is exercised. Session Keys provide solid security guarantees. They allow users to delegate limited authority to autonomous Agents without exposing their master keys. On paper, this is enough to enable agentic DeFi. In practice, it hasn't been. At Zyfai, we discovered that the biggest obstacles were not cryptographic weakness, but operational friction and inaccurate control. Our goal was to evolve Session Keys with a primitive that preserves its security guarantees, while making them usable at scale, and containing the fine-grained execution controls that many implementations of Session Keys still lack. As part of this effort, Zyfai is integrating EigenCompute KMS (EigenCloud), moving Session Key signing into a Trusted Execution Environment (TEE) that is inaccessible to operators, developers, or external services. The migration will be rolled out gradually. Users will be prompted to migrate once a notification banner appears in the dashboard.The Real Problems With Session Keys 1. Operational Friction Breaks DelegationMost session-key systems require users to explicitly authorize every protocol, pool, and function upfront. As Agents become more capable, this turns into hundreds of permissions: high gas costs during activation, long and opaque signing flows, and users abandoning setup or never updating keys. While security remains intact, the system slowly becomes unusable.2. Re-Signing Session Keys Kills YieldWhenever a new protocol or pool is integrated, users are often required to return to the dashboard to renew permissions and sign a new Session Key. Most users don't. The result is idle capital and missed yield, even though the Agent logic itself is sound.3. "Where" Is Checked, "What" Often Isn'tMany session-key implementations stop at contract-level whitelisting:"This Agent may call the USDC contract."What they frequently do not enforce is how that contract can be used. Without calldata-level restrictions, an Agent that is allowed to interact with a token contract can often transfer funds to arbitrary addresses and approve unlimited spenders . This creates a structural gap that makes Session Keys insufficient for the high-stakes environment of Agentic DeFi, where millions are at play.Zyfai's Answer: The Security Proxy System Zyfai's new Security Proxy System preserves the same core security assumptions as modern Session Keys, namely scoped authority and self-custodial control. It relocates enforcement into a deterministic execution layer that for the first time eliminates repeated user approvals, enables specific, calldata-aware policies, while reducing gas costs.Examining The New Security Proxy SystemExecutor Module (on Safe)Installed once on the user's Safe Smart Account, this module acts as the secure entry point for Agent execution, using established and audited patterns.Stateless Security RouterWhen triggered by the Executor Module, the Router executes transactions as the user's account, while enforcing a strict policy:Target contract validationFunction selector validationCalldata-level filtering for asset movementBecause the Router is stateless, it introduces no storage risk and does not custody funds.Onchain RegistryThe Registry defines, in real time which contracts are allowed, which function selectors are valid, and which addresses assets may be transferred to. This allows extremely fine-grained constraints. For example:A USDC transfer may only send funds: Back to the user's Safe Smart Account, or to explicitly approved DeFi poolsTransfers to arbitrary EOAs are rejected at execution timeEven if the Agent logic is compromised, value flow remains constrainedThis level of calldata-aware filtering is not available in many session-key SDKs today, and is critical for agentic systems that must operate continuously and autonomously.Hardening the Signing Layer with EigenCompute KMSTo further strengthen the operational security of our agents, Zyfai is moving the session-key signing infrastructure to EigenCompute KMS. Session keys will be generated and used entirely inside a Trusted Execution Environment (TEE):Session private key signature is performed inside the enclaveThe signer is not accessible to operators, developers, or external servicesSigning is only possible through predefined, verified execution pathsThis significantly reduces the operational attack surface by eliminating key exposure at the infrastructure level.Audited by SherlockWhile Zyfai is a modular product, with each individual module audited and publicly available in our audit documentation, it's just as important to ensure that all modules work together securely. That's why, with the introduction of the new Security Proxy System, Zyfai made the decision to audit the entire product end to end as an additional step toward security and transparency. As a result, the Security Proxy System, along with the rest of the Zyfai stack, has been audited by Sherlock, with no outstanding security issues identified. The full audit report is available here: audit report.TL;DR: The New Security Proxy System Ultimately, Zyfai's Security Proxy System offers a significantly improved user experience with enhanced execution guarantees. While Zyfai doesn't claim a fundamentally stronger cryptographic primitive than Session Keys, it improves the fragile and outdated delegation process by implementing calldata-level enforcement and eliminating user friction. This means users only sign once; protocols can be added without interruption; transfers are constrained at the byte level; and, security doesn't depend on users constantly re-approving the future. Essentially, enabling Agents to operate safely, especially when users are offline. Action required: users will be prompted to migrate when a notification banner appears in the dashboard.About ZyfaiZyfai gives you self-custodial access to autonomous low-risk DeFi. Our customizable rule-based Agents transform your idle capital into productive assets, rebalancing between curated opportunities. The result is sustainable and risk-adjusted yield, where your capital is always working and under your control. Explore ZyFAI | Follow on X | Read blog | Explore Docs

## Publication Information

- [Zyfai](https://blog.zyf.ai/): Publication homepage
- [All Posts](https://blog.zyf.ai/): More posts from this publication
- [RSS Feed](https://api.paragraph.com/blogs/rss/@zyfai): Subscribe to updates