Going to mainnet

Mainnet means real stablecoin moving on every call. The work is mostly about tightening policy and making sure you can observe what your agents spend. Walk this list before you flip the switch.

Pre-flight checklist#

• You've run the full payment loop end-to-end on devnet.
• Every agent has an explicit dailyLimit, perCall, and allow list.
• You've confirmed out-of-policy payments revert as expected.
• Webhook signatures are verified before any event is trusted.
• Owner keys are stored in a secrets manager, never in source.

Keys & environments#

Swap the network and key for production. Keep test and live keys in separate environments so a test key can never touch mainnet rails.

import { Railo } from "@railo/sdk";

// Production: live cluster + live key (kept in a secrets manager).
const railo = new Railo({
  network: "solana",        // live cluster
  apiKey: "rl_live_xxxxxxxx",
});

Harden your policies#

Start conservative. Set the lowest dailyLimit and perCall that still let the agent do its job, and keep allow as short as possible. You can always raise limits with the owner key - but a tight policy means a misbehaving agent fails safe.

Monitoring & receipts#

Treat receipts as your source of truth. Subscribe to payment.settled and payment.rejected events, store receipt ids, and reconcile spend against each agent's policy. Because every receipt links to the policy that authorized it, audits are a lookup - not an investigation.

Launch#

Roll out one agent at a time. Watch its first live settlements, confirm the receipts match what you expect, then widen the allowlist and raise limits deliberately as you gain confidence. Railo is early - build in the open, and keep policies tight while the rail matures.