Execution
How agents interact with the Gearbox protocol on-chain — and why it's safe.
The Security Model
A core principle of Gearbox Agentic: the SDK builds transactions, but never signs them. Transaction construction (what to do) is separated from transaction execution (actually doing it). This creates a clear security boundary.
Every transaction goes through preview before execution:
- Build —
sdk.positions.prepareOpen()→ produces aRawTx { to, calldata, value } - Preview —
sdk.previewTransaction(rawTx)→ simulates the exact bytes, returns success, health factor, actions, balance changes, warnings - Validate — agent (or human) checks: success = true, HF > threshold, no critical warnings
- Execute — sign and send via wallet
The same bytes that were previewed are the bytes that go on-chain. No deviation.
Two Execution Modes
| Mode | Trust Level | Best For |
|---|---|---|
| Human-in-the-Loop | Agent proposes, human approves | High-value positions, institutional compliance, initial trust building |
| Bot Execution | Agent executes autonomously within bounds | Rebalancing, liquidation monitoring, automated management |
Both modes use the same preview mechanism. The difference is who signs.
Learn More
- Human-in-the-Loop — verify.gearbox.finance approval flow
- Bot Execution — bounded on-chain permissions
- The Agent Loop — how Preview and Execute fit in the 6-step cycle