

OpenZeppelin's Stellar smart accounts give Soroban real programmable authorization — but creating a custom policy today means writing and auditing a full Soroban contract that implements the Policy trait, so the delegation infrastructure goes mostly unused. We will build the RFP's record-and-generate toolkit: a developer or agent points at a transaction they have already performed, and the tool auto-generates a tightly scoped, minimum-permission policy that permits exactly that operation and denies everything else. It emits human-readable Rust, proves the policy with an auto-generated permit/deny dry-run report, and never deploys automatically — code-first, deploy-second. We bias hard toward OpenZeppelin's already-audited primitives (spending_limit, simple_threshold, weighted_threshold) and emit minimal custom Policy code only where they can't express the constraint, which keeps the newly-auditable surface small. The toolkit ships as a deterministic Rust synthesizer + dry-run harness, an MCP server exposing record/synthesize/simulate/verify, and a Claude skill that turns "let this agent do X, nothing more" into a reviewable policy. The objective: make safe, narrowly-scoped delegation something anyone can do in minutes, not a contract-authoring project.
