Run a co-signer principal on another machine you own. Every agent action needs both.
Require more thanone approval.
Decide how many people must approve before anything moves — two co-founders, a finance team quorum, or you plus a second machine. Canonical enforces it locally, and can co-sign your team's Safe on top.
A single approval is a single point of failure.
A compromised laptop, a rushed decision, or a convincing scam is all it takes to drain a single-signer wallet. A second required approval stops each of those. With agents in the loop it becomes essential: the principal that proposes a transaction should never be the one that approves it.
Policy decides the quorum. The daemon enforces it.
Your policy sets the approval requirement per action type: how many approvals, whether a human is mandatory, even which specific people must be among them. Approvals are collected on the proposal itself, survive restarts, and are bound to the exact reviewed transaction — change one byte and every approval is void.
Any two of five founders, or two engineers plus the CFO — defined as policy and enforced by the daemon.
Canonical acts as one signer of your team's Safe — with its plain-English review and audit trail in front of every signature.
See it in action.
The first-transaction guide walks the full loop with real commands — including what a pending quorum looks like and how the second approver signs off from their own session.