Building Composable, Agent-Ready Applications on Sui

Main Takeaways

• Applications are moving from isolated products toward persistent, composable systems where assets, identity, and permissions move across application boundaries.
• AI agents accelerate this shift by requiring infrastructure that supports atomic execution, constrained permissions, and verifiable outcomes.
• Sui has built these primitives from the ground up to support next-generation applications and agentic workflows, combining a unique object-centric model with native identity, first-class privacy primitives, shared liquidity, and composable execution.

Overview

We're living through the end of an era, and most people haven't noticed.

The apps that dominated the 2010s - your social feeds, your productivity tools, your games - they're all built on the same broken model. Static ownership. Trapped data. You don't own anything. You just rent access.

This worked fine when the internet was a giant library. But we're past that now.

The Problem Everyone Feels But Nobody Names

Your apps can integrate, but user-owned data stays locked inside each one. 

Your game inventory dies when you stop playing. Your credentials vanish if someone decides you violated terms of service you never read.

Every app makes you start from zero. New account. New silo.

For developers, it's worse. Even with managed services, developers end up rebuilding the same abstractions again and again. APIs that break when a partner changes their mind.

This isn't sustainable. It's not even good.

What's Actually Coming

Forget incremental updates. The next wave of apps will be fundamentally different:

AI agents that actually do things. Not chatbots. Not assistants. Autonomous agents that hold money, make decisions, and operate under your rules. Research from late 2025 shows that AI agents interacting with blockchains require specialized wallet architectures with programmable guardrails, spending limits, and verifiable policy enforcement. Major players, including Circle, Coinbase, Google, Visa, and Mastercard are actively developing agentic payment standards like x402 and AP2 for machine-to-machine micropayments, with stablecoins serving as the settlement layer. 

If current trends continue, agents will become major economic actors, managing trillions in value, providing and managing liquidity, participating in governance, and originating loans onchain.

Here's where Sui's object model makes a real difference: Unlike account-based blockchains, Sui treats every asset – tokens, credentials, game items, data – as programmable objects with ownership and embedded rules that compose naturally without adaptation. When an agent needs to own assets, it holds them as objects directly, rather than interacting with balances stored inside a contract. When an agent needs constrained permissions, those constraints are properties of the objects themselves. Programmable Transaction Blocks (PTBs) enable rich composability where a single transaction can call up to 1,024 separate Move functions, with typed objects serving as inputs to subsequent calls. This means agents can execute complex multi-step workflows atomically – authenticate user, reserve a flight, transfer payment, and issue a booking credential – in one transaction instead of fragile multi-step API orchestrations.

Identity that follows you. One identity across every app. Your credentials, your reputation, your permissions, all traveling with you. Apps request access, and you either grant or revoke it. That's it.

This shift is not speculative. Regulatory and institutional momentum is already moving identity in this direction. The European Digital Identity (EUDI) Wallet is being rolled out across the EU, providing government-recognized credentials and reinforcing requirements around data minimization and selective disclosure. In parallel, NIST is standardizing Zero-Knowledge Proofs as part of its Privacy-Enhancing Cryptography initiative, reflecting growing demand for verifiable claims without exposing underlying data.

The infrastructure for this already exists on Sui. zkLogin allows users to authenticate using familiar OAuth providers like Google or Apple while retaining cryptographic control, without seed phrases or custodial accounts. Authentication is backed by zero-knowledge (ZK) proofs and ephemeral keys, ensuring OAuth credentials never appear onchain.

More broadly, Sui treats identity as a first-class, programmable primitive. User addresses are derived from privacy-preserving inputs, enabling portable, unlinkable identity that applications can reason about directly. Support for passkeys extends this model with a globally adopted, phishing-resistant authentication mechanism. Together, these primitives make it possible to build agents and applications that act on behalf of users securely, without reintroducing centralized identity silos.

Persistent, Composable Systems

Assets don’t disappear when a user moves between apps or over time. Tokens, credentials, game items, and memberships exist as durable objects that persist independently of any single app. Instead of being recreated or reissued in each new context, they carry their history, ownership, and rules with them, allowing value to compound rather than reset.

Coordination no longer requires trusted intermediaries. Multi-party workflows that once depended on legal agreements or centralized operators can execute directly through programmable rules. Payments, royalties, and access control become logic enforced by the system rather than processes managed offchain.

Incentives are programmable as well. Revenue sharing, token-gated access, and dynamic royalties can be enforced directly by code, aligning participants without relying on platform discretion or manual reconciliation.

Together, these shift apps from isolated products to composable systems by nature. Assets persist, coordination is programmable, and incentives are enforced directly by code. Builders compose on top of durable primitives instead of rebuilding trust and state from scratch in every app.

The Patterns That Will Win in 2026

If you're building, here's what matters:

Agentic applications. AI agents need more than code—they need economic agency. Wallets. Permissions. Rules. The ability to act on your behalf with constraints you define.

The infrastructure for this is being built now. Openfort provides non-custodial wallets specifically for AI agents with programmable guardrails, spending limits, allowlists, and multi-party approvals—all with full audit trails. The ERC-8004 draft standard on Ethereum proposes NFT-based portable IDs for agents, verifiable reputation systems, and pluggable proofs for trustless agent-to-agent collaboration. Industry leaders are developing payment protocols: Visa's Trusted Agent Protocol provides cryptographic standards for recognizing approved AI agents; Google's AP2 standard brings major players like Mastercard and PayPal into agentic payments for both fiat and crypto; Circle and Coinbase's x402 revives HTTP 402 status codes to enable seamless micropayments for machine-to-machine transactions.

Sui's design anticipates this shift. Objects on Sui can be owned by agents just as naturally as by humans—an agent's wallet is an object with spending rules encoded directly. Using PTBs, an agent can check liquidity across multiple pools, execute optimal swaps, update its internal state, and log results—all atomically in a single transaction with no re-entrancy risks. Move's linear logic prevents classic smart contract vulnerabilities that plague agent operations: five of the OWASP top 10 vulnerabilities aren't possible in Move, and wallet drainer attacks that exploit contract-level permissions can't work because all assets are protected by cryptographic ownership. 

When agents need to prove their authority, zkLogin provides verifiable, privacy-preserving credentials. When agents need to act, Programmable Transaction Blocks allow complex, multi-step workflows to execute atomically. And when agents need to coordinate, Sui’s parallel execution processes independent operations atomically, avoiding congestion while preserving correctness.

User-controlled data. Privacy isn’t about hiding data; it’s about controlling how data is used. Whether the owner is an individual or an institution, modern systems increasingly require selective disclosure—proving specific attributes without exposing unnecessary details. A user can prove age or eligibility without revealing a birthdate; an organization can share compliance signals without exposing underlying records.

This shift is reinforced by regulatory pressure from GDPR and similar privacy regimes, which prioritize data minimization and consent by design.

On Sui, encryption is treated as a first-class primitive for enforcing these guarantees. Seal enables encrypted objects with programmable access policies that are defined and enforced natively onchain, rather than through external systems. Builders can use Seal today to control who can access data, under what conditions, and for what purpose—consistently across applications. This supports selective disclosure by default, including sharing verifiable attributes across platforms without exposing sensitive fields.

Looking ahead, advances in zero-knowledge proofs, including ZKML and techniques like Fully Homomorphic Encryption, point toward a future where computation and analytics can be performed without revealing underlying data or models. Together, these approaches lay the groundwork for privacy that is enforced at the data level itself.

When data is modeled as owned objects with explicit rules, privacy becomes a property of the system—not a third-party integration you hope doesn’t break.

Deep Composability. On many smart contract platforms, assets and application state are defined by individual contracts with their own storage layouts, permission models, and bespoke interfaces. Two assets can both be called “tokens” and still behave differently enough that applications need adapters, wrappers, or integration logic to use them safely. Composability exists, but it often relies on conventions and coordination rather than shared structure. Builders spend real effort making assets compatible before they can build meaningful connections between applications.

Sui takes a different approach by making assets first-class objects with a shared architecture at the system level. Ownership, access, and transfer rules follow consistent semantics instead of being re-implemented inside each contract’s private state. Because objects expose familiar structure and behavior, applications can compose with them directly. Builders can focus on designing deeper integrations and workflows rather than writing glue code to bridge incompatible representations.

This composability extends beyond data to code. The Move Registry provides a canonical, onchain source of truth for Move packages and their versions, allowing applications to depend on shared logic explicitly and reason about upgrades without informal coordination. Assets are designed to compose, and the code that defines their behavior is discoverable and reusable by default. Composability becomes a property of the platform itself, not an ongoing integration problem teams have to solve.

Why Most Infrastructure Can't Deliver

Most blockchain infrastructure wasn’t designed for applications that coordinate assets, identity, and permissions at scale. Over time, teams have worked around these limits with bridges, middleware, and layered abstractions, but those fixes introduce fragility, complexity, and risk. As applications grow, the cost shows up as integration overhead, security exposure, and degraded performance exactly when systems are under load.

Building the next generation of applications requires infrastructure that treats these concerns as first-class design considerations rather than problems to patch later.

The Sui Stack: Built for This Moment

A stack designed to work as one system. The Sui Stack is designed to give builders a coherent set of primitives for building complete applications, rather than assembling infrastructure piecemeal. Storage, execution, identity, privacy, and liquidity are designed to work together as part of a single system, with shared assumptions and consistent trust boundaries. Builders compose capabilities instead of stitching together services that were never meant to interoperate.

Storage and coordination are tightly coupled. Walrus provides decentralized storage for large and persistent data, while Sui handles ownership, access, and coordination onchain. Applications can store data offchain without relying on centralized providers, then reference, verify, and interact with that data through onchain objects. Walrus Sites extend this model by enabling content and application frontends to be served directly from decentralized storage, with access and updates coordinated through Sui.

Computation doesn’t have to live onchain. Not every operation is practical to run onchain, but many still require verifiable outcomes. Nautilus enables offchain execution with cryptographic guarantees, allowing applications to perform heavier computation while preserving correctness and trust. Results can be committed back to Sui and composed with onchain state, without forcing developers to choose between performance and verifiability.

Liquidity is shared infrastructure, not app-specific code. DeepBook provides a common liquidity layer that applications can build on instead of rebuilding order books, matching engines, or execution logic in isolation. This allows apps to share depth and price discovery while focusing on differentiated behavior and user experience.

Identity, access, and privacy are native primitives. Identity, access, and privacy are native primitives on Sui. zkLogin allows users—and increasingly agents—to authenticate using familiar web credentials while retaining cryptographic control, without seed phrases or custodial accounts. Support for passkeys extends this model with a widely adopted, phishing-resistant authentication mechanism. Privacy primitives like Seal make encrypted data and selective disclosure available by default, so applications don’t need to invent their own security models or bolt on external tooling.

Higher-level tools emerge naturally from the stack. The Messaging SDK shows how applications can surface messages and notifications to users based on onchain activity, without maintaining separate messaging infrastructure. Built on top of the Sui Stack, it uses onchain identity, permissions, and object state to determine what messages users should receive and when. Changes onchain can directly trigger user-visible communication, keeping application state and user experience in sync.

Agent-ready by design. AI agents can hold assets, access stored data, trigger offchain computation, interact with shared liquidity, and communicate through messaging—all under explicit permissions and using the same primitives as human users. Instead of designing special cases for automation, builders can treat agents as first-class participants from the start.

A foundation that lets apps focus on behavior. The result is a unified technical base where applications can focus on coordination and experience rather than infrastructure assembly. Builders start with primitives that already understand assets, identity, privacy, computation, liquidity, and communication—and can compose them into applications that are intelligent, persistent, and ready to evolve.

Every Platform Shift Has a Window

Mobile apps killed desktop software. Cloud infrastructure replaced on-premise data centers.

The shift to intelligent, persistent, asset-aware applications is that kind of moment.

Early movers will define the next decade. Incumbents will play catch-up or fade.

The full stack is ready. The window is open. What are you building?