RelayGuard

The trust layer for blockchain reads

One reliable, verified endpoint for production Web3 apps

Keep Alchemy, Infura, QuickNode, or your own nodes. RelayGuard health-checks them, routes around lagging providers, fails over reads — and verifies security-critical responses with cross-provider quorum, down to the individual contract function. Every verified read comes back with a receipt your app can check.

Start free betaRead the docs
24+ networks2-of-3 quorumFails closed on disagreementLive in minutes
your-app — one URL
POST https://gateway.0xrelayguard.com/rpc/:chain
Authorization: Bearer rg_live_…

// proxy, failover, or quorum —
// your policy decides, automatically
{
  "jsonrpc": "2.0",
  "method": "eth_getTransactionReceipt",
  "params": ["0x…"],
  "id": 1
}
ethereum · base · arbitrum · optimism · polygon · bsc · avalanche · linea · scroll · zksync · blast · mantle · mode · gnosis · + testnets
Works with the providers you already useAlchemyInfuraQuickNodeYour own nodes

The problem

RPC failover lives in your app code, and bad data is invisible

Providers are critical infrastructure, but the redundancy logic ends up scattered across app code, env vars, and incident runbooks. Teams find out a provider is degraded when users do — and a single provider returning manipulated data looks identical to a correct one.

Outages & rate limits

Single-provider setups fail hard when upstream throttles or goes dark — and you carry the failover logic yourself.

Silent bad data

A stale or manipulated response from one provider is indistinguishable from a correct one until it costs you.

No visibility

Hard to tell which provider served a bad response, or when failover happened, after the fact.

How it works

Three steps. No app-code changes beyond one URL.

STEP 1

Add your providers

Paste RPC URLs from providers you already pay for. URLs are encrypted at rest with AES-256-GCM and never returned from the API.

STEP 2

Get one endpoint

Issue an API key. Your app calls a stable gateway URL — workspace resolved from the key, not the path. One key works across every network you add — mainnets and testnets, so you can trial before routing mainnet traffic.

STEP 3

Route with confidence

Active health checks, weighted routing around lagging providers, automatic read failover, and structured events when anything changes state.

The differentiator

An RPC firewall, not just a load balancer

Most RPC tools optimize uptime and latency. RelayGuard optimizes correctness. For security-critical reads, it fans out to independent providers in parallel and only returns a result when they agree — failing closed, never silently degrading — and hands back a signed-off receipt your app or AI agent can verify.

  • Method policy — require quorum on eth_getTransactionReceipt, eth_getStorageAt, eth_getLogs, eth_getCode, or any method you choose
  • Reorg-safe reads — pin verified reads to the finalized (or safe) block so your app never acts on state that can revert
  • Reorg & fork alerts — get notified when a provider serves a forked chain or a block you relied on gets reorged
  • Provider trust scores — continuous honesty canaries grade each provider 0–100 on whether it tells the truth over time, and automatically route traffic away from providers that fail
  • Contract-level policy — import any verified contract ABI from Etherscan and set quorum or deny rules per function
  • Deny rules — block calls to a specific contract function at the gateway, before they ever reach a provider
  • Signed receipts + audit log — every quorum response carries an Ed25519-signed, tamper-evident receipt; batches are committed as signed Merkle roots you can export and prove inclusion against — a verifiable compliance trail, not just a claim
  • Divergence alerts the moment providers disagree — in your dashboard and to Slack, email, or a signed webhook
Alchemy0x4f…a1 agree
Infura0x4f…a1 agree
QuickNode0x4f…a1 agree
Quorum met · 3 of 3 agreed · result returned
X-RelayGuard-Verified: true
X-RelayGuard-Confidence: high
X-RelayGuard-Quorum: 3/3

Learn how Security Mode works →

Built for production

Reliability posture, not just features

The gateway and control plane run multi-machine with automatic failover, secrets are encrypted at rest, and integrity-critical reads fail closed by design.

High availability

Gateway and control plane run 2+ always-on machines; if one dies, traffic keeps flowing. A gateway can boot from its last good config even if the control plane is briefly unreachable.

Secrets encrypted at rest

Provider URLs are AES-256-GCM encrypted; API keys and passwords are hashed. We never log or return your provider credentials.

Fails closed

On security-critical reads, if independent providers can't agree, RelayGuard returns an error rather than a possibly-bad answer. No silent degradation.

See the architecture, security model, and data boundary.

Pricing

Free during beta. No credit card.

These are the tiers at launch. Right now every beta workspace gets everything for free — paid plans go live with billing. Annual billing saves two months.

Beta · Free

Starter

$0

  • Up to 5 networks · 3 providers per network
  • 1 environment (prod)
  • Health checks, routing & read failover
  • Security Mode — method-level quorum
  • 2 RPS · 7-day usage history
  • Community support (Discord)

Create account

Pro

Pro

$49/mo

or $490/yr

  • All supported networks · 10 providers per network
  • 3 environments (dev / staging / prod)
  • Contract policy — ABI import + per-function rules
  • 10 RPS · 90-day usage history
  • Email support

Available at launch

Team

Team

$249/mo

or $2,490/yr

  • Unlimited providers & environments
  • 50 RPS · unlimited usage history
  • Team members & RBAC (email invites)
  • Divergence / health alerts to Slack, email, or a signed webhook
  • Priority support

Available at launch

Need custom RPS, a self-hosted gateway, SSO, or a DPA? Talk to us about Enterprise.

Keep your providers. Use one reliable, secure endpoint.

Add providers, create a key, point your app at the gateway. Live in minutes.

Get started free