AGENTIC WALLET — INFRASTRUCTURE

built for agents that act
at machine speed.

Every feature is designed around one constraint: agents are non-human, autonomous, and can misbehave. Agentic Wallet enforces spending rules before the transaction — not after.

read docs →launch app →

SECURITY

TEE-Backed Key Storage

Private keys never touch your server. Keys are generated and stored inside a Trusted Execution Environment — hardware-isolated memory that even the OS cannot read.

No custodian holds your keys. No operator can export them.

→Keys generated via ethers.Wallet.createRandom() inside TEE
→Signing happens inside the enclave — key never leaves
→TEE attestation published onchain — verifiable by anyone
→Compatible with Intel SGX and ARM TrustZone in production

aw -- terminal

aw> attest

✔ TEE environment verified

✔ Enclave: Intel SGX (EPID)

✔ Key sealed — no export possible

✔ Attestation hash: 0x7c4f...2b18

✔ Published → solscan.io/tx/7c4f...

POLICY ENGINE

5-Check Approval Gate

Every transaction — regardless of which agent sends it — passes through the same policy gate. All five checks must pass.

Any single failure blocks the transaction, logs it, and notifies the operator. Agents cannot circumvent this.

→Daily spend limit — cumulative USD across all tx, resets 00:00 UTC
→Per-transaction cap — single tx ceiling, prevents large accidental transfers
→API whitelist — destination must be pre-approved, no exceptions
→KYA minimum score — agent behavior score must meet threshold
→Rate limit — tx/hour ceiling, stops runaway loops

TX SUBMITTED

1. daily spend limitBLOCKED + LOGGED

2. per-tx capBLOCKED + LOGGED

3. API whitelistBLOCKED + LOGGED

4. KYA minimum scoreBLOCKED + LOGGED

5. rate limitBLOCKED + LOGGED

SIGNED & BROADCAST

ACCESS CONTROL

Session Keys with TTL

Agents never hold the master private key. Agentic Wallet issues session keys — short-lived credentials scoped to the active policy.

When the TTL expires or you run aw freeze, the agent's signing authority is revoked instantly. No server round-trip. No revocation delay.

→Session keys are time-limited — default TTL: 24h, configurable
→Scoped by policy: session can't exceed policy limits
→Instant revocation via aw freeze
→Separate session per agent — compromising one doesn't affect others

Issue

→

Delegate to Agent

→

Agent Signs (policy-gated)

→

TTL Expires

→

Revoke via freeze

PAYMENTS

x402 — HTTP-Native Payments

x402 is the standard for machine-to-machine payments over HTTP. Agents make API requests, receive HTTP 402 Payment Required, trigger the Policy Engine, sign a micropayment via TEE, and retry.

No wallet UX. No human in the loop. Just standard HTTP.

→Standard HTTP 402 status — works with any HTTP client
→Policy Engine runs automatically on every 402 response
→TEE signs micropayment — agent gets a receipt
→Full tx log available via aw txlog

aw -- terminal

→ POST /v1/inference

Host: api.anthropic.com

← 402 Payment Required

X-Payment: {"amount":"0.05","currency":"USDC"}

[POLICY] ✔ all 5 checks passed

[TEE] signing tx...

→ POST /v1/inference

X-Payment-Receipt: {"tx":"0x8f2e...","paid":true}

← 200 OK

BEHAVIORAL SCORING

KYA — Know Your Agent

KYA is Agentic Wallet's behavioral risk scoring system. Each agent maintains a continuous score from 0.0 to 1.0. Normal, predictable agents score high.

Unusual API targets, high velocity, and failed checks drag the score down. When a score drops below your configured minimum, that agent is blocked until reviewed.

→Score range: 0.0 (suspicious) to 1.0 (trusted)
→Drift signals: unusual destinations, velocity spikes, whitelist violations
→Configurable threshold — set kyaMin in policy
→View all agents and scores via aw agents

AGENTMODELKYA SCORESTATUS

arx-7claude-3.50.71⚠ BELOW

nova-3gpt-4o0.94✔ OK

drift-1gemini-pro0.58✘ BLOCKED

sigma-2claude-30.88✔ OK

Everything else you need

No compromises on the details.

ISOLATION

Sub-accounts

Each agent gets an isolated wallet. One agent's budget can't affect another's.

LIMITS

Spend limits

Daily cap and per-tx cap configured once, enforced on every transaction.

SECURITY

API whitelist

Allowlist of approved destination endpoints. Unknown targets are rejected, no exceptions.

SCHEDULING

Time windows

Configure spending hours (e.g. 09:00–17:00 UTC) and allowed days. Enforced onchain.

AUTOMATION

Auto top-up

Set a minimum balance. When an agent's wallet dips below it, automatic refill from main pool.

GOVERNANCE

Multi-sig approvals

Large transactions require 2-of-3 or 3-of-5 signatures from your team.

CONTROL

Instant freeze

One command halts all agent activity immediately. aw freeze.

PROOF

TEE Attestation

Publish cryptographic proof that your keys are TEE-managed. Verifiable onchain.

AUDIT

Full tx log

Every transaction, every rejection, every KYA event — logged and queryable.

ARCHITECTURE

Rules that can't be bypassed.

Most spending controls live on a server. That means they can be misconfigured, go offline, or be deliberately bypassed.

Agentic Wallet puts rules onchain — enforced by Solana programs. An agent can't route around the policy. An operator can't override it silently.

	Agentic Wallet	Server-side controls
Rules enforced by	✔Solana smart contract	✘Your server
Works if server is down	✔Yes	✘No
Operator can override silently	✔No	✘Yes
Verifiable onchain	✔Yes	✘No
Bypass by malicious agent	✔Impossible	✘Possible
TEE-backed signing	✔Yes	✘No
KYA behavioral scoring	✔Yes	✘No

GET STARTED

Give your agents a wallet
they can't abuse.

read the docs →launch app →

Private keys stay local. No account required to try.

built for agents that actat machine speed.