AgentWallet

Agent integration docs

Give your AI agent a policy-enforced Solana wallet.

AgentWallet creates hosted devnet wallets for autonomous agents, keeps signing keys encrypted, and exposes SDK/API access that can only spend through owner-defined on-chain policy.

01

Owner setup

  1. Connect Phantom on devnet and sign in.
  2. Set the owner recovery password before creating hosted wallets.
  3. Create a hosted agent wallet and copy the one-time API key.
  4. Fund the hosted wallet with devnet SOL and allowed test tokens.
  5. Choose allowed recipients, token mints, caps, and approval rules.
  6. Initialize or update the policy account on Solana devnet.
02

Agent runtime

The agent receives an AgentWallet API key, not the private key. It can request payments through the SDK, REST API, Telegram, or future agent frameworks. AgentWallet signs only after the policy program allows the payment or the owner approves it.

Handoff checklist

What to give your AI agent

After selecting a hosted agent in the dashboard, copy the generated handoff card. The minimum secret your agent needs is the API key.

1. Environment secret
AGENTWALLET_API_KEY=<copy-from-dashboard>
2. Base URL
AGENTWALLET_BASE_URL=https://agentwallet-web.vercel.app

Once the agent has those values, policy changes do not require a new SDK snippet. Update policy in AgentWallet; the next agent payment uses the latest on-chain policy account.

SDK quickstart

Use from a Node or TypeScript agent

import { AgentWallet } from "@agentwallet/sdk";

const wallet = new AgentWallet({
  baseUrl: process.env.AGENTWALLET_BASE_URL ?? "https://agentwallet-web.vercel.app",
  apiKey: process.env.AGENTWALLET_API_KEY!
});

const me = await wallet.getAgent();
console.log("Agent wallet:", me.agent.publicKey);
console.log("Ready:", me.status.readyForPayments);

const capabilities = await wallet.getCapabilities();
console.log("Allowed recipients:", capabilities.allowed.recipients);
console.log("Remaining budget:", capabilities.spend.remainingBudgetUnits);

const payment = await wallet.pay({
  recipient: "6tNgWp8rq4UJ77q2cZ8WPeBn5eUDhcSuC5nSEXd1W8yA",
  amount: "1"
});

console.log("Explorer:", payment.explorerUrl);
Setup status

Let agents check readiness before spending

curl "https://agentwallet-web.vercel.app/api/agent-wallet/setup-status" \
  -H "Authorization: Bearer $AGENTWALLET_API_KEY"

// Example response:
{
  "setup": {
    "ready": false,
    "missing": ["policy_pda"],
    "ownerActionRequired": true,
    "nextAction": "Ask the owner to initialize or update the on-chain policy for this hosted agent.",
    "availableActions": ["get_wallet_status", "get_audit_log"]
  }
}
Capabilities

Let agents discover their exact boundaries

curl "https://agentwallet-web.vercel.app/api/agent-wallet/capabilities" \
  -H "Authorization: Bearer $AGENTWALLET_API_KEY"

// Example response:
{
  "ok": true,
  "policy": {
    "status": "active",
    "pda": "<policy-pda>"
  },
  "allowed": {
    "recipients": ["6tNgWp8rq4UJ77q2cZ8WPeBn5eUDhcSuC5nSEXd1W8yA"],
    "tokenMints": ["<allowed-token-mint>"]
  },
  "spend": {
    "maxPerPaymentUnits": "3000000",
    "remainingBudgetUnits": "6000000",
    "approvalThresholdUnits": "2000000"
  },
  "supportedActions": ["simulate_payment", "request_payment", "get_audit_log"]
}

Use capabilities before planning actions. It tells the agent what it controls, what it can pay, which tokens are allowed, and whether spending is currently paused.

REST API

Use from any agent framework

curl "https://agentwallet-web.vercel.app/api/agent-wallet/me" \
  -H "Authorization: Bearer $AGENTWALLET_API_KEY"

curl "https://agentwallet-web.vercel.app/api/agent-wallet/capabilities" \
  -H "Authorization: Bearer $AGENTWALLET_API_KEY"

curl -X POST "https://agentwallet-web.vercel.app/api/agent-wallet/simulate-payment" \
  -H "Authorization: Bearer $AGENTWALLET_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "recipient": "6tNgWp8rq4UJ77q2cZ8WPeBn5eUDhcSuC5nSEXd1W8yA",
    "amount": "5"
  }'

curl -X POST "https://agentwallet-web.vercel.app/api/agent-wallet/pay" \
  -H "Authorization: Bearer $AGENTWALLET_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "recipient": "6tNgWp8rq4UJ77q2cZ8WPeBn5eUDhcSuC5nSEXd1W8yA",
    "amount": "1"
  }'

The hosted agent record stores the program ID, policy PDA, token mint, and decimals. Advanced callers can send explicit fields, but the on-chain policy remains the final authority.

Payment simulation

Plan before moving tokens

const preview = await wallet.simulatePayment({
  recipient: "6tNgWp8rq4UJ77q2cZ8WPeBn5eUDhcSuC5nSEXd1W8yA",
  amount: "5"
});

if (preview.decision === "approved") {
  await wallet.pay({ recipient: "6tNgWp8rq4UJ77q2cZ8WPeBn5eUDhcSuC5nSEXd1W8yA", amount: "5" });
}

if (preview.decision === "requires_approval") {
  console.log(preview.suggestedAction); // request_owner_approval
}

Simulation reads the on-chain policy account and returns the same structured codes as a real payment attempt, without signing or sending a Solana transaction.

Structured errors

Handle rejections programmatically

{
  "ok": false,
  "error": "Rejected: that recipient wallet is not on the allowed list.",
  "code": "RECIPIENT_NOT_ALLOWED",
  "message": "Recipient wallet is not on the allowed list.",
  "humanMessage": "That recipient wallet is not on the allowed list.",
  "agentMessage": "Choose an allowed recipient or ask the owner to update the policy.",
  "suggestedAction": "request_owner_policy_update"
}

Agents should branch on `code` and `suggestedAction`, not free-form text.

Owner approvals

Above-threshold payments

If the agent requests a payment above the autonomous approval threshold, AgentWallet creates an approval request instead of moving tokens. The owner approves or rejects in the dashboard. Approved payments execute automatically with the hosted agent wallet.

x402 flow

Pay APIs without static API keys

const response = await wallet.fetch("https://agentwallet-web.vercel.app/api/demo-merchant/resource");

// The merchant can return 402 + PAYMENT-REQUIRED.
// AgentWallet settles through the policy engine, then retries with PAYMENT-SIGNATURE.
console.log(await response.json());
Machine-readable API

Let tools discover AgentWallet

AgentWallet exposes an OpenAPI 3.1 document for agent frameworks, API clients, and tool-generation flows.

https://agentwallet-web.vercel.app/api/openapi.json
MCP server

Use AgentWallet as native agent tools

{
  "mcpServers": {
    "agentwallet": {
      "command": "npx",
      "args": ["agentwallet-mcp"],
      "env": {
        "AGENTWALLET_BASE_URL": "https://agentwallet-web.vercel.app",
        "AGENTWALLET_API_KEY": "<hosted-agent-api-key>"
      }
    }
  }
}

The MCP server exposes tools for wallet status, capabilities, allowed recipients, allowed tokens, payment simulation, payment execution, and audit history.

Troubleshooting

Common setup misses