Agent Wallets

Overview

Agent wallets are delegated wallets that can sign orders on behalf of your main wallet, enabling one-click trading without repeated MetaMask popups. They provide the perfect balance between security (maintaining self-custody) and usability (eliminating signature friction).

Key Benefits:

  • One-Click Trading: Submit orders without wallet confirmations

  • High-Frequency Trading: Enable programmatic and bot trading

  • Limited Risk: Agents have restricted permissions, main wallet stays safe

  • Revocable Access: Disable agent wallets anytime

  • Session-Based: Temporary agents auto-expire

How Agent Wallets Work

Architecture

Main Wallet

├── Session Agent (Unnamed)
│   ├── Browser-generated private key
│   ├── Stored in SessionStorage
│   ├── Auto-expires when browser closes
│   └── One per main wallet

└── API Agents (Named)
    ├── Agent 1: "Trading Bot"
    ├── Agent 2: "Market Maker"
    └── Agent 3: "Grid Strategy"
    └── Up to 3 per main wallet

Core Concept:

  1. Registration: Main wallet signs EIP-712 message authorizing agent

  2. Mapping: System maps agent address → main wallet address

  3. Trading: Agent signs orders, system credits/debits main wallet

  4. Nonces: Each agent has independent nonce tracking

Wallet Types

Master Accounts

Your primary trading account:

Allowed Agents:

  • 1 Session Agent: Unnamed, browser-based, auto-expires

  • 3 Named Agents: Persistent API keys for bots

Use Cases:

  • Personal trading with session agent

  • Multiple trading strategies via named agents

  • Market making and grid bots

Subaccounts

Additional accounts under your main wallet:

Allowed Agents:

  • 0 Session Agents: Not permitted

  • 2 Named Agents: API-only access

Use Cases:

  • Isolated strategy accounts

  • Team member delegation

  • Separate risk pools

Session Wallets (Browser Trading)

Setup Process

1. Connect Main Wallet:

2. Generate Session Key:

3. Sign Authorization:

4. One-Click Trading:

Security Properties

Browser-Based Security:

  • Private key never leaves browser

  • SessionStorage (not LocalStorage)

  • Cleared when tab/browser closes

  • Unique per session

Limited Exposure:

  • Only trading permissions

  • Cannot withdraw funds

  • Cannot modify wallet settings

  • Revocable by main wallet

Auto-Expiry:

  • Optional expiry timestamp

  • Automatically disabled after timeout

  • Session ends when browser closes

  • Re-registration required for new session

Example Flow

API Wallets (Programmatic Trading)

Setup Process

1. Create Named Agent:

2. Receive Credentials:

3. Configure Bot:

Security Considerations

Private Key Management:

  • Critical: Store securely (environment variables, secrets manager)

  • Never: Commit to git, share publicly, hardcode

  • Best Practice: Use hardware security modules for production

Access Control:

  • Each agent is independently revocable

  • Monitor agent activity regularly

  • Rotate keys periodically

  • Delete unused agents

Risk Mitigation:

  • Start with small balances

  • Test with testnet first

  • Implement rate limiting

  • Monitor for unusual activity

Registration Process

EIP-712 Authorization Message

Message Structure:

Signing:

Validation

System Checks:

  1. Signature valid: Recovered address matches main wallet

  2. Limits not exceeded: Within agent count limits

  3. Agent unique: Agent address not already registered

  4. Nonce valid: Fresh timestamp, not reused

  5. Not expired: If expiry set, current time < expiry

On Success:

  • Agent mapping stored: agents[agent_address] = main_wallet

  • Nonce tracker created for agent

  • Agent marked as active

  • Can now sign orders

Agent Limits

Master Account Limits

Session Agents (Unnamed):

  • Maximum: 1

  • Behavior: New session replaces old one

  • Auto-cleanup: Old session invalidated

Named Agents (API):

  • Maximum: 3

  • Behavior: Error if limit exceeded

  • Management: Must delete old agent to add new one

Subaccount Limits

Session Agents:

  • Maximum: 0 (not allowed)

  • Reason: Subaccounts are API-only

Named Agents:

  • Maximum: 2

  • Use case: Focused strategies, team delegation

Enforcement

Registration Time:

Agent Nonce Management

Independent Nonce Tracking

Each agent has its own nonce tracker:

Structure:

Benefits:

  • Parallel order submission from multiple agents

  • No nonce coordination needed

  • Each agent independently tracked

  • No conflicts between agents

Nonce Validation

Per-Agent Rules:

  • Must be unique within agent's 100-nonce window

  • Must be timestamp (millisecond precision)

  • Must be within valid time bounds

  • Must be higher than lowest stored nonce

Example:

Revocation

Revoking Agents

Via UI:

Via API:

Effects of Revocation

Immediate:

  • Agent can no longer sign orders

  • Pending orders remain valid

  • Agent removed from active list

  • Nonce tracker retained (prevent replay)

Not Affected:

  • Main wallet balance

  • Existing open orders

  • Order history

  • Other agents

Automatic Revocation

Expiry-Based:

  • If agent created with expiry timestamp

  • System checks expiry on each use

  • Automatically disabled after expiry

  • Must re-register to continue

Example:

Security Best Practices

For Session Wallets

Do:

  • Use for short trading sessions

  • Close browser when done

  • Re-authorize each session

  • Trade on trusted devices only

Don't:

  • Share session on public computers

  • Leave sessions open indefinitely

  • Trust browser extensions you don't know

For API Wallets

Do:

  • Store keys in environment variables

  • Use secrets management systems

  • Rotate keys periodically

  • Monitor activity regularly

  • Start with small balances

  • Test on testnet first

Don't:

  • Commit keys to git

  • Share keys publicly

  • Hardcode in source code

  • Reuse same key across systems

  • Trust untrusted code with keys

For Main Wallets

Do:

  • Use hardware wallets for large accounts

  • Verify agent authorizations carefully

  • Review agent list regularly

  • Revoke unused agents

  • Keep wallet software updated

Don't:

  • Authorize unknown agents

  • Share private keys ever

  • Ignore suspicious activity

  • Skip signature verification prompts

Common Workflows

Daily Trading (Session Wallet)

Bot Trading (API Wallet)

Market Making (Multiple Agents)

Troubleshooting

"Agent Limit Exceeded"

Problem: Trying to create more agents than allowed

Solution:

  1. List existing agents

  2. Revoke unused agents

  3. Try creating new agent again

"Agent Already Exists"

Problem: Agent address already registered

Solution:

  1. Check if you already created this agent

  2. Use different private key for new agent

  3. Revoke old agent if you want to re-register

"Invalid Agent Signature"

Problem: Order signed by unregistered agent

Solution:

  1. Verify agent is registered

  2. Check agent hasn't been revoked

  3. Ensure agent hasn't expired

  4. Re-register if needed

"Session Lost on Refresh"

Problem: Browser refresh clears session wallet

Expected Behavior:

  • SessionStorage cleared on refresh in some browsers

  • Re-authorization required

  • Security feature, not bug

Solution:

  • Re-connect wallet

  • Sign new authorization

  • Consider using named agent for persistent sessions

Technical Implementation

Data Structure (from codebase)

Conclusion

Agent wallets provide a powerful mechanism for delegated trading while maintaining security. They enable high-frequency, automated, and user-friendly trading experiences without compromising the self-custody model.

Key Takeaways:

  • Session wallets for browser trading (1 per main wallet)

  • Named agents for API/bot trading (3 per main wallet)

  • Independent nonce tracking per agent

  • Revocable access, limited permissions

  • Secure by default, flexible by design

Next Steps:

EIP-712 SigningAuthenticationNonce Management
PreviousSecurity & SignaturesNextEIP-712 Signing

Last updated