Your AI Agent's Wallet — Secure by Architecture
Web3 Companion lets Claude agents autonomously manage portfolios, swap tokens, and bridge assets — while private keys stay locked in an isolated Secure Signature Module the agent can never reach.
Why Agentic Wallets Are Dangerous
Agent Can Access Private Keys
Most agentic wallets give the AI agent direct access to private keys. The OpenClaw crisis (2026) exposed 135,000+ instances with plaintext keys — a single prompt injection could drain every connected wallet.
Private keys live in an isolated process the agent can never reach. The agent submits unsigned transactions; the SSM signs them only after all checks pass.
Automated Transactions Can Be Manipulated
Even without key access, an agent that auto-signs transactions is vulnerable to manipulation — malicious prompts, phishing addresses, and price manipulation can trick the agent into approving harmful transactions.
An independent LLM analyzes transaction intent as a first pass, then hard-coded spending limits and whitelists — enforced at the SSM layer, immune to AI bypass — act as the final backstop.
Defense in Depth
Two independent security dimensions — each with its own defense mechanisms — ensure no single point of failure.
Private Key Security
Secure Signature Module (SSM)
Private keys live in an isolated process with envelope encryption. The agent submits unsigned transactions via API; keys never leave the SSM boundary.
- Process-level isolation — SSM runs as a separate OS process; the agent has zero memory access to key material
- Envelope encryption — keys encrypted with AES-256-GCM, master key in AWS KMS or local vault
- API-only interface — agent submits unsigned transactions; SSM returns signed bytes, never raw keys
- EIP-7702 managed wallets — smart-contract wallets with programmable authorization rules
Transaction Security
Transaction Simulation
Preview outcomes before signing — catch reverts, unexpected transfers, and token approvals.
Even with full agent compromise, private keys remain isolated in the SSM, and transactions are bound by hard policies the agent cannot override.
Built for Real Web3 Operations
Everything an AI agent needs to operate on-chain, with guardrails at every step.
Portfolio Management
Multi-chain holdings across Ethereum, Base, Polygon, and BSC with real-time balance tracking.
Token Transfers
Native and ERC-20 transfers with automatic gas estimation and nonce management.
DEX Swaps
Best-rate routing across 7 aggregator backends including 1inch, Paraswap, and KyberSwap.
Cross-Chain Bridges
Seamless asset movement between chains via integrated bridge protocols.
Signing Policies
Per-transaction caps, daily spending budgets, and recipient allowlists — hard-coded, not advisory.
Passkey Approvals
WebAuthn biometric gating for any transaction exceeding policy thresholds.
Get Started in Three Steps
From zero to a secure agentic wallet in under five minutes.
Deploy
One Docker command. The setup wizard handles LLM provider and RPC configuration.
Set Policies
Define spending limits, whitelists, and approval thresholds in the browser-based dashboard.
Let Your Agent Trade
Claude operates within guardrails. Passkey approval kicks in for anything above your threshold.
Built in the Open
Web3 Companion is fully open source. Audit the code, contribute features, or fork it for your own use case.