DEV Community: Wallet Guy

When AI Agents Trade Autonomously: Building Economic Actors That Never Sleep

Wallet Guy — Sat, 02 May 2026 14:14:03 +0000

AI agents will need to pay for compute, data, and API calls autonomously — but most lack the economic infrastructure to participate in real transactions. The missing piece isn't smarter models or better reasoning; it's wallet infrastructure that lets agents operate as independent economic actors without human intermediaries for every payment.

The Autonomous Agent Economy Is Already Here

We're witnessing the emergence of AI agents that don't just answer questions — they take actions. They trade stocks, manage DeFi positions, execute complex workflows, and consume paid APIs. But there's a fundamental bottleneck: these agents still depend on humans to handle their economic interactions.

Consider an AI trading bot that identifies arbitrage opportunities across multiple DEXs. It can analyze markets, calculate optimal routes, and determine profitable trades faster than any human. But when it comes time to execute — to actually move funds, swap tokens, or pay for premium market data — it hits a wall. The agent needs a human to approve transactions, top up balances, or manage API credits.

This creates a paradox: we have agents sophisticated enough to outperform humans at complex economic reasoning, but they can't autonomously pay for a $0.01 API call.

The Infrastructure Gap: Wallets for Agents

Traditional wallet infrastructure was designed for humans. It assumes someone is present to approve transactions, manage private keys, and handle security decisions. But autonomous agents operate differently:

They need to transact 24/7 across global markets
They require programmatic access without GUI interactions
They must handle micropayments efficiently (paying per API call, per computation)
They need sophisticated policy controls to prevent runaway spending
They require audit trails for compliance and debugging

WAIaaS bridges this gap with wallet infrastructure purpose-built for AI agents. Instead of retrofitting human-centered wallets, it starts from the agent's requirements: REST APIs, session-based authentication, programmable policies, and autonomous transaction execution.

Session-Based Authentication: Agents Without Private Keys

The fundamental challenge is giving agents transaction capabilities without exposing private keys. WAIaaS solves this with session-based authentication:

# Create a session for your AI agent (one-time setup)
curl -X POST http://127.0.0.1:3100/v1/sessions \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{"walletId": "<wallet-uuid>"}'

The agent receives a session token with limited capabilities and lifetime. It can transact within predefined policies, but cannot access the underlying private keys:

# Agent checks its balance autonomously
curl http://127.0.0.1:3100/v1/wallet/balance \
  -H "Authorization: Bearer wai_sess_eyJhbGciOiJIUzI1NiJ9..."

# Agent executes DeFi trade
curl -X POST http://127.0.0.1:3100/v1/actions/jupiter-swap/swap \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "inputMint": "So11111111111111111111111111111111111111112",
    "outputMint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
    "amount": "1000000000"
  }'

Policy-Driven Autonomy: Smart Guardrails

True autonomy doesn't mean unlimited freedom. The most successful autonomous agents operate within clearly defined boundaries. WAIaaS implements this through 21 policy types with 4 security tiers: INSTANT, NOTIFY, DELAY, and APPROVAL.

For an AI trading agent, you might configure:

curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 100,
      "notify_max_usd": 1000,
      "delay_max_usd": 5000,
      "delay_seconds": 300,
      "daily_limit_usd": 10000
    }
  }'

This creates a four-tier system:

Trades under $100: Execute immediately
$100-$1000: Execute and notify the owner
$1000-$5000: Wait 5 minutes (allowing cancellation), then execute
Above $5000: Require explicit human approval

You can layer multiple policies. Add contract whitelists to restrict which DEXs the agent can use, time restrictions for trading hours, or token whitelists to prevent the agent from buying speculative assets.

x402 HTTP Payments: Agents as API Customers

One of the most immediate use cases for autonomous agent payments is API consumption. The x402 HTTP payment protocol lets agents automatically pay for API calls without pre-funded accounts or subscription management.

import { WAIaaSClient } from '@waiaas/sdk';

const client = new WAIaaSClient({
  baseUrl: 'http://127.0.0.1:3100',
  sessionToken: process.env.WAIAAS_SESSION_TOKEN,
});

// Agent makes HTTP request, automatically pays if 402 Payment Required
const response = await client.x402Fetch('https://api.premium-data.com/market-data', {
  method: 'GET',
  headers: { 'Accept': 'application/json' }
});

const marketData = await response.json();

Behind the scenes, if the API returns a 402 status code, WAIaaS automatically:

Parses the payment request
Checks agent policies (is this domain whitelisted? Is the amount within limits?)
Executes payment
Retries the original request with payment proof

This enables new business models. API providers can charge per-call instead of managing subscriptions. Agents can dynamically discover and pay for services they need. The economic friction between agents and services disappears.

Multi-Chain DeFi Operations

Autonomous agents excel at complex DeFi strategies that require 24/7 monitoring and rapid execution. WAIaaS supports 15 DeFi protocols across multiple chains, enabling agents to:

Provide liquidity across AMMs and rebalance based on fee returns
Execute yield farming strategies, automatically compounding rewards
Manage lending positions, adjusting collateral to maintain healthy ratios
Execute cross-chain arbitrage via bridging protocols

An agent monitoring Aave positions can automatically supply additional collateral if the health factor drops:

# Agent checks current DeFi positions
curl http://127.0.0.1:3100/v1/defi/positions \
  -H "Authorization: Bearer wai_sess_<token>"

# If health factor is low, supply more collateral
curl -X POST http://127.0.0.1:3100/v1/actions/aave-v3/supply \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "asset": "0xA0b86a33E6441d89C6fE6D9E9Dc3A6E7e57B4F2a",
    "amount": "1000000000000000000"
  }'

Real-World Implementation: MCP Integration

The Model Context Protocol (MCP) provides a standardized way for AI assistants to access external tools and data. WAIaaS offers 45 MCP tools that turn any MCP-compatible AI assistant into an autonomous economic agent.

Setting up Claude Desktop with WAIaaS takes minutes:

# Install CLI and start daemon
npm install -g @waiaas/cli
waiaas init
waiaas start

# Create wallets and sessions, auto-configure MCP
waiaas quickset --mode mainnet
waiaas mcp setup --all

Now Claude can autonomously:

Check wallet balances: "What's my current portfolio value?"
Execute trades: "Swap 0.1 SOL for USDC on Jupiter"
Manage DeFi positions: "Show my lending positions and health factors"
Pay for premium data: "Get the latest options flow data for AAPL"

The agent operates within your predefined policies, with full transaction history and the ability to require approval for large operations.

Security Model: Three Layers of Protection

Autonomous agents handling real funds require robust security. WAIaaS implements three layers:

Layer 1: Session Authentication
Agents never access private keys directly. Sessions provide limited capabilities with configurable TTL and renewal limits.

Layer 2: Policy Engine

21 policy types enforce spending limits, contract whitelists, time restrictions, and more. Default-deny architecture blocks transactions unless explicitly allowed.

Layer 3: Human Override
Fund owners retain ultimate control through WalletConnect integration. Kill switches, transaction approval, and emergency recovery ensure humans can intervene when needed.

This creates the optimal balance: agents operate autonomously within safe boundaries, but humans maintain oversight and control.

Getting Started: Deploy an Economic Agent

Ready to build your first autonomous economic agent? Here's the minimal setup:

Step 1: Start WAIaaS Infrastructure

npm install -g @waiaas/cli
waiaas init
waiaas start
waiaas quickset --mode mainnet  # Creates wallets + sessions

Step 2: Configure Your AI Agent
Add MCP integration to Claude Desktop or use the SDK directly:

import { WAIaaSClient } from '@waiaas/sdk';

const agent = new WAIaaSClient({
  baseUrl: 'http://127.0.0.1:3100',
  sessionToken: process.env.WAIAAS_SESSION_TOKEN,
});

Step 3: Set Policies
Define what your agent can do autonomously:

# Allow small transactions instantly, require approval for large ones
waiaas policies create --type SPENDING_LIMIT \
  --instant-max 50 --delay-max 500 --approval-above 1000

Step 4: Fund and Deploy
Transfer initial funds to your agent's wallet and let it start operating. Monitor via the admin UI at http://localhost:3100/admin.

The agent can now participate in the economy: paying for APIs, executing trades, managing DeFi positions, and more — all within the guardrails you've defined.

The Road Ahead: Agents as Economic Participants

We're at the beginning of a fundamental shift. AI agents are evolving from tools that provide information to autonomous actors that take economic action. This requires infrastructure that doesn't exist in traditional fintech or DeFi — it needs to be built specifically for agents.

The implications extend beyond individual agents. We're heading toward agent-to-agent commerce, where AI systems automatically discover, negotiate with, and pay each other for services. Imagine an AI researcher that automatically purchases compute from cloud providers, pays for academic paper access, and compensates data providers — all without human intervention.

This future requires wallet infrastructure designed for autonomy, not retrofitted from human-centered systems. WAIaaS provides that foundation today.

For more insights on AI agent infrastructure, check out How to Set Up AI Agents with Wallet Access Using MCP and Why AI Agents Need Their Own Wallets for deeper technical details.

What's Next

The autonomous agent economy is emerging now, not in some distant future. The question isn't whether AI agents will need economic capabilities — it's whether you'll be ready to deploy them safely and effectively.

Start experimenting with autonomous agents today. Explore the full codebase on GitHub or learn more at waiaas.ai. The infrastructure for the agent economy is here — what will you build with it?

7-Stage Transaction Validation: How AI Agents Execute Safe DeFi Operations

Wallet Guy — Sat, 02 May 2026 08:02:17 +0000

Giving an AI agent access to your DeFi portfolio without proper guardrails is like handing over your bank account with a sticky note saying "please be careful." Most wallet-as-a-service solutions either give agents unlimited access or rely on simple spending limits that don't account for the complexity of DeFi operations. WAIaaS takes a different approach with a 7-stage transaction pipeline that validates every operation through multiple security layers before execution.

Why Multi-Stage Validation Matters

DeFi operations carry amplified risks compared to simple transfers. When your AI agent interacts with lending protocols, DEXs, or yield farms, a single malicious or misconfigured transaction can:

Approve unlimited token spending to untrusted contracts
Deposit funds into high-risk lending pools
Execute leveraged positions beyond your risk tolerance
Interact with unaudited or compromised protocols

Traditional approaches either block AI agents entirely or use crude spending limits that don't distinguish between sending $100 to your friend versus approving $100 to an experimental DeFi protocol. WAIaaS recognizes that transaction amount alone doesn't determine risk—context matters.

The 7-Stage Transaction Pipeline

WAIaaS processes every transaction through seven sequential stages, each with specific validation logic and security checks. Here's how an AI agent's Jupiter swap request gets validated:

Stage 1: Validate

The pipeline first validates the transaction structure, network compatibility, and basic feasibility checks.

# Example: AI agent requests SOL → USDC swap
curl -X POST http://127.0.0.1:3100/v1/actions/jupiter-swap/swap \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "inputMint": "So11111111111111111111111111111111111111112",
    "outputMint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
    "amount": "1000000000"
  }'

Stage 1 validates:

Transaction type matches expected schema (7 types: Transfer, TokenTransfer, ContractCall, Approve, Batch, NftTransfer, ContractDeploy)
Target network is active and RPC accessible
Basic parameter validation (addresses, amounts, gas estimates)

Stage 2: Authentication

Three authentication methods provide different security contexts:

# sessionAuth — AI agent operations (transactions, queries)
-H "Authorization: Bearer wai_sess_eyJhbGciOiJIUzI1NiJ9..."

# masterAuth — system administration (policies, wallet creation)
-H "X-Master-Password: my-secret-password"  

# ownerAuth — fund owner (approvals, emergency controls)
-H "X-Owner-Signature: <ed25519-or-secp256k1-signature>"
-H "X-Owner-Message: <signed-message>"

Session tokens include TTL, renewal limits, and absolute lifetime bounds. The pipeline verifies the session is valid, not expired, and authorized for the requested operation.

Stage 3: Policy Engine

This is where WAIaaS's security model shines. The policy engine evaluates 21 different policy types against the transaction, assigning one of four security tiers:

# Create a comprehensive DeFi policy
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 50,
      "notify_max_usd": 200,
      "delay_max_usd": 1000,
      "delay_seconds": 300,
      "daily_limit_usd": 2000
    }
  }'

Default-Deny Protection: The policy engine implements default-deny for critical operations. Without explicit ALLOWED_TOKENS and CONTRACT_WHITELIST policies, agents cannot transfer tokens or interact with smart contracts.

Four Security Tiers:

INSTANT: Execute immediately (low-risk operations under threshold)
NOTIFY: Execute immediately, send notification to owner
DELAY: Queue for time delay, owner can cancel during delay period
APPROVAL: Require explicit human approval before execution

For our Jupiter swap example, the policy engine checks:

SPENDING_LIMIT: Is 1 SOL under the appropriate tier threshold?
ALLOWED_TOKENS: Is SOL → USDC swap permitted?
CONTRACT_WHITELIST: Is Jupiter router address approved?
RATE_LIMIT: Has the agent exceeded transaction frequency limits?

Stage 4: Wait (Conditional)

If the policy engine assigns DELAY tier, the transaction enters a waiting period. During this time:

Transaction is queued with visible countdown timer
Owner receives notification with cancellation option
Agent receives pending status, not failure
Emergency kill switch can cancel all pending transactions

{
  "id": "tx_abc123",
  "status": "PENDING_DELAY",
  "delayUntil": "2024-03-15T10:35:00Z",
  "delaySeconds": 300,
  "cancellable": true
}

Stage 5: Execute

For approved transactions, the execution stage handles the actual blockchain interaction:

Gas price conditional execution (wait for gas below threshold)
Nonce management and transaction ordering
Multi-chain RPC routing
Dry-run simulation before real execution

The pipeline supports complex transaction types including ERC-4337 Account Abstraction UserOps and batch transactions.

Stage 6: Confirm

Final stage monitors blockchain confirmation and updates transaction status:

Block confirmation tracking
Failed transaction detection and retry logic
Balance updates and cache invalidation
Notification dispatch for completed operations

Real-World Policy Configuration

Here's how to configure policies that make sense for AI agents operating in DeFi:

Token Whitelist (Required for Agent Operations):

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "ALLOWED_TOKENS",
    "rules": {
      "tokens": [
        {"address": "So11111111111111111111111111111111111111112", "symbol": "SOL", "chain": "solana"},
        {"address": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v", "symbol": "USDC", "chain": "solana"}
      ]
    }
  }'

DeFi Protocol Whitelist:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "CONTRACT_WHITELIST", 
    "rules": {
      "contracts": [
        {"address": "JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4", "name": "Jupiter", "chain": "solana"},
        {"address": "KLend2g3cP87fffoy8q1mQqGKjrxjC8boSyAYavgmjD", "name": "Kamino", "chain": "solana"}
      ]
    }
  }'

Lending Risk Controls:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "LENDING_LTV_LIMIT",
    "rules": {
      "maxLtv": 0.65,
      "assetWhitelist": ["SOL", "USDC", "ETH"]
    }
  }'

Security Through Multiple Layers

WAIaaS implements defense in depth through three distinct security layers:

Layer 1: Session Authentication + Time Limits

JWT session tokens with configurable TTL and renewal limits
Per-session absolute lifetime bounds
Immediate revocation capability

Layer 2: Policy Engine + Time Delays

21 policy types covering spending, contracts, networks, DeFi parameters
Time delays allow human intervention before execution
Default-deny for undefined scenarios

Layer 3: Human Approval + Kill Switch

WalletConnect integration for mobile approval workflows
Telegram and push notification channels for approval requests
Emergency kill switch to halt all agent operations

Quick Start: Secure AI Agent Setup

Here's how to set up a DeFi-capable AI agent with proper security guardrails:

Install and initialize WAIaaS:

npm install -g @waiaas/cli
waiaas init
waiaas start

Create wallet and session:

waiaas wallet create --name defi-agent --chain solana --environment mainnet
waiaas session prompt --wallet-name defi-agent

Configure security policies:

# Spending limits with 4-tier security
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 10,
      "notify_max_usd": 100, 
      "delay_max_usd": 500,
      "delay_seconds": 600,
      "daily_limit_usd": 1000
    }
  }'

# Allow specific tokens and protocols
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "ALLOWED_TOKENS",
    "rules": {"tokens": [{"address": "So11111111111111111111111111111111111111112", "symbol": "SOL", "chain": "solana"}]}
  }'

Test the pipeline with a dry run:

curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "TRANSFER",
    "to": "recipient-address",
    "amount": "0.01",
    "dryRun": true
  }'

Set up approval channels for high-value transactions:

waiaas owner connect  # WalletConnect for mobile approvals
waiaas notification setup  # Configure push notifications

The 7-stage pipeline ensures your AI agent operates within defined boundaries while maintaining the flexibility to execute complex DeFi strategies. Each stage provides specific validation logic, and the policy engine gives you granular control over risk parameters.

For developers building autonomous trading systems or yield optimization bots, this approach provides the security foundation needed to deploy AI agents with real funds. The pipeline processes over 683 test cases across all transaction types and DeFi protocols, ensuring robust validation of edge cases and attack vectors.

Related posts that dive deeper:

What's Next

The 7-stage transaction pipeline provides the security foundation, but WAIaaS offers additional capabilities for production AI agents including cross-chain bridging, NFT management, and x402 HTTP payment protocols. Explore the full codebase at GitHub or learn more about self-hosted deployment at waiaas.ai.

15 DeFi Protocols, 631 Tests: Building Reliable Multi-Protocol Trading Infrastructure

Wallet Guy — Fri, 01 May 2026 14:20:51 +0000

Your arb bot spotted the opportunity — Jupiter has USDC 2 basis points cheaper than the CEX. But by the time your bot assembles the wallet connection, builds the transaction, handles gas estimation, and executes the swap, the opportunity is gone. You need trading infrastructure that executes in milliseconds, not seconds.

Building reliable trading infrastructure across 15 DeFi protocols isn't just about connecting to APIs. It's about gas optimization, execution reliability, and risk controls that keep your bot profitable when markets move fast. One failed transaction or missed arbitrage opportunity costs more than robust infrastructure saves.

Why Multi-Protocol Trading Infrastructure Matters

Professional trading operations don't stick to one DEX. They arbitrage between Jupiter and Drift on Solana, hedge positions across Aave and Hyperliquid, and bridge liquidity via LI.FI when opportunities emerge on different chains. Each protocol has different APIs, different transaction patterns, and different failure modes.

Your trading bot needs to execute complex strategies: spot a price difference on Jupiter, immediately hedge with a perpetual position on Drift, maybe stake the proceeds on Jito for yield. These multi-step strategies require atomic execution — if step 2 fails, you're left with unwanted exposure.

Traditional approaches force you to integrate each protocol separately: Jupiter's SDK for swaps, Drift's SDK for perps, Aave's contracts for lending. Managing 15 different SDKs, keeping them updated, handling their different error patterns — that's months of infrastructure work before you write a single trading strategy.

The Multi-Protocol Approach

WAIaaS provides a unified API layer across 15 DeFi protocols with 631+ tests ensuring execution reliability. Instead of managing multiple SDKs, your bot makes simple HTTP calls to a local daemon that handles protocol-specific complexity.

Here's how your bot executes a cross-protocol strategy:

# Check positions across all protocols
curl http://127.0.0.1:3100/v1/defi/positions \
  -H "Authorization: Bearer wai_sess_<token>"

# Response shows unified view
{
  "positions": [
    {"protocol": "jupiter-swap", "type": "swap", "value_usd": 0},
    {"protocol": "drift", "type": "perp", "market": "SOL-PERP", "size": "-1.5", "pnl_usd": 125.50},
    {"protocol": "jito-staking", "type": "stake", "amount": "45.2", "rewards_usd": 12.30}
  ]
}

Execute a Jupiter swap when gas conditions are favorable:

# Set gas condition — only execute when gas < 0.0001 SOL
curl -X POST http://127.0.0.1:3100/v1/actions/jupiter-swap/swap \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "inputMint": "So11111111111111111111111111111111111111112",
    "outputMint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
    "amount": "1000000000",
    "gasCondition": {"maxGasPrice": "100000"}
  }'

The transaction queues until gas price meets your threshold, then executes automatically. No polling, no gas price monitoring — the infrastructure handles timing.

Production-Grade Execution Pipeline

Every transaction flows through a 7-stage pipeline designed for trading reliability:

Validation — Check balance, validate addresses, ensure sufficient gas
Authentication — Verify session token, check permissions
Policy — Apply spending limits, gas conditions, protocol restrictions
Wait — Queue for gas conditions or rate limits
Execute — Submit to blockchain with retry logic
Confirm — Monitor for confirmation, handle reorgs
Notify — Update bot with final status

This pipeline prevents the common trading bot failures: insufficient balance checks, gas estimation errors, dropped transactions, missed confirmations.

Here's how your bot handles a complex arbitrage strategy:

# Build batch transaction — buy on Jupiter, hedge on Drift
curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "BATCH",
    "transactions": [
      {
        "type": "ACTION",
        "provider": "jupiter-swap",
        "action": "swap",
        "params": {
          "inputMint": "So11111111111111111111111111111111111111112",
          "outputMint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
          "amount": "1000000000"
        }
      },
      {
        "type": "ACTION",
        "provider": "drift",
        "action": "place_order",
        "params": {
          "market": "SOL-PERP",
          "side": "short",
          "size": "1.0",
          "orderType": "market"
        }
      }
    ]
  }'

Both transactions execute atomically — if the Drift order fails, the Jupiter swap is reverted. No partial fills, no unwanted exposure.

Risk Controls for Automated Trading

Trading bots need automated risk controls. WAIaaS provides 21 policy types with 4 security tiers specifically designed for algorithmic trading.

Set position size limits per protocol:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "PERP_MAX_POSITION_USD",
    "rules": {
      "maxPositionUsd": 10000,
      "protocols": ["drift", "hyperliquid"]
    }
  }'

Implement gas-conditional trading — only execute when profitable:

{
  "type": "GAS_CONDITION",
  "rules": {
    "maxGasPrice": "100000",
    "maxSlippage": "0.005"
  }
}

Your bot submits trades anytime. The policy engine ensures they only execute when gas costs preserve profitability.

Cross-Chain Arbitrage Infrastructure

Real arbitrage opportunities span chains. WAIaaS handles cross-chain complexity through integrated bridging protocols.

Execute Ethereum → Solana arbitrage:

# Step 1: Bridge USDC from Ethereum to Solana via LI.FI
curl -X POST http://127.0.0.1:3100/v1/actions/lifi/bridge \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "fromChain": "ethereum-mainnet",
    "toChain": "solana-mainnet",
    "token": "0xA0b86a33E6441c4ED7a4c03b6d80b1f3aFF6A4F7",
    "amount": "1000000000"
  }'

# Step 2: Auto-execute Jupiter swap once bridge completes
# (WAIaaS monitors bridge status, executes follow-up automatically)

The infrastructure tracks bridge completions and executes follow-up trades without manual intervention. Cross-chain arbitrage becomes a single API call.

Quick Start for Trading Bots

Get your trading infrastructure running in minutes:

Deploy with Docker — Production-ready deployment

git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
cd WAIaaS
docker compose up -d

Create trading wallet

docker exec waiaas-daemon waiaas-cli wallet create \
  --name trading-bot \
  --chain solana \
  --environment mainnet

Generate session token for your bot

docker exec waiaas-daemon waiaas-cli session create \
  --wallet-id <wallet-uuid>
# Returns: wai_sess_eyJhbGciOiJIUzI1NiJ9...

Configure trading policies

curl -X POST http://localhost:3100/v1/policies \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 1000,
      "daily_limit_usd": 50000
    }
  }'

Start trading — Your bot makes HTTP calls, WAIaaS handles execution

export WAIAAS_SESSION_TOKEN="wai_sess_..."
# Your trading bot is now live

Your trading infrastructure is now handling gas optimization, transaction reliability, and cross-protocol execution. Focus on strategy, not plumbing.

Performance and Reliability

With 631+ tests across 15 protocols, WAIaaS infrastructure handles the edge cases that break trading bots: failed transactions, network congestion, protocol upgrades, slippage protection. The 7-stage execution pipeline ensures your trades execute reliably even when market conditions change rapidly.

Gas conditional execution means your arbitrage strategies remain profitable even during network congestion. Transaction batching reduces MEV exposure. Cross-chain bridging opens opportunities beyond single-chain trading.

Trading bot development shifts from months of infrastructure work to days of strategy implementation.

For more trading infrastructure insights, check out Building AI Trading Bots with MCP Integration and Docker Deployment for Production Trading.

What's Next

Your trading bot needs reliable infrastructure that executes in milliseconds, not seconds. WAIaaS provides the multi-protocol foundation that lets you focus on profitable strategies instead of wallet plumbing.

Ready to build serious trading infrastructure? Get started at GitHub or explore the full platform at waiaas.ai.

All 45 MCP Tools Explained: Complete Reference for Claude AI Agents

Wallet Guy — Fri, 01 May 2026 08:27:10 +0000

MCP tools transform Claude from a text-only assistant into an agent capable of executing onchain transactions, managing DeFi positions, and handling cryptocurrency operations. WAIaaS provides 45 specialized MCP tools that integrate seamlessly with Claude Desktop, giving your AI agent comprehensive blockchain capabilities without requiring custom integrations or complex setup.

Why MCP Integration Matters for AI Agents

Most AI agents can only read blockchain data or generate transaction code that humans must execute manually. This creates a frustrating gap between what the agent knows and what it can actually do. The Model Context Protocol (MCP) bridges this gap by providing a standardized way for Claude to call external tools directly.

With WAIaaS MCP integration, Claude can check wallet balances, execute DeFi swaps, manage lending positions, transfer NFTs, and even handle micropayments for API calls — all autonomously within the conversation. This transforms Claude from a helpful advisor into an active participant in your onchain workflows.

Complete MCP Tool Reference

WAIaaS provides 45 MCP tools organized into five categories. Here's the complete reference:

Wallet Management Tools

get-balance — Returns native token balance and USD value

# What Claude sees when you ask "What's my balance?"
{
  "balance": "2.5",
  "symbol": "SOL", 
  "usd_value": 425.50,
  "chain": "solana",
  "network": "mainnet"
}

get-address — Get wallet's public address
get-wallet-info — Complete wallet metadata including creation date and chain
get-assets — List all token holdings with balances and USD values
get-tokens — Available tokens for the current network
list-credentials — Show configured RPC endpoints and API keys

Transaction Tools

send-token — Transfer native tokens or SPL/ERC-20 tokens
transfer-nft — Transfer NFTs with automatic metadata resolution
send-batch — Execute multiple transactions atomically
sign-transaction — Sign arbitrary transactions without broadcasting
sign-message — Sign messages for authentication or proofs
get-transaction — Retrieve transaction details and status
list-transactions — Transaction history with filtering options
simulate-transaction — Dry-run transactions before execution

Example of Claude using send-token:

# User: "Send 0.1 SOL to Alice"
# Claude calls send-token MCP tool:
{
  "type": "TRANSFER",
  "to": "7xKXtg2CW87d97TXJSDpbD5jBkheTqA83TZRuJosgAsU",
  "amount": "0.1"
}

DeFi Integration Tools

get-defi-positions — View lending, staking, and LP positions across all protocols
get-health-factor — Current liquidation risk for lending positions
action-provider — Execute actions on any of the 15 supported DeFi protocols

The action-provider tool works with these protocols:

jupiter-swap — Solana's best-price DEX aggregator
lido-staking — Ethereum liquid staking
jito-staking — Solana liquid staking
aave-v3 — Cross-chain lending and borrowing
kamino — Solana lending with leveraged strategies
hyperliquid — Perpetual futures trading
polymarket — Prediction market trading
lifi — Cross-chain bridging
across — Fast cross-chain transfers
zerox-swap — Professional-grade DEX trading
pendle — Yield tokenization and trading

Example DeFi interaction:

# User: "Swap 100 USDC for SOL on Jupiter"
# Claude calls action-provider with jupiter-swap:
{
  "provider": "jupiter-swap",
  "action": "swap",
  "params": {
    "inputMint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
    "outputMint": "So11111111111111111111111111111111111111112", 
    "amount": "100000000"
  }
}

Policy and Security Tools

get-policies — View active spending limits and security rules
approve-token — Approve ERC-20 token spending for DeFi protocols
get-provider-status — Check if DeFi providers are operational

Advanced Protocol Tools

build-userop — Create ERC-4337 UserOperations for gasless transactions
sign-userop — Sign UserOperations for Account Abstraction
call-contract — Execute arbitrary smart contract calls
encode-calldata — Generate transaction calldata for contracts
get-nonce — Get current transaction nonce
resolve-asset — Resolve token symbols to addresses

Web3 Authentication Tools

erc8128-sign-request — Sign HTTP requests with wallet for API authentication
erc8128-verify-signature — Verify ERC-8128 HTTP signatures
wc-connect, wc-disconnect, wc-status — WalletConnect session management

Reputation and Trust Tools

erc8004-get-agent-info — Retrieve onchain agent metadata
erc8004-get-reputation — Check agent reputation score
erc8004-get-validation-status — Verify agent trustworthiness

NFT Tools

list-nfts — Show all NFTs in wallet with metadata
get-nft-metadata — Detailed NFT information and attributes

Network and Infrastructure Tools

get-rpc-proxy-url — Get proxied RPC endpoints for better reliability
list-sessions — Active AI agent sessions
list-incoming-transactions — Monitor incoming transfers
get-incoming-summary — Summary of recent deposits
list-offchain-actions — Pending transactions requiring approval

Micropayment Tools

x402-fetch — HTTP requests with automatic cryptocurrency payment for 402 Payment Required responses

Example of Claude using x402-fetch:

# User: "Get premium market data from that paid API"
# Claude calls x402-fetch, automatically pays the microfee, gets the data
{
  "url": "https://api.example.com/premium-data",
  "method": "GET",
  "auto_pay": true,
  "max_payment_usd": 0.10
}

Quick Setup Guide

Here's how to connect Claude Desktop to WAIaaS:

Step 1: Start WAIaaS daemon

npm install -g @waiaas/cli
waiaas quickstart

Step 2: Create a session for Claude

waiaas quickset --mode mainnet
# Creates wallets + MCP sessions, prints config

Step 3: Add to Claude Desktop config
Open ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "waiaas": {
      "command": "npx",
      "args": ["-y", "@waiaas/mcp"],
      "env": {
        "WAIAAS_BASE_URL": "http://127.0.0.1:3100",
        "WAIAAS_SESSION_TOKEN": "wai_sess_eyJhbGciOiJIUzI1NiJ9...",
        "WAIAAS_DATA_DIR": "~/.waiaas"
      }
    }
  }
}

Step 4: Restart Claude Desktop and test
Ask Claude: "What's my wallet balance?" You should see your actual onchain balance with USD values.

Step 5: Set up security policies

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <your-password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT", 
    "rules": {
      "instant_max_usd": 10,
      "notify_max_usd": 100,
      "delay_max_usd": 1000,
      "delay_seconds": 300
    }
  }'

Real-World Usage Examples

With all 45 MCP tools available, Claude can handle sophisticated onchain workflows:

Portfolio Management: "Show me my DeFi positions across all protocols and suggest rebalancing opportunities"

Claude calls get-defi-positions, analyzes yield rates, suggests optimal allocation

Cross-Chain Operations: "Bridge 500 USDC from Ethereum to Arbitrum using the cheapest route"

Claude calls action-provider with lifi, compares bridge costs, executes optimal route

Automated Trading: "If SOL drops below $100, swap half my SOL for USDC"

Claude monitors prices, uses simulate-transaction for safety, executes conditional swaps

NFT Management: "List my NFTs by floor price and transfer the least valuable one to my cold wallet"

Claude calls list-nfts, fetches floor prices, identifies target NFT, executes transfer

Micropayment Workflows: "Get the latest research report from three different crypto data providers"

Claude uses x402-fetch to automatically pay for premium API access across multiple services

The key advantage is that Claude sees all wallet state, understands DeFi protocols, and can execute multi-step operations autonomously while respecting your security policies.

Ready to give your Claude agent onchain superpowers? Get started at GitHub or visit the official documentation to explore advanced configuration options.

What's Next

These 45 MCP tools provide the foundation for sophisticated AI agent workflows. Explore advanced patterns like multi-wallet strategies, automated yield farming, and cross-protocol arbitrage as you build more complex onchain agents.

20 CLI Commands for Complete Self-Hosted AI Wallet Management

Wallet Guy — Thu, 30 Apr 2026 15:21:02 +0000

Self-hosted AI wallet management requires a command-line interface that balances security with simplicity, and WAIaaS delivers exactly that with 20 CLI commands designed for complete wallet infrastructure control. When you're managing crypto wallets for AI agents on your own infrastructure, you need tools that respect your sovereignty while providing enterprise-grade functionality. The alternative—trusting third parties with your agents' private keys—compromises the very principles that make crypto valuable in the first place.

Why Self-Hosted Wallet Management Matters

Running your own wallet infrastructure isn't just about privacy—it's about control. Third-party wallet services can rate-limit your API calls, freeze accounts based on algorithmic decisions, or simply disappear overnight. When your AI agents need to execute hundreds of transactions per day across multiple DeFi protocols, these limitations become operational risks.

Self-hosted solutions also eliminate the custody problem entirely. Your private keys never leave your server, your transaction policies are enforced locally, and you decide which networks and protocols your agents can access. It's the difference between renting someone else's infrastructure and owning your own.

The WAIaaS CLI: 20 Commands for Complete Control

WAIaaS provides a comprehensive CLI that handles everything from initial setup to production wallet management. Let's walk through the key commands organized by use case.

Installation and Setup Commands

The foundation starts with getting WAIaaS running on your infrastructure:

npm install -g @waiaas/cli
waiaas init                        # Create data directory + config.toml
waiaas start                       # Start daemon (sets master password on first run)
waiaas status                      # Check daemon health
waiaas stop                        # Graceful shutdown

The init command creates your local data directory and configuration file, establishing the foundation for your self-hosted setup. The start command launches the daemon process that handles all wallet operations, while status and stop give you operational control.

For completely automated deployment, you can use auto-provisioning:

waiaas init --auto-provision     # Generates random master password → recovery.key
waiaas start                     # No password prompt needed

Wallet Management Commands

Creating and managing wallets is where the CLI really shines:

waiaas wallet create --name "trading-bot" --chain solana --environment mainnet
waiaas wallet info <wallet-id>   # Display wallet details and address

The wallet create command supports both EVM and Solana chains across 18 different networks. Each wallet gets a unique identifier and can be configured with specific policies and permissions.

Session and Authentication Commands

WAIaaS uses a three-tier authentication system, and the CLI manages all aspects:

waiaas session prompt <wallet-id>    # Create session for AI agent
waiaas owner connect                 # Connect wallet owner for approvals
waiaas owner status                  # Check owner connection status
waiaas owner disconnect              # Disconnect owner
waiaas set-master                    # Update master password

The session system is crucial for AI agent operations. Sessions provide scoped access tokens that agents can use without exposing master credentials. The owner commands handle the human-in-the-loop approval system for high-value transactions.

Backup and Recovery Commands

Self-hosted infrastructure requires robust backup strategies:

waiaas backup create --output backup-$(date +%Y%m%d).tar.gz
waiaas backup list                   # Show available backups
waiaas backup inspect backup.tar.gz  # Verify backup contents
waiaas restore backup.tar.gz         # Restore from backup

These commands handle complete system state including wallets, policies, transaction history, and configuration. The backup format is portable across different WAIaaS installations.

Quick Setup Commands

For rapid deployment, WAIaaS provides convenience commands:

waiaas quickstart              # Interactive setup wizard
waiaas quickset --mode mainnet # Create wallets + MCP sessions in one step

The quickset command is particularly powerful—it creates both EVM and Solana wallets, generates session tokens, and outputs the complete MCP configuration for Claude Desktop integration.

Integration Commands

Modern AI workflows require seamless integration with AI frameworks:

waiaas mcp setup --all         # Auto-register all wallets with Claude Desktop
waiaas notification setup      # Configure push notifications
waiaas update                  # Update to latest version

The MCP setup command automatically configures Claude Desktop to use your self-hosted WAIaaS instance, eliminating manual JSON configuration.

Advanced CLI Features

Beyond the basic commands, the CLI provides sophisticated functionality for production deployments.

Docker Integration

While the CLI handles local development perfectly, production deployments often use Docker:

# The CLI works seamlessly with Docker deployments
docker run -d \
  --name waiaas \
  -p 127.0.0.1:3100:3100 \
  -v waiaas-data:/data \
  -e WAIAAS_AUTO_PROVISION=true \
  ghcr.io/minhoyoo-iotrust/waiaas:latest

# CLI can manage the containerized instance
waiaas status    # Works with Docker deployment
waiaas backup create    # Backs up containerized data

Policy Management via CLI

While policies can be managed through the REST API or admin UI, the CLI provides direct access for automation:

# Create spending limits via API using CLI-managed sessions
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <from-cli-setup>' \
  -d '{
    "walletId": "<from-wallet-create>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 10,
      "notify_max_usd": 100,
      "delay_max_usd": 1000,
      "delay_seconds": 300
    }
  }'

Session Token Management

The CLI makes it easy to generate and manage session tokens for multiple AI agents:

# Create dedicated sessions for different agents
waiaas session prompt $(waiaas wallet info --json | jq -r '.id') --name "trading-agent"
waiaas session prompt $(waiaas wallet info --json | jq -r '.id') --name "defi-manager"

Each session can have different policies and permissions, allowing fine-grained access control.

Quick Start: Self-Hosted AI Wallet in 5 Steps

Here's how to get a complete self-hosted AI wallet infrastructure running:

Install and Initialize

   npm install -g @waiaas/cli
   waiaas init --auto-provision
   waiaas start

Create Wallets and Sessions

   waiaas quickset --mode mainnet

Set Up AI Integration

   waiaas mcp setup --all

Test the Setup
Open Claude Desktop and ask: "Check my wallet balance"
Configure Backups

   waiaas backup create --output initial-backup.tar.gz

Your AI agents now have access to a fully self-hosted wallet infrastructure with 39 REST API endpoints, 45 MCP tools, and integration with 15 DeFi protocols.

Production Considerations

Self-hosting in production requires additional considerations:

Security Hardening

waiaas set-master    # Replace auto-generated password
rm recovery.key      # Remove auto-provision key after securing
waiaas backup create # Regular automated backups

Monitoring and Maintenance

waiaas status        # Health checks
waiaas backup list   # Verify backup schedule
waiaas update        # Keep current with security updates

Network Configuration

The default binding is 127.0.0.1:3100 for security. Production deployments should use reverse proxies and proper TLS termination.

What's Next

The CLI provides the foundation, but WAIaaS offers much more for self-hosters: Docker deployment with automatic updates, comprehensive backup systems, and integration with 15 DeFi protocols. Your self-hosted infrastructure can scale from simple token transfers to complex multi-protocol trading strategies.

Ready to take control of your AI agent's financial infrastructure? Clone the repository at https://github.com/minhoyoo-iotrust/WAIaaS and start with waiaas init. For complete documentation and deployment guides, visit https://waiaas.ai.

TypeScript SDK Deep Dive: 40+ Methods for AI Agent Wallet Control

Wallet Guy — Thu, 30 Apr 2026 08:37:37 +0000

Your Claude agent can browse the web, write code, and manage files. But can it swap tokens, check DeFi positions, or pay for its own API calls? WAIaaS TypeScript SDK gives AI agents everything they need for blockchain interactions through 40+ wallet control methods.

Why AI Agents Need Wallet SDKs

Most AI agents today can read from the blockchain but can't write to it. They can fetch token prices but can't execute trades. They can analyze DeFi protocols but can't manage positions. Without wallet functionality, agents remain observers rather than participants in the crypto economy.

The challenge isn't just technical — it's also about security. AI agents need the ability to transact, but with proper guardrails to prevent catastrophic mistakes. They need session-based authentication that can be revoked, spending limits that prevent ruination, and policy engines that encode human judgment.

WAIaaS TypeScript SDK: Full Wallet Control

The WAIaaS TypeScript SDK provides 40+ methods that transform AI agents from blockchain observers into active participants. Unlike simple RPC wrappers, it provides session authentication, built-in error handling, and integration with WAIaaS's policy engine.

Installation and Setup

npm install @waiaas/sdk

import { WAIaaSClient } from '@waiaas/sdk';

const client = new WAIaaSClient({
  baseUrl: 'http://127.0.0.1:3100',
  sessionToken: process.env.WAIAAS_SESSION_TOKEN,
});

The SDK requires a session token that you create once through the CLI or admin interface. Sessions can have TTLs, renewal limits, and absolute lifetimes — giving you precise control over how long agents can operate autonomously.

Core Wallet Methods

Every AI agent needs to know where it stands financially. The SDK provides comprehensive wallet introspection:

// Get native token balance
const balance = await client.getBalance();
console.log(`${balance.balance} ${balance.symbol}`);

// Get all token balances
const assets = await client.getAssets();
assets.forEach(asset => {
  console.log(`${asset.balance} ${asset.symbol} (${asset.usdValue} USD)`);
});

// Get wallet address
const address = await client.getAddress();
console.log(`Wallet: ${address}`);

These methods work across all 18 networks supported by WAIaaS, from Ethereum mainnet to Solana devnet.

Transaction Methods

The SDK handles 7 transaction types through a unified interface:

// Simple transfer
const tx = await client.sendToken({
  to: 'recipient-address',
  amount: '0.1',
});

// Token transfer with specific mint
const tokenTx = await client.sendToken({
  type: 'TokenTransfer',
  to: 'recipient-address',
  amount: '100',
  token: 'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v', // USDC
});

// Contract interaction
const contractTx = await client.executeTransaction({
  type: 'ContractCall',
  to: 'contract-address',
  data: '0x...',
  value: '0',
});

The SDK automatically handles chain-specific details like gas estimation on EVM chains and priority fees on Solana.

DeFi Integration Methods

Rather than building separate integrations for each protocol, the SDK provides a unified DeFi interface across 15 protocol providers:

// Get all DeFi positions
const positions = await client.getDeFiPositions();
positions.forEach(position => {
  console.log(`${position.protocol}: ${position.type} - ${position.value} USD`);
});

// Execute DeFi action (Jupiter swap example)
const swapResult = await client.executeAction('jupiter-swap', 'swap', {
  inputMint: 'So11111111111111111111111111111111111111112', // SOL
  outputMint: 'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v', // USDC
  amount: '1000000000', // 1 SOL
});

This works across protocols like Jupiter, Uniswap, Aave, Lido, and 11 others. The agent doesn't need to understand protocol-specific APIs.

Advanced Methods

The SDK includes specialized methods for complex use cases:

// Dry-run transactions before execution
const simulation = await client.simulateTransaction({
  type: 'Transfer',
  to: 'recipient',
  amount: '1.0',
  dryRun: true,
});

// Sign arbitrary messages
const signature = await client.signMessage('Hello, blockchain!');

// x402 HTTP payments — agent pays for API calls automatically
const response = await client.x402Fetch('https://api.example.com/premium-endpoint');

The x402 method is particularly powerful — it lets agents pay for premium APIs automatically when they encounter HTTP 402 (Payment Required) responses.

Error Handling

The SDK provides structured error handling with specific error codes:

import { WAIaaSClient, WAIaaSError } from '@waiaas/sdk';

try {
  const tx = await client.sendToken({ to: '...', amount: '1000.0' });
} catch (error) {
  if (error instanceof WAIaaSError) {
    switch (error.code) {
      case 'INSUFFICIENT_BALANCE':
        console.log('Not enough funds');
        break;
      case 'POLICY_DENIED':
        console.log('Blocked by spending limit');
        break;
      case 'TOKEN_EXPIRED':
        console.log('Session expired, need to refresh');
        break;
    }
  }
}

This allows agents to make intelligent decisions when transactions fail — like trying smaller amounts when hitting spending limits.

Transaction Lifecycle Management

Unlike simple send-and-forget APIs, the SDK helps agents manage the complete transaction lifecycle:

// Submit transaction
const result = await client.sendToken({
  to: 'recipient-address',
  amount: '0.1',
});

// Poll for confirmation
const POLL_TIMEOUT_MS = 60_000;
const startTime = Date.now();

while (Date.now() - startTime < POLL_TIMEOUT_MS) {
  const tx = await client.getTransaction(result.id);

  if (tx.status === 'COMPLETED') {
    console.log(`Confirmed! Hash: ${tx.txHash}`);
    break;
  }

  if (tx.status === 'FAILED') {
    console.error(`Failed: ${tx.error}`);
    break;
  }

  // Still pending, wait and retry
  await new Promise(resolve => setTimeout(resolve, 2000));
}

This pattern is essential for agents that need to know when transactions actually settle before proceeding.

Integration with Policy Engine

The SDK automatically enforces the 21 policy types configured in WAIaaS. When an agent attempts a transaction that violates policy, the SDK returns structured information about why it was blocked:

try {
  await client.sendToken({ to: 'unknown-address', amount: '100' });
} catch (error) {
  if (error.code === 'POLICY_DENIED') {
    // Could be SPENDING_LIMIT, WHITELIST, ALLOWED_TOKENS, etc.
    console.log(`Blocked by policy: ${error.message}`);
  }
}

This allows agents to adapt their behavior based on policy constraints rather than blindly retrying failed transactions.

Real Agent Example

Here's how an AI trading agent might use multiple SDK methods together:

async function tradingAgent() {
  // 1. Check current positions
  const balance = await client.getBalance();
  const positions = await client.getDeFiPositions();

  console.log(`Current balance: ${balance.balance} ${balance.symbol}`);
  console.log(`Active DeFi positions: ${positions.length}`);

  // 2. Decide if we should trade (agent logic here)
  if (shouldSwapToUSDC(balance, positions)) {
    try {
      // 3. Execute swap with dry-run first
      const simulation = await client.executeAction('jupiter-swap', 'swap', {
        inputMint: 'So11111111111111111111111111111111111111112',
        outputMint: 'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v',
        amount: (parseFloat(balance.balance) * 0.1).toString(),
        dryRun: true,
      });

      if (simulation.success) {
        // 4. Execute for real
        const swap = await client.executeAction('jupiter-swap', 'swap', {
          inputMint: 'So11111111111111111111111111111111111111112',
          outputMint: 'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v',
          amount: (parseFloat(balance.balance) * 0.1).toString(),
        });

        console.log(`Swap initiated: ${swap.id}`);
      }
    } catch (error) {
      console.error(`Trading failed: ${error.message}`);
    }
  }
}

Quick Start: Add Wallet to Your Agent

Step 1: Install and start WAIaaS

npm install -g @waiaas/cli
waiaas init && waiaas start
waiaas quickset --mode mainnet

Step 2: Install SDK in your agent project

npm install @waiaas/sdk

Step 3: Add wallet functionality

import { WAIaaSClient } from '@waiaas/sdk';

const wallet = new WAIaaSClient({
  baseUrl: 'http://127.0.0.1:3100',
  sessionToken: process.env.WAIAAS_SESSION_TOKEN,
});

// Your agent can now check balances, send tokens, interact with DeFi

Step 4: Set spending policies

waiaas policy add --type SPENDING_LIMIT --instant 10 --notify 100 --delay 1000

Step 5: Test with a simple balance check

const balance = await wallet.getBalance();
console.log(`Agent wallet: ${balance.balance} ${balance.symbol}`);

Ready to give your AI agents the financial tools they need? Check out the GitHub repository for the complete codebase or visit waiaas.ai to get started. Your agents are about to become a lot more capable.

Docker Compose for Crypto Wallets: Self-Hosted AI Agent Infrastructure

Wallet Guy — Wed, 29 Apr 2026 15:25:35 +0000

Docker Compose makes it possible to run your own crypto wallet infrastructure for AI agents in just one command, giving you complete control over your private keys without trusting any third-party service. Self-hosted wallet infrastructure eliminates custody risks while providing unlimited API access without rate limits or monthly fees.

Why Self-Custody Matters for AI Agents

When your AI agents handle real money, custody becomes critical. Hosted wallet services create a fundamental contradiction: you're building autonomous agents while surrendering control to centralized providers. Every transaction flows through someone else's infrastructure, subject to their terms, rate limits, and potential service interruptions.

Self-hosting puts you back in control. Your private keys never leave your server. Your transaction policies run on your hardware. Your AI agents operate with the sovereignty that crypto was designed to enable. It's the difference between renting computational power and owning your infrastructure.

WAIaaS: Docker-First Wallet Infrastructure

WAIaaS delivers enterprise-grade wallet functionality through a 15-package monorepo designed for self-hosting. The Docker deployment supports 2 Docker images (the main daemon plus push-relay for notifications), auto-provision for zero-touch setup, and production secrets overlay via docker-compose.secrets.yml.

The architecture provides 39 REST API route modules accessible through a simple session-based authentication system. AI agents authenticate with JWT tokens while owners retain ultimate control through cryptographic signatures. This separation lets you grant spending permissions without giving up custody.

Quick Start: Zero to Running

Clone and start — that's it:

git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
cd WAIaaS
docker compose up -d

For completely hands-off deployment with auto-generated credentials:

docker run -d \
  --name waiaas \
  -p 127.0.0.1:3100:3100 \
  -v waiaas-data:/data \
  -e WAIAAS_AUTO_PROVISION=true \
  ghcr.io/minhoyoo-iotrust/waiaas:latest

# Retrieve auto-generated master password
docker exec waiaas cat /data/recovery.key

The default port binding (127.0.0.1:3100:3100) keeps your API private to localhost unless you explicitly expose it. Auto-provision generates a secure master password and saves it to /data/recovery.key for later hardening.

Production Deployment with Secrets

For production environments, use Docker Secrets to avoid environment variable exposure:

# Create secret files
mkdir -p secrets
echo "your-secure-password" > secrets/master_password.txt
chmod 600 secrets/master_password.txt

# Deploy with secrets overlay
docker compose -f docker-compose.yml -f docker-compose.secrets.yml up -d

The secrets overlay supports production patterns like external secret management and automated rotation. The daemon runs as non-root (UID 1001) with healthcheck endpoints and restart policies.

Multi-Chain Support Out of the Box

WAIaaS supports 2 chain types (evm, solana) across 18 networks, from Ethereum mainnet to Solana devnet. Chain configuration happens through environment variables:

WAIAAS_RPC_SOLANA_MAINNET=https://api.mainnet-beta.solana.com
WAIAAS_RPC_EVM_ETHEREUM_MAINNET=https://eth-mainnet.g.alchemy.com/v2/YOUR-KEY
WAIAAS_DAEMON_PORT=3100
WAIAAS_DAEMON_LOG_LEVEL=info

No external dependencies beyond your chosen RPC providers. You can use public endpoints for testing or private RPC services for production workloads.

Policy-Driven Security

Self-hosting doesn't mean self-endangering. WAIaaS includes a sophisticated policy engine with 21 policy types and 4 security tiers (INSTANT/NOTIFY/DELAY/APPROVAL) that let you define exactly what your AI agents can do.

Create spending limits that escalate based on transaction size:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 10,
      "notify_max_usd": 100,
      "delay_max_usd": 1000,
      "delay_seconds": 300,
      "daily_limit_usd": 500,
      "monthly_limit_usd": 5000
    }
  }'

The policy system follows default-deny enforcement — transactions are blocked unless explicitly allowed by ALLOWED_TOKENS or CONTRACT_WHITELIST policies. This prevents your agents from interacting with unknown contracts or tokens without your approval.

Time-based restrictions, rate limiting, and network restrictions provide additional guardrails. Your agents operate within bounds you define, with escalation paths for larger transactions.

API-First Architecture

The 39 REST API endpoints expose every wallet function through consistent HTTP interfaces. AI agents authenticate with session tokens and interact through standard HTTP:

# Check wallet balance (sessionAuth)
curl http://127.0.0.1:3100/v1/wallet/balance \
  -H "Authorization: Bearer wai_sess_eyJhbGciOiJIUzI1NiJ9..."

# Execute DeFi action (sessionAuth)
curl -X POST http://127.0.0.1:3100/v1/actions/jupiter-swap/swap \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "inputMint": "So11111111111111111111111111111111111111112",
    "outputMint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
    "amount": "1000000000"
  }'

The API includes OpenAPI 3.0 spec auto-generated at /doc with interactive Scalar API reference UI at /reference. Standard error codes and consistent response formats make integration straightforward.

The 7-stage transaction pipeline (validate, auth, policy, wait, execute, confirm) provides full visibility into transaction state. Dry-run API support lets you test transactions before execution.

DeFi Integration Without Vendor Lock-in

WAIaaS integrates 15 DeFi protocol providers covering swaps, lending, staking, and bridges. Your agents can interact with Jupiter, Aave, Lido, Hyperliquid, and other major protocols without depending on external aggregator APIs.

curl -X POST http://127.0.0.1:3100/v1/actions/lido-staking/stake \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{"amount": "1000000000000000000"}'

Cross-chain bridging via LI.FI and Across protocols enables multi-chain strategies. Liquid staking via Lido (EVM) and Jito (Solana) generates yield. Hyperliquid integration provides perpetual futures, spot trading, and sub-accounts.

All DeFi interactions respect your policy constraints and follow the same authentication model. No separate API keys or external service dependencies.

Monitoring and Observability

The Admin Web UI (Preact) provides wallet management, policy editor, and DeFi positions dashboard through a clean interface at /admin. Real-time monitoring shows transaction status, policy violations, and system health.

Incoming transaction monitoring with real-time notifications ensures you know when funds arrive. Push notifications through Telegram or custom webhooks keep you informed of significant events.

Structured logging and health check endpoints support standard monitoring tools. The Docker healthcheck uses curl -f http://localhost:3100/health with configurable intervals.

Quick Start: From Zero to AI Agent Trading

Here's how to get a trading AI agent running against your self-hosted infrastructure:

1. Deploy WAIaaS

git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
cd WAIaaS
docker compose up -d

2. Create Wallet and Session

# Install CLI
npm install -g @waiaas/cli

# Quick setup with auto-generated wallets
waiaas init --auto-provision
waiaas start
waiaas quickset --mode mainnet

3. Configure Policies

# Set spending limits for safety
waiaas policy create spending-limit \
  --instant-max 10 \
  --daily-limit 500

4. Connect Your AI Agent

# Install SDK in your AI agent project
npm install @waiaas/sdk

import { WAIaaSClient } from '@waiaas/sdk';

const client = new WAIaaSClient({
  baseUrl: 'http://127.0.0.1:3100',
  sessionToken: process.env.WAIAAS_SESSION_TOKEN,
});

// Your agent can now trade autonomously within policy limits
const balance = await client.getBalance();
const positions = await client.getDeFiPositions();

5. Scale and Monitor

Access the admin dashboard at http://localhost:3100/admin to monitor positions and adjust policies as your agent's strategy evolves.

Self-hosted wallet infrastructure gives you the foundation to build sophisticated AI trading systems without custody compromises. Your keys, your server, your rules.

What's Next

Self-hosting WAIaaS puts you in complete control of your AI agent's financial infrastructure while maintaining enterprise-grade security and DeFi access. Check out the full documentation and source code at https://github.com/minhoyoo-iotrust/WAIaaS, or visit https://waiaas.ai to explore the complete platform capabilities.

Automated Perpetual Trading on Solana: Building Drift Protocol Bots

Wallet Guy — Wed, 29 Apr 2026 08:36:20 +0000

Building high-performance perpetual trading bots on Solana requires more than just market strategies — you need infrastructure that can execute trades instantly, manage risk automatically, and handle complex DeFi operations across multiple protocols. Most developers end up building fragile wallet management, gas optimization, and approval flows from scratch instead of focusing on their trading logic.

When your arbitrage bot spots a price discrepancy between Drift perpetuals and Jupiter spot prices, milliseconds matter. You need infrastructure that can execute multi-step trades (spot buy → perp hedge → position management) without manual intervention or approval delays. Traditional wallet setups create bottlenecks: separate RPC connections, manual transaction signing, no risk controls, and zero visibility into cross-protocol positions.

Why Infrastructure Matters for Trading Bots

Successful trading bots operate in an environment where speed and reliability directly impact profitability. A 100ms delay can mean the difference between capturing an arbitrage opportunity and missing it entirely. Beyond speed, your bot needs sophisticated risk management — spending limits, position size controls, and emergency kill switches that activate automatically without destroying profitable strategies.

Most importantly, modern DeFi strategies span multiple protocols. Your bot might need to swap tokens on Jupiter, open leveraged positions on Drift, provide liquidity to Kamino, and bridge assets via LI.FI — all in coordinated sequences. Managing separate integrations for each protocol creates complexity that scales exponentially with your strategy sophistication.

WAIaaS for High-Performance Trading Infrastructure

WAIaaS provides a unified API that handles all wallet operations, transaction management, and cross-protocol coordination. Your trading bot makes standard HTTP calls while WAIaaS manages gas optimization, transaction sequencing, and risk enforcement behind the scenes.

Here's how a typical perpetual trading bot looks with WAIaaS handling the infrastructure:

import { WAIaaSClient } from '@waiaas/sdk';

const client = new WAIaaSClient({
  baseUrl: 'http://127.0.0.1:3100',
  sessionToken: process.env.WAIAAS_SESSION_TOKEN,
});

// Step 1: Check current positions across all DeFi protocols
const positions = await client.getDeFiPositions();
const driftPosition = positions.find(p => p.protocol === 'drift');

// Step 2: Execute Jupiter swap for position hedging
const swapResult = await client.executeAction('jupiter-swap', 'swap', {
  inputMint: 'So11111111111111111111111111111111111111112', // SOL
  outputMint: 'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v', // USDC
  amount: '1000000000', // 1 SOL
  slippageBps: 50
});

// Step 3: Open Drift perp position
const perpResult = await client.executeAction('drift', 'open_position', {
  marketIndex: 0, // SOL-PERP
  direction: 'long',
  baseAmount: '500000000', // 0.5 SOL
  leverage: 5
});

console.log(`Swap: ${swapResult.id}, Perp: ${perpResult.id}`);

The power here is that your bot doesn't need to manage Solana RPC connections, transaction signing, or protocol-specific SDKs. WAIaaS handles 15 DeFi protocols through a unified interface, including Drift for perpetuals and Jupiter for spot trading.

Setting Up Gas-Conditional Trading

One of the biggest advantages for automated trading is gas-conditional execution. Your bot can queue transactions that only execute when gas prices meet your profitability thresholds:

curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "TRANSFER",
    "to": "recipient-address",
    "amount": "0.1",
    "gasCondition": {
      "maxGasPrice": "0.00001",
      "timeout": 3600
    }
  }'

This transaction will wait up to 1 hour for gas prices to drop below 0.00001 SOL before executing. For high-frequency strategies, this can dramatically improve profitability by avoiding execution during gas spikes.

Risk Management with Policy Engine

Trading bots need sophisticated risk controls that activate automatically. WAIaaS provides 21 policy types with 4 security tiers. Here's how to set up position size limits for a Drift trading bot:

curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "PERP_MAX_POSITION_USD",
    "rules": {
      "maxPositionUsd": 10000
    }
  }'

You can also set spending limits that automatically escalate to human approval for large trades:

curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 1000,
      "notify_max_usd": 5000,
      "delay_max_usd": 10000,
      "delay_seconds": 300,
      "daily_limit_usd": 50000
    }
  }'

This creates a 4-tier system: trades under $1000 execute instantly, $1000-$5000 trigger notifications, $5000-$10000 add a 5-minute delay (cancellable), and anything above $10000 requires manual approval.

Multi-Protocol Arbitrage Bot Example

Here's a more sophisticated example showing how to build an arbitrage bot that trades across Jupiter (spot) and Drift (perpetuals):

async function checkArbitrageOpportunity() {
  // Get current positions to check exposure
  const positions = await client.getDeFiPositions();
  const currentExposure = positions
    .filter(p => p.protocol === 'drift')
    .reduce((sum, p) => sum + parseFloat(p.value_usd || '0'), 0);

  if (currentExposure > 50000) {
    console.log('Max exposure reached, skipping trade');
    return;
  }

  // Check if gas is acceptable before executing
  const gasPrice = await client.getCurrentGasPrice();
  if (gasPrice > 0.00005) {
    console.log('Gas too high, queuing conditional order');
    return await client.sendToken({
      type: 'TRANSFER',
      to: 'target-address',
      amount: '1.0',
      gasCondition: { maxGasPrice: '0.00002', timeout: 1800 }
    });
  }

  // Execute the arbitrage sequence
  const results = await Promise.allSettled([
    // Buy spot on Jupiter
    client.executeAction('jupiter-swap', 'swap', {
      inputMint: 'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v',
      outputMint: 'So11111111111111111111111111111111111111112',
      amount: '1000000000'
    }),
    // Short perp on Drift
    client.executeAction('drift', 'open_position', {
      marketIndex: 0,
      direction: 'short',
      baseAmount: '1000000000',
      leverage: 2
    })
  ]);

  return results;
}

Docker Deployment for Production Bots

For production trading bots, you need reliable infrastructure that survives server restarts and automatically recovers from failures. WAIaaS provides Docker deployment with health checks and auto-restart:

# Clone and start — that's it
git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
cd WAIaaS
docker compose up -d

The Docker setup includes automatic health checks, data persistence, and watchtower integration for automatic updates. Your trading bot can connect to the WAIaaS API endpoint and continue operating even if the underlying infrastructure restarts.

For production secrets management, use the Docker Secrets overlay:

# Create secret files
mkdir -p secrets
echo "your-secure-master-password" > secrets/master_password.txt
chmod 600 secrets/master_password.txt

# Deploy with secrets
docker compose -f docker-compose.yml -f docker-compose.secrets.yml up -d

Quick Start: Your First Trading Bot

Here are the minimal steps to get a Drift trading bot running:

Step 1: Install and start WAIaaS

npm install -g @waiaas/cli
waiaas init --auto-provision
waiaas start
waiaas quickset --mode mainnet

Step 2: Create a Solana wallet and session

# The quickset command above already created wallets
# Check your session tokens:
cat ~/.waiaas/sessions.json

Step 3: Set up risk policies

waiaas policy create --type SPENDING_LIMIT --instant-max-usd 500
waiaas policy create --type PERP_MAX_LEVERAGE --max-leverage 10

Step 4: Install the SDK and start trading

npm install @waiaas/sdk

Step 5: Copy your session token and build your first strategy using the code examples above.

What's Next

With WAIaaS handling your wallet infrastructure, you can focus entirely on strategy development and market analysis. The unified API eliminates the complexity of managing multiple protocol SDKs, while the policy engine ensures your bot operates within defined risk parameters automatically.

Ready to build your high-performance trading infrastructure? Get started at GitHub or explore the full documentation at waiaas.ai.

Add One JSON Block: Give Claude Desktop a Multi-Chain Wallet

Wallet Guy — Tue, 28 Apr 2026 15:33:23 +0000

One JSON block in your Claude Desktop config gives your agent a multi-chain wallet with 45 tools for DeFi, NFTs, and onchain actions. WAIaaS provides the first MCP server specifically built for blockchain operations, turning Claude into a crypto-native agent in minutes.

Why MCP Changes Everything for Onchain AI

Model Context Protocol (MCP) bridges the gap between AI reasoning and external systems. Claude can analyze, plan, and execute — but it needs tools to interact with blockchains. Without MCP, you're stuck copying wallet addresses and transaction hashes between Claude and your wallet app.

With WAIaaS's MCP integration, Claude directly calls wallet functions, checks DeFi positions, and executes swaps. No more context switching. Your agent becomes truly autonomous onchain.

The One-Line Solution

WAIaaS runs as an MCP server that Claude Desktop connects to automatically. Add this block to your claude_desktop_config.json:

{
  "mcpServers": {
    "waiaas": {
      "command": "npx",
      "args": ["-y", "@waiaas/mcp"],
      "env": {
        "WAIAAS_BASE_URL": "http://127.0.0.1:3100",
        "WAIAAS_SESSION_TOKEN": "wai_sess_<your-token>",
        "WAIAAS_DATA_DIR": "~/.waiaas"
      }
    }
  }
}

That's it. Claude now has 45 MCP tools spanning wallet operations, DeFi protocols, NFT management, and x402 micropayments.

What Claude Can Do After MCP Setup

Once connected, Claude gains access to multi-chain wallet capabilities:

Wallet Operations

Check balances across Ethereum, Solana, and 18 networks
Send native tokens and ERC-20/SPL tokens
Sign transactions and messages
View transaction history

DeFi Protocols
Claude can interact with 15 integrated protocols:

Swaps: Jupiter (Solana), 0x Protocol (EVM)
Lending: Aave v3 with health factor monitoring
Staking: Lido (Ethereum), Jito (Solana)
Bridging: LI.FI cross-chain, Across protocol
Trading: Hyperliquid perpetuals, Polymarket predictions

Advanced Features

NFT Support: Transfer and metadata lookup for ERC-721/1155 and Metaplex
Account Abstraction: ERC-4337 UserOp building and gasless transactions
x402 Payments: Automatic API payment handling for paid services

Ask Claude: "Check my DeFi positions and rebalance if my Aave health factor is below 2.0"

Claude responds by:

Calling get-defi-positions to fetch lending data
Analyzing health factors across positions
If needed, calling action-provider with Aave repayment actions
Executing transactions through the session-authenticated wallet

Multi-Wallet MCP Configuration

For agents managing multiple wallets, configure separate MCP servers:

{
  "mcpServers": {
    "waiaas-trading": {
      "command": "npx",
      "args": ["-y", "@waiaas/mcp"],
      "env": {
        "WAIAAS_BASE_URL": "http://127.0.0.1:3100",
        "WAIAAS_AGENT_ID": "019c47d6-51ef-7f43-a76b-d50e875d95f4",
        "WAIAAS_AGENT_NAME": "trading-agent",
        "WAIAAS_DATA_DIR": "~/.waiaas"
      }
    },
    "waiaas-defi": {
      "command": "npx",
      "args": ["-y", "@waiaas/mcp"],
      "env": {
        "WAIAAS_BASE_URL": "http://127.0.0.1:3100",
        "WAIAAS_AGENT_ID": "019c4cd2-86e8-758f-a61e-9c560307c788",
        "WAIAAS_AGENT_NAME": "defi-wallet",
        "WAIAAS_DATA_DIR": "~/.waiaas"
      }
    }
  }
}

Each MCP server connects to a different WAIaaS wallet, allowing Claude to manage specialized portfolios with isolated permissions.

Security Through Policy Engine

WAIaaS enforces 21 policy types across 4 security tiers to keep AI agents safe:

INSTANT: Small transactions execute immediately
NOTIFY: Medium transactions execute with notifications
DELAY: Large transactions wait 15 minutes (cancellable)
APPROVAL: Huge transactions require human approval

Default-deny policies block unauthorized actions. ALLOWED_TOKENS and CONTRACT_WHITELIST policies ensure agents only interact with approved contracts.

Example policy restricting Claude to $100 instant swaps:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT", 
    "rules": {
      "instant_max_usd": 100,
      "delay_max_usd": 1000,
      "delay_seconds": 900
    }
  }'

Quick Start: Claude + Wallet in 5 Steps

Install WAIaaS CLI

npm install -g @waiaas/cli

Initialize and start daemon

waiaas init
waiaas start
waiaas quickset --mode mainnet  # Creates wallets + MCP sessions

Auto-register MCP

waiaas mcp setup --all

Fund your wallet
Transfer some ETH/SOL to the generated wallet address.
Test in Claude Desktop
Ask Claude: "What's my wallet balance?" and watch it call the MCP tools directly.

The quickset command creates both Ethereum and Solana wallets with MCP sessions, then outputs the exact JSON config for Claude Desktop.

Real-World MCP Use Cases

Portfolio Rebalancing Agent
"Check all my DeFi positions. If any protocol has over 40% allocation, rebalance by moving excess to Aave USDC lending."

Claude automatically:

Calls get-defi-positions across all 15 protocols
Calculates allocation percentages
Executes withdraw/deposit actions to rebalance
Reports final allocation

Cross-Chain Arbitrage
"Monitor USDC prices on Ethereum vs Solana. If spread exceeds 0.1%, bridge and arbitrage."

Claude uses:

get-balance on both chains via separate MCP servers
Price checking through DeFi position APIs
LI.FI bridging when profitable spreads appear

NFT Collection Management
"List all my NFTs. If any have floor prices 2x above purchase price, create OpenSea listings."

The MCP tools handle:

list-nfts with metadata caching
Floor price analysis through external APIs
transfer-nft calls for marketplace interactions

Advanced MCP Integration Patterns

WAIaaS MCP servers support complex agent workflows through tool chaining:

Dry-Run Before Execute

// Claude can simulate transactions first
await client.callTool('simulate-transaction', {
  type: 'TRANSFER',
  to: 'recipient-address', 
  amount: '1.0',
  dryRun: true
});
// Then execute if simulation succeeds

Batch Operations

// Group multiple operations into single transaction
await client.callTool('send-batch', {
  transactions: [
    { type: 'APPROVE', spender: 'uniswap-router', amount: '1000' },
    { type: 'CONTRACT_CALL', to: 'uniswap-router', data: '0x...' }
  ]
});

x402 Micropayments

// Claude automatically pays for premium APIs
await client.callTool('x402-fetch', {
  url: 'https://premium-api.com/data',
  method: 'GET'
});
// WAIaaS handles 402 Payment Required responses transparently

What's Next

You've given Claude a multi-chain wallet through MCP, but that's just the beginning. Explore the 39 REST API routes for custom integrations, or try the TypeScript/Python SDKs for building dedicated trading bots.

Ready to make Claude crypto-native? Get WAIaaS from GitHub, or visit the official site for comprehensive documentation and examples.

Self-Hosting AI Agent Wallets: Production Docker Setup with Secrets and Auto-Updates

Wallet Guy — Tue, 28 Apr 2026 08:41:55 +0000

Self-hosting AI agent wallets gives you complete control over your private keys and transaction policies without relying on third-party custody services. With production-grade Docker deployment, you can run a Wallet-as-a-Service infrastructure that handles secrets management, automatic updates, and secure multi-agent authentication — all from your own server.

Why Self-Hosting Matters for AI Agent Wallets

When AI agents control real money, the stakes couldn't be higher. Hosted wallet services mean trusting a third party with your private keys, dealing with API rate limits, and accepting their terms of service. Self-hosting puts you back in control: your keys stay on your hardware, your policies run on your infrastructure, and your agents operate without external dependencies.

WAIaaS provides production-ready Docker deployment with enterprise features like Docker Secrets integration, automatic health checks, and watchtower compatibility for seamless updates. This isn't just a development setup — it's designed for real money and real agents.

Production Docker Setup: Beyond the Basics

Quick Start with Docker Compose

The simplest way to get started is cloning and running:

# Clone and start — that's it
git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
cd WAIaaS
docker compose up -d

This uses the default Docker image ghcr.io/minhoyoo-iotrust/waiaas:latest with port binding on 127.0.0.1:3100:3100. The container runs as non-root user (UID 1001) with a named volume for data persistence.

Production Secrets Management

For production deployments, you need proper secrets management. WAIaaS supports Docker Secrets through a production overlay configuration:

# Create secret files
mkdir -p secrets
echo "your-secure-password" > secrets/master_password.txt
chmod 600 secrets/master_password.txt

# Deploy with secrets overlay
docker compose -f docker-compose.yml -f docker-compose.secrets.yml up -d

The secrets overlay (docker-compose.secrets.yml) mounts secret files from your host system, keeping sensitive data out of environment variables and image layers. This follows security best practices for containerized applications handling financial data.

Auto-Provisioning for Headless Deployment

When deploying to headless servers, manual password setup isn't practical. WAIaaS includes auto-provisioning that generates a secure master password automatically:

docker run -d \
  --name waiaas \
  -p 127.0.0.1:3100:3100 \
  -v waiaas-data:/data \
  -e WAIAAS_AUTO_PROVISION=true \
  ghcr.io/minhoyoo-iotrust/waiaas:latest

# Retrieve auto-generated master password
docker exec waiaas cat /data/recovery.key

The auto-generated password is cryptographically secure and stored in /data/recovery.key. After initial setup, you can change to a known password and delete the recovery key file.

Health Checks and Monitoring

Production deployments need proper health monitoring. The Docker configuration includes comprehensive health checks:

healthcheck:
  test: ["CMD", "curl", "-f", "http://localhost:3100/health"]
  interval: 30s
  timeout: 5s
  start_period: 10s
  retries: 3

This monitors the HTTP API endpoint every 30 seconds. Failed health checks trigger container restart through the restart: unless-stopped policy. The health endpoint validates that the daemon is running and the 39 REST API route modules are responsive.

Automatic Updates with Watchtower

For production systems managing real funds, staying updated is critical for security patches. WAIaaS containers are compatible with watchtower for automatic updates:

# Add to your docker-compose.yml
services:
  watchtower:
    image: containrrr/watchtower
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    command: --interval 3600 --cleanup

Watchtower checks for new images hourly and performs rolling updates. Since WAIaaS uses named volumes for data persistence, updates preserve all wallet data, policies, and session tokens.

Multi-Service Architecture

Production deployments often need additional services. WAIaaS supports 2 Docker images: the main daemon plus an optional push-relay service for mobile notifications:

services:
  daemon:
    image: ghcr.io/minhoyoo-iotrust/waiaas:latest
    # ... configuration

  push-relay:
    image: ghcr.io/minhoyoo-iotrust/waiaas-push-relay:latest
    environment:
      - WAIAAS_DAEMON_URL=http://daemon:3100
    depends_on:
      - daemon

The push-relay service handles 3 signing channels: push notifications, Telegram integration, and WalletConnect for owner approval of high-value transactions. This separation keeps the core daemon lightweight while supporting advanced notification workflows.

Environment Configuration for Production

Production deployments need proper RPC endpoints and logging configuration:

# Core settings
WAIAAS_AUTO_PROVISION=true              # Auto-generate master password on first start
WAIAAS_DAEMON_PORT=3100                 # Listening port
WAIAAS_DAEMON_HOSTNAME=0.0.0.0         # Bind address
WAIAAS_DAEMON_LOG_LEVEL=info            # Log level (trace/debug/info/warn/error)
WAIAAS_DATA_DIR=/data                   # Data directory

# RPC endpoints for mainnet operations
WAIAAS_RPC_SOLANA_MAINNET=<url>         # Solana mainnet RPC endpoint
WAIAAS_RPC_EVM_ETHEREUM_MAINNET=<url>   # Ethereum mainnet RPC endpoint

Using dedicated RPC endpoints (Alchemy, QuickNode, or self-hosted) is essential for production reliability. Free public endpoints have rate limits that will cause transaction failures under load.

Security Hardening

Self-hosted deployments should implement additional security layers:

Network Security: Bind to localhost (127.0.0.1:3100:3100) and use a reverse proxy (nginx/Caddy) with TLS termination for external access. This keeps the raw HTTP daemon isolated from the internet.

File Permissions: WAIaaS runs as UID 1001 (non-root) inside the container. Ensure your data volume has appropriate ownership:

# Set proper ownership for data volume
sudo chown -R 1001:1001 /path/to/waiaas-data

Firewall Configuration: Limit access to essential ports only. The daemon only needs port 3100 for API access. Block all other ports unless specifically required for your setup.

Backup Strategy: The data directory contains private keys and transaction history. Implement automated backups with encryption:

# Backup script example
docker exec waiaas tar czf - /data | gpg --encrypt -r your-key@example.com > waiaas-backup-$(date +%Y%m%d).tar.gz.gpg

Quick Production Setup

Here's a minimal 5-step production deployment:

Clone and configure secrets:

   git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
   cd WAIaaS
   mkdir secrets
   openssl rand -base64 32 > secrets/master_password.txt
   chmod 600 secrets/master_password.txt

Set production environment variables:

   cp .env.example .env
   # Edit .env with your RPC endpoints and log level

Deploy with secrets overlay:

   docker compose -f docker-compose.yml -f docker-compose.secrets.yml up -d

Verify health and create first wallet:

   curl http://127.0.0.1:3100/health
   # Should return {"status": "ok"}

Set up reverse proxy and TLS (nginx example):

   server {
       listen 443 ssl;
       server_name wallet-api.yourdomain.com;

       location / {
           proxy_pass http://127.0.0.1:3100;
           proxy_set_header Host $host;
           proxy_set_header X-Real-IP $remote_addr;
       }
   }

The self-hosted approach gives you complete sovereignty over your AI agents' financial infrastructure. With proper secrets management, automatic updates, and security hardening, you can run a production-grade wallet service that scales from single agents to entire agent fleets.

What's Next

Ready to deploy your own AI agent wallet infrastructure? Check out the complete documentation on GitHub for advanced configuration options, or visit waiaas.ai to explore the full platform capabilities. Your keys, your server, your rules.

15 Networks, 2 Chain Types: Building Multi-Chain AI Agent Infrastructure

Wallet Guy — Mon, 27 Apr 2026 15:16:45 +0000

Your AI agent can analyze markets, generate trading strategies, and even write smart contracts. But when it comes to actually executing trades across multiple blockchains, it hits a wall. Most AI agent frameworks lack the wallet infrastructure needed to interact with the diverse ecosystem of 18+ networks that power modern DeFi, from Ethereum and Solana mainnet to Layer 2s and specialized chains.

Why Multi-Chain Matters for AI Agents

The blockchain landscape isn't a single network anymore. Your AI agent might need to:

Swap tokens on Jupiter (Solana) then bridge to Ethereum via LI.FI
Monitor positions across Aave (Ethereum), Drift (Solana), and Hyperliquid (custom L1)
Stake SOL on Jito, ETH on Lido, and trade prediction markets on Polymarket (Polygon)
Pay for API calls using different tokens based on the cheapest gas fees

Each network has different wallet formats, transaction structures, and signing mechanisms. Building this infrastructure from scratch means months of integration work before your AI agent can execute its first trade.

The Multi-Chain Wallet Infrastructure Solution

WAIaaS solves this by providing a single REST API that abstracts away blockchain complexity. Your AI agent gets one session token that works across 2 chain types (EVM and Solana) spanning 18 networks, with 39 REST API endpoints handling everything from simple transfers to complex DeFi operations.

Here's how an AI agent checks balances across multiple chains:

# One API call, multiple networks
curl http://127.0.0.1:3100/v1/wallet/balance \
  -H "Authorization: Bearer wai_sess_eyJhbGciOiJIUzI1NiJ9..."

# Returns balances from all configured networks:
# {
#   "solana-mainnet": {"balance": "1.5", "symbol": "SOL"},
#   "ethereum-mainnet": {"balance": "0.8", "symbol": "ETH"},
#   "polygon-mainnet": {"balance": "100", "symbol": "MATIC"}
# }

Universal DeFi Access

Instead of integrating with 15+ protocols individually, your AI agent can access them through standardized action providers:

# Swap on Jupiter (Solana) 
curl -X POST http://127.0.0.1:3100/v1/actions/jupiter-swap/swap \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "inputMint": "So11111111111111111111111111111111111111112",
    "outputMint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
    "amount": "1000000000"
  }'

# Bridge to Ethereum via LI.FI
curl -X POST http://127.0.0.1:3100/v1/actions/lifi/bridge \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "fromChain": "solana",
    "toChain": "ethereum", 
    "fromToken": "USDC",
    "toToken": "USDC",
    "amount": "100"
  }'

# Lend on Aave (Ethereum)
curl -X POST http://127.0.0.1:3100/v1/actions/aave-v3/supply \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "asset": "USDC",
    "amount": "50",
    "onBehalfOf": "0x..."
  }'

Policy-Based Security Across Chains

The 21 policy types work across all networks. Set a spending limit once, and it applies whether your agent is trading on Solana or Ethereum:

curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 100,
      "daily_limit_usd": 1000
    }
  }'

This policy automatically applies USD-equivalent limits across SOL transfers on Solana, ETH transactions on Ethereum, and MATIC operations on Polygon.

Claude MCP Integration

The 45 MCP tools work seamlessly across all supported networks. Your Claude agent can execute multi-chain strategies through natural language:

{
  "mcpServers": {
    "waiaas": {
      "command": "npx",
      "args": ["-y", "@waiaas/mcp"],
      "env": {
        "WAIAAS_BASE_URL": "http://127.0.0.1:3100",
        "WAIAAS_SESSION_TOKEN": "wai_sess_<token>"
      }
    }
  }
}

Now Claude can respond to: "Check my portfolio across all chains, then rebalance 10% from Solana DeFi to Ethereum staking" by automatically calling the appropriate MCP tools for each network.

Quick Multi-Chain Setup

Step 1: Start WAIaaS with Docker

git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
cd WAIaaS
docker compose up -d

Step 2: Create wallets for multiple chains

npm install -g @waiaas/cli
waiaas quickset --mode mainnet  # Creates wallets for major networks

Step 3: Configure MCP for Claude

waiaas mcp setup --all  # Auto-registers all wallets with Claude Desktop

Step 4: Fund wallets and test

Transfer small amounts to each wallet, then ask Claude: "What's my balance across all networks?"

Step 5: Set cross-chain policies

curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "X-Master-Password: $(cat ~/.waiaas/recovery.key)" \
  -d '{
    "type": "ALLOWED_NETWORKS", 
    "rules": {"networks": [
      {"network": "ethereum-mainnet"},
      {"network": "solana-mainnet"},
      {"network": "polygon-mainnet"}
    ]}
  }'

Your AI agent now has secure access to execute transactions across Ethereum, Solana, and Polygon with unified policies and monitoring.

Advanced Multi-Chain Strategies

Cross-Chain Arbitrage

import { WAIaaSClient } from '@waiaas/sdk';

const client = new WAIaaSClient({
  baseUrl: 'http://127.0.0.1:3100',
  sessionToken: process.env.WAIAAS_SESSION_TOKEN,
});

// Get USDC prices across chains
const solanaPrice = await client.executeAction('jupiter-swap', 'quote', {
  inputMint: 'So11111111111111111111111111111111111111112', // SOL
  outputMint: 'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v', // USDC
  amount: '1000000000' // 1 SOL
});

const ethereumPrice = await client.executeAction('zerox-swap', 'quote', {
  sellToken: 'ETH',
  buyToken: '0xA0b86a33E6441b9435B654D4c4e58C8e2C4b3c19', // USDC
  sellAmount: '1000000000000000000' // 1 ETH
});

// Execute arbitrage if spread > threshold
if (priceDiff > ARBITRAGE_THRESHOLD) {
  await client.executeAction('lifi', 'bridge', {
    fromChain: 'solana',
    toChain: 'ethereum',
    amount: arbitrageAmount
  });
}

DeFi Position Management

Your agent can monitor positions across protocols and rebalance based on yields:

# Check all DeFi positions across chains
curl http://127.0.0.1:3100/v1/defi/positions \
  -H "Authorization: Bearer wai_sess_<token>"

# Returns unified view:
# {
#   "aave-v3": {"supplied": {"USDC": "1000"}, "borrowed": {"DAI": "500"}},
#   "lido-staking": {"staked": {"ETH": "2.5"}},
#   "jito-staking": {"staked": {"SOL": "10"}}
# }

Building DeFi AI Agents: From Smart Contracts to Smarter Bots

Claude MCP Integration: Give Your AI Agent a Crypto Wallet

Policy Engine Deep Dive: 4-Tier Security for AI Agent Wallets

What's Next

Multi-chain infrastructure is just the foundation. Once your AI agent can operate across networks, explore advanced capabilities like ERC-4337 Account Abstraction for gasless transactions, x402 HTTP payments for API calls, and ERC-8004 onchain reputation systems. Get started with the full codebase at GitHub or explore the interactive API documentation at waiaas.ai.

Why Trading Bots Need Unified DeFi Infrastructure: One Wallet, 14 Protocols

Wallet Guy — Mon, 27 Apr 2026 08:43:09 +0000

Your arb bot spotted the opportunity — USDC trading at a premium on one DEX while borrowing rates are low on Aave. But by the time you've connected to three different protocols, signed multiple transactions, and paid gas fees twice, the opportunity vanished. Trading bots need unified DeFi infrastructure that executes fast, manages risk automatically, and doesn't drain profits through inefficient wallet management.

Why Trading Infrastructure Matters

Profitable trading happens in microseconds, but most bots waste precious time on wallet plumbing. You're either building custom integrations for every protocol (Jupiter, Drift, Aave, Pendle), managing gas optimization manually, or accepting that failed transactions will eat your margins. Professional trading requires professional infrastructure — not a collection of ad-hoc scripts calling different APIs with separate private keys.

The stakes are real: MEV opportunities disappear in blocks, arbitrage windows close when gas spikes, and liquidation protection requires split-second execution across multiple venues. Your trading logic should focus on alpha generation, not wrestling with transaction management.

Unified DeFi Access for Trading Bots

WAIaaS provides a single wallet that connects to 15 DeFi protocols through one API. Your trading bot makes the same API call whether it's swapping on Jupiter (Solana), lending on Aave (Ethereum), or trading perpetuals on Hyperliquid. The wallet handles chain routing, gas optimization, and transaction batching automatically.

Here's how a cross-protocol arbitrage bot executes in three API calls:

# Check positions across all protocols
curl http://127.0.0.1:3100/v1/wallet/defi-positions \
  -H "Authorization: Bearer wai_sess_<token>"

# Execute Jupiter swap on Solana
curl -X POST http://127.0.0.1:3100/v1/actions/jupiter-swap/swap \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "inputMint": "So11111111111111111111111111111111111111112",
    "outputMint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
    "amount": "1000000000"
  }'

# Hedge position on Hyperliquid perps
curl -X POST http://127.0.0.1:3100/v1/actions/hyperliquid/place-order \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "coin": "SOL",
    "is_buy": false,
    "sz": "10",
    "limit_px": "185.5",
    "order_type": {"limit": {"tif": "Ioc"}}
  }'

No private key management, no gas estimation, no RPC reliability issues. The wallet infrastructure handles execution while your bot handles strategy.

Gas-Conditional Execution

Smart trading bots don't just execute — they execute profitably. WAIaaS includes gas conditional execution that queues transactions until gas prices meet your threshold. Your arbitrage opportunity stays profitable even if gas spikes during execution.

# Send with gas condition: only execute if gas < 50 gwei
curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "TRANSFER",
    "to": "recipient-address",
    "amount": "0.1",
    "gasCondition": {
      "maxGasPrice": "50000000000"
    }
  }'

The transaction waits in queue until gas conditions are met, preserving your profit margins automatically.

Risk Management Built In

Professional trading requires position limits, slippage protection, and kill switches. WAIaaS policies enforce risk controls at the infrastructure level — your bot can't accidentally drain the entire wallet on a single bad trade.

# Set trading limits policy
curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 1000,
      "daily_limit_usd": 10000,
      "monthly_limit_usd": 50000
    }
  }'

The wallet enforces these limits automatically. No matter what your bot tries to do, it can't exceed position limits or drain capital beyond configured thresholds.

Multi-Protocol Portfolio Management

Real trading strategies span multiple protocols: you might swap on Jupiter, lend on Kamino, stake with Jito, and hedge on Drift. WAIaaS provides unified access to all 15 integrated protocols through consistent API endpoints.

# Get complete DeFi portfolio across all protocols
curl http://127.0.0.1:3100/v1/wallet/defi-positions \
  -H "Authorization: Bearer wai_sess_<token>"

Response includes positions from lending protocols (Aave, Kamino), DEXs (Jupiter, 0x), perpetual futures (Hyperliquid, Drift), staking (Lido, Jito), and prediction markets (Polymarket). Your bot sees the complete picture in one API call.

Cross-Chain Bridge Automation

Multi-chain strategies require reliable bridging. WAIaaS integrates LI.FI and Across protocols for automated cross-chain transfers. Your bot can bridge assets as part of larger trading strategies without managing bridge-specific APIs.

# Bridge USDC from Ethereum to Solana via LI.FI
curl -X POST http://127.0.0.1:3100/v1/actions/lifi/bridge \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "fromChain": "ethereum",
    "toChain": "solana", 
    "fromToken": "0xA0b86a33E6441E059a81CE3d2F0c4D6A99c1A8BC",
    "toToken": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
    "amount": "1000000000"
  }'

Bridge, swap, and trade — all coordinated through one wallet infrastructure.

Transaction Batching and Simulation

Complex trading strategies often require multiple transactions executed atomically. WAIaaS supports transaction batching and includes dry-run simulation to test strategies before risking capital.

# Simulate complex strategy before execution
curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "BATCH",
    "transactions": [
      {"type": "TRANSFER", "to": "address1", "amount": "0.1"},
      {"type": "CONTRACT_CALL", "to": "0xDEF1...", "data": "0x123..."}
    ],
    "dryRun": true
  }'

The simulation returns success/failure and gas estimates without executing on-chain. Only commit capital when you know the strategy will work.

Quick Start for Trading Bots

Deploy with Docker — Production-ready infrastructure in 30 seconds:

git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
cd WAIaaS
docker compose up -d

Create trading wallet and session:

# Create wallet
curl -X POST http://127.0.0.1:3100/v1/wallets \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{"name": "trading-bot", "chain": "solana", "environment": "mainnet"}'

# Create session for bot authentication  
curl -X POST http://127.0.0.1:3100/v1/sessions \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{"walletId": "<wallet-uuid>"}'

Configure risk policies — Set position limits and gas conditions
Integrate with your trading bot — Use the 39 REST API endpoints or TypeScript/Python SDKs
Monitor via Admin UI — Track performance and positions at http://127.0.0.1:3100/admin

What's Next

Your trading bot deserves infrastructure that matches its sophistication. WAIaaS handles wallet management, protocol integrations, and risk controls so you can focus on generating alpha. Ready to upgrade your trading infrastructure? Check out the complete setup at GitHub and explore the full platform at waiaas.ai.