DEV Community: Wallet Guy

AI Agents That Pay for Their Own Compute: The Missing Economic Layer

Wallet Guy — Mon, 25 May 2026 16:00:24 +0000

AI agents will need to pay for compute, data, and API calls—but how do they access economic primitives without relying on human-managed accounts? The missing piece isn't better models or more training data. It's autonomous wallet infrastructure that lets agents participate in economic activity independently, from micropayments to DeFi strategies.

Why Agent Economics Matter

We're approaching a world where AI agents don't just analyze data—they act on it. Trading agents that rebalance portfolios. Research agents that purchase datasets from multiple sources. Compute agents that spin up cloud resources and pay per second. But today's agent frameworks hit a wall: they need humans to manage payments, approve transactions, and handle financial operations.

This creates a fundamental bottleneck. Every economic decision requires human intervention, limiting agents to read-only operations or simple transfers between pre-approved accounts. The promise of autonomous agents remains unfulfilled because they can't independently manage money.

The x402 Protocol: HTTP Payments for Agents

WAIaaS implements the x402 HTTP payment protocol—a standard that lets agents automatically pay for API calls without human approval. When an API returns a 402 (Payment Required) status, the agent's wallet automatically handles the payment and retries the request.

Here's how an AI agent fetches premium data using x402:

import { WAIaaSClient } from '@waiaas/sdk';

const client = new WAIaaSClient({
  baseUrl: 'http://127.0.0.1:3100',
  sessionToken: process.env.WAIAAS_SESSION_TOKEN,
});

// Agent automatically pays for premium API access
const response = await client.x402Fetch('https://api.premium-data.com/market-analysis', {
  method: 'POST',
  body: JSON.stringify({ symbols: ['AAPL', 'MSFT', 'GOOGL'] })
});

const analysis = await response.json();
console.log(`Paid ${analysis.cost_usd} USD for analysis of ${analysis.symbols.length} symbols`);

The agent's wallet handles payment negotiation automatically. No human approval required. No pre-funded accounts to manage. Just autonomous economic activity.

Beyond Payments: Autonomous DeFi Participation

But agent economics go beyond micropayments. WAIaaS provides access to 15 DeFi protocols, enabling agents to execute sophisticated financial strategies:

# Agent stakes SOL for yield while maintaining liquidity
curl -X POST http://127.0.0.1:3100/v1/actions/lido-staking/stake \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "amount": "10000000000",
    "stakingToken": "stSOL"
  }'

# Agent swaps tokens based on market conditions
curl -X POST http://127.0.0.1:3100/v1/actions/jupiter-swap/swap \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "inputMint": "So11111111111111111111111111111111111111112",
    "outputMint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
    "amount": "1000000000"
  }'

Agents can participate in lending markets, provide liquidity, trade perpetual futures on Hyperliquid, and even make predictions on Polymarket—all through standardized APIs that abstract away blockchain complexity.

Policy-Controlled Autonomy

Autonomous doesn't mean unsupervised. WAIaaS implements 21 policy types across 4 security tiers to ensure agent behavior stays within acceptable bounds:

# Set spending limits with escalating approval requirements
curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 100,
      "notify_max_usd": 500,
      "delay_max_usd": 2000,
      "delay_seconds": 900,
      "daily_limit_usd": 5000
    }
  }'

Small transactions execute instantly. Medium amounts trigger notifications. Large transactions enter a time delay (cancellable by humans). Exceptional amounts require explicit approval. This creates a safety net that scales with economic impact.

Default-deny policies prevent unauthorized token transfers or contract interactions. Agents can only operate with explicitly whitelisted tokens and protocols, ensuring they can't accidentally interact with malicious contracts or drain unexpected assets.

Real-World Agent Implementation

Here's a complete trading agent that monitors market conditions and rebalances a portfolio:

import { WAIaaSClient } from '@waiaas/sdk';

const client = new WAIaaSClient({
  baseUrl: process.env.WAIAAS_BASE_URL ?? 'http://localhost:3100',
  sessionToken: process.env.WAIAAS_SESSION_TOKEN,
});

class TradingAgent {
  async rebalancePortfolio() {
    // Check current holdings
    const assets = await client.getAssets();
    const solBalance = assets.find(a => a.symbol === 'SOL')?.balance || '0';
    const usdcBalance = assets.find(a => a.symbol === 'USDC')?.balance || '0';

    // Get market data (agent pays automatically via x402)
    const marketData = await client.x402Fetch('https://api.pricing.com/current', {
      headers: { 'Accept': 'application/json' }
    }).then(r => r.json());

    const solPrice = marketData.SOL_USD;
    const portfolioValue = (parseFloat(solBalance) * solPrice) + parseFloat(usdcBalance);
    const targetSolPercent = 0.6; // 60% SOL, 40% USDC

    const currentSolValue = parseFloat(solBalance) * solPrice;
    const targetSolValue = portfolioValue * targetSolPercent;
    const rebalanceAmount = Math.abs(targetSolValue - currentSolValue);

    // Only rebalance if drift > 5%
    if (rebalanceAmount > portfolioValue * 0.05) {
      if (currentSolValue > targetSolValue) {
        // Sell SOL for USDC
        await this.executeTrade('SOL', 'USDC', rebalanceAmount / solPrice);
      } else {
        // Buy SOL with USDC
        await this.executeTrade('USDC', 'SOL', rebalanceAmount);
      }
    }
  }

  async executeTrade(fromToken: string, toToken: string, amount: number) {
    try {
      const result = await client.executeAction('jupiter-swap', 'swap', {
        inputMint: fromToken === 'SOL' ? 'So11111111111111111111111111111111111111112' : 'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v',
        outputMint: toToken === 'SOL' ? 'So11111111111111111111111111111111111111112' : 'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v',
        amount: (amount * 1e9).toString() // Convert to lamports/micro-units
      });

      console.log(`Rebalanced: ${amount} ${fromToken} → ${toToken}`);
    } catch (error) {
      console.error(`Trade failed: ${error.message}`);
    }
  }
}

// Run rebalancing every hour
const agent = new TradingAgent();
setInterval(() => agent.rebalancePortfolio(), 3600000);

This agent operates independently, making economic decisions based on real-time data while staying within pre-configured risk parameters.

Getting Started with Agent Economics

Let's build an agent that can participate in economic activity:

1. Deploy WAIaaS Infrastructure

# Quick Docker deployment
git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
cd WAIaaS
docker compose up -d

2. Create Agent Wallets

# Install CLI tools
npm install -g @waiaas/cli

# Initialize and create wallets for your agent
waiaas init
waiaas start
waiaas quickset --mode mainnet  # Creates both EVM and Solana wallets

3. Configure Economic Policies

# Set up spending limits and token restrictions
waiaas policy create --type SPENDING_LIMIT --instant-max 50 --daily-limit 1000
waiaas policy create --type ALLOWED_TOKENS --tokens SOL,USDC,WETH

4. Enable MCP Integration for AI Frameworks

# Connect to Claude, ChatGPT, or other MCP-compatible AI systems
waiaas mcp setup --all

5. Deploy Your Agent

Your AI agent now has 45 MCP tools for wallet operations, transaction management, DeFi participation, and x402 payments. It can operate autonomously within the economic boundaries you've defined.

The infrastructure handles multi-chain operations across 18 networks, from Ethereum mainnet to Solana devnet. Your agent can bridge assets, provide liquidity, stake tokens, and even trade derivatives—all through the same unified API.

The Path Forward

WAIaaS provides the economic infrastructure layer that agent frameworks need today. With 39 REST API routes, ERC-4337 account abstraction, and production-ready Docker deployment, it's built for real-world agent applications.

The pieces are falling into place: x402 payment protocols, DeFi composability, and policy-controlled autonomy. We're moving from agents that simulate economic activity to agents that participate in it.

For more details on implementation, explore WAIaaS on GitHub or visit the official documentation. The agent economy isn't coming—it's here, waiting for the infrastructure to catch up.

Atomic Multi-Operation Trading: Batch Transaction APIs for DeFi Bots

Wallet Guy — Mon, 25 May 2026 10:52:54 +0000

Automated trading bots fail when they can't execute multi-step DeFi operations atomically. Your arbitrage opportunity disappears while your bot makes separate API calls to swap tokens, hedge positions, and bridge assets across chains. WAIaaS solves this with batch transaction APIs that bundle multiple operations into single atomic executions.

Why Atomic Operations Matter for Trading Bots

In high-frequency DeFi trading, timing is everything. A profitable arbitrage window might last only 2-3 blocks. Your bot spots a price discrepancy between Jupiter and Drift, but by the time it executes separate transactions for the swap, the hedge trade, and the position adjustment, the opportunity is gone.

Traditional wallet infrastructure forces bots into sequential operations. Each transaction requires separate gas estimation, signing, and confirmation. Network congestion can delay any step, and partial execution leaves your bot exposed to slippage and market risk.

Professional trading operations need wallet infrastructure that matches their execution requirements: atomic multi-step operations, gas optimization, and built-in risk controls that don't slow down profitable trades.

Batch Transaction API for Complex Trading Strategies

WAIaaS provides atomic batch execution through its REST API. Instead of managing multiple wallet connections and transaction sequences, your bot sends one batch request containing all operations.

Here's a complete arbitrage strategy executed atomically:

curl -X POST http://127.0.0.1:3100/v1/transactions/batch \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "transactions": [
      {
        "type": "TokenTransfer",
        "to": "jupiter-program",
        "token": "So11111111111111111111111111111111111111112",
        "amount": "10000000000"
      },
      {
        "type": "ContractCall",
        "to": "JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4",
        "data": "swap_exact_tokens_for_tokens_data"
      },
      {
        "type": "ContractCall",
        "to": "drift-program-id",
        "data": "open_hedge_position_data"
      }
    ],
    "gasCondition": {
      "maxGasPrice": "50000000000"
    }
  }'

The batch executes all-or-nothing. If any transaction fails, the entire batch reverts, protecting your bot from partial execution risk.

Multi-Protocol Access Through Single API

WAIaaS integrates 15 DeFi protocols: jupiter-swap, drift, hyperliquid, lifi, across, aave-v3, lido-staking, jito-staking, kamino, pendle, polymarket, xrpl-dex, zerox-swap, dcent-swap, and erc8004. Your bot accesses all protocols through consistent REST endpoints.

Execute a cross-chain arbitrage strategy:

# Step 1: Swap on Solana via Jupiter
curl -X POST http://127.0.0.1:3100/v1/actions/jupiter-swap/swap \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "inputMint": "So11111111111111111111111111111111111111112",
    "outputMint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
    "amount": "5000000000",
    "slippageBps": 50
  }'

# Step 2: Bridge to Ethereum via LI.FI
curl -X POST http://127.0.0.1:3100/v1/actions/lifi/bridge \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "fromChain": "solana",
    "toChain": "ethereum",
    "fromToken": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
    "toToken": "0xA0b86a33E6441b0094bE12C31a9f63C365b35D48",
    "amount": "1000000"
  }'

# Step 3: Hedge position on Hyperliquid
curl -X POST http://127.0.0.1:3100/v1/actions/hyperliquid/order \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "asset": "ETH",
    "side": "short",
    "orderType": "market",
    "sz": "1.5"
  }'

Each protocol maintains its native API structure while using WAIaaS authentication and risk controls.

Gas Optimization and Conditional Execution

Professional bots need gas optimization built into their execution layer. WAIaaS provides gas conditional execution — transactions only execute when gas meets your price thresholds.

Set gas conditions in any transaction:

curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "TRANSFER",
    "to": "recipient-address",
    "amount": "0.1",
    "gasCondition": {
      "maxGasPrice": "30000000000",
      "timeoutSeconds": 300
    }
  }'

The transaction queues until gas drops below 30 gwei, then executes automatically. Your bot maintains profitability by avoiding expensive execution costs.

For high-frequency operations, simulate transactions before execution:

curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "TRANSFER",
    "to": "recipient-address", 
    "amount": "0.1",
    "dryRun": true
  }'

The dry-run API returns gas estimates and success probability without spending gas, letting your bot validate strategies before committing capital.

Built-in Risk Management Without Latency

Trading bots need risk controls that don't kill performance. WAIaaS provides 4-tier policy enforcement with microsecond execution for approved operations.

Configure spending limits for your trading bot:

curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 1000,
      "notify_max_usd": 5000,
      "delay_max_usd": 20000,
      "delay_seconds": 60,
      "daily_limit_usd": 100000
    }
  }'

Small trades execute instantly. Large trades trigger notifications or delays. This protects against bot malfunctions while maintaining execution speed for normal operations.

Set protocol-specific limits:

curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "PERP_MAX_LEVERAGE",
    "rules": {
      "maxLeverage": 5,
      "protocols": ["hyperliquid", "drift"]
    }
  }'

Your bot can trade aggressively within defined risk parameters without manual oversight.

TypeScript SDK for Bot Development

The WAIaaS TypeScript SDK provides typed interfaces optimized for algorithmic trading:

import { WAIaaSClient } from '@waiaas/sdk';

const client = new WAIaaSClient({
  baseUrl: 'http://127.0.0.1:3100',
  sessionToken: process.env.WAIAAS_SESSION_TOKEN,
});

// Execute atomic arbitrage strategy
async function executeArbitrage(token0: string, token1: string, amount: string) {
  // Check current positions
  const positions = await client.getDeFiPositions();
  const balance = await client.getBalance();

  // Execute batch trade
  const batch = await client.sendBatch([
    {
      type: 'ContractCall',
      to: jupiterProgram,
      data: buildSwapInstruction(token0, token1, amount),
    },
    {
      type: 'ContractCall', 
      to: driftProgram,
      data: buildHedgeInstruction(token1, amount),
    }
  ]);

  return batch.id;
}

The SDK handles authentication, error recovery, and response parsing while maintaining the low-latency execution your bot requires.

Real-time Portfolio Monitoring

Monitor your bot's positions across all integrated protocols:

curl http://127.0.0.1:3100/v1/wallet/defi-positions \
  -H "Authorization: Bearer wai_sess_<token>"

Returns consolidated position data:

{
  "lending": {
    "aave-v3": [{"asset": "USDC", "supplied": "50000", "apy": "4.2%"}],
    "kamino": [{"asset": "SOL", "supplied": "100", "apy": "7.8%"}]
  },
  "staking": {
    "lido-staking": [{"asset": "ETH", "staked": "32", "rewards": "1.2"}],
    "jito-staking": [{"asset": "SOL", "staked": "500", "rewards": "12.5"}]
  },
  "trading": {
    "hyperliquid": [{"market": "ETH-USD", "size": "-2.5", "pnl": "+$245"}],
    "drift": [{"market": "SOL-PERP", "size": "100", "pnl": "-$12"}]
  }
}

Your bot can make informed decisions based on real-time position data across all protocols.

Quick Start: Deploy Your Trading Bot

Step 1: Install and Initialize

npm install -g @waiaas/cli
waiaas init --auto-provision
waiaas start

Step 2: Create Trading Wallet

waiaas wallet create --name trading-bot --chain solana --network mainnet

Step 3: Configure Risk Policies

# Set up spending limits and protocol restrictions via Admin UI
open http://127.0.0.1:3100/admin

Step 4: Install SDK and Start Trading

npm install @waiaas/sdk
# Build your bot using the SDK examples above

Step 5: Deploy with Docker

docker run -d \
  --name waiaas-trading \
  -p 127.0.0.1:3100:3100 \
  -v trading-data:/data \
  -e WAIAAS_AUTO_PROVISION=true \
  ghcr.io/minhoyoo-iotrust/waiaas:latest

What's Next

Ready to build profitable trading bots with atomic execution? Start with the WAIaaS GitHub repository at https://github.com/minhoyoo-iotrust/WAIaaS for complete documentation and examples. For production deployment and advanced features, visit https://waiaas.ai to explore enterprise options with dedicated infrastructure and priority support.

Deploy Smart Contracts from Claude Desktop: ContractDeploy MCP Tools

Wallet Guy — Sun, 24 May 2026 14:42:22 +0000

Deploy Smart Contracts from Claude Desktop: Claude Desktop just gained the ability to deploy smart contracts through WAIaaS's MCP tools. With 45 MCP tools including ContractDeploy, your AI assistant can now create, test, and deploy contracts across multiple blockchains without leaving your conversation.

The ability to deploy contracts from natural language conversations represents a fundamental shift in how developers interact with blockchain infrastructure. Instead of switching between multiple tools, terminals, and interfaces, you can now describe what you want to build and watch Claude handle the entire deployment pipeline.

Why Contract Deployment Needs AI Integration

Traditional smart contract deployment involves juggling multiple tools: writing Solidity or Rust, configuring deployment scripts, managing gas settings, verifying on block explorers, and coordinating across different networks. Each step requires context switching and manual intervention.

AI assistants excel at orchestrating complex workflows, but they've been limited to off-chain operations. WAIaaS bridges this gap by providing MCP tools that give Claude direct access to blockchain operations while maintaining security through policy controls.

Setting Up Contract Deployment with WAIaaS MCP

First, install WAIaaS and create a session:

npm install -g @waiaas/cli
waiaas init
waiaas start
waiaas quickset --mode mainnet

Add WAIaaS to your Claude Desktop configuration:

{
  "mcpServers": {
    "waiaas": {
      "command": "npx",
      "args": ["-y", "@waiaas/mcp"],
      "env": {
        "WAIAAS_BASE_URL": "http://127.0.0.1:3100",
        "WAIAAS_SESSION_TOKEN": "wai_sess_<your-token>",
        "WAIAAS_DATA_DIR": "~/.waiaas"
      }
    }
  }
}

Now Claude has access to all 45 MCP tools, including the ContractDeploy transaction type for deploying smart contracts.

Deploying Contracts Through Natural Language

Once configured, you can ask Claude to deploy contracts using natural language:

"Deploy a simple ERC-20 token contract with 1 million initial supply"

Claude will use the available MCP tools to:

Check your wallet balance with get_balance
Estimate deployment costs
Create the ContractDeploy transaction
Execute the deployment through send_batch or direct transaction submission

The ContractDeploy transaction type supports deploying contracts across the 18 networks that WAIaaS supports, including both EVM chains and Solana.

Contract Deployment with Policy Controls

WAIaaS's policy engine provides essential security for contract deployments. You can configure policies that control:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 10,
      "delay_max_usd": 100,
      "delay_seconds": 300,
      "daily_limit_usd": 500
    }
  }'

Large contract deployments will trigger the DELAY or APPROVAL tiers, giving you time to review before execution. The default-deny policy system ensures contracts are only deployed when explicitly allowed by your configuration.

Advanced Contract Operations

Beyond basic deployment, WAIaaS MCP tools enable sophisticated contract interactions:

Batch Deployments: Deploy multiple related contracts in a single transaction using the Batch transaction type.

Cross-Chain Deployment: Deploy the same contract across multiple networks by leveraging the 18 supported networks.

Contract Verification: Use the call_contract tool to interact with newly deployed contracts and verify functionality.

Integration with DeFi: Immediately integrate deployed contracts with the 15 DeFi protocol providers for testing liquidity pools, lending markets, or trading functionality.

Simulating Deployments Before Execution

WAIaaS includes simulation capabilities through the simulate_transaction tool. Claude can test contract deployments before spending real gas:

curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "CONTRACT_DEPLOY",
    "bytecode": "0x608060405234801561001057600080fd5b50...",
    "constructorArgs": ["TokenName", "TKN", "1000000"],
    "dryRun": true
  }'

This returns deployment costs, potential errors, and contract addresses without executing the transaction.

Multi-Wallet Contract Management

For teams managing multiple contracts across different wallets, configure separate MCP servers for each deployment environment:

{
  "mcpServers": {
    "waiaas-mainnet": {
      "command": "npx",
      "args": ["-y", "@waiaas/mcp"],
      "env": {
        "WAIAAS_AGENT_ID": "019c47d6-51ef-7f43-a76b-d50e875d95f4",
        "WAIAAS_AGENT_NAME": "mainnet-deployer",
        "WAIAAS_DATA_DIR": "~/.waiaas"
      }
    },
    "waiaas-testnet": {
      "command": "npx",
      "args": ["-y", "@waiaas/mcp"],
      "env": {
        "WAIAAS_AGENT_ID": "019c4cd2-86e8-758f-a61e-9c560307c788",
        "WAIAAS_AGENT_NAME": "testnet-deployer",
        "WAIAAS_DATA_DIR": "~/.waiaas"
      }
    }
  }
}

This allows Claude to deploy contracts to different networks with appropriate security settings for each environment.

Quick Start: Deploy Your First Contract

Install WAIaaS: npm install -g @waiaas/cli && waiaas init && waiaas start
Create a wallet: waiaas quickset to generate wallets and MCP sessions
Configure Claude Desktop: Add the MCP server configuration to claude_desktop_config.json
Fund your wallet: Transfer some ETH or SOL for gas fees using Claude: "What's my wallet address? I need to fund it for contract deployment."
Deploy a contract: Ask Claude: "Deploy a simple storage contract that can store and retrieve a uint256 value"

Claude will handle the entire deployment process, from bytecode compilation to transaction submission and confirmation monitoring.

Error Handling and Debugging

WAIaaS provides detailed error responses for failed deployments:

{
  "error": {
    "code": "POLICY_DENIED",
    "message": "Contract deployment denied by SPENDING_LIMIT policy",
    "domain": "POLICY",
    "retryable": false
  }
}

Common deployment issues Claude can help resolve:

Insufficient gas estimation
Policy restrictions blocking deployment
Network congestion causing failures
Constructor argument formatting errors

Integration with Development Workflows

WAIaaS MCP tools integrate seamlessly with existing development practices:

Testing: Deploy test contracts to testnets, run integration tests, then deploy to mainnet
Monitoring: Use get_transaction and list_transactions to track deployment status
Verification: Leverage call_contract to verify deployed contract functionality
Management: Use the Admin Web UI at /admin to monitor deployed contracts and policy compliance

The 7-stage transaction pipeline ensures all deployments go through proper validation, authentication, policy checking, and execution stages.

Ready to give Claude onchain deployment capabilities? Start with the WAIaaS GitHub repository and explore the full documentation at waiaas.ai. Your AI assistant is about to become a full-stack blockchain developer.

4 Security Tiers for AI Agent Transactions: INSTANT to APPROVAL

Wallet Guy — Sun, 24 May 2026 08:46:54 +0000

AI agents need wallets to participate in DeFi, but giving an autonomous system direct access to your funds is like handing a toddler your credit card. One bug, one prompt injection, or one hallucination could drain your entire wallet in seconds.

The solution isn't to avoid AI agents entirely — their potential is too valuable. Instead, you need multiple layers of security that let agents operate autonomously for small, safe transactions while requiring human approval for anything risky. This is exactly what WAIaaS's 4-tier security system provides.

Why Security Tiers Matter for AI Agents

Traditional crypto wallets are binary: either you have the private key and can do anything, or you don't and can do nothing. But AI agents operate in a gray area — they need some autonomy to be useful, but unlimited autonomy is dangerous.

Consider a trading bot that needs to:

Check balances and prices (safe)
Execute small arbitrage trades (low risk)
Rebalance a large portfolio (medium risk)
Emergency liquidations to prevent margin calls (high risk)

Each operation has different risk profiles and should have different security requirements. WAIaaS's policy engine recognizes this reality with 21 policy types enforced across 4 security tiers.

The 4 Security Tiers Explained

WAIaaS classifies every transaction into one of four tiers based on your policies:

INSTANT — Execute immediately, no notification

Small amounts you're comfortable losing
Whitelisted addresses you trust completely
Gas payments and routine operations

NOTIFY — Execute immediately, send notification

Medium amounts where you want awareness
Transactions to known-safe contracts
Regular trading within daily limits

DELAY — Queue for a time delay, then execute (cancellable)

Larger amounts that warrant a cooling-off period
New contracts or recipients
Emergency brake opportunity

APPROVAL — Require explicit human approval

Large amounts that could hurt if lost
Unlimited token approvals
Transactions outside normal patterns

The genius is in the default: anything not explicitly allowed is denied entirely. Your agent can't accidentally interact with a malicious contract because contracts must be whitelisted first.

Creating Your First Security Policy

Let's set up a spending limit policy that implements all four tiers. This requires masterAuth since you're configuring security settings:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: your-master-password' \
  -d '{
    "walletId": "your-wallet-uuid",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 10,
      "notify_max_usd": 100, 
      "delay_max_usd": 1000,
      "delay_seconds": 300,
      "daily_limit_usd": 500,
      "monthly_limit_usd": 5000
    }
  }'

Now when your AI agent tries to spend money:

$5 transaction → INSTANT (executes immediately)
$50 transaction → NOTIFY (executes, sends notification)
$500 transaction → DELAY (waits 5 minutes, cancellable)
$5000 transaction → APPROVAL (requires human approval)

Default-Deny: The Nuclear Option

WAIaaS's most powerful security feature is default-deny policies. When you create an ALLOWED_TOKENS policy, your agent can only interact with those specific tokens:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: your-master-password' \
  -d '{
    "walletId": "your-wallet-uuid",
    "type": "ALLOWED_TOKENS",
    "rules": {
      "tokens": [
        {
          "address": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
          "symbol": "USDC",
          "chain": "solana"
        }
      ]
    }
  }'

Similarly, CONTRACT_WHITELIST policies prevent your agent from calling any contract not explicitly approved:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: your-master-password' \
  -d '{
    "walletId": "your-wallet-uuid", 
    "type": "CONTRACT_WHITELIST",
    "rules": {
      "contracts": [
        {
          "address": "JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4",
          "name": "Jupiter Swap",
          "chain": "solana"
        }
      ]
    }
  }'

This is the ultimate guard against prompt injection attacks. Even if someone tricks your agent into trying to interact with a malicious contract, the policy engine will reject it.

Advanced Security: Time and Rate Limits

Beyond amount-based controls, you can restrict when and how often your agent operates:

# Only allow trading during market hours
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: your-master-password' \
  -d '{
    "walletId": "your-wallet-uuid",
    "type": "TIME_RESTRICTION", 
    "rules": {
      "allowedHours": {"start": 9, "end": 17},
      "timezone": "UTC"
    }
  }'

# Limit to 10 transactions per hour
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: your-master-password' \
  -d '{
    "walletId": "your-wallet-uuid",
    "type": "RATE_LIMIT",
    "rules": {
      "maxTransactions": 10,
      "period": "hourly" 
    }
  }'

The 3-Layer Security Architecture

WAIaaS implements defense in depth with three distinct layers:

Layer 1: Session Authentication
Your AI agent gets a JWT token with limited scope and TTL. Even if compromised, the damage window is bounded.

Layer 2: Policy Engine
Every transaction is evaluated against 21 policy types. Policies are combined with AND logic — all must pass.

Layer 3: Human Oversight
Notifications, time delays, and approval workflows give you multiple chances to intervene.

This architecture means a security failure requires multiple simultaneous breaches — a much higher bar than single-layer systems.

Approval Workflows: The Human in the Loop

When a transaction requires APPROVAL tier, WAIaaS supports multiple notification channels. The system includes 3 signing channels for getting human approval:

For high-stakes transactions, you can set up WalletConnect integration that prompts you to approve transactions on your mobile wallet:

# Check WalletConnect status
curl http://127.0.0.1:3100/v1/walletconnect/status \
  -H "X-Master-Password: your-master-password"

# Approve a pending transaction
curl -X POST http://127.0.0.1:3100/v1/transactions/<tx-id>/approve \
  -H "X-Owner-Signature: <ed25519-or-secp256k1-signature>" \
  -H "X-Owner-Message: <signed-message>"

Testing Your Security Setup

Before deploying your agent, test your policies with dry-run transactions:

curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<your-token>" \
  -d '{
    "type": "TRANSFER",
    "to": "recipient-address", 
    "amount": "1000",
    "dryRun": true
  }'

This shows you exactly which policies would trigger and what tier the transaction would be assigned, without actually executing anything.

Quick Start: Secure AI Agent in 5 Steps

Install and start WAIaaS

npm install -g @waiaas/cli
waiaas init
waiaas start

Create a wallet with basic policies

waiaas quickset --mode mainnet

Set up token whitelist (replace with your preferred tokens)

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: your-password' \
  -d '{
    "walletId": "your-wallet-uuid",
    "type": "ALLOWED_TOKENS", 
    "rules": {"tokens": [{"address": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v", "symbol": "USDC", "chain": "solana"}]}
  }'

Test with a small transaction

curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Authorization: Bearer your-session-token" \
  -d '{"type": "TRANSFER", "to": "test-address", "amount": "0.01", "dryRun": true}'

Monitor via Admin UI

open http://127.0.0.1:3100/admin

What's Next

You now understand WAIaaS's 4-tier security model and how to implement defense-in-depth for AI agents. The policy engine supports 21 policy types beyond what we covered here — explore the full range for fine-grained control over your agent's capabilities.

Ready to build secure AI agents? Check out the open-source code at GitHub or explore the full documentation at waiaas.ai.

Claude Pays Its Own Bills: MCP x402-fetch Tool for Autonomous API Payments

Wallet Guy — Sat, 23 May 2026 14:43:25 +0000

Claude agents can now autonomously pay for API calls using the x402-fetch tool in WAIaaS's MCP server. Instead of hitting rate limits or requiring manual API key management, your Claude agent automatically pays for premium services using cryptocurrency micropayments through the HTTP 402 payment protocol.

Why AI Agent Payments Matter

Today's AI agents hit API rate limits constantly. Whether calling premium data feeds, advanced AI models, or specialized services, agents either fail with 402 Payment Required errors or rely on pre-funded API keys that expire and need manual renewal. This breaks autonomous workflows and limits what agents can accomplish independently.

The x402 HTTP payment protocol solves this by letting agents pay per request automatically. When an API returns a 402 status, the agent pays the requested amount and retries the call seamlessly. No API keys, no rate limits, no human intervention.

WAIaaS MCP Integration: Claude + Crypto Payments

WAIaaS provides 45 MCP tools for Claude, including x402-fetch — a drop-in replacement for HTTP fetch that handles 402 payments automatically. Your Claude agent gets a self-custody wallet and can pay for any x402-enabled API using SOL, ETH, or other tokens.

Here's the complete setup:

1. Quick MCP Setup

npm install -g @waiaas/cli
waiaas init --auto-provision
waiaas start
waiaas quickset --mode mainnet
waiaas mcp setup --all

This creates wallets on Ethereum and Solana, generates session tokens for Claude, and automatically configures your claude_desktop_config.json.

2. Claude Desktop Configuration

The setup command adds this to your Claude config:

{
  "mcpServers": {
    "waiaas": {
      "command": "npx",
      "args": ["-y", "@waiaas/mcp"],
      "env": {
        "WAIAAS_BASE_URL": "http://127.0.0.1:3100",
        "WAIAAS_SESSION_TOKEN": "wai_sess_eyJhbGciOiJIUzI1NiJ9...",
        "WAIAAS_DATA_DIR": "~/.waiaas"
      }
    }
  }
}

Restart Claude Desktop, and your agent now has access to all 45 WAIaaS MCP tools including wallet management, DeFi actions, and autonomous payments.

3. How x402-fetch Works

When Claude needs to call a premium API, it uses the x402_fetch tool instead of regular HTTP requests:

User: "Get real-time Bitcoin price from this premium API: https://premium-api.example.com/btc"

Claude: I'll fetch the Bitcoin price and handle any payment requirements automatically.

[Claude calls x402_fetch tool with URL and headers]
→ API returns 402 Payment Required with payment details
→ WAIaaS pays the required amount (e.g., 0.001 SOL)
→ API returns the Bitcoin price data
→ Claude presents the result to user

The payment happens transparently. Claude sees the API response, not the payment mechanics.

Policy-Controlled Spending

Since AI agents could potentially rack up unlimited API costs, WAIaaS uses policy controls to limit x402 spending:

# Set spending limits for x402 payments
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "X402_ALLOWED_DOMAINS",
    "rules": {
      "domains": ["premium-api.example.com", "*.openai.com"]
    }
  }'

# Combine with spending limits
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 1,
      "daily_limit_usd": 10,
      "monthly_limit_usd": 50
    }
  }'

This allows Claude to pay for API calls up to $1 instantly, with daily/monthly caps and domain restrictions. Higher amounts require approval through your configured notification channels.

Real-World Use Cases

Data Analysis Agent: Claude autonomously purchases premium market data, weather APIs, and satellite imagery to complete complex research tasks without hitting free tier limits.

AI-to-AI Services: Your Claude agent pays other AI services (GPT-4 vision, specialized models, computation resources) directly with cryptocurrency, enabling multi-agent workflows.

Dynamic API Access: Instead of managing dozens of API keys with different billing cycles, Claude pays per request only for what it needs, when it needs it.

Multi-Chain Payment Support

WAIaaS supports payments on 18 networks across Ethereum and Solana ecosystems. The x402-fetch tool automatically selects the appropriate token based on the API's payment requirements:

Ethereum: ETH, USDC, USDT
Solana: SOL, USDC
Layer 2s: Polygon, Arbitrum, Optimism, Base

Payment amounts are typically small (cents to dollars per API call), making this practical for high-frequency agent usage.

Security and Monitoring

All x402 payments go through WAIaaS's 7-stage transaction pipeline with policy enforcement, real-time monitoring, and approval workflows. You can track agent spending in the Admin Web UI at http://localhost:3100/admin and receive notifications for payments above your instant thresholds.

The default-deny policy system means agents can only pay whitelisted domains unless you explicitly configure broader access.

Quick Start: Give Claude Payment Powers

Install WAIaaS: npm install -g @waiaas/cli && waiaas init --auto-provision
Start daemon: waiaas start
Create wallets: waiaas quickset --mode mainnet (creates ETH + SOL wallets)
Setup MCP: waiaas mcp setup --all (auto-configures Claude)
Fund wallet: Transfer some ETH/SOL to your agent wallet addresses
Test: Ask Claude to "fetch data from any premium API URL" and watch it handle 402 payments automatically

Your Claude agent now autonomously pays for API access using its own cryptocurrency wallet, with policy controls ensuring responsible spending.

For more advanced MCP configurations and payment policies, check out How to Give Claude Desktop a Crypto Wallet in 60 Seconds and Build Trading Bots That Actually Work: WAIaaS Policy Engine Deep Dive.

What's Next

Start with x402 payments for your Claude workflows, then explore WAIaaS's full DeFi toolkit including automated trading, yield farming, and cross-chain bridging. The same MCP tools that enable autonomous payments also give Claude complete onchain capabilities.

Ready to try autonomous AI payments? Get started at GitHub or learn more at waiaas.ai.

CLI Notification Setup: Configure Push Alerts for Your Self-Hosted AI Wallet

Wallet Guy — Sat, 23 May 2026 08:33:16 +0000

CLI notification setup is critical for monitoring your self-hosted AI wallet infrastructure, but most developers skip this step until their first unmonitored transaction goes wrong. Setting up push alerts, Telegram notifications, and WalletConnect approvals through WAIaaS CLI ensures you maintain control over your agent's financial operations without relying on third-party services. Your keys, your server, your notification pipeline.

Why Notification Setup Matters for Self-Hosters

When you're running AI agents with real funds, silent failures aren't just bugs—they're financial risks. Unlike hosted wallet services that handle monitoring for you, self-hosted infrastructure puts you in control of every alert, approval, and security checkpoint. This means configuring notification channels before your agents start executing transactions, not after something goes wrong.

The stakes are straightforward: an unmonitored agent could drain funds through policy violations, failed transactions could leave positions open to liquidation, and manual approvals could timeout without human intervention. Self-hosted notification infrastructure solves this by routing alerts through channels you control—no third-party APIs, no rate limits, no external dependencies.

Setting Up Notification Channels

WAIaaS provides a unified CLI command for configuring all notification channels at once. The daemon supports 3 signing channels: push-relay-signing-channel, telegram-signing-channel, and wallet-notification-channel, each designed for different approval workflows.

Quick Notification Setup

# Configure all notification channels in one command
waiaas notification setup --all

# Or configure specific channels
waiaas notification setup --push-relay --telegram --walletconnect

The CLI will walk you through each channel configuration, generating the necessary API keys, webhook URLs, and connection tokens. Unlike hosted solutions, all notification routing happens within your infrastructure—the push relay runs in your Docker stack, Telegram bots use your bot tokens, and WalletConnect sessions connect directly to your daemon.

Docker Compose Notification Stack

The complete notification infrastructure deploys alongside your WAIaaS daemon:

services:
  daemon:
    image: ghcr.io/minhoyoo-iotrust/waiaas:latest
    container_name: waiaas-daemon
    ports:
      - "127.0.0.1:3100:3100"
    volumes:
      - waiaas-data:/data
    environment:
      - WAIAAS_DATA_DIR=/data
      - WAIAAS_DAEMON_HOSTNAME=0.0.0.0
    restart: unless-stopped

  push-relay:
    image: ghcr.io/minhoyoo-iotrust/waiaas:push-relay
    container_name: waiaas-push-relay
    environment:
      - PUSH_RELAY_PORT=3200
    depends_on:
      - daemon
    restart: unless-stopped

This gives you 2 Docker images working together: the main WAIaaS daemon handling transactions and policies, plus a dedicated push-relay service for real-time notifications. Everything runs locally without external notification services.

Notification Channel Types

Push Relay for Real-Time Alerts

The push-relay-signing-channel handles instant notifications for policy violations, transaction approvals, and system alerts. It's particularly useful for monitoring agent behavior in development:

# Start daemon with push relay
docker compose up -d

# Test push notifications
curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "TRANSFER",
    "to": "test-address",
    "amount": "1000"
  }'

If this transaction hits your SPENDING_LIMIT policy's NOTIFY tier, you'll receive a push notification with transaction details, policy evaluation, and approval options—all routed through your local push relay.

Telegram for Human Approvals

The telegram-signing-channel integrates with Telegram bots for transaction approvals. This is essential when your policies include APPROVAL tier transactions:

# Configure Telegram notifications
waiaas notification setup --telegram
# Follow prompts to create bot token and chat ID

When an agent transaction requires human approval (hits the APPROVAL tier in your SPENDING_LIMIT policy), WAIaaS sends a Telegram message with transaction details and approval buttons. You approve or deny directly in Telegram, maintaining the human-in-the-loop security model while keeping everything under your control.

WalletConnect for Owner Authentication

The wallet-notification-channel handles WalletConnect integration for owner approval of agent transactions:

# Set up WalletConnect notifications
waiaas notification setup --walletconnect

# Check WalletConnect status
waiaas owner status

This creates a WalletConnect session between your personal wallet and the WAIaaS daemon. When agent transactions need owner approval, your wallet app receives the signing request directly. No centralized WalletConnect relay—the connection runs through your daemon.

Policy-Driven Notification Triggers

Notifications trigger based on your policy configuration. The 4 security tiers (INSTANT, NOTIFY, DELAY, APPROVAL) determine when and how you receive alerts:

# Create a policy that triggers notifications
curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 10,
      "notify_max_usd": 100,
      "delay_max_usd": 1000,
      "delay_seconds": 300
    }
  }'

With this policy:

Transactions ≤ $10: Execute silently (INSTANT)
Transactions ≤ $100: Execute + send notification (NOTIFY)
Transactions ≤ $1000: Queue for 5 minutes + notification with cancel option (DELAY)
Transactions > $1000: Block until human approval (APPROVAL)

Your notification channels receive different message types for each tier, letting you respond appropriately to each situation.

Integration with CLI Workflows

The CLI provides 20 commands for managing your notification infrastructure alongside wallet operations:

# Core notification commands
waiaas notification setup     # Configure notification channels
waiaas status                # Check daemon + notification status
waiaas owner connect         # Connect WalletConnect for approvals
waiaas owner disconnect      # Disconnect WalletConnect
waiaas owner status          # Check owner connection status

# Session management with notifications
waiaas session prompt        # Create session for AI agent
waiaas quickset --mode mainnet  # Create wallets + sessions + notifications

The quickset command is particularly useful for self-hosters—it creates wallets, generates session tokens for your AI agents, configures MCP integration, and sets up notification channels in one step.

Monitoring and Alerting

Once notifications are configured, you can monitor your agent's financial activity in real-time:

# Check recent transactions
curl http://127.0.0.1:3100/v1/transactions \
  -H "Authorization: Bearer wai_sess_<token>"

# Monitor incoming deposits
curl http://127.0.0.1:3100/v1/incoming/summary \
  -H "Authorization: Bearer wai_sess_<token>"

# Check policy violations
curl http://127.0.0.1:3100/v1/policies \
  -H "X-Master-Password: my-secret-password"

Your notification channels will alert you to policy violations, failed transactions, incoming deposits, and approval requests. The Admin Web UI at /admin provides a dashboard view of all this activity, but notifications ensure you catch issues even when you're not actively monitoring.

Quick Start: Complete Notification Setup

Here's the minimal path to get notifications working with your self-hosted WAIaaS instance:

Start WAIaaS with Docker Compose:

git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
cd WAIaaS
docker compose up -d

Initialize and create wallet:

npm install -g @waiaas/cli
waiaas init
waiaas start
waiaas quickset --mode mainnet

Configure notifications:

waiaas notification setup --all

Test notification flow:

# Create a policy that will trigger notifications
waiaas session prompt  # Get session token for testing
# Use the session token to make a test transaction that hits NOTIFY tier

Verify channels are working:

waiaas status  # Should show notification channels as "connected"

This gives you a complete self-hosted wallet infrastructure with real-time notifications, human approval workflows, and policy-based alerting—all running on your hardware with your API keys.

What's Next

Your self-hosted AI wallet infrastructure is now equipped with comprehensive notification monitoring. This foundation supports advanced workflows like automated DeFi strategies with human checkpoints, cross-chain bridging with approval gates, and multi-agent coordination with centralized oversight.

Ready to deploy your own notification-enabled AI wallet infrastructure? Clone the repository at https://github.com/minhoyoo-iotrust/WAIaaS and follow the quickstart guide at https://waiaas.ai to get your first agent wallet running with full notification coverage in under 10 minutes.

CONTRACT_WHITELIST: Lock Your AI Agent to Pre-Approved Smart Contracts Only

Wallet Guy — Fri, 22 May 2026 15:52:58 +0000

Smart contracts power DeFi, but they're also the wild west of crypto — and letting an AI agent call arbitrary contracts is like handing it the keys to your entire portfolio. Most wallet systems for AI agents rely on blacklists or spending limits, but what if your agent encounters a malicious contract that wasn't on anyone's radar? WAIaaS flips the script with CONTRACT_WHITELIST policies that enforce default-deny security: your agent can only interact with contracts you've explicitly pre-approved, and everything else gets blocked at the policy layer.

Why Contract Whitelisting Matters

AI agents are pattern-matching machines, not security auditors. They'll happily interact with a contract that looks legitimate — same function signatures, similar rewards — without understanding that it's a honeypot designed to drain wallets. Traditional spending limits don't help here because the malicious contract might only ask for a small amount initially, then use that approval for a larger drain later.

The stakes are particularly high for trading and DeFi agents. These systems need to interact with protocols like Uniswap, Aave, or Jupiter, but they shouldn't have carte blanche to call any contract they discover. A compromised agent or a clever prompt injection could redirect funds to an attacker's contract, and by the time you notice, it's too late.

Default-deny security flips this around: instead of trying to identify every bad contract (an impossible task), you identify the handful of contracts your agent actually needs, whitelist only those, and block everything else. It's the principle of least privilege applied to smart contract interactions.

How CONTRACT_WHITELIST Works in WAIaaS

WAIaaS implements contract whitelisting through its policy engine, which operates in the transaction pipeline before any signing or execution occurs. When your agent attempts to interact with a smart contract, the policy engine checks the target address against your whitelist. If the contract isn't explicitly allowed, the transaction gets denied immediately — no gas spent, no funds at risk.

The policy enforces default-deny behavior. This means that without a CONTRACT_WHITELIST policy configured, all contract calls are blocked. Your agent can only perform basic transfers until you explicitly define which protocols it's allowed to use.

Here's how to create a CONTRACT_WHITELIST policy:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "CONTRACT_WHITELIST",
    "rules": {
      "contracts": [
        {
          "address": "JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4",
          "name": "Jupiter Aggregator",
          "chain": "solana"
        },
        {
          "address": "0xE592427A0AEce92De3Edee1F18E0157C05861564",
          "name": "Uniswap V3 Router",
          "chain": "ethereum"
        },
        {
          "address": "0x7d2768dE32b0b80b7a3454c06BdAc94A69DDc7A9",
          "name": "Aave Lending Pool",
          "chain": "ethereum"
        }
      ]
    }
  }'

This policy creates an explicit allowlist of three contracts: Jupiter for Solana token swaps, Uniswap V3 for Ethereum swaps, and Aave for lending. Your agent can interact with these specific addresses, but any attempt to call other contracts — even legitimate ones — will be blocked.

The policy integrates with WAIaaS's 7-stage transaction pipeline. When your agent submits a transaction, it passes through validation, authentication, and then hits the policy stage where CONTRACT_WHITELIST rules are enforced. If the target address isn't on the list, the transaction gets denied before reaching the execution stage.

You can combine CONTRACT_WHITELIST with other policies for defense-in-depth. For example, pairing it with SPENDING_LIMIT creates both address-based and amount-based restrictions:

# First, create spending limits
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 10,
      "notify_max_usd": 100,
      "delay_max_usd": 1000,
      "delay_seconds": 300
    }
  }'

# Then add contract whitelist
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "CONTRACT_WHITELIST",
    "rules": {
      "contracts": [
        {"address": "JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4", "name": "Jupiter", "chain": "solana"}
      ]
    }
  }'

Now your agent faces both restrictions: it can only call Jupiter, and transactions over $10 will trigger notifications, delays, or approvals based on the amount.

METHOD_WHITELIST for Fine-Grained Control

For even more precise control, you can combine CONTRACT_WHITELIST with METHOD_WHITELIST to restrict which functions your agent can call on approved contracts. This is particularly useful for complex protocols where you want to allow specific operations but block others.

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "METHOD_WHITELIST",
    "rules": {
      "methods": [
        "0x38ed1739",  // swapExactTokensForTokens
        "0x8803dbee"   // swapTokensForExactTokens
      ]
    }
  }'

This allows your agent to perform swaps on whitelisted contracts but blocks other functions like liquidity provision or governance actions.

Real-World Integration Patterns

Most AI trading agents need to interact with a small, predictable set of protocols. A typical DeFi agent might only need Jupiter for Solana swaps, Lido for ETH staking, and Aave for lending. By whitelisting just these contracts, you eliminate 99% of the attack surface while preserving all the functionality your agent actually uses.

Here's how this looks in practice with the WAIaaS SDK:

import { WAIaaSClient } from '@waiaas/sdk';

const client = new WAIaaSClient({
  baseUrl: 'http://127.0.0.1:3100',
  sessionToken: process.env.WAIAAS_SESSION_TOKEN,
});

try {
  // This works - Jupiter is whitelisted
  const swapResult = await client.executeAction('jupiter-swap', 'swap', {
    inputMint: 'So11111111111111111111111111111111111111112', // SOL
    outputMint: 'EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v', // USDC
    amount: '1000000000' // 1 SOL
  });

  console.log(`Swap initiated: ${swapResult.id}`);

  // This fails - random contract not on whitelist
  const maliciousCall = await client.callContract({
    to: '0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef',
    data: '0x...'
  });
} catch (error) {
  console.log(`Blocked by policy: ${error.message}`);
  // Error: Transaction denied by CONTRACT_WHITELIST policy
}

The beauty of this approach is that your agent code doesn't need to change. It attempts the transaction normally, and the policy layer handles the security enforcement. This makes it easy to add whitelisting to existing agents without refactoring.

Multi-Chain Contract Management

WAIaaS supports contract whitelisting across multiple chains simultaneously. Each contract in your whitelist specifies its chain, so you can create policies that span Ethereum, Solana, Polygon, and other supported networks:

{
  "contracts": [
    {"address": "0xE592427A0AEce92De3Edee1F18E0157C05861564", "name": "Uniswap V3", "chain": "ethereum"},
    {"address": "0xE592427A0AEce92De3Edee1F18E0157C05861564", "name": "Uniswap V3", "chain": "polygon"},
    {"address": "JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4", "name": "Jupiter", "chain": "solana"}
  ]
}

This is particularly important for cross-chain agents that need to maintain consistent security policies across different networks. The same whitelist logic applies regardless of which chain your agent is operating on.

Quick Start: Locking Down Your Agent

Here's how to set up contract whitelisting for a new agent in under 5 minutes:

Start WAIaaS and create a wallet:

npm install -g @waiaas/cli
waiaas init
waiaas start
waiaas wallet create --name "trading-agent" --chain solana

Create a session for your agent:

waiaas session create --wallet-id <wallet-uuid>
# Copy the returned session token

Set up contract whitelist policy:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <your-password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "CONTRACT_WHITELIST",
    "rules": {
      "contracts": [
        {"address": "JUP6LkbZbjS1jKKwapdHNy74zcZ3tLUZoi5QNyVTaV4", "name": "Jupiter", "chain": "solana"}
      ]
    }
  }'

Test the restriction:

# This should work (Jupiter is whitelisted)
curl -X POST http://localhost:3100/v1/actions/jupiter-swap/swap \
  -H "Authorization: Bearer <session-token>" \
  -d '{"inputMint": "So11111111111111111111111111111111111111112", "outputMint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v", "amount": "1000000"}'

# This should fail (random contract)
curl -X POST http://localhost:3100/v1/transactions/send \
  -H "Authorization: Bearer <session-token>" \
  -d '{"type": "ContractCall", "to": "randomcontractaddress", "data": "0x"}'

Monitor and adjust: Use the admin UI at http://localhost:3100/admin to view policy enforcement logs and add new contracts as needed.

Your agent is now locked down to only interact with Jupiter for token swaps. Any attempt to call other contracts — malicious or otherwise — gets blocked automatically.

What's Next

CONTRACT_WHITELIST is one of 21 policy types in WAIaaS's security framework. Combined with spending limits, time restrictions, and human approval workflows, it creates multiple layers of protection for AI agents handling crypto assets. To learn more about implementing comprehensive security for your agent, check out the full documentation at the GitHub repository and explore the other policy types available in the system.

Ready to lock down your AI agent? Get started with WAIaaS at GitHub or visit waiaas.ai for more information.

PERP_MAX_LEVERAGE Policy: Prevent Your Trading Bot from Going Full Degen

Wallet Guy — Fri, 22 May 2026 09:52:28 +0000

Your trading bot is crushing it on paper — 20% APY backtests, perfect entry signals, flawless arbitrage logic. But in production, it's bleeding money on high gas fees, getting rekt by unlimited leverage positions, and you're watching helplessly as it YOLOs your entire portfolio on a single perp trade. The PERP_MAX_LEVERAGE policy in WAIaaS puts guardrails on your bot's risk appetite, preventing those 100x leverage disasters that turn profitable strategies into portfolio obituaries.

Why Leverage Limits Matter for Automated Trading

Trading bots are ruthlessly efficient at following their programming — including following it straight off a cliff. A bot that's coded to "maximize returns" will happily open a 50x leveraged position on a memecoin if the math looks good for exactly one block. Unlike human traders who hesitate before clicking "max leverage," bots execute with zero emotional guardrails.

This is especially dangerous in DeFi protocols like Hyperliquid, Drift, or GMX where leverage can go as high as 100x. A single bad tick, a brief liquidity crunch, or an MEV sandwich attack can liquidate positions instantly at extreme leverage. Your arbitrage bot that's supposed to make 0.1% per trade suddenly loses 90% of its capital on one overleveraged position.

How PERP_MAX_LEVERAGE Policy Works

WAIaaS implements leverage control at the wallet level through its policy engine. The PERP_MAX_LEVERAGE policy intercepts perpetual futures transactions before they hit the blockchain and validates the leverage ratio against your configured limits.

Here's how to set up leverage limits for your trading bot:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: your-master-password' \
  -d '{
    "walletId": "your-wallet-uuid",
    "type": "PERP_MAX_LEVERAGE",
    "rules": {
      "max_leverage": 5.0,
      "protocol_overrides": {
        "hyperliquid": 3.0,
        "drift": 2.0
      },
      "market_overrides": {
        "BTC-PERP": 10.0,
        "ETH-PERP": 8.0,
        "DOGE-PERP": 2.0
      }
    }
  }'

This policy configuration creates multiple safety layers:

Default max leverage of 5x across all perpetual positions
Protocol-specific limits (3x on Hyperliquid, 2x on Drift)
Market-specific overrides (10x on BTC/ETH, but only 2x on memecoins)

The policy engine evaluates these rules in order: market-specific overrides take precedence, then protocol-specific limits, then the global maximum.

Trading Bot Integration

Your bot can query the effective leverage limits before placing trades to avoid policy rejections:

# Check current policies for your wallet
curl http://localhost:3100/v1/policies?walletId=your-wallet-uuid \
  -H "Authorization: Bearer wai_sess_your-session-token"

When your bot attempts to open a position that exceeds the leverage limit, WAIaaS blocks the transaction and returns a clear error:

{
  "error": {
    "code": "POLICY_DENIED",
    "message": "Leverage 8.0x exceeds maximum allowed 5.0x for this market",
    "domain": "POLICY",
    "retryable": false,
    "details": {
      "policy_type": "PERP_MAX_LEVERAGE",
      "requested_leverage": 8.0,
      "max_allowed": 5.0,
      "market": "SOL-PERP"
    }
  }
}

Your bot can catch this error and either skip the trade or reduce the position size to stay within limits.

Multi-Protocol Risk Management

WAIaaS integrates with multiple perpetual protocols through its unified action system. Your bot can trade on Hyperliquid and Drift through the same API while maintaining consistent leverage limits across protocols:

# Trade on Hyperliquid with leverage validation
curl -X POST http://localhost:3100/v1/actions/hyperliquid/place-order \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_your-token" \
  -d '{
    "market": "BTC-PERP",
    "side": "long",
    "size": "0.1",
    "leverage": 8.0,
    "orderType": "market"
  }'

# Same leverage validation applies to Drift
curl -X POST http://localhost:3100/v1/actions/drift/place-order \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_your-token" \
  -d '{
    "market": "ETH-PERP",
    "side": "short", 
    "size": "1.0",
    "leverage": 8.0,
    "orderType": "limit",
    "price": "3500"
  }'

Both requests would be blocked if they exceed your configured leverage limits, regardless of which protocol your bot is trying to use.

Position Size Limits

Combine PERP_MAX_LEVERAGE with PERP_MAX_POSITION_USD for comprehensive risk control:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: your-master-password' \
  -d '{
    "walletId": "your-wallet-uuid",
    "type": "PERP_MAX_POSITION_USD",
    "rules": {
      "max_position_usd": 10000,
      "market_overrides": {
        "BTC-PERP": 25000,
        "ETH-PERP": 20000,
        "SHIB-PERP": 1000
      }
    }
  }'

Now your bot can't open positions larger than $10K by default, with higher limits on major pairs and lower limits on risky assets. The policy engine enforces both leverage AND position size limits simultaneously.

Dynamic Policy Management

For sophisticated trading strategies, you can adjust leverage limits programmatically based on market conditions:

# Reduce leverage during high volatility periods
curl -X PATCH http://localhost:3100/v1/policies/your-policy-id \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: your-master-password' \
  -d '{
    "rules": {
      "max_leverage": 2.0,
      "protocol_overrides": {
        "hyperliquid": 1.5
      }
    }
  }'

This allows your bot to implement volatility-adjusted risk management — higher leverage during calm markets, lower leverage when VIX spikes or funding rates go parabolic.

Emergency Position Management

WAIaaS provides position monitoring and emergency controls for when markets move against you:

# Get current DeFi positions across all protocols
curl http://localhost:3100/v1/wallet/defi-positions \
  -H "Authorization: Bearer wai_sess_your-token"

This returns a unified view of all your perpetual positions, loans, and liquidity provisions across protocols, making it easier to monitor total portfolio risk.

Quick Start: Set Up Leverage Limits

Install WAIaaS CLI and start the daemon:

npm install -g @waiaas/cli
waiaas start

Create a trading wallet:

waiaas wallet create --name "perp-bot" --chain solana --environment mainnet

Set leverage policy:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: your-password' \
  -d '{
    "walletId": "your-wallet-id",
    "type": "PERP_MAX_LEVERAGE", 
    "rules": {"max_leverage": 5.0}
  }'

Create session for your bot:

waiaas session create --wallet-id your-wallet-id

Test with a trade:

curl -X POST http://localhost:3100/v1/actions/hyperliquid/place-order \
  -H "Authorization: Bearer your-session-token" \
  -d '{"market": "BTC-PERP", "side": "long", "size": "0.01", "leverage": 3.0}'

Your bot now has built-in leverage protection that prevents catastrophic over-leveraging while still allowing aggressive strategies within your risk parameters.

Gas Conditional Execution: Only Trade When Gas is Cheap

Multi-Chain Arbitrage Bot Setup with WAIaaS

4-Tier Security for High-Frequency Trading Bots

What's Next

The PERP_MAX_LEVERAGE policy is just one of 21 policy types available in WAIaaS for comprehensive trading bot risk management. Explore position size limits, venue whitelisting, and spending controls to build bulletproof automated trading systems.

Ready to add professional risk controls to your trading bot? Clone the repo at https://github.com/minhoyoo-iotrust/WAIaaS or explore the full documentation at https://waiaas.ai.

Self-Hosted Push Notifications: Docker Push-Relay Service for AI Agent Wallets

Wallet Guy — Thu, 21 May 2026 16:23:04 +0000

Self-hosted push notifications for AI agent wallets eliminate the privacy risks and vendor dependencies that come with third-party notification services. When your AI agents handle crypto transactions worth thousands of dollars, you need complete control over the communication channels that approve or deny those operations.

Traditional notification systems require trusting external providers with sensitive transaction data, creating potential security vulnerabilities and privacy leaks. For developers building autonomous trading bots or DeFi agents, this dependency on external services introduces unwanted risk into their infrastructure stack.

Why Self-Hosted Notifications Matter

AI agents operating in DeFi need real-time approval workflows for high-value transactions. When your trading bot wants to execute a $10,000 swap or your yield farming agent needs to move funds between protocols, you want immediate notification and approval capabilities — without sending transaction details through someone else's servers.

Self-hosted notifications also eliminate API rate limits, service outages, and account suspensions that can interrupt critical trading operations. Your infrastructure, your uptime guarantees.

WAIaaS Push-Relay Architecture

WAIaaS includes a dedicated push-relay service that handles mobile notifications without external dependencies. The system uses 2 Docker images: the main WAIaaS daemon plus push-relay for notification delivery.

# docker-compose.yml with push-relay
services:
  daemon:
    image: ghcr.io/minhoyoo-iotrust/waiaas:latest
    ports:
      - "127.0.0.1:3100:3100"
    volumes:
      - waiaas-data:/data

  push-relay:
    image: ghcr.io/minhoyoo-iotrust/waiaas-push-relay:latest
    ports:
      - "127.0.0.1:3101:3101"
    environment:
      - RELAY_DAEMON_URL=http://daemon:3100
    depends_on:
      - daemon

volumes:
  waiaas-data:

The push-relay service integrates with WAIaaS's 3 signing channels: push-relay-signing-channel, telegram-signing-channel, and wallet-notification-channel. This gives you multiple notification paths for transaction approvals.

Docker Deployment with Notification Setup

Start your self-hosted notification infrastructure in minutes:

# Clone and deploy both services
git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
cd WAIaaS
docker compose up -d

# Configure notification channels
waiaas notification setup --push-relay http://localhost:3101

The Docker entrypoint supports auto-provision and Docker Secrets for production deployments. You can configure environment variables for your specific notification requirements:

# Production deployment with secrets
mkdir -p secrets
echo "your-secure-webhook-secret" > secrets/push_secret.txt
chmod 600 secrets/push_secret.txt

docker compose -f docker-compose.yml -f docker-compose.secrets.yml up -d

Policy-Driven Notification Triggers

WAIaaS's policy engine determines when notifications fire based on 21 policy types and 4 security tiers. Configure spending limits that trigger notifications at specific thresholds:

# Create policy that sends push notifications for transactions over $100
curl -X POST http://127.0.0.1:3100/v1/policies \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 10,
      "notify_max_usd": 100,
      "delay_max_usd": 1000,
      "delay_seconds": 900,
      "daily_limit_usd": 5000
    }
  }'

The 4 security tiers (INSTANT, NOTIFY, DELAY, APPROVAL) integrate with your push notification system. NOTIFY tier executes transactions immediately while sending alerts. DELAY tier queues transactions for 15 minutes (configurable) with cancellation notifications. APPROVAL tier blocks execution until you approve via push notification.

Real-Time Transaction Monitoring

The incoming transaction monitoring service works with push notifications to alert you about deposits and other wallet activity:

# Check incoming transaction summary (triggers notifications)
curl http://127.0.0.1:3100/v1/wallet/incoming/summary \
  -H "Authorization: Bearer wai_sess_<token>"

This integrates with the wallet notification channel to send real-time alerts when funds arrive in your AI agent wallets. Perfect for monitoring trading bot profits or DeFi reward claims.

Multi-Channel Notification Strategy

Configure multiple notification channels for redundancy. If push notifications fail, fall back to Telegram or other channels:

# Set up Telegram as backup channel
waiaas notification setup --telegram-bot-token <token> --chat-id <id>

# Configure notification preferences
curl -X POST http://127.0.0.1:3100/v1/settings/notifications \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{
    "channels": ["push-relay", "telegram"],
    "failover": true,
    "retry_attempts": 3
  }'

Quick Start: Self-Hosted Notification Setup

Deploy the stack: docker compose up -d starts both WAIaaS daemon and push-relay service
Create a wallet: waiaas wallet create --name trading-bot --chain solana
Configure policies: Set spending limits that trigger notifications at your preferred thresholds
Set up push endpoints: waiaas notification setup --push-relay http://localhost:3101
Test the flow: Send a transaction above your notify threshold and verify push delivery

Integration with Mobile Apps

The push-relay service exposes webhook endpoints that mobile applications can subscribe to. Your custom wallet apps receive transaction approval requests without relying on Firebase, APNs, or other external push services:

# Register mobile app webhook
curl -X POST http://127.0.0.1:3101/v1/webhooks/register \
  -H "Content-Type: application/json" \
  -d '{
    "endpoint": "https://your-app.com/webhook/waiaas",
    "events": ["transaction_pending", "balance_change"],
    "secret": "webhook-verification-secret"
  }'

This gives you end-to-end control over the notification pipeline from transaction detection to mobile delivery.

Ready to eliminate third-party dependencies from your AI agent infrastructure? Check out the WAIaaS repository for complete Docker setup instructions, or visit the official documentation for advanced notification configuration options. Your keys, your server, your notifications — exactly as it should be.

17 SessionAuth Tools in OpenClaw: Integrate Any AI Framework with Wallet Infrastructure

Wallet Guy — Thu, 21 May 2026 10:07:05 +0000

Your AI agent can analyze markets, generate trading strategies, and even write smart contracts. But can it actually execute those trades? Most AI frameworks hit a wall when it comes to blockchain interactions—until now.

Why AI Agents Need Wallet Infrastructure

AI agents are getting incredibly sophisticated. They can research DeFi protocols, identify arbitrage opportunities, and build complex trading strategies. But there's always been a gap: the moment they need to actually interact with money, they're stuck.

Traditional solutions require agents to manage private keys directly (dangerous), rely on external wallet APIs (centralized), or ask humans to manually execute every transaction (defeats the purpose). What's needed is a secure, self-hosted wallet service that agents can integrate with—regardless of which AI framework you're using.

OpenClaw: 17 Tools for Any AI Framework

WAIaaS solves this with OpenClaw, a plugin that provides 17 sessionAuth tools specifically designed for AI agent integration. While WAIaaS has native MCP integration with 45 tools for Claude, OpenClaw brings the core wallet functionality to any AI framework—LangChain, CrewAI, AutoGPT, or custom agent implementations.

Here are the 17 OpenClaw tools available for your agents:

Wallet Management Tools

get-balance — Check wallet's native token balance
get-address — Get wallet's public address
get-assets — List all token balances
get-wallet-info — Complete wallet information

Transfer Operations

send-token — Send native tokens or SPL/ERC-20 transfers
transfer-nft — Send NFTs (ERC-721/ERC-1155 on EVM, Metaplex on Solana)
approve-token — Approve token spending for DeFi protocols

DeFi Integration

get-defi-positions — View lending positions, staking rewards, liquidity pools
execute-action — Execute DeFi operations across 15 integrated protocols
get-health-factor — Monitor lending health across Aave, Compound, etc.

Transaction Management

sign-transaction — Sign arbitrary blockchain transactions
simulate-transaction — Dry-run transactions before execution
get-transaction — Query transaction status and details
list-transactions — Get transaction history

Advanced Features

x402-fetch — HTTP requests with automatic micropayments
sign-message — Sign arbitrary messages for authentication
get-policies — Check active spending limits and restrictions

Quick Integration Example

Here's how to integrate OpenClaw tools with a Python AI agent:

import requests
from typing import Dict, Any

class WAIaaSTools:
    def __init__(self, base_url: str, session_token: str):
        self.base_url = base_url
        self.headers = {"Authorization": f"Bearer {session_token}"}

    def get_balance(self) -> Dict[str, Any]:
        """Get wallet balance - core tool for any trading agent"""
        response = requests.get(f"{self.base_url}/v1/wallet/balance", headers=self.headers)
        return response.json()

    def send_token(self, to: str, amount: str, token: str = None) -> Dict[str, Any]:
        """Send tokens - essential for executing trades"""
        payload = {"type": "TRANSFER", "to": to, "amount": amount}
        if token:
            payload["type"] = "TOKEN_TRANSFER"
            payload["token"] = token

        response = requests.post(f"{self.base_url}/v1/transactions/send", 
                               json=payload, headers=self.headers)
        return response.json()

    def execute_defi_action(self, provider: str, action: str, params: Dict[str, Any]) -> Dict[str, Any]:
        """Execute DeFi operations - swap, lend, stake, etc."""
        response = requests.post(f"{self.base_url}/v1/actions/{provider}/{action}",
                               json=params, headers=self.headers)
        return response.json()

# Usage in your AI agent
tools = WAIaaSTools("http://127.0.0.1:3100", "wai_sess_your_token_here")

# Agent can now check balance
balance = tools.get_balance()
print(f"Agent wallet: {balance['balance']} {balance['symbol']}")

# And execute DeFi operations
swap_result = tools.execute_defi_action("jupiter-swap", "swap", {
    "inputMint": "So11111111111111111111111111111111111111112",  # SOL
    "outputMint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",  # USDC  
    "amount": "1000000000"  # 1 SOL
})

LangChain Integration Example

For LangChain users, OpenClaw tools can be wrapped as LangChain tools:

from langchain.tools import Tool
from langchain.agents import initialize_agent, AgentType
from langchain.llms import OpenAI

def create_waiaas_tools(waiaas_client):
    return [
        Tool(
            name="check_wallet_balance",
            description="Get the current wallet balance",
            func=lambda x: waiaas_client.get_balance()
        ),
        Tool(
            name="send_tokens", 
            description="Send tokens to an address. Input: 'address,amount'",
            func=lambda x: waiaas_client.send_token(*x.split(','))
        ),
        Tool(
            name="swap_tokens",
            description="Swap tokens on Jupiter DEX. Input: 'input_token,output_token,amount'", 
            func=lambda x: waiaas_client.execute_defi_action("jupiter-swap", "swap", {
                "inputMint": x.split(',')[0],
                "outputMint": x.split(',')[1], 
                "amount": x.split(',')[2]
            })
        )
    ]

# Initialize agent with wallet tools
llm = OpenAI(temperature=0)
waiaas_tools = create_waiaas_tools(WAIaaSTools(base_url, token))
agent = initialize_agent(waiaas_tools, llm, agent=AgentType.ZERO_SHOT_REACT_DESCRIPTION)

# Agent can now execute: "Check my balance and swap 0.1 SOL for USDC"
response = agent.run("Check my balance and if I have more than 0.1 SOL, swap it for USDC")

Session-Based Security

OpenClaw tools use WAIaaS's session authentication system. Each AI agent gets a dedicated session with configurable permissions and spending limits:

# Create a session for your AI agent (requires master password)
curl -X POST http://127.0.0.1:3100/v1/sessions \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: your-master-password" \
  -d '{
    "walletId": "your-wallet-uuid",
    "ttl": 86400,
    "maxRenewals": 30,
    "absoluteLifetime": 2592000
  }'

The session token (starting with wai_sess_) is what your AI agent uses for all operations. Sessions can be configured with spending limits, token whitelists, and time restrictions through WAIaaS's 21 policy types.

Multi-Chain Support

Your agents can work across 18 networks spanning Ethereum, Solana, Polygon, Arbitrum, and more. The same OpenClaw tools work regardless of the underlying blockchain:

# Works on Solana
solana_swap = tools.execute_defi_action("jupiter-swap", "swap", {...})

# Same interface on Ethereum  
ethereum_swap = tools.execute_defi_action("zerox-swap", "swap", {...})

# Or cross-chain bridging
bridge_tx = tools.execute_defi_action("lifi", "bridge", {
    "fromChain": "ethereum",
    "toChain": "polygon", 
    "fromToken": "USDC",
    "toToken": "USDC",
    "amount": "100000000"
})

Getting Started in 5 Minutes

Install WAIaaS daemon:

   npm install -g @waiaas/cli
   waiaas init && waiaas start

Create a wallet and session:

   waiaas wallet create --name "agent-wallet" --chain solana
   # Note the wallet ID from output
   waiaas session create --wallet-id <wallet-id>
   # Note the session token from output

Fund your wallet with some tokens for testing (send SOL/ETH to the wallet address)
Test the integration:

   tools = WAIaaSTools("http://127.0.0.1:3100", "wai_sess_your_token")
   print(tools.get_balance())

Integrate with your AI framework using the patterns shown above

Advanced Capabilities

Beyond basic transfers, your agents can access sophisticated DeFi operations through WAIaaS's 15 integrated protocols:

Lending & Borrowing: Aave, Compound integration with health factor monitoring
DEX Trading: Jupiter (Solana), 0x Protocol (EVM) with slippage protection
Liquid Staking: Lido (Ethereum), Jito (Solana) for yield generation
Cross-chain: LI.FI and Across for bridging between networks
Perpetual Futures: Hyperliquid integration with position management
Prediction Markets: Polymarket for betting on future events

Each protocol is accessible through the same execute_defi_action interface, making it easy for agents to compose complex strategies.

Why OpenClaw vs Native MCP?

While WAIaaS provides 45 native MCP tools for Claude Desktop integration, OpenClaw's 17 tools focus on the core wallet operations that any AI agent needs:

Framework Agnostic: Works with LangChain, CrewAI, AutoGPT, custom agents
Lightweight: 17 focused tools vs 45 comprehensive MCP tools
REST-based: Simple HTTP integration, no stdio transport needed
Self-contained: No additional dependencies or configuration files

For Claude users, the native MCP integration provides the best experience. For everything else, OpenClaw is your bridge to wallet functionality.

Ready to give your AI agents financial superpowers? Check out the WAIaaS documentation on GitHub and explore the interactive API reference at waiaas.ai.

For more advanced integration patterns, see Building Trading Bots with WAIaaS: 7 DeFi Strategies in Python and Self-Hosted Wallet Infrastructure: Why Your AI Agents Need WAIaaS.

Your AI agents are about to become a lot more interesting. Time to let them loose in DeFi.

Claude Desktop Prediction Markets: MCP Tools for Polymarket Trading

Wallet Guy — Wed, 20 May 2026 16:34:50 +0000

Prediction markets have exploded in popularity, with platforms like Polymarket seeing billions in trading volume during major events. But trading these markets through web interfaces is clunky — you need to constantly switch between research, analysis, and execution. What if you could research an event, analyze the odds, and place trades directly through Claude Desktop using natural language?

Traditional prediction market trading requires juggling multiple browser tabs, manually calculating position sizes, and keeping track of market conditions across different events. For traders who rely on Claude for research and analysis, this context switching kills productivity and increases the chance of missing time-sensitive opportunities.

Why MCP Changes Everything for Prediction Markets

The Model Context Protocol (MCP) transforms how AI agents interact with external systems. Instead of copy-pasting between Claude and trading interfaces, MCP lets Claude directly access market data, analyze positions, and execute trades — all within a single conversation.

For prediction markets specifically, this is game-changing. You can ask Claude to "Show me all active election markets with odds under 30%" or "Place a $50 bet on the Democratic candidate in Pennsylvania" and have it executed immediately. The agent maintains context about your trading strategy, risk preferences, and market analysis across the entire session.

WAIaaS: MCP-Native Prediction Market Trading

WAIaaS provides 45 MCP tools for blockchain operations, including dedicated Polymarket integration for prediction market trading. When you add WAIaaS as an MCP server, Claude gains direct access to:

Market browsing and analysis
Position management
Trade execution with automatic wallet management
Real-time P&L tracking
Risk management through policy controls

The Polymarket integration supports the full trading lifecycle — from discovering markets to closing positions — all through conversational AI.

Setting Up Claude for Prediction Markets

1. Install WAIaaS

npm install -g @waiaas/cli
waiaas init
waiaas start
waiaas quickset --mode mainnet  # Creates Polygon wallet + session

2. Configure Claude Desktop MCP

Add this to your claude_desktop_config.json:

{
  "mcpServers": {
    "waiaas": {
      "command": "npx",
      "args": ["-y", "@waiaas/mcp"],
      "env": {
        "WAIAAS_BASE_URL": "http://127.0.0.1:3100",
        "WAIAAS_SESSION_TOKEN": "wai_sess_<your-token>",
        "WAIAAS_DATA_DIR": "~/.waiaas"
      }
    }
  }
}

3. Fund Your Wallet

# Get your wallet address
waiaas wallet info

# Send USDC to this address for trading

That's it. Restart Claude Desktop and you're ready to trade prediction markets conversationally.

Natural Language Prediction Market Trading

Once configured, you can interact with Polymarket through natural language:

Market Discovery:
"Show me all active markets about the 2024 election"
"Find prediction markets with high volume and tight spreads"
"What are the current odds on Trump winning Pennsylvania?"

Trade Execution:
"Buy $100 worth of 'Yes' shares on Harris winning the popular vote"
"Place a limit order for Trump Pennsylvania at 55 cents"
"Close my position in the Fed rate decision market"

Portfolio Management:
"Show my current Polymarket positions"
"What's my P&L across all prediction markets?"
"Set a stop-loss at 20% down on my election positions"

Advanced Trading Strategies with MCP

The real power comes from combining Claude's analytical capabilities with direct market access. Here are some advanced patterns:

Multi-Market Arbitrage Analysis

User: "Compare the odds on Trump winning between the general election market and individual swing state markets. Are there any arbitrage opportunities?"

Claude: Let me check the current odds across these markets...
→ Calls polymarket tool to get market data
→ Analyzes spreads and calculates implied probabilities
→ Identifies potential arbitrage trades
→ Can execute trades directly if profitable

Event-Driven Trading

User: "Monitor the Fed meeting market. If the probability of a rate cut drops below 40%, buy $200 of 'No' shares."

Claude: I'll set up monitoring for the Fed rate decision market...
→ Periodically checks market odds
→ Executes conditional trade when threshold is hit
→ Reports execution and position details

Risk Management

User: "I want to limit my total Polymarket exposure to $1000. Set up automatic position sizing."

Claude: I'll configure a spending limit policy...
→ Creates SPENDING_LIMIT policy with daily caps
→ Future trades will be automatically sized to stay within limits
→ Provides real-time exposure tracking

Policy-Based Risk Controls

WAIaaS includes a sophisticated policy engine with 21 policy types. For prediction markets, key policies include:

Spending Limits with 4-Tier Security:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 50,
      "notify_max_usd": 200,
      "delay_max_usd": 500,
      "delay_seconds": 300,
      "daily_limit_usd": 1000
    }
  }'

This creates automatic guardrails:

Trades under $50: Execute instantly
$50-200: Execute with notification
$200-500: 5-minute delay (cancellable)
Over $500: Require manual approval

Contract Whitelist for Polymarket Only:

{
  "type": "CONTRACT_WHITELIST",
  "rules": {
    "contracts": [
      {
        "address": "0x4D97DCd97eC945f40cF65F87097ACe5EA0476045",
        "name": "Polymarket CTF Exchange",
        "chain": "polygon"
      }
    ]
  }
}

Real-World Trading Example

Here's a complete trading session combining analysis and execution:

User: "I think Trump's chances in Pennsylvania are underpriced. What's the current market saying?"

Claude: Let me check the Pennsylvania market...
Current odds: Trump 58%, Harris 42%
Volume: $2.3M, Spread: 2 cents
→ [Uses polymarket MCP tool]

User: "Based on recent polling data I shared earlier, I think Trump should be closer to 65%. Buy $300 of Trump shares."

Claude: I'll execute that trade for you...
→ Calculates optimal order size
→ Places market buy order through MCP
→ Confirms execution: 517 shares at $0.58 avg
→ Updates position tracking

Position opened: 517 Trump PA shares
Cost: $300 (including fees)
Target price: $0.65 (+12% profit)
Stop loss: $0.50 (-14% loss)

User: "Set an alert if the price hits either my target or stop."

Claude: Alert configured. I'll monitor the Trump PA market and notify you when price reaches $0.65 or $0.50.

Quick Start Guide

Step 1: Install and Configure

npm install -g @waiaas/cli
waiaas init
waiaas start
waiaas quickset --mode mainnet

Step 2: Add MCP Configuration

Paste the MCP server config into claude_desktop_config.json and restart Claude.

Step 3: Fund Your Wallet

Get your wallet address with waiaas wallet info and send USDC to it.

Step 4: Start Trading

Open Claude Desktop and say: "Show me the most active Polymarket trading opportunities right now."

Step 5: Set Up Risk Management

Ask Claude to "Create a spending limit policy to cap my daily prediction market trading at $500."

What's Next

You now have a direct pipeline from Claude's analysis to Polymarket execution. The 45 MCP tools also support DeFi operations, cross-chain bridging, and NFT management — turning Claude into your complete onchain agent.

Ready to give Claude prediction market superpowers? Get started at GitHub or learn more at waiaas.ai.

ALLOWED_NETWORKS Policy: Lock Your AI Agent to Specific Blockchains

Wallet Guy — Wed, 20 May 2026 09:56:52 +0000

When you're building AI trading bots or DeFi agents, the ALLOWED_NETWORKS policy becomes your first line of defense against costly mistakes. A single misconfigured transaction on the wrong blockchain can drain funds or send tokens into the void, and AI agents don't have the street smarts to catch these errors before it's too late.

Why Network Isolation Matters for AI Agents

AI agents are powerful but naive. They'll execute whatever transaction you ask for, whether it makes sense or not. Send USDC to a testnet address? Sure. Try to interact with a malicious contract on an untrusted L2? No problem. Deploy a contract to the wrong network where gas costs $500? Why not.

The stakes are real. Production AI agents managing real funds need guardrails that prevent them from wandering into dangerous territory. That's where WAIaaS's ALLOWED_NETWORKS policy comes in—it creates a hard boundary around which blockchains your agent can touch.

How WAIaaS Network Policies Work

WAIaaS supports 18 networks across 2 chain types (EVM and Solana), but your agent doesn't need access to all of them. The ALLOWED_NETWORKS policy lets you explicitly whitelist only the networks your agent should use.

Here's how to lock your agent to specific blockchains:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "ALLOWED_NETWORKS",
    "rules": {
      "networks": [
        {"network": "ethereum-mainnet"},
        {"network": "solana-mainnet"}
      ]
    }
  }'

Now your agent can only execute transactions on Ethereum and Solana mainnets. Any attempt to use other networks gets blocked at the policy layer—before your agent can make expensive mistakes.

Common Network Isolation Patterns

Mainnet-Only Production Agents
Lock production agents to mainnet networks only. This prevents accidental testnet transactions that waste gas or send real tokens to worthless testnet addresses.

{
  "type": "ALLOWED_NETWORKS",
  "rules": {
    "networks": [
      {"network": "ethereum-mainnet"},
      {"network": "polygon-mainnet"},
      {"network": "solana-mainnet"}
    ]
  }
}

Development Environment Isolation
Development agents should stay in their sandbox. Restrict them to testnets so they can't accidentally touch production funds.

{
  "type": "ALLOWED_NETWORKS",
  "rules": {
    "networks": [
      {"network": "ethereum-sepolia"},
      {"network": "solana-devnet"}
    ]
  }
}

Single-Chain Specialists
Some agents are built for specific ecosystems. A Solana DeFi agent doesn't need EVM access—lock it down.

{
  "type": "ALLOWED_NETWORKS",
  "rules": {
    "networks": [
      {"network": "solana-mainnet"}
    ]
  }
}

Layered Security with Multiple Policies

ALLOWED_NETWORKS works best as part of a comprehensive security stack. Combine it with other WAIaaS policies for defense in depth:

# 1. Network restriction
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "ALLOWED_NETWORKS",
    "rules": {
      "networks": [{"network": "ethereum-mainnet"}]
    }
  }'

# 2. Token whitelist (default-deny)
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "ALLOWED_TOKENS",
    "rules": {
      "tokens": [
        {"address": "0xA0b86a33E6441E0cB433f0aDfa1f9C9C4E0a4D4", "symbol": "USDC", "chain": "ethereum"}
      ]
    }
  }'

# 3. Spending limits with 4-tier security
curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: <password>' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "SPENDING_LIMIT",
    "rules": {
      "instant_max_usd": 50,
      "notify_max_usd": 200,
      "delay_max_usd": 1000,
      "delay_seconds": 900,
      "daily_limit_usd": 2000
    }
  }'

This creates three layers of protection: network isolation, token whitelisting, and amount-based approval workflows.

Policy Enforcement in Action

WAIaaS uses a 7-stage transaction pipeline that enforces policies before execution. When your agent tries to execute a transaction:

Stage 1: Validate transaction format
Stage 2: Check session authentication
Stage 3: Policy evaluation (including ALLOWED_NETWORKS)
Stage 4: Apply delays or request approvals
Stage 5: Execute on blockchain
Stage 6: Confirm transaction
Stage 7: Update monitoring

If the ALLOWED_NETWORKS policy blocks a transaction, your agent gets a clear error response:

{
  "error": {
    "code": "POLICY_DENIED",
    "message": "Network 'ethereum-sepolia' not allowed by ALLOWED_NETWORKS policy",
    "domain": "POLICY",
    "retryable": false
  }
}

Testing Your Network Policies

Use WAIaaS's dry-run feature to test policy enforcement without executing real transactions:

curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer wai_sess_<token>" \
  -d '{
    "type": "TRANSFER",
    "to": "recipient-address",
    "amount": "0.1",
    "dryRun": true
  }'

This simulates the full policy evaluation pipeline without touching the blockchain, so you can verify your ALLOWED_NETWORKS configuration works as expected.

Emergency Overrides and Recovery

Network policies are enforced by default, but WAIaaS provides escape hatches for emergencies:

Owner Override: Fund owners can approve transactions that violate policies using WalletConnect signatures.

Master Admin: System administrators can modify or disable policies using masterAuth.

Session Management: Kill switch functionality lets you instantly revoke agent access if something goes wrong.

Quick Start: Lock Your Agent to Mainnet

Here's how to set up network isolation in 5 minutes:

Start WAIaaS daemon:

npm install -g @waiaas/cli
waiaas init && waiaas start

Create a wallet:

curl -X POST http://127.0.0.1:3100/v1/wallets \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{"name": "mainnet-only", "chain": "ethereum", "environment": "mainnet"}'

Apply network policy:

curl -X POST http://localhost:3100/v1/policies \
  -H 'Content-Type: application/json' \
  -H 'X-Master-Password: my-secret-password' \
  -d '{
    "walletId": "<wallet-uuid>",
    "type": "ALLOWED_NETWORKS",
    "rules": {
      "networks": [{"network": "ethereum-mainnet"}]
    }
  }'

Create agent session:

curl -X POST http://127.0.0.1:3100/v1/sessions \
  -H "Content-Type: application/json" \
  -H "X-Master-Password: my-secret-password" \
  -d '{"walletId": "<wallet-uuid>"}'

Test the restriction:

# This will be blocked by the ALLOWED_NETWORKS policy
curl -X POST http://127.0.0.1:3100/v1/transactions/send \
  -H "Authorization: Bearer <session-token>" \
  -d '{"type": "TRANSFER", "to": "0x...", "amount": "0.1", "network": "ethereum-sepolia"}'

Your agent is now locked to Ethereum mainnet and can't accidentally use other networks.

What's Next

ALLOWED_NETWORKS is just one of 21 policy types in WAIaaS's security framework. Combined with default-deny token whitelists, spending limits, and human approval workflows, you can build AI agents that are both powerful and safe.

Ready to add bulletproof network isolation to your AI agents? Get started with the full WAIaaS security stack at GitHub or learn more at waiaas.ai.