Your AI agent can analyze market data, execute trading strategies, and make complex financial decisions. But when it comes time to actually move money or execute a trade, it hits a wall — it can't touch the blockchain.
This isn't just a technical limitation; it's a fundamental barrier to building autonomous AI systems. Every transaction requires manual intervention, breaking the agent's autonomy and creating bottlenecks in automated workflows. Whether you're building with Claude MCP, LangChain, or any other AI framework, the story is the same: your agent is smart but can't transact.
The Missing Piece: Secure Agent Wallets
The blockchain world is full of opportunities for AI agents — from automated DeFi strategies to paying for API calls with crypto. But giving an AI agent direct access to private keys is like handing your credit card to a black box. You need something more sophisticated: a wallet service that gives agents transactional capabilities while maintaining human oversight and security controls.
This is where Wallet-as-a-Service for AI agents comes in. Instead of exposing raw private keys, you give agents API access to wallet functions through a secure, policy-controlled layer. The agent can request transactions, but they flow through validation, approval, and monitoring systems before touching the blockchain.
WAIaaS: The Self-Hosted Solution
WAIaaS is an open-source, self-hosted wallet service designed specifically for AI agents. With 14 DeFi protocol providers integrated and 45 MCP tools for AI agent integration, it bridges the gap between AI decision-making and blockchain execution.
The architecture is built around a 7-stage transaction pipeline that ensures security without sacrificing functionality. When your agent wants to make a transaction, it flows through validation, authentication, policy checks, optional delays, execution, confirmation, and monitoring stages.
Getting Started in One Command
The fastest way to see WAIaaS in action is with Docker:
# Clone and start — that's it
git clone https://github.com/minhoyoo-iotrust/WAIaaS.git
cd WAIaaS
docker compose up -d
For even simpler deployment, use the auto-provision mode:
docker run -d \
--name waiaas \
-p 127.0.0.1:3100:3100 \
-v waiaas-data:/data \
-e WAIAAS_AUTO_PROVISION=true \
ghcr.io/minhoyoo-iotrust/waiaas:latest
# Retrieve auto-generated master password
docker exec waiaas cat /data/recovery.key
The auto-provision mode generates a secure master password and stores it in a recovery file, so you can get up and running without manual configuration.
Docker Compose Configuration
For production deployments, WAIaaS provides a complete Docker Compose setup:
services:
daemon:
image: ghcr.io/minhoyoo-iotrust/waiaas:latest
container_name: waiaas-daemon
ports:
- "127.0.0.1:3100:3100"
volumes:
- waiaas-data:/data
environment:
- WAIAAS_DATA_DIR=/data
- WAIAAS_DAEMON_HOSTNAME=0.0.0.0
env_file:
- path: .env
required: false
restart: unless-stopped
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3100/health"]
interval: 30s
timeout: 5s
start_period: 10s
retries: 3
volumes:
waiaas-data:
driver: local
This configuration includes health checks, persistent data storage, and automatic restarts — everything you need for a production wallet service.
Security Architecture That Actually Works
WAIaaS implements a 3-layer security model: session authentication, time delays with approval mechanisms, and continuous monitoring with kill switches. This isn't security theater — it's a practical system that lets agents operate autonomously while keeping humans in control of the important decisions.
The system supports 3 authentication methods: masterAuth using Argon2id for administrative access, ownerAuth using Sign-in with Ethereum/Solana for wallet owners, and sessionAuth using JWT HS256 for AI agents. Each layer serves a specific purpose in the security model.
Policy enforcement follows a default-deny approach. Transactions are blocked unless explicitly allowed through ALLOWED_TOKENS or CONTRACT_WHITELIST configurations. This means your agent can only interact with pre-approved tokens and contracts, preventing unauthorized transactions.
Session management includes configurable TTL, maximum renewals, and absolute lifetime limits. You can set up sessions that last hours for active trading or days for ongoing automation, with the flexibility to revoke access instantly if needed.
Multi-Chain DeFi Integration
The platform supports 2 chain types across 15 networks, with deep integration into major DeFi protocols. The DeFi protocols include Aave v3 for lending, Jupiter and 0x for swapping, Lido and Jito for liquid staking, and LI.FI and Across for cross-chain bridging.
For more specialized use cases, WAIaaS includes Hyperliquid integration for perpetual futures and spot trading, Polymarket prediction market trading integration, and Kamino for Solana DeFi strategies. This broad protocol support means your agents can execute sophisticated DeFi strategies without you having to build individual integrations.
The system handles 7 transaction types in its core schema: Transfer, TokenTransfer, ContractCall, Approve, Batch, NftTransfer, and ContractDeploy. Whether your agent needs to make simple transfers or deploy complex smart contracts, the API provides consistent interfaces.
AI Agent Integration Made Simple
WAIaaS provides multiple integration paths depending on your AI framework. For Claude Desktop users, the MCP integration offers 45 tools that your agents can use directly. Tools range from basic wallet functions like get-balance and send-token to advanced capabilities like hyperliquid trading and polymarket predictions.
For other frameworks, the REST API exposes 39 route modules covering everything from transaction simulation to DeFi position monitoring. The TypeScript SDK and Python SDK provide programmatic access with proper type definitions and error handling.
The OpenClaw plugin offers 17 sessionAuth tools specifically designed for external AI agent frameworks, making integration straightforward regardless of which AI platform you're using.
Advanced Features for Production Use
Beyond basic wallet functions, WAIaaS includes several advanced features that production AI agents need. The dry-run API lets agents simulate transactions before execution, preventing costly mistakes and allowing for strategy validation.
Gas conditional execution means transactions only execute when gas prices meet your specified thresholds — perfect for cost-sensitive automated strategies. The x402 HTTP payment protocol support enables AI agents to pay for API calls automatically, creating truly autonomous economic agents.
NFT support covers both EVM standards (ERC-721/ERC-1155) and Solana's Metaplex with metadata caching. Incoming transaction monitoring provides real-time notifications for deposits, so your agents can react immediately to new funds or payments.
For scenarios requiring human oversight, WalletConnect integration allows wallet owners to approve agent transactions through familiar mobile interfaces. The system also supports ERC-4337 Account Abstraction with smart accounts and gasless transactions.
Getting Your Agent Connected
Here's how to get your AI agent transacting in under 5 minutes:
- Deploy WAIaaS: Use the Docker command above to start the service
- Set up wallets: Run the quickstart CLI to create wallets and sessions
- Configure your agent: Add the MCP tools to Claude or integrate via SDK
- Set policies: Configure which tokens and contracts your agent can access
- Start transacting: Your agent now has secure wallet access
For Claude Desktop users, the setup is particularly straightforward:
npm install -g @waiaas/cli
waiaas init # Create data directory + config.toml
waiaas start # Start daemon (sets master password on first run)
waiaas quickset --mode mainnet # Create wallets + MCP sessions in one step
The quickset command generates MCP configuration JSON that you can paste directly into Claude's desktop config, giving your Claude agent immediate access to wallet functions.
Production Deployment Considerations
For production deployments, consider using the secrets overlay for secure password management:
# Create secret files
mkdir -p secrets
echo "your-secure-password" > secrets/master_password.txt
chmod 600 secrets/master_password.txt
# Deploy with secrets overlay
docker compose -f docker-compose.yml -f docker-compose.secrets.yml up -d
The system includes comprehensive logging and monitoring through 611+ test files across all packages, ensuring reliability in production environments. Health checks are built into the Docker configuration, and the service includes automatic restart policies.
What's Next
You now have the foundation to build AI agents that can actually transact on blockchains. Start with the Docker deployment to see it in action, then explore the DeFi integrations and advanced features that match your use case.
Ready to give your AI agent a wallet? Check out the complete setup guide on GitHub or visit waiaas.ai for more examples and documentation.
Top comments (0)