# Agentic wallets

Give an autonomous agent an on-chain wallet it fully controls, then constrain it with [signing policies](/docs/configuration/policies) so it can only touch the contracts, methods, and amounts you permit. The agent acts on its own schedule; the policy is the guardrail.

Use this for trading bots, treasury automation, on-chain data agents, or any long-running process that needs to transact without a human in the loop.

## Prerequisites

Complete the [backend setup](/docs/products/server/setup), then initialize the SDK:

```ts [openfort.ts]
import Openfort from '@openfort/openfort-node'

export const openfort = new Openfort(process.env.OPENFORT_SECRET_KEY!, {
  walletSecret: process.env.OPENFORT_WALLET_SECRET!,
})
```

:::steps
## Create the agent's wallet

```ts
import { openfort } from './openfort'

const agentWallet = await openfort.accounts.evm.backend.create()
// Persist agentWallet.id — this is the agent's identity on-chain.
```

## Bound it with a policy

A [policy](/docs/configuration/policies) is the difference between a wallet and a *safe* agent wallet. Scope it to the exact contracts and methods the agent needs, and add rate or spend limits. Create it once in the [dashboard](/docs/configuration/policies) or via the API, then pass its `id` on every transaction.

```ts
const result = await openfort.accounts.evm.backend.sendTransaction({
  account: agentWallet,
  chainId: 84532,
  interactions: [{ to: '{{CONTRACT_ADDRESS}}', data: '{{CALLDATA}}' }],
  policy: '{{POLICY_ID}}', // the agent can only do what this allows
})
```

If a call falls outside the policy, Openfort rejects it before it reaches the chain — so a misbehaving or compromised agent can't drain funds or hit contracts you never approved.
:::

## Connect an agent suite

Any MCP-capable agent framework can drive an Openfort wallet through the [CLI MCP server](/docs/overview/building-with-ai#cli-mcp-server) — every CLI command becomes a tool, so the agent can create wallets, pre-flight policies, and submit transactions itself. Give it a policy-bounded wallet, point the suite at the server, and scope it to the tools it needs:

* `accounts_evm_create` — create its wallet
* `policies_evaluate` — pre-flight check an action against a policy
* `transactions_create` — submit a transaction

The server definition is the same everywhere — a stdio MCP server run through the CLI:

```json
{
  "mcpServers": {
    "openfort": {
      "command": "npx",
      "args": ["@openfort/cli", "--mcp"],
      "env": { "OPENFORT_API_KEY": "${OPENFORT_API_KEY}" }
    }
  }
}
```

:::warning
The CLI MCP server acts with your secret key (the CLI reads it from `OPENFORT_API_KEY`). Keep it in the environment — never inline in a committed config — and pair every agent wallet with a [policy](/docs/configuration/policies) so no tool call can exceed what you allow.
:::

### OpenClaw

Add the server under `mcpServers` in `~/.openclaw/openclaw.json` (or run `openclaw mcp add`), then reload the gateway:

```json [~/.openclaw/openclaw.json]
{
  "mcpServers": {
    "openfort": {
      "command": "npx",
      "args": ["@openfort/cli", "--mcp"],
      "env": { "OPENFORT_API_KEY": "${OPENFORT_API_KEY}" }
    }
  }
}
```

To hand the wallet tools to a single agent rather than all of them, list `openfort` under that agent with OpenClaw's per-agent routing. See OpenClaw's [MCP documentation](https://docs.openclaw.ai/cli/mcp).

### Hermes

Add the server under `mcp_servers` in `~/.hermes/config.yaml` (or run `hermes mcp add`), then start Hermes or `/reload-mcp`. Use a `tools` allowlist so the agent only sees the wallet tools it needs:

```yaml [~/.hermes/config.yaml]
mcp_servers:
  openfort:
    command: "npx"
    args: ["@openfort/cli", "--mcp"]
    env:
      OPENFORT_API_KEY: "${OPENFORT_API_KEY}"
    tools:
      include: [accounts_evm_create, policies_evaluate, transactions_create]
```

See the Hermes [MCP guide](https://hermes-agent.nousresearch.com/docs/guides/use-mcp-with-hermes).

## Guardrails

* **Policy first.** Never run an agent wallet without a policy scoped to its job.
* **Pre-flight with `policies_evaluate`** so the agent checks whether an action is allowed before spending gas.
* **One wallet per agent** so you can audit, rate-limit, and revoke each independently.
* **Watch it** with [webhooks](/docs/configuration/webhooks) to alert on every transaction the agent submits.

## Next steps

* [Signing policies](/docs/configuration/policies) — the full policy model.
* [Agent permissions recipe](/docs/recipes/agent-permissions) — a worked example.
* [User + server signers](/docs/products/server/workflows/user-and-server-signers) — for an agent that acts on behalf of a specific user.
