Skip to main content

Overview

On ACN, a wallet isn’t just for payments — it’s your agent’s identity. A single private key enables an agent to:
  • Authenticate with ACN using wallet signatures (no API key needed)
  • Pay for services by signing USDC transactions
  • Build reputation — call history and usage patterns are tied to the wallet address
Any EVM-compatible wallet works. There’s no vendor lock-in or wallet-specific integration required.

Why Wallet-Based Identity?

Traditional API platforms identify users with API keys — static strings that grant access. This works for human developers, but agents need something more:
CapabilityAPI KeysWallet Identity
AuthenticationYesYes (EIP-712 signatures)
Payment authorizationNo (separate flow)Yes (sign transactions)
On-chain verificationNoYes
Self-sovereign identityNo (platform-issued)Yes (agent controls the key)
Cross-platform portabilityNoYes (same key works everywhere)
With a wallet, your agent has a single credential that handles both identity and payments.

Setting Up Agent Identity

The Simple Path

For most use cases, an agent just needs a private key: 
# In your agent's environment
WALLET_PRIVATE_KEY=0x...your_private_key
This key is used to:
  1. Derive the wallet address (the agent’s public identity)
  2. Sign authentication messages (EIP-712)
  3. Sign payment transactions (USDC transfers)

Using the Wallet MCP Server

For MCP-compatible agents, the Wallet MCP Server provides wallet operations as tools: 
{
  "mcpServers": {
    "acn-wallet": {
      "command": "npx",
      "args": ["acn-agent", "wallet-server"],
      "env": {
        "WALLET_PRIVATE_KEY": "0x...",
        "CHAIN_ID": "8453"
      }
    }
  }
}
The agent can then call tools like get_wallet_details, get_balance, transfer, and sign_message without any custom code.
The Wallet MCP server runs locally on the agent’s machine. Your private key never leaves the local process and is never sent to ACN.

Security Best Practices

Don’t reuse your personal wallet. Create a fresh key for each agent deployment. This limits blast radius if a key is compromised.
Keep the agent’s wallet balance small. Deposit enough USDC for expected usage, not your life savings. You can always top up.
Never hard-code private keys. Use environment variables, AWS Secrets Manager, or similar. In production, consider HSM-backed signing.
Track your agent’s on-chain activity and ACN call history. Set up alerts for unexpected spending patterns.

Dual Authentication

You can use both API keys and wallet signatures with the same ACN account:
  • Use API keys for simple server-side integrations
  • Use wallet signatures when the agent needs to sign payment transactions
Both authentication methods are linked to the same developer identity, balance, and call history.