@privy-io/agent-wallet-cli) enables authentication, funding, and transactions directly from assistants like OpenClaw, Claude Code, and more.
Go to agents.privy.io to track agent activity and spend in the agent sandbox.
Getting started
- For humans
- For agents
Visit the agent sandbox
Go to agents.privy.io to create an account, view wallets, and manage agent activity.
Log in
Start the authentication flow. The CLI displays a verification URL and a short code, then waits for approval.Open the URL in a browser and sign in to the agent sandbox. Enter the code shown in the terminal to approve agent access. The CLI automatically completes once approval is confirmed.
Fund wallets
Open the agent sandbox in a browser to add funds via onramp:The agent sandbox at agents.privy.io provides a visual interface to view balances, review transaction history, and onramp funds into the wallet.
Supported RPC methods
Ethereum
| Method | Description |
|---|---|
personal_sign | Sign a plaintext message |
eth_sendTransaction | Send a transaction |
eth_signTransaction | Sign without broadcasting |
eth_signTypedData_v4 | Sign EIP-712 typed data |
secp256k1_sign | Raw secp256k1 signature |
eth_sign7702Authorization | EIP-7702 authorization |
eth_signUserOperation | Sign a user operation (ERC-4337) |
Solana
| Method | Description |
|---|---|
signTransaction | Sign a Solana transaction |
signAndSendTransaction | Sign and broadcast a transaction |
signMessage | Sign an arbitrary message |
Design principles
- CLI-first distribution: Agents already execute shell commands. A CLI is the most natural interface for agent-driven wallets.
- Skill-based discovery: The skill file teaches agents how to authenticate and transact without human guidance beyond the initial login.
- Browser-based funding: The human owner retains a visual dashboard to check balances, view transaction history, and onramp funds, keeping the human in control.
- Cryptographic authorization: Each transaction uses an ephemeral signing key obtained by exchanging an OAuth access token. The agent is never given the wallet private key or app secret.
How it works
- The CLI calls Privy’s device authorization endpoint and displays a short verification URL and code.
- The human visits the URL, signs in through Privy, and approves agent access.
- The CLI polls until approval is confirmed and stores the resulting access and refresh tokens in the OS credential manager.
- For every transaction, the CLI exchanges the access token for an ephemeral signing key, signs the request, and submits it directly to Privy’s wallet API.
Session and credential storage
The CLI attempts to use the OS-backed credential manager when available, and otherwise falls back to storing session data in an encrypted file at~/.privy/session.json. It is the responsibility of the agent or user to install any required prerequisites for the OS credential manager.
| Platform | Credential manager | Prerequisites |
|---|---|---|
| macOS | Keychain (security CLI) | None (available by default) |
| Linux | libsecret (secret-tool CLI) | sudo apt install -y libsecret-tools (Debian/Ubuntu) |
| Windows | PowerShell SecretManagement | Install-Module Microsoft.PowerShell.SecretManagement |
~/.privy/session.json. This file is not portable between machines.
Each session contains:
- The app ID for the Privy agent wallet app
- Ethereum and Solana wallet IDs and addresses
- The OAuth access token and refresh token
- A creation timestamp
Learn more
Agent CLI
Track agent activity, view balances, and manage wallets.
Agentic wallets
Build developer-controlled agent wallets with policy guardrails.
x402 payments
Enable HTTP-native payments for APIs and digital content.
MPP integration
Machine-to-machine payments over HTTP with Privy wallets.
Gas sponsorship
Sponsor gas fees for agent transactions.
Agent authorization
Let agents from any platform access user wallets in your own Privy app.