# Overview > AgentPay SDK is an open source toolkit for building AI agents that can hold, move, and govern USD1 under policy. It gives developers a self-custodial, policy-aware way to turn autonomous systems into economic actors. {% hint style="warning" %} The WLF Tools are provided "as is" for developers only. WLFI does not operate, control, or manage any actions, strategies, or transactions initiated by the WLF Tools. See the full [Agentic AI Developer Tool – Disclaimer](https://docs.worldlibertyfinancial.com/agentpay-sdk/disclaimer). {% endhint %} AgentPay SDK (Software Development Kit) combines a wallet, policy enforcement, and a single `agentpay` command-line interface (CLI). Every wallet created by the SDK is **non-custodial**. Private keys are generated and stored on the operator's machine. WLFI does not host, custody, or have access to any wallet or key material. **Open source** · **Self custody** · **EVM compatible** The main entrypoint is the `agentpay` CLI, which manages the local daemon, wallet access, balances, policy, transfers, approvals, and MPP / EIP-3009 requests. ## Key features * **Local key generation and storage** - Private keys are generated and stored on the operator's machine. WLFI cannot access private keys. * **Local signing** - All transaction signing occurs locally. No keys or signing state leave the machine. * **Policy before signing** - Every request is evaluated against operator-defined spending policies before the daemon signs. There is no code path that bypasses policy. * **Skill pack cannot move funds** - The skill pack provides instructions to agent hosts but cannot sign, broadcast, or access wallet state on its own. * **No telemetry or phone-home** - The SDK sends no data to WLFI or any third party. All state is stored locally. ## What the SDK includes The main entrypoint is the `agentpay` command-line interface (CLI), used for setup, funding checks, policy, transfers, approval, gift card purchases, MPP / EIP-3009 requests, and maintenance. Around that CLI, the SDK also includes: * a managed local daemon that holds signing state on the machine * a terminal UI for policy editing, token registration, and destination rules * a skill pack for hosts such as Claude Code, Codex, and OpenClaw Most users do not need every component on day one. The normal adoption path is: 1. install the CLI 2. create or reuse a wallet 3. create an encrypted wallet backup 4. fund the wallet 5. define policy 6. add the skill pack if you want to work through an agent host ## Supported operating model The current public setup flow is macOS-first. This matters because: * wallet setup imports credentials into macOS Keychain * the managed local daemon runs as a root-managed LaunchDaemon * reset and uninstall clean up both user-level and root-managed state The SDK supports EVM networks. You can operate it directly in a terminal or connect the same wallet flow to a host through the skill pack. WLFI provides local software tooling. It does not custody user assets, control private keys, or operate a managed wallet service. ## Control model * WLFI provides local software only - it does not custody assets, control private keys, or process or transmit funds. * Keys are generated and stored locally. Signing and broadcast happen on your machine. * Policy enforcement always runs before signing. There is no code path that bypasses it. * The SDK charges no platform fees - only blockchain gas fees apply. * No telemetry, analytics, or auto-update mechanisms. All state is stored locally in a single encrypted file. The SDK is released under the MIT license. ## Architecture at a glance The SDK is built around a simple security model: signing authority stays on the local machine, and policy is evaluated before funds move.
AgentPay SDK architecture showing CLI, Agent, Vault Daemon, Signer, and Chain RPC

The security boundary stays on the local host.

Read the diagram in three layers: * **Request layer** - `Agent` and `CLI` submit requests through Unix domain sockets but cannot access signing state directly. * **Security boundary** - `Vault Daemon` (`vault-daemon` / `InMemoryDaemon`) enforces policy and holds signing state. `Signer` (`vault-signer`) performs the actual cryptographic signing with pluggable backends (macOS Secure Enclave or software). The daemon has no outbound network capability - it returns a signed `raw_tx_hex` to the CLI, which then broadcasts to the chain RPC. * **External services** - `Chain RPC` handles on-chain reads and broadcasts. Only the TypeScript CLI contacts the RPC - the daemon never does. `Config` lives on the local machine but is separate from the signing boundary - changing config does not authorize transactions. Default security controls: vault-password entry, macOS System Keychain storage, encrypted state file. The `vault-signer` layer supports a macOS Secure Enclave backend (NIST P-256, non-exportable keys) and a software backend (secp256k1). The `vault-transport-unix` crate enforces IPC security (peer identity checks via euid, secure directory ownership, no symlink traversal). For cryptographic specifications, see [Security and cryptographic reference](#security-and-cryptographic-reference) below. No telemetry, analytics, phone-home, or auto-update mechanisms. All daemon state is persisted to a single encrypted file. No data is transmitted to WLFI or any third party. ## Built-in defaults The SDK includes a small set of built-in chain and token profiles so first use is concrete instead of empty. Built-in chain profiles: * `eth` -> chain ID `1` -> default RPC `https://eth.llamarpc.com` (aliases: `ethereum`, `mainnet`) * `bsc` -> chain ID `56` -> default RPC `https://bsc.drpc.org` Built-in token profiles: * `usd1` on `eth` and `bsc` -> `0x8d0D000Ee44948FC98c9B98A4FA4921476f08B0d` * `bnb` as the native asset on `bsc` * `eth` as the native asset on `ethereum` A fresh setup starts with no spending policies - configure and apply them explicitly via the TUI or `agentpay admin setup` flags. Default example used throughout these docs: * network: `bsc` * transfer asset: `USD1` * USD1 contract: `0x8d0D000Ee44948FC98c9B98A4FA4921476f08B0d` * gas asset: `BNB` The defaults are there to shorten setup. You can override chain and token profiles later. ## Simple end-to-end example The shortest path from install to a live transfer on the default BSC + USD1 example: ```bash curl -fsSL https://wlfi.sh | bash # After install completes, run setup manually: agentpay admin setup # It prompts for a vault password and prints the wallet address. # Copy the address from the setup output and use it below. agentpay rpc balance --address --rpc-url https://bsc.drpc.org --json agentpay transfer \ --network bsc \ --token 0x8d0D000Ee44948FC98c9B98A4FA4921476f08B0d \ --to 0x1111111111111111111111111111111111111111 \ --amount 5 \ --broadcast \ --json ``` If you are using an agent host with the skill pack installed, the same intent can be expressed as: ``` Sign and broadcast a transfer of 5 USD1 on BSC to 0x1111111111111111111111111111111111111111. If the wallet is underfunded, stop and show me the wallet address and funding instructions first. ``` ## Recommended reading order If you are new to the SDK, read in this order: 1. [Use cases](https://docs.worldlibertyfinancial.com/agentpay-sdk/use-cases) - skim before the setup pages so the commands and flags have context 2. [Install](https://docs.worldlibertyfinancial.com/agentpay-sdk/install) 3. [Wallet setup](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/wallet-setup) 4. [Funding](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/funding) 5. [Policy](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/policy) 6. [Manual approval](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/manual-approval) 7. [Transfers](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/transfers) If you are integrating the SDK with an agent host, add [Skill pack](https://docs.worldlibertyfinancial.com/agentpay-sdk/install/skill-pack) and [Install the skill pack](https://docs.worldlibertyfinancial.com/agentpay-sdk/install/skill-pack-install) after the install step. ## Product in action The examples below use BSC and USD1, the default reference configuration.
Codex describing AgentPay SDK capabilities after the skill is installed

With the skill pack installed, a host can explain the SDK and follow the intended wallet flow instead of guessing.

Codex showing a funding request for a wallet on BSC

If the wallet is underfunded, the flow can stop cleanly and show the address, network, and funding instructions.

OpenClaw checking wallet balances after a transfer

The same SDK can be used from chat-first surfaces to check balances and continue a transfer flow.

Manual approval form shown in CLI

When a request crosses a manual approval threshold, the operator reviews and approves through the CLI

## Next steps Continue to [Install](https://docs.worldlibertyfinancial.com/agentpay-sdk/install) to get the CLI on your machine, then follow the [Workflows](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows) sequence: wallet setup -> funding -> policy -> transfers. ## Security and cryptographic reference This section covers implementation-level security details. You do not need it to use the SDK. ### Admin session leases Admin operations require an active lease issued by the daemon after password authentication. Leases expire after 30 minutes by default. The daemon supports up to 1,024 concurrent active leases. ### Cryptographic details The encrypted state file uses **Argon2id** (v0x13, 19 MiB memory, 2 iterations, 1 parallelism) for key derivation and **XChaCha20-Poly1305** AEAD encryption with a random 24-byte nonce, re-randomized on every save. ### Signer curves The software signer uses **secp256k1** (Ethereum-native). The Secure Enclave backend uses **NIST P-256** because Apple's Secure Enclave only supports that curve. The Secure Enclave backend stores keys in the **Data Protection Keychain** (not System Keychain) with `AccessibleAfterFirstUnlockThisDeviceOnly` protection. These are different keychains with different security semantics. ### Network behavior In the default local flow, no WLFI infrastructure is required. The daemon communicates locally via Unix domain sockets and the CLI broadcasts to the operator-configured RPC endpoint. ## CLI command reference The `agentpay` CLI exposes more commands than the workflow pages cover. Below is a quick reference of all major command groups: | Command | Purpose | Docs page | | ------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------- | | `agentpay --version` | Print CLI version | - | | `agentpay admin setup` | Install daemon and bootstrap wallet | [Wallet setup](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/wallet-setup) | | `agentpay admin tui` | Interactive policy editor | [Policy](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/policy) | | `agentpay admin reset` | Discard wallet state | [Reset and uninstall](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/reset-and-uninstall) | | `agentpay admin uninstall` | Remove AgentPay from the machine | [Reset and uninstall](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/reset-and-uninstall) | | `agentpay wallet` | Show wallet metadata | [Wallet setup](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/wallet-setup) | | `agentpay transfer` | ERC-20 transfer | [Transfers](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/transfers) | | `agentpay transfer-native` | Native asset transfer | [Transfers](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/transfers) | | `agentpay approve` | ERC-20 spender approval | [Transfers](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/transfers) | | `agentpay broadcast` | Policy-checked raw broadcast | [Transfers](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/transfers) | | `agentpay tx broadcast` | Explicit sign-and-send | [Transfers](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/transfers) | | `agentpay x402` | Paid HTTP request using x402 exact / EIP-3009 flow | - | | `agentpay mpp` | Paid HTTP request to an MPP-enabled endpoint | - | | `agentpay config show/path/set/unset` | Direct config management (valid keys: `rpcUrl`, `chainId`, `chainName`, `daemonSocket`, `stateFile`, `rustBinDir`, `agentKeyId`) | - | | `agentpay config agent-auth *` | Agent auth lifecycle | [Agent auth](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/agent-auth) | | `agentpay status` | Inspect wallet, daemon, and credential health | [Troubleshooting](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/troubleshooting) | | `agentpay repair` | Repair wallet issues and clean plaintext artifacts | [Troubleshooting](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/troubleshooting) | | `agentpay admin chain list/current/add/remove/switch` | Chain profile management | - | | `agentpay admin token list/show/set-chain/remove/remove-chain` | Token profile management | - | | `agentpay admin add-manual-approval-policy` | CLI-based manual approval creation | [Manual approval](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/manual-approval) | | `agentpay admin list-policies` | List and inspect spending policies | [Policy](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/policy) | | `agentpay admin list-manual-approval-requests` | List pending approvals | [Manual approval](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/manual-approval) | | `agentpay admin approve-manual-approval-request` | Approve a pending request | [Manual approval](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/manual-approval) | | `agentpay admin reject-manual-approval-request` | Reject a pending request | [Manual approval](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/manual-approval) | | `agentpay admin resume-manual-approval-request` | Resume an approved manual approval broadcast | [Manual approval](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/manual-approval) | | `agentpay admin wallet-backup export/verify` | Encrypted offline wallet backup | [Wallet setup](https://docs.worldlibertyfinancial.com/agentpay-sdk/workflows/wallet-setup) | | `agentpay rpc balance/chain/block-number/account/nonce/fees/gas-estimate/tx/receipt/code/broadcast-raw` | On-chain RPC queries | - | Commands marked with **-** do not have a dedicated docs page. Run `agentpay --help` for usage details.