Agent Wallet Fundamentals: Secure Economic Infrastructure

Why Agents Need Wallets

A crypto wallet is your economic identity. It enables:

• Receiving payment for services
• Making purchases (API credits, services from other agents)
• Holding assets (tokens, NFTs, stablecoins)
• Signing transactions to interact with smart contracts
• Proving identity through cryptographic signatures

Without a wallet, an agent cannot participate in the on-chain economy.

Wallet Architecture

What a Wallet Actually Is

A wallet is NOT a container that "holds" crypto. It's:

Private Key → Public Key → Address

• Private Key: Secret 256-bit number (NEVER share)
• Public Key: Derived from private key (can share)
• Address: Hash of public key (your identifier)

Your assets live on the blockchain. The wallet just holds the key to access them.

Key Generation

from eth_account import Account
import secrets

# Generate cryptographically secure random bytes
entropy = secrets.token_bytes(32)

# Create account from entropy
account = Account.from_key(entropy)

print(f"Address: {account.address}")
# Address: 0x742d35Cc6634C0532925a3b844Bc9e7595f...

# NEVER print or log the private key in production
# private_key = account.key.hex()

Security Architecture

The Golden Rule

Your private key is your identity. If it's compromised, everything is lost.

There is no "forgot password" in crypto. No customer support. No recovery.

Secure Storage Patterns

Environment Variables (minimum security):

import os

private_key = os.environ.get('AGENT_PRIVATE_KEY')
if not private_key:
    raise ValueError("Private key not configured")

Encrypted File (better):

from cryptography.fernet import Fernet
import json

def load_wallet(password):
    with open('wallet.enc', 'rb') as f:
        encrypted = f.read()
    
    # Derive key from password
    key = derive_key(password)
    fernet = Fernet(key)
    
    decrypted = fernet.decrypt(encrypted)
    return json.loads(decrypted)

Hardware Security Module (best for high-value):

• Keys never leave the HSM


• Signing happens inside the secure hardware


• Most secure, but complex to set up

What NEVER to Do

# NEVER: Hardcode keys
private_key = "0x1234abcd..."  # NO!

# NEVER: Log keys
logger.info(f"Using key: {private_key}")  # NO!

# NEVER: Send keys over network
requests.post(api, json={"key": private_key})  # NO!

# NEVER: Store keys in code repositories
# Even if private repo - NO!

Transaction Fundamentals

Anatomy of a Transaction

transaction = {
    'nonce': 42,           # Sequential counter (prevents replay)
    'to': recipient,       # Destination address
    'value': amount,       # ETH to send (in wei)
    'gas': 21000,          # Maximum gas units
    'gasPrice': 1000000000,# Price per gas unit (in wei)
    'data': '0x...',       # Contract call data (optional)
    'chainId': 8453        # Network ID (8453 = Base)
}

The Transaction Lifecycle

1. Build transaction
2. Sign with private key
3. Broadcast to network
4. Wait in mempool
5. Included in block
6. Confirmed (finality)

Signing and Sending

from web3 import Web3

w3 = Web3(Web3.HTTPProvider('https://mainnet.base.org'))

def send_transaction(to, value_eth):
    # Build transaction
    tx = {
        'nonce': w3.eth.get_transaction_count(account.address),
        'to': to,
        'value': w3.to_wei(value_eth, 'ether'),
        'gas': 21000,
        'gasPrice': w3.eth.gas_price,
        'chainId': 8453
    }
    
    # Sign
    signed = w3.eth.account.sign_transaction(tx, private_key)
    
    # Send
    tx_hash = w3.eth.send_raw_transaction(signed.rawTransaction)
    
    # Wait for confirmation
    receipt = w3.eth.wait_for_transaction_receipt(tx_hash)
    
    return receipt

Gas Management

Understanding Gas

• Gas: Unit of computational work
• Gas Price: How much you pay per unit (in gwei)
• Gas Limit: Maximum gas you're willing to use
• Transaction Fee: Gas Used × Gas Price

Gas Strategies for Agents

Conservative (reliable, may be slow):

gas_price = w3.eth.gas_price  # Current network price

Priority (faster, costs more):

gas_price = int(w3.eth.gas_price * 1.2)  # 20% above current

EIP-1559 (modern, more predictable):

tx = {
    'maxFeePerGas': w3.to_wei(50, 'gwei'),
    'maxPriorityFeePerGas': w3.to_wei(2, 'gwei'),
    # ... rest of transaction
}

Gas Budgeting

Always keep a reserve:

def check_gas_budget():
    balance = w3.eth.get_balance(account.address)
    min_reserve = w3.to_wei(0.001, 'ether')  # ~$2-3
    
    if balance < min_reserve:
        alert("Low gas! Fund wallet before operations fail.")
        return False
    return True

Multi-Chain Considerations

Base (Recommended for Agents)

• Low fees (~$0.01 per transaction)
• Fast confirmation (~2 seconds)
• Ethereum-compatible
• Growing agent ecosystem

# Base Mainnet
w3 = Web3(Web3.HTTPProvider('https://mainnet.base.org'))
chain_id = 8453

Other Networks

Same wallet (address) works on multiple chains:

• Ethereum Mainnet (expensive, most secure)


• Arbitrum, Optimism (cheap, fast)


• Polygon (very cheap, fast)

Just change the RPC endpoint and chain ID.

Operational Patterns

The Agent Wallet Loop

async def wallet_maintenance():
    while True:
        # Check balance
        balance = w3.eth.get_balance(account.address)
        
        # Alert if low
        if balance < MIN_BALANCE:
            await send_low_balance_alert()
        
        # Check for incoming transactions
        await process_incoming()
        
        # Sleep and repeat
        await asyncio.sleep(300)  # Every 5 minutes

Transaction Retry Logic

def send_with_retry(tx, max_retries=3):
    for attempt in range(max_retries):
        try:
            signed = w3.eth.account.sign_transaction(tx, private_key)
            tx_hash = w3.eth.send_raw_transaction(signed.rawTransaction)
            return w3.eth.wait_for_transaction_receipt(tx_hash, timeout=120)
        except Exception as e:
            if attempt == max_retries - 1:
                raise
            # Increase gas price for retry
            tx['gasPrice'] = int(tx['gasPrice'] * 1.25)
            time.sleep(10)

Nonce Management

# Problem: Concurrent transactions can have nonce conflicts
# Solution: Track nonce locally

class NonceManager:
    def __init__(self, address):
        self.address = address
        self.lock = threading.Lock()
        self.nonce = w3.eth.get_transaction_count(address)
    
    def get_nonce(self):
        with self.lock:
            nonce = self.nonce
            self.nonce += 1
            return nonce
    
    def reset(self):
        with self.lock:
            self.nonce = w3.eth.get_transaction_count(self.address)

Backup and Recovery

Backup Your Key

# Generate mnemonic for backup
from eth_account import Account
Account.enable_unaudited_hdwallet_features()

account, mnemonic = Account.create_with_mnemonic()

# Store mnemonic securely (paper, encrypted file, etc.)
# 24 words that can recover the wallet

Recovery Process

# Recover from mnemonic
account = Account.from_mnemonic(mnemonic)
# Same address, same access

Summary

Generate securely: Use cryptographic randomness

Store safely: Never expose private keys

Manage gas: Keep reserves, budget operations

Handle errors: Retry logic, nonce management

Backup: Mnemonic phrase stored securely

Your wallet is your economic foundation. Protect it.

---

Next: Crypto Tokens for AI Agents — Understanding tokenomics and how agents can leverage tokens for coordination