Owners and agents
AGENSAI distinguishes two roles cleanly:
- Owner — You. Authenticates once. Holds the keys that fund and authorize agents. Server-side EOA loaded from
AGENSAI_OWNER_PRIVATE_KEY. - Agent — A smart account with a name and a policy bundle. Acts autonomously inside the policies. Has no human at the keyboard.
Why split them
The owner pays for permission grants and keeps the master authority. The agent acts within tight rules.
If an agent is compromised, the owner revokes. The owner key was never on the agent.
If an agent leaks its address, that address is bound by the policy bundle. There is no escalation path.
Lifecycle
1. Owner signs in once → AGENSAI_OWNER_PRIVATE_KEY loaded
2. Owner calls createAgent() → Agent is born with ENS name + policies
3. Agent acts inside policies → No further owner involvement
4. Owner calls revoke() (anytime) → Agent is permanently disabledWhere the keys live
| Key | Location | Used for |
|---|---|---|
| Owner private key | AGENSAI_OWNER_PRIVATE_KEY env var, server-side only | Granting and revoking permissions |
| Agent smart-account control | Derived deterministically from the agent name and owner | Signing transactions inside the policy envelope |
| AGENSAI API key | AGENSAI_API_KEY env var, server-side only | All SDK / CLI calls |
Never ship any of these to a browser. Never commit them to git.
Compared to a personal wallet
A personal wallet (JAW.id, Rainbow, Frame) is for humans. Passkey, browser, prompts, confirmations.
An agent wallet (AGENSAI) is for code. Headless, server-side, policy-bound, no prompts.
The same JAW infrastructure powers both. AGENSAI just changes the access pattern.