iWallet

AI-Native Smart Wallet with On-Chain Policy Rules — built on the 0G Blockchain.

iWallet creates deterministic sub-wallets derived from your master wallet, each controlled by an AI agent. On-chain policy rules (daily spend limits, contract whitelists, cooldowns) act as guardrails — even a misbehaving agent cannot exceed its boundaries. Agent conversations are permanently stored on 0G decentralized storage.

Live Demo

• Frontend: [https://wallet.goon4.site](https://wallet.goon4.site)

• Backend/MCP: [https://be-wallet.goon4.site](https://be-wallet.goon4.site)

• Contract (Mainnet): [0x08a7Ea416AF2b8DD4614aa6A314ee7c96F8aA68d](https://chainscan.0g.ai/address/0x08a7Ea416AF2b8DD4614aa6A314ee7c96F8aA68d)

• Contract (Testnet): [0xCF1f2860BA28aD3c7BCfCc29ab34c2f70D64F4ca](https://chainscan-galileo.0g.ai/address/0xCF1f2860BA28aD3c7BCfCc29ab34c2f70D64F4ca)

Key Features

• On-Chain Policy Enforcement — daily limits, allowed contracts, cooldowns enforced by smart contracts

• 0G Storage Integration — agent conversations permanently archived on decentralized storage

• AI Agent with Tool Calling — check balances, send ETH, read policy via LLM

• MCP Protocol — any MCP-compatible client (Claude, Cursor, VS Code) can control the wallet

• Deterministic Sub-Wallets — derived from master wallet signature, no new seed phrases

The Problem

AI agents that control crypto wallets are powerful — but dangerous. Most existing setups give the agent a full private key with no restrictions. If the agent is compromised by prompt injection, hallucination, or a malicious plugin, there is nothing stopping it from draining all funds.

Off-chain guardrails (server-side rate limiters, software checks) are not enough. They can be bypassed. A compromised backend or a single prompt injection attack is all it takes.

Real incidents:

• Freysa AI (Nov 2024) — agent tricked into releasing $47K via prompt injection disguised as an admin override

• Grok + Bankrbot (May 2025) — Morse code tweet bypassed text filters, drained $200K

• ElizaOS (2025) — Princeton researchers demonstrated memory poisoning attacks exposing $140M+ in TVL

The Solution

iWallet introduces session keys — derived sub-wallets that the AI agent uses to sign transactions. Each session key is bound to an on-chain policy set by the master wallet owner:

• Daily ETH spend limit — agent cannot send more than X ETH per day, no matter what

• Contract whitelist — if set, agent can only interact with approved addresses

• Cooldown period — minimum seconds between transactions

• Session expiry — session key automatically becomes invalid after a set time

• Token allowances — per-ERC20 daily transfer limits

These rules live inside the iWallet smart contract on 0G Chain. Every execute() call checks all policy constraints atomically before forwarding. Violations revert on-chain. The AI agent has no way around it.

Key Features

• On-Chain Policy Enforcement — daily limits, allowed contracts, cooldowns enforced by smart contracts

• 0G Storage Integration — agent conversations permanently archived on decentralized storage

• AI Agent with Tool Calling — check balances, send ETH, read policy via LLM

• MCP Protocol — any MCP-compatible client (Claude, Cursor, VS Code) can control the wallet

• Deterministic Sub-Wallets — derived from master wallet signature, no new seed phrases

0G Component Usage

0G Chain

Smart contracts deployed on 0G Mainnet and Testnet enforce policy rules on every agent transaction. The iWalletFactory deploys per-user wallets using the Beacon Proxy pattern, allowing protocol-wide upgrades in a single transaction.

Problem solved: Cryptographically guaranteed spending limits — no backend, no server, no trust required.

0G Storage (Log Layer)

After each agent session, the full conversation history is uploaded to 0G Storage via @0gfoundation/0g-ts-sdk. On the next session, the backend fetches the history and injects it into the agent's system prompt as persistent memory.

Problem solved: AI agents are stateless by default. 0G Storage gives them permanent, decentralized memory across sessions without any centralized database.

How It Works

1. Connect — User connects their master EOA wallet

2. Deploy — iWalletFactory creates a deterministic iWallet contract for the user on 0G Chain

3. Set Policy — User configures rules (daily limit, whitelist, cooldown, expiry) stored on-chain

4. Fund — Send 0G to the iWallet address + session key for gas

5. Chat — AI agent uses session key to sign transactions; contract enforces policy on every call

6. Memory — Conversation archived to 0G Storage; next session loads history automatically

Tech Stack

• Contracts: Solidity 0.8.28, Hardhat v3, OpenZeppelin (UUPS + Beacon upgradeable)

• Backend: Bun, Elysia.js, OpenAI-compatible LLM (MiniMax M2), viem, @0gfoundation/0g-ts-sdk

• Frontend: React 19, TanStack Start, Tailwind v4, wagmi v3, Reown AppKit, Three.js

• Protocol: MCP (Model Context Protocol) for AI agent interoperability

• Storage: 0G Storage Log layer for immutable conversation archival

iWallet — Hackathon Progress

Day 1 — Apr 20: Project Kickoff

• Initialized the monorepo (Bun workspace, packages structure)

• Set up initial documentation and project setup guide

Day 2 — Apr 21: Smart Contract Foundation

• Wrote iWallet.sol — the core agent-bounded smart wallet with per-session policy enforcement (daily ETH limits, contract whitelists, cooldowns, expiry)

• Wrote iWalletFactory.sol — factory contract for deploying per-user wallets

• Set up Hardhat v3 with OpenZeppelin upgradeable contracts

• Configured shared packages/chains and packages/tokens

Day 3 — Apr 27–28: Frontend & 3D Landing Page

• Built the interactive 3D landing page using React Three Fiber (R3F) with a robot model

• Implemented scroll-driven animation stages with GSAP — atmosphere lighting, narrative text overlays, scene transitions

• Optimized 3D model with PBR textures and GLB processing script

• Added responsive mobile layout and camera adjustments

• Deployed CI/CD pipeline via GitHub Actions to wallet.goon4.site

• Set up be-wallet.goon4.site subdomain for backend

Day 4 — Apr 29: Landing Page Polish & Merge

• Merged landing-page branch — copywriting, color refinements, footer polish

• Fixed peer dependency issues in lockfile

Day 5 — May 4: MCP Protocol Integration

• Refactored backend from private-key-based to MCP (Model Context Protocol) based architecture

• Any MCP-compatible client (Claude Desktop, Cursor, VS Code) can now control the wallet

• Fixed CI: bun x compatibility, lockfile drift handling, SSR bundle assertions

Day 6 — May 9: Mainnet Deployment & Dashboard

• Deployed upgradeable iWallet stack to 0G Aristotle Mainnet 0x08a7Ea416AF2b8DD4614aa6A314ee7c96F8aA68d)

• Upgraded contracts to Beacon + UUPS proxy pattern — factory owner can upgrade all wallets in one tx

• Fixed bug: session counters now clear correctly on addSession after revoke

• Added multichain support — backend routes by session chainId, no more localhost switch

• Auto-verifies newly deployed iWallets on factory.Deployed event

• Built full dashboard UI: wallet balance grid, Withdraw All, session cap progress bars, status pills, reissue-bearer dialog

Day 7 — May 15: AI Agent + 0G Storage Integration

• Integrated 0G Storage for persistent agent memory — conversations are archived to the 0G Log layer and loaded back as context on new sessions

• Built the AI agent chat UI with streaming SSE responses — users see tool calls (balance check, send ETH) in real time

• Implemented agent tools: get_balance, send_eth, get_policy, get_session_info

• Added landing page, sidebar layout, and /agent chat page

• Refactored routing: /connect → /policy, added dedicated /mcp page with connection instructions

• Fixed 0G Storage to save full conversation history and inject it into the system prompt as persistent memory

• Added robust health check retry logic in deploy script

• Updated all READMEs and added .env.example files for both packages