The core is free and open source (Apache-2.0). Desktop app, agent runtime, CLI, and source code are free. The public relay is available for beta testing.

Where are my keys stored in DCP?

On your laptop. Encrypted with XChaCha20. Master key lives in your OS keychain. We never see your keys — they never leave your machine. DCP is fully non-custodial.

What is a multi-agentic wallet?

A multi-agentic wallet lets you set up one wallet and use it across multiple AI agents. DCP is the first multi-agentic wallet — connect Claude, Cursor, OpenClaw, and VPS bots to a single vault, control them all from one dashboard, and approve requests from your phone.

Can I use one wallet with multiple AI agents?

Yes. That's DCP's core feature. Set up your wallet once, then connect as many agents as you want — Claude, Cursor, OpenClaw, trading bots, custom agents. Each agent gets its own budget limit, but they all access your single secure vault.

Is DCP a Solana agentic wallet?

Yes. DCP functions as a Solana agentic wallet that lets AI agents request wallet actions with daily spending limits and phone-based approval. It also vaults API keys for services like OpenAI, Anthropic, Stripe, and GitHub.

Which blockchains does DCP support?

DCP supports Solana in the beta. You can generate a Solana wallet or import one. Keys are encrypted locally with XChaCha20. DCP is non-custodial — you control everything.

How do I control multiple AI agents from one place?

DCP gives you one dashboard to manage all your AI agents. See which agents are connected, what they're requesting, set per-agent budget limits, and approve or revoke access instantly. One wallet, one dashboard, total control.

How do AI agent spending limits work?

DCP lets you set daily budget caps for each agent. If an agent tries to spend more than the daily limit, the transaction is blocked. This prevents runaway spending from compromised or misbehaving agents. You can adjust limits anytime from the DCP dashboard.

What if my AI agent is hacked while I'm sleeping?

Worst case: attacker spends up to your daily cap before you wake up and revoke. Set the cap low enough that it's acceptable. That's the whole point of budget limits — capping maximum damage.

Is DCP better than .env files for AI agents?

Yes. With .env files, agents read your keys directly — one prompt injection leaks everything. DCP encrypts keys locally and requires phone approval for each access request. Agents never see raw keys — they only get results.

Can I store API keys like OpenAI and Anthropic in DCP?

Yes. Store any API key — OpenAI, Anthropic, Stripe, AWS, whatever. Your AI agents request access, you approve from your phone. The agent gets results, never the raw key.

Does DCP work with Claude, Cursor, and OpenClaw?

Yes. Claude Desktop, Cursor, VS Code, and other stdio MCP clients can run the DCP agent locally. OpenClaw and VPS agents use the remote installer and HTTP MCP. Custom runtimes can integrate through MCP or HTTP MCP.

How do I secure my OpenClaw agent with DCP?

Use the remote invite command from DCP Desktop. It installs the DCP agent service on your VPS, pairs it with your Desktop vault, and configures OpenClaw MCP when the install shape can be detected.

Is MCP server security a problem in 2026?

Yes. MCP servers have known vulnerabilities — over 42,000 exposed endpoints leaked credentials in early 2026, including CVE-2025-6514 (remote code execution). DCP adds a security layer: even if your MCP server is compromised, attackers can't access raw keys without phone approval.

How is DCP different from Infisical or VaultAgent?

DCP is local-first (keys never leave your device) with phone approval. Infisical and VaultAgent are cloud-based. DCP also handles crypto wallets — they don't. And DCP is free & open source.

How is DCP different from Turnkey or Cobo agentic wallet?

DCP is free and handles both crypto AND API keys. Turnkey and Cobo are enterprise-only, crypto-only, and Cobo holds a key share (MPC). DCP is fully non-custodial and local-first — you control everything.

What if my laptop is off?

Requests queue until you're back online. For 24/7 bots, just leave your laptop sleeping. No need to be unlocked.

Yes. The entire stack is open source under Apache-2.0. Self-host the relay if you want full control over your infrastructure.

Export your data, uninstall. Your wallets, keys, everything — yours. No lock-in, no data hostage.

How to Give Solana AI Agents Wallet Access Without Exposing Private Keys

AI agents on Solana need to sign transactions and pay APIs. But giving agents raw private keys is dangerous. Here's how to give agents wallet permissions instead.

AI agents are starting to use wallets.

On Solana, that means agents can sign transactions, pay APIs, interact with x402 endpoints, buy data, and automate real workflows.

But most agent wallet setups have a dangerous default:

SOLANA_PRIVATE_KEY=***

That may work for a demo.

It is not safe for real users.

If an AI agent has your raw private key, it does not just have "wallet access." It has full custody. It can sign anything the key can sign. It can be prompt-injected. It can call the wrong tool. It can leak secrets through logs, memory, or bad integrations.

The better model is:

Give agents wallet permissions, not private keys.

That is what DCP is built for.

What Is the Problem With AI Agents Holding Private Keys?

AI agents are useful because they can take actions.

A Solana agent might need to:

get a wallet address
sign a transaction
sign a message
pay for an API
use x402 payment flows
transfer tokens
interact with Solana programs
manage a small operational budget

The problem is not that agents need wallets.

The problem is giving them unlimited wallet custody.

When you put a private key in an agent config or .env file, you usually lose:

approval control
spending limits
per-agent permissions
activity logs
instant revoke
scoped access
human review for sensitive actions

That creates a trust problem.

Users want agents to do real work, but they do not want agents holding the master key.

What Is a Permissioned Wallet for AI Agents?

A permissioned wallet lets an AI agent request wallet actions without directly holding the private key.

Instead of this:

Agent → private key → signs transaction

You get this:

Agent → DCP → policy check → approval/budget/log → vault signs if allowed

The agent can ask.

The user stays in control.

A permissioned wallet can enforce rules like:

this agent can read my wallet address
this agent can request transaction signatures
this agent can auto-approve small transactions
this agent needs approval above a threshold
this agent can access only specific data scopes
this agent can be revoked instantly

That is the difference between agent custody and agent permission.

How DCP Works

DCP is a local permission layer for AI agents.

It sits between your agents and your sensitive resources:

Solana wallets
API keys
credentials
identity data
user data
approval flows
budgets
logs

With DCP, private keys and secrets stay in the local vault. Agents connect through MCP or HTTP MCP and request actions.

For example, an agent can request:

Get my Solana wallet address from DCP.

or:

Check if sending 0.01 SOL is within my DCP budget.

or:

Request approval to sign this Solana transaction.

DCP checks the agent's permissions and user policy. If approval is required, the user gets an approval request.

The agent receives the result.

It never receives the raw private key.

DCP Desktop Flow

The easiest way to use DCP is through the desktop app.

Current DCP Desktop flow:

1. Download DCP Desktop for macOS, Windows, or Linux. 2. Create a vault with a password/passphrase. 3. Save your backup passphrase safely. 4. DCP creates a Solana wallet locally. 5. Add private data in the Data tab. 6. Connect agents in the Connect tab. 7. Manage agent permissions in the Agents tab. 8. Set budgets, auto-approval limits, and review logs in Settings.

DCP Desktop currently supports local agent connections for tools like:

Claude Desktop
Cursor
VS Code
OpenClaw
custom MCP clients

It also supports remote agents through VPS invites and approval notifications through Telegram.

Why This Matters for Solana AI Agents

Solana is becoming a natural home for AI agents because it has:

low fees
fast settlement
strong developer culture
token-native apps
x402 payment activity
growing agent tooling

That makes Solana ideal for agents that need to pay, sign, and interact with on-chain services.

But if Solana agents require private keys in config files, mainstream users will not trust them.

A safer Solana agent stack needs three layers:

1. Capability layer The agent knows how to use Solana tools and protocols.

2. Payment layer The agent can pay for APIs, data, services, and x402 endpoints.

3. Permission layer The user controls what the agent can sign, spend, access, and revoke.

DCP is focused on the permission layer.

Example: Agent Requests a Solana Transaction

Here is the ideal user experience:

User: Send 10K 1LY to this address.

Agent: Builds the Solana transaction.

DCP: Checks budget and policy.

DCP: Shows approval request.

User: Approves or denies.

DCP: Signs only if allowed.

Agent: Receives signed result.

The important part is not that the agent is blocked.

The important part is that the agent can act safely.

DCP does not cage agents.

It makes users comfortable giving agents more responsibility.

Why MCP Agents Need a Vault Layer

MCP makes it easier for AI agents to connect to tools.

That is powerful.

But the more tools agents can use, the more important access control becomes.

If every MCP agent needs its own API keys, wallet keys, and credentials, users end up with secrets scattered across configs.

DCP changes that model.

Instead of giving every agent raw secrets, users can set up one local vault and give each agent different permissions.

One vault. Many agents. Different permissions. Instant revoke.

That is much easier to manage.

Who Should Use DCP?

DCP is useful if you are building or running:

Solana AI agents
x402 payment agents
OpenClaw personal agents
Claude Desktop MCP tools
Cursor or VS Code agents
remote VPS agents
multi-agent workflows
wallet-using agents
API-using agents

If your agent needs access to wallets, API keys, credentials, or private user data, DCP gives you a safer control layer.

DCP vs Private Keys in .env

| Feature | Private key in .env | DCP | |---|---|---| | Agent can request wallet actions | Yes | Yes | | Agent holds raw private key | Yes | No | | User approval flow | Usually no | Yes | | Budget limits | Usually no | Yes | | Per-agent permissions | Usually no | Yes | | Activity logs | Usually no | Yes | | Instant revoke | Hard | Yes | | Works with MCP agents | Manual | Yes |

Private keys in .env are easy.

DCP is safer.

FAQ

Can DCP sign Solana transactions?

Yes. DCP lets agents request Solana transaction signatures while keeping the private key inside the local vault.

Does the AI agent see my private key?

No. The agent can request actions, but private keys stay in the DCP vault.

Can I set spending limits for agents?

Yes. DCP supports budget checks, per-transaction limits, daily limits, and approval thresholds.

Can different agents have different permissions?

Yes. DCP Desktop lets users manage connected agents and assign different permissions.

Does DCP work with MCP?

Yes. DCP exposes tools through MCP and HTTP MCP so agents can request approved actions.

Does DCP work with OpenClaw?

Yes. DCP supports local and remote OpenClaw agents, including VPS pairing flows.

Is DCP only for Solana?

The current wallet signing focus is Solana. That is intentional: DCP is starting Solana-native instead of trying to be generic too early.

The Bottom Line

AI agents should not be trapped in chat boxes.

They should be able to use wallets, pay APIs, buy data, sign transactions, and do real work.

But they should not need raw private keys to do it.

DCP gives Solana AI agents wallet access without exposing private keys.

Agents ask. Users approve. Keys stay safe.

Give AI agents permissions. Not your keys.