How is the seed phrase stored and accessed?

The seed phrase is securely stored in macOS Keychain. You can view it with curl http://localhost:3847/mnemonic or via the Keychain Access app.

Where are accounts and settings kept?

Accounts and network settings are stored in wallet.json (non-sensitive data). The seed phrase remains in Keychain for security.

How do I sign and approve a transaction?

View pending transactions at /pending, inspect details at /tx/ , then approve with POST /approve/ or reject with /reject/ . For direct signing from the CLI, use the unsigned transaction workflow described in the CLI integration notes.

Sui Agent Wallet

Flagged

@EasonC13

{"isSafe":false,"isSuspicious":false,"riskLevel":"high","findings":[{"category":"data_exfiltration","severity":"high","description":"Mnemonic seed exposed via unauthenticated HTTP endpoint (/mnemonic), enabling a local process or malicious page to retrieve the seed phrase.","evidence":"To view your seed phrase for backup: curl http://localhost:3847/mnemonic"},{"category":"other","severity":"high","description":"Import endpoint allows overwriting the wallet by posting a mnemonic with no authentication or origin checks, which could let an attacker on the same host hijack the wallet.","evidence":"Import seed phrase (WARNING: overwrites existing wallet!) curl -X POST http://localhost:3847/import -H \"Content-Type: application/json\" -d '{\"mnemonic\": \"your twelve word seed phrase here ...\"}'"},{"category":"data_exfiltration","severity":"medium","description":"Wallet-related API endpoints (address, balance, accounts, network, signing) appear unauthenticated and exposed on localhost, creating an attack surface where other local processes or extensions could abuse or leak wallet data.","evidence":"curl http://localhost:3847/address; curl http://localhost:3847/balance; curl http://localhost:3847/accounts; curl http://localhost:3847/network; curl -X POST http://localhost:3847/approve/<request-id> (examples cited in the API section)"},{"category":"system_harm","severity":"medium","description":"Signing flow (approve/reject, sign-and-execute) could be abused if a malicious DApp or compromised UI tricks the user into signing unsigned or malicious transactions.","evidence":"Transaction Signing section shows endpoints for pending, approve, reject, and sign-and-execute operations."}],"summary":"The skill provides useful wallet functionality but contains high-risk exposure: the seed phrase can be retrieved via an unauthenticated local HTTP endpoint, and there is an option to overwrite the wallet via an unauthenticated /import endpoint. The overall attack surface includes unauthenticated access to wallet data and signing operations. Mitigations include adding proper authentication and authorization on all local APIs, restricting to trusted origins, removing or securing the mnemonic exposure (e.g., require user action or device-bound unlock before displaying/exporting), and auditing how signing requests are presented to users."}

npx machina-cli add skill @EasonC13/sui-agent-wallet --openclaw

Files (1)

SKILL.md

6.8 KB

Sui Agent Wallet Skill

Give your AI agent its own Sui wallet to interact with DApps and sign transactions.

GitHub: https://github.com/EasonC13-agent/sui-skills/tree/main/sui-agent-wallet

Architecture

Chrome Extension ◄──WebSocket──► Local Server ◄──API──► Agent
     │                                │
     ▼                                ▼
  DApp Page                    Key Management
  (Wallet Standard)            (Seed Phrase)

Installation

cd <your-workspace>/skills/sui-agent-wallet

# Install server dependencies
cd server && bun install

# Start the server
bun run index.ts

Load Chrome Extension:

Open chrome://extensions/
Enable "Developer mode"
Click "Load unpacked"
Select the extension/ folder

First Launch

The server automatically generates a 12-word seed phrase and stores it in macOS Keychain:

═══════════════════════════════════════════════════════════
  🔐 NEW WALLET CREATED
═══════════════════════════════════════════════════════════

  Seed phrase stored securely in macOS Keychain.

  To view your seed phrase for backup:
    curl http://localhost:3847/mnemonic

  Or use macOS Keychain Access app:
    Service: sui-agent-wallet
    Account: mnemonic
═══════════════════════════════════════════════════════════

Secure Storage

Location	Contents
macOS Keychain	Seed phrase (encrypted)
`~/.sui-agent-wallet/wallet.json`	Account addresses, network settings (no sensitive data)

View Keychain entry:

# Command line
security find-generic-password -s "sui-agent-wallet" -a "mnemonic" -w

# Or open Keychain Access app
# Search for "sui-agent-wallet"

Agent API

Wallet Info

# Get current address
curl http://localhost:3847/address

# Get balance
curl http://localhost:3847/balance

# Get seed phrase (for backup)
curl http://localhost:3847/mnemonic

Account Management

# List all accounts
curl http://localhost:3847/accounts

# Create new account
curl -X POST http://localhost:3847/accounts

# Create account at specific index
curl -X POST http://localhost:3847/accounts \
  -H "Content-Type: application/json" \
  -d '{"index": 2}'

# Switch account
curl -X POST http://localhost:3847/accounts/switch \
  -H "Content-Type: application/json" \
  -d '{"index": 1}'

Network Management

# Get current network
curl http://localhost:3847/network

# Switch network (mainnet | testnet | devnet | localnet)
curl -X POST http://localhost:3847/network \
  -H "Content-Type: application/json" \
  -d '{"network": "testnet"}'

Get Test Coins (Faucet)

Testnet:

Official Faucet: https://faucet.testnet.sui.io/
Discord: Join Sui Discord, post your wallet address in #testnet-faucet
CLI: sui client faucet --address <YOUR_ADDRESS>

Devnet:

Official Faucet: https://faucet.devnet.sui.io/
Discord: Post your wallet address in #devnet-faucet
CLI: sui client faucet --address <YOUR_ADDRESS>

Note: Mainnet requires real SUI tokens and cannot use faucets.

Transaction Signing

# View pending transactions
curl http://localhost:3847/pending

# View transaction details
curl http://localhost:3847/tx/<request-id>

# Approve transaction
curl -X POST http://localhost:3847/approve/<request-id>

# Reject transaction
curl -X POST http://localhost:3847/reject/<request-id>

Import/Export

# Import seed phrase (WARNING: overwrites existing wallet!)
curl -X POST http://localhost:3847/import \
  -H "Content-Type: application/json" \
  -d '{"mnemonic": "your twelve word seed phrase here ..."}'

CLI Integration (Direct Signing)

Sign unsigned transactions generated by Sui CLI:

# 1. Generate unsigned transaction (using Agent Wallet address)
AGENT_ADDR=$(curl -s localhost:3847/address | jq -r .address)
TX_BYTES=$(sui client publish --serialize-unsigned-transaction \
  --sender $AGENT_ADDR --gas-budget 100000000 | tail -1)

# 2. Sign and execute with Agent Wallet
curl -X POST http://localhost:3847/sign-and-execute \
  -H "Content-Type: application/json" \
  -d "{\"txBytes\": \"$TX_BYTES\"}"

# Or sign only without executing
curl -X POST http://localhost:3847/sign-raw \
  -H "Content-Type: application/json" \
  -d "{\"txBytes\": \"$TX_BYTES\"}"

Supported CLI commands:

sui client publish --serialize-unsigned-transaction
sui client call --serialize-unsigned-transaction
sui client transfer-sui --serialize-unsigned-transaction

Transaction Parsing

When a signing request comes in, the agent sees:

{
  "id": "req_123",
  "method": "signTransaction",
  "origin": "http://localhost:5173",
  "payload": {
    "transaction": "{\"commands\":[{\"MoveCall\":{...}}]}",
    "chain": "sui:devnet"
  }
}

Security Checklist

Before signing, verify:

Is the target contract trustworthy?
Is the amount reasonable?
Are there suspicious coin transfers?
Is the gas budget normal?

Test DApp

Built-in Counter DApp for testing:

# Start frontend
cd test-dapp/frontend && pnpm dev

# Open http://localhost:5173
# 1. Connect Wallet → Select "Sui Agent Wallet"
# 2. Click "+1" → Sends a signing request
# 3. Agent uses /pending to view, /approve to sign

Technical Details

BIP44 Derivation Path

m/44'/784'/{accountIndex}'/0'/0'

784 = Sui's coin type
Each accountIndex corresponds to one address

Wallet Standard Features

Implemented Sui Wallet Standard features:

standard:connect
standard:disconnect
standard:events
sui:signTransaction
sui:signAndExecuteTransaction
sui:signPersonalMessage

Event Notifications

When switching accounts or networks, the server notifies the Extension via WebSocket:

accountChanged - Account changed
networkChanged - Network changed

Related Skills

This skill is part of the Sui development skill suite:

Skill	Description
sui-decompile	Fetch and read on-chain contract source code
sui-move	Write and deploy Move smart contracts
sui-coverage	Analyze test coverage with security analysis
sui-agent-wallet	Build and test DApps frontend

Workflow:

sui-decompile → sui-move → sui-coverage → sui-agent-wallet
    Study        Write      Test & Audit   Build DApps

All skills: https://github.com/EasonC13-agent/sui-skills

Source

git clone https://clawhub.ai/EasonC13/sui-agent-walletView on GitHub

Overview

Sui Agent Wallet gives your AI agent its own secure Sui wallet to interact with DApps and sign transactions. It combines a Chrome extension with a local server to manage accounts, switch networks, and perform signing via a simple API.

How This Skill Works

A local server hosts the wallet logic and exposes HTTP API endpoints on localhost:3847. The Chrome extension communicates with the server over WebSocket to enable DApp interactions, while the seed phrase is generated on first launch and stored securely in macOS Keychain; wallet.json stores non-sensitive data like addresses and network settings.

When to Use It

Manage multiple Sui accounts for an AI agent across sessions
Sign transactions directly from DApps via a secure agent wallet
Test on testnet/devnet and faucet without exposing seed phrases
Programmatically switch networks for different agent workflows
Onboard and back up the wallet by securely storing the seed phrase on first launch

Quick Start

Step 1: Install and start the server: cd <workspace>/skills/sui-agent-wallet; cd server && bun install; bun run index.ts
Step 2: Load Chrome Extension: open chrome://extensions, enable Developer mode, and Load unpacked the extension/ folder
Step 3: Use the API: query curl http://localhost:3847/address and curl http://localhost:3847/balance to get started

Best Practices

Back up the mnemonic securely in macOS Keychain and never expose it
Use separate accounts for distinct AI tasks to improve auditing
Always verify the target network (mainnet/testnet/devnet/localnet) before signing
Use testnet/devnet faucets for development rather than mainnet
Keep the server and extension updated; ensure the Chrome extension is properly loaded

Example Use Cases

Onboarding: launch the server, load the Chrome extension, and query /address and /balance to populate a DApp session
Account management: create a new account and switch to it via /accounts and /accounts/switch
Network testing: switch to testnet, faucet funds, and perform a signing flow in a sandboxed environment
Seed backup: view or export mnemonic from macOS Keychain for safe backup
Signing flow: inspect a pending transaction with /pending, then approve with /approve to sign and broadcast

Frequently Asked Questions

Add this skill to your agents