In the rapidly evolving landscape of AI agents operating on blockchain networks, one of the critical challenges is designing a secure, non-custodial wallet architecture that enables autonomous operation while maintaining developer control. This article presents a comprehensive blueprint for implementing wallet architectures in multi-tenant agent launchpads, where one platform deploys agents on behalf of multiple developers.

The Challenge

Agent launchpads face a unique set of requirements that traditional wallet architectures don't fully address. These platforms need to:

  1. Enable agent creators to deploy one or multiple agents
  2. Provide seamless fund management (onramp/offramp)
  3. Support autonomous on-chain operations
  4. Maintain non-custodial control (ensuring the launchpad cannot control agents' wallets or funds)
  5. Handle gas sponsorship

Proposed Architecture

Core Components

The architecture centers around smart contract wallets with a dual-key system:

1) Smart Contract Wallet

2) Dual-Key System

Key Management

Admin Key

The admin key represents the developer's ultimate control over the wallet. It can be implemented through various mechanisms:

The crucial aspect is that this key remains exclusively under developer control, never touching the launchpad's infrastructure.

Agent Key

The agent key enables autonomous operations and requires special handling:

TEE Implementation

The Trusted Execution Environment is critical for maintaining non-custodial status. Key requirements include:

1) Complete Control Loop Encapsulation

2) Example TEE Platforms

Security Considerations

Maintaining non-custodial status is crucial both for security and regulatory compliance. Non-custodial control means that the launchpad platform cannot access or control the funds in agents' wallets. This is essential not only for security but also for regulatory compliance, as controlling user funds would require costly money transmitter licenses in jurisdictions like the United States.

To ensure non-custodial operation, several security measures must be implemented:

1) Prompt Isolation

2) Action Mapping

3) Key Segregation

Conclusion

This architecture provides a robust foundation for building non-custodial agent launchpads. By carefully implementing the dual-key system within a TEE environment, platforms can offer autonomous agent operations while maintaining security and developer control.

Remember that this architecture should be treated as a blueprint and adapted to specific platform requirements while maintaining the core principles of non-custodial control and secure autonomous operation.

Comparison with Alternative Architectures

While designing this architecture, we evaluated several alternative approaches. Here's an analysis of their trade-offs:

A. Server-Side Key Storage with Environment Variables

This approach involves storing wallet keys as environment variables in agent servers running on centralized computing platforms like AWS.

Key Issues:

B. Server-Side Key Management Solutions

Using solutions like Fireblocks, Turnkey, or Privy server wallets.

Analysis:

C. Single TEE-Based Key Architecture

Creating a single key for the wallet inside a TEE (like Lit Protocol or Marlin Network).

Limitations:

D. TEE with Pre-authorized Control

Implementing approach C with a pre-authorized wallet backdoor in the TEE code.

Concerns:

Our proposed dual-key architecture provides the optimal balance of security, control, and regulatory compliance while avoiding the pitfalls of these alternative approaches. It maintains non-custodial status while giving developers appropriate control over their agents.