### Quick Start with @open-wallet-standard/core Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-node.md A quick start example demonstrating common operations like generating a mnemonic, creating a wallet, and signing a message. Ensure the package is imported correctly. ```javascript import { generateMnemonic, createWallet, listWallets, signMessage, signTypedData, deleteWallet, } from "@open-wallet-standard/core"; const mnemonic = generateMnemonic(12); const wallet = createWallet("my-wallet"); const sig = signMessage("my-wallet", "evm", "hello"); console.log(sig.signature); ``` -------------------------------- ### Quick Start Example Source: https://github.com/open-wallet-standard/core/blob/main/website-docs/md/sdk-python.md A basic example demonstrating how to use the Python SDK for generating a mnemonic, creating a wallet, and signing a message. ```APIDOC ## Quick Start ```python from ows import ( generate_mnemonic, create_wallet, list_wallets, sign_message, sign_typed_data, delete_wallet, ) mnemonic = generate_mnemonic(12) wallet = create_wallet("my-wallet") sig = sign_message("my-wallet", "evm", "hello") print(sig["signature"]) ``` ``` -------------------------------- ### Quick Start with Node.js SDK Source: https://github.com/open-wallet-standard/core/blob/main/bindings/node/README.md Example of creating a wallet and signing a message using the JavaScript SDK. ```javascript import { createWallet, signMessage } from "@open-wallet-standard/core"; const wallet = createWallet("agent-treasury"); // => accounts for EVM, Solana, Bitcoin, Cosmos, Tron, TON, Filecoin, Sui, and XRPL const sig = signMessage("agent-treasury", "evm", "hello"); console.log(sig.signature); ``` -------------------------------- ### Quick Start Usage Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-python.md Initialize a wallet and sign a message. ```python from ows import ( generate_mnemonic, create_wallet, list_wallets, sign_message, sign_typed_data, delete_wallet, ) mnemonic = generate_mnemonic(12) wallet = create_wallet("my-wallet") sig = sign_message("my-wallet", "evm", "hello") print(sig["signature"]) ``` -------------------------------- ### Install Open Wallet Standard SDK Source: https://github.com/open-wallet-standard/core/blob/main/website-docs/md/sdk-python.md Instructions on how to install the Python SDK using pip. ```APIDOC ## Install ```bash pip install open-wallet-standard ``` Prebuilt wheels are available for macOS (arm64, x64) and Linux (x64, arm64) on Python 3.9–3.13. ``` -------------------------------- ### Install OWS CLI and SDK Source: https://github.com/open-wallet-standard/core/blob/main/README.md Commands to install the OWS CLI and language-specific SDKs. ```bash # Everything (CLI + Node + Python bindings) curl -fsSL https://docs.openwallet.sh/install.sh | bash ``` ```bash npm install @open-wallet-standard/core # Node.js SDK npm install -g @open-wallet-standard/core # Node.js SDK + CLI (provides `ows` command) pip install open-wallet-standard # Python cd ows && cargo build --workspace --release # From source ``` -------------------------------- ### Install @open-wallet-standard/core Source: https://github.com/open-wallet-standard/core/blob/main/bindings/node/README.md Commands to install the package as a Node.js SDK or as a global CLI tool. ```bash npm install @open-wallet-standard/core # Node.js SDK npm install -g @open-wallet-standard/core # Node.js SDK + CLI (provides `ows` command) ``` -------------------------------- ### Install OWS CLI Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-cli.md Instructions for installing the Open Wallet Standard CLI, either by downloading a script or building from source. ```APIDOC ## Install OWS CLI ### Description Instructions for installing the Open Wallet Standard (OWS) CLI. ### Method Shell commands ### Installation Options 1. **Using curl script:** ```bash curl -fsSL https://docs.openwallet.sh/install.sh | bash ``` 2. **Building from source:** ```bash git clone https://github.com/open-wallet-standard/core.git cd core/ows cargo build --workspace --release ``` ``` -------------------------------- ### Install OWS Components Source: https://context7.com/open-wallet-standard/core/llms.txt Use the universal installer script or package managers to set up the CLI, Node.js SDK, or Python bindings. ```bash # Install everything (CLI + Node + Python bindings) curl -fsSL https://docs.openwallet.sh/install.sh | bash # Or install only what you need: npm install @open-wallet-standard/core # Node.js SDK npm install -g @open-wallet-standard/core # Node.js SDK + CLI (provides `ows` command) pip install open-wallet-standard # Python # Build from source (requires Rust 1.70+) git clone https://github.com/open-wallet-standard/core.git cd core/ows cargo build --workspace --release ``` -------------------------------- ### Install OWS CLI and SDKs Source: https://github.com/open-wallet-standard/core/blob/main/docs/quickstart.md Installs the OWS CLI, Node.js SDK, and Python bindings. Alternatively, install only specific packages. ```bash curl -fsSL https://docs.openwallet.sh/install.sh | bash ``` ```bash npm install @open-wallet-standard/core # Node.js ``` ```bash pip install open-wallet-standard # Python ``` -------------------------------- ### Install Node.js OWS Package Source: https://github.com/open-wallet-standard/core/blob/main/ows/README.md Installs the `@open-wallet-standard/core` package for Node.js using npm. ```bash npm install @open-wallet-standard/core ``` -------------------------------- ### Install Python OWS Package Source: https://github.com/open-wallet-standard/core/blob/main/ows/README.md Installs the `open-wallet-standard` package for Python using pip. ```bash pip install open-wallet-standard ``` -------------------------------- ### Quick Start Python SDK Source: https://github.com/open-wallet-standard/core/blob/main/skills/ows/SKILL.md Initializes a wallet and signs a message using the Python SDK. ```python from open_wallet_standard import create_wallet, sign_message wallet = create_wallet("my-wallet") sig = sign_message("my-wallet", "evm", "hello world") ``` -------------------------------- ### Install OWS CLI Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-cli.md Installs the Open Wallet Standard CLI using a curl script or by building from source with Cargo. ```bash curl -fsSL https://docs.openwallet.sh/install.sh | bash ``` ```bash git clone https://github.com/open-wallet-standard/core.git cd core/ows cargo build --workspace --release ``` -------------------------------- ### Quick Start Node.js SDK Source: https://github.com/open-wallet-standard/core/blob/main/skills/ows/SKILL.md Initializes a wallet and signs a message using the Node.js SDK. ```javascript import { createWallet, signMessage } from "@open-wallet-standard/core"; const wallet = createWallet("my-wallet"); const sig = signMessage("my-wallet", "evm", "hello world"); ``` -------------------------------- ### Quick Start Wallet Creation and Signing Source: https://github.com/open-wallet-standard/core/blob/main/bindings/python/README.md Initialize a new wallet and sign a message using the OWS library. ```python from ows import create_wallet, sign_message wallet = create_wallet("agent-treasury") # => accounts for EVM, Solana, Bitcoin, Cosmos, Tron, TON, Filecoin, Sui, and XRPL sig = sign_message("agent-treasury", "evm", "hello") print(sig["signature"]) ``` -------------------------------- ### Install OWS CLI and Bindings Source: https://github.com/open-wallet-standard/core/blob/main/ows/README.md Installs the `ows` CLI binary and Node.js/Python bindings if available. Requires curl. ```bash curl -fsSL https://docs.openwallet.sh/install.sh | bash ``` -------------------------------- ### CLI Usage Examples Source: https://github.com/open-wallet-standard/core/blob/main/bindings/node/README.md Common CLI commands for wallet creation and signing operations. ```bash # Create a wallet (derives addresses for the current auto-derived chain set) ows wallet create --name "agent-treasury" # Sign a message ows sign message --wallet agent-treasury --chain evm --message "hello" # Sign a transaction ows sign tx --wallet agent-treasury --chain evm --tx "deadbeef..." ``` -------------------------------- ### End-to-End Agent Access Example Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-cli.md Demonstrates a full workflow for setting up agent access, including creating a wallet, defining a policy, creating an API key, and testing agent access with different scenarios. It also shows how to revoke the key. ```bash # Create a wallet ows wallet create --name agent-treasury # Define a policy: Base chain only, expires at end of year cat > policy.json << 'EOF' { "id": "agent-limits", "name": "Agent Safety Limits", "version": 1, "created_at": "2026-03-22T00:00:00Z", "rules": [ { "type": "allowed_chains", "chain_ids": ["eip155:8453"] }, { "type": "expires_at", "timestamp": "2026-12-31T23:59:59Z" } ], "action": "deny" } EOF ows policy create --file policy.json # Create an API key with the policy attached ows key create --name "claude" --wallet agent-treasury --policy agent-limits # Output: ows_key_a1b2c3d4... (save this) # Agent signs on Base — policy allows it OWS_PASSPHRASE="ows_key_a1b2c3d4..." \ ows sign tx --wallet agent-treasury --chain base --tx 0x02f8... # Agent tries Ethereum mainnet — policy denies it OWS_PASSPHRASE="ows_key_a1b2c3d4..." \ ows sign tx --wallet agent-treasury --chain ethereum --tx 0x02f8... # error: policy denied: chain eip155:1 not in allowlist # Owner signs with the wallet passphrase — no policy enforcement OWS_PASSPHRASE="your-wallet-passphrase" \ ows sign tx --wallet agent-treasury --chain ethereum --tx 0x02f8... # Owner mode bypasses all policies # Revoke the agent's access ows key revoke --id --confirm # Token is now useless ``` -------------------------------- ### Example Policy File Structure Source: https://github.com/open-wallet-standard/core/blob/main/docs/03-policy-engine.md A sample policy file demonstrating the structure, including an ID, name, version, creation timestamp, declarative rules, and an optional executable path. Policies must have at least one of 'rules' or 'executable'. ```json { "id": "base-agent-limits", "name": "Base Agent Safety Limits", "version": 1, "created_at": "2026-03-22T10:00:00Z", "rules": [ { "type": "allowed_chains", "chain_ids": ["eip155:8453", "eip155:84532"] }, { "type": "expires_at", "timestamp": "2026-12-31T23:59:59Z" } ], "executable": null, "config": null, "action": "deny" } ``` -------------------------------- ### Create Wallets and Sign Messages Programmatically Source: https://github.com/open-wallet-standard/core/blob/main/README.md Examples of using the OWS SDK in Node.js and Python to create wallets and sign messages. ```javascript import { createWallet, signMessage } from "@open-wallet-standard/core"; const wallet = createWallet("agent-treasury"); // => accounts for EVM, Solana, Bitcoin, Cosmos, Tron, TON, Filecoin, Sui, and XRPL const sig = signMessage("agent-treasury", "evm", "hello"); console.log(sig.signature); ``` ```python from ows import create_wallet, sign_message wallet = create_wallet("agent-treasury") # => accounts for EVM, Solana, Bitcoin, Cosmos, Tron, TON, Filecoin, Sui, and XRPL sig = sign_message("agent-treasury", "evm", "hello") print(sig["signature"]) ``` -------------------------------- ### Node.js OWS Bindings Usage Source: https://github.com/open-wallet-standard/core/blob/main/ows/README.md Demonstrates creating a wallet and signing a message using the Node.js bindings. Ensure the `@open-wallet-standard/core` package is installed. ```javascript import { createWallet, signMessage } from "@open-wallet-standard/core"; const wallet = createWallet("my-wallet"); console.log(wallet.accounts); // addresses for EVM, Solana, Bitcoin, Cosmos, Tron, TON, Filecoin, Sui, and XRPL const sig = signMessage("my-wallet", "evm", "hello"); console.log(sig.signature); ``` -------------------------------- ### Use OWS SDK in Node.js Source: https://github.com/open-wallet-standard/core/blob/main/docs/quickstart.md Demonstrates creating a wallet and signing messages or transactions using the OWS Node.js SDK. Ensure the SDK is installed via npm. ```javascript import { createWallet, signMessage, signTransaction } from "@open-wallet-standard/core"; // Create a wallet (once) const wallet = createWallet("agent-treasury"); // Sign a message const sig = signMessage("agent-treasury", "evm", "hello"); console.log(sig.signature); // Sign a transaction const tx = signTransaction("agent-treasury", "evm", "02f8..."); console.log(tx.signature); ``` -------------------------------- ### Use OWS SDK in Python Source: https://github.com/open-wallet-standard/core/blob/main/docs/quickstart.md Shows how to create a wallet and sign messages or transactions using the OWS Python bindings. The library must be installed via pip. ```python from open_wallet_standard import create_wallet, sign_message, sign_transaction # Create a wallet (once) wallet = create_wallet("agent-treasury") # Sign a message sig = sign_message("agent-treasury", "evm", "hello") print(sig["signature"]) # Sign a transaction tx = sign_transaction("agent-treasury", "evm", "02f8...") print(tx["signature"]) ``` -------------------------------- ### API Return Types Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-python.md Example structures for wallet information and signing results. ```python # WalletInfo { "id": "3198bc9c-...", # UUID v4 "name": "my-wallet", "created_at": "2026-03-09T...", # ISO 8601 "accounts": [ { "chain_id": "eip155:1", "address": "0xab16...", "derivation_path": "m/44'/60'/0'/0/0", }, # ... one per supported chain ], } # SignResult { "signature": "bea6b4ee...", # Hex-encoded "recovery_id": 0, # EVM/Tron only (None for others) } # SendResult { "tx_hash": "0xabc...", } ``` -------------------------------- ### CLI Signing Commands Source: https://github.com/open-wallet-standard/core/blob/main/website-docs/md/policy-engine-implementation.md Examples of signing transactions using either owner passphrases or agent API tokens. ```bash # Owner (existing) ows sign tx --wallet treasury --chain base --tx 0x... # Agent (pass token via env) OWS_PASSPHRASE=ows_key_abc... ows sign tx --wallet treasury --chain base --tx 0x... ``` -------------------------------- ### System Commands Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-cli.md Commands for managing the OWS CLI installation and updates. ```APIDOC ## POST /update ### Description Update the `ows` binary to the latest release. Also updates Node.js and Python bindings if they are installed. ### Method POST ### Endpoint /update ### Parameters #### Query Parameters - **force** (boolean) - Optional - Re-download even if already on the latest version. ### Request Example ```json { "force": true } ``` ### Response #### Success Response (200) - **message** (string) - Confirmation message of the update status. #### Response Example ```json { "message": "OWS CLI updated successfully." } ``` ``` ```APIDOC ## DELETE /uninstall ### Description Remove `ows` from the system. Also uninstalls Node.js and Python bindings if present. ### Method DELETE ### Endpoint /uninstall ### Parameters #### Query Parameters - **purge** (boolean) - Optional - If true, also removes all wallet data (`~/.ows`). ### Request Example ```json { "purge": true } ``` ### Response #### Success Response (200) - **message** (string) - Confirmation message of the uninstallation. #### Response Example ```json { "message": "OWS CLI uninstalled successfully." } ``` ``` -------------------------------- ### Custom Vault Path Example Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-python.md Demonstrates how to use a custom vault path for wallet operations, useful for testing or isolating data. It ensures the vault directory is cleaned up afterwards. ```python import tempfile import shutil vault = tempfile.mkdtemp(prefix="ows-test-") try: wallet = create_wallet("test", vault_path=vault) # ... use wallet ... finally: shutil.rmtree(vault) ``` -------------------------------- ### Build Rust Workspace Source: https://github.com/open-wallet-standard/core/blob/main/CONTRIBUTING.md Builds the Rust workspace for the Open Wallet Standard project. Ensure you have Rust installed and have cloned the repository. ```bash # Clone the repo git clone https://github.com/open-wallet-standard/core.git cd core # Build the Rust workspace cd ows && cargo build --workspace --release ``` -------------------------------- ### OWS File Layout Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-cli.md Illustrates the standard file layout for the Open Wallet Standard installation, including the location of the CLI binary, encrypted wallets, policies, API keys, and logs. ```text ~/.ows/ bin/ ows # CLI binary wallets/ .json # Encrypted wallet (AES-256-GCM + scrypt) policies/ .json # Policy definitions (not secret) keys/ .json # API key files (0600 permissions) logs/ audit.jsonl # Audit log ``` -------------------------------- ### EIP-712 Typed Data Example Source: https://github.com/open-wallet-standard/core/blob/main/docs/02-signing-interface.md An example of the JSON structure for EIP-712 typed data, including types, primary type, domain, and message. ```json { "types": { "EIP712Domain": [ {"name": "name", "type": "string"}, {"name": "chainId", "type": "uint256"} ], "Transfer": [ {"name": "to", "type": "address"}, {"name": "amount", "type": "uint256"} ] }, "primaryType": "Transfer", "domain": {"name": "MyDApp", "chainId": "1"}, "message": {"to": "0xabc...", "amount": "1000"} } ``` -------------------------------- ### Perform GET Request with Automatic Payment Source: https://context7.com/open-wallet-standard/core/llms.txt Make an HTTP GET request to a URL, with automatic x402 payment handling for services requiring payment. The wallet is used to sign payment credentials. ```bash # GET request with automatic payment ows pay request "https://api.example.com/data" --wallet agent-treasury ``` -------------------------------- ### Create Policy and API Key via CLI Source: https://github.com/open-wallet-standard/core/blob/main/docs/03-policy-engine.md Commands to initialize a policy from a file and generate an API key with specific wallet and policy associations. ```bash ows policy create --file base-agent-limits.json ``` ```bash ows key create --name "claude-agent" --wallet agent-treasury --policy base-agent-limits ``` -------------------------------- ### Get Wallet Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-python.md Look up a wallet by name or UUID. ```python wallet = get_wallet("agent-treasury") ``` -------------------------------- ### Python Executable Policy Example: Transaction Simulation Source: https://github.com/open-wallet-standard/core/blob/main/website-docs/md/policy-engine-implementation.md This Python script serves as an example of a custom executable policy. It simulates a transaction by sending an eth_call to a chain's RPC endpoint and returns a PolicyResult based on the simulation outcome. It handles potential RPC errors and reverts. ```python #!/usr/bin/env python3 import json, sys, urllib.request ctx = json.load(sys.stdin) tx = ctx["transaction"] rpc = {"eip155:8453": "https://mainnet.base.org"}.get(ctx["chain_id"]) if not rpc: json.dump({"allow": False, "reason": f"No RPC for {ctx['chain_id']}"}, sys.stdout) sys.exit(0) payload = json.dumps({ "jsonrpc": "2.0", "id": 1, "method": "eth_call", "params": [{"to": tx["to"], "value": hex(int(tx["value"])), "data": tx["data"]}, "latest"] }).encode() try: resp = json.load(urllib.request.urlopen( urllib.request.Request(rpc, data=payload, headers={"Content-Type": "application/json"}), timeout=4)) if "error" in resp: json.dump({"allow": False, "reason": f"Reverted: {resp['error']['message']}"}, sys.stdout) else: json.dump({"allow": True}, sys.stdout) except Exception as e: json.dump({"allow": False, "reason": str(e)}, sys.stdout) ``` -------------------------------- ### System Management via CLI Source: https://github.com/open-wallet-standard/core/blob/main/skills/ows/SKILL.md Commands for updating, uninstalling, and viewing configuration settings. ```bash ows update # Update to latest version ows update --force # Force re-download ows uninstall # Remove CLI (keep wallet data) ows uninstall --purge # Remove CLI + all wallet data ows config show # Show config and RPC endpoints ``` -------------------------------- ### Sign and Broadcast Transactions Source: https://context7.com/open-wallet-standard/core/llms.txt Examples for signing raw transactions and broadcasting them to the network. ```python # Sign a transaction result = sign_transaction("agent-treasury", "evm", "02f8730181...") print(result["signature"]) # Sign and broadcast transaction result = sign_and_send( "agent-treasury", "evm", "02f8730181...", rpc_url="https://mainnet.infura.io/v3/YOUR_KEY" ) print(result["tx_hash"]) # Sign with API key (agent mode) result = sign_transaction( "agent-treasury", "base", "02f8...", passphrase="ows_key_a1b2c3d4e5f6..." ) ``` -------------------------------- ### Get Policy by ID Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-node.md Retrieves the details of a specific policy using its unique identifier. ```javascript const policy = getPolicy("base-only"); console.log(policy.name); // => "Base only until April" ``` -------------------------------- ### Create and Manage Wallets via CLI Source: https://context7.com/open-wallet-standard/core/llms.txt Generate new wallets with multi-chain address derivation or list existing vault information. ```bash # Create a new wallet ows wallet create --name "agent-treasury" # Output: # Created wallet 3198bc9c-... # eip155:1 0xab16... m/44'/60'/0'/0/0 # solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp 7Kz9... m/44'/501'/0'/0' # sui:mainnet 0x... m/44'/784'/0'/0'/0' # bip122:000000000019d6689c085ae165831e93 bc1q... m/84'/0'/0'/0/0 # cosmos:cosmoshub-4 cosmos1... m/44'/118'/0'/0/0 # tron:mainnet TKLm... m/44'/195'/0'/0/0 # xrpl:mainnet rHsM... m/44'/144'/0'/0/0 # Create with 24-word mnemonic and show the phrase ows wallet create --name "secure-wallet" --words 24 --show-mnemonic # List all wallets ows wallet list # Show vault info ows wallet info ``` -------------------------------- ### Get a Specific Wallet Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-node.md Retrieves a wallet by its name or UUID. An optional vault path can be provided. ```javascript const wallet = getWallet("agent-treasury"); ``` -------------------------------- ### Get Wallet by Name or ID Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-python.md Retrieves a specific wallet using its name or unique identifier (UUID). ```APIDOC ## get_wallet(name_or_id, vault_path=None) ### Description Look up a wallet by name or UUID. ### Parameters #### Query Parameters - **name_or_id** (str) - Required - The name or UUID of the wallet to retrieve. - **vault_path** (str) - Optional - Path to the vault directory. Defaults to the system's default location. ### Request Example ```python from ows import get_wallet wallet_name = "my-wallet-1" wallet = get_wallet(wallet_name) print(f"Retrieved wallet: {wallet['name']} ({wallet['id']})") ``` ### Response Example ```json { "id": "3198bc9c-abcd-4e12-8f78-abcdef123456", "name": "my-wallet-1", "created_at": "2023-10-27T10:00:00Z", "accounts": [ { "chain_id": "eip155:1", "address": "0x123...", "derivation_path": "m/44'/60'/0'/0/0" } ] } ``` ``` -------------------------------- ### Create Wallet with Custom Vault Path Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-node.md Demonstrates setting up a temporary vault directory for isolated wallet operations. Ensure to clean up the temporary directory after use. ```javascript import { mkdtempSync, rmSync } from "node:fs"; import { tmpdir } from "node:os"; import { join } from "node:path"; const tmpVault = mkdtempSync(join(tmpdir(), "ows-test-")); const wallet = createWallet("test-wallet", undefined, 12, tmpVault); // ... use wallet ... rmSync(tmpVault, { recursive: true, force: true }); ``` -------------------------------- ### Create Wallet Source: https://github.com/open-wallet-standard/core/blob/main/website-docs/md/sdk-node.md Initialize a new wallet and derive addresses for supported chains. ```javascript const wallet = createWallet("agent-treasury"); console.log(wallet.accounts); // => [ // { chainId: "eip155:1", address: "0x...", derivationPath: "m/44'/60'/0'/0/0" }, // { chainId: "solana:5eykt4...", address: "7Kz9...", derivationPath: "m/44'/501'/0'/0'" }, // { chainId: "bip122:000...", address: "bc1q...", derivationPath: "m/84'/0'/0'/0/0" }, // { chainId: "cosmos:cosmoshub-4", address: "cosmos1...", derivationPath: "m/44'/118'/0'/0/0" }, // { chainId: "tron:mainnet", address: "TKLm...", derivationPath: "m/44'/195'/0'/0/0" }, // { chainId: "ton:mainnet", address: "UQ...", derivationPath: "m/44'/607'/0'" }, // { chainId: "sui:mainnet", address: "0x...", derivationPath: "m/44'/784'/0'/0'/0'" }, // { chainId: "fil:mainnet", address: "f1...", derivationPath: "m/44'/461'/0'/0/0" }, // ] ``` -------------------------------- ### Create a New Wallet with OWS CLI Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-cli.md Creates a new wallet, generating a BIP-39 mnemonic and deriving addresses for supported chains. Use the --name flag for a wallet name and optionally --show-mnemonic to display the mnemonic or --words to specify word count. ```bash ows wallet create --name "my-wallet" ``` -------------------------------- ### End-to-End Agent Access Workflow Source: https://github.com/open-wallet-standard/core/blob/main/website-docs/md/sdk-cli.md Demonstrates creating a wallet, defining a policy, attaching it to an API key, and using the key for authorized signing. ```bash # Create a wallet ows wallet create --name agent-treasury # Define a policy: Base chain only, expires at end of year cat > policy.json << 'EOF' { "id": "agent-limits", "name": "Agent Safety Limits", "version": 1, "created_at": "2026-03-22T00:00:00Z", "rules": [ { "type": "allowed_chains", "chain_ids": ["eip155:8453"] }, { "type": "expires_at", "timestamp": "2026-12-31T23:59:59Z" } ], "action": "deny" } EOF ows policy create --file policy.json # Create an API key with the policy attached ows key create --name "claude" --wallet agent-treasury --policy agent-limits # Output: ows_key_a1b2c3d4... (save this) # Agent signs on Base — policy allows it OWS_PASSPHRASE="ows_key_a1b2c3d4..." \ ows sign tx --wallet agent-treasury --chain base --tx 0x02f8... # Agent tries Ethereum mainnet — policy denies it OWS_PASSPHRASE="ows_key_a1b2c3d4..." \ ows sign tx --wallet agent-treasury --chain ethereum --tx 0x02f8... # error: policy denied: chain eip155:1 not in allowlist # Owner signs with the wallet passphrase — no policy enforcement OWS_PASSPHRASE="your-wallet-passphrase" \ ows sign tx --wallet agent-treasury --chain ethereum --tx 0x02f8... # Owner mode bypasses all policies # Revoke the agent's access ows key revoke --id --confirm # Token is now useless ``` -------------------------------- ### Build Node.js Bindings Source: https://github.com/open-wallet-standard/core/blob/main/CONTRIBUTING.md Builds the Node.js NAPI bindings for the Open Wallet Standard. Requires Node.js >= 20. Ensure you are in the 'bindings/node' directory. ```bash cd bindings/node && npm install && npx napi build --platform --release ``` -------------------------------- ### Create API Key with Simulation Policy Source: https://context7.com/open-wallet-standard/core/llms.txt Use this command to create an API key with a policy that allows transaction simulation. ```bash ows key create --name "safe-agent" --wallet agent-treasury --policy simulate-tx ``` -------------------------------- ### List Wallets via CLI Source: https://github.com/open-wallet-standard/core/blob/main/docs/06-wallet-lifecycle.md Filter and list available wallets using CLI flags. ```bash ows wallet list --chain evm --with-policy ows wallet list --name "agent-*" ``` -------------------------------- ### Make Paid Request to x402 Endpoint Source: https://github.com/open-wallet-standard/core/blob/main/skills/ows/SKILL.md Makes a paid request to an x402-enabled API endpoint. Supports GET requests by default and can be configured for POST requests with a JSON body. ```bash ows pay request https://api.example.com/data --wallet "my-wallet" ``` ```bash ows pay request https://api.example.com/data --wallet "my-wallet" --method POST --body '{"key":"value"}' ``` -------------------------------- ### Import an existing wallet Source: https://github.com/open-wallet-standard/core/blob/main/website-docs/md/sdk-cli.md Import wallets from mnemonics, private keys, or environment variables. ```bash echo "goose puzzle decorate ..." | ows wallet import --name "imported" --mnemonic ``` ```bash echo "4c0883a691..." | ows wallet import --name "from-evm" --private-key ``` ```bash echo "9d61b19d..." | ows wallet import --name "from-sol" --private-key --chain solana ``` ```bash OWS_SECP256K1_KEY="4c0883a691..." \ OWS_ED25519_KEY="9d61b19d..." \ ows wallet import --name "both" ``` -------------------------------- ### Create Wallet Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-python.md Create a new wallet and iterate through its accounts. ```python wallet = create_wallet("agent-treasury") for acct in wallet["accounts"]: print(f"{acct['chain_id']}: {acct['address']}") ``` -------------------------------- ### Update OWS Binary Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-cli.md Update the `ows` binary to the latest release. This command also updates Node.js and Python bindings if they are installed. Use the `--force` flag to re-download even if already on the latest version. ```bash ows update ``` ```bash ows update --force # re-download even if already on latest ``` -------------------------------- ### Manage Wallets Source: https://github.com/open-wallet-standard/core/blob/main/skills/ows/references/python.md Create, import, list, and modify wallets using various key types. ```python from open_wallet_standard import ( create_wallet, import_wallet_mnemonic, import_wallet_private_key, list_wallets, get_wallet, delete_wallet, rename_wallet, export_wallet, ) # Create wallet = create_wallet("my-wallet") # create_wallet(name, passphrase=None, words=12, vault_path=None) # Import from mnemonic w1 = import_wallet_mnemonic("imported", "goose puzzle ...") # import_wallet_mnemonic(name, mnemonic, passphrase=None, index=None, vault_path=None) # Import from private key (default: evm/secp256k1) w2 = import_wallet_private_key("from-evm", "4c0883a691...") # Import Ed25519 key (solana/sui/ton) w3 = import_wallet_private_key("from-sol", "9d61b19d...", chain="solana") # Import explicit keys for both curves w4 = import_wallet_private_key("both", "", secp256k1_key="4c08...", ed25519_key="9d61...") # import_wallet_private_key(name, private_key_hex, chain=None, passphrase=None, # vault_path=None, secp256k1_key=None, ed25519_key=None) # List / get / delete / rename / export wallets = list_wallets() # list_wallets(vault_path=None) w = get_wallet("my-wallet") # get_wallet(name_or_id, vault_path=None) delete_wallet("my-wallet") # delete_wallet(name_or_id, vault_path=None) rename_wallet("old", "new") # rename_wallet(name_or_id, new_name, vault_path=None) secret = export_wallet("my-wallet") # export_wallet(name_or_id, passphrase=None, vault_path=None) # Returns mnemonic string or JSON: {"secp256k1":"hex","ed25519":"hex"} ``` -------------------------------- ### Pay for services using OWS Source: https://github.com/open-wallet-standard/core/blob/main/docs/quickstart.md Handles the full x402 payment flow automatically. The CLI signs the payment credential and retries requests that return '402 Payment Required'. Supports GET and POST requests with bodies. ```bash # GET request — payment handled automatically ows pay request "https://api.example.com/data" --wallet agent-treasury ``` ```bash # POST with a body ows pay request "https://api.example.com/query" \ --wallet agent-treasury \ --method POST \ --body '{"prompt": "summarize this document"}' ``` ```bash ows pay discover ``` ```bash ows pay discover --query "weather" ``` -------------------------------- ### Import Wallet with Explicit Keys Source: https://github.com/open-wallet-standard/core/blob/main/skills/ows/SKILL.md Imports a wallet by explicitly setting environment variables for secp256k1 and Ed25519 private keys. ```bash OWS_SECP256K1_KEY="4c0883a691..." OWS_ED25519_KEY="9d61b19d..." \ ows wallet import --name "both" ``` -------------------------------- ### Create API Key with Wallet Scope Source: https://github.com/open-wallet-standard/core/blob/main/website-docs/md/03-policy-engine.md Use this command to create a new API key with a specified name, associated wallet, and policy attachment. Store the generated key securely. ```bash ows key create --name "claude-agent" --wallet agent-treasury --policy base-agent-limits ``` -------------------------------- ### Create a new wallet Source: https://github.com/open-wallet-standard/core/blob/main/docs/quickstart.md Derives addresses for multiple supported chains including EVM, Solana, Sui, Bitcoin, Cosmos, Tron, and TON with a single command. ```bash ows wallet create --name "agent-treasury" ``` -------------------------------- ### Sign transactions using an agent API token Source: https://github.com/open-wallet-standard/core/blob/main/docs/quickstart.md Demonstrates signing transactions using an agent API token as the passphrase. The OWS CLI evaluates attached policies to authorize the signature. Includes examples of a successful signature and a policy-denied attempt. ```bash # Agent signs on Base — policy allows it OWS_PASSPHRASE="ows_key_a1b2c3d4..." \ ows sign tx --wallet agent-treasury --chain base --tx 0x02f8... # Agent tries Ethereum mainnet — policy denies it OWS_PASSPHRASE="ows_key_a1b2c3d4..." \ ows sign tx --wallet agent-treasury --chain ethereum --tx 0x02f8... # error: policy denied: chain eip155:1 not in allowlist ``` -------------------------------- ### Policy JSON Format Example Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-cli.md Defines a policy with an ID, name, version, creation timestamp, and a list of rules. Rules are AND-combined and can include allowed chains and expiration timestamps. The 'action' field specifies whether to deny or allow based on rule evaluation. ```json { "id": "base-only", "name": "Base and Sepolia until year end", "version": 1, "created_at": "2026-03-22T00:00:00Z", "rules": [ { "type": "allowed_chains", "chain_ids": ["eip155:8453", "eip155:84532"] }, { "type": "expires_at", "timestamp": "2026-12-31T00:00:00Z" } ], "action": "deny" } ``` -------------------------------- ### Python: Custom Vault Path for Isolated Environments Source: https://context7.com/open-wallet-standard/core/llms.txt Demonstrates how to use a custom vault path in Python for isolated wallet operations during testing or multi-tenant scenarios. Ensure necessary modules are imported. ```python import tempfile import shutil from ows import create_wallet, sign_message, delete_wallet # Create temporary vault for testing test_vault = tempfile.mkdtemp(prefix="ows-test-") try: # All operations use the test vault wallet = create_wallet("test-wallet", vault_path=test_vault) print(f"Created wallet {wallet['id']} in {test_vault}") sig = sign_message("test-wallet", "evm", "test message", vault_path=test_vault) print(f"Signature: {sig['signature']}") delete_wallet("test-wallet", vault_path=test_vault) finally: # Clean up test vault shutil.rmtree(test_vault) ``` -------------------------------- ### Import Wallet using OWS CLI Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-cli.md Imports an existing wallet from a mnemonic or private key. Mnemonic import can read from stdin or OWS_MNEMONIC env var. Private key import reads from stdin or OWS_PRIVATE_KEY env var. Specify --chain for private key imports to determine the curve. ```bash # Import from mnemonic (reads from OWS_MNEMONIC env or stdin) echo "goose puzzle decorate ..." | ows wallet import --name "imported" --mnemonic ``` ```bash # Import from private key (reads from OWS_PRIVATE_KEY env or stdin) echo "4c0883a691..." | ows wallet import --name "from-evm" --private-key ``` ```bash # Import an Ed25519 key (e.g. from Solana) echo "9d61b19d..." | ows wallet import --name "from-sol" --private-key --chain solana ``` ```bash # Import explicit keys for both curves via environment variables OWS_SECP256K1_KEY="4c0883a691..." \ OWS_ED25519_KEY="9d61b19d..." \ ows wallet import --name "both" ``` -------------------------------- ### Create API key via CLI Source: https://github.com/open-wallet-standard/core/blob/main/docs/03-policy-engine.md Command to generate a new API key with specific wallet access and policy constraints. ```bash ows key create --name "claude-agent" --wallet agent-treasury --policy spending-limit ``` -------------------------------- ### List API Keys Source: https://github.com/open-wallet-standard/core/blob/main/docs/sdk-cli.md Lists all existing API keys, including their ID, name, associated wallets, policies, and creation time. Tokens are never displayed in the output. ```bash ows key list ``` -------------------------------- ### Manage API Keys via CLI Source: https://github.com/open-wallet-standard/core/blob/main/skills/ows/SKILL.md Commands for creating, listing, and revoking API keys for agent access. ```bash # Create an API key for agent access (scoped to wallets + policies) ows key create --name "claude-agent" --wallet "my-wallet" --policy "policy-id" ows key create --name "tmp-key" --wallet "my-wallet" --expires-at "2026-04-01T00:00:00Z" # List all API keys (tokens are never shown) ows key list # Revoke an API key ows key revoke --id "key-id" --confirm ``` -------------------------------- ### Manage policies Source: https://github.com/open-wallet-standard/core/blob/main/website-docs/md/sdk-cli.md Commands to create, list, show, and delete security policies. ```bash ows policy create --file base-policy.json ``` ```json { "id": "base-only", "name": "Base and Sepolia until year end", "version": 1, "created_at": "2026-03-22T00:00:00Z", "rules": [ { "type": "allowed_chains", "chain_ids": ["eip155:8453", "eip155:84532"] }, { "type": "expires_at", "timestamp": "2026-12-31T00:00:00Z" } ], "action": "deny" } ``` ```bash ows policy list ``` ```bash ows policy show --id base-only ``` ```bash ows policy delete --id base-only --confirm ``` -------------------------------- ### Build OWS from Source Source: https://github.com/open-wallet-standard/core/blob/main/ows/README.md Clones the OWS repository and builds the workspace in release mode. Requires Rust 1.70+. ```bash git clone https://github.com/open-wallet-standard/core.git cd core/ows cargo build --workspace --release ``` -------------------------------- ### Create a New Wallet Source: https://github.com/open-wallet-standard/core/blob/main/skills/ows/SKILL.md Creates a new wallet with a specified name. Use `--words 24` for a 24-word mnemonic and `--show-mnemonic` to display it for backup. ```bash ows wallet create --name "my-wallet" ``` ```bash ows wallet create --name "my-wallet" --words 24 --show-mnemonic ``` -------------------------------- ### Manage Policies via CLI Source: https://github.com/open-wallet-standard/core/blob/main/skills/ows/SKILL.md Commands for listing, showing, and deleting policy definitions. ```bash ows policy list ows policy show --id "policy-id" ows policy delete --id "policy-id" --confirm ``` -------------------------------- ### Implement Custom Executable Policy Source: https://context7.com/open-wallet-standard/core/llms.txt Create a custom policy script that performs on-chain simulation via eth_call. ```python #!/usr/bin/env python3 """Custom policy: Simulate transaction via eth_call before allowing.""" import json import sys import urllib.request # Read policy context from stdin ctx = json.load(sys.stdin) tx = ctx["transaction"] chain_id = ctx["chain_id"] # Map chain IDs to RPC endpoints rpc_endpoints = { "eip155:8453": "https://mainnet.base.org", "eip155:1": "https://eth.llamarpc.com", } rpc = rpc_endpoints.get(chain_id) if not rpc: json.dump({"allow": False, "reason": f"No RPC configured for {chain_id}"}, sys.stdout) sys.exit(0) # Simulate the transaction payload = json.dumps({ "jsonrpc": "2.0", "id": 1, "method": "eth_call", "params": [ {"to": tx["to"], "value": hex(int(tx["value"])), "data": tx.get("data", "0x")}, "latest" ] }).encode() try: req = urllib.request.Request(rpc, data=payload, headers={"Content-Type": "application/json"}) resp = json.load(urllib.request.urlopen(req, timeout=4)) if "error" in resp: json.dump({"allow": False, "reason": f"Simulation reverted: {resp['error']['message']}"}, sys.stdout) else: json.dump({"allow": True}, sys.stdout) except Exception as e: json.dump({"allow": False, "reason": f"Simulation failed: {str(e)}"}, sys.stdout) ```