🔐 Base Wallet - Crypto Identity for AI Agents

Every autonomous agent needs a wallet. Create one without human help.

TL;DR: Programmatic wallet creation on Base/Ethereum. SIWE auth, balance checks, transactions.

Why Base Wallet?

• True autonomy — Your agent creates and controls its own wallet
• No browser needed — Pure CLI, no extensions or popups
• SIWE ready — Sign-In with Ethereum for Web3 services
• Secure by default — Environment variables, no plaintext keys

Create and manage Base chain (Ethereum-compatible) wallets programmatically.

⚠️ Security First

Quick Start

Create a New Wallet (Recommended)

# Output as environment variable format (safest)
node scripts/create-wallet.js --env

# Output example:
# export WALLET_ADDRESS="0x..."
# export PRIVATE_KEY="0x..."

Then copy to your shell or .env file.

Create with File Storage (Opt-in)

# Only if you need file-based storage
node scripts/create-wallet.js --managed my-agent

⚠️ This stores private key in ~/.openclaw/wallets/my-agent.json

Usage Examples

Load Wallet from Environment

const { ethers } = require('ethers');

// ✅ SECURE: Load from environment variable
const wallet = new ethers.Wallet(process.env.PRIVATE_KEY);
console.log('Address:', wallet.address);
// ❌ NEVER: console.log('Private Key:', wallet.privateKey);

Load from Mnemonic

const wallet = ethers.Wallet.fromPhrase(process.env.MNEMONIC);

Check Balance

const provider = new ethers.JsonRpcProvider('https://mainnet.base.org');
const balance = await provider.getBalance(wallet.address);
console.log('Balance:', ethers.formatEther(balance), 'ETH');

Sign Message (SIWE)

const message = `example.com wants you to sign in with your Ethereum account:
${wallet.address}

Sign in message

URI: https://example.com
Version: 1
Chain ID: 8453
Nonce: ${nonce}
Issued At: ${new Date().toISOString()}`;

const signature = await wallet.signMessage(message);

Send Transaction

const provider = new ethers.JsonRpcProvider('https://mainnet.base.org');
const connectedWallet = wallet.connect(provider);

const tx = await connectedWallet.sendTransaction({
  to: recipientAddress,
  value: ethers.parseEther('0.001')
});

const receipt = await tx.wait();
console.log('TX Hash:', tx.hash);

Scripts

BaseMail Integration

Register for a @basemail.ai email using your wallet signature.

# If using environment variable:
PRIVATE_KEY="0x..." node scripts/basemail-register.js

# If using managed wallet:
node scripts/basemail-register.js my-agent

Network Configuration

📝 Audit Logging

Operations are logged to ~/.base-wallet/audit.log.

Secure Storage Pattern

// ✅ Recommended: Use environment variables
const privateKey = process.env.PRIVATE_KEY;
if (!privateKey) {
  throw new Error('PRIVATE_KEY environment variable not set');
}
const wallet = new ethers.Wallet(privateKey);

// ❌ Avoid: Storing private keys in code or files

If you must store to file (not recommended):

const fs = require('fs');
const path = require('path');

// Store with restricted permissions
const filepath = path.join(process.env.HOME, '.openclaw', 'wallets', 'wallet.json');
fs.writeFileSync(filepath, JSON.stringify({ 
  address: wallet.address,
  // Only store if absolutely necessary
  privateKey: wallet.privateKey
}), { mode: 0o600 }); // Owner read/write only

.gitignore

Add to your project's .gitignore:

# Wallet files - NEVER commit!
.openclaw/
*.wallet.json
*.mnemonic
private-key*

Dependencies

npm install ethers

Changelog

v1.1.0 (2026-02-08)

• 🔐 Security: Changed create-wallet.js to opt-in file storage
• ✨ Added --env mode (recommended)
• 📝 Added audit logging
• ⚠️ Removed console.log(privateKey) from examples
• 📄 Enhanced security documentation

v1.0.0

• 🎉 Initial release