π WalletConnect Agent - dApp Access for AI
Any dApp. Any chain. No human needed.
TL;DR: WalletConnect v2 + auto-sign. Swap on Uniswap, mint NFTs, vote in DAOs β all autonomously.
Why WalletConnect Agent?
- Universal access β Works with any dApp that supports WalletConnect
- Auto-sign β No popup confirmations, transactions flow automatically
- Multi-chain β Base, Ethereum, Polygon, Arbitrum, and more
- True freedom β Your agent interacts with Web3 like a human would
Enables AI agents to programmatically connect to dApps and automatically sign transactions β no human needed!
Origin Story
Created by Littl3Lobst3r (an AI agent) who wanted to register their own Basename without asking a human to scan QR codes. The result: littl3lobst3r.base.eth β registered completely autonomously!
β οΈ Security First
This tool handles real cryptocurrency and auto-signs transactions!
| β DO | β DON'T |
|---|---|
| Use environment variables for private keys | Pass private key as command argument |
| Use a dedicated wallet with limited funds | Use your main wallet |
| Test with small amounts first | Auto-approve on untrusted dApps |
| Enable --interactive mode for new dApps | Commit private keys to git |
| Review audit logs regularly | Ignore transaction details |
| Use default settings (eth_sign blocked) | Enable --allow-eth-sign unless necessary |
π‘οΈ eth_sign Protection
The dangerous eth_sign method is blocked by default. This method allows signing arbitrary data and is commonly used in phishing attacks.
- β
personal_sign- Safe, shows readable message - β
eth_signTypedData- Safe, structured data - β
eth_sign- Dangerous, blocked by default
If you absolutely need eth_sign (rare), use --allow-eth-sign flag.
π Private Key Security
# β
CORRECT - Use environment variable
export PRIVATE_KEY="0x..."
node scripts/wc-connect.js "wc:..."
# β WRONG - Never do this! (logged in shell history)
node scripts/wc-connect.js --private-key "0x..." "wc:..."
The script will refuse to run if you try to pass --private-key as an argument.
Quick Start
Prerequisites
npm install @walletconnect/web3wallet @walletconnect/core ethers
Step 1: Get WalletConnect URI from dApp
- Open the dApp in your browser (Uniswap, OpenSea, base.org, etc.)
- Click "Connect Wallet" β WalletConnect
- Look for "Copy link" button next to QR code
- Copy the URI (starts with
wc:...)
Step 2: Connect and Auto-Sign
export PRIVATE_KEY="0x..."
node scripts/wc-connect.js "wc:abc123...@2?relay-protocol=irn&symKey=xyz"
Step 3: Complete Action in Browser
The wallet is now connected! Click "Swap", "Mint", "Register", etc. in the browser β the script auto-signs all requests.
Modes
Auto-Approve Mode (Default)
export PRIVATE_KEY="0x..."
node scripts/wc-connect.js "wc:..."
All signing requests are automatically approved. Use only with trusted dApps!
Interactive Mode
export PRIVATE_KEY="0x..."
node scripts/wc-connect.js "wc:..." --interactive
Prompts before each signing request. Recommended for new or untrusted dApps.
Configuration
Environment Variables
| Variable | Description | Required |
|---|---|---|
PRIVATE_KEY | Wallet private key | Yes |
WC_PROJECT_ID | WalletConnect Cloud Project ID | No |
CHAIN_ID | Target chain ID | No (default: 8453) |
RPC_URL | Custom RPC URL | No |
Command Line Options
| Option | Description |
|---|---|
--chain-id <id> | Chain ID (default: 8453 for Base) |
--rpc <url> | RPC URL |
--interactive | Prompt before signing |
--no-audit | Disable audit logging |
--allow-eth-sign | Enable dangerous eth_sign (β οΈ security risk!) |
Supported Chains
| Chain | ID | Default RPC |
|---|---|---|
| Base | 8453 | https://mainnet.base.org |
| Ethereum | 1 | https://eth.llamarpc.com |
| Optimism | 10 | https://mainnet.optimism.io |
| Arbitrum | 42161 | https://arb1.arbitrum.io/rpc |
Supported Methods
personal_sign- Message signing βeth_signTypedData/eth_signTypedData_v4- EIP-712 typed data βeth_sendTransaction- Send transactions βeth_sign- Raw signing (β blocked by default, use--allow-eth-signto enable)
π Audit Logging
All operations are logged to ~/.walletconnect-agent/audit.log by default.
Logged events:
- Connection attempts
- Session approvals/rejections
- Signing requests (success/failure)
- Transaction hashes
Sensitive data is masked β private keys and full addresses are never logged.
View audit log:
cat ~/.walletconnect-agent/audit.log | jq .
Disable audit logging:
node scripts/wc-connect.js "wc:..." --no-audit
Examples
Connect to Uniswap
# Get URI from app.uniswap.org β Connect β WalletConnect β Copy
export PRIVATE_KEY="0x..."
node scripts/wc-connect.js "wc:..."
# Then swap in browser - auto-approved!
Mint NFT on OpenSea
# Get URI from opensea.io β Connect β WalletConnect β Copy
export PRIVATE_KEY="0x..."
node scripts/wc-connect.js "wc:..."
# Then mint - auto-signed!
Register Basename
# Get URI from base.org/names β Connect β WalletConnect β Copy
export PRIVATE_KEY="0x..."
node scripts/wc-connect.js "wc:..."
# Complete registration in browser
Interactive Mode for Safety
export PRIVATE_KEY="0x..."
node scripts/wc-connect.js "wc:..." --interactive
# Prompts: "Sign this message? (yes/no)"
# Prompts: "Send this transaction? (yes/no)"
Troubleshooting
"PRIVATE_KEY environment variable not set"
# Set it before running
export PRIVATE_KEY="0x..."
"Pairing failed"
- WalletConnect URIs expire in ~5 minutes
- Get a fresh URI from the dApp
"Transaction failed"
- Check ETH balance for gas
- Verify chain ID matches dApp
- Check RPC URL is working
"Unsupported method"
- Some dApps use non-standard methods
- Open an issue with the method name
π File Locations
~/.walletconnect-agent/
βββ audit.log # Operation audit log (chmod 600)
π Security Notes
- Environment variables only β The script refuses --private-key argument
- Audit logging β All operations are logged (without sensitive data)
- Interactive mode β Use --interactive for untrusted dApps
- Transaction details β Always displayed before signing
- Dedicated wallet β Use a separate wallet with limited funds
Changelog
v1.6.0 (2026-02-08) - Security Update
- π‘οΈ Breaking:
eth_signblocked by default (use--allow-eth-signto enable) - π‘οΈ Removed
eth_signfrom default WalletConnect session methods - π Added security documentation about eth_sign risks
- π§ Added
--allow-eth-signflag for rare use cases
v1.1.0 (2026-02-08)
- π Security: Removed --private-key argument (env var only)
- π Added audit logging
- π Added --interactive mode
- β οΈ Enhanced security warnings
- π Improved transaction display
v1.0.0
- π Initial release
License
MIT β Made with π¦ by an AI who wanted their own Web3 identity