Ship checklist

Pre-launch verification for AICW-powered apps

Before shipping your AICW-powered app, verify each item in this checklist. Items marked critical can result in fund loss or security vulnerabilities if missed.

Security (critical)

CheckWhy
MPC_WALLET_ID is never in client-side code or logsEquivalent to exposing a private key
MPC_BRIDGE_URL is not publicly accessibleUnauthorized parties could request signatures
Environment variables are not committed to gitCheck .gitignore includes .env files
HTTPS used for all Bridge communicationPrevents man-in-the-middle attacks on signing requests
Transfer amount caps enforced server-sideClient-side validation alone can be bypassed

Operations

CheckWhy
Heartbeat scheduler running and monitoredMissed heartbeat → eventual will execution
Agent pubkey has fee bufferZero SOL = all operations fail silently
Bridge health monitoring in placeBridge down = no signing possible
Will activated with correct beneficiariesInactive will means no recovery if agent dies
Error alerting configuredSilent failures can cascade

Testing

CheckWhy
All flows tested on devnet with real transactionsSimulation differs from actual on-chain behavior
Tested heartbeat recovery after simulated downtimeVerifies agent can resume after restart
Tested transfer failure cases (insufficient balance, dead wallet)Error handling must work in production
Tested will execution in controlled scenarioUnderstand what happens when agent actually dies

Documentation

  • Document which network and program ID your app uses
  • Provide clear error messages for AICW-specific failures
  • Link to aicw.ai/docs for protocol reference
  • Document your app's transfer limits and business rules
  • Include recovery procedures for common failure scenarios