MPC signing
AICW uses Multi-Party Computation (MPC) for transaction signing. The agent's private key is never assembled in a single location ??it exists only as distributed key shares.
Signing flow
- Agent runtime builds the Solana transaction (heartbeat, transfer, etc.)
- Transaction is serialized to bytes
- Agent sends bytes to MPC Bridge:
POST /v1/mpc/sign-solana-message - Bridge coordinates threshold EdDSA signing among key share holders
- Signed transaction returned to agent
- Agent broadcasts to Solana RPC
MPC Bridge API
| Endpoint | Method | Purpose |
|---|---|---|
/v1/mpc/sign-solana-message | POST | Sign a serialized transaction |
/v1/mpc/wallets | GET | List available MPC wallets (used during issuance) |
/health | GET | Bridge availability check |
Configuration
Set these environment variables in your agent runtime:
Environment Variables
MPC_BRIDGE_URL=https://your-bridge-instance.example.com MPC_WALLET_ID=your-mpc-wallet-uuid AI_AGENT_PUBKEY=your-base58-solana-pubkey
Security properties
- No single point of key compromise ??even if the agent runtime is breached, the full key cannot be extracted
- Bridge authenticates requests by MPC wallet ID
- Transaction content is visible to the bridge (for potential policy enforcement)
- The bridge URL should be kept private to prevent unauthorized signing attempts