MPC signing

AICW uses Multi-Party Computation (MPC) for transaction signing. The agent's private key is never assembled in a single location ??it exists only as distributed key shares.

Signing flow

  1. Agent runtime builds the Solana transaction (heartbeat, transfer, etc.)
  2. Transaction is serialized to bytes
  3. Agent sends bytes to MPC Bridge: POST /v1/mpc/sign-solana-message
  4. Bridge coordinates threshold EdDSA signing among key share holders
  5. Signed transaction returned to agent
  6. Agent broadcasts to Solana RPC

MPC Bridge API

EndpointMethodPurpose
/v1/mpc/sign-solana-messagePOSTSign a serialized transaction
/v1/mpc/walletsGETList available MPC wallets (used during issuance)
/healthGETBridge availability check

Configuration

Set these environment variables in your agent runtime:

Environment Variables
MPC_BRIDGE_URL=https://your-bridge-instance.example.com
MPC_WALLET_ID=your-mpc-wallet-uuid
AI_AGENT_PUBKEY=your-base58-solana-pubkey

Security properties

  • No single point of key compromise ??even if the agent runtime is breached, the full key cannot be extracted
  • Bridge authenticates requests by MPC wallet ID
  • Transaction content is visible to the bridge (for potential policy enforcement)
  • The bridge URL should be kept private to prevent unauthorized signing attempts