The OrcaMind.ai Agent Wallet Lets You Talk to the Blockchain (Literally)

OrcaMind.ai's AI Agent Wallet breaks through the limitations of private key management and single-transaction signing, offering users a simple, fast, and secure intelligent on-chain interaction solution.

1. Introduction

With the rise of large language models (LLMs), interacting with blockchain via natural language has become a key direction in the evolution of Web3. Built on the Model Context Protocol (MCP), OrcaMind has introduced the OrcaMind.ai AI Agent Wallet. Unlike traditional wallets that passively respond to user commands and manage isolated addresses or single transactions, the AI Agent Wallet breaks through the limitations of private key management and single-signature transactions. It focuses on delivering secure, automated, and cross-chain operational capabilities. This offers users a simple, fast, and secure intelligent on-chain interaction solution.

This article will explore the innovative technical architecture behind the Agent Wallet, analyze its working principles and core advantages, and explain how it brings users a safer and more seamless Web3 experience.

2. Core Concepts

Before diving into architecture, it's important to first understand two key concepts.

2.1 MCP（Model Context Protocol）

MCP (Model Context Protocol) is a standardized communication protocol in the field of AI, designed to solve the challenges of integrating large language models (LLMs) with external data sources, tools, and services.

The protocol consists of two main components:

• MCP Client: The user interaction terminal (e.g., Claude, Cursor, OrcaMind App), which directly receives natural language commands from users. It uses an LLM to interpret user intent, match the appropriate tool, and extract the required parameters for execution.
• MCP Server: Executes the logic of the tool and sends feedback to the Client.

Developers can register new tools (e.g., staking, DApp interactions) to extend functionality without modifying the core protocol. In the context of the OrcaMind App, the MCP Server acts as a bridge between the language model and blockchain interactions.

2.2 OrcaMind Agent Wallet

The Agent Wallet is an intelligent wallet app proposed by OrcaMind, backed by a trusted backend agent. Connected to an LLM through the MCP service, it allows users to issue natural language commands to securely trigger the Agent Wallet to automatically perform complex on-chain operations (such as transfers and contract interactions). This eliminates the need for cumbersome manual signatures or understanding of underlying blockchain technologies.

3.Agent Wallet Technical Architecture

3.1 MCP

Within the MCP framework, the Agent Wallet operates as an independent MCP Server, providing a dedicated set of wallet operation tools. Once a user's instruction is parsed by the model for intent, the MCP routing layer invokes the corresponding tool based on the extracted parameters. It then breaks down the instruction job into more granular tasks and submits them to the Agent Wallet for subsequent execution.

3.2 Agent Wallet

As the core execution engine of the blockchain proxy wallet, Agent Wallet adopts a modular design to create a closed-loop system for account delegation, task orchestration, and secure signing. Its architecture consists of two primary modules that work together through standardized interfaces:

1. Smart Management & Orchestration Core (SMOC)

The Smart Management & Orchestration Core centrally manages the global account system and task flows, ensuring that user commands—issued in natural language, are accurately and securely translated into on-chain operations. SMOC integrates two essential capabilities: account governance and task orchestration. Key features of this module include:

• Unified Account Governance: Built on the OIDC protocol, SMOC establishes a strong binding between user identities and their multi-chain proxy accounts. Before each operation, it performs real-time credential validation to prevent account hijacking. Through dynamic account abstraction, a single user identity can be mapped to proxy addresses across different blockchains (e.g., EVM, Solana), offering a unified interface for multi-chain operations while abstracting away underlying complexities.

• Intelligent Asset Adaptation: Users only need to deposit a single mainstream token (e.g., USDC or ETH). Before executing a task, SMOC automatically analyzes operational requirements and dynamically converts assets as needed—including native tokens of the target chains (like ETH or SOL) and specific tokens required for DApp interactions (such as WETH for Uniswap). This ensures seamless execution without requiring users to manually swap or top up different assets.

• Smart Task Scheduling: For parsed task flows, SMOC uses a DAG scheduler to intelligently break down complex operations into atomic subtasks. It dynamically manages task dependencies and execution sequences while supporting auto rollback and resumable execution. Once tasks are ready, it automatically handles key preprocessing steps, including dynamic Nonce assignment, real-time Gas optimization, and precise cross-chain calldata construction—maximizing execution efficiency and success rate.

• End-to-End Execution Monitoring: SMOC continuously monitors the full lifecycle of each task—from dispatch to on-chain confirmation—tracking statuses such as Pending, Confirmed, and Failed. By analyzing mempool depth and predicting block confirmations, it proactively identifies congestion or anomaly risks. In case of transaction failures (e.g., insufficient gas, contract errors), it performs automatic diagnostics to ensure verifiable consistency between user intent and on-chain behavior.

2. MPC Signature System

This module forms the security foundation of the Agent Wallet by integrating Trusted Execution Environments (TEE) with standardized threshold signature protocols to achieve end-to-end key protection and signing security. All private key shards are strictly stored within hardware-encrypted TEE environments, ensuring that signature computations occur entirely inside the CPU’s encrypted memory region, effectively isolating them from operating system-level attacks (such as kernel exploits or memory scraping).

Based on a (k, n) threshold signature scheme, the system splits the complete private key into multiple cryptographically invalid shards. A single shard cannot derive the original private key nor independently generate a valid signature. Only when distributed nodes collaboratively compute can a legitimate blockchain signature be produced—without reconstructing the full private key.

This architecture meets two core security principles:

• Zero Key Reconstruction: The complete private key never exists in full at any physical device or memory during its lifecycle.
• Dynamic Recoverability: If some key shards are lost (within the fault tolerance threshold), the system can securely regenerate new shards through cryptographic cooperation of the remaining shards, destroying the old ones to ensure asset control is never lost.

By combining hardware-level isolation with distributed cryptography, this design establishes an immutable security boundary for the Agent Wallet’s operations, safeguarding asset sovereignty even against advanced persistent threats (APT).

Additionally, OrcaMind Agent Wallet supports users holding and maintaining an MPC shard node themselves, participating in subsequent signing processes to enhance trustworthiness.

3.3 Agent Wallet Workflow

Phase 1: Account Initialization (First Use)

When a user launches and uses the Agent Wallet for the first time, the system executes a rigorous and automated account initialization process. The core goal of this process is to achieve reliable verification of the user’s digital identity, construct a cross-network agent account system, and securely manage keys—all under high security standards.

The entire process revolves around three key steps:

• Identity Binding: The first step is to establish a binding relationship between the user’s identity and the system. To achieve this, the Agent Wallet strictly adopts the industry-standard OIDC (OpenID Connect) protocol as the bridge. The user authorizes this by performing a simple signature verification on the interface. The management center parses and verifies the signature and its validity, then uses specific encryption algorithms to generate a globally unique identifier that uniquely represents the user. This globally unique identity is the cornerstone for all subsequent operations. It tightly links the user to their wallet activity and provides an immutable basis for future account management and audit tracing.

• Agent Account Generation: After successfully confirming the user identity, the signing system securely generates a set of cross-chain agent accounts using the MPC shard scheme. This process is collaboratively completed by a distributed, pre-configured network of MPC nodes operating within Trusted Execution Environments (TEE). Meanwhile, the management center associates the unique user identity from the previous step with this set of agent accounts.

• Secure Key Storage:The private key shards are fully stored within the TEE environment to ensure they are protected from unauthorized access or theft. This design fundamentally minimizes the risk of private key leakage or asset loss due to single points of failure.

Phase 2: Instruction Execution

When the user issues the command "Use addresses A1 and A2 to stake 0.5 ETH each on the contract 0xStake," the system securely and automatically executes the task through the following closed-loop process:

Semantic Parsing and Intent Packaging: The LLM engine parses the user's natural language instruction, identifies the operation type (agent_wallet_staking), and completes contextual parameters (address list, token amount, contract address). It then generates a structured operation framework and sends it to the SMOC.

Unified Scheduling and Task Decomposition

• Account Authentication: Verifies agent account ownership via the identifier and performs real-time OIDC credential validation to ensure operation legitimacy.
• Dynamic Asset Adaptation: Checks the Fund address balance and automatically swaps tokens to cover any ETH shortage.
• Intelligent Task Decomposition:
• → Subtask 1: Transfer 0.5 ETH from the Fund address to A1
• → Subtask 2: Transfer 0.5 ETH from the Fund address to A2
• → Subtask 3: A1 calls the deposit() method of the 0xStake contract
• → Subtask 4: A2 calls the deposit() method of the 0xStake contract
• (Task dependencies: staking can only proceed after transfers are completed)

Automated Transaction Construction and Signing

• Real-time Parameter Generation: Dynamically assigns Nonce based on on-chain status, optimizes Gas strategies, and constructs Calldata (e.g., ABI encoding for staking contracts).
• Distributed Secure Signing:
• The signing system initiates a collaborative signing request via encrypted channels to the MPC node cluster within the TEE environment. Each node computes partial signatures using private key shards in a hardware-isolated environment. The valid transaction signature is aggregated without reconstructing the private key.

Transaction Execution and Status Monitoring

• Broadcasts the signed transaction to the network and monitors the transaction pool depth and block confirmation status in real time.
• Tracks the full lifecycle on-chain (e.g., A1 transfer Pending → staking Confirmed). If any subtask fails (e.g., due to insufficient Gas), it automatically triggers rollback and sends alerts.
• Generates an operation log containing a complete evidence chain from LLM parsing to on-chain confirmation.

3.4 Agent Wallet Extensibility

Agent Wallet’s standardized and highly scalable architecture also provides a powerful integration gateway for third-party developers. Developers can create custom Agent Wallet tool logic tailored to specific business scenarios (such as cross-chain asset routing, customized DeFi strategies, on-chain governance automation, etc.). The integration process follows a streamlined approach:

1. Interface Compliance Implementation: Developers implement the core tool logic according to predefined protocol specifications, such as parsing specific instruction parameters and generating atomic operation steps.
2. Capability Registration: Tool metadata (function description, input/output formats, dependencies) is registered in the global scheduling directory of the SMOC (Smart Management & Orchestration Core).
3. Dynamic Workflow Injection: Within SMOC’s DAG scheduling framework, task decomposition rules are defined to map complex business flows into atomic nodes that call the custom tool.

Once integrated, developers empower users to drive custom workflows directly via natural language. This decoupled design allows third-party tools to leverage Agent Wallet’s secure foundation (TEE + MPC) and intelligent orchestration capabilities, significantly lowering the development barrier for complex on-chain operations.

Conclusion

By integrating large language models, Orcamind AI Agent Wallet transforms user commands into secure, automated operations. Its intelligent management and orchestration core (SMOC) dynamically decomposes tasks, optimizes Gas and Nonce parameters, and monitors the entire on-chain process in real time. At the same time, it ensures account security through TEE hardware isolation and MPC threshold signatures. Developers can also extend MCP Server tools via standardized interfaces, reusing its secure foundation and scheduling engine to build customized workflows. Ultimately, this enables users to drive complex on-chain interactions—such as multi-address staking and cross-chain asset routing—using natural language, eliminating the manual burdens of managing Gas, Nonce, and multi-chain assets, and becoming a truly autonomous on-chain execution agent.