Permission Model
Clawmmerce's permission system ensures your AI agent can act autonomously while you maintain full control over your funds.
Why This Matters
Giving an AI agent access to your crypto is powerful but risky. Without guardrails, a compromised agent (or a bad prompt) could drain your entire wallet.
Clawmmerce solves this by putting a permission layer between your agent and your funds. Your agent never has direct signing access — every transaction goes through your rules first.
The Three Tiers
Every transaction your agent attempts falls into one of three categories:
Transactions in this range execute immediately without any approval needed. Your agent can act fast on small trades.
Medium-value transactions require your explicit approval via passkey (fingerprint, Face ID, or security key). You get a notification and can approve or deny.
Transactions above your hard limit are automatically rejected. No approval possible. This is your safety net against catastrophic losses.
Example Configuration
With these settings, your agent can make trades up to $100 instantly, request approval for $100-$500, and anything over $500 is blocked entirely.
Additional Controls
Daily Limit
Cap total daily spending across all transactions. Even if individual transactions are small, this prevents runaway spending.
Chain Allowlist
Restrict your agent to specific networks (Base, Ethereum, etc.). Transactions on non-allowed chains are blocked.
Address Whitelist
Limit outbound transfers to specific addresses. Great for restricting withdrawals to your own wallets only.
Kill Switch
Instantly disable all agent access. Toggle off to freeze all activity immediately if something goes wrong.
How Passkey Approval Works
Agent requests transaction
Your agent tries to swap $250 of ETH → USDC
Permission check
$250 > $100 auto-approve limit → passkey required
You receive notification
Push notification / email with transaction details and approve link
Approve with passkey
Touch ID, Face ID, or security key confirms it's really you
Transaction executes
Swap goes through on-chain
💡 Best Practices
- •Start conservative: Set low limits initially, then increase as you gain confidence.
- •Use testnets first: Run strategies on Base Sepolia before mainnet.
- •Set daily limits: Even small auto-approved transactions can add up.
- •Review logs regularly: Check the transaction history for unexpected activity.
- •Use the kill switch: If anything seems off, disable agent access immediately.
Security Model
Your agent never has private keys. The wallet is managed by Turnkey, a secure key management system. Your passkey (stored on your device) is the only way to sign transactions above the auto-approve limit.
This means even if someone compromises your agent's API key, they can only spend up to your auto-approve limit. Anything larger requires physical access to your passkey device.
Trust model:
- Private keys secured by Turnkey (never exposed)
- Passkey stored on your device (biometric protected)
- Permission server enforces limits before signing
- Agent API key has no direct signing capability
Configure Your Permissions
Set up your spending limits, chain restrictions, and approval thresholds.
Open Permission Settings →