Skip to main content
WalletSuite LogoWalletSuite
DAO labs · treasury ops

Governed agent wallets for DAO treasury ops

Agent-driven treasury moves with an exportable JSONL audit trail. Self-hosted — keys never leave your infrastructure.

Book 20 minRead the security model
Labs agent · .mcp.json
read + prepare + sign, OWS agent
{
  "mcpServers": {
    "walletsuite": {
      "command": "walletsuite-mcp",
      "env": {
        "WALLETSUITE_API_KEY": "$WALLETSUITE_API_KEY",
        "MCP_BANDS": "read,prepare,sign",
        "OWS_ENABLED": "true",
        "OWS_AUTH_MODE": "agent",
        "OWS_AGENT_TOKEN": "$LABS_AGENT_TOKEN"
      }
    }
  }
}
§ 01Problem

Forum-first governance, self-custody non-negotiable

Labs entities adjacent to DAOs run internal tooling for treasury operations, SubDAO automation, and validator ops. Governance cultures are forum-first: every automated move is retrospectively reviewable by a DAO, often by outside parties. Self-custody is a hard requirement — no third party can hold keys, and no third party can retain transaction metadata.

Most agent-wallet infrastructure fails one of those constraints. Hosted services retain metadata on the vendor side. Shared policy engines log to a vendor SIEM. Neither shape fits a labs entity that needs to defend every automated move on a public forum weeks later.

Band filtering scopes agent capability at the tool-visibility layer. Policy gates enforce declarative rules — chain allowlist, expiry, per-agent scope. The audit trail lands at ~/.walletsuite/audit-trail.jsonl: hash-chained, append-only, single-writer, local to the host. No third-party collector receives a byte. The JSONL is directly exportable for DAO forum posts, SIEM ingestion, or external governance review.

§ 02Pattern

Self-hosted OWS, scoped agent tokens

Self-hosted MCP server, OWS agent mode. The owner (a labs engineer or ops lead) bootstraps the vault interactively and generates scoped agent tokens bound to specific wallets and policies. Each agent process runs with its own token, its own band cap, and its own policy set. Keys stay in the OWS vault on your infra, AES-256-GCM encrypted at rest, decrypted in-memory only during a signing call.

Invariant
Ownership of the vault, the passphrase, and the tokens stays with the labs team. WalletSuite is infrastructure running in your environment, not a hosted service reading transaction metadata. The audit trail is a governance artifact produced by design, not bolted on.
§ 03What this unblocks

Three properties that drop out of the pattern.

  1. 01
    Every agent-initiated action is signed, policy-evaluated, and traceable to a specific agent token.
  2. 02
    The audit trail is directly exportable to a DAO forum post as JSONL — no transformation, no vendor-side extraction.
  3. 03
    Self-hosted OWS satisfies the no-third-party-key-custody requirement without an MPC or TEE dependency.
Design partner program

Now reviewing a limited number of design partners.

Book 20 minOr email us
See all use cases