1. Introduction

With the rise of large language models (LLM), interacting with blockchain through natural language has become an important development direction for Web3. Orcamind has launched the Orcamind AI Agent Wallet based on the Model Context Protocol (MCP). Unlike traditional wallets that passively respond to user commands, manage isolated addresses, and handle single transactions, the AI Agent Wallet breaks through the limitations of private key management and single transaction signing, focusing on providing users with secure, automated multi-chain operation capabilities. It offers users a simple, fast, and secure intelligent on-chain interaction solution. This article will delve into this innovative technical architecture, detailing its working principles, core advantages, and how it brings a safer and more convenient Web3 experience to users.

2. Core Concepts

Before diving into the architecture, we first need to understand two key concepts:

2.1 MCP (Model Context Protocol)

MCP (Model Context Protocol) is a standardized communication protocol in the AI field, aimed at solving the integration challenges between large models (LLM) and external data sources, tools, and services.

The protocol is divided into:

• MCP Client: User interaction terminals (such as Claude, Cursor, Orcamind App) that directly receive natural language commands from users, parse user intent through large language models, match corresponding tools, and extract the parameters required by the tools.

• MCP Server: Executes tool logic and provides feedback to the Client.

Developers can extend functionality by registering new Tools (such as staking, Dapp interaction) without modifying the core protocol. For the Orcamind App, the MCP service acts as a bridge connecting the language model and blockchain interaction.

2.2 AI Agent Wallet

The AI Agent Wallet is a smart wallet app proposed by Orcamind, backed by a trusted backend agent. Connected through MCP services and LLM, users can issue commands in natural language that directly drive the Agent Wallet to automatically execute a series of complex on-chain operations (such as transfers, contract interactions) while ensuring asset security, without the need for cumbersome signing operations or understanding the underlying technical details of the blockchain.

3. Agent Wallet Technical Architecture

3.1 MCP

In the MCP framework, the Agent Wallet operates as an independent MCP Server, providing a dedicated toolkit for wallet operations. Once user commands are parsed by the model, the MCP routing layer will call the corresponding tools based on parameters, initially breaking down the command task (Job) into finer-grained Tasks and submitting them to the Agent Wallet for subsequent operations.

3.2 Agent Wallet

The Agent Wallet serves as the core execution engine of the blockchain proxy wallet, employing a modular design to achieve a full-link closed loop of account proxying, task scheduling, and secure signing. Its architecture consists of two core modules that work together through standardized interfaces:

1. Smart Management & Orchestration Core (SMOC)

The Smart Management & Orchestration Core centrally manages the global account system and task flow, ensuring that commands issued by users in natural language can be accurately and securely transformed into on-chain operations. Its core capabilities integrate account governance and task scheduling, and this module includes the following features:

• Unified Account Governance

Based on the OIDC protocol, a strong binding relationship is established between user identity and multi-chain proxy accounts. SMOC performs real-time credential verification before each operation to avoid the risk of account hijacking. At the same time, through dynamic account abstraction technology, a single user identity is mapped to proxy addresses across different blockchains (such as EVM, Solana), providing a unified entry for multi-chain operations and hiding the complexity of the underlying chains.

• Intelligent Asset Adaptation

Users only need to deposit a single mainstream token (such as USDC or ETH), and SMOC will automatically analyze operational needs before task execution, dynamically exchanging for the required assets, including the native token of the target chain (such as ETH, SOL) and specific tokens required for DApp interactions (such as Uniswap's WETH), ensuring seamless execution flow and relieving users from the cumbersome operations of manual exchanges and deposits of corresponding tokens.

• Intelligent Task Scheduling

For the parsed task flow, SMOC intelligently breaks down complex operations into atomic sub-tasks through a DAG scheduler, dynamically managing dependencies and execution sequences between tasks, and supporting automatic rollback on failure and breakpoint continuation capabilities. Once tasks are ready, it automatically executes key preprocessing operations, including dynamically allocating Nonce sequences, real-time optimizing Gas strategies, and accurately constructing cross-chain Calldata to maximize execution efficiency and success rates.

• Full-Link Execution Monitoring

SMOC monitors the entire lifecycle status from task issuance to on-chain confirmation (Pending/Confirmed/Failed) in real-time, actively identifying congestion or abnormal risks by combining transaction pool depth analysis and block confirmation prediction. When a transaction fails, it automatically diagnoses the issue (such as insufficient Gas, contract execution failure) to ensure verifiable consistency between user intent and on-chain operations.

2. MPC Signing System

This module builds the security foundation for the proxy wallet by integrating Trusted Execution Environment (TEE) and standardized threshold signature protocols, achieving end-to-end key protection and signing security. All private key shards are strictly stored in a hardware-encrypted TEE environment, ensuring that signing calculations are completed entirely within the CPU's encrypted memory area, completely isolating against operating system-level attack threats (such as kernel vulnerabilities, memory scraping). Based on the (k,n) threshold signature mechanism, the system splits the complete private key into multiple cryptographically invalid shards, where a single shard cannot derive the original private key or independently generate a valid signature. Only when distributed nodes collaborate can a legitimate blockchain signature be generated without reconstructing the private key. This architecture meets two core security features:

1. Zero Reconstruction Principle: The complete private key has never appeared and will never appear on any physical device or memory during its lifecycle;

2. Dynamic Recoverability: When some private key shards are accidentally lost (not exceeding the fault tolerance threshold), the system can securely reconstruct new shards and destroy old ones through cryptographic collaboration of the remaining shards, ensuring that asset control is never lost.

This design, which combines hardware-level isolation with distributed cryptography, establishes an immutable security boundary for the proxy wallet's operations, ensuring asset sovereignty even in the face of advanced persistent threats (APT).

Additionally, the Orcamind Agent Wallet also supports users holding and maintaining an MPC shard node to jointly participate in subsequent signing processes, providing higher credibility.

3.3 AI Agent Wallet Workflow

Phase 1: Account Initialization (First Use)

When a user first starts and uses the smart agent wallet (Agent Wallet), the system will execute a rigorous and automated account initialization process. The core goal of this process is to reliably verify the user's digital identity, build a cross-network proxy account system, and securely manage keys under high-security standards. The entire process revolves around three key links:

1. Identity Binding:

The first step in initialization is to establish a relationship between the user identity and the system. To this end, the Agent Wallet strictly adopts the industry-standard OIDC (OpenID Connect) protocol as a bridge. Users can complete the operation by performing simple signature authentication on the page. After parsing and verifying the signature and validity, the management center will generate an identifier that uniquely represents the user through specific encryption algorithms. This globally unique identity identifier is the cornerstone of all subsequent operations, tightly binding the user to their wallet activities and providing an immutable basis for future account management and audit tracing.

2. Proxy Account Generation:

After successfully establishing the user identity, the signing system will securely generate a set of cross-chain proxy accounts using the MPC shard scheme. This process will be collaboratively completed through a distributed, pre-configured network of MPC nodes. These nodes participate in shard calculations within the TEE environment. Meanwhile, the management center will establish a corresponding association between the uniquely generated user identity identifier and this set of proxy accounts.

3. Secure Key Storage:

Private key shards will be completely stored in the TEE environment to ensure they are not illegally accessed or stolen, fundamentally minimizing the risk of private key leakage or single points of failure leading to asset loss.

Phase 2: Command Execution

When a user issues the command "Use addresses A1 and A2 to stake 0.5 ETH to contract 0xStake," the system achieves secure automated execution through the following closed-loop process:

1. Semantic Parsing and Intent Packaging

The LLM engine parses the user's natural language command, identifies the operation type (agentwalletstaking), and completes the contextual parameters (address list, token amount, contract address), generating a structured operation framework to be transmitted to SMOC.

2. Unified Scheduling and Task Breakdown

• Account Authentication: Verifies proxy account ownership through the identifier, executing OIDC real-time credential verification to ensure the legality of the operation.

• Dynamic Asset Adaptation: Checks the Fund address balance; if ETH is insufficient, it automatically exchanges to make up the difference.

• Intelligent Task Breakdown:

→ Subtask 1: Transfer 0.5 ETH from Fund address to A1
→ Subtask 2: Transfer 0.5 ETH from Fund address to A2
→ Subtask 3: A1 calls the deposit() method of the 0xStake contract
→ Subtask 4: A2 calls the deposit() method of the 0xStake contract
(Task dependency: Staking can only occur after the transfers are completed)

3. Automated Transaction Construction and Signing

• Real-time parameter generation: Dynamically allocate Nonce, optimize Gas strategy, and construct Calldata (such as ABI encoding for the staking contract) based on on-chain status.

• Distributed secure signing: The signing system initiates a collaborative signing request to the MPC node cluster in the TEE environment through an encrypted channel, where each node calculates partial signatures using private key shards in a hardware-isolated environment, ultimately aggregating valid transaction signatures without reconstructing the private key.

3. Transaction Execution and Status Monitoring

• Broadcast the signed transaction to the network, monitoring transaction pool depth and block confirmation status in real-time.

• Full-link tracking of the lifecycle (e.g., A1 transfer Pending → Staking Confirmed); if a subtask fails (e.g., insufficient Gas), automatically trigger a rollback and alert.

• Generate operation logs, including the complete evidence chain from LLM parsing to on-chain confirmation.

3.4 Agent Wallet Extensibility

The Agent Wallet, through its standardized and highly extensible architectural design, also provides a powerful functional integration entry point for third-party developers. Developers can implement custom Agent Wallet tool logic based on business scenario needs (such as cross-chain asset routing, customized DeFi strategies, on-chain governance automation, etc.). The tool only needs to follow the following simplified integration path:

1. Interface compliance implementation: Developers implement the core logic of the tool according to the predefined protocol specifications, such as parsing specific command parameters and generating atomic operation steps;

2. Capability registration declaration: Register the tool metadata (function description, input/output format, dependent resources) in the global scheduling directory of SMOC (Smart Management & Orchestration Core);

3. Dynamic process injection: Define task breakdown rules in the DAG scheduling framework of SMOC, mapping complex business flows into atomic nodes that can call the tool.

Once integrated, developers can empower users to directly drive custom processes through natural language. This decoupled design allows third-party tools to reuse the security foundation (TEE + MPC) and intelligent scheduling capabilities of the Agent Wallet, significantly lowering the development threshold for complex on-chain operations.

4. Conclusion

By combining large language models, the Orcamind AI Agent Wallet can transform user commands into secure automated operations. Its Smart Management & Orchestration Core (SMOC) dynamically breaks down tasks, optimizes Gas/Nonce parameters, and monitors the full-link status in real-time, while ensuring account security through TEE hardware isolation and MPC threshold signing. Additionally, developers can extend the MCP Server tools through standardized interfaces, reusing its security foundation and scheduling engine to build customized processes, ultimately allowing users to drive complex on-chain interactions (such as multi-address staking and cross-chain asset routing) with natural language, completely eliminating the manual management burden of Gas, Nonce, and multi-chain assets, becoming a truly autonomous on-chain execution agent.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。