The permission layer for the agent economy
Give agent permissions.
Not keys.
Your agents need wallets, API keys, and credentials to do real work. DCP makes it happen — they ask, you tap once, they go.
Keys never leave your device
From your phone, anywhere
Set the max damage in advance
TradingAgent
wants to sign a transaction
Works with everything you already run.
Holds everything they ask for.
Your .env file is one prompt injection away from a bad day.
Every agent that needs a key today reads it from disk. One bad prompt, one compromised dep, one MCP server with a bug — and your wallet, your OpenAI bill, and your Stripe account go together.
Today
With DCP
Five minutes to install. Zero changes to your agents.
Add once. Use everywhere.
One DCP. Every agent you run. Rotate a key — every agent picks up the new one. Add a new agent tomorrow — it just works.
DCP
Your secrets, encrypted
Add once. Works everywhere.
Non-custodial wallet for AI agents on Solana.
One tap on your phone. That's it. Your agents work. Your keys stay home.
Non-custodial
Keys live on your laptop. Nobody else holds them.
Daily budgets
Hard caps per agent. DCP won't sign past them.
Auto-approve
Small moves go through. Big ones buzz your phone.
Activity log
Every signature logged. You always know what happened.
x402-ready
Pay any x402 service on Solana. No exposed keys.
DCP Agent
agent
OpenClaw
requests signature
How it works
From zero to secure in 4 steps
Solana Wallet
7xKp...3nMq
OpenAI API
sk-proj...8x2f
Anthropic
sk-ant...4k9p
One place for everything your agents ask for.
Crypto wallets. API keys. Identity data. Custom fields. Everything an agent might need to do real work — in one place, on your machine.
Crypto wallets
Solana wallets. Generate or import. Encrypted locally. Non-custodial.
API keys
OpenAI, Anthropic, Stripe, AWS...
Identity data
Passport, address, phone, email.
Custom fields
Whatever else your agents ask for.
Add once. Use everywhere.
When something goes wrong — and it will.
Most security tools fall apart the first time you're actually under attack. DCP is built for that moment.
Scenario: Your .env file leaks
You lose a budget. Not your wallet.
Different agents. Different rules.
Your trading agent signs Solana up to 2 SOL/day. Your research agent reads keys but signs nothing. Cursor gets exactly what it asks for and nothing it doesn't. You write the rules once. DCP enforces them forever.
Select an agent to see its permissions
TradingAgent
VPS trading agent
Read Only
Agent can read but not modify
Rate Limited
Daily spending caps
Full Access
Requires your approval
Five minutes from now, your agents stop holding your keys.
Download the desktop app, connect your agents, and you're ready to go.
Install the app
Download for your OS. Set password, write down recovery phrase.
Connect agents
Claude/Cursor: MCP. VPS: one command. Custom: HTTP MCP.
Run
Agent makes a request. Phone buzzes. Tap approve. Done.
For VPS/remote agents:
curl -fsSL https://dcpagent.com/install.sh | sudo bash -s -- 'dcp_vps_v1_...'FAQ
Honest answers. No marketing speak.
DCP runs on your laptop. Your AI agents — Claude, Cursor, OpenClaw, your VPS agents, anything that speaks MCP — connect to it instead of reading keys from .env. When they need to spend money or use a credential, they ask. You approve on your phone, or auto-approve under your daily cap. Keys never leave your machine.
Those tools give the agent its own wallet. DCP keeps the wallet on your laptop and lets the agent request to use it. Non-custodial by default. One DCP, every agent.
Because the worst-case blast radius should be your laptop, not someone else's customer list.
The core is free and open source (Apache-2.0). Desktop app, agent runtime, CLI, and source code are free. The public relay is available for beta testing.
On your laptop. Encrypted with XChaCha20. Master key lives in your OS keychain. We never see your keys — they never leave your machine.
A multi-agentic wallet lets you set up one wallet and use it across multiple AI agents. DCP is the first multi-agentic wallet — connect Claude, Cursor, OpenClaw, and VPS agents to a single vault, control them all from one dashboard, and approve requests from your phone.
Yes. That's DCP's core feature. Set up your wallet once, then connect as many agents as you want — Claude, Cursor, OpenClaw, trading agents, custom agents. Each agent gets its own budget limit, but they all access your single secure vault.
Yes — and only Solana. DCP is the agentic wallet for Solana AI agents: per-transaction phone approval, daily spending caps, scoped permissions per agent. Plus API key vaulting (OpenAI, Anthropic, Stripe) for any agent on any platform.
Solana. The beta is focused on one chain: generate or import a Solana wallet, keep it encrypted locally, and let agents request signing through DCP.
DCP gives you one dashboard to manage all your AI agents. See which agents are connected, what they're requesting, set per-agent budget limits, and approve or revoke access instantly. One wallet, one dashboard, total control.
Set daily budget caps for each agent. If an agent tries to spend more than the daily limit, the transaction is blocked. This prevents runaway spending from compromised or misbehaving agents. Adjust limits anytime.
Worst case: attacker spends up to your daily cap before you wake up and revoke. Set the cap low enough that it's acceptable. That's the whole point of budget limits.
Yes. With .env files, agents read your keys directly — one prompt injection leaks everything. DCP encrypts keys locally and requires phone approval for each access. Agents never see raw keys.
Yes. Store any API key — OpenAI, Anthropic, Stripe, AWS, whatever. Your AI agents request access, you approve from your phone. The agent gets results, never the raw key.
Yes. Claude Desktop, Cursor, VS Code, and other stdio MCP clients can run the DCP agent locally. OpenClaw and VPS agents use the remote installer and HTTP MCP.
Use the remote invite command from DCP Desktop. It installs the DCP agent service on your VPS, pairs it with your vault, and configures OpenClaw MCP when possible.
Yes. MCP servers have known vulnerabilities — over 42,000 exposed endpoints leaked credentials in 2026. DCP adds a security layer: even if your MCP server is compromised, attackers can't access raw keys.
DCP is local-first (keys never leave your device) with phone approval. Infisical and VaultAgent are cloud-based. DCP also handles crypto wallets — they don't. And DCP is free & open source.
DCP is free and handles both crypto AND API keys. Turnkey and Cobo are enterprise-only, crypto-only, and Cobo holds a key share. DCP is fully non-custodial — you control everything.
Requests queue until you're back online. For 24/7 agents, just leave your laptop sleeping. No need to be unlocked.
Use your 12-word recovery phrase. If you lost both, we can't help — we're not a custodian.
Yes. The entire stack is open source under Apache-2.0. Self-host the relay if you want full control.
Export your data, uninstall. Your wallets, keys, everything — yours. No lock-in, no data hostage.
How DCP compares
If you're choosing between agent wallets, here's the honest breakdown.
| Capability | DCP | Sponge | Coinbase AgentKit | Privy | Crossmint |
|---|---|---|---|---|---|
| Where keys live | Your laptop | Sponge servers | Coinbase | Privy servers | Crossmint |
| Custody | Non-custodial | Custodial | Custodial | Custodial | Custodial |
| One DCP, many agents | One wallet per agent | One wallet per agent | One wallet per agent | One wallet per agent | |
| Holds API keys too | |||||
| One-tap phone approval | Programmatic | Programmatic | Programmatic | Programmatic | |
| Works without an account | |||||
| Open source | Apache-2.0 | Partial (SDK) |
Different tools for different shapes of problem. DCP is the one where you keep the keys.
Take your keys back.
Free. Open source. Five minutes. Your agents keep working — they just stop holding your keys.