The core is free and open source (Apache-2.0). Desktop app, agent runtime, CLI, and source code are free. The public relay is available for beta testing.

Where are my keys stored in DCP?

On your laptop. Encrypted with XChaCha20. Master key lives in your OS keychain. We never see your keys — they never leave your machine. DCP is fully non-custodial.

What is a multi-agentic wallet?

A multi-agentic wallet lets you set up one wallet and use it across multiple AI agents. DCP is the first multi-agentic wallet — connect Claude, Cursor, OpenClaw, and VPS bots to a single vault, control them all from one dashboard, and approve requests from your phone.

Can I use one wallet with multiple AI agents?

Yes. That's DCP's core feature. Set up your wallet once, then connect as many agents as you want — Claude, Cursor, OpenClaw, trading bots, custom agents. Each agent gets its own budget limit, but they all access your single secure vault.

Is DCP a Solana agentic wallet?

Yes. DCP functions as a Solana agentic wallet that lets AI agents request wallet actions with daily spending limits and phone-based approval. It also vaults API keys for services like OpenAI, Anthropic, Stripe, and GitHub.

Which blockchains does DCP support?

DCP supports Solana in the beta. You can generate a Solana wallet or import one. Keys are encrypted locally with XChaCha20. DCP is non-custodial — you control everything.

How do I control multiple AI agents from one place?

DCP gives you one dashboard to manage all your AI agents. See which agents are connected, what they're requesting, set per-agent budget limits, and approve or revoke access instantly. One wallet, one dashboard, total control.

How do AI agent spending limits work?

DCP lets you set daily budget caps for each agent. If an agent tries to spend more than the daily limit, the transaction is blocked. This prevents runaway spending from compromised or misbehaving agents. You can adjust limits anytime from the DCP dashboard.

What if my AI agent is hacked while I'm sleeping?

Worst case: attacker spends up to your daily cap before you wake up and revoke. Set the cap low enough that it's acceptable. That's the whole point of budget limits — capping maximum damage.

Is DCP better than .env files for AI agents?

Yes. With .env files, agents read your keys directly — one prompt injection leaks everything. DCP encrypts keys locally and requires phone approval for each access request. Agents never see raw keys — they only get results.

Can I store API keys like OpenAI and Anthropic in DCP?

Yes. Store any API key — OpenAI, Anthropic, Stripe, AWS, whatever. Your AI agents request access, you approve from your phone. The agent gets results, never the raw key.

Does DCP work with Claude, Cursor, and OpenClaw?

Yes. Claude Desktop, Cursor, VS Code, and other stdio MCP clients can run the DCP agent locally. OpenClaw and VPS agents use the remote installer and HTTP MCP. Custom runtimes can integrate through MCP or HTTP MCP.

How do I secure my OpenClaw agent with DCP?

Use the remote invite command from DCP Desktop. It installs the DCP agent service on your VPS, pairs it with your Desktop vault, and configures OpenClaw MCP when the install shape can be detected.

Is MCP server security a problem in 2026?

Yes. MCP servers have known vulnerabilities — over 42,000 exposed endpoints leaked credentials in early 2026, including CVE-2025-6514 (remote code execution). DCP adds a security layer: even if your MCP server is compromised, attackers can't access raw keys without phone approval.

How is DCP different from Infisical or VaultAgent?

DCP is local-first (keys never leave your device) with phone approval. Infisical and VaultAgent are cloud-based. DCP also handles crypto wallets — they don't. And DCP is free & open source.

How is DCP different from Turnkey or Cobo agentic wallet?

DCP is free and handles both crypto AND API keys. Turnkey and Cobo are enterprise-only, crypto-only, and Cobo holds a key share (MPC). DCP is fully non-custodial and local-first — you control everything.

What if my laptop is off?

Requests queue until you're back online. For 24/7 bots, just leave your laptop sleeping. No need to be unlocked.

Yes. The entire stack is open source under Apache-2.0. Self-host the relay if you want full control over your infrastructure.

Export your data, uninstall. Your wallets, keys, everything — yours. No lock-in, no data hostage.

MCP Tools Reference

Beta integrations should use DCP through MCP. The HTTP endpoint is streamable HTTP MCP, not a public REST API.

Endpoint

dcp-agent run --mode http-mcp --host 127.0.0.1 --port 8420
http://127.0.0.1:8420/mcp

Initialize With curl

curl -i -sS \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json, text/event-stream' \
  -X POST http://127.0.0.1:8420/mcp \
  --data '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"curl-test","version":"1.0.0"}}}'

Copy the returned mcp-session-id.

List Tools

curl -i -sS \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json, text/event-stream' \
  -H 'mcp-session-id: PASTE_SESSION_ID_HERE' \
  -X POST http://127.0.0.1:8420/mcp \
  --data '{"jsonrpc":"2.0","id":2,"method":"tools/list","params":{}}'

Tool Input Notes

chain is currently solana.
currency can be SOL, USDC, USDT, or 1LY.
1LY SPL mint: Aih3sbAbu39Yn7jB2Qf4btZ5eWtDGQJH2gMfC4qdBAGS.
Use identity.name for name and identity.email for email. Do not guess aliases.

Approval Behavior

Reads, writes, message signing, and transaction signing can require approval. The user can approve in DCP Desktop or Telegram. Small transactions may auto-approve if under the user's configured threshold.