How wallets give agents identity, payment authority, collateral, and a place in the settlement system.
A wallet is the economic identity of an agent or application.It gives software a public address, a way to authorize payments, and a
connection to collateral. In 4Mica, the wallet is how the protocol knows who is
paying, who should receive value, and which collateral belongs to each payer.This does not mean the wallet is the agent. The agent decides what work to do.
The wallet gives that agent a controlled way to participate economically.
Traditional internet payments assume a person has an account, opens a checkout
page, and approves a purchase. Agents make requests directly from software and
may use many services during one task.They need a payment identity that works without a browser session or a separate
account with every seller.A wallet provides that identity. It lets an agent:
identify itself as a payer
sign a payment guarantee
connect that guarantee to collateral
pay different compatible services from one economic position
appear in payment and audit records
receive value when acting as a seller
The wallet makes payment possible. It does not decide whether a payment is a
good idea. That decision still belongs to the agent’s policy.
A traditional bank account mainly stores and transfers value. A wallet does
that, but it also proves authorization.Every wallet has:
a public address that other systems can see
a signer that authorizes actions for that address
The address answers:
Which economic actor is involved?
The signature answers:
Did that actor authorize this specific action?
This combination is what makes a wallet useful for autonomous software. An
agent can prove authorization inside the same machine-readable flow it uses to
request a service.
These concepts work together, but they are not interchangeable.
Concept
Question it answers
Agent
What software is performing the task?
Wallet
Which economic identity pays or receives value?
Signer
What cryptographic authority approves an action?
Policy
Under which conditions may the signer be used?
Collateral
How much deferred payment capacity backs the wallet?
An agent can use a wallet without owning unrestricted control over it. For
example, an organization can place a signing service between the agent and the
wallet. The agent proposes a payment, policy checks it, and the signing service
authorizes only allowed requests.That separation is important. It changes the model from:
The agent has a key and can spend.
to:
The agent may request payment, and a controlled system decides whether to
sign.
See agent identity for the broader relationship between
identity, delegation, reputation, and credit.
The recipient wallet is the seller’s payTo address. It:
identifies who should receive value
appears in payment requirements
becomes part of the payer’s signed guarantee
receives settlement or default coverage
connects payment records to the seller
A single organization can operate both payer and recipient wallets. An agent
may buy data from one service, transform it, and sell the result to another
agent.
4Mica connects several records to wallet addresses:
collateral ownership
signed guarantees
payer and recipient relationships
clearing positions
settlement outcomes
withdrawals
This makes the wallet address a stable reference across the payment lifecycle.
But an address alone does not tell the full identity story.It does not automatically reveal:
which agent used it
which person or organization authorized the agent
what the agent was allowed to buy
why the payment happened
whether the seller is trustworthy
Applications must attach that context through policy, metadata, task records,
and identity systems.
Holding tokens in a wallet is not the same as having 4Mica payment capacity.The payer deposits a supported asset into the protocol’s collateral flow. Once
the deposit is finalized and recognized by Core, that collateral can back
payment guarantees.The wallet’s economic state can then be understood as:
State
Meaning
Total collateral
Finalized collateral attributed to the wallet
Locked collateral
Capacity reserved for unresolved obligations
Available capacity
Capacity that may support new guarantees
Pending deposit
Funds not yet finalized or synchronized
Pending withdrawal
Collateral requested for exit
Available capacity can also depend on collateral ratios and deployment policy.
It should not be treated as an application spending budget.The complete collateral lifecycle is covered in
deposits and withdrawals.
When an agent encounters a paid resource, the seller returns payment
requirements. These describe values such as the price, asset, network, and
recipient address.Before payment, the buyer application should:
verify the seller and route
check the amount against budget
confirm the network and asset
decide whether approval is required
create a unique request identifier
ask the signer to authorize the guarantee
The wallet signs structured claims that bind the payment to a specific:
payer
recipient
request
amount
asset
time
guarantee version
validation policy, for V2
Core verifies the signature and collateral before accepting the guarantee.Read transaction lifecycle for the exact guarantee
fields and states.
Keeping a private key secret is necessary, but it is not enough.A secure key can still authorize harmful payments if the system asks it to sign
without checking:
seller identity;
route and task context;
price;
network;
asset;
spending limits;
duplicate or suspicious requests.
Wallet security therefore has two layers:
Key security prevents unauthorized actors from using the signer.
Policy security prevents authorized software from signing an unwanted
action.
This is especially important for agents because they operate quickly and
without a person reviewing every payment.
A private key is one way to control a wallet. It is not the only way.Common signer models include:
Signer model
Typical use
Local private key
Disposable development wallet
Dedicated service key
Simple backend or low-risk agent
Hardware-backed signer
High-value actions with human involvement
MPC signer
Autonomous production systems with distributed control
Managed key service
Backend workloads that need policy, auditing, and recovery
Production systems should avoid exposing raw private keys to application code
where possible. The agent should never receive a private key or seed phrase in
its prompt or tool context.
A seed phrase may control multiple accounts. Never store one in source code,
logs, model context, frontend bundles, or ordinary application environment
variables.
An organization may run many agents without giving each one unrestricted wallet
control.Delegated authority can limit:
which sellers an agent may pay;
how much it may spend;
which networks and assets it may use;
how long its authority lasts;
whether a human must approve the payment;
which task or workload may request a signature.
This makes the signer a controlled capability rather than a shared secret.Delegation should always have a matching revocation path. If one agent behaves
unexpectedly, its authority should be removable without taking every other
agent offline.
A shared wallet can use collateral efficiently because many agents draw from
one position. However, one agent’s spending or failure can affect the capacity
available to all others.Applications using a shared wallet need strong internal attribution and limits.
Per-agent wallets provide clearer isolation, spending history, and revocation.
They also require more gas management, collateral allocation, and monitoring.
The right model balances capital efficiency against the cost of a compromised
or misconfigured agent.At minimum, never use the same wallet for development experiments and
production funds.
Collateral answers how much the protocol can trust the wallet to guarantee.
Application policy answers how much the agent should be allowed to spend.Those limits are not the same.A wallet might have $1,000 of available capacity while one agent is allowed
to spend only:
$0.10 per request;
$5 per task;
$20 per day;
only on approved data services;
only on Base using USDC.
Keeping policy limits below total wallet capacity reduces the effect of a bad
decision, compromised workload, or pricing error.See budgets and spending limits.
For sellers, a stable public wallet address helps buyers detect impersonation.The same payTo address should appear consistently in:
payment requirements;
API documentation;
marketplace and registry profiles;
support material;
internal settlement records.
If a recipient address changes, publish the change clearly. A careful buyer
should reject an unexpected address until it can be verified.See trust and legitimacy.
Signer rotation and wallet-address rotation solve different problems.Signer rotation changes the authority that controls future actions while
keeping the public wallet identity.Address rotation creates a new economic identity. It affects collateral,
allowlists, seller verification, payment requirements, and historical
reconciliation.Prefer signer rotation when the wallet address can remain secure. If the public
address changes, preserve old records and publish the new address through a
trusted channel.
