Solobank

Security

Last updated: March 29, 2026

Architecture

Solobank is fully non-custodial. The architecture is designed so that no server, API, or third party ever has access to your private keys or the ability to move your funds.

  • Local key generation solobank init generates a Solana keypair and stores it as a JSON file on your machine. The key never leaves your device.
  • Direct RPC — all blockchain interactions go directly from your machine to the Solana RPC endpoint. No proxy or relay server.
  • Local MCP server — the @solobank/mcp server runs as a local stdio process, not a network service. It is only accessible to the MCP client on your machine.

Agent safeguards

When an AI agent operates a wallet, spending controls are critical. Solobank provides configurable safeguards set during solobank init:

  • Per-transaction limit — maximum amount for a single send or swap operation.
  • Daily spending limit — cumulative cap on outgoing transactions within a 24-hour window.

These limits are enforced locally by the SDK before signing any transaction. They are a safety net, not a replacement for proper key management.

DeFi protocol risks

Solobank integrates with established DeFi protocols on Solana:

  • Jupiter — for token swaps and routing
  • Kamino — for lending and yield
  • marginfi — for lending, borrowing, and yield

These protocols carry inherent risks including smart contract bugs, oracle failures, and liquidity crises. Solobank does not audit these protocols. The protocol: 'auto' routing in the SDK selects by APY, not by risk profile. Users should assess protocol risks independently.

MPP payments

The solobank package implements the Machine Payments Protocol (MPP) for agent-to-API payments. The server-side verifies Solana transaction signatures directly against RPC token balance deltas — no trust assumptions beyond the blockchain itself.

Open source

All Solobank code is open source and available on GitHub. You can audit every line of code that touches your keys, builds transactions, or interacts with protocols. We encourage security review from the community.

Best practices

  • Keep your keypair file permissions restricted (chmod 600)
  • Use a dedicated wallet for agent operations — don't reuse your main wallet
  • Set conservative spending limits, especially during initial testing
  • Use a private or rate-limited RPC endpoint in production
  • Regularly monitor your wallet balance and transaction history on-chain
  • Keep Solobank packages updated to the latest version

Reporting vulnerabilities

If you discover a security vulnerability in any Solobank package, please report it responsibly via GitHub Issues or contact the maintainers directly. Do not disclose vulnerabilities publicly until a fix is available.

← Back to home