npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@suisei-mcp/agent-signer

v0.2.0

Published

Local, non-custodial signer for a Tier-1 Sui agent wallet. Generates and encrypts an agent keypair on the user's machine and signs tx bytes from @suisei-mcp/mcp. The key never leaves the host and never enters an agent's context.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

eieneleienel

Keywords

suiagentwalletsignernon-custodialmcp

Readme

@suisei-mcp/agent-signer

The non-custodial signer for a Tier-1 Sui agent wallet.

@suisei-mcp/mcp builds unsigned transaction bytes and never holds a key. This package is the one piece that does: it generates the agent's keypair, stores it encrypted on your machine, and signs builder bytes. The plaintext key is created here, used here, and never crosses a process boundary - it never travels through an MCP response or into an LLM's context.

What "Tier-1 agent wallet" means

A real Sui wallet the agent fully controls, funded with a small allowance. The agent can stake, transfer, swap - anything - but only up to its balance. Blast radius = what you fund. Refill to extend, sweep to revoke. Your main wallet is never touched: the agent has its own freshly-generated key, and your owner key stays in your real wallet.

Install

npm install -g @suisei-mcp/agent-signer

Use

Set a passphrase (encrypts the key at rest) and create the wallet:

export AGENT_WALLET_PASSPHRASE="something-long-and-private"
agent-signer create
# -> { "address": "0x...", "path": "~/.suisei/agent-wallet.json" }

Then the loop with Claude + the MCP:

  1. Ask the agent to fund it: it calls agent_wallet_fund (owner-signed) so your real wallet sends SUI to the agent address.
  2. Ask the agent to act, e.g. "stake 1 SUI to the top validator from my agent wallet" - it builds the tx and gives you tx_bytes_base64.
  3. Sign with the agent key:
    agent-signer sign <tx_bytes_base64>
# -> { "signature": "..." }
  4. Tell the agent to sui_execute_signed_tx with that signature.

To revoke, ask the agent for agent_wallet_sweep (drains the wallet back to you), sign it, submit, and stop funding.

You own the key - back it up or move it

The wallet isn't locked inside this tool. The private key is yours, encrypted under your passphrase, and you can take it out anytime:

agent-signer export
# -> { "address": "0x...", "secret_key": "suiprivkey1...", "warning": "..." }

That suiprivkey1... is a standard Sui secret. Import it into Sui Wallet, Suiet, or the CLI (sui keytool import "<suiprivkey1...>" ed25519) and you have the same wallet there. Back it up offline - anyone holding it controls the wallet.

Bring your own key instead of generating one:

agent-signer import "suiprivkey1..."

Because the key is exportable, losing the keystore file isn't fatal if you backed up the export. If you didn't and you lose the file or passphrase, the agent wallet is gone - but it only ever holds an allowance, so create a fresh one and refund. Your owner wallet is untouched.

Configuration

| Env / flag | Default | Meaning | | --- | --- | --- | | AGENT_WALLET_PASSPHRASE / --passphrase | - (required) | Encrypts/decrypts the key | | AGENT_WALLET_PATH / --path | ~/.suisei/agent-wallet.json | Keystore location |

Security model

  • Ed25519 key, sealed with AES-256-GCM under a scrypt-derived key (N=32768). Keystore written 0600.
  • Wrong passphrase -> decryption fails closed (GCM auth tag).
  • create/address emit only the public address; sign emits only a signature. The raw secret is revealed only by an explicit export (with a warning) - never incidentally, and never to the MCP or an agent.
  • Lose the keystore or passphrase and the agent wallet is gone - by design it holds only an allowance, so create a fresh one and refund. Your owner wallet (in your real wallet app) is unaffected.

This is Tier 1 of the agent-wallet design. On-chain policy limits (Tier 2) and a multisig co-signer (Tier 3) layer on top - see docs/AGENT_WALLET_DESIGN.md.

License

MIT.