Skip to main content
npx enact-wallet init
Interactive setup that creates your wallet and authorizes an agent session on-chain. Run this once per project.

Options

npx enact-wallet init --no-env    # Print credentials to stdout instead of writing .env

What it does

1

Opens browser for wallet creation

Registers a passkey. Your Tempo account address is derived deterministically from the passkey public key. The private key never leaves your device’s secure enclave.
2

Fund your wallet

Displays your wallet address. Send stablecoins to the address and the CLI continues once funds arrive.
3

Configures the session

Prompts for spending limit (USD) and expiry (days).
4

Opens browser for passkey approval

The on-chain authorization of the access key requires a passkey signature from your root account. This is the only time your passkey is required after setup.
5

Writes .env

Credentials are written to .env in the current directory. Existing AGENT_* variables are replaced, other content is preserved.

Output

# Enact Agent Session — CLI Agent
AGENT_PRIVATE_KEY=0x...          # Access key private key
AGENT_ROOT_ADDRESS=0x...         # Your root wallet address
AGENT_ACCESS_KEY_ADDRESS=0x...   # The authorized access key address
AGENT_RPC_URL=https://...        # Tempo RPC endpoint
AGENT_CHAIN_ID=42431             # Chain ID (42431 = testnet)
AGENT_BUDGET_USD=100             # Spending limit set at session creation

Security model

  • Your root wallet private key is never stored anywhere
  • It is derived from your passkey on each use, inside your device’s secure enclave
  • AGENT_PRIVATE_KEY is an access key — a separate derived key with a hard spending limit enforced on-chain by Tempo’s Account Keychain precompile
  • If the access key is compromised, an attacker can only spend up to the remaining limit. They cannot access your root wallet or create new sessions.