Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

SLK (Short Lived Keys)

Short Lived Keys allow AI agents to perform wallet operations autonomously within explicit limits.

An SLK is not a wallet key. It is a capability token issued by the TUI and checked on each MCP request.

Requesting an SLK

An agent calls request_slk with desired permissions. The request appears in the TUI’s Requests tab for human approval.

The operator can scope the SLK to specific wallets and address-book entries.

Permissions

  • can_balance — View wallet balances
  • can_receive — Get receive addresses
  • can_send — Send SOL
  • can_send_tokens — Send SPL tokens
  • can_swap — Swap tokens via DEX
  • can_sign — Sign messages

Constraints

  • Wallet scope — Which wallets are visible to the SLK
  • Address-book scope — Which contacts are visible to the SLK
  • max_amount_per_tx — Maximum SOL amount per send
  • total_amount — Total SOL budget
  • whitelist — Allowed recipient addresses for SOL sends
  • allowed_tokens / denied_tokens — Token-level allow or deny rules
  • token_constraints — Per-token send budgets
  • max_slippage_bps — Maximum allowed slippage for swaps
  • duration_secs — Expiry window

Revocation and inspection

  • get_slk_info returns status, budget, scope, and permissions
  • slk_revoke immediately revokes a token
  • revoked or expired SLKs are rejected without user interaction

When to use SLKs

Use an SLK when you want an agent to keep operating within a narrow boundary, for example:

  • checking balances periodically
  • sending capped payouts to a fixed whitelist
  • executing swaps with a strict slippage ceiling

If you do not need autonomy, skip SLKs and keep the default approval flow.