You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: skills/metamask-agent-wallet/references/auth.md
+30-1Lines changed: 30 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,30 @@ Use these commands to initialize wallet mode, sign in, inspect authentication st
4
4
5
5
## `init` Command
6
6
7
-
Initialize the project by selecting wallet mode and trading mode.
7
+
Initialize the project by selecting a wallet mode and trading mode.
8
+
9
+
Wallet modes:
10
+
11
+
1. Server wallet — Keys are managed and secured server-side. Agents can't access your main wallet. You can define policy controls like outflow limits and protocol whitelists.
12
+
2. Bring your own wallet — Import a seed phrase. Optionally, encrypt on-device with a password. You approve every transaction with your password if encrypted.
13
+
14
+
Trading modes (server wallet only):
15
+
16
+
1. Guard mode — Guardrails keep the agent in check. Human approval (2FA) is required for agent wallet transactions outside your policies.
17
+
- Guardrails:
18
+
- Security check
19
+
- Whitelisted protocols
20
+
- Outflow limit (rolling 24h)
21
+
- Approval required:
22
+
- Malicious transactions
23
+
- Protocols not in whitelist
24
+
- Raising outflow limit
25
+
26
+
2. Beast mode — For traders who understand the risks. The agent acts on its own, except when a transaction is flagged as malicious.
27
+
- Guardrails:
28
+
- Security check
29
+
- Approval required:
30
+
- Malicious transactions
8
31
9
32
### Syntax
10
33
@@ -58,6 +81,12 @@ mm-dev init show
58
81
59
82
Sign in to the CLI. Defaults to QR / browser flow.
60
83
84
+
Sign-in options:
85
+
86
+
1. Sign in with MetaMask Mobile — Scan the QR code with MetaMask Mobile. The CLI can only access your agent wallet. Approval requests are sent to MetaMask Mobile.
87
+
2. Sign in with Google — Approval requests are sent to your email.
88
+
3. Sign in with email — Approval requests are sent to your email.
|`--chain-namespace`| No | Wallet chain namespace: `evm` (EIP-155) or `solana` (allowed: `evm`, `solana`) |
20
36
|`--name`| No | Display name for the wallet |
21
-
|`--trading-mode`| No | Trading mode for server wallets: `guard`(enforces outflow/whitelist policies) or `beast` (skips policy checks). Only applies to server-wallet mode (allowed: `guard`, `beast`) |
37
+
|`--trading-mode`| No | Trading mode for server wallets: `guard` or `beast`. Only applies to server-wallet mode (allowed: `guard`, `beast`) |
22
38
|`--password`| No | Password to unlock the BYOK mnemonic (BYOK mode only) [env: `MM_PASSWORD`]|
Copy file name to clipboardExpand all lines: skills/metamask-agent-wallet/workflows/onboarding.md
+4-9Lines changed: 4 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -22,8 +22,9 @@ If this fails, the CLI is not installed. Guide the user to install it before pro
22
22
23
23
## Login Flow
24
24
25
-
Ask the user which login method they want to use: Google, Email, or QR.
26
-
QR login (`mm-dev login qr`) does not support `--no-wait`. If the user wants QR, they must complete the onboarding flow themselves.
25
+
Present the sign-in options to the user. See `references/auth.md` for option details.
26
+
27
+
QR login (`mm-dev login qr`) does not support `--no-wait`. If the user selects QR, they must complete the login flow in the browser.
27
28
28
29
### Login
29
30
@@ -50,13 +51,7 @@ First check if the project is already initialized:
50
51
mm-dev init show
51
52
```
52
53
53
-
If already initialized, skip this step. Otherwise, ask the user which wallet mode they want:
54
-
-`server-wallet` (recommended) — keys are hosted by MetaMask infrastructure. No need to manage private keys or mnemonics.
55
-
-`byok` — bring your own mnemonic. The user manages their own keys locally.
56
-
57
-
Ask the user which trading mode they want (server-wallet only):
58
-
-`guard` — enforces outflow and whitelist policies. When a policy is violated, the CLI requires MFA confirmation before proceeding.
59
-
-`beast` — skips all policy checks and confirmations. Useful for scripting or experienced users who want faster execution.
54
+
If already initialized, skip this step. Otherwise, ask the user to provision an agent wallet and select a trading mode. See `references/auth.md` for wallet mode and trading mode details.
Copy file name to clipboardExpand all lines: skills/metamask-agent-workflows/workflows/login.md
+8-2Lines changed: 8 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,13 +6,19 @@ Reference command syntax in `references/auth.md`.
6
6
7
7
## Flow
8
8
9
-
1.Ask the user which login method they want: Google, Email, or QR.
9
+
1.Present login options with descriptions.
10
10
2. Execute login.
11
11
3. Verify with token.
12
12
13
13
## Login
14
14
15
-
QR login (`mm-dev login qr`) does not support `--no-wait`. If the user wants QR, they must complete the login flow themselves.
15
+
Present the following sign-in options to the user:
16
+
17
+
1. Sign in with MetaMask Mobile — Scan the QR code with MetaMask Mobile. The CLI can only access your agent wallet. Approval requests are sent to MetaMask Mobile.
18
+
2. Sign in with Google — Approval requests are sent to your email.
19
+
3. Sign in with email — Approval requests are sent to your email.
20
+
21
+
QR login (`mm-dev login qr`) does not support `--no-wait`. If the user selects QR, they must complete the login flow in the browser.
Copy file name to clipboardExpand all lines: skills/metamask-agent-workflows/workflows/onboarding.md
+35-8Lines changed: 35 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -22,8 +22,13 @@ If this fails, the CLI is not installed. Guide the user to install it before pro
22
22
23
23
## Login Flow
24
24
25
-
Ask the user which login method they want to use: Google, Email, or QR.
26
-
QR login (`mm-dev login qr`) does not support `--no-wait`. If the user wants QR, they must complete the onboarding flow themselves.
25
+
Present the following sign-in options to the user:
26
+
27
+
1. Sign in with MetaMask Mobile — Scan the QR code with MetaMask Mobile. The CLI can only access your agent wallet. Approval requests are sent to MetaMask Mobile.
28
+
2. Sign in with Google — Approval requests are sent to your email.
29
+
3. Sign in with email — Approval requests are sent to your email.
30
+
31
+
QR login (`mm-dev login qr`) does not support `--no-wait`. If the user selects QR, they must complete the login flow in the browser.
27
32
28
33
### Login
29
34
@@ -50,13 +55,28 @@ First check if the project is already initialized:
50
55
mm-dev init show
51
56
```
52
57
53
-
If already initialized, skip this step. Otherwise, ask the user which wallet mode they want:
54
-
-`server-wallet` (recommended) — keys are hosted by MetaMask infrastructure. No need to manage private keys or mnemonics.
55
-
-`byok` — bring your own mnemonic. The user manages their own keys locally.
58
+
If already initialized, skip this step. Otherwise, ask the user to provision an agent wallet:
59
+
60
+
1. Server wallet — Keys are managed and secured server-side. Agents can't access your main wallet. You can define policy controls like outflow limits and protocol whitelists.
61
+
2. Bring your own wallet — Import a seed phrase. Optionally, encrypt on-device with a password. You approve every transaction with your password if encrypted.
62
+
63
+
If the user selects `server-wallet`, ask them to choose an operating mode:
56
64
57
-
Ask the user which trading mode they want (server-wallet only):
58
-
-`guard` — enforces outflow and whitelist policies. When a policy is violated, the CLI requires MFA confirmation before proceeding.
59
-
-`beast` — skips all policy checks and confirmations. Useful for scripting or experienced users who want faster execution.
65
+
1. Guard mode — Guardrails keep the agent in check. Human approval (2FA) is required for agent wallet transactions outside your policies.
66
+
- Guardrails:
67
+
- Security check
68
+
- Whitelisted protocols
69
+
- Outflow limit (rolling 24h)
70
+
- Approval required:
71
+
- Malicious transactions
72
+
- Protocols not in whitelist
73
+
- Raising outflow limit
74
+
75
+
2. Beast mode — For traders who understand the risks. The agent acts on its own, except when a transaction is flagged as malicious.
76
+
- Guardrails:
77
+
- Security check
78
+
- Approval required:
79
+
- Malicious transactions
60
80
61
81
Server wallet:
62
82
@@ -102,3 +122,10 @@ Confirm the session is authenticated, the wallet mode is correct, and the token
102
122
```bash
103
123
mm-dev wallet address
104
124
```
125
+
126
+
## Get started
127
+
128
+
After setup completes, prompt the user with the following next steps:
129
+
130
+
- To view wallet details, run `wallet address` or `wallet balance`.
131
+
- Transfer funds to this wallet address to start trading (skip if you already have a balance).
0 commit comments