Back to Details

wallets

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Wallets on Ethereum

以太坊钱包

What You Probably Got Wrong

你可能误解的几个点

EIP-7702 is live. Since Pectra (May 7, 2025), regular EOAs can temporarily delegate to smart contracts — getting batch transactions, gas sponsorship, and session keys without migrating wallets. This is NOT "coming soon." It shipped.
Account abstraction status: ERC-4337 is growing but still early (Feb 2026). Major implementations: Kernel (ZeroDev), Biconomy, Alchemy Account Kit, Pimlico. EntryPoint v0.7: 
0x0000000071727De22E5E9d8BAf0edAc6f37da032
.
Safe secures $100B+. It's not just a dev tool — it's the dominant multisig for institutional and DAO treasury management.
EIP-7702已正式上线。 自Pectra升级(2025年5月7日)以来,普通EOA可以临时将权限委托给智能合约——无需迁移钱包即可实现批量交易、Gas赞助和会话密钥功能。这不是“即将推出”,而是已经正式发布。
账户抽象现状: ERC-4337正在发展但仍处于早期阶段(2026年2月)。主要实现方案包括:Kernel(ZeroDev)、Biconomy、Alchemy Account Kit、Pimlico。EntryPoint v0.7地址:
0x0000000071727De22E5E9d8BAf0edAc6f37da032
Safe管理着超1000亿美元资产。 它不只是开发者工具——而是机构和DAO财库管理的主流多签钱包。

EIP-7702: Smart EOAs (Live Since May 2025)

EIP-7702:智能EOA(2025年5月已上线)

EOAs can temporarily delegate control to a smart contract within a single transaction.
How it works:
  1. EOA signs an authorization to delegate to a contract
  2. During transaction, EOA's code becomes the contract's code
  3. Contract executes complex logic (batching, sponsorship, etc.)
  4. After transaction, EOA returns to normal
What this enables:
  • Batch 10 token approvals into one transaction
  • Gas sponsorship / meta-transactions for EOA users
  • Session keys with limited permissions
  • Custom authorization logic
  • Eliminates "approval fatigue" (approve + execute → one step)
Status (Feb 2026): Deployed on mainnet. MetaMask, Rainbow adding support. Still early for production agents — use standard EOAs or Safe until tooling matures.
EOA可以在单笔交易内临时将控制权委托给智能合约
工作原理:
  1. EOA签署授权协议,将权限委托给合约
  2. 交易执行期间,EOA的代码将替换为合约代码
  3. 合约执行复杂逻辑(批量操作、Gas赞助等)
  4. 交易完成后,EOA恢复正常状态
可实现的功能:
  • 将10次代币授权合并为一笔交易
  • 为EOA用户提供Gas赞助/元交易
  • 带有限定权限的会话密钥
  • 自定义授权逻辑
  • 消除“授权疲劳”(授权+执行→一步完成)
现状(2026年2月): 已部署在主网。MetaMask、Rainbow正在添加支持。对于生产环境的Agent来说仍处于早期阶段——在工具成熟前,建议使用标准EOA或Safe。

Safe (Gnosis Safe) Multisig

Safe(Gnosis Safe)多签钱包

Key Addresses (v1.4.1, deterministic across chains)

关键地址(v1.4.1,跨链地址一致)

ContractAddress
Safe Singleton
0x41675C099F32341bf84BFc5382aF534df5C7461a
Safe Proxy Factory
0x4e1DCf7AD4e460CfD30791CCC4F9c8a4f820ec67
MultiSend
0x38869bf66a61cF6bDB996A6aE40D5853Fd43B526
Same addresses on Mainnet, Arbitrum, Base, and all major chains.
合约地址
Safe Singleton
0x41675C099F32341bf84BFc5382aF534df5C7461a
Safe Proxy Factory
0x4e1DCf7AD4e460CfD30791CCC4F9c8a4f820ec67
MultiSend
0x38869bf66a61cF6bDB996A6aE40D5853Fd43B526
上述地址在以太坊主网、Arbitrum、Base及所有主流链上保持一致。

Safe for AI Agents

面向AI Agent的Safe使用方案

Pattern: 1-of-2 Safe
  • Owner 1: Agent's wallet (hot, automated)
  • Owner 2: Human's wallet (cold, recovery)
  • Threshold: 1 (agent can act alone)
Benefits: If agent key is compromised, human removes it. Human can always recover funds. Agent can batch transactions.
模式:1-of-2多签配置
  • 所有者1:Agent的钱包(热钱包,自动化操作)
  • 所有者2:人类的钱包(冷钱包,用于恢复)
  • 阈值:1(Agent可独立操作)
优势:如果Agent密钥泄露,人类可移除该密钥。人类始终可以恢复资金。Agent可执行批量交易。

🚨 NEVER COMMIT SECRETS TO GIT

🚨 绝对不要将密钥提交到Git

This is the #1 way AI agents lose funds and leak credentials. Bots scrape GitHub in real-time and exploit leaked secrets within seconds — even from private repos, even if deleted immediately. A secret committed to Git is compromised forever.
This happens constantly with AI coding agents. The agent generates a deploy script, hardcodes a key, runs 
git add .
, and the wallet is drained before the next prompt. Or the agent pastes an Alchemy API key into 
scaffold.config.ts
and it ends up in a public repo.
This applies to ALL secrets:
  • Wallet private keys — funds drained instantly
  • API keys — Alchemy, Infura, Etherscan, WalletConnect
  • RPC URLs with embedded keys
    https://base-mainnet.g.alchemy.com/v2/YOUR_KEY
  • OAuth tokens, bearer tokens, passwords
这是AI Agent丢失资金和泄露凭证的头号原因。 机器人会实时爬取GitHub,在数秒内利用泄露的密钥——即使是私有仓库,即使立即删除,也无济于事。提交到Git的密钥会永远处于泄露状态。
这种情况在AI编码Agent中频繁发生。 Agent生成部署脚本,硬编码密钥,执行
git add .
,钱包在下次提示前就会被掏空。或者Agent将Alchemy API密钥粘贴到
scaffold.config.ts
中,最终流入公开仓库。
这适用于所有机密信息:
  • 钱包私钥——资金会立即被转走
  • API密钥——Alchemy、Infura、Etherscan、WalletConnect
  • 嵌入密钥的RPC URL——
    https://base-mainnet.g.alchemy.com/v2/YOUR_KEY
  • OAuth令牌、Bearer令牌、密码

Prevention

预防措施

bash
undefined
bash
undefined

.gitignore (MUST exist in every project)

.gitignore(每个项目必须包含)

.env .env.* *.key *.pem broadcast/ cache/

```bash
.env .env.* *.key *.pem broadcast/ cache/

```bash

Verify before every commit

每次提交前验证

git diff --cached --name-only | grep -iE '.env|key|secret|private'
git diff --cached --name-only | grep -iE '.env|key|secret|private'

If this matches ANYTHING, stop and fix it

如果有匹配结果,立即停止并修复

Nuclear option: scan entire repo history

终极方案:扫描整个仓库历史

git log --all -p | grep -iE 'private.?key|0x[a-fA-F0-9]{64}'
undefined
git log --all -p | grep -iE 'private.?key|0x[a-fA-F0-9]{64}'
undefined

If You Already Committed a Key

如果你已经提交了密钥

  1. Assume it's compromised. Don't hope nobody saw it.
  2. Transfer all funds immediately to a new wallet.
  3. Rotate the key. Generate a new one. The old one is burned forever.
  4. Clean Git history with 
    git filter-repo
    or BFG Repo Cleaner — but this is damage control, not prevention. The key is already compromised.
  5. Revoke any token approvals from the compromised address.
  1. 假设密钥已泄露。 不要抱有侥幸心理。
  2. 立即转移所有资金到新钱包。
  3. 轮换密钥。 生成新密钥,旧密钥彻底作废。
  4. 清理Git历史——使用
    git filter-repo
    或BFG Repo Cleaner,但这只是事后补救,密钥已经泄露。
  5. 撤销泄露地址的所有代币授权。

Safe Patterns for AI Agents

面向AI Agent的安全使用模式

bash
undefined
bash
undefined

Load key from environment (NEVER hardcode)

从环境变量加载密钥(绝对不要硬编码)

cast send ... --private-key $DEPLOYER_PRIVATE_KEY
cast send ... --private-key $DEPLOYER_PRIVATE_KEY

Or use encrypted keystore

或使用加密密钥库

cast send ... --keystore ~/.foundry/keystores/deployer --password-file .password
cast send ... --keystore ~/.foundry/keystores/deployer --password-file .password

Or use hardware wallet

或使用硬件钱包

cast send ... --ledger

**Rule of thumb:** If `grep -r "0x[a-fA-F0-9]{64}" .` matches anything in your source code, you have a problem. Same for `grep -r "g.alchemy.com/v2/[A-Za-z0-9]"` or any RPC URL with an embedded API key.
cast send ... --ledger

**经验法则:** 如果`grep -r "0x[a-fA-F0-9]{64}" .`在你的源代码中匹配到任何内容,说明存在问题。`grep -r "g.alchemy.com/v2/[A-Za-z0-9]"`或任何嵌入API密钥的RPC URL也是如此。

CRITICAL Guardrails for AI Agents

AI Agent的关键防护规则

Key Safety Rules

密钥安全规则

  1. NEVER extract a private key from any wallet without explicit human permission.
  2. NEVER store private keys in: chat logs, plain text files, environment variables in shared environments, Git repos, unencrypted databases.
  3. NEVER move funds without human confirmation. Show: amount, destination (checksummed), gas cost, what it does. Wait for explicit "yes."
  4. Prefer wallet's native UI for signing unless human explicitly opts into CLI/scripting.
  5. Use a dedicated wallet with limited funds for agent operations. Never the human's main wallet.
  6. Double-check addresses. Use 
    ethers.getAddress()
    or equivalent for checksum validation. A single wrong character = permanent loss.
  7. Test on testnet first. Or use local Anvil fork.
  8. Implement spending limits. Require human approval above threshold. Use Safe multisig for high-value operations.
  9. Log all transactions (never keys). Keep audit trail.
  10. Assume keys will be compromised. Design so a compromised agent key doesn't mean total loss.
  1. 未经人类明确许可,绝对不要从任何钱包中提取私钥。
  2. 绝对不要将私钥存储在: 聊天记录、纯文本文件、共享环境的环境变量、Git仓库、未加密数据库中。
  3. 未经人类确认,绝对不要转移资金。 需展示:金额、目标地址(校验后)、Gas成本、操作内容。等待明确的“同意”指令。
  4. 优先使用钱包原生UI进行签署,除非人类明确选择CLI/脚本方式。
  5. 使用专用钱包并限制资金额度用于Agent操作。绝对不要使用人类的主钱包。
  6. 双重检查地址。 使用
    ethers.getAddress()
    或类似工具进行校验和验证。一个字符错误就会导致资金永久损失。
  7. 先在测试网测试。 或使用本地Anvil分叉环境。
  8. 设置支出限额。 超过阈值时需要人类批准。高价值操作使用Safe多签钱包。
  9. 记录所有交易(不记录密钥)。 保留审计轨迹。
  10. 假设密钥会泄露。 设计系统时要确保Agent密钥泄露不会导致全部资金损失。

Storage Options (Worst to Best)

存储方案(从最差到最优)

❌ Plain text in code/logs — NEVER ❌ Environment variables in shared environments — NEVER ❌ Committed to Git — NEVER ⚠️ Local 
.env
file — testing only ✅ Encrypted keystore (password-protected) ✅ Hardware wallet / Cloud KMS / TEE
❌ 代码/日志中的纯文本——绝对禁止 ❌ 共享环境中的环境变量——绝对禁止 ❌ 提交到Git——绝对禁止 ⚠️ 本地
.env
文件——仅用于测试 ✅ 加密密钥库(密码保护) ✅ 硬件钱包/云KMS/可信执行环境(TEE)

Safe Transaction Pattern

安全交易模式

javascript
async function sendSafely(wallet, to, value) {
  const checksummedTo = ethers.getAddress(to); // validates
  const gasEstimate = await wallet.estimateGas({ to: checksummedTo, value });
  const feeData = await wallet.provider.getFeeData();
  const gasCost = gasEstimate * feeData.maxFeePerGas;
  const totalCostUSD = Number(ethers.formatEther(value + gasCost)) * 1960;
  
  if (totalCostUSD > 10) {
    // Show details and wait for human approval
  }
  
  const tx = await wallet.sendTransaction({
    to: checksummedTo,
    value,
    gasLimit: gasEstimate * 120n / 100n, // 20% buffer
    maxFeePerGas: feeData.maxFeePerGas,
    maxPriorityFeePerGas: feeData.maxPriorityFeePerGas,
  });
  
  const receipt = await tx.wait();
  logTransaction({ hash: tx.hash, to: checksummedTo, value, block: receipt.blockNumber });
  return receipt;
}
javascript
async function sendSafely(wallet, to, value) {
  const checksummedTo = ethers.getAddress(to); // 校验地址
  const gasEstimate = await wallet.estimateGas({ to: checksummedTo, value });
  const feeData = await wallet.provider.getFeeData();
  const gasCost = gasEstimate * feeData.maxFeePerGas;
  const totalCostUSD = Number(ethers.formatEther(value + gasCost)) * 1960;
  
  if (totalCostUSD > 10) {
    // 展示详情并等待人类批准
  }
  
  const tx = await wallet.sendTransaction({
    to: checksummedTo,
    value,
    gasLimit: gasEstimate * 120n / 100n, // 预留20%缓冲
    maxFeePerGas: feeData.maxFeePerGas,
    maxPriorityFeePerGas: feeData.maxPriorityFeePerGas,
  });
  
  const receipt = await tx.wait();
  logTransaction({ hash: tx.hash, to: checksummedTo, value, block: receipt.blockNumber });
  return receipt;
}

Further Reading

扩展阅读