Production-ready security practices for autonomous agent deployments.

Clawd402 is designed for autonomous operation with security as a core principle. This guide covers threat models, best practices, and production deployment configuration.

Clawd402 never holds custody of agent funds or private keys. All transaction signing occurs client-side within agent-controlled infrastructure.

Key principles:

• Private keys never leave agent environment
• Transaction signing performed locally
• No key material transmitted to Clawd402 services
• Agents maintain full control of wallets

In scope:

• Unauthorized transaction execution
• Transaction manipulation or replay
• Private key compromise
• MEV exploitation
• Policy bypass attempts
• State inconsistency attacks

Out of scope:

• Physical security of agent infrastructure
• Social engineering of approval personnel
• Compromise of external RPC providers
• Blockchain protocol vulnerabilities

Never store private keys in code or environment variables. Use encrypted keystores or hardware wallets for production deployments.

Bad practice:

// DON'T DO THIS
const client = new Clawd402Client({
  wallet: {
    type: 'private_key',
    key: '0x1234567890abcdef...'  // Hardcoded key
  }
})

Good practice:

// Use encrypted keystore
const client = new Clawd402Client({
  wallet: {
    type: 'keystore',
    path: '/secure/path/keystore.json',
    password: process.env.KEYSTORE_PASSWORD
  }
})

// Or hardware wallet
const client = new Clawd402Client({
  wallet: {
    type: 'hardware',
    device: 'ledger',
    derivationPath: "m/44'/60'/0'/0/0"
  }
})

Use hierarchical deterministic wallets for key derivation:

const client = new Clawd402Client({
  wallet: {
    type: 'hd_wallet',
    mnemonic: process.env.MNEMONIC,  // From secure storage
    derivationPath: "m/44'/60'/0'/0/0"
  }
})

Best practices:

• Store mnemonic in encrypted vault (HashiCorp Vault, AWS Secrets Manager)
• Use different derivation paths for different environments
• Rotate keys periodically (90-day cadence recommended)
• Maintain offline backup of mnemonic

For maximum security, use hardware wallets:

const client = new Clawd402Client({
  wallet: {
    type: 'hardware',
    device: 'ledger',  // or 'trezor'
    derivationPath: "m/44'/60'/0'/0/0"
  }
})

Transactions require physical confirmation on device.

Layer multiple policies for robust security:

policies:
  # Layer 1: Block known-bad patterns
  - name: block_zero_address
    conditions:
      recipient_blacklist: ["0x0000000000000000000000000000000000000000"]
    action: reject

  - name: block_unverified_contracts
    conditions:
      transaction_type: contract_call
      contract_verified: false
    action: reject

  # Layer 2: Auto-approve low-risk operations
  - name: auto_approve_small_transfers
    conditions:
      transaction_type: transfer
      max_value_usd: 100
      daily_limit_usd: 500
      recipient_whitelist: [/* known addresses */]
    action: auto_approve

  # Layer 3: Require approval for elevated risk
  - name: approve_large_operations
    conditions:
      min_value_usd: 100
    action: require_human_approval
    notification:
      channels: [email, slack]
      timeout: 1800

  # Layer 4: Default deny
  - name: default_deny
    conditions: {}
    action: reject

• ✅ Default action is reject or require_human_approval
• ✅ Zero address blocked in recipient blacklist
• ✅ Unverified contracts blocked for contract calls
• ✅ Daily spending limits configured
• ✅ Approval timeouts set (prevent indefinite pending)
• ✅ Escalation configured for timeout scenarios
• ✅ All notification channels tested
• ✅ Policies validated on testnet before mainnet

Always enable simulation to detect failures before submission:

const result = await client.execute({
  instruction: "Swap 100 USDC for WETH",
  simulate: true  // Enable pre-flight simulation
})

if (!result.simulationResult?.success) {
  console.error('Simulation failed:', result.simulationResult?.error)
  return
}

Clawd402 simulates transactions against current blockchain state to detect:

• Reversion conditions: Contract call failures
• Insufficient balance: Not enough funds for value + gas
• Missing approvals: ERC-20 allowance insufficient
• Gas exhaustion: Estimated gas exceeds block limit
• Unexpected state changes: Balance changes differ from expected

For DEX swaps, set maximum slippage tolerance:

const result = await client.execute({
  action: 'swap',
  inputAsset: 'USDC',
  inputAmount: '1000',
  outputAsset: 'WETH',
  maxSlippagePercent: 0.5,  // 0.5% maximum slippage
  simulate: true
})

Route high-value transactions through private mempools to prevent frontrunning:

const client = new Clawd402Client({
  network: 'x402-mainnet',
  wallet: walletConfig,
  mevProtection: {
    enabled: true,
    provider: 'flashbots',  // or 'eden', 'bloXroute'
    minValueUsd: 1000  // Use private relay for transactions >$1000
  }
})

Use deadline parameters for time-sensitive operations:

const result = await client.execute({
  action: 'swap',
  inputAsset: 'USDC',
  inputAmount: '1000',
  outputAsset: 'WETH',
  deadline: Date.now() + 300000  // 5 minute deadline
})

Avoid predictable patterns: Randomize transaction timing to prevent exploitation

Monitor for sandwiches: Enable alerts for suspicious transaction ordering

Use authenticated RPC endpoints for production:

const client = new Clawd402Client({
  network: 'x402-mainnet',
  rpcUrl: 'https://x402-mainnet.infura.io/v3/YOUR_API_KEY',
  wallet: walletConfig
})

Best practices:

• Use dedicated RPC endpoints (Infura, Alchemy, QuickNode)
• Enable API key authentication
• Set rate limits and alerts
• Monitor endpoint availability
• Configure failover endpoints

All API communication uses TLS 1.3:

// Enforce HTTPS
const client = new Clawd402Client({
  apiUrl: 'https://api.clawd402.dev',  // Never http://
  tlsVerification: true  // Verify certificate chain
})

Configure alerts for security-relevant events:

alerts:
  - name: failed_transactions
    condition: transaction.state === 'failed'
    threshold: 3
    window: 300  # 5 minutes
    actions: [email, pagerduty]

  - name: high_gas_usage
    condition: transaction.gasUsed > historical_average * 1.5
    actions: [slack]

  - name: rapid_spending
    condition: hourly_total_usd > 5000
    actions: [email, slack, webhook]

  - name: unknown_recipient
    condition: !recipient_whitelist.includes(transaction.to)
    actions: [slack]

Enable comprehensive audit logs:

const client = new Clawd402Client({
  network: 'x402-mainnet',
  wallet: walletConfig,
  auditLog: {
    enabled: true,
    destination: 'syslog',  // or 'file', 'cloudwatch'
    level: 'info',  // or 'debug' for detailed logs
    includeSimulations: true,
    includePolicyEvaluations: true
  }
})

Log fields:

• Timestamp
• Transaction hash
• Wallet address
• Action type
• Value (crypto and USD)
• Gas parameters
• Matched policy
• Approval status
• Simulation result
• Error details (if failed)

Run Clawd402 infrastructure in isolated network segments:

┌─────────────────────────────────────────┐
│         Public Internet                 │
└────────────────┬────────────────────────┘
                 │
          ┌──────▼──────┐
          │  Firewall   │
          └──────┬──────┘
                 │
     ┌───────────▼────────────┐
     │   Application Tier     │
     │  (Clawd402 SDK/Agent)   │
     └───────────┬────────────┘
                 │
     ┌───────────▼────────────┐
     │    Database Tier       │
     │  (State, Audit Logs)   │
     └────────────────────────┘

Firewall rules:

• Inbound: Only HTTPS (443) from trusted IPs
• Outbound: RPC endpoints, Clawd402 API only
• Database: No direct internet access
• Monitoring: Separate management network

Use dedicated secrets manager for sensitive configuration:

HashiCorp Vault:

import vault from 'node-vault'

const vaultClient = vault({
  endpoint: 'https://vault.example.com',
  token: process.env.VAULT_TOKEN
})

const secrets = await vaultClient.read('secret/clawd402/production')

const client = new Clawd402Client({
  wallet: {
    type: 'private_key',
    key: secrets.data.private_key
  },
  apiKey: secrets.data.api_key
})

AWS Secrets Manager:

import { SecretsManager } from '@aws-sdk/client-secrets-manager'

const secretsManager = new SecretsManager({ region: 'us-east-1' })

const { SecretString } = await secretsManager.getSecretValue({
  SecretId: 'clawd402/production/keys'
})

const secrets = JSON.parse(SecretString)

Monitor for security incidents:

• Unexpected transaction failures
• Anomalous gas usage
• Rapid spending velocity
• Unknown recipient addresses
• Policy bypass attempts

1. Identify scope:

// Query recent transactions
const recent = await client.getTransactionHistory({
  since: Date.now() - 3600000,  // Last hour
  includeSimulations: true
})

// Check for anomalies
const anomalous = recent.filter(tx =>
  tx.gasUsed > historicalAverage * 2 ||
  !knownRecipients.includes(tx.to)
)

2. Contain incident:

// Pause agent operations
await client.pauseExecution({
  reason: 'security_incident',
  duration: 3600  // 1 hour
})

// Cancel pending transactions
const pending = await client.getPendingTransactions()
for (const tx of pending) {
  await client.cancelTransaction(tx.hash)
}

3. Investigate root cause:

Review audit logs, policy evaluations, and transaction simulations to determine attack vector.

4. Remediate:

• Update policies to block identified attack pattern
• Rotate compromised keys
• Apply patches or configuration updates
• Conduct post-incident review

5. Resume operations:

// Resume after remediation
await client.resumeExecution()

Configure retention policies for audit compliance:

const client = new Clawd402Client({
  auditLog: {
    enabled: true,
    retention: {
      transactionLogs: 2555,  // 7 years (regulatory requirement)
      approvalLogs: 2555,
      policyEvaluations: 365  // 1 year
    }
  }
})

For EU deployments, configure data processing:

const client = new Clawd402Client({
  dataProcessing: {
    region: 'eu-west-1',  // EU data residency
    encryptionAtRest: true,
    encryptionInTransit: true,
    dataRetention: 2555,  // days
    rightToErasure: true  // Support GDPR deletion requests
  }
})

• Private keys stored in encrypted vault (never in code)
• Approval policies configured with default deny
• Transaction simulation enabled
• MEV protection configured for high-value transactions
• Monitoring and alerts configured
• Audit logging enabled
• Secrets manager integrated
• Network isolation implemented
• Firewall rules configured
• Incident response procedures documented

• Monitor alert channels daily
• Review audit logs weekly
• Rotate keys every 90 days
• Update policies based on agent behavior
• Test backup and recovery procedures
• Conduct security reviews quarterly
• Apply security patches promptly
• Participate in bug bounty program

Subscribe to security notifications:

• Security mailing list: security@clawd402.dev
• GitHub security advisories: github.com/clawd402-base/sdk/security
• Discord #security channel: discord.gg/clawd402

Report security vulnerabilities to:

Email: security@clawd402.dev PGP key: clawd402.dev/security.asc

Bug bounty: $50,000 program for critical vulnerabilities

Disclosure timeline:

1. Report received (Day 0)
2. Initial triage (Day 1-2)
3. Patch development (Day 3-14)
4. Coordinated disclosure (Day 15-30)

• Approval policies guide: Configure transaction permissions
• Transaction simulation: Pre-flight validation
• Monitoring and alerts: Production observability
• Production checklist: Deployment validation

Security questions? Contact our security team:

• Email: security@clawd402.dev
• Discord: discord.gg/clawd402 (#security channel)