DCP

Product Introduction

1. Definition: DCP (Decentralized Control Protocol) is a local-first, non-custodial security and permission layer for AI agents. Technically, it is a desktop application and runtime that encrypts and manages sensitive credentials—such as cryptocurrency wallets and API keys—on a user's local machine, exposing them to connected AI agents through a secure, permissioned request-and-approval system.
2. Core Value Proposition: DCP exists to secure the AI agent economy by preventing credential leakage and unauthorized spending. Its primary value is enabling AI agents to perform real-world tasks involving sensitive data and financial transactions without ever holding raw keys, thereby mitigating risks from prompt injection attacks, compromised dependencies, or malicious code.

Main Features

1. Local-First, Encrypted Vault: All user credentials—including Solana wallet private keys, OpenAI API keys, Anthropic keys, and custom data—are encrypted with XChaCha20 and stored exclusively on the user's local device. The master decryption key is secured within the operating system's native keychain (e.g., Windows Credential Manager, macOS Keychain). This ensures keys never leave the user's machine in plaintext.
2. Scoped Permissions & Per-Agent Budgets: Administrators can define granular access rules for each connected AI agent. For example, a trading agent can be granted permission to sign Solana transactions with a strict daily spending cap (e.g., 5 SOL/day), while a research agent may only have read access to API keys. This principle of least privilege is enforced at the protocol level.
3. Cross-Platform Agent Integration & MCP Support: DCP provides multiple integration paths for AI agents. For local agents like Claude Desktop and Cursor, it functions as a Model Context Protocol (MCP) server. For remote/VPS-based agents like OpenClaw, it offers a remote installer script that sets up an HTTP MCP client. This allows a single DCP instance to manage credentials for a heterogeneous fleet of agents across different platforms.

Problems Solved

1. Pain Point: The critical security vulnerability of AI agents reading plaintext credentials from environment files (.env), configuration files, or memory. A single prompt injection attack, bug in an MCP server, or compromised dependency can lead to immediate and total credential theft, draining wallets and API accounts.
2. Target Audience: Developers and power users running AI agents for automation, trading, or research; specifically, Solana developers building agentic applications, users of Claude, Cursor, and OpenClaw, and teams deploying AI agents on virtual private servers (VPS).
3. Use Cases: Securing an AI trading agent that executes Solana transactions; allowing a Claude AI assistant to use OpenAI's API without exposing the key; managing a fleet of VPS-based research agents that require controlled access to Anthropic's API; providing a centralized, revocable credential manager for all local AI development tools.

Unique Advantages

1. Differentiation: Unlike custodial agent wallet solutions (e.g., Sponge, Coinbase AgentKit, Privy) where keys are held by a third party, DCP is fully non-custodial. Unlike generic cloud secret managers (e.g., Infisical, VaultAgent), DCP is local-first, handles cryptocurrency wallets natively, and integrates a phone-based approval workflow. It also uniquely supports both crypto and API keys within a single, free, open-source platform.
2. Key Innovation: The integration of a multi-agentic wallet model with a local, encrypted vault and a user-centric approval layer. DCP is the first tool to allow a single, user-controlled wallet and credential set to be securely used by multiple, distinct AI agents with individually scoped permissions, all managed from a unified dashboard and approved via a secondary device (Telegram).

Frequently Asked Questions (FAQ)

1. Is DCP a Solana agentic wallet? Yes, DCP functions as a non-custodial, multi-agentic wallet specifically for Solana. It allows you to generate or import a Solana wallet, keep it encrypted locally, and grant permissioned, budget-capped signing capabilities to your AI agents, with per-transaction approval via your phone.
2. How does DCP protect against prompt injection attacks? DCP neutralizes the risk by ensuring AI agents never have direct access to raw credentials. Even if an agent is compromised via prompt injection, it can only request actions (like signing a transaction) which must be approved by the user via a separate device. The worst-case damage is limited to the pre-set daily budget for that specific agent.
3. Can I use DCP with Claude, Cursor, and OpenClaw simultaneously? Absolutely. This is a core feature of DCP's multi-agent design. You can connect Claude Desktop and Cursor via local MCP, and install the DCP agent service on your VPS for OpenClaw using the provided installer script. All agents will draw from the same secure vault with individual permissions.
4. What happens if my laptop is turned off or asleep? Agent requests are queued within the DCP system until your desktop client comes back online. For 24/7 agent operation, you simply need to leave your laptop in sleep mode with DCP running; it does not need to be actively unlocked or have a user session open.
5. How is DCP different from just using a hardware wallet with an agent? While both are non-custodial, a hardware wallet requires manual physical approval for every transaction, which isn't feasible for autonomous agents. DCP provides a software-based, policy-driven layer (with daily caps and auto-approve for small amounts) that enables agent autonomy while maintaining security through remote (phone) approval for significant actions, all without exposing the seed phrase.