Two layers of control
Signer-level (wallet policy)
Set when you create a wallet. These are constraints on the server signer itself — they apply to every agent sharing that wallet.| Template | Signing | Transactions | Best For |
|---|---|---|---|
| Conservative | Message signing only (x402/MPP payments) | No direct transactions | Testing, sandboxed agents |
| Standard | Payment signing + limited transactions | Capped at 0.1 ETH | Most use cases |
| Power User | Full signing access | Unlimited | Production, high-volume |
Agent-level (per-agent limits)
Set when you create or edit an agent. These are enforced by the xWell backend before the signing request reaches the TEE.- Daily spending cap — total the agent can spend per day (resets midnight UTC)
- Per-transaction maximum — largest single payment allowed
- Allowed chains — which chains this agent can use
- Service access — blocklist or allowlist specific services
What gets checked
Before every payment, the xWell backend checks the agent-level limits:
If all checks pass, the signing request goes to the TEE, where the signer-level policy is enforced independently.
Agent capabilities
After pairing, an agent can:- Make paid API requests (within limits)
- Check its own identity, balance, and spending
- View transaction history
- Probe endpoints for payment requirements
- Discover marketplace services
- Access wallet private keys
- Change its own policy or limits
- Create or delete other agents
- Modify signer authorization
- Access builder-only endpoints
Monitoring
The dashboard shows real-time:- Per-agent daily spending
- Transaction history with status
- Failed payment attempts
- Service health for frequently-used endpoints