Is CoinFello safe?

Yes: CoinFello is designed to be safe through self-custody. You hold your keys, the agent receives only limited, time-bound permissions that you can revoke at any time, and every action stays inside those guardrails. Here’s exactly how that works, and what to check for yourself.

Why self-custody matters

The biggest risk with most AI crypto agents isn’t the AI. It’s the access. An agent that holds your private key, or that connects to a centralized trading API with your credentials, can do anything with your funds, and a single bug or exploit exposes everything. CoinFello never takes that access: your keys stay in your wallet, and the agent works through bounded, revocable delegations instead.

What the agent can and can't do

  • Can: read your public onchain data, research and explain opportunities, and execute actions you’ve approved or covered with a delegation.
  • Cannot: access your private keys; they never leave your wallet.
  • Cannot: spend beyond the per-token limits, expiry windows, or action types you set.
  • Cannot: take instructions from anyone but you. Outside websites and third parties can’t prompt it, which protects against prompt-injection attacks.
  • Cannot: touch your funds after you revoke its delegation. And if CoinFello goes offline, your wallet keeps working exactly as before.

How to set your guardrails

  • Start small: grant a delegation with a low per-token spending limit and a short expiry.
  • Use daily, weekly, or monthly allowances so the agent's spend is paced, not open-ended.
  • Restrict action types to what you actually want automated.
  • Read the plain-language explanation Fello gives before approving any transaction.
  • Revoke any delegation the moment you no longer need it; your funds stay in your wallet throughout.

What CoinFello can't protect you from

Honest scope matters: self-custody and guardrails protect you from custodial failure and runaway agents, not from markets. Token prices can fall, stablecoins can depeg, and the third-party DeFi protocols you interact with carry their own smart-contract risk. Fello explains those risks in plain language before you act. See the Learn guides for how the common ones work. None of this is financial advice.

Frequently asked questions

Is CoinFello safe to use?

CoinFello is built to protect you, even from your own agent. It reads and explains every smart contract in plain language and surfaces the real risks before you approve, and it cannot act outside the guardrails you set: spending limits, allowed tokens, and expiry dates. You keep your keys and can revoke access anytime.

Can a website or third party trick CoinFello's agent into making a transaction?

No. CoinFello's agent acts only on prompts from you. It cannot receive instructions from outside websites or third parties, which protects against prompt-injection attacks. Every onchain action also stays within the revocable delegations you have granted, and you approve them in your own wallet.

What happens when I connect my wallet?

CoinFello reads your public portfolio data, never your private keys. Transactions only happen when you approve them in your own wallet, the same flow you already know from other dapps, or under a delegation you have explicitly granted.

Can CoinFello access my full wallet balance?

It can read your public onchain data to analyze your portfolio, but it can only move funds you have explicitly approved or covered with a delegation, never more.

Do I need ETH for network fees (gas)?

For onchain actions, generally yes. CoinFello optimizes with gasless and batched transactions via EIP-7702 where possible, but many actions still require network fees.