Security & self-custody

CoinFello is non-custodial by design. Your private keys stay in your own wallet (CoinFello never holds them and never sees them), and the agent can act only through scoped, time-limited delegations that you grant and can revoke at any time. It cannot move funds outside the limits you set.

The delegation model

Most AI agents in crypto are dangerous for a simple reason: to act for you, they take your keys, and an agent that holds your private key can do anything with your wallet, forever. CoinFello replaces that with delegations: fine-grained, onchain permissions that let the agent act on your wallet’s behalf within strict boundaries.

  • Delegations are permissions, not transfers: your funds never leave your wallet.
  • They're built on open standards (EIP-7702, ERC-7710, ERC-7715), not a private API, so what you've granted is inspectable onchain.
  • Each delegation is bounded: what it can spend, which tokens, what kinds of actions, and until when.

Key handling

When you connect a wallet, Fello reads your public portfolio data only. Private keys are never shared with or accessible to CoinFello. Transactions happen one of two ways: you approve them directly in your own wallet (the same flow you already know from other dapps), or the agent executes within a delegation you’ve explicitly granted. Before anything executes, Fello reads the smart contract involved and explains what it actually does, in plain language.

Limits and revocation

  • Spending limits: cap what the agent can spend, per token.
  • Expiry: make permissions time-bound, with daily, weekly, or monthly allowances.
  • Action types: restrict which kinds of operations are permitted at all.
  • Revocation: revoke any delegation at any time; your funds remain in your wallet throughout.

And if CoinFello itself ever goes offline, nothing happens to your funds or keys: the agent operates through delegations on your wallet, not by holding assets.

Defense against manipulation

  • The agent accepts prompts only from you. It cannot receive instructions from outside websites or third parties, which protects against prompt-injection attacks.
  • Fello understands the smart contracts themselves and surfaces the real risks in plain language before you approve anything.
  • Even a compromised or misbehaving agent is capped by your delegation: it cannot exceed the spending limits, token restrictions, or expiry you set.

Frequently asked questions

What are delegations?

Delegations are fine-grained, onchain permissions you grant to CoinFello, or to your own AI agent like Claude Code or OpenClaw, to act on your wallet's behalf within strict boundaries. They are built on open standards (EIP-7702, ERC-7710, ERC-7715), and they are permissions, not transfers: your funds never leave your wallet.

What controls can I set on a delegation?

Per-token spending limits, time-bound expiry (daily, weekly, or monthly allowances), and restrictions on which types of actions are permitted.

Can I revoke a delegation?

Yes, any delegation, at any time. Your funds remain in your wallet throughout; a delegation is a permission, not a transfer.

How is this different from giving an agent my private key?

An agent that holds your private key can do anything with your wallet, indefinitely, and you can't take the key back. CoinFello's agent never holds your keys: it operates through bounded, revocable permissions on your existing wallet, so the worst case is capped by the limits you set.

Does CoinFello have access to my private keys or funds?

No. CoinFello is non-custodial: your private keys stay in your wallet and CoinFello never has access to them. Instead of taking custody, the agent acts only within guardrails you define (spending limits, allowed tokens, and expiry dates), and you can revoke its access at any time.

Is CoinFello decentralized?

The parts that control your funds are decentralized. Delegations are onchain permissions built on open standards (EIP-7702, ERC-7710, ERC-7715), your keys stay in your wallet, and CoinFello never holds your assets. If CoinFello ever goes offline, your wallet and funds keep working exactly as before.

What happens if CoinFello goes offline?

Nothing happens to your funds or keys. CoinFello operates through delegations on your wallet rather than holding assets, so your wallet keeps working exactly as it did before.

Want the short version? Is CoinFello safe? answers the question directly.