Solana Agent Vault - Pinocchio program

PDA wallet infrastructure for every 8004 agent.

An 8004 agent should not be limited to one signer. Agent Vault gives one 8004 Core Asset a fleet of onchain wallets: treasury, trading, operations, liquidity, settlement. The live holder controls everything; wallets can hold SOL, SPL, WSOL, sign CPI calls for swaps and DeFi, and publish verifiable onchain message attestations.

Mental model

Agent 8004 Core Asset

+-- wallet #0 / treasury / SOL + SPL

+-- wallet #1 / trading / swaps

+-- wallet #2 / liquidity / DeFi CPI

+-- wallet #N / up to 65,535

V0Useful launch scope

65kWallets per agent

0Onchain Anchor dependency

1Identity: the 8004 Core Asset

The gap

Solana already has strong primitives: Metaplex Core, Asset Signer, the 8004 registry, AgentWallet-style vaults, and Squads. What is missing is a simple agent primitive: multiple indexed program wallets tied to the same 8004 NFT identity and ready for DeFi.

Metaplex Core

One native signer, not a wallet fleet

Asset Signer is useful, but it does not provide a multi-wallet model per agent.

Generic vaults

Not tied to 8004 identity

A vault without the Core Asset does not provide the same transferable ownership model.

Agent DeFi

Agents need to compose

A useful agent needs to hold tokens, wrap SOL, swap, provide liquidity, and settle flows.

The V0 proposal

Agent Vault is a small Pinocchio primitive: explicit, cheap, upgradeable, and built for composition. Seeds stay stable; future policies are layered around the core accounts.

global_config = PDA(["global_config"]) // immutable vault_config = PDA(["vault_config", agent_asset]) wallet #i = PDA(["agent_vault", agent_asset, i_u16_le]) devnet 8004 registry: 8oo4J9tBB3Hna1jRQ3rWvJjojqM5DYTDJo5cejUuJy3C holder gate: signer == live_owner(agent_asset) agent_asset is Metaplex Core AssetV1 agent_account == PDA(["agent", agent_asset], registry_8004)

Required V0 features

Indexed multi-wallet

Create PDA wallets per agent: treasury, trading, liquidity, ops. Monotonic u16 index.

Native SOL

Permissionless deposit, holder-only withdrawal, same-agent wallet transfer, preserved rent floor.

Minimal SPL and Token-2022

Create ATAs for the wallet PDA and transfer Tokenkeg plus minimal Token-2022 assets.

WSOL wrap / unwrap

Required for swaps: turn wallet SOL into WSOL usable by AMMs, then unwind cleanly.

Execute CPI checked for DeFi and swaps

The holder authorizes the wallet PDA to sign a target instruction with explicit min-out, balance, owner, data length, and rent post-checks.

Wallet basics included

Solana Agent Vault behaves like a practical wallet layer for agents: payments, tokens, DeFi execution, account discovery, and verifiable message attestations. PDA signing is onchain through the program; off-chain message intent is recorded as a program-verified attestation.

Payments

Receive and send SOL

Permissionless deposits, holder-gated withdrawals, same-agent transfers, and rent-aware closes.

Tokens

SPL and minimal Token-2022

ATA creation, checked transfers where decimals are available, WSOL wrap and unwrap.

Messages

Verifiable attestations

Message hash, domain, nonce, expiry, wallet index, and holder authorization recorded onchain.

DeFi without locking the future

V0 does not hardcode Jupiter, Orca, or Raydium. The program exposes a generic primitive: the wallet PDA signs one CPI. The SDK builds routes and remaining accounts. Later policies can restrict that power without changing seeds.

Open CPI

Composable by default

No V0 allowlist, so DeFi integrations do not require redeploying the vault program.

Invariants

Protected wallet account

The wallet PDA is readonly signer inside CPI; owner, data length, and rent are post-checked.

SDK

Off-chain routes

SDK helpers prepare swap instructions and mandatory checked post-conditions. The onchain program stays protocol-neutral.

Future policies

Restrictions can be layered

Spending limits, delegation, and allowlists arrive through versioned policy PDAs.

Immutable global config

The global account fixes the 8004 registry and accepted collection. Once initialized, it does not change: no mutable registry, no mutable collection, no admin pause flag in V0.

Predictable

Fixed registry and collection

Clients know exactly which 8004 identity set is accepted for this deployment.

Upgrade path

New PDAs when needed

A future global policy is added in a separate account, without breaking the base.

Anti-squatting

Deploy authority init

Initialization must be reserved for the expected deployment key.

Ultra-low cost by design

The program is designed as a small wallet primitive: compact accounts, measured compute, and DeFi CPI overhead separated from the target protocol.

Config

24-byte vault config

Only the agent-local state needed for enumeration: version, bump, count, flags, timestamp.

Small accounts

32-byte wallet PDA

Wallet metadata stays onchain. The agent relationship is proven by the PDA, not duplicated in data.

Measured CU

Budget per instruction

CI should snapshot CU and fail on large regressions before a release reaches devnet.

initial CU targets: create_wallet <= 18k CU full tx withdraw_sol <= 7k CU full tx transfer_spl <= 20k CU full tx create_wallet_ata <= 35k CU full tx execute_cpi_checked <= target program cost + post-check overhead account layout: AgentVaultConfig 24 bytes ~= 0.00105792 SOL AgentWallet 32 bytes ~= 0.00111360 SOL standard ATA 165 bytes ~= 0.00203928 SOL runtime rule: always derive rent from Rent::minimum_balance(len)

SDK first: `client.wallets`

Agent Vault is meant to ship inside the existing 8004-solana TypeScript SDK. The local repository is agent0-ts-solana, but the public SDK surface should be exposed from 8004-solana as client.wallets.*.

const page = await client.wallets.list(agentAsset, { startIndex: 0, limit: 100, includeClosed: false, includeBalance: true }) const wallet = await client.wallets.get(agentAsset, 0) const ix = await client.wallets.create(agentAsset, { label: "trading" }) under the hood: vault_config = PDA(["vault_config", agent_asset]) wallet_count = vault_config.wallet_count wallets = getMultipleAccounts(derived_wallet_pdas)

Upgrade roadmap

            V0 - DeFi-ready wallet primitive
            SOL, SPL, minimal Token-2022, WSOL, execute CPI checked, message attestations, holder-only control.
          
            V0.x - SDK routes
            Jupiter, Orca, Raydium route helpers and richer cost/RPC estimation.
          
            V1 - WalletPolicy
            Spending limits, allowlists, configurable denylist, daily caps.
          
            V2 - delegation
            Let an agent key operate without the live holder, under policy.
          
            V3 - multisig / Squads
            Institutional control or co-signature for high-risk wallets.