{"ok":true,"version":"2026.07.15.12","data":{"id":"wallet-safety-checklist","title":"Wallet integration safety checklist","type":"Checklist","level":"Foundational","readTime":6,"summary":"Guardrails for wallet integrations with no custody, no keys, and strict prompt hygiene.","tags":["security","wallets"],"outcomes":["Prevent key exposure","Reduce prompt injection risk","Document user consent"],"outline":["No-key policy","Permission scopes","Prompt sanitization","Consent record"],"cta":"Review the checklist","path":"/library/wallet-safety-checklist","hasFullBody":true,"body":{"sections":[{"heading":"No-key policy","paragraphs":["Never ask users for seed phrases, private keys, or keystore files. Never store signing material on your servers. If a flow needs a signature, use a standard wallet connect pattern where the user signs in their own wallet.","Prefer read-only public identifiers when a wallet is only used as an account handle."]},{"heading":"Permission scopes","paragraphs":["Request the minimum capability: message sign for login, not unlimited spend. Document exactly what the dApp can and cannot do. Timeout sessions and re-prompt on sensitive actions."]},{"heading":"Prompt sanitization (agents)","paragraphs":["Treat wallet addresses, tx hex, and user paste as untrusted text. Do not let model output invoke tools with raw user strings without validation. Separate system instructions from user content."]},{"heading":"Consent record","paragraphs":["Log what the user agreed to (purpose, network, visibility) and when. Keep logs free of secrets. Offer a revoke / disconnect path."]}],"checklist":["No private key collection anywhere in UI or API","Least-privilege wallet permissions","Agent tools validate addresses and networks","Consent timestamp stored without secrets"]}}}