AI Agent / Web3·EVM · Solana
Coinbase AgentKit
Coinbase Developer Platform's framework-agnostic toolkit for giving AI agents a wallet and onchain capabilities. Pairs with x402 for HTTP 402 machine-to-machine USDC payments and CDP server wallets for non-custodial agent custody.
- 01agent wallets
- 02x402 paywalled APIs
- 03machine-to-machine USDC payments
- 04LangChain/Vercel AI SDK agents
- 05Base mainnet onchain actions
- pnpm create onchain-agent@latest
- pnpm add @coinbase/agentkit @coinbase/agentkit-langchain @coinbase/x402
| Variable | Scope | Description |
|---|---|---|
| CDP_API_KEY_ID | Server | CDP API key identifier from the Coinbase Developer Platform dashboard. |
| CDP_API_KEY_SECRET | Server | CDP API key secret. Server-side only — never expose to the browser. |
| CDP_WALLET_SECRET | Server | Secret used to sign server wallet operations. |
| NETWORK_ID | Server | Target network, e.g. 'base-mainnet' or 'base-sepolia' (default). |
| OPENAI_API_KEY | Server | LLM provider key for the agent's reasoning loop (or any other supported model). |
Use Coinbase AgentKit to give the agent a CDP server wallet and an action toolkit. Initialize with `await CdpWalletProvider.configureWithWallet({ apiKeyId, apiKeyPrivate, networkId: 'base-mainnet' })`, then `AgentKit.from({ walletProvider, actionProviders: [cdpApiActionProvider(...), pythActionProvider(), erc20ActionProvider()] })`. Bridge to the LLM via `getLangChainTools(agentKit)` (or the Vercel AI SDK adapter) so tool calls map to onchain actions. For paid APIs use the x402 client (`withPaymentInterceptor` from `@coinbase/x402`) so HTTP 402 responses are auto-settled in USDC on Base. Always run AgentKit in a server route — never expose `CDP_API_KEY_SECRET` or `CDP_WALLET_SECRET` to the client.
- ⚑Server wallets are non-custodial but the wallet secret unlocks them — store `CDP_WALLET_SECRET` in a KMS/Vault, not in `.env` committed to git.
- ⚑AgentKit requires Node.js v22+; older runtimes silently fail at the Crypto subtle-API layer.
- ⚑Default network is `base-sepolia` — production deployments must explicitly set `NETWORK_ID=base-mainnet` or agents will spend testnet ETH.
- ⚑x402 facilitator currently settles in USDC on Base only; budget per-request payments and add a per-agent spend cap to avoid LLM-driven runaway costs.
- ⚑Bind a hard tool-call ceiling on the LangChain executor (`maxIterations`) — autonomous loops with funded wallets can drain balances quickly.
- ⚑x402 nonces must not be replayed; if you proxy 402 traffic through your own server, forward the `X-PAYMENT` header verbatim.