Custody and automation,
separated by design
Give agents a key, not the kingdom. Nunchuk separates custody from automation. Your agent can help create wallets, prepare transactions, and co-sign within policy — while your keys stay with you and anything outside policy requires approval.
User keys stay with users
- • Shared wallets combine user keys, an agent key, and a policy co-signer.
- • Your private keys never need to be shared with the agent.
- • Open standards keep wallets portable and recoverable.
- • No vendor lock-in — wallet data stays exportable.
Agents work inside policy
- • The agent can sign with its own limited key.
- • The Platform key can co-sign automatically when policy is satisfied.
- • Spending limits, signing delays, and per-signer caps define what can happen automatically.
- • Anything outside policy requires human approval.
Hardware-isolated keys.
Bitcoin-native policies.
For higher-assurance agent wallets, isolate the agent signer with Coldcard HSM mode. For advanced spending rules, use Miniscript to encode fallback paths, timelocks, and multi-branch policies.
Isolate the agent key
Keep the agent signing key on dedicated hardware. The agent can request PSBT signatures, but Coldcard signs only under the HSM policy you load.
- • Hardware-isolated signing for unattended agent workflows.
- • Policy files can enforce limits, whitelists, and authorization rules.
- • Nunchuk CLI merges signed PSBTs and broadcasts once the transaction is fully signed.
Program spending conditions
Go beyond plain m-of-n multisig with Bitcoin-native spending logic.
- • Fallback keys and staged recovery paths.
- • Absolute and relative timelocks.
- • Hash-preimage branches and multi-path policies.
Talk to your wallet
Ask in plain language. Your AI assistant runs the CLI; policy controls what can be signed automatically and what needs you.
