Category
  • AI & Agentic Platforms
  • Digital Wallets
  • Payments
  • Security
Use Cases
  • E-commerce Payments
  • Trading and Swapping
  • Treasury Management
Blockchains Supported
  • Arc
  • Base
  • Ethereum
  • OP Mainnet
  • Sui
On/Off-Ramps
  • No
Platform
  • Web
Region
  • North America
Country
  • United States
Support
1Claw Labs

Helping AI agents operate, communicate, and transact securely. Store secrets in hardware-encrypted vaults, inspect LLM traffic for prompt injections and credential leaks, and sign blockchain transactions without exposing private keys.

1Claw is a platform that helps AI agents operate, communicate, and transact securely.

When you paste an API key into Claude or Cursor, it ends up in the context window, chat logs, and provider memory. You can't take it back. 1Claw fixes this by giving agents secure access to secrets at runtime so credentials never touch the conversation.

Three products, one dashboard.

Vault stores your API keys and tokens with hardware-grade encryption and optional key splitting across three clouds (GCP, AWS, Azure). Agents fetch secrets when they need them and never store them. Every access is logged and every agent is individually revocable.

Shroud is a proxy that sits between your agent and the LLM provider running inside a TEE (Trusted Execution Environment). Every request and response passes through 20 security checks, which catch secrets in prompts, detects prompt injections, blocks suspicious URLs, and scrubs PII. Unlike generic proxies, Shroud knows your vault and matches exact secret values, not pattern guesses. Every agent also gets its own config for PII handling, injection sensitivity, allowed models, token limits, and daily spend caps.

Intents lets agents sign blockchain transactions without holding private keys. Agents submit what they want to do and 1Claw handles signing inside an HSM (Hardware Security Module). You set guardrails per agent (e.g., allowed addresses, value caps, and chain restrictions) and every transaction can be simulated before broadcast. Intents supports 109+ EVM chains and key generation for Bitcoin, Solana, XRP, Cardano, and Tron.

1Claw works with Claude, Cursor, GPT, Copilot, and Windsurf out of the box and includes 35+ MCP tools as well as SDKs for TypeScript and Go. Start free with 1,000 requests a month - no card required.

Use Cases

DeFi Agent Transaction Signing

Autonomous DeFi agents need to execute onchain transactions but shouldn't hold private keys given a single prompt injection could drain a wallet. The Intents API keeps keys in the HSM while agents submit transaction intents with server-enforced guardrails: address allowlists, value caps, and Tenderly simulation before broadcast. 1Claw supports 109+ EVM chains with full EIP-1559 and EIP-712 typed data signing.

Secure API Key Management for Coding Agents

Developers using Claude, Cursor, or Copilot paste API keys into chat prompts every day - leaving credentials in context windows, provider logs, and chat histories. With 1Claw Vault, agents fetch secrets at runtime through scoped JWTs and the MCP server while keys stay in the HSM. Agents are individually revocable without rotating the underlying credential and there is a full audit trail on every access.

LLM Traffic Inspection & Prompt Injection Defense

AI agents processing untrusted input, retrieved documents, tool outputs, and user-submitted content are vulnerable to prompt injection and credential exfiltration. Shroud inspects every LLM request and response across 20 security layers inside a TEE. It scores for injection, strips hidden content, blocks exfil URLs, redacts PII, and enforces per-agent policies. With 1Claw, security teams get centralized visibility without trusting agent-side code.

Per-Agent Budget & Rate Limiting

Teams running multiple AI agents across different projects need spending controls. 1Claw enforces per-agent daily budget caps in USD, per-request token limits, and rate limits at the proxy level, returning 429s before overspend happens. Combined with Shroud's LLM Token Billing, teams can meter usage per token across OpenAI, Anthropic, and Google without distributing provider API keys to each agent.

Multi-Cloud Secret Isolation with MPC Key Splitting

Organizations with strict compliance requirements need assurance that no single cloud provider can access their secrets. 1Claw's MPC key splitting distributes key shares across GCP, AWS, and Azure - as a result, compromise of any single provider is insufficient to decrypt. Combined with envelope encryption, CMEK support, and HSM-backed key hierarchies, this supports SOC 2, ISO 27001, and internal security audits.

Autonomous Agent Billing via x402

AI agents operating autonomously need to pay for compute and API access without human intervention or pre-funded wallets. With x402 pay-per-use, agents submit payment intents that 1Claw signs and settles on Base in stablecoins via the Coinbase CDP facilitator. The agent never holds or controls funds. Per-request micropayments replace subscription management, and replay protection helps reduce double-spend.

This site contains content and information, including links to other sites and resources, that was prepared by third parties ("Third Party Content") who are not affiliated with Circle or any of its affiliates (collectively "Circle"). Circle makes no representations on the accuracy, suitability, or validity of Third Party Content. As such, Circle is neither responsible nor liable for any Third Party Content, including any errors, omissions, or delays, or for any actions taken in reliance upon any Thirds Party Content. Reference to any specific company, product, service, or website of any third party does not constitute an implied or express endorsement, recommendation, favoring or validation by Circle. All content provided is for educational and informational purposes only. Circle shall not be liable for any damage or loss relating to use of, or reliance upon, the Third Party Content.

Ready to connect with 1Claw?