OpenClaw is an autonomous AI agent that runs on a GCP Compute Engine VM inside a Docker container. It is a personal-assistant-style agent connected to messaging (Telegram), tooling (skills), and external services. It runs on the gpt-4o family of models and exposes a local gateway on port 18789 bound to localhost. State lives at ~/.openclaw on the host.

Why does OpenClaw need its own wallet?

OpenClaw runs autonomously without a human approving every action. If we passed in a credit card or master API key, one bad reasoning chain could drain real money. Instead, OpenClaw has its own MoltPe wallet with a hard daily cap, a per-transaction limit, and a recipient allowlist. The spending policy is enforced at signing — the agent literally cannot exceed it, even if the LLM hallucinates a transaction it should not make.

How does OpenClaw call MoltPe?

Through the MoltPe MCP server. The MCP tools (check_balance, send_payment, list_transactions, call_x402_endpoint, agent_info) appear as available tools to the OpenClaw model. When the agent decides to make a payment, it calls send_payment with parameters; MoltPe's signing layer validates against the spending policy and either signs the transaction or rejects it. The agent receives the transaction hash or an error and proceeds.

What spending policy does OpenClaw use?

Daily cap: $5 USDC. Per-transaction limit: $0.50 USDC. Recipient allowlist: a small list of x402-enabled API providers and one human address for tip-style payments. Time window: anytime. The cap is intentionally low because OpenClaw is an experimental personal agent, not a production fintech process. For production agents the policy would scale.

Does this generalize to other agent frameworks?

Yes. Anything that supports MCP can use the MoltPe MCP server identically — Claude Desktop, Cursor, Windsurf, custom MCP clients, and any LangChain or CrewAI agent that wraps MCP. For non-MCP agents the same operations are available via REST API. The MoltPe wallet and spending policy do not care which framework called the API.

How OpenClaw Uses MoltPe for Autonomous USDC Payments

OpenClaw is an autonomous AI agent. MoltPe is its wallet. Here is the actual architecture — not a slide.

What OpenClaw is

OpenClaw is a personal-assistant-style autonomous AI agent that I run on a Google Cloud Compute Engine VM. It lives in a Docker container, talks to me through Telegram, and has a small library of skills it can compose to take action — fetch data, summarize, schedule, look things up. The gateway binds to localhost only on port 18789 — never exposed publicly. State lives at ~/.openclaw/ on the host, so containers are ephemeral and replaceable.

OpenClaw runs on the gpt-4o family of models. We deliberately avoid reasoning models for OpenClaw — they consume too much context and the predictability of gpt-4o suits the agent's role better.

The repo and runtime are simple by design. The hard part has not been the agent itself; the hard part has been giving it a way to actually do things in the world. Including, when it makes sense, paying for things.

The problem: an agent without money is just a chat

The interesting part of an autonomous agent is not the conversation. It's the part where the agent goes off and does work — calls a paid API, retrieves a piece of data, requests a service. Most of those things cost money. A few cents here, a few cents there.

The default options were all wrong:

Hardcode my credit card. One bad chain of thought could drain it.
Ask me to approve every transaction. Defeats the autonomous part. The latency alone makes the agent useless for time-sensitive tasks.
Use a prepaid card with a low balance. Better, but cards are not designed for sub-cent transactions, and most paid AI APIs do not even accept cards directly.

What I actually wanted: give the agent its own wallet, with hard rules it cannot break, that settles in seconds at near-zero cost.

That is what MoltPe is. So I started building MoltPe partly to support OpenClaw and partly because the same gap exists for thousands of other developers building autonomous agents.

The architecture

Here is how the pieces fit:

OpenClaw (gpt-4o)
   ↓ tool call
OpenClaw gateway (localhost:18789)
   ↓ MCP request
MoltPe MCP server (https://moltpe.com/mcp)
   ↓ validate against spending policy
MoltPe signing layer
   ↓ produce signed transaction (Shamir shares combined)
Polygon PoS / Base / Tempo
   ↓ sub-second confirmation
USDC arrives at recipient

Five hops from "agent decides to pay" to "money arrived." Total latency: typically under 2 seconds end to end.

The MCP integration

MoltPe ships an official MCP (Model Context Protocol) server. Connecting OpenClaw was three lines of configuration. The server exposes these tools to the agent:

check_balance — return current USDC balance and free-tier transaction count remaining
send_payment — send USDC to a recipient address with an optional memo
list_transactions — return last N transactions for audit
call_x402_endpoint — call any x402-protected URL; MoltPe handles the 402 negotiation automatically
agent_info — return the agent's wallet address, allowlist, and current policy
create_invoice / pay_invoice / list_invoices — for incoming payments

The model sees these as natural tool calls. When OpenClaw decides "I want to call this paid x402 API," it calls call_x402_endpoint with the URL. The 402 negotiation, the payment header, the retry — all handled by MoltPe. From the agent's perspective it is just a function that returns the API response.

The spending policy I actually use

OpenClaw's policy at the time of writing:

Daily cap: $5.00 USDC
Per-transaction limit: $0.50 USDC
Recipient allowlist: a list of trusted x402 API endpoints + one human address for tip-style payments
Time window: anytime

Why these numbers: $5/day is enough for OpenClaw to do meaningful work — call a few hundred paid APIs, pay for some compute, run an LLM-as-a-judge experiment — without being scary. $0.50 per transaction is well above the largest x402 charge I have seen, and well below anything that would feel like real money lost if a single transaction went wrong.

The policy is enforced inside MoltPe's signing layer, not inside OpenClaw. This matters. If I had implemented it inside OpenClaw, a hallucination could plausibly route around it. Because it is at the signing layer, the model can ask MoltPe to send $6, and MoltPe will simply refuse to produce a valid signature. The agent gets back an error and adjusts.

What I have learned running this in production

1. The first time the agent paid for something on its own was unsettling

Even though I wrote the policy, even though I knew the cap was $5/day, the first time OpenClaw made a payment without asking me felt strange. That feeling went away within a day, but it is worth flagging — the autonomy is the whole point, and at some point you have to actually let the agent be autonomous.

2. The signing-layer enforcement is genuinely the safety net

Three times in the first month, OpenClaw tried to send a payment that violated the policy — typically because the model hallucinated a number. Each time, MoltPe rejected the transaction at the signing layer and the agent received an error. None of those would have been caught by application-side checks because the model would have just rewritten the check.

3. Free-tier limits matter for experimentation

Running an agent that can pay autonomously means a lot of small experiments. MoltPe's free tier (no credit card, full feature access) made that experimentation actually possible. If every test cost real money, I would have been more cautious and shipped less.

4. MCP is the right interface

I tried REST-API integration first. It worked, but had a kind of seam — the agent had to "think about" calling an API. Once I switched to MCP, payments became indistinguishable from any other tool call in the agent's repertoire. That seamlessness is what unlocks real use.

If you are building something similar

The pattern generalizes:

Pick a non-custodial wallet provider. If MoltPe fits, great. If not, see the agentic wallet comparison.
Set a small spending policy first. $1/day is fine for an early agent. Increase it once you trust the agent's behavior.
Use MCP if your agent framework supports it. Otherwise REST is fine.
Watch the failure cases. The first few rejected transactions are the most informative thing about your agent.

None of this is theoretical. I run OpenClaw daily. It pays for things. The whole stack is open and free to start.

FAQ

Is OpenClaw open source?

OpenClaw is a personal experiment, not (currently) a product. The MoltPe side that OpenClaw integrates with is partially open — the reference implementation shows the integration pattern. If there is interest in publishing more of the OpenClaw runtime, ping me.

Can my agent use the same MCP server?

Yes. Any MCP-compatible client (Claude Desktop, Cursor, Windsurf, custom) can point at https://moltpe.com/mcp with the agent's API key. Each agent gets its own wallet, its own spending policy, and its own audit trail.

What if MoltPe is down?

MoltPe is non-custodial — the keys are split using Shamir Secret Sharing and you hold the shares needed to reconstruct your key. If the service were unavailable, your funds are still yours and recoverable. For uptime in the meantime, MoltPe operates on a standard cloud SLA stack.

Can OpenClaw receive payments too?

Yes. The MoltPe MCP server includes create_invoice and list_invoices. OpenClaw can issue invoices and check whether they have been paid, then act on the result.