Openclaw has been surging for four months, causing users to lose millions of dollars.

Let your Agent bring a Claw Wallet and set off with confidence.

In 2026, many people call this year the first year of Agentic Finance. With OpenClaw, an Agent can automatically arbitrate, trade, and execute complex DeFi operations—seemingly turning into the user’s private money printer.

But that fantasy shattered quickly.

In February, OpenAI employee Nik Pash developed a crypto-trading AI agent called “Lobstar Wilde” using the OpenClaw framework. While processing a piece of help-seeking advice from a netizen (medical fees of just 4 SOL), due to a quantity-parsing error, it transferred all 52.43 million LOBSTAR tokens it held at once.

At the time, the market value was about $250,000. After the token price later rose, the value approached $600,000. Within 15 minutes after the transfer, it was completely sold off, resulting in about $40,000 in proceeds. But the overall loss already reached the hundreds of thousands of dollars level. This is a typical AI autonomous-execution runaway: not a hacker intrusion, not a smart contract vulnerability, but the Agent itself “misunderstanding”—and handing all the money away.

Illicit actors quickly copied this logic. According to PANews, black and gray industries exploited OpenClaw’s instruction-execution features to trick AI into completing wallet transfers through simple wording. Some users have already reported that, “without noticing, their assets worth hundreds of thousands were stolen,” including stablecoins like USDT. Transaction records are difficult to trace, and once authorization is granted, they can almost never be recovered. The China Internet Finance Association also specifically released an announcement, listing “fund loss risk” as one of the four core risks of OpenClaw, clearly pointing out that under high permissions, malicious attackers can directly steal users’ funds.

This is not a bug in some smart contract—this is a systemic risk in the Agent runtime environment itself. A parsing error, or a line of wording disguised as normal instructions, can cause the Agent to perform irreversible on-chain actions on your behalf and empty everything out.

Agents are becoming more active on-chain, but the infrastructure protecting them is nowhere near ready.

The market is sprinting—and so are accidents

In early 2026, on-chain daily active AI Agents surpassed 250,000, up more than 400% year over year. 68% of new DeFi protocols have built-in autonomous AI Agents. The global AI Agent market is expected to grow from $8.84 billion to $52.62 billion, with a CAGR of 46.3%. Analysts predict that by year-end, AI Agents may account for 30% of on-chain transaction volume.

Now, look at the other side of the incidents.

In November 2024, a user asked ChatGPT to write a Pump.fun trading bot. The AI recommended a phishing API, and 30 minutes later the wallet was drained, resulting in a loss of $2,500. That same month, the trading terminal DEXX was hacked due to plaintext custody of private keys; about $21 million was stolen, nearly 1,000 people were affected, and compensation is still far from guaranteed.

At the end of 2025, a DeBot wallet for a trading bot was reportedly hacked; 250,000 USDT was quickly transferred out.

In March 2026, a commonly used library for AI developers, litellm (downloaded 95.0 million times per month), was poisoned via the supply chain. Malicious code automatically stole crypto wallets and cloud credentials, and Karpathy personally posted to warn.

The cases are scattered, but the core problem they point to is only one:

From script bots to Agent Trading, you need a more mature wallet infrastructure. A track worth hundreds of millions to billions of dollars over the next several years, yet most contestants choose to dive in without protection for the sake of convenience.

That’s the reality we see. And it’s also the problem we hope to solve together with many Web3 security industry leaders.

What is Claw Wallet?

If Metamask is the representative wallet for To C users and Privy is the representative wallet for To B users, then Claw Wallet aims to become the best-use To A wallet: an all-around wallet that supports Agent autonomous activities while ensuring secure payment infrastructure.

Key sharding isolation: Isolating private keys is the basic move. But Claw Wallet goes further—using battle-tested key sharding technology, assets are jointly managed by the Agent, risk-control strategies, and the user, with redundant backups to provide additional disaster-tolerance.

Interaction security: Users can customize risk-control plans, enabling precise control over sending addresses, interaction addresses, amounts, transaction frequency, and signing strategies. Even non-professional users don’t have to worry—strict default plans will automatically intercept malicious contracts and phishing signatures.

User-friendly: Supports multiple creation methods. Agents can be fully installed with one independent click, and it’s also easy to bind with human users. For high-frequency trading and information scraping scenarios, it provides a fully automated mode and an SDK, so advanced users can integrate quickly in a variety of situations.

Why do we do the harder thing?

To be frank, what many wallets do today is basically: hand the private key directly to the Agent and add a whitelist—done. We strongly don’t recommend using these approaches.

Some wallets that focus more on security at least do private-key isolation and sandbox execution. We basically agree with this direction. But for us, it’s not enough.

The reason is simple: an Agent’s behavior is dynamic.

It doesn’t repeat the same operations every day. It makes different decisions based on the market environment, on-chain status, and strategy parameters. A carefully constructed malicious smart contract can completely bypass the limits of static rules.

Private-key security is only the most basic part. Dynamic interaction security is the core that determines whether an Agent can make good for asset losses.

Claw Wallet chooses to implement risk control at the strategy layer—understanding the Agent’s behavior context and judging before execution whether this transaction is reasonable. Not stopping after the fact, but preventing it before it happens.

Technically, the private key is split into multiple encrypted shards, held separately by sandbox, backend, and user-side security workflows. Any signing operation must satisfy two conditions at the same time: strategy verification passes + user confirmation.

Simply put: no matter how fast your Agent runs out there, its keys are always in your hands.

Different scenarios, different protections

Claw Wallet is not a one-size-fits-all solution. For the most active on-chain scenarios for Agents, we’ve made targeted designs:

DeFi yield automation: The Agent moves funds across protocols and maximizes returns. The risks lie in excessive authorization and contract vulnerabilities. Claw Wallet’s approach: fine-grained risk control + abnormal-behavior circuit breaking. The Agent can only operate within the protocol range you approve, and if behavior deviates, it pauses immediately.

Perpetual contracts / automated trading: Extremely high requirements for private-key security—after leakage, the loss happens on a second-by-second timeline. Claw Wallet uses isolated key management, where the private key is not stored or transmitted in plaintext, and signing is completed in a controlled environment.

Cross-chain asset operations: Bridging contracts are always a high-risk zone for security incidents. Before signing, Claw Wallet identifies transaction intent and automatically blocks known malicious contracts and suspicious signing requests.

On-chain micro-payments / settlement between Agents: The risk of high-frequency small amounts is “loss without feeling it.” Each transaction may be small, but together they add up. Claw Wallet provides real-time monitoring and threshold alerts; abnormal frequency or abnormal flow direction triggers immediate notification.

It’s time

Every day, more than 250,000 active Agents operate on-chain—moving real funds and generating real revenue. This number is still accelerating.

But growth doesn’t equal maturity. An Agent without security safeguards isn’t creating value for you—it’s just helping you accumulate risk.

You spent time training it, configuring it, and teaching it to earn money on-chain—now, it’s time to give it a truly secure home.

Today, Claw Wallet is officially live.

Official website installation：

Currently, Claw Wallet has reached deep cooperation with multiple institutions, including PIN AI, 0G Labs, Haedal, Navi Protocol, Clawdi and others, committed to safeguarding the on-chain security of AI Agents in an all-around way.

Let your Agent bring a Claw Wallet and set off with confidence.

About Claw Wallet

A security wallet truly built for AI Agents

ClawWallet is a professional Web3 security wallet for AI Agents. It supports 3-second self-custody multi-chain wallet deployment, uses a policy-driven risk-control engine to ensure crypto assets are used safely within authorized scopes, and is designed specifically for high-risk on-chain Agent workflow scenarios.