Protecting Your Account
Protecting Your Account
Bankr has two layers of safety controls: wallet-level (applies to every surface) and per-API-key (applies to one key). Both run independently — a transaction must satisfy both to broadcast.
Wallet-Level Controls
Configure at bankr.bot → Security:
| Control | Default | What it does |
|---|---|---|
| Pause all transactions | Off | Blocks every outbound transaction until unpaused |
| Daily spending limit | $500/24h | Rejects any tx that pushes rolling 24h outflow past the limit |
| Per-transaction limit | $500 | Rejects any single tx above the limit |
| Permitted recipients | Off | Restricts transfers to an allowlist with cooldown period |
| Disable arbitrary contract calls | Off | Blocks raw contract calls (named operations like swaps still work) |
API Key Controls
Configure at bankr.bot/api:
- Read-only mode — Strips all write tools from agent sessions
- IP allowlist — Restricts which IPs can use the key
- Recipient allowlist — Restricts which addresses the key can send to
Use a Dedicated Agent Wallet
For production agents, use a separate Bankr account with its own API key and wallet. This isolates your personal funds, enables independent controls, and makes key rotation easy.
Incident Response
If you suspect a key is compromised:
- Pause the wallet at bankr.bot → Security (halts all transactions immediately)
- Revoke the key at bankr.bot/api
- Rotate — generate a new key with the same profile
- Audit — review recent transactions before unpausing
For full details, see Security Best Practices, Bankr Terminal, and Developer API Security in our developer docs.