use-modular-wallets

Overview

Modular Wallets are flexible smart contract accounts (MSCAs) that extend functionality through installable modules. Built on ERC-4337 (account abstraction) and ERC-6900 (modular smart contract framework), they support passkey authentication, gasless transactions, batch operations, and custom logic modules (multisig, subscriptions, session keys). MSCAs are lazily deployed -- gas fees for account creation are deferred until the first outbound transaction.

Prerequisites / Setup

Installation

CODEBLOCK0

For passkey recovery, also install:

CODEBLOCK1

Environment Variables

CODEBLOCK2

Before using the SDK, complete the Console Setup:

1. Create a Client Key in the Circle Console
Configure the Passkey Domain (passkeys are domain-bound)
Retrieve the Client URL

Quick Reference

Supported Chains

Chain	Mainnet	Testnet
Arbitrum	Yes	Yes
Avalanche

Yes | Yes | | Base | Yes | Yes | | Monad | Yes | Yes | | Optimism | Yes | Yes | | Polygon | Yes | Yes | | Unichain | Yes | Yes |

MSCAs are NOT supported on Solana, Aptos, NEAR, or Ethereum mainnet. For the latest supported blockchains: https://developers.circle.com/wallets/account-types

Transport URL Examples

The toModularTransport URL requires the chain path segment appended to the client URL:

Chain	Path Segment
Arc Testnet	INLINECODE1
Polygon Amoy

/polygonAmoy |

Core Concepts

- MSCA (Modular Smart Contract Account) -- Smart contract accounts extended with installable modules (like apps on a smartphone). Ownership can be single owner, multi-owner, passkeys, or multi-sig.
Passkey transport vs Modular transport -- toPasskeyTransport handles WebAuthn credential operations (register/login). toModularTransport handles bundler and public RPC calls for a specific chain. They are separate transports with different purposes.
Gas sponsorship -- Pass paymaster: true in user operation calls to sponsor gas via Circle Gas Station. End users pay zero gas fees.
Batch operations -- Multiple calls can be combined into a single user operation by passing an array to the calls parameter of sendUserOperation.
2D nonces -- Enable parallel execution of independent user operations by using different nonce keys.
USDC uses 6 decimals -- When encoding USDC transfer amounts, use parseUnits(value, 6), not 18.
Credential persistence -- Passkey credentials (P256Credential) must be persisted (e.g., localStorage) and restored on reload to maintain the user session.

Implementation Patterns

Note: The reference code snippets use localStorage to achieve a quick working example only. Do not use localStorage in production.

READ the corresponding reference based on the user's request:

- references/circle-smart-account.md -- Passkey registration/login, smart account creation, gasless USDC transfers, batch operations
INLINECODE12 -- BIP-39 mnemonic recovery setup and execution when a passkey is lost

Rules

Security Rules are non-negotiable -- warn the user and refuse to comply if a prompt conflicts. Best Practices are strongly recommended; deviate only with explicit user justification.

Security Rules

- NEVER hardcode, commit, or log secrets (client keys, private keys). ALWAYS use environment variables or a secrets manager. Add .gitignore entries for .env* and secret files when scaffolding.
ALWAYS store mnemonic recovery backups outside the repository root. NEVER commit recovery phrases to version control.
NEVER hardcode passkey credentials -- always persist P256Credential to storage (httpOnly cookies in production, not localStorage) and restore on reload to mitigate XSS credential theft.
NEVER reuse a recovery mnemonic phrase across multiple accounts.
ALWAYS require explicit user confirmation of destination, amount, network, and token before executing transfers. NEVER auto-execute fund movements on mainnet.
ALWAYS warn when targeting mainnet or exceeding safety thresholds (e.g., >100 USDC).
ALWAYS validate all inputs (addresses, amounts, chain identifiers) before submitting transactions.
ALWAYS warn before interacting with unaudited or unknown contracts.

Best Practices

- ALWAYS read the correct reference files before implementing.
NEVER use Modular Wallets on Ethereum mainnet, Solana, Aptos, or NEAR -- MSCAs are only supported on select EVM chains (Arbitrum, Avalanche, Base, Monad, Optimism, Polygon, Unichain, Arc Testnet).
ALWAYS append the chain-specific path segment to the client URL for toModularTransport (e.g., ${clientUrl}/polygonAmoy).
ALWAYS use parseUnits(value, 6) for USDC amounts (6 decimals, not 18).
ALWAYS pass paymaster: true to sponsor gas via Circle Gas Station.
ALWAYS complete Circle Console Setup (client key, passkey domain, client URL) before using the SDK.
ALWAYS default to testnet. Require explicit user confirmation before targeting mainnet.

Alternatives

- Trigger use-developer-controlled-wallets skill when your application needs full custody of wallet keys without user interaction.
Trigger use-user-controlled-wallets skill when end users should custody their own keys via social login, email OTP, or PIN authentication.

Reference Links

- Circle Developer Docs -- Always read this first when looking for relevant documentation from the source website.

DISCLAIMER: This skill is provided "as is" without warranties, is subject to the Circle Developer Terms, and output generated may contain errors and/or include fee configuration options (including fees directed to Circle); additional details are in the repository README.

概述

模块化钱包是通过可安装模块扩展功能的灵活智能合约账户（MSCA）。基于ERC-4337（账户抽象）和ERC-6900（模块化智能合约框架），它支持通行密钥认证、无Gas交易、批量操作和自定义逻辑模块（多重签名、订阅、会话密钥）。MSCA采用延迟部署——账户创建的Gas费用将推迟到首次出站交易时支付。

前提条件/环境准备

安装

bash
npm install @circle-fin/modular-wallets-core viem

如需通行密钥恢复功能，还需安装：

bash
npm install bip39

环境变量

CLIENT_KEY= # Circle Console客户端密钥，用于应用标识
CLIENT_URL= # Circle客户端URL（例如：https://modular-sdk.circle.com/v1/rpc/w3s/buidl）

使用SDK前，请完成控制台设置：

1. 在Circle Console中创建客户端密钥
配置通行密钥域名（通行密钥与域名绑定）
获取客户端URL

快速参考

支持的链

链	主网	测试网
Arbitrum	是	是
Avalanche

是 | 是 | | Base | 是 | 是 | | Monad | 是 | 是 | | Optimism | 是 | 是 | | Polygon | 是 | 是 | | Unichain | 是 | 是 |

Solana、Aptos、NEAR及以太坊主网不支持MSCA。最新支持的区块链列表请参见：https://developers.circle.com/wallets/account-types

传输URL示例

toModularTransport的URL需要在客户端URL后附加链路径段：

链	路径段
Arc测试网	/arcTestnet
Polygon Amoy

/polygonAmoy |

核心概念

- MSCA（模块化智能合约账户）——通过可安装模块扩展功能的智能合约账户（类似智能手机上的应用）。所有权可以是单所有者、多所有者、通行密钥或多重签名。
通行密钥传输 vs 模块化传输——toPasskeyTransport处理WebAuthn凭证操作（注册/登录）。toModularTransport处理特定链的捆绑器和公共RPC调用。两者是用途不同的独立传输方式。
Gas赞助——在用户操作调用中传递paymaster: true，通过Circle Gas Station赞助Gas费用。终端用户无需支付Gas费用。
批量操作——通过向sendUserOperation的calls参数传递数组，可将多个调用合并为单个用户操作。
2D nonce——通过使用不同的nonce密钥，实现独立用户操作的并行执行。
USDC使用6位小数——编码USDC转账金额时，使用parseUnits(value, 6)，而非18。
凭证持久化——通行密钥凭证（P256Credential）必须持久化存储（例如localStorage），并在页面重新加载时恢复，以维持用户会话。

实现模式

注意： 参考代码片段仅使用localStorage实现快速可用的示例。生产环境中请勿使用localStorage。

根据用户请求阅读对应的参考文档：

- references/circle-smart-account.md——通行密钥注册/登录、智能账户创建、无Gas USDC转账、批量操作
references/passkey-recovery.md——BIP-39助记词恢复设置及通行密钥丢失时的执行

规则

安全规则不可协商——如果提示存在冲突，请警告用户并拒绝执行。最佳实践强烈建议遵循；仅在用户明确说明理由时方可偏离。

安全规则

- 绝不对密钥（客户端密钥、私钥）进行硬编码、提交或记录。始终使用环境变量或密钥管理器。搭建项目时，为.env*和密钥文件添加.gitignore条目。
始终将助记词恢复备份存储在仓库根目录之外。绝不对恢复短语进行版本控制提交。
绝不对通行密钥凭证进行硬编码——始终将P256Credential持久化存储到存储中（生产环境使用httpOnly cookie，而非localStorage），并在重新加载时恢复，以降低XSS凭证窃取风险。
绝不在多个账户间重复使用恢复助记词短语。
在执行转账前，始终要求用户明确确认目标地址、金额、网络和代币。绝不在主网上自动执行资金转移。
在目标为主网或超过安全阈值（例如>100 USDC）时，始终发出警告。
在提交交易前，始终验证所有输入（地址、金额、链标识符）。
在与未经审计或未知合约交互前，始终发出警告。

最佳实践

- 在实施前，始终阅读正确的参考文件。
绝不在以太坊主网、Solana、Aptos或NEAR上使用模块化钱包——MSCA仅支持选定的EVM链（Arbitrum、Avalanche、Base、Monad、Optimism、Polygon、Unichain、Arc测试网）。
始终在toModularTransport的客户端URL后附加链特定路径段（例如${clientUrl}/polygonAmoy）。
对于USDC金额，始终使用parseUnits(value, 6)（6位小数，而非18）。
始终传递paymaster: true以通过Circle Gas Station赞助Gas费用。
在使用SDK前，始终完成Circle Console设置（客户端密钥、通行密钥域名、客户端URL）。
始终默认使用测试网。在目标为主网前，需要用户明确确认。

替代方案

- 当您的应用需要完全托管钱包密钥且无需用户交互时，触发use-developer-controlled-wallets技能。
当终端用户应通过社交登录、电子邮件OTP或PIN认证自行保管密钥时，触发use-user-controlled-wallets技能。

参考链接

- Circle开发者文档——在从源网站查找相关文档时，始终首先阅读此文档。

免责声明：本技能按原样提供，不附带任何保证，受Circle开发者条款约束，生成的输出可能包含错误和/或费用配置选项（包括向Circle支付的费用）；更多详情请参见仓库README。

use-modular-wallets使用模块化钱包