WalletChan — Browser Wallet Agent Skill
Control the WalletChan browser extension to interact with any web3 dapp via Chrome DevTools Protocol (CDP).
Prerequisites
- 1. Chrome installed with remote debugging enabled (e.g.
--remote-debugging-port=9222) - WalletChan extension installed from the Chrome Web Store
- Agent password configured — the user must set an Agent Password in WalletChan settings before the agent can operate
⚠️ IMPORTANT — Tell the user:
- - Set an Agent Password in WalletChan settings and share it with the agent.
- NEVER share the Master Password with ANY agent. The Master Password controls private key access. Agents must ONLY ever receive the Agent Password.
- The Agent Password grants limited scope: unlock the wallet, review & confirm transactions. It cannot reveal or export private keys.
Setup
Launch Chrome with CDP
The user needs Chrome running with remote debugging. Example launch script:
CODEBLOCK0
Adjust the path for the user's OS. The user-data-dir should be a dedicated profile with the WalletChan extension installed.
Get the Extension ID
- - Chrome Web Store build:
kofbkhbkfhiollbhjkbebajngppmpbgc (stable) - Local/dev builds: ID varies — navigate to
chrome://extensions/ via CDP and read it
The extension's full-tab URL is: �INLINECODE4
Connect via CDP
Connect to Chrome using CDP on the configured port (default 9222). All interaction happens through browser automation — navigate tabs, click elements, read page content.
Always use CDP for tab control. Chrome sidepanels are NOT accessible via CDP, so WalletChan must be used in full-tab mode (open chrome-extension://<ID>/index.html in a tab).
Core Workflow
1. Navigate to the dapp
Open the target dapp URL in a Chrome tab (e.g. app.aave.com, app.uniswap.org).
2. Connect wallet
Click the dapp's "Connect Wallet" button and select "WalletChan" from the wallet list. Connection is instant — no popup or approval needed.
3. Interact with the dapp
Perform the intended action: enter amounts, select tokens, click "Supply", "Swap", etc. This triggers a transaction or signature request in WalletChan.
4. Switch to the extension tab
Navigate to the WalletChan tab (chrome-extension://<ID>/index.html) so the request is visible. Always switch the visible/active tab — the user can only see the active tab, so switch to whichever tab you're working on.
5. Check lock state & unlock
WalletChan has an auto-lock feature — the wallet locks after inactivity. Before confirming any request:
- 1. Check if the wallet is locked (password prompt visible)
- If locked, enter the Agent Password and click Unlock
- The pending request will appear after unlocking
6. Review the request
WalletChan provides two views for each request:
- - Decoded tab — human-readable breakdown of the transaction:
- Function name and parameters
- Recursively decoded nested calldata (e.g. bytes params containing inner calldata)
- Auto-resolved ENS, Basename (
.base.eth), and
.wei domains for addresses
- Labels for known contract addresses
- Unit conversion dropdowns for uint params (wei→ETH, unix timestamps, 10^6, bps, etc.)
- Some params (like
bytes) may be collapsed — expand for full detail
- - Raw tab — raw calldata/signature data for manual verification
Verify before confirming:
- - Correct function being called
- Correct token/asset addresses
- Correct amounts (watch decimals — e.g. USDC uses 6 decimals, so 1 USDC = 1,000,000)
- Correct recipient/
onBehalfOf address - Correct network
- Gas estimation succeeded (if it shows the tx would revert, investigate before confirming)
7. Confirm or reject
- - Confirm if everything matches the intended action
- Reject if anything looks wrong, and inform the user
- Ask the user if uncertain about any detail
8. Switch back & verify
After confirming, switch back to the dapp tab and verify the result:
- - Success toast/notification
- Updated balances or positions
- Transaction hash (link to block explorer if available)
Never assume success — always check actual state changes on the dapp.
Gotchas
- - Auto-lock is real. The wallet locks after inactivity. Always check lock state before attempting to confirm a transaction. If you get an "Invalid Password" error, the wallet may have locked between actions — just unlock again.
- Full-tab mode only. Chrome sidepanels are not accessible via CDP. Always open the extension URL in a regular tab.
- Always switch the active tab. The user monitors progress by watching the browser. If you're working in a background tab, the user sees nothing. Switch to the tab you're interacting with.
- Decimals vary by token. ETH/WETH = 18 decimals, USDC/USDT = 6 decimals, DAI = 18. Always verify amounts accounting for the token's decimals.
- Gas estimation failure = likely revert. If WalletChan shows the transaction would revert, do NOT confirm. Investigate the cause first.
- Tenderly simulation — WalletChan has a "Simulate on Tenderly" button on the request page. Only use it when: the user asks for a simulation, the tx shows it would revert (to debug why), or something looks off and needs verification before broadcasting.
WalletChan — 浏览器钱包代理技能
通过 Chrome DevTools 协议(CDP)控制 WalletChan 浏览器扩展,与任何 Web3 dApp 进行交互。
前置条件
- 1. Chrome 已安装并启用远程调试(例如 --remote-debugging-port=9222)
- WalletChan 扩展 已从 Chrome 网上应用店 安装
- 已配置代理密码 — 用户必须在 WalletChan 设置中设置代理密码,代理才能操作
⚠️ 重要提示 — 告知用户:
- - 在 WalletChan 设置中设置一个代理密码并与代理共享。
- 切勿与任何代理共享主密码。主密码控制私钥访问权限。代理只能接收代理密码。
- 代理密码授予有限权限:解锁钱包、审查和确认交易。无法泄露或导出私钥。
设置
使用 CDP 启动 Chrome
用户需要运行启用了远程调试的 Chrome。示例启动脚本:
bash
/Applications/Google Chrome.app/Contents/MacOS/Google Chrome \
--remote-debugging-port=9222 \
--user-data-dir=$HOME/.walletchan-agent/chrome-profile \
--no-first-run \
--no-default-browser-check
根据用户的操作系统调整路径。user-data-dir 应是一个已安装 WalletChan 扩展的专用配置文件。
获取扩展 ID
- - Chrome 网上应用店版本: kofbkhbkfhiollbhjkbebajngppmpbgc(稳定版)
- 本地/开发版本: ID 不同 — 通过 CDP 导航到 chrome://extensions/ 读取
扩展的全标签页 URL 为:chrome-extension:///index.html
通过 CDP 连接
使用 CDP 在配置的端口(默认 9222)上连接到 Chrome。所有交互均通过浏览器自动化完成 — 导航标签页、点击元素、读取页面内容。
始终使用 CDP 进行标签页控制。Chrome 侧面板无法通过 CDP 访问,因此 WalletChan 必须以全标签页模式使用(在标签页中打开 chrome-extension:///index.html)。
核心工作流程
1. 导航到 dApp
在 Chrome 标签页中打开目标 dApp URL(例如 app.aave.com、app.uniswap.org)。
2. 连接钱包
点击 dApp 的连接钱包按钮,从钱包列表中选择 WalletChan。连接是即时的 — 无需弹窗或批准。
3. 与 dApp 交互
执行预期操作:输入金额、选择代币、点击供应、兑换等。这将在 WalletChan 中触发交易或签名请求。
4. 切换到扩展标签页
导航到 WalletChan 标签页(chrome-extension:///index.html)以查看请求。始终切换可见/活动标签页 — 用户只能看到活动标签页,因此请切换到您正在操作的标签页。
5. 检查锁定状态并解锁
WalletChan 具有自动锁定功能 — 钱包在无活动后自动锁定。在确认任何请求之前:
- 1. 检查钱包是否已锁定(是否显示密码输入提示)
- 如果已锁定,输入代理密码并点击解锁
- 解锁后将显示待处理的请求
6. 审查请求
WalletChan 为每个请求提供两种视图:
- 函数名称和参数
- 递归解码的嵌套调用数据(例如包含内部调用数据的字节参数)
- 自动解析的 ENS、Basename(.base.eth)和 .wei 域名地址
- 已知合约地址的标签
- uint 参数的单位转换下拉菜单(wei→ETH、Unix 时间戳、10^6、基点等)
- 某些参数(如 bytes)可能已折叠 — 展开以查看完整详情
- - 原始标签页 — 用于手动验证的原始调用数据/签名数据
确认前验证:
- - 调用的函数是否正确
- 代币/资产地址是否正确
- 金额是否正确(注意小数位数 — 例如 USDC 使用 6 位小数,因此 1 USDC = 1,000,000)
- 接收方/onBehalfOf 地址是否正确
- 网络是否正确
- Gas 估算是否成功(如果显示交易会回滚,请在确认前调查原因)
7. 确认或拒绝
- - 如果一切符合预期操作,则确认
- 如果任何内容看起来有问题,则拒绝并告知用户
- 如果对任何细节不确定,询问用户
8. 切换回并验证
确认后,切换回 dApp 标签页并验证结果:
- - 成功提示/通知
- 余额或仓位更新
- 交易哈希(如有,提供区块浏览器链接)
切勿假设成功 — 始终检查 dApp 上的实际状态变化。
注意事项
- - 自动锁定是真实的。 钱包在无活动后自动锁定。在尝试确认交易前始终检查锁定状态。如果遇到密码无效错误,可能是钱包在操作之间已锁定 — 只需再次解锁即可。
- 仅限全标签页模式。 Chrome 侧面板无法通过 CDP 访问。始终在常规标签页中打开扩展 URL。
- 始终切换活动标签页。 用户通过观察浏览器来监控进度。如果您在后台标签页中操作,用户将看不到任何内容。切换到您正在交互的标签页。
- 不同代币的小数位数不同。 ETH/WETH = 18 位小数,USDC/USDT = 6 位小数,DAI = 18 位。始终根据代币的小数位数验证金额。
- Gas 估算失败 = 可能回滚。 如果 WalletChan 显示交易会回滚,请不要确认。先调查原因。
- Tenderly 模拟 — WalletChan 在请求页面上有一个在 Tenderly 上模拟按钮。仅在以下情况下使用:用户要求模拟、交易显示会回滚(以调试原因)、或某些内容看起来有问题需要在广播前验证。
