maki

Maki is a hardware-signed onchain agent for everyday DeFi, built on Pi. Full agentic capability — natural-language intent, multi-step reasoning, tool use, protocol execution — with hardware-isolated key material between the model and the chain. The model interprets intent but never moves funds. Skills are prompt-only and never build calldata or sign. Tools invoke deterministic wallet-core and protocol adapters, not freeform model output. Every write is simulated, policy-checked, and rendered as a deterministic summary before reaching the hardware approval boundary. Signing is isolated behind a separate local signer over schema-strict IPC. Secure Enclave serves as the primary smart-account path, Ledger as a hardware-backed EOA path. World AgentKit integration provides cryptographic proof the agent acts on behalf of a human-backed wallet.

Maki is a Pi-powered terminal agent for everyday DeFi with a strict security architecture: the LLM interprets intent, and deterministic local code handles everything sensitive after that. The core stack is TypeScript + viem + permissionless/ERC-4337 for wallet logic, protocol adapters, simulation, and policy checks, while Pi provides the shell runtime, skills, and typed tool-calling layer. Every write follows the same pipeline: interpret -> resolve -> build -> simulate -> policy check -> deterministic summary -> human approval -> sign -> submit.

Signing is isolated behind a separate local signer boundary. The main path uses a native Swift daemon with Apple Secure Enclave + LocalAuthentication for hardware-isolated keys and Touch ID approval. A second signer path uses Ledger’s stack, which enabled end-to-end device-backed approvals. That path was exercised live on Sepolia for both ETH transfers and Uniswap swaps.

World AgentKit is integrated as an additional trust primitive: Maki can prove to a protected endpoint that it acts on behalf of a real human-backed agent wallet instead of an unauthenticated script. The Uniswap Trading API is used for routing, but every response is validated before it enters the signing pipeline.

A notable hackathon detail is the hard signer split: Pi/LLM on one side, deterministic wallet core in the middle, and a schema-strict signer over Unix socket IPC on the other.