Skip to main content
n0ir is fully non-custodial. Your wallet (EOA) always owns the funds. The agent only acts with limited, revocable permissions.

Control Model

RoleDescriptionPermissions
SUDO Validator (User’s EOA)Your wallet (MetaMask, Rainbow, etc.). Full control over the smart account.Can withdraw, revoke, or execute any operation anytime.
REGULAR Validator (Agent)Session key controlled by backend.Limited to whitelisted vault, bridge, and withdrawal functions.
You can revoke the agent anytime or withdraw directly from your smart account.

Smart Account Structure (ZeroDev Kernel v3.2)

Each user deploys a smart account with two validators: 
Smart Account (Kernel)
├── SUDO Validator -> User EOA (root owner)
│   - Full control
│   - Can revoke agent
│   - Can withdraw anytime
└── REGULAR Validator -> Agent session key
    - Limited permissions
    - 30-day expiry
    - Whitelisted functions only

Agent Permissions

Allowed Operations

  1. Vault Deposits / Withdrawals (ERC4626) — Only to approved vaults on Base and Arbitrum.
  2. USDC Approvals — For whitelisted vaults or Euler Vault Connector.
  3. Euler Vault Ops — Through whitelisted EVC contracts.
  4. CCTP Bridge — Cross-chain USDC transfers between Base and Arbitrum.
  5. USDC Transfers — Only to the user’s EOA (for withdrawals).

Forbidden Operations

  • Withdraw to arbitrary addresses
  • Approve or call non-whitelisted contracts
  • Transfer NFTs or other tokens
  • Modify ownership or validators

Security Model

Backend compromise = no fund loss. Even if the agent key leaks, it can:
  • Move funds only between whitelisted vaults
  • Withdraw only to user’s EOA

Recovery Scenarios

ScenarioUser Action
Agent malfunctionUse Emergency Withdraw — funds sent to EOA
Backend offlineInteract with vaults directly via your EOA
Frontend offlineRevoke session key on-chain or wait expiry
Everything offlineUse Etherscan/Web3 tools to redeem manually
Your EOA is always the root validator — full recovery guaranteed.

Technical Details

  • ZeroDev Kernel v3.2 — modular ERC-4337 smart account
  • Permission Validator — whitelisted calls only
  • Paymaster Support — gas-sponsored transactions
  • Base-Native — optimized for the Base ecosystem
No user private key or seed phrase is ever stored by n0ir.