profiles
Delegate tightly scoped signing authority to agents without sharing the wallet password or private key.
beam profiles lets you create delegated signing profiles for agents and
automation. A profile is bound to one local wallet, has explicit command and app
grants, and can be unlocked into a short-lived local daemon session.
The daemon holds the decrypted wallet key in memory only. Every signing request is checked against the profile policy immediately before Beam signs the final transaction.
Lifecycle
$ beam profiles create <profile> --from <wallet>
$ beam profiles list
$ beam profiles show <profile>
$ beam profiles remove <profile>
Creating, changing, removing, and unlocking a profile prompts for the wallet password. Profiles require a non-empty wallet password. If a wallet was created without a password, set one first:
$ beam wallets change-password <wallet>
Direct command grants
Grant only the public signing command shape the agent should be allowed to run:
$ beam profiles grant <profile> command native-transfer \
--chain base \
--recipient 0x1111111111111111111111111111111111111111 \
--max-native 10000000000000000 \
--max-gas 50000 \
--budget 100000000000000000
$ beam profiles grant <profile> command erc20-transfer \
--chain base \
--token USDC \
--recipient 0x1111111111111111111111111111111111111111 \
--max-token 1000000 \
--max-gas 100000 \
--budget 5000000
Supported command grant kinds:
native-transfererc20-transfererc20-approvalcontract-transactionfetch-payment
Common constraints include --chain, --token, --recipient, --target,
--selector, --spender, --max-native, --max-token, --max-gas,
--budget, and --ttl.
Amounts in grants are atomic units. For example, 1000000 USDC means 1 USDC
for a 6-decimal token.
App grants
Profiles can also grant Beam app action plans:
$ beam profiles grant <profile> app uniswap --approval-id <approval-id> --budget 10000000
$ beam profiles grant <profile> app uniswap --plan-json ./plan.json
App profile grants are checked after the installed app manifest permissions. The profile grant never lets an app exceed its own declared permissions. Grants bind app identity, registry source, active artifact digests, command, wallet, chain, plan hash, approval id, expiry, and spending limits.
Unlock and use
Unlock a profile once:
$ beam profiles unlock <profile> --ttl 1h
$ beam profiles sessions
Then run matching commands with --profile:
$ beam --profile <profile> --chain base transfer 0x1111111111111111111111111111111111111111 0.001
$ beam --profile <profile> --chain base erc20 transfer USDC 0x1111111111111111111111111111111111111111 1
$ beam --profile <profile> --chain base x uniswap swap USDC ETH 100 --no-prompt
When the profile is missing, locked, expired, or the final transaction does not match any grant, Beam fails closed instead of prompting for the wallet password.
Lock a profile when the agent is done:
$ beam profiles lock <profile>
Audit
$ beam profiles ledger <profile>
The ledger records non-secret signed actions by profile, grant id, wallet, chain, command or app, asset, amount, gas, and transaction hash.
Boundaries
Profile sessions authorize signing commands only. They do not authorize wallet management, profile management, chain/RPC/token config, app install/update/remove, or privacy operations. Privacy profile capabilities are intentionally deferred to a future profile version.