- Never share your
.envfile. It contains your private keys in plaintext. - Use a dedicated hot wallet. Do not use your main savings account. Fund the Pacman account with only what you're willing to risk.
- Back up your keys. Run
backup-keys --fileto export to~/Downloads. Store backups offline. .envis gitignored. If you fork this repo, verify.envis in.gitignorebefore pushing.
The transfer whitelist is the most critical safety feature in Pacman.
- All outbound transfers are blocked unless the recipient is whitelisted in
data/settings.jsonor is one of your own accounts indata/accounts.json. - EVM addresses (
0x...) are blocked entirely — only Hedera IDs (0.0.xxx) are accepted. - Run
whitelistto view,whitelist add 0.0.xxxto add,whitelist remove 0.0.xxxto remove. - Never fabricate account IDs in examples, tests, or documentation. Agents have sent real money to placeholder accounts.
All enforced via data/governance.json (single source of truth):
| Limit | Value | Purpose |
|---|---|---|
| Max per swap | $100 | Prevents large accidental trades |
| Max daily volume | $100 | Caps total daily exposure |
| Max slippage | 5% | Prevents execution at terrible prices |
| Min HBAR reserve | 5 HBAR | Ensures gas for future transactions |
| Min robot portfolio | $5 | Ensures trade profit exceeds costs |
Agents can adjust these only on explicit user command. They are never modified autonomously.
| Account | ID | Role | Key Source |
|---|---|---|---|
| Main | 0.0.10289160 | User trading | PRIVATE_KEY in .env |
| Robot | 0.0.10379302 | Rebalancer daemon | ROBOT_PRIVATE_KEY in .env |
| Deprecated | 0.0.10301803 | Backup only | Never use, never delete |
MAIN_OPERATOR_KEYin.envis the Hedera admin key (used for staking, token association).PRIVATE_KEYis the ECDSA signing key (used for EVM swaps, transfers).- These can be different keys for the same account.
When driven by an AI agent (OpenClaw), these rules apply:
- Agents never modify
.env,accounts.json,settings.json, orgovernance.json. - Agents never create accounts, switch accounts, or approve pools without explicit user instruction.
- Agents never simulate — all trades are live.
- Agents never use V1 as a fallback for V2 routing failures.
- Agents never suggest MoonPay when the user has swappable tokens worth >= $1.
- If an operation fails, agents report the exact error — they do not guess or attempt workarounds.
- RPC endpoint:
https://mainnet.hashio.io/api(Hedera JSON-RPC relay) - Mirror Node:
https://mainnet-public.mirrornode.hedera.com(read-only, public) - No API keys are sent to third parties except MoonPay (fiat onramp, user-initiated only).
- The dashboard API (
http://127.0.0.1:8088) requiresPACMAN_API_SECRETheader and binds to localhost only.
If you discover a security issue, please report it privately rather than opening a public issue. Contact the repository owner directly.