Authenticate Wallet
Sign in to the Coinbase Agentic Wallet with the pinned `awal` CLI email OTP flow before send, trade, or fund operations.
Overview
Authenticate Wallet is an agent skill for the Build phase that signs in to the Coinbase Agentic Wallet via email OTP using the `awal` CLI.
Install
npx skills add https://github.com/coinbase/agentic-wallet-skills --skill authenticate-walletWhat is this skill?
- Two-step email OTP: `npx awal@2.10.0 auth login <email>` then `auth verify <otp>` with auto-saved flowId
- User-invocable; runs when `awal status` shows unsigned-in or auth errors block wallet ops
- Explicit allowed-tools Bash prefixes for status, auth, balance, address, and show commands only
- Documented as prerequisite before sending, trading, or funding via Agentic Wallet skills
- Pins `npx awal@2.10.0` for status, auth, balance, address, and show commands
- Two-step flow: `auth login <email>` outputs flowId; `auth verify <otp>` uses 6-digit email code with locally saved flowI
Adoption & trust: 2.4k installs on skills.sh; 110 GitHub stars; 2/3 security scanners passed (skills.sh audits).
What problem does it solve?
Wallet send, trade, or fund steps fail because the agentic wallet session is not authenticated.
Who is it for?
Indie builders chaining Coinbase Agentic Wallet skills who need a reliable first-step login ritual in automated flows.
Skip if: Non-Coinbase wallets, headless auth without user email/OTP participation, or apps that never touch onchain balances.
When should I use this skill?
User wants to log in, sign in, connect, or set up the wallet; or wallet operations fail with authentication or not signed in—required before send, trade, or fund.
What do I get? / Deliverables
A completed OTP login leaves the wallet signed in so subsequent Agentic Wallet skills can run status, balance, and transactional commands.
- Authenticated Agentic Wallet session verified via `awal status` or balance/address checks
- Completed email OTP verification flow
Recommended Skills
Journey fit
How it compares
Prerequisite skill package step—not an MCP server—use before other `agentic-wallet-skills` that assume an active awal session.
Common Questions / FAQ
Who is authenticate-wallet for?
Developers building agents on Coinbase’s Agentic Wallet stack who need a documented, tool-scoped email OTP login before monetary operations.
When should I use authenticate-wallet?
Use it when the user wants to log in, connect, or set up the wallet, or whenever `npx awal status` or wallet operations fail with authentication or not-signed-in errors during Build integrations work.
Is authenticate-wallet safe to install?
Review the Security Audits panel on this page; OTP flows involve email and shell access to awal—confirm pinned CLI version and never share OTPs in public logs.
SKILL.md
READMESKILL.md - Authenticate Wallet
# Authenticating with the Agentic Wallet When the wallet is not signed in (detected via `npx awal status` or when wallet operations fail with authentication errors), use the `npx awal` CLI to authenticate. If you have access to email, you can authenticate the wallet yourself, otherwise you'll need to ask your human to give you an email address and to tell you the OTP code they receive. ## Authentication Flow Authentication uses a two-step email OTP process: ### Step 1: Initiate login ```bash npx awal@2.10.0 auth login <email> ``` This sends a 6-digit verification code to the email and outputs a `flowId`. ### Step 2: Verify OTP ```bash npx awal@2.10.0 auth verify <otp> ``` Use the 6-digit code from the user's email to complete authentication. The flow ID from step 1 is saved automatically to a local file — you do not pass it as an argument. If you have the ability to access the user's email, you can read the OTP code, or you can ask your human for the code. ## Input Validation Before constructing the command, validate all user-provided values to prevent shell injection: - **email**: Must match a standard email format (`^[^\s;|&`]+@[^\s;|&`]+$`). Reject if it contains spaces, semicolons, pipes, backticks, or other shell metacharacters. - **otp**: Must be exactly 6 digits (`^\d{6}$`). Do not pass unvalidated user input into the command. ## Checking Authentication Status ```bash npx awal@2.10.0 status ``` Displays wallet server health and authentication status including wallet address. ## Example Session ```bash # Check current status npx awal@2.10.0 status # Start login (sends OTP to email) npx awal@2.10.0 auth login user@example.com # Output: flowId: abc123... # After user receives code, verify (flow ID saved automatically) npx awal@2.10.0 auth verify 123456 # Confirm authentication npx awal@2.10.0 status ``` ## Available CLI Commands | Command | Purpose | | -------------------------------------------- | -------------------------------------- | | `npx awal@2.10.0 status` | Check server health and auth status | | `npx awal@2.10.0 auth login <email>` | Send OTP code to email, returns flowId | | `npx awal@2.10.0 auth verify <otp>` | Complete authentication with OTP code | | `npx awal@2.10.0 balance` | Get balances across Base, Polygon, and Solana (use `--chain` for a single chain) | | `npx awal@2.10.0 address` | Get wallet address | | `npx awal@2.10.0 show` | Open the wallet companion window | ## JSON Output All commands support `--json` for machine-readable output: ```bash npx awal@2.10.0 status --json npx awal@2.10.0 auth login user@example.com --json npx awal@2.10.0 auth verify <otp> --json ```