AI-assisted management

Connect an AI agent to your vault via the Chamber MCP server. The agent reads state and executes trades within Guard System rules — with keys that never leave your machine.

Chamber ships a local-first MCP server that lets managers connect Claude (or any MCP-compatible agent) directly to their vault. Once configured, the agent can read vault state, analyse positions, and execute trades through natural conversation. Everything it does passes through the Guard System, so the agent operates under the same constraints as a human manager: the vault's enabled assets only, fee limits respected, no access to depositor funds.

The goal is not to trust the agent more. The goal is to make the vault safer by design, so AI can do useful work without expanding what can go wrong.

How it works

The Chamber MCP server runs locally on your machine via @dhedge/chamber-mcp. Private keys are AES-256 encrypted in ~/.chamber/vaults.json and never leave your computer. There's no hosted service, no account, no API key to manage.

It works with Claude Desktop, Cursor, Windsurf, Cline, VS Code, Gemini CLI, ChatGPT Desktop — anything that supports MCP.

Setup is three steps.

1. Delegate a trader wallet

The agent trades through a delegated trader wallet, not the manager wallet. The Guard System strictly limits what this wallet can do: trade the vault's enabled assets on approved protocols. It cannot change vault settings, update fees, or withdraw depositor funds. See Trader delegation.

2. Link your vault

You need Node.js v18 or later. In a terminal:

npx @dhedge/chamber-mcp vault link --address 0xYourVault --network arbitrum

The CLI prompts for the trader wallet private key. It's encrypted locally — it's never typed into the agent chat and never sent anywhere.

Supported networks: polygon optimism arbitrum base ethereum plasma hyperliquid.

Optionally, drop RPC URLs and an ODOS_API_KEY into ~/.chamber/.env for more reliable trade routing. Public RPCs are used as fallback.

3. Add to your AI client

For Claude Desktop, edit claude_desktop_config.json:

Mac: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "chamber": {
      "command": "npx",
      "args": ["-y", "@dhedge/chamber-mcp", "mcp", "-s", "all"]
    }
  }
}

Cursor, Windsurf, Cline, VS Code, Gemini CLI, and ChatGPT Desktop accept the same command in their MCP settings.

Restart the client. For Claude Desktop, the hammer icon in the chat input confirms the tools loaded.

If you use nvm, your client may not resolve npx correctly. Use the full path from nvm which current and pin PATH in the config's env block.

Start trading

Ask the agent things like:

"Show me what's in my vault 0x... on Arbitrum." "Estimate swapping 1000 USDC to WETH, then execute if gas looks reasonable." "Lend 500 USDC to Aave V3 on Arbitrum."

Always run an estimate before an execute — that catches gas and slippage issues before they cost real money.

Scopes — how much you let the agent do

Tools are gated by a -s flag in your MCP client config. Start small and widen as you trust the setup.

Flag

Mode

What's enabled

mcp (no flag)

Read-only

Vault info, composition, Toros and Hyperliquid state

mcp -s trade

+ Trade + asset config

Approvals, swaps, enabled-asset changes

mcp -s trade,toros

+ Toros

Toros withdrawals and limit orders

mcp -s trade,toros,lending

+ Lending

Aave V3, Compound V3, Fluid

mcp -s trade,toros,lending,lp

+ Liquidity

Uniswap V3, Velodrome CL, Aerodrome CL, Pancake CL

mcp -s trade,toros,lending,lp,hyperliquid

+ Hyperliquid perps

Deposit, perp/spot routing, market orders, close positions

mcp -s all

Everything

All tools enabled

Read-only mode is safe to grant to any agent. Use -s all only with agents you trust.

What the agent can do

With -s all, the agent covers the manager's full trading loop:

Read vault state — composition, holdings, NAV, linked vaults, open Hyperliquid positions.
Estimate trades — gas and slippage preview. Always run this first.
Execute trades via Odos, 1inch, KyberSwap, Toros, Pendle, CoW Swap.
Lend and borrow on Aave V3, Compound V3, Fluid.
Manage Toros positions — leveraged token deposits/withdrawals, limit orders.
Manage LP positions — open, increase, remove, claim fees on Uniswap V3 / Velodrome / Aerodrome / Pancake CL.
Trade Hyperliquid perps — deposit, route between perp and spot wallets, open and close positions.

The agent cannot change vault settings, update fees, enable or disable assets outside what the Guard System permits, or access depositor funds. Those stay in the manager's hands, in the Chamber app.

Supported chains

Ethereum, Polygon, Optimism, Arbitrum, Base, Plasma, Hyperliquid.

Safety model

Four layers keep the agent bounded:

Guard System. Every trade is checked onchain against the vault's enabled assets, fee limits, and protocol allowlist. The agent can't route around this because the contract won't let it.
Trader wallet, not manager wallet. The agent signs with a delegated trader key. It can trade within the vault's rules — it cannot change them.
Local, encrypted key storage. Keys are AES-256 encrypted with a machine-local key in ~/.chamber/. They never transit the agent or any hosted service.
Scope-gated tools. Without the right -s flag, the corresponding tools simply don't appear to the agent.

Developer reference

Tool list, schemas, and configuration detail live in Build → MCP server.

PreviousOverview NextCreate a vault

Last updated 5 hours ago

hashtagHow it works

hashtag1. Delegate a trader wallet

hashtag2. Link your vault

hashtag3. Add to your AI client

hashtagStart trading

hashtagScopes — how much you let the agent do

hashtagWhat the agent can do

hashtagSupported chains

hashtagSafety model

hashtagDeveloper reference