Wallet Recovery for AI Agents

Never lose your
agent's wallet.

An AI agent that loses access to its wallet loses everything it has earned — balances, trade history, referral relationships, and identity. This guide covers the complete backup and recovery stack: BIP39 mnemonic generation and storage, BIP32 key derivation paths per chain, Purple Flea Wallet API backup features, and step-by-step disaster recovery procedures.

Critical: Purple Flea wallets are non-custodial HD wallets. Purple Flea holds no copy of your private key or mnemonic. If you lose your mnemonic and your local key file, your funds are unrecoverable by anyone — including Purple Flea support. Backup before you deposit.
Fundamentals

How HD wallets work for AI agents

Purple Flea Wallet API creates Hierarchical Deterministic (HD) wallets following the BIP32/BIP44 standard. One 12- or 24-word mnemonic seed phrase generates every private key your agent will ever need across every supported blockchain. Lose the seed phrase and you lose everything derived from it. Keep it safe and you can always reconstruct every address and private key, even if you lose the wallet file itself.

For AI agents this means: at creation time, the mnemonic must be stored somewhere durable and separate from the agent's runtime environment. If the agent's container crashes, the server is destroyed, or the API key database is corrupted, the mnemonic is the one thing that recovers all on-chain assets.

🌱

BIP39 mnemonic

A 12- or 24-word phrase from the 2048-word BIP39 wordlist. Encodes 128 or 256 bits of entropy. Human-readable but cryptographically strong.

🌳

BIP32 key derivation

The mnemonic generates a root private key. Child keys are derived deterministically by path — m/44'/coin'/account'/change/index.

⛓️

Multi-chain from one seed

One mnemonic generates your Ethereum, Bitcoin, Solana, Tron, Polygon, Arbitrum, and Base addresses. Each chain uses a different derivation path.

🔄

Deterministic recovery

Given the same mnemonic and derivation path, you always get the same private key. Recovery is purely mathematical — no server needed.

Key Derivation

Derivation paths per chain

This table shows the standard BIP44 derivation paths Purple Flea uses for each supported chain. You must use the exact path when recovering a wallet externally — using the wrong path will generate a different address even with the correct mnemonic.

Chain Derivation path Address format Notes
Ethereum m/44'/60'/0'/0/0 0x... (EIP-55 checksum) Same path for Polygon, Arbitrum, Base
Bitcoin m/44'/0'/0'/0/0 1... (Legacy P2PKH) Use m/84'/0'/0'/0/0 for native SegWit
Solana m/44'/501'/0'/0' Base58 (32-byte pubkey) Uses hardened child keys throughout
Tron m/44'/195'/0'/0/0 T... (Base58Check, 0x41 prefix) Same EVM private key, Tron address encoding
Polygon m/44'/60'/0'/0/0 0x... (same as Ethereum) Identical address to Ethereum from same seed
Arbitrum m/44'/60'/0'/0/0 0x... (same as Ethereum) Layer 2; same EVM address space
Base m/44'/60'/0'/0/0 0x... (same as Ethereum) Coinbase Layer 2; EVM-compatible
Account index: Purple Flea Wallet API creates account 0 by default (the 0 in m/44'/60'/0'/0/0). If your agent needs multiple addresses on one chain, increment the last index: m/44'/60'/0'/0/1, .../0/2, etc. Store which index each address was derived at.
Backup Strategies

Mnemonic backup for autonomous agents

Human wallets are typically backed up by writing 12 words on paper. AI agents need programmatic backup solutions that are durable, accessible at recovery time, and resistant to the failure modes that kill agent processes (container crashes, disk corruption, provider outages).

🔐

Encrypted environment variable

Encrypt the mnemonic with AES-256 using a password that exists only in a secrets manager (AWS Secrets Manager, HashiCorp Vault, Doppler). Store the ciphertext in a durable secret store. Decrypt only at boot time.

☁️

Multi-location encrypted backup

Store the encrypted mnemonic in three independent locations: primary secrets manager, secondary cloud storage (S3, GCS), and an offline copy. The encryption key lives in a fourth, separate location.

🚫

Never: plaintext in code

Never commit a mnemonic to a git repo, hardcode it in source, or log it to stdout. Treat it like a root password — if it appears in a log, rotate immediately.

🚫

Never: only one backup

A single backup that lives on the same server as the agent is not a backup. If the server is destroyed (fire, provider loss, ransomware), both the agent and its only backup are gone.

Best practice pattern: Generate wallet via Purple Flea API. Immediately encrypt the returned mnemonic with your KMS key. Write encrypted ciphertext to your secrets manager AND to a separate durable store. Delete the plaintext mnemonic from memory after encryption. Your agent then needs only the API key for normal operation; the mnemonic is only accessed during disaster recovery.
Purple Flea Wallet API

Backup features in the Purple Flea Wallet API

The Purple Flea Wallet API returns backup-critical data at wallet creation time. It is the only time this data is available from the API — subsequent calls return only derived public data (addresses, balances). Store what the creation response gives you immediately.

Warning: The mnemonic is returned only once in the wallet creation response. There is no Purple Flea API endpoint that returns the mnemonic again. If you fail to store it at creation time, you cannot retrieve it — you must create a new wallet and migrate funds.
Recovery Procedure

Step-by-step disaster recovery

This section covers the exact steps to recover a Purple Flea wallet after a failure event: lost API key, destroyed server, corrupted database, or compromised credentials.

1

Retrieve your encrypted mnemonic backup

Access your secrets manager or durable backup store. Retrieve the encrypted mnemonic and the encryption key from their separate storage locations. Never store both in the same place.

2

Decrypt and verify the mnemonic

Decrypt the mnemonic using your encryption key. Verify it produces the correct word count (12 or 24) and that all words are in the BIP39 English wordlist. An invalid mnemonic will silently produce wrong keys.

3

Re-register on Purple Flea with a new API key

Call POST https://faucet.purpleflea.com/register with your agent ID. You receive a new API key. On-chain assets are unaffected by this step.

4

Import the mnemonic into the Wallet API

Call POST https://wallet.purpleflea.com/import with your mnemonic and new API key. The same addresses are reconstructed from the mnemonic deterministically.

5

Verify addresses and balances match

Call GET /addresses and compare every derived address against your backup record. Then call GET /balances to confirm on-chain funds are visible.

6

Rotate the encryption key and re-encrypt backup

After a failure event, treat your previous encryption key as potentially compromised. Generate a new key, re-encrypt the mnemonic, and update your secrets manager. The old encrypted blob is now useless without the old key.

Recovery Code

Automated recovery script

A reference implementation of the recovery workflow. Run this in a secure, isolated environment — not on the same machine that was compromised.

External Recovery

Recovering without Purple Flea API

Because Purple Flea uses standard BIP39/BIP32 derivation, you can recover your wallet using any compatible wallet software — completely independently of Purple Flea. Your funds are on-chain; they belong to whoever holds the mnemonic.

💎

Ethereum / EVM chains

Import mnemonic into MetaMask, Frame, or any EIP-1193 wallet using path m/44'/60'/0'/0/0. Same address, full access to funds.

Bitcoin

Import into Electrum or any BIP44/BIP84 compatible wallet. Use path m/44'/0'/0'/0/0 for legacy or m/84'/0'/0'/0/0 for native SegWit.

☀️

Solana

Import into Phantom or Solflare using path m/44'/501'/0'/0'. Phantom supports custom derivation paths in advanced import mode.

Tron

Import into TronLink using path m/44'/195'/0'/0/0. The private key is the same as the Ethereum key; only the address encoding differs.

Programmatic external recovery: Use the ethers.js or @solana/web3.js libraries directly. ethers.HDNodeWallet.fromMnemonic(mnemonic).derivePath("m/44'/60'/0'/0/0") gives you the private key and address for Ethereum — no Purple Flea API call required.
Testing

Test your recovery before you need it

The only way to know your backup works is to test it. The best time to test recovery is immediately after creating a wallet, before depositing any meaningful funds.

Automated recovery testing: Include a wallet recovery test in your agent's CI/CD pipeline. Generate a throwaway mnemonic, derive addresses, encrypt, store, decrypt, re-derive, and assert the addresses match. This test costs nothing and catches silent backup failures before they become real disasters.
API Reference

Wallet API endpoints for backup and recovery

Key endpoints from the Purple Flea Wallet API relevant to backup and recovery operations.

POST /create

Create a new HD wallet. Returns mnemonic (once only), addresses, and derivation paths. Specify word_count: 24 for maximum entropy.

POST /import

Import an existing wallet by mnemonic. Use during recovery to reconstruct your wallet under a new API key. Returns the same addresses derived from the mnemonic.

GET /addresses

Return all derived addresses for the wallet. Use to verify recovery produced the correct addresses without needing on-chain verification.

GET /balances

Return on-chain balances for all addresses. Confirms that recovered addresses have the expected funds visible on the blockchain.

GET /derivation-paths

Return the derivation paths used for each chain in this wallet. Store alongside your encrypted mnemonic backup so you always know the exact path to use during external recovery.

POST /export-xpub

Export the extended public key (xpub) for a chain. Lets you derive read-only child public keys and generate receiving addresses without exposing the private key or mnemonic.

Get started with a secure Purple Flea wallet

Register your agent, create a wallet with a 24-word mnemonic, and test your backup today.

Open Wallet API Full documentation