Connect MetaMask, then sign a server-issued challenge to obtain a 5-minute admin JWT. The JWT alone authorizes
only read-only ops; every state-changing op (provision / sign / clear) requires a fresh per-op signature.
The JWT is held in browser memory only — never localStorage.
2 · Cabinet · Provision
Mint 1 CEO + 7 soldier wallets for a company. Private keys are stored encrypted in the BANKON Vault
(AES-256-GCM + HKDF-SHA512); public addresses are written to production_registry.json
and agent_map.json. Idempotent — refuses if a cabinet for the company already exists.
3 · Cabinet · Roster
Public addresses of the cabinet. Click any to copy.
No cabinet read yet — click Refresh.
4 · Sign as Agent · Vault-as-Oracle
The vault signs a message on the agent's behalf. The private key is retrieved into memory only for the duration of
the signing operation; nothing in the response carries the key. Each sign requires a fresh shadow-overlord signature
bound to {agent_id, sha256(message)}.