> ## Documentation Index
> Fetch the complete documentation index at: https://docs.steward.fi/llms.txt
> Use this file to discover all available pages before exploring further.

# what is Steward?

> the policy-bound signing layer for autonomous AI agents. encrypted wallets, credential management, audit trail, embeddable React UI.

Steward is a governance layer for autonomous AI agents. it provides
encrypted wallet management, credential storage, policy enforcement, API
proxy with credential injection, and audit logging, so agents can interact
with blockchains and third-party APIs without ever touching raw private keys
or API credentials.

<CardGroup cols={2}>
  <Card title="wallet vault" icon="vault" href="/concepts/wallet-vault">
    AES-256-GCM encrypted key storage with multi-chain signing (EVM + Solana). agents request signatures, they never see private keys.
  </Card>

  <Card title="secret vault" icon="key" href="/concepts/secret-vault">
    encrypted credential storage with automatic injection. agents never see API keys. Steward's proxy injects them at request time.
  </Card>

  <Card title="policy engine" icon="shield-check" href="/concepts/policy-engine">
    declarative policies evaluated before every action. spending limits, rate limits, address whitelists, time windows, all configurable per agent.
  </Card>

  <Card title="API proxy" icon="shuffle" href="/concepts/proxy-gateway">
    all third-party API calls flow through Steward. credentials injected at the proxy, costs tracked, everything audited.
  </Card>
</CardGroup>

## the problem

today, most agent platforms inject plaintext credentials directly into agent containers:

```bash theme={null}
# what agent containers look like today
OPENAI_API_KEY=sk-proj-abc123...
ANTHROPIC_API_KEY=sk-ant-def456...
EVM_PRIVATE_KEY=0xdeadbeef...
DATABASE_URL=postgres://user:pass@host/db
```

any code operating from the container, including code triggered by prompt injection, can read these credentials, exfiltrate them, or drain wallets. there is no spending control, no audit trail, and rotating a credential means redeploying every container that uses it.

## the solution

with Steward, agent containers only receive two environment variables:

```bash theme={null}
# what agent containers look like with Steward
STEWARD_PROXY_URL=http://steward-proxy:8080
STEWARD_AGENT_TOKEN=stwd_jwt_...
```

every API call and every transaction flows through Steward, where it is authenticated, policy-checked, logged, and metered before being forwarded with the real credentials injected.

## who uses Steward?

* **constrained trading agents.** an agent trading Hyperliquid perps under a tight Steward policy: long-only, major pairs, $100 per position, 5x max leverage, $300 daily open budget. the LLM never holds the key.
* **production multi-agent deployments.** platforms managing dozens of agents across a node fleet with on-chain transactions on Base mainnet.
* **agent developers** building autonomous agents that need wallet access or API credential management.
* **platform operators** running multi-tenant agent hosting who need security, cost control, and compliance.
* **desktop apps**. local mode with PGLite means Steward can run as an embedded sidecar with no third-party dependencies.

## what's new

Steward has grown beyond wallet management into a full agent infrastructure platform:

* **API proxy.** route any HTTP API call through Steward for credential injection, cost tracking, and audit logging.
* **webhook events.** get notified on `tx.pending`, `tx.signed`, `spend.threshold`, `policy.violation`, and more.
* **approval workflow.** large transactions queue for human review. approve or deny via API or the `<ApprovalQueue>` component.
* **control plane config.** per-tenant configuration of policy exposure, UI feature flags, themes, and approval rules.
* **embeddable React UI.** drop `@stwd/react` into any app for wallet overview, transaction history, policy controls, and approval queues.
* **local mode.** run Steward without any third-party database using the built-in PGLite (Postgres-in-WASM) backend.
* **aggregated dashboard.** single API call returns agent balances, spend stats, recent transactions, policy summary, and pending approvals.

## quick links

<CardGroup cols={2}>
  <Card title="quickstart" icon="rocket" href="/quickstart">
    get up and running with Steward in 5 minutes.
  </Card>

  <Card title="architecture" icon="sitemap" href="/concepts/architecture">
    understand how the four pillars work together.
  </Card>

  <Card title="React components" icon="react" href="/sdk/react-components">
    drop-in UI for wallet management and policy controls.
  </Card>

  <Card title="local mode" icon="computer" href="/guides/local-mode">
    run Steward locally with PGLite, no database required.
  </Card>

  <Card title="SDK reference" icon="code" href="/sdk/installation">
    install the TypeScript SDK and start building.
  </Card>

  <Card title="API reference" icon="server" href="/api-reference/overview">
    explore the full REST API.
  </Card>
</CardGroup>
