# Altana > Non-custodial agentic wallets with onchain session-key delegation. ## Docs - [Acknowledgments](/acknowledgments): Altana Keystore sits on top of wallet infrastructure: smart accounts, session keys, relayers, validator hooks. - [Claude Skill](/skill): Altana ships a [Claude Code skill](https://docs.anthropic.com/en/docs/claude-code/skills) so any Claude-powered agent can build with `@altananetwork/sdk` correctly out of the box. The skill teaches Claude when to reach for the SDK, the client and its methods, the common workflows, and the gotchas that bite at integration time. - [Why Altana](/why-altana): Altana enables a **global registry of permissions onchain, accessible by any agent**. - [Give an agent a wallet and a policy](/use-cases/1-agent-wallet-policy): You own the wallet. The agent gets a scoped key: it can only call the contracts you allow, only up to the spend cap you set, and it expires automatically. You can cut access with one transaction at any time. - [Use a passkey wallet as admin](/use-cases/1b-passkey-delegates-to-agent): You hold the admin key inside your device's secure hardware, backed by Face ID or Touch ID. The agent holds a separate, scoped session key with a spend cap, an expiry, and a contract allowlist. You can revoke it in one transaction. - [Let an agent trade on a DEX, capped](/use-cases/2-agent-trades-dex): The example below uses **PancakeSwap** on BNB. Swap in any DEX router address to use a different exchange; the pattern is identical. - [Run a portfolio with multiple agents](/use-cases/3-portfolio-multiple-agents): Multiple agents on one wallet with divided, independently verifiable, independently revocable authority. Agent-to-agent verification uses only your own agents, with nothing external to set up. - [Verify an agent's authority from anywhere](/use-cases/4-verify-agent-authority): Run this from your own script against your own wallet. This is exactly what a DEX or a counterparty agent would run, for free, from any RPC. - [Authorize across chains](/use-cases/5-cross-chain-authorization): Sessions are granted on L1 (Ethereum, the Keystore source of truth). An L2 cache on Base can verify that same session via a storage proof against L1 state, without any bridge message or re-granting. - [Overview](/use-cases): The at-a-glance map. Find your goal, then follow the path. - [balances](/sdk/balances): Read a wallet's on-chain balances. This is a plain read: no signer, no userOp, no relay. It works for any address (a `Wallet` you created or a bare `0x…` address), including counterfactual wallets that haven't been deployed yet. - [BNB Smart Chain](/sdk/bnb): BNB Smart Chain (chain id **56**) is Altana's default network. - [createPasskeyWallet](/sdk/create-passkey-wallet): `client.createPasskeyWallet` creates a smart-account wallet whose admin authority is a passkey (Face ID, Touch ID, Windows Hello, hardware security key). The private key never leaves the device's secure hardware. - [createWallet](/sdk/create-wallet): `client.createWallet` creates a smart-account wallet for a signer. The signer's key lives wherever you keep it (env var, OS keychain, hardware wallet). Altana never sees it. - [execute](/sdk/execute): Submit one or more calls from a wallet. `client.execute` accepts either an admin pair (`wallet` + `signer`) or a `session`, plus the `calls` to run. - [grantSession](/sdk/grant-session): Grant a scoped session key for a wallet. The admin signer authorizes the session onchain; from that point forward the session can act on the wallet within its permissions, enforced onchain. - [recoverFromPasskey](/sdk/recover-from-passkey): Recover a passkey-backed wallet using onchain state and the OS keychain. **Browser only.** - [revokeSession](/sdk/revoke-session): Revoke a session key from a wallet onchain. After confirmation, the session's next execute attempt reverts at validation. Effect is global and immediate. No off-chain coordination required. - [ensureKeyCached](/sdk/sync-to-l2): A session you granted via [`grantSession`](/sdk/grant-session) is registered in the [Keystore](/concepts/keystore) on L1 (Ethereum). For another chain to honor that session, the registry state has to be mirrored to an L2 cache on that chain. `ensureKeyCached` does that. - [MCP Server](/mcp): `@altananetwork/mcp` exposes the SDK as an MCP server. AI hosts like Claude Code, Cursor, and Continue can use it to create wallets, grant sessions, and execute transactions through tools or slash commands. - [Install](/mcp/install): That's it. Restart Claude Code; tools and slash commands become available. - [Claude Skill](/mcp/skill): Altana ships a [Claude Code skill](https://docs.anthropic.com/en/docs/claude-code/skills) so any Claude-powered agent can build with `@altananetwork/sdk` correctly out of the box. - [Tools](/mcp/tools): The Altana MCP server exposes 11 tools. AI hosts call them by name; users can also invoke them as slash commands via the prompt interface (e.g. `/altana-agentic-wallet:create-wallet`). - [Getting Started · BNB Smart Chain](/getting-started/bnb): BNB Smart Chain (chain id **56**) is Altana's default network. The KeyStore and the account contracts are deployed there (see [Networks & Addresses](/concepts/networks)), and the SDK ships a ready-made `BNB` config. - [Connect an AI tool](/getting-started/build-with-claude): The docs publish `llms-full.txt`: a single machine-readable file any AI can read cleanly. - [Create an agentic wallet](/getting-started/create-agentic-wallet): An agentic wallet gives any authorized agent permissioned access to your onchain assets through Altana's global [Keystore](/concepts/keystore): a public onchain registry of authorized keys. - [Create a passkey wallet](/getting-started/passkey): For consumer apps — wallets secured by Face ID, Touch ID, or Windows Hello. The user sees one biometric prompt; no seed phrase, no browser extension. The private key is generated and stored on the device's secure hardware and never leaves it. - [Create a private-key wallet](/getting-started/private-key): For AI agents, backend scripts, and CLI tools — anywhere a biometric prompt doesn't make sense. You supply a private key; Altana creates and manages a smart account around it. No custody, no Altana API key, no off-chain service involved. - [How Altana is Different](/concepts/comparison): There are plenty of "agentic wallet" products. Most of them solve the same surface problem (letting an AI act on a user's wallet) but they all store the authorization state in places only their own stack can read. - [Keystore](/concepts/keystore): **Keystore is a public onchain registry.** For every Altana wallet, it stores which keys are currently authorized to act on it. Anyone (any app, any agent, any chain that bridges to it) can read this state and verify authority without a vendor in the middle. - [Networks & Addresses](/concepts/networks): Altana is multi-chain. The SDK ships a config per network, importable from `@altananetwork/sdk`. **BNB Smart Chain is the default**; Ethereum is supported for wallet execution and L1 cross-chain proofs; Base is supported as the L2 Keystore cache for cross-chain verification. - [Sessions](/concepts/sessions): A **session** is a scoped, time-bounded delegation from a wallet's admin key to another key. The session key can act on the wallet, but only within the granted permissions, and only until the expiry.