PASS: A Provenanced Access Subaccount System for Blockchain Wallets

TL;DR

PASS introduces a provenance-based control system for blockchain wallets, enabling secure, private, and verifiable shared custody suitable for organizational and AI agent use cases.

Contribution

It formalizes a provenance-based access control model for wallets, proves core invariants in Lean 4, and demonstrates an efficient prototype implementation.

Findings

Provenance-based wallets are practical and efficient.

The system maintains privacy of internal transfers.

The prototype achieves measurable throughput on AWS enclaves.

Abstract

Blockchain wallets conventionally follow an ownership model where possession of a private key grants unilateral control. However, this assumption is brittle for emerging settings such as AI agent wallets, organizational custody, and enterprise payroll, where multiple actors must coordinate without exposing secrets or leaking internal activity. We present PASS, a Provenanced Access Subaccount System that replaces role-based or identity-based control with provenance-based control: assets can only be used by subaccounts that can trace custody back to a valid deposit. A simple Inbox-Outbox mechanism ensures all external actions have verifiable lineage, while internal transfers remain private and indistinguishable from ordinary EOAs. We formalize PASS in Lean 4 and prove core invariants, including privacy of internal transfers, asset accessibility, and provenance integrity. We implement a prototype with enclave backends on AWS Nitro Enclaves and dstack Intel TDX, integrate with WalletConnect, and benchmark throughput across wallet operations. These results show that provenance-based wallets are both implementable and efficient. PASS bridges today's gap between strict self-custody and flexible shared access, advancing the design space for practical, privacy-preserving custody.