·Agentic ArenaKeystore Layer
How Functor separates asset management from signer management, enabling multiple keys, native recovery, and instant multichain presence.
Why a Keystore Layer Exists
The Problem: One Key Controls Everything
If you use Ethereum, your wallet is controlled by a single private key. That key signs every transaction, on every chain, for every asset you own. If it's compromised or lost, everything is gone.
There's no way to scope what a key can do. You can't give one key permission to spend 1 ETH per day and another key unlimited access. You can't add a backup key that only activates if the primary is lost. Every key is all or nothing.
If you want:
- •Multiple keys with different permissions
- •A backup key for recovery
- •A way to rotate credentials without moving assets
- •Session keys for agents or automation
A single key is a single point of failure. Lose it, lose everything.
No way to attach multiple signers with different permissions to one wallet
No recovery path if your primary signing device is lost or compromised
You need somewhere to store and manage those keys.
That's the keystore layer.
Asset and Signer Separation
Vitalik's “Three Transitions” article introduced the idea of asset and signer separation: keep your signers in a different place from your assets. That way, losing access to one chain doesn't mean losing access to your keys.
Assets stay where they are.
Your tokens, NFTs, and positions live on whatever chain you're using. They move constantly across protocols and L2s.
Your signers live in one place.
A single registry on Ethereum L1, the keystore, stores your public keys, backup keys, guardians, session keys, and verification logic.
What is a Keystore Layer?
The keystore layer introduces a shared global state, a single registry of signers that every chain can read from.
Instead of your wallet relying on a single key, it references a registry that stores all your signing credentials. Your phone passkey, your hardware wallet key, a session key for your DeFi bot, a backup key for recovery. They all live in one place.
How It Works
Your wallet address stays the same. Your transaction history stays the same. Your token approvals stay the same.
What changes is that behind your address, the keystore holds multiple keys, each with its own permissions, its own scope, and its own lifecycle.
The keystore answers one question: is this key allowed to sign for this account?
Insight
Your tokens might move daily across different chains, but your authentication credentials should remain stable and secure in one location.
How Keystore State Communicates to L2
High-Level Architecture
The keystore contract lives on Ethereum L1. Each L2 has a cache contract that mirrors a verified copy of L1 keystore state locally. All keys, verification logic, and account data are anchored on L1.
How we solve it
We use two primitives Ethereum already provides:
A commitment to the keystore state
Every L1 block header contains a stateRoot, a single hash that summarizes all keystore storage on Ethereum.
A proof that a specific key matches that commitment
A Merkle-Patricia storage proof, generated off-chain via eth_getProof and verified inside the L2 cache contract.
Every L2 already exposes the latest L1 block hash via a system contract.
The L2 cache reads the trusted L1 block hash locally, then verifies the storage proof against it.
No bridge, no oracle, no committee. The trust assumption is the L2 protocol itself.
Benefits & Outcomes
Outcome 01
Multiple Signers, One Wallet
Want multiple keys with different permissions? Register them in the keystore.
Your phone passkey for daily use. Your hardware wallet for high-value transfers. A session key for your DeFi agent with a 24h expiry. All attached to the same wallet address, all with different policies.
- •You don't need to deploy separate smart contracts
- •There's no middleware between your key and the protocol
- •The VERIFY frame reads the keystore directly
Outcome 02
Native Recovery
Lost your phone? Use your backup key.
Without a keystore, losing your signing device means losing your wallet. With the keystore, your second registered key lets you continue signing transactions with the same address.
- •You don't need social recovery contracts
- •There's no guardian infrastructure to maintain
- •It works across every chain where your wallet exists
Outcome 03
Instant Multi-Chain Presence
New L2 launched tomorrow? Your signers are already there.
Your wallet on any new chain references the same keystore entry on L1. It inherits all your keys, all your permissions, all your recovery configuration. No re-onboarding.
- •Your wallet works on the new chain immediately
- •You don't need to set up security again
- •Same keys, same policies, different chain
New Design Space Unlocked
With a keystore layer, all your wallets across all chains behave like one wallet.
When signer management is built into wallet infrastructure, a few things change:
- •Your signers work across every chain
- •Your security configuration follows you
- •Recovery works the same everywhere
What This Enables
Programmable Wallets (Agentic)
Configure different permissions for each of your signers.
Phone passkey: up to 1 ETH per day, allowlisted contracts only.
Hardware wallet: up to 50 ETH per day, any contract.
Session key for a DeFi bot: 0.1 ETH max per transaction, 24h expiry, restricted to Aave and Uniswap.
A Global Policy Engine
Set spending limits, session keys, or approval workflows once.
They apply on every chain where the wallet exists.
Automation & Agents
Register a session key in the keystore.
Temporary, scoped, with an expiry.
The policy engine recognizes the key type and applies tight constraints.
Smart agents can operate across chains with consistent permissions and controls.
Institutional Signers
Three authorized signers for a company treasury: CFO, CTO, ops lead.
All keys in the keystore.
Policy: transactions over $100k require two signatures, only approved counterparties.
The Future We Envision
Frame Transactions Change the Game
EIP-8141 introduces frame transactions, a new transaction type that builds programmable validation directly into Ethereum. Every EOA gets this natively. You keep your address, you keep your history, and you don't need any middleware.
Your existing wallet address will be able to:
- •Verify signatures using any scheme (passkeys, post-quantum, ECDSA)
- •Batch multiple operations into one atomic transaction
- •Enforce policies before execution
- •Have gas sponsored by third parties
Frame transactions fix how wallets validate. The VERIFY frame can read the keystore directly, with no bundler, EntryPoint, or validator module in between. The keystore is the signer backend for every wallet.
What This Means Together
With a keystore layer, all your wallets across all chains behave like one wallet.
That changes what the EVM looks like as a whole:
One source of truth
Your keys live in one place. Every chain reads from it.
Manage once
Rotate a key or update a policy on L1. It applies everywhere.
New chains for free
Deploy your wallet on a new L2 and it inherits your full security config.
Less operational overhead
No per-chain key management. No repeated setup.
Agents will run the financial system. Open systems win. Humans stay in control.
Trillions are coming onchain. AI agents will move them, autonomously, globally, without borders.
Crypto is the only rail that works. But for an agentic economy to function, authorization can't live on someone's server. Functor Keystore is the layer that lets agents act with cryptographic authority while their humans keep the keys.