XonaXona Docs
OverviewResourcesxPayInference

Biometric unlock (macOS)

Unlock the xPay wallet passphrase with Touch ID instead of typing it every time.

Skip typing the passphrase on every command — unlock with Touch ID instead.

xpay biometric enable     # verifies your passphrase, then stores it Touch ID-gated
xpay balance              # → Touch ID prompt instead of a passphrase prompt
xpay biometric status     # availability + current state
xpay biometric disable    # removes the keychain entry

The wallet's scrypt + AES-256-GCM encryption is unchanged. enable places the passphrase in your login keychain, and a small native helper releases it only after a LocalAuthentication check (compiled on first use; requires the Xcode Command Line Tools). Unlock order: --passphrase$XPAY_PASSPHRASE → Touch ID → interactive prompt.

Biometrics gate the passphrase — they never replace it. Your passphrase keeps working everywhere and remains the only recovery path. If Touch ID is unavailable, the CLI falls back to asking for it. Bonus: with biometric unlock enabled, the MCP server no longer needs XPAY_PASSPHRASE in plaintext host config — it shows one Touch ID dialog at startup.

Guardrails

Spending caps, allowed hosts, and approval hooks that run before any signer is touched.

Profiles

How xPay stores encrypted wallets and derives Solana and EVM keys from one mnemonic.