Sigil

Solves the problem of letting Claude sign EVM transactions without exposing your private key in the context window. Keys stay encrypted on disk with XChaCha20-Poly1305, and the MCP server boots locked until you unlock it from a separate terminal via a Unix socket. Once unlocked, Claude can sign EIP-191 personal messages, EIP-1559 and legacy transactions, and EIP-712 typed data through opaque handles like `evm:executor`. Each portal gets a TOML policy file where you can set chain ID restrictions, destination allowlists, per-transaction value caps, and function selector filters. Pre and post hooks block reads of common key paths and redact key-shaped strings from tool output. Still pre-alpha and missing rolling window caps and out-of-band confirmation, so don't use it with real funds yet.