Skip to main content

What you will learn

  • Every environment variable recognized by ISCL Core and adapters
  • PolicyConfig fields and their effects
  • AppOptions for programmatic configuration

ISCL Core environment variables

Server

VariableTypeDefaultDescription
ISCL_PORTnumber3100HTTP server listen port
ISCL_HOSTstring127.0.0.1Bind address. Use 0.0.0.0 in Docker
ISCL_AUDIT_DBstring./iscl-audit.sqliteSQLite database path
ISCL_KEYSTORE_PATHstring~/.iscl/keystoreEncrypted keystore directory
ISCL_APPROVAL_MODEstringcliApproval mode: cli, web, or auto

Multi-Chain RPC

VariableTypeDefaultDescription
ISCL_RPC_URL_{chainId}stringPer-chain RPC URL (e.g., ISCL_RPC_URL_8453)
BASE_RPC_URLstringLegacy fallback for chain 8453 (Base)
Supported chains: Ethereum (1), Optimism (10), Arbitrum (42161), Base (8453). Resolution logic:
  1. Scan env vars matching ISCL_RPC_URL_{digits} — add each to the URL map
  2. If BASE_RPC_URL set and ISCL_RPC_URL_8453 not set, add as chain 8453
  3. Single URL → ViemRpcClient (backward compatible)
  4. Multiple URLs → RpcRouter (dispatches per chain)

DEX Aggregation

VariableTypeDefaultDescription
ONEINCH_API_KEYstring1inch Swap API v6 key. Enables provider: "1inch" on swap intents

Demo / development

VariableTypeDefaultDescription
ISCL_DEMO_PASSPHRASEstringtest-passphrase-123Passphrase for demo keystore
ISCL_AUTO_APPROVEstringfalseAuto-approve all (demo only)

Adapter environment variables

Telegram Bot

VariableRequiredDefaultDescription
TELEGRAM_BOT_TOKENYesBot token from BotFather
ISCL_WALLET_ADDRESSYesWallet address (0x + 40 hex)
ISCL_CHAIN_IDNo8453Default chain ID
ISCL_TELEGRAM_ALLOWED_CHATSNo(allow all)Comma-separated chat IDs
ISCL_API_URLNohttp://127.0.0.1:3100ISCL Core URL
ISCL_TIMEOUT_MSNo30000HTTP timeout (ms)

MCP Adapter

VariableRequiredDefaultDescription
ISCL_API_URLNohttp://127.0.0.1:3100ISCL Core URL

Eliza Plugin

Configured via ElizaOS character file settings.secrets:
KeyRequiredDescription
ISCL_API_URLYesISCL Core URL
ISCL_WALLET_ADDRESSYesWallet address

PolicyConfig

Controls which transactions are allowed, denied, or require approval. Provided as JSON file or programmatically.

Fields

FieldTypeDefaultDescription
version"1""1"Schema version
maxValueWeistring"0"Max transaction value. "0" = deny all
maxApprovalAmountstring"0"Max ERC-20 approval. "0" = deny all
contractAllowliststring[][]Allowed contracts. Empty = allow all
tokenAllowliststring[][]Allowed tokens. Empty = allow all
allowedChainsnumber[][1,10,42161,8453]Allowed chain IDs
recipientAllowliststring[][]Allowed recipients. Empty = allow all
maxRiskScoreinteger50Risk score ceiling (0-100)
requireApprovalAboveobject{"valueWei":"0"}Approval value threshold
maxTxPerHourinteger10Per-wallet rate limit
The default policy denies ALL value-bearing transactions (maxValueWei: "0"). You must configure limits explicitly.

Example: Production Policy

{
  "version": "1",
  "maxValueWei": "1000000000000000000",
  "maxApprovalAmount": "1000000000000000000",
  "contractAllowlist": ["0x2626664c2603336E57B271c5C0b26F421741e481"],
  "tokenAllowlist": [
    "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
    "0x4200000000000000000000000000000000000006"
  ],
  "allowedChains": [8453],
  "recipientAllowlist": [],
  "maxRiskScore": 30,
  "requireApprovalAbove": { "valueWei": "500000000000000000" },
  "maxTxPerHour": 5
}

AppOptions (programmatic)

When using buildApp() directly:
OptionTypeDefaultDescription
loggerbooleantrueEnable pino logging
auditDbPathstring./iscl-audit.sqliteAudit DB path
keystorePathstring~/.iscl/keystoreKeystore directory
policyConfigPolicyConfigdeny-allInline policy config
rpcClientRpcClientPre-configured RPC client
promptFnPromptFnCustom approval function
approvalModestringcliApproval mode
oneInchApiKeystring1inch API key
PromptFn signature: 
type PromptFn = (summary: ApprovalSummary) => Promise<boolean>;

Next steps