Coinbase CDP CLI Ships Agent-Ready Onchain Infrastructure

Coinbase just redrew the boundary between crypto custody infrastructure and AI execution layer. The CDP CLI and bundled MCP server, alongside delegated signing and onchain swap hooks, land as a coordinated set of primitives that do something no prior CDP release attempted: make every API endpoint directly callable by an LLM agent, with institutional-grade guardrails baked in. This is not a developer experience polish release. This is Coinbase productizing an AI-first control plane for autonomous money movement. Engineering teams that miss this distinction will underestimate what they're evaluating.

What Actually Shipped

The CDP CLI and Bundled MCP Server

`@coinbase/cdp-cli` is a new command-line tool that gives you authenticated terminal access to the full CDP API surface. That's useful on its own. What makes it architectural is the bundled Model Context Protocol (MCP) server that ships with it. Every CDP endpoint is exposed as a typed tool with inline JSON schemas. Wallet creation, transaction submission, onchain swaps, balance queries: all of them are now directly invocable by any LLM or agent that speaks MCP, with zero manual OpenAPI translation or custom tool-spec authoring. The implication is concrete: if your internal AI assistant or autonomous trading agent is already wired to an MCP-compatible runtime, CDP integration drops from a multi-sprint custom build to a configuration change. The typed schemas mean agents get structured inputs and outputs, reducing hallucinated parameters on financial transactions. That matters when the tool call triggers a real fund movement.

Delegated Signing

Delegated signing introduces time-bound delegations that let backend services sign transactions on behalf of users who are offline. The design is explicitly built for webhook flows, async completions, and agent-driven spending decisions. This closes a gap that has quietly blocked production deployments of agentic fintech products for years. The problem: users authorize an action, go offline, and then some backend or agent needs to complete a multi-step onchain sequence that requires signing. Prior solutions were ugly. Teams either kept user keys in hot storage longer than any security team would approve, or they blocked on user re-engagement, destroying the async UX entirely. Time-scoped delegations solve this cleanly. The delegation window is explicit, auditable, and expires. Compliance teams get a paper trail. Security teams get a bounded exposure window. Engineering teams stop building bespoke signing backends from scratch.

Onchain Swap Hooks

Swap hooks let applications attach custom logic to CDP-powered token swaps before execution. Risk checks, custom routing rules, analytics, rate-limiting by user tier: any logic that needs to intercept the swap lifecycle now has a proper attachment point. The practical value here is separation of concerns. Previously, teams building on top of CDP swap functionality had to either wrap the entire swap call in their own service layer (introducing latency and failure modes) or accept that CDP executed swaps as a black box. Hooks give you programmability at the execution boundary without owning the full swap stack.

Why This Is a Strategic Architecture Decision, Not a Feature Evaluation

Most coverage will treat the CLI as a convenience improvement and delegated signing as a security feature. Both framings are too narrow. The deeper move is that Coinbase is positioning CDP as the default policy and risk engine for how autonomous systems interact with money. Here is the sequence:

Engineering team wires their agent to the MCP server for wallet and swap operations.

Agent-driven transactions flow through CDP's typed tools and delegated signing.

Swap hooks enforce team-specific risk and routing logic inside the CDP execution boundary.

Coinbase handles keys, chain interaction, and a significant portion of the compliance surface.

At step 4, CDP has become the trust layer your autonomous systems depend on. That is not inherently bad. Institutional-grade custody with auditability and compliance-friendly controls is exactly what enterprise fintech needs when agents start moving real money. But teams should enter that relationship with eyes open about what "lock-in" means at the infrastructure level.

Competitive Context: Who Else Is Building Here

Coinbase is not alone in targeting agent-driven onchain execution. Privy, Thirdweb, Biconomy, and Safe{Core} have all been building in this niche, and they represent a meaningfully different architectural bet.

Capability	CDP (Coinbase)	Privy / Thirdweb / Biconomy
Institutional custody	✅	❌
Gasless smart accounts	❌	✅
MCP-native agent tooling	✅	❌
Time-bound delegated signing	✅	❌
Swap hooks	✅	❌
Chain abstraction focus	❌	✅

The alternatives abstract the chain almost entirely, betting that gasless smart accounts and account abstraction reduce friction enough to win the developer. Coinbase is making the opposite bet: lean into institutional custody, make the compliance surface explicit and auditable, and layer AI-agent tooling on top of that foundation rather than underneath it. For consumer apps where frictionless UX is the primary constraint, the Privy and Thirdweb approach has real advantages. For enterprise fintech, agentic trading infrastructure, or any context where an audit trail on every AI-driven transaction is a hard requirement, CDP's approach is structurally better aligned.

Where Soap Fits Into This Picture

For teams building on Soap's unified payment orchestration layer, this CDP release is directly relevant. Soap already integrates cards, banking, stablecoins, and crypto rails under a single API. The CDP MCP server and delegated signing primitives are the exact kind of building block that makes Soap's stablecoin and crypto rail capabilities more powerful in agentic contexts. Specifically: when an autonomous agent needs to execute a cross-border payment that settles on a stablecoin rail, the combination of Soap's orchestration layer and CDP's MCP-native tooling means the agent can route, authorize, and settle without human-in-the-loop at every step. Time-bound delegations give compliance teams the audit surface they need. Swap hooks give risk teams the interception points they require before any token conversion executes. This is the architecture that makes AI-native payment infrastructure real rather than a positioning statement. The CDP release accelerates that possibility for teams already building on orchestration platforms like Soap, because the hard primitives (custody, signing delegation, typed agent tooling) no longer need to be built from scratch.

Concrete Recommendations for Engineering Leaders

If You're Building Wallets or Custody Infrastructure

Evaluate whether CDP's delegated signing can replace your current signing backend. If you are running a custom key management service for async or agent-driven transactions, the time-bound delegation model is likely more auditable and less operationally risky than what you have today. Pilot it before your next signing infrastructure review.

If You're Building Agentic Fintech Products

Wire the CDP MCP server into your internal agent stack immediately. The typed tools and inline JSON schemas eliminate a class of integration bugs that are genuinely dangerous when the tool calls move money. Even if you don't ship with CDP in production, using the MCP server in your development and staging environments will improve agent reliability on financial operations.

If You're Building Onchain Trading or Swap Flows

Swap hooks are the most underrated part of this release. If you currently maintain a service layer that wraps swap calls to enforce risk logic, test whether hooks can replace that layer. Reducing custom middleware on the critical path of trade execution is almost always worth evaluating.

If You're Evaluating CDP vs. Alternatives

Run this decision through three questions:

Does your compliance team require a per-transaction audit trail on AI-driven fund movements?

Are you building for enterprise clients who will ask about key custody during security reviews?

Do you need async or offline signing as a core product requirement rather than an edge case?

If you answer yes to two or more of those, CDP's architecture is the right fit. If your primary constraint is consumer UX and chain abstraction, look harder at Privy or Thirdweb before committing.

The Broader Signal

What Coinbase shipped here is not a collection of independent features. It is a coherent answer to the question: what does crypto infrastructure look like when the primary consumer of your API is an autonomous agent rather than a human developer? The answer is: typed tools with inline schemas so agents don't hallucinate parameters, time-bound delegations so agents can act asynchronously without holding user keys indefinitely, and hooks at execution boundaries so human-defined risk logic stays in the loop even when humans aren't. That architecture is sound. It is also the architecture that payment infrastructure platforms need to build toward as autonomous spending agents move from demos to production. The teams that recognize this release as an infrastructure shift rather than a feature drop will be six months ahead of their competition when agent-driven payment volumes start compounding in the back half of 2026. The CDP changelog is worth reading in full. The primitives are live. The window to integrate before your competitors do is narrow and closing.

Get started with Soap

If you want to start accepting agent payments, Soap gets you live in one call:

bash

1curl -X POST 'https://api-sandbox.paywithsoap.com/api/v1/checkouts' \
2--header 'Content-Type: application/json' \
3--header 'Authorization: YOUR_API_KEY' \
4--data '{
5    "customer_id": "cus_vi57KegYgcRqcGHqip8q6UZiqtrwMT870",
6    "type": "withdrawal",
7    "balance_amount_cents": 10000,
8    "experience": "web",
9    "return_url": "https://myapp.com/wallet"
10}'

Soap