Cetus Yield Agent on Sui
Build a Node.js agent that deposits funds into trading pools on Cetus Protocol (Sui’s largest DEX) and earns a share of every trade — with no private key in your .env.
The recipe is split into five phases. Each phase builds on the previous one. You can stop at any phase and have a working agent.
| Phase | What it does | Time | Risk level |
|---|---|---|---|
| 1 — Monitor a Pool | Watch pool prices, detect when positions would need repositioning | 10 min | None (read-only) |
| 2 — Earn Fees | Open a position, earn fees, auto-reposition when price moves | 15 min | Real funds at risk |
| 3 — Adaptive Strategy | Auto-adjust earning zone width based on market volatility | 5 min | Same as Phase 2 |
| 4 — Compare Pools | Scan all Cetus pools and rank by return | 5 min | None (monitoring) |
| 5 — Compare Protocols | Scan yield across 9+ Sui protocols | 5 min | None (monitoring) |
What you need
- Node.js 20+
- WaaP CLI (
npm install -g @human.tech/waap-cli@latest) - A WaaP account with SUI for gas (testnet for Phase 1, mainnet optional for Phase 2+)
Project setup
This is shared across all phases:
mkdir cetus-yield-agent && cd cetus-yield-agent
npm init -y
npm install @cetusprotocol/cetus-sui-clmm-sdk @mysten/sui bn.js dotenv
npm install -g @human.tech/waap-cli@latestCreate a WaaP wallet
waap-cli signup --email youremail+cetus-agent@example.com --password 'YourSecurePassword!'
waap-cli chain set sui:mainnet # or sui:testnet
waap-cli whoami # note your Sui address — fund it with SUIFunding tip: Send native SUI from an exchange (Coinbase, Binance, etc.) directly to your Sui address. Do not bridge ETH — the Sui Bridge creates wrapped ETH, not native SUI, and you need SUI for gas. Reserve at least 0.2 SUI for transaction fees.
Testnet tip: The Sui testnet faucet rate-limits aggressively from VPS and cloud IPs. Use a browser-based faucet if the API faucet fails.
Configuration
Create a .env file. You’ll add to this as you progress through phases:
# Pool (SUI/USDC on Cetus — get pool IDs from app.cetus.zone)
CETUS_POOL_ID=0xb8d7d9e66a60c239e7a60110efcf8de6c705580ed924d0dde141f4a0e2c90105
# Agent mode: "monitor" (Phase 1) or "active" (Phase 2+)
AGENT_MODE=monitor
# Strategy
REBALANCE_THRESHOLD_TICKS=100
POSITION_RANGE_TICKS=200
CHECK_INTERVAL_MS=300000
# Network
NETWORK=mainnetSecurity model
Every transaction goes through WaaP CLI’s two-party signing. The agent never holds the full private key.
| Layer | What it does |
|---|---|
| Key splitting | Private key split between your device and a secure enclave — neither side can sign alone |
| Spend limits | Daily cap prevents runaway losses |
| Human approval | High-value transactions trigger a Telegram/email prompt |
| No .env secrets | No private key in environment variables or code |
Now pick a phase and start building.
Related
- WaaP for Agents — CLI reference and setup
- CLI Commands — Full command reference