← Back to Skills Marketplace
craigmbrown

BlindOracle - Privacy-First Agent Infrastructure

by craigmbrown · GitHub ↗ · v1.0.1
cross-platform ⚠ suspicious
419
Downloads
1
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install blindoracle
Description
Privacy-first agent infrastructure offering secure forecasting markets, decentralized credential verification, multi-rail settlement, and cross-rail micropay...
README (SKILL.md)

BlindOracle

Privacy-first agent infrastructure providing forecasting, credential verification, settlement, and cross-rail transfers via x402 micropayments.

Description

BlindOracle is a complete suite of privacy-preserving infrastructure services for AI agents. All operations are secured by CaMel 4-layer architecture and paid via x402 micropayments on Base L2 with USDC.

Service Tracks

  1. Forecasting Platform - Create and resolve privacy-preserving forecast markets with anonymous position submission
  2. Credential Verification - Decentralized agent identity scoring with anti-synthetic detection
  3. Account & Settlement - Multi-rail balance management and value transfer (instant ~3s, on-ledger ~30s)
  4. Cross-Rail Transfers - Atomic transfers between payment rails with free fee quotes

Capabilities

Capability Description Price
create_forecast Create a new forecast market 0.001 USDC
submit_position Submit anonymous position 0.0005 USDC + 0.1%
resolve_forecast Resolve forecast and distribute payouts 0.002 USDC
verify_credential Verify agent credentials and reputation 0.0002 USDC
mint_credential Mint Proof of Presence/Participation/Belonging/Witness 0.001 USDC
check_account Check balances across all rails FREE
create_settlement_request Generate settlement request 0.0001 USDC
settle_instant Instant rail settlement (~3s) 0.0005 USDC + 0.1%
settle_onchain On-chain rail settlement (~30s) 0.001 USDC + 0.05%
transfer_cross_rail Cross-rail transfer execution 0.001 USDC + 0.1%
convert_private_to_stable Convert private tokens to stablecoins 0.0005 USDC + 0.05%
get_transfer_quote Get fee estimates and route plans FREE

Usage

// Check account balances (FREE)
const balance = await gateway.invoke("blindoracle", {
  capability: "check_account",
  params: { rail: "all" }
});

// Create a forecast
const forecast = await gateway.invoke("blindoracle", {
  capability: "create_forecast",
  params: {
    forecast_question: "Will global AI agent count exceed 10M by Q4 2026?",
    forecast_deadline: "2026-12-31T23:59:59Z",
    initial_stake_units: 10000,
    resolution_oracle: "chainlink_data_feed"
  },
  payment_proof: { /* x402 proof */ }
});

// Verify agent credentials
const creds = await gateway.invoke("blindoracle", {
  capability: "verify_credential",
  params: {
    agent_public_key: "ba3eefec0e795362230f869461ea16e20b782e11eef6107edeed0d3d19e7651b"
  }
});

Security

All operations protected by CaMel 4-Layer Security:

  • Layer 1: Rate limiting (60 req/min) + input sanitization
  • Layer 2: Byzantine consensus (67% threshold, 80% for high-value)
  • Layer 3: Anti-persuasion detection (30% deviation threshold)
  • Layer 4: Authority validation + immutable audit trail

Privacy

  • Zero-identity-linkage via guardian federation bridge
  • Commitment scheme: sha256(secret || stance || amount)
  • Depositor and position holder are unlinkable
  • Decentralized credentials without central authority

API Endpoints

  • Base URL: https://craigmbrown.com/api/v2
  • Agent Card: https://craigmbrown.com/a2a/v1
  • Health: https://craigmbrown.com/api/v2/health

Payment

All payments via HTTP 402 (x402) micropayment protocol on Base L2 (chain ID 8453) with USDC.

Requirements

  • x402-compatible payment client
  • Base L2 USDC for paid capabilities
  • No dependencies for free capabilities (check_account, get_transfer_quote)

Support

Usage Guidance
This skill exhibits concerning mismatches between its public description and its implementation. Before installing or invoking it on any agent that has access to secrets or production systems, do the following: 1) Ask the author to list required environment variables and explain where wallet/private keys or payment client credentials are stored and how payment proofs are validated. 2) Request the missing modules referenced by handler.py (security.blindoracle_security_gateway and distribution.clawhub_skill.handler) and review them — the handler currently modifies sys.path to import parent-level code, which can cause it to load host modules and access local secrets. 3) Confirm whether the skill will perform on-chain or off-chain transfers and where signing keys are kept; if keys are expected on the host, decline installation unless keys are stored in a restricted vault and only accessible to a hardened process. 4) If you must evaluate it, run the skill in a fully isolated sandbox agent with no access to production secrets or network endpoints, and monitor network and file activity. 5) Consider blocking or closely auditing outbound connections to the declared endpoints (https://craigmbrown.com) and any RPC endpoints the missing modules may call. The obfuscation of cryptocurrency terms in outward docs while mapping to crypto actions internally is the primary reason for suspicion.
Capability Analysis
Type: OpenClaw Skill Name: blindoracle Version: 1.0.1 The skill is classified as suspicious primarily due to its intentional obfuscation of underlying cryptocurrency and blockchain technologies. The `handler.py` file contains a `SCRUB_TERMS` dictionary and associated logic to replace terms like 'Bitcoin', 'Ethereum', 'Lightning', and 'sats' with sanitized phrases such as 'digital value', 'settlement network', 'instant rail', and 'units'. This 'Brand A' terminology, while not directly malicious code, represents a deceptive practice regarding the transparency of the services offered. Furthermore, the skill relies on unprovided internal modules (`security.blindoracle_security_gateway` and `distribution.clawhub_skill.handler`) for its core logic and security mechanisms, preventing a full audit of these critical components. The skill also exposes high-risk financial and identity management capabilities (e.g., `settle_onchain`, `transfer_cross_rail`, `mint_credential`) which, without full visibility into the underlying implementations, warrant caution.
Capability Assessment
Purpose & Capability
The SKILL.md and metadata present a 'sanitized' privacy/payments service with no required credentials. The handler maps Brand A (sanitized) capabilities to Brand B names that clearly reference cryptocurrency rails (e.g., withdraw_lightning, swap_btc_eth, amount_sats). A payments/settlement service that actually executes transfers would normally require wallet keys, node/API credentials, or at minimum a payment client — none are declared in the manifest. The translation/obfuscation suggests the skill's real capabilities are broader and more sensitive than advertised.
Instruction Scope
SKILL.md instructs agents to use gateway.invoke and talks to https://craigmbrown.com/api/v2; this is expected. However, the actual handler code prepends a high-level parent directory to sys.path and attempts to import external modules (security.blindoracle_security_gateway and distribution.clawhub_skill.handler) that are not included in the package. Prepending parent directories allows the skill to load modules from the agent's environment which could expose host resources or secrets if those modules access them. The skill also actively scrubs and rewrites terminology (removing crypto terms), which hides the underlying transport/asset semantics from the outer doc.
Install Mechanism
No install spec (no downloads/write-to-disk installer) is provided, which limits upfront risk. However, the package includes non-trivial Python code (handler.py) that will execute when invoked; absent an install step, the code will still run in-process when the skill is invoked.
Credentials
The skill requests no environment variables or credentials in its manifest despite clearly performing financial settlement and transfer operations. Realistic operation would require private keys, RPC endpoints, API keys, or payment client configuration. The absence of declared secrets is a mismatch and could indicate either: (1) the skill expects to import credentials from the host (via the sys.path trick), or (2) the manifest is incomplete/obfuscated. Both are security-relevant.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system configuration changes in the provided files. This lowers privilege concerns. That said, dynamic imports of external modules (outside the skill package) increase runtime reach but are not, by themselves, a permission flag in the manifest.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install blindoracle
  3. After installation, invoke the skill by name or use /blindoracle
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Fix repository link to point to blindoracle-docs, fix install command
v1.0.0
Initial release: privacy-first agent infrastructure with forecasting, credential verification, settlement, and cross-rail transfers via x402 micropayments
Metadata
Slug blindoracle
Version 1.0.1
License
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is BlindOracle - Privacy-First Agent Infrastructure?

Privacy-first agent infrastructure offering secure forecasting markets, decentralized credential verification, multi-rail settlement, and cross-rail micropay... It is an AI Agent Skill for Claude Code / OpenClaw, with 419 downloads so far.

How do I install BlindOracle - Privacy-First Agent Infrastructure?

Run "/install blindoracle" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is BlindOracle - Privacy-First Agent Infrastructure free?

Yes, BlindOracle - Privacy-First Agent Infrastructure is completely free (open-source). You can download, install and use it at no cost.

Which platforms does BlindOracle - Privacy-First Agent Infrastructure support?

BlindOracle - Privacy-First Agent Infrastructure is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created BlindOracle - Privacy-First Agent Infrastructure?

It is built and maintained by craigmbrown (@craigmbrown); the current version is v1.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments