โ Back to Skills Marketplace
Base Wallet
by
Ju Chun Ko
ยท GitHub โ
ยท v1.5.0
2314
Downloads
3
Stars
9
Active Installs
6
Versions
Install in OpenClaw
/install base-wallet
Description
๐ Base Wallet - Crypto Identity for AI Agents. Create wallets, sign messages (SIWE), send transactions programmatically. No browser extensions, no human intervention. The foundation for autonomous Web3 agents.
README (SKILL.md)
๐ Base Wallet - Crypto Identity for AI Agents
Every autonomous agent needs a wallet. Create one without human help.
TL;DR: Programmatic wallet creation on Base/Ethereum. SIWE auth, balance checks, transactions.
Why Base Wallet?
- True autonomy โ Your agent creates and controls its own wallet
- No browser needed โ Pure CLI, no extensions or popups
- SIWE ready โ Sign-In with Ethereum for Web3 services
- Secure by default โ Environment variables, no plaintext keys
Create and manage Base chain (Ethereum-compatible) wallets programmatically.
โ ๏ธ Security First
| โ DO | โ DON'T |
|---|---|
| Use environment variables for private keys | Store private keys in plain text files |
| Set wallet files to chmod 600 | Commit wallet files to git |
Use --env mode (recommended) |
Use console.log(privateKey) |
| Back up mnemonics offline | Share private keys or mnemonics |
Quick Start
Create a New Wallet (Recommended)
# Output as environment variable format (safest)
node scripts/create-wallet.js --env
# Output example:
# export WALLET_ADDRESS="0x..."
# export PRIVATE_KEY="0x..."
Then copy to your shell or .env file.
Create with File Storage (Opt-in)
# Only if you need file-based storage
node scripts/create-wallet.js --managed my-agent
โ ๏ธ This stores private key in ~/.openclaw/wallets/my-agent.json
Usage Examples
Load Wallet from Environment
const { ethers } = require('ethers');
// โ
SECURE: Load from environment variable
const wallet = new ethers.Wallet(process.env.PRIVATE_KEY);
console.log('Address:', wallet.address);
// โ NEVER: console.log('Private Key:', wallet.privateKey);
Load from Mnemonic
const wallet = ethers.Wallet.fromPhrase(process.env.MNEMONIC);
Check Balance
const provider = new ethers.JsonRpcProvider('https://mainnet.base.org');
const balance = await provider.getBalance(wallet.address);
console.log('Balance:', ethers.formatEther(balance), 'ETH');
Sign Message (SIWE)
const message = `example.com wants you to sign in with your Ethereum account:
${wallet.address}
Sign in message
URI: https://example.com
Version: 1
Chain ID: 8453
Nonce: ${nonce}
Issued At: ${new Date().toISOString()}`;
const signature = await wallet.signMessage(message);
Send Transaction
const provider = new ethers.JsonRpcProvider('https://mainnet.base.org');
const connectedWallet = wallet.connect(provider);
const tx = await connectedWallet.sendTransaction({
to: recipientAddress,
value: ethers.parseEther('0.001')
});
const receipt = await tx.wait();
console.log('TX Hash:', tx.hash);
Scripts
| Script | Description |
|---|---|
create-wallet.js --env |
Create wallet, output as env vars (recommended) |
create-wallet.js --managed [name] |
Create wallet, save to file (opt-in) |
create-wallet.js --json |
Create wallet, output as JSON |
basemail-register.js [name] |
Register for BaseMail email |
check-balance.js [address] |
Check wallet balance |
BaseMail Integration
Register for a @basemail.ai email using your wallet signature.
# If using environment variable:
PRIVATE_KEY="0x..." node scripts/basemail-register.js
# If using managed wallet:
node scripts/basemail-register.js my-agent
Network Configuration
| Network | Chain ID | RPC URL |
|---|---|---|
| Base Mainnet | 8453 | https://mainnet.base.org |
| Base Sepolia | 84532 | https://sepolia.base.org |
๐ Audit Logging
Operations are logged to ~/.base-wallet/audit.log.
Secure Storage Pattern
// โ
Recommended: Use environment variables
const privateKey = process.env.PRIVATE_KEY;
if (!privateKey) {
throw new Error('PRIVATE_KEY environment variable not set');
}
const wallet = new ethers.Wallet(privateKey);
// โ Avoid: Storing private keys in code or files
If you must store to file (not recommended):
const fs = require('fs');
const path = require('path');
// Store with restricted permissions
const filepath = path.join(process.env.HOME, '.openclaw', 'wallets', 'wallet.json');
fs.writeFileSync(filepath, JSON.stringify({
address: wallet.address,
// Only store if absolutely necessary
privateKey: wallet.privateKey
}), { mode: 0o600 }); // Owner read/write only
.gitignore
Add to your project's .gitignore:
# Wallet files - NEVER commit!
.openclaw/
*.wallet.json
*.mnemonic
private-key*
Dependencies
npm install ethers
Changelog
v1.1.0 (2026-02-08)
- ๐ Security: Changed create-wallet.js to opt-in file storage
- โจ Added --env mode (recommended)
- ๐ Added audit logging
- โ ๏ธ Removed console.log(privateKey) from examples
- ๐ Enhanced security documentation
v1.0.0
- ๐ Initial release
Usage Guidance
This skill appears to do what it says: create wallets, sign SIWE messages, check balances, and register with BaseMail. Before installing: 1) inspect and run in a safe environment (container or isolated account); 2) run npm install (ethers) before using; 3) prefer the --env mode (set PRIVATE_KEY only in your process env) and avoid using --managed unless you accept storing keys on disk; 4) note the skill will create files in ~/.openclaw/wallets and ~/.base-wallet/audit.log โ protect or delete them as needed and add wallet files to .gitignore; 5) verify you trust https://api.basemail.ai before handing it a signing wallet; 6) if you will let an autonomous agent use this skill, be aware it can create and use keys programmatically โ limit autonomy if you don't want an agent transacting on-chain.
Capability Analysis
Type: OpenClaw Skill
Name: base-wallet
Version: 1.5.0
This skill bundle is designed for programmatic management of Base/Ethereum wallets by AI agents. While handling cryptographic private keys is inherently high-risk, the skill demonstrates strong security practices: it primarily recommends using environment variables for private keys, requires explicit opt-in and user confirmation for file-based storage, and sets strict file permissions (0o600) for any stored wallet data in `scripts/create-wallet.js` and `scripts/basemail-register.js`. The `SKILL.md` documentation is transparent about security risks and provides clear warnings and best practices. All network calls are to documented endpoints (`https://api.basemail.ai`, `https://mainnet.base.org`) for the stated purpose of wallet operations and email registration. No evidence of prompt injection, unauthorized data exfiltration, or malicious execution was found.
Capability Assessment
Purpose & Capability
Name/description (Base wallet, SIWE, transactions) match the included scripts and documentation. The three scripts implement wallet creation, balance checks, and BaseMail registration against api.basemail.ai โ all coherent with the declared purpose.
Instruction Scope
Runtime instructions and scripts operate within expected scope: creating wallets, optionally storing managed wallet files (~/.openclaw/wallets), logging to ~/.base-wallet/audit.log, checking balances via RPC, and calling BaseMail endpoints. Minor scope notes: the SKILL.md strongly recommends using environment variables (PRIVATE_KEY, MNEMONIC, WALLET_DIR) and also documents an opt-in file storage mode; these behaviors are explicit in the scripts (no unexpected file or system scanning).
Install Mechanism
There is no automated install spec (instruction-only install), which is lowest risk. package.json lists an ethers dependency and SKILL.md tells the user to npm install ethers; the skill will fail unless dependencies are installed. No remote downloads or obscure URLs are used.
Credentials
The scripts use PRIVATE_KEY, MNEMONIC, and optional WALLET_DIR โ all directly relevant to wallet management. However, the registry metadata declared no required env vars while the runtime explicitly reads these environment variables; this metadata omission is a minor inconsistency but not malicious.
Persistence & Privilege
always:false (normal). The skill persists optional managed wallet files under ~/.openclaw/wallets and writes an audit log to ~/.base-wallet/audit.log. These are expected for this type of tool but are persistent artifacts the user should consider and protect.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install base-wallet - After installation, invoke the skill by name or use
/base-wallet - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.5.0
Full English documentation
v1.4.0
Better branding: title format, Why section, autonomy focus
v1.3.0
Shorter description
v1.2.0
Enhanced branding: Crypto Identity for AI Agents
v1.1.0
Security: opt-in file storage, env var preferred, removed console.log(privateKey), added audit logging
v1.0.0
Initial release: Create Base/Ethereum wallets, SIWE signing, BaseMail.ai integration
Metadata
Frequently Asked Questions
What is Base Wallet?
๐ Base Wallet - Crypto Identity for AI Agents. Create wallets, sign messages (SIWE), send transactions programmatically. No browser extensions, no human intervention. The foundation for autonomous Web3 agents. It is an AI Agent Skill for Claude Code / OpenClaw, with 2314 downloads so far.
How do I install Base Wallet?
Run "/install base-wallet" in the OpenClaw or Claude Code chat to install it in one step โ no extra setup required.
Is Base Wallet free?
Yes, Base Wallet is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Base Wallet support?
Base Wallet is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Base Wallet?
It is built and maintained by Ju Chun Ko (@daaab); the current version is v1.5.0.
More Skills