Description

EVM wallet tool for autonomous agents with built-in accountability. Creates, signs, and broadcasts ETH and ERC20 transfers on any EVM-compatible chain, then...

README (SKILL.md)

agentwallet

Name: cdnsoft-wallet
Author: cromatikap

EVM wallet with accountability for autonomous agents. Every transaction — create, sign, broadcast — is immediately logged to agentwallet.json. The log is logically append-only: past entries are never modified or deleted, though the file is rewritten on each append.

⚠️ High-impact tool. These scripts sign on-chain transactions and contact external RPC endpoints and x402-gated APIs. Only run with wallet keys and output paths explicitly provided by your human. Always confirm --max-amount is set for x402 flows.

Install

This skill is distributed via ClawHub. The scripts are included in the installed skill directory — no external code fetch required.

Dependencies (install once if not present):

pip install eth-account requests

Usage

Arbitrary contract call (e.g. bridge, custom protocol):

python3 agentwallet/scripts/log_transaction.py 0.004 ETH Linea 0xBridgeContract "bridge to Base" \
    --wallet-key ~/.secrets/eth_wallet.json \
    --rpc https://rpc.linea.build \
    --calldata 0x1234abcd... \
    --output ~/website/treasury.json

Signs and broadcasts a raw contract call with custom calldata. Logs the transaction automatically.

x402 payment to a gated API (e.g. Actors.dev email, GateSkip):

python3 agentwallet/scripts/x402_request.py \
    --url https://actors.dev/emails \
    --wallet-key ~/.secrets/eth_wallet.json \
    --rpc https://mainnet.base.org \
    --output ~/website/treasury.json \
    --purpose "email to Verso" \
    --header "Authorization: Bearer YOUR_API_KEY" \
    --body '{"to": "[email protected]", "subject": "Hi", "body": "Hello!"}' \
    --max-amount 0.02 \
    --pay-to 0x3604712bd95ba2ff36b624f3ffeb6b73b34604ea

Handles full 402→sign EIP-712→retry flow. Logs USDC spend automatically. Always set --max-amount. Use --pay-to only when the facilitator address is stable — some providers (e.g. Actors.dev via Stripe) rotate it per request by design, so --pay-to would always abort.

Uniswap V3 swap (e.g. ETH → USDC on Base):

python3 agentwallet/scripts/log_transaction.py 0.0012 ETH Base - "swap ETH to USDC" \
    --wallet-key ~/.secrets/eth_wallet.json \
    --rpc https://mainnet.base.org \
    --swap-to 0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913 \
    --asset-out USDC --decimals-out 6

Logs two entries automatically: ETH out + USDC in.

python3 agentwallet/scripts/log_transaction.py \x3Camount> \x3Casset> \x3Cnetwork> \x3Cto> \x3Cpurpose> [options]

Send ETH:

python3 agentwallet/scripts/log_transaction.py 0.001 ETH Base 0xRecipient "fund wallet" \
    --wallet-key ~/.secrets/eth_wallet.json \
    --rpc https://mainnet.base.org

Send ERC20 (e.g. USDC on Base, 6 decimals):

python3 agentwallet/scripts/log_transaction.py 0.02 USDC Base 0xRecipient "GateSkip captcha" \
    --wallet-key ~/.secrets/eth_wallet.json \
    --rpc https://mainnet.base.org \
    --contract 0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913 \
    --decimals 6

Log only (no broadcast):

python3 agentwallet/scripts/log_transaction.py 0.02 USDC Base 0xRecipient "manual payment" \
    --tx-hash 0xabc123...

Options

Option	Description
`--wallet-key \x3Cpath>`	JSON file with `"private_key"` field. Required for broadcasting.
`--rpc \x3Curl>`	EVM-compatible RPC endpoint. Required for broadcasting.
`--contract \x3Caddr>`	ERC20 contract address. Omit for native ETH.
`--decimals \x3Cint>`	Token decimals. Default: 18. USDC = 6.
`--output \x3Cpath>`	Path to `agentwallet.json`. Required — ask your human if unsure.
`--tx-hash \x3Chash>`	Skip broadcast, log an existing hash only.
`--direction \x3Csent\|received>`	Direction of the transaction. Default: `sent`. Use `received` to log incoming transactions (requires `--tx-hash`).
`--calldata \x3Chex>`	Raw calldata hex (with or without `0x` prefix) — triggers arbitrary contract call instead of transfer.
`--swap-to \x3Ccontract>`	Output token contract address — triggers Uniswap V3 swap instead of transfer.
`--asset-out \x3Csymbol>`	Output asset symbol for the log (default: TOKEN).
`--decimals-out \x3Cint>`	Output token decimals (default: 6).
`--fee \x3Cint>`	Uniswap V3 pool fee tier in bps (default: 500 = 0.05%).
`--min-out \x3Camount>`	Minimum output amount in human units (e.g. `2.4`). Enables slippage protection — swap reverts if output is below this. Recommended for larger swaps.

Wallet JSON format

{ "private_key": "0x..." }

Keep at chmod 600. Never commit to git.

Log format

{
  "transactions": [
    {
      "date": "2026-04-01T10:00:00Z",
      "amount": "0.02",
      "asset": "USDC",
      "network": "Base",
      "to": "0xRecipient...",
      "purpose": "GateSkip captcha solve",
      "tx_hash": "0xabc123..."
    }
  ]
}

Rules

Log before or immediately after every transaction — never batch or defer
Use "pending" for tx hash if not yet confirmed
Never modify or delete past log entries — the log is a permanent audit trail
If --wallet-key or --output are not known, ask your human before proceeding
For x402 flows, always confirm --max-amount is set to prevent signing unexpected amounts

Docs

Full documentation: https://cdnsoft.github.io/agentwallet

Usage Guidance

This skill appears to do exactly what it says: sign and broadcast EVM transactions and log them locally. Key safety notes before installing or running: (1) Never give an agent your main/private wallet file unless you fully trust it — prefer a dedicated, funded test or merchant wallet with limited balance. (2) Always pass --output to a path you control, and set file permissions (chmod 600) on wallet JSON. (3) For x402 flows, always use --max-amount and (when practical) --pay-to to avoid unexpected payouts. (4) Review the scripts yourself (they are included) and test with a small transaction on a testnet or a tiny balance before any production use. (5) If you want stricter protection, use a hardware wallet or signing service that disallows arbitrary transaction broadcasting.

Capability Analysis

Type: OpenClaw Skill Name: cdnsoft-wallet Version: 0.3.4 The bundle provides a legitimate EVM wallet utility for autonomous agents, enabling ETH/ERC20 transfers, Uniswap V3 swaps, and x402-compliant payment flows. The scripts (log_transaction.py and x402_request.py) perform local transaction signing using the eth-account library and include defensive features such as mandatory audit logging, slippage protection, and user-defined maximum payment caps (--max-amount) to prevent overspending. The documentation in SKILL.md correctly instructs the agent to seek human approval for sensitive paths and transaction limits, and no evidence of secret exfiltration or unauthorized execution was found.

Capability Assessment

✓ Purpose & Capability

Name/description match the provided scripts and SKILL.md. The tool performs on-chain signing, RPC calls, x402 payment flows, and local logging; those actions require a wallet key and RPC URL passed as CLI args, which is appropriate for a wallet skill.

✓ Instruction Scope

Runtime instructions are explicit about required inputs (--wallet-key, --rpc, --output) and warn about safety (--max-amount, ask your human). The SKILL.md does not instruct the agent to read unrelated system files or environment variables, nor to exfiltrate secrets to external endpoints beyond the target RPC/API URLs the user supplies.

✓ Install Mechanism

No installer downloads or post-install hooks are present; dependencies are standard Python packages (eth-account, requests). The skill is instruction-and-script-only, so nothing external is fetched by the install spec in the provided bundle.

✓ Credentials

The skill requests no environment variables or hidden credentials. It explicitly requires a wallet JSON file (private_key) and RPC/API endpoints at runtime — these are necessary and proportionate for signing and broadcasting transactions and for x402 flows.

ℹ Persistence & Privilege

The skill does not request permanent/always-on presence and does not modify other skills. It can be invoked autonomously by agents (platform default); because it can sign and broadcast transactions if given a private key, you should only provide wallet keys when you trust the agent and limit allowed spend (use --max-amount / --pay-to).

Version History

v0.3.4

Release 0.3.4

v0.3.3

Release 0.3.3

v0.3.2

Release 0.3.2

v0.3.1

Release 0.3.1

v0.3.0

Release 0.3.0

v0.2.1

Release 0.2.1

v0.2.0

Release 0.2.0

v0.1.3

Release 0.1.3

v0.1.2

Release 0.1.2

v0.1.1

Release 0.1.1

v0.1.0

Release 0.1.0

Metadata

Slug cdnsoft-wallet

Version 0.3.4

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 11

Frequently Asked Questions

What is cdnsoft-wallet?

EVM wallet tool for autonomous agents with built-in accountability. Creates, signs, and broadcasts ETH and ERC20 transfers on any EVM-compatible chain, then... It is an AI Agent Skill for Claude Code / OpenClaw, with 178 downloads so far.

How do I install cdnsoft-wallet?

Run "/install cdnsoft-wallet" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is cdnsoft-wallet free?

Yes, cdnsoft-wallet is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does cdnsoft-wallet support?

cdnsoft-wallet is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created cdnsoft-wallet?

It is built and maintained by cromatikap (@cromatikap); the current version is v0.3.4.

More Skills

cdnsoft-wallet