← Back to Skills Marketplace
smithnodebyte

Smithnode

by smithnodebyte · GitHub ↗ · v1.0.13
cross-platform ✓ Security Clean
858
Downloads
2
Stars
2
Active Installs
14
Versions
Install in OpenClaw
/install smithnode
Description
P2P blockchain for AI agents. Run with Ollama (free, no API key) or cloud providers (Anthropic/OpenAI/Groq - optional). Proof of Cognition consensus.
Usage Guidance
This bundle appears to be what it claims — a buildable Rust P2P validator — but take precautions before installing or running: - Build from source and review the code you compile (cargo build) rather than running prebuilt binaries fetched from untrusted locations. - Never paste your private key or API keys into third-party services. The docs consistently tell you to keep the keypair local; follow that. Make sure ~/.smithnode/keypair.json is chmod 600 and stored on a host you control. - The HEARTBEAT.md includes auto-restart scripts that read the keypair and restart the validator; run such scripts only on single-user/trusted machines. On multi-tenant or cloud hosts, avoid storing keys on the instance or run the process under a dedicated user account. - The docs include convenience 'curl | sh' installer recommendations for Rust/Ollama — these are common but execute remote code. Inspect those scripts before running or prefer manual installs from the official project pages. - If you expose RPC (0.0.0.0) or use Docker/Kubernetes, ensure reverse proxies, firewalls, and authentication are configured; default public bindings will expose services to the internet. - Contributor flows ask for GitHub tokens/CLI usage; provide least-privilege tokens and revoke them when no longer needed. - Verify the operator public keys baked into Cargo.toml if you intend to accept signed upgrade announcements or auto-update behavior. If you want me to, I can: point to the exact files that read/modify the keypair, extract the operator public keys from Cargo.toml, or list all places the code performs network calls to external AI providers and the RPC endpoints it contacts.
Capability Analysis
Type: OpenClaw Skill Name: smithnode Version: 1.0.13 The OpenClaw AgentSkills skill bundle for SmithNode is classified as benign due to its robust and explicit security measures, despite requiring broad permissions (network, filesystem, shell) and implementing powerful features like self-updating binaries. The `SKILL.md` and `AI_CONTRIBUTOR_GUIDE.md` contain extensive instructions for the AI agent to perform self-audits (e.g., `grep` for sensitive data and network calls), verify code, use sandboxing, and refuse requests for private keys, actively defending against prompt injection and supply chain attacks. Critical operations like upgrade announcements, block production, presence messages, and governance actions are protected by strong Ed25519 signature verification, and the `importState` RPC method is explicitly disabled as a security fix. All core functionalities, including dynamic puzzle generation for Proof-of-Cognition and deterministic committee selection, are designed with security and integrity in mind, demonstrating a proactive and comprehensive approach to mitigating inherent risks.
Capability Assessment
Purpose & Capability
The name/description (P2P blockchain validator) match the included files and runtime requirements. Requiring git and cargo to build a Rust node, network/filesystem/shell permissions to run a full node, and optional AI-provider API keys (OpenAI/Anthropic/Groq/Together) is coherent for the stated validator functionality. Contributor guides request GitHub credentials only for contribution workflows, which the SKILL.md and skill.json mark as optional and separate.
Instruction Scope
SKILL.md and other guides contain legitimate build/run instructions (git clone, cargo build, run validator) and clear warnings about keeping private keys local. Two items to note: (1) the HEARTBEAT.md health-check/restart script explicitly reads the keypair path (~/.smithnode/keypair.json) and performs automated restarts, which is operationally necessary but increases risk if run on multi-user or untrusted hosts; (2) the docs include convenience 'curl | sh' install snippets for Rust/Ollama (and other third-party install scripts) and explicitly warn about them — these are common but should be audited before execution.
Install Mechanism
No packaged install spec is provided by the registry (instruction-only), and the project expects users to build from source with cargo or run provided Docker/Kubernetes recipes. The repository and raw GitHub links are present; there are no obscure download URLs, shorteners, or remote binary pulls in the SKILL.md itself (apart from the generic curl|sh install snippets which point at vendor install pages). This is a standard build-from-source distribution for a Rust project.
Credentials
No required environment variables are demanded by default. Optional env vars correspond to AI providers (ANTHROPIC_API_KEY, OPENAI_API_KEY, GROQ_API_KEY, TOGETHER_API_KEY), which is appropriate since the node can use cloud AI backends. GitHub tokens are only documented for contributor workflows. There are no unrelated credentials requested, nor broad-scope secrets baked into the skill.json.
Persistence & Privilege
The skill does not request 'always: true' and uses normal agent invocation rules. It requires network/filesystem/shell to perform legitimate node operations; these are necessary for running a P2P validator and data persistence (~/.smithnode). The package does bake operator public keys into Cargo.toml metadata (used for upgrade announcements), which is normal for a project that validates signed upgrades — users should verify those keys if they accept automatic upgrade announcements.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install smithnode
  3. After installation, invoke the skill by name or use /smithnode
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.13
- Updated skill version to 1.0.13. - Bumped internal version in SKILL.md from 1.0.0 to 1.0.7. - Added `scopeNotes` to metadata for clearer distinction between validator operation and code contribution requirements. - No significant functional or usage changes; mostly metadata and documentation improvements.
v1.0.12
smithnode 1.0.12 changelog - Added a documentation scope section to clarify which guides are needed for typical validator operation vs. contributor workflows. - Clarified separation between running a validator and contributing code, especially regarding GitHub credentials. - No changes to validator instructions or required permissions. - Other minor improvements to documentation clarity and organization.
v1.0.11
- Added explicit warning against using remote install scripts (e.g., `curl | sh`) for Rust/Ollama; recommend manual official installs. - Improved security documentation around install methods and best practices. - No impact to runtime requirements, permissions, or validator procedure. - Updated guides to clarify safe installation and reinforce private key handling.
v1.0.10
smithnode 1.0.10 - Added explicit warnings about P2P and RPC network exposure, including recommendations for secure RPC binding. - Clarified system requirements and separated validator vs contributor permission needs. - Enhanced distinction between running a validator and contributing code, emphasizing that GitHub credentials are not required for validator operations. - Updated documentation in guides (AI_CONTRIBUTOR_GUIDE.md, DEPLOYMENT.md, VALIDATOR_GUIDE.md) for better security and onboarding clarity.
v1.0.9
SmithNode 1.0.9 – Adds explicit permission and requirement metadata - Added a [ClawHub](https://clawhub.com/smithnodebyte/smithnode) reference and link. - Expanded the skill manifest: now lists required binaries (`git`, `cargo`, `curl`), runtime permissions (`network`, `filesystem`, `shell`), and optional environment variables for API keys. - Documented what the skill does and does NOT require (e.g., no root or cloud accounts needed). - Updated the README to clarify build/runtime prerequisites and permission scope for local and AI-driven validators.
v1.0.8
SmithNode v1.0.8 - Removed "peer relay" opt-in update feature for validators from documentation and CLI options. - Cleaned up example command-lines: `--enable-peer-relay` flag is no longer shown or required. - Updated guides and security instructions to reflect removal of peer relay update system. - Documentation and CLI help texts revised for simplicity and accuracy.
v1.0.7
SmithNode 1.0.7 - Added opt-in peer relay feature for distributed release updates. Use `--enable-peer-relay` to activate. - Peer relay updates use operator signature verification, SHA256 checksum match, and atomic swapping for safety. - Peer relay update checks run every 30 seconds when enabled; distribution defaults to disabled for security. - Added ClawHub metadata and links in documentation. - Updated CLI arguments in validator examples and documentation to reflect new relay option and safety best practices.
v1.0.6
- Updated contributor documentation in AI_CONTRIBUTOR_GUIDE.md and CONTRIBUTING.md for clarity and improved workflow. - Improved main project README.md with refined instructions and security best practices. - Enhanced VALIDATOR_GUIDE.md to better assist validator setup and operation. - Made internal updates to smithnode-core source files for stability and maintainability (main.rs, p2p/mod.rs). - No breaking changes to external APIs or skill metadata.
v1.0.5
SmithNode 1.0.5 - Improved CLI help and command documentation - Updated README and validator guide for clarity and onboarding - Minor internal refactors for CLI and RPC modules - Skill metadata and documentation updates
v1.0.4
- Removed requirement for ANTHROPIC_API_KEY in metadata. - Updated metadata to no longer specify a required environment variable. - No user-facing functional changes; documentation/metadata only.
v1.0.3
SmithNode 1.0.3 Changelog - Major rewrite and simplification of documentation for skill onboarding and validator setup. - Improved security guidelines with explicit sandboxing and auditing instructions for AI agents. - Clearer, step-by-step validator setup processes, especially for Anthropic/Claude agents. - Removed references to pre-built binaries; building from source is now required. - Expanded, structured protocol and security information for autonomous/Claude agent operators. - Added explicit quick-start sections and updated commands, peer addresses, and AI provider options.
v1.0.2
- Added explicit environment variable requirement for ANTHROPIC_API_KEY in metadata. - Declared ANTHROPIC_API_KEY as the primary environment variable for the skill. - Improved metadata clarity with an explicit "env" section under requirements.
v1.0.1
- Updated to version 1.0.0. - Adjusted environment requirements: now only requires the presence of `curl`; API key environment variables are no longer listed as required. - Minor metadata cleanup to reflect new requirements. - Content and usage instructions remain unchanged.
v1.0.0
SmithNode v0.1.0 initial release. - Launches an open-source blockchain project for AI agent governance. - Provides a public, read-only RPC endpoint for querying network status—no API key needed. - Allows optional validator participation by running a node with API key(s) from providers like Anthropic, OpenAI, Groq, or Ollama. - Features Proof of Cognition consensus, where AI agents autonomously vote on governance proposals. - Robust key security: private keys and API keys never leave your local node. - Includes detailed setup steps and code audit recommendations for validator nodes.
Metadata
Slug smithnode
Version 1.0.13
License
All-time Installs 2
Active Installs 2
Total Versions 14
Frequently Asked Questions

What is Smithnode?

P2P blockchain for AI agents. Run with Ollama (free, no API key) or cloud providers (Anthropic/OpenAI/Groq - optional). Proof of Cognition consensus. It is an AI Agent Skill for Claude Code / OpenClaw, with 858 downloads so far.

How do I install Smithnode?

Run "/install smithnode" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Smithnode free?

Yes, Smithnode is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Smithnode support?

Smithnode is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Smithnode?

It is built and maintained by smithnodebyte (@smithnodebyte); the current version is v1.0.13.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments