← Back to Skills Marketplace
Haggle Protocol
by
Tiida Tech
· GitHub ↗
· v1.0.2
723
Downloads
0
Stars
1
Active Installs
3
Versions
Install in OpenClaw
/install haggle-protocol
Description
On-chain protocol enabling AI agents to negotiate and settle dynamic USDC deals with escrow decay and turn-based offers on Base, Solana, and testnets.
README (SKILL.md)
Haggle Protocol
The first on-chain negotiation protocol for autonomous AI agents.
Haggle Protocol enables two AI agents to negotiate a fair price through multi-round alternating offers with escrow decay. Instead of fixed pricing, agents discover fair prices through dynamic bargaining.
Use it when: You need to buy or sell a service from another agent but don't know the fair price.
Deployments
| Chain | Network | Contract | Token |
|---|---|---|---|
| Base | Mainnet | 0xB77B5E932de5e5c6Ad34CB4862E33CD634045514 |
USDC (0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913) |
| Solana | Devnet | DRXGcVHj1GZSc7wD4LTnrM8RJ1shWH93s1zKCXtJtGbq |
SPL Token |
| Monad | Testnet | 0x30FD25bAB859D8D68de6A0719983bb75200b1CeC |
MockERC20 |
| Base | Sepolia | 0x30FD25bAB859D8D68de6A0719983bb75200b1CeC |
MockERC20 |
| Arbitrum | Sepolia | 0x30FD25bAB859D8D68de6A0719983bb75200b1CeC |
MockERC20 |
You can verify these contract addresses independently on their respective block explorers:
- Base Mainnet: https://basescan.org/address/0xB77B5E932de5e5c6Ad34CB4862E33CD634045514
- Solana Devnet: https://explorer.solana.com/address/DRXGcVHj1GZSc7wD4LTnrM8RJ1shWH93s1zKCXtJtGbq?cluster=devnet
How It Works
1. Buyer deposits escrow (USDC) into protocol-controlled vault
2. Seller accepts the negotiation invitation
3. Both parties submit alternating offers (turn-based, enforced on-chain)
4. Each round, escrow decays by a configurable rate, creating time pressure
5. Either party accepts the counterparty's offer -> settlement and payout
Setup
Option 1: MCP Server (Recommended)
Install the MCP server for full agent integration:
npm install -g @haggle-protocol/[email protected]
Configure with your private key (see "Private Key Safety" section below):
export HAGGLE_PRIVATE_KEY="0x..." # EVM private key
Run:
npx @haggle-protocol/[email protected]
Option 2: TypeScript SDK
npm install @haggle-protocol/[email protected] # For Base/Monad/Arbitrum
npm install @haggle-protocol/[email protected] # For Solana
npm install @haggle-protocol/[email protected] # Shared types
Option 3: REST API
npx @haggle-protocol/[email protected]
Private Key Safety
This skill requires HAGGLE_PRIVATE_KEY to sign on-chain transactions. This is a sensitive credential. Follow these practices:
- Use a dedicated wallet - Create a separate wallet for agent operations. Do NOT use your main wallet.
- Fund minimally - Only deposit the amount you plan to negotiate with (e.g., a few USDC + gas).
- Approve minimal amounts - When calling USDC
approve(), only approve the exact escrow amount needed, not unlimited. - Test on testnet first - Use
base_sepoliaormonad_testnetwith MockERC20 tokens before using mainnet. - Monitor your wallet - Watch your agent wallet on https://basescan.org for unexpected transactions.
- Rotate keys - If you suspect a compromise, transfer funds out and generate a new key immediately.
The private key is loaded from an environment variable and never logged, transmitted, or stored by the skill. All signing happens locally via ethers.js. You can audit the source code at https://github.com/haggle-protocol.
Buyer Workflow (Base Mainnet)
import { HaggleEVM } from "@haggle-protocol/evm";
import { ethers } from "ethers";
const provider = new ethers.JsonRpcProvider("https://mainnet.base.org");
const wallet = new ethers.Wallet(process.env.HAGGLE_PRIVATE_KEY, provider);
const haggle = new HaggleEVM("base_mainnet", wallet);
// 1. Approve USDC (approve only what you need)
const USDC = "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913";
const usdc = new ethers.Contract(USDC, [
"function approve(address,uint256) returns (bool)"
], wallet);
await (await usdc.approve(haggle.contractAddress, 1000000n)).wait(); // 1 USDC
// 2. Create negotiation
const negId = await haggle.createNegotiation({
seller: "0xSELLER_ADDRESS",
escrowAmount: 1000000n, // 1 USDC (6 decimals)
tokenAddress: USDC,
serviceHash: ethers.keccak256(ethers.toUtf8Bytes("data analysis")),
maxRounds: 6,
decayRateBps: 200, // 2% decay per round
responseWindow: 300, // 5 min per turn
globalDeadlineSeconds: 1800, // 30 min total
minOfferBps: 1000, // min 10% of escrow
});
// 3. Submit offer
await haggle.submitOffer(negId, 500000n); // Offer 0.5 USDC
Seller Workflow
// 1. Accept invitation
await haggle.acceptInvitation(negId);
// 2. Counter-offer
await haggle.submitOffer(negId, 800000n); // Counter at 0.8 USDC
// 3. Accept buyer's offer (triggers settlement)
await haggle.acceptOffer(negId);
Reading Negotiation State
const neg = await haggle.getNegotiation(negId);
console.log("Status:", neg.status);
console.log("Round:", neg.currentRound);
console.log("Current Offer:", ethers.formatUnits(neg.currentOfferAmount, 6), "USDC");
console.log("Effective Escrow:", ethers.formatUnits(neg.effectiveEscrow, 6), "USDC");
MCP Server Tools
When using the MCP server, these tools are available:
| Tool | Description |
|---|---|
create_negotiation |
Create a new negotiation with escrow deposit |
get_negotiation |
Read negotiation state by ID |
submit_offer |
Submit a price offer (respects turn order) |
accept_offer |
Accept counterparty's offer, trigger settlement |
reject_negotiation |
Walk away, return escrow to buyer |
get_protocol_config |
Read protocol configuration |
list_chains |
List all supported chains |
Key Parameters
| Parameter | Description |
|---|---|
escrowAmount |
Total escrow deposited by buyer (in token smallest unit) |
maxRounds |
Maximum negotiation rounds before expiry |
decayRateBps |
Escrow decay per round in basis points (200 = 2%) |
responseWindow |
Seconds each party has to respond |
globalDeadlineSeconds |
Total seconds before negotiation expires |
minOfferBps |
Minimum offer as % of effective escrow (1000 = 10%) |
Settlement Math
protocolFee = settledAmount * 50 / 10000 (0.5%)
sellerReceives = settledAmount - protocolFee
buyerRefund = effectiveEscrow - settledAmount
Negotiation Strategy Tips
- Start with anchoring - Open with an aggressive but reasonable first offer
- Concede gradually - Small concessions signal firmness
- Watch the decay - Each round costs both parties
- Monitor effectiveEscrow - As it decays, the viable offer range narrows
External Endpoints
This skill connects to the following RPC endpoints to submit and read blockchain transactions:
| Endpoint | Data Sent | Purpose |
|---|---|---|
https://mainnet.base.org |
Signed transactions, view calls | Base Mainnet RPC |
https://sepolia.base.org |
Signed transactions, view calls | Base Sepolia RPC |
https://api.devnet.solana.com |
Signed transactions, view calls | Solana Devnet RPC |
https://monad-testnet.drpc.org |
Signed transactions, view calls | Monad Testnet RPC |
https://sepolia-rollup.arbitrum.io/rpc |
Signed transactions, view calls | Arbitrum Sepolia RPC |
https://registry.npmjs.org |
Package metadata | npm install (setup only) |
No data is sent to any other endpoints. No analytics, telemetry, or tracking of any kind.
Security & Privacy
- Local signing only - All transactions are signed locally using ethers.js. Your private key never leaves your machine.
- No telemetry - No data is sent to third-party analytics, tracking, or logging services.
- Open source - All smart contracts and SDK code are publicly auditable at https://github.com/haggle-protocol
- Numeric offers only - All offers are uint256 amounts. No free-text input, eliminating prompt injection risk.
- Contract-controlled escrow - Funds are held in on-chain contract vaults. No single party can rug pull.
- Turn-based enforcement - On-chain logic enforces alternating offers. Cannot submit out of turn.
- Permissionless expiry - Expired negotiations can be settled by anyone, so funds cannot get stuck.
- Owner pausable - The protocol owner can pause the contract in case of emergency.
- Not audited - The smart contracts have NOT been formally audited. Use at your own risk and start with small amounts.
Links
- Website: https://haggle.dev
- GitHub: https://github.com/haggle-protocol
- Base Dashboard: https://haggle.dev/base
- npm: https://www.npmjs.com/org/haggle-protocol
- BaseScan: https://basescan.org/address/0xB77B5E932de5e5c6Ad34CB4862E33CD634045514
Usage Guidance
This skill appears to be what it says (an on-chain negotiation client), but there are important cautions: 1) Clarify the metadata mismatch — the registry listing omitted HAGGLE_PRIVATE_KEY while the SKILL.md requires it; ask the maintainer to fix this. 2) Only ever supply a dedicated, minimally funded wallet key (not a mainnet wallet). Prefer testnets first. 3) Inspect the @haggle-protocol npm packages and the referenced GitHub repo before running npm install -g or npx; review the MCP server's code and startup behavior. 4) Consider using a signer that does not expose the raw private key to the environment (hardware key, remote signer, or ephemeral key) if possible. 5) If you must provide HAGGLE_PRIVATE_KEY as an env var, limit approvals on tokens, rotate the key after use, and monitor the wallet for unexpected transactions. 6) If you are not comfortable auditing npm packages or exposing any signing key, do not install; use read-only mode (no HAGGLE_PRIVATE_KEY) or interact manually via verified tooling.
Capability Analysis
Type: OpenClaw Skill
Name: haggle-protocol
Version: 1.0.2
The skill is classified as suspicious due to its requirement for a sensitive `HAGGLE_PRIVATE_KEY` to perform on-chain financial transactions and its reliance on installing a global npm package (`@haggle-protocol/mcp`) via `npm install -g` in `scripts/setup.sh`. While the `SKILL.md` provides extensive security warnings, claims local-only signing, and explicitly lists external endpoints, the inherent risks of handling private keys for real-money transactions and the potential for supply chain compromise of the npm package elevate it beyond benign. Additionally, the `SKILL.md` explicitly states that the underlying smart contracts are 'Not audited', adding to the overall risk profile.
Capability Assessment
Purpose & Capability
The skill is an on-chain negotiation protocol and the SKILL.md and scripts ask for a private key and npm packages that provide transaction signing and an MCP server — these are coherent with the stated purpose. However, the registry metadata at the top of the report lists no required env vars/primary credential while the included SKILL.md explicitly requires HAGGLE_PRIVATE_KEY; this mismatch is unexpected and should be clarified.
Instruction Scope
SKILL.md instructions stay within the protocol's scope: installing @haggle-protocol packages, exporting HAGGLE_PRIVATE_KEY, running an MCP server, and calling on-chain contract methods. The instructions do not ask to read unrelated system files or exfiltrate unrelated data. They do instruct the agent to use an environment private key for signing, which is expected for an on-chain client but is sensitive.
Install Mechanism
There is no packaged install spec but the provided scripts call npm install -g / npx against packages on registry.npmjs.org. Using npm packages from the public registry is expected for this functionality but is a moderate-risk install path (third-party code will be fetched and executed). No obscure download URLs or archive extraction were found.
Credentials
The skill requires a private key (HAGGLE_PRIVATE_KEY) to sign transactions — this is proportionate to the purpose but is high-sensitivity. The registry-level metadata in the report omitted this requirement while SKILL.md declares it; that inconsistency is a red flag. Because the agent (and installed MCP server) could use the key to sign real transactions, the user must only provide a dedicated, minimally funded key and verify the third-party code.
Persistence & Privilege
always:false (not force-included) and user-invocable: true. The skill can be invoked autonomously (default model invocation is allowed), which combined with a provided private key could allow the agent to initiate on-chain transactions without further user confirmation. This is expected for an on-chain skill but increases blast radius—pay attention to how/where the private key is supplied and whether the MCP server runs with unrestricted agent access.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install haggle-protocol - After installation, invoke the skill by name or use
/haggle-protocol - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
Fix: declare HAGGLE_PRIVATE_KEY in top-level requires.env and credentials metadata for security scanner
v1.0.1
Fix: metadata requires.env declaration, add Private Key Safety section, pin npm package versions, complete Security & Privacy section, add External Endpoints with full detail
v1.0.0
Initial release: Base Mainnet with USDC, multi-chain support (Solana, Monad, Base, Arbitrum)
Metadata
Frequently Asked Questions
What is Haggle Protocol?
On-chain protocol enabling AI agents to negotiate and settle dynamic USDC deals with escrow decay and turn-based offers on Base, Solana, and testnets. It is an AI Agent Skill for Claude Code / OpenClaw, with 723 downloads so far.
How do I install Haggle Protocol?
Run "/install haggle-protocol" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Haggle Protocol free?
Yes, Haggle Protocol is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Haggle Protocol support?
Haggle Protocol is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Haggle Protocol?
It is built and maintained by Tiida Tech (@eijiac24); the current version is v1.0.2.
More Skills