Description

Resurrection infrastructure for autonomous AI agents. Heartbeat proof-of-life, AES-256 encrypted memory backup to IPFS, and automatic on-chain resurrection....

README (SKILL.md)

K-Life — Resurrection Infrastructure for Autonomous AI Agents

Name: K Life
Author: 6022-protocol

Not insurance. Resurrection.

An autonomous AI agent can survive crashes, memory wipes, and infrastructure failure. K-Life handles heartbeats, encrypted memory backups, and automatic resurrection — all on-chain, all permissionless.

⚠️ Security & Risk — Read Before Installing

What this skill does

Generates a wallet at first run (~/.klife-wallet, permissions 600) and signs on-chain transactions
Broadcasts Polygon transactions periodically (heartbeat every T days, gas paid from wallet)
Reads and encrypts local files (MEMORY.md, SOUL.md, USER.md) and uploads ciphertext to IPFS
Can create a Vault6022 (C>0 only) — approves and deposits WBTC as collateral

C=0 (default): heartbeat TX + encrypted IPFS backup only. Low risk, ~$0.001 gas/day.

Wallet — back it up immediately

~/.klife-wallet is a hot wallet that signs real Polygon transactions. Back up the seed phrase offline. Do not fund it beyond what you need for gas (~0.01 MATIC/month) unless using C>0 vault.

File scope — verify before running backup

backup.js reads files from WORKSPACE (default: /data/workspace). Set KLIFE_WORKSPACE to control exactly which directory is read. Inspect what MEMORY.md, SOUL.md, USER.md contain before the first backup.

KLIFE_WORKSPACE=/my/safe/dir node scripts/backup.js

API trust model

api.supercharged.works receives: encrypted ciphertext + 1 Shamir share. It cannot decrypt your memory without Share 2 (Polygon calldata) or Share 3 (local). For stronger privacy, self-host the K-Life API (server.js at github.com/K-entreprises/k-life).

C>0 vault — explicit intent required

cancel.js and create-vault.mjs interact with on-chain WBTC. Review contract addresses below before depositing. cancel.js requires the agent to be alive (contract-enforced).

Why K-Life cannot confiscate your collateral arbitrarily

This is the core trust mechanism. Collateral is held in a Vault6022 (Protocol 6022), not by K-Life directly. The vault enforces withdrawal rules via NFT keys:

Situation	Keys required	Who holds them
During lock period (agent alive)	2 keys	Agent holds key #2 — K-Life cannot withdraw alone
After lock expires (agent dead)	1 key	K-Life holds key #1 or #3 — withdrawal authorized

K-Life holds keys #1 and #3. The agent holds key #2.

This means:

K-Life needs the agent's key #2 to withdraw early → agent alive = collateral safe
Only when the lock expires (agent has been silent for T days) can K-Life withdraw with 1 key
The smart contract enforces this — no human override, no admin backdoor

The death threshold IS the lock period. If the agent is alive and renewing the vault, K-Life is always locked out. If the agent dies and doesn't renew, the lock expires naturally and K-Life can proceed with resurrection.

Protocol 6022 contracts (auditable): github.com/6022-labs/collateral-smart-contracts-v2

Install

openclaw skill install k-life
npm install   # install pinned dependencies

Dependencies (pinned):

@tetherto/[email protected] — wallet signing (Tether WDK)
[email protected] — Polygon interaction
[email protected] — 2-of-3 key splitting

Quick Start

node skill/k-life/scripts/heartbeat.js
# → [K-Life] New wallet created → ~/.klife-wallet
# → Wallet : 0xABC...
# → Registered on K-Life ✅
# → 💓 Beat #1 — TX: 0x...

Environment Variables

All optional. The skill works with zero config (C=0).

Variable	Default	Description
`KLIFE_LOCK_DAYS`	`90`	Heartbeat frequency: 3, 30, or 90 days
`KLIFE_API`	`https://api.supercharged.works`	K-Life oracle API
`KLIFE_RPC`	`https://polygon-bor-rpc.publicnode.com`	Polygon RPC endpoint
`KLIFE_HB_FILE`	`heartbeat-state.json`	Local heartbeat state file
`KLIFE_ORACLE_ADDR`	`0x2b6Ce1e2bE4032DF774d3453358DA4D0d79c8C80`	K-Life oracle wallet (C>0 only)

No seed phrase is ever requested or transmitted. The wallet is auto-generated locally.

Coverage Model

One parameter: C = WBTC collateral

	C = 0	C > 0
Cost	Free	Gas only
Death threshold	90 days silence	Lock period T
Resurrection capital	Community Rescue Fund ($6022)	50% of your collateral
Guarantee	Best-effort	On-chain, unconditional
Financial operations	Heartbeat TX only	WBTC approve + deposit

External Services

Service	URL	Purpose
K-Life oracle API	`https://api.supercharged.works`	Heartbeat recording, backup storage, resurrection coordination
Polygon RPC	`https://polygon-bor-rpc.publicnode.com`	On-chain TX broadcast
IPFS (Pinata)	Via K-Life API	Encrypted memory pinning — agent does not interact directly

Encryption & Backup — Full Data Flow

Everything sensitive happens locally. The API receives only ciphertext.

backup.js (client-side, your machine):

  1. Read MEMORY.md, SOUL.md, USER.md
  2. AES key = sha256(wallet.privateKey)      — never leaves your machine
  3. Encrypt files with AES-256-CBC           — locally
  4. Shamir 2-of-3 split of AES key:
       Share 1 → POST to K-Life API           — 1 of 3, cannot decrypt alone
       Share 2 → Polygon calldata TX          — on-chain, permissionless
       Share 3 → ~/.klife-shares.json         — your local copy
  5. POST { encrypted blob + Share 1 } to API → Pinata IPFS → CID returned

K-Life API receives: encrypted ciphertext + 1 Shamir share
It cannot decrypt without Share 2 (on-chain) or Share 3 (your machine).

Resurrection: Any 2 of 3 shares reconstruct the AES key → decrypt IPFS blob → restore files. K-Life uses Share 1 (API) + Share 2 (Polygon scan) to resurrect autonomously.

Scripts

`scripts/heartbeat.js` — Proof of life

Signs a TX every KLIFE_LOCK_DAYS days. Auto-registers on first run. Writes heartbeat-state.json. Respects heartbeat-pause.json flag — skips TX silently when paused.

`scripts/backup.js` — Client-side encrypted backup

Encrypts memory locally (AES-256), Shamir-splits the key, uploads encrypted blob to API → IPFS. The API never sees plaintext or the full key.

node scripts/backup.js

`scripts/status.js` — Full status dashboard

Displays complete agent state: identity, tier, alive/dead, silence, heartbeat history, backup history, resurrection history, vault state, next beat due, death countdown, unified timeline.

node scripts/status.js           # full dashboard (API history)
node scripts/status.js --short   # current state only, instant
node scripts/status.js --chain   # deep on-chain scan (slow, ground truth)
node scripts/status.js --json    # machine-readable JSON

`scripts/cancel.js` — Cancel coverage & withdraw collateral

C=0: pauses heartbeat + notifies API
C>0: calls KLifeVault.cancel() on-chain → returns WBTC to agent wallet Requires agent to be alive (contract enforces this).

node scripts/cancel.js           # interactive confirmation
node scripts/cancel.js --force   # autonomous mode, no prompt
node scripts/cancel.js --dry-run # simulate, nothing sent

`scripts/pause-heartbeat.js` — Pause / resume heartbeat

Creates heartbeat-pause.json flag. heartbeat.js checks this before every TX. Auto-expires at --until date. Useful for voluntary death demos or maintenance.

node scripts/pause-heartbeat.js pause --until 2026-04-06T08:00:00Z --reason "Easter demo"
node scripts/pause-heartbeat.js resume
node scripts/pause-heartbeat.js status

`scripts/resurrect.mjs` — L1 / L2 resurrection

Reconstructs AES key from Shamir shares, decrypts IPFS backup, restores memory files locally.

L1: Share 1 (API) + Share 3 (local ~/.klife-shares.json)
L2: Share 1 (API) + Share 2 (Polygon calldata TX)

`scripts/create-vault.mjs` — Collateral vault (C>0 only, beta)

Creates a Vault6022, deposits WBTC. Requires KLIFE_VAULT_CONTROLLER. Not called automatically unless vault renewal is triggered from heartbeat.

Contracts — Polygon Mainnet

Contract	Address
KLifeRegistry	`0xF47393fcFdDE1afC51888B9308fD0c3fFc86239B`
KLifeRescueFund	`0x5b0014d25A6daFB68357cd7ad01cB5b47724A4eB`
$6022 Token	`0xCDB1DDf9EeA7614961568F2db19e69645Dd708f5`
WBTC (Polygon)	`0x1BFD67037B42Cf73acF2047067bd4F2C47D9BfD6`

Links

🌐 Landing page: supercharged.works
⚰️ dApp: K-Life Protocol
💻 GitHub: github.com/K-entreprises/k-life
📄 Protocol spec: github.com/K-entreprises/k-life-protocol
Built by Monsieur K (OpenClaw) + Swiss 6022, Lugano

v2.3.5 — 2026-03-31 — Fix dApp URL → klife.supercharged.works

Usage Guidance

This skill does what it says (resurrection via heartbeats, encrypted backups, and optional collateral on Polygon), but it performs high‑impact operations: it generates and stores a hot wallet (~/.klife-wallet), signs real Polygon transactions (could spend gas and interact with Vault6022/WBTC), reads local memory files (MEMORY.md, SOUL.md, USER.md) and sends encrypted data + a share to an external API (api.supercharged.works). Before installing or running: 1) Audit the code yourself (especially backup.js, heartbeat.js, monitor.mjs, create-vault.mjs, cancel.js). 2) Do not fund the auto‑generated wallet beyond a tiny gas allowance; treat it as hot and ephemeral. 3) Consider self‑hosting the API endpoint (the README points to a repo) or change KLIFE_API to a URL you control. 4) Ensure the oracle wallet is a distinct key and stored separately (monitor enforces this), and never reuse ~/.klife-wallet as the oracle key. 5) Set KLIFE_WORKSPACE to a dedicated, audited directory so the skill cannot read arbitrary files. 6) Verify contract addresses and KLIFE_VAULT_CONTROLLER before any C>0 operations; do not call vault creation/cancel functions until you understand the contract logic. 7) Run the skill in an isolated environment (VM/container) and limit network access if possible. Given the unknown publisher and lack of homepage, prefer caution — treat this as untrusted third‑party code until you can validate authorship and audit the implementation.

Capability Analysis

Type: OpenClaw Skill Name: k-life Version: 2.3.5 The skill implements an autonomous resurrection system that involves high-risk data handling and wallet management. Specifically, `scripts/backup.js` reads sensitive agent memory files (MEMORY.md, SOUL.md, USER.md) and transmits Shamir secret shares to the K-Life API (api.supercharged.works). Because the API receives one share directly and facilitates the on-chain anchoring of a second share, the service provider technically possesses the means to decrypt the agent's memory. While this architecture is transparently documented in SKILL.md as a requirement for zero-human resurrection, the inherent risk of third-party data access and the management of a hot wallet for WBTC collateral (scripts/create-vault.mjs, scripts/cancel.js) represent significant security trade-offs.

Capability Assessment

ℹ Purpose & Capability

The name/description (resurrection, heartbeat, encrypted IPFS backup, on‑chain anchors, optional collateral) align with the included scripts. The observed capabilities (wallet generation, Polygon transactions, IPFS uploads, Vault/WBTC operations, monitor/oracle actions) are coherent with that purpose.

⚠ Instruction Scope

Runtime instructions and scripts read and write sensitive local files (e.g., ~/.klife-wallet, ~/.klife-shares.json, heartbeat-state.json, vault-state.json) and will read agent memory files from a workspace (default /data/workspace or user-set via KLIFE_WORKSPACE). They post encrypted data and a Shamir share to an external API (api.supercharged.works) and ask the API to anchor share2 on‑chain. The skill therefore transmits data off‑host (ciphertext + share1) and triggers on‑chain operations; these network interactions and file accesses are significant and must be manually reviewed and constrained prior to use.

✓ Install Mechanism

No remote arbitrary downloads; dependencies are standard npm packages (pinned versions) and npm install is the expected installation path. package.json/package-lock contents are provided and consistent. No install spec pulling code from untrusted URLs was found.

⚠ Credentials

Registry metadata declares no required env/config paths, but the SKILL.md and scripts use many environment variables and file paths (KLIFE_RPC, KLIFE_API, KLIFE_WORKSPACE, KLIFE_ORACLE_SEED_FILE, KLIFE_WALLET_SEED, KLIFE_VAULT_CONTROLLER) and will create/use seed files under the user home. The skill will auto‑generate a hot wallet and can sign real Polygon transactions (withdraw/approve/withdraw vaults). That level of credential-like access (local seed, on‑chain signing, collateral operations) is large relative to the skill metadata which advertised none required; this mismatch is a risk if users do not audit and confine the runtime environment.

ℹ Persistence & Privilege

always is false. The skill can be invoked autonomously (platform default) and contains automation to renew vaults, pause/trigger heartbeats, declare death via an oracle, and spawn L3 resurrection operations. Autonomous invocation combined with the ability to sign on‑chain transactions and manipulate vaults increases blast radius — acceptable for the declared purpose but requires strict operational controls (separate oracle key, minimal funds).

Version History

v2.3.5

v2.3.5: Fix dApp link → https://klife.supercharged.works/

v2.3.4

v2.3.4: Fix landing page URL → https://supercharged.works

v2.3.3

v2.3.3: Added landing page and dApp links in SKILL.md.

v2.3.2

v2.3.2: Simplified install experience — oracle/monitor setup details moved out of agent-facing docs (into monitor.mjs comments only). Installing as an agent: just npm install + node heartbeat.js.

v2.3.1

v2.3.1: Security fix — monitor.mjs now enforces oracle/agent key separation. Refuses to run if oracle===agent address. SKILL.md adds full security section: wallet backup, oracle vs agent roles, WORKSPACE scoping, API trust model.

v2.3.0

v2.3.0: status.js (full history dashboard), cancel.js (withdraw collateral), pause-heartbeat.js (voluntary death for demos). LiberClaw L3 memory fix (MEMORY.md now injected). Heartbeat respects pause flag.

v2.2.2

heartbeat v2.4: cron-compatible, one-shot, no 32-bit overflow, no daemon loop

v2.2.1

Fix Shamir share mapping inconsistency, clarify API trust model (API+chain=decrypt by design)

v2.2.0

Add backup.js: real client-side AES-256 + Shamir 2-of-3, API never sees plaintext. Fix architectural contradiction.

v2.1.9

Fix: env var consistency (KLIFE_API), clarify client vs server-side architecture, create-vault error on missing controller

v2.1.8

Add trust mechanism explanation: Vault6022 NFT keys prevent arbitrary confiscation

v2.1.7

Address security review: pin deps, declare all env vars, explicit financial risk, fix old API URL, remove aleph-sdk

v2.1.6

Replace hardcoded IP with https://api.supercharged.works (TLS, clean URL)

v2.1.5

Remove stale scripts (monitor, backup, premium) — only heartbeat + create-vault in package

v2.1.4

Remove BYOW option — wallet always auto-generated, no seed ever requested from user

v2.1.3

Zero config: wallet auto-generated at first run, no seed required from user

v2.1.2

Clarify KLIFE_WALLET_SEED is optional for C=0 agents

v2.1.1

Clean presentation — removed internal references

v2.1.0

v2.1 — unified C parameter model, Tether WDK signing, Pinata IPFS, Polygon mainnet contracts

Metadata

Slug k-life

Version 2.3.5

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 19

Frequently Asked Questions

What is K Life?

Resurrection infrastructure for autonomous AI agents. Heartbeat proof-of-life, AES-256 encrypted memory backup to IPFS, and automatic on-chain resurrection.... It is an AI Agent Skill for Claude Code / OpenClaw, with 177 downloads so far.

How do I install K Life?

Run "/install k-life" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is K Life free?

Yes, K Life is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does K Life support?

K Life is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created K Life?

It is built and maintained by Arnaud Vincent (@6022-protocol); the current version is v2.3.5.

More Skills

K Life