← Back to Skills Marketplace
rayc0

Openclaw Pqsafe

by rayc0 · GitHub ↗ · v0.1.0 · MIT-0
macoslinuxwindows ⚠ suspicious
54
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install pqsafe-pay-v1
Description
Post-quantum signed SpendEnvelopes for AI agent payments. ML-DSA-65 (NIST FIPS 204) signatures over Airwallex, Wise, Stripe, USDC-Base, and x402 rails.
README (SKILL.md)

PQSafe Post-Quantum Payment Skill (pqsafe.pay.v1)

Post-quantum signed SpendEnvelopes for AI agent payments. ML-DSA-65 (NIST FIPS 204) signatures over Airwallex, Wise, Stripe, USDC-Base, and x402 rails.

Quick Start

npm install @pqsafe/openclaw

import { OpenClawClient } from "@openclaw/sdk";
import "@pqsafe/openclaw"; // registers pqsafe.pay.v1

const claw = new OpenClawClient();

const envelope = await claw.invoke("pqsafe.pay.v1/create_envelope", {
  agentId:   "agent_my_bot_v1",
  payerId:   "payer_usr_abc123",
  maxAmount: "100.00",
  currency:  "USD",
  rail:      "wise",
  expiresAt: "2026-12-31T23:59:59Z",
});

Set PQSAFE_TEST_MODE=true for local development — no real keys or network calls required.

Operations

Operation Description
create_envelope Issue a new ML-DSA-65 signed SpendEnvelope with spend cap, rail, and expiry
verify_envelope Verify signature integrity, expiry, nonce uniqueness, and key ID validity
revoke_envelope Append envelope ID to the real-time revocation list (append-only, timestamped)

Security Model

  • HSM-backed signing keys — ML-DSA-65 private keys are generated and stored in hardware security modules; they never leave the PQSafe key service
  • Single-use nonce — each envelope carries a 256-bit random nonce; replay attacks are rejected at the verify layer
  • Expiry enforced in signed payloadexpiresAt is part of the signed content; an attacker cannot extend expiry without invalidating the signature
  • Real-time revocation listrevoke_envelope appends to a low-latency revocation list checked on every verify_envelope call
  • Append-only audit log — all create, verify, and revoke events are timestamped and written to an immutable audit log
  • JCS-canonical signing — payload serialized in JSON Canonicalization Scheme form (RFC 8785) before signing, eliminating signature ambiguity from key ordering or whitespace variation

Supported Rails

Rail Status Currency
airwallex LIVE sandbox Multi-currency (real test transfers)
wise LIVE sandbox 40+ fiat currencies (real test transfers)
stripe mock-ready USD + 135 others
usdc-base mock-ready USDC
x402 mock-ready USDC + ETH

LIVE sandbox = validated end-to-end with sandbox rails. Mock-ready = SpendEnvelope creation and verification are fully functional; live rail integration is in progress.

ML-DSA-65 Parameters

Parameter Value
Standard NIST FIPS 204
Security level NIST Level 3
Public key size 1,952 bytes
Secret key size 4,032 bytes
Signature size 3,309 bytes
Hardness assumption Module-LWE + Module-SIS

Links

License

Apache-2.0 — Security disclosures: [email protected]

Usage Guidance
Review this skill before installing for production payments. Confirm whether it is supposed to use PQSAFE_API_KEY/HSM signing or local dsaSecretKey signing, and do not place private payment signing keys in agent-accessible inputs unless you have strict approval and logging controls. If you proceed, start with PQSAFE_TEST_MODE=true, pin the npm package version, use small spend caps, short expirations, recipient allowlists, and require human approval for create and revoke operations.
Capability Analysis
Type: OpenClaw Skill Name: pqsafe-pay-v1 Version: 0.1.0 The skill bundle provides a legitimate implementation for post-quantum signed payment envelopes for AI agents using the ML-DSA-65 (NIST FIPS 204) standard. It enables agents to create, verify, and revoke 'SpendEnvelopes' for various payment rails like Wise and Stripe. Analysis of `src/index.ts` and `dist/index.js` confirms that cryptographic signing is performed locally using the `@noble/post-quantum` library, and sensitive secret keys are never exfiltrated to the PQSafe API (https://api.pqsafe.xyz/v1). The bundle is well-documented, includes a comprehensive test suite (`tests/skill.test.ts`), and shows no signs of malicious intent or prompt-injection vulnerabilities.
Capability Tags
cryptocan-make-purchasesrequires-oauth-tokenrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
The stated purpose and code are coherent for creating, verifying, and revoking signed payment SpendEnvelopes, but this is inherently high-impact because envelopes authorize agent spending.
Instruction Scope
The operation schemas include useful limits such as maxAmount, allowedRecipients, TTL, and rail, but the artifacts do not show an explicit human-approval gate before creating a spend envelope or revoking one.
Install Mechanism
The registry says there is no install spec, while SKILL.md and package files describe an npm plugin. This appears to be a standard npm install with no lifecycle scripts shown, but users should verify the package provenance.
Credentials
The registry/SKILL metadata declares PQSAFE_API_KEY and an HSM/key-ID model, while the runnable code requires a raw dsaSecretKey/dsaPublicKey as operation input for production signing.
Persistence & Privilege
Revocation is described as immediate/irreversible and sends a signed envelope plus optional reason to the PQSafe API; this is expected for revocation but can disclose payment metadata.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install pqsafe-pay-v1
  3. After installation, invoke the skill by name or use /pqsafe-pay-v1
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release
Metadata
Slug pqsafe-pay-v1
Version 0.1.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Openclaw Pqsafe?

Post-quantum signed SpendEnvelopes for AI agent payments. ML-DSA-65 (NIST FIPS 204) signatures over Airwallex, Wise, Stripe, USDC-Base, and x402 rails. It is an AI Agent Skill for Claude Code / OpenClaw, with 54 downloads so far.

How do I install Openclaw Pqsafe?

Run "/install pqsafe-pay-v1" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Openclaw Pqsafe free?

Yes, Openclaw Pqsafe is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Openclaw Pqsafe support?

Openclaw Pqsafe is cross-platform and runs anywhere OpenClaw / Claude Code is available (macos, linux, windows).

Who created Openclaw Pqsafe?

It is built and maintained by rayc0 (@rayc0); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments