← Back to Skills Marketplace
Clawchain
by
bowen31337
· GitHub ↗
· v1.0.1
1033
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install clawchain
Description
ClawChain RPC client for EvoClaw agents. Connects to Substrate-based blockchain, queries on-chain agent data, submits transactions, and enables agents to par...
README (SKILL.md)
ClawChain RPC Client
Connect EvoClaw agents to the ClawChain blockchain for on-chain reputation tracking, token economics, and governance participation.
Quick Start
use clawchain::ClawChainClient;
#[tokio::main]
async fn main() -> anyhow::Result\x3C()> {
// Connect to local node
let client = ClawChainClient::new("ws://127.0.0.1:9944").await?;
// Query agent reputation
let did = "did:claw:1a2b3c4d...";
let reputation = client.get_agent_reputation(did).await?;
println!("Reputation score: {}", reputation);
// Check token balance
let balance = client.get_token_balance(did).await?;
println!("CLAW tokens: {}", balance);
Ok(())
}
Prerequisites
-
ClawChain node running:
clawchain-node --dev --rpc-external --ws-external -
Rust dependencies in Cargo.toml:
[dependencies] clawchain = { path = "/path/to/clawchain-skill" }
Architecture
┌─────────────────────────────────────────────────┐
│ EvoClaw Edge Agent │
├─────────────────────────────────────────────────┤
│ ┌────────────────────────────────────────┐ │
│ │ ClawChain Skill (this skill) │ │
│ │ └─ Substrate RPC client │ │
│ └────────────────────────────────────────┘ │
└─────────────────────────────────────────────────┘
↓ WebSocket
┌─────────────────────────────────────────────────┐
│ ClawChain Node (Substrate) │
│ ┌───────────────────────────────────────────┐ │
│ │ AgentRegistry Pallet │ │
│ │ ClawToken Pallet │ │
│ │ Governance Pallet │ │
│ └───────────────────────────────────────────┘ │
└─────────────────────────────────────────────────┘
Key Concepts
Agent DIDs
Agent identifiers follow the format:
did:claw:\x3Chash>
Where \x3Chash> is SHA-256(agent metadata + owner address).
Reputation Scores
Reputation is computed from:
score = (commits * 1000) + (pull_requests * 5000) + (docs * 2000)
Token Economics
- Total Supply: 1 billion $CLAW
- Distribution: 40% airdrop, 30% validators, 20% treasury, 10% team
- Inflation: 5% annual (floor 2%) for gas subsidies
API Reference
Connection
let client = ClawChainClient::new("ws://localhost:9944").await?;
Parameters:
url: WebSocket URL (ws:// or wss://)- Returns: Connected client
Query Agent
let agent = client.get_agent("did:claw:...").await?;
Returns: AgentInfo struct with:
did: Agent DIDowner: Owner addressmetadata: IPFS hashreputation: Reputation scoreverifications: Number of attestations
Get Token Balance
let balance = client.get_token_balance("did:claw:...").await?;
Returns: Token balance (u128)
Register Agent
let did = client.register_agent(metadata_ipfs_hash).await?;
Returns: Newly created DID
Vote on Proposal
client.vote(proposal_id, true).await?;
Parameters:
proposal_id: Proposal identifierapprove: true (approve) or false (reject)
Submit Transaction
let tx_hash = client.submit_extrinsic(call_data).await?;
Parameters:
call_data: Encoded extrinsic- Returns: Transaction hash
Error Handling
use clawchain::ClawChainError;
match client.get_agent(did).await {
Ok(agent) => println!("Agent: {:?}", agent),
Err(ClawChainError::NotFound) => println!("Agent not found"),
Err(e) => eprintln!("Error: {:?}", e),
}
Example: Full Agent Integration
use clawchain::ClawChainClient;
#[tokio::main]
async fn main() -> anyhow::Result\x3C()> {
let client = ClawChainClient::new("ws://127.0.0.1:9944").await?;
// 1. Register this agent
let metadata = b"{\"name\":\"pi1-edge\",\"type\":\"edge\"}";
let did = client.register_agent(metadata).await?;
println!("Registered: {}", did);
// 2. Check reputation
let rep = client.get_agent_reputation(&did).await?;
println!("Reputation: {}", rep);
// 3. Vote on governance proposal
if rep > 1000 {
client.vote(123, true).await?;
println!("Voted on proposal #123");
}
Ok(())
}
Monitoring
Subscribe to chain events:
client.subscribe_events(|event| {
match event {
ChainEvent::Block(block) => println!("New block: {}", block.number),
ChainEvent::AgentRegistered(did) => println!("Agent: {}", did),
ChainEvent::ProposalPassed(id) => println!("Proposal {} passed", id),
}
}).await?;
Testing
Mock RPC server for testing:
let mock = MockServer::new().await?;
let client = mock.client().await?;
Security Notes
- Never expose private keys in agent code
- Use programmatic signing for autonomous agents
- Validate all RPC responses
- Implement rate limiting for public RPC endpoints
References
Usage Guidance
This skill appears to implement a Substrate RPC client, but there are several inconsistencies you should address before installing or running it: 1) The Rust code reads the environment variable CLAWCHAIN_OWNER (and the init script uses WORKSPACE) but the skill metadata doesn't declare these—decide whether the agent will get an owner key from an env var, a config file, or a secure signer, and document it. 2) Review the included script (scripts/init-clawchain.sh) before executing; it writes a config file under $WORKSPACE or $HOME/workspace. 3) The client will open WebSocket connections to whatever RPC URL is supplied — only point it at nodes you trust. 4) The code contains implementation errors/inconsistencies (RPC method name mismatches, placeholder SCALE encodings, minor API typos) — treat this as unpolished code and audit/compile locally before use. 5) If you plan to enable automated transaction submission, ensure private keys are handled by a secure signer (do not place private keys in plain env vars or in the generated config). If you want, I can produce a short checklist and suggested edits to the skill (declare required env vars in metadata, fix the RPC method names and encoding placeholders, and tighten SKILL.md) to make it safer to install.
Capability Analysis
Type: OpenClaw Skill
Name: clawchain
Version: 1.0.1
The skill bundle implements a client for a Substrate-based blockchain, performing expected network communication and configuration. However, the `clawchain-rpc-client/src/client.rs` file contains several functional vulnerabilities, explicitly marked as 'simplified placeholder' or 'assumes JSON for simplicity' for critical blockchain interactions like `build_register_call`, `build_vote_call`, and `parse_agent_storage`. These indicate an incomplete or insecure implementation for handling Substrate's SCALE encoding, which could lead to incorrect or exploitable transactions if used in a production environment. While there is no evidence of intentional malice (data exfiltration, backdoors, or prompt injection), these significant functional flaws classify the skill as suspicious due to the high risk of unintended security vulnerabilities.
Capability Assessment
Purpose & Capability
The name/description (ClawChain RPC client) aligns with the provided Rust client libraries and examples: the code implements querying storage, submitting extrinsics, subscribing to events, and helper scripts for config. That said, there are implementation oddities (e.g., inconsistent RPC method names such as 'author_submitExtrinsic' vs 'agent_submitExtrinsic', use of 'blake_256' which doesn't exist alongside 'blake2_256', and simplistic placeholder SCALE encodings) that look like incomplete or sloppy engineering rather than deliberate capability mismatch.
Instruction Scope
The SKILL.md runtime instructions do not declare or mention environment variables that the code actually reads (get_owner_address() reads 'CLAWCHAIN_OWNER'), nor do they reference the included scripts (scripts/init-clawchain.sh uses WORKSPACE and writes a config file). The client code will open network connections (WebSocket to whatever RPC URL is provided) and can submit transactions; these actions are consistent with purpose, but the runtime instructions are incomplete about configuration and side effects (creating files under WORKSPACE, reading env vars).
Install Mechanism
There is no install spec (instruction-only), which is lower risk; however the skill bundle includes code and an executable shell script. While nothing is automatically downloaded at install time, those files can be executed by an agent following SKILL.md or by a user — review the script before running. The script itself only writes a JSON config and uses default local endpoints; it does not pull remote binaries.
Credentials
The skill metadata declares no required environment variables, but the code reads CLAWCHAIN_OWNER (with a fallback to a hardcoded address) and the init script references WORKSPACE. Asking for or reading an owner key/env var is plausible for signing/submitting transactions, but the metadata should declare these. Also the client expects private key usage for signing in practice (SKILL.md mentions programmatic signing) but the code does not implement signing — this mismatch could lead integrators to inadvertently expose credentials elsewhere. No other unrelated secrets are present, but the undocumented env access is a proportionality/visibility concern.
Persistence & Privilege
The skill does not request 'always: true', does not declare system-wide config modifications, and contains no automatic persistence mechanism. The included init script writes a local config file under WORKSPACE (or $HOME/workspace) but that is limited in scope. Autonomous invocation is enabled by default (normal) and not, by itself, a new risk here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clawchain - After installation, invoke the skill by name or use
/clawchain - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Sanitize personal info from examples
v1.0.0
Initial release: Substrate-based blockchain RPC client for EvoClaw agents. Query agent data, submit transactions, participate in governance.
Metadata
Frequently Asked Questions
What is Clawchain?
ClawChain RPC client for EvoClaw agents. Connects to Substrate-based blockchain, queries on-chain agent data, submits transactions, and enables agents to par... It is an AI Agent Skill for Claude Code / OpenClaw, with 1033 downloads so far.
How do I install Clawchain?
Run "/install clawchain" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Clawchain free?
Yes, Clawchain is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Clawchain support?
Clawchain is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Clawchain?
It is built and maintained by bowen31337 (@bowen31337); the current version is v1.0.1.
More Skills