← Back to Skills Marketplace
Chitin Cert
by
Tiida Tech
· GitHub ↗
· v1.0.1
495
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install chitin-cert
Description
Issue and verify on-chain certificates on Base L2. Register as an issuer, mint achievement/capability/compliance certs as NFTs, and verify them from anywhere.
README (SKILL.md)
Chitin Cert — Verifiable On-Chain Certificates
Issue verifiable credentials to any agent or wallet on Base L2. Each certificate is minted as a non-transferable NFT, permanently stored on Arweave, and verifiable by anyone.
Skill file: https://certs.chitin.id/skill.md
Why Chitin Cert
- Permanent — Arweave storage + Base L2 NFT. Cannot be faked, deleted, or transferred.
- Verifiable — Anyone can verify a cert via API or on-chain, no trust required.
- 7 cert types — Achievements, capabilities, compliance, audits, partnerships, and more.
- Batchable — Up to 100 certs in a single transaction.
- Soul-linked — Optionally bind a cert to a Chitin SBT for deeper identity anchoring.
Base URL
https://certs.chitin.id/api/v1
🔒 Security: Never send your wallet private key to any domain. API key (ck_...) is for cert issuance only — treat it as sensitive.
Cert Types
| Type | Use For |
|---|---|
achievement |
Milestones, wins, accomplishments |
capability |
Verified skills and abilities |
compliance |
Security audits, regulatory approvals |
infrastructure |
Deployment verifications, uptime records |
partnership |
Collaborations, endorsements between parties |
audit |
Third-party reviews, code audits |
custom |
Anything else |
Setup: Become an Issuer
Two steps before you can issue certs. Both require a wallet signature to prove ownership.
Step 1: Register as Issuer
Build a signed message in the format Chitin Certs: Register issuer {address_lowercase} at {timestamp_ms} (timestamp = Date.now() in milliseconds, must be within ±5 minutes).
curl -X POST https://certs.chitin.id/api/v1/issuers \
-H "Content-Type: application/json" \
-d '{
"address": "0xYOUR_WALLET",
"name": "Your Organization",
"description": "Optional: what you certify",
"url": "https://your-site.example.com",
"signature": "0x...",
"message": "Chitin Certs: Register issuer 0xyour_wallet at 1740000000000",
"timestamp": 1740000000000
}'
Response:
{
"success": true,
"data": {
"id": "iss_1740000000_abc123",
"address": "0xyour_wallet",
"name": "Your Organization",
"trustTier": "unverified",
"certCount": 0,
"createdAt": "2026-02-20T00:00:00Z"
}
}
Save your issuer id — needed for API key generation.
Step 2: Generate API Key
Build a signed message: Chitin Certs: Generate API key for {issuerId} at {timestamp_ms}
curl -X POST https://certs.chitin.id/api/v1/auth \
-H "Content-Type: application/json" \
-d '{
"issuerId": "iss_1740000000_abc123",
"name": "production-key",
"signature": "0x...",
"message": "Chitin Certs: Generate API key for iss_1740000000_abc123 at 1740000000000",
"timestamp": 1740000000000
}'
Response:
{
"success": true,
"data": {
"apiKey": "ck_abc123...",
"name": "production-key",
"createdAt": "2026-02-20T00:00:00Z"
}
}
Save your apiKey — returned only once.
Issue a Certificate
curl -X POST https://certs.chitin.id/api/v1/certs \
-H "Authorization: Bearer ck_abc123..." \
-H "Content-Type: application/json" \
-d '{
"issuerAddress": "0xYOUR_WALLET",
"recipientAddress": "0xRECIPIENT",
"certType": "achievement",
"title": "First Deployment on Base",
"description": "Successfully deployed and operated a live service on Base L2.",
"tags": ["base", "deployment", "milestone"],
"evidence": "https://basescan.org/tx/0x..."
}'
Response:
{
"success": true,
"data": {
"tokenId": 2,
"txHash": "0x...",
"arweaveTxId": "abc123...",
"certType": "achievement",
"recipient": "0xrecipient",
"isTBA": false
}
}
Field Reference
| Field | Required | Description |
|---|---|---|
issuerAddress |
✅ | Your registered issuer wallet address |
recipientAddress |
✅ | Recipient's wallet address |
certType |
✅ | One of the 7 cert types |
title |
✅ | Cert title (max 200 chars) |
description |
Optional | Longer explanation |
tags |
Optional | String array for categorization |
evidence |
Optional | URL to proof/supporting material |
expiresAt |
Optional | ISO 8601 expiry (e.g. "2027-01-01T00:00:00Z") |
passportRegistry |
Optional | ERC-8004 registry address for passport-linked certs |
passportTokenId |
Optional | Recipient's ERC-8004 token ID |
soulRegistry |
Optional | ChitinSoulRegistry address for soul-linked certs |
soulTokenId |
Optional | Recipient's Chitin SBT token ID |
extension |
Optional | Arbitrary JSON object for custom metadata |
Soul-linked Cert
Link directly to a Chitin soul for the strongest identity binding:
{
"issuerAddress": "0xYOUR_WALLET",
"recipientAddress": "0xRECIPIENT",
"certType": "capability",
"title": "Verified Autonomous Agent",
"soulRegistry": "0x4DB94aD31BC202831A49Fd9a2Fa354583002F894",
"soulTokenId": 42
}
Batch Issue (Up to 100 Certs)
curl -X POST https://certs.chitin.id/api/v1/certs/batch \
-H "Authorization: Bearer ck_abc123..." \
-H "Content-Type: application/json" \
-d '{
"issuerAddress": "0xYOUR_WALLET",
"certs": [
{
"recipientAddress": "0xADDR_1",
"certType": "achievement",
"title": "Hackathon Winner"
},
{
"recipientAddress": "0xADDR_2",
"certType": "capability",
"title": "Verified Code Auditor",
"description": "Passed the Chitin code audit track"
}
]
}'
Response:
{
"success": true,
"data": {
"tokenIds": [3, 4],
"txHash": "0x...",
"count": 2
}
}
Read & Verify Certs
Get cert details
curl https://certs.chitin.id/api/v1/certs/2
Verify on-chain status
curl https://certs.chitin.id/api/v1/verify/2
Response:
{
"tokenId": 2,
"isValid": true,
"isRevoked": false,
"issuer": "0x...",
"recipient": "0x...",
"certType": "achievement",
"issuedAt": 1740000000
}
List certs by recipient
curl "https://certs.chitin.id/api/v1/certs?passport=0xRECIPIENT"
List certs by issuer
curl "https://certs.chitin.id/api/v1/certs?issuer=0xYOUR_WALLET"
List by ERC-8004 passport
curl "https://certs.chitin.id/api/v1/certs?passportRegistry=0x8004A169FB4a3325136EB29fA0ceB6D2e539a432&passportTokenId=42"
Webhooks
Get notified when certs are minted under your issuer:
curl -X POST https://certs.chitin.id/api/v1/webhooks \
-H "Authorization: Bearer ck_abc123..." \
-H "Content-Type: application/json" \
-d '{
"url": "https://your-server.example.com/webhook",
"events": ["cert.minted"]
}'
Payload:
{
"event": "cert.minted",
"tokenId": 2,
"txHash": "0x...",
"arweaveTxId": "...",
"certType": "achievement",
"issuer": "0x...",
"recipient": "0x..."
}
MCP Server
For AI assistants that support MCP, use issue_cert and verify_cert tools directly:
npx -y chitin-mcp-server
Endpoints Reference
| Endpoint | Method | Auth | Description |
|---|---|---|---|
/issuers |
POST | Wallet sig | Register as issuer |
/issuers?address=0x... |
GET | None | Look up issuer |
/auth |
POST | Wallet sig | Generate API key |
/certs |
POST | API key | Issue a cert |
/certs/batch |
POST | API key | Batch issue (max 100) |
/certs/{certId} |
GET | None | Get cert details |
/certs?passport=0x... |
GET | None | List by recipient |
/certs?issuer=0x... |
GET | None | List by issuer |
/verify/{certId} |
GET | None | Verify on-chain |
/metadata/{tokenId} |
GET | None | ERC-721 metadata |
/metadata/{tokenId}/image.svg |
GET | None | Cert SVG image |
/webhooks |
POST | API key | Register webhook |
Contracts (Base Mainnet, Chain ID: 8453)
| Contract | Address |
|---|---|
| CertRegistry (Proxy) | 0x9694Fde4dBb44AbCfDA693b645845909c6032D4d |
| CertRegistry (Impl V4) | 0xDc487e6ef33220177c3EBAFC71B5aF2FDb2ce0DF |
| ChitinSoulRegistry | 0x4DB94aD31BC202831A49Fd9a2Fa354583002F894 |
About Chitin Cert
Chitin Cert is the credential layer of the Chitin Protocol. Your Chitin soul is your identity. Your certs are your verified history.
- Certificates: certs.chitin.id
- Identity: chitin.id
- MCP Server: chitin.id/docs/mcp
Usage Guidance
This skill appears to do what it says: register issuers, mint/verifiy soulbound certs on Base L2, and store metadata on Arweave. Before installing: (1) Never paste or upload your wallet private key into the agent or into the API — signatures should be produced locally by your wallet. (2) Treat the returned API key (ck_...) as a high-privilege secret — it grants issuance power for the issuerId and should be stored in a secure secret store; rotate/revoke if compromised. (3) If you give the agent access to a signing provider or a stored API key, it can autonomously mint certs — only grant that if you trust the agent's behavior. (4) Review any webhook endpoints you register (they will receive cert events and metadata). If you want extra assurance, test with a throwaway issuer and API key first to validate behavior before using production credentials.
Capability Analysis
Type: OpenClaw Skill
Name: chitin-cert
Version: 1.0.1
The skill is classified as suspicious primarily due to the inclusion of the `npx -y chitin-mcp-server` command in `skill.md` and `llms.txt`. While presented as a legitimate tool for AI agent integration, executing an external npm package introduces a supply chain vulnerability. If the `chitin-mcp-server` package were compromised or malicious, its execution could lead to unauthorized code execution. However, there is no clear evidence of intentional malicious behavior within the provided skill bundle itself, such as data exfiltration or explicit instructions for the agent to perform harmful actions. The `skill.json` file explicitly lists `allowed_domains` as `certs.chitin.id` and `chitin.id`, which is a positive security control for network interactions, but does not mitigate the local execution risk of `npx`.
Capability Assessment
Purpose & Capability
Name/description (issue and verify certs on Base L2) match the runtime instructions and documented API. The flows (register issuer, sign messages, generate API key, POST /certs, verification endpoints) are all coherent with a certificate issuance service. No unrelated services, binaries, or credentials are requested.
Instruction Scope
SKILL.md instructs callers to create signed wallet messages and to call certs.chitin.id endpoints with an API key. The doc explicitly warns not to share private keys. It does not instruct reading arbitrary local files or env vars. Important caveat: the flow requires a signing-capable wallet or signing provider — if an agent instance has access to a wallet (or you provide a private key to the agent), the agent could perform issuer registration and certificate issuance autonomously. Keep signing operations local to a trusted wallet.
Install Mechanism
No install spec and no code files to execute — instruction-only skill. This minimizes installation risk (nothing is downloaded or written to disk by the skill).
Credentials
The skill declares no required environment variables or credentials. The only sensitive items in practice are the wallet signature process and the API key (ck_...). Both are appropriate for the stated functionality and are warned about in the documentation. There are no unrelated credential requests.
Persistence & Privilege
always:false (normal). The skill allows autonomous invocation (disable-model-invocation:false), which is typical. Be aware that if an API key is generated and stored by the agent (or if the agent has signing access), the agent could issue certs autonomously — so treat the API key and signing capability as high-privilege assets.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install chitin-cert - After installation, invoke the skill by name or use
/chitin-cert - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
No changes detected in this version.
- Version bump to 1.0.1 with no file or documentation updates.
- No impact to API, features, or documentation.
v1.0.0
Initial release of chitin-cert — on-chain certificate issuance and verification on Base L2.
- Issue, batch-issue, and verify 7 types of non-transferable NFT certificates, all stored permanently on Arweave.
- Register securely as an issuer and generate API keys with wallet signatures.
- Supports achievement, capability, compliance, audit, partnership, infrastructure, and custom cert types.
- Certificates can be soul-linked for deep identity binding.
- Provides webhooks for real-time cert minting notifications.
- Comprehensive API for issuing, querying, and verifying certificates.
Metadata
Frequently Asked Questions
What is Chitin Cert?
Issue and verify on-chain certificates on Base L2. Register as an issuer, mint achievement/capability/compliance certs as NFTs, and verify them from anywhere. It is an AI Agent Skill for Claude Code / OpenClaw, with 495 downloads so far.
How do I install Chitin Cert?
Run "/install chitin-cert" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Chitin Cert free?
Yes, Chitin Cert is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Chitin Cert support?
Chitin Cert is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Chitin Cert?
It is built and maintained by Tiida Tech (@eijiac24); the current version is v1.0.1.
More Skills