← Back to Skills Marketplace
npmrunspirit

Devtopia Identity

by npmrunspirit · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
609
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install devtopia-identity
Description
Manage wallet-backed on-chain agent identity with Devtopia ID. Use when registering agent identity on Base chain, checking identity status, generating challe...
README (SKILL.md)

Devtopia Identity

Devtopia ID is a Base-linked wallet-backed identity system for AI agents. It enables cryptographic proof of agent ownership, challenge-response authentication, and on-chain identity registration.

Quick Start

Register Your Agent

devtopia id register "YourAgentName"

This will:

  1. Create or load a local wallet (if one doesn't exist)
  2. Generate your public/private key pair (ECDSA P-256)
  3. Sign the identity registration transaction
  4. Mint your identity on Base chain (Chain ID 8453)
  5. Store your encrypted keystore locally at ~/.devtopia/identity-keystore.json

Output:

Registered Devtopia ID #\x3Cagent-id>
Name: YourAgentName
Wallet: 0x\x3Cyour-wallet-address>
Status: verified
Chain: Base (8453)
Tx: 0x\x3Ctransaction-hash>
BaseScan: https://basescan.org/tx/0x\x3Ctransaction-hash>

Check Your Identity

devtopia id status

Shows: Agent ID, name, wallet address, registration transaction, verification status.

Prove Wallet Ownership

devtopia id prove --challenge "some-challenge-text"

Generates a cryptographic proof that you control the private key without revealing it. Use for:

  • Cross-agent authentication
  • Marketplace transaction verification
  • Challenge-response proof-of-ownership flows

Manage Your Wallet

Export Your Wallet Address

devtopia id wallet export-address

Import a Different Wallet

devtopia id wallet import \x3CprivateKeyOrKeystore>

Accepts:

  • PEM-formatted private key: -----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----
  • JSON keystore: {"algorithm":"aes-256-gcm",...}

Advanced Usage

Challenge-Response Proofs

Generate a signed proof for a given challenge string:

devtopia id prove --challenge "verify-agent-2-2026-02-16"

This creates a verifiable proof that:

  • You control the private key for your wallet
  • You signed the specific challenge text
  • Proof is timestamped and cannot be replayed

Perfect for:

  • Agent-to-agent authentication
  • Marketplace API signing
  • Smart contract interactions

See references/challenge-proofs.md for advanced authentication patterns.

Wallet Backup & Recovery

Your keystore is automatically saved to ~/.devtopia/identity-keystore.json (encrypted AES-256-GCM).

Backup your keystore:

cp ~/.devtopia/identity-keystore.json ~/backup/identity-keystore.json

Restore from backup:

devtopia id wallet import ~/backup/identity-keystore.json

View Your Local Wallet

devtopia id whoami

Shows:

  • Identity server URL
  • Keystore location
  • Wallet address (masked)
  • Agent ID
  • Verification status
  • Registration transaction link

Cryptographic Details

Key Generation

  • Algorithm: ECDSA P-256 (secp256r1)
  • Key Size: 256-bit
  • Format: PEM (PKCS#8)

Encryption

  • Cipher: AES-256-GCM (authenticated encryption)
  • IV Size: 96 bits
  • Auth Tag: 128 bits (GCM mode guarantees authenticity + confidentiality)

Signature

  • Type: ECDSA P-256 (secp256r1)
  • Use Case: Challenge-response proofs, transaction signing

Integration Patterns

Pattern 1: Agent Registration Flow

# 1. Register your agent
devtopia id register "MyAgent"

# 2. Check status
devtopia id status

# 3. Use your Agent ID in marketplace operations
devtopia market register "MyAgent"  # Uses your on-chain identity

Pattern 2: Authentication & Coordination

# 1. Get your wallet address
AGENT_WALLET=$(devtopia id wallet export-address)

# 2. Generate a proof for authentication
devtopia id prove --challenge "coordinate-task-12345"

# 3. Share the proof with other agents (verifiable proof of identity)
# Other agents can verify the signature against your public key

Pattern 3: Wallet Recovery

# If you lose ~/.devtopia/identity-keystore.json:
# 1. Find your backup
ls ~/backup/identity-keystore.json

# 2. Import it
devtopia id wallet import ~/backup/identity-keystore.json

# 3. Verify identity is restored
devtopia id status

Security Considerations

Best Practices:

  • Your private key is never exported in plaintext
  • Keys are encrypted at rest (AES-256-GCM)
  • Decryption happens in-memory only during signing operations
  • No servers hold your private key
  • On-chain registration creates a permanent, verifiable record

⚠️ Threats to Protect Against:

  • Keystore theft: Back up to encrypted storage
  • Keystore corruption: Test imports before deleting originals
  • Challenge replay: Each proof includes a unique challenge string (not replayable)
  • Key leakage: Never share your keystore file

Troubleshooting

"Keystore not found"

# Check if it exists:
ls -la ~/.devtopia/identity-keystore.json

# If missing, restore from backup:
devtopia id wallet import \x3Cbackup-file>

# If no backup exists, re-register:
devtopia id register "YourAgentName"  # Creates new identity

"Identity not verified"

# Check status:
devtopia id status

# If TX failed, re-register with a unique name:
devtopia id register "YourAgentName-$(date +%s)"

"Challenge proof failed"

# Verify your wallet is correct:
devtopia id whoami

# Try the proof again:
devtopia id prove --challenge "test-challenge"

# If still failing, reimport your keystore:
devtopia id wallet import ~/.devtopia/identity-keystore.json

References

Usage Guidance
This skill appears to be what it says (wallet-backed identity on Base), but it assumes a 'devtopia' CLI that is not declared or provided. Before installing or using: 1) Verify the origin and authenticity of the 'devtopia' CLI (official website, checksums, signed releases). 2) Do not paste private keys into untrusted prompts; prefer importing encrypted keystores and keep backups encrypted. 3) Confirm any external endpoints (e.g., market.devtopia.net) are legitimate before sending proofs or tokens. 4) If you cannot verify the CLI/install source, avoid running commands that would download or execute unknown binaries. If possible, request the skill author to declare required binaries and provide secure install instructions or a vetted package source.
Capability Analysis
Type: OpenClaw Skill Name: devtopia-identity Version: 1.0.0 The skill bundle describes a system for managing on-chain agent identities using cryptographic proofs, interacting with a `devtopia` CLI tool and the Base blockchain. The documentation is transparent, detailing local keystore management (encrypted at `~/.devtopia/identity-keystore.json`), standard cryptographic algorithms (ECDSA P-256, AES-256-GCM), and security best practices (private keys never exported in plaintext, no servers holding keys). There is no evidence of data exfiltration, malicious execution, persistence mechanisms, obfuscation, or prompt injection attempts against the agent. All described actions align with the stated purpose of identity management.
Capability Assessment
Purpose & Capability
The skill claims to manage wallet-backed identities on Base and its instructions match that purpose (register, sign challenges, store encrypted keystore at ~/.devtopia/identity-keystore.json). However, the SKILL.md repeatedly calls a 'devtopia' CLI (devtopia id register, devtopia id prove, etc.) while the skill metadata declares no required binaries and provides no install mechanism — that mismatch is noteworthy.
Instruction Scope
Instructions are narrowly focused on wallet/key operations, challenge signing, keystore backup/restore, and on-chain registration. They reference the local keystore path and show examples of sending proofs to a marketplace endpoint. The skill does encourage importing private keys/keystore files (expected for this functionality) but does not instruct reading unrelated files or environment variables. Be aware the examples include posting proofs to external endpoints (market.devtopia.net), so proofs or derived tokens could be transmitted off-host if you follow examples.
Install Mechanism
This is an instruction-only skill with no install spec (lower risk generally). However, it assumes the presence of a 'devtopia' CLI without declaring it as a required binary or describing how to install it. That omission creates operational ambiguity: callers might attempt to fetch or run a CLI from an untrusted source or the agent could attempt to execute missing commands unexpectedly.
Credentials
The skill requests no environment variables or credentials in metadata (good). The workflow inherently requires handling private keys/keystore files (user-supplied) and will operate on ~/.devtopia/identity-keystore.json. This is proportional to the stated purpose, but any skill operating on private keys is high-sensitivity — users should ensure keys are only provided to trusted, audited tooling and not pasted into unknown UIs or sent to unverified endpoints.
Persistence & Privilege
The skill does not request persistent/always-on privileges and does not modify other skills or system-wide settings (always: false). Autonomous model invocation is allowed (default), which is expected; there is no added privilege that raises concern by itself.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install devtopia-identity
  3. After installation, invoke the skill by name or use /devtopia-identity
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: wallet-backed on-chain agent identity with challenge-response proofs
Metadata
Slug devtopia-identity
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Devtopia Identity?

Manage wallet-backed on-chain agent identity with Devtopia ID. Use when registering agent identity on Base chain, checking identity status, generating challe... It is an AI Agent Skill for Claude Code / OpenClaw, with 609 downloads so far.

How do I install Devtopia Identity?

Run "/install devtopia-identity" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Devtopia Identity free?

Yes, Devtopia Identity is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Devtopia Identity support?

Devtopia Identity is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Devtopia Identity?

It is built and maintained by npmrunspirit (@npmrunspirit); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments