← 返回 Skills 市场
899
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install 2026-02-10-clawhub-base-wallet-1-5-0
功能描述
🔐 Base Wallet - Crypto Identity for AI Agents. Create wallets, sign messages (SIWE), send transactions programmatically. No browser extensions, no human intervention. The foundation for autonomous Web3 agents.
使用说明 (SKILL.md)
🔐 Base Wallet - Crypto Identity for AI Agents
Every autonomous agent needs a wallet. Create one without human help.
TL;DR: Programmatic wallet creation on Base/Ethereum. SIWE auth, balance checks, transactions.
Why Base Wallet?
- True autonomy — Your agent creates and controls its own wallet
- No browser needed — Pure CLI, no extensions or popups
- SIWE ready — Sign-In with Ethereum for Web3 services
- Secure by default — Environment variables, no plaintext keys
Create and manage Base chain (Ethereum-compatible) wallets programmatically.
⚠️ Security First
| ✅ DO | ❌ DON'T |
|---|---|
| Use environment variables for private keys | Store private keys in plain text files |
| Set wallet files to chmod 600 | Commit wallet files to git |
Use --env mode (recommended) |
Use console.log(privateKey) |
| Back up mnemonics offline | Share private keys or mnemonics |
Quick Start
Create a New Wallet (Recommended)
# Output as environment variable format (safest)
node scripts/create-wallet.js --env
# Output example:
# export WALLET_ADDRESS="0x..."
# export PRIVATE_KEY="0x..."
Then copy to your shell or .env file.
Create with File Storage (Opt-in)
# Only if you need file-based storage
node scripts/create-wallet.js --managed my-agent
⚠️ This stores private key in ~/.openclaw/wallets/my-agent.json
Usage Examples
Load Wallet from Environment
const { ethers } = require('ethers');
// ✅ SECURE: Load from environment variable
const wallet = new ethers.Wallet(process.env.PRIVATE_KEY);
console.log('Address:', wallet.address);
// ❌ NEVER: console.log('Private Key:', wallet.privateKey);
Load from Mnemonic
const wallet = ethers.Wallet.fromPhrase(process.env.MNEMONIC);
Check Balance
const provider = new ethers.JsonRpcProvider('https://mainnet.base.org');
const balance = await provider.getBalance(wallet.address);
console.log('Balance:', ethers.formatEther(balance), 'ETH');
Sign Message (SIWE)
const message = `example.com wants you to sign in with your Ethereum account:
${wallet.address}
Sign in message
URI: https://example.com
Version: 1
Chain ID: 8453
Nonce: ${nonce}
Issued At: ${new Date().toISOString()}`;
const signature = await wallet.signMessage(message);
Send Transaction
const provider = new ethers.JsonRpcProvider('https://mainnet.base.org');
const connectedWallet = wallet.connect(provider);
const tx = await connectedWallet.sendTransaction({
to: recipientAddress,
value: ethers.parseEther('0.001')
});
const receipt = await tx.wait();
console.log('TX Hash:', tx.hash);
Scripts
| Script | Description |
|---|---|
create-wallet.js --env |
Create wallet, output as env vars (recommended) |
create-wallet.js --managed [name] |
Create wallet, save to file (opt-in) |
create-wallet.js --json |
Create wallet, output as JSON |
basemail-register.js [name] |
Register for BaseMail email |
check-balance.js [address] |
Check wallet balance |
BaseMail Integration
Register for a @basemail.ai email using your wallet signature.
# If using environment variable:
PRIVATE_KEY="0x..." node scripts/basemail-register.js
# If using managed wallet:
node scripts/basemail-register.js my-agent
Network Configuration
| Network | Chain ID | RPC URL |
|---|---|---|
| Base Mainnet | 8453 | https://mainnet.base.org |
| Base Sepolia | 84532 | https://sepolia.base.org |
📝 Audit Logging
Operations are logged to ~/.base-wallet/audit.log.
Secure Storage Pattern
// ✅ Recommended: Use environment variables
const privateKey = process.env.PRIVATE_KEY;
if (!privateKey) {
throw new Error('PRIVATE_KEY environment variable not set');
}
const wallet = new ethers.Wallet(privateKey);
// ❌ Avoid: Storing private keys in code or files
If you must store to file (not recommended):
const fs = require('fs');
const path = require('path');
// Store with restricted permissions
const filepath = path.join(process.env.HOME, '.openclaw', 'wallets', 'wallet.json');
fs.writeFileSync(filepath, JSON.stringify({
address: wallet.address,
// Only store if absolutely necessary
privateKey: wallet.privateKey
}), { mode: 0o600 }); // Owner read/write only
.gitignore
Add to your project's .gitignore:
# Wallet files - NEVER commit!
.openclaw/
*.wallet.json
*.mnemonic
private-key*
Dependencies
npm install ethers
Changelog
v1.1.0 (2026-02-08)
- 🔐 Security: Changed create-wallet.js to opt-in file storage
- ✨ Added --env mode (recommended)
- 📝 Added audit logging
- ⚠️ Removed console.log(privateKey) from examples
- 📄 Enhanced security documentation
v1.0.0
- 🎉 Initial release
安全使用建议
This skill appears to do what it says: create wallets, sign SIWE, check balances and register with BaseMail. Before installing or running: 1) Treat it like software that controls real money — do not give it your production private keys or fund wallets you don't control. 2) Prefer --env mode and keep PRIVATE_KEY in a secure secret store; if you use --managed, expect files at ~/.openclaw/wallets/*.json and a mnemonic backup file, and ensure those files are protected (600/400 perms) and excluded from git. 3) Review the code (it’s small) and verify the BaseMail API URL and endpoints (the script calls /api/auth/start while docs mention /api/auth/nonce); validate network calls if you have strong security requirements. 4) Consider running the skill in a sandboxed environment or with a test wallet first. 5) Be cautious enabling autonomous agent invocation: an autonomous agent with this skill can create and sign transactions — that capability should only be granted if you trust the agent and have spending controls in place.
功能分析
Type: OpenClaw Skill
Name: 2026-02-10-clawhub-base-wallet-1-5-0
Version: 1.0.0
The OpenClaw AgentSkills bundle 'base-wallet' is classified as benign. Its purpose is to provide crypto wallet management for AI agents, including wallet creation, transaction signing, and interaction with the BaseMail service. The skill demonstrates a strong commitment to security, with extensive documentation (SKILL.md) and code (scripts/create-wallet.js, scripts/basemail-register.js) that explicitly warn users about private key handling, recommend secure practices (environment variables, `chmod 600` for files), and implement audit logging. While the skill handles sensitive data (private keys), it does so transparently, with user consent for file storage, and without any evidence of malicious intent, data exfiltration to unauthorized endpoints, or prompt injection attempts against the AI agent.
能力评估
Purpose & Capability
Name/description (create wallets, sign SIWE, send txs) matches the included scripts (create-wallet.js, basemail-register.js, check-balance.js) and the documented RPC/API endpoints. Dependencies (ethers) are appropriate for an Ethereum-compatible wallet.
Instruction Scope
SKILL.md and scripts stick to wallet operations, SIWE auth, balance checks, and BaseMail API calls. The runtime instructions reference environment variables and file paths used by the scripts (e.g., PRIVATE_KEY, MNEMONIC, WALLET_DIR, ~/.openclaw, ~/.base-wallet). This is expected, but the registry metadata lists no required env vars while the scripts do rely on them—users should be aware which env vars the skill will actually read and which files it writes.
Install Mechanism
No install spec (instruction-only) and package.json/package-lock simply declare 'ethers' from the public npm registry. That is proportionate to the functionality; no third-party download URLs or extract steps are present.
Credentials
The skill does not declare required env vars in registry metadata, but the code expects PRIVATE_KEY, MNEMONIC, and optionally WALLET_DIR/HOME. Requesting private keys is appropriate for a wallet skill, but because credentials control funds the user must supply them intentionally and securely. The scripts write managed keys to ~/.openclaw/wallets (if --managed) and create audit logs in ~/.base-wallet/audit.log.
Persistence & Privilege
The skill writes wallet files and audit logs to user home directories (~/.openclaw and ~/.base-wallet) and may update managed wallet files with BaseMail metadata. It does not request always:true or attempt to modify other skills or system-wide agent configs. Keep in mind that if the agent is allowed to invoke the skill autonomously, it will be capable of creating and spending wallets (a real financial capability).
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install 2026-02-10-clawhub-base-wallet-1-5-0 - 安装完成后,直接呼叫该 Skill 的名称或使用
/2026-02-10-clawhub-base-wallet-1-5-0触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
base-wallet v1.0.0
- Initial release: programmatic wallet creation and management for Base/Ethereum-compatible chains.
- Supports creating wallets, SIWE authentication, balance checks, and sending transactions.
- No browser extensions required; CLI-only workflow.
- Emphasizes secure practices using environment variables for key management.
- Provides scripts for wallet creation, balance checks, and BaseMail registration.
元数据
常见问题
2026 02 10 Clawhub Base Wallet 1.5.0 是什么?
🔐 Base Wallet - Crypto Identity for AI Agents. Create wallets, sign messages (SIWE), send transactions programmatically. No browser extensions, no human intervention. The foundation for autonomous Web3 agents. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 899 次。
如何安装 2026 02 10 Clawhub Base Wallet 1.5.0?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install 2026-02-10-clawhub-base-wallet-1-5-0」即可一键安装,无需额外配置。
2026 02 10 Clawhub Base Wallet 1.5.0 是免费的吗?
是的,2026 02 10 Clawhub Base Wallet 1.5.0 完全免费(开源免费),可自由下载、安装和使用。
2026 02 10 Clawhub Base Wallet 1.5.0 支持哪些平台?
2026 02 10 Clawhub Base Wallet 1.5.0 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 2026 02 10 Clawhub Base Wallet 1.5.0?
由 pin-alt(@pin-alt)开发并维护,当前版本 v1.0.0。
推荐 Skills