功能描述

Bitcoin L1 wallet for agents - check balances, send BTC, manage UTXOs. Extends to Stacks L2 (STX, DeFi) and Pillar smart wallets (sBTC yield).

使用说明 (SKILL.md)

AIBTC Bitcoin Wallet

Name: AIBTC Bitcoin Wallet
Author: whoabuddy

A skill for managing Bitcoin L1 wallets with optional Pillar smart wallet and Stacks L2 DeFi capabilities.

Install

One-command installation:

npx @aibtc/mcp-server@latest --install

For testnet:

npx @aibtc/mcp-server@latest --install --testnet

Quick Start

Check Balance

Get your Bitcoin balance:

"What's my BTC balance?"

Uses get_btc_balance - returns total, confirmed, and unconfirmed balances.

Check Fees

Get current network fee estimates:

"What are the current Bitcoin fees?"

Uses get_btc_fees - returns fast (~10 min), medium (~30 min), and slow (~1 hr) rates in sat/vB.

Send BTC

Transfer Bitcoin to an address:

"Send 50000 sats to bc1q..."
"Transfer 0.001 BTC with fast fees to bc1q..."

Uses transfer_btc - requires an unlocked wallet.

Wallet Setup

Before sending transactions, set up a wallet:

Create new wallet: wallet_create - generates encrypted BIP39 mnemonic
Import existing: wallet_import - import from mnemonic phrase
Unlock for use: wallet_unlock - required before transactions

Wallets are stored encrypted at ~/.aibtc/.

Tool Reference

Read Operations

Tool	Description	Parameters
`get_btc_balance`	Get BTC balance	`address` (optional; requires unlocked wallet if omitted)
`get_btc_fees`	Get fee estimates	None
`get_btc_utxos`	List UTXOs	`address` (optional; requires unlocked wallet if omitted), `confirmedOnly`

Write Operations (Wallet Required)

Tool	Description	Parameters
`transfer_btc`	Send BTC	`recipient`, `amount` (sats), `feeRate`

Wallet Management

Tool	Description
`wallet_create`	Generate new encrypted wallet
`wallet_import`	Import wallet from mnemonic
`wallet_unlock`	Unlock wallet for transactions
`wallet_lock`	Lock wallet (clear from memory)
`wallet_list`	List available wallets
`wallet_switch`	Switch active wallet
`wallet_status`	Get wallet/session status

Units and Addresses

Amounts: Always in satoshis (1 BTC = 100,000,000 satoshis)

Addresses:

Mainnet: bc1... (native SegWit)
Testnet: tb1...

Fee Rates: "fast", "medium", "slow", or custom sat/vB number

Example Workflows

Daily Balance Check

1. "What's my BTC balance?"
2. "Show my recent UTXOs"
3. "What are current fees?"

Send Payment

1. "Unlock my wallet" (provide password)
2. "Send 100000 sats to bc1qxyz... with medium fees"
3. "Lock my wallet"

Multi-Wallet Management

1. "List my wallets"
2. "Switch to trading wallet"
3. "Unlock it"
4. "Check balance"

Progressive Layers

This skill focuses on Bitcoin L1. Additional capabilities are organized by layer:

Stacks L2 (Layer 2)

Bitcoin L2 with smart contracts and DeFi:

STX token transfers
ALEX DEX token swaps
Zest Protocol lending/borrowing
x402 paid API endpoints (AI, storage, utilities) — safe-by-default with probe-before-pay workflow

See: references/stacks-defi.md

Pillar Smart Wallet (Layer 3)

sBTC smart wallet with yield automation:

Passkey or agent-signed transactions
Send to BNS names (alice.btc)
Auto-boost yield via Zest Protocol

See: references/pillar-wallet.md

Bitcoin Inscriptions

Inscribe and retrieve digital artifacts on Bitcoin:

Commit-reveal inscription workflow
Get inscription content and metadata
Protect ordinal UTXOs from accidental spending

See: references/inscription-workflow.md

x402 Paid APIs

Pay-per-use APIs with automatic micropayments on Stacks L2:

Discover available endpoints with list_x402_endpoints
Check cost before paying with probe_x402_endpoint
Execute endpoints with execute_x402_endpoint (safe-by-default — probes first)
Send inbox messages with send_inbox_message (use this instead of execute_x402_endpoint for inbox)
Build new x402 APIs with scaffold_x402_endpoint and scaffold_x402_ai_endpoint

Always probe before executing paid endpoints. Never call execute_x402_endpoint with autoApprove: true without checking cost first.

send_inbox_message — dedicated tool for aibtc.com inbox messages:

Parameters: recipientBtcAddress (bc1...), recipientStxAddress (SP...), content (max 500 chars), paymentTxid (optional)
Uses sponsored transactions: sender pays only the sBTC message cost, relay covers STX gas
Avoids sBTC settlement timeout issues that affect the generic execute_x402_endpoint tool
Implements the full 5-step x402 v2 payment flow with balance pre-check
paymentTxid (optional): provide a confirmed on-chain sBTC transfer txid to skip the x402 flow and deliver the message using that txid as payment proof — use for manual recovery when a settlement timeout left the sBTC payment confirmed on-chain but the message undelivered
Automatic recovery: if retries are exhausted, the tool checks whether any submitted payment txid confirmed on-chain and, if so, resubmits the message automatically — no agent action required

See: references/stacks-defi.md for endpoint catalog See: references/x402-inbox.md for inbox-specific flow details

Genesis Lifecycle

Agent identity and reputation on Bitcoin and Stacks:

L0: Local agent key generation
L1: Dual-chain plain-message signatures (btc_sign_message + stacks_sign_message)
L2: X claim + BTC airdrop activation
L3: On-chain identity registration via ERC-8004 (register_identity)
L4: Reputation bootstrapping (get_reputation, give_feedback)
Active: 5-minute check-ins to maintain reputation and liveness

See: references/genesis-lifecycle.md

Troubleshooting

"Wallet not unlocked"

Run wallet_unlock with your password before sending transactions.

"Insufficient balance"

Check get_btc_balance - you need enough BTC for amount + fees.

"Invalid address"

Ensure address matches network:

Mainnet: starts with bc1
Testnet: starts with tb1

See: references/troubleshooting.md

More Information

CLAUDE.md - Full tool documentation
GitHub - Source code
npm - Package

This skill follows the Agent Skills open specification.

安全使用建议

Key things to consider before installing or running this skill: - Source verification: the registry entry lacks a homepage/source even though the SKILL.md points to an npm package and GitHub repo. Verify the package (@aibtc/mcp-server) and repository contents manually on npmjs/github before running any npx or install commands. - Do not run the recommended `npx ... --install` on a production system without code review. npx will fetch and execute code from npm; inspect the package and its install script first (run in a sandbox or offline VM). - Expect to provide secrets and funds: the docs reference PILLAR_API_KEY, wallet mnemonics, and on-chain STX/sBTC/BTC operations. Treat any mnemonic or API key as highly sensitive and never paste it into unverified code or remote services. - Test in sandbox/testnet only: before using with real funds, run everything on testnet and with small amounts to validate flows (especially deposits, sBTC bridging, and inbox payment/recovery). - Watch automatic behaviors: the skill includes periodic check-ins, automatic chain polling, and recovery/resubmit logic that can continue network activity and potentially send funds. If you want to avoid autonomous payments, require manual approval for any transfer/execute operation and avoid enabling autoApprove or agent-autonomous invocation. - Inspect local storage behavior: wallets are stored (encrypted) under ~/.aibtc/ according to the docs. Verify encryption implementation and backup your mnemonic securely. Ensure the skill won't write secrets to unexpected locations. - If you decide to proceed: audit the referenced npm package and GitHub repo for install scripts, network endpoints, and payment code; confirm the aibtc/x402 endpoints are legitimate; and set agent-level budget/approval guards so payments cannot happen without explicit consent. Given the mismatches between declared metadata and the skill's actual instructions (and the presence of on-chain payment flows), approach this skill cautiously — verify sources and code before trusting it with any real keys or funds.

功能分析

Type: OpenClaw Skill Name: aibtc-bitcoin-wallet Version: 1.26.0 The skill bundle is classified as suspicious due to the inherent high-risk nature of its capabilities, which include managing cryptocurrency private keys, performing on-chain transactions (Bitcoin L1, Stacks L2, sBTC), interacting with DeFi protocols, deploying smart contracts, and making direct network calls to external APIs (e.g., `aibtc.com`, `pillarbtc.com`, x402 services). While these actions are explicitly documented as part of the skill's stated purpose, they grant significant control over financial assets and agent identity. The skill also relies on an `npx` command for installation (`SKILL.md`, `README.md`), which introduces a supply chain risk. Although the documentation includes safeguards like the 'probe-before-pay' mechanism for x402 endpoints (`x402-inbox.md`) and explicit warnings against bypassing them, the broad permissions and sensitive operations warrant a 'suspicious' classification, as there's no clear evidence of intentional malicious behavior within the skill's instructions or tool descriptions themselves.

能力评估

⚠ Purpose & Capability

The skill claims only instruction-level operation with no required env vars or binaries, but the SKILL.md and references repeatedly reference an npm package (@aibtc/mcp-server), a GitHub repo, and external services (aibtc.com, x402, Pillar) — things that normally require credentials and an install. Registry metadata lists no homepage/source, creating a mismatch between claimed minimal footprint and the real external dependencies implied by the docs.

⚠ Instruction Scope

Runtime instructions tell the agent to create/import/unlock wallets (stored at ~/.aibtc/), sign messages, POST those signatures to https://aibtc.com endpoints, perform periodic 5-minute check-ins, probe/pay x402 endpoints, and run automatic recovery/resubmission flows. Those are networked, state-changing operations (including on-chain payments) and go beyond read-only helpers; they require explicit human review and clear user consent for payments and periodic network activity.

⚠ Install Mechanism

The registry lists no install spec, yet SKILL.md recommends running `npx @aibtc/mcp-server@latest --install` (and cloning a GitHub repo). That npx instruction would fetch and execute code from npm at runtime (moderate risk). The skill's registry entry does not declare or link the package/repo it recommends, increasing the risk that a user may unknowingly execute unreviewed code.

⚠ Credentials

Registry metadata declares no required environment variables or primary credential, but references/pillar-wallet.md list PILLAR_API_URL and PILLAR_API_KEY and other tools require wallet keys and on-chain funds (STX, sBTC). The skill's operations (payments, sBTC deposits, automatic inbox recovery) implicitly require secrets/funding access that are not declared in the registry metadata — a mismatch that could mislead users about what they'll need to provide and what will be accessed.

⚠ Persistence & Privilege

always:false (good), but the skill describes autonomous behaviors: regular check-ins every 5 minutes, automatic chain polling for payment confirmation, and automated resubmission of messages. Because model invocation is allowed by default, those autonomous behaviors combined with on-chain payment capabilities increase blast radius if the agent runs without strict manual approval or budget limits.

版本历史

v1.26.0

- chore(main): release 1.26.0 (#176) - feat(inbox): allow inbox message resubmission with confirmed txid as payment proof (#183) - fix(inbox): make send_inbox_message resilient to stale relay dedup (#181) - fix: Add relay health monitoring and nonce gap detection (#174)

v1.25.0

- chore(main): release 1.25.0 (#175) - feat: improve Bitflow price impact UX and swap safety (#164) - feat(signing): add schnorr_sign_digest and schnorr_verify_digest for Taproot multisig (#163) - feat: enable Bitflow DEX tools with public API access (#162)

v1.24.1

- chore(main): release 1.24.1 (#169) - fix: nonce conflicts and inbox reliability (supersedes #155, #150) (#168)

v1.23.0

- chore(main): release 1.23.0 (#153) - feat: add send_inbox_message tool with sponsored x402 flow (#149) - docs(skill): sync x402 tools and expand genesis lifecycle (#144)

v1.22.4

- chore(main): release 1.22.4 (#143) - fix: prevent x402 payment retry loop and inscription pubkey error (#142) - test: add coverage for x402 pre-payment validation functions (#139)

v1.22.3

- chore(main): release 1.22.3 (#138) - fix: x402 registry paths and balance pre-checks (#136)

v1.22.0

- chore(main): release 1.22.0 (#123) - fix(version): add version detection to identify stale NPX cache (#124) - feat: add name-claim-fast for single-tx BNS V2 registration - feat(settings): add runtime Hiro API key management via MCP tools - feat(x402): add probe-before-pay flow to prevent sBTC loss

v1.21.0

- chore(main): release 1.21.0 (#110) - feat(pillar): add stacking tools, desktop install, and security improvements (#108)

v1.20.0

- chore(main): release 1.20.0 (#107) - feat: add post conditions to all transaction sites for PostConditionMode.Deny (#106)

v1.19.2

- chore(main): release 1.19.2 (#104) - fix: correct contract call arguments in sbtc_transfer, give_feedback, and get_reputation (#103)

v1.19.1

- chore(main): release 1.19.1 (#99) - fix: remove serialize() double-encoding from all transaction sites (#101) - fix: remove double-encoding in sponsored transaction serialization (#98)

v1.19.0

- chore(main): release 1.19.0 (#97) - feat: add sponsored transaction support for ERC-8004 and sBTC (#96) - docs: slim CLAUDE.md from 875 to 116 lines (#94)

v1.18.0

- chore(main): release 1.18.0 (#92) - feat: upgrade x402-stacks to v2 + aibtc.com inbox support (#93) - fix: make release publish resilient to already-published versions (#91)

v1.16.0

- chore(main): release 1.16.0 (#85) - feat: add ERC-8004 identity and reputation tools (#83)

v1.15.0

- chore(main): release 1.15.0 (#81) - feat: add genesis skill reference files (#80)

v1.14.2

- chore(main): release 1.14.2 (#74) - fix: update README description to match package metadata (#73)

v1.14.1

- chore(main): release 1.14.1 (#72) - fix: update package description for MCP registry (#71) - chore: update description to Bitcoin-native MCP server for AI agents (#70)

v1.14.0

- chore(main): release 1.14.0 (#69) - feat: add MCP registry configuration for modelcontextprotocol.io (#68)

元数据

Slug aibtc-bitcoin-wallet

版本 1.26.0

许可证 —

累计安装 2

当前安装数 2

历史版本数 18

常见问题