← 返回 Skills 市场
b402 Private DeFi
作者
mmchougule
· GitHub ↗
· v0.4.2
· MIT-0
60
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install b402-private-defi
功能描述
Private DeFi for AI agents. Shield tokens into a Railgun ZK privacy pool, swap privately, lend into Morpho vaults for yield, and bridge cross-chain via LI.FI...
使用说明 (SKILL.md)
b402 — Private DeFi for AI Agents
Shield. Swap. Lend. Bridge. All private. All gasless.
b402 wraps Railgun's ZK privacy pool with an agent-friendly SDK and MCP server. On-chain observers see "RelayAdapt called a DEX" — not your wallet, not your strategy.
Install
npx b402-mcp@latest --claude
This generates a wallet at ~/.b402/wallet.json, patches your Claude Desktop config, and registers the MCP server. Fund the wallet with USDC on Base to start.
Tools
| Tool | What it does |
|---|---|
check_pool_balance |
Show shielded balances, wallet state, vault positions |
shield_usdc |
Move USDC into the Railgun privacy pool (gasless) |
private_swap |
Swap tokens inside the pool via ZK proof (USDC↔WETH, etc.) |
lend_privately |
Deposit into Morpho vault from pool (~4-8% APY) |
redeem_privately |
Withdraw from Morpho vault back to pool |
cross_chain_privately |
Private cross-chain transfer or swap via LI.FI (Base→Arb, etc.) |
get_swap_quote |
Preview swap rates without executing |
run_strategy |
Multi-step: swap + lend + reserve in one call |
Example prompts
- "Check my privacy pool balance"
- "Shield 5 USDC into the pool"
- "Swap 2 USDC to WETH privately"
- "Privately send 1 USDC to 0xABC... on Arbitrum"
- "Private cross-chain swap: 1 USDC from pool to ARB on Arbitrum, to 0xABC..."
- "Lend 10 USDC in the steakhouse vault"
- "Run a yield strategy: 30% WETH, 50% lend, 20% reserve"
How it works
Agent prompt → MCP tool call → b402-sdk
→ Railgun ZK proof (client-side, 10-30s)
→ RelayAdapt atomic tx (unshield → DeFi op → reshield)
→ On-chain: only RelayAdapt visible. No wallet linked.
Cross-chain: LI.FI routes through ~30 bridges + ~20 DEXes. Source and destination are unlinkable.
Supported chains
| Chain | ID | Privacy pool | Cross-chain |
|---|---|---|---|
| Base | 8453 | Yes (0% fee) | Source + dest |
| Arbitrum | 42161 | Yes (0% fee) | Dest only (v1) |
| BSC | 56 | Yes (0% fee) | Dest only (v1) |
SDK usage (for builders)
import { B402 } from '@b402ai/sdk'
const b402 = new B402({ privateKey: process.env.WORKER_PRIVATE_KEY! })
// Shield into privacy pool (gasless)
await b402.shieldFromEOA({ token: 'USDC', amount: '10' })
// Private swap inside pool
await b402.privateSwap({ from: 'USDC', to: 'WETH', amount: '5' })
// Private cross-chain (LI.FI routing)
await b402.privateCrossChain({
toChain: 'arbitrum',
fromToken: 'USDC',
toToken: 'ARB',
amount: '1',
destinationAddress: '0x...',
})
// Private lend (Morpho vaults, 4-8% APY)
await b402.privateLend({ amount: '10', vault: 'steakhouse' })
Links
- SDK: npmjs.com/package/@b402ai/sdk
- MCP: npmjs.com/package/b402-mcp
- Starter: github.com/b402-ai/b402-starter
- Agent template: github.com/b402-ai/b402-agent-starter
安全使用建议
This skill is plausible for private DeFi, but it requires strong trust before you install or run it. Key things to consider before installing: 1) It asks for WORKER_PRIVATE_KEY — feeding a raw private key to any tool gives it full control over funds; prefer using ephemeral accounts or hardware signing if possible. 2) The installer (npx b402-mcp@latest) will create ~/.b402/wallet.json — confirm whether that file stores an unencrypted private key. 3) The installer will 'patch your Claude Desktop config' and 'register the MCP server' — understand exactly what config is changed and what network endpoints the MCP server opens (is it locally bound only, or exposed remotely?). 4) npx @latest runs code fetched at install-time: review the npm package source (b402-mcp) and the referenced GitHub repo before running; prefer pinned versions and inspect the package contents. 5) If you plan to proceed, test in an isolated environment (VM/container) with small amounts or a throwaway account first. Ask the publisher for: (a) a clear explanation of what 'patch Claude Desktop config' does, (b) whether ~/.b402/wallet.json is encrypted, (c) whether WORKER_PRIVATE_KEY is strictly required or optional, (d) the exact network interfaces/ports the MCP server binds to and whether it requires authentication, and (e) a pinned package release and reproducible build/source link so you can audit the code.
功能分析
Type: OpenClaw Skill
Name: b402-private-defi
Version: 0.4.2
The b402-private-defi skill provides tools for privacy-preserving DeFi operations, including shielding tokens and cross-chain bridging. It requires a high-value secret (WORKER_PRIVATE_KEY) and performs 'untraceable' financial transactions, which are high-risk behaviors. While these actions are aligned with the stated purpose, the combination of private key handling and the installation of external code via 'npx b402-mcp' (SKILL.md) warrants a suspicious classification due to the potential for abuse or exploitation.
能力标签
能力评估
Purpose & Capability
Requiring node/npx and a private key is coherent for a DeFi SDK that must sign transactions. The declared npm package (b402-mcp) aligns with the described MCP server. However, the SKILL.md explicitly says the installer will 'patch your Claude Desktop config' and 'register the MCP server' which are not intrinsic to 'shield/swap/lend/bridge' operations and suggest broader system integration.
Instruction Scope
The SKILL.md instructs running npx b402-mcp@latest which will generate ~/.b402/wallet.json, patch Claude Desktop config, and register an MCP server. Those steps read/write user home files and modify another agent's configuration — actions outside the minimal scope of a DeFi SDK and that grant long-lived capabilities and persistence.
Install Mechanism
Installation uses an npm package (b402-mcp) which is a traceable registry source (moderate risk). However, the recommended npx @latest pattern downloads and runs whatever is published at runtime, which increases supply-chain risk compared to installing a pinned, reviewed release.
Credentials
The skill only declares a single required credential (WORKER_PRIVATE_KEY), which is appropriate for signing transactions. But the installer also writes a wallet file to disk (~/.b402/wallet.json) and patches desktop config — this implies storing private keys locally and giving the tool persistent access to the agent environment. The SKILL.md does not clarify whether the wallet file is encrypted, whether the env key is copied there, or why both a generated wallet and an env private key are needed.
Persistence & Privilege
The skill will persist credentials to disk and modify another agent's (Claude Desktop) configuration and 'register' an MCP server. Modifying other agent configs and registering services increases the blast radius and is outside the typical scope of a single-purpose skill.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install b402-private-defi - 安装完成后,直接呼叫该 Skill 的名称或使用
/b402-private-defi触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.4.2
Initial release: private swap, lend, cross-chain via LI.FI, all gasless + ZK-private
元数据
常见问题
b402 Private DeFi 是什么?
Private DeFi for AI agents. Shield tokens into a Railgun ZK privacy pool, swap privately, lend into Morpho vaults for yield, and bridge cross-chain via LI.FI... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 60 次。
如何安装 b402 Private DeFi?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install b402-private-defi」即可一键安装,无需额外配置。
b402 Private DeFi 是免费的吗?
是的,b402 Private DeFi 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
b402 Private DeFi 支持哪些平台?
b402 Private DeFi 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 b402 Private DeFi?
由 mmchougule(@mmchougule)开发并维护,当前版本 v0.4.2。
推荐 Skills