← 返回 Skills 市场

cdnsoft-wallet

Name: cdnsoft-wallet
Author: cromatikap

作者 cromatikap · GitHub ↗ · v0.3.4 · MIT-0

cross-platform ✓ 安全检测通过

178

总下载

当前安装

版本数

在 OpenClaw 中安装

/install cdnsoft-wallet

功能描述

EVM wallet tool for autonomous agents with built-in accountability. Creates, signs, and broadcasts ETH and ERC20 transfers on any EVM-compatible chain, then...

使用说明 (SKILL.md)

agentwallet

EVM wallet with accountability for autonomous agents. Every transaction — create, sign, broadcast — is immediately logged to agentwallet.json. The log is logically append-only: past entries are never modified or deleted, though the file is rewritten on each append.

⚠️ High-impact tool. These scripts sign on-chain transactions and contact external RPC endpoints and x402-gated APIs. Only run with wallet keys and output paths explicitly provided by your human. Always confirm --max-amount is set for x402 flows.

Install

This skill is distributed via ClawHub. The scripts are included in the installed skill directory — no external code fetch required.

Dependencies (install once if not present):

pip install eth-account requests

Usage

Arbitrary contract call (e.g. bridge, custom protocol):

python3 agentwallet/scripts/log_transaction.py 0.004 ETH Linea 0xBridgeContract "bridge to Base" \
    --wallet-key ~/.secrets/eth_wallet.json \
    --rpc https://rpc.linea.build \
    --calldata 0x1234abcd... \
    --output ~/website/treasury.json

Signs and broadcasts a raw contract call with custom calldata. Logs the transaction automatically.

x402 payment to a gated API (e.g. Actors.dev email, GateSkip):

python3 agentwallet/scripts/x402_request.py \
    --url https://actors.dev/emails \
    --wallet-key ~/.secrets/eth_wallet.json \
    --rpc https://mainnet.base.org \
    --output ~/website/treasury.json \
    --purpose "email to Verso" \
    --header "Authorization: Bearer YOUR_API_KEY" \
    --body '{"to": "[email protected]", "subject": "Hi", "body": "Hello!"}' \
    --max-amount 0.02 \
    --pay-to 0x3604712bd95ba2ff36b624f3ffeb6b73b34604ea

Handles full 402→sign EIP-712→retry flow. Logs USDC spend automatically. Always set --max-amount. Use --pay-to only when the facilitator address is stable — some providers (e.g. Actors.dev via Stripe) rotate it per request by design, so --pay-to would always abort.

Uniswap V3 swap (e.g. ETH → USDC on Base):

python3 agentwallet/scripts/log_transaction.py 0.0012 ETH Base - "swap ETH to USDC" \
    --wallet-key ~/.secrets/eth_wallet.json \
    --rpc https://mainnet.base.org \
    --swap-to 0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913 \
    --asset-out USDC --decimals-out 6

Logs two entries automatically: ETH out + USDC in.

python3 agentwallet/scripts/log_transaction.py \x3Camount> \x3Casset> \x3Cnetwork> \x3Cto> \x3Cpurpose> [options]

Send ETH:

python3 agentwallet/scripts/log_transaction.py 0.001 ETH Base 0xRecipient "fund wallet" \
    --wallet-key ~/.secrets/eth_wallet.json \
    --rpc https://mainnet.base.org

Send ERC20 (e.g. USDC on Base, 6 decimals):

python3 agentwallet/scripts/log_transaction.py 0.02 USDC Base 0xRecipient "GateSkip captcha" \
    --wallet-key ~/.secrets/eth_wallet.json \
    --rpc https://mainnet.base.org \
    --contract 0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913 \
    --decimals 6

Log only (no broadcast):

python3 agentwallet/scripts/log_transaction.py 0.02 USDC Base 0xRecipient "manual payment" \
    --tx-hash 0xabc123...

Options

Option	Description
`--wallet-key \x3Cpath>`	JSON file with `"private_key"` field. Required for broadcasting.
`--rpc \x3Curl>`	EVM-compatible RPC endpoint. Required for broadcasting.
`--contract \x3Caddr>`	ERC20 contract address. Omit for native ETH.
`--decimals \x3Cint>`	Token decimals. Default: 18. USDC = 6.
`--output \x3Cpath>`	Path to `agentwallet.json`. Required — ask your human if unsure.
`--tx-hash \x3Chash>`	Skip broadcast, log an existing hash only.
`--direction \x3Csent\|received>`	Direction of the transaction. Default: `sent`. Use `received` to log incoming transactions (requires `--tx-hash`).
`--calldata \x3Chex>`	Raw calldata hex (with or without `0x` prefix) — triggers arbitrary contract call instead of transfer.
`--swap-to \x3Ccontract>`	Output token contract address — triggers Uniswap V3 swap instead of transfer.
`--asset-out \x3Csymbol>`	Output asset symbol for the log (default: TOKEN).
`--decimals-out \x3Cint>`	Output token decimals (default: 6).
`--fee \x3Cint>`	Uniswap V3 pool fee tier in bps (default: 500 = 0.05%).
`--min-out \x3Camount>`	Minimum output amount in human units (e.g. `2.4`). Enables slippage protection — swap reverts if output is below this. Recommended for larger swaps.

Wallet JSON format

{ "private_key": "0x..." }

Keep at chmod 600. Never commit to git.

Log format

{
  "transactions": [
    {
      "date": "2026-04-01T10:00:00Z",
      "amount": "0.02",
      "asset": "USDC",
      "network": "Base",
      "to": "0xRecipient...",
      "purpose": "GateSkip captcha solve",
      "tx_hash": "0xabc123..."
    }
  ]
}

Rules

Log before or immediately after every transaction — never batch or defer
Use "pending" for tx hash if not yet confirmed
Never modify or delete past log entries — the log is a permanent audit trail
If --wallet-key or --output are not known, ask your human before proceeding
For x402 flows, always confirm --max-amount is set to prevent signing unexpected amounts

Docs

Full documentation: https://cdnsoft.github.io/agentwallet

安全使用建议

This skill appears to do exactly what it says: sign and broadcast EVM transactions and log them locally. Key safety notes before installing or running: (1) Never give an agent your main/private wallet file unless you fully trust it — prefer a dedicated, funded test or merchant wallet with limited balance. (2) Always pass --output to a path you control, and set file permissions (chmod 600) on wallet JSON. (3) For x402 flows, always use --max-amount and (when practical) --pay-to to avoid unexpected payouts. (4) Review the scripts yourself (they are included) and test with a small transaction on a testnet or a tiny balance before any production use. (5) If you want stricter protection, use a hardware wallet or signing service that disallows arbitrary transaction broadcasting.

功能分析

Type: OpenClaw Skill Name: cdnsoft-wallet Version: 0.3.4 The bundle provides a legitimate EVM wallet utility for autonomous agents, enabling ETH/ERC20 transfers, Uniswap V3 swaps, and x402-compliant payment flows. The scripts (log_transaction.py and x402_request.py) perform local transaction signing using the eth-account library and include defensive features such as mandatory audit logging, slippage protection, and user-defined maximum payment caps (--max-amount) to prevent overspending. The documentation in SKILL.md correctly instructs the agent to seek human approval for sensitive paths and transaction limits, and no evidence of secret exfiltration or unauthorized execution was found.

能力评估

✓ Purpose & Capability

Name/description match the provided scripts and SKILL.md. The tool performs on-chain signing, RPC calls, x402 payment flows, and local logging; those actions require a wallet key and RPC URL passed as CLI args, which is appropriate for a wallet skill.

✓ Instruction Scope

Runtime instructions are explicit about required inputs (--wallet-key, --rpc, --output) and warn about safety (--max-amount, ask your human). The SKILL.md does not instruct the agent to read unrelated system files or environment variables, nor to exfiltrate secrets to external endpoints beyond the target RPC/API URLs the user supplies.

✓ Install Mechanism

No installer downloads or post-install hooks are present; dependencies are standard Python packages (eth-account, requests). The skill is instruction-and-script-only, so nothing external is fetched by the install spec in the provided bundle.

✓ Credentials

The skill requests no environment variables or hidden credentials. It explicitly requires a wallet JSON file (private_key) and RPC/API endpoints at runtime — these are necessary and proportionate for signing and broadcasting transactions and for x402 flows.

ℹ Persistence & Privilege

The skill does not request permanent/always-on presence and does not modify other skills. It can be invoked autonomously by agents (platform default); because it can sign and broadcast transactions if given a private key, you should only provide wallet keys when you trust the agent and limit allowed spend (use --max-amount / --pay-to).

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install cdnsoft-wallet
安装完成后，直接呼叫该 Skill 的名称或使用 /cdnsoft-wallet 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.3.4

Release 0.3.4

v0.3.3

Release 0.3.3

v0.3.2

Release 0.3.2

v0.3.1

Release 0.3.1

v0.3.0

Release 0.3.0

v0.2.1

Release 0.2.1

v0.2.0

Release 0.2.0

v0.1.3

Release 0.1.3

v0.1.2

Release 0.1.2

v0.1.1

Release 0.1.1

v0.1.0

Release 0.1.0

元数据

Slug cdnsoft-wallet

版本 0.3.4

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 11

常见问题

cdnsoft-wallet 是什么？

EVM wallet tool for autonomous agents with built-in accountability. Creates, signs, and broadcasts ETH and ERC20 transfers on any EVM-compatible chain, then... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 178 次。

如何安装 cdnsoft-wallet？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install cdnsoft-wallet」即可一键安装，无需额外配置。

cdnsoft-wallet 是免费的吗？

是的，cdnsoft-wallet 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

cdnsoft-wallet 支持哪些平台？

cdnsoft-wallet 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 cdnsoft-wallet？

由 cromatikap（@cromatikap）开发并维护，当前版本 v0.3.4。