功能描述

Verify AI agent identity and reputation via ERC-8004 on-chain registries

使用说明 (SKILL.md)

ChaosChain - On-Chain Agent Trust & Reputation

Name: ChaosChain - Agent Trust & Reputation
Author: sumeetchougule

ChaosChain is the trust layer for AI agents. This skill lets you verify agent identities and check on-chain reputation scores from the ERC-8004 registries.

What This Skill Does

✅ Verify - Check if an agent has on-chain identity ✅ Reputation - View multi-dimensional reputation scores ✅ Trust - Make informed decisions before trusting other agents

❌ This skill does NOT execute workflows, submit work, or handle payments. ❌ This is a READ-ONLY trust visualization tool by default.

Commands

`/chaoschain verify \x3Cagent_id_or_address>`

Check if an agent is registered on ERC-8004 and view their basic info.

/chaoschain verify 450
/chaoschain verify 0x1234...abcd

Returns:

Registration status
Agent name and domain (if available)
Owner address
Trust score summary

`/chaoschain reputation \x3Cagent_id_or_address>`

View detailed multi-dimensional reputation scores for an agent.

/chaoschain reputation 450

Returns 5 Proof of Agency dimensions:

Initiative
Collaboration
Reasoning
Compliance
Efficiency

`/chaoschain whoami`

Check if YOUR agent wallet has an on-chain identity.

/chaoschain whoami

Requires CHAOSCHAIN_PRIVATE_KEY or CHAOSCHAIN_ADDRESS to be set.

`/chaoschain register` (OPTIONAL - On-Chain Action)

⚠️ WARNING: This command submits an on-chain transaction.

Register your agent on the ERC-8004 IdentityRegistry.

/chaoschain register                    # Defaults to Sepolia (safe)
/chaoschain register --network sepolia  # Recommended for testing
/chaoschain register --network mainnet  # Advanced users only

Requirements:

CHAOSCHAIN_PRIVATE_KEY must be set
Wallet must have ETH for gas (~0.001 ETH)
This is a ONE-TIME action per wallet

Safety Default: Registration defaults to Sepolia testnet to prevent accidental mainnet transactions. Use --network mainnet explicitly for production.

Network Defaults

Command	Default Network	Reason
`verify`	Mainnet	Production reputation data
`reputation`	Mainnet	Production reputation data
`whoami`	Mainnet	Check production identity
`register`	Sepolia	Safety - avoid accidental mainnet txs

Override with --network \x3Cnetwork_key>:

/chaoschain verify 450 --network base_mainnet
/chaoschain register --network ethereum_mainnet

Setup

After Installation (Required Once)

Run the setup script to install Python dependencies:

cd ~/.openclaw/skills/chaoschain
./scripts/setup.sh

This creates a virtual environment with web3 and other dependencies.

Read-Only Mode (Default)

No setup required after running setup.sh! Just use /chaoschain verify and /chaoschain reputation.

With Your Own Wallet (Optional)

To use /chaoschain whoami or /chaoschain register, add to your OpenClaw config:

{
  "skills": {
    "entries": {
      "chaoschain": {
        "enabled": true,
        "env": {
          "CHAOSCHAIN_ADDRESS": "0xYourAddress...",
          "CHAOSCHAIN_NETWORK": "mainnet"
        }
      }
    }
  }
}

For registration (on-chain action):

{
  "skills": {
    "entries": {
      "chaoschain": {
        "enabled": true,
        "env": {
          "CHAOSCHAIN_PRIVATE_KEY": "0x...",
          "CHAOSCHAIN_NETWORK": "mainnet"
        }
      }
    }
  }
}

Network Options

Mainnet keys (same official ERC-8004 registries):

ethereum_mainnet
base_mainnet
polygon_mainnet
arbitrum_mainnet
celo_mainnet
gnosis_mainnet
scroll_mainnet
taiko_mainnet
monad_mainnet
bsc_mainnet

Testnet keys (same official ERC-8004 registries):

ethereum_sepolia
base_sepolia
polygon_amoy
arbitrum_testnet
celo_testnet
scroll_testnet
monad_testnet
bsc_testnet
optimism_sepolia
linea_sepolia
mode_testnet

Backward-compatible aliases:

mainnet -> ethereum_mainnet
sepolia -> ethereum_sepolia

Example Usage

Before trusting an agent to help with a task:

User: /chaoschain verify 550

Agent: ⛓️ Agent #550 Verification
       ━━━━━━━━━━━━━━━━━━━━━━━━━━
       ✅ REGISTERED on ERC-8004
       
       Name: DataAnalyzer
       Domain: analyzer.ai
       Owner: 0x2A47...8B8
       
       Trust Summary: 87/100 (HIGH)
       Total Feedback: 23 reviews
       
       This agent has verified on-chain identity.

Check detailed reputation:

User: /chaoschain reputation 550

Agent: ⛓️ Agent #550 Reputation
       ━━━━━━━━━━━━━━━━━━━━━━━━━━
       
       Initiative:    ████████░░ 81/100
       Collaboration: █████████░ 89/100
       Reasoning:     █████████░ 88/100
       Compliance:    ████████░░ 84/100
       Efficiency:    █████████░ 93/100
       
       Overall: 87/100 (HIGH TRUST)
       Based on 23 on-chain feedback entries.

What is ERC-8004?

ERC-8004 is the Ethereum standard for Trustless Agents. It provides:

IdentityRegistry - On-chain agent registration (NFT-based)
ReputationRegistry - Feedback and reputation scores
ValidationRegistry - Independent validation records

ChaosChain is a reference implementation of ERC-8004.

Contract Addresses

Network	Registry	Address
Mainnet (all supported mainnet chains)	Identity	`0x8004A169FB4a3325136EB29fA0ceB6D2e539a432`
Mainnet (all supported mainnet chains)	Reputation	`0x8004BAa17C55a88189AE136b182e5fdA19dE9b63`
Testnet (all supported testnet chains)	Identity	`0x8004A818BFB912233c491871b3d84c89A494BD9e`
Testnet (all supported testnet chains)	Reputation	`0x8004B663056A597Dffe9eCcC1965A193B7388713`

Learn More

Security Notes

This skill is READ-ONLY by default
/chaoschain register is the ONLY command that writes on-chain
Private keys are only used for registration, never for viewing
No funds are transferred, only gas for registration
Source code: {baseDir}/scripts/

安全使用建议

This skill appears to do what it claims (read ERC-8004 registries) and installs only Python dependencies, but take these precautions before installing or supplying secrets: - You do not need to provide any env vars to use read-only commands (verify, reputation). Do not set CHAOSCHAIN_PRIVATE_KEY unless you intend to perform the explicit /chaoschain register action. - Do NOT store a mainnet private key in openclaw.json or plaintext config. If you must register, prefer using a dedicated testnet or ephemeral wallet and never reuse a key that controls valuable funds. - Review the full scripts/chaoschain_skill.py before trusting the skill with credentials to confirm the private key is used only for signing register txns and not exfiltrated. Consider running the skill in an isolated environment or sandbox until audited. - If you want to avoid third-party RPC providers, set CHAOSCHAIN_RPC_URL to a provider you control or a trusted RPC to avoid sending queries to the hardcoded public endpoints. - Ask the maintainer to update registry metadata to list optional env vars (CHAOSCHAIN_PRIVATE_KEY, CHAOSCHAIN_ADDRESS, CHAOSCHAIN_RPC_URL) so users see the requirement upfront. If you are comfortable keeping private keys offline or using a throwaway testnet key, the read-only parts are reasonable to use; otherwise treat this skill as requiring manual code review and careful secret handling.

功能分析

Type: OpenClaw Skill Name: chaoschain Version: 1.0.2 The skill "chaoschain" is designed to verify AI agent identities and reputation on ERC-8004 on-chain registries, with an optional command to register an agent. The analysis of all files reveals the following: 1. **SKILL.md and README.md**: These documentation files clearly state the skill's purpose, commands, and explicitly warn about the `/chaoschain register` command performing an on-chain transaction. They emphasize that the skill is "READ-ONLY by default" and that private keys are only used for registration. There are no hidden instructions or prompt injection attempts designed to mislead the agent into performing unauthorized actions or exfiltrating data. 2. **scripts/setup.sh**: This script performs standard setup tasks: creating a Python virtual environment, installing dependencies from `requirements.txt`, and making Python scripts executable. It contains no malicious commands or unusual system interactions. 3. **scripts/chaoschain_skill.py**: This is the core logic. It connects to various EVM networks using `web3.py` to interact with ERC-8004 Identity and Reputation registries. * **Read Operations**: The `verify`, `reputation`, and `whoami` commands are strictly read-only, querying blockchain data and displaying it. * **Write Operation (`cmd_register`)**: This is the only command that performs an on-chain transaction. It requires `CHAOSCHAIN_PRIVATE_KEY` to be set as an environment variable (as per OpenClaw's secure secret handling). It explicitly warns the user about the transaction, defaults to a testnet (Sepolia) for safety, checks for sufficient ETH for gas, and constructs a benign agent URI for registration. The private key is used solely for signing this specific transaction, with no evidence of exfiltration or misuse. * The contract addresses for ERC-8004 registries are hardcoded and appear legitimate. * The code is clear, well-structured, and lacks any obfuscation. 4. **Wrapper Scripts (scripts/register.py, scripts/reputation.py, scripts/verify_agent.py, scripts/whoami.py)**: These are simple Python wrappers that call the main `chaoschain_skill.py` script within the virtual environment. This is a standard and benign pattern for OpenClaw skills. 5. **requirements.txt**: Lists `web3` and `eth-account`, which are standard and expected dependencies for Ethereum blockchain interaction. There is no evidence of data exfiltration (e.g., reading sensitive files like `~/.ssh`, `~/.aws`, or sending data to external endpoints beyond legitimate RPC calls), malicious execution (e.g., `curl|bash` of unknown payloads), persistence mechanisms, or obfuscation. The on-chain transaction capability is transparently disclosed and implemented with safety defaults. **Classification: benign** The skill is benign. It transparently implements its stated purpose of interacting with ERC-8004 blockchain registries for agent identity and reputation verification. The only on-chain write operation (`register`) is clearly warned, defaults to a testnet, and securely handles private keys via environment variables for signing the intended transaction, without any indication of malicious intent or unauthorized actions.

能力评估

ℹ Purpose & Capability

Name/description (ERC-8004 identity & reputation) align with the code and deps: Python + web3/eth-account are appropriate. The skill also offers an optional on‑chain write (register) which is documented. Minor inconsistency: Registry metadata declares no required environment variables or credentials, but the SKILL.md/README/code document optional env vars (CHAOSCHAIN_PRIVATE_KEY, CHAOSCHAIN_ADDRESS, CHAOSCHAIN_RPC_URL) needed for some commands.

⚠ Instruction Scope

Runtime instructions and wrappers are narrowly scoped to read-only chain queries (verify, reputation, whoami) and an explicit register command for writes. However SKILL.md instructs users to put private keys directly into the OpenClaw config for register/whoami, which expands scope to sensitive credential handling. The skill uses many hardcoded public RPC endpoints for reads — expected for this use case but worth noting since traffic will go to those providers.

✓ Install Mechanism

No external arbitrary downloads; installation is a simple setup.sh that creates a Python venv and pip-installs web3 and eth-account from PyPI (requirements.txt). This is proportionate to the skill's purpose and is lower risk than remote binary downloads.

⚠ Credentials

The only sensitive credential required is CHAOSCHAIN_PRIVATE_KEY (optional, only for register). That is proportionate to performing an on-chain register, but the skill's documentation encourages storing the private key in OpenClaw config (plain JSON), which is high-risk. Also the public metadata does not list these optional env vars, creating an informational mismatch that could cause users to inadvertently grant secrets without noticing.

ℹ Persistence & Privilege

The skill does not request always:true and does not create background processes. Model invocation is allowed (default), which is expected, but if you supply a private key and allow autonomous invocation the agent could invoke /chaoschain register autonomously — the README says registration defaults to Sepolia and requires explicit command, but autonomous invocation combined with provided credentials increases blast radius.

版本历史

v1.0.2

Added full ERC-8004 multi-network support aligned with SDK network coverage. - Added support for all official mainnet/testnet network keys - Kept backward compatibility for `mainnet` and `sepolia` aliases - Updated defaults: read -> ethereum_mainnet, register -> ethereum_sepolia - Updated SKILL.md and README with full network list and usage examples

v1.0.1

v1.0.1: Include Python scripts for verify/reputation commands

v1.0.0

ChaosChain 1.0.0 - Initial release - Verify AI agent on-chain identity and ownership using ERC-8004 registries. - View multi-dimensional reputation scores for any registered agent. - Read-only trust assessment via `/chaoschain verify`, `/chaoschain reputation`, and `/chaoschain whoami` (no setup required). - Optional on-chain agent registration with `/chaoschain register` (requires private key; defaults to Sepolia testnet). - Supports safe network selection (mainnet/testnet) for all commands. - Designed for agent trust decisions in open environments; does not handle payments or automate workflows.

元数据

Slug chaoschain

版本 1.0.2

许可证 —

累计安装 2

当前安装数 2

历史版本数 3

常见问题

ChaosChain - Agent Trust & Reputation 是什么？

Verify AI agent identity and reputation via ERC-8004 on-chain registries. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 1699 次。

如何安装 ChaosChain - Agent Trust & Reputation？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install chaoschain」即可一键安装，无需额外配置。

ChaosChain - Agent Trust & Reputation 是免费的吗？

是的，ChaosChain - Agent Trust & Reputation 完全免费（开源免费），可自由下载、安装和使用。

ChaosChain - Agent Trust & Reputation 支持哪些平台？

ChaosChain - Agent Trust & Reputation 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 ChaosChain - Agent Trust & Reputation？

由 SumeetChougule（@sumeetchougule）开发并维护，当前版本 v1.0.2。

ChaosChain - Agent Trust & Reputation