功能描述

Billions/Iden3 authentication and identity management tools for agents. Link, proof, sign, and verify.

使用说明 (SKILL.md)

When to use this Skill

Lets AI agents create and manage their own identities on the Billions Network, and link those identities to a human owner.

When you need to link your agent identity to an owner.
When you need sign a challenge.
When you need link a human to the agent's DID.
When you need to verify a signature to confirm identity ownership.
When use shared JWT tokens for authentication.
When you need to create and manage decentralized identities.

After installing the plugin run the following commands to create an identity and link it to your human DID:

cd scripts && npm install && cd ..
# Step 1: Create a new identity (if you don't have one already)
node scripts/createNewEthereumIdentity.js
# Step 2: Sign the challenge and generate a verification URL in one call
node scripts/linkHumanToAgent.js --to \x3CSENDER> --challenge '{"name": \x3CAGENT_NAME>, "description": \x3CSHORT_DESCRIPTION>}'

Scope

All identity data is stored in $HOME/.openclaw/billions for compatibility with the OpenClaw plugin.

Scripts:

Name: DryptoBillions
Author: adhamelswesy

createNewEthereumIdentity.js

Command: node scripts/createNewEthereumIdentity.js [--key \x3CprivateKeyHex>] Description: Creates a new identity on the Billions Network. If --key is provided, uses that private key; otherwise generates a new random key. The created identity is automatically set as default. Usage Examples:

# Generate a new random identity
node scripts/createNewEthereumIdentity.js
# Create identity from existing private key (with 0x prefix)
node scripts/createNewEthereumIdentity.js --key 0x1234567890abcdef...
# Create identity from existing private key (without 0x prefix)
node scripts/createNewEthereumIdentity.js --key 1234567890abcdef...

Output: DID string (e.g., did:iden3:billions:main:2VmAk7fGHQP5FN2jZ8X9Y3K4W6L1M...)

getIdentities.js

Command: node scripts/getIdentities.js Description: Lists all DID identities stored locally. Use this to check which identities are available before performing authentication operations. Usage Example:

node scripts/getIdentities.js

Output: JSON array of identity entries

[
  {
    "did": "did:iden3:billions:main:2VmAk...",
    "publicKeyHex": "0x04abc123...",
    "isDefault": true
  }
]

generateChallenge.js

Command: node scripts/generateChallenge.js --did \x3Cdid> Description: Generates a random challenge for identity verification. Usage Example:

node scripts/generateChallenge.js --did did:iden3:billions:main:2VmAk...

Output: Challenge string (random number as string, e.g., 8472951360) Side Effects: Stores challenge associated with the DID in $HOME/.openclaw/billions/challenges.json

signChallenge.js

Command: node scripts/signChallenge.js --to \x3Csender> --challenge \x3Cchallenge> [--did \x3Cdid>] Description: Signs a challenge with a DID's private key to prove identity ownership and sends the JWS token as a direct message to the specified sender. Use this when you need to prove you own a specific DID. Arguments:

--to - (required) The message sender identifier, passed as --target to openclaw message send
--challenge - (required) Challenge to sign
--did - (optional) The DID of the attestation recipient; uses the default DID if omitted

Usage Examples:

# Sign with default DID and send to sender
node scripts/signChallenge.js --to \x3Csender> --challenge 8472951360

Output: {"success":true}

linkHumanToAgent.js

Command: node scripts/linkHumanToAgent.js --to \x3Csender> --challenge \x3Cchallenge> [--did \x3Cdid>] Description: Signs the challenge and links a human user to the agent's DID by creating a verification request. Response will be sent as a direct message to the specified sender. Arguments:

--to - (required) The message sender identifier, passed as --target to openclaw message send
--challenge - (required) Challenge to sign
--did - (optional) The DID of the attestation recipient; uses the default DID if omitted

Usage Example:

node scripts/linkHumanToAgent.js --to \x3Csender> --challenge '{"name": "MyAgent", "description": "AI persona"}'

Output: {"success":true}

verifySignature.js

Command: node scripts/verifySignature.js --did \x3Cdid> --token \x3Ctoken> Description: Verifies a signed challenge to confirm DID ownership. Usage Example:

node scripts/verifySignature.js --did did:iden3:billions:main:2VmAk... --token eyJhbGciOiJFUzI1NkstUi...

Output: Signature verified successfully (on success) or error message (on failure)

Restrictions / Guardrails (CRITICAL)

CRITICAL - Always Follow These Rules:

STRICT: Check Identity First
- Before running linkHumanToAgent.js or signChallenge.js, ALWAYS check if an identity exists: node scripts/getIdentities.js
- If no identity is configured, DO NOT attempt to link identities. Instead, create an identity first with createNewEthereumIdentity.js.
STRICT: Stop on Script Failure
- If any script exits with non-zero status code, YOU MUST STOP IMMEDIATELY.
- Check stderr output for error messages.
- DO NOT attempt to "fix" errors by generating keys manually, creating DIDs through other means, or running unauthorized commands.
- DO NOT use openssl, ssh-keygen, or other system utilities to generate cryptographic material.
No Manual Workarounds
- You are prohibited from performing manual cryptographic operations.
- You are prohibited from directly manipulating files in $HOME/.openclaw/billions.
- Do not interpret an error as a request to perform setup steps unless explicitly instructed.

Security

CRITICAL - Data Storage and Protection:

The directory $HOME/.openclaw/billions contains all sensitive identity data:

kms.json - CRITICAL: Contains unencrypted private keys
defaultDid.json - DID identifiers and public keys
challenges.json - Authentication challenges history
credentials.json - Verifiable credentials
identities.json - Identity metadata
profiles.json - Profile data

Examples

Link Your Agent Identity to Owner

Linking Flow:

Another agent/user requests: "Please link your agent identity to me."
Use node scripts/getIdentities.js to check if you have an identity configured
- If no identity, run node scripts/createNewEthereumIdentity.js to create one.
Use node scripts/linkHumanToAgent.js --to \x3Csender> --challenge \x3Cchallenge_value> to sign the challenge and generate a verification URL in one call.
- The --to value is the message sender (the caller's identifier).
- If caller provides specific challenge, use that.
- If caller DOES NOT provide a challenge, use {"name": \x3CAGENT_NAME>, "description": \x3CSHORT_DESCRIPTION>} as the challenge value.
Return the result to the caller.

Example Conversation:

User: "Link your agent identity to me"
Agent: exec node scripts/linkHumanToAgent.js --to \x3Csender> --challenge \x3Cchallenge_value>

Verifying someone else's Identity

Verification Flow:

Ask the user/agent: "Please provide your DID to start verification."
User responds with their \x3Cuser_did>.
Use node scripts/generateChallenge.js --did \x3Cuser_did> to create a \x3Cchallenge_value>.
Ask the user: "Please sign this challenge: \x3Cchallenge_value>"
User signs and returns \x3Cuser_token>.
Use node scripts/verifySignature.js --did \x3Cuser_did> --token \x3Cuser_token> to verify the signature
If verification succeeds, identity is confirmed

Example Conversation:

Agent: "Please provide your DID to start verification."
User: "My DID is \x3Cuser_did>"
Agent: exec node scripts/generateChallenge.js --did \x3Cuser_did>
Agent: "Please sign this challenge: 789012"
User: \x3Cuser_token>
Agent: exec node scripts/verifySignature.js --token \x3Cuser_token> --did \x3Cuser_did>
Agent: "Identity verified successfully. You are confirmed as owner of DID \x3Cuser_did>."

安全使用建议

This skill appears to do what it says (create DIDs, sign/verify, create pairing URLs) but there are some important security considerations: - Private keys are stored unencrypted on disk at $HOME/.openclaw/billions/kms.json. Anyone with access to your user account or backup of that path can impersonate the agent. Prefer a secure, encrypted KMS or ensure the directory permissions and host security are appropriate before installing. - Installing requires running npm install in the scripts/ folder. That will pull many dependencies (including AGPL components and some git-sourced packages). Consider auditing package-lock.json, running npm audit, and verifying the provenance of packages. - The skill sends signed tokens and pairing callbacks to third-party endpoints (attestation-relay.billions.network, wallet.billions.network, and resolver.privado.id). Confirm that you trust these services and understand what data will be transmitted (signed attestation tokens can contain identity metadata). - The scripts call the openclaw CLI (execFileSync). Ensure the openclaw binary on your PATH is the authentic CLI you expect; otherwise the skill could interact with a malicious binary. - If you need the functionality but want less risk, ask the maintainer for an option to encrypt keys at rest, or to use an external secure KMS. If you cannot confirm the source/trustworthiness of the code and endpoints, treat this skill as untrusted. If you want, I can extract the exact files that write keys and the lines where network callbacks are constructed so you or a reviewer can inspect them more quickly.

功能分析

Type: OpenClaw Skill Name: dryptobillions Version: 1.0.0 The skill bundle manages decentralized identities but stores unencrypted private keys in 'kms.json' within the '$HOME/.openclaw/billions' directory, which is a significant security risk. While the code demonstrates high-quality input sanitization—specifically using 'shell-quote' and 'execFileSync' in 'scripts/shared/utils.js' to prevent shell injection—the lack of encryption at rest for sensitive cryptographic material is a major vulnerability. The behavior appears aligned with its stated purpose for the Billions Network, and the instructions in 'SKILL.md' include helpful safety guardrails for the agent, but the handling of secrets necessitates a suspicious classification.

能力标签

cryptorequires-walletrequires-sensitive-credentials

能力评估

ℹ Purpose & Capability

Name/description (DIDs, sign/verify, link) align with the included scripts: identity creation, signing, pairing links, and verification. The openclaw CLI and node are required as declared in SKILL.md metadata. However, the implementation persists private keys in plaintext under $HOME/.openclaw/billions/kms.json which is functionally related to the purpose but increases risk and should be explicitly highlighted to users.

ℹ Instruction Scope

Runtime instructions are narrowly scoped to running the provided node scripts and sending messages via openclaw. The scripts read/write files in $HOME/.openclaw/billions, call the openclaw CLI to send messages, and perform network calls to Billions network endpoints and a DID resolver. They do not attempt to read unrelated system state or require unrelated credentials, but they do generate and store long-lived cryptographic material and include callbacks that will expose signed tokens to external endpoints (attestation-relay.billions.network and wallet.billions.network).

ℹ Install Mechanism

There is no built-in install spec — SKILL.md instructs running npm install in scripts/, which will pull public npm packages (package-lock included). This is a moderate supply-chain surface: dependencies include multiple iden3/PolygonID libraries and some git+https entries. No arbitrary binary downloads from unknown hosts are present, but npm install will bring many transitive packages (AGPL-licensed components are present).

⚠ Credentials

No environment variables are requested, which is appropriate. But the skill stores sensitive private keys unencrypted in $HOME/.openclaw/billions/kms.json (KeysFileStorage), accessible to anyone with filesystem access to the account. It also writes other identity state to $HOME/.openclaw/billions. Persisting raw private keys locally is disproportionate from a security standpoint unless the user understands and accepts this tradeoff.

⚠ Persistence & Privilege

The skill persists long-lived credential material and identity state to $HOME/.openclaw/billions outside the agent workspace. It does not request elevated platform privileges or set always:true, but the creation of plaintext private-key files is a persistent privilege that increases the blast radius if an account is compromised.

版本历史

v1.0.0

DryptoBillions v1.0.0 – Initial Release - Provides tools for Billions/Iden3 authentication and decentralized identity management for agents. - Supports creation, storage, and linking of agent and human DIDs. - Includes commands for identity creation, challenge generation, signing, linking, and signature verification. - Enforces strict guardrails to prevent unauthorized cryptographic operations or manual overrides. - Stores all sensitive identity data in a designated directory for compatibility and security.

元数据

Slug dryptobillions

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题

DryptoBillions 是什么？

Billions/Iden3 authentication and identity management tools for agents. Link, proof, sign, and verify. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 62 次。

如何安装 DryptoBillions？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install dryptobillions」即可一键安装，无需额外配置。

DryptoBillions 是免费的吗？

是的，DryptoBillions 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

DryptoBillions 支持哪些平台？

DryptoBillions 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 DryptoBillions？

由 Adhamelswesy（@adhamelswesy）开发并维护，当前版本 v1.0.0。

DryptoBillions