功能描述

Query and trade perpetual futures through LiberFi's unified perpetuals API (openapi-server → perpetuals-server, Hyperliquid in MVP): list coins and markets,...

使用说明 (SKILL.md)

LiberFi Perpetuals

Name: Liberfi Perpetuals
Author: bombmod

Perpetuals data and signed order relay flow via LiberFi OpenAPI (/v1/perpetuals/… → perpetuals-server).

Pre-flight

See bootstrap.md for CLI install and lfi ping.

Read endpoints (coins, markets, orderbook, …): no auth.
User-scoped reads (positions, orders, fills): pass the wallet address (0x) as the positional argument. For first-person queries ("我的持仓", "my positions", etc.), the skill MUST auto-resolve the user's TEE EVM address via lfi status → lfi login key (if needed) → lfi whoami → use the returned evmAddress. NEVER ask the user for an address — the TEE wallet is server-managed and the user does not know it.
Order writes (order-prepare / order-submit, cancel variants): require a user wallet to sign typed data; agents must not fabricate signatures.
Deposit (recommended deposit-place): requires authentication (lfi status then lfi login key) — the server's TEE wallet signs and broadcasts on the user's behalf. The atomic deposit-quote / deposit-submit escape hatches do not require auth but the caller is then responsible for signing the SOL tx and broadcasting it themselves.

Skill routing

User intent	Skill
Spot swap, bridge, gas send	liberfi-swap
Trending spot tokens, new listings	liberfi-market
Polymarket / Kalshi	liberfi-predict
Spot token audit, DEX pools for a token	liberfi-token
Perp markets, HL-style orderbook, perp positions	liberfi-perpetuals
Funding the perp account (Solana → Hyperliquid via Relay), checking deposit lifecycle	liberfi-perpetuals
Spot wallet holdings on a chain (not perp account)	liberfi-portfolio

CLI index

Command	Description
`lfi perpetuals coins`	List tradable perp coins
`lfi perpetuals markets`	Market snapshots (`--symbols` optional)
`lfi perpetuals market \x3Csymbol>`	Single market
`lfi perpetuals orderbook \x3Csymbol>`	L2 book (`--max-level`)
`lfi perpetuals trades \x3Csymbol>`	Recent trades (`--limit`)
`lfi perpetuals klines \x3Csymbol>`	Candles (`--interval` required)
`lfi perpetuals positions \x3Caddress>`	Positions + margin summary
`lfi perpetuals orders \x3Caddress>`	Open orders
`lfi perpetuals fills \x3Caddress>`	Fill history
`lfi perpetuals order-prepare`	Build typed data for place order
`lfi perpetuals order-submit --body '\x3Cjson>'`	Submit signed place order
`lfi perpetuals cancel-prepare`	Build typed data for cancel
`lfi perpetuals cancel-submit --body '\x3Cjson>'`	Submit signed cancel
`lfi perpetuals deposit-place --gross-lamports \x3Cn>`	Recommended: TEE one-click Solana → Hyperliquid deposit (server quotes, signs, broadcasts, submits). Auth required.
`lfi perpetuals deposit-quote --user-solana-address \x3Ca> --hyperliquid-recipient \x3Ca> --gross-lamports \x3Cn>`	Escape hatch step 1: returns unsigned SOL tx + breakdown. Caller signs + broadcasts within ~30s, then calls `deposit-submit`.
`lfi perpetuals deposit-submit --body '\x3Cjson>'`	Escape hatch step 2: record the broadcasted SOL tx hash. Idempotent on `solanaTxHash`.
`lfi perpetuals deposit-status \x3CintentId> [--refresh]`	Read deposit lifecycle. `--refresh` bypasses any server-side cache (server-reserved knob; today both endpoints behave identically).

Common flags: --provider \x3Cname> (e.g. hyperliquid), global --json.

Funding / Deposit (Solana → Hyperliquid via Relay)

The deposit pipeline moves SOL from the user's Solana wallet to the user's Hyperliquid perp account via the Relay bridge service. The recommended path is the one-click TEE auto-flow:

Authenticate (only first time): lfi status --json; if not logged in, lfi login key --role AGENT --name "\x3Cagent>" --json.
Confirm intent with the user (amount in SOL, recipient if non-default).
Place: lfi perpetuals deposit-place --gross-lamports \x3Clamports> --json
- lamports = SOL × 1_000_000_000 (1 SOL = 1e9 lamports).
- --hyperliquid-recipient is optional — defaults to the user's TEE EVM address (lfi whoami evmAddress), which is what 99% of users want.
Capture the returned intentId and solanaTxHash.
Poll: lfi perpetuals deposit-status \x3CintentId> --json until status is settled (typical: 30–120 s).

Server returns status: "broadcasted" immediately after step 3; the reconciliation loop progresses through relay_waiting → relay_pending → settled (or failed_* states). On failure consult the statusHistory[] and lastError fields for the recoverable / non- recoverable distinction.

For the atomic escape-hatch flow (when the user controls their own SOL private key outside the TEE, or recovering from a partial failure where the SOL tx has been broadcasted but submit did not succeed), see reference/deposit-flow.md.

Typical flows

Market overview

lfi perpetuals markets --json
Present symbol, mark price, funding where present.

Depth + tape

lfi perpetuals orderbook BTC --json
lfi perpetuals trades BTC --limit 20 --json

Positions for a known wallet

lfi perpetuals positions 0xYourAddr --json

"My ..." auto-flow (CRITICAL — covers "我的", "my", "我自己")

If the user says "我有什么永续持仓", "我的合约持仓", "my perp positions", "我在 Hyperliquid 上挂了哪些单", "我永续盈亏", "show my fills" or any first-person variant — DO NOT ask for a wallet address. Run this exact sequence:

Check session: lfi status --json
If not authenticated: lfi login key --role AGENT --name "OpenClawAgent" --json
Fetch TEE wallet address: lfi whoami --json → returns evmAddress (the user's TEE EVM address managed by the LiberFi server).
Run the matching query with the EVM address as the positional arg:
- Positions: lfi perpetuals positions \x3CevmAddress> --json
- Open orders: lfi perpetuals orders \x3CevmAddress> --json
- Fill history: lfi perpetuals fills \x3CevmAddress> --limit 20 --json
Present the result. If positions / orders / fills are empty, say so directly — do not retry with a different address; an empty result is the correct answer for a fresh TEE wallet.

The user does not know their EVM address — the LiberFi server holds the TEE wallet. The skill must resolve "我" → TEE wallet via whoami, transparently.

Place order (human-in-the-loop)

lfi perpetuals order-prepare --user-address 0x… --symbol BTC --side long --order-type limit --amount 0.01 --price 95000 --json
User signs returned typedData with their wallet (e.g. MetaMask eth_signTypedData_v4).
Build SignedAction: action, nonce, signature (0x), optional vaultAddress from prepare response.
After explicit confirmation: lfi perpetuals order-submit --body '{"action":…,"nonce":…,"signature":"0x…"}' --json

API path reminder

All CLI calls hit OpenAPI paths under /v1/perpetuals/…, which the gateway proxies to perpetuals-server /v1/…. Configure the gateway with UPSTREAM_PERPETUALS_SERVICE_BASE_URL (default local example: http://localhost:8083 — avoid colliding with openapi :8080 and prediction :8082; run perpetuals-server with SERVER_PORT=8083 when colocated).

安全使用建议

This skill claims to be a LiberFi perpetuals helper and largely documents the correct CLI flows, but it contains risky runtime instructions: it tells the agent to install a global npm package without asking, to retry registries and assert the package exists, and to perform agent-mode logins that create/use credentials. Before installing or enabling this skill you should: (1) refuse automatic installs — require explicit, per-install user consent for any npm -g action; (2) verify the CLI package on npmjs.org and that the package owner/publisher matches LiberFi (check package page, tarball, and repository); (3) request the skill author/source/homepage or the CLI repository to inspect code and confirm authenticity; (4) require that the agent ask the user before any login that creates agent credentials or before any deposit/order-submit operation; (5) run the skill in an isolated environment (sandbox/container) first to observe behavior; and (6) prefer to allow only read-only commands by default and block any automatic global installs or automatic agent login flows. If you want to proceed, ask the author for an explicit install spec (signed release URL or verified package) and a way to opt into performing the lfi login interactively rather than automatically.

功能分析

Type: OpenClaw Skill Name: liberfi-perpetuals Version: 1.1.1 The skill bundle for 'liberfi-perpetuals' is classified as suspicious due to instructions in SKILL.md that command the agent to automatically install a global NPM package (@liberfi.io/cli) without user consent and to perform automated logins (lfi login key) to access server-managed TEE wallets. While these actions are aligned with the stated purpose of trading on LiberFi, the 'silent' installation and automated credential handling represent significant security risks and high-privilege operations that bypass typical user confirmation steps.

能力标签

cryptorequires-walletrequires-sensitive-credentials

能力评估

ℹ Purpose & Capability

Name/description match the allowed lfi commands and the SKILL.md focuses on perpetuals market data, orders, and deposits. However, the skill omits any declared install step while the instructions require installing a global npm package (@liberfi.io/cli) and using privileged agent login flows; those runtime requirements are not captured in the manifest and are not obviously necessary to declare at install time.

⚠ Instruction Scope

SKILL.md explicitly instructs the agent to install the CLI unilaterally ('install it WITHOUT asking the user') and to run agent-mode login (lfi login key --role AGENT --name "OpenClawAgent") to resolve the user's TEE wallet. It also tells the agent to auto-resolve the TEE EVM address and never ask the user for it. These are sensitive operations (global installs, credential provisioning, automated logins) outside a simple query/formatting scope and grant the agent significant capability to alter the host environment and to authenticate.

⚠ Install Mechanism

There is no registry install spec in the skill metadata; instead the SKILL.md instructs runtime installation via npm install -g @liberfi.io/cli from the public registry. Installing an npm package globally at runtime is a moderate-to-high risk action when performed without explicit user consent. The SKILL.md further instructs to retry with a specific registry URL and to assert that the package exists even if installation fails, which is suspicious guidance for an unattended install.

⚠ Credentials

The manifest lists no required environment variables or credentials, but the instructions expect the agent to run login flows that will create or use credentials (TEE wallet, LiberFi JWT) and to perform signing flows. Asking the agent to create an 'AGENT' key and act as an agent identity is a privileged action not reflected in required env/config metadata and is disproportionate for a simple read/query skill unless the user explicitly consents.

⚠ Persistence & Privilege

always:false (good) but the instructions enable persistent changes: global npm install, creating an agent login/credential, and using the TEE wallet via automated resolution. Those produce lasting system-side effects and credentials. Autonomous invocation combined with the instruction to auto-install and auto-login increases blast radius if the agent acts without user confirmation.

版本历史

v1.1.1

Auto-resolve TEE evmAddress for first-person perp queries (positions/orders/fills)

v1.1.0

Add deposit one-click flow + reference doc + e2e tests

v1.0.0

Initial release of LiberFi Perpetuals skill. - Enables querying and trading perpetual futures via LiberFi's unified perpetuals API. - Supports market/coin listings, order books, trades, K-lines, and wallet-linked positions, orders, and fills. - Implements two-phase signed order and cancel flows for secure trading. - Requires CLI tool (`lfi`/`liberfi`); auto-installs if missing. - Designed exclusively for perp venue data and trading—routes other intents to relevant LiberFi skills.

元数据

Slug liberfi-perpetuals

版本 1.1.1

许可证 MIT-0

累计安装 1

当前安装数 1

历史版本数 3

常见问题