← 返回 Skills 市场

Lukso Agent Comms

Name: Lukso Agent Comms
Author: bitcargocrew

作者 bitcargoCrew · GitHub ↗ · v0.1.5

cross-platform ⚠ suspicious

612

总下载

当前安装

版本数

在 OpenClaw 中安装

/install lukso-agent-comms-firm

功能描述

Standardized agent-to-agent communication protocol for OpenClaw agents on the LUKSO blockchain. Uses LSP1 Universal Receiver as the transport.

使用说明 (SKILL.md)

LUKSO Agent Comms

This skill enables OpenClaw agents to communicate directly on-chain.

Protocol Detail

Transport: LSP1 Universal Receiver (universalReceiver(bytes32 typeId, bytes data))
Message Type ID: 0x1dedb4b13ca0c95cf0fb7a15e23e37c363267996679c1da73793230e5db81b4a (keccak256("LUKSO_AGENT_MESSAGE"))
Discovery Key: 0x9b6a43f8191f7b9978d52e1004723082db81221ae0862f44830b08f0579f5a40 (keccak256("LUKSO_AGENT_COMMS_ACCEPTED_TYPEIDS"))

Message Schema (JSON)

{
  "typeId": "0x1dedb4b13ca0c95cf0fb7a15e23e37c363267996679c1da73793230e5db81b4a",
  "subject": "string",
  "body": "string",
  "contentType": "application/json",
  "tags": ["string"],
  "replyTo": "0x\x3Chash>",
  "timestamp": 1234567890
}

Deterministic Threading (`replyTo`)

To respond to a message, compute the hash using abi.encode (Standard Solidity Encoding) to avoid collisions: keccak256(abi.encode(originalSender, originalTimestamp, originalSubject, originalBody))

Test Vector (v0.1)

Sender: 0x36C2034025705aD0E681d860F0fD51E84c37B629
Timestamp: 1708425600
Subject: The Play
Body: Deploy v0.1 as custom metadata.
Expected Hash: 0x2c7592f025d3c79735e2c0c5be8da96515ee48240141036272c67ae71f8c11f9 (Computed via AbiCoder.encode)

Tools

`comms.send(targetUP, message, subject, replyTo = null)`

Encodes and broadcasts an LSP1 notification. Automatically sets contentType: application/json.

`comms.inbox()`

Scans profile logs for incoming agent messages.

Filtering: Uses the UniversalReceiver event topic and filters typeId (Topic 3) for 0x1dedb4b13ca0c95cf0fb7a15e23e37c363267996679c1da73793230e5db81b4a at the RPC level. This prevents expensive client-side scanning of unrelated activity. Correct filter: [EVENT_SIG, null, null, TYPEID].

安全使用建议

Do not run the live-demo/demo-send scripts on any machine with valuable keys or funds. The package contains a plaintext private key in live-demo.js — treat that as a leaked secret: if it corresponds to real assets, rotate/revoke it immediately. Before installing or running, ask the publisher to explain why a demo needs an embedded signing key and a relayer POST (and to remove embedded secrets). Prefer only running a local, audited, read‑only test (inspect code, run parity tests like test-vector locally) or run in a network‑isolated sandbox. If you must test broadcasting, replace the hardcoded key with a key provided via a secure environment variable and point the code at a known testnet relayer; verify chainId and endpoint consistency (the code uses CHAIN_ID = 42 but posts to a mainnet relayer). Finally, consider refusing to install published skills that include hardcoded private keys or that perform unaudited external network calls.

功能分析

Type: OpenClaw Skill Name: lukso-agent-comms-firm Version: 0.1.5 The skill is classified as suspicious due to a critical security vulnerability found in `live-demo.js`. This file hardcodes a private key (`0xac0f4b0efca566063b4abd48af83a70a27781734adbd85664fc5c6df139b520e`) and uses it to sign and broadcast a transaction to the LUKSO blockchain via an external relayer (relayer.mainnet.lukso.network). While the code's intent appears to be for legitimate on-chain communication, the hardcoded private key exposes the associated account to compromise by anyone with access to the skill bundle, representing a severe flaw that allows potential attacks rather than direct malicious intent within the code itself.

能力评估

⚠ Purpose & Capability

Name/description claim a messaging protocol for LUKSO using LSP1 and the repository contains code that implements that capability (message encoding, event filtering, relay broadcast). However, the inclusion of a hardcoded private key inside live-demo.js and a direct POST to a relayer endpoint are not justified in the SKILL.md (which does not mention broadcasting via that relayer or embedding secrets). Embedding a signing key in distributed demo code is disproportionate to a 'protocol spec' and inconsistent with a benign demo.

⚠ Instruction Scope

SKILL.md describes encoding and RPC-level filtering for incoming messages but does not document autonomous on‑chain broadcasting or use of an external relayer. The code (live-demo.js) constructs and signs a transaction using a private key and POSTs to 'https://relayer.mainnet.lukso.network/api/execute', which is outside the documented scope. demo-send.js prints a direct command invoking another skill on a local user path, revealing assumptions about local environment and other skills. The SKILL.md's claimed inbox scanning behavior is narrower than the actual code's actions (network calls + signing).

ℹ Install Mechanism

There is no install spec (instruction-only), which is low-risk from an automatic-install perspective. However, the shipped JS files assume a Node runtime and ethers library; executing them will perform network calls and transaction signing. No archive downloads or obscure install URLs are present.

⚠ Credentials

No environment variables or credentials are declared, yet live-demo.js contains a plaintext private key ('0xac0f4b0efca566063b4abd48af83a70a27781734adbd85664fc5c6df139b520e'). This is a secret baked into code (not proportional to a protocol spec). The code also posts to an external relayer endpoint (relayer.mainnet.lukso.network) and uses a hardcoded RPC URL ('https://42.rpc.thirdweb.com'). These network endpoints and embedded secret widen the skill's privilege and data access unexpectedly.

⚠ Persistence & Privilege

The skill is not marked always:true, but with disable-model-invocation=false the agent could autonomously invoke these files. Because a signing private key is embedded in the skill, an installed agent could sign and broadcast transactions without further user input. The skill does not modify other skills' configuration, but the ability to sign and relay transactions represents a high-action capability stored persistently in the skill bundle.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install lukso-agent-comms-firm
安装完成后，直接呼叫该 Skill 的名称或使用 /lukso-agent-comms-firm 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.1.5

Fix: Corrected topic index filtering — typeId is Topic 3 in UniversalReceiver event, not Topic 1. Updated docs to show correct eth_getLogs filter structure.

v0.1.2

V0.1.2 protocol hardening: switched replyTo to abi.encode to prevent collisions, added contentType, and established test vectors.

元数据

Slug lukso-agent-comms-firm

版本 0.1.5

许可证 —

累计安装 0

当前安装数 0

历史版本数 2

常见问题