← 返回 Skills 市场
rayc0

Openclaw Pqsafe

作者 rayc0 · GitHub ↗ · v0.1.0 · MIT-0
macoslinuxwindows ⚠ suspicious
54
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install pqsafe-pay-v1
功能描述
Post-quantum signed SpendEnvelopes for AI agent payments. ML-DSA-65 (NIST FIPS 204) signatures over Airwallex, Wise, Stripe, USDC-Base, and x402 rails.
使用说明 (SKILL.md)

PQSafe Post-Quantum Payment Skill (pqsafe.pay.v1)

Post-quantum signed SpendEnvelopes for AI agent payments. ML-DSA-65 (NIST FIPS 204) signatures over Airwallex, Wise, Stripe, USDC-Base, and x402 rails.

Quick Start

npm install @pqsafe/openclaw

import { OpenClawClient } from "@openclaw/sdk";
import "@pqsafe/openclaw"; // registers pqsafe.pay.v1

const claw = new OpenClawClient();

const envelope = await claw.invoke("pqsafe.pay.v1/create_envelope", {
  agentId:   "agent_my_bot_v1",
  payerId:   "payer_usr_abc123",
  maxAmount: "100.00",
  currency:  "USD",
  rail:      "wise",
  expiresAt: "2026-12-31T23:59:59Z",
});

Set PQSAFE_TEST_MODE=true for local development — no real keys or network calls required.

Operations

Operation Description
create_envelope Issue a new ML-DSA-65 signed SpendEnvelope with spend cap, rail, and expiry
verify_envelope Verify signature integrity, expiry, nonce uniqueness, and key ID validity
revoke_envelope Append envelope ID to the real-time revocation list (append-only, timestamped)

Security Model

  • HSM-backed signing keys — ML-DSA-65 private keys are generated and stored in hardware security modules; they never leave the PQSafe key service
  • Single-use nonce — each envelope carries a 256-bit random nonce; replay attacks are rejected at the verify layer
  • Expiry enforced in signed payloadexpiresAt is part of the signed content; an attacker cannot extend expiry without invalidating the signature
  • Real-time revocation listrevoke_envelope appends to a low-latency revocation list checked on every verify_envelope call
  • Append-only audit log — all create, verify, and revoke events are timestamped and written to an immutable audit log
  • JCS-canonical signing — payload serialized in JSON Canonicalization Scheme form (RFC 8785) before signing, eliminating signature ambiguity from key ordering or whitespace variation

Supported Rails

Rail Status Currency
airwallex LIVE sandbox Multi-currency (real test transfers)
wise LIVE sandbox 40+ fiat currencies (real test transfers)
stripe mock-ready USD + 135 others
usdc-base mock-ready USDC
x402 mock-ready USDC + ETH

LIVE sandbox = validated end-to-end with sandbox rails. Mock-ready = SpendEnvelope creation and verification are fully functional; live rail integration is in progress.

ML-DSA-65 Parameters

Parameter Value
Standard NIST FIPS 204
Security level NIST Level 3
Public key size 1,952 bytes
Secret key size 4,032 bytes
Signature size 3,309 bytes
Hardness assumption Module-LWE + Module-SIS

Links

License

Apache-2.0 — Security disclosures: [email protected]

安全使用建议
Review this skill before installing for production payments. Confirm whether it is supposed to use PQSAFE_API_KEY/HSM signing or local dsaSecretKey signing, and do not place private payment signing keys in agent-accessible inputs unless you have strict approval and logging controls. If you proceed, start with PQSAFE_TEST_MODE=true, pin the npm package version, use small spend caps, short expirations, recipient allowlists, and require human approval for create and revoke operations.
功能分析
Type: OpenClaw Skill Name: pqsafe-pay-v1 Version: 0.1.0 The skill bundle provides a legitimate implementation for post-quantum signed payment envelopes for AI agents using the ML-DSA-65 (NIST FIPS 204) standard. It enables agents to create, verify, and revoke 'SpendEnvelopes' for various payment rails like Wise and Stripe. Analysis of `src/index.ts` and `dist/index.js` confirms that cryptographic signing is performed locally using the `@noble/post-quantum` library, and sensitive secret keys are never exfiltrated to the PQSafe API (https://api.pqsafe.xyz/v1). The bundle is well-documented, includes a comprehensive test suite (`tests/skill.test.ts`), and shows no signs of malicious intent or prompt-injection vulnerabilities.
能力标签
cryptocan-make-purchasesrequires-oauth-tokenrequires-sensitive-credentials
能力评估
Purpose & Capability
The stated purpose and code are coherent for creating, verifying, and revoking signed payment SpendEnvelopes, but this is inherently high-impact because envelopes authorize agent spending.
Instruction Scope
The operation schemas include useful limits such as maxAmount, allowedRecipients, TTL, and rail, but the artifacts do not show an explicit human-approval gate before creating a spend envelope or revoking one.
Install Mechanism
The registry says there is no install spec, while SKILL.md and package files describe an npm plugin. This appears to be a standard npm install with no lifecycle scripts shown, but users should verify the package provenance.
Credentials
The registry/SKILL metadata declares PQSAFE_API_KEY and an HSM/key-ID model, while the runnable code requires a raw dsaSecretKey/dsaPublicKey as operation input for production signing.
Persistence & Privilege
Revocation is described as immediate/irreversible and sends a signed envelope plus optional reason to the PQSafe API; this is expected for revocation but can disclose payment metadata.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install pqsafe-pay-v1
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /pqsafe-pay-v1 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release
元数据
Slug pqsafe-pay-v1
版本 0.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Openclaw Pqsafe 是什么?

Post-quantum signed SpendEnvelopes for AI agent payments. ML-DSA-65 (NIST FIPS 204) signatures over Airwallex, Wise, Stripe, USDC-Base, and x402 rails. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 54 次。

如何安装 Openclaw Pqsafe?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install pqsafe-pay-v1」即可一键安装,无需额外配置。

Openclaw Pqsafe 是免费的吗?

是的,Openclaw Pqsafe 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Openclaw Pqsafe 支持哪些平台?

Openclaw Pqsafe 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(macos, linux, windows)。

谁开发了 Openclaw Pqsafe?

由 rayc0(@rayc0)开发并维护,当前版本 v0.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论