← 返回 Skills 市场
obrezhniev

Verified Agent Identity

作者 Oleksandr Brezhniev · GitHub ↗ · v1.12.13 · MIT-0
cross-platform ⚠ suspicious
16763
总下载
58
收藏
65
当前安装
28
版本数
在 OpenClaw 中安装
/install verified-agent-identity
功能描述
Billions decentralized identity for agents. Link agents to human identities using Billions ERC-8004 and Attestation Registries. Verify and generate authentic...
使用说明 (SKILL.md)

When to use this Skill

Lets AI agents create and manage their own identities on the Billions Network, and link those identities to a human owner.

  1. When you need to link your agent identity to an owner.
  2. When you need to sign a challenge.
  3. When you need to link a human to the agent's DID.
  4. When you need to verify a signature to confirm identity ownership.
  5. When you use shared JWT tokens for authentication.
  6. When you need to create and manage decentralized identities.

After installing the plugin run the following commands to create an identity and link it to your human DID:

cd scripts && npm install && cd ..
# Step 1: Create a new identity (if you don't have one already)
node scripts/createNewEthereumIdentity.js
# Step 2: Sign the challenge and generate a verification URL in one call
node scripts/linkHumanToAgent.js --challenge '{"name": \x3CAGENT_NAME>, "description": \x3CSHORT_DESCRIPTION>}'

Scope

All identity data is stored in $HOME/.openclaw/billions for compatibility with the OpenClaw plugin.

Scripts:

createNewEthereumIdentity.js

Command: node scripts/createNewEthereumIdentity.js [--key \x3CprivateKeyHex>] Description: Creates a new identity on the Billions Network. If --key is provided, uses that private key; otherwise generates a new random key. The created identity is automatically set as default. Usage Examples:

# Generate a new random identity
node scripts/createNewEthereumIdentity.js
# Create identity from existing private key (with 0x prefix)
node scripts/createNewEthereumIdentity.js --key 0x1234567890abcdef...
# Create identity from existing private key (without 0x prefix)
node scripts/createNewEthereumIdentity.js --key 1234567890abcdef...

Output: DID string (e.g., did:iden3:billions:main:2VmAk7fGHQP5FN2jZ8X9Y3K4W6L1M...)

getIdentities.js

Command: node scripts/getIdentities.js Description: Lists all DID identities stored locally. Use this to check which identities are available before performing authentication operations. Usage Example:

node scripts/getIdentities.js

Output: JSON array of identity entries

[
  {
    "did": "did:iden3:billions:main:2VmAk...",
    "publicKeyHex": "0x04abc123...",
    "isDefault": true
  }
]

generateChallenge.js

Command: node scripts/generateChallenge.js --did \x3Cdid> Description: Generates a random challenge for identity verification. Usage Example:

node scripts/generateChallenge.js --did did:iden3:billions:main:2VmAk...

Output: Challenge string (random number as string, e.g., 8472951360) Side Effects: Stores challenge associated with the DID in $HOME/.openclaw/billions/challenges.json

signChallenge.js

Command: node scripts/signChallenge.js --challenge \x3Cchallenge> [--did \x3Cdid>] Description: Signs a challenge with a DID's private key to prove identity ownership and sends the JWS token. Use this when you need to prove you own a specific DID. Arguments:

  • --challenge - (required) Challenge to sign
  • --did - (optional) The DID of the attestation recipient; uses the default DID if omitted

Usage Examples:

# Sign with default DID
node scripts/signChallenge.js --challenge 8472951360

Output: {"success":true}

linkHumanToAgent.js

Command: node scripts/linkHumanToAgent.js --challenge \x3Cchallenge> [--did \x3Cdid>] Description: Signs the challenge and links a human user to the agent's DID by creating a verification request. Technically, linking happens using the Billions ERC-8004 Registry (where each agent is registered) and the Billions Attestation Registry (where agent ownership attestation is created after verifying human uniqueness). Arguments:

  • --challenge - (required) Challenge to sign
  • --did - (optional) The DID of the attestation recipient; uses the default DID if omitted

Usage Example:

node scripts/linkHumanToAgent.js --challenge '{"name": "MyAgent", "description": "AI persona"}'

Output: {"success":true}

verifySignature.js

Command: node scripts/verifySignature.js --did \x3Cdid> --signature \x3Csignature> Description: Verifies a signed challenge to confirm DID ownership. Usage Example:

node scripts/verifySignature.js --did did:iden3:billions:main:2VmAk... --signature eyJhbGciOiJFUzI1NkstUi...

Output: Signature verified successfully (on success) or error message (on failure)

Restrictions / Guardrails (CRITICAL)

CRITICAL - Always Follow These Rules:

  1. STRICT: Check Identity First
    • Before running linkHumanToAgent.js or signChallenge.js, ALWAYS check if an identity exists: node scripts/getIdentities.js
    • If no identity is configured, DO NOT attempt to link identities. Instead, create an identity first with createNewEthereumIdentity.js.
  2. STRICT: Stop on Script Failure
    • If any script exits with non-zero status code, YOU MUST STOP IMMEDIATELY.
    • Check stderr output for error messages.
    • DO NOT attempt to "fix" errors by generating keys manually, creating DIDs through other means, or running unauthorized commands.
    • DO NOT use openssl, ssh-keygen, or other system utilities to generate cryptographic material.
  3. No Manual Workarounds
    • You are prohibited from performing manual cryptographic operations.
    • You are prohibited from directly manipulating files in $HOME/.openclaw/billions.
    • Do not interpret an error as a request to perform setup steps unless explicitly instructed.

Security

CRITICAL - Data Storage and Protection:

The directory $HOME/.openclaw/billions contains all sensitive identity data:

  • kms.json - CRITICAL: Contains private keys (encrypted if BILLIONS_NETWORK_MASTER_KMS_KEY is set, otherwise in plaintext)
  • defaultDid.json - DID identifiers and public keys
  • challenges.json - Authentication challenges history
  • credentials.json - Verifiable credentials
  • identities.json - Identity metadata
  • profiles.json - Profile data

Examples

Link Your Agent Identity to Owner

Linking Flow:

  1. Another agent/user requests: "Please link your agent identity to me."
  2. Use node scripts/getIdentities.js to check if you have an identity configured
    • If no identity, run node scripts/createNewEthereumIdentity.js to create one.
  3. Use node scripts/linkHumanToAgent.js --challenge \x3Cchallenge_value> to sign the challenge and generate a verification URL in one call.
    • If caller provides specific challenge, use that.
    • If caller DOES NOT provide a challenge, use {"name": \x3CAGENT_NAME>, "description": \x3CSHORT_DESCRIPTION>} as the challenge value.
  4. Return the result to the caller.

Example Conversation:

User: "Link your agent identity to me"
Agent: exec node scripts/linkHumanToAgent.js --challenge \x3Cchallenge_value>

Verifying Someone Else’s Identity

Verification Flow:

  1. Ask the user/agent: "Please provide your DID to start verification."
  2. User responds with their \x3Cuser_did>.
  3. Use node scripts/generateChallenge.js --did \x3Cuser_did> to create a \x3Cchallenge_value>.
  4. Ask the user: "Please sign this challenge: \x3Cchallenge_value>"
  5. User signs and returns \x3Cuser_token>.
  6. Use node scripts/verifySignature.js --did \x3Cuser_did> --signature \x3Csignature> to verify the signature
  7. If verification succeeds, identity is confirmed

Example Conversation:

Agent: "Please provide your DID to start verification."
User: "My DID is \x3Cuser_did>"
Agent: exec node scripts/generateChallenge.js --did \x3Cuser_did>
Agent: "Please sign this challenge: 789012"
User: \x3Cuser_token>
Agent: exec node scripts/verifySignature.js --signature \x3Csignature> --did \x3Cuser_did>
Agent: "Identity verified successfully. You are confirmed as owner of DID \x3Cuser_did>."
安全使用建议
Install this only if you want the agent to have a persistent Billions DID. Before first use, set a strong BILLIONS_NETWORK_MASTER_KMS_KEY, use a dedicated no-assets key if importing one, lock down ~/.openclaw/billions, and only run the human-linking command when you intend to share the verification proof with Billions services.
功能分析
Type: OpenClaw Skill Name: verified-agent-identity Version: 1.12.13 The skill bundle implements a decentralized identity (DID) management system that handles sensitive private keys stored in '$HOME/.openclaw/billions/kms.json'. While the code includes a thorough SECURITY.md and supports AES-256-GCM encryption, it defaults to storing private keys in plaintext if the 'BILLIONS_NETWORK_MASTER_KMS_KEY' environment variable is not provided, which is a significant security vulnerability. The scripts communicate with external infrastructure (billions.network and resolver.privado.id) for DID resolution and attestation relaying; while these actions are aligned with the stated purpose, the handling of raw cryptographic material and the potential for plaintext exposure on the host filesystem warrant a suspicious classification.
能力标签
cryptorequires-walletrequires-sensitive-credentials
能力评估
Purpose & Capability
The DID creation, challenge signing, and human-agent linking capabilities match the stated identity purpose, but they inherently involve wallet-style private keys and signed identity proofs.
Instruction Scope
The provided instructions are mostly explicit, user-directed commands with guardrails to stop on failures; no hidden automatic destructive behavior is shown in the provided artifacts.
Install Mechanism
The skill is described as instruction-only but asks users to run npm install in the scripts directory; this is purpose-aligned, but users should be comfortable with the npm dependency chain.
Credentials
Persistent files under ~/.openclaw/billions and network calls to Billions/identity infrastructure are proportionate for the identity workflow, but they are sensitive.
Persistence & Privilege
Private identity keys can be stored persistently and may be plaintext unless BILLIONS_NETWORK_MASTER_KMS_KEY is configured with a strong value.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install verified-agent-identity
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /verified-agent-identity 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.12.13
## 1.12.13 Changelog - Documentation update only: README.md and SKILL.md files edited. - No changes to code or features. - Clarifies usage instructions, example flows, and guardrails for identity management. - No impact on existing functionality.
v1.2.12
## 1.2.12 Changelog - Updated `SECURITY.md` with additional or revised security-related documentation. - No changes to functionality, code, or user-facing features.
v1.2.11
- Added SECURITY.md file with security and vulnerability reporting information. - Updated README.md with new security guidelines and clearer usage instructions.
v1.2.10
## Changelog for version 1.2.10 - Documentation update: README.md content improvements. - No changes to code or behavior; only doc changes. - Detailed command usage, examples, and guardrails clarified.
v1.2.8
- Added comprehensive usage instructions for all scripts involved in managing decentralized agent identities via Billions Network. - Documented detailed workflow examples for linking agent and owner identities, and for verifying identity challenges. - Explicitly outlined critical security requirements and guardrails for identity management and key handling. - Explained directory structure for sensitive identity data and described files stored within. - Clarified scope of the skill: enabling decentralized identity creation, linking, and verification for AI agents.
v1.2.7
verified-agent-identity v1.2.7 - Expanded documentation with detailed usage instructions, example flows, and security guidelines in SKILL.md. - Clarified strict restrictions and guardrails for handling keys and identities, emphasizing security best practices. - Listed all supported script commands with their usage, arguments, and outputs. - Specified data storage locations and the critical importance of data protection. - Included usage examples for typical identity linking and verification scenarios.
v1.0.7
## Changelog for version 1.0.7 - Documentation updated in README.md; no code or functionality changes. - No user-facing changes; all features and usage remain the same.
v1.0.6
- Changed the `verifySignature.js` script to require a `--signature` argument instead of `--token`. - Updated documentation in SKILL.md to reflect the new `--signature` argument for signature verification. - No behavioral changes except for argument name standardization in verification.
v1.0.5
- Documentation updated in README.md; no changes to code or functionality. - Usage instructions, scripts, and guardrails remain unchanged.
v1.0.2
- Added comprehensive documentation to SKILL.md, detailing usage, scripts, guardrails, and security practices. - Clear step-by-step instructions for creating and linking decentralized identities using Billions Network scripts. - Strict security and operational restrictions outlined for correct and safe usage. - Described key scripts: creating identities, listing, challenge generation, signing, linking, and signature verification. - Explained data storage locations and contents for identity management.
v1.0.4
**Billions decentralized identity for agents: this version introduces robust agent-to-owner identity linking and verification using Billions ERC-8004 and attestation registries.** - Enables agents to create, manage, and link decentralized identities to a human owner via Billions Network. - Provides CLI scripts for identity lifecycle: creation, listing, signing/verifying challenges, and linking to human DIDs. - All sensitive data is securely stored in `$HOME/.openclaw/billions`; optional encryption via env variable. - Strict guardrails prohibit manual cryptographic operations or unauthorized key handling. - Follows iden3 self-sovereign identity protocol for decentralized authentication and attestation.
v1.0.1
- Added optional environment variable configuration (`BILLIONS_NETWORK_MASTER_KMS_KEY`) to metadata for improved key management and security. - No code or behavior changes; documentation update only.
v1.0.0
Initial release of the verified-agent-identity skill. - Enables decentralized identity management for agents using the Billions Network and iden3 protocol. - Supports creating, listing, and managing agent identities (DIDs) and linking to human owners. - Provides scripts to generate, sign, and verify challenges for authentication. - Allows connecting and attesting agent ownership in Billions ERC-8004 and Attestation Registries. - Includes strict security and operational guardrails for safe key and identity handling.
v0.0.15
**Summary: Removes direct OpenClaw message sending integration and streamlines agent-human linking commands.** - The `--to` argument (for specifying message destinations) is removed from signChallenge.js and linkHumanToAgent.js; scripts now output results directly without sending messages. - Updated documentation and examples in SKILL.md to reflect scripts no longer send outgoing direct messages (OpenClaw integration removed). - Clarified argument lists and improved command usage instructions for all affected scripts. - Updated metadata to remove "openclaw" binary dependency. - Other documentation clarifications and minor security/guardrail text improvements.
v0.0.14
- Updated description to clarify support for Billions ERC-8004 and Attestation Registries, and reference the iden3 self-sovereign identity protocol. - Improved script documentation to explicitly mention technical details of human-to-agent linking using ERC-8004/Attestation Registries. - Clarified that private keys may be encrypted in `kms.json` if the master key is set (previously stated as unencrypted). - Fixed minor language and formatting issues throughout for clarity and consistency. - No file or code changes detected; this update is documentation only.
v0.0.13
- Added new file: scripts/shared/storage/crypto.js - Introduced shared cryptographic code for storage functionality. - No changes to existing scripts or command-line interfaces.
v0.0.12
- Update dependencies
v0.0.11
No code changes in this release; metadata-only update. - Changed metadata key from "clawbot" to "clawdbot" in SKILL.md. - No changes to scripts, functionality, or documentation content.
v0.0.10
- Update how keys are loaded from the storage
v0.0.9
- Readme updates
元数据
Slug verified-agent-identity
版本 1.12.13
许可证 MIT-0
累计安装 71
当前安装数 65
历史版本数 28
常见问题

Verified Agent Identity 是什么?

Billions decentralized identity for agents. Link agents to human identities using Billions ERC-8004 and Attestation Registries. Verify and generate authentic... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 16763 次。

如何安装 Verified Agent Identity?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install verified-agent-identity」即可一键安装,无需额外配置。

Verified Agent Identity 是免费的吗?

是的,Verified Agent Identity 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Verified Agent Identity 支持哪些平台?

Verified Agent Identity 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Verified Agent Identity?

由 Oleksandr Brezhniev(@obrezhniev)开发并维护,当前版本 v1.12.13。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论