← Back to Skills Marketplace
mmchougule

b402 Private DeFi

by mmchougule · GitHub ↗ · v0.4.2 · MIT-0
cross-platform ⚠ suspicious
60
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install b402-private-defi
Description
Private DeFi for AI agents. Shield tokens into a Railgun ZK privacy pool, swap privately, lend into Morpho vaults for yield, and bridge cross-chain via LI.FI...
README (SKILL.md)

b402 — Private DeFi for AI Agents

Shield. Swap. Lend. Bridge. All private. All gasless.

b402 wraps Railgun's ZK privacy pool with an agent-friendly SDK and MCP server. On-chain observers see "RelayAdapt called a DEX" — not your wallet, not your strategy.

Install

npx b402-mcp@latest --claude

This generates a wallet at ~/.b402/wallet.json, patches your Claude Desktop config, and registers the MCP server. Fund the wallet with USDC on Base to start.

Tools

Tool What it does
check_pool_balance Show shielded balances, wallet state, vault positions
shield_usdc Move USDC into the Railgun privacy pool (gasless)
private_swap Swap tokens inside the pool via ZK proof (USDC↔WETH, etc.)
lend_privately Deposit into Morpho vault from pool (~4-8% APY)
redeem_privately Withdraw from Morpho vault back to pool
cross_chain_privately Private cross-chain transfer or swap via LI.FI (Base→Arb, etc.)
get_swap_quote Preview swap rates without executing
run_strategy Multi-step: swap + lend + reserve in one call

Example prompts

  • "Check my privacy pool balance"
  • "Shield 5 USDC into the pool"
  • "Swap 2 USDC to WETH privately"
  • "Privately send 1 USDC to 0xABC... on Arbitrum"
  • "Private cross-chain swap: 1 USDC from pool to ARB on Arbitrum, to 0xABC..."
  • "Lend 10 USDC in the steakhouse vault"
  • "Run a yield strategy: 30% WETH, 50% lend, 20% reserve"

How it works

Agent prompt → MCP tool call → b402-sdk
  → Railgun ZK proof (client-side, 10-30s)
  → RelayAdapt atomic tx (unshield → DeFi op → reshield)
  → On-chain: only RelayAdapt visible. No wallet linked.

Cross-chain: LI.FI routes through ~30 bridges + ~20 DEXes. Source and destination are unlinkable.

Supported chains

Chain ID Privacy pool Cross-chain
Base 8453 Yes (0% fee) Source + dest
Arbitrum 42161 Yes (0% fee) Dest only (v1)
BSC 56 Yes (0% fee) Dest only (v1)

SDK usage (for builders)

import { B402 } from '@b402ai/sdk'

const b402 = new B402({ privateKey: process.env.WORKER_PRIVATE_KEY! })

// Shield into privacy pool (gasless)
await b402.shieldFromEOA({ token: 'USDC', amount: '10' })

// Private swap inside pool
await b402.privateSwap({ from: 'USDC', to: 'WETH', amount: '5' })

// Private cross-chain (LI.FI routing)
await b402.privateCrossChain({
  toChain: 'arbitrum',
  fromToken: 'USDC',
  toToken: 'ARB',
  amount: '1',
  destinationAddress: '0x...',
})

// Private lend (Morpho vaults, 4-8% APY)
await b402.privateLend({ amount: '10', vault: 'steakhouse' })

Links

Usage Guidance
This skill is plausible for private DeFi, but it requires strong trust before you install or run it. Key things to consider before installing: 1) It asks for WORKER_PRIVATE_KEY — feeding a raw private key to any tool gives it full control over funds; prefer using ephemeral accounts or hardware signing if possible. 2) The installer (npx b402-mcp@latest) will create ~/.b402/wallet.json — confirm whether that file stores an unencrypted private key. 3) The installer will 'patch your Claude Desktop config' and 'register the MCP server' — understand exactly what config is changed and what network endpoints the MCP server opens (is it locally bound only, or exposed remotely?). 4) npx @latest runs code fetched at install-time: review the npm package source (b402-mcp) and the referenced GitHub repo before running; prefer pinned versions and inspect the package contents. 5) If you plan to proceed, test in an isolated environment (VM/container) with small amounts or a throwaway account first. Ask the publisher for: (a) a clear explanation of what 'patch Claude Desktop config' does, (b) whether ~/.b402/wallet.json is encrypted, (c) whether WORKER_PRIVATE_KEY is strictly required or optional, (d) the exact network interfaces/ports the MCP server binds to and whether it requires authentication, and (e) a pinned package release and reproducible build/source link so you can audit the code.
Capability Analysis
Type: OpenClaw Skill Name: b402-private-defi Version: 0.4.2 The b402-private-defi skill provides tools for privacy-preserving DeFi operations, including shielding tokens and cross-chain bridging. It requires a high-value secret (WORKER_PRIVATE_KEY) and performs 'untraceable' financial transactions, which are high-risk behaviors. While these actions are aligned with the stated purpose, the combination of private key handling and the installation of external code via 'npx b402-mcp' (SKILL.md) warrants a suspicious classification due to the potential for abuse or exploitation.
Capability Tags
cryptorequires-walletrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
Requiring node/npx and a private key is coherent for a DeFi SDK that must sign transactions. The declared npm package (b402-mcp) aligns with the described MCP server. However, the SKILL.md explicitly says the installer will 'patch your Claude Desktop config' and 'register the MCP server' which are not intrinsic to 'shield/swap/lend/bridge' operations and suggest broader system integration.
Instruction Scope
The SKILL.md instructs running npx b402-mcp@latest which will generate ~/.b402/wallet.json, patch Claude Desktop config, and register an MCP server. Those steps read/write user home files and modify another agent's configuration — actions outside the minimal scope of a DeFi SDK and that grant long-lived capabilities and persistence.
Install Mechanism
Installation uses an npm package (b402-mcp) which is a traceable registry source (moderate risk). However, the recommended npx @latest pattern downloads and runs whatever is published at runtime, which increases supply-chain risk compared to installing a pinned, reviewed release.
Credentials
The skill only declares a single required credential (WORKER_PRIVATE_KEY), which is appropriate for signing transactions. But the installer also writes a wallet file to disk (~/.b402/wallet.json) and patches desktop config — this implies storing private keys locally and giving the tool persistent access to the agent environment. The SKILL.md does not clarify whether the wallet file is encrypted, whether the env key is copied there, or why both a generated wallet and an env private key are needed.
Persistence & Privilege
The skill will persist credentials to disk and modify another agent's (Claude Desktop) configuration and 'register' an MCP server. Modifying other agent configs and registering services increases the blast radius and is outside the typical scope of a single-purpose skill.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install b402-private-defi
  3. After installation, invoke the skill by name or use /b402-private-defi
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.4.2
Initial release: private swap, lend, cross-chain via LI.FI, all gasless + ZK-private
Metadata
Slug b402-private-defi
Version 0.4.2
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is b402 Private DeFi?

Private DeFi for AI agents. Shield tokens into a Railgun ZK privacy pool, swap privately, lend into Morpho vaults for yield, and bridge cross-chain via LI.FI... It is an AI Agent Skill for Claude Code / OpenClaw, with 60 downloads so far.

How do I install b402 Private DeFi?

Run "/install b402-private-defi" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is b402 Private DeFi free?

Yes, b402 Private DeFi is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does b402 Private DeFi support?

b402 Private DeFi is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created b402 Private DeFi?

It is built and maintained by mmchougule (@mmchougule); the current version is v0.4.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 Comments