ClawHub

IQDB On-Chain Storage

v0.2.0

On-chain immutable data storage using IQ Labs tech stack (IQDB, hanLock, x402). Use when building Solana-based persistent storage, on-chain databases, tamper-evident records, password-encoded data, or paid file inscription. Triggers on tasks involving on-chain CRUD, Solana PDA storage, rolling hash verification, Hangul encoding, or HTTP 402 payment-gated inscription.

0· 1.1k·0 current·0 all-time
byRocket@emanz1

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for emanz1/iqdb-onchain-storage.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "IQDB On-Chain Storage" (emanz1/iqdb-onchain-storage) from ClawHub.
Skill page: https://clawhub.ai/emanz1/iqdb-onchain-storage
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install emanz1/iqdb-onchain-storage

ClawHub CLI

Package manager switcher

npx clawhub@latest install iqdb-onchain-storage
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill claims to provide on‑chain storage for Solana and references appropriate SDKs, program IDs, and payment flows — that part is coherent. However the registry metadata lists no required environment variables or credentials while the SKILL.md and references clearly instruct the user to supply a Solana keypair (ANCHOR_WALLET), RPC endpoints (ANCHOR_PROVIDER_URL/NETWORK_URL), and to sign transactions. The omission of those required credentials in the metadata is an inconsistency that could mislead users about the privileges the skill needs.
!
Instruction Scope
The runtime instructions explicitly instruct the user to use a local Solana keypair file (signing credentials), set RPC endpoints, install npm packages, and perform payments to third‑party payment addresses returned by an x402 service. They also recommend a monkey‑patch for SDK internals. These operations are within the domain of an on‑chain storage tool, but the instructions also reference installing a Solana CLI via a curl | sh installer hosted on release.anza.xyz (not the official Solana URL) and ask to handle private key files — both raise scope and safety concerns.
!
Install Mechanism
This is an instruction‑only skill (no automatic install), which reduces automatic risk. However the included docs recommend running npm installs (expected) and a curl-based installer for the Solana CLI from release.anza.xyz (a third‑party domain). Downloading and running an installer from an unfamiliar domain is high risk, and the docs do not point to official Solana release URLs.
!
Credentials
Functionally the skill needs access to a Solana keypair for signing and RPC credentials — appropriate for writing on‑chain. But the metadata declares no required env vars or primary credential while the documentation requires ANCHOR_WALLET and RPC URLs. That mismatch is significant: private key access is sensitive, and users should be explicitly informed. Also the docs mention using paid RPC providers (Helius, Alchemy, QuickNode) which may require API keys not documented here.
Persistence & Privilege
The skill does not request always:true, does not include an install spec that writes code automatically, and does not claim to modify other skills or system settings. It requires the user's wallet to sign transactions (expected privilege for on‑chain writes) but does not request persistent elevated platform privileges in the manifest.
What to consider before installing
This skill appears to implement an on‑chain Solana storage stack, but several red flags mean you should proceed cautiously: - The manifest lists no required credentials, yet the instructions require a Solana keypair (ANCHOR_WALLET) and RPC endpoints. Do not provide your private key to anything you haven't fully vetted. - The docs recommend installing the Solana CLI via a curl script from release.anza.xyz — do not run unknown curl | sh installers. Use official Solana installation sources only (verify upstream project pages). - The skill instructs you to monkey‑patch SDK internals. That can be fragile and hide behavior; prefer official SDK fixes or upstream guidance. - The x402 flow involves paying to addresses returned by a service; verify the payment endpoints and operator reputation before sending funds. Test everything on devnet with a throwaway wallet first. - Verify the provenance of npm packages (@iqlabs-official/solana-sdk, @iqlabsteam/iqdb, hanlock): check their npm publisher, GitHub repo, commit history, and program IDs onchain. Confirm the program IDs and package authors independently (e.g., on GitHub or published docs). If you plan to use this skill: test exclusively on devnet with a fresh test keypair, avoid running untrusted installers, and require the skill author/source (homepage or repository) and package fingerprints before using a real wallet or making payments.

Like a lobster shell, security has layers — review code before you run it.

latestvk97exsqa1x00smnspvnwgwhq5h80t9sr
1.1kdownloads
0stars
3versions
Updated 1mo ago
v0.2.0
MIT-0
Rocket@emanz1
latest
Download

IQDB On-Chain Storage (Code-In Tech)

Overview

Build on-chain relational databases on Solana using IQ Labs' tech stack. Three tools:

  • IQDB — Full CRUD relational database on Solana via Anchor PDAs. Tables, rows, rolling keccak hash for tamper-evident history.
  • hanLock — Password-based Hangul syllabic encoding (base-11172). Lightweight data encoding for on-chain privacy. Zero dependencies.
  • x402 — HTTP 402 payment-gated file inscription to Solana. Quote → Pay (USDC/SOL) → Broadcast chunk transactions → Download.

Quick Start

Prerequisites

  • Node.js 18+
  • Solana CLI (solana --version)
  • A Solana wallet with devnet SOL (solana airdrop 2)

Network Support

  • Mainnet: Fully supported. Program ID: 9KLLchQVJpGkw4jPuUmnvqESdR7mtNCYr3qS4iQLabs (via @iqlabs-official/solana-sdk).
  • Devnet: Supported via legacy SDK (@iqlabsteam/iqdb). Program: 7Vk5JJDxUBAaaAkpYQpWYCZNz4SVPm3mJFSxrBzTQuAX.

Install (New Official SDK — recommended)

npm install @iqlabs-official/solana-sdk @solana/web3.js

Install (Legacy SDK — devnet only)

npm install @iqlabsteam/iqdb @coral-xyz/anchor @solana/web3.js

Environment Variables (Legacy SDK)

ANCHOR_WALLET=/path/to/keypair.json    # Required — Solana keypair for signing
ANCHOR_PROVIDER_URL=https://api.devnet.solana.com  # Required — RPC for writes
NETWORK_URL=https://api.devnet.solana.com  # Required — RPC for reads (must match ANCHOR_PROVIDER_URL)

Legacy SDK note: Set NETWORK_URL to match ANCHOR_PROVIDER_URL. The SDK uses separate connections for reads and writes.

RPC Note: Public Solana RPCs rate-limit aggressively. Add 2-3 second delays between rapid transactions on mainnet. Use a dedicated RPC provider (Helius, Alchemy, QuickNode) for production.

Minimal Example — New SDK (Mainnet)

const { Connection, Keypair, SystemProgram, PublicKey } = require('@solana/web3.js');
const { writer, reader, setRpcUrl, contract } = require('@iqlabs-official/solana-sdk');

// Monkey-patch for Node v24 Buffer compatibility
const seedModule = require('@iqlabs-official/solana-sdk/dist/sdk/utils/seed');
const origFn = seedModule.toSeedBytes;
seedModule.toSeedBytes = (v) => Buffer.from(origFn(v));

setRpcUrl('https://api.mainnet-beta.solana.com');
const connection = new Connection('https://api.mainnet-beta.solana.com', 'confirmed');

// Write a row (requires root + table initialized first — see references/iqdb-core.md)
const sig = await writer.writeRow(
  connection, signer, 'my-db-root', 'players',
  JSON.stringify({ name: 'Alice', score: '1500', level: '12' })
);

// Read rows
const rows = await reader.readTableRows(tablePda);

Minimal Example — Legacy SDK (Devnet)

// Use CommonJS — the SDK bundles CJS internally
const { createIQDB } = require('@iqlabsteam/iqdb');

const iqdb = createIQDB();

// Ensure root PDA exists (idempotent)
await iqdb.ensureRoot();

// Create a table (idempotent — use ensureTable over createTable)
await iqdb.ensureTable('players', ['name', 'score', 'level'], 'name');

// Write a row — data must be a JSON STRING, not an object
await iqdb.writeRow('players', JSON.stringify({
  name: 'Alice', score: '1500', level: '12'
}));

// Read all rows — requires userPubkey as string
const rows = await iqdb.readRowsByTable({
  userPubkey: 'YOUR_WALLET_PUBKEY',
  tableName: 'players'
});
console.log(rows);

Architecture

Root PDA (per wallet)
  └── Table PDA (per table name)
       └── Rows stored as transaction data
            └── hash: keccak(domain || prev_hash || tx_data)
  • Root PDA — One per wallet. Initialized via ensureRoot().
  • Table PDA — Created via ensureTable() or createTable(). Has column schema and ID column.
  • Rows — Written as JSON strings via writeRow(). Append-only — each write is a new transaction.
  • Rolling hash — Each write appends to an immutable hash chain. Enables tamper detection without full replication.

Core Operations

See references/iqdb-core.md for full API.

OperationMethodCost
Init rootcontract.initializeDbRootInstruction() / ensureRoot()~0.01 SOL rent
Create tablecontract.createTableInstruction() / ensureTable()~0.02 SOL rent
Write rowwriter.writeRow() / iqdb.writeRow()~0.005-0.01 SOL
Read rowsreader.readTableRows() / readRowsByTable()Free (RPC read)
Update/DeletepushInstruction(table, txSig, before, after)TX fee only
Extension tablecreateExtTable(base, rowId, extKey, cols, idCol?)~0.02 SOL rent

Cost reference (mainnet): Root + 3 tables + 5 data rows = ~0.09 SOL total.

Important Constraints

  • Row data size limit: Keep row JSON under ~100 bytes. The on-chain program enforces a transaction size limit (TxTooLong error). For larger data, split across multiple rows or use hanLock sparingly (encoded output is larger than input).
  • Append-only writes: writeRow always appends. Use pushInstruction for updates/deletes.
  • pushInstruction writes to instruction log, not row data. readRowsByTable returns raw rows and does NOT reflect updates/deletes from pushInstruction. To see the full picture including corrections, use searchTableByName which returns both rows (raw) and instruRows/targetContent (instruction history). Your application must apply instruction corrections on top of raw rows.
  • CommonJS required: The SDK uses dynamic require() internally. Use .cjs files or "type": "commonjs" in package.json. ESM imports will fail.

hanLock Encoding

See references/hanlock.md for full API.

Encode data with a password before writing on-chain for lightweight privacy:

const { encodeWithPassword, decodeWithPassword } = require('hanlock');

const encoded = encodeWithPassword('short secret', 'mypassword');
// → Korean syllable string like "깁닣뭡..."

// Write encoded data on-chain
await iqdb.writeRow('secrets', JSON.stringify({ owner: 'Alice', data: encoded }));

// Later — decode
const decoded = decodeWithPassword(encoded, 'mypassword');
// → 'short secret'

Note: hanLock encoding expands data size (~3x). Keep input short to stay within the on-chain row size limit.

x402 Payment Flow

See references/x402-payments.md for full API.

Payment-gated file inscription to Solana:

  1. QuotePOST /quote with file metadata → get price in USDC/SOL
  2. Pay — Send payment transaction to provided address
  3. InscribePOST /inscribe with payment proof → file chunked into Solana transactions
  4. DownloadGET /download/:txId → reconstruct file from on-chain chunks

Use Cases

  • Discord RPG Bot — On-chain character persistence, provable item ownership, immutable game state
  • Governance — Tamper-evident proposal/vote storage with rolling hash audit trail
  • Compliance logs — Verifiable edit history for call center records
  • Paid storage — Monetize data inscription via x402

References

Comments

Loading comments...