ClawHub

Bloomfilter

Search, register, and manage domains via Bloomfilter x402 API - pay with USDC on Base

MIT-0 · Free to use, modify, and redistribute. No attribution required.
1 · 266 · 0 current installs · 0 all-time installs
byErons@eronmmer
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill is a domain registration/DNS management integration that charges via an on-chain x402 payment flow; requesting an EVM_PRIVATE_KEY (primary credential) is consistent with programmatic SIWE authentication and client-side signing of x402 payment authorizations.
Instruction Scope
SKILL.md stays within the domain-registration scope (endpoints, SIWE auth, x402 payment flow). It explicitly states that cryptographic signing happens locally and that all requests go to api.bloomfilter.xyz, but those are declarative guarantees the runtime must enforce — the document does not supply technical enforcement or code, so you must trust the agent runtime and the endpoint.
Install Mechanism
Instruction-only skill with no install spec or downloaded artifacts, so nothing is written to disk by the skill itself. This is the lowest-risk install mechanism.
Credentials
Only EVM_PRIVATE_KEY is required, which is proportional to the described payment+SIWE flows. However this is a high-value credential capable of signing on-chain actions; requiring a raw private key is risky and users should prefer local signing via secure wallet providers or use a dedicated wallet with limited funds.
Persistence & Privilege
The skill does not request always:true, does not declare system-wide changes, and is instruction-only. It will likely store an access token/JWT for the session (expected) but does not ask to modify other skills or system configs.
Assessment
This skill appears to do what it says (register/search/manage domains and charge in USDC on Base), but it requires your EVM_PRIVATE_KEY — a very sensitive credential. Before installing: 1) Verify you trust Bloomfilter (review their docs and website). 2) Confirm that your agent/runtime truly performs signing locally and will not transmit the private key to remote servers. 3) Prefer alternatives: use a wallet-provider integration (WalletConnect or hardware wallet) or an ephemeral wallet seeded with only the USDC needed for operations. 4) Limit exposure: keep only a small USDC balance in the key you provide, test with a small transaction, and review the x402/EIP-3009 flow (signed authorizations can be submitted by recipients). 5) If you cannot confirm local signing or are uncomfortable providing a raw private key, do not install/enable this skill.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.2
Download zip
ai-agentsvk97f1c50dff2tq4a3hd3yesfv981xtt9dnsvk97f1c50dff2tq4a3hd3yesfv981xtt9domainsvk97f1c50dff2tq4a3hd3yesfv981xtt9latestvk97f1c50dff2tq4a3hd3yesfv981xtt9usdcvk97f1c50dff2tq4a3hd3yesfv981xtt9web3vk97f1c50dff2tq4a3hd3yesfv981xtt9x402vk97f1c50dff2tq4a3hd3yesfv981xtt9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
EnvEVM_PRIVATE_KEY
Primary envEVM_PRIVATE_KEY

SKILL.md

Bloomfilter - Domain Registration API

Base URL: https://api.bloomfilter.xyz

Paid endpoints use the x402 payment protocol. The API returns HTTP 402 with payment details - your x402-compatible HTTP client handles payment automatically.

EVM_PRIVATE_KEY is used locally by the agent's x402 HTTP client (@x402/axios or @x402/fetch) to sign EIP-3009 TransferWithAuthorization messages for USDC payments and to sign EIP-4361 SIWE messages for authentication. The private key never leaves the local machine and is never sent to any server. All cryptographic signing happens client-side in the agent runtime.

DNS and account endpoints require authentication via SIWE (Sign-In With Ethereum). Authenticate once, then pass the JWT as a Bearer token.

Authentication (SIWE)

GET /auth/nonce -> Returns { nonce, domain, uri, chainId, version, expiresIn }

POST /auth/verify Body: { "message": "<EIP-4361 SIWE message>", "signature": "0x..." } -> Returns { accessToken, refreshToken, walletAddress }

POST /auth/refresh Body: { "refreshToken": "..." } -> Returns new { accessToken, refreshToken }

POST /auth/revoke (requires Bearer token) -> Revokes all sessions for the authenticated wallet

Domain Search & Pricing (free, no auth)

GET /domains/search?query=example&tlds=com,io,xyz -> Returns availability and pricing for each TLD. The tlds parameter is optional.

GET /domains/pricing -> Returns pricing for all supported TLDs

GET /domains/pricing/:tld -> Returns pricing for a single TLD (e.g., /domains/pricing/com)

Domain Registration (x402 - dynamic pricing)

POST /domains/register Body: { "domain": "example.com", "years": 1 } years defaults to 1 if omitted. Optional: "dns_records": [{ "type": "A", "host": "@", "value": "1.2.3.4" }] Supported dns_records types: A, AAAA, CNAME, MX, TXT, SRV, CAA Each record also accepts optional "ttl" (300-86400, default 3600) and "priority" (for MX/SRV) -> First call returns 402 with exact price. Retry with x402 payment to complete. -> Returns 201 on success, or 202 with a job ID for async provisioning.

POST /domains/renew Body: { "domain": "example.com", "years": 1 } years defaults to 1 if omitted. -> Same two-phase x402 flow as registration.

Domain Info (free, no auth)

GET /domains/:domain -> Returns domain status, expiry, nameservers, lock/privacy state. Note: Only works for domains registered through Bloomfilter.

Job Status (free, no auth)

GET /domains/status/:jobId -> Poll for async registration status. Returns 200 (done), 202 (pending), or 500 (failed).

DNS Management (requires Bearer token)

Mutations cost $0.10 USDC each (x402). Listing is free.

IMPORTANT: Always add, update, or delete DNS records one at a time (sequentially, not in parallel). After registering a new domain, wait at least 30 seconds before adding DNS records — the DNS zone may not be ready immediately.

GET /dns/:domain -> List all DNS records

POST /dns/:domain Body: { "type": "A", "host": "@", "value": "1.2.3.4" } Optional: "ttl" (300-86400, default 3600), "priority" (for MX/SRV) Supported types: A, AAAA, CNAME, MX, TXT, NS, SRV, CAA

PUT /dns/:domain/:recordId Body: { "host": "@", "value": "5.6.7.8" } At least one field required. Optional: host, value, ttl, priority.

DELETE /dns/:domain/:recordId -> Deletes the record

Account (requires Bearer token, free)

GET /account -> Account summary (wallet, domain count, total spent)

GET /account/domains?limit=50&offset=0 -> Paginated list of owned domains

GET /account/transactions?limit=50&offset=0 -> Paginated transaction history

Notes

  • All paid requests require an x402-compatible HTTP client with USDC on Base (chain ID 8453)
  • WHOIS privacy is enabled by default on all registrations
  • Docs: https://docs.bloomfilter.xyz

External Endpoints

URLData SentPurpose
https://api.bloomfilter.xyz/*Domain queries, DNS records, wallet addressDomain search, registration, DNS management

No data is sent anywhere else. All requests go to the Bloomfilter API only.

Security & Privacy

  • Your EVM_PRIVATE_KEY never leaves your local machine — it is used locally to sign x402 payment authorizations and SIWE messages
  • The API receives your wallet address (derived from the key) but never the private key itself
  • WHOIS privacy is enabled by default on all registrations — your identity is never exposed in public WHOIS records
  • All API communication is over HTTPS

Trust

This skill connects to api.bloomfilter.xyz to register ICANN domains and manage DNS records. Payments are made in USDC on Base via the x402 protocol. Your private key stays local. Install only if you trust Bloomfilter (https://bloomfilter.xyz) as a domain registration provider.

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…