Verified Agent Identity
v0.1.1Billions decentralized identity for agents. Link agents to human identities using Billions ERC-8004 and Attestation Registries. Verify and generate authentic...
⭐ 0· 126·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (Billions/iden3 DID management) matches the included scripts and libraries. Required binary (node) and npm dependencies (ethers, iden3, polygonid SDKs) are expected for DID creation, signing, and JWS packing.
Instruction Scope
Runtime instructions are explicit (npm install then run specific scripts). Scripts read/write identity and key files under $HOME/.openclaw/billions and perform network calls to a small set of project-related domains (resolver.privado.id, billions.network, identity-dashboard.billions.network, attestation-relay.billions.network). This is within scope for an identity skill, but users must be aware the skill stores private keys and posts auth request messages to the project's shortener service.
Install Mechanism
No platform install spec is present; the SKILL.md instructs running npm install in the scripts/ directory which will pull dependencies from the public npm registry (package-lock.json is included and packages are pinned). This is expected for a node-based tool but has the usual supply-chain considerations (npm packages will be downloaded and executed locally). No obscure or untrusted download URLs are used.
Credentials
The skill manifest lists no required env vars, and the code only checks HOME and an optional BILLIONS_NETWORK_MASTER_KMS_KEY. The optional master KMS key controls on-disk encryption of private keys; without it keys may be stored as plaintext in $HOME/.openclaw/billions/kms.json. Requesting no other unrelated credentials is appropriate for the stated purpose.
Persistence & Privilege
always=false and the skill does not attempt to modify other skills or system-wide configuration. It persists sensitive data (private keys, identities, challenges) under $HOME/.openclaw/billions, which is a reasonable place to keep identity material but increases the value of those files if the host is compromised. The skill can be invoked autonomously by the agent (platform default); combined with stored keys that increases the operational risk if the agent is allowed to act without human consent.
Assessment
This skill appears to implement exactly what it claims: local DID/key management and challenge signing for the Billions/iden3 system. Before installing:
- Review and trust the Billions domains used (billions.network, identity-dashboard.billions.network, attestation-relay.billions.network, resolver.privado.id). The skill sends request payloads to the project shortener and resolver.
- Protect private keys: set BILLIONS_NETWORK_MASTER_KMS_KEY in the skill config or environment to enable AES-256-GCM encryption of keys on disk. Without this, keys are stored as plain hex in $HOME/.openclaw/billions/kms.json.
- Be aware you must run npm install which will fetch packages from the public npm registry; vet package versions if you have supply-chain concerns.
- Decide whether the agent should be allowed to invoke these scripts autonomously. By default the platform allows autonomous invocation; if you want explicit human approval before signing/linking, restrict automatic invocation or require a manual flow.
- If you need higher assurance, inspect the included scripts yourself (they are present in the package) and confirm the shortener/callback endpoints and attestation constants are acceptable.
If any of the above is unacceptable (e.g., you cannot ensure the master key is set or you do not trust the remote endpoints), do not install or run the scripts until those concerns are addressed.Like a lobster shell, security has layers — review code before you run it.
latestvk97ea6rdvb8ab9mdf2x0tac3ad834dxz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsnode