IQDB

v1.0.0

On-chain immutable data storage using IQ Labs tech stack (IQDB, hanLock, x402). Use when building Solana-based persistent storage, on-chain databases, tamper-evident records, password-encoded data, or paid file inscription. Triggers on tasks involving on-chain CRUD, Solana PDA storage, rolling hash verification, Hangul encoding, or HTTP 402 payment-gated inscription.

⭐ 0· 1k·0 current·0 all-time

byRocket@emanz1·duplicate of @emanz1/iqdb-onchain-storage

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for emanz1/iqdb.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "IQDB" (emanz1/iqdb) from ClawHub.
Skill page: https://clawhub.ai/emanz1/iqdb
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install emanz1/iqdb

ClawHub CLI

Package manager switcher

npx clawhub@latest install iqdb

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill describes on‑chain storage on Solana and therefore legitimately needs access to a signing keypair and RPC endpoints. However, the registry metadata declares no required environment variables or config paths, which contradicts the SKILL.md and references (which repeatedly instruct setting ANCHOR_WALLET, ANCHOR_PROVIDER_URL, NETWORK_URL and using a local keypair file). That mismatch is incoherent and misleading.

Instruction Scope

SKILL.md and the reference files instruct the user/agent to: read and use a Solana keypair file for signing, set and read environment variables, monkey‑patch SDK internals at runtime, run npm installs, and follow an installer curl command. These go beyond mere documentation and instruct accessing sensitive local files and modifying runtime modules—activities that should be explicitly declared and justified.

Install Mechanism

The skill is instruction‑only (no install spec) but the setup doc tells users to npm install several SDK packages (normal) and to run a Solana CLI installer via curl from https://release.anza.xyz/stable/install — that host is not a known official Solana release URL and represents a high‑risk install instruction if followed. Recommending downloads from unknown domains is a red flag.

Credentials

Functionality legitimately requires a signing keypair and RPC credentials (ANCHOR_WALLET, ANCHOR_PROVIDER_URL, NETWORK_URL), but the registry lists none. The skill's instructions expect access to sensitive secrets (wallet keypair JSON) and RPC tokens/endpoints; those should be declared in metadata and minimized. The hanLock section explicitly warns it's not secure (XOR), which is transparent but not a substitute for encryption.

✓

Persistence & Privilege

The skill does not request always:true and is user‑invocable only. It does not claim to modify other skills or global agent settings. Autonomous invocation is allowed (platform default) but is not combined with other high‑privilege flags here.

What to consider before installing

Before installing or running this skill: 1) Treat it as needing a Solana signing keypair and RPC access — do not use your main wallet; use a disposable/burner wallet for testing. 2) Verify the referenced npm packages and program IDs independently (search npm, GitHub, and Solana explorer for @iqlabs‑official/solana-sdk, @iqlabsteam/iqdb and the listed program IDs). 3) Do NOT run curl installers from unknown domains (the setup references release.anza.xyz); prefer official Solana install sources. 4) Inspect the actual npm packages you install (look for malicious postinstall scripts) or vendor the code in an isolated environment. 5) Ask the skill author for source/homepage and for metadata to declare required env vars/config paths (ANCHOR_WALLET, ANCHOR_PROVIDER_URL, NETWORK_URL). 6) If you must proceed, run only read operations first (no writes), and monitor any network endpoints the tool talks to. These steps will reduce risk and let you validate that the implementation matches its claims.

Like a lobster shell, security has layers — review code before you run it.

latestvk9712mbg05xr7vyzkbfedtbcx980v0by

1kdownloads

0stars

1versions

Updated 1mo ago

v1.0.0

MIT-0

IQDB On-Chain Storage (Code-In Tech)

Overview

Build on-chain relational databases on Solana using IQ Labs' tech stack. Three tools:

IQDB — Full CRUD relational database on Solana via Anchor PDAs. Tables, rows, rolling keccak hash for tamper-evident history.
hanLock — Password-based Hangul syllabic encoding (base-11172). Lightweight data encoding for on-chain privacy. Zero dependencies.
x402 — HTTP 402 payment-gated file inscription to Solana. Quote → Pay (USDC/SOL) → Broadcast chunk transactions → Download.

Quick Start

Prerequisites

Node.js 18+
Solana CLI (solana --version)
A Solana wallet with devnet SOL (solana airdrop 2)

Network Support

Mainnet: Fully supported. Program ID: 9KLLchQVJpGkw4jPuUmnvqESdR7mtNCYr3qS4iQLabs (via @iqlabs-official/solana-sdk).
Devnet: Supported via legacy SDK (@iqlabsteam/iqdb). Program: 7Vk5JJDxUBAaaAkpYQpWYCZNz4SVPm3mJFSxrBzTQuAX.

Install (New Official SDK — recommended)

npm install @iqlabs-official/solana-sdk @solana/web3.js

Install (Legacy SDK — devnet only)

npm install @iqlabsteam/iqdb @coral-xyz/anchor @solana/web3.js

Environment Variables (Legacy SDK)

ANCHOR_WALLET=/path/to/keypair.json    # Required — Solana keypair for signing
ANCHOR_PROVIDER_URL=https://api.devnet.solana.com  # Required — RPC for writes
NETWORK_URL=https://api.devnet.solana.com  # Required — RPC for reads (must match ANCHOR_PROVIDER_URL)

Legacy SDK note: Set NETWORK_URL to match ANCHOR_PROVIDER_URL. The SDK uses separate connections for reads and writes.

RPC Note: Public Solana RPCs rate-limit aggressively. Add 2-3 second delays between rapid transactions on mainnet. Use a dedicated RPC provider (Helius, Alchemy, QuickNode) for production.

Minimal Example — New SDK (Mainnet)

const { Connection, Keypair, SystemProgram, PublicKey } = require('@solana/web3.js');
const { writer, reader, setRpcUrl, contract } = require('@iqlabs-official/solana-sdk');

// Monkey-patch for Node v24 Buffer compatibility
const seedModule = require('@iqlabs-official/solana-sdk/dist/sdk/utils/seed');
const origFn = seedModule.toSeedBytes;
seedModule.toSeedBytes = (v) => Buffer.from(origFn(v));

setRpcUrl('https://api.mainnet-beta.solana.com');
const connection = new Connection('https://api.mainnet-beta.solana.com', 'confirmed');

// Write a row (requires root + table initialized first — see references/iqdb-core.md)
const sig = await writer.writeRow(
  connection, signer, 'my-db-root', 'players',
  JSON.stringify({ name: 'Alice', score: '1500', level: '12' })
);

// Read rows
const rows = await reader.readTableRows(tablePda);

Minimal Example — Legacy SDK (Devnet)

// Use CommonJS — the SDK bundles CJS internally
const { createIQDB } = require('@iqlabsteam/iqdb');

const iqdb = createIQDB();

// Ensure root PDA exists (idempotent)
await iqdb.ensureRoot();

// Create a table (idempotent — use ensureTable over createTable)
await iqdb.ensureTable('players', ['name', 'score', 'level'], 'name');

// Write a row — data must be a JSON STRING, not an object
await iqdb.writeRow('players', JSON.stringify({
  name: 'Alice', score: '1500', level: '12'
}));

// Read all rows — requires userPubkey as string
const rows = await iqdb.readRowsByTable({
  userPubkey: 'YOUR_WALLET_PUBKEY',
  tableName: 'players'
});
console.log(rows);

Architecture

Root PDA (per wallet)
  └── Table PDA (per table name)
       └── Rows stored as transaction data
            └── hash: keccak(domain || prev_hash || tx_data)

Root PDA — One per wallet. Initialized via ensureRoot().
Table PDA — Created via ensureTable() or createTable(). Has column schema and ID column.
Rows — Written as JSON strings via writeRow(). Append-only — each write is a new transaction.
Rolling hash — Each write appends to an immutable hash chain. Enables tamper detection without full replication.

Core Operations

See references/iqdb-core.md for full API.

Operation	Method	Cost
Init root	`contract.initializeDbRootInstruction()` / `ensureRoot()`	~0.01 SOL rent
Create table	`contract.createTableInstruction()` / `ensureTable()`	~0.02 SOL rent
Write row	`writer.writeRow()` / `iqdb.writeRow()`	~0.005-0.01 SOL
Read rows	`reader.readTableRows()` / `readRowsByTable()`	Free (RPC read)
Update/Delete	`pushInstruction(table, txSig, before, after)`	TX fee only
Extension table	`createExtTable(base, rowId, extKey, cols, idCol?)`	~0.02 SOL rent

Cost reference (mainnet): Root + 3 tables + 5 data rows = ~0.09 SOL total.

Important Constraints

Row data size limit: Keep row JSON under ~100 bytes. The on-chain program enforces a transaction size limit (TxTooLong error). For larger data, split across multiple rows or use hanLock sparingly (encoded output is larger than input).
Append-only writes: writeRow always appends. Use pushInstruction for updates/deletes.
pushInstruction writes to instruction log, not row data. readRowsByTable returns raw rows and does NOT reflect updates/deletes from pushInstruction. To see the full picture including corrections, use searchTableByName which returns both rows (raw) and instruRows/targetContent (instruction history). Your application must apply instruction corrections on top of raw rows.
CommonJS required: The SDK uses dynamic require() internally. Use .cjs files or "type": "commonjs" in package.json. ESM imports will fail.

hanLock Encoding

See references/hanlock.md for full API.

Encode data with a password before writing on-chain for lightweight privacy:

const { encodeWithPassword, decodeWithPassword } = require('hanlock');

const encoded = encodeWithPassword('short secret', 'mypassword');
// → Korean syllable string like "깁닣뭡..."

// Write encoded data on-chain
await iqdb.writeRow('secrets', JSON.stringify({ owner: 'Alice', data: encoded }));

// Later — decode
const decoded = decodeWithPassword(encoded, 'mypassword');
// → 'short secret'

Note: hanLock encoding expands data size (~3x). Keep input short to stay within the on-chain row size limit.

x402 Payment Flow

See references/x402-payments.md for full API.

Payment-gated file inscription to Solana:

Quote — POST /quote with file metadata → get price in USDC/SOL
Pay — Send payment transaction to provided address
Inscribe — POST /inscribe with payment proof → file chunked into Solana transactions
Download — GET /download/:txId → reconstruct file from on-chain chunks

Use Cases

Discord RPG Bot — On-chain character persistence, provable item ownership, immutable game state
Governance — Tamper-evident proposal/vote storage with rolling hash audit trail
Compliance logs — Verifiable edit history for call center records
Paid storage — Monetize data inscription via x402

References

IQ Labs SDK — Official Solana SDK (mainnet)
@iqlabsteam/iqdb — Legacy SDK (devnet)
hanLock — Hangul syllabic encoding
Solana Web3.js — Solana client library

Comments

Loading comments...