Archon Cashu
WarnAudited by ClawScan on May 10, 2026.
Overview
The Cashu wallet purpose is coherent, but the backup script appears to upload wallet data to IPFS without encryption despite saying it is encrypted.
Review this skill carefully before installing. Avoid the backup feature until encryption-before-upload is implemented and verified. If you use other wallet features, use a dedicated low-balance wallet, pin or preinstall the keymaster dependency, inspect the missing messaging helper, and confirm every recipient, amount, mint URL, and optional LNbits payment key before running commands.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent following SKILL.md could pass the wrong values to financial commands, causing failed operations or unintended inbox redemption behavior.
These primary instructions conflict with the included scripts' own parsing, where send.sh and lock.sh expect DID first and amount second, while receive.sh scans the inbox rather than receiving a token argument.
./scripts/cashu/send.sh <amount> <recipient-did> ... ./scripts/cashu/receive.sh <token> ... ./scripts/cashu/lock.sh <amount> <did>
Fix SKILL.md to match the scripts, and require a clear user confirmation showing recipient DID, amount, mint, and action before any send, lock, receive, or mint operation.
A user may trust the backup as encrypted when the artifact shows wallet data being packaged without encryption, potentially exposing spendable wallet proofs.
The script claims the backup is encrypted, but the visible implementation creates a plain tar.gz before upload and shows no encryption command before IPFS storage.
# Encrypts cashu wallet proofs ... echo "🔐 Uploading encrypted backup to IPFS..." ... tar -czf "$TARBALL" -C "$BACKUP_DIR" .
Do not use the backup feature until encryption is implemented and verified before any local temporary storage, IPFS upload, or vault reference is created.
If the IPFS CID, local temp file, or node storage is exposed, wallet proofs or wallet metadata could be recoverable and funds could be at risk.
The backup flow copies the full Cashu wallet directory and sends the resulting archive to the local IPFS API, with no visible encryption or clear retention/access boundary.
cp -r "$CASHU_WALLET_DIR" "$BACKUP_DIR/cashu-wallet" ... curl -s -X POST "http://localhost:5001/api/v0/add" -F "file=@${TARBALL}"Encrypt backups locally with a user-controlled key before creating any tarball or IPFS object, restrict temp-file permissions, and document exactly where backup data is stored.
A compromised or changed npm package could run with access to Archon wallet environment variables and dmail/token context.
The script loads wallet configuration first, then runs an unpinned npm package through npx --yes at runtime, allowing package changes to execute in a sensitive wallet environment.
source "$SCRIPT_DIR/config.sh" > /dev/null 2>&1 ... npx --yes @didcid/keymaster refresh-dmail
Pin the @didcid/keymaster version, install it through a reviewed dependency path, and run it with the minimum environment variables needed.
Users cannot verify from these artifacts how sent tokens are delivered over dmail.
The financial send path hands tokens to a sibling messaging helper that is not included in the provided file manifest, so that transport code is outside this review context or the command will fail.
MESSAGING_DIR="$(cd "$SCRIPT_DIR/../messaging" && pwd)" ... RESULT=$("$MESSAGING_DIR/send.sh" "$RECIPIENT_DID" "$SUBJECT" "$BODY" 2>&1)Include and review the messaging helper with this skill, or document the required companion skill and its exact trusted version.
Compromise or misuse of this skill's runtime could affect DID keys, wallet access, and ecash operations.
The skill explicitly requires access to the Archon wallet path and passphrase, which is expected for DID-locked Cashu operations but is high-impact credential authority.
requires: env: - ARCHON_WALLET_PATH - ARCHON_PASSPHRASE - ARCHON_CASHU_CONFIG
Use a dedicated low-balance wallet, protect the passphrase environment, and avoid exposing these variables to unrelated tools.