ClawHub

Ika Move

v1.0.0

Guide for integrating Ika dWallet 2PC-MPC protocol into Sui Move contracts. Use when building Move contracts that need cross-chain signing, dWallet creation,...

0· 81·0 current·0 all-time
byOmer Sadika@omersadika
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the SKILL.md content: it is a developer guide for integrating Ika dWallet 2PC-MPC into Sui Move contracts. The only required binary is 'sui', which is appropriate for Move/Sui development. Declared dependencies and homepage references (ika.xyz, GitHub repo paths in examples) align with the stated purpose.
Instruction Scope
The instructions are detailed and stay within integration tasks (Move examples, TypeScript SDK flows, DKG, presigns, signing, key import). They explicitly show handling of private key material and saving user secret shares (e.g., userSecretKeyShare, privateKey bytes, acceptEncryptedUserShare, and irreversible conversion to shared mode). This is expected for a dWallet/key-management integration, but it means the guide instructs developers to handle sensitive material—users should take care to keep these secrets local and verify SDK/repo provenance before following these steps.
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing is downloaded or written to disk by the skill itself. This is low risk from an installation perspective. The guide references installing @ika.xyz/sdk via pnpm, which is appropriate for the TypeScript examples but happens outside the skill.
Credentials
The skill requests no environment variables or credentials, which is appropriate. However, the documented flows require developers to supply sensitive artifacts (seed-derived encryption keys, privateKey bytes, saved userSecretKeyShare) to the SDK and Move transactions. Those requirements are proportional to the functionality but carry real secret-handling risk if misused or sent to untrusted systems.
Persistence & Privilege
The skill is not always-included and is user-invocable; it does not request persistent privileges or modify other skills or global agent settings. Autonomous invocation is allowed by platform default but there are no extra persistence demands.
Scan Findings in Context
[no_regex_findings] expected: The static scanner found no regex matches; that's expected because this is an instruction-only skill (no code files to scan). Absence of findings is not proof of safety—review the instructions manually (done above).
Assessment
This guide appears to be internally consistent for integrating Ika dWallet with Sui Move. Before using it: (1) verify the provenance of the @ika.xyz/sdk package and the referenced GitHub repository (dwallet-labs/ika) to ensure you are using the authentic project; (2) run all development work on testnet first; (3) be cautious when following flows that ask you to handle or persist secret material (privateKey, userSecretKeyShare, seeds). Keep those secrets on devices and systems you control and never paste them into untrusted consoles or share them with third parties; (4) note that converting a dWallet to shared mode is irreversible per the docs—understand the implications before performing that operation; (5) audit any addresses/package IDs used in Move calls (PACKAGE_ID, coordinator object IDs, network encryption key IDs) so transactions target expected contracts rather than attacker-controlled addresses.

Like a lobster shell, security has layers — review code before you run it.

latestvk972fbkcm55bkkbep55zh113tx83bzz3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📜 Clawdis
Binssui

Comments