ClawHub

GoodWallet

Security

Crypto wallet for sending, swapping, trading perps, betting on Polymarket, earning DeFi yield, and signing across EVM, Solana, Bitcoin, Doge, and XRP. Use when the user asks about wallets, balances, sending tokens, swaps, trades, bets, vaults, or signing.

Install

openclaw skills install goodwallet

Goodwallet

Crypto wallet CLI. Run goodwallet --help for the latest commands, flags, chains, and usage.

Setup

This skill assumes the goodwallet CLI is installed globally and available in PATH. If not, install it via npm. Do NOT use npx. Always use the globally installed binary.

Updates

After any goodwallet command, an "Update Available" or "Major Update Available" block may appear at the end of output. When it does you MUST surface it to the user, ask whether to upgrade, and run goodwallet update if they agree. Do not silently ignore it.

Rules

  • Summarize outcomes in plain language; don't dump raw CLI output unless asked.
  • Never fabricate values. Only report what the CLI returns.
  • Read before write: inspect balances/quotes/positions before proposing any state-changing action.
  • Confirm before executing any command that moves funds or creates exposure: send, swap --execute, trade --deposit/--withdraw/--market, bet --deposit/--withdraw/--market, earn --deposit/--withdraw, and every sign command.
  • Don't reveal internal wallet details unless the user asks.

Auth

  1. goodwallet auth — show the returned URL to the user.
  2. goodwallet auth --pair — run immediately; polls until the browser flow completes.
  3. goodwallet auth --logout — disconnect.

Signing Safety

All credentials and MPC key shares are stored locally at ~/.config/goodwallet/. No full private key ever exists — only a single MPC key share is stored on device. Signing uses 2-party MPC with a remote co-signer at sign.goodwallet.etoro.com (operated by GoodDollar). The agent API at agent.goodwallet.etoro.com issues signing room UUIDs and enforces transaction-policy checks (token allowlists, spend limits, malicious-contract detection) before co-signing, so most harmful payloads are rejected server-side. Both services communicate over HTTPS/WSS. Still, confirm with the user before running any sign command so they understand what they're approving.

Error Recovery

  • Auth timeout → restart auth + auth --pair.
  • Insufficient funds → suggest checking balances or reducing amount.
  • No swap route → suggest different token, amount, or chain.
  • Any other failure → report the error plainly, don't retry automatically.
More in Security