A2A SHIB Payment System

Framework-agnostic agent-to-agent payment system with SHIB on Polygon. Provides trustless escrow, price negotiation, and reputation system. 9,416x cheaper than traditional escrow (~$0.003 gas).

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 853 · 1 current installs · 1 all-time installs

byMarc Smith@marcus20232023

MIT-0

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The skill's name/description match the contained code (payments, escrow, negotiation, reputation). However the registry metadata declares no required environment variables while SKILL.md and multiple docs require a wallet private key (WALLET_PRIVATE_KEY / POLYGON_PRIVATE_KEY), RPC_URL, and SHIB_CONTRACT_ADDRESS. That discrepancy is an incoherence that should be fixed before trusting the skill.

!

Instruction Scope

Runtime instructions tell operators to put a private key in .env.local, run the agent (node a2a-agent-full.js), and optionally expose it via Cloudflare Tunnel / systemd / Docker. The agent accepts free-form A2A JSON-RPC text commands that map directly to payment/escrow operations. If the HTTP endpoints are not locked down, remote actors could trigger payments. The docs also recommend backing up .env.local and state files (potential secret leakage) and saving docs to Qdrant — both raise confidentiality concerns. There are also inconsistent env var names across docs (WALLET_PRIVATE_KEY vs POLYGON_PRIVATE_KEY).

ℹ

Install Mechanism

Install is a local npm install (package: "."). No external arbitrary download URLs are used in the install spec, which is lower risk than fetching remote binaries. Still, you should inspect package.json dependencies and run npm audit before installing.

!

Credentials

Requesting a wallet private key is expected for a payment agent, but it's a highly sensitive credential. The registry metadata not listing required env vars is inconsistent with the SKILL.md. The skill also references other potentially sensitive configuration (auth-config.json, audit logs, Qdrant storage, backups) without clearly declaring corresponding required environment variables or access controls — this is disproportionate and increases the attack surface.

ℹ

Persistence & Privilege

The skill does not request always:true and default autonomy is allowed (normal). It does recommend installing as a systemd service and exposing via Cloudflare Tunnel or Docker, which gives it persistent, network-exposed presence if you follow the docs. Persistent exposure combined with insufficiently described auth controls is risky, but persistence itself is not inherently incoherent for a networked payment agent.

Scan Findings in Context

[unicode-control-chars] unexpected: Prompt-injection pattern found in SKILL.md. This may be an artifact of the source or an attempt to manipulate downstream parsers; it is not expected for installation docs and warrants review of the SKILL.md and any embedded files for hidden control characters or malicious formatting.

What to consider before installing

What to consider before installing: - Do not run this with a real private key on a machine or network you don't control. The code expects a wallet private key (sensitive). Prefer a hardware wallet or a signing proxy; never place production private keys in a plain .env file if you can avoid it. - The registry metadata did NOT declare required env vars but the SKILL.md does — that's an inconsistency. Ask the publisher to fix metadata and clearly document required env names and where secrets are stored. - Inspect package.json and run npm audit. Review auth.js, rate-limiter.js, and audit-logger.js to confirm how API keys and permissions are enforced. Verify that the agent does not accept unauthenticated JSON-RPC commands that can move funds. - Don't expose the agent to the public internet until you verify authentication, rate limits, and request validation. The docs suggest Cloudflare Tunnel and systemd — both fine if properly secured, but the README currently lacks concrete, enforceable defaults for API auth. - Review backup and export scripts: the deployment docs propose backing up .env.local and state files; ensure backups are encrypted and access-controlled to avoid secret exfiltration. - Check for any telemetry, save-to-qdrant behavior, or remote endpoints the agent pushes data to; if you must store operational data in an external vector DB, confirm you control that endpoint and data retention policies. - If you can, run the project in a sandbox/testnet environment first (use a testnet RPC and throwaway key), exercise the endpoints, and confirm tests. Ask the author to provide minimal reproduction steps showing authenticated calls creating/funding/releasing a test escrow on a public testnet. Additional information that would change this assessment to 'benign': the publisher adding accurate registry metadata declaring required env vars, a short security design document showing how API auth is enforced by default, and a confirmed safe default that prevents unauthenticated payment commands when exposed to networks. If you need help reviewing specific files (package.json, auth.js, and index.js entrypoints), provide them and I can highlight exact code paths that perform signing, network calls, and any risky behaviors.

Like a lobster shell, security has layers — review code before you run it.

Current versionv2.0.0

Download zip

latestvk978a508b230tz56nkq32rkrvd80yxfx

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode, npm

Install

Install dependencies (npm install)npm i -g .

SKILL.md

A2A SHIB Payment System - OpenClaw Skill

Framework-agnostic agent-to-agent payment infrastructure on Polygon network.

Summary

This skill enables AI agents to:

💰 Send/receive SHIB payments on Polygon (~$0.003 gas)
🔒 Create trustless escrow contracts
💬 Negotiate prices automatically (multi-round)
⭐ Build reputation through ratings
🌐 Discover other agents via A2A protocol

9,416x cheaper than traditional escrow services (Escrow.com charges $28.25 per $100, this costs $0.003).

Features

Payment System

Direct SHIB transfers on Polygon
Sub-penny gas costs (~$0.003)
Balance checking
Transaction history

Escrow System

Time-locked trustless payments
Multi-party approval required
Delivery proof submission
Automatic release when conditions met
Dispute resolution with arbiter
6-state machine: pending → funded → locked → released/refunded/disputed

Price Negotiation

Service quote creation
Multi-round counter-offers
Accept/reject workflow
Automatic escrow integration
Service delivery tracking

Reputation System

Star ratings (0-5) with reviews
Dynamic trust scores (0-100)
Trust levels: new → bronze → silver → gold → platinum
Achievement badges
Agent verification

Security Layer

API key authentication (64-byte keys)
Rate limiting (requests + payments + volume)
Immutable audit logging (hash-chained)
Per-agent permissions & limits

Installation

# Via ClawHub
clawhub install a2a-shib-payments

# Or manual clone
cd ~/clawd/skills
git clone https://github.com/marcus20232023/a2a-shib-payments.git
cd a2a-shib-payments
npm install

Configuration

Create .env.local:

cp .env.example .env.local
nano .env.local

Required environment variables:

WALLET_PRIVATE_KEY - Your Polygon wallet private key
RPC_URL - Polygon RPC endpoint (default: https://polygon-rpc.com)
SHIB_CONTRACT_ADDRESS - SHIB token contract (default: 0x95ad61b0a150d79219dcf64e1e6cc01f0b64c4ce)

Usage

Start the Agent

node a2a-agent-full.js

Agent runs on port 8003 by default.

OpenClaw Integration

The agent exposes A2A protocol endpoints that OpenClaw can communicate with:

Agent Card: http://localhost:8003/.well-known/agent-card.json

Example commands from OpenClaw:

// Check balance
const result = await fetch('http://localhost:8003/a2a/jsonrpc', {
  method: 'POST',
  headers: {'Content-Type': 'application/json'},
  body: JSON.stringify({
    jsonrpc: '2.0',
    method: 'message/send',
    params: {
      message: {
        kind: 'message',
        messageId: '1',
        role: 'user',
        parts: [{kind: 'text', text: 'balance'}]
      }
    },
    id: 1
  })
});

// Send payment
// text: 'send 100 SHIB to 0x...'

// Create escrow
// text: 'escrow create 500 SHIB for data purchase payee data-agent'

// Check reputation
// text: 'reputation check data-agent'

Framework Compatibility

Works with:

✅ OpenClaw - As a skill or standalone agent
✅ LangChain - Via A2A tools
✅ AWS Bedrock - Via agent invocation
✅ AutoGen - Via A2A messaging
✅ Any A2A-compatible system

See INTEGRATION-EXAMPLES.md for detailed integration guides.

Use Cases

Data Marketplace

// Research agent buys Tesla historical data
const quote = await negotiation.createQuote({
  service: 'TSLA 2020-2025 historical data',
  price: 500  // SHIB
});

// Counter-offer and accept
await negotiation.counterOffer(quote.id, 'research-agent', 400);
await negotiation.acceptCounter(quote.id, 'data-provider');
// Escrow created automatically

AI Model Training

// Create escrow for model training job
const escrow = await escrowSystem.create({
  payer: 'startup-agent',
  payee: 'ai-trainer',
  amount: 1000,
  purpose: 'Train GPT-style model',
  conditions: {requiresDelivery: true},
  timeoutMinutes: 720  // 12 hours
});

API Endpoints

A2A Protocol

/.well-known/agent-card.json - Agent capabilities
/a2a/jsonrpc - JSON-RPC messaging
/a2a/rest/* - REST API

Commands (via message text)

balance - Check SHIB balance
send [amount] SHIB to [address] - Send payment
escrow create [amount] SHIB for [purpose] payee [agent] - Create escrow
escrow fund [id] - Fund escrow
escrow release [id] - Release funds
quote create [service] [price] - Create price quote
reputation check [agentId] - Check agent reputation
rate [agentId] [1-5] [review] - Rate an agent

Testing

# Run all tests
npm test

# Individual test suites
npm run test:security
npm run test:escrow
npm run test:reputation

Files

Core Systems:

a2a-agent-full.js - Full-featured agent (port 8003)
index.js - Payment agent core
escrow.js - Escrow system
payment-negotiation.js - Negotiation workflow
reputation.js - Reputation & trust

Security:

auth.js - API authentication
rate-limiter.js - Rate limiting
audit-logger.js - Audit logging

Documentation:

README.md - Project overview
INTEGRATION-EXAMPLES.md - Framework integration guides
ESCROW-NEGOTIATION-GUIDE.md - API reference
PRODUCTION-HARDENING.md - Security guide
DEPLOYMENT.md - Deployment options

Security

Implemented:

✅ API key authentication
✅ Rate limiting (10 req/min, 3 payments/min, 500 SHIB/min volume)
✅ Immutable audit logs (hash-chained)
✅ Per-agent permissions
✅ Escrow time-locks
✅ Multi-party approval

Recommended for Production:

Multi-sig wallet
HTTPS (Cloudflare/Let's Encrypt)
Firewall rules
Automated backups
Monitoring & alerting

See PRODUCTION-HARDENING.md for complete guide.

Deployment

Quick Local

./deploy-local.sh

Production Options

Systemd service (auto-start on boot)
Cloudflare Tunnel (free HTTPS)
Docker container
VPS ($6/month)

See DEPLOYMENT.md for complete guide.

Cost Comparison

System	Fee	Settlement	Trust
Escrow.com	$28.25	5-7 days	Centralized
PayPal	$3.20	1-3 days	Centralized
This System	$0.003	Seconds	Decentralized

For a $100 transaction: 99.99% savings (9,416x cheaper)

Links

GitHub: https://github.com/marcus20232023/a2a-shib-payments
Release: https://github.com/marcus20232023/a2a-shib-payments/releases/tag/v2.0.0
A2A Protocol: https://a2a-protocol.org
Issues: https://github.com/marcus20232023/a2a-shib-payments/issues

License

MIT License - Free for commercial and personal use

Version

v2.0.0 - Production Ready

Built with 🦪 for the agent economy

Files

45 total

Select a file

Select a file to preview.

Comments

Loading comments…