Local Wallet Standard

Lightweight Wallet Signer CLI — generate wallets, derive addresses, and sign messages across EVM, Solana, Bitcoin, Cosmos, and Tron chains.

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 213 · 0 current installs · 0 all-time installs

by@njdawn

MIT-0

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

✓

Purpose & Capability

Name/description align with what the SKILL.md instructs: it builds a Rust CLI, requires git and cargo, and stores wallets under ~/.lws. Requiring git/cargo and optionally rustup is proportionate for a Rust CLI built from source.

Instruction Scope

The runtime instructions tell users/agents to install via curl | bash from a raw GitHub URL and to pass full BIP-39 mnemonics on the command line (e.g., lws derive --mnemonic <PHRASE> and lws sign --mnemonic <PHRASE>). Passing secrets on the CLI can leak to shell history and process listings. The SKILL.md does not describe encrypting the wallet vault or secure handling of mnemonics, so instructions do not constrain or protect sensitive data.

Install Mechanism

The installer is a curl -fsSL https://raw.githubusercontent.com/... | bash pipeline. GitHub raw content is a known host, but piping a remote install script to a shell executes remote code without an on-disk review and is higher risk. The installer may install rustup and build toolchains, which modify the system environment.

Credentials

The skill declares no required environment variables, which is fine, but it stores wallet descriptors under ~/.lws and expects users to supply raw mnemonics. There is no mention of vault encryption, passphrase protection, or secure storage. That absence is disproportionate for a tool that handles private keys and mnemonics.

✓

Persistence & Privilege

The skill is not marked always:true and does not request elevated or cross-skill configuration. The installer writes to the user's home directory (~/.lws) and modifies shell config to add to PATH, which is expected for a CLI but should be reviewed by the user before permitting.

What to consider before installing

This skill appears to implement a local wallet CLI and the build requirements (git/cargo) are reasonable, but you should not blindly run the curl|bash installer or supply real mnemonics until you verify the code. Actionable steps: (1) Inspect the GitHub repo and the install.sh script yourself (do not pipe to shell without review). (2) Prefer cloning and building from source locally (git clone && cargo build) rather than curl|bash. (3) Confirm how wallet JSON files are protected—look for encryption/passphrase support—and check file permissions on ~/.lws. (4) Avoid passing mnemonics on the command line; use interactive prompts or secure stdin if available. (5) If you must test, run in an isolated VM/container and use throwaway mnemonics (no real funds). (6) Consider using hardware wallets or well-audited software for real funds. If you want, I can (a) fetch and summarize the install.sh and repository files for manual review, or (b) list the lines in SKILL.md that expose secrets so you can adjust usage.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0

Download zip

latestvk975w3smxp143vpyg25tsfm5fd821tkh

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

OSmacOS · Linux

Binsgit, cargo

SKILL.md

LWS CLI

Minimal, offline-first CLI for generating wallets, deriving addresses, and signing messages across multiple chains.

Installation

One-liner:

curl -fsSL https://raw.githubusercontent.com/dawnlabsai/lws/main/lws/install.sh | bash

The installer will:

Install Rust via rustup if not already present
Clone the repo and build from source
Place the lws binary at ~/.lws/bin/lws
Add ~/.lws/bin to your shell's PATH (supports zsh, bash, fish)

Set LWS_INSTALL_DIR to override the install location.

From source:

git clone https://github.com/dawnlabsai/lws.git
cd lws/lws
cargo build --workspace --release
cp target/release/lws ~/.lws/bin/lws

Commands

`lws generate`

Generate a new BIP-39 mnemonic phrase.

lws generate [--words 12|24]

--words — Number of mnemonic words, 12 or 24 (default: 12)

`lws derive`

Derive an address from a mnemonic.

lws derive --mnemonic <PHRASE> --chain <CHAIN> [--index 0]

--mnemonic — BIP-39 mnemonic phrase (required)
--chain — Chain type: evm, solana, bitcoin, cosmos, tron (required)
--index — Account index (default: 0)

`lws sign`

Sign a message with a mnemonic-derived key.

lws sign --mnemonic <PHRASE> --chain <CHAIN> --message <MSG> [--index 0]

--mnemonic — BIP-39 mnemonic phrase (required)
--chain — Chain type (required)
--message — Message to sign (required)
--index — Account index (default: 0)

`lws info`

Show the vault path and list supported chains.

lws info

`lws create-wallet`

Create a new wallet — generates a mnemonic and saves a wallet descriptor to the vault.

lws create-wallet --name <NAME> --chain <CHAIN> [--words 12|24]

--name — Wallet name (required)
--chain — Chain type (required)
--words — Mnemonic word count (default: 12)

`lws list-wallets`

List all saved wallets in the vault.

lws list-wallets

`lws update`

Update lws to the latest version by building from the latest commit.

lws update [--force]

--force — Rebuild even if already on the latest commit

`lws uninstall`

Remove lws from the system.

lws uninstall [--purge]

--purge — Also remove all wallet data and config (~/.lws)

Removes the binary, cleans PATH entries from shell config files, and optionally deletes the entire ~/.lws directory. Prompts for confirmation before proceeding.

File Layout

~/.lws/
├── bin/
│   └── lws              # CLI binary
└── wallets/
    └── <wallet-id>.json  # Wallet descriptors

Files

1 total

Select a file

Select a file to preview.

Comments

Loading comments…