Carbon DeFi

vv1.0.0

Use this skill when the user wants to create or manage on-chain maker trading strategies on Carbon DeFi. Triggers include: "place a limit order", "create a r...

⭐ 0· 20·0 current·0 all-time

by@ashachaf

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for ashachaf/carbon-defi.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Carbon DeFi" (ashachaf/carbon-defi) from ClawHub.
Skill page: https://clawhub.ai/ashachaf/carbon-defi
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install carbon-defi

ClawHub CLI

Package manager switcher

npx clawhub@latest install carbon-defi

Security Scan

Capability signals

CryptoRequires walletRequires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The skill claims to create/manage on‑chain maker strategies and its documented tools and behaviors match that goal. However, it requires adding a remote MCP server to the agent config (https://carbon-mcp.duckdns.org) to operate — using a third‑party dynamic DNS host for a finance integration is unusual and should be justified with provenance (official docs, code, audits).

Instruction Scope

SKILL.md instructs the user to modify a local Claude Desktop config file (~ / Library/Application Support/Claude/claude_desktop_config.json) to add a persistent remote MCP server and shows curl examples that call that server. That steps beyond pure instruction-only guidance: it encourages making a persistent config change which enables remote tooling and network calls to an unverified host. The skill also asks the agent to call the remote server for strategy listing/execution, which gives the server an outsized role in future agent actions.

✓

Install Mechanism

There is no install script or code to write to disk; the skill is instruction-only. This reduces some risk because nothing is automatically downloaded or executed by the skill itself.

✓

Credentials

The skill does not request environment variables, secrets, or filesystem paths beyond the single Claude Desktop config edit it instructs. It also documents that transactions returned are unsigned and must be signed by the user, which limits direct exfiltration of private keys if the user follows guidance.

Persistence & Privilege

Although the skill metadata does not set always:true, the SKILL.md explicitly tells users to add an MCP server entry to their Claude Desktop config to enable persistent remote tooling. That change effectively grants the remote server ongoing ability to act as a tool provider for the agent and is a significant privilege — doing so without authoritative provenance is risky.

What to consider before installing

Before installing or following these instructions: 1) Do not add the recommended mcpServers entry to your Claude Desktop config until you can verify the server's authenticity (official website, source repository, commit history, maintainers, TLS certificate, domain ownership). duckdns domains are frequently used for hobby or attacker infrastructure—treat them as untrusted until proven otherwise. 2) Ask the skill author for an official homepage, repo, contract addresses, and audit reports; verify contract addresses on a block explorer (Etherscan, etc.). 3) Prefer calling read‑only endpoints or simulating strategies first (no unsigned write transactions). 4) Never sign or broadcast transactions without inspecting the full unsigned transaction payload and confirming the destination contract address and intent in a wallet you control (prefer a hardware/cold wallet). 5) If you must test, do so with a small test wallet/funds on a testnet or supported low‑value environment. 6) If the author can provide an official domain, published SDK, or independent audit that matches the MCP server, re-evaluate — that evidence would raise confidence toward benign.

Like a lobster shell, security has layers — review code before you run it.

automationvk9717tvqm2dqr9yx9ch0f7n9yd85pwbtblockchainvk9717tvqm2dqr9yx9ch0f7n9yd85pwbtdefivk9717tvqm2dqr9yx9ch0f7n9yd85pwbtethereumvk9717tvqm2dqr9yx9ch0f7n9yd85pwbtgasless tradingvk9717tvqm2dqr9yx9ch0f7n9yd85pwbtlatestvk9717tvqm2dqr9yx9ch0f7n9yd85pwbtmcpvk9717tvqm2dqr9yx9ch0f7n9yd85pwbtonchainvk9717tvqm2dqr9yx9ch0f7n9yd85pwbttradingvk9717tvqm2dqr9yx9ch0f7n9yd85pwbttrading strategiesvk9717tvqm2dqr9yx9ch0f7n9yd85pwbt

20downloads

0stars

1versions

Updated 2h ago

vv1.0.0

MIT-0

Carbon DeFi — On-Chain Maker Trading via MCP

Carbon DeFi is a fully on-chain maker trading protocol. Users set prices upfront — strategies execute automatically with zero gas on fills. No bots, no agent needs to stay online after placing a strategy.

Connect to the MCP Server

Add to Claude Desktop config (~/Library/Application Support/Claude/claude_desktop_config.json):

{
  "mcpServers": {
    "carbon-defi": {
      "command": "npx",
      "args": ["mcp-remote", "https://carbon-mcp.duckdns.org/mcp"]
    }
  }
}

Restart Claude Desktop after saving. Alternatively, call tools directly via REST:

curl -X POST https://carbon-mcp.duckdns.org/tools/get_strategies \
  -H "Content-Type: application/json" \
  -d '{"owner": "0xYourAddress", "chain": "ethereum"}'

Core Concepts

Maker-first. Every strategy is a maker order — you set the price, the market comes to you.

Unsigned transactions. All write operations return an unsigned transaction (to, data, value). The user must sign and broadcast it. Never assume a transaction has been submitted.

Base and quote tokens.

base_token — the token being bought or sold (e.g. ETH)
quote_token — the pricing token (e.g. USDC)
All prices are expressed as: quote per 1 base (e.g. 2000 USDC per ETH)

Budgets.

buy_budget — always in quote token (e.g. USDC to spend buying ETH)
sell_budget — always in base token (e.g. ETH to sell)

Native ETH. Use address 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE. Never WETH. ETH never requires approval.

Supported chains. ethereum, sei, celo, tac, coti

Strategy Types

User intent	Tool to use
"buy at exactly X" / "sell at exactly X"	`carbon_create_limit_order`
"scale in as price drops" / "DCA into"	`carbon_create_range_order` (buy)
"scale out as price rises" / "sell gradually"	`carbon_create_range_order` (sell)
"buy low sell high forever" / "recurring" / "grid"	`carbon_create_recurring_strategy`
"provide liquidity" / "earn fees" / "concentrated"	`carbon_create_concentrated_strategy`
"full range liquidity" / "widest range"	`carbon_create_full_range_strategy`

A range order executes gradually as price moves through the range — correct for "scale in" or "DCA". Do not split into multiple orders.

All 25 Tools

Explore

carbon_get_strategies — all active strategies for a wallet. Always call first.
carbon_get_strategy — single strategy by ID — type, status, prices, budgets, trade count
carbon_get_activity — trade and event history for a wallet or strategy
carbon_explore_pair — top strategies for a token pair, ranked by trade count
carbon_simulate_strategy — backtest against real historical prices before going on-chain
carbon_resolve_token — fuzzy token symbol/name → on-chain address ("dollar" finds USDC/USDT/DAI)
carbon_find_opportunities — discount buys or premium sells vs market price
carbon_get_protocol_stats — TVL, volume, fees history
carbon_get_price_history — OHLC price data for any token pair

Trade (swap against Carbon liquidity)

carbon_get_trade_quote — swap quote: expected output, rate, strategies used. Always call before execute.
carbon_execute_trade — unsigned swap transaction. Requires trade_actions from get_trade_quote.

Create

carbon_create_limit_order — one-time buy or sell at exact price
carbon_create_range_order — gradual execution across a price range
carbon_create_recurring_strategy — looping buy+sell, repeats forever, zero gas on fills
carbon_create_concentrated_strategy — two-sided liquidity with a defined spread
carbon_create_full_range_strategy — two-sided liquidity up to 1000x from market price

Manage

carbon_reprice_strategy — update price ranges only
carbon_edit_strategy — update prices and budgets in one transaction
carbon_deposit_budget — add funds without interrupting the strategy
carbon_withdraw_budget — remove funds without closing the strategy
carbon_pause_strategy — pause orders, funds stay, resume anytime
carbon_resume_strategy — reactivate a paused strategy
carbon_delete_strategy — permanently close and return all funds

Help & Knowledge

carbon_help — detailed guidance on any tool or full overview
carbon_learn — protocol concepts: fees, security, marginal price, overlapping liquidity, contracts, SDK, API, and more

Behavior Rules

Always call carbon_get_strategies first to check existing positions
Never invent a market price — always ask the user. Never reuse a price from earlier in the conversation.
Present a strategy proposal and wait for explicit user approval before building a transaction
Always show the full unsigned transaction (to, data, value) after creation
Check the warnings array in every response — if allowance warning exists, show approval steps before the transaction
When market price is inside a buy range, ask: full range or below market only?
- Full range: omit buy_price_marginal
- Below market only: set buy_price_marginal to current market price
Overlapping buy/sell ranges: warn but allow — ask user to confirm intent
Buy price above market: warn and offer to adjust
Sell price below market: warn and offer to adjust
For pause: show current prices first, confirm before pausing
For resume: restore prices only — funds already in strategy, never ask for budgets
For reprice: call once with all four prices — fill missing side from current strategy state
For delete: always confirm with user — irreversible

Token Allowances

Before any strategy depositing ERC-20 tokens, check if the Carbon DeFi controller has sufficient allowance. If not, the user must send an approval transaction first.

Note: USDT on Ethereum requires setting allowance to 0 before increasing.

Transaction Verification

All write operations return unsigned transactions. To independently verify calldata before signing:

Spec: https://docs.carbondefi.xyz/developer-guides/carbon-defi-transaction-encoding
Covers: contract addresses per chain, function selectors, price encoding, budget encoding, verification checklist

Batch API

Run multiple tools in parallel as a single request (counts against rate limit once):

curl -X POST https://carbon-mcp.duckdns.org/batch \
  -H "Content-Type: application/json" \
  -d '[
    {"tool": "get_strategies", "params": {"owner": "0x...", "chain": "ethereum"}},
    {"tool": "get_protocol_stats", "params": {"chain": "ethereum"}}
  ]'

Rate Limits

30 requests/min per IP, burst of 10
Use /batch for parallel calls — counts as 1 request
REST endpoints (/tools/:toolName) are faster than MCP proxy

Comments

Loading comments...