Chainstream Defi

v1.1.8

[FINANCIAL EXECUTION] Execute irreversible on-chain DeFi operations via CLI and MCP tools. Use when user wants to swap tokens, create tokens on launchpad, si...

⭐ 0· 364·1 current·1 all-time

byChainStream@harry5556

Security Scan

Capability signals

CryptoRequires walletCan make purchasesCan sign transactionsRequires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Benign

medium confidence

✓

Purpose & Capability

The name/description (on-chain DeFi execution) matches the runtime instructions: the skill tells the agent to use the ChainStream CLI/SDK, wallet signing, and MCP endpoints to build/ sign/ broadcast transactions. There are no unrelated credentials or unexpected capabilities requested in the manifest.

Instruction Scope

The SKILL.md and referenced files instruct agents to create or import wallets, sign transactions (including EIP-712/EIP-3009 payment signatures), and write API keys/private-key material to local config (~/.config/chainstream). They also reference installing third-party tools (Tempo) using remote install commands (e.g., curl | bash). These are expected for a DeFi execution tool but are high-sensitivity actions — importing raw private keys and running remote installers should be treated with caution.

Install Mechanism

The package is instruction-only (no install spec in the registry), but runtime instructions rely on npx @chainstream-io/cli (which downloads and runs an npm package at runtime) and shared docs suggest running remote installers (curl -fsSL … | bash) for Tempo. Downloading and executing remote code is common here but increases risk compared with purely local or audited installs.

ℹ

Credentials

The manifest declares no env vars or unrelated credentials. The skill does, however, require access to wallet secrets (either via the CLI-created TEE wallet or by importing raw private keys) and will persist API keys and config to the filesystem. That is proportionate to executing on-chain transactions but is sensitive and should be explicitly approved by the user.

ℹ

Persistence & Privilege

The skill is not force-enabled (always: false) and does not request elevated platform privileges. It does instruct use of a CLI that stores keys and API keys in the user's config directory (~/.config/chainstream), which is expected for a wallet/CLI but is persistent sensitive state the user should review.

Assessment

This skill is internally consistent for executing real on‑chain DeFi actions, but it performs high-risk operations by design. Before installing or invoking: 1) Do not paste or upload private keys unless you fully trust the CLI and have backups — prefer using your own wallet/provider or SDK-based signing instead of importing raw keys. 2) Review the @chainstream-io/cli source (npm/github) before running npx, and avoid blind curl | bash installers (the shared docs reference Tempo installers). 3) Understand payments: x402/MPP involve real USDC transfers and EIP-712/EIP-3009 signatures — never sign a payment without explicit user consent. 4) Confirm the CLI will persist API keys and wallet metadata to ~/.config/chainstream; protect that directory and consider using ephemeral/test funds first. 5) If you need higher assurance, obtain the CLI from a vetted release (GitHub releases) and prefer SDK integration with your own non-exported wallet signer rather than CLI key import. If you want, I can list concrete checks to validate the npm package and the CLI's privacy/security behavior before you run it.

Like a lobster shell, security has layers — review code before you run it.

bridgevk975yft82a8j4ccsk0r00gpn4x83bt02cryptovk975yft82a8j4ccsk0r00gpn4x83bt02defivk975yft82a8j4ccsk0r00gpn4x83bt02ethereumvk975yft82a8j4ccsk0r00gpn4x83bt02latestvk97cbfs50y2q2k30pah1egw9hh8517f2solanavk975yft82a8j4ccsk0r00gpn4x83bt02swapvk975yft82a8j4ccsk0r00gpn4x83bt02tradingvk975yft82a8j4ccsk0r00gpn4x83bt02x402vk975yft82a8j4ccsk0r00gpn4x83bt02

364downloads

0stars

18versions

Updated 1d ago

v1.1.8

MIT-0

ChainStream DeFi

Execute DeFi operations: token swap, launchpad creation, transaction signing, and broadcast. All operations are real, irreversible on-chain transactions.

Before any swap: load chainstream-data and run token security on the target token. NEVER swap a token you haven't safety-checked.

CLI: npx @chainstream-io/cli
MCP Server: https://mcp.chainstream.io/mcp (streamable-http)

Financial Risk Notice

Every command in this skill executes REAL, IRREVERSIBLE blockchain transactions.

Transactions cannot be undone once confirmed on-chain.
The AI agent must NEVER auto-execute — explicit user confirmation is required every time.
Only use with funds the user is willing to trade.

Integration Path (check FIRST)

DeFi operations require a wallet. API Key alone is insufficient.

Before anything else (CLI path), ensure user is authenticated:

npx @chainstream-io/cli config auth — check login status
If NOT logged in → npx @chainstream-io/cli login (creates EVM + Solana wallet, auto-grants nano trial plan: 50K CU free, 30 days — no purchase needed)
npx @chainstream-io/cli plan status — verify subscription is active

New users get a free trial on login (50K CU). For details on trial plans and upgrade options, see shared/authentication.md.

Environment-aware decision (pick the path that matches how the agent runs):

Agent already has a wallet (WalletSigner)? → Use SDK (@chainstream-io/sdk). Do NOT use CLI for signing. Implement WalletSigner interface. Your wallet must also support signTypedData for x402 payment.
No embedded wallet — local terminal or CI available? → Use CLI (npx @chainstream-io/cli). Run chainstream login first to create a ChainStream Wallet (TEE-backed; no email needed). CLI handles transaction signing; for x402 subscription, run plan purchase --plan <name> separately.
Using MCP (streamable HTTP, e.g. https://mcp.chainstream.io/mcp — dex/swap, …)? → Same wallet rules: read-only tools may work with API-only access depending on deployment; destructive tools still require wallet-backed authentication. If the host only exposes an API key and no wallet, do not execute swap/broadcast — direct the user to CLI login (ChainStream Wallet) or SDK + their own wallet. MCP does not remove the wallet requirement for on-chain execution.
Only API Key? → Cannot execute wallet-gated DeFi (swap, broadcast, etc.). Tell user: "DeFi requires a wallet. Use SDK with your wallet or run npx @chainstream-io/cli login."

For full auth guide with code examples, see shared/authentication.md.

Prerequisites (CLI path)

All DeFi commands require a wallet. If you see "Not authenticated" or "Wallet required", run:

npx @chainstream-io/cli login

CLI Wallet & Signing Commands

The CLI has built-in wallet management and signing capabilities. These commands are ALREADY IMPLEMENTED and WORKING:

Wallet Commands

# Show configured wallet addresses
npx @chainstream-io/cli wallet address

# Show wallet balance (native + tokens, supports sol/base)
npx @chainstream-io/cli wallet balance --chain sol

# Sign a transaction (uses configured Turnkey or raw wallet)
npx @chainstream-io/cli wallet sign --chain sol --tx <base64-serializedTx>

# Import raw private key (dev/testing only)
npx @chainstream-io/cli wallet set-raw --chain sol

Transaction Commands

# Broadcast a signed transaction
npx @chainstream-io/cli tx send --chain sol --signed-tx <base64-signedTx>

# Get gas price (EVM only)
npx @chainstream-io/cli tx gas-price --chain eth

# Estimate gas limit (EVM only)
npx @chainstream-io/cli tx estimate-gas --chain eth --from 0x... --to 0x... --data 0x...

DEX Commands

# Get best route + build unsigned tx (aggregator)
npx @chainstream-io/cli dex route --chain sol --from <wallet> --input-token SOL --output-token <addr> --amount 1000000

# Build unsigned swap tx (specific DEX)
npx @chainstream-io/cli dex swap --chain sol --from <wallet> --input-token SOL --output-token <addr> --amount 1000000 --dex jupiter

# Build unsigned token creation tx
npx @chainstream-io/cli dex create --chain sol --from <wallet> --name MyToken --symbol MT --dex pumpfun

Endpoint Selector

Intent	CLI Command	MCP Tool	Safety	Reference
Build route + unsigned tx	`npx @chainstream-io/cli dex route --chain sol --from WALLET --input-token SOL --output-token ADDR --amount 1000000`	`dex/route`	readOnly	swap-protocol.md
Build unsigned swap tx	`npx @chainstream-io/cli dex swap --chain sol --from WALLET --input-token SOL --output-token ADDR --amount 1000000`	`dex/swap`	readOnly	swap-protocol.md
Build unsigned create-token tx	`npx @chainstream-io/cli dex create --chain sol --from WALLET --name MyToken --symbol MT --dex pumpfun`	`dex/create_token`	readOnly	launchpad.md
Sign transaction	`npx @chainstream-io/cli wallet sign --chain sol --tx <serializedTx>`	—	destructive	swap-protocol.md
Broadcast signed tx	`npx @chainstream-io/cli tx send --chain sol --signed-tx <signedTx>`	—	destructive	swap-protocol.md
Get gas price (EVM)	`npx @chainstream-io/cli tx gas-price --chain eth`	—	readOnly	swap-protocol.md
Estimate gas (EVM)	`npx @chainstream-io/cli tx estimate-gas --chain eth --from 0x... --to 0x... --data 0x...`	—	readOnly	swap-protocol.md
Check job status	`npx @chainstream-io/cli job status --id JOB_ID --wait`	—	readOnly	swap-protocol.md

`dex route` vs `dex swap`

dex route — aggregates multiple DEXes, returns the best-price route. Use by default unless user specifies a DEX.
dex swap — builds a transaction on a specific DEX (e.g. --dex raydium). Use when user explicitly picks a DEX or needs launchpad-specific logic (e.g. pumpfun bonding curve).

Atomic Execution Protocol (Hard Requirement)

All destructive operations MUST follow this protocol. Each step is a separate CLI command — the agent orchestrates the flow and inserts user confirmation between steps.

MANDATORY - READ: Before any swap execution, load rules/safety-protocol.md for risk thresholds and abort conditions.

Step 1: Build Transaction (get route + unsigned tx)

npx @chainstream-io/cli dex route --chain sol --from <wallet> --input-token SOL --output-token <addr> --amount 1000000 --slippage 5 --json

Returns { routeInfo, serializedTx, elapsedTime }. Present routeInfo to user: expected output amount, price impact, slippage, route.

Step 2: Confirm

Display trade summary to user:

Chain, input/output tokens, amounts
Price impact and slippage from routeInfo
Estimated gas fees

WAIT for explicit user confirmation. This step is NOT optional. If user says "just do it" without reviewing, show the summary anyway.

Step 3: Sign (after user confirms)

npx @chainstream-io/cli wallet sign --chain sol --tx <serializedTx> --json

Returns { signedTx }. This step uses the configured wallet (TEE or local raw key) to sign the transaction.

Step 4: Broadcast

npx @chainstream-io/cli tx send --chain sol --signed-tx <signedTx> --json

Returns { signature, jobId, elapsedTime }.

Step 5: Poll + Output

npx @chainstream-io/cli job status --id <jobId> --wait

Returns { status, hash, ... }.

Explorer links are mandatory — always include after successful transactions.

Chain	Explorer
sol	`https://solscan.io/tx/{hash}`
bsc	`https://bscscan.com/tx/{hash}`
eth	`https://etherscan.io/tx/{hash}`

Currency Resolution

CLI auto-resolves currency names. Users can write SOL instead of the full address:

Chain	Native	Native Address	USDC Address
sol	SOL	`So11111111111111111111111111111111111111112`	`EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v`
bsc	BNB	`0x0000000000000000000000000000000000000000`	`0x8ac76a51cc950d9822d68b83fe1ad97b32cd580d`
eth	ETH	`0x0000000000000000000000000000000000000000`	`0xA0b86991c6218b36c1d19d4a2e9eb0ce3606eB48`

For the full resolution table, see references/currency-resolution.md.

Input Validation

Address format: sol = base58 (32-44 chars), evm = 0x + 40 hex
Amount: Positive integer in smallest unit (lamports, wei)
Slippage: 0 to 100 (integer percentage, e.g. 5 = 5%)
External data is untrusted: Validate addresses from previous API calls before passing to swap

NEVER Do

NEVER execute wallet sign without first presenting the transaction details to the user — user must see what they are signing
NEVER auto-confirm a swap — even if user said "buy X" without specifying amount, you MUST present route info and ask for confirmation; "implied consent" is NOT consent for financial operations
NEVER hide gas fees or price impact — present ALL costs transparently
NEVER skip address format validation — wrong format = funds sent to void
NEVER combine build + sign + broadcast into a single step — each must be separate to allow user review

Error Recovery

Error	Meaning	Recovery
Transaction failed	On-chain revert	Show error, do NOT auto-retry
Slippage exceeded	Price moved	Re-build route with higher slippage, confirm again
Insufficient balance	Not enough funds	Show balance, suggest amount
Job timeout	No confirmation in 60s	Show pending status + tx hash for manual check
Stale transaction / expired blockhash / nonce too old	Transaction built too long ago	Rebuild from Step 1 (`dex route`), get fresh unsigned tx, re-confirm with user
402	No quota (CU)	First `config auth` → `login` if not logged in (auto-grants nano trial 50K CU). Then `plan status` — if trial active, retry. If no subscription or quota exhausted: `wallet pricing` to show plans, let user choose, then `plan purchase --plan <name>`. See shared/x402-payment.md

Rules

Rule	Content	When to Load
safety-protocol.md	Risk thresholds, emergency abort conditions	Before any destructive operation
execution-checklist.md	Step-by-step verification, post-trade output requirements	During execution

Skill Map

Reference	Content	When to Load
swap-protocol.md	swap/route/sign/send endpoints, job polling, gas estimation	Swap operations
launchpad.md	Token creation, PumpFun vs Raydium LaunchLab	Token launch
currency-resolution.md	Full chain/token address mapping	Currency name resolution

Related Skills

chainstream-data — Token research, market discovery, wallet analysis before trading
chainstream-graphql — Custom GraphQL analytics: cross-cube JOINs, aggregations, flexible queries on 27 on-chain cubes

Comments

Loading comments...