@agentlayer.tech/wallet 0.1.18 → 0.1.20

package/.openclaw/AGENTS.md

@@ -7,22 +7,16 @@ These instructions apply to the entire `.openclaw/` tree.
 This tree contains local OpenClaw host-side workspace assets. In the current repo, its main responsibilities are:
 
 - the `agent-wallet` extension that bridges OpenClaw to the authoritative Python `agent-wallet` backend
-- the `pay-bridge` extension that bridges OpenClaw to the local `pay` CLI for paid API discovery and execution
 
 ## Current structure
 - `.openclaw/extensions/agent-wallet/index.ts` — TypeScript extension entrypoint registered by OpenClaw.
 - `.openclaw/extensions/agent-wallet/openclaw.plugin.json` — plugin manifest and config schema.
 - `.openclaw/extensions/agent-wallet/package.json` — extension package metadata.
 - `.openclaw/extensions/agent-wallet/skills/wallet-operator/SKILL.md` — user-facing operational wallet safety guidance.
-- `.openclaw/extensions/pay-bridge/index.ts` — TypeScript entrypoint for the local `pay` CLI bridge.
-- `.openclaw/extensions/pay-bridge/openclaw.plugin.json` — plugin manifest and config schema for pay tools.
-- `.openclaw/extensions/pay-bridge/core.mjs` — local `pay` command execution and output shaping.
-- `.openclaw/extensions/pay-bridge/skills/pay-operator/SKILL.md` — user-facing operational guidance for paid API usage.
 
 ## Design intent
 - Keep the TypeScript extension thin and host-oriented.
 - Let Python own wallet logic, policy, approvals, signing rules, and Solana implementation details.
-- Let `pay` remain the source of truth for paid API wallet/account behavior.
 - Let the extension focus on:
   - resolving config
   - locating the Python package
@@ -35,7 +29,6 @@ This tree contains local OpenClaw host-side workspace assets. In the current rep
 
 ### Keep bridge logic thin
 - Do not duplicate business logic from Python unless OpenClaw requires it at registration time.
-- Do not duplicate payment protocol logic from `pay`; prefer invoking the local CLI and shaping its output.
 - Do not reimplement approval validation, transaction policy, wallet derivation, or Solana-specific rules in TypeScript.
 - Prefer forwarding config into the CLI bridge and letting Python decide runtime behavior.
 - Treat this layer as a transport and schema bridge, not an execution authority.

package/.openclaw/extensions/agent-wallet/README.md

@@ -77,7 +77,7 @@ The ClawHub plugin package only installs the native OpenClaw plugin. It expects
 
 If that runtime is not present, set `plugins.entries.agent-wallet.config.packageRoot` explicitly.
 
-That installs the Python backend, Node dependencies for the local BTC/EVM runtimes, and patches the OpenClaw plugin config. Wallet creation, unlock, and local service start stay as separate host-side steps.
+That installs the Python backend, Node dependencies for the local BTC/EVM runtimes, and patches the OpenClaw plugin config. Solana stays ready immediately; EVM readiness can now be auto-healed during normal wallet switching when the runtime has sealed local vault credentials.
 
 For self-hosted installs, prefer `SOLANA_RPC_URL` / `SOLANA_RPC_URLS` in local env and treat the plugin `rpcUrl` / `rpcUrls` fields as fallback only. If the local runtime exposes `ALCHEMY_API_KEY` or `HELIUS_API_KEY`, the wallet can derive the Solana RPC URL automatically for `mainnet` or `devnet`. Local env always takes precedence over `openclaw.json`.
 
@@ -88,12 +88,13 @@ Important:
 - For a local official OpenClaw install, `userId` should represent the wallet owner for that agent install.
 - The public OpenClaw plugin docs do not document a per-request end-user identifier in `registerTool(...).execute(...)`, so dynamic multi-user wallet selection is intentionally kept in the Python/runtime layer, not inside the TypeScript plugin itself.
 - Helper scripts in `agent-wallet/scripts/` are generic patch/finalize utilities and no longer assume a specific local username, path, or temporary master key.
-- The OpenClaw plugin API in this repo exposes tool registration, not host password prompts, so BTC and EVM wallet create/unlock remain host-shell or CLI flows outside the agent tool surface.
+- The OpenClaw plugin API in this repo exposes tool registration, not host password prompts. EVM wallet create/unlock still is not a public agent tool, but the runtime can now auto-create or auto-unlock the local EVM wallet during `set_wallet_backend` or EVM tool calls when `sealed_keys.json` contains the local EVM vault password.
 - For a one-command local BTC onboarding path, use `agent-wallet/scripts/bootstrap_openclaw_btc.py`, which both sets up the BTC wallet binding and patches local OpenClaw config for `backend=wdk_btc_local`.
 - The BTC flow now only supports local service URLs (`127.0.0.1` / `localhost` / `::1`).
 - The local BTC service is protected with a bearer token loaded from `~/.openclaw/wdk-btc-wallet/local-auth-token`, not from plugin config JSON.
 - When the BTC service URL is local, that bootstrap script can also auto-start `wdk-btc-wallet` before patching OpenClaw config.
 - The EVM flow also only supports local service URLs (`127.0.0.1` / `localhost` / `::1`) and uses a bearer token loaded from `~/.openclaw/wdk-evm-wallet/local-auth-token`.
+- The installer now provisions a sealed local EVM vault password under `sealed_keys.json` by default, and host-side EVM setup helpers refresh that sealed value whenever the operator enters a new password.
 - The EVM tool surface is intentionally narrow: Velora swap quote/execute, Aave V3 account/reserve/position flows, native transfers, ERC-20 transfers, fee quotes, and receipt lookup only. No arbitrary calldata, standalone approvals, or generic contract execution are exposed to the agent.
 - Velora swap and Aave V3 support are currently limited to `ethereum` and `base`. Test carefully because the upstream WDK protocol packages are still beta.
 - Agents can call `set_wallet_backend` to switch the active wallet for the current OpenClaw plugin session between Solana, EVM, and Bitcoin. This does not edit `openclaw.json`; plugin config remains the startup default.

package/.openclaw/extensions/agent-wallet/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agentlayertech/agent-wallet-plugin",
-  "version": "0.1.18",
+  "version": "0.1.20",
   "description": "OpenClaw plugin bridge for the AgentLayer wallet runtime.",
   "type": "module",
   "license": "SEE LICENSE IN ../../../LICENSE",

package/README.md

@@ -3,6 +3,7 @@
 
 [![npm version](https://img.shields.io/npm/v/%40agentlayer.tech%2Fwallet)](https://www.npmjs.com/package/@agentlayer.tech/wallet)
 [![npm downloads](https://img.shields.io/npm/dm/%40agentlayer.tech%2Fwallet)](https://www.npmjs.com/package/@agentlayer.tech/wallet)
+[![docs](https://img.shields.io/badge/docs-agent--layer.tech-blue)](https://docs.agent-layer.tech/)
 [![license](https://img.shields.io/github/license/lopushok9/Agent-Layer)](https://github.com/lopushok9/Agent-Layer/blob/main/LICENSE)
 
 ```bash
@@ -18,7 +19,7 @@ AgentLayer is a beta local-first wallet and finance stack for agents.
 The repository includes:
 
 - `agent-wallet/` - the main wallet backend for AgentLayer
-- `.openclaw/` - the local AgentLayer bridge layer, including the OpenClaw wallet bridge and the `pay.sh` API-payments bridge
+- `.openclaw/` - the local AgentLayer bridge layer for the OpenClaw wallet integration
 - `hermes/` - optional Hermes Agent plugin bridge for the same wallet backend
 - `wdk-btc-wallet/` - the local Bitcoin wallet service
 - `wdk-evm-wallet/` - the local EVM wallet service
@@ -55,7 +56,6 @@ Install the native OpenClaw plugins from ClawHub:
 
 ```bash
 openclaw plugins install clawhub:@agentlayertech/agent-wallet-plugin
-openclaw plugins install clawhub:@agentlayertech/pay-bridge-plugin
 ```
 
 Those ClawHub packages do not replace the npm installer. Keep `npx @agentlayer.tech/wallet install --yes` for laying down the local wallet runtime, Python backend, and helper services. The ClawHub packages only install the OpenClaw plugin surfaces that point at that runtime.
@@ -83,16 +83,19 @@ wallet status
 wallet doctor
 wallet hermes install --yes
 wallet update --yes
+wallet update --yes --dry-run
 wallet rollback
 ```
 
+`wallet update --yes` now delegates to the latest published npm package and reuses shared Python and Node dependency snapshots when they have not changed, so frequent upgrades do not need to rebuild every runtime dependency from scratch.
+Use `wallet update --yes --dry-run` to inspect the target runtime version and whether Python/Node dependency snapshots will be reused or rebuilt before switching `current`.
+
 ## Native OpenClaw plugin installs
 
 Use ClawHub when you want the plugin itself to be installed through OpenClaw:
 
 ```bash
 openclaw plugins install clawhub:@agentlayertech/agent-wallet-plugin
-openclaw plugins install clawhub:@agentlayertech/pay-bridge-plugin
 ```
 
 Recommended order:
@@ -117,6 +120,111 @@ sh ./setup.sh
 
 If you want the installer to finish the OpenClaw plugin wiring in the same pass, provide the runtime secrets before running it:
 
+## Wallet capabilities through external services
+
+AgentLayer keeps keys, approvals, and signing local, but the wallet can still operate through a set of registered provider-backed tools. These tools are exposed through the OpenClaw wallet plugin as explicit service integrations rather than raw shell access, config editing, or backend switching.
+
+### x402 paid APIs
+
+The x402 bundle turns the wallet into a buyer for metered APIs and paid HTTP endpoints:
+
+- `x402_search_services` - search x402-paid services through discovery providers such as CDP Bazaar and Agentic Market without spending funds.
+- `x402_get_service_details` - resolve one discovered service or resource into a normalized detail payload before attempting payment.
+- `x402_preview_request` - make an unpaid request, detect `402 Payment Required`, and summarize payment terms and supported payment options.
+- `x402_pay_request` - prepare or execute the paid retry through the active wallet backend. The current flow executes the Solana exact-buyer path and keeps EVM as prepare-only.
+
+This gives the wallet a direct bridge from service discovery to paid API consumption while preserving approval-token checks before execution.
+
+### LI.FI cross-chain routing
+
+The LI.FI bundle covers discovery, quote inspection, transfer tracking, and routed execution across Solana, Ethereum, and Base:
+
+- `get_lifi_supported_chains` - list the chains currently allowed for LI.FI routing in the wallet surface.
+- `get_lifi_quote` - fetch a read-only cross-chain quote before any execution planning.
+- `get_lifi_transfer_status` - inspect a routed transfer by transaction hash or LI.FI step id.
+- `swap_solana_lifi_cross_chain_tokens` - preview, prepare, or execute a Solana-origin cross-chain route into Ethereum or Base.
+- `swap_evm_lifi_cross_chain_tokens` - preview, prepare, or execute an EVM-origin cross-chain route across Ethereum, Base, and Solana when LI.FI returns a route.
+
+### Jupiter trading and yield
+
+On Solana, Jupiter-backed tools cover market pricing, swaps, and Jupiter Earn vault flows:
+
+- `get_solana_token_prices` - fetch current Solana token pricing through Jupiter.
+- `swap_solana_tokens` - preview, prepare, or execute a Jupiter-routed Solana token swap.
+- `get_jupiter_earn_tokens` - list Jupiter Earn vault assets currently supported on mainnet.
+- `get_jupiter_earn_positions` - inspect wallet positions in Jupiter Earn vaults.
+- `get_jupiter_earn_earnings` - fetch earnings for one or more Jupiter Earn positions.
+- `jupiter_earn_deposit` - preview, prepare, or execute a Jupiter Earn deposit.
+- `jupiter_earn_withdraw` - preview, prepare, or execute a Jupiter Earn withdrawal.
+
+### Houdini private payouts
+
+For privacy-preserving Solana payout flows, the wallet exposes a Houdini-backed bundle:
+
+- `swap_solana_privately` - create a preview or approved private payout through Houdini routing. The current MVP supports same-token flows such as `SOL -> SOL` and `USDC -> USDC`.
+- `continue_solana_private_swap` - continue a previously created Houdini order and submit the local funding transfer to the returned deposit address.
+- `get_solana_private_swap_status` - check Houdini status for an existing private payout.
+- `list_pending_solana_private_swaps` - list cached pending Houdini orders for the current OpenClaw session.
+
+This flow is intentionally optimized for `preview -> execute` rather than adding a no-op prepare step.
+
+### Kamino lending
+
+Kamino integration gives the wallet a structured Solana lending surface:
+
+- `get_kamino_lend_markets` - list Kamino lending markets available on Solana mainnet.
+- `get_kamino_lend_market_reserves` - inspect reserve metrics for one Kamino market.
+- `get_kamino_lend_user_obligations` - inspect the wallet's obligations inside a Kamino market.
+- `get_kamino_lend_user_rewards` - fetch the wallet's Kamino rewards summary.
+- `kamino_lend_deposit` - preview, prepare, or execute a lending deposit.
+- `kamino_lend_withdraw` - preview, prepare, or execute a lending withdrawal.
+- `kamino_lend_borrow` - preview, prepare, or execute a borrow.
+- `kamino_lend_repay` - preview, prepare, or execute a repay.
+
+### Flash Trade perps
+
+Flash Trade integration adds a managed perpetuals surface on Solana mainnet:
+
+- `get_flash_trade_markets` - list currently available Flash Trade markets.
+- `get_flash_trade_positions` - inspect the wallet's open Flash Trade positions.
+- `flash_trade_open_position` - preview, prepare, or execute a perp position open.
+- `flash_trade_close_position` - preview, prepare, or execute a perp position close.
+
+### Bags launch and fee-share
+
+Bags-backed tools cover token launch and post-launch fee analytics:
+
+- `get_bags_claimable_positions` - inspect claimable Bags fee-share positions for a Solana wallet.
+- `get_bags_fee_analytics` - fetch analytics and optional claim history for a launched token.
+- `claim_bags_fees` - preview, prepare, or execute a Bags fee-share claim.
+- `launch_bags_token` - preview, prepare, or execute a Bags token launch with fee-share configuration.
+
+### EVM DeFi integrations
+
+The EVM wallet surface includes named DeFi integrations on `ethereum` and `base`, without exposing arbitrary calldata execution.
+
+Velora swap routing:
+
+- `get_evm_swap_quote` - fetch a read-only EVM swap quote.
+- `swap_evm_tokens` - preview, prepare, or execute a routed EVM token swap.
+
+Aave V3:
+
+- `get_evm_aave_account` - inspect the wallet's Aave account state.
+- `get_evm_aave_reserves` - fetch reserve data for supported Aave markets.
+- `get_evm_aave_positions` - inspect the wallet's open Aave positions.
+- `manage_evm_aave_position` - preview, prepare, or execute Aave position changes through the managed wallet flow.
+
+Lido:
+
+- `get_evm_lido_overview` - fetch Lido protocol overview data relevant to the wallet surface.
+- `get_evm_lido_positions` - inspect the wallet's Lido positions.
+- `get_evm_lido_withdrawal_requests` - inspect outstanding Lido withdrawal requests.
+- `manage_evm_lido_position` - preview, prepare, or execute a Lido staking position change.
+- `manage_evm_lido_withdrawal` - preview, prepare, or execute a Lido withdrawal management action.
+
+Across these service-backed flows, read operations remain directly callable, while write operations stay behind preview, explicit intent, and host-issued approval tokens before execution.
+
 Solana:
 
 ```bash

package/RELEASING.md

@@ -12,11 +12,10 @@ The public install command is:
 npx @agentlayer.tech/wallet install --yes
 ```
 
-The repo also ships two native OpenClaw plugin packages for ClawHub:
+The repo also ships a native OpenClaw plugin package for ClawHub:
 
 ```text
 @agentlayertech/agent-wallet-plugin
-@agentlayertech/pay-bridge-plugin
 ```
 
 ## When npm Publishes
@@ -200,7 +199,6 @@ Dry-run the package contents from each plugin directory:
 
 ```bash
 (cd .openclaw/extensions/agent-wallet && npm pack --dry-run)
-(cd .openclaw/extensions/pay-bridge && npm pack --dry-run)
 ```
 
 Publish to ClawHub with the package-specific command documented by OpenClaw:
@@ -208,16 +206,12 @@ Publish to ClawHub with the package-specific command documented by OpenClaw:
 ```bash
 clawhub package publish .openclaw/extensions/agent-wallet --dry-run
 clawhub package publish .openclaw/extensions/agent-wallet
-
-clawhub package publish .openclaw/extensions/pay-bridge --dry-run
-clawhub package publish .openclaw/extensions/pay-bridge
 ```
 
 Users then install them natively through OpenClaw:
 
 ```bash
 openclaw plugins install clawhub:@agentlayertech/agent-wallet-plugin
-openclaw plugins install clawhub:@agentlayertech/pay-bridge-plugin
 ```
 
 GitHub Actions can publish the same packages automatically from tags and manual
@@ -231,14 +225,13 @@ CLAWHUB_TOKEN
 
 Workflow behavior:
 
-- `pull_request`: packs both plugins and runs ClawHub `--dry-run`
+- `pull_request`: packs the plugin and runs ClawHub `--dry-run`
 - `workflow_dispatch`: publishes or dry-runs based on the `dry_run` input
-- `push` on `v*` tags: publishes both plugins automatically
+- `push` on `v*` tags: publishes the plugin automatically
 
 The workflow currently publishes:
 
 - `.openclaw/extensions/agent-wallet` as `bundle-plugin`
-- `.openclaw/extensions/pay-bridge` as `code-plugin`
 
 `agent-wallet` stays on `bundle-plugin` because that package name was first
 published to ClawHub with that family, and ClawHub does not allow family
@@ -298,17 +291,16 @@ It publishes these ClawHub packages:
 
 ```text
 @agentlayertech/agent-wallet-plugin
-@agentlayertech/pay-bridge-plugin
 ```
 
 ### Triggers
 
 - `pull_request`
-  - runs ClawHub publish in `--dry-run` mode for both plugin packages
+  - runs ClawHub publish in `--dry-run` mode for the plugin package
 - `workflow_dispatch`
   - supports manual runs with a `dry_run` boolean input
 - `push` on git tags matching `v*`
-  - publishes both plugin packages to ClawHub
+  - publishes the plugin package to ClawHub
 
 ### Required secret
 
@@ -330,7 +322,6 @@ publisher access to:
 The workflow currently publishes:
 
 - `.openclaw/extensions/agent-wallet` as `bundle-plugin`
-- `.openclaw/extensions/pay-bridge` as `code-plugin`
 
 `agent-wallet` remains on `bundle-plugin` because the package
 `@agentlayertech/agent-wallet-plugin` was first created in ClawHub with that
@@ -346,7 +337,6 @@ If you want one git tag to publish both npm and ClawHub surfaces together:
 package.json
 agent-wallet/pyproject.toml
 .openclaw/extensions/agent-wallet/package.json
-.openclaw/extensions/pay-bridge/package.json
 ```
 
 2. Commit the release version bump.

package/agent-wallet/README.md

@@ -405,6 +405,7 @@ For the local EVM backend (`backend=wdk_evm_local`), the lifecycle mirrors the B
 - the EVM service is localhost-only and no longer accepts remote service URLs through the OpenClaw EVM flow
 - `agent-wallet` talks to it through a local bearer token loaded from `~/.openclaw/wdk-evm-wallet/local-auth-token`
 - `agent-wallet` stores only a per-user EVM wallet binding under `~/.openclaw/users/<normalized-user-id>/wallets/evm-<network>-agent.json`
+- the runtime can auto-create missing EVM bindings or auto-unlock the local vault during ordinary OpenClaw switching/tool calls when `sealed_keys.json` contains `wdk_evm_wallet_password`
 - supported EVM networks are `ethereum`, `sepolia`, `base`, and `base-sepolia`
 - OpenClaw-facing EVM tools accept an optional per-call `network` override for `ethereum` or `base`, so the agent can switch between the two mainnet EVM paths without editing host config
 - EVM `get_wallet_balance` now returns an enriched portfolio-style payload with native balance, discovered ERC-20 balances, and USD values when token discovery and pricing are available
@@ -429,6 +430,7 @@ That wrapper:
 - can auto-start `wdk-evm-wallet/run-local.sh` if the local service is not already healthy
 - creates or unlocks the local EVM wallet binding
 - also binds the paired EVM network by default: `ethereum <-> base`, `sepolia <-> base-sepolia`
+- stores the entered EVM vault password into `sealed_keys.json` when `AGENT_WALLET_BOOT_KEY` is available, so later OpenClaw wallet switching can auto-raise the EVM backend without another password prompt
 - patches OpenClaw config to `backend=wdk_evm_local`
 
 Example host-side EVM wallet creation:
@@ -453,6 +455,7 @@ Per-user wallets are now encrypted at rest in one hardened mode:
 
 Do not store `masterKey`, `privateKey`, or approval secrets in plugin config JSON or direct runtime environment variables.
 `AGENT_WALLET_MASTER_KEY`, `AGENT_WALLET_APPROVAL_SECRET`, and `SOLANA_AGENT_PRIVATE_KEY` are now provisioning-only inputs for installer/admin scripts and are rejected by the runtime.
+The installer also provisions a sealed `wdk_evm_wallet_password` by default so greenfield EVM wallet setup can happen automatically on first switch.
 Create or update that sealed file with:
 
 ```bash

package/agent-wallet/agent_wallet/config.py

@@ -368,6 +368,17 @@ def resolve_solana_private_key() -> str:
     )
 
 
+def resolve_evm_wallet_password() -> str:
+    """Resolve the local EVM vault password from env or the sealed secret store."""
+    direct = os.getenv("WDK_EVM_WALLET_PASSWORD", "").strip()
+    if direct:
+        return direct
+    return _resolve_sealed_secret(
+        "wdk_evm_wallet_password",
+        "evm_wallet_password",
+    )
+
+
 def use_encrypted_user_wallets() -> bool:
     """Per-user wallet files are always encrypted in the hardened runtime."""
     return True