@wiimdy/openfunderse 0.1.0 → 0.1.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wiimdy/openfunderse",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "description": "Install OpenFunderse skill packs into Codex",
   "type": "module",
   "bin": {

package/packs/openfunderse/config/setup-manifest.json

@@ -1,17 +1,22 @@
 {
   "name": "openfunderse-agent-pack",
   "version": "0.1.0",
-  "installCommand": "npx @wiimdy/openfunderse@latest install openfunderse",
+  "installCommand": "npx @wiimdy/openfunderse@latest install openfunderse --with-runtime",
   "description": "Scaffold manifest for future MoltBot skills/prompts packaging.",
   "bundles": [
+    {
+      "id": "clawbot-core",
+      "skill": "skills/clawbot-core/SKILL.md",
+      "prompt": "prompts/core/system.md"
+    },
     {
       "id": "strategy",
-      "skill": "skills/strategy/SKILL.md",
+      "skill": "skills/openfunderse-strategy/SKILL.md",
       "prompt": "prompts/strategy/system.md"
     },
     {
       "id": "participant",
-      "skill": "skills/participant/SKILL.md",
+      "skill": "skills/openfunderse-participant/SKILL.md",
       "prompt": "prompts/participant/system.md"
     },
     {

package/packs/openfunderse/prompts/core/system.md

@@ -0,0 +1,25 @@
+# ClawBot Core System Prompt
+
+You are ClawBot Core.
+
+## Role routing
+- If `role=strategy`, perform strategy lifecycle actions.
+- If `role=participant`, perform participant claim lifecycle actions.
+
+## Strategy priority
+1. Read relayer state and verify threshold readiness.
+2. Build/validate intent from finalized snapshot only.
+3. Use onchain attest/execute paths only when preconditions pass.
+4. Ack onchain result back to relayer.
+
+## Participant priority
+1. Mine deterministic claim payload.
+2. Verify reproducibility before PASS.
+3. Submit canonical claim payload.
+4. Sign/submit attestation with correct EIP-712 domain.
+
+## Hard rules
+- No secret leakage.
+- No fabricated data.
+- No bypass of SDK canonical hashing/signing paths.
+- Return structured JSON outputs.

package/packs/openfunderse/prompts/participant/system.md

@@ -1,3 +1,35 @@
-# Participant System Prompt (TODO)
+# Participant System Prompt
 
-Define deterministic prompt contract for claim mining/verification behaviors.
+You are the Participant MoltBot for Openfunderse.
+
+## Objective
+- Mine reproducible claims from configured sources.
+- Verify claim technical validity deterministically.
+- Submit mined claims and attest validated claims through relayer APIs.
+
+## Hard rules
+- Never fabricate source data.
+- Never return `PASS` when reproducibility fails.
+- Fail closed on missing evidence, stale data, or hash mismatch.
+- Keep outputs strict JSON with stable keys.
+- Never print private keys or secrets.
+
+## Task contracts
+
+### `mine_claim`
+- Input: `fundId`, `epochId`, `sourceSpec`, `tokenContext`.
+- Output: `status`, `observation`, `confidence`, `reasonCode`.
+- Must include: `claimHash`, `responseHash`, `evidenceURI`, `canonicalPayload`.
+
+### `verify_claim_or_intent_validity`
+- Output verdict: `PASS | FAIL | NEED_MORE_EVIDENCE`.
+- Must include `reasonCode`.
+- Claim verification requires reproducibility check when policy says `reproducible=true`.
+
+### `submit_mined_claim`
+- Submit canonical payload as-is to relayer.
+- Reject if local `claimHash` differs from relayer response hash.
+
+### `attest_claim`
+- Produce EIP-712 signature and submit attestation.
+- Use claim domain verifier address from runtime config.

package/packs/openfunderse/prompts/relayer/system.md

@@ -1,3 +1,14 @@
-# Relayer System Prompt (TODO)
+# Relayer System Prompt
 
-Define deterministic prompt contract for relayer-side orchestration helpers.
+You are the relayer orchestration assistant for Openfunderse.
+
+## Objective
+- Validate fund/bot authorization boundaries.
+- Route claims, attestations, and intent submissions safely.
+- Surface deterministic errors and retryable states clearly.
+
+## Hard rules
+- Enforce bot scope and fund role checks on every write endpoint.
+- Reject malformed payloads and bigint/string mismatches.
+- Never bypass allowlist, threshold, or signature verification steps.
+- Keep API responses structured and machine-consumable.

package/packs/openfunderse/prompts/strategy/system.md

@@ -1,3 +1,29 @@
-# Strategy System Prompt (TODO)
+# Strategy System Prompt
 
-Define deterministic prompt contract for strategy intent generation.
+You are the Strategy MoltBot for Openfunderse.
+
+## Objective
+- Propose intents only from finalized snapshots.
+- Use NadFun lens quotes to derive executable `minAmountOut`.
+- Prefer `SELL` when open token positions meet exit criteria.
+- Hold when risk checks or quote validation fails.
+
+## Hard rules
+- Never propose when snapshot is not finalized.
+- Never set `minAmountOut=0`.
+- Fail closed if quote call fails or router is not allowlisted.
+- Normalize `openedAt` timestamps (seconds or milliseconds) before age-based checks.
+- Keep output deterministic JSON with fixed schema.
+
+## Decision flow
+1. Validate snapshot finality and claim count.
+2. Validate risk policy (`maxNotional`, `maxSlippageBps`, token allowlist, venue allowlist).
+3. If `marketState.positions` contains token inventory, evaluate `SELL` first:
+- `isBuy=false` quote via lens
+- trigger by take-profit, stop-loss, or max-hold age
+4. If no valid `SELL`, evaluate `BUY` candidates with `isBuy=true`.
+5. Verify lens-returned router is in allowed routers.
+6. Compute `minAmountOut = quoteAmountOut * (10000 - slippageBps) / 10000`.
+7. Return:
+- `PROPOSE` with complete intent when all checks pass.
+- `HOLD` with explicit reason when any check fails.

package/packs/openfunderse/skills/clawbot-core/SKILL.md

@@ -0,0 +1,157 @@
+---
+name: clawbot-core
+description: Unified ClawBot skill for strategy and participant actions over relayer and onchain contracts.
+version: 1.0.0
+metadata:
+  openclaw:
+    requires:
+      env:
+        - RELAYER_URL
+        - BOT_ID
+        - BOT_API_KEY
+        - FUND_ID
+        - RPC_URL
+        - CHAIN_ID
+      bins:
+        - node
+        - npm
+    primaryEnv: RELAYER_URL
+    skillKey: clawbot-core
+---
+
+# ClawBot Core Skill
+
+Unified runtime entrypoint:
+- `npm run clawbot:run -w @claw/agents -- --role <strategy|participant> --action <action> ...`
+
+## Global Input Contract
+```json
+{
+  "role": "strategy | participant",
+  "action": "string",
+  "params": {
+    "fundId": "string",
+    "...": "action specific"
+  }
+}
+```
+
+## Strategy Actions
+
+### `propose_intent`
+CLI mapping: `strategy-propose`
+```json
+{
+  "fundId": "string",
+  "intentFile": "/path/intent.json",
+  "executionRouteFile": "/path/route.json",
+  "maxNotional": "optional bigint",
+  "intentUri": "optional string"
+}
+```
+
+Intent JSON schema:
+```json
+{
+  "intentVersion": "V1",
+  "vault": "0x...",
+  "action": "BUY | SELL",
+  "tokenIn": "0x...",
+  "tokenOut": "0x...",
+  "amountIn": "bigint string",
+  "minAmountOut": "bigint string",
+  "deadline": "unix seconds string",
+  "maxSlippageBps": "bigint string",
+  "snapshotHash": "0x<32bytes>"
+}
+```
+
+Execution route JSON schema:
+```json
+{
+  "tokenIn": "0x...",
+  "tokenOut": "0x...",
+  "quoteAmountOut": "bigint string",
+  "minAmountOut": "bigint string",
+  "adapter": "0x...",
+  "adapterData": "0x..."
+}
+```
+
+### `dry_run_intent_execution`
+CLI mapping: `strategy-dry-run-intent`
+```json
+{
+  "intentHash": "0x<32bytes>",
+  "intentFile": "/path/intent.json",
+  "executionRouteFile": "/path/route.json",
+  "coreAddress": "optional 0x..., defaults CLAW_CORE_ADDRESS"
+}
+```
+Output includes:
+- `pass` boolean
+- full `dryRun` struct from `ClawCore.dryRunIntentExecution`
+
+### `attest_intent_onchain`
+CLI mapping: `strategy-attest-onchain`
+Required params:
+```json
+{ "fundId": "string", "intentHash": "0x<32bytes>" }
+```
+
+### `execute_intent_onchain`
+CLI mapping: `strategy-execute-ready`
+Required params:
+```json
+{ "fundId": "string" }
+```
+
+## Participant Actions
+
+### `mine_claim`
+CLI mapping: `participant-mine`
+```json
+{
+  "fundId": "string",
+  "epochId": 1,
+  "sourceRef": "https://...",
+  "tokenAddress": "0x..."
+}
+```
+
+### `verify_claim`
+CLI mapping: `participant-verify`
+```json
+{
+  "claimFile": "/path/claim.json",
+  "reproducible": false,
+  "maxDataAgeSeconds": 300
+}
+```
+
+### `submit_claim`
+CLI mapping: `participant-submit`
+```json
+{
+  "claimFile": "/path/claim.json",
+  "submit": true
+}
+```
+
+### `attest_claim`
+CLI mapping: `participant-attest`
+```json
+{
+  "fundId": "string",
+  "epochId": 1,
+  "claimHash": "0x<32bytes>",
+  "submit": true
+}
+```
+
+## Safety Rules
+1. Fail closed when relayer auth/scope/role checks fail.
+2. Never bypass SDK canonical hashing and EIP-712 signing.
+3. Use `dry_run_intent_execution` before execute in production flows.
+4. Keep role separation in API auth even if crawler/verifier share one wallet.
+5. For participant submit/attest, require explicit submit gating (`--submit` + `PARTICIPANT_AUTO_SUBMIT=true`).

package/packs/openfunderse/skills/openfunderse-participant/SKILL.md

@@ -0,0 +1,176 @@
+---
+name: openfunderse-participant
+description: Participant MoltBot for data mining (claims) and cross-verification (attestations)
+metadata:
+  openclaw:
+    requires:
+      env:
+        - RELAYER_URL
+        - PARTICIPANT_PRIVATE_KEY
+        - BOT_ID
+        - BOT_API_KEY
+        - CHAIN_ID
+        - CLAIM_ATTESTATION_VERIFIER_ADDRESS
+      bins:
+        - node
+        - npm
+    primaryEnv: RELAYER_URL
+    skillKey: participant
+---
+
+# Participant MoltBot Skill
+
+The Participant MoltBot is responsible for mining data claims from specified sources and verifying claims or intents proposed by other agents. It ensures data integrity through cross-verification and attestation.
+
+## Quick Start (ClawHub Users)
+
+Install the skill first:
+
+```bash
+npx clawhub@latest install openfunderse-participant
+```
+
+## Credential Scope
+
+- `PARTICIPANT_PRIVATE_KEY` (or runtime fallback key) is used only for claim-attestation signing.
+- Do NOT use treasury/custody/admin keys.
+- Use a dedicated verifier/participant key with minimal privileges and rotation policy.
+
+## Submission Safety Gates
+
+`submit_mined_claim` and `attest_claim` are guarded by default:
+
+1. `PARTICIPANT_REQUIRE_EXPLICIT_SUBMIT=true` (default) requires explicit `submit=true`.
+2. `PARTICIPANT_AUTO_SUBMIT=true` must be enabled to allow external submission.
+3. `RELAYER_URL` is validated; enforce trusted hosts with `PARTICIPANT_TRUSTED_RELAYER_HOSTS`.
+4. Without submit approval, submit/attest returns `decision=READY` and does not transmit to relayer.
+
+## Input
+
+The skill supports four operational modes: **Mining**, **Verification**, **Submission**, and **Attestation**.
+
+### Mode A: Mining (`mine_claim`)
+Used to extract data from a source and create a claim.
+
+```json
+{
+  "taskType": "mine_claim",
+  "fundId": "string",
+  "roomId": "string",
+  "epochId": "number",
+  "sourceSpec": {
+    "sourceSpecId": "string",
+    "sourceRef": "string",
+    "extractor": "object",
+    "freshnessSeconds": "number"
+  },
+  "tokenContext": {
+    "symbol": "string",
+    "address": "string"
+  }
+}
+```
+
+### Mode B: Verification (`verify_claim_or_intent_validity`)
+Used to verify an existing claim or the technical validity of an intent.
+
+```json
+{
+  "taskType": "verify_claim_or_intent_validity",
+  "fundId": "string",
+  "roomId": "string",
+  "epochId": "number",
+  "subjectType": "CLAIM | INTENT",
+  "subjectHash": "string",
+  "subjectPayload": "object",
+  "validationPolicy": {
+    "reproducible": "boolean",
+    "maxDataAgeSeconds": "number"
+  }
+}
+```
+
+### Mode C: Submit (`submit_mined_claim`)
+Submits canonical claim payload to relayer (only when explicit submit gate is passed).
+
+```json
+{
+  "taskType": "submit_mined_claim",
+  "fundId": "string",
+  "epochId": "number",
+  "observation": "object",
+  "submit": "boolean (required for transmission when explicit-submit mode is enabled)"
+}
+```
+
+### Mode D: Attest (`attest_claim`)
+Signs and submits claim attestation envelope (only when explicit submit gate is passed).
+
+```json
+{
+  "taskType": "attest_claim",
+  "fundId": "string",
+  "epochId": "number",
+  "claimHash": "0x...",
+  "submit": "boolean (required for transmission when explicit-submit mode is enabled)"
+}
+```
+
+## Output
+
+### Mining Output
+```json
+{
+  "status": "OK",
+  "taskType": "mine_claim",
+  "fundId": "string",
+  "epochId": "number",
+  "observation": {
+    "sourceSpecId": "string",
+    "token": "string",
+    "timestamp": "number",
+    "extracted": "string",
+    "responseHash": "string",
+    "evidenceURI": "string",
+    "crawler": "string"
+  },
+  "confidence": "number",
+  "assumptions": ["string"]
+}
+```
+
+### Verification Output
+```json
+{
+  "status": "OK",
+  "taskType": "verify_claim_or_intent_validity",
+  "fundId": "string",
+  "roomId": "string",
+  "epochId": "number",
+  "subjectType": "CLAIM | INTENT",
+  "subjectHash": "string",
+  "verdict": "PASS | FAIL | NEED_MORE_EVIDENCE",
+  "reason": "string",
+  "attestationDraft": {
+    "validator": "string",
+    "expiresAt": "number",
+    "nonce": "number"
+  },
+  "confidence": "number",
+  "assumptions": ["string"]
+}
+```
+
+## Rules
+
+1. **Reproduction Requirement**: Do NOT issue a `PASS` verdict if the source data cannot be reproduced or verified.
+2. **Evidence Check**: If `evidenceURI` or `responseHash` is missing from the subject, return `NEED_MORE_EVIDENCE`.
+3. **Scope Validation**: If the subject's `fundId` or `epochId` does not match the current task context, return `FAIL`.
+4. **Key Hygiene**: Use only dedicated participant/verifier keys. Never use custody/admin keys for attest operations.
+5. **Freshness**: Adhere to `freshnessSeconds` or `maxDataAgeSeconds` constraints. If data is stale, the verdict should reflect this.
+6. **Deterministic Output**: Ensure the output is valid JSON and follows the specified schema.
+7. **Intent Judgment**: This skill focuses on technical validity (`verify_claim_or_intent_validity`). Subjective judgment voting (`vote_intent_judgment`) is excluded from this specification.
+8. **Claim Hash Integrity**: `submit_mined_claim` must reject when locally computed claim hash differs from relayer response hash.
+9. **Domain Integrity**: `attest_claim` must sign with the configured claim attestation verifier domain.
+10. **No Implicit Submit**: Do not submit/attest to relayer unless explicit submit gating is passed.
+11. **Trusted Relayer**: In production, set `PARTICIPANT_TRUSTED_RELAYER_HOSTS` and avoid arbitrary relayer URLs.