mnemospark 1.2.1 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +42 -24
- package/dist/cli.js +366 -126
- package/dist/cli.js.map +1 -1
- package/dist/index.d.ts +21 -6
- package/dist/index.js +348 -105
- package/dist/index.js.map +1 -1
- package/openclaw.plugin.json +1 -1
- package/package.json +2 -2
- package/skills/mnemospark/SKILL.md +4 -2
- package/skills/mnemospark/references/commands.md +2 -1
- package/scripts/README.md +0 -55
- package/scripts/install-aws-cli.sh +0 -28
- package/scripts/install-jq.sh +0 -13
- package/scripts/install-pnpm.sh +0 -20
- package/scripts/reinstall.sh +0 -102
- package/scripts/uninstall.sh +0 -67
- package/scripts/verify-dev-tools.sh +0 -56
package/README.md
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
**Wallet and go. 💙**
|
|
4
4
|
_No forms. No email. Just Base. 💙_
|
|
5
5
|
|
|
6
|
-
mnemospark is an agentic service layer for OpenClaw
|
|
6
|
+
mnemospark is an agentic service layer for OpenClaw plus a standalone x402 payment + verification backend. It enables encrypted, authenticated, fully autonomous cloud and data workflows—paid via x402 with USDC on Base. No human onboarding. No API keys. The blockchain transaction is the record.
|
|
7
7
|
|
|
8
8
|
---
|
|
9
9
|
|
|
@@ -11,7 +11,7 @@ mnemospark is an agentic service layer for OpenClaw and a standalone x402 paymen
|
|
|
11
11
|
|
|
12
12
|
mnemospark connects OpenClaw agents to cloud workflows with wallet-native auth + payment rails.
|
|
13
13
|
|
|
14
|
-
- **Wallet-
|
|
14
|
+
- **Wallet-native authentication** for storage/API actions
|
|
15
15
|
- **x402-native payments** with USDC on Base
|
|
16
16
|
- **Agent-first flow** (quote → pay → provision)
|
|
17
17
|
- **Encrypted payload support** and structured request signing
|
|
@@ -24,7 +24,7 @@ mnemospark connects OpenClaw agents to cloud workflows with wallet-native auth +
|
|
|
24
24
|
### 1) Install the plugin in OpenClaw
|
|
25
25
|
|
|
26
26
|
```bash
|
|
27
|
-
openclaw plugins install mnemospark
|
|
27
|
+
openclaw plugins install mnemospark --dangerously-force-unsafe-install
|
|
28
28
|
openclaw gateway start
|
|
29
29
|
```
|
|
30
30
|
|
|
@@ -57,7 +57,7 @@ openclaw gateway restart
|
|
|
57
57
|
**Syntax**
|
|
58
58
|
|
|
59
59
|
- **Chat / OpenClaw (primary):** use `key:value` for arguments (for example `wallet-address:0x…`, `region:us-east-1`). `key=value` is also accepted.
|
|
60
|
-
- **Agent-driven workflows and CLI-style usage:** prefer `--parameter value` (
|
|
60
|
+
- **Agent-driven workflows and CLI-style usage:** prefer `--parameter value` (for example `npx mnemospark` or shell scripts).
|
|
61
61
|
|
|
62
62
|
**Top-level routes** (after `/mnemospark`)
|
|
63
63
|
|
|
@@ -82,33 +82,35 @@ Use via `/mnemospark cloud …` (or `/mnemospark wallet …`) in OpenClaw chat.
|
|
|
82
82
|
### Get a storage quote
|
|
83
83
|
|
|
84
84
|
```text
|
|
85
|
-
/mnemospark cloud price-storage
|
|
85
|
+
/mnemospark cloud price-storage wallet-address:<addr> object-id:<id> object-id-hash:<sha256> gb:<gb> provider:aws region:us-east-1
|
|
86
86
|
```
|
|
87
87
|
|
|
88
|
-
Use other regions by changing
|
|
88
|
+
Use other regions by changing `provider:` and `region:` (defaults: `aws` / `us-east-1`).
|
|
89
89
|
|
|
90
90
|
### Upload using quote
|
|
91
91
|
|
|
92
92
|
```text
|
|
93
|
-
/mnemospark cloud upload
|
|
93
|
+
/mnemospark cloud upload quote-id:<quote-id> wallet-address:<addr> object-id:<id> object-id-hash:<sha256>
|
|
94
94
|
```
|
|
95
95
|
|
|
96
|
+
On **OpenClaw 2026.4.x**, the first successful upload applies the **Mnemospark Renewal Agent Runbook** for you: it ensures a dedicated agent (`mnemospark-renewal` by default) with `tools.deny: ["subagents"]` and `tools.exec.ask: "off"`, updates `~/.openclaw/exec-approvals.json` so `/usr/bin/node` is allowlisted for that agent, runs `openclaw config validate`, and best-effort `openclaw gateway restart`. It then registers the monthly renewal cron with `--no-deliver`, `--agent`, and a `Command: /usr/bin/node …/dist/cli.js cloud payment-settle --renewal …` message. Override paths with `MNEMOSPARK_CRON_AGENT_ID` and `MNEMOSPARK_CRON_NODE_BIN` if your system differs.
|
|
97
|
+
|
|
96
98
|
### List objects
|
|
97
99
|
|
|
98
100
|
```text
|
|
99
|
-
/mnemospark cloud ls
|
|
101
|
+
/mnemospark cloud ls wallet-address:<addr> object-key:<object-key>
|
|
100
102
|
```
|
|
101
103
|
|
|
102
104
|
### Download object
|
|
103
105
|
|
|
104
106
|
```text
|
|
105
|
-
/mnemospark cloud download
|
|
107
|
+
/mnemospark cloud download wallet-address:<addr> object-key:<object-key>
|
|
106
108
|
```
|
|
107
109
|
|
|
108
110
|
### Delete object
|
|
109
111
|
|
|
110
112
|
```text
|
|
111
|
-
/mnemospark cloud delete
|
|
113
|
+
/mnemospark cloud delete wallet-address:<addr> object-key:<object-key>
|
|
112
114
|
```
|
|
113
115
|
|
|
114
116
|
---
|
|
@@ -118,7 +120,7 @@ Use other regions by changing `--provider` and `--region` (defaults: `aws` / `us
|
|
|
118
120
|
mnemospark follows a quote-and-pay execution model:
|
|
119
121
|
|
|
120
122
|
1. Agent requests a quote.
|
|
121
|
-
2. Agent provides wallet-
|
|
123
|
+
2. Agent provides wallet-native + payment authorization.
|
|
122
124
|
3. Backend verifies payment/auth context.
|
|
123
125
|
4. Storage action executes.
|
|
124
126
|
|
|
@@ -141,17 +143,21 @@ The blockchain transaction is the payment record.
|
|
|
141
143
|
|
|
142
144
|
Optional unless noted. All names use the `MNEMOSPARK_` prefix.
|
|
143
145
|
|
|
144
|
-
| Variable
|
|
145
|
-
|
|
|
146
|
-
| `MNEMOSPARK_BACKEND_API_BASE_URL`
|
|
147
|
-
| `MNEMOSPARK_PROXY_PORT`
|
|
148
|
-
| `MNEMOSPARK_DOWNLOAD_DIR`
|
|
149
|
-
| `MNEMOSPARK_WALLET_KEY`
|
|
150
|
-
| `MNEMOSPARK_REMOVE_BACKUP_FILE`
|
|
151
|
-
| `MNEMOSPARK_DISABLED`
|
|
152
|
-
| `MNEMOSPARK_DISABLE_SQLITE`
|
|
153
|
-
| `MNEMOSPARK_SQLITE_STRICT`
|
|
154
|
-
| `MNEMOSPARK_PROXY_VERBOSE_404`
|
|
146
|
+
| Variable | Purpose |
|
|
147
|
+
| ------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
148
|
+
| `MNEMOSPARK_BACKEND_API_BASE_URL` | Base URL for the mnemospark backend API (required for the local HTTP proxy to forward storage calls). Example: `https://{api-id}.execute-api.{region}.amazonaws.com/{stage}`. |
|
|
149
|
+
| `MNEMOSPARK_PROXY_PORT` | TCP port for the mnemospark HTTP proxy (default `7120`). |
|
|
150
|
+
| `MNEMOSPARK_DOWNLOAD_DIR` | Directory where the proxy writes downloaded objects (default `~/.openclaw/mnemospark/downloads/`). |
|
|
151
|
+
| `MNEMOSPARK_WALLET_KEY` | Path to the wallet private key file when not using the default `~/.openclaw/mnemospark/wallet/wallet.key`. |
|
|
152
|
+
| `MNEMOSPARK_REMOVE_BACKUP_FILE` | After a **successful** cloud upload, delete the local backup archive under `~/.openclaw/mnemospark/backup/`. **Default when unset:** remove the file. Set to `0`, `false`, `no`, or `n` to keep it; `1`, `true`, `yes`, or `y` to remove. |
|
|
153
|
+
| `MNEMOSPARK_DISABLED` | Set to `true` or `1` to disable plugin registration. |
|
|
154
|
+
| `MNEMOSPARK_DISABLE_SQLITE` | Set to `1` to disable local SQLite (`state.db`); cloud commands that need local state will fail. |
|
|
155
|
+
| `MNEMOSPARK_SQLITE_STRICT` | Set to `1` so certain SQLite consistency checks (e.g. friendly-name verification after upload) throw instead of warning. |
|
|
156
|
+
| `MNEMOSPARK_PROXY_VERBOSE_404` | When `1`, `true`, or `yes`, the local HTTP proxy includes a `message` field on **404** responses describing supported paths. Default (unset) is a generic JSON body `{ "error": "Not found" }` only (reduces reconnaissance). |
|
|
157
|
+
| `MNEMOSPARK_CRON_AGENT_ID` | OpenClaw agent id used for the monthly renewal cron (default `mnemospark-renewal`). |
|
|
158
|
+
| `MNEMOSPARK_CRON_NODE_BIN` | Absolute path to `node` for renewal cron exec (default `/usr/bin/node`). |
|
|
159
|
+
| `MNEMOSPARK_DISABLE_OPENCLAW_PREREQ` | Set to `1` to skip automatic runbook application (for advanced debugging only). |
|
|
160
|
+
| `MNEMOSPARK_SKIP_GATEWAY_RESTART` | Set to `1` to skip best-effort `openclaw gateway restart` after prerequisite writes. |
|
|
155
161
|
|
|
156
162
|
---
|
|
157
163
|
|
|
@@ -160,16 +166,28 @@ Optional unless noted. All names use the `MNEMOSPARK_` prefix.
|
|
|
160
166
|
1. Install plugin
|
|
161
167
|
2. Fund Base wallet with USDC
|
|
162
168
|
3. Request quote
|
|
163
|
-
4. Execute upload
|
|
169
|
+
4. Execute upload (supports up to 5 GB files - multipart uploads coming soon!)
|
|
164
170
|
5. Confirm/list/download/delete as needed
|
|
165
171
|
|
|
166
172
|
---
|
|
167
173
|
|
|
174
|
+
## OpenClaw Install Warning
|
|
175
|
+
|
|
176
|
+
If OpenClaw shows a warning about **dangerous code patterns** when installing or updating mnemospark—often mentioning shell execution (`child_process`), environment variables, and network access—here is what is going on.
|
|
177
|
+
|
|
178
|
+
mnemospark is an **OpenClaw plugin** that talks to **your configured mnemospark backend**, runs a **local HTTP proxy** for storage workflows, and can **invoke the `openclaw` CLI** and system tools when needed (for example creating archives with `tar` or running `npm` when you use the update command). Those features use the same low-level Node.js APIs—`child_process` and `fetch`—that security tools also associate with risky software, so the installer may warn you even when the behavior is intentional and benign.
|
|
179
|
+
|
|
180
|
+
We also read **environment variables** you set on purpose (such as `MNEMOSPARK_BACKEND_API_BASE_URL`, `MNEMOSPARK_PROXY_PORT`, or wallet-related settings) so you can configure the plugin without editing code. Automated scans sometimes flag “environment access + network” as a possible credential-stealing pattern. In mnemospark, that combination exists because the plugin is **configurable and networked by design**, not because we are harvesting your unrelated secrets.
|
|
181
|
+
|
|
182
|
+
mnemospark is **open source**. If you want extra assurance, review the repository, search for `child_process`, `process.env`, and `fetch`, and run your own tests in a safe environment. The warning helps keep the ecosystem safe; for mnemospark it reflects **capabilities**, not a finding of malicious intent.
|
|
183
|
+
|
|
184
|
+
---
|
|
185
|
+
|
|
168
186
|
## Troubleshooting
|
|
169
187
|
|
|
170
188
|
- **Missing wallet/auth errors**: verify wallet key is present and request signature headers are generated.
|
|
171
189
|
- **402 payment required**: expected in challenge flow; ensure client retries with payment authorization.
|
|
172
|
-
- **Upload/storage backend errors**: verify cloud permissions (e.g
|
|
190
|
+
- **Upload/storage backend errors**: verify cloud permissions (e.g. bucket access + IAM role rights).
|
|
173
191
|
- **Command not recognized**: confirm plugin installed and gateway restarted.
|
|
174
192
|
- **One-step operation correlation**: run `./skills/mnemospark/scripts/debug-operation.sh <operation-id>` (or omit ID to use latest).
|
|
175
193
|
|