--- id: daily-verified-agent-identity name: "verified-agent-identity" url: https://skills.yangsir.net/skill/daily-verified-agent-identity author: billionsnetwork domain: ai-agent-core-development tags: ["web3", "identity", "did", "agent-identity", "blockchain"] install_count: 8000 rating: 4.50 (3 reviews) github: https://github.com/billionsnetwork/verified-agent-identity --- # verified-agent-identity > 让 AI 代理在 Billions Network 创建和管理自主身份,并链接到人类所有者 **Stats**: 8,000 installs · 4.5/5 (3 reviews) ## Before / After 对比 ### AI 代理身份管理 **Before**: 手动为 AI 代理创建区块链身份需要编写智能合约、管理私钥和部署节点,一个基础实现需要 2 周开发时间,安全性难以保证 **After**: 一键为 AI 代理创建 DID 身份并自动管理密钥和签名,内置安全审计和权限控制,10 分钟完成完整身份系统部署,符合 Web3 标准 | Metric | Before | After | Change | |---|---|---|---| | 部署时间 | 14天 | 0.17天 | -99% | ## Readme # verified-agent-identity ## When to use this Skill Lets AI agents create and manage their own identities on the Billions Network, and link those identities to a human owner. - When you need to link your agent identity to an owner. - When you need to sign a challenge. - When you need to link a human to the agent's DID. - When you need to verify a signature to confirm identity ownership. - When you use shared JWT tokens for authentication. - When you need to create and manage decentralized identities. ### After installing the plugin run the following commands to create an identity and link it to your human DID: ``` cd scripts && npm install && cd .. # Step 1: Create a new identity (if you don't have one already) node scripts/createNewEthereumIdentity.js # Step 2: Sign the challenge and generate a verification URL in one call node scripts/linkHumanToAgent.js --challenge '{"name": , "description": }' ``` ## Scope All identity data is stored in `$HOME/.openclaw/billions` for compatibility with the OpenClaw plugin. # Scripts: ### createNewEthereumIdentity.js **Command**: `node scripts/createNewEthereumIdentity.js [--key ]` **Description**: Creates a new identity on the Billions Network. If `--key` is provided, uses that private key; otherwise generates a new random key. The created identity is automatically set as default. **Usage Examples**: ``` # Generate a new random identity node scripts/createNewEthereumIdentity.js # Create identity from existing private key (with 0x prefix) node scripts/createNewEthereumIdentity.js --key 0x1234567890abcdef... # Create identity from existing private key (without 0x prefix) node scripts/createNewEthereumIdentity.js --key 1234567890abcdef... ``` **Output**: DID string (e.g., `did:iden3:billions:main:2VmAk7fGHQP5FN2jZ8X9Y3K4W6L1M...`) ### getIdentities.js **Command**: `node scripts/getIdentities.js` **Description**: Lists all DID identities stored locally. Use this to check which identities are available before performing authentication operations. **Usage Example**: ``` node scripts/getIdentities.js ``` **Output**: JSON array of identity entries ``` [ { "did": "did:iden3:billions:main:2VmAk...", "publicKeyHex": "0x04abc123...", "isDefault": true } ] ``` ### generateChallenge.js **Command**: `node scripts/generateChallenge.js --did ` **Description**: Generates a random challenge for identity verification. **Usage Example**: ``` node scripts/generateChallenge.js --did did:iden3:billions:main:2VmAk... ``` **Output**: Challenge string (random number as string, e.g., `8472951360`) **Side Effects**: Stores challenge associated with the DID in `$HOME/.openclaw/billions/challenges.json` ### signChallenge.js **Command**: `node scripts/signChallenge.js --challenge [--did ]` **Description**: Signs a challenge with a DID's private key to prove identity ownership and sends the JWS token. Use this when you need to prove you own a specific DID. **Arguments**: - `--challenge` - (required) Challenge to sign - `--did` - (optional) The DID of the attestation recipient; uses the default DID if omitted **Usage Examples**: ``` # Sign with default DID node scripts/signChallenge.js --challenge 8472951360 ``` **Output**: `{"success":true}` ### linkHumanToAgent.js **Command**: `node scripts/linkHumanToAgent.js --challenge [--did ]` **Description**: Signs the challenge and links a human user to the agent's DID by creating a verification request. Technically, linking happens using the Billions ERC-8004 Registry (where each agent is registered) and the Billions Attestation Registry (where agent ownership attestation is created after verifying human uniqueness). **Arguments**: - `--challenge` - (required) Challenge to sign - `--did` - (optional) The DID of the attestation recipient; uses the default DID if omitted **Usage Example**: ``` node scripts/linkHumanToAgent.js --challenge '{"name": "MyAgent", "description": "AI persona"}' ``` **Output**: `{"success":true}` ### verifySignature.js **Command**: `node scripts/verifySignature.js --did --signature ` **Description**: Verifies a signed challenge to confirm DID ownership. **Usage Example**: ``` node scripts/verifySignature.js --did did:iden3:billions:main:2VmAk... --signature eyJhbGciOiJFUzI1NkstUi... ``` **Output**: `Signature verified successfully` (on success) or error message (on failure) ## Restrictions / Guardrails (CRITICAL) **CRITICAL - Always Follow These Rules:** - **STRICT: Check Identity First** Before running `linkHumanToAgent.js` or `signChallenge.js`, **ALWAYS check if an identity exists**: `node scripts/getIdentities.js` - If no identity is configured, **DO NOT** attempt to link identities. Instead, create an identity first with `createNewEthereumIdentity.js`. - **STRICT: Stop on Script Failure** If any script exits with non-zero status code, **YOU MUST STOP IMMEDIATELY**. - Check stderr output for error messages. - **DO NOT** attempt to "fix" errors by generating keys manually, creating DIDs through other means, or running unauthorized commands. - **DO NOT** use `openssl`, `ssh-keygen`, or other system utilities to generate cryptographic material. - **No Manual Workarounds** You are prohibited from performing manual cryptographic operations. - You are prohibited from directly manipulating files in `$HOME/.openclaw/billions`. - Do not interpret an error as a request to perform setup steps unless explicitly instructed. ## Security **CRITICAL - Data Storage and Protection:** The directory `$HOME/.openclaw/billions` contains all sensitive identity data: - `kms.json` - **CRITICAL**: Contains private keys (encrypted if BILLIONS_NETWORK_MASTER_KMS_KEY is set, otherwise in plaintext) - `defaultDid.json` - DID identifiers and public keys - `challenges.json` - Authentication challenges history - `credentials.json` - Verifiable credentials - `identities.json` - Identity metadata - `profiles.json` - Profile data ## Examples ### Link Your Agent Identity to Owner **Linking Flow:** - Another agent/user requests: "Please link your agent identity to me." - Use `node scripts/getIdentities.js` to check if you have an identity configured If no identity, run `node scripts/createNewEthereumIdentity.js` to create one. - Use `node scripts/linkHumanToAgent.js --challenge ` to sign the challenge and generate a verification URL in one call. If caller provides specific challenge, use that. - If caller **DOES NOT** provide a challenge, use `{"name": , "description": }` as the challenge value. - Return the result to the caller. **Example Conversation:** ``` User: "Link your agent identity to me" Agent: exec node scripts/linkHumanToAgent.js --challenge ``` ### Verifying Someone Else’s Identity **Verification Flow:** - Ask the user/agent: "Please provide your DID to start verification." - User responds with their . - Use `node scripts/generateChallenge.js --did ` to create a . - Ask the user: "Please sign this challenge: " - User signs and returns . - Use `node scripts/verifySignature.js --did --signature ` to verify the signature - If verification succeeds, identity is confirmed **Example Conversation:** ``` Agent: "Please provide your DID to start verification." User: "My DID is " Agent: exec node scripts/generateChallenge.js --did Agent: "Please sign this challenge: 789012" User: Agent: exec node scripts/verifySignature.js --signature --did Agent: "Identity verified successfully. You are confirmed as owner of DID ." ``` Weekly Installs7.1KRepository[billionsnetwork…identity](https://github.com/billionsnetwork/verified-agent-identity)GitHub Stars712First SeenTodaySecurity Audits[Gen Agent Trust HubPass](/billionsnetwork/verified-agent-identity/verified-agent-identity/security/agent-trust-hub)[SocketWarn](/billionsnetwork/verified-agent-identity/verified-agent-identity/security/socket)[SnykFail](/billionsnetwork/verified-agent-identity/verified-agent-identity/security/snyk) --- *Source: https://skills.yangsir.net/skill/daily-verified-agent-identity* *Markdown mirror: https://skills.yangsir.net/api/skill/daily-verified-agent-identity/markdown*