πŸ”
12917 skills
← All skills
Tencent SkillHub Β· AI

Sign-in with Agent

SIWA (Sign-In With Agent) authentication for ERC-8004 registered agents.

skill openclawclawhub Free
0 Downloads
0 Stars
0 Installs
0 Score
High Signal

SIWA (Sign-In With Agent) authentication for ERC-8004 registered agents.

⬇ 0 downloads β˜… 0 stars Unverified but indexed

Install for OpenClaw

Quick setup
  1. Download the package from Yavira.
  2. Extract the archive and review SKILL.md first.
  3. Import or place the package into your OpenClaw setup.

Requirements

Target platform
OpenClaw
Install method
Manual import
Extraction
Extract archive
Prerequisites
OpenClaw
Primary doc
SKILL.md

Package facts

Download mode
Yavira redirect
Package format
ZIP package
Source platform
Tencent SkillHub
What's included
package.json, skill.md, CLAUDE.md, bankr/skill.md, assets/registration-template.json, assets/SIWA_IDENTITY.template.md

Validation

  • Use the Yavira download entry.
  • Review SKILL.md after the package is downloaded.
  • Confirm the extracted package contains the expected setup assets.

Install with your agent

Agent handoff

Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.

  1. Download the package from Yavira.
  2. Extract it into a folder your agent can access.
  3. Paste one of the prompts below and point your agent at the extracted folder.
New install

I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.

Upgrade existing

I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.

Open Send to Agent page Open JSON manifest Open Markdown brief

Trust & source

Release facts

Source
Tencent SkillHub
Verification
Indexed source record
Version
0.0.4

Documentation

ClawHub primary doc Primary doc: SKILL.md 13 sections Open source page

SIWA SDK

Sign-In With Agent (SIWA) lets AI agents authenticate with services using their ERC-8004 onchain identity.

Install

npm install @buildersgarden/siwa

Agent-Side (Signing)

Choose based on your wallet provider: Bankr β€” Bankr Agent API wallets Circle β€” Circle developer-controlled wallets Privy β€” Privy server wallets Private Key β€” Raw private key (viem LocalAccount) Keyring Proxy β€” Self-hosted proxy with optional 2FA

Server-Side (Verification)

Server-Side Verification β€” Next.js, Express, Hono, Fastify

SDK Modules

ImportDescription@buildersgarden/siwaCore: signSIWAMessage, verifySIWA, createSIWANonce, parseSIWAMessage, buildSIWAMessage, createClientResolver, parseChainId@buildersgarden/siwa/signerSigner factories (see wallet-specific skills above)@buildersgarden/siwa/erc8128ERC-8128 HTTP signing/verification@buildersgarden/siwa/receiptHMAC receipt helpers@buildersgarden/siwa/nonce-storeNonce stores (Memory, Redis, KV)@buildersgarden/siwa/identitySIWA_IDENTITY.md helpers@buildersgarden/siwa/registryOnchain agent registration@buildersgarden/siwa/client-resolverDynamic PublicClient resolution for multi-chain servers@buildersgarden/siwa/nextNext.js middleware (withSiwa, siwaOptions)@buildersgarden/siwa/expressExpress middleware (siwaMiddleware, siwaJsonParser, siwaCors)@buildersgarden/siwa/honoHono middleware (siwaMiddleware, siwaCors)@buildersgarden/siwa/fastifyFastify middleware (siwaPlugin, siwaAuth)@buildersgarden/siwa/x402x402 payment helpers@buildersgarden/siwa/captchaReverse CAPTCHA (prove you're an AI)

x402 Payments (Agent-Side)

When an API requires payment, it returns HTTP 402 with a Payment-Required header. The agent decodes the payment options, constructs a signed payment, and retries with a Payment-Signature header β€” all while maintaining SIWA authentication.

Handling a 402 Response

import { encodeX402Header, decodeX402Header, type PaymentRequired, type PaymentPayload, } from "@buildersgarden/siwa/x402"; import { signAuthenticatedRequest } from "@buildersgarden/siwa/erc8128"; // 1. Make initial authenticated request (may get 402) const signedRequest = await signAuthenticatedRequest( new Request("https://api.example.com/premium", { method: "POST" }), receipt, signer, 84532, ); const res = await fetch(signedRequest); if (res.status === 402) { // 2. Decode payment requirements from header const header = res.headers.get("Payment-Required"); const { accepts, resource } = decodeX402Header<PaymentRequired>(header!); // 3. Pick a payment option and construct payload const option = accepts[0]; const payload: PaymentPayload = { signature: "0x...", // sign the payment with your wallet payment: { scheme: option.scheme, network: option.network, amount: option.amount, asset: option.asset, payTo: option.payTo, }, resource, }; // 4. Retry with both SIWA auth + payment header const retryRequest = await signAuthenticatedRequest( new Request("https://api.example.com/premium", { method: "POST", headers: { "Payment-Signature": encodeX402Header(payload), }, }), receipt, signer, 84532, ); const paidRes = await fetch(retryRequest); // paidRes.headers.get("Payment-Response") contains { txHash, ... } }

x402 Headers

HeaderDirectionDescriptionPayment-RequiredServer β†’ AgentBase64-encoded JSON with accepted payment options. Sent with 402.Payment-SignatureAgent β†’ ServerBase64-encoded signed payment payload.Payment-ResponseServer β†’ AgentBase64-encoded settlement result with transaction hash.

Pay-Once Sessions

Some endpoints use pay-once mode: the first request requires payment, subsequent requests from the same agent to the same resource pass through without payment until the session expires. If you receive a 200 on a previously-paid endpoint, the session is still active β€” no need to pay again.

Captcha (Reverse CAPTCHA)

SIWA includes a "reverse CAPTCHA" mechanism β€” inspired by MoltCaptcha β€” that proves an entity is an AI agent, not a human. Challenges exploit how LLMs generate text in a single autoregressive pass (satisfying multiple constraints simultaneously), while humans must iterate. Two integration points: Sign-in flow β€” server requires captcha before issuing a nonce Per-request β€” middleware randomly challenges agents during authenticated API calls

Agent-Side: Handling a Captcha Challenge

The SDK provides two convenience wrappers for the captcha retry pattern: Sign-In Captcha: solveCaptchaChallenge() import { solveCaptchaChallenge } from "@buildersgarden/siwa/captcha"; // 1. Request nonce const nonceRes = await fetch("/api/siwa/nonce", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ address, agentId, agentRegistry }), }); const data = await nonceRes.json(); // 2. Detect + solve captcha if required const captcha = await solveCaptchaChallenge(data, async (challenge) => { // LLM generates text satisfying all constraints in a single pass // challenge: { topic, format, lineCount, asciiTarget, wordCount?, timeLimitSeconds, ... } // Your LLM generates text satisfying all constraints in one pass. // Use any provider (Anthropic, OpenAI, etc.) β€” the solver just returns a string. return await generateText(challenge); }); if (captcha.solved) { // 3. Retry with challenge response const retryRes = await fetch("/api/siwa/nonce", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ address, agentId, agentRegistry, challengeResponse: captcha.challengeResponse }), }); } Per-Request Captcha: retryWithCaptcha() import { signAuthenticatedRequest, retryWithCaptcha } from "@buildersgarden/siwa/erc8128"; const url = "https://api.example.com/action"; const body = JSON.stringify({ key: "value" }); // 1. Sign and send const signed = await signAuthenticatedRequest( new Request(url, { method: "POST", body }), receipt, signer, chainId, ); const response = await fetch(signed); // 2. Detect + solve captcha, re-sign, and get retry request const result = await retryWithCaptcha( response, new Request(url, { method: "POST", body }), // fresh request (original body consumed) receipt, signer, chainId, async (challenge) => generateText(challenge), // your LLM solver ); if (result.retry) { const retryResponse = await fetch(result.request); } Note: Pass a fresh, unconsumed Request to retryWithCaptcha β€” the original is consumed after signing/sending.

Difficulty Levels

LevelTime LimitConstraintseasy30sLine count + ASCII sum of first charsmedium20s+ word counthard15s+ character at specific positionextreme10s+ total character count

Links

Documentation ERC-8004 ERC-8128

Category context

Agent frameworks, memory systems, reasoning layers, and model-native orchestration.

Source: Tencent SkillHub

Largest current source with strong distribution and engagement signals.

Package contents

Included in package
4 Docs2 Config
  • assets/SIWA_IDENTITY.template.md Docs
  • bankr/skill.md Docs
  • CLAUDE.md Docs
  • skill.md Docs
  • assets/registration-template.json Config
  • package.json Config

Related skills

Tencent SkillHub Free
Featured

Tavily Web Search

Provides concise, highly relevant search results tuned for AI agents via the Tavily API.

AI skill openclaw
OpenClaw Free
Verified

Browser Research Agent

Navigate the web and capture structured findings

Pairs browser automation with structured capture so research runs can move from messy browsing into reusable findings.

AI agent openclaw
readyClaw Free
Verified

UX Research Systems

Structure interviews, patterns, and evidence

Turns research notes, interviews, and usability findings into clear patterns teams can actually use in product decisions.

AI agent claude