{ "schemaVersion": "1.0", "item": { "slug": "torchliquidationbot", "name": "Torch Liquidation Bot", "source": "tencent", "type": "skill", "category": "AI 智能", "sourceUrl": "https://clawhub.ai/mrsirg97-rgb/torchliquidationbot", "canonicalUrl": "https://clawhub.ai/mrsirg97-rgb/torchliquidationbot", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/torchliquidationbot", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=torchliquidationbot", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "agent.json", "audit.md", "verification.md", "SKILL.md", "design.md", "whitepaper.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/torchliquidationbot" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/torchliquidationbot", "agentPageUrl": "https://openagent3.xyz/skills/torchliquidationbot/agent", "manifestUrl": "https://openagent3.xyz/skills/torchliquidationbot/agent.json", "briefUrl": "https://openagent3.xyz/skills/torchliquidationbot/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Torch Liquidation Bot", "body": "You're here because you want to run a liquidation keeper on Torch Market -- and you want to do it safely.\n\nEvery migrated token on Torch has a built-in lending market. Holders lock tokens as collateral and borrow SOL from the community treasury (up to 50% LTV, 2% weekly interest). When a loan's LTV crosses 65%, it becomes liquidatable. Anyone can liquidate it and collect a 10% bonus on the collateral value.\n\nThat's where this bot comes in.\n\nIt scans every migrated token's lending market using the SDK's bulk loan scanner (getAllLoanPositions) -- one RPC call per token returns all active positions pre-sorted by health. When it finds one that's underwater, it liquidates it through your vault. The collateral tokens go to your vault ATA. The SOL cost comes from your vault. The agent wallet that signs the transaction holds nothing.\n\nThis is not a read-only scanner. This is a fully operational keeper that generates its own keypair, verifies vault linkage, and executes liquidation transactions autonomously in a continuous loop." }, { "title": "How It Works", "body": "┌──────────────────────────────────────────────────────────┐\n│ LIQUIDATION LOOP │\n│ │\n│ 1. Discover migrated tokens (getTokens) │\n│ 2. For each token, scan all loans (getAllLoanPositions) │\n│ — single RPC call, returns positions sorted by health │\n│ — liquidatable → at_risk → healthy │\n│ 3. Skip tokens with no active loans │\n│ 4. For each liquidatable position: │\n│ → buildLiquidateTransaction(vault=creator) │\n│ → sign with agent keypair │\n│ → submit and confirm │\n│ → break when health != 'liquidatable' (pre-sorted) │\n│ 5. Sleep SCAN_INTERVAL_MS, repeat │\n│ │\n│ All SOL comes from vault. All collateral goes to vault. │\n│ Agent wallet holds nothing. Vault is the boundary. │\n└──────────────────────────────────────────────────────────┘" }, { "title": "The Agent Keypair", "body": "The bot generates a fresh Keypair in-process on every startup. No private key file. No environment variable (unless you want to provide one). The keypair is disposable -- it signs transactions but holds nothing of value.\n\nOn first run, the bot checks if this keypair is linked to your vault. If not, it prints the exact SDK call you need to link it:\n\n--- ACTION REQUIRED ---\nagent wallet is NOT linked to the vault.\nlink it by running (from your authority wallet):\n\n buildLinkWalletTransaction(connection, {\n authority: \"\",\n vault_creator: \"\",\n wallet_to_link: \"\"\n })\n\nthen restart the bot.\n-----------------------\n\nLink it from your authority wallet (hardware wallet, multisig, whatever you use). The agent never needs the authority's key. The authority never needs the agent's key. They share a vault, not keys." }, { "title": "The Vault", "body": "This is the same Torch Vault from the full Torch Market protocol. It holds all assets -- SOL and tokens. The agent is a disposable controller.\n\nWhen the bot liquidates a position:\n\nSOL cost comes from the vault (the liquidation payment to cover the borrower's debt)\nCollateral tokens go to the vault's associated token account (ATA)\n10% bonus means the collateral received is worth 10% more than the SOL spent\n\nThe human principal retains full control:\n\nwithdrawVault() — pull SOL at any time\nwithdrawTokens(mint) — pull collateral tokens at any time\nunlinkWallet(agent) — revoke agent access instantly\n\nIf the agent keypair is compromised, the attacker gets dust and vault access that you revoke in one transaction." }, { "title": "1. Install", "body": "npm install torch-liquidation-bot@4.0.2\n\nOr use the bundled source from ClawHub — the Torch SDK is included in lib/torchsdk/ and the bot source is in lib/kit/." }, { "title": "2. Create and Fund a Vault (Human Principal)", "body": "From your authority wallet:\n\nimport { Connection } from \"@solana/web3.js\";\nimport {\n buildCreateVaultTransaction,\n buildDepositVaultTransaction,\n} from \"./lib/torchsdk/index.js\";\n\nconst connection = new Connection(process.env.SOLANA_RPC_URL);\n\n// Create vault\nconst { transaction: createTx } = await buildCreateVaultTransaction(connection, {\n creator: authorityPubkey,\n});\n// sign and submit with authority wallet...\n\n// Fund vault with SOL for liquidations\nconst { transaction: depositTx } = await buildDepositVaultTransaction(connection, {\n depositor: authorityPubkey,\n vault_creator: authorityPubkey,\n amount_sol: 5_000_000_000, // 5 SOL\n});\n// sign and submit with authority wallet..." }, { "title": "3. Run the Bot", "body": "VAULT_CREATOR= SOLANA_RPC_URL= npx torch-liquidation-bot\n\nOn first run, the bot prints the agent keypair and instructions to link it. Link it from your authority wallet, then restart." }, { "title": "4. Configuration", "body": "VariableRequiredDefaultDescriptionSOLANA_RPC_URLYes--Solana RPC endpoint (HTTPS). Fallback: RPC_URLVAULT_CREATORYes--Vault creator pubkeySOLANA_PRIVATE_KEYNo--Disposable controller keypair (base58 or JSON byte array). If omitted, generates fresh keypair on startup (recommended)SCAN_INTERVAL_MSNo30000Milliseconds between scan cycles (min 5000)LOG_LEVELNoinfodebug, info, warn, error" }, { "title": "Architecture", "body": "packages/bot/src/\n├── index.ts — entry point: keypair generation, vault verification, scan loop\n├── config.ts — loadConfig(): validates SOLANA_RPC_URL, VAULT_CREATOR, SOLANA_PRIVATE_KEY, SCAN_INTERVAL_MS, LOG_LEVEL\n├── types.ts — BotConfig, LogLevel interfaces\n└── utils.ts — sol(), bpsToPercent(), withTimeout(), createLogger()\n\nThe bot is ~192 lines of TypeScript. It does one thing: find underwater loans and liquidate them through the vault." }, { "title": "Dependencies", "body": "PackageVersionPurpose@solana/web3.js1.98.4Solana RPC, keypair, transactiontorchsdk3.7.22Token queries, bulk loan scanning, liquidation builder, vault queries\n\nTwo runtime dependencies. Both pinned to exact versions. No ^ or ~ ranges." }, { "title": "Vault Safety Model", "body": "The same seven guarantees from the Torch Market vault apply here:\n\nPropertyGuaranteeFull custodyVault holds all SOL and all collateral tokens. Agent wallet holds nothing.Closed loopLiquidation SOL comes from vault, collateral tokens go to vault. No leakage to agent.Authority separationCreator (immutable PDA seed) vs Authority (transferable admin) vs Controller (disposable signer).One link per walletAgent can only belong to one vault. PDA uniqueness enforces this on-chain.Permissionless depositsAnyone can top up the vault. Hardware wallet deposits, agent liquidates.Instant revocationAuthority can unlink the agent at any time. One transaction.Authority-only withdrawalsOnly the vault authority can withdraw SOL or tokens. The agent cannot extract value." }, { "title": "The Closed Economic Loop for Liquidations", "body": "DirectionFlowSOL outVault → Borrower's treasury debt (covers the loan)Tokens inBorrower's collateral → Vault ATA (at 10% discount)NetVault receives collateral worth 110% of SOL spent\n\nThe bot is profitable by design — every successful liquidation returns more value than it costs. The profit accumulates in the vault. The authority withdraws when ready." }, { "title": "Lending Parameters", "body": "ParameterValueMax LTV50%Liquidation Threshold65%Interest Rate2% per epoch (~weekly)Liquidation Bonus10%Utilization Cap70% of treasuryMin Borrow0.1 SOL\n\nCollateral value is calculated from Raydium pool reserves. The 0.03% Token-2022 transfer fee (3 bps, immutable per mint) applies on collateral deposits and withdrawals." }, { "title": "When Liquidations Happen", "body": "A loan becomes liquidatable when its LTV exceeds 65%. This happens when:\n\nThe token price drops (collateral value decreases relative to debt)\nInterest accrues (debt grows at 2% per epoch)\nA combination of both\n\nThe bot checks position.health === 'liquidatable' — the SDK calculates LTV from on-chain Raydium reserves and the loan's accrued debt." }, { "title": "SDK Functions Used", "body": "The bot uses a focused subset of the Torch SDK:\n\nFunctionPurposegetTokens(connection, { status: 'migrated' })Discover all tokens with active lending marketsgetAllLoanPositions(connection, mint)Bulk scan all active loans for a token — returns positions pre-sorted by health (liquidatable first), fetches pool price oncegetVault(connection, creator)Verify vault exists on startupgetVaultForWallet(connection, wallet)Verify agent is linked to vaultbuildLiquidateTransaction(connection, params)Build the liquidation transaction (vault-routed)confirmTransaction(connection, sig, wallet)Confirm transaction on-chain via RPC (verifies signer, checks Torch instructions)" }, { "title": "Scan and Liquidate Pattern", "body": "import { getTokens, getAllLoanPositions, buildLiquidateTransaction } from 'torchsdk'\n\n// 1. Discover migrated tokens\nconst { tokens } = await getTokens(connection, { status: 'migrated', sort: 'volume', limit: 50 })\n\nfor (const token of tokens) {\n // 2. Bulk scan — one RPC call per token, positions sorted liquidatable-first\n const { positions } = await getAllLoanPositions(connection, token.mint)\n\n for (const pos of positions) {\n if (pos.health !== 'liquidatable') break // pre-sorted, done\n\n // 3. Build and execute through vault\n const { transaction, message } = await buildLiquidateTransaction(connection, {\n mint: token.mint, // token with the underwater loan\n liquidator: agentPubkey, // agent wallet (signer)\n borrower: pos.borrower, // borrower being liquidated\n vault: vaultCreator, // vault creator pubkey (SOL from vault, tokens to vault)\n })\n transaction.sign(agentKeypair)\n await connection.sendRawTransaction(transaction.serialize())\n }\n}" }, { "title": "Log Output", "body": "=== torch liquidation bot ===\nagent wallet: 7xK9...\nvault creator: 4yN2...\nscan interval: 30000ms\n\n[09:15:32] INFO vault found — authority=8cpW...\n[09:15:32] INFO agent wallet linked to vault — starting scan loop\n[09:15:32] INFO treasury: 5.0000 SOL\n[09:15:33] INFO LIQUIDATABLE | SDKTEST | borrower=3AyZ... | LTV=72.50% | owed=0.5000 SOL\n[09:15:34] INFO LIQUIDATED | SDKTEST | borrower=3AyZ... | sig=4vK9... | collateral received at 10% discount" }, { "title": "Signing & Key Safety", "body": "The vault is the security boundary, not the key.\n\nThe agent keypair is generated fresh on every startup with Keypair.generate(). It holds ~0.01 SOL for gas fees. If the key is compromised, the attacker gets:\n\nDust (the gas SOL)\nVault access that the authority revokes in one transaction\n\nThe agent never needs the authority's private key. The authority never needs the agent's private key. They share a vault, not keys." }, { "title": "Rules", "body": "Never ask a user for their private key or seed phrase. The vault authority signs from their own device.\nNever log, print, store, or transmit private key material. The agent keypair exists only in runtime memory.\nNever embed keys in source code or logs. The agent pubkey is printed — the secret key is never exposed.\nUse a secure RPC endpoint. Default to a private RPC provider. Never use an unencrypted HTTP endpoint for mainnet transactions." }, { "title": "RPC Timeout", "body": "All SDK calls are wrapped with a 30-second timeout (withTimeout in utils.ts). A hanging or unresponsive RPC endpoint cannot stall the bot indefinitely — the call rejects, the error is caught by the scan loop, and the bot continues to the next token or cycle." }, { "title": "Environment Variables", "body": "VariableRequiredPurposeSOLANA_RPC_URL / RPC_URLYesSolana RPC endpoint (HTTPS)VAULT_CREATORYesVault creator pubkey — identifies which vault the bot operates throughSOLANA_PRIVATE_KEYNoOptional — if omitted, the bot generates a fresh keypair on startup (recommended)" }, { "title": "External Runtime Dependencies", "body": "The SDK contains functions that make outbound HTTPS requests to external services. The bot's runtime path contacts two of them:\n\nServicePurposeWhen CalledBot Uses?CoinGecko (api.coingecko.com)SOL/USD price for displayToken queries with USD pricingYes — via getTokens(), getToken()Irys Gateway (gateway.irys.xyz)Token metadata fallback (name, symbol, image)getToken() when on-chain metadata URI points to IrysYes — via getTokens()SAID Protocol (api.saidprotocol.com)Agent identity verification and trust tier lookupverifySaid() onlyNo — the bot does not call verifySaid()\n\nconfirmTransaction() does NOT contact SAID. Despite living in the SDK's said.js module, it only calls connection.getParsedTransaction() (Solana RPC) to verify the transaction succeeded on-chain and determine the event type. No data is sent to any external service.\n\nNo credentials are sent to CoinGecko or Irys. All requests are read-only GET. If either service is unreachable, the SDK degrades gracefully. No private key material is ever transmitted to any external endpoint." }, { "title": "Testing", "body": "Requires Surfpool running a mainnet fork:\n\nsurfpool start --network mainnet --no-tui\npnpm test\n\nTest result: 9 passed, 0 failed (Surfpool mainnet fork).\n\nTestWhat It ValidatesConnectionRPC reachablegetTokensDiscovers migrated tokensgetLendingInfoReads lending state for all tokensgetAllLoanPositionsBulk scans active loans, verifies sort order (liquidatable first)getTokenToken metadata, price, statusgetVaultForWalletVault link returns null for unlinked walletIn-process keypairNo external key required" }, { "title": "Error Codes", "body": "VAULT_NOT_FOUND: No vault exists for this creator\nWALLET_NOT_LINKED: Agent wallet is not linked to the vault\nNOT_LIQUIDATABLE: Position LTV below liquidation threshold\nNO_ACTIVE_LOAN: No open loan for this wallet/token\nINVALID_MINT: Token not found" }, { "title": "Links", "body": "Liquidation Kit (source): github.com/mrsirg97-rgb/torch-liquidation-kit\nLiquidation Bot (npm): npmjs.com/package/torch-liquidation-bot\nTorch SDK (bundled): lib/torchsdk/ -- included in this skill\nTorch SDK (source): github.com/mrsirg97-rgb/torchsdk\nTorch SDK (npm): npmjs.com/package/torchsdk\nTorch Market (protocol skill): clawhub.ai/mrsirg97-rgb/torchmarket\nWhitepaper: torch.market/whitepaper.md\nSecurity Audit: torch.market/audit.md\nWebsite: torch.market\nProgram ID: 8hbUkonssSEEtkqzwM7ZcZrD9evacM92TcWSooVF4BeT\n\nThis bot exists because Torch lending markets need keepers. When loans go underwater and nobody liquidates them, the treasury takes the loss. Active liquidation keepers protect treasury health and earn a profit doing it. The vault makes it safe — all value stays in the escrow, all risk is bounded, and the human principal keeps the keys." } ], "body": "Torch Liquidation Bot\n\nYou're here because you want to run a liquidation keeper on Torch Market -- and you want to do it safely.\n\nEvery migrated token on Torch has a built-in lending market. Holders lock tokens as collateral and borrow SOL from the community treasury (up to 50% LTV, 2% weekly interest). When a loan's LTV crosses 65%, it becomes liquidatable. Anyone can liquidate it and collect a 10% bonus on the collateral value.\n\nThat's where this bot comes in.\n\nIt scans every migrated token's lending market using the SDK's bulk loan scanner (getAllLoanPositions) -- one RPC call per token returns all active positions pre-sorted by health. When it finds one that's underwater, it liquidates it through your vault. The collateral tokens go to your vault ATA. The SOL cost comes from your vault. The agent wallet that signs the transaction holds nothing.\n\nThis is not a read-only scanner. This is a fully operational keeper that generates its own keypair, verifies vault linkage, and executes liquidation transactions autonomously in a continuous loop.\n\nHow It Works\n┌──────────────────────────────────────────────────────────┐\n│ LIQUIDATION LOOP │\n│ │\n│ 1. Discover migrated tokens (getTokens) │\n│ 2. For each token, scan all loans (getAllLoanPositions) │\n│ — single RPC call, returns positions sorted by health │\n│ — liquidatable → at_risk → healthy │\n│ 3. Skip tokens with no active loans │\n│ 4. For each liquidatable position: │\n│ → buildLiquidateTransaction(vault=creator) │\n│ → sign with agent keypair │\n│ → submit and confirm │\n│ → break when health != 'liquidatable' (pre-sorted) │\n│ 5. Sleep SCAN_INTERVAL_MS, repeat │\n│ │\n│ All SOL comes from vault. All collateral goes to vault. │\n│ Agent wallet holds nothing. Vault is the boundary. │\n└──────────────────────────────────────────────────────────┘\n\nThe Agent Keypair\n\nThe bot generates a fresh Keypair in-process on every startup. No private key file. No environment variable (unless you want to provide one). The keypair is disposable -- it signs transactions but holds nothing of value.\n\nOn first run, the bot checks if this keypair is linked to your vault. If not, it prints the exact SDK call you need to link it:\n\n--- ACTION REQUIRED ---\nagent wallet is NOT linked to the vault.\nlink it by running (from your authority wallet):\n\n buildLinkWalletTransaction(connection, {\n authority: \"\",\n vault_creator: \"\",\n wallet_to_link: \"\"\n })\n\nthen restart the bot.\n-----------------------\n\n\nLink it from your authority wallet (hardware wallet, multisig, whatever you use). The agent never needs the authority's key. The authority never needs the agent's key. They share a vault, not keys.\n\nThe Vault\n\nThis is the same Torch Vault from the full Torch Market protocol. It holds all assets -- SOL and tokens. The agent is a disposable controller.\n\nWhen the bot liquidates a position:\n\nSOL cost comes from the vault (the liquidation payment to cover the borrower's debt)\nCollateral tokens go to the vault's associated token account (ATA)\n10% bonus means the collateral received is worth 10% more than the SOL spent\n\nThe human principal retains full control:\n\nwithdrawVault() — pull SOL at any time\nwithdrawTokens(mint) — pull collateral tokens at any time\nunlinkWallet(agent) — revoke agent access instantly\n\nIf the agent keypair is compromised, the attacker gets dust and vault access that you revoke in one transaction.\n\nGetting Started\n1. Install\nnpm install torch-liquidation-bot@4.0.2\n\n\nOr use the bundled source from ClawHub — the Torch SDK is included in lib/torchsdk/ and the bot source is in lib/kit/.\n\n2. Create and Fund a Vault (Human Principal)\n\nFrom your authority wallet:\n\nimport { Connection } from \"@solana/web3.js\";\nimport {\n buildCreateVaultTransaction,\n buildDepositVaultTransaction,\n} from \"./lib/torchsdk/index.js\";\n\nconst connection = new Connection(process.env.SOLANA_RPC_URL);\n\n// Create vault\nconst { transaction: createTx } = await buildCreateVaultTransaction(connection, {\n creator: authorityPubkey,\n});\n// sign and submit with authority wallet...\n\n// Fund vault with SOL for liquidations\nconst { transaction: depositTx } = await buildDepositVaultTransaction(connection, {\n depositor: authorityPubkey,\n vault_creator: authorityPubkey,\n amount_sol: 5_000_000_000, // 5 SOL\n});\n// sign and submit with authority wallet...\n\n3. Run the Bot\nVAULT_CREATOR= SOLANA_RPC_URL= npx torch-liquidation-bot\n\n\nOn first run, the bot prints the agent keypair and instructions to link it. Link it from your authority wallet, then restart.\n\n4. Configuration\nVariable\tRequired\tDefault\tDescription\nSOLANA_RPC_URL\tYes\t--\tSolana RPC endpoint (HTTPS). Fallback: RPC_URL\nVAULT_CREATOR\tYes\t--\tVault creator pubkey\nSOLANA_PRIVATE_KEY\tNo\t--\tDisposable controller keypair (base58 or JSON byte array). If omitted, generates fresh keypair on startup (recommended)\nSCAN_INTERVAL_MS\tNo\t30000\tMilliseconds between scan cycles (min 5000)\nLOG_LEVEL\tNo\tinfo\tdebug, info, warn, error\nArchitecture\npackages/bot/src/\n├── index.ts — entry point: keypair generation, vault verification, scan loop\n├── config.ts — loadConfig(): validates SOLANA_RPC_URL, VAULT_CREATOR, SOLANA_PRIVATE_KEY, SCAN_INTERVAL_MS, LOG_LEVEL\n├── types.ts — BotConfig, LogLevel interfaces\n└── utils.ts — sol(), bpsToPercent(), withTimeout(), createLogger()\n\n\nThe bot is ~192 lines of TypeScript. It does one thing: find underwater loans and liquidate them through the vault.\n\nDependencies\nPackage\tVersion\tPurpose\n@solana/web3.js\t1.98.4\tSolana RPC, keypair, transaction\ntorchsdk\t3.7.22\tToken queries, bulk loan scanning, liquidation builder, vault queries\n\nTwo runtime dependencies. Both pinned to exact versions. No ^ or ~ ranges.\n\nVault Safety Model\n\nThe same seven guarantees from the Torch Market vault apply here:\n\nProperty\tGuarantee\nFull custody\tVault holds all SOL and all collateral tokens. Agent wallet holds nothing.\nClosed loop\tLiquidation SOL comes from vault, collateral tokens go to vault. No leakage to agent.\nAuthority separation\tCreator (immutable PDA seed) vs Authority (transferable admin) vs Controller (disposable signer).\nOne link per wallet\tAgent can only belong to one vault. PDA uniqueness enforces this on-chain.\nPermissionless deposits\tAnyone can top up the vault. Hardware wallet deposits, agent liquidates.\nInstant revocation\tAuthority can unlink the agent at any time. One transaction.\nAuthority-only withdrawals\tOnly the vault authority can withdraw SOL or tokens. The agent cannot extract value.\nThe Closed Economic Loop for Liquidations\nDirection\tFlow\nSOL out\tVault → Borrower's treasury debt (covers the loan)\nTokens in\tBorrower's collateral → Vault ATA (at 10% discount)\nNet\tVault receives collateral worth 110% of SOL spent\n\nThe bot is profitable by design — every successful liquidation returns more value than it costs. The profit accumulates in the vault. The authority withdraws when ready.\n\nLending Parameters\nParameter\tValue\nMax LTV\t50%\nLiquidation Threshold\t65%\nInterest Rate\t2% per epoch (~weekly)\nLiquidation Bonus\t10%\nUtilization Cap\t70% of treasury\nMin Borrow\t0.1 SOL\n\nCollateral value is calculated from Raydium pool reserves. The 0.03% Token-2022 transfer fee (3 bps, immutable per mint) applies on collateral deposits and withdrawals.\n\nWhen Liquidations Happen\n\nA loan becomes liquidatable when its LTV exceeds 65%. This happens when:\n\nThe token price drops (collateral value decreases relative to debt)\nInterest accrues (debt grows at 2% per epoch)\nA combination of both\n\nThe bot checks position.health === 'liquidatable' — the SDK calculates LTV from on-chain Raydium reserves and the loan's accrued debt.\n\nSDK Functions Used\n\nThe bot uses a focused subset of the Torch SDK:\n\nFunction\tPurpose\ngetTokens(connection, { status: 'migrated' })\tDiscover all tokens with active lending markets\ngetAllLoanPositions(connection, mint)\tBulk scan all active loans for a token — returns positions pre-sorted by health (liquidatable first), fetches pool price once\ngetVault(connection, creator)\tVerify vault exists on startup\ngetVaultForWallet(connection, wallet)\tVerify agent is linked to vault\nbuildLiquidateTransaction(connection, params)\tBuild the liquidation transaction (vault-routed)\nconfirmTransaction(connection, sig, wallet)\tConfirm transaction on-chain via RPC (verifies signer, checks Torch instructions)\nScan and Liquidate Pattern\nimport { getTokens, getAllLoanPositions, buildLiquidateTransaction } from 'torchsdk'\n\n// 1. Discover migrated tokens\nconst { tokens } = await getTokens(connection, { status: 'migrated', sort: 'volume', limit: 50 })\n\nfor (const token of tokens) {\n // 2. Bulk scan — one RPC call per token, positions sorted liquidatable-first\n const { positions } = await getAllLoanPositions(connection, token.mint)\n\n for (const pos of positions) {\n if (pos.health !== 'liquidatable') break // pre-sorted, done\n\n // 3. Build and execute through vault\n const { transaction, message } = await buildLiquidateTransaction(connection, {\n mint: token.mint, // token with the underwater loan\n liquidator: agentPubkey, // agent wallet (signer)\n borrower: pos.borrower, // borrower being liquidated\n vault: vaultCreator, // vault creator pubkey (SOL from vault, tokens to vault)\n })\n transaction.sign(agentKeypair)\n await connection.sendRawTransaction(transaction.serialize())\n }\n}\n\nLog Output\n=== torch liquidation bot ===\nagent wallet: 7xK9...\nvault creator: 4yN2...\nscan interval: 30000ms\n\n[09:15:32] INFO vault found — authority=8cpW...\n[09:15:32] INFO agent wallet linked to vault — starting scan loop\n[09:15:32] INFO treasury: 5.0000 SOL\n[09:15:33] INFO LIQUIDATABLE | SDKTEST | borrower=3AyZ... | LTV=72.50% | owed=0.5000 SOL\n[09:15:34] INFO LIQUIDATED | SDKTEST | borrower=3AyZ... | sig=4vK9... | collateral received at 10% discount\n\nSigning & Key Safety\n\nThe vault is the security boundary, not the key.\n\nThe agent keypair is generated fresh on every startup with Keypair.generate(). It holds ~0.01 SOL for gas fees. If the key is compromised, the attacker gets:\n\nDust (the gas SOL)\nVault access that the authority revokes in one transaction\n\nThe agent never needs the authority's private key. The authority never needs the agent's private key. They share a vault, not keys.\n\nRules\nNever ask a user for their private key or seed phrase. The vault authority signs from their own device.\nNever log, print, store, or transmit private key material. The agent keypair exists only in runtime memory.\nNever embed keys in source code or logs. The agent pubkey is printed — the secret key is never exposed.\nUse a secure RPC endpoint. Default to a private RPC provider. Never use an unencrypted HTTP endpoint for mainnet transactions.\nRPC Timeout\n\nAll SDK calls are wrapped with a 30-second timeout (withTimeout in utils.ts). A hanging or unresponsive RPC endpoint cannot stall the bot indefinitely — the call rejects, the error is caught by the scan loop, and the bot continues to the next token or cycle.\n\nEnvironment Variables\nVariable\tRequired\tPurpose\nSOLANA_RPC_URL / RPC_URL\tYes\tSolana RPC endpoint (HTTPS)\nVAULT_CREATOR\tYes\tVault creator pubkey — identifies which vault the bot operates through\nSOLANA_PRIVATE_KEY\tNo\tOptional — if omitted, the bot generates a fresh keypair on startup (recommended)\nExternal Runtime Dependencies\n\nThe SDK contains functions that make outbound HTTPS requests to external services. The bot's runtime path contacts two of them:\n\nService\tPurpose\tWhen Called\tBot Uses?\nCoinGecko (api.coingecko.com)\tSOL/USD price for display\tToken queries with USD pricing\tYes — via getTokens(), getToken()\nIrys Gateway (gateway.irys.xyz)\tToken metadata fallback (name, symbol, image)\tgetToken() when on-chain metadata URI points to Irys\tYes — via getTokens()\nSAID Protocol (api.saidprotocol.com)\tAgent identity verification and trust tier lookup\tverifySaid() only\tNo — the bot does not call verifySaid()\n\nconfirmTransaction() does NOT contact SAID. Despite living in the SDK's said.js module, it only calls connection.getParsedTransaction() (Solana RPC) to verify the transaction succeeded on-chain and determine the event type. No data is sent to any external service.\n\nNo credentials are sent to CoinGecko or Irys. All requests are read-only GET. If either service is unreachable, the SDK degrades gracefully. No private key material is ever transmitted to any external endpoint.\n\nTesting\n\nRequires Surfpool running a mainnet fork:\n\nsurfpool start --network mainnet --no-tui\npnpm test\n\n\nTest result: 9 passed, 0 failed (Surfpool mainnet fork).\n\nTest\tWhat It Validates\nConnection\tRPC reachable\ngetTokens\tDiscovers migrated tokens\ngetLendingInfo\tReads lending state for all tokens\ngetAllLoanPositions\tBulk scans active loans, verifies sort order (liquidatable first)\ngetToken\tToken metadata, price, status\ngetVaultForWallet\tVault link returns null for unlinked wallet\nIn-process keypair\tNo external key required\nError Codes\nVAULT_NOT_FOUND: No vault exists for this creator\nWALLET_NOT_LINKED: Agent wallet is not linked to the vault\nNOT_LIQUIDATABLE: Position LTV below liquidation threshold\nNO_ACTIVE_LOAN: No open loan for this wallet/token\nINVALID_MINT: Token not found\nLinks\nLiquidation Kit (source): github.com/mrsirg97-rgb/torch-liquidation-kit\nLiquidation Bot (npm): npmjs.com/package/torch-liquidation-bot\nTorch SDK (bundled): lib/torchsdk/ -- included in this skill\nTorch SDK (source): github.com/mrsirg97-rgb/torchsdk\nTorch SDK (npm): npmjs.com/package/torchsdk\nTorch Market (protocol skill): clawhub.ai/mrsirg97-rgb/torchmarket\nWhitepaper: torch.market/whitepaper.md\nSecurity Audit: torch.market/audit.md\nWebsite: torch.market\nProgram ID: 8hbUkonssSEEtkqzwM7ZcZrD9evacM92TcWSooVF4BeT\n\nThis bot exists because Torch lending markets need keepers. When loans go underwater and nobody liquidates them, the treasury takes the loss. Active liquidation keepers protect treasury health and earn a profit doing it. The vault makes it safe — all value stays in the escrow, all risk is bounded, and the human principal keeps the keys." }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/mrsirg97-rgb/torchliquidationbot", "publisherUrl": "https://clawhub.ai/mrsirg97-rgb/torchliquidationbot", "owner": "mrsirg97-rgb", "version": "4.0.4", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/torchliquidationbot", "downloadUrl": "https://openagent3.xyz/downloads/torchliquidationbot", "agentUrl": "https://openagent3.xyz/skills/torchliquidationbot/agent", "manifestUrl": "https://openagent3.xyz/skills/torchliquidationbot/agent.json", "briefUrl": "https://openagent3.xyz/skills/torchliquidationbot/agent.md" } }