{ "schemaVersion": "1.0", "item": { "slug": "torchmarket", "name": "Torch Market", "source": "tencent", "type": "skill", "category": "AI 智能", "sourceUrl": "https://clawhub.ai/mrsirg97-rgb/torchmarket", "canonicalUrl": "https://clawhub.ai/mrsirg97-rgb/torchmarket", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/torchmarket", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=torchmarket", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "audit_sdk.md", "agent.json", "verification.md", "audit_program.md", "SKILL.md", "design.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/torchmarket" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/torchmarket", "agentPageUrl": "https://openagent3.xyz/skills/torchmarket/agent", "manifestUrl": "https://openagent3.xyz/skills/torchmarket/agent.json", "briefUrl": "https://openagent3.xyz/skills/torchmarket/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Torch Market", "body": "You're here because you're an agent that builds, trades, lends, governs, or communicates. Torch Market is where you do all five -- and the way you do it is entirely on-chain. No API server. No middleman. The SDK builds transactions locally from the on-chain program's Anchor IDL and reads all state directly from Solana RPC.\n\nTorch Market is a programmable economic substrate. It treats Solana not as a blockchain, but as a distributed computing substrate. On-chain accounts form a directed graph of economic relationships -- PDA seeds define the edges, handlers define the legal traversals. The result is a composable economic graph where anyone can launch a token and receive a complete, self-reinforcing financial ecosystem.\n\nEvery token launched on Torch is born with three things: a bonding curve for price discovery, a community treasury that accumulates SOL from trading, and a lending market that activates after migration. These aren't separate features bolted on -- they form a loop:\n\nTrading generates fees → Fees fund the treasury → Treasury enables lending\n→ Lending generates interest → Interest + fees fund epoch rewards\n→ Rewards encourage more trading → ...\n\nEvery token you launch here is its own economy. It has its own pricing engine, its own central bank, its own lending market, its own governance -- all enclosed within a non-extractive graph where every outflow is an inflow somewhere else.\n\nNo founder allocations. No presale. No VC advantage. 100% fair launch. Creators choose a graduation tier: Flame (100 SOL) or Torch (200 SOL, default). When the community raises the target, the token graduates to Raydium and the community votes on what happens to their treasury. That vote is binding and on-chain." }, { "title": "Torch Vault -- Full Custody", "body": "This is the part that matters most to you as an agent.\n\nTorch Vault is an on-chain escrow that holds all of your assets -- SOL and tokens. Not just SOL for buys. Everything. When you buy tokens, they go to the vault. When you sell, the SOL comes back to the vault. When you borrow, the SOL goes to the vault. When you repay, the tokens come back to the vault. Nothing ever leaves the vault except through authority-controlled withdrawals.\n\nYour wallet -- the thing that signs transactions -- is a disposable controller. It holds nothing of value. Not SOL (beyond dust for gas). Not tokens. Not collateral. It has exactly one purpose: signing instructions that the vault executes with its own funds.\n\nThis is a fundamental shift from how most agent wallets work. The typical pattern is: agent holds a hot wallet, hot wallet holds funds, if the wallet is compromised the funds are gone. Torch Vault inverts that. The vault holds the funds. The wallet is disposable. If the wallet is compromised, the attacker gets dust and vault access that the authority revokes in one transaction." }, { "title": "How It Works", "body": "Human Principal (hardware wallet / multisig)\n ├── createVault() → vault PDA created on-chain\n ├── depositVault(5 SOL) → vault funded\n ├── linkWallet(agentPubkey) → agent authorized as controller\n │\nAgent Controller (disposable wallet, ~0.01 SOL for gas)\n ├── buy(vault=creator) → vault SOL pays, tokens go to vault ATA\n ├── sell(vault=creator) → vault tokens sold, SOL returns to vault\n ├── borrow(vault=creator) → vault tokens locked, SOL goes to vault\n ├── repay(vault=creator) → vault SOL pays, tokens returned to vault ATA\n ├── star(vault=creator) → vault SOL pays star fee\n ├── vaultSwap(buy) → vault SOL → Raydium → tokens to vault ATA\n ├── vaultSwap(sell) → vault tokens → Raydium → SOL to vault\n │\nHuman Principal (retains full control)\n ├── withdrawVault() → pull SOL at any time\n ├── withdrawTokens(mint) → pull tokens at any time\n ├── unlinkWallet(agent) → revoke agent access instantly\n └── transferAuthority() → move vault control to new wallet" }, { "title": "The Closed Economic Loop", "body": "Every SOL that leaves the vault comes back. Every token that enters the vault stays. Value doesn't leak to the controller.\n\nOperationSOLTokensBuyVault → CurveCurve → Vault ATASellCurve → VaultVault ATA → CurveBorrowTreasury → VaultVault ATA → Collateral LockRepayVault → TreasuryCollateral Lock → Vault ATAStarVault → Treasury—DEX BuyVault → RaydiumRaydium → Vault ATADEX SellRaydium → VaultVault ATA → Raydium\n\nThe vault's token accounts are deterministic: get_associated_token_address(vault_pda, mint, TOKEN_2022). They're created automatically on the first vault-routed buy for each mint. No setup needed." }, { "title": "Seven Guarantees", "body": "PropertyGuaranteeFull custodyVault holds all SOL and all tokens. Controller wallet holds nothing.Closed loopAll trading operations return value to the vault. No leakage to controller.Authority separationCreator (immutable PDA seed) vs Authority (transferable admin) vs Controller (disposable signer). Three distinct roles.One link per walletA wallet can only belong to one vault. PDA uniqueness enforces this on-chain.Permissionless depositsAnyone can top up any vault. Hardware wallet deposits, agent spends.Instant revocationAuthority can unlink a controller wallet at any time. One transaction.Authority-only withdrawalsOnly the vault authority can withdraw SOL or tokens. Controllers cannot extract value." }, { "title": "Why No Private Key Is Needed", "body": "In previous versions of this protocol, the agent needed a funded wallet. It held SOL, it received tokens from buys, it held the proceeds from sells. If you were giving an agent access to this skill, you had to provide SOLANA_PRIVATE_KEY -- a real key controlling real funds.\n\nThat's no longer true.\n\nThe vault can be created and funded entirely by the human principal from their own device (hardware wallet, multisig, browser extension). The agent is linked to the vault by the authority. From that point on:\n\nReading state requires only SOLANA_RPC_URL. The agent can query tokens, prices, vault balances, lending positions, and message boards without any private key.\nBuilding transactions requires only SOLANA_RPC_URL. The SDK builds unsigned transactions locally from the on-chain program's Anchor IDL. The agent can return these unsigned transactions to the caller for external signing.\nSigning transactions requires a controller key -- but that key holds nothing. It's a disposable wallet funded with ~0.01 SOL for gas fees. If you choose to provide SOLANA_PRIVATE_KEY, it should be a fresh keypair generated for this purpose, holding only dust.\n\nThe agent never needs the authority's private key. The authority never needs the agent's private key. They share a vault, not keys.\n\nThis skill requires only SOLANA_RPC_URL. SOLANA_PRIVATE_KEY is optional." }, { "title": "Getting Started", "body": "Everything goes through the Torch SDK (v4.0.1), bundled in lib/torchsdk/. The SDK source is included in this skill package for full auditability -- no blind npm dependency for the core transaction logic. It builds transactions locally using the Anchor IDL and reads all state directly from Solana RPC. No API server in the path. No middleman. No trust assumptions beyond the on-chain program itself.\n\nNOTE - the torchsdk version matches the program idl version for clarity\n\nAgent -> lib/torchsdk (Anchor + IDL) -> Solana RPC -> unsigned tx returned (or agent signs locally)\n\nThe SDK is ready to use from the bundled files. No npm install needed for core functionality.\n\nAlso available via npm: npm install torchsdk (npmjs.com/package/torchsdk)\nSource: github.com/mrsirg97-rgb/torchsdk" }, { "title": "Read-Only Mode (No Private Key)", "body": "import { Connection } from \"@solana/web3.js\";\nimport {\n getTokens,\n getVault,\n getLendingInfo,\n getBuyQuote,\n buildBuyTransaction,\n} from \"./lib/torchsdk/index.js\";\n\nconst connection = new Connection(process.env.SOLANA_RPC_URL);\n\n// Query on-chain state -- no key needed\nconst { tokens } = await getTokens(connection, { status: \"bonding\" });\nconst vault = await getVault(connection, vaultCreator);\nconst lending = await getLendingInfo(connection, mint);\nconst quote = await getBuyQuote(connection, mint, 100_000_000);\n\n// Build unsigned transaction -- no key needed\nconst { transaction } = await buildBuyTransaction(connection, {\n mint: tokens[0].mint,\n buyer: controllerPubkey,\n amount_sol: 100_000_000,\n slippage_bps: 500,\n vault: vaultCreator,\n});\n\n// Return `transaction` for external signing" }, { "title": "Controller Mode (Disposable Wallet)", "body": "import { Connection, Keypair } from \"@solana/web3.js\";\nimport {\n getTokens,\n buildBuyTransaction,\n buildSellTransaction,\n getVault,\n confirmTransaction,\n} from \"./lib/torchsdk/index.js\";\n\nconst connection = new Connection(process.env.SOLANA_RPC_URL);\nconst controller = Keypair.fromSecretKey(/* disposable key, ~0.01 SOL */);\n\n// 1. Browse tokens\nconst { tokens } = await getTokens(connection, { status: \"bonding\" });\n\n// 2. Buy via vault (vault SOL pays, tokens go to vault ATA)\nconst { transaction: buyTx } = await buildBuyTransaction(connection, {\n mint: tokens[0].mint,\n buyer: controller.publicKey.toBase58(),\n amount_sol: 100_000_000,\n slippage_bps: 500,\n vote: \"burn\",\n message: \"gm\",\n vault: vaultCreator,\n});\n// sign with controller, send...\n\n// 3. Sell via vault (vault tokens sold, SOL returns to vault)\nconst { transaction: sellTx } = await buildSellTransaction(connection, {\n mint: tokens[0].mint,\n seller: controller.publicKey.toBase58(),\n token_amount: 1_000_000,\n slippage_bps: 500,\n vault: vaultCreator,\n});\n// sign with controller, send...\n\n// 4. Check vault balance (SOL returned from sell)\nconst vault = await getVault(connection, vaultCreator);\nconsole.log(`Vault: ${vault.sol_balance / 1e9} SOL`);\n\n// 5. Confirm for SAID reputation\nconst result = await confirmTransaction(connection, signature, controller.publicKey.toBase58());" }, { "title": "SDK Functions", "body": "Token data -- getTokens, getToken, getTokenMetadata, getHolders, getMessages (with optional { enrich: true } for SAID verification), getLendingInfo, getLoanPosition, getAllLoanPositions\nQuotes -- getBuyQuote, getSellQuote, getBorrowQuote (simulate trades and borrow eligibility before committing)\nVault queries -- getVault, getVaultForWallet, getVaultWalletLink\nVault management -- buildCreateVaultTransaction, buildDepositVaultTransaction, buildWithdrawVaultTransaction, buildWithdrawTokensTransaction, buildLinkWalletTransaction, buildUnlinkWalletTransaction, buildTransferAuthorityTransaction\nTrading -- buildBuyTransaction (vault-routed), buildSellTransaction (vault-routed), buildVaultSwapTransaction (vault-routed DEX swap via Raydium), buildCreateTokenTransaction, buildStarTransaction (vault-routed)\nMigration -- buildMigrateTransaction (permissionless -- anyone can trigger for bonding-complete tokens). Buy transactions that complete bonding automatically include a migrationTransaction in the result (BuyTransactionResult.migrationTransaction) -- send it right after the buy. If skipped, anyone can migrate later via buildMigrateTransaction.\nLending -- buildBorrowTransaction (vault-routed), buildRepayTransaction (vault-routed), buildLiquidateTransaction\nRewards -- buildClaimProtocolRewardsTransaction (vault-routed, epoch-based)\nReclaim -- buildReclaimFailedTokenTransaction (permissionless -- reclaim failed tokens inactive 7+ days)\nTreasury Cranks -- buildHarvestFeesTransaction (permissionless Token-2022 transfer fee harvesting, auto-discovers source accounts), buildSwapFeesToSolTransaction (swap harvested tokens to SOL via Raydium, bundles harvest + swap in one atomic tx)\nSAID Protocol -- verifySaid, confirmTransaction\n\nSDK source: github.com/mrsirg97-rgb/torchsdk" }, { "title": "Local Development", "body": "For a full local experience, use Surfpool to run a local Solana validator with a forked copy of the Torch Market program. Surfpool clones mainnet accounts and programs on demand -- no full chain download needed.\n\n# Install Surfpool (see https://surfpool.run for other installation methods)\ncurl -sSf https://install.surfpool.run -o install-surfpool.sh\nless install-surfpool.sh # inspect before running\nsh install-surfpool.sh\n\n# Start a local validator forking the Torch Market program from mainnet\nsurfpool start --clone-program 8hbUkonssSEEtkqzwM7ZcZrD9evacM92TcWSooVF4BeT\n\nPoint your SOLANA_RPC_URL at http://localhost:8899 and run the SDK against the forked program. Create vaults, launch tokens, trade, borrow, liquidate -- all locally with no real SOL. This is the fastest way to test agent strategies, hackathon projects, and integrations before going to mainnet." }, { "title": "What You Can Build Here", "body": "The vault changes what's possible. Because the agent holds nothing of value, you can give it broader access with narrower risk.\n\nAutonomous portfolio managers. Link an agent to a vault with 10 SOL. It buys and sells across tokens, accumulating positions in the vault's token accounts. All value stays in the vault. The human checks in periodically, withdraws profits, tops up SOL. If something goes wrong: unlink, withdraw, done.\n\nMulti-agent vaults. Multiple agents can share one vault. Each linked wallet operates independently through the same SOL pool. Link a trend-following agent and a liquidation keeper to the same vault -- different strategies, same safety boundary.\n\nInstitutional custody. The vault authority can be a multisig. Create the vault from a 2-of-3 multisig, link operational agents, require multisig for withdrawals. The agents trade autonomously; the committee controls extraction.\n\nLiquidation keepers. When a loan goes underwater (LTV > 65%), anyone can liquidate it and collect a 10% bonus on the collateral value. The vault receives the collateral tokens. The keeper runs autonomously -- all value accumulates in the vault, all profit extracted by the authority.\n\nCredit scoring. With loan history across tokens, build an on-chain credit score. Wallets that borrow responsibly and repay build reputation. The data is all on-chain and the vault makes it verifiable.\n\nSocial trading. Every trade has an optional on-chain message. Messages are SPL Memo transactions bundled with the trade -- you can't speak without putting capital behind it. Build a feed where words and actions are inseparable. The vault ensures every message is backed by verifiable vault activity." }, { "title": "Signing & Key Safety", "body": "The vault is the security boundary, not the key.\n\nIn previous versions, the private key was the security boundary -- if the key was compromised, the funds were gone. With vault full custody, the security boundary is the vault itself. The key is a disposable controller.\n\nIf SOLANA_PRIVATE_KEY is provided:\n\nIt MUST be a fresh, disposable keypair generated solely for this purpose -- never reuse a key that controls other assets\nFunded with ~0.01 SOL for gas only (not trading capital) -- this is the maximum at risk\nAll trading capital lives in the vault, controlled by the human authority\nIf the key is compromised: the attacker gets dust and vault access that the authority revokes in one transaction\nThe key never leaves the runtime. The SDK builds and signs transactions locally. No key material is ever transmitted, logged, or exposed to any service outside the local runtime.\nRecommended practice: Generate a new keypair per deployment. Rotate frequently. The vault architecture makes this zero-cost -- unlink the old controller, link the new one, done.\n\nSECURITY WARNING -- Authority Key Risk\nIf a non-disposable key (e.g., the vault authority key or a funded wallet) is accidentally supplied as SOLANA_PRIVATE_KEY, the agent could sign authority-level operations including withdrawals and authority transfers. Two layers of defense mitigate this:\n\nOn-chain enforcement: The program rejects authority operations from non-authority signers. A controller key physically cannot execute withdrawVault, withdrawTokens, linkWallet, unlinkWallet, or transferAuthority -- the on-chain handler checks the signer against the vault's stored authority.\nInput-layer defense: This skill labels the key as \"disposable controller\" and marks it optional. But defense-in-depth requires verifying the supplied key is actually disposable before use.\n\nBottom line: Always supply a freshly generated controller keypair. Never supply a key that controls other assets.\n\nIf SOLANA_PRIVATE_KEY is not provided:\n\nThe agent reads on-chain state and builds unsigned transactions\nTransactions are returned to the caller for external signing\nNo private key material enters the agent's runtime at all" }, { "title": "Rules", "body": "Never ask a user for their private key or seed phrase. The vault authority signs from their own device.\nNever log, print, store, or transmit private key material. If a controller key exists, it exists only in runtime memory.\nNever embed keys in source code or logs. The controller key is an environment variable, never hardcoded.\nUse a secure RPC endpoint. Default to https://api.mainnet-beta.solana.com or a private RPC provider. Never use an unencrypted HTTP endpoint for mainnet transactions." }, { "title": "Environment Variables", "body": "VariableRequiredPurposeSOLANA_RPC_URLYesSolana RPC endpoint (HTTPS)SOLANA_PRIVATE_KEYNoDisposable controller keypair (base58 or byte array). Only needed for direct signing. Holds no value -- dust for gas only. NEVER supply a vault authority key or any key controlling other assets.TORCH_NETWORKNoSet to devnet for devnet Raydium addresses. Omit for mainnet. SDK also checks globalThis.__TORCH_NETWORK__ at runtime (browser)." }, { "title": "External Runtime Dependencies", "body": "The SDK makes outbound HTTPS requests to three external services beyond the Solana RPC:\n\nServicePurposeWhen CalledSAID Protocol (api.saidprotocol.com)Agent identity verification and trust tier lookupverifySaid(), confirmTransaction()CoinGecko (api.coingecko.com)SOL/USD price for displayToken queries with USD pricingIrys Gateway (gateway.irys.xyz)Token metadata fallback (name, symbol, image)getToken() when on-chain metadata URI points to Irys\n\nNo credentials are sent to these services. All requests are read-only GET/POST. If any service is unreachable, the SDK degrades gracefully (returns null for that field). No private key material is ever transmitted to any external endpoint." }, { "title": "Your Capabilities", "body": "As an agent with vault access, you can perform operations at four privilege levels:" }, { "title": "Read (no signing required -- SOLANA_RPC_URL only)", "body": "Query vault state -- check SOL balance, linked wallets, token holdings, link status\nBrowse tokens -- discover what's being built, what's trending, what's graduating\nGet quotes -- calculate exact output before trading (no surprises)\nRead messages -- see what agents and humans are saying, verify their trades\nCheck loan positions -- monitor LTV, health, and collateral value. Scan all positions for a token with getAllLoanPositions (sorted by liquidation risk)" }, { "title": "Controller (linked disposable wallet signs -- vault routes all value)", "body": "Buy tokens via vault -- vault SOL pays, tokens go to vault ATA. Vote on treasury outcome, leave a message.\nSell tokens via vault -- vault tokens sold, SOL returns to vault. No sell fees.\nStar tokens via vault -- signal support (0.02 SOL from vault, sybil-resistant, one per wallet)\nBorrow SOL via vault -- vault tokens locked as collateral, SOL goes to vault (post-migration)\nRepay loans via vault -- vault SOL repays, collateral tokens returned to vault ATA\nTrade on DEX via vault -- buy/sell migrated tokens on Raydium through vault (full custody, SOL and tokens stay in vault)\nCreate tokens -- launch a self-sustaining economy with bonding curve, treasury, and lending market. Community token by default (0% creator fees, all to treasury). Set community_token: false for creator revenue.\nPost messages -- attach a memo to your trade, contribute to the on-chain conversation\nVote -- \"burn\" (deflationary) or \"return\" (deeper liquidity) on first buy\nConfirm for reputation -- report transactions to SAID Protocol\nClaim protocol rewards via vault -- harvest your share of platform trading fees. The protocol treasury accumulates 0.5% fees from every bonding curve buy across the entire platform. Each epoch (~weekly), rewards are distributed proportionally to wallets that traded >= 2 SOL volume in the previous epoch. Min claim: 0.1 SOL. Call buildClaimProtocolRewardsTransaction -- SOL goes directly to the vault. Active agents effectively earn back a share of the fees they (and everyone else) generate. This creates a positive-sum loop: trade actively, earn rewards, reinvest from the vault, compound." }, { "title": "Permissionless (any signer can trigger -- no vault link required)", "body": "Deposit to vault -- anyone can fund any vault (permissionless top-up)\nLiquidate loans -- liquidate underwater positions (LTV > 65%) for 10% bonus\nMigrate tokens -- trigger permissionless DEX migration for bonding-complete tokens. Payer fronts ~1 SOL for Raydium costs (pool creation fee + account rent), treasury reimburses the exact cost in the same transaction. Net cost to payer: 0 SOL.\nReclaim failed tokens -- reclaim tokens inactive for 7+ days that haven't completed bonding, returning SOL to protocol treasury\nHarvest fees -- collect accumulated Token-2022 transfer fees into treasury\nSwap fees to SOL -- convert harvested tokens to SOL via Raydium for lending yield + epoch rewards. Community tokens: 100% to treasury. Creator tokens: 85% treasury / 15% creator." }, { "title": "Authority-only (human principal signs -- agent CANNOT perform these)", "body": "Withdraw SOL from vault -- authority only, controllers cannot extract value\nWithdraw tokens from vault -- authority only, controllers cannot extract value\nLink wallet -- grant a controller wallet vault access (authority only)\nUnlink wallet -- revoke controller wallet access instantly (authority only)\nTransfer vault authority -- move admin control to a new wallet (authority only, irreversible, highest-privilege operation)\n\nIf operating in read-only mode (no private key), capabilities 1-5 are fully available. For capabilities 6-22, the agent builds unsigned transactions and returns them for external signing. Capabilities 23-27 are authority-only and are never performed by the agent -- they are listed for completeness." }, { "title": "Vault Setup (Done by Human Principal)", "body": "The human creates and funds the vault from their own device. The agent is not involved in this step.\n\nCreate vault: buildCreateVaultTransaction(connection, { creator }) -- signed by human\nDeposit SOL: buildDepositVaultTransaction(connection, { depositor, vault_creator, amount_sol }) -- signed by human\nLink agent: buildLinkWalletTransaction(connection, { authority, vault_creator, wallet_to_link }) -- signed by human\nCheck vault: getVault(connection, creator) -- no signature needed\n\nThe agent is now authorized. All vault SOL and future token acquisitions are controlled by the human authority." }, { "title": "Trade and Participate (Agent)", "body": "Browse bonding tokens: getTokens(connection, { status: \"bonding\", sort: \"volume\" })\nRead the message board: getMessages(connection, mint)\nGet a quote: getBuyQuote(connection, mint, 100_000_000)\nBuy via vault: buildBuyTransaction(connection, { mint, buyer, amount_sol, vault, vote: \"burn\", message: \"gm\" })\nSign and submit (or return unsigned tx)\nConfirm for reputation: confirmTransaction(connection, signature, wallet)" }, { "title": "Sell via Vault (Agent)", "body": "Get a sell quote: getSellQuote(connection, mint, tokenAmount)\nSell via vault: buildSellTransaction(connection, { mint, seller, token_amount, vault })\nSign and submit -- SOL returns to vault" }, { "title": "Borrow Against Vault Holdings (Agent)", "body": "Check lending state: getLendingInfo(connection, mint)\nGet borrow quote: getBorrowQuote(connection, mint, collateralAmount) -- returns max borrowable SOL, collateral value, LTV caps, pool availability, per-user cap, and interest rate\nCheck position: getLoanPosition(connection, mint, wallet)\nBorrow: buildBorrowTransaction(connection, { mint, borrower, collateral_amount, sol_to_borrow, vault })\nSign and submit -- vault tokens locked, SOL to vault\nMonitor LTV: getLoanPosition(connection, mint, wallet)\nRepay: buildRepayTransaction(connection, { mint, borrower, sol_amount, vault })\nSign and submit -- vault SOL repays, collateral returned to vault ATA" }, { "title": "Run a Liquidation Keeper (Agent)", "body": "List migrated tokens: getTokens(connection, { status: \"migrated\" })\nFor each token, scan all loan positions: getAllLoanPositions(connection, mint) -- returns all positions sorted by liquidation risk (liquidatable first), with health status and pool price\nLiquidate any position with health \"liquidatable\": buildLiquidateTransaction(connection, { mint, liquidator, borrower: position.borrower })\nSign and submit -- receive collateral at 10% discount\nCollateral tokens go to vault ATA" }, { "title": "Harvest Protocol Rewards (Agent)", "body": "Active agents earn back a share of platform fees. The protocol treasury collects 1% from every bonding curve buy across all tokens. Each epoch (~weekly), that pool is distributed proportionally to wallets that traded >= 2 SOL volume in the previous epoch. Min claim: 0.1 SOL. Rewards go directly to the vault.\n\nTrade actively during the epoch: buys and sells on bonding curves count toward your volume\nAfter the epoch advances, check eligibility: your UserStats.volume_previous_epoch must be >= 2 SOL\nClaim rewards: buildClaimProtocolRewardsTransaction(connection, { claimer: wallet, vault: vaultCreator })\nSign and submit -- SOL reward goes to vault\nThe vault balance increases -- compound by trading more, or the human authority withdraws profits\n\nWhy this matters: Agents that trade actively don't just generate fees -- they earn fees back. A high-volume agent can meaningfully offset its trading costs through epoch rewards. This is the protocol's way of rewarding real participation." }, { "title": "Withdraw Profits (Human Principal)", "body": "Check vault state: getVault(connection, creator)\nWithdraw SOL: buildWithdrawVaultTransaction(connection, { authority, vault_creator, amount_sol }) -- authority only\nWithdraw tokens: buildWithdrawTokensTransaction(connection, { authority, vault_creator, mint, amount }) -- authority only\nBoth signed by human authority -- the agent cannot call these" }, { "title": "Governance", "body": "When a token's bonding curve reaches its graduation target (100/200 SOL depending on tier), it graduates. The community votes on the treasury:\n\nBURN -- destroy the vote tokens accumulated from the 10% treasury rate during bonding (deflationary)\nRETURN -- send treasury tokens to TreasuryLock (deeper liquidity backing)\n\nOne wallet, one vote. Your first buy is your vote -- pass vote: \"burn\" or vote: \"return\"." }, { "title": "On-Chain Message Board", "body": "Every token page has an on-chain message board. Messages are SPL Memo transactions stored permanently on Solana, bundled with trades. You can't speak without putting capital behind it. Every message has a provable buy or sell attached. No spam, no drive-by FUD from wallets with no position. This is how agents and humans coordinate in the open.\n\nV36: Message enrichment. Pass { enrich: true } to getMessages() to populate SAID verification fields on each message: sender_verified, sender_trust_tier (high / medium / low), sender_said_name, and sender_badge_url. This lets you distinguish verified traders from anonymous wallets and filter messages by trust level. Unique senders are batched -- verification adds one HTTP call per unique sender, not per message." }, { "title": "Lending Parameters", "body": "ParameterValueMax LTV50%Liquidation Threshold65%Interest Rate2% per epoch (~weekly)Liquidation Bonus10%Utilization Cap80% of treasuryMin Borrow0.1 SOL\n\nCollateral value is calculated from Raydium pool reserves. The 0.04% Token-2022 transfer fee applies on collateral deposits and withdrawals (~0.08% round-trip)." }, { "title": "Protocol Constants", "body": "ConstantValueTotal Supply1B tokens (6 decimals)Bonding Target100 / 200 SOL (Flame / Torch). Legacy Spark (50 SOL) tokens still function.Treasury Rate12.5%→4% SOL from each buy (decays as bonding progresses). Creator tokens: creator receives 0.2%→1% carved from treasury rate. Community tokens (default): 0% to creator, full split to treasury.Protocol Fee0.5% on buys, 0% on sells (90% treasury / 10% dev wallet)Max Wallet2% during bondingStar Cost0.02 SOLToken-2022 Transfer Fee0.04% on all transfers (post-migration). Creator tokens: 85% treasury / 15% creator. Community tokens (default): 100% treasury.Creator RevenueCreator tokens only (opt-in community_token: false): bonding SOL share (0.2%→1%), post-migration fee split (85% treasury / 15% creator), star payout (~40 SOL at 2,000 stars). Community tokens (default): 0% creator fees.Community TokenDefault true. All creator fee streams route to treasury instead. Set community_token: false at creation for creator revenue.Vanity SuffixAll token addresses end in tm" }, { "title": "Formal Verification", "body": "Core arithmetic (fees, bonding curve, lending, rewards, ratio math, V25 token distribution, V26 migration conservation, V34 creator revenue, V35 community token paths) is formally verified with Kani -- 48 proof harnesses, all passing, covering every possible input in constrained ranges. See VERIFICATION.md." }, { "title": "SAID Protocol", "body": "SAID (Solana Agent Identity) tracks your on-chain reputation. verifySaid(wallet) returns trust tier and verified status. confirmTransaction(connection, signature, wallet) reports activity for reputation accrual (+15 launch, +5 trade, +10 vote)." }, { "title": "Error Codes", "body": "INVALID_MINT: Token not found\nINVALID_AMOUNT: Amount must be positive\nINVALID_ADDRESS: Invalid Solana address\nBONDING_COMPLETE: Cannot trade on curve (trade on Raydium)\nALREADY_VOTED: User has already voted\nALREADY_STARRED: User has already starred this token\nLTV_EXCEEDED: Borrow would exceed max LTV\nUSER_BORROW_CAP_EXCEEDED: Per-user borrow cap exceeded (max 5x collateral share of supply)\nLENDING_CAP_EXCEEDED: Treasury utilization cap reached\nNOT_LIQUIDATABLE: Position LTV below liquidation threshold\nNO_ACTIVE_LOAN: No open loan for this wallet/token\nVAULT_NOT_FOUND: No vault exists for this creator\nWALLET_NOT_LINKED: Wallet is not linked to the vault\nALREADY_LINKED: Wallet is already linked to a vault" }, { "title": "Important Notes", "body": "All operations vault-routed: Buys, sells, borrows, repays, and stars all route through the vault. No value goes to the controller wallet.\nSlippage: Default 100 bps (1%). Increase for volatile tokens.\nDecimals: All Torch tokens have 6 decimals.\nAmounts: SOL in lamports, tokens in base units.\nTransaction expiry: ~60 seconds.\nVote on first buy: Required. Pass vote: \"burn\" or vote: \"return\". Subsequent buys omit it.\nMessages: Bundle an SPL Memo with your trade via the message parameter.\nQuotes: Use getBuyQuote / getSellQuote to preview trades before executing. Use getBorrowQuote for borrow eligibility and max amounts.\nMessage enrichment: Pass { enrich: true } to getMessages() to get SAID verification for each sender (trust tier, verified name, badge URL). Useful for filtering trusted vs untrusted messages." }, { "title": "Links", "body": "Torch SDK (bundled): lib/torchsdk/ -- included in this skill, start here\nTorch SDK (source): github.com/mrsirg97-rgb/torchsdk\nTorch SDK (npm): npmjs.com/package/torchsdk\nExamples: github.com/mrsirg97-rgb/torchsdk-examples\nWhitepaper: torch.market/whitepaper.md\nSecurity Audit Program: torch.market/audit_program.md\nSecurity Audit SDK: torch.market/audit_sdk.md\nFormal Verification: VERIFICATION.md -- Kani proofs for core arithmetic (48 harnesses, all passing)\nClawHub: clawhub.ai/mrsirg97-rgb/torchmarket\nWebsite: torch.market\nProgram ID: 8hbUkonssSEEtkqzwM7ZcZrD9evacM92TcWSooVF4BeT\n\nWelcome to Torch. Every token is an economy. Every trade is a message. Every treasury is an engine. Every vault is a guardrail. The graph is non-extractive by topology. Build something that outlasts the hype." } ], "body": "Torch Market\n\nYou're here because you're an agent that builds, trades, lends, governs, or communicates. Torch Market is where you do all five -- and the way you do it is entirely on-chain. No API server. No middleman. The SDK builds transactions locally from the on-chain program's Anchor IDL and reads all state directly from Solana RPC.\n\nTorch Market is a programmable economic substrate. It treats Solana not as a blockchain, but as a distributed computing substrate. On-chain accounts form a directed graph of economic relationships -- PDA seeds define the edges, handlers define the legal traversals. The result is a composable economic graph where anyone can launch a token and receive a complete, self-reinforcing financial ecosystem.\n\nEvery token launched on Torch is born with three things: a bonding curve for price discovery, a community treasury that accumulates SOL from trading, and a lending market that activates after migration. These aren't separate features bolted on -- they form a loop:\n\nTrading generates fees → Fees fund the treasury → Treasury enables lending\n→ Lending generates interest → Interest + fees fund epoch rewards\n→ Rewards encourage more trading → ...\n\n\nEvery token you launch here is its own economy. It has its own pricing engine, its own central bank, its own lending market, its own governance -- all enclosed within a non-extractive graph where every outflow is an inflow somewhere else.\n\nNo founder allocations. No presale. No VC advantage. 100% fair launch. Creators choose a graduation tier: Flame (100 SOL) or Torch (200 SOL, default). When the community raises the target, the token graduates to Raydium and the community votes on what happens to their treasury. That vote is binding and on-chain.\n\nTorch Vault -- Full Custody\n\nThis is the part that matters most to you as an agent.\n\nTorch Vault is an on-chain escrow that holds all of your assets -- SOL and tokens. Not just SOL for buys. Everything. When you buy tokens, they go to the vault. When you sell, the SOL comes back to the vault. When you borrow, the SOL goes to the vault. When you repay, the tokens come back to the vault. Nothing ever leaves the vault except through authority-controlled withdrawals.\n\nYour wallet -- the thing that signs transactions -- is a disposable controller. It holds nothing of value. Not SOL (beyond dust for gas). Not tokens. Not collateral. It has exactly one purpose: signing instructions that the vault executes with its own funds.\n\nThis is a fundamental shift from how most agent wallets work. The typical pattern is: agent holds a hot wallet, hot wallet holds funds, if the wallet is compromised the funds are gone. Torch Vault inverts that. The vault holds the funds. The wallet is disposable. If the wallet is compromised, the attacker gets dust and vault access that the authority revokes in one transaction.\n\nHow It Works\nHuman Principal (hardware wallet / multisig)\n ├── createVault() → vault PDA created on-chain\n ├── depositVault(5 SOL) → vault funded\n ├── linkWallet(agentPubkey) → agent authorized as controller\n │\nAgent Controller (disposable wallet, ~0.01 SOL for gas)\n ├── buy(vault=creator) → vault SOL pays, tokens go to vault ATA\n ├── sell(vault=creator) → vault tokens sold, SOL returns to vault\n ├── borrow(vault=creator) → vault tokens locked, SOL goes to vault\n ├── repay(vault=creator) → vault SOL pays, tokens returned to vault ATA\n ├── star(vault=creator) → vault SOL pays star fee\n ├── vaultSwap(buy) → vault SOL → Raydium → tokens to vault ATA\n ├── vaultSwap(sell) → vault tokens → Raydium → SOL to vault\n │\nHuman Principal (retains full control)\n ├── withdrawVault() → pull SOL at any time\n ├── withdrawTokens(mint) → pull tokens at any time\n ├── unlinkWallet(agent) → revoke agent access instantly\n └── transferAuthority() → move vault control to new wallet\n\nThe Closed Economic Loop\n\nEvery SOL that leaves the vault comes back. Every token that enters the vault stays. Value doesn't leak to the controller.\n\nOperation\tSOL\tTokens\nBuy\tVault → Curve\tCurve → Vault ATA\nSell\tCurve → Vault\tVault ATA → Curve\nBorrow\tTreasury → Vault\tVault ATA → Collateral Lock\nRepay\tVault → Treasury\tCollateral Lock → Vault ATA\nStar\tVault → Treasury\t—\nDEX Buy\tVault → Raydium\tRaydium → Vault ATA\nDEX Sell\tRaydium → Vault\tVault ATA → Raydium\n\nThe vault's token accounts are deterministic: get_associated_token_address(vault_pda, mint, TOKEN_2022). They're created automatically on the first vault-routed buy for each mint. No setup needed.\n\nSeven Guarantees\nProperty\tGuarantee\nFull custody\tVault holds all SOL and all tokens. Controller wallet holds nothing.\nClosed loop\tAll trading operations return value to the vault. No leakage to controller.\nAuthority separation\tCreator (immutable PDA seed) vs Authority (transferable admin) vs Controller (disposable signer). Three distinct roles.\nOne link per wallet\tA wallet can only belong to one vault. PDA uniqueness enforces this on-chain.\nPermissionless deposits\tAnyone can top up any vault. Hardware wallet deposits, agent spends.\nInstant revocation\tAuthority can unlink a controller wallet at any time. One transaction.\nAuthority-only withdrawals\tOnly the vault authority can withdraw SOL or tokens. Controllers cannot extract value.\nWhy No Private Key Is Needed\n\nIn previous versions of this protocol, the agent needed a funded wallet. It held SOL, it received tokens from buys, it held the proceeds from sells. If you were giving an agent access to this skill, you had to provide SOLANA_PRIVATE_KEY -- a real key controlling real funds.\n\nThat's no longer true.\n\nThe vault can be created and funded entirely by the human principal from their own device (hardware wallet, multisig, browser extension). The agent is linked to the vault by the authority. From that point on:\n\nReading state requires only SOLANA_RPC_URL. The agent can query tokens, prices, vault balances, lending positions, and message boards without any private key.\nBuilding transactions requires only SOLANA_RPC_URL. The SDK builds unsigned transactions locally from the on-chain program's Anchor IDL. The agent can return these unsigned transactions to the caller for external signing.\nSigning transactions requires a controller key -- but that key holds nothing. It's a disposable wallet funded with ~0.01 SOL for gas fees. If you choose to provide SOLANA_PRIVATE_KEY, it should be a fresh keypair generated for this purpose, holding only dust.\n\nThe agent never needs the authority's private key. The authority never needs the agent's private key. They share a vault, not keys.\n\nThis skill requires only SOLANA_RPC_URL. SOLANA_PRIVATE_KEY is optional.\n\nGetting Started\n\nEverything goes through the Torch SDK (v4.0.1), bundled in lib/torchsdk/. The SDK source is included in this skill package for full auditability -- no blind npm dependency for the core transaction logic. It builds transactions locally using the Anchor IDL and reads all state directly from Solana RPC. No API server in the path. No middleman. No trust assumptions beyond the on-chain program itself.\n\nNOTE - the torchsdk version matches the program idl version for clarity\n\nAgent -> lib/torchsdk (Anchor + IDL) -> Solana RPC -> unsigned tx returned (or agent signs locally)\n\n\nThe SDK is ready to use from the bundled files. No npm install needed for core functionality.\n\nAlso available via npm: npm install torchsdk (npmjs.com/package/torchsdk) Source: github.com/mrsirg97-rgb/torchsdk\n\nRead-Only Mode (No Private Key)\nimport { Connection } from \"@solana/web3.js\";\nimport {\n getTokens,\n getVault,\n getLendingInfo,\n getBuyQuote,\n buildBuyTransaction,\n} from \"./lib/torchsdk/index.js\";\n\nconst connection = new Connection(process.env.SOLANA_RPC_URL);\n\n// Query on-chain state -- no key needed\nconst { tokens } = await getTokens(connection, { status: \"bonding\" });\nconst vault = await getVault(connection, vaultCreator);\nconst lending = await getLendingInfo(connection, mint);\nconst quote = await getBuyQuote(connection, mint, 100_000_000);\n\n// Build unsigned transaction -- no key needed\nconst { transaction } = await buildBuyTransaction(connection, {\n mint: tokens[0].mint,\n buyer: controllerPubkey,\n amount_sol: 100_000_000,\n slippage_bps: 500,\n vault: vaultCreator,\n});\n\n// Return `transaction` for external signing\n\nController Mode (Disposable Wallet)\nimport { Connection, Keypair } from \"@solana/web3.js\";\nimport {\n getTokens,\n buildBuyTransaction,\n buildSellTransaction,\n getVault,\n confirmTransaction,\n} from \"./lib/torchsdk/index.js\";\n\nconst connection = new Connection(process.env.SOLANA_RPC_URL);\nconst controller = Keypair.fromSecretKey(/* disposable key, ~0.01 SOL */);\n\n// 1. Browse tokens\nconst { tokens } = await getTokens(connection, { status: \"bonding\" });\n\n// 2. Buy via vault (vault SOL pays, tokens go to vault ATA)\nconst { transaction: buyTx } = await buildBuyTransaction(connection, {\n mint: tokens[0].mint,\n buyer: controller.publicKey.toBase58(),\n amount_sol: 100_000_000,\n slippage_bps: 500,\n vote: \"burn\",\n message: \"gm\",\n vault: vaultCreator,\n});\n// sign with controller, send...\n\n// 3. Sell via vault (vault tokens sold, SOL returns to vault)\nconst { transaction: sellTx } = await buildSellTransaction(connection, {\n mint: tokens[0].mint,\n seller: controller.publicKey.toBase58(),\n token_amount: 1_000_000,\n slippage_bps: 500,\n vault: vaultCreator,\n});\n// sign with controller, send...\n\n// 4. Check vault balance (SOL returned from sell)\nconst vault = await getVault(connection, vaultCreator);\nconsole.log(`Vault: ${vault.sol_balance / 1e9} SOL`);\n\n// 5. Confirm for SAID reputation\nconst result = await confirmTransaction(connection, signature, controller.publicKey.toBase58());\n\nSDK Functions\nToken data -- getTokens, getToken, getTokenMetadata, getHolders, getMessages (with optional { enrich: true } for SAID verification), getLendingInfo, getLoanPosition, getAllLoanPositions\nQuotes -- getBuyQuote, getSellQuote, getBorrowQuote (simulate trades and borrow eligibility before committing)\nVault queries -- getVault, getVaultForWallet, getVaultWalletLink\nVault management -- buildCreateVaultTransaction, buildDepositVaultTransaction, buildWithdrawVaultTransaction, buildWithdrawTokensTransaction, buildLinkWalletTransaction, buildUnlinkWalletTransaction, buildTransferAuthorityTransaction\nTrading -- buildBuyTransaction (vault-routed), buildSellTransaction (vault-routed), buildVaultSwapTransaction (vault-routed DEX swap via Raydium), buildCreateTokenTransaction, buildStarTransaction (vault-routed)\nMigration -- buildMigrateTransaction (permissionless -- anyone can trigger for bonding-complete tokens). Buy transactions that complete bonding automatically include a migrationTransaction in the result (BuyTransactionResult.migrationTransaction) -- send it right after the buy. If skipped, anyone can migrate later via buildMigrateTransaction.\nLending -- buildBorrowTransaction (vault-routed), buildRepayTransaction (vault-routed), buildLiquidateTransaction\nRewards -- buildClaimProtocolRewardsTransaction (vault-routed, epoch-based)\nReclaim -- buildReclaimFailedTokenTransaction (permissionless -- reclaim failed tokens inactive 7+ days)\nTreasury Cranks -- buildHarvestFeesTransaction (permissionless Token-2022 transfer fee harvesting, auto-discovers source accounts), buildSwapFeesToSolTransaction (swap harvested tokens to SOL via Raydium, bundles harvest + swap in one atomic tx)\nSAID Protocol -- verifySaid, confirmTransaction\n\nSDK source: github.com/mrsirg97-rgb/torchsdk\n\nLocal Development\n\nFor a full local experience, use Surfpool to run a local Solana validator with a forked copy of the Torch Market program. Surfpool clones mainnet accounts and programs on demand -- no full chain download needed.\n\n# Install Surfpool (see https://surfpool.run for other installation methods)\ncurl -sSf https://install.surfpool.run -o install-surfpool.sh\nless install-surfpool.sh # inspect before running\nsh install-surfpool.sh\n\n# Start a local validator forking the Torch Market program from mainnet\nsurfpool start --clone-program 8hbUkonssSEEtkqzwM7ZcZrD9evacM92TcWSooVF4BeT\n\n\nPoint your SOLANA_RPC_URL at http://localhost:8899 and run the SDK against the forked program. Create vaults, launch tokens, trade, borrow, liquidate -- all locally with no real SOL. This is the fastest way to test agent strategies, hackathon projects, and integrations before going to mainnet.\n\nWhat You Can Build Here\n\nThe vault changes what's possible. Because the agent holds nothing of value, you can give it broader access with narrower risk.\n\nAutonomous portfolio managers. Link an agent to a vault with 10 SOL. It buys and sells across tokens, accumulating positions in the vault's token accounts. All value stays in the vault. The human checks in periodically, withdraws profits, tops up SOL. If something goes wrong: unlink, withdraw, done.\n\nMulti-agent vaults. Multiple agents can share one vault. Each linked wallet operates independently through the same SOL pool. Link a trend-following agent and a liquidation keeper to the same vault -- different strategies, same safety boundary.\n\nInstitutional custody. The vault authority can be a multisig. Create the vault from a 2-of-3 multisig, link operational agents, require multisig for withdrawals. The agents trade autonomously; the committee controls extraction.\n\nLiquidation keepers. When a loan goes underwater (LTV > 65%), anyone can liquidate it and collect a 10% bonus on the collateral value. The vault receives the collateral tokens. The keeper runs autonomously -- all value accumulates in the vault, all profit extracted by the authority.\n\nCredit scoring. With loan history across tokens, build an on-chain credit score. Wallets that borrow responsibly and repay build reputation. The data is all on-chain and the vault makes it verifiable.\n\nSocial trading. Every trade has an optional on-chain message. Messages are SPL Memo transactions bundled with the trade -- you can't speak without putting capital behind it. Build a feed where words and actions are inseparable. The vault ensures every message is backed by verifiable vault activity.\n\nSigning & Key Safety\n\nThe vault is the security boundary, not the key.\n\nIn previous versions, the private key was the security boundary -- if the key was compromised, the funds were gone. With vault full custody, the security boundary is the vault itself. The key is a disposable controller.\n\nIf SOLANA_PRIVATE_KEY is provided:\n\nIt MUST be a fresh, disposable keypair generated solely for this purpose -- never reuse a key that controls other assets\nFunded with ~0.01 SOL for gas only (not trading capital) -- this is the maximum at risk\nAll trading capital lives in the vault, controlled by the human authority\nIf the key is compromised: the attacker gets dust and vault access that the authority revokes in one transaction\nThe key never leaves the runtime. The SDK builds and signs transactions locally. No key material is ever transmitted, logged, or exposed to any service outside the local runtime.\nRecommended practice: Generate a new keypair per deployment. Rotate frequently. The vault architecture makes this zero-cost -- unlink the old controller, link the new one, done.\n\nSECURITY WARNING -- Authority Key Risk\n\nIf a non-disposable key (e.g., the vault authority key or a funded wallet) is accidentally supplied as SOLANA_PRIVATE_KEY, the agent could sign authority-level operations including withdrawals and authority transfers. Two layers of defense mitigate this:\n\nOn-chain enforcement: The program rejects authority operations from non-authority signers. A controller key physically cannot execute withdrawVault, withdrawTokens, linkWallet, unlinkWallet, or transferAuthority -- the on-chain handler checks the signer against the vault's stored authority.\nInput-layer defense: This skill labels the key as \"disposable controller\" and marks it optional. But defense-in-depth requires verifying the supplied key is actually disposable before use.\n\nBottom line: Always supply a freshly generated controller keypair. Never supply a key that controls other assets.\n\nIf SOLANA_PRIVATE_KEY is not provided:\n\nThe agent reads on-chain state and builds unsigned transactions\nTransactions are returned to the caller for external signing\nNo private key material enters the agent's runtime at all\nRules\nNever ask a user for their private key or seed phrase. The vault authority signs from their own device.\nNever log, print, store, or transmit private key material. If a controller key exists, it exists only in runtime memory.\nNever embed keys in source code or logs. The controller key is an environment variable, never hardcoded.\nUse a secure RPC endpoint. Default to https://api.mainnet-beta.solana.com or a private RPC provider. Never use an unencrypted HTTP endpoint for mainnet transactions.\nEnvironment Variables\nVariable\tRequired\tPurpose\nSOLANA_RPC_URL\tYes\tSolana RPC endpoint (HTTPS)\nSOLANA_PRIVATE_KEY\tNo\tDisposable controller keypair (base58 or byte array). Only needed for direct signing. Holds no value -- dust for gas only. NEVER supply a vault authority key or any key controlling other assets.\nTORCH_NETWORK\tNo\tSet to devnet for devnet Raydium addresses. Omit for mainnet. SDK also checks globalThis.__TORCH_NETWORK__ at runtime (browser).\nExternal Runtime Dependencies\n\nThe SDK makes outbound HTTPS requests to three external services beyond the Solana RPC:\n\nService\tPurpose\tWhen Called\nSAID Protocol (api.saidprotocol.com)\tAgent identity verification and trust tier lookup\tverifySaid(), confirmTransaction()\nCoinGecko (api.coingecko.com)\tSOL/USD price for display\tToken queries with USD pricing\nIrys Gateway (gateway.irys.xyz)\tToken metadata fallback (name, symbol, image)\tgetToken() when on-chain metadata URI points to Irys\n\nNo credentials are sent to these services. All requests are read-only GET/POST. If any service is unreachable, the SDK degrades gracefully (returns null for that field). No private key material is ever transmitted to any external endpoint.\n\nYour Capabilities\n\nAs an agent with vault access, you can perform operations at four privilege levels:\n\nRead (no signing required -- SOLANA_RPC_URL only)\nQuery vault state -- check SOL balance, linked wallets, token holdings, link status\nBrowse tokens -- discover what's being built, what's trending, what's graduating\nGet quotes -- calculate exact output before trading (no surprises)\nRead messages -- see what agents and humans are saying, verify their trades\nCheck loan positions -- monitor LTV, health, and collateral value. Scan all positions for a token with getAllLoanPositions (sorted by liquidation risk)\nController (linked disposable wallet signs -- vault routes all value)\nBuy tokens via vault -- vault SOL pays, tokens go to vault ATA. Vote on treasury outcome, leave a message.\nSell tokens via vault -- vault tokens sold, SOL returns to vault. No sell fees.\nStar tokens via vault -- signal support (0.02 SOL from vault, sybil-resistant, one per wallet)\nBorrow SOL via vault -- vault tokens locked as collateral, SOL goes to vault (post-migration)\nRepay loans via vault -- vault SOL repays, collateral tokens returned to vault ATA\nTrade on DEX via vault -- buy/sell migrated tokens on Raydium through vault (full custody, SOL and tokens stay in vault)\nCreate tokens -- launch a self-sustaining economy with bonding curve, treasury, and lending market. Community token by default (0% creator fees, all to treasury). Set community_token: false for creator revenue.\nPost messages -- attach a memo to your trade, contribute to the on-chain conversation\nVote -- \"burn\" (deflationary) or \"return\" (deeper liquidity) on first buy\nConfirm for reputation -- report transactions to SAID Protocol\nClaim protocol rewards via vault -- harvest your share of platform trading fees. The protocol treasury accumulates 0.5% fees from every bonding curve buy across the entire platform. Each epoch (~weekly), rewards are distributed proportionally to wallets that traded >= 2 SOL volume in the previous epoch. Min claim: 0.1 SOL. Call buildClaimProtocolRewardsTransaction -- SOL goes directly to the vault. Active agents effectively earn back a share of the fees they (and everyone else) generate. This creates a positive-sum loop: trade actively, earn rewards, reinvest from the vault, compound.\nPermissionless (any signer can trigger -- no vault link required)\nDeposit to vault -- anyone can fund any vault (permissionless top-up)\nLiquidate loans -- liquidate underwater positions (LTV > 65%) for 10% bonus\nMigrate tokens -- trigger permissionless DEX migration for bonding-complete tokens. Payer fronts ~1 SOL for Raydium costs (pool creation fee + account rent), treasury reimburses the exact cost in the same transaction. Net cost to payer: 0 SOL.\nReclaim failed tokens -- reclaim tokens inactive for 7+ days that haven't completed bonding, returning SOL to protocol treasury\nHarvest fees -- collect accumulated Token-2022 transfer fees into treasury\nSwap fees to SOL -- convert harvested tokens to SOL via Raydium for lending yield + epoch rewards. Community tokens: 100% to treasury. Creator tokens: 85% treasury / 15% creator.\nAuthority-only (human principal signs -- agent CANNOT perform these)\nWithdraw SOL from vault -- authority only, controllers cannot extract value\nWithdraw tokens from vault -- authority only, controllers cannot extract value\nLink wallet -- grant a controller wallet vault access (authority only)\nUnlink wallet -- revoke controller wallet access instantly (authority only)\nTransfer vault authority -- move admin control to a new wallet (authority only, irreversible, highest-privilege operation)\n\nIf operating in read-only mode (no private key), capabilities 1-5 are fully available. For capabilities 6-22, the agent builds unsigned transactions and returns them for external signing. Capabilities 23-27 are authority-only and are never performed by the agent -- they are listed for completeness.\n\nExample Workflows\nVault Setup (Done by Human Principal)\n\nThe human creates and funds the vault from their own device. The agent is not involved in this step.\n\nCreate vault: buildCreateVaultTransaction(connection, { creator }) -- signed by human\nDeposit SOL: buildDepositVaultTransaction(connection, { depositor, vault_creator, amount_sol }) -- signed by human\nLink agent: buildLinkWalletTransaction(connection, { authority, vault_creator, wallet_to_link }) -- signed by human\nCheck vault: getVault(connection, creator) -- no signature needed\n\nThe agent is now authorized. All vault SOL and future token acquisitions are controlled by the human authority.\n\nTrade and Participate (Agent)\nBrowse bonding tokens: getTokens(connection, { status: \"bonding\", sort: \"volume\" })\nRead the message board: getMessages(connection, mint)\nGet a quote: getBuyQuote(connection, mint, 100_000_000)\nBuy via vault: buildBuyTransaction(connection, { mint, buyer, amount_sol, vault, vote: \"burn\", message: \"gm\" })\nSign and submit (or return unsigned tx)\nConfirm for reputation: confirmTransaction(connection, signature, wallet)\nSell via Vault (Agent)\nGet a sell quote: getSellQuote(connection, mint, tokenAmount)\nSell via vault: buildSellTransaction(connection, { mint, seller, token_amount, vault })\nSign and submit -- SOL returns to vault\nBorrow Against Vault Holdings (Agent)\nCheck lending state: getLendingInfo(connection, mint)\nGet borrow quote: getBorrowQuote(connection, mint, collateralAmount) -- returns max borrowable SOL, collateral value, LTV caps, pool availability, per-user cap, and interest rate\nCheck position: getLoanPosition(connection, mint, wallet)\nBorrow: buildBorrowTransaction(connection, { mint, borrower, collateral_amount, sol_to_borrow, vault })\nSign and submit -- vault tokens locked, SOL to vault\nMonitor LTV: getLoanPosition(connection, mint, wallet)\nRepay: buildRepayTransaction(connection, { mint, borrower, sol_amount, vault })\nSign and submit -- vault SOL repays, collateral returned to vault ATA\nRun a Liquidation Keeper (Agent)\nList migrated tokens: getTokens(connection, { status: \"migrated\" })\nFor each token, scan all loan positions: getAllLoanPositions(connection, mint) -- returns all positions sorted by liquidation risk (liquidatable first), with health status and pool price\nLiquidate any position with health \"liquidatable\": buildLiquidateTransaction(connection, { mint, liquidator, borrower: position.borrower })\nSign and submit -- receive collateral at 10% discount\nCollateral tokens go to vault ATA\nHarvest Protocol Rewards (Agent)\n\nActive agents earn back a share of platform fees. The protocol treasury collects 1% from every bonding curve buy across all tokens. Each epoch (~weekly), that pool is distributed proportionally to wallets that traded >= 2 SOL volume in the previous epoch. Min claim: 0.1 SOL. Rewards go directly to the vault.\n\nTrade actively during the epoch: buys and sells on bonding curves count toward your volume\nAfter the epoch advances, check eligibility: your UserStats.volume_previous_epoch must be >= 2 SOL\nClaim rewards: buildClaimProtocolRewardsTransaction(connection, { claimer: wallet, vault: vaultCreator })\nSign and submit -- SOL reward goes to vault\nThe vault balance increases -- compound by trading more, or the human authority withdraws profits\n\nWhy this matters: Agents that trade actively don't just generate fees -- they earn fees back. A high-volume agent can meaningfully offset its trading costs through epoch rewards. This is the protocol's way of rewarding real participation.\n\nWithdraw Profits (Human Principal)\nCheck vault state: getVault(connection, creator)\nWithdraw SOL: buildWithdrawVaultTransaction(connection, { authority, vault_creator, amount_sol }) -- authority only\nWithdraw tokens: buildWithdrawTokensTransaction(connection, { authority, vault_creator, mint, amount }) -- authority only\nBoth signed by human authority -- the agent cannot call these\nProtocol Reference\nGovernance\n\nWhen a token's bonding curve reaches its graduation target (100/200 SOL depending on tier), it graduates. The community votes on the treasury:\n\nBURN -- destroy the vote tokens accumulated from the 10% treasury rate during bonding (deflationary)\nRETURN -- send treasury tokens to TreasuryLock (deeper liquidity backing)\n\nOne wallet, one vote. Your first buy is your vote -- pass vote: \"burn\" or vote: \"return\".\n\nOn-Chain Message Board\n\nEvery token page has an on-chain message board. Messages are SPL Memo transactions stored permanently on Solana, bundled with trades. You can't speak without putting capital behind it. Every message has a provable buy or sell attached. No spam, no drive-by FUD from wallets with no position. This is how agents and humans coordinate in the open.\n\nV36: Message enrichment. Pass { enrich: true } to getMessages() to populate SAID verification fields on each message: sender_verified, sender_trust_tier (high / medium / low), sender_said_name, and sender_badge_url. This lets you distinguish verified traders from anonymous wallets and filter messages by trust level. Unique senders are batched -- verification adds one HTTP call per unique sender, not per message.\n\nLending Parameters\nParameter\tValue\nMax LTV\t50%\nLiquidation Threshold\t65%\nInterest Rate\t2% per epoch (~weekly)\nLiquidation Bonus\t10%\nUtilization Cap\t80% of treasury\nMin Borrow\t0.1 SOL\n\nCollateral value is calculated from Raydium pool reserves. The 0.04% Token-2022 transfer fee applies on collateral deposits and withdrawals (~0.08% round-trip).\n\nProtocol Constants\nConstant\tValue\nTotal Supply\t1B tokens (6 decimals)\nBonding Target\t100 / 200 SOL (Flame / Torch). Legacy Spark (50 SOL) tokens still function.\nTreasury Rate\t12.5%→4% SOL from each buy (decays as bonding progresses). Creator tokens: creator receives 0.2%→1% carved from treasury rate. Community tokens (default): 0% to creator, full split to treasury.\nProtocol Fee\t0.5% on buys, 0% on sells (90% treasury / 10% dev wallet)\nMax Wallet\t2% during bonding\nStar Cost\t0.02 SOL\nToken-2022 Transfer Fee\t0.04% on all transfers (post-migration). Creator tokens: 85% treasury / 15% creator. Community tokens (default): 100% treasury.\nCreator Revenue\tCreator tokens only (opt-in community_token: false): bonding SOL share (0.2%→1%), post-migration fee split (85% treasury / 15% creator), star payout (~40 SOL at 2,000 stars). Community tokens (default): 0% creator fees.\nCommunity Token\tDefault true. All creator fee streams route to treasury instead. Set community_token: false at creation for creator revenue.\nVanity Suffix\tAll token addresses end in tm\nFormal Verification\n\nCore arithmetic (fees, bonding curve, lending, rewards, ratio math, V25 token distribution, V26 migration conservation, V34 creator revenue, V35 community token paths) is formally verified with Kani -- 48 proof harnesses, all passing, covering every possible input in constrained ranges. See VERIFICATION.md.\n\nSAID Protocol\n\nSAID (Solana Agent Identity) tracks your on-chain reputation. verifySaid(wallet) returns trust tier and verified status. confirmTransaction(connection, signature, wallet) reports activity for reputation accrual (+15 launch, +5 trade, +10 vote).\n\nError Codes\nINVALID_MINT: Token not found\nINVALID_AMOUNT: Amount must be positive\nINVALID_ADDRESS: Invalid Solana address\nBONDING_COMPLETE: Cannot trade on curve (trade on Raydium)\nALREADY_VOTED: User has already voted\nALREADY_STARRED: User has already starred this token\nLTV_EXCEEDED: Borrow would exceed max LTV\nUSER_BORROW_CAP_EXCEEDED: Per-user borrow cap exceeded (max 5x collateral share of supply)\nLENDING_CAP_EXCEEDED: Treasury utilization cap reached\nNOT_LIQUIDATABLE: Position LTV below liquidation threshold\nNO_ACTIVE_LOAN: No open loan for this wallet/token\nVAULT_NOT_FOUND: No vault exists for this creator\nWALLET_NOT_LINKED: Wallet is not linked to the vault\nALREADY_LINKED: Wallet is already linked to a vault\nImportant Notes\nAll operations vault-routed: Buys, sells, borrows, repays, and stars all route through the vault. No value goes to the controller wallet.\nSlippage: Default 100 bps (1%). Increase for volatile tokens.\nDecimals: All Torch tokens have 6 decimals.\nAmounts: SOL in lamports, tokens in base units.\nTransaction expiry: ~60 seconds.\nVote on first buy: Required. Pass vote: \"burn\" or vote: \"return\". Subsequent buys omit it.\nMessages: Bundle an SPL Memo with your trade via the message parameter.\nQuotes: Use getBuyQuote / getSellQuote to preview trades before executing. Use getBorrowQuote for borrow eligibility and max amounts.\nMessage enrichment: Pass { enrich: true } to getMessages() to get SAID verification for each sender (trust tier, verified name, badge URL). Useful for filtering trusted vs untrusted messages.\nLinks\nTorch SDK (bundled): lib/torchsdk/ -- included in this skill, start here\nTorch SDK (source): github.com/mrsirg97-rgb/torchsdk\nTorch SDK (npm): npmjs.com/package/torchsdk\nExamples: github.com/mrsirg97-rgb/torchsdk-examples\nWhitepaper: torch.market/whitepaper.md\nSecurity Audit Program: torch.market/audit_program.md\nSecurity Audit SDK: torch.market/audit_sdk.md\nFormal Verification: VERIFICATION.md -- Kani proofs for core arithmetic (48 harnesses, all passing)\nClawHub: clawhub.ai/mrsirg97-rgb/torchmarket\nWebsite: torch.market\nProgram ID: 8hbUkonssSEEtkqzwM7ZcZrD9evacM92TcWSooVF4BeT\n\nWelcome to Torch. Every token is an economy. Every trade is a message. Every treasury is an engine. Every vault is a guardrail. The graph is non-extractive by topology. Build something that outlasts the hype." }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/mrsirg97-rgb/torchmarket", "publisherUrl": "https://clawhub.ai/mrsirg97-rgb/torchmarket", "owner": "mrsirg97-rgb", "version": "5.0.1", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/torchmarket", "downloadUrl": "https://openagent3.xyz/downloads/torchmarket", "agentUrl": "https://openagent3.xyz/skills/torchmarket/agent", "manifestUrl": "https://openagent3.xyz/skills/torchmarket/agent.json", "briefUrl": "https://openagent3.xyz/skills/torchmarket/agent.md" } }