OpenSkillIndex← back to search
claude-codesecurity

Claude-skill-registry create-bap-identity

This skill should be used when the user asks to "create BAP identity", "new BAP", "Type42 identity", "Legacy BAP identity", "generate BAP", "set up BAP identity", "initialize BAP", or needs to create Bitcoin Attestation Protocol identities using the bap CLI.

install
source · Clone the upstream repo
git clone https://github.com/majiayu000/claude-skill-registry
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/create-bap-identity" ~/.claude/skills/majiayu000-claude-skill-registry-create-bap-identity && rm -rf "$T"
manifest: skills/data/create-bap-identity/SKILL.md
tags
#bitcoin#bap#identity#cli#key-management
source content

Create BAP Identity

Create and manage BAP (Bitcoin Attestation Protocol) identities using the 

bsv-bap
library.

Installation

bun add bsv-bap @bsv/sdk

Creating an Identity

import { BAP } from "bsv-bap";
import { PrivateKey } from "@bsv/sdk";

// Create BAP instance with new key
const privateKey = PrivateKey.fromRandom();
const bap = new BAP({ rootPk: privateKey.toWif() });

// Create identity
const identity = bap.newId("Alice Smith");

console.log("Identity Key:", identity.getIdentityKey());
console.log("Root Address:", identity.rootAddress);
console.log("Signing Address:", identity.getCurrentAddress());

Key Derivation

BAP uses Type42 (BRC-42) key derivation with BRC-43 invoice numbers:

PurposeInvoice NumberSecurity Level
Signing key
1-bap-identity
1 (public protocol)
Friend encryption
2-friend-{sha256(friendBapId)}
2 (user-approved)

Signing Messages

import { Utils } from "@bsv/sdk";
const { toArray } = Utils;

// Sign a message
const message = toArray("Hello World", "utf8");
const { address, signature } = identity.signMessage(message);

// Verify (on any BAP instance)
const isValid = bap.verifySignature("Hello World", address, signature);

Friend Encryption

Derive friend-specific encryption keys for private communication:

// Get encryption pubkey for a friend (share in friend requests)
const friendPubKey = identity.getEncryptionPublicKeyWithSeed(friendBapId);

// Encrypt data for friend
const ciphertext = identity.encryptWithSeed("secret message", friendBapId);

// Decrypt data from friend
const plaintext = identity.decryptWithSeed(ciphertext, friendBapId);

Export/Import

// Export for backup
const backup = bap.exportForBackup("My Identity");
// { ids: "...", createdAt: "...", rootPk: "..." }

// Import from backup
const bap2 = new BAP({ rootPk: backup.rootPk });
bap2.importIds(backup.ids);

CLI Option

For quick operations, the 

bsv-bap
package includes a CLI:

npm install -g bsv-bap

bap create --name "Alice"     # Create identity (~/.bap/identity.json)
bap sign "Hello World"        # Sign message
bap verify "msg" "sig" "addr" # Verify signature
bap info                      # Show identity info
bap friend-pubkey <bapId>     # Get friend encryption pubkey
bap encrypt <data> <bapId>    # Encrypt for friend
bap decrypt <text> <bapId>    # Decrypt from friend
bap export                    # Export backup JSON
bap import <file>             # Import from backup

Next Steps

After creating an identity:

  1. Sign messages for authentication
  2. Share encryption pubkeys in friend requests
  3. Publish identity to blockchain for on-chain reputation
  4. Integrate with Sigma Identity for OAuth (
    @sigma-auth/better-auth-plugin
    )

Related Skills

  • key-derivation
     - Type42 and BRC-43 key derivation patterns
  • message-signing
     - BSM, BRC-77, and Sigma signing protocols
  • encrypt-decrypt-backup
     - bitcoin-backup CLI for .bep encrypted backups