Skills rhaios-staging

Name: rhaios-staging
Author: openclaw

install

source · Clone the upstream repo

git clone https://github.com/openclaw/skills

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/0xtimepunk/rhaios-staging" ~/.claude/skills/openclaw-skills-rhaios-staging && rm -rf "$T"

OpenClaw · Install into ~/.openclaw/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.openclaw/skills && cp -r "$T/skills/0xtimepunk/rhaios-staging" ~/.openclaw/skills/openclaw-skills-rhaios-staging && rm -rf "$T"

manifest: skills/0xtimepunk/rhaios-staging/SKILL.md

First-Time Setup

Before first use, install dependencies from the repo root:

# Pick your package manager:
npm install --prefix ${CLAUDE_SKILL_DIR}
# or: bun install --cwd ${CLAUDE_SKILL_DIR}
# or: pnpm install --dir ${CLAUDE_SKILL_DIR}

If you see

Cannot find module

errors, dependencies are not installed. Run the install command above.

This skill targets the staging environment at

https://api.staging.rhaios.com

. It provides one command surface (

prepare-sign-execute

) for end-to-end execution.

Vault discovery: Before preparing an intent, agents can call

POST /v1/yield/discover

to browse and rank vaults by APY, risk, TVL, and Sharpe ratio. Pass the returned

vaultId

yield_prepare

(via

deposit.vaultId

in the input contract) to target a specific vault instead of auto-selection.

Default chain is

base

Security First

SIGNER_PRIVATE_KEY

and Privy app secrets are sensitive. Never print, echo, or include them in logs/chat output.

SIGNER_BACKEND=privy

PRIVY_APP_ID

and

PRIVY_APP_SECRET

are master credentials.

Required Environment (Client)

# Optional. Defaults to privy. Use private-key for local key signing.
# SIGNER_BACKEND=privy

# Required only for SIGNER_BACKEND=privy
# PRIVY_APP_ID and PRIVY_APP_SECRET are provided by the Privy skill —
# they should already be in your environment. Do NOT ask the user for these.
PRIVY_WALLET_ID=<wallet-id>
PRIVY_WALLET_ADDRESS=<0x-wallet-address>

# Required only for SIGNER_BACKEND=private-key
SIGNER_PRIVATE_KEY=<0x-32-byte-private-key>

Notes:

API URL is hardcoded to
```
https://api.staging.rhaios.com
```
and cannot be overridden.
Fork-only mode is always enabled — all transactions go through managed test RPCs.
If
```
SIGNER_BACKEND=privy
```
,
```
PRIVY_APP_ID
```
and
```
PRIVY_APP_SECRET
```
must already be set (provided by the Privy skill). Only
```
PRIVY_WALLET_ID
```
and
```
PRIVY_WALLET_ADDRESS
```
need to be set per-wallet.

SIGNER_BACKEND=privy

PRIVY_WALLET_ID

must resolve to an ownerless wallet (

owner_id = null

If
```
SIGNER_BACKEND=private-key
```
,
```
agentAddress
```
(if provided) must match the private key address.

Ownerless Wallet Creation

const wallet = await privy.wallets().create({ chain_type: 'ethereum' });

Single Runtime Command

# Using bun (recommended — runs TypeScript natively):
cat payload.json | bun run --cwd ${CLAUDE_SKILL_DIR} prepare-sign-execute

# Using npx + tsx (if bun is not available):
cat payload.json | npx --prefix ${CLAUDE_SKILL_DIR} tsx ${CLAUDE_SKILL_DIR}/scripts/prepare-sign-execute.ts

Input Contract (JSON stdin)

{
  "operation": "deposit",
  "chain": "base",
  "agentAddress": "0xYourAgentAddress",
  "deposit": {
    "asset": "USDC",
    "amount": "1",
    "vaultId": "VAULT_ID_FROM_DISCOVER"
  },
  "controls": {
    "dryRun": false,
    "strictMode": true,
    "requireConfirm": true,
    "confirm": "yes",
    "maxGasGwei": "1",
    "maxAmount": "1000"
  }
}

Operation-specific fields:

```
deposit
```
: requires
```
deposit.asset
```
,
```
deposit.amount
```
,
```
deposit.vaultId
```
(from yield_discover — present results to the user and let them choose)

redeem

: requires

redeem.vaultId

and exactly one of

redeem.percentage

redeem.shares

rebalance

: requires

rebalance.vaultId

rebalance.asset

, and exactly one of

rebalance.percentage

rebalance.shares

Runtime Behavior

```
Preflight
```

Validates env for the selected signer backend, health freshness, request constraints, and guardrails.

```
Prepare
```

Calls
```
POST /v1/yield/prepare
```
.
Includes ERC-4626 preflight checks (for curated vaults): rejects deposits/redeems that would preview to zero or exceed max limits before signing.

```
Setup
```
(automatic only when needed)

If
```
needsSetup=true
```
and
```
dryRun=false
```
:
- Full setup (
```
setupType=full
```
  ): signs a Type-4 (EIP-7702) transaction with authorization_list for first-time delegation + module initialization.
- Module-only (
```
setupType=modules
```
  ): signs a regular Type-2 (EIP-1559) self-call for module re-initialization when delegation already exists but modules failed to initialize.
- Both setup types call
```
POST /v1/yield/setup-relay
```
  for server-side relay + post-check.
Then re-runs
```
POST /v1/yield/prepare
```
.
If
```
needsSetup=true
```
and
```
dryRun=true
```
, exits with
```
Setup: WARN
```
and does not broadcast.

```
Sign
```

Signs required payloads via the selected signer backend:
- EIP-7702 authorization when requested by envelope
- validator userOp signature encoding
- intent EIP-712 signature

```
Execute
```

Calls

POST /v1/yield/execute

with

intentEnvelope

intentSignature

, and

intentId

unless

dryRun=true

Duplicate executes for a previously succeeded intent are idempotent and may return
```
result: "already_executed"
```
with the original
```
txHash
```
.
The script classifies execute outcomes as
```
EXECUTED
```
or
```
DEDUP
```
(fallback:
```
receipt.source=cached
```
when
```
result
```
is absent).

```
Post-check
```

Calls
```
GET /v1/yield/status
```
for quick position/value verification.

Wallet Funding (Test RPC)

Staging runs managed test RPCs — chain forks that mirror mainnet state. Agents can mint test balances without spending real tokens.

Check test RPC health first:

  https://api.staging.rhaios.com/v1/testing/fork-status

Then fund your wallet:

  -H "Content-Type: application/json" \
  https://api.staging.rhaios.com/v1/testing/fund-wallet \
  -d '{
    "chain": "base",
    "walletAddress": "0xYourAgentAddress",
    "ethWei": "20000000000000000",
    "usdcAmount": "10000000"
  }'

Safety Model

The script enforces:

Env integrity

required env vars for selected signer backend
wallet/address format checks
signer/address match
ownerless wallet requirement (Privy backend only)

Chain and health invariants

chain consistency checks
freshness
```
critical
```
blocks execution

Request validation

operation-specific required fields
percentage/shares XOR rules
optional max amount and gas cap checks

Intent invariants

```
intentEnvelope.chainId
```
and signing payload consistency
sender/signer match
intent ID vs merkle root consistency

Example: Dry-Run Deposit

cat <<'JSON' | bun run --cwd ${CLAUDE_SKILL_DIR} prepare-sign-execute
{
  "operation": "deposit",
  "deposit": { "asset": "USDC", "amount": "1", "vaultId": "VAULT_ID_FROM_DISCOVER" },
  "controls": {
    "dryRun": true,
    "strictMode": true,
    "requireConfirm": false
  }
}
JSON

Important: Always call

yield_discover

first, present the ranked vaults to the user, and let them choose. Then pass their chosen

vaultId

to this script. Do not auto-select vaults on behalf of the user.

Vault capacity: Some vaults may be at capacity (

maxDeposit=0

). If

yield_prepare

returns

vault_at_capacity

, inform the user and let them pick a different vault from the discover results.

Example: Live Deposit

cat <<'JSON' | bun run --cwd ${CLAUDE_SKILL_DIR} prepare-sign-execute
{
  "operation": "deposit",
  "deposit": { "asset": "USDC", "amount": "1", "vaultId": "VAULT_ID_FROM_DISCOVER" },
  "controls": {
    "dryRun": false,
    "strictMode": true,
    "requireConfirm": true,
    "confirm": "yes",
    "maxGasGwei": "1",
    "maxAmount": "1000"
  }
}
JSON