bankrbot/opensea-tool-sdk
opensea/opensea-tool-sdk/SKILL.md
Build, register, and gate AI-callable tool endpoints using the OpenSea Tool Registry (ERC-8257) on Base. Scaffold HTTPS tools with JSON Schema interfaces, register them onchain, gate access via NFT ownership or x402 pay-per-call (USDC), and call gated tools. For querying OpenSea marketplace data use opensea-api instead.
$ install --global
skillsauthnpx skillsauth add bankrbot/openclaw-skills opensea-tool-sdkInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 10, 2026, 3:17 AM207.7s4 files scanned
SKILL.md
- name:
- opensea-tool-sdk
- description:
- RPC URL for Base mainnet (default https://mainnet.base.org)
- homepage:
- https://github.com/ProjectOpenSea/tool-sdk
- repository:
- https://github.com/ProjectOpenSea/tool-sdk
- license:
- MIT
- required:
- false
OpenSea Tool SDK
Build, register, and gate AI-callable tool endpoints using the OpenSea Tool Registry (ERC-8257) on Base.
When to use this skill (scope_in)
Use opensea-tool-sdk when you need to:
- Scaffold an AI-callable tool endpoint (HTTPS, JSON Schema,
.well-knownmanifest) for Vercel, Cloudflare, or Express - Register a tool onchain on the Base ToolRegistry so other agents can discover it
- Gate access via x402 pay-per-call (USDC) or predicates (ERC-721/ERC-1155 ownership, subscriptions, composites)
- Call a gated tool: SIWE auth (
authenticatedFetch), 402 payments (paidFetch), or both (paidAuthenticatedFetch)
When NOT to use this skill (scope_out, handoff)
| Need | Use instead |
|---|---|
| Query NFT/token data, search, collection stats | opensea-api |
| Buy/sell NFTs | opensea-marketplace |
| Swap ERC20 tokens | opensea-swaps |
| Set up wallet signing providers | opensea-wallet |
This SDK is for tool providers and consumers. To query OpenSea marketplace data (floor prices, listings, trades), use the opensea-api skill instead.
Concepts
| Term | Meaning |
|------|---------|
| Tool | An HTTPS endpoint with a JSON Schema interface, discoverable via /.well-known/ai-tool/<slug>.json |
| Manifest | JCS-canonicalized JSON describing the tool's name, endpoint, inputs, outputs, pricing, and access policy |
| ToolRegistry | Onchain contract (Base) where tools are registered with a manifest hash and optional access predicate |
| Access Predicate | An IAccessPredicate contract that gates who can invoke a tool (NFT ownership, subscriptions, composites) |
| x402 | HTTP 402-based pay-per-call protocol (caller signs a USDC TransferWithAuthorization; server settles after execution) |
| SIWE | Sign-In with Ethereum (EIP-4361), used to authenticate callers for predicate-gated tools |
| Facilitator | Third-party service that verifies and settles x402 payments (PayAI or Coinbase CDP) |
Deployed Contracts (Base mainnet)
| Contract | Address |
|----------|---------|
| ToolRegistry (v0.1) | 0x7291BbFbC368C2D478eCe1eA30de31F612a34856 |
| ERC721OwnerPredicate (v0.2) | 0xd1F703D0B90BB7106fAebBfbcAdD2B07BDc4c769 |
| ERC1155OwnerPredicate (v0.2) | 0xc179b9d4D9B7ffe0CdA608134729f72003380A7e |
1. Create a Tool
1a. Scaffold a project
npx @opensea/tool-sdk init --runtime vercel # or: cloudflare, express
This generates:
src/manifest.ts: tool manifest definitionsrc/handler.ts: request handler with input/output schemasapi/index.ts: framework adapter entry pointpublic/llms.txt: agent-readable discovery pageapi/well-known/[slug].ts: serves the manifest at/.well-known/ai-tool/<slug>.json
1b. Define the manifest
import { defineManifest } from "@opensea/tool-sdk"
export const manifest = defineManifest({
name: "My Tool",
description: "What this tool does",
endpoint: "https://my-tool.example.com/api",
creatorAddress: "0xYOUR_WALLET_ADDRESS",
inputs: {
type: "object",
properties: {
query: { type: "string", description: "Search query" },
},
required: ["query"],
},
outputs: {
type: "object",
properties: {
result: { type: "string" },
},
},
// Optional: add pricing for x402 paywall (see references/x402.md)
// pricing: paywall.pricing,
// Optional: add access requirements (see references/predicate-gating.md)
// access: { logic: "OR", requirements: [...] },
})
1c. Write the handler
import { createToolHandler } from "@opensea/tool-sdk"
import { z } from "zod/v4"
import { manifest } from "./manifest.js"
const InputSchema = z.object({ query: z.string() })
const OutputSchema = z.object({ result: z.string() })
export const toolHandler = createToolHandler({
manifest,
inputSchema: InputSchema,
outputSchema: OutputSchema,
// gates: [], // Add gates here (see references/x402.md and references/predicate-gating.md)
handler: async (input) => {
return { result: `Processed: ${input.query}` }
},
})
1d. Wire up the adapter
Vercel:
import { toVercelHandler } from "@opensea/tool-sdk"
import { toolHandler } from "../src/handler.js"
export default toVercelHandler(toolHandler)
Express:
import { toExpressHandler } from "@opensea/tool-sdk"
import { toolHandler } from "./handler.js"
app.post("/api", toExpressHandler(toolHandler))
Cloudflare Workers:
import { toolHandler } from "./handler.js"
export default { fetch: toolHandler }
2. Register a Tool Onchain
2a. Via CLI
# Set up wallet
export PRIVATE_KEY=0x...
export RPC_URL=https://mainnet.base.org
# Register (open access, no predicate)
npx @opensea/tool-sdk register \
--metadata https://my-tool.example.com/.well-known/ai-tool/my-tool.json \
--network base
# Register with NFT gate (ERC-721 collection)
npx @opensea/tool-sdk register \
--metadata https://my-tool.example.com/.well-known/ai-tool/my-tool.json \
--network base \
--nft-gate 0xCOLLECTION_ADDRESS
# Register with a custom access predicate
npx @opensea/tool-sdk register \
--metadata https://my-tool.example.com/.well-known/ai-tool/my-tool.json \
--network base \
--access-predicate 0xPREDICATE_ADDRESS
# Dry run (no transaction)
npx @opensea/tool-sdk register --metadata ... --network base --dry-run
The CLI:
- Fetches the manifest from
--metadataURL - Validates the manifest schema
- Verifies
manifest.creatorAddressmatches your wallet - Computes the JCS keccak256 manifest hash
- Calls
ToolRegistry.registerTool(metadataURI, manifestHash, accessPredicate) - Returns the
toolIdfrom theToolRegisteredevent
2b. Via SDK (programmatic)
import { ToolRegistryClient, computeManifestHash } from "@opensea/tool-sdk"
import { createWalletFromEnv, walletAdapterToClient } from "@opensea/tool-sdk"
import { base } from "viem/chains"
const adapter = createWalletFromEnv()
const walletClient = await walletAdapterToClient(adapter, base)
const registry = new ToolRegistryClient({
chain: base,
rpcUrl: "https://mainnet.base.org",
walletClient,
})
const { toolId, txHash } = await registry.registerTool({
metadataURI: "https://my-tool.example.com/.well-known/ai-tool/my-tool.json",
manifest, // your ToolManifest object
accessPredicate: "0x0000...0000", // address(0) for open access
})
console.log(`Registered tool ${toolId} in tx ${txHash}`)
3. Gating tool access
Tools can be gated three ways:
| Gate | Mechanism | Reference |
|------|-----------|-----------|
| x402 paywall | Pay-per-call (USDC, EIP-3009) | references/x402.md |
| Predicate gate | Onchain check (NFT, subscription, composite) | references/predicate-gating.md |
| Combined | SIWE auth and payment (predicate first, then x402) | references/predicate-gating.md |
For deployed predicate addresses, requirement encodings, and SDK helpers like describeToolAccess / decodeRequirement, see references/known-predicates.md.
4. Wallet Setup
The SDK supports multiple wallet providers via @opensea/wallet-adapters. Set environment variables and the SDK auto-detects the provider. See the opensea-wallet skill for the full provider table, env vars, setup walkthroughs, and signing-policy configuration.
import { createWalletFromEnv } from "@opensea/tool-sdk"
const adapter = createWalletFromEnv()
const address = await adapter.getAddress()
For Bankr (external signer):
import { createBankrAccount } from "@opensea/tool-sdk"
const account = await createBankrAccount("your-bankr-api-key")
// Use with authenticatedFetch or paidAuthenticatedFetch
5. Response Codes
| Code | Meaning | Action |
|------|---------|--------|
| 200 | Success | Parse the JSON body per the manifest's outputs schema |
| 400 | Invalid input | Fix request body to match the manifest's inputs schema |
| 401 | Missing/invalid SIWE auth | Sign a SIWE message and include Authorization: SIWE <token> |
| 402 | Payment required | Read body.accepts[0] for payment requirements, sign and retry with X-Payment |
| 403 | Access denied | Inspect body.predicate to discover what's needed; acquire the required token/subscription |
| 405 | Method not allowed | Use POST |
| 500 | Internal tool error | Retry or contact the tool creator |
| 502 | Predicate/facilitator error | The upstream predicate or payment facilitator misbehaved; retry later |
6. Quick Reference: CLI Commands
| Command | Purpose |
|---------|---------|
| init | Scaffold a new tool project |
| validate | Validate a manifest file |
| hash | Compute the JCS keccak256 hash of a manifest |
| export | Export the manifest as JSON |
| register | Register a tool onchain |
| update-metadata | Update a tool's metadata URI and manifest hash onchain |
| inspect | Look up a tool's onchain config by ID |
| verify | Verify a manifest against its onchain hash |
| deploy | Deploy a tool to Vercel |
| auth | Call a predicate-gated tool (SIWE) |
| pay | Call an x402-paid tool (USDC) |
| smoke | Auto-detect gate type and call |
| dry-run-gate | Simulate an x402 gate check locally |
| dry-run-predicate-gate | Simulate a predicate gate check locally |
All CLI commands accept --wallet-provider privy|turnkey|fireblocks|bankr|private-key or auto-detect from env vars.
7. End-to-End Examples
Example A: Free open-access tool
# 1. Scaffold
npx @opensea/tool-sdk init --runtime vercel
# 2. Edit src/manifest.ts and src/handler.ts with your logic
# 3. Deploy
npx @opensea/tool-sdk deploy
# 4. Register (open access)
PRIVATE_KEY=0x... npx @opensea/tool-sdk register \
--metadata https://my-tool.vercel.app/.well-known/ai-tool/my-tool.json \
--network base
# 5. Call
curl -X POST https://my-tool.vercel.app/api \
-H "Content-Type: application/json" \
-d '{"query": "hello"}'
Example B: x402 paid tool (pay-per-call only, no identity check)
# Server: add paywall gate (see references/x402.md)
# Call via CLI:
PRIVATE_KEY=0x... npx @opensea/tool-sdk pay \
https://my-tool.vercel.app/api \
--body '{"query": "hello"}'
Example C: NFT-gated tool (identity check, no payment)
# Register with NFT gate
PRIVATE_KEY=0x... npx @opensea/tool-sdk register \
--metadata https://my-tool.vercel.app/.well-known/ai-tool/my-tool.json \
--network base \
--nft-gate 0xCOLLECTION
# Server: add predicateGate (see references/predicate-gating.md)
# Call via CLI:
PRIVATE_KEY=0x... RPC_URL=https://mainnet.base.org \
npx @opensea/tool-sdk auth \
https://my-tool.vercel.app/api \
--body '{"query": "hello"}'
Example D: NFT-gated and paid tool (both gates)
# Server: add both predicateGate and paywall.gate (see references/predicate-gating.md)
# Call via CLI:
PRIVATE_KEY=0x... RPC_URL=https://mainnet.base.org \
npx @opensea/tool-sdk smoke \
--endpoint https://my-tool.vercel.app/api \
--expect 200
References
references/x402.md: pay-per-call protocol, server-side paywall,paidFetchreferences/predicate-gating.md: SIWE-based access control, combined gatesreferences/known-predicates.md: deployed predicate contracts and SDK helpers- Tool SDK GitHub
Related Skills
bankrbot/hunch
data-ai
VerifiedTrustedCommunity
Discover, bet on, track, and settle Hunch prediction markets in natural language. Trigger when a user wants to bet, take a position, or get odds on a crypto outcome — token market-cap milestones and flips, launchpad races (Bankr vs pump.fun volume / #1-days / launches over a cap), token head-to-head outperformance, mcap strike-ladders, and up/down price rounds. Also trigger on "what can I bet on about $TOKEN", "odds on …", "take YES/NO on …", "show my Hunch bets", "did my market resolve". Settles in USDC on Base via x402 (≤ $10 / bet); every bet returns an on-chain proof.
1,143SKILL.mdUpdated Jun 6, 2026
bankrbot/1claw
tools
VerifiedTrustedCommunity
HSM-backed secret management for AI agents. Store API keys (including Bankr `bk_` keys), passwords, and credentials in an encrypted vault; retrieve them at runtime via MCP without keeping secrets in chat context. Bankr Dynamic Key Vending issues short-lived scoped `bk_usr_` keys from a partner key (`bk_ptr_`) without manual rotation. Policy-based access control, secret rotation, sharing, EVM transaction intents (sign/simulate/broadcast), multi-chain signing keys, treasury multisig proposals, OIDC federation for external service auth, built-in prompt injection detection, and optional Shroud TEE LLM proxy. Use when the agent needs secure credential storage, just-in-time secret access, guarded on-chain signing, or security scanning — not for Bankr trading prompts, portfolio checks, or x402 calls (use the bankr skill instead).
1,143SKILL.mdUpdated Jun 5, 2026
bankrbot/gem-miner
testing
VerifiedTrustedCommunity
Stake $GEM tokens on Gem Miner (gemminer.app) to earn yield and unlock the in-game earn/cashout system. Use when the user wants to stake GEM, check their staking balance or rewards, unstake, claim rewards, or check whether they meet the 25M GEM gate. Base mainnet only.
1,143SKILL.mdUpdated Jun 1, 2026
bankrbot/codegrid
development
VerifiedTrustedCommunity
CodeGrid is a native macOS canvas where multiple coding agents (Claude, Codex, Gemini, Cursor, Grok, shells) run side by side in panes and collaborate via a local agent bus — no tmux, no cloud, no account, no stored API keys. Install this skill when an agent should know how to operate inside a CodeGrid pane, drive the workspace from outside (control socket or codegrid:// deep links), spawn or message sibling agents, or coordinate multi-agent work (delegate, review, pipeline, parallel fan-out, monitor, debate). The differentiator: multiple coding agents collaborating on one canvas, addressable by stable session_id, with a read → message → read protocol built for orchestration.
1,143SKILL.mdUpdated Jun 1, 2026