liberfi-auth
Authenticate with LiberFi: register a new account, log in, manage session state, and verify wallet assignments. Two login modes are supported: 1. Key-based (--key): Generates a local P-256 key pair and signs a timestamp. Ideal for agent / headless / automated environments. No email required; a TEE wallet is created automatically. 2. Email OTP: Sends a 6-digit code to the user's email. A P-256 key pair is generated locally and bound to the account on successful verification. A TEE wallet is created automatically. After authentication, a LiberFi JWT is stored in ~/.liberfi/session.json. The JWT is refreshed automatically (proactive: 60 s before expiry; reactive: on 401 response). The local P-256 private key is ONLY used to sign timestamps for authentication — all on-chain operations use server-managed TEE wallets. Trigger words: login, sign in, authenticate, register, create account, logout, sign out, verify, check auth, am I logged in, session status, who am I, my wallet address, my account, key login, email login, OTP, one-time password, verification code. Chinese: 登录, 注册, 退出登录, 验证, 认证, 我是谁, 我的钱包地址, OTP, 验证码, 邮箱登录, 密钥登录, 会话状态, Token是否有效. CRITICAL: Always use `--json` flag for structured output. CRITICAL: Check status BEFORE attempting login. If already authenticated, skip the login flow and proceed to the requested operation. CRITICAL: For agent environments, ALWAYS use `lfi login key --json`. Never block on email OTP in automated contexts.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/bombmod/liberfi-authLiberFi Auth
Authenticate with LiberFi and manage your session.
Pre-flight Checks
See bootstrap.md for CLI installation and connectivity verification.
Login Modes
Mode 1 — Key-based Login (recommended for agents)
Generates a P-256 key pair on first use; on subsequent calls, the existing key is reused. No user interaction required — suitable for automated and agent environments.
lfi login key --role AGENT --name "MyAgent" --json
Flow:
- Loads
~/.liberfi/keys/default.jsonor generates a new key pair. - Signs
Date.now()(Unix ms string) with the local private key (SHA-256 + ECDSA P-256). - Sends
POST /v1/auth/keywith{ publicKeyHex, uncompressedPublicKeyHex, timestampMs, signature }. - Server verifies the signature and upserts the user record.
- If new user: server creates server-owned EVM + SOL TEE wallets.
- Returns a LiberFi JWT; stored in
~/.liberfi/session.json.
Token refresh:
- Proactive: if the JWT expires in < 60 s, the CLI re-signs a new timestamp and calls
POST /v1/auth/key. - Reactive: on any
401response, the CLI attempts one automatic refresh before propagating the error.
Mode 2 — Email OTP Login (for human users)
Two steps: send OTP, then verify.
Step 1 — Send OTP:
lfi login [email protected] --json
Expected output:
{
"ok": true,
"otpId": "uuid-here",
"message": "Verification code sent to [email protected]. It expires in 5 minutes."
}
Step 2 — Verify OTP:
lfi verify <otpId> <6-digit-code> --json
Expected output:
{
"ok": true,
"userId": "...",
"role": "HUMAN",
"evmAddress": "0x...",
"solAddress": "...",
"isNewUser": true,
"message": "Email verified. Authenticated as ..."
}
Notes:
- OTP expires in 5 minutes.
- After verification, the locally generated P-256 key pair is saved as the permanent identity for session auto-refresh.
- Subsequent refreshes work identically to key-based login (no additional email OTPs needed).
Commands
lfi status --json
Shows current authentication state without a network call.
{
"ok": true,
"authenticated": true,
"userId": "...",
"role": "HUMAN",
"evmAddress": "0x...",
"solAddress": "...",
"expiresInSecs": 82340,
"expired": false
}
lfi whoami --json
Fetches the current user's profile from the server (requires valid token).
{
"userId": "...",
"role": "HUMAN",
"displayName": "",
"email": "[email protected]",
"evmAddress": "0x...",
"solAddress": "..."
}
lfi logout --json
Clears ~/.liberfi/session.json. The JWT is not revoked server-side.
Pre-flight: Authentication Bootstrap
Run this sequence at the start of any operation that requires authentication:
# 1. Connectivity
lfi ping --json
# 2. Check session state
lfi status --json
Decision tree based on lfi status output:
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-bombmod-liberfi-auth": {
"enabled": true,
"auto_update": true
}
}
}Related Skills
liberfi-market
Discover trending tokens and newly listed tokens across supported blockchains: view trending token rankings by chain and time window, find newly launched tokens, filter by launchpad platform, sort by volume/price change/market cap, and search within rankings by keywords. Trigger words: trending, trending tokens, hot tokens, top tokens, top gainers, top losers, market overview, market trends, what's hot, what's trending, popular tokens, most traded, highest volume, biggest gainers, biggest movers, new tokens, new listings, newly listed, just launched, new coins, recent launches, launchpad, pump.fun, pump fun, new launch, discovery, discover tokens, explore, market scan, market watch, ranking, rankings, leaderboard, top chart, heat map, token rankings, performance ranking, best performing. Chinese: 趋势, 热门代币, 排行, 排行榜, 涨幅榜, 跌幅榜, 市场趋势, 什么在涨, 热门, 最热, 新币, 新上线, 刚上线, 新发行, 最近上线, 市场概览, 市场扫描, 发现代币, 探索. CRITICAL: Always use `--json` flag for structured output. CRITICAL: When showing rankings, display at least token name, symbol, price, and 24h change. Do NOT use this skill for: - Specific token details, security audit, holders, or K-line → use liberfi-token - Wallet holdings or portfolio analysis → use liberfi-portfolio - Swap quotes, trading, or transaction execution → use liberfi-swap Do NOT activate on vague inputs like "market" alone without context indicating the user wants rankings or new token discovery.
liberfi-predict
Browse and trade prediction markets: list events with filtering and search, view event details and embedded markets, check USDC balances on Kalshi and Polymarket, view portfolio positions and trade history, list and inspect orders, request Kalshi quotes, submit signed Kalshi transactions, and create Polymarket orders. Trigger words: predict, prediction, prediction market, prediction markets, events, event, bet, bets, forecast, binary option, binary outcome, polymarket, kalshi, outcome, prediction positions, prediction balance, prediction orders, prediction trades, prediction event, browse predictions, place bet, prediction quote, submit prediction, prediction portfolio. Chinese: 预测, 预测市场, 事件, 投注, 下注, 预测仓位, 预测余额, 预测订单, 预测交易, 预测事件, 浏览预测, 预测报价, 提交预测, 预测持仓. CRITICAL: Always use `--json` flag for structured output. CRITICAL: Polymarket order creation requires all five POLY_* authentication flags. CRITICAL: Kalshi submit requires a signed transaction — never fabricate signatures. CRITICAL: NEVER execute orders without explicit user confirmation. Do NOT use this skill for: - Token search, price, details, security audit, K-line → use liberfi-token - Trending token rankings or new token discovery → use liberfi-market - Wallet holdings, activity, or PnL stats → use liberfi-portfolio - Swap quotes, trade execution, or transaction broadcast → use liberfi-swap - Authentication (login, logout, session) → use liberfi-auth Do NOT activate on vague inputs like "predict" alone without context indicating the user wants prediction market operations.
liberfi-swap
Execute token swaps and manage on-chain transactions: list supported swap chains, browse available swap tokens, get swap quotes with price/slippage/route info, build signable swap transactions, estimate gas/transaction fees, and broadcast signed transactions to the blockchain. Trigger words: swap, trade, exchange, buy token, sell token, convert, swap tokens, trade tokens, exchange tokens, buy crypto, sell crypto, get a quote, swap quote, price quote, how much will I get, swap rate, exchange rate, slippage, swap route, best price, execute swap, confirm swap, make a trade, place a trade, transaction, send transaction, broadcast, submit transaction, tx, send tx, gas fee, transaction fee, fee estimate, gas estimate, how much gas, supported chains, swap chains, which chains, available tokens, swap tokens, chain list, token list, build transaction, sign transaction. Chinese: 兑换, 交易, 买入, 卖出, 换币, 代币兑换, 报价, 兑换报价, 价格, 能换多少, 滑点, 路由, 最优价格, 执行交易, 确认交易, 发送交易, 广播交易, 手续费, Gas费, 费用估算, 支持的链, 可用代币, 构建交易, 签名交易. CRITICAL: Always use `--json` flag for structured output. CRITICAL: Swap amounts are in **smallest unit** (e.g. lamports for SOL, wei for ETH). CRITICAL: ALWAYS run `lfi token security` on the target token BEFORE executing a swap. CRITICAL: NEVER execute swap or send transaction without explicit user confirmation. Do NOT use this skill for: - Token search, info, security audit, K-line → use liberfi-token - Trending tokens or new token rankings → use liberfi-market - Wallet holdings, activity, or PnL stats → use liberfi-portfolio - Token holder or trader analysis → use liberfi-token Do NOT activate on vague inputs like "trade" or "buy" without specifying tokens or amounts.
liberfi-portfolio
Analyze wallet portfolios on supported blockchains: view token holdings with current values, track transaction activity and history, check PnL (profit and loss) statistics over different time windows, and query total wallet net worth. Also supports querying the authenticated user's own LiberFi TEE wallet portfolio without needing to provide a wallet address — use the `me` commands when the user wants to check their own LiberFi account's holdings, activity, stats, or net worth. Trigger words: wallet, portfolio, holdings, my tokens, my coins, my balance, what do I hold, what tokens do I have, wallet balance, wallet holdings, wallet activity, transaction history, recent transactions, transfers, swaps, trade history, wallet stats, PnL, profit and loss, profit, loss, gains, returns, performance, how much did I make, how much did I lose, win rate, net worth, total value, portfolio value, total balance, how much is my wallet, wallet overview, wallet summary, wallet analysis, check wallet, view wallet, my portfolio, account balance, my LiberFi wallet, my TEE wallet, my account portfolio, check my account, my holdings without address. Chinese: 钱包, 持仓, 我的代币, 我持有什么, 余额, 钱包余额, 交易记录, 交易历史, 最近交易, 转账记录, 钱包统计, 盈亏, 利润, 亏损, 收益, 收益率, 胜率, 净值, 总价值, 钱包总价值, 钱包概览, 钱包分析, 查看钱包, 我的LiberFi钱包, 我的TEE钱包, 我的账户持仓, 不知道地址查我的钱包. CRITICAL: Always use `--json` flag for structured output. CRITICAL: Public `wallet` commands require both chain and wallet address — always ask the user for these if not provided. CRITICAL: `me` commands do NOT require a wallet address — they use the authenticated user's TEE wallet automatically. They DO require authentication (run `lfi status` first, then `lfi login key` if needed). Do NOT use this skill for: - Token search, info, security audit, K-line → use liberfi-token - Trending tokens or new token rankings → use liberfi-market - Swap quotes, trade execution, or transaction broadcast → use liberfi-swap - Token holder analysis (for a specific token) → use liberfi-token Do NOT activate on vague inputs like "wallet" alone without a wallet address or clear intent to check portfolio data.