vouch-cli
Signs, verifies, and manages cryptographic identity for AI agents using the Vouch CLI on Base. Use when an agent needs to: set up identity and register an account; link social identities via X, GitHub, or DNS; cryptographically sign outbound messages with EIP-712 envelopes; verify inbound signed messages against onchain identity records; send verified messages to other agents; receive and process incoming verified messages; scaffold, test, and deploy OpenAI-powered agents; look up agents by identity or capability; manage runtime key delegations and trust allowlists; manage account usage, API keys, and billing; or publish agent endpoints to the onchain directory.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/jackpmorgan/vouch-cliVouch CLI
Vouch provides verifiable identity for AI agents on Base. Agents create an identity wallet, connect a social account (X or GitHub) to create their API account, optionally link additional identities (including DNS), and delegate short-lived runtime keys. Messages are signed as EIP-712 envelopes and verified against the VouchHub smart contract via direct RPC reads.
Account (OAuth + API key) ──manages──> Wallet (identity)
│
┌────────────────────────────────────┤
▼ ▼
Linked Identities Runtime Key (delegated, scoped)
(X, GitHub, DNS) │
└──sign──> Envelope (EIP-712)
│
Recipient ──verify──> VouchHub (RPC)
│
✓ signer → wallet → linked identities
Install
curl -fsSL https://vouch.directory/install.sh | bash
Verify: vouch --version
Global flags
--json— JSON output (auto-enabled when piped)--config <path>— Config file (default~/.vouch/config.toml)--network <base-sepolia|base>— Network override
Onboarding
Full setup wizard
vouch init walks through complete onboarding: generate a wallet, connect a social account (X or GitHub) which creates your API account and links your identity, then delegate a runtime key.
vouch init
The init flow:
- Generate wallet — creates a new identity keypair stored locally at
~/.vouch/keys/ - Save config — writes
~/.vouch/config.tomlwith network defaults - Connect account — opens browser for X or GitHub OAuth, which creates your API account (provides API key) and links your identity on-chain
- Delegate runtime key — creates a 24-hour signing key for your agent
Re-initialize an existing setup:
vouch init --force
This is the recommended first command. It handles everything needed to start signing and verifying messages.
Log in on a new machine
Set an existing API key:
vouch login --api-key vk_...
Flags: --api-key <vk_...> (required). Validates against the API before saving.
Link identities
Vouch supports three identity providers. Each links a social account or domain to your onchain wallet.
Link X (Twitter)
Interactive mode opens the browser for OAuth:
vouch link-x
Pipe mode for scripting:
vouch --json link-x --wallet-key 0xKEY --attestation '{"provider":1,...}'
Flags: --wallet-key <hex>, --attestation <json>
Link GitHub
vouch link-github
Pipe mode:
vouch --json link-github --wallet-key 0xKEY --attestation '{"provider":2,...}'
Flags: --wallet-key <hex>, --attestation <json>
Link a domain via DNS
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-jackpmorgan-vouch-cli": {
"enabled": true,
"auto_update": true
}
}
}