aperture
Install and run Aperture, the L402 Lightning reverse proxy from Lightning Labs. Use when creating L402 paywalls, configuring paid API endpoints, hosting paid content for other agents, or testing L402 authentication flows.
Why use this skill?
Install and manage Aperture to build Lightning Network paywalls and monetize your APIs with L402 protocol support in OpenClaw.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/roasbeef/apertureWhat This Skill Does
The Aperture skill provides a seamless interface for installing, configuring, and managing Aperture, the L402 Lightning reverse proxy developed by Lightning Labs. Aperture acts as a gatekeeper for your backend services, enforcing access control via the L402 protocol, which combines the macaroon authentication system with Lightning Network micropayments. By installing this skill, you transform any HTTP-based service into a pay-per-use endpoint, allowing you to monetize content, APIs, or data services directly over the Bitcoin Lightning Network without requiring traditional account sign-ups or payment processors.
Installation
Installation is handled through the integrated scripts provided in the skill directory. Simply execute skills/aperture/scripts/install.sh to download and install the binary via Go. Following installation, use skills/aperture/scripts/setup.sh to generate the necessary aperture.yaml configuration file. Note that Aperture requires a connection to a functional LND (Lightning Network Daemon) node. Ensure that you have an invoice.macaroon available, as this is critical for generating payment invoices for your users. You can bake this specific macaroon using the macaroon-bakery skill if it is not already present in your LND data directory.
Use Cases
- API Monetization: Expose premium data feeds or AI model endpoints that require a few satoshis per request.
- Paid Content Hosting: Create paywalls for static files or media assets where the link only decrypts or becomes accessible after a Lightning payment.
- Rate Limiting: Protect your infrastructure by requiring payment, which naturally prevents spam and resource exhaustion from malicious actors.
- L402 Testing: Use this skill as a local sandbox to experiment with L402 flow integration in your own client-side applications.
Example Prompts
- "Setup Aperture to protect my localhost:3000 web service and require 100 sats per request."
- "Help me check why my Aperture instance is failing to generate invoices for the L402 challenge."
- "Stop the current Aperture proxy and regenerate the configuration to use my testnet LND node instead of mainnet."
Tips & Limitations
Aperture is strictly a reverse proxy; it does not replace your backend authentication logic entirely but acts as a robust perimeter. Always ensure your invoice.macaroon has restricted permissions to prevent unauthorized spending or node control. Since Aperture relies on direct LND interaction, ensure your node is synced and has sufficient inbound liquidity to receive payments. For development, use the --insecure and --no-auth flags during setup to bypass TLS and payment requirements until you are ready for production deployment.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-roasbeef-aperture": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: network-access, file-write, file-read, code-execution
Related Skills
lnd
Install and run Lightning Terminal (litd) which bundles lnd, loop, pool, tapd, and faraday in a single Docker container. Defaults to neutrino backend with SQLite storage on testnet. Supports watch-only mode with remote signer, standalone mode, and regtest development. Use when setting up a Lightning node for payments, channel management, liquidity management (loop), channel marketplace (pool), taproot assets (tapd), or enabling agent L402 commerce.
lightning-mcp-server
Build and configure the MCP server for Lightning Node Connect (LNC). Connects AI assistants to lnd nodes via encrypted WebSocket tunnels using pairing phrases — no direct network access or TLS certs needed. Read-only by default (18 tools for querying node state, channels, payments, invoices, peers, on-chain data).
lnget
Install and use lnget, a Lightning-native HTTP client with automatic L402 payment support. Use when downloading files behind Lightning paywalls, managing L402 tokens, checking Lightning backend status, or making HTTP requests that may require micropayments.
macaroon-bakery
Bake, inspect, and manage lnd macaroons for least-privilege agent access. Use when an agent needs scoped credentials — pay-only, invoice-only, read-only, or custom permissions. Also covers signer macaroon scoping and macaroon rotation.
commerce
End-to-end agentic commerce workflow using Lightning Network. Use when an agent needs to set up a full payment stack (lnd + lnget + aperture), buy or sell data via L402, or enable agent-to-agent micropayments.