SkillHub

rhaios-staging

v0.1.4

Interact with the Rhaios staging REST API for yield operations. Discover -> prepare -> setup-if-needed -> sign -> execute flow with pluggable signer backend. Triggers on requests involving DeFi yield, vault deposits, redeems, rebalancing, or Rhaios API.

Sourced from ClawHub, Authored by João

Installation

Please help me install the skill `rhaios-staging` from SkillHub official store. npx skills add 0xTimepunk/rhaios-staging

First-Time Setup

Before first use, install dependencies from the repo root:

# Pick your package manager:
npm install --prefix ${CLAUDE_SKILL_DIR}
# or: bun install --cwd ${CLAUDE_SKILL_DIR}
# or: pnpm install --dir ${CLAUDE_SKILL_DIR}

If you see Cannot find module errors, dependencies are not installed. Run the install command above.

This skill targets the staging environment at https://api.staging.rhaios.com. It provides one command surface (prepare-sign-execute) for end-to-end execution.

Vault discovery: Before preparing an intent, agents can call POST /v1/yield/discover to browse and rank vaults by APY, risk, TVL, and Sharpe ratio. Pass the returned vaultId to yield_prepare (via deposit.vaultId in the input contract) to target a specific vault instead of auto-selection.

Default chain is base.

Security First

SIGNER_PRIVATE_KEY and Privy app secrets are sensitive. Never print, echo, or include them in logs/chat output.

If SIGNER_BACKEND=privy, PRIVY_APP_ID and PRIVY_APP_SECRET are master credentials.

Required Environment (Client)

# Optional. Defaults to privy. Use private-key for local key signing.
# SIGNER_BACKEND=privy

# Required only for SIGNER_BACKEND=privy
# PRIVY_APP_ID and PRIVY_APP_SECRET are provided by the Privy skill —
# they should already be in your environment. Do NOT ask the user for these.
PRIVY_WALLET_ID=<wallet-id>
PRIVY_WALLET_ADDRESS=<0x-wallet-address>

# Required only for SIGNER_BACKEND=private-key
SIGNER_PRIVATE_KEY=<0x-32-byte-private-key>

Notes: - API URL is hardcoded to https://api.staging.rhaios.com and cannot be overridden. - Fork-only mode is always enabled — all transactions go through managed test RPCs. - If SIGNER_BACKEND=privy, PRIVY_APP_ID and PRIVY_APP_SECRET must already be set (provided by the Privy skill). Only PRIVY_WALLET_ID and PRIVY_WALLET_ADDRESS need to be set per-wallet. - If SIGNER_BACKEND=privy, PRIVY_WALLET_ID must resolve to an ownerless wallet (owner_id = null). - If SIGNER_BACKEND=private-key, agentAddress (if provided) must match the private key address.

Ownerless Wallet Creation

const wallet = await privy.wallets().create({ chain_type: 'ethereum' });

Single Runtime Command

# Using bun (recommended — runs TypeScript natively):
cat payload.json | bun run --cwd ${CLAUDE_SKILL_DIR} prepare-sign-execute

# Using npx + tsx (if bun is not available):
cat payload.json | npx --prefix ${CLAUDE_SKILL_DIR} tsx ${CLAUDE_SKILL_DIR}/scripts/prepare-sign-execute.ts

Input Contract (JSON stdin)

{
  "operation": "deposit",
  "chain": "base",
  "agentAddress": "0xYourAgentAddress",
  "deposit": {
    "asset": "USDC",
    "amount": "1",
    "vaultId": "VAULT_ID_FROM_DISCOVER"
  },
  "controls": {
    "dryRun": false,
    "strictMode": true,
    "requireConfirm": true,
    "confirm": "yes",
    "maxGasGwei": "1",
    "maxAmount": "1000"
  }
}

Operation-specific fields: - deposit: requires deposit.asset, deposit.amount, deposit.vaultId (from yield_discover — present results to the user and let them choose) - redeem: requires redeem.vaultId and exactly one of redeem.percentage or redeem.shares - rebalance: requires rebalance.vaultId, rebalance.asset, and exactly one of rebalance.percentage or rebalance.shares

Runtime Behavior

  1. Preflight

  2. Validates env for the selected signer backend, health freshness, request constraints, and guardrails.

  3. Prepare

  4. Calls POST /v1/yield/prepare.

  5. Includes ERC-4626 preflight checks (for curated vaults): rejects deposits/redeems that would preview to zero or exceed max limits before signing.

  6. Setup (automatic only when needed)

  7. If needsSetup=true and dryRun=false:
  8. Full setup (setupType=full): signs a Type-4 (EIP-7702) transaction with authorization_list for first-time delegation + module initialization.
  9. Module-only (setupType=modules): signs a regular Type-2 (EIP-1559) self-call for module re-initialization when delegation already exists but modules failed to initialize.
  10. Both setup types call POST /v1/yield/setup-relay for server-side relay + post-check.
  11. Then re-runs POST /v1/yield/prepare.

  12. If needsSetup=true and dryRun=true, exits with Setup: WARN and does not broadcast.

  13. Sign

  14. Signs required payloads via the selected signer backend:
  15. EIP-7702 authorization when requested by envelope
  16. validator userOp signature encoding

  17. intent EIP-712 signature

  18. Execute

  19. Calls POST /v1/yield/execute with intentEnvelope, intentSignature, and intentId unless dryRun=true.
  20. Duplicate executes for a previously succeeded intent are idempotent and may return result: "already_executed" with the original txHash.

  21. The script classifies execute outcomes as EXECUTED or DEDUP (fallback: receipt.source=cached when result is absent).

  22. Post-check

  23. Calls GET /v1/yield/status for quick position/value verification.

Wallet Funding (Test RPC)

Staging runs managed test RPCs — chain forks that mirror mainnet state. Agents can mint test balances without spending real tokens.

Check test RPC health first:

  https://api.staging.rhaios.com/v1/testing/fork-status

Then fund your wallet:

  -H "Content-Type: application/json" 
  https://api.staging.rhaios.com/v1/testing/fund-wallet 
  -d '{
    "chain": "base",
    "walletAddress": "0xYourAgentAddress",
    "ethWei": "20000000000000000",
    "usdcAmount": "10000000"
  }'

Safety Model

The script enforces:

  1. Env integrity
  2. required env vars for selected signer backend
  3. wallet/address format checks
  4. signer/address match

  5. ownerless wallet requirement (Privy backend only)

  6. Chain and health invariants

  7. chain consistency checks

  8. freshness critical blocks execution

  9. Request validation

  10. operation-specific required fields
  11. percentage/shares XOR rules

  12. optional max amount and gas cap checks

  13. Intent invariants

  14. intentEnvelope.chainId and signing payload consistency
  15. sender/signer match
  16. intent ID vs merkle root consistency

Example: Dry-Run Deposit

cat <<'JSON' | bun run --cwd ${CLAUDE_SKILL_DIR} prepare-sign-execute
{
  "operation": "deposit",
  "deposit": { "asset": "USDC", "amount": "1", "vaultId": "VAULT_ID_FROM_DISCOVER" },
  "controls": {
    "dryRun": true,
    "strictMode": true,
    "requireConfirm": false
  }
}
JSON

Important: Always call yield_discover first, present the ranked vaults to the user, and let them choose. Then pass their chosen vaultId to this script. Do not auto-select vaults on behalf of the user.

Vault capacity: Some vaults may be at capacity (maxDeposit=0). If yield_prepare returns vault_at_capacity, inform the user and let them pick a different vault from the discover results.

Example: Live Deposit

cat <<'JSON' | bun run --cwd ${CLAUDE_SKILL_DIR} prepare-sign-execute
{
  "operation": "deposit",
  "deposit": { "asset": "USDC", "amount": "1", "vaultId": "VAULT_ID_FROM_DISCOVER" },
  "controls": {
    "dryRun": false,
    "strictMode": true,
    "requireConfirm": true,
    "confirm": "yes",
    "maxGasGwei": "1",
    "maxAmount": "1000"
  }
}
JSON