login
getpara

para-wallet

by @getpara in AI & LLM
0
0
# Install this skill:
npx skills add getpara/para-wallet-skill

Or install specific skill: npx add-skill https://github.com/getpara/para-wallet-skill

# Description

Create blockchain wallets and sign transactions using Para's MPC infrastructure where the private key never exists in a single place. Supports EVM and Solana chains via three REST endpoints.

# SKILL.md

name: para-wallet
description: Create blockchain wallets and sign transactions using Para's MPC infrastructure where the private key never exists in a single place. Supports EVM and Solana chains via three REST endpoints.
metadata:
author: para
version: "1.0"
openclaw.requires.env: ["PARA_API_KEY"]

Overview

Para provides MPC (Multi-Party Computation) wallets where the private key is split into shares and never assembled in a single place. This makes Para ideal for AI agents that need to create wallets and sign transactions without ever holding a full private key.

All operations use Para's REST API with a single API key for authentication.

  • Base URL (Beta): https://api.beta.getpara.com
  • Base URL (Production): https://api.getpara.com
  • Auth: Pass your API key in the X-API-Key header on every request
  • Content-Type: application/json
  • Request tracing: Optionally pass X-Request-Id (UUID) for tracing; Para generates one if omitted

Setup

  1. Get an API key from developer.getpara.com
  2. Set the environment variable:
    export PARA_API_KEY="your-secret-api-key"
  3. Use the Beta base URL (https://api.beta.getpara.com) during development. Switch to Production for mainnet.

Create a Wallet

POST /v1/wallets

Creates a new MPC wallet for a user. Each combination of type + scheme + userIdentifier produces exactly one wallet. Attempting to create a duplicate returns a 409 with the existing walletId.

Request Body

Field Type Required Description
type string Yes EVM, SOLANA, or COSMOS
userIdentifier string Yes User identifier (email, phone, or custom ID)
userIdentifierType string Yes EMAIL, PHONE, CUSTOM_ID, GUEST_ID, TELEGRAM, DISCORD, or TWITTER
scheme string No Signature scheme: DKLS, CGGMP, or ED25519 (defaults based on wallet type)

EVM Example

curl -X POST https://api.beta.getpara.com/v1/wallets \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $PARA_API_KEY" \
  -d '{
    "type": "EVM",
    "userIdentifier": "[email protected]",
    "userIdentifierType": "EMAIL"
  }'

Solana Example

curl -X POST https://api.beta.getpara.com/v1/wallets \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $PARA_API_KEY" \
  -d '{
    "type": "SOLANA",
    "userIdentifier": "[email protected]",
    "userIdentifierType": "EMAIL"
  }'

Response (201 Created)

The wallet starts in creating status. You must poll until it reaches ready.

{
  "id": "0a1b2c3d-4e5f-6789-abcd-ef0123456789",
  "type": "EVM",
  "scheme": "DKLS",
  "status": "creating",
  "createdAt": "2024-01-15T09:30:00Z"
}

The response includes a Location header with the wallet's URL:

Location: /v1/wallets/0a1b2c3d-4e5f-6789-abcd-ef0123456789

Polling for Ready Status

After creating a wallet, poll GET /v1/wallets/{walletId} until status becomes ready:

# Poll every 1 second until the wallet is ready
WALLET_ID="0a1b2c3d-4e5f-6789-abcd-ef0123456789"
while true; do
  RESPONSE=$(curl -s https://api.beta.getpara.com/v1/wallets/$WALLET_ID \
    -H "X-API-Key: $PARA_API_KEY")
  STATUS=$(echo "$RESPONSE" | grep -o '"status":"[^"]*"' | cut -d'"' -f4)
  if [ "$STATUS" = "ready" ]; then
    echo "$RESPONSE"
    break
  fi
  sleep 1
done

Get Wallet Status

GET /v1/wallets/{walletId}

Retrieves the current status and details of a wallet.

Request

curl https://api.beta.getpara.com/v1/wallets/0a1b2c3d-4e5f-6789-abcd-ef0123456789 \
  -H "X-API-Key: $PARA_API_KEY"

Response (200 OK)

When the wallet is ready, the response includes the address and public key:

{
  "id": "0a1b2c3d-4e5f-6789-abcd-ef0123456789",
  "type": "EVM",
  "scheme": "DKLS",
  "status": "ready",
  "address": "0x742d35Cc6634C0532925a3b844Bc9e7595f...",
  "publicKey": "04a1b2c3d4e5f6...",
  "createdAt": "2024-01-15T09:30:00Z"
}

Response Fields

Field Type Description
id string Unique wallet identifier (UUID)
type string Blockchain network: EVM, SOLANA, or COSMOS
scheme string Signature scheme: DKLS, CGGMP, or ED25519
status string creating or ready
address string Wallet address (present when status is ready)
publicKey string Public key (present when status is ready)
createdAt string ISO 8601 creation timestamp

Sign Data

POST /v1/wallets/{walletId}/sign-raw

Signs arbitrary data using the wallet's MPC key shares. The private key is never assembled β€” each share signs independently and the results are combined.

Important: The wallet must be in ready status before signing.

Request Body

Field Type Required Description
data string Yes Data to sign as a 0x-prefixed hex string

EVM Example

Sign a message hash (e.g., a keccak256 hash of a transaction):

curl -X POST https://api.beta.getpara.com/v1/wallets/0a1b2c3d-4e5f-6789-abcd-ef0123456789/sign-raw \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $PARA_API_KEY" \
  -d '{
    "data": "0x48656c6c6f20576f726c64"
  }'

Solana Example

Sign a serialized Solana transaction:

curl -X POST https://api.beta.getpara.com/v1/wallets/aabbccdd-1122-3344-5566-778899aabbcc/sign-raw \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $PARA_API_KEY" \
  -d '{
    "data": "0x01000103b5d..."
  }'

Response (200 OK)

{
  "signature": "a1b2c3d4e5f6..."
}

The signature is a hex string without the 0x prefix.

Key Concepts

Wallet Uniqueness

Each combination of type + scheme + userIdentifier maps to exactly one wallet. If you try to create a duplicate, the API returns 409 Conflict with the existing wallet's ID in the response body. Use this to safely retry or look up existing wallets.

Async Wallet Creation

Wallet creation is asynchronous. The POST /v1/wallets call returns immediately with status: "creating". You must poll GET /v1/wallets/{walletId} until status becomes "ready" before you can use the wallet to sign.

MPC Security Model

Para uses Multi-Party Computation so the full private key never exists on any single machine. Key shares are distributed across independent parties. When you call sign-raw, each party signs with their share and the results are combined into a valid signature. This means:

  • No single point of compromise can leak the private key
  • Agents can sign transactions without ever having access to a full key
  • Signing is functionally equivalent to a normal signature from the blockchain's perspective

Error Reference

All error responses include a message field describing the issue.

Status Message Cause Action
400 "type must be one of EVM, SOLANA, COSMOS" Invalid or missing request body fields Check required fields and enum values
401 "secret api key not provided" Missing X-API-Key header Add the X-API-Key header with your API key
403 "invalid secret api key" API key is wrong or revoked Verify your API key at developer.getpara.com
404 "wallet not found" Wallet ID doesn't exist or doesn't belong to your account Check the wallet ID
409 "a wallet for this identifier and type already exists" Duplicate wallet creation attempted Use the returned walletId to access the existing wallet
500 "Internal Server Error" Server-side issue Retry with exponential backoff

409 Conflict Response

The 409 response includes the existing wallet's ID so you can retrieve it:

{
  "message": "a wallet for this identifier and type already exists",
  "walletId": "0a1b2c3d-4e5f-6789-abcd-ef0123456789"
}

Complete Example: Create Wallet and Sign

# 1. Create an EVM wallet
RESPONSE=$(curl -s -X POST https://api.beta.getpara.com/v1/wallets \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $PARA_API_KEY" \
  -d '{
    "type": "EVM",
    "userIdentifier": "[email protected]",
    "userIdentifierType": "EMAIL"
  }')

WALLET_ID=$(echo "$RESPONSE" | grep -o '"id":"[^"]*"' | cut -d'"' -f4)
echo "Created wallet: $WALLET_ID"

# 2. Poll until ready
while true; do
  WALLET=$(curl -s https://api.beta.getpara.com/v1/wallets/$WALLET_ID \
    -H "X-API-Key: $PARA_API_KEY")
  STATUS=$(echo "$WALLET" | grep -o '"status":"[^"]*"' | cut -d'"' -f4)
  if [ "$STATUS" = "ready" ]; then
    echo "Wallet is ready"
    echo "$WALLET"
    break
  fi
  echo "Status: $STATUS β€” waiting..."
  sleep 1
done

# 3. Sign data
SIGNATURE=$(curl -s -X POST https://api.beta.getpara.com/v1/wallets/$WALLET_ID/sign-raw \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $PARA_API_KEY" \
  -d '{"data": "0x48656c6c6f"}')

echo "Signature: $SIGNATURE"

# README.md

Para Wallet Skill

A ClawhHub Agent Skill that teaches AI agents to create blockchain wallets and sign transactions using Para's MPC infrastructure.

What It Does

Gives agents the knowledge to use Para's REST API for:

  • Creating wallets on EVM and Solana
  • Checking wallet status (async creation with polling)
  • Signing arbitrary data via MPC β€” the private key never exists in one place

Install

npm i -g clawdhub && clawdhub install para-wallet

Or copy SKILL.md directly into your agent's skills directory.

Setup

  1. Get an API key from developer.getpara.com
  2. Set the environment variable:
    export PARA_API_KEY="your-secret-api-key"

API Endpoints Covered

Endpoint Method Purpose
/v1/wallets POST Create a wallet (EVM/Solana)
/v1/wallets/{walletId} GET Get wallet status + address
/v1/wallets/{walletId}/sign-raw POST Sign 0x-hex data via MPC

Why Para for Agents

The Private Key Never Exists

Other agent wallet solutions split or encrypt the private key, but still reconstruct it in full inside a Trusted Execution Environment (TEE) at the moment of signing. Whether it's Shamir Secret Sharing or encrypted-key-in-enclave architectures, the complete key exists β€” even if only ephemerally β€” creating a single point of compromise.

Para uses MPC (Multi-Party Computation) where the private key is never generated, stored, or reconstructed in a single place. Each party holds a key share and signs independently. The partial signatures are combined into a valid signature without any party ever seeing the complete key. There is no moment where the full key exists, not even in a TEE.

Plain REST, No SDK Required

Other agent wallet skills require installing server auth packages, setting up authorization keys, or pulling in full frameworks with wallet providers and LangChain bindings.

Para is three REST endpoints. Any agent that can make an HTTP request can create wallets and sign transactions. This skill is a single Markdown file β€” not a runtime dependency.

Multi-Chain, Same API Shape

With Para, you change "type": "EVM" to "type": "SOLANA" in the same request body, to the same endpoint. One API shape across chains β€” no separate methods, providers, or SDKs per chain.

At a Glance

Para Other Solutions
Key management MPC β€” key never exists Key reconstructed or decrypted in TEE
Integration 3 REST endpoints SDKs, frameworks, auth packages
Chains EVM + Solana (same endpoint) Separate methods/providers per chain
Skill format Single Markdown file SDK wrappers or framework plugins

License

MIT

# Related Skills

# Supported AI Coding Agents

This skill is compatible with the SKILL.md standard and works with all major AI coding agents:

⚑ Amp πŸš€ Antigravity πŸ€– Claude Code πŸ¦€ Clawdbot πŸ“ Codex ▢️ Cursor πŸ€– Droid πŸ’Ž Gemini CLI πŸ™ GitHub Copilot πŸͺΏ Goose πŸ“Š Kilo Code πŸ”§ Kiro CLI πŸ’» OpenCode 🦘 Roo Code 🌲 Trae πŸ„ Windsurf

Learn more about the SKILL.md standard and how to use these skills with your preferred AI coding agent.