nihao：Nostr 身份设置与健康检查命令行工具

AI智能体脚本智能办公脚本自动化游戏脚本浏览器自动化脚本服务器脚本

nihao：Nostr 身份设置与健康检查命令行工具 - Openclaw Skills

作者：互联网

2026-03-30

AI教程

什么是 nihao？

nihao 是一款强大的基于 Go 语言的命令行界面，旨在简化 Nostr 身份的生命周期管理。它允许用户和 AI 代理通过单个命令生成 Ed25519 密钥对、发布元数据（kind 0）、配置中继列表（kind 10002）以及建立 NIP-60 Cashu 钱包。通过专注于非交互式执行和结构化 JSON 输出，它成为需要程序化身份管理的 Openclaw Skills 的关键桥梁。

除了初始设置外，该工具还提供了一个全面的审计系统，根据个人资料完整性、NIP-05 验证和中继可达性为现有 npub 的健康状况评分。其架构优先考虑安全性，确保除非通过安全管道或受保护文件明确要求，否则私钥绝不会持久化到磁盘，这使其成为自动化开发人员工作流的理想选择。

下载入口:https://github.com/openclaw/skills/tree/main/skills/dergigi/nihao

安装与下载

1. ClawHub CLI

从源直接安装技能的最快方式。

npx clawhub@latest install nihao

2. 手动安装

将技能文件夹复制到以下位置之一

全局模式 ~/.openclaw/skills/ 工作区 /skills/

优先级：工作区 > 本地 > 内置

3. 提示词安装

将此提示词复制到 OpenClaw 即可自动安装。

请帮我使用 Clawhub 安装 nihao。如果尚未安装 Clawhub，请先安装（npm i -g clawhub）。

Install

nihao 应用场景

为 Openclaw Skills 中的 AI 代理自动化创建新的 Nostr 人格。
定期对 Nostr 个人资料进行健康审计，以确保中继连接性和 NIP-05 有效性。
使用内置的备份和导出功能在中继之间迁移身份事件。
通过命令行管道集成密码管理器，安全地管理 Nostr 私钥。

nihao 工作原理

用户或代理使用特定的身份参数（如名称和简介）调用 nihao 二进制文件。
工具生成加密安全的 Ed25519 密钥对，并构建必要的 Nostr 事件类型，如个人资料元数据和中继列表。
它通过 WebSockets 连接到默认或指定的中继，以发布身份数据并验证可达性。
对于审计，它会探测网络以验证 NIP-05 标识符、LNURL 解析和 Cashu 铸币站状态。
工具返回一个结构化的 JSON 对象，包含 npub、中继和健康评分，供程序直接使用。

nihao 配置指南

确保已安装 Go 1.21+，然后运行以下命令从源码编译二进制文件：

go install github.com/dergigi/nihao@latest

要初始化新身份并安全保存密钥，请使用：

nihao --name "MyAgent" --nsec-file ./nsec.key --json

nihao 数据架构与分类体系

nihao 主要通过 stdout 和结构化 JSON 处理数据。对于设置操作，架构包括：

字段	描述
`npub`	Bech32 编码的公钥
`nsec`	Bech32 编码的私钥（仅在请求时提供）
`relays`	用于身份的 WebSocket URL 数组
`score`	代表审计期间个人资料健康状况的整数 (0-8)

身份备份将导出为标准 Nostr 事件对象的 JSON 数组，包括个人资料、关注列表和中继列表。

name: nihao
description: Nostr identity setup and health-check CLI. Creates a complete Nostr identity (keypair, profile, relay list, lightning address, Cashu wallet) in one command. Audits existing npub health with a 0–8 score. Single Go binary, non-interactive, agent-friendly.
tags: nostr, bitcoin, lightning, cashu, identity, health-check

nihao ??

Nostr identity setup and health-check CLI. Single binary, non-interactive, agent-friendly.

Source: https://github.com/dergigi/nihao

Capabilities Disclosure

This skill installs a single Go binary (nihao) that:

Generates Nostr keypairs — random Ed25519 key generation via crypto/rand
Publishes events — kind 0 (profile), kind 3 (follows), kind 1 (note), kind 10002 (relay list), kind 10050 (DM relays), kind 17375 (wallet), kind 10019 (nutzap info)
Makes HTTP requests — NIP-05 verification, LNURL resolution, Cashu mint validation, relay NIP-11 probes, image HEAD checks
Connects to Nostr relays — WebSocket connections to publish and query events

It does not:

Store keys on disk (prints nsec to stdout; use --nsec-file to write to a file or --nsec-cmd to pipe to a command)
Run as a daemon or background process
Access local files beyond the binary itself
Require any accounts, API keys, or KYC

Prerequisites

Go 1.21+ — required to compile the binary from source. Check with go version.
- Install: https://go.dev/dl/ or via your package manager (brew install go, apt install golang, etc.)

Install

nihao is distributed as source code compiled locally via Go's standard toolchain. No pre-built binaries are downloaded — the code is fetched from GitHub, compiled on your machine, and placed in your $GOPATH/bin.

go install github.com/dergigi/nihao@latest

Verify: nihao version

The source is fully auditable at https://github.com/dergigi/nihao.

On Install

When an agent installs this skill:

Step 1: Install Binary

go install github.com/dergigi/nihao@latest

Step 2: Create Identity

nihao --name "" --about "" --nsec-file ./nsec.key --json --quiet

This generates a keypair, publishes the identity, and securely writes the nsec to ./nsec.key with 0600 permissions. Parse the JSON output to extract npub, pubkey, and relays.

?? The nsec cannot be recovered if lost. Always use --nsec-file or --nsec-cmd to persist it securely.

Step 3: Report to User

Tell the user:

Their agent's npub
Their agent's lightning address (default: @npub.cash)
Remind them to back up the nsec

Step 4: (Optional) Follow Owner

If the user provides their npub, the agent should follow them. nihao doesn't handle follows of specific npubs — use nak or another tool for that.

Setup — Create a New Identity

nihao --name "AgentName" --about "I do things" --json

What this does:

Generates a Nostr keypair (or uses --sec/--stdin)
Publishes profile metadata (kind 0)
Publishes relay list (kind 10002) with NIP-65 read/write markers
Publishes DM relay list (kind 10050) per NIP-17
Publishes follow list (kind 3)
Sets up a NIP-60 Cashu wallet (kind 17375 + kind 10019)
Sets lightning address to @npub.cash
Posts a first note with #nihao hashtag

Setup Flags

Flag	Purpose
`--name`	Display name (default: "nihao-user")
`--about`	Bio
`--picture`	Profile picture URL
`--banner`	Banner image URL
`--nip05`	NIP-05 identifier
`--lud16`	Lightning address (default: `npub@npub.cash`)
`--relays`	Override default relay list
`--discover`	Discover relays from well-connected npubs
`--dm-relays`	Override DM relay list (kind 10050)
`--no-dm-relays`	Skip DM relay list publishing
`--mint`	Custom Cashu mint (repeatable)
`--no-wallet`	Skip wallet setup
`--sec, --nsec`	Use existing secret key
`--stdin`	Read secret key from stdin
`--nsec-file`	Write nsec to file (0600 perms) for secure storage
`--nsec-cmd`	Pipe nsec to shell command (alias: `--nsec-exec`)
`--json`	JSON output for parsing
`--quiet, -q`	Suppress non-JSON, non-error output

Key Management

nihao never writes keys to disk by default. Secret keys are handled securely:

--nsec-file — writes nsec to a file with 0600 permissions (recommended for automation)
--nsec-cmd — pipes nsec to a command's stdin (e.g., a password manager), never as a CLI argument
--stdin — reads an existing key from stdin, avoiding shell history and process list exposure
--json output — includes nsec in structured output for programmatic parsing

?? Avoid passing raw nsec values as CLI arguments (e.g., --sec nsec1...) in shared environments, as arguments are visible in process listings. Prefer --stdin or --nsec-cmd instead.

# Generate and save securely
nihao --name "Bot" --nsec-file ./bot-nsec.key --json

# Pipe to password manager
nihao --name "Bot" --nsec-cmd "pass insert -m nostr/nsec" --json

# Use existing key via stdin (avoids process list exposure)
echo "$NSEC" | nihao --name "Bot" --stdin

Check — Audit an Existing Identity

nihao check npub1... --json

Checks and scores (0–8):

Check	What it does
`profile`	Kind 0 completeness (name, display_name, about, picture, banner)
`nip05`	NIP-05 live HTTP verification, root domain detection
`picture`	Image reachability, Blossom hosting detection, file size
`banner`	Same as picture
`lud16`	Lightning address LNURL resolution
`relay_list`	Kind 10002 presence, relay count
`relay_markers`	NIP-65 read/write marker analysis
`relay_quality`	Per-relay latency, NIP-11 support, reachability
`dm_relays`	Kind 10050 DM relay list (NIP-17)
`follow_list`	Kind 3 follow count
`nip60_wallet`	Kind 17375/37375 wallet presence
`nutzap_info`	Kind 10019 nutzap configuration
`wallet_mints`	Cashu mint reachability and validation

Check Flags

Flag	Purpose
`--json`	Structured JSON output
`--quiet, -q`	Suppress non-JSON output
`--relays`	Query these relays instead of defaults

Exit Codes

Code	Meaning
`0`	All checks pass (score = max)
`1`	One or more checks fail

Backup — Export Identity Events

nihao backup  > identity.json
nihao backup  --quiet > identity.json

Exports all identity-related events as JSON: kind 0 (profile), kind 3 (follows), kind 10002 (relay list), kind 10050 (DM relays), kind 10019 (nutzap info), kind 17375/37375 (wallet). JSON goes to stdout, progress to stderr. Use for snapshots, migration, or archival.

Backup Flags

Flag	Purpose
`--quiet, -q`	Suppress progress output (JSON always goes to stdout)
`--relays`	Query these relays instead of defaults

JSON Output

Both setup and check support --json for structured, parseable output.

Setup output:

{
  "npub": "npub1...",
  "nsec": "nsec1...",
  "pubkey": "hex...",
  "relays": ["wss://..."],
  "profile": { "name": "...", "lud16": "..." },
  "wallet": { "p2pk_pubkey": "02...", "mints": ["https://..."] }
}

Check output:

{
  "npub": "npub1...",
  "pubkey": "hex...",
  "score": 6,
  "max_score": 8,
  "checks": [
    { "name": "profile", "status": "pass", "detail": "..." },
    { "name": "nip05", "status": "fail", "detail": "not set" }
  ]
}

Integration

TOOLS.md

After setup, store for quick reference:

## Nostr Identity
- npub: npub1...
- Lightning: npub1...@npub.cash
- Relays: relay.damus.io, relay.primal.net, nos.lol

Periodic Health Check

Run nihao check --json --quiet on a schedule to monitor identity health. Parse the JSON and alert if score drops.

Security

No pre-built binaries — nihao is compiled from source on your machine via go install. The source is public and auditable.
No key storage — nihao does not persist keys unless explicitly told to via --nsec-file or --nsec-cmd.
No network exfiltration — the only network connections are to Nostr relays (WebSocket), NIP-05/LNURL endpoints (HTTPS), and Cashu mints (HTTPS). No telemetry, no analytics, no phoning home.
Stdin-first key input — when using an existing key, prefer --stdin over --sec to avoid process list exposure.
File permissions — --nsec-file writes with 0600 (owner read/write only).

Defaults

Setting	Value
Relays	relay.damus.io, relay.primal.net, nos.lol, purplepag.es
DM relays	nip17.com, relay.damus.io, relay.primal.net, nos.lol
Lightning	`@npub.cash`
Mints	minibits, coinos, macadamia
Wallet kind	17375 (NIP-60)

上一篇：Vynn 回测引擎：Openclaw Skills 的交易策略分析工具下一篇：假日乐消消官网-假日乐消消vs开心消消乐