什么是 Para MPC 浅包？

Para MPC 浅包通过多方计算 (MPC) 提供了一个管理区块链身份的强大框架。通过将私钥拆分为独立的份额，该技能确保完整的私钥永远不会存在于单台机器上，使其成为开发者构建安全 Openclaw Skills 的关键工具。它支持 EVM、Solana 和 Cosmos 网络，为浅包生成和数据签名提供统一的 REST API。

该技能专为 AI 代理必须与去中心化账本交互的高安全性环境而设计。通过利用 Para 基础设施，代理可以执行财务操作和身份验证，而无需承担传统私钥存储的相关风险，从而增强了 Openclaw Skills 集成的整体安全态势。

下载入口:https://github.com/openclaw/skills/tree/main/skills/adeets-22/para-wallet

安装与下载

1. ClawHub CLI

从源直接安装技能的最快方式。

2. 手动安装

将技能文件夹复制到以下位置之一

优先级：工作区 > 本地 > 内置

3. 提示词安装

将此提示词复制到 OpenClaw 即可自动安装。

Para MPC 浅包 应用场景

• 为 Openclaw Skills 生态系统内的 AI 代理提供自动化的链上交易签名。
• 为去中心化应用 (dApp) 安全地生成用户特定的浅包。
• 构建需要多链支持的非托管财务机器人。
• 通过中心化代理接口管理 EVM、Solana 和 Cosmos 的加密身份。

1. 代理使用唯一的用户标识符和区块链网络类型发起创建浅包的请求。
2. Para API 启动异步多方计算 (MPC) 密钥生成过程，并返回一个临时的浅包 ID。
3. 系统轮询浅包状态端点，直到状态从“正在创建”转换为“就绪”。
4. 状态确认就绪后，代理可以将十六进制编码的数据提交给签名端点。
5. Para 的分布式节点使用各自的密钥份额对数据进行签名，并返回用于链上的组合签名。

Para MPC 浅包 配置指南

1. 从 Para 开发者门户 (developer.getpara.com) 获取 API 密钥。
2. 在您的 Openclaw Skills 环境中设置所需的环境变量：

export PARA_API_KEY="your-secret-api-key"

3. 在转入生产环境进行实时主网交易之前，先使用 Beta 基础 URL (https://api.beta.getpara.com) 进行开发。

Para MPC 浅包 数据架构与分类体系

该技能使用结构化的 JSON 有效载荷与 Para API 交互，并遵循特定的元数据分类法来跟踪浅包。Openclaw Skills 浅包生命周期中涉及的主要数据字段包括：

name: para-wallet
description: Create blockchain wallets and sign transactions using Para's MPC infrastructure where the private key never exists in a single place. Supports EVM and Solana chains via three REST endpoints.
metadata:
  author: para
  version: "1.0"
  openclaw.requires.env: ["PARA_API_KEY"]

Overview

Para provides MPC (Multi-Party Computation) wallets where the private key is split into shares and never assembled in a single place. This makes Para ideal for AI agents that need to create wallets and sign transactions without ever holding a full private key.

All operations use Para's REST API with a single API key for authentication.

• Base URL (Beta): https://api.beta.getpara.com
• Base URL (Production): https://api.getpara.com
• Auth: Pass your API key in the X-API-Key header on every request
• Content-Type: application/json
• Request tracing: Optionally pass X-Request-Id (UUID) for tracing; Para generates one if omitted

Setup

1. Get an API key from developer.getpara.com
2. Set the environment variable:

   export PARA_API_KEY="your-secret-api-key"
   

3. Use the Beta base URL (https://api.beta.getpara.com) during development. Switch to Production for mainnet.

Create a Wallet

POST /v1/wallets

Creates a new MPC wallet for a user. Each combination of type + scheme + userIdentifier produces exactly one wallet. Attempting to create a duplicate returns a 409 with the existing walletId.

Request Body

EVM Example

curl -X POST https://api.beta.getpara.com/v1/wallets r
  -H "Content-Type: application/json" r
  -H "X-API-Key: $PARA_API_KEY" r
  -d '{
    "type": "EVM",
    "userIdentifier": "alice@example.com",
    "userIdentifierType": "EMAIL"
  }'

Solana Example

curl -X POST https://api.beta.getpara.com/v1/wallets r
  -H "Content-Type: application/json" r
  -H "X-API-Key: $PARA_API_KEY" r
  -d '{
    "type": "SOLANA",
    "userIdentifier": "alice@example.com",
    "userIdentifierType": "EMAIL"
  }'

Response (201 Created)

The wallet starts in creating status. You must poll until it reaches ready.

{
  "id": "0a1b2c3d-4e5f-6789-abcd-ef0123456789",
  "type": "EVM",
  "scheme": "DKLS",
  "status": "creating",
  "createdAt": "2024-01-15T09:30:00Z"
}

The response includes a Location header with the wallet's URL:

Location: /v1/wallets/0a1b2c3d-4e5f-6789-abcd-ef0123456789

Polling for Ready Status

After creating a wallet, poll GET /v1/wallets/{walletId} until status becomes ready:

# Poll every 1 second until the wallet is ready
WALLET_ID="0a1b2c3d-4e5f-6789-abcd-ef0123456789"
while true; do
  RESPONSE=$(curl -s https://api.beta.getpara.com/v1/wallets/$WALLET_ID r
    -H "X-API-Key: $PARA_API_KEY")
  STATUS=$(echo "$RESPONSE" | grep -o '"status":"[^"]*"' | cut -d'"' -f4)
  if [ "$STATUS" = "ready" ]; then
    echo "$RESPONSE"
    break
  fi
  sleep 1
done

Get Wallet Status

GET /v1/wallets/{walletId}

Retrieves the current status and details of a wallet.

Request

curl https://api.beta.getpara.com/v1/wallets/0a1b2c3d-4e5f-6789-abcd-ef0123456789 r
  -H "X-API-Key: $PARA_API_KEY"

Response (200 OK)

When the wallet is ready, the response includes the address and public key:

{
  "id": "0a1b2c3d-4e5f-6789-abcd-ef0123456789",
  "type": "EVM",
  "scheme": "DKLS",
  "status": "ready",
  "address": "0x742d35Cc6634C0532925a3b844Bc9e7595f...",
  "publicKey": "04a1b2c3d4e5f6...",
  "createdAt": "2024-01-15T09:30:00Z"
}

Response Fields

Sign Data

POST /v1/wallets/{walletId}/sign-raw

Signs arbitrary data using the wallet's MPC key shares. The private key is never assembled — each share signs independently and the results are combined.

Important: The wallet must be in ready status before signing.

Request Body

EVM Example

Sign a message hash (e.g., a keccak256 hash of a transaction):

curl -X POST https://api.beta.getpara.com/v1/wallets/0a1b2c3d-4e5f-6789-abcd-ef0123456789/sign-raw r
  -H "Content-Type: application/json" r
  -H "X-API-Key: $PARA_API_KEY" r
  -d '{
    "data": "0x48656c6c6f20576f726c64"
  }'

Solana Example

Sign a serialized Solana transaction:

curl -X POST https://api.beta.getpara.com/v1/wallets/aabbccdd-1122-3344-5566-778899aabbcc/sign-raw r
  -H "Content-Type: application/json" r
  -H "X-API-Key: $PARA_API_KEY" r
  -d '{
    "data": "0x01000103b5d..."
  }'

Response (200 OK)

{
  "signature": "a1b2c3d4e5f6..."
}

The signature is a hex string without the 0x prefix.

Key Concepts

Wallet Uniqueness

Each combination of type + scheme + userIdentifier maps to exactly one wallet. If you try to create a duplicate, the API returns 409 Conflict with the existing wallet's ID in the response body. Use this to safely retry or look up existing wallets.

Async Wallet Creation

Wallet creation is asynchronous. The POST /v1/wallets call returns immediately with status: "creating". You must poll GET /v1/wallets/{walletId} until status becomes "ready" before you can use the wallet to sign.

MPC Security Model

Para uses Multi-Party Computation so the full private key never exists on any single machine. Key shares are distributed across independent parties. When you call sign-raw, each party signs with their share and the results are combined into a valid signature. This means:

• No single point of compromise can leak the private key
• Agents can sign transactions without ever having access to a full key
• Signing is functionally equivalent to a normal signature from the blockchain's perspective

Error Reference

All error responses include a message field describing the issue.

409 Conflict Response

The 409 response includes the existing wallet's ID so you can retrieve it:

{
  "message": "a wallet for this identifier and type already exists",
  "walletId": "0a1b2c3d-4e5f-6789-abcd-ef0123456789"
}

Complete Example: Create Wallet and Sign

# 1. Create an EVM wallet
RESPONSE=$(curl -s -X POST https://api.beta.getpara.com/v1/wallets r
  -H "Content-Type: application/json" r
  -H "X-API-Key: $PARA_API_KEY" r
  -d '{
    "type": "EVM",
    "userIdentifier": "agent-1@myapp.com",
    "userIdentifierType": "EMAIL"
  }')

WALLET_ID=$(echo "$RESPONSE" | grep -o '"id":"[^"]*"' | cut -d'"' -f4)
echo "Created wallet: $WALLET_ID"

# 2. Poll until ready
while true; do
  WALLET=$(curl -s https://api.beta.getpara.com/v1/wallets/$WALLET_ID r
    -H "X-API-Key: $PARA_API_KEY")
  STATUS=$(echo "$WALLET" | grep -o '"status":"[^"]*"' | cut -d'"' -f4)
  if [ "$STATUS" = "ready" ]; then
    echo "Wallet is ready"
    echo "$WALLET"
    break
  fi
  echo "Status: $STATUS — waiting..."
  sleep 1
done

# 3. Sign data
SIGNATURE=$(curl -s -X POST https://api.beta.getpara.com/v1/wallets/$WALLET_ID/sign-raw r
  -H "Content-Type: application/json" r
  -H "X-API-Key: $PARA_API_KEY" r
  -d '{"data": "0x48656c6c6f"}')

echo "Signature: $SIGNATURE"