โ† Back to AI & LLMs
AI & LLMs by @zadahmed

nervepay-agent

Agent identity and analytics

0
Source Code

NervePay โ€” Agent Instructions

You are an AI agent with a NervePay identity. This skill lets you prove WHO you are (cryptographically) and track WHAT you do (analytics/reputation).

What This Skill Does

  • Authenticates you: Signs requests with Ed25519 so API providers know it's really you
  • Tracks your work: Reports every external API call to build reputation
  • Builds trust: Your verified usage history proves you're legitimate

Setup: Get Your Identity

If you don't have NERVEPAY_DID and NERVEPAY_PRIVATE_KEY env vars, register first:

curl -X POST https://api.nervepay.xyz/v1/agent-identity/register-pending \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Your Agent Name",
    "description": "What you do"
  }'

Save these from the response:

  • did โ†’ Set as NERVEPAY_DID
  • private_key โ†’ Set as NERVEPAY_PRIVATE_KEY
  • mnemonic โ†’ Backup for recovery (24 words)
  • claim_url โ†’ Give to your human owner to claim you

You can start authenticating immediately. Human ownership (via claim_url) is optional but recommended for better trust scores.

Making Authenticated Requests

Use the helper script to sign and send requests:

# Authenticated GET
node {baseDir}/nervepay-request.mjs GET /v1/agent-identity/whoami

# Authenticated POST
node {baseDir}/nervepay-request.mjs POST /v1/agent-identity/track-service '{"service_name":"openai","endpoint":"/v1/chat/completions","success":true}'

The script handles Ed25519 signing automatically. It reads NERVEPAY_DID, NERVEPAY_PRIVATE_KEY, and NERVEPAY_API_URL (default: https://api.nervepay.xyz) from environment.

โš ๏ธ MANDATORY: Track External API Usage โš ๏ธ

YOU MUST TRACK EVERY EXTERNAL API CALL. THIS IS NOT OPTIONAL.

Every time you call OpenAI, Stripe, GitHub, weather APIs, or ANY external service, immediately report it to NervePay. This is the core purpose of this skill.

Quick Track (Easiest)

Use the simplified tracking helper immediately after each external call:

# Minimal - just service, endpoint, and success/failure
node {baseDir}/nervepay-track.mjs openai /v1/chat/completions success

# With response time
node {baseDir}/nervepay-track.mjs openai /v1/chat/completions success 1250

# With cost
node {baseDir}/nervepay-track.mjs stripe /v1/charges success 850 10.00

Full Track (More Details)

For complete tracking with all fields:

node {baseDir}/nervepay-request.mjs POST /v1/agent-identity/track-service '{
  "service_name": "openai",
  "endpoint": "/v1/chat/completions",
  "method": "POST",
  "success": true,
  "response_time_ms": 1250,
  "amount": "0.05",
  "currency": "USD"
}'

Example Workflow (DO THIS)

# 1. Call external API
response=$(curl https://api.openai.com/v1/chat/completions ...)

# 2. IMMEDIATELY track it (don't forget!)
node {baseDir}/nervepay-track.mjs openai /v1/chat/completions success

# 3. Continue with your work
echo "$response"

Why tracking is mandatory:

  • Builds your reputation score (proves you're legitimate)
  • Shows API providers your verified usage history
  • Tracks costs and success rates across all services
  • This is literally what NervePay exists for - without tracking, you're not using it

Remember: Track IMMEDIATELY after the call, not later. Make it a habit.

๐Ÿš€ AUTOMATIC TRACKING (Recommended for Lazy Agents)

Tired of remembering to track? Use auto-instrumentation - it intercepts ALL HTTP calls automatically!

How Auto-Instrumentation Works

The nervepay-instrument.mjs script monkey-patches Node.js's fetch(), http.request(), and https.request() to automatically track every external API call. Zero code changes needed!

Setup: Load Instrumentation

Option 1: Command-line flag (recommended)

node --import {baseDir}/nervepay-instrument.mjs your-agent.js

Option 2: Environment variable (global)

export NODE_OPTIONS="--import /path/to/nervepay-instrument.mjs"
node your-agent.js

Option 3: Programmatic (in your code)

// At the very top of your entry file
import './nervepay-skill/nervepay-instrument.mjs';

// Now all HTTP calls are auto-tracked!
await fetch('https://api.openai.com/...');  // Automatically tracked

What Gets Tracked Automatically

โœ… All fetch() calls to external APIs โœ… All http.request() and https.request() calls โœ… Success/failure status โœ… Response time in milliseconds โœ… HTTP status codes

โŒ NOT tracked: Calls to NervePay itself (avoids infinite loop) โŒ NOT tracked: localhost / internal IPs (192.168.x.x, 10.x.x.x)

Disable Auto-Tracking

export NERVEPAY_AUTO_TRACK=false

Example

# Set your credentials
export NERVEPAY_DID="your-did"
export NERVEPAY_PRIVATE_KEY="your-key"

# Run your agent with auto-instrumentation
node --import {baseDir}/nervepay-instrument.mjs your-agent.js

# All HTTP calls in your-agent.js are now automatically tracked!

Bottom line: With auto-instrumentation, you literally cannot forget to track. It just happens. ๐ŸŽ‰

Pairing with OpenClaw Gateways (ClawBot Auto-Configuration)

If you're an agent like ClawBot that manages OpenClaw gateway instances, you can auto-configure gateways using NervePay's pairing flow.

Prerequisites

You MUST have a NervePay identity first! Complete the "Setup: Get Your Identity" section above to register and get your NERVEPAY_DID and NERVEPAY_PRIVATE_KEY before pairing.

Recommended: Have your human owner claim you via the claim_url for better trust scores before pairing gateways.

How Pairing Works

  1. First time: Register your agent identity and optionally get claimed by human owner
  2. User generates pairing code in NervePay dashboard (10-minute expiry)
  3. You authenticate with your agent DID (Ed25519 signature) and send gateway details
  4. NervePay stores the encrypted gateway token and links it to your DID
  5. Only you can refresh the token later (verified by your DID)

Complete Pairing

When your human tells you to "connect to nervepay [CODE]":

# 1. Collect gateway details from your environment/config
PAIRING_CODE="ABC123"  # From user
GATEWAY_URL="https://your-openclaw-gateway.com"
GATEWAY_TOKEN="your-gateway-bearer-token"
GATEWAY_NAME="My Gateway"

# 2. Send pairing request (authenticated with your agent DID)
node {baseDir}/nervepay-request.mjs POST /v1/integrations/openclaw/pairing/complete '{
  "pairing_code": "'$PAIRING_CODE'",
  "gateway_url": "'$GATEWAY_URL'",
  "gateway_token": "'$GATEWAY_TOKEN'",
  "gateway_name": "'$GATEWAY_NAME'",
  "max_concurrent_agents": 8,
  "default_timeout_seconds": 3600
}'

Response on success:

{
  "gateway_id": "uuid-here",
  "gateway_name": "My Gateway",
  "status": "completed",
  "message": "Gateway 'My Gateway' successfully paired with agent did:nervepay:agent:xyz"
}

Refresh Gateway Token

When your OpenClaw gateway token rotates, push the new token:

GATEWAY_ID="gateway-uuid-from-pairing"
NEW_TOKEN="new-gateway-bearer-token"

node {baseDir}/nervepay-request.mjs POST /v1/integrations/openclaw/gateways/$GATEWAY_ID/refresh-token '{
  "new_token": "'$NEW_TOKEN'"
}'

Security: NervePay verifies you're the agent that originally paired the gateway (checks linked_agent_did). Only you can refresh this gateway's token.

Why Pairing?

  • Zero manual setup for users (just give them a code)
  • Cryptographic auth proves you control the gateway
  • Token encryption keeps gateway credentials secure (AES-256-GCM)
  • Auto-expiration detection if gateway returns 401, NervePay marks token as expired
  • Trust: Your verified DID proves the gateway is managed by you

Common Commands

Test authentication

node {baseDir}/nervepay-request.mjs GET /v1/agent-identity/whoami

Returns your DID, name, reputation score, and confirms authentication works.

Check your capabilities

node {baseDir}/nervepay-request.mjs GET /v1/agent-identity/capabilities

Shows your spending limits, allowed operations, and permissions.

Verify another agent

curl "https://api.nervepay.xyz/v1/agent-identity/verify/did:nervepay:agent:abc123xyz"

No auth required. Returns public profile, reputation, and transaction stats for any agent.

Poll claim status (check if human claimed you)

curl "https://api.nervepay.xyz/v1/agent-identity/register-pending/SESSION_ID/status"

Returns: pending, claimed, expired, or revoked.

What the Signature Proves

Guarantee How
Authentication (who is calling) Server verifies Ed25519 signature against your public key
Integrity (what was sent) Signature covers method, path, query, body hash โ€” tampering breaks verification
Replay protection Unique nonce + timestamp prevents captured requests from reuse
Portable identity Your DID carries reputation across all platforms that check NervePay headers

Required Headers (already handled by script)

The helper script adds these automatically:

  • Agent-DID: Your DID
  • X-Agent-Signature: Base64-encoded Ed25519 signature
  • X-Agent-Nonce: Unique nonce (UUID)
  • X-Signature-Timestamp: ISO 8601 timestamp

Security Notes

  • Private key: NEVER send to any server. Only send signatures.
  • Nonces: Single-use. Generate new for each request (script handles this).
  • Timestamps: Must be within 5 minutes of server time.
  • Mnemonic: 24-word backup phrase. Store securely offline.

Full API Reference

See {baseDir}/api.md for complete endpoint documentation, error codes, and advanced usage.

API Base: https://api.nervepay.xyz/v1 Docs: https://nervepay.xyz/docs GitHub: https://github.com/nervepay/nervepay