SeekerClaw
SeekerClaw — winner of the Solana Mobile Hackathon (April 2026) — embeds a Node.js AI agent inside an Android app, running 24/7 as a foreground service. You interact through Telegram or Discord — ask questions, control your phone, trade crypto, schedule tasks, and now pay for paid APIs autonomously in USDC.
v2 introduced a burner wallet + x402 payment client; v2.1 expands it into a full autonomous trading wallet. Import a Solana key once, set per-tx and daily caps, and your agent can trade within those caps — swap tokens, convert held balances (including fee-free Token-2022 like PYUSD) back to USDC/SOL, send SPL tokens, and place limit / DCA orders — signing silently while it stays under cap and falling back to a main-wallet popup when it doesn't. It can also pay 44 catalogued x402 endpoints across 10 services (market data, real estate, travel, research, captcha, SMS, more) when you opt in to a paid lookup. Your Phantom / MWA wallet stays fully user-controlled.
64 built-in tools (plus MCP remote tools), 22 bundled skills + 35+ partner skills, two-wallet Solana with capped autonomous trading, multi-provider AI (Claude + OpenAI + OpenRouter + any OpenAI-compatible gateway), extended thinking preserved across tool calls, graceful Stop — all running locally on your device. Built for the Solana Seeker, runs on any Android 14+ phone.
Winner — Solana Mobile Hackathon · April 2026
SeekerClaw was selected as a winner of the Solana Mobile Hackathon, recognized for running a full AI agent on-device on the Solana Seeker. v2 builds on that foundation with autonomous USDC payments via the burner wallet — turning the on-device agent from a smart assistant into an actual economic agent on Solana.
Features
| Feature | What it does | |
|---|---|---|
| :robot: | AI Engine | Claude, OpenAI (API key + Codex OAuth), OpenRouter, or any OpenAI-compatible gateway (Custom). Multi-turn tool use, extended thinking on supported models |
| :credit_card: | Autonomous Wallet (trading + x402) | A separate, app-stored burner wallet (you import a key once) lets the agent transact in USDC / SOL on Solana — within per-tx and daily caps you set in Settings. Trading: swaps, held-token conversions (incl. fee-free Token-2022 like PYUSD) back to USDC/SOL, SPL transfers, and limit / DCA orders — signed silently under cap, main-wallet popup over cap. Payments: x402 v1 + v2 end-to-end including POST settlement (GET silent under cap, POST always confirmed), across 44 catalogued endpoints / 10 services (Stablecrypto Market Data, Tripadvisor, Rentcast, Perplexity, WolframAlpha, Reducto, CrushRewards, 2Captcha, Textbelt SMS, Purch). OPT-IN paid catalog — activates only when you explicitly ask to pay. Burner key encrypted under Android Keystore (AES-256-GCM); your main wallet stays user-controlled. |
| :thought_balloon: | Extended Thinking | Toggle in Settings → AI Provider → Reasoning or via /think from chat. Supported models (Fable 5, Opus 4.8 / 4.7 / 4.6, Sonnet 4.6, GPT-5.5 / 5.4 / 5.3-codex, gpt-5.4-mini) think across tool calls, with reasoning preserved across /resume and tool-loop turns on all four providers (Claude, OpenAI, OpenRouter, Custom). |
| :speech_balloon: | Channels | Telegram (full bot — reactions, file sharing, inline keyboards, rich messages: tables / headings / math via Bot API 10.1, with automatic plain-text fallback) or Discord (Gateway v10 — DMs, media, reply threading) |
| :link: | Solana Wallets | Main wallet: swaps, limit orders, DCA, transfers via Jupiter + MWA — you sign every action. Burner wallet: a key you import once, used for capped autonomous trading (swaps, conversions, SPL sends, limit/DCA orders — silent under cap, main-wallet popup over cap) and x402 payments (GET silent under cap, POST always confirmed). See Autonomous Wallet below. |
| :iphone: | Device Control | Battery, GPS, camera, SMS, calls, clipboard, TTS |
| :brain: | Memory | Persistent personality, daily notes, ranked keyword search, session summaries preserved across user-Stop |
| :pause_button: | Graceful Stop | Tapping Stop Agent triggers a bounded flush handshake — pending session summaries and dirty SQL.js writes persist before the Node.js process exits. Last ~60s of activity survives a clean Stop. |
| :alarm_clock: | Scheduling | Cron jobs with natural language ("remind me in 30 min") |
| :globe_with_meridians: | Web Intel | Search (Brave / Perplexity / Exa / Tavily / Firecrawl), fetch, caching |
| :gear: | Live Settings | Change provider, model, MCP servers, search provider, or agent name in Settings — or from chat with /model, /provider, /think — and changes take effect on the very next AI turn. No agent restart, no lost session. Backed by cross-process JSON stores read by both the UI process and the :node service. |
| :key: | Env Vars | Plug arbitrary API keys into the agent via Settings → Env Vars (single add or .env-style bulk paste). Skills and tools read them at runtime via process.env.KEY; values masked from debug logs. Skills can gate on requires.env so missing keys block activation cleanly |
| :bar_chart: | Activity | 26-week heatmap of your agent's API requests on the System screen — see when it's active, spot quiet days. Up to 13 months of daily history persisted on-device |
| :electric_plug: | Extensible | 35+ partner skills + custom skills + MCP remote tools |
Autonomous Wallet
v2 made SeekerClaw the first on-device agent that can transact on the open web; v2.1 lets it trade, too — all within caps you control. Two wallets, two roles:
- Main wallet (you sign): Phantom or any MWA wallet. Every action goes through a wallet popup — and any trade over your caps, or when no burner is configured, routes here.
- Burner wallet (agent signs, within caps): A Solana Ed25519 keypair you import once (from Phantom, Solflare, a hardware wallet, or
solana-keygen) — encrypted at rest under Android Keystore (AES-256-GCM). SeekerClaw does not generate keys. Used for capped autonomous trading — swaps, held-token conversions, SPL sends, limit/DCA orders — and x402 payments to paid APIs. You set per-tx and daily caps in USDC and SOL; the agent cannot exceed them.
Capped trading is live. solana_swap, solana_send, solana_send_token, jupiter_trigger_create, and jupiter_dca_create route through the burner when a trade is under your caps (signed silently) and fall back to a main-wallet popup when it's over cap or no burner is configured. Held-token conversions (e.g. PYUSD → USDC, no price oracle required, under a 1% price-impact limit) and Token-2022 balances are handled natively.
For payments, the agent uses three tools — agent_pay, wallet_status, wallet_set_caps — to fetch x402-protected endpoints and settle. GET requests under cap settle silently; POST requests always ask for confirmation. SSRF defense, DNS-rebinding protection, and an 18-error-code DIAGNOSTICS playbook are built in.
x402 v2 is live end-to-end. agent_pay completes the full 402 → build USDC transfer → settle → retrieve response loop for v2 services including Tripadvisor, CoinGecko (via Stablecrypto Market Data), and Textbelt SMS POST. No "detect/build only" caveats — POST settlement works.
Catalogued services (bundled paysh-catalog skill, OPT-IN):
- Stablecrypto Market Data — 21 endpoints (CoinGecko + DefiLlama)
- Tripadvisor (5), Rentcast (5), CrushRewards (4)
- Perplexity (2), WolframAlpha (2), Reducto (2)
- 2Captcha, Textbelt SMS, Purch (1 each)
The catalog was built from a 72-service / 824-endpoint audit of the pay.sh ecosystem (BAT-706); 63 known-but-not-usable service entries are documented in unsupported.json with structured failure reasons. The catalog stays dormant unless you explicitly ask to pay ("pay", "x402", "paysh").
Burner key security: Imported Ed25519 seed stored under filesDir/burner_keys/<id>, encrypted with a Keystore-derived AES-256-GCM key. Signing happens inside the Kotlin vault — the Node.js process sends a transaction blob and gets back a signature; it never holds the raw key. Loopback bridge requires a per-boot auth token. android:allowBackup=false keeps burner keys out of cloud backups. agent_pay resolves DNS before any HTTP request and refuses private-range IPs.
Opt out anytime: Settings → Burner Wallet → Wipe Keys. The agent reverts to single-wallet mode with paysh-catalog dormant — zero behavior change vs v1.10.
Architecture
graph LR
You["You (Telegram)"] -->|messages| Agent["SeekerClaw Agent"]
Agent -->|reasoning| AI["AI Provider (Claude / OpenAI / OpenRouter / Custom)"]
Agent -->|swaps, balance| Solana["Solana / Jupiter"]
Agent -->|device access| Bridge["Android Bridge"]
Agent -->|search, fetch| Web["Web APIs"]
AI -->|tool calls| Agent
On-device stack:
Android App (Kotlin, Jetpack Compose) ~27K lines, 68 files
└─ Foreground Service (:node process)
└─ Node.js Runtime (nodejs-mobile) ~24K lines, 50+ JS modules
├─ ai.js — AI provider API, system prompt, conversations, /think
├─ message-handler.js — Inbound message routing, commands, auto-resume
├─ providers/ — Claude, OpenAI (API key + Codex OAuth), OpenRouter, Custom adapters
├─ tools/ — 64 tool handlers across 13 modules (incl. solana_send_token, agent_pay, wallet_status)
├─ payment/x402.js — x402 v1 + v2 payment protocol (detect / build / settle — v2 settle is live end-to-end)
├─ wallet/dispatch.js — Routes signing through burner (capped, silent) or main (popup)
├─ caps/preflight.js — Per-tx and daily cap preflight checks before any tx
├─ confirmation/policy.js — Confirmation gates (burner-silent vs main-confirm vs blocked)
├─ reasoning-gating.js — Per-provider reasoning echo policy (R1 strip, V4 echo, etc.)
├─ reasoning-recovery.js — Adaptive 3-step quarantine on 400 reasoning_content errors
├─ reasoning-redact.js — sha256 fingerprint-only logging for reasoning content
├─ silent-reply.js — [[SILENT_REPLY]] sentinel handling
├─ loop-detector.js — Identical-call loop detection (3 warn / 5 break)
├─ http.js — HTTP/HTTPS transport, SSE streaming
├─ task-store.js — Persistent task checkpoints
├─ solana.js — Jupiter swaps, DCA, limit orders
├─ telegram.js — Bot, formatting, commands, repetition detector
├─ telegram-commands.js — Single-source registry for /commands menu + /help (drift-guarded)
├─ discord.js — Discord Gateway v10 client + REST sends
├─ channel.js — Channel router (telegram | discord)
├─ memory.js — Persistent memory + ranked search
├─ skills.js — Skill loading + semantic routing
├─ cron.js — Job scheduling + natural language parsing
├─ mcp-client.js — MCP Streamable HTTP client (rug-pull detection)
├─ mcp-servers.js — MCP server config CrossProcessStore (BAT-514)
├─ internal-control-server.js — Loopback control endpoints (/healthz, /mcp/reconcile, /shutdown/flush)
├─ runtime-state.js — Live provider/authType/model overlay (BAT-513)
├─ agent-preferences.js — searchProvider + agentName cross-process store (BAT-515)
├─ model-catalog.js — Shared model registry (BAT-517)
├─ web.js — Search providers + fetch + caching
├─ database.js — SQL.js analytics + flushForShutdown (BAT-525)
├─ security.js — Prompt injection defense
├─ bridge.js — Android Bridge HTTP client (main process)
├─ config.js — Config loading + validation
└─ main.js — Orchestrator + heartbeat + cron timer
Quick Start
Prerequisites: Android Studio, JDK 17, Android SDK 35
git clone https://github.com/sepivip/SeekerClaw.git
cd SeekerClaw
./gradlew assembleDappStoreDebug
adb install app/build/outputs/apk/dappStore/debug/app-dappStore-debug.apk
Open the app → pick your AI provider (Claude, OpenAI, or OpenRouter) → enter your API key + Telegram bot token + choose a model + name your agent — or generate a QR code at seekerclaw.xyz/setup and scan it. Done. For custom gateways (DeepSeek, Ollama, LiteLLM, etc.), configure in Settings after setup.
Step-by-step setup guide: How to set up SeekerClaw
Beta — SeekerClaw is under active development. Expect rough edges and breaking changes. Issues and PRs welcome.
Partner Skills
SeekerClaw also ships 22 bundled skills out of the box — including the v2 additions burner-wallet and paysh-catalog, plus calculator, weather, news, research, summarize, translate, reminders, todo, github, crypto-prices, and more. See the full partner skills catalog for all 35+ third-party options available from the marketplace.
Install via Telegram: send your agent the install link and it handles the rest.
| Skill | What it does | Install | |
|---|---|---|---|
| :ocean: | Byreal | Trade on Byreal DEX — pool analytics, swap quotes, LP positions, copy top farmers | Install |
| :rocket: | Career Companion | AI career coach — job search, resume tailoring, mock interviews, salary research | Install |
| :paw_prints: | ClawPump | Launch tokens on Solana via pump.fun — gasless launches | Install |
| :crystal_ball: | Dune Analytics | Query onchain data — DEX trades, token stats, wallet activity | Install |
| :house: | Home Assistant | Control smart home — lights, climate, vacuum, alarm, media | Install |
Build your own: Skills are Markdown files with YAML frontmatter. See SKILL-FORMAT.md for the spec.
Important Safety Notice
SeekerClaw gives an AI agent real capabilities on your phone — including wallet transactions, messaging, and device control. Please be aware:
- AI can make mistakes. Large language models hallucinate, misinterpret instructions, and occasionally take unintended actions. Always verify before trusting critical outputs.
- Prompt injection is a real risk. Malicious content from websites, messages, or files could manipulate the agent. SeekerClaw includes defenses, but no system is bulletproof.
- Wallet transactions are irreversible. Swaps, transfers, and DCA orders on Solana cannot be undone. Main-wallet actions and any transaction over your caps require your confirmation — read the details before approving. (Under-cap burner actions sign automatically; see below.)
- Start with small amounts. Don't connect a wallet with significant funds until you're comfortable with how the agent behaves.
- The burner wallet acts autonomously, within caps. v2.1's burner wallet — a key you import once — can trade (swaps, conversions, transfers, limit/DCA orders) without prompting you, as long as each transaction stays under your per-tx and daily caps. x402 GET requests also run silently under cap; x402 POST settlement always asks for confirmation regardless of caps. Set caps you're comfortable with the agent spending, and only fund the burner with what you'd be okay losing if the agent makes a poor call. Your main wallet remains popup-protected.
- You are responsible for your agent's actions. SeekerClaw is a tool, not financial advice. The developers are not liable for any losses.
TL;DR: Treat your agent like a capable but imperfect assistant. Verify important actions, secure your wallet, and don't trust it with more than you can afford to lose.
Community
Thanks to all contributors:
Links
Website: seekerclaw.xyz · Product Hunt: SeekerClaw · Twitter: @SeekerClaw · Telegram: t.me/seekerclaw
Contributing · Security · Changelog · License





