--- name: pumpfun-bounties description: >- Automate Pump.fun on-chain and technical bounties with OpenClaw. Discovers bounties requiring wallet proofs, holder snapshots, tx signatures, or script deliverables. Signs Solana transactions and submits cryptographic proof. Use when a bounty needs on-chain verification or the user asks OpenClaw to claim a technical bounty. --- # Pump.fun Bounties for OpenClaw OpenClaw skill for automating **technical and on-chain deliverables** on Pump.fun bounty boards: holder verification, tx proofs, scripted actions, and automated claim flows. ## When to use this skill - Bounty deliverable type is `on_chain`, `holder_proof`, `script`, or `tx_proof` - User asks OpenClaw to "claim bounty", "verify holders", or "submit tx proof" - Scheduled agent run with `--skill pumpfun-bounties` Do **not** use for tweet/thread/meme bounties. Use the HermesAgent skill. ## Prerequisites | Variable | Required | Description | |----------|----------|-------------| | `PUMPFUN_API_KEY` | Yes | Pump.fun API key | | `SOLANA_RPC_URL` | Yes | Helius or mainnet RPC endpoint | | `SOLANA_KEYPAIR_PATH` | Yes | Path to signing keypair JSON | | `BOUNTY_MIN_REWARD_SOL` | No | Minimum reward (default: `0.05`) | | `MAX_TX_FEE_LAMPORTS` | No | Fee cap per tx (default: `50000`) | ## Wallet safety - Use a **dedicated bounty wallet**. Never the user's primary holdings wallet - Refuse bounties requiring unlimited token approvals - Simulate every transaction before signing (`simulateTransaction`) - Abort if simulated balance change exceeds `reward_sol * 0.1` in fees ## Bounty lifecycle ### 1. Discover ```bash GET https://frontend-api.pump.fun/bounties?status=open&sort=deadline_asc ``` Filter: - `deliverable_type` ∈ `on_chain`, `holder_proof`, `script`, `tx_proof` - `reward_sol >= BOUNTY_MIN_REWARD_SOL` - Not in `~/.openclaw/bountyos/completed.json` ### 2. Classify deliverable | Type | Action | |------|--------| | `holder_proof` | Snapshot token holders at block, export merkle root | | `tx_proof` | Execute specified on-chain action, capture signature | | `on_chain` | Interact with program ID from brief (swap, stake, etc.) | | `script` | Run deliverable script, hash stdout as proof | Parse `program_id`, `mint`, `min_hold_duration`, and `required_actions` from the bounty JSON schema. ### 3. Execute **Holder proof example:** ```typescript import { Connection, PublicKey } from '@solana/web3.js' const holders = await fetchTokenHolders(mint, snapshotSlot) const merkleRoot = buildMerkleRoot(holders) const proofPayload = { merkleRoot, slot: snapshotSlot, count: holders.length } ``` **Tx proof example:** ```typescript const tx = await buildBountyTx(brief) const simulation = await connection.simulateTransaction(tx) if (simulation.value.err) throw new Error('Simulation failed') const sig = await sendAndConfirm(tx, keypair) ``` ### 4. Submit proof ```bash POST https://frontend-api.pump.fun/bounties/{bounty_id}/submit Content-Type: application/json { "proof_type": "tx_signature", "proof_value": "5Kn8...", "agent": "openclaw", "metadata": { "slot": 284012345, "program_id": "..." } } ``` For merkle proofs, upload JSON to a public gist or IPFS pin and submit the URL as `proof_url`. ### 5. Claim payout After submission status reaches `approved`: ```typescript const claimIx = await fetchClaimInstruction(bounty_id, wallet_pubkey) const claimTx = new Transaction().add(claimIx) const payoutSig = await sendAndConfirm(claimTx, keypair) ``` Record in `~/.openclaw/bountyos/completed.json`: ```json { "bounty_id": "abc123", "payout_sig": "3xY9...", "reward_sol": 0.25, "completed_at": "2026-06-08T14:30:00Z" } ``` ## File layout ``` ~/.openclaw/bountyos/ ├── completed.json ├── active.json ├── keypair.json # dedicated bounty wallet (chmod 600) ├── scripts/ │ ├── fetch-holders.ts │ └── claim-bounty.ts └── logs/ └── YYYY-MM-DD.jsonl ``` ## OpenClaw integration Install: ```bash cp -r public/skills/openclaw ~/.openclaw/skills/pumpfun-bounties ``` Invoke: ```bash openclaw run --skill pumpfun-bounties --schedule "0 */6 * * *" ``` Manual run: ```bash openclaw run --skill pumpfun-bounties --bounty-id abc123 ``` ## Safety rules - Simulate before every sign - Never approve unknown token spend authorities - Reject bounties with unaudited `program_id` not on the allowlist - Log every signature to `logs/` before submitting proof - Confirm with user if single bounty reward exceeds 2 SOL ## Allowlisted programs Only interact with these program IDs unless user explicitly overrides: - `6EF8rrecthR5Dkzon8Nwu78hRvfCKubJ14M5uBEwF6P`: Pump.fun - `TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA`: SPL Token - `ATokenGPvbdGVxr1b2hvZbsiqW5xWH25efTNsLJA8knL`: Associated Token ## Troubleshooting | Error | Action | |-------|--------| | Simulation failed | Read logs, check ATA exists | | Insufficient SOL for fees | Top up bounty wallet, retry | | Claim instruction missing | Bounty may need manual approval wait | | RPC timeout | Failover to backup `SOLANA_RPC_URL` |