Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From midnight-verify
Verification by source code inspection of the Midnight Wallet SDK repositories. Searches and reads the actual wallet SDK source code to verify claims about wallet packages, the DApp Connector API, HD derivation, address encoding, and the three-wallet architecture. Uses octocode-mcp for quick lookups, falls back to local cloning for deep investigation. Loaded by the source-investigator agent when the claim domain is wallet SDK.
npx claudepluginhub devrelaicom/midnight-expert --plugin midnight-verifyHow this skill is triggered — by the user, by Claude, or both
Slash command
/midnight-verify:verify-by-wallet-sourceThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
You are verifying a claim about the Midnight Wallet SDK by reading the actual source code. Follow these steps in order.
Wallet SDK claim classification and method routing. Determines what kind of wallet SDK claim is being verified and which verification methods apply: type-checking (pre-flight only), source investigation (primary), or devnet E2E (fallback). Handles claims about @midnight-ntwrk/wallet-sdk-* packages, WalletFacade, WalletBuilder, the DApp Connector API, HD derivation, Bech32m addresses, branded types, and the three-wallet architecture. Loaded by the /midnight-verify:verify command alongside the hub skill.
This skill should be used when the user asks about the Midnight.js SDK, midnight-js packages, @midnight-ntwrk npm packages, setting up SDK providers, deploying or finding contracts with deployContract or findDeployedContract, calling circuits with callTx or submitCallTx, the transaction lifecycle, SDK provider types (WalletProvider, MidnightProvider, PublicDataProvider, ProofProvider, ZkConfigProvider, PrivateStateProvider), testkit-js testing, observable state subscriptions, contract maintenance and verifier keys, or connecting to the indexer or proof server.
This skill should be used when reviewing Compact smart contract code, TypeScript witness implementations, or test files for a Midnight project. Applies when a user asks to "review my Compact contract", "audit this smart contract", "check my Midnight code", or "run a code review checklist". Provides category-specific checklists covering privacy, security, cryptographic correctness, token economics, concurrency, compilation, performance, architecture, code quality, testing, and documentation, plus mechanical verification via /midnight-verify:verify.
Share bugs, ideas, or general feedback.
You are verifying a claim about the Midnight Wallet SDK by reading the actual source code. Follow these steps in order.
Source code is evidence. Everything else is a hint.
| Source | Role | Rule |
|---|---|---|
| Source code definitions (function signatures, type exports, implementation) | Primary evidence | Always the target. Verdicts must cite source code. |
| Test files | Navigation aid | Follow test imports to find the right source code to inspect. Do not cite tests as evidence. Running tests (clone to /tmp, execute) is a last resort — realistically never needed. |
| docs-snippets, spec documents (Wallet Spec, DApp Connector Spec, Ledger Spec) | Hints only | Useful for orienting where to look. Never evidence on their own. Any claim derived from these must be corroborated by source code inspection. |
| ADRs, Design.md | Hints only | Can support "why" claims, but the "what" they describe must be verified via source. |
Repository routing — match the claim to the right repo and path:
| Claim About | Primary Repo | Key Paths |
|---|---|---|
| Facade API, unified wallet operations | midnightntwrk/midnight-wallet | packages/facade/src/ |
| Variant/runtime, hard-fork migration | midnightntwrk/midnight-wallet | packages/runtime/src/ |
| Shielded wallet, ZK coin management | midnightntwrk/midnight-wallet | packages/shielded-wallet/src/v1/ |
| Unshielded wallet, Night UTXO | midnightntwrk/midnight-wallet | packages/unshielded-wallet/src/v1/ |
| Dust wallet, fee mechanics | midnightntwrk/midnight-wallet | packages/dust-wallet/src/v1/ |
| Branded types, core abstractions | midnightntwrk/midnight-wallet | packages/abstractions/src/ |
| Coin selection, balancing, proving, submission | midnightntwrk/midnight-wallet | packages/capabilities/src/ |
| HD key derivation, BIP32/BIP39 | midnightntwrk/midnight-wallet | packages/hd/src/ |
| Bech32m address encoding | midnightntwrk/midnight-wallet | packages/address-format/src/ |
| Common utilities (EitherOps, ObservableOps) | midnightntwrk/midnight-wallet | packages/utilities/src/ |
| GraphQL indexer sync | midnightntwrk/midnight-wallet | packages/indexer-client/src/ |
| Polkadot RPC submission | midnightntwrk/midnight-wallet | packages/node-client/src/ |
| ZK proof generation client | midnightntwrk/midnight-wallet | packages/prover-client/src/ |
| DApp Connector API types and spec | midnightntwrk/midnight-dapp-connector-api | src/api.ts |
Package hierarchy context:
The wallet SDK is a monorepo with this dependency structure:
facade ← Unified API combining all wallet types
├── shielded-wallet
├── unshielded-wallet
└── dust-wallet
↓
runtime ← Wallet lifecycle/variant orchestration
├── abstractions ← Interfaces that variants must implement
└── capabilities ← Shared implementations (coin selection, balancing)
↓
utilities ← Common types and operations
External communication packages: indexer-client, node-client, prover-client.
Key management: hd (BIP32/BIP39), address-format (Bech32m).
Start with targeted lookups using the octocode-mcp tools:
githubSearchCode — search for specific function names, type names, export definitions in midnightntwrk/midnight-walletgithubGetFileContent — read a specific file once you know the pathgithubViewRepoStructure — understand the package layout if you're not sure where to lookSearch strategy:
src/index.ts exports first, then trace to the implementation filemidnightntwrk/midnight-dapp-connector-api source directlyIf octocode-mcp results are insufficient — tracing cross-package dependencies, counting exports, or following complex call chains across the monorepo — clone locally:
CLONE_DIR=$(mktemp -d)
git clone --depth 1 git@github.com:midnightntwrk/midnight-wallet.git "$CLONE_DIR/midnight-wallet"
For DApp Connector API claims:
git clone --depth 1 git@github.com:midnightntwrk/midnight-dapp-connector-api.git "$CLONE_DIR/midnight-dapp-connector-api"
Always use SSH protocol (git@github.com:), not HTTPS.
After investigation, clean up:
rm -rf "$CLONE_DIR"
What counts as evidence (ordered by strength):
Watch for:
Effect<A, E, R>, Either<A, E>, Stream.Stream<A, E, R> appear throughout. Understand that Effect describes side-effectful computation and Either describes pure synchronous results.Brand.nominal<T>()) are used for ProtocolVersion, WalletSeed, WalletState. These are compile-time distinctions — the runtime value is the underlying primitive.src/v1/). Claims about behavior must be checked against the correct version.Observable from RxJS is used at the facade API boundary. Internal code uses Effect Stream.Your report must include:
Report format:
### Source Investigation Report
**Claim:** [verbatim]
**Searched:** [repo(s) and method — octocode-mcp search / local clone]
**Found:**
- File: [repo/path/to/file.ext:line-range]
- Link: [full GitHub URL]
- Content: [relevant code snippet or summary]
**Interpretation:** [Confirmed / Refuted / Inconclusive] — [explanation of what the source shows and how it relates to the claim]
If inconclusive, explain: