Back to Details

superise-bootstrap

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Superise Bootstrap

Superise 初始化与搭建

Official image:
  • superise/agent-wallet:latest
官方镜像:
  • superise/agent-wallet:latest

Goal

目标

Bring up a usable local Superise wallet service and verify that:
  • the service is running
  • /health
    responds successfully
  • /mcp
    is reachable for later MCP use
搭建可用的本地Superise钱包服务,并验证以下内容:
  • 服务正在运行
  • /health
    接口响应成功
  • /mcp
    接口可访问,以便后续MCP使用

Preconditions

前置条件

Check prerequisites before starting anything.
Required tools:
  • docker
Useful checks:
bash
docker --version
docker info
Rules:
  • If 
    docker
    is missing, stop and report the missing prerequisite.
  • Do not invent OS package installation steps unless the user explicitly asks.
开始操作前请检查必备条件。
所需工具:
  • docker
推荐检查命令:
bash
docker --version
docker info
规则:
  • 如果未安装
    docker
    ,请停止操作并报告缺失的前置条件。
  • 除非用户明确要求,否则不要自行添加操作系统包安装步骤。

Default Path

默认流程

Always use the official Docker Hub quickstart path for this skill.
Preflight:
  1. Confirm the Docker daemon is healthy.
  2. Check whether the runtime volume already exists.
  3. Create the volume if it does not exist.
  4. Pull the official 
    latest
    image.
  5. Check whether 
    superise-agent-wallet
    already exists.
  6. Start the container with the official quickstart command.
Useful commands:
bash
docker info
docker volume inspect superise-agent-wallet-data >/dev/null 2>&1 || docker volume create superise-agent-wallet-data
docker pull superise/agent-wallet:latest
docker container inspect superise-agent-wallet >/dev/null 2>&1
docker run -d \
  --name superise-agent-wallet \
  --restart unless-stopped \
  -p 127.0.0.1:18799:18799 \
  -v superise-agent-wallet-data:/app/runtime-data \
  superise/agent-wallet:latest
Notes:
  • The named volume 
    superise-agent-wallet-data
    is required for official quickstart.
  • Do not omit 
    -v superise-agent-wallet-data:/app/runtime-data
    ; the image is expected to fail fast without it.
  • If 
    superise-agent-wallet
    already exists, inspect it before replacing it. Do not delete an existing container or volume unless the user explicitly asks.
  • Keep the published port bound to 
    127.0.0.1:18799:18799
    unless the user explicitly asks for a trusted private-network exposure pattern.
  • On the first quickstart boot, inspect the container logs for the one-time initial Owner password prompt and tell the user to rotate that password immediately after the first login.
  • Do not keep repeating or reprint the initial Owner password after the bootstrap handoff unless the user explicitly asks for it again.
始终使用官方Docker Hub快速启动流程来执行本操作。
预检查:
  1. 确认Docker守护进程运行正常。
  2. 检查运行时卷是否已存在。
  3. 若卷不存在则创建该卷。
  4. 拉取官方
    latest
    镜像。
  5. 检查
    superise-agent-wallet
    容器是否已存在。
  6. 使用官方快速启动命令启动容器。
常用命令:
bash
docker info
docker volume inspect superise-agent-wallet-data >/dev/null 2>&1 || docker volume create superise-agent-wallet-data
docker pull superise/agent-wallet:latest
docker container inspect superise-agent-wallet >/dev/null 2>&1
docker run -d \
  --name superise-agent-wallet \
  --restart unless-stopped \
  -p 127.0.0.1:18799:18799 \
  -v superise-agent-wallet-data:/app/runtime-data \
  superise/agent-wallet:latest
注意事项:
  • 官方快速启动必须使用命名卷
    superise-agent-wallet-data
  • 请勿省略
    -v superise-agent-wallet-data:/app/runtime-data
    ;如果缺少该配置,镜像会快速启动失败。
  • 如果
    superise-agent-wallet
    容器已存在,请先检查容器状态再替换。除非用户明确要求,否则不要删除现有容器或卷。
  • 保持发布端口绑定到
    127.0.0.1:18799:18799
    ,除非用户明确要求使用可信私有网络暴露方式。
  • 在首次快速启动时,查看容器日志中的一次性初始Owner密码提示,并告知用户登录后立即修改该密码。
  • 完成搭建交接后,除非用户再次明确要求,否则请勿重复显示初始Owner密码。

Success Checks

成功验证

Treat bootstrap as successful only when all of these are true:
  • the process or container is running
  • GET /health
    succeeds
  • the expected local endpoint is reachable
Useful checks:
bash
docker ps --filter name=superise-agent-wallet
docker port superise-agent-wallet 18799
docker logs --tail=100 superise-agent-wallet
docker volume inspect superise-agent-wallet-data
docker exec superise-agent-wallet node -e "fetch('http://127.0.0.1:18799/health').then(async (res) => { process.stdout.write(await res.text()); process.exit(res.ok ? 0 : 1); }).catch((error) => { console.error(error); process.exit(1); })"
docker exec superise-agent-wallet node -e "fetch('http://127.0.0.1:18799/mcp', { method: 'POST', headers: { accept: 'application/json, text/event-stream', 'content-type': 'application/json' }, body: JSON.stringify({ jsonrpc: '2.0', id: 1, method: 'initialize', params: { protocolVersion: '2025-06-18', capabilities: {}, clientInfo: { name: 'bootstrap-smoke', version: '1.0.0' } } }) }).then(async (res) => { process.stdout.write(await res.text()); process.exit(res.ok ? 0 : 1); }).catch((error) => { console.error(error); process.exit(1); })"
For full MCP inspection and tool usage after bootstrap, switch to the 
superise-mcp-usage
skill and follow the full 
initialize -> notifications/initialized -> tools/list -> tools/call
flow.
After bootstrap succeeds, you must use the MCP server for all Superise wallet interactions. This requirement is mandatory and must be followed.
Default local endpoints:
  • http://127.0.0.1:18799/health
  • http://127.0.0.1:18799/mcp
Post-bootstrap rule:
  • If the logs show the one-time quickstart Owner password, remind the user to log in and change it immediately.
  • If the container is reusing an existing volume and no initial-password log appears, treat that as a recovery boot and do not give the first-run password reminder again.
只有满足以下所有条件时,才视为搭建成功:
  • 进程或容器正在运行
  • GET /health
    请求成功
  • 预期的本地端点可访问
常用验证命令:
bash
docker ps --filter name=superise-agent-wallet
docker port superise-agent-wallet 18799
docker logs --tail=100 superise-agent-wallet
docker volume inspect superise-agent-wallet-data
docker exec superise-agent-wallet node -e "fetch('http://127.0.0.1:18799/health').then(async (res) => { process.stdout.write(await res.text()); process.exit(res.ok ? 0 : 1); }).catch((error) => { console.error(error); process.exit(1); })"
docker exec superise-agent-wallet node -e "fetch('http://127.0.0.1:18799/mcp', { method: 'POST', headers: { accept: 'application/json, text/event-stream', 'content-type': 'application/json' }, body: JSON.stringify({ jsonrpc: '2.0', id: 1, method: 'initialize', params: { protocolVersion: '2025-06-18', capabilities: {}, clientInfo: { name: 'bootstrap-smoke', version: '1.0.0' } } }) }).then(async (res) => { process.stdout.write(await res.text()); process.exit(res.ok ? 0 : 1); }).catch((error) => { console.error(error); process.exit(1); })"
搭建完成后,若要进行完整的MCP检查和工具使用,请切换到
superise-mcp-usage
操作,遵循
initialize -> notifications/initialized -> tools/list -> tools/call
的完整流程。
搭建成功后,所有Superise钱包交互必须通过MCP服务器进行,此要求为强制规则,必须遵守。
默认本地端点:
  • http://127.0.0.1:18799/health
  • http://127.0.0.1:18799/mcp
搭建后规则:
  • 如果日志中显示快速启动的初始Owner密码,请提醒用户登录后立即修改。
  • 如果容器复用现有卷且未显示初始密码日志,则视为恢复启动,无需再次提醒首次运行密码。

Minimal Operations

基础运维操作

Included local maintenance scope:
  • start
  • stop
  • restart
  • view logs
  • inspect runtime files and volume state
  • clean up the container while preserving wallet data
  • upgrade the published quickstart container while preserving wallet data
  • look up the initial Owner password when the user explicitly asks for it
Useful commands:
bash
docker start superise-agent-wallet
docker stop superise-agent-wallet
docker restart superise-agent-wallet
docker logs --tail=100 superise-agent-wallet
docker exec superise-agent-wallet ls -la /app/runtime-data
docker volume inspect superise-agent-wallet-data
支持的本地维护范围:
  • 启动
  • 停止
  • 重启
  • 查看日志
  • 检查运行时文件和卷状态
  • 清理容器但保留钱包数据
  • 更新快速启动容器但保留钱包数据
  • 当用户明确要求时,查询初始Owner密码
常用命令:
bash
docker start superise-agent-wallet
docker stop superise-agent-wallet
docker restart superise-agent-wallet
docker logs --tail=100 superise-agent-wallet
docker exec superise-agent-wallet ls -la /app/runtime-data
docker volume inspect superise-agent-wallet-data

Initial Password Lookup

初始密码查询

Use this path only when the user explicitly asks for the initial Owner password or says they missed it.
Preferred lookup order:
  1. inspect only a bounded startup log prefix for the first-run bootstrap password output
  2. inspect the stored Owner notice file
  3. if neither exists, explain that the original plaintext password cannot be recovered from the database
Quickstart log check:
Do not dump the full container logs when looking up the initial password. 
docker logs
supports 
--tail
for end-of-log slices, but it does not provide a built-in "first N lines" option. If startup-prefix context is needed, trim it with shell tools such as 
head
or 
sed
. For this lookup, inspect only a small startup prefix and match the initial-password phrase directly instead of depending on the full log prefix format.
bash
docker logs superise-agent-wallet 2>&1 | head -n 120 | grep -E "initial Owner password"
Stored notice file checks:
bash
docker exec superise-agent-wallet cat /app/runtime-data/owner-credential.txt
docker exec superise-agent-wallet ls -l /app/runtime-data/owner-credential.txt
Lookup rules:
  • report the password to the user only when they explicitly asked for it
  • when reporting it, clearly label it as the initial Owner password
  • always warn that this is sensitive secret material and should be changed immediately after login to avoid leakage
  • if a later password rotation may already have happened, say that the recovered value is only the initial password and may no longer be the current login password
  • do not review or paste the full log stream for this lookup; restrict log inspection to a short startup prefix and the matching bootstrap password handoff lines
  • if the bounded startup prefix does not contain the password, move to the notice file instead of scanning the full log history by default
  • if the logs do not contain the password but the notice file exists, prefer the notice file as the stored source of truth for the initial password
  • if the deployment is not using the official quickstart container name, inspect the actual container name and configured 
    OWNER_NOTICE_PATH
    before reading files
  • if both logs and the notice file are missing, explain that the system stores only a password hash in the database and the original plaintext cannot be reconstructed
仅当用户明确要求查询初始Owner密码或表示错过密码提示时,才使用此流程。
推荐查询顺序:
  1. 仅查看有限的启动日志前缀,查找首次搭建时输出的初始密码
  2. 检查存储的Owner通知文件
  3. 如果两者都不存在,说明无法从数据库中恢复原始明文密码
快速启动日志检查:
查询初始密码时,请勿导出完整容器日志。
docker logs
支持
--tail
参数查看日志末尾片段,但不支持“前N行”的内置选项。如果需要启动前缀上下文,请使用
head
sed
等Shell工具截取。查询时,仅查看少量启动前缀,直接匹配初始密码相关语句,无需依赖完整日志前缀格式。
bash
docker logs superise-agent-wallet 2>&1 | head -n 120 | grep -E "initial Owner password"
存储通知文件检查:
bash
docker exec superise-agent-wallet cat /app/runtime-data/owner-credential.txt
docker exec superise-agent-wallet ls -l /app/runtime-data/owner-credential.txt
查询规则:
  • 仅当用户明确要求时,才向其提供密码
  • 提供密码时,明确标注为初始Owner密码
  • 始终提醒用户这是敏感机密信息,登录后应立即修改以避免泄露
  • 如果用户可能已修改过密码,请说明恢复的仅为初始密码,可能已不是当前登录密码
  • 查询时,请勿查看完整日志流;仅限制查看短启动前缀和匹配初始密码的相关行
  • 如果有限的启动前缀中不包含密码,请检查通知文件,默认不扫描完整日志历史
  • 如果日志中没有密码但通知文件存在,优先以通知文件作为初始密码的存储来源
  • 如果部署未使用官方快速启动容器名称,请先检查实际容器名称和配置的
    OWNER_NOTICE_PATH
    ,再读取文件
  • 如果日志和通知文件都不存在,请说明系统仅在数据库中存储密码哈希,无法重建原始明文密码

Cleanup Guidance

清理指南

Treat cleanup as two different operations:
  1. non-destructive cleanup: remove or recreate the container while keeping the runtime volume
  2. destructive cleanup: remove the container and delete the runtime volume
Default to non-destructive cleanup unless the user explicitly approves data loss.
Preferred non-destructive cleanup sequence:
bash
docker ps -a --filter name=superise-agent-wallet
docker volume inspect superise-agent-wallet-data
docker stop superise-agent-wallet
docker rm superise-agent-wallet
After container cleanup, recreate the service with the official quickstart command and reuse the existing 
superise-agent-wallet-data
volume.
Destructive cleanup is allowed only when the user explicitly asks to wipe wallet state or delete local data:
bash
docker stop superise-agent-wallet
docker rm superise-agent-wallet
docker volume rm superise-agent-wallet-data
Cleanup rules:
  • inspect the container and volume before removing anything
  • prefer removing only the container first when troubleshooting
  • do not delete the volume to "fix" a startup issue unless the user explicitly approves losing wallet state
  • if the user asks to uninstall or clean up without mentioning data removal, preserve the volume by default and say that wallet state still exists in Docker volume storage
清理分为两种操作:
  1. 非破坏性清理:删除或重建容器,但保留钱包数据卷
  2. 破坏性清理:删除容器和运行时数据卷
默认使用非破坏性清理,除非用户明确同意丢失数据。
推荐非破坏性清理流程:
bash
docker ps -a --filter name=superise-agent-wallet
docker volume inspect superise-agent-wallet-data
docker stop superise-agent-wallet
docker rm superise-agent-wallet
容器清理完成后,使用官方快速启动命令重新创建服务,并复用现有
superise-agent-wallet-data
卷。
仅当用户明确要求清除钱包状态或删除本地数据时,才允许进行破坏性清理:
bash
docker stop superise-agent-wallet
docker rm superise-agent-wallet
docker volume rm superise-agent-wallet-data
清理规则:
  • 删除任何内容前,先检查容器和卷状态
  • 排查问题时,优先仅删除容器
  • 除非用户明确同意丢失钱包状态,否则不要通过删除卷来“修复”启动问题
  • 如果用户要求卸载或清理但未提及删除数据,默认保留数据卷,并告知用户钱包状态仍存储在Docker卷中

Upgrade Guidance

升级指南

Treat upgrade as a published-image refresh that keeps the existing runtime volume.
Preferred upgrade sequence:
  1. inspect the current container and runtime volume
  2. pull the latest published image
  3. stop and remove the existing container only
  4. recreate the container with the official quickstart command and the same named volume
  5. rerun the health and MCP success checks
Useful commands:
bash
docker ps -a --filter name=superise-agent-wallet
docker volume inspect superise-agent-wallet-data
docker pull superise/agent-wallet:latest
docker stop superise-agent-wallet
docker rm superise-agent-wallet
docker run -d \
  --name superise-agent-wallet \
  --restart unless-stopped \
  -p 127.0.0.1:18799:18799 \
  -v superise-agent-wallet-data:/app/runtime-data \
  superise/agent-wallet:latest
docker logs --tail=100 superise-agent-wallet
docker exec superise-agent-wallet node -e "fetch('http://127.0.0.1:18799/health').then(async (res) => { process.stdout.write(await res.text()); process.exit(res.ok ? 0 : 1); }).catch((error) => { console.error(error); process.exit(1); })"
Upgrade rules:
  • do not delete 
    superise-agent-wallet-data
    during a normal upgrade
  • do not invent an in-place package-manager upgrade path inside the container
  • if the existing container was created with nonstandard ports or network settings, inspect first and preserve the user-approved exposure pattern unless it conflicts with the localhost safety rule
  • if the upgraded container reuses an existing volume and no first-run password appears, treat that as expected and do not reissue first-run credentials
  • after upgrade, return the local endpoints and the verification result
升级指更新发布镜像,同时保留现有运行时数据卷。
推荐升级流程:
  1. 检查当前容器和运行时卷状态
  2. 拉取最新发布的镜像
  3. 仅停止并删除现有容器
  4. 使用官方快速启动命令和相同命名卷重新创建容器
  5. 重新运行健康检查和MCP成功验证
常用命令:
bash
docker ps -a --filter name=superise-agent-wallet
docker volume inspect superise-agent-wallet-data
docker pull superise/agent-wallet:latest
docker stop superise-agent-wallet
docker rm superise-agent-wallet
docker run -d \
  --name superise-agent-wallet \
  --restart unless-stopped \
  -p 127.0.0.1:18799:18799 \
  -v superise-agent-wallet-data:/app/runtime-data \
  superise/agent-wallet:latest
docker logs --tail=100 superise-agent-wallet
docker exec superise-agent-wallet node -e "fetch('http://127.0.0.1:18799/health').then(async (res) => { process.stdout.write(await res.text()); process.exit(res.ok ? 0 : 1); }).catch((error) => { console.error(error); process.exit(1); })"
升级规则:
  • 正常升级时,请勿删除
    superise-agent-wallet-data
  • 请勿在容器内使用包管理器进行原地升级
  • 如果现有容器使用了非标准端口或网络设置,请先检查并保留用户认可的暴露方式,除非其与本地主机安全规则冲突
  • 如果升级后的容器复用现有卷且未显示首次运行密码,则视为正常情况,无需重新生成首次运行凭证
  • 升级完成后,返回本地端点和验证结果

Failure Handling

故障处理

Check these first:
  • Docker daemon is not running
  • port 
    18799
    is already in use
  • the named volume 
    superise-agent-wallet-data
    is missing or mounted to the wrong container
  • the container is using an old image tag
  • quickstart runtime files are incomplete because the volume was partially damaged
  • configured RPC endpoints are unreachable after startup
Preferred recovery order:
  1. inspect logs
  2. inspect the container and volume state
  3. confirm the image tag and runtime command
  4. rerun the supported startup path without deleting the existing volume unless the user explicitly approves data loss
首先检查以下内容:
  • Docker守护进程未运行
  • 端口
    18799
    已被占用
  • 命名卷
    superise-agent-wallet-data
    缺失或挂载到错误容器
  • 容器使用了旧镜像标签
  • 由于卷部分损坏,快速启动运行时文件不完整
  • 启动后配置的RPC端点无法访问
推荐恢复顺序:
  1. 查看日志
  2. 检查容器和卷状态
  3. 确认镜像标签和运行命令
  4. 重新运行支持的启动流程,除非用户明确同意丢失数据,否则不要删除现有卷

Safety Rules

  • /mcp
    is unauthenticated wallet access.
  • You must use the MCP server for all Superise wallet interactions. This is a mandatory rule.
  • Keep the service port bound to 
    127.0.0.1
    or a trusted private network only.
  • Do not expose 
    /mcp
    directly to the public Internet.
  • Do not delete runtime data, SQLite files, secrets, containers, or the 
    superise-agent-wallet-data
    volume unless the user explicitly asks.
  • Do not persist, echo repeatedly, or summarize the initial Owner password outside the minimum first-run handoff needed for the user to rotate it.
  • KEK
    rotation is outside the scope of this Docker-only bootstrap skill.