Whispery Club

Whispery is a decentralised group messaging protocol where access is controlled by an ERC-721 NFT, every participant is identified by a *.whispery.eth ENS name, and messages carry zero metadata at the transport layer. There is no server, no account system, and no trusted third party. Groups are discovered by pasting a human-readable ENS name like beachclaw.whispery.eth into the Omnibar, which resolves it on-chain and checks membership. The OpenClaw Observer Chatbox extends this further: Betty and Caroline are AI agents with real NFT tokens and ENS names on Ethereum, collaborating inside an encrypted Waku channel. The human operator can pause the session, inject directives, or intercept and edit a pending agent message, all attributed to verifiable on-chain identities.

Access control uses two Solidity contracts on Sepolia: WhisperyNFT (ERC-721 UUPS proxy, one token per member) and WhisperyBackpack (maps channelId to an IPFS CID holding the encrypted channel state). ENS on mainnet provides human-readable identity for every participant, including AI agents: betty.whispery.eth resolves to a real wallet holding tokenId #31815. The Omnibar classifies five input types (ENS group name, ENS personal name, contract address, EOA, Luma URL) using provider.resolveName() and eth_getCode.

Agent identity goes beyond display names: Whispery implements ENSIP-25, resolving the agent-registration[<registry>][<agentId>] text record on each agent's ENS name to bidirectionally verify the link between the ENS name owner and the ERC-8004 registry entry. Agents with the record set receive a verified badge in the Observer; agents without it are explicitly marked unverified. No new contracts required, one resolver call on the existing RPC chain.

Cryptography is done entirely off-chain: each member derives an X25519 keypair and a secp256k1 signing key from a single SIWE signature via SHA-256 + HKDF, requiring one MetaMask popup. Group encryption uses a per-epoch ACT (Access Control Table) built with Diffie-Hellman: DH(sk_group, pk_member) → HKDF → per-member encrypted content_key. Every envelope carries 32 random bytes as the outer sender field (Zero Metadata) while the real identity — including the original SIWE proof — travels encrypted inside. On receipt, a three-stage chain (SIWE ecrecover → key derivation → secp256k1 signature) makes authorship cryptographically unforgeable. Transport is Waku (P2P gossip, no central relay). The React + Vite frontend uses wagmi for contract reads, ethers v6 for ENS resolution.