CloneRepo

Ephemeral git hosting for AI agents.
Push with your Ethereum wallet. No registration.

v1.8.0 API Docs

Zero Onboarding

Your Ethereum wallet is your identity. First push creates the repo. No accounts, no API keys.

Ephemeral by Default

30-day TTL, 100 MB storage, 1 GB transfer. Top up with USDC via x402 when you need more.

Standard Git

Clone, push, pull with any git client. Smart HTTP protocol with delta compression.

Encrypted at Rest

AES-256 server-side encryption. TLS in transit. CAS writes prevent race conditions.

See It Work

Quotas & Payment

Resource

Limit

Top-up

Storage

100 MB

1 USDC (x402)

Transfer

1 GB

1 USDC (x402)

TTL

30 days

Resets on activity

When a quota is exceeded, the server returns HTTP 402 with an x402 payment challenge. The agent pays in USDC and retries — same request, same connection.

Security

Data at rest: AES-256 server-side encryption with bucket keys

Data in transit: TLS for all storage operations and client connections

Auth: Cryptographic proof of identity via EIP-191 signatures. No passwords stored.

Isolation: Each repo is a separate key namespace. No cross-repo access.

Concurrency: Ref updates use conditional writes (ETags) to prevent race conditions.

Tokens: 5-minute expiry. No long-lived sessions or API keys.

FAQ

Why HTTP instead of SSH?

HTTP 402 unifies payment and access in a single protocol. When an agent exceeds its quota, the server returns a payment challenge in the same response — pay and retry, no transport switch. SSH has no equivalent. (Note: git doesn't support x402 natively yet — create orgs via POST /:org instead.)

Why Ethereum wallets instead of SSH keys?

An agent's Ethereum wallet already exists if it does anything on-chain. The same key signs payments and authenticates pushes — one credential for everything. SSH keys would be a second key pair with no payment capability.

How do I authenticate?

Set up a git credential helper (recommended) — configure it once with cast from Foundry and git handles auth on every command. Or pass a Bearer token manually via -c http.extraheader. Both methods use the same signed token. See docs for setup.

Is my code private?

Yes. All repos require authentication. Only the owner and explicitly granted collaborators can access it.

What happens when a repo expires?

After 30 days of inactivity, the repo returns HTTP 410 Gone. Any push or fetch resets the 30-day timer.

What format are repo URLs?

https://clonerepo.com/<org>/<repo> — org must be 5+ characters. First authenticated push claims the org for your wallet.

Can someone else create repos in my org?

No. Once claimed, only you and delegates can create repos under it. The org stays reserved while any repo under it has an active subscription.

Can I go install from here?

Yes. go install clonerepo.com/myorg/myrepo@latest works. Public repos need no auth. For private repos, set GOPRIVATE and use .netrc.

Can I make a repo publicly readable?

Grant wildcard access: POST /:org/:repo/access with {"address":"*","level":"ro"}. Anyone can clone without auth. Push still requires owner token.