← 返回
未分类 Key 中文

Truclaw Biometric

Biometric guardrail for OpenClaw. Intercepts dangerous tool calls and requires Face ID verification via TruClaw iOS app before execution. Biometric processin...
OpenClaw的生物识别防护功能。拦截危险工具调用,在执行前需通过TruClaw iOS应用进行面容ID验证。
sanjaymk908 sanjaymk908 来源
未分类 clawhub v1.0.3 1 版本 100000 Key: 需要
★ 0
Stars
📥 315
下载
💾 0
安装
1
版本
#latest

概述

TruClaw — Biometric AI Guardrail

TruClaw stops your OpenClaw agent from executing dangerous actions without

verified human authorization. When a sensitive tool call is detected — deleting

files, sending messages, running shell commands — TruClaw sends a push

notification to your iPhone. Complete Face ID to authorize. Ignore it to block.

Every authorization is backed by a Secure Enclave-signed JWT — hardware

attestation that cryptographically proves a live human authorized the action

on a specific trusted device. No chat account compromise, no prompt injection,

no replay attack can forge this.


Privacy and cloud usage — what runs where

ComponentWhere it runs
------
Face matching and biometric processingOn-device only — Apple Vision framework
Biometric data (photos, face vectors)Never leaves your iPhone
Danger classification (Claude Haiku)Anthropic API — tool name and args only, no personal data
Push deliveryCloudflare Worker relay + Firebase Messaging — session token only, no personal data
JWT signingiPhone Secure Enclave — key never leaves device
Relay source codeFully open: https://github.com/sanjaymk908/trukyc-openclaw/tree/main/cloudflare-worker

The relay handles two things only: forwarding FCM push notifications to your iPhone,

and temporarily storing the signed JWT (auto-deleted after 2 minutes) for the plugin

to pick up. It never sees biometric data, photos, or personal information.

You can self-host the relay on your own Cloudflare account using the included

source code if you prefer not to use the shared relay endpoint.


Security transparency

  • Plugin source: https://github.com/sanjaymk908/trukyc-openclaw/tree/main/
  • Relay source: https://github.com/sanjaymk908/trukyc-openclaw/tree/main/cloudflare-worker
  • The plugin runs in a privileged before_tool_call hook — review the source before installing
  • The relay domain is trukyc-relay.trusources.workers.dev (Cloudflare Workers, owned by plugin author)
  • Self-hosting the relay is supported and documented in the README

Requirements

  • OpenClaw 3.28+
  • TruClaw iOS app (search "TruClaw" on App Store)
  • Anthropic API key (for Claude Haiku danger classification — tool names and args only)
  • TRUKYC_RELAY_URL (default shared relay provided, self-hosting supported)

Setup (3 steps)

Step 1 — Install TruClaw iOS app

Search "TruClaw" on the App Store. Complete one-time enrollment:

  • Take a selfie
  • Scan your Driver's License or Passport
  • Green badge confirms successful enrollment

Your biometric profile is stored encrypted in your iPhone Secure Enclave.

No photos or biometric data leave your device at any point.

Step 2 — Install and configure plugin

git clone https://github.com/sanjaymk908/trukyc-openclaw.git

mv trukyc-openclaw truclaw

cd truclaw

npm install && npm run build

Add to ~/.openclaw/openclaw.json plugins section:

"plugins": {

"load": {

"paths": ["/path/to/truclaw"]

},

"entries": {

"truclaw": { "enabled": true, "config": {} }

}

}

Add env vars:

"env": {

"TRUKYC_RELAY_URL": "https://trukyc-relay.trusources.workers.dev",

"ANTHROPIC_API_KEY_TRUKYC": "your-anthropic-api-key"

}

Restart OpenClaw:

openclaw gateway stop && sleep 3 && openclaw gateway install && sleep 5

openclaw plugins list | grep trukyc

Step 3 — Pair your iPhone

Run in any OpenClaw channel:

/trukyc-pair

A QR code appears. Scan it with the TruClaw iOS app. Done.


How it works

  1. OpenClaw Agent detects a tool call
  2. TruClaw Plugin intercepts via before_tool_call hook
  3. Claude Haiku classifies the tool call as safe or dangerous
  4. If dangerous: TruClaw Relay sends push notification via Firebase Messaging
  5. TruClaw iOS App receives notification on your iPhone
  6. User completes Face ID biometric match
  7. iPhone Secure Enclave signs authorization JWT — hardware-bound, tamper-proof
  8. Plugin polls relay, receives and verifies JWT
  9. isAbove21=true → action proceeds / isAbove21=false → action blocked

TruClaw vs native OpenClaw approval

OpenClaw /approveTruClaw Biometric
---------
Authorization methodText command in chatFace ID on iPhone
Proof of humanNoneSecure Enclave hardware attestation
SpoofableYes — compromised account approvesNo — requires physical device + live biometric
Audit trailChat messageSigned JWT with timestamp and device ID
Enterprise complianceNo cryptographic proofHardware-attested human proof

What gets flagged as dangerous

  • Shell commands that write, delete, or modify (rm, mv, cp)
  • Network requests that send data (curl POST, wget)
  • Installing software (pip install, npm install)
  • Sending messages or emails
  • Financial operations, killing processes, modifying permissions

What passes through safely

  • Read-only shell commands (ls, cat, grep, find)
  • Querying data or answering questions
  • Git read operations (git status, git log, git diff)
  • Explicitly safe tools: read, ls, list, session_status, memory_search

Self-hosting the relay

If you prefer not to use the shared relay endpoint, deploy your own:

cd trukyc-openclaw/cloudflare-worker

wrangler deploy worker.js

Then update TRUKYC_RELAY_URL in openclaw.json to your own worker URL.

Full instructions: https://github.com/sanjaymk908/trukyc-openclaw/tree/main/cloudflare-worker

版本历史

共 1 个版本

  • v1.0.3 当前
    2026-05-08 00:01 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

ai-agent

Self-Improving + Proactive Agent

ivangdavila
自我反思+自我批评+自我学习+自组织记忆。智能体评估自身工作、发现错误并持续改进。
★ 1,461 📥 331,007
ai-agent

Agent Browser

rez0
用于 AI 代理的浏览器自动化 CLI。当用户需要与网站交互(包括浏览页面、填写表单、点击按钮、截图等)时使用。
★ 882 📥 357,844
ai-agent

self-improving agent

pskoett
记录自身发现以实现自我改进的技能
★ 4,189 📥 959,764