TruClaw stops your OpenClaw agent from executing dangerous actions without
verified human authorization. When a sensitive tool call is detected — deleting
files, sending messages, running shell commands — TruClaw sends a push
notification to your iPhone. Complete Face ID to authorize. Ignore it to block.
Every authorization is backed by a Secure Enclave-signed JWT — hardware
attestation that cryptographically proves a live human authorized the action
on a specific trusted device. No chat account compromise, no prompt injection,
no replay attack can forge this.
| Component | Where it runs |
|---|---|
| --- | --- |
| Face matching and biometric processing | On-device only — Apple Vision framework |
| Biometric data (photos, face vectors) | Never leaves your iPhone |
| Danger classification (Claude Haiku) | Anthropic API — tool name and args only, no personal data |
| Push delivery | Cloudflare Worker relay + Firebase Messaging — session token only, no personal data |
| JWT signing | iPhone Secure Enclave — key never leaves device |
| Relay source code | Fully open: https://github.com/sanjaymk908/trukyc-openclaw/tree/main/cloudflare-worker |
The relay handles two things only: forwarding FCM push notifications to your iPhone,
and temporarily storing the signed JWT (auto-deleted after 2 minutes) for the plugin
to pick up. It never sees biometric data, photos, or personal information.
You can self-host the relay on your own Cloudflare account using the included
source code if you prefer not to use the shared relay endpoint.
Search "TruClaw" on the App Store. Complete one-time enrollment:
Your biometric profile is stored encrypted in your iPhone Secure Enclave.
No photos or biometric data leave your device at any point.
git clone https://github.com/sanjaymk908/trukyc-openclaw.git
mv trukyc-openclaw truclaw
cd truclaw
npm install && npm run build
Add to ~/.openclaw/openclaw.json plugins section:
"plugins": {
"load": {
"paths": ["/path/to/truclaw"]
},
"entries": {
"truclaw": { "enabled": true, "config": {} }
}
}
Add env vars:
"env": {
"TRUKYC_RELAY_URL": "https://trukyc-relay.trusources.workers.dev",
"ANTHROPIC_API_KEY_TRUKYC": "your-anthropic-api-key"
}
Restart OpenClaw:
openclaw gateway stop && sleep 3 && openclaw gateway install && sleep 5
openclaw plugins list | grep trukyc
Run in any OpenClaw channel:
/trukyc-pair
A QR code appears. Scan it with the TruClaw iOS app. Done.
| OpenClaw /approve | TruClaw Biometric | |
|---|---|---|
| --- | --- | --- |
| Authorization method | Text command in chat | Face ID on iPhone |
| Proof of human | None | Secure Enclave hardware attestation |
| Spoofable | Yes — compromised account approves | No — requires physical device + live biometric |
| Audit trail | Chat message | Signed JWT with timestamp and device ID |
| Enterprise compliance | No cryptographic proof | Hardware-attested human proof |
If you prefer not to use the shared relay endpoint, deploy your own:
cd trukyc-openclaw/cloudflare-worker
wrangler deploy worker.js
Then update TRUKYC_RELAY_URL in openclaw.json to your own worker URL.
Full instructions: https://github.com/sanjaymk908/trukyc-openclaw/tree/main/cloudflare-worker
共 1 个版本