EctoClaw logo

EctoClaw

EctoClaw is a local firewall and cryptographic audit ledger for OpenClaw agents so you can see what they did and control what they're allowed to do.

EctoClaw captures full agent lifecycles, enforces policy decisions, emits compliance evidence, and ships developer tooling for integration, verification, and operations at production scale.

Get Started See v0.1.0 Features Read How-to Guide
EctoClaw dashboard showing sessions and event feed

Core Capabilities

What EctoClaw gives your team

Cryptographic Integrity

SHA-256 chain hashing, Ed25519 signatures, and Merkle roots prove event and session integrity.

Policy Enforcement Layer

Allow and deny controls, content filters, max-step guardrails, and approval triggers for sensitive actions.

Operations and Visibility

REST API, SSE stream, dashboard views, metrics, and compliance bundles for active governance.

Developer Experience

Typed SDK, OpenClaw plugin package, CLI commands, demo scripts, and CI-ready build/test pipeline.

Complete Product Surface

  • Server: session management, event append, verification, metrics, reports, and policy endpoints.
  • Plugin: automatic event capture from OpenClaw message, skill, tool, and model lifecycle hooks.
  • SDK: session APIs, event append APIs, policy management, verification, and reports.
  • CLI: serve, verify, report, sessions, and status.
  • Dashboard: live event feed, policy violations, and session drill-down visibility.

Built for Real OpenClaw Workloads

Agent Compliance Reviews

Generate defensible records for regulated runs without changing agent business logic.

Incident Investigation

Trace exactly which skill, tool, or model response caused an unexpected action.

Human Approval Workflows

Gate sensitive actions by policy and log explicit approval decisions as first-class events.

Enterprise Audit Exports

Produce report bundles with verification material your security and legal teams can review.

Architecture

Event flow

Events from OpenClaw, the REST API, or the SDK are evaluated by the policy engine, then hashed and signed before being appended to the immutable ledger.

flowchart TB subgraph sources[Event sources] Plugin[OpenClaw Plugin] API[REST API] SDK[SDK / CLI] end subgraph process[Processing] Policy[Policy Engine] Crypto[Hash chain + Ed25519 sign] end Ledger[(SQLite Ledger)] subgraph outputs[Outputs] Dashboard[Dashboard] SSE[SSE stream] Verify[Verify / Reports / Merkle] end Plugin --> Policy API --> Policy SDK --> Policy Policy -->|allow| Crypto Policy -->|deny| Violation[PolicyViolation recorded] Violation --> Ledger Crypto --> Ledger Ledger --> Dashboard Ledger --> SSE Ledger --> Verify

Quick Start

npm install
npm run build
npm test

# start local server
npm run dev -- serve --dev

Need full setup guidance and demos? Open the How-to page.

FAQ

Does EctoClaw replace OpenClaw?

No. It adds cryptographic auditability to OpenClaw by recording agent activity as immutable events.

Can I use it only as an SDK client?

Yes. You can integrate via REST and SDK, use plugin hooks, or run the server and dashboard directly.

Is EctoClaw only a message recorder?

No. It is an end-to-end audit platform with policy controls, compliance exports, APIs, SDK, and CLI tools.