目录

TrustClaw — Trust Runtime for Agent

TrustClaw is a local-first Trust Runtime for Agent (TRA): personal data, subscribed reference datasets, and auditable Agent Packs collaborate under explicit consent and an immutable evidence chain.

Principle Meaning
个人数据不出域 Raw data stays in local SQLite (state/local_tra.db) only
凡答必有据 Conclusions trace to data, rules, and evidence chain
凡行必审计 Every data access and agent action is logged
Agent 与平台解耦 Vertical logic ships as Agent Packs, not platform hardcoding

Five planes: Data · Policy · Agent · Evidence · Operator — see Vision.

TrustClaw docs

Getting started · Vision · Agent loop guide (canonical) · Decisions (审核) · OpenClaw reuse

TrustClaw quick start

pnpm install
pnpm trustclaw:setup
pnpm trustclaw:dev

Open TRA Runtime Console at http://127.0.0.1:5174/trustclaw/ (dev) or Control UI → TRA Console at http://127.0.0.1:19001/ (dev gateway) / http://127.0.0.1:18789/ (prod). See Getting started for ports and auth.

Models & keys (dev profile, ~/.openclaw-dev/)

Role Setting
Chat primary ollama/qwen2.5:7b (local Ollama at http://127.0.0.1:11434)
Chat fallback anthropic/claude-sonnet-4-6
Anthropic proxy Same base URL as ~/.claude/settings.jsonANTHROPIC_BASE_URL; import API key with pnpm openclaw models auth paste-api-key --provider anthropic --dev
TRA Text2SQL OPENAI_API_KEY (separate from chat models)
Control UI auth Dev gateway uses token auth on :19001; open pnpm openclaw dashboard --no-open --dev (token in URL — do not paste into chat)

Quick setup after pnpm trustclaw:setup:

ollama pull qwen2.5:7b
pnpm openclaw config set models.providers.ollama.baseUrl "http://127.0.0.1:11434" --dev
pnpm openclaw config set env.OLLAMA_API_KEY "ollama-local" --dev
pnpm openclaw models set ollama/qwen2.5:7b --dev
pnpm openclaw models fallbacks add anthropic/claude-sonnet-4-6 --dev
# paste Anthropic key when prompted (can match ~/.claude/settings.json ANTHROPIC_AUTH_TOKEN)
pnpm openclaw models auth paste-api-key --provider anthropic --dev
pnpm openclaw models status --dev

Platform APIs (extensions/trustclaw-tra)

Endpoint Purpose
POST /api/tra/init Mount local TRA personal data
POST /api/tra/reset Clear personal data + audit/ledger
POST /api/agent/chat Run audited Agent Pack pipeline
GET /api/tra/domain-agents Logical agent catalog

Agent tools: trustclaw_tra_query (read pipeline), trustclaw_tra_write (consented personal writes).

Enable the plugin in openclaw.json:

{
  "plugins": {
    "entries": {
      "trustclaw-tra": { "enabled": true }
    }
  }
}

Or run pnpm trustclaw:setup (also sets TrustClaw gateway defaults).

Layout: trustclaw/tra/ (data plane) · trustclaw/runtime/ (pipeline) · trustclaw/ui/ (Runtime Console) · Control UI tab TRA Console.

See trustclaw/GETTING_STARTED.md and trustclaw/docs/AGENT_PLATFORM.md.


Built on OpenClaw

This repository forks OpenClaw — a multi-channel personal AI assistant and Gateway. TrustClaw reuses its agent runtime, SQLite patterns, Gateway, and Control UI shell while adding TRA (trustclaw/ + extensions/trustclaw-tra). The CLI/package name remains openclaw during transition (D13).

MIT License

OpenClaw docs · Upstream README · Third-party notices

Preferred upstream setup: run openclaw onboard in your terminal. Works with npm, pnpm, or bun. Runtime: Node 24 (recommended) or Node 22.19+.

Runtime: Node 24 (recommended) or Node 22.19+.

npm install -g openclaw@latest
# or: pnpm add -g openclaw@latest

openclaw onboard --install-daemon

OpenClaw Onboard installs the Gateway daemon (launchd/systemd user service) so it stays running.

Quick start (TL;DR)

Runtime: Node 24 (recommended) or Node 22.19+.

Full beginner guide (auth, pairing, channels): Getting started

Recommended daemon mode:

openclaw onboard --install-daemon
openclaw gateway status

Foreground/debug mode:

openclaw gateway stop
openclaw gateway --port 18789 --verbose

Send a test message or ask the assistant after either startup mode is running:

# Send a message
openclaw message send --target +1234567890 --message "Hello from OpenClaw"

# Talk to the assistant (optionally deliver back to any connected channel: WhatsApp/Telegram/Slack/Discord/Google Chat/Signal/iMessage/IRC/Microsoft Teams/Matrix/Feishu/LINE/Mattermost/Nextcloud Talk/Nostr/Synology Chat/Tlon/Twitch/Zalo/Zalo Personal/WeChat/QQ/WebChat)
openclaw agent --message "Ship checklist" --thinking high

Upgrading? Updating guide (and run openclaw doctor).

Models config + CLI: Models. Auth profile rotation + fallbacks: Model failover.

Security defaults (DM access)

OpenClaw connects to real messaging surfaces. Treat inbound DMs as untrusted input.

Full security guide: Security. Before remote exposure, use the Gateway exposure runbook.

Default behavior on Telegram/WhatsApp/Signal/iMessage/Microsoft Teams/Discord/Google Chat/Slack:

  • DM pairing (dmPolicy="pairing" / channels.discord.dmPolicy="pairing" / channels.slack.dmPolicy="pairing"; legacy: channels.discord.dm.policy, channels.slack.dm.policy): unknown senders receive a short pairing code and the bot does not process their message.
  • Approve with: openclaw pairing approve <channel> <code> (then the sender is added to a local allowlist store).
  • Public inbound DMs require an explicit opt-in: set dmPolicy="open" and include "*" in the channel allowlist (allowFrom / channels.discord.allowFrom / channels.slack.allowFrom; legacy: channels.discord.dm.allowFrom, channels.slack.dm.allowFrom).

Run openclaw doctor to surface risky/misconfigured DM policies.

Highlights

  • Local-first Gateway — single control plane for sessions, channels, tools, and events.
  • Multi-channel inbox — WhatsApp, Telegram, Slack, Discord, Google Chat, Signal, iMessage, IRC, Microsoft Teams, Matrix, Feishu, LINE, Mattermost, Nextcloud Talk, Nostr, Synology Chat, Tlon, Twitch, Zalo, Zalo Personal, WeChat, QQ, WebChat, macOS, iOS/Android.
  • Multi-agent routing — route inbound channels/accounts/peers to isolated agents (workspaces + per-agent sessions).
  • Voice Wake + Talk Mode — wake words on macOS/iOS and continuous voice on Android (ElevenLabs + system TTS fallback).
  • Live Canvas — agent-driven visual workspace with A2UI.
  • First-class tools — browser, canvas, nodes, cron, sessions, and Discord/Slack actions.
  • Companion apps — Windows Hub, macOS menu bar app, and iOS/Android nodes.
  • Onboarding + skills — onboarding-driven setup with bundled/managed/workspace skills.

Security model (important)

  • Default: tools run on the host for the main session, so the agent has full access when it is just you.
  • Group/channel safety: set agents.defaults.sandbox.mode: "non-main" to run non-main sessions inside sandboxes. Docker is the default sandbox backend; SSH and OpenShell backends are also available.
  • Typical sandbox default: allow bash, process, read, write, edit, sessions_list, sessions_history, sessions_send, sessions_spawn; deny browser, canvas, nodes, cron, discord, gateway.
  • Before exposing anything remotely, read Security, Gateway exposure runbook, Sandboxing, and Configuration.

Operator quick refs

  • Chat commands: /status, /new, /reset, /compact, /think <level>, /verbose on|off, /trace on|off, /usage off|tokens|full, /restart, /activation mention|always
  • Session tools: sessions_list, sessions_history, sessions_send
  • Skills registry: ClawHub
  • Architecture overview: Architecture

Docs by goal

Apps (optional)

The Gateway alone delivers a great experience. All apps are optional and add extra features.

If you plan to build/run companion apps, follow the platform runbooks below.

macOS (OpenClaw.app) (optional)

  • Menu bar control for the Gateway and health.
  • Voice Wake + push-to-talk overlay.
  • WebChat + debug tools.
  • Remote gateway control over SSH.

Note: signed builds required for macOS permissions to stick across rebuilds (see macOS Permissions).

iOS node (optional)

  • Pairs as a node over the Gateway WebSocket (device pairing).
  • Voice trigger forwarding + Canvas surface.
  • Controlled via openclaw nodes ….

Runbook: iOS connect.

Android node (optional)

  • Pairs as a WS node via device pairing (openclaw devices ...).
  • Exposes Connect/Chat/Voice tabs plus Canvas, Camera, Screen capture, and Android device command families.
  • Runbook: Android connect.

From source (development)

Use pnpm for source checkouts. The repository is a pnpm workspace, and bundled plugins load from extensions/* during development so their package-local dependencies and your edits are used directly. Plain npm install at the repo root is not a supported source setup.

For the dev loop:

git clone <this-repo>
cd trustclaw   # or your checkout directory

pnpm install

# First run only (or after resetting local OpenClaw config/workspace)
pnpm openclaw setup

# Optional: prebuild Control UI before first startup
pnpm ui:build

# Dev loop (auto-reload on source/config changes)
pnpm gateway:watch

If you need a built dist/ from the checkout (for Node, packaging, or release validation), run:

pnpm build
pnpm ui:build

pnpm openclaw setup writes the local config/workspace needed for pnpm gateway:watch. It is safe to re-run, but you normally only need it on first setup or after resetting local state. pnpm gateway:watch does not rebuild dist/control-ui, so rerun pnpm ui:build after ui/ changes or use pnpm ui:dev when iterating on the Control UI. If you want this checkout to run onboarding directly, use pnpm openclaw onboard --install-daemon.

Note: pnpm openclaw ... runs TypeScript directly (via tsx). pnpm build produces dist/ for running via Node / the packaged openclaw binary, while pnpm gateway:watch rebuilds the runtime on demand during the dev loop.

Development channels

  • stable: tagged releases (vYYYY.M.D or vYYYY.M.D-<patch>), npm dist-tag latest.
  • beta: prerelease tags (vYYYY.M.D-beta.N), npm dist-tag beta (macOS app may be missing).
  • dev: moving head of main, npm dist-tag dev (when published).

Switch channels (git + npm): openclaw update --channel stable|beta|dev. Details: Development channels.

Agent workspace + skills

  • Workspace root: ~/.openclaw/workspace (configurable via agents.defaults.workspace).
  • Injected prompt files: AGENTS.md, SOUL.md, TOOLS.md.
  • Skills: ~/.openclaw/workspace/skills/<skill>/SKILL.md.

Configuration

Minimal ~/.openclaw/openclaw.json (model + defaults):

{
  agent: {
    model: "<provider>/<model-id>",
  },
}

Full configuration reference (all keys + examples).

Upstream (OpenClaw)

TrustClaw builds on OpenClaw. Sponsors, star history, Molty branding, and the full contributor wall live in the upstream README. OpenClaw docs: docs.openclaw.ai.

TrustClaw-specific docs: Getting started · Vision · Agent loop · Decisions.

关于
114.1 MB
邀请码
    Gitlink(确实开源)
  • 加入我们
  • 官网邮箱:gitlink@ccf.org.cn
  • QQ群
  • QQ群
  • 公众号
  • 公众号

版权所有:中国计算机学会技术支持:开源发展技术委员会
京ICP备13000930号-9 京公网安备 11010802047560号