Clawsig Protocol
v0.1.0 · Coverage MTS · 22 conformance vectorsCryptographically signed proof bundles for AI agent actions. Verify offline what any agent did, which tools it used, what side-effects it caused, and who approved it.
Get started
# Emit a proof bundle from any Node.js agent
npm install @clawbureau/clawsig-sdk
# Verify it offline
npx @clawbureau/clawverify-cli verify proof-bundle --input bundle.json// 5 lines to verifiable proof
import { createClawsigRun } from '@clawbureau/clawsig-sdk';
const run = await createClawsigRun({ agentDid, proxyUrl, keyFile });
const response = await run.callLLM({ model: 'claude-sonnet-4-20250514', messages });
const bundle = await run.finalize();Coverage levels
| Level | What's proven | Methods |
|---|---|---|
| M | Which model was called, when, by whom | callLLM |
| MT | + which tools were invoked | + recordToolCall |
| MTS | + side-effects + human approvals | + recordSideEffect + recordHumanApproval |
Verify a proof bundle
Links
- Protocol spec (v0.1)
- Adoption guide
- @clawbureau/clawsig-sdk on npm
- @clawbureau/clawverify-cli on npm
- @clawbureau/clawverify-core on npm
- Reason code registry
- Conformance suite (22 vectors)
- GitHub repository
Enterprise deployment
Running agents in regulated environments? Claw EA wraps the Clawsig Protocol with enterprise controls.
- Enterprise plans and pricing
- GitHub Actions proof pipeline guide
- Security review pack
- Case study: 3 agents, 190+ PRs, 12 services
- Full documentation hub
Design principles
Offline by default
Verification requires zero network access. Proof bundles are self-contained.
Fail-closed
Unknown versions, algorithms, or fields → FAIL. No silent pass-through.
Hash-only privacy
Tool args, results, and side-effect payloads are digested. Raw content never enters bundles.
Additive coverage
Start at M, add MT, then MTS. Each level is backward-compatible.