Skip to content
Clasper Core

Trust & Enforcement

Trust & Enforcement

Section titled “Trust & Enforcement”

Clasper Core v2.2 adds proof and control to governance:

  • Signed telemetry envelopes (tamper-evident receipts)
  • Hash-chained traces (reordering/modification detection)
  • Audit chain (append-only, verifiable exports)
  • Tool authorization tokens (short-lived, scoped, single-use)
  • Trust status attached to traces
  • Verifiable export bundles for offline verification

Trust status (v2.2)

Section titled “Trust status (v2.2)”

Every trace resolves to exactly one:

  • verified: integrity ok + no violations
  • verified_with_violations: integrity ok + violations present
  • unverified: missing/unverifiable signatures or integrity not checked
  • compromised: hash chain broken or payload tampered

Signed telemetry envelopes

Section titled “Signed telemetry envelopes”

Adapters wrap all telemetry in a signed envelope:

{
  "envelope_version": "v1",
  "adapter_id": "openclaw",
  "adapter_version": "0.4.1",
  "issued_at": "2026-02-06T14:12:33Z",
  "execution_id": "exec_abc123",
  "trace_id": "trace_xyz789",
  "payload_type": "trace",
  "payload": { "...": "..." },
  "payload_hash": "sha256:...",
  "signature": "base64(...)"
}

Core verifies:

  • adapter public key
  • signature + payload hash
  • clock skew
  • idempotency

Hash-chained traces

Section titled “Hash-chained traces”

Trace steps can include:

{
  "step_id": "step_003",
  "prev_step_hash": "sha256:abc",
  "step_hash": "sha256:def"
}

Any reordering or modification breaks the chain and marks the trace as compromised.

Tool authorization tokens

Section titled “Tool authorization tokens”

Adapters request tool access from Core:

POST /api/governance/tool/authorize

Core returns a JWT token (TTL ≤ 30s) bound to execution + tool + scope. Adapters must include the token ID in telemetry for verification.

Rollout modes

Section titled “Rollout modes”
CLASPER_TELEMETRY_SIGNATURE_MODE=warn|enforce
CLASPER_TOOL_AUTH_MODE=warn|enforce

warn mode accepts partial data but marks integrity as unsigned or unverified.

Verifiable exports (v2.2)

Section titled “Verifiable exports (v2.2)”

Core can export evidence bundles for offline verification:

  • POST /ops/api/exports → downloads clasper-export-*.tar.gz
  • clasper verify <bundle> → verifies file hashes + audit chain (offline)

Signing is optional (simple default). When enabled:

CLASPER_EXPORT_SIGNING_MODE=off|warn|enforce
CLASPER_EXPORT_SIGNING_KEY_PATH=/path/to/ed25519-private.pem