Auto-capture every Claude Code action as a verifiable Context Passport record. Hooks into Claude Code's lifecycle and emits one signed, chained passport per tool use, user prompt, and assistant turn.
Project description
DarkMatter for Claude Code
Auto-capture every Claude Code action as a verifiable, signed, hash-chained Context Passport record. Hooks into Claude Code's lifecycle so you get a tamper-evident audit trail of every prompt, every tool call, and every assistant turn without changing your application code.
Built by DarkMatter. Implements Context Passport v1.0, an open CC0 standard.
Install
pip install "darkmatter-claude-code[signing]"
cd path/to/your/project
darkmatter-claude-code install
This:
- Adds 4 hook entries to
.claude/settings.json(creating the file if needed). - Generates an Ed25519 signing key at
~/.darkmatter/claude-code/key.pem. - Prints the public key so you can give it to anyone who needs to verify your records.
Restart Claude Code. From this point forward every event in every session is auto-captured.
What gets captured
| Claude Code event | Hook fired | Context Passport event.type |
What's in the payload |
|---|---|---|---|
| User submits a prompt | UserPromptSubmit |
commit |
The prompt text |
| Claude is about to use a tool | PreToolUse |
commit |
Tool name + arguments |
| Tool returns a result | PostToolUse |
commit |
Tool name + result |
| Assistant finishes responding | Stop |
checkpoint |
Stop reason or final response summary |
Every record is:
- Signed with your Ed25519 key (proves it came from you)
- Hash-chained to the previous record (any modification breaks the chain)
- Stored at
~/.darkmatter/claude-code/sessions/<session_id>/chain.jsonl
Verify your chain
darkmatter-claude-code verify <session_id>
Or independently with the open-source Python reference implementation:
pip install context-passport
python -c "
import json
from context_passport import verify_chain
with open('$HOME/.darkmatter/claude-code/sessions/default/chain.jsonl') as f:
chain = [json.loads(line) for line in f]
print('chain intact:', verify_chain(chain))
"
Or with the conformance suite:
pip install context-passport-conformance
context-passport-conformance --vectors-dir ~/.darkmatter/claude-code/sessions/default
Optional: forward to DarkMatter
By default everything stays local. To also push each passport to your DarkMatter account (so you can see sessions from any machine, and the records get anchored to the public Witness Log):
export DARKMATTER_API_KEY="dm_sk_..."
Then keep using Claude Code normally. Forwarding is best-effort and never blocks the hook; if the network is down, your local records are still complete and the next successful POST will catch up.
Configuration
All optional. Set via environment variables:
| Variable | Default | Purpose |
|---|---|---|
DARKMATTER_API_KEY |
unset | If set, forward each passport to darkmatterhub.ai |
DARKMATTER_API_URL |
https://darkmatterhub.ai |
Receiving server endpoint |
DARKMATTER_CLAUDE_CODE_DIR |
~/.darkmatter/claude-code |
Local storage root |
DARKMATTER_CLAUDE_CODE_AGENT_ID |
claude-code:local |
Override agent_id in records |
DARKMATTER_CLAUDE_CODE_AGENT_NAME |
Claude Code |
Override agent_name |
DARKMATTER_CLAUDE_CODE_MODEL |
claude |
Override model field |
DARKMATTER_CLAUDE_CODE_KEY_ID |
darkmatter-claude-code |
key_id stored in the signature block |
Status and key management
darkmatter-claude-code status # Show install + key + recent sessions
darkmatter-claude-code key show # Print your public key
darkmatter-claude-code key generate --force # Regenerate the signing key (irreversible)
How this relates to the DarkMatter MCP server
darkmatter-hub/mcp is a universal MCP server that exposes Context Passport tools (darkmatter_commit, darkmatter_verify, etc.) to any MCP-compatible AI tool. It captures whatever the agent explicitly invokes.
This package (darkmatter-claude-code) is the auto-capture adapter specifically for Claude Code. It captures every event, not just what the agent decides to commit. Use both if you want full auto-capture in Claude Code plus the MCP tools available for explicit invocation. Use just this for auto-capture-only.
License
Apache-2.0. See LICENSE.
The Context Passport schema this package implements is released separately under CC0 1.0 at github.com/contextpassport/spec.
Related repositories
- github.com/contextpassport/spec — the open standard
- github.com/contextpassport/python — Python reference SDK (this package depends on it)
- github.com/darkmatter-hub/mcp — universal MCP server
- github.com/darkmatter-hub/darkmatter — DarkMatter receiving server
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file darkmatter_claude_code-0.1.0.tar.gz.
File metadata
- Download URL: darkmatter_claude_code-0.1.0.tar.gz
- Upload date:
- Size: 16.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7f72d24718a56bfd04324b9c5e9c6914cfbaa390e9edc9f11424f8e404978d46
|
|
| MD5 |
05573a7d1d495e23809a29a5ad1c9354
|
|
| BLAKE2b-256 |
d07cb47889588db5ea41e5a84425aa5fa0e13cde7ebf6c81561f3b3af1897ac4
|
File details
Details for the file darkmatter_claude_code-0.1.0-py3-none-any.whl.
File metadata
- Download URL: darkmatter_claude_code-0.1.0-py3-none-any.whl
- Upload date:
- Size: 15.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
534f5f33a224c3f4f17b1192145d8cc55206a3ffec884f548a7bd359a577deb3
|
|
| MD5 |
2dd8a441276efce5ed1d68d4e5b28847
|
|
| BLAKE2b-256 |
bf6c18d60a42bc3b2e556593c9c08d3a659687fc77cf5a56b771b8dd8b3406f2
|
