OCC cryptographic proof signing for OpenClaw
Project description
occ-openclaw
OCC cryptographic proof signing for OpenClaw.
Every tool call produces an Ed25519-signed proof entry in proof.jsonl, creating a tamper-evident audit log of agent actions.
Install
pip install occ-openclaw
Quick Start
Decorate Individual Tools
from occ_openclaw import occ_tool
@occ_tool
def get_weather(location: str) -> str:
return f"Sunny in {location}"
Middleware (recommended)
from openclaw import Agent
from occ_openclaw import OccMiddleware
middleware = OccMiddleware()
agent = Agent(
tools=[get_weather, search],
middleware=[middleware],
)
Wrap All Tools
from occ_openclaw import wrap_tools
safe_tools = wrap_tools([get_weather, search])
agent = Agent(tools=safe_tools)
Custom Signer
from occ_openclaw import OCCSigner, OccMiddleware
signer = OCCSigner(state_dir="/tmp/.occ", proof_file="audit.jsonl")
middleware = OccMiddleware(signer=signer)
Proof Format
Each line in proof.jsonl is a JSON object:
{
"version": "occ/proof/1",
"timestamp": "2026-03-20T12:00:00.000Z",
"signer": "<base64url-ed25519-public-key>",
"payload": {
"type": "tool-call",
"tool": "get_weather",
"inputHash": "<sha256-hex>",
"outputHash": "<sha256-hex>"
},
"signature": "<base64url-ed25519-signature>",
"prev": "<sha256-hex-of-previous-proof>"
}
Proofs are chained: each proof's prev field contains the SHA-256 hash of the previous proof's canonical JSON.
Configuration
- State directory: Keypair stored in
.occ/signer-state.json(defaults to CWD) - Proof file: Defaults to
proof.jsonlin CWD - Both configurable via
OCCSigner(state_dir=..., proof_file=...)
License
Apache-2.0
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file occ_openclaw-0.1.0.tar.gz.
File metadata
- Download URL: occ_openclaw-0.1.0.tar.gz
- Upload date:
- Size: 4.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5d10863a7dace6075cbc5b01faac8be4fedd7099675838fc3283daca04550b73
|
|
| MD5 |
79d331933c6d60850d715d001326e893
|
|
| BLAKE2b-256 |
0a3cf9248e58e12c80a7df45aab7bd9e5331103e58ee6ea08cf11f25b8429443
|
File details
Details for the file occ_openclaw-0.1.0-py3-none-any.whl.
File metadata
- Download URL: occ_openclaw-0.1.0-py3-none-any.whl
- Upload date:
- Size: 5.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5e3e351b3c2a0845fdbeeabba7b2ffd2bb667a7d44d4d0fb7561f194bfce66b8
|
|
| MD5 |
0159919dd53e274e8ce6672c5d68740e
|
|
| BLAKE2b-256 |
80bf25c763345506fffcab9c6721340ca303adfbc9040bd80d3395edc23afb8d
|
