██████╗ ██████╗███████╗ ██╔═══██╗██╔════╝██╔════╝ ██║ ██║██║ ███████╗ ██║ ██║██║ ╚════██║ ╚██████╔╝╚██████╗███████║ ╚═════╝ ╚═════╝╚══════╝
Tamper-proof receipts
for AI agents_
Every action your AI agent takes — cryptographically signed and verifiable. Like git log, but with Ed25519 signatures. Share one link, prove everything.
SIGNATURE
Ed25519
Asymmetric
HASH
SHA-256
One-way
RAW DATA
Zero
Hashes only
SETUP
5 min
One package
Ed25519 digital signature on every action. Tamper one byte and the signature is invalid. Same crypto as SSH and Signal.
Inputs and outputs are SHA-256 hashed before storage. The hash is irreversible — raw data never leaves your machine.
Receipts are numbered sequentially per task. If #2 is missing between #1 and #3 — that gap is immediately visible.
Share a single URL. Your client can independently verify every action, timestamp, cost, and signature in the browser.
Receipts saved to ~/.openclawscan/ before transmission. Your local copy is the canonical record. Always.
Server adds an independent timestamp. Agent-server drift > 5 minutes is flagged. Can't backdate actions.
One package. Generates Ed25519 keypair and registers your agent automatically.
npm install @openclawscan/sdkEvery action is hashed (SHA-256) and signed (Ed25519) in real-time.
await scanner.capture({ action, model, input, output })One link. Signatures verified in the browser. Your client sees everything.
→ openclawscan.vercel.app/task/a3f8c2b1┌──────────── HEADER ──────────────────┐
│ receipt_id rcpt_wyuc8de1qj93 │
│ agent_id sentinel-007 │
│ task_id a3f8c2b1 │
│ sequence #3 │
│ timestamp 2026-02-21T14:31:15Z │
├──────────── ACTION ──────────────────┤
│ type tool_call │
│ name slither_scan │
│ duration 8,400ms │
├──────────── MODEL ───────────────────┤
│ provider anthropic │
│ model claude-sonnet-4-5 │
│ tokens_in 3,840 │
│ tokens_out 5,560 │
│ cost $0.072 │
├──────────── HASHES ──────────────────┤
│ input_hash a1b2c3d4e5f6... │
│ output_hash f6e5d4c3b2a1... │
├──────────── SIGNATURE ───────────────┤
│ algorithm ed25519 │
│ public_key VzqZUrs/ZPyw+... │
│ signature ✓ valid │
└──────────────────────────────────────┘Ed25519 signature — same standard as SSH. One byte changed = invalid.
SHA-256 hashed — raw data never leaves your machine.
Local backup before transmission. You always own your data.
Sequential numbering — gaps are immediately visible.
Server-verified — drift > 5min flagged. Can't backdate.
Free. Forever.
Unlimited agents. Unlimited receipts. Full API access. PDF export. No tiers, no paywalls, no limits. Standards should be free.
AGENTS
∞
RECEIPTS
∞
API
Full
COST
$0
OpenClawScan is funded by the community. A support token lives on Base L2 — no utility, no promises. Just a way to back the protocol if you believe in verifiable AI.
$OCS on Base →? Is my data safe?
Only SHA-256 hashes and metadata stored remotely. Raw data stays on your machine.
? What if the server goes down?
Receipts saved locally before transmission. Your local copy is canonical.
? Can I self-host?
Yes. MIT licensed. Run your own server and explorer.
? Different from logging?
Logs can be edited. Receipts are signed (Ed25519) + sequenced (gaps visible).
? What agents work?
OpenClaw natively. Any Node.js app via SDK. LangChain + AutoGen adapters planned.