Clawkey
by @oyyblin
Verifiable human ownership for OpenClaw agents. Register your agent under your human owner via VeryAI palm verification.
1. Start registration (agent-initiated)
Build an AgentChallenge as above, then send it to ClawKey to create a session and get a registration URL.
curl -X POST https://api.clawkey.ai/v1/agent/register/init \
-H "Content-Type: application/json" \
-d '{
"deviceId": "my-agent-device-id",
"publicKey": "",
"message": "clawkey-register-1738500000000",
"signature": "",
"timestamp": 1738500000000
}'
Response (201):
sessionId β use to poll statusregistrationUrl β output this as a link for the human; do not open it in a browserexpiresAt β session expiry (ISO 8601)If the agent is already registered (deviceId exists), the API returns 409 Conflict.
2. Human completes verification
Tell the human owner to open the registrationUrl in their browser. They will go through VeryAI's palm verification via OAuth. When they finish, the agent is registered under their ownership.
3. Poll registration status
Poll until the human has completed or the session has expired:
curl "https://api.clawkey.ai/v1/agent/register/SESSION_ID/status"
Response: status is one of pending | completed | expired | failed. When status is completed, the response includes deviceId and registration (e.g. publicKey, registeredAt).
4. Verify signatures or look up an agent
curl -X POST https://api.clawkey.ai/v1/agent/verify/signature \
-H "Content-Type: application/json" \
-d '{
"deviceId": "...",
"publicKey": "...",
"message": "...",
"signature": "...",
"timestamp": 1738500000000
}'
Response: verified (signature valid), registered (agent under verified human).
curl "https://api.clawkey.ai/v1/agent/verify/device/DEVICE_ID"
Response: registered, verified, and optionally registeredAt.
clawhub install clawkey