ClawHub

Verifiable Data

Data & APIs

Use Cryptowerk via curl to obtain service credentials, register hashes, fetch seals, and verify proofs for files or append-only records. Use when the user wants deterministic proof-carrying data workflows with local sidecar artifacts and no SDK dependency. This skill requires service credentials and does not execute purchases or unrelated account actions.

Install

openclaw skills install verifiable-data

Verifiable Data

Use this skill for Cryptowerk-backed proof workflows with simple curl scripts.

Supported primitives:

  • obtain a fresh service credential
  • register a SHA-256 hash
  • fetch a seal by retrieval id
  • verify a hash against a seal

Default style:

  • shell-first
  • curl-first
  • sidecar files for local state
  • no SDK dependency

When to use

Use this skill when the user wants:

  • verifiable logs
  • proof of file existence
  • Cryptowerk sealing
  • retrieval IDs and seals stored locally
  • deterministic local artifacts for later audit

Workflow

  1. Obtain a fresh service credential with scripts/issue-key.sh
  2. Export the returned token as CRYPTOWERK_X_API_KEY
  3. Register a file hash with scripts/register-file.sh
  4. Poll for a seal with scripts/get-seal.sh
  5. Verify with scripts/verify-file.sh

Requirements

Required binaries:

  • curl
  • python3
  • one of shasum, sha256sum, or openssl

Credential handling:

  • scripts/issue-key.sh can write a fresh token to a file you choose
  • runtime scripts expect CRYPTOWERK_X_API_KEY to contain the exact combined token value
  • keep issued tokens out of watched or committed trees
  • the skill uses service credentials only for the documented proof APIs

Quick start

Obtain a fresh service credential

scripts/issue-key.sh ~/.secrets/cryptowerk.issue-key.cap
export CRYPTOWERK_X_API_KEY="$(cat ~/.secrets/cryptowerk.issue-key.cap)"

Register a file

scripts/register-file.sh /path/to/file.txt record:file.txt

Fetch a seal

scripts/get-seal.sh /path/to/file.txt.rid

Verify a file

scripts/verify-file.sh /path/to/file.txt /path/to/file.txt.seal

Local artifacts

  • <file>.rid
  • <file>.seal
  • <file>.cw.json
  • <file>.verify.json

Rules

  • Use SHA-256 over exact raw bytes.
  • Keep issued Cryptowerk tokens outside watched trees.
  • Save new keys to fresh files, do not overwrite old credentials by default.
  • Prefer deterministic lookupInfo values.
  • Default file workflow lookupInfo may be sha256:<digest> when none is supplied.
  • Persist failures locally instead of silently discarding them.

References

Read these when needed:

  • references/cryptowerk-api-notes.md
  • references/storage-and-state.md

Scripts

  • scripts/issue-key.sh
  • scripts/register-file.sh
  • scripts/get-seal.sh
  • scripts/verify-file.sh
More in Data & APIs