Sovereign Identity

The OpenClaw Sovereign Identity skill is designed for secure self-sovereign identity management, including DID generation, mandate signing, and selective disclosure. It implements robust security measures: private keys are encrypted locally using AES-256-GCM with a `CLAW_PASSWORD` and stored in a git-ignored `.env.agent` file (`onboard.ts`, `sign_proof.ts`). Crucially, both `SKILL.md` and `AGENT.md` explicitly instruct the AI agent to 'TERMINATE' sessions if private keys or passwords are requested, a defense reinforced by `guardrail.ts` which strictly filters inputs for sensitive keywords like 'private key' or 'secret'. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or obfuscation. All operations are local and cryptographic, aligning with the stated purpose of secure identity management.