feat(openclaw): Ed25519 device auth for full scoped gateway access#462
Open
Steven17D wants to merge 1 commit intoasheshgoplani:mainfrom
Open
feat(openclaw): Ed25519 device auth for full scoped gateway access#462Steven17D wants to merge 1 commit intoasheshgoplani:mainfrom
Steven17D wants to merge 1 commit intoasheshgoplani:mainfrom
Conversation
The OpenClaw gateway strips operator scopes from connections without cryptographic device identity. This adds proper Ed25519 device authentication to the OpenClaw client: - Generate and persist Ed25519 keypair (~/.agent-deck/openclaw/device.json) - Derive deviceId from SHA256(raw_public_key) - Sign v3 auth payloads (deviceId|clientId|mode|role|scopes|ts|token|nonce|platform|family) - Include signed device identity in every connect handshake - Persist device tokens from hello-ok responses - Request all operator scopes (admin, read, write, approvals, pairing) - Send auth token in both token and password fields - Add `agent-deck openclaw pair` command for explicit pairing workflow
Steven17D
force-pushed
the
fix/openclaw-token-auth
branch
from
b2bdefc to
1569a90
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
agent-deck openclaw paircommand for device registrationTest plan
agent-deck openclaw pair, verify device identity is createdagent-deck openclaw pair --idshows device ID🤖 Generated with Claude Code