IronClaw

What is IronClaw

IronClaw is a secure, open-source alternative to OpenClaw. It functions as a secure runtime that runs AI agents in encrypted enclaves on NEAR AI Cloud. It allows AI agents to perform tasks while ensuring that sensitive information, such as credentials, never reaches the Large Language Model (LLM).

How to use IronClaw

IronClaw offers a simple setup process, allowing users to deploy their own instance on NEAR AI Cloud. The deployment boots inside a Trusted Execution Environment (TEE), which is encrypted from the start, requiring no additional setup. Users can add API keys, tokens, and passwords to an encrypted vault. IronClaw then injects these credentials only where explicitly allowed, preventing the AI from accessing raw values. Tools are sandboxed within WebAssembly (Wasm) containers with capability-based permissions, allowlisted endpoints, and resource limits. All outbound traffic is scanned in real-time to detect and block any potential credential exfiltration.

Features of IronClaw

• Open Source: A community-driven, transparent solution.
• Secure Runtime: Runs AI agents in encrypted enclaves.
• Encrypted Vault: Stores credentials securely, invisible to the AI.
• Credential Injection: Injects secrets at the network boundary only for approved endpoints.
• Sandboxed Tools: Each tool runs in a Wasm container with strict permissions.
• Leak Detection: Scans outbound traffic in real-time to block credential exfiltration.
• Built in Rust: Ensures memory safety at compile time, eliminating common vulnerabilities.
• Network Allowlisting: Restricts tools to only connect to pre-approved endpoints.
• Trusted Execution Environment (TEE): Provides hardware-enforced security, encrypting data in memory.
• One-Click Cloud Deployment: Simple deployment on NEAR AI Cloud.

Use Cases of IronClaw

• Running AI agents that require access to sensitive information like API keys or tokens.
• Automating tasks where security and data privacy are paramount.
• Developing AI applications that interact with external services without exposing credentials.
• Providing a secure alternative to OpenClaw for users concerned about credential exposure.

Pricing

IronClaw offers several pricing tiers:

• Starter: $0/month. Includes 1 agent instance, secure deployment, TEE, and pay-per-usage tokens.
• Basic: $20/month. Includes everything in Starter, 13M tokens, usage pooling, and up to 2 agent instances.
• Pro+: $200/month. Includes everything in Basic, 130M tokens, priority support, and up to 5 agent instances.

FAQ

• What is IronClaw? IronClaw is a secure, open-source runtime for AI agents, designed as a safer alternative to OpenClaw. It runs agents in encrypted enclaves on NEAR AI Cloud, ensuring credentials are never exposed to the LLM.
• How does IronClaw protect credentials? Credentials are stored in an encrypted vault within a Trusted Execution Environment (TEE). They are only injected into network requests for pre-approved endpoints, and all outbound traffic is monitored for potential leaks.
• What programming language is IronClaw built with? IronClaw is built entirely in Rust, ensuring memory safety at compile time.
• Can I run IronClaw locally? The webpage mentions running locally as an option alongside NEAR AI Cloud.
• What are the security benefits over OpenClaw? IronClaw addresses risks like prompt injection and malicious skills that could expose credentials in standard OpenClaw. It uses architectural security measures like encrypted vaults, sandboxed tools, and TEEs, rather than relying on LLM instructions.