Your secure personal AI assistant, always on your side. IronClaw is a Rust-based personal AI assistant designed for users prioritizing privacy and security. It addresses concerns about opaque AI systems by ensuring all data remains local, encrypted, and under user control, offering a transparent and trustworthy alternative.

How It Works

This project reimplements OpenClaw in Rust, emphasizing a security-first architecture. Core components include a WebAssembly (WASM) sandbox for running untrusted tools with fine-grained, capability-based permissions and resource limits. Defense-in-depth strategies protect against prompt injection via pattern detection and sanitization, secure credential injection at the host boundary with leak detection, and strict endpoint allowlisting for HTTP requests. The system supports dynamic tool building on the fly and stores data locally in PostgreSQL with vector search capabilities.

Quick Start & Requirements

• Prerequisites: Rust 1.85+, PostgreSQL 15+ with pgvector extension, NEAR AI account.
• Build: Clone the repository, then run cargo build --release. For channel updates, execute ./scripts/build-all.sh first.
• Database: Create the database (createdb ironclaw) and enable the vector extension (psql ironclaw -c "CREATE EXTENSION IF NOT EXISTS vector;").
• Setup: Run the ironclaw onboard wizard for database connection, NEAR AI authentication, and secrets encryption.
• Run: cargo run for the interactive REPL.
• Docs: Refer to docs/TELEGRAM_SETUP.md and FEATURE_PARITY.md.

Highlighted Details

• Security: Robust WASM sandbox, credential protection, prompt injection defense, and endpoint allowlisting.
• Automation: Routines engine for cron schedules and webhook handlers, plus a heartbeat system for proactive execution.
• Extensibility: Dynamic tool building via WASM, MCP Protocol integration, and a plugin architecture.
• Memory: Persistent workspace filesystem with hybrid full-text and vector search (Reciprocal Rank Fusion).

Maintenance & Community

The project is inspired by OpenClaw, with a feature parity matrix available. A Telegram channel is mentioned for community interaction and setup.

Licensing & Compatibility

Licensed under either the Apache License, Version 2.0 or the MIT License, offering flexibility for commercial use and integration into closed-source projects.

Limitations & Caveats

While not explicitly detailed, the project's nature as a reimplementation suggests potential feature differences from its inspiration, OpenClaw, as indicated by the FEATURE_PARITY.md file. Setup requires specific development environment configurations (Rust, PostgreSQL with pgvector).