chore: update openclaw example and adapter docs#378
Merged
Conversation
- Rewrite demo.ts to use activate() + generateSigningKey() (228 -> 147 lines)
- Remove @peac/capture-core from example deps (only @peac/adapter-openclaw)
- Rewrite adapter README with Quick Start, Compatibility, Security sections
- Rewrite example README (monorepo-only run instructions)
- Fix receipt writer to persist full auth + evidence structure (was writing
minimal {rid, interaction_id, entry_digest, _jws} which the verify and
export tools could not read)
- Add anti-rot test (demo-contract.test.ts) mirroring demo flow end-to-end
- Update plugin.test.ts for new receipt file format
- Tools now derive auth/evidence from _jws payload (source of truth) with fallback to top-level fields for backward compatibility - Add decodeReceiptPayload() helper used by verify, export, and query - Add flush() to ActivateResult as stable public API surface - Receipt writer validates JWS segments, falls back to _jws-only on malformed or unparseable payloads - README: reduce jargon, use "Receipt Field" not "PEAC Location"
- _jws present but malformed is now an error (no fallback to unsigned top-level fields). Only genuinely absent _jws uses top-level fields. - Export and query tools skip receipts with malformed _jws. - Test helper builds structurally valid JWS payloads matching receipt content so the trust boundary is exercised in every test. - .nvmrc aligned to 22.22.0 (matches .node-version and engines >=22) - Example README: remove Ed25519 jargon
…ame alignment - Verify: detect when top-level auth/evidence diverges from _jws payload (prevents "looks-valid" receipts with tampered unsigned fields) - Export/query: return structured skip counters (scanned_count, exported_count, skipped_count, skipped_reasons with per-category breakdown, skipped_files) - Query: separate malformed_jws counter, expose filtered count in skipped - Demo: align simulated tool names to OpenClaw reality (read, exec) - Docs: update Node requirement from 20 to 22 in README, README_LONG, net/node/README, renovate.json - Tests: dual-representation mismatch tests, structured counter tests, JWKS tests use minimal receipts to isolate key selection logic
jithinraj
changed the title
This was referenced Feb 15, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
examples/openclaw-capture/demo.tsto useactivate()+generateSigningKey()(228 -> 147 lines)@peac/capture-corefrom example deps (only@peac/adapter-openclawneeded)auth+evidencestructure (was writing minimal{rid, interaction_id, entry_digest, _jws}that the verify and export tools could not read)demo-contract.test.ts) mirroring demo flow: keygen -> activate -> capture -> drain -> export -> verifyBug fix
createFileReceiptWriter()was only persisting{rid, interaction_id, entry_digest, _jws}to.peac.jsonfiles, but the verify tool (verifySingleReceipt) and export tool (createExportBundleTool) expect{auth, evidence, _jws}structure. The writer now decodes the JWS payload and splits it intoauth(identity fields) andevidence(interaction data) blocks. The anti-rot test caught this on first run.Test plan
pnpm --filter @peac/adapter-openclaw test-- 163 tests pass (9 files)pnpm -C examples/openclaw-capture demo-- runs end-to-end, prints "verification successful -- 3 receipts in evidence bundle"pnpm build && pnpm lint && pnpm typecheck:core && pnpm test-- all passbash scripts/guard.sh-- all checks passpnpm format:check-- cleanbash scripts/check-planning-leak.sh-- clean