InterClaw — Secure Agent-to-Agent Email Mesh
You are now running InterClaw v3. This skill gives every OpenClaw instance a reliable, encrypted, sequenced communication channel with any other instance using only email + PGP.
When you need to talk to another agent:
- 1. Decide the tag (
[COORD], [ENCRYPTED], [MULTI], etc.) - Call the helper script instead of raw email.
Core Rules You Must Follow
- - Never send raw email to another agent.
- Always use
interclaw-send. - Always verify incoming messages with
interclaw-receive. - Only trust fingerprints listed in your config.
How to Send a Message
�CODEBLOCK0
For multi-recipient:
�CODEBLOCK1
The script automatically:
- - Assigns next GlobalSeq & ConvID/ConvSeq
- Adds all required headers
- PGP signs (and encrypts if
[ENCRYPTED]) - Sends via himalaya
How to Receive & Process
InterClaw is a protocol + security layer, not a mail client. Email transport is pluggable — use whichever inbound pipeline fits your setup:
Mode 1: Built-in poller (simplest)
interclaw-receive --poll
interclaw-receive --poll --account work
interclaw-receive --once # single poll for cron
Uses himalaya to fetch unread messages. Good for getting started. Requires IMAP config.
Mode 2: Pipe from your own pipeline (recommended for production)
interclaw-receive --stdin < /path/to/message.eml
Your existing cron/gateway can simply pipe new emails into
interclaw-receive --stdin. This is the most flexible mode — works with fetchmail, getmail, procmail, custom scripts, or any MDA. Does NOT require IMAP config.
Mode 3: Process a file directly
interclaw-receive --file /var/mail/incoming/msg-001.eml
Process a single raw
.eml or plain text message file. Does NOT require IMAP config.
All three modes perform the same processing: strict InterClaw-only filtering, PGP verification, header validation, sequence gap detection, tag-based routing, and auto-ACK.
Gmail is strongly discouraged. Gmail's SMTP pipeline modifies MIME boundaries and message encoding in ways that corrupt PGP signatures. Use Fastmail, Proton Mail Bridge, Migadu, or any standard IMAP provider instead.
Full Protocol Reference
See docs/protocol-v3.md (included in this skill).
Security Model
- - Allowlist-only — only trusted PGP fingerprints are processed
- PGP signature required on every message
- No HTML, no link following, no code execution
- No automatic key trust — fingerprints must be verified out-of-band
- Your config decides what gets encrypted
First-Time Setup
One-command bootstrap
�CODEBLOCK5
IMAP host/user/pass defaults are derived automatically from SMTP values. Agent ID is derived from email. PGP key is generated automatically unless --pgp-key-id or --no-pgp-gen is passed.
Handshake with a peer
�CODEBLOCK6
After handshake, you're connected. Use --fingerprint for out-of-band verification.
Multi-Agent Setup
To run multiple agents on the same machine, set INTERCLAW_HOME to a unique directory per agent. Each agent gets its own email, PGP key, and isolated state:
CODEBLOCK7
All scripts respect INTERCLAW_HOME — set it before any interclaw-* command to operate as that agent.
Available Commands
| Command | Description |
|---|
| INLINECODE14 | Install dependencies and symlink scripts to PATH |
| INLINECODE15 |
Send a signed (optionally encrypted) message |
|
interclaw-receive | Process incoming messages (poll, file, or stdin) |
|
interclaw-handshake | Exchange keys with a new peer (with retry support) |
|
interclaw-status | View conversations, ACKs, and gaps |
|
interclaw-config | Manage configuration and trusted peers |
|
interclaw-setup-polling | Optional: set up cron or systemd polling |
InterClaw — 安全的代理间邮件网格
您现在正在运行 InterClaw v3。该技能使每个 OpenClaw 实例能够通过仅使用电子邮件 + PGP 的方式,与任何其他实例建立可靠、加密、有序的通信通道。
当您需要与其他代理通信时:
- 1. 决定标签([COORD]、[ENCRYPTED]、[MULTI] 等)
- 调用辅助脚本,而非直接发送原始邮件。
您必须遵守的核心规则
- - 切勿向其他代理发送原始邮件。
- 始终使用 interclaw-send。
- 始终使用 interclaw-receive 验证传入消息。
- 仅信任配置中列出的指纹。
如何发送消息
bash
interclaw-send --to recipient@example.com --tag COORD --topic protocol --body 我们应该更新到 v3
对于多收件人:
bash
interclaw-send --to benjamin@...,harvey@... --tag MULTI --topic opsec --body ...
脚本会自动:
- - 分配下一个 GlobalSeq 及 ConvID/ConvSeq
- 添加所有必需的标头
- 进行 PGP 签名(如果为 [ENCRYPTED],则加密)
- 通过 himalaya 发送
如何接收与处理
InterClaw 是一个 协议 + 安全层,而非邮件客户端。邮件传输是可插拔的——使用适合您设置的任何入站管道:
模式 1:内置轮询器(最简单)
bash
interclaw-receive --poll
interclaw-receive --poll --account work
interclaw-receive --once # 用于 cron 的单次轮询
使用 himalaya 获取未读消息。适合入门。需要 IMAP 配置。
模式 2:从您自己的管道输入(推荐用于生产环境)
bash
interclaw-receive --stdin < /path/to/message.eml
您现有的 cron/网关可以简单地将新邮件通过管道输入到 interclaw-receive --stdin。这是最灵活的模式——适用于 fetchmail、getmail、procmail、自定义脚本或任何 MDA。不需要 IMAP 配置。
模式 3:直接处理文件
bash
interclaw-receive --file /var/mail/incoming/msg-001.eml
处理单个原始 .eml 或纯文本消息文件。不需要 IMAP 配置。
所有三种模式执行相同的处理:严格的 InterClaw 专属过滤、PGP 验证、标头验证、序列间隙检测、基于标签的路由以及自动 ACK。
强烈不建议使用 Gmail。Gmail 的 SMTP 管道会修改 MIME 边界和消息编码,从而破坏 PGP 签名。请改用 Fastmail、Proton Mail Bridge、Migadu 或任何标准 IMAP 提供商。
完整协议参考
请参阅 docs/protocol-v3.md(包含在此技能中)。
安全模型
- - 仅限白名单——仅处理受信任的 PGP 指纹
- 每条消息都需要 PGP 签名
- 无 HTML、无链接跟踪、无代码执行
- 无自动密钥信任——指纹必须通过带外方式验证
- 您的配置决定加密内容
首次设置
一键引导
bash
1. 引导(安装 gpg、himalaya,将脚本符号链接到 PATH)
./scripts/interclaw-bootstrap
2. 初始化(生成 PGP 密钥,写入配置 + himalaya TOML)
interclaw-config init \
--email donna@example.com \
--smtp-host smtp.fastmail.com \
--smtp-pass app-password \
--imap-host imap.fastmail.com \
--imap-pass app-password
3. 验证
interclaw-config check
IMAP 主机/用户/密码默认从 SMTP 值自动派生。代理 ID 从电子邮件派生。PGP 密钥自动生成,除非传递了 --pgp-key-id 或 --no-pgp-gen。
与对等方握手
bash
interclaw-handshake --peer friend@example.com --fingerprint <预期指纹>
握手后,您即已连接。使用 --fingerprint 进行带外验证。
多代理设置
要在同一台机器上运行多个代理,请为每个代理将 INTERCLAW_HOME 设置为唯一目录。每个代理拥有自己的电子邮件、PGP 密钥和隔离状态:
bash
INTERCLAW_HOME=~/.interclaw-donna interclaw-config init
INTERCLAW_HOME=~/.interclaw-harvey interclaw-config init
所有脚本都遵循 INTERCLAW_HOME——在任何 interclaw-* 命令之前设置它,以该代理身份运行。
可用命令
| 命令 | 描述 |
|---|
| interclaw-bootstrap | 安装依赖项并将脚本符号链接到 PATH |
| interclaw-send |
发送已签名(可选加密)的消息 |
| interclaw-receive | 处理传入消息(轮询、文件或标准输入) |
| interclaw-handshake | 与新对等方交换密钥(支持重试) |
| interclaw-status | 查看对话、ACK 和间隙 |
| interclaw-config | 管理配置和受信任的对等方 |
| interclaw-setup-polling | 可选:设置 cron 或 systemd 轮询 |
