ClawZero v0.4.0 — Compliance Attestation + MVAR Hardening Baseline

Added

• Added enforcement-strength generated test surfaces and audit artifacts on top of v0.3.0, including:
  • policy matrix, witness integrity, OWASP ASI-2026, EU AI Act, adversarial evasion, adapter matrix, cross-session isolation, SARIF export, engine parity, and fuzzing suites added across commits ac2ebd6 through d32190a.
  • documented audit baseline and authoring standard in:
    • docs/test-suite-audit-summary.md
    • docs/test-authoring-guide.md
• Added compliance attestation CLI surface in clawzero compliance verify (commit 6776cdf; hardened in later commits), including signed attestation payload output and suite presence checks.
• Added official SARIF schema validation contracts (tests/exports/test_sarif_official_schema_contract.py, commit db4db6e).

Security Hardening (Post-PR81–PR86 MVAR Baseline)

• Integrated and validated against the post-PR81–PR86 MVAR hardening baseline (52f2038, 6fbbb89, 174beee, 7513c7f, 3f53bc7, a9a1dfd) used in this workspace:
  • Ed25519 default signing with truthful algorithm labeling (ed25519 vs hmac-sha256), removing algorithm-label misrepresentation in audit output.
  • Vault-mediated credential execution path for credentials.access, with token-reference mediation and no raw credential material returned to the agent path.
  • Cryptographic policy lineage enforcement with lineage-chain verification and fail-closed behavior in prod_locked.
  • Advanced risk scoring in the default execution path with profile-aware modes (BLOCKING in prod_locked) and counterfactual injection signals.
  • Taint-laundering prevention integration proofs covering single-hop/multi-hop propagation, trust-boundary crossing, source fragmentation, and Claim-18-style provenance differential behavior (mvar/tests/integration/test_taint_laundering_prevention.py).
  • Machine-readable architecture registry with signed runtime self-report, layer status, and compatibility matrix (mvar/mvar-core/architecture.py).

Validation

• Full ClawZero suite green on this release line:
  • 9598 passed
  • 17 skipped (intentional gap markers)
  • 0 failed
  • 9615 collected
• PyPI: pip install clawzero==0.4.0
• GitHub: github.com/mvar-security/clawzero

v0.1.5 – Full Security Primitive Stack

What's Shipped

Phase A: WebSocket + control-plane enforcement

• trusted_websocket_origins validation
• network_mode: localhost_only / allowlist_only
• UNTRUSTED_WEBSOCKET_ORIGIN reason code
• clawzero doctor: Exposure........ OK

Phase B: Package trust validation

• UNSIGNED_MARKETPLACE_PACKAGE blocking
• prod_locked blocks unsigned ClawHub skills
• clawzero audit decision --package-source ...

Phase C: Temporal taint tracking

• delayed activation detection
• taint_age_hours threshold enforcement path
• DELAYED_TAINT_TRIGGER reason code

Phase D: Budget + abuse controls

• budget_max_cost_usd enforcement
• budget_max_calls_per_window
• budget_max_calls_per_sink
• BUDGET_LIMIT_EXCEEDED reason code

Proof

pip install clawzero==0.1.5
clawzero doctor openclaw

Runtime......... OK (mvar-security 1.4.3)
Witness......... OK (chain valid)
Demo............ OK (attack blocked)
Exposure........ OK (control-plane guards active)
Witness signer:  Ed25519 (QSEAL) ✓
Status: SECURE

CI

Green across ubuntu+macos × 3.10/3.11/3.12/3.13
Release gate: PASS
Download smoke: PASS

See docs/RELEASE_PROOF_0_1_5.md for full proof commands.

v0.1.2 – Phase 4 complete, launch-ready

What's New

• Real Ed25519 signatures via MVAR QSEAL
• Hash-chained witness artifacts
• clawzero witness verify
• clawzero witness verify-chain
• LangChain adapter
• SARIF export
• Input classification (TRUSTED/UNTRUSTED)
• CEC detection (3-leg condition)
• clawzero witness explain
• clawzero replay --session
• clawzero attack-test
• clawzero benchmark run
• VERIFIED_CLAIMS.md
• 43 tests passing

Install

pip install clawzero==0.1.2

Quick Demo

pip install clawzero
clawzero demo openclaw
--mode compare --scenario shell

Standard OpenClaw → COMPROMISED
MVAR-Protected → BLOCKED ✓
Policy → mvar-security.v1.4.3
Witness → ed25519 signed artifact