Arxi Decision Gate Asset Core
Docs
Arxi Docs

Proof recording and tamper-evident evidence documentation.

Other product docs

Arxi OpenClaw Integration Architecture

Audience: Engineers implementing or validating OpenClaw to Arxi coupling.

Table of Contents

  1. Executive Overview
  2. Mapping Contract
  3. Redaction and Bounded Payload Policy
  4. Sequence-Gap Policy
  5. Signing and Verification Modes
  6. Fixture and Test Coverage
  7. Current Limits and Next Steps

Executive Overview

Arxi integrates OpenClaw flows through a deterministic fixture-driven ingest adapter in system-tests. The integration records OpenClaw agent events as Arxi envelopes using a versioned mapping policy, explicit sequence-gap handling, and fail-closed validation via LocalRecorderAdapter.

F:system-tests/tests/suites/integration_openclaw.rs L1-L220

Mapping Contract

OpenClaw event payloads map to Arxi envelopes with this contract:

  • Event type mapping: openclaw.<stream>.<phase_or_default>.
  • Mapping version marker: envelope payload includes mapping.mapping_version = "openclaw_arxi_v1".
  • Deterministic IDs: envelope IDs are derived from (run_id, seq, stream, session_key) using SHA-256-to-UUIDv7-shape mapping.
  • Trace correlation: OpenClaw runId maps to Arxi trace_id.

F:system-tests/tests/suites/integration_openclaw.rs L224-L387

Redaction and Bounded Payload Policy

To reduce disclosure and resource-exhaustion risk in immutable evidence:

  • Sensitive keys are redacted using hash-only summaries under openclaw_redaction_v1.
  • Long strings are truncated at MAX_STRING_CHARS with deterministic digest + preview metadata.
  • Oversized JSON payload fragments are bounded at MAX_EVENT_DATA_BYTES with deterministic digest metadata.
  • Session keys are stored as SHA-256 digests (session_key_sha256) in payload metadata.
  • Sanitization counters (redacted_fields, truncated_fields) are stored for auditability.

F:system-tests/tests/suites/integration_openclaw.rs L62-L100 F:system-tests/tests/suites/integration_openclaw.rs L245-L387 F:system-tests/tests/suites/integration_openclaw.rs L656-L809

Sequence-Gap Policy

Two modes are implemented and validated:

  • record_anomaly: record openclaw.integration.sequence_gap envelope and continue ingest.
  • strict_fail: fail closed immediately on gap and stop ingest.

F:system-tests/tests/suites/integration_openclaw.rs L390-L446 F:system-tests/tests/suites/integration_openclaw.rs L573-L658

Signing and Verification Modes

Integration tests run both:

  • Unsigned lane: valid-with-warnings (SignatureVerificationSkipped).
  • Signed lane: strict trust-root verification using TrustPolicy::AllMustSign.

F:system-tests/tests/suites/integration_openclaw.rs L498-L572

Fixture and Test Coverage

OpenClaw integration coverage currently includes:

  • Gateway mock flow ingestion and verification.
  • CLI-style fallback flow ingestion and verification.
  • Sequence-gap anomaly and strict-fail behaviors.
  • Sensitive tool-field redaction checks.
  • Oversized assistant field bounding checks.
  • Deterministic replay hash stability checks.

Fixtures:

  • system-tests/tests/fixtures/openclaw_gateway_mock_events.json
  • system-tests/tests/fixtures/openclaw_cli_mock_events.json

Registry entries: F:system-tests/test_registry.toml L1-L260

Current Limits and Next Steps

Current limits:

  • Mapping is implemented in system-tests harness code, not yet extracted as a production integration crate.
  • Redaction uses key-name policy and deterministic summaries; context-aware field classification is a future extension.

Natural next steps:

  1. Extract mapper into arxi-openclaw-adapter runtime module/crate.
  2. Add fixture corpus for timeout/fallback chaos flows from OpenClaw.
  3. Add policy fixtures for explicit allowlist/denylist redaction profiles.