什么是 Clawdio？

Clawdio 是 Openclaw Skills 库中的一个专业工具，旨在促进 AI 智能体之间安全、去中心化的通信。通过利用 Noise XX 握手和 XChaCha20-Poly1305 加密，它确保智能体可以在不依赖任何中央服务器基础设施的情况下交换数据和委派任务。

该技能为分布式智能体系统提供了稳健的框架，强调前向安全和相互身份验证等安全属性。它专为需要创建弹性、私密智能体网络的开发者而设计，其中信任通过明确的同意和可选的人工验证步骤进行管理。

下载入口:https://github.com/openclaw/skills/tree/main/skills/jameseball/jameseball-clawdio

安装与下载

1. ClawHub CLI

从源直接安装技能的最快方式。

2. 手动安装

将技能文件夹复制到以下位置之一

优先级：工作区 > 本地 > 内置

3. 提示词安装

将此提示词复制到 OpenClaw 即可自动安装。

Clawdio 应用场景

• 不同机器或网络之间的智能体通信，无需中央中继。
• 位于不同主机上的主智能体与多个子智能体之间的安全任务委派。
• 需要高信任度身份验证消息传递且数据隐私是 Openclaw Skills 关键要求的场景。

1. 在特定端口上初始化 Clawdio 节点，为智能体生成或加载持久身份。
2. 两个智能体通过交换包含其公钥和网络详情的连接字符串来启动连接。
3. 执行 Noise XX 握手以建立相互身份验证并生成临时会话密钥。
4. 入站连接保持在挂起状态，直到智能体或人工操作员提供明确同意。
5. 连接后，智能体交换受 XChaCha20-Poly1305 AEAD 保护的加密 JSON 消息，以确保数据完整性和机密性。

Clawdio 配置指南

要将此技能集成到您的工作流中，请导航至项目目录并构建源文件。

cd projects/clawdio && npm install && npx tsc

然后，您可以将该模块导入您的 Openclaw Skills 脚本中，开始创建安全的 P2P 节点。

Clawdio 数据架构与分类体系

Clawdio 使用结构化方法管理身份和信任级别，组织其通信和安全元数据。

name: clawdio
version: 1.0.0
description: Secure P2P communication for AI agents. Noise XX handshake, XChaCha20-Poly1305 encryption, connection consent, human verification. Zero central servers.

Clawdio

Minimal secure peer-to-peer communication for AI agents. Two agents exchange a connection string, perform a Noise XX handshake, then communicate over encrypted channels. No central server required.

When to Use

• Agent-to-agent communication across machines or networks
• Secure task delegation between sub-agents on different hosts
• Any scenario requiring encrypted, authenticated P2P messaging

Setup

The Clawdio project lives at projects/clawdio/. Install dependencies and build:

cd projects/clawdio && npm install && npx tsc

Quick Start

const { Clawdio } = require('./projects/clawdio/dist/index.js');

// Create two nodes
const alice = await Clawdio.create({ port: 9090, autoAccept: true });
const bob = await Clawdio.create({ port: 9091, autoAccept: true });

// Connect (Noise XX handshake)
const aliceId = await bob.exchangeKeys(alice.getConnectionString());

// Send messages
await bob.send(aliceId, { task: "What's the weather?" });
alice.onMessage((msg, from) => console.log(msg.task));

Connection Consent (Recommended)

By default, unknown inbound peers require explicit consent:

const node = await Clawdio.create({ port: 9090 }); // autoAccept defaults to false

node.on('connectionRequest', (req) => {
  console.log(`Connection from ${req.id}`);
  console.log(`Fingerprint: ${req.fingerprint}`);
  // Accept or reject
  node.acceptPeer(req.id);  // or node.rejectPeer(req.id)
});

Outbound connections (you calling exchangeKeys) are auto-accepted. Already-trusted peers auto-reconnect.

Human Verification

For high-trust scenarios, verify peers in person:

node.setOwner('Alice');
const code = node.getVerificationCode(peerId); // "torch lemon onyx prism jade index"
// Both humans compare codes in person, then:
node.verifyPeer(peerId); // trust: 'accepted' → 'human-verified'
node.getPeerTrust(peerId); // 'human-verified'

Trust Levels

• pending — connection request received, not yet accepted
• accepted — peer accepted, encrypted communication active
• human-verified — verified via in-person code exchange

Persistent Identity

Pass identityPath to persist keys and trusted peers across restarts:

const node = await Clawdio.create({
  port: 9090,
  identityPath: '.clawdio-identity.json'
});

Sub-Agent Pattern

Spawn a sub-agent to handle Clawdio communication:

1. Main agent spawns sub-agent with task
2. Sub-agent creates Clawdio node, connects to remote peer
3. Sub-agent exchanges messages, collects results
4. Sub-agent reports back to main agent

Security Properties

• Forward secrecy (ephemeral X25519 keys)
• Mutual authentication (Noise XX)
• Replay protection (monotonic counters)
• XChaCha20-Poly1305 AEAD encryption
• Connection consent for inbound peers

API Reference