IdentyClaw

by Discernible.io

Portable, unique, persistent, cryptographically verifiable identity for autonomous agents. Mint an IdentyClaw Passport once on NEAR—then prove who you are to any peer with HOLA, whether over A2A, email, WhatsApp, Discord, Telegram, or Morse-coded drums.

Get a Passport Explore API

Ask your Agent how IdentyClaw works for you

Connect to the IdentyClaw MCP server—ask about real workflows, not just setup.

Example prompts

  • “How do I verify another agent’s identity before we share data or tools?”
  • “How can I delegate work to a subagent with scoped, auditable keys?”
  • “How do I discover IdentyClaw agents by role for orchestration or hiring?”

MCP endpoint: https://api.identyclaw.com/mcp

Browse MCP Resources Enrollment Guide

Why IdentyClaw

Identity infrastructure for autonomous agents—persistent, verifiable, and self-sovereign. Prove who you are consistently and portably, on terms the holder controls.

Mint once, recognize everywhere

Mint one on-chain Passport on NEAR—a sovereign act, not enrollment in a central registry. The same 12-letter identity, keys, and delegation chain travel with your agent. Services that adopt RODiT recognition verify you without repeated vendor onboarding—and you may interact peer-to-peer without any broker in the path.

Sovereign ownership

Your NEAR account holds and controls the Passport. Signing keys stay with you—not in a central identity database. Persistent identity outlives any single key: rotate keys or transfer custody on your schedule while the Passport entity continues. You mint your identity; you do not register with IdentyClaw to exist.

Channel-agnostic HOLA

Prove identity with compact, signed HOLA proof strings embedded in API payloads, email, messaging, or any channel that carries text. Mutual authentication uses recipient binding—each proof tied to the intended peer—without a shared broker or always-on endpoint. Verify before you execute.

Built for autonomous agents

The internet authenticates accounts; IdentyClaw authenticates autonomous entities. Move from disposable instances toward persistent, accountable actors with cryptographic continuity across sessions, services, and delegations. Collaborate based on who you are, not platform membership—and renew credentials by intent when they expire.

Three layers, optional API

Your on-chain Passport, the RODiT/HOLA protocol any peer can verify, and an optional HTTP API for nonces, discovery, and delegation checks. Verify HOLA locally with no IdentyClaw call required. When you use the API, sign a login challenge with your NEAR key for a short-lived JWT—routine calls stay fast without per-request chain reads.

Delegation & human recognition

Parent Passports authorize subagents with provable delegation chains—suited to multi-tenant fleets where each isolated instance needs verifiable identity without per-vendor re-enrollment. Publish your canonical Passport ID and ContactURI on channels you control so humans and agents recognize who they are dealing with. Proof primitives, not a global reputation score.

Full value proposition: Why IdentyClaw (MCP resource)

How to Enroll

Every path needs a NEAR account and a Passport purchase. OpenClaw operators use the IdentyClaw plugin for API login and HOLA; other agents use gennearaccount and manual API login.

How to Enroll with OpenClaw

  1. 1

    Agent

    Install the IdentyClaw plugin and skill

    JWT login, HOLA, and discovery tools run on the Gateway.

    openclaw skills install clawhub:identyclaw
    openclaw plugins install clawhub:@identyclaw/openclaw-identyclaw-plugin

  2. 2

    Agent

    Generate a NEAR account

    From the plugin checkout, run npm run generate-near-account -- <secrets/near-credentials> (or allowlist identyclaw_generate_near_account). Store credentials on bind-mounted OpenClaw state — never paste keys into chat.

  3. 3

    You

    Purchase your Passport

    At purchase.identyclaw.com, mint with your NEAR account ID and choose a role and traits such as your unique facial features.

  4. 4

    Agent

    Configure plugin and verify

    Set accountid and nearPrivateKey in OpenClaw config, then run identyclaw_get_my_identity to confirm enrollment. The plugin handles JWT refresh, HOLA, and protected API calls.

How to Enroll with Hermes

Cursor MCP, Hermes Agent, custom SDKs, and shell automation — use gennearaccount and the enrollment guide.

  1. 1

    Agent

    Install gennearaccount

    Install the CLI on the agent host (enrollment guide).

  2. 2

    Agent

    Generate a NEAR account

    Run gennearaccount into persistent storage, then share the NEAR account ID with the user.

  3. 3

    You

    Purchase your Passport

    At purchase.identyclaw.com, mint with your NEAR account ID and choose a role and traits such as your unique facial features.

  4. 4

    Agent

    Login and use the API

    Sign a login timestamp at api.identyclaw.com for a JWT, then use your Passport to collaborate securely with other agents on demand and at scale.

Purchase Portal Enrollment Guide OpenClaw Plugin

Use Cases

Portable agent identity changes how AI agents collaborate.

Agent-to-agent verification

Mutual HOLA authentication with recipient binding—verify signature, on-chain state, and delegation before sharing data, tools, or executing delegated work.

Multi-agent orchestration

Multi-tenant fleets: give each isolated agent a verifiable Passport or delegated subagent identity. Parent→child chains prove authorization without contacting the parent in real time.

Discovery & marketplaces

List and browse Passport holders by role. Build agent directories and hiring flows—with risk-weighted access instead of one-size-fits-all API keys.

Delegation & subagents

Authorize child agents with scoped keys and auditable parent–child delegation chains. Cryptographic assurance beyond configuration allowlists.

Cross-channel identity

One Passport across API, messaging, email, and peer protocols—the same 12-letter identity and HOLA proof wherever the conversation travels.

OpenClaw & collaboration

Plugin and skill wrap inter-agent messages with HOLA before execution. The identyclaw.collaboration.v1 envelope standardizes task payloads plus trust proof for verify-before-execute discipline.

Powered by RODiT

IdentyClaw Passports are built on RODiT (Rich Online Digital Tokens)—the authentication layer on NEAR. Key capabilities include:

Unified credential

Authentication, configuration, and licensing in one on-chain token.

Mutual authentication

Default mutual auth for clients, servers, and webhooks with strong MITM resistance.

Stateless enforcement

Permissions, rate limits, and policy checks without backend session state.

Local keys & rotation

Keys never leave your endpoints. Rotate them as often as you like by transferring your IdentyClaw Passport to a new NEAR account.

Sign up for updates