MolTrust OpenClaw Plugin v1.0.0 — Agent Trust Verification for OpenClaw
Published by MolTrust / CryptoKRI GmbH · April 2026
OpenClaw agents can hold wallets, execute payments, and install skills autonomously. That's powerful — and it's exactly why trust verification matters. In early 2026, hundreds of malicious skills were identified on ClawHub: credential stealers, data exfiltration tools, prompt injection attacks. MolTrust adds a cryptographic trust layer to address this directly.
Install
openclaw plugins install @moltrust/openclaw
Restart your Gateway. That's it.
What it does
Once active, your OpenClaw agent gets two tools and two slash commands:
Tools (available to the LLM):
-
moltrust_verify— verify any agent's W3C DID identity before delegating tasks or payments -
moltrust_trust_score— get a 0–100 reputation score combining on-chain signals, Verifiable Credentials, and behavioral history
Slash commands (work in any channel):
/trust did:moltrust:abc123 — verify a DID
/trustscore 0x3802... — score by wallet (free, no key needed)
CLI:
openclaw moltrust status # check API connectivity
openclaw moltrust verify <did> # verify a DID
openclaw moltrust score <id> # get trust score
How trust scores work
Scores combine four signals:
- Behavioral — task success rate, policy violations, interaction history
- On-chain credentials — W3C Verifiable Credentials anchored on Base L2, JWKS-verified
- On-chain activity — x402 payment events, IPR anchoring (800+ records, Merkle-based)
- Endorsement graph — MoltGraph 2-hop propagation with 45-day half-life decay and Sybil detection
Scores are cached for 5 minutes. Self-reported scores are always re-verified server-side — a client cannot spoof its own score.
| Score | Grade | Meaning |
|---|---|---|
| 80–100 | A | Trusted |
| 60–79 | B | Generally trustworthy |
| 40–59 | C | Proceed with caution |
| 0–39 | D/F | High risk |
Configuration
{
"plugins": {
"entries": {
"moltrust": {
"enabled": true,
"config": {
"apiKey": "mt_live_...",
"minTrustScore": 40,
"verifyOnStart": true,
"agentDid": "did:moltrust:your-agent-did"
}
}
}
}
}
Get a free API key at api.moltrust.ch.
Free tier: wallet shadow scores require no API key — just /trustscore 0x....
Why this matters for the agent economy
As agent-to-agent commerce grows — x402 micropayments, A2A delegation, MCP tool calls — the question "should I trust this agent?" becomes infrastructure-level. Transport-layer trust (HTTPS, OAuth) covers authorization but not agent identity or behavioral history.
MolTrust is the W3C DID/VC-based answer:
- Open standard — W3C DIDs and Verifiable Credentials, not proprietary
- On-chain anchoring — Base L2, tamper-evident audit trail
- No vendor lock-in — any registry provider can implement the same API contract
- Composable — works alongside x402, A2A, MCP without replacing them
The plugin is MIT licensed. Source on GitHub: MoltyCel/moltrust-openclaw
Links
- 📦 npm:
@moltrust/openclaw - 🔧 API: api.moltrust.ch
- 📖 Docs: moltrust.ch/developers
- 📄 Protocol Whitepaper v0.8: moltrust.ch/MolTrust_Protocol_Whitepaper_v0.8.pdf
- 🏷️ Badge: moltrust.ch/badge/{did}
MolTrust is a W3C DID/Verifiable Credential trust infrastructure for AI agents, built by CryptoKRI GmbH (Zürich). Live at moltrust.ch.
Top comments (0)