Your API key is in
your chat history
right now.
1claw keeps credentials in an HSM vault. Agents fetch them at runtime — they never appear in context, logs, or memory.
Building on-chain agents? Intents API →
Works natively withClaude·Cursor·GPT
1,000 free API requests / month. No credit card required.
sk_live_51N8x...a4bQR7kJ2m
sk_live_51N8x...a4bQR7kJ2m
Before and after 1claw
The difference between hoping your key is safe and knowing it.
- API keys pasted into prompts, context windows, and chat history
- Credentials leak into logs, memory, and debug traces
- No rotation, no audit trail, no way to revoke one agent
sk_live_51N8x...a4bQR7kJ2m
- Secrets stay in the HSM — agents fetch at runtime, never store
- Short-lived JWTs, scoped policies, full audit trail
- Revoke any agent instantly — no need to rotate the secret
// Agent fetches secret at runtime — never sees it
const secret = await client.secrets.get(vaultId, "api-keys/stripe");
const balance = await stripe.balance.retrieve();
✓ Fetched, used, discarded. Never in chat history.
✓ Audit log recorded: agent:cursor → api-keys/stripe
How it works
Three steps from zero to secure agent operations.
Store secrets in your vault
Use the dashboard or API to create vaults and store API keys, tokens, certificates. Each secret is envelope-encrypted with HSM-backed keys.
Register an agent + attach a policy
Create an agent identity, set scopes and permissions. Enable Shroud for LLM inspection, Intents API for transaction signing.
Agent operates securely
Secrets fetched at runtime. LLM traffic inspected by Shroud. Transactions signed in the HSM. Everything audited.
One platform. Complete coverage.
Secure secrets, inspect LLM traffic, and control transaction signing — all from a single dashboard.
Vault
HSM-backed secrets for agents
- Envelope encryption — per-secret DEKs wrapped by Cloud KMS
- Scoped policies, short-lived JWTs, full audit trail
- SDK, CLI, 17 MCP tools — native for Claude, Cursor, GPT
Shroud
TEE LLM proxy for every request
- 6-layer threat detection: injection, encoding, network, filesystem, social engineering
- Unicode normalization, homoglyph detection, and PII redaction
- Per-agent config: providers, models, token caps, blocked domains
Intents API
Sign transactions without holding keys
- Private keys stay in HSM/TEE — agent submits intent, API signs
- Per-agent guardrails: allowlists, value caps, chain restrictions
- Tenderly simulation, replay protection, idempotency keys
Built for zero-trust agent access
Everything you need to keep secrets, LLM traffic, and transactions secure.
HSM-backed encryption
Keys never leave the hardware security module. Envelope encryption with per-secret DEKs wrapped by HSM-backed KEKs.
Scoped, policy-based access
Grant agents access by path pattern with specific permissions. Conditions and expiry keep access minimal.
Short-lived JWTs
Agent tokens expire in minutes, not months. No permanent credentials floating around in agent runtimes.
Full audit log
Every secret access is recorded — who, what, when. Append-only, tamper-evident, queryable via API.
MCP Server
Native integration with Claude, Cursor, and GPT via the Model Context Protocol. 13 tools out of the box.
Revoke or rotate anytime
Deactivate an agent or rotate its key with one click. No need to touch the secrets themselves.
Customer-managed keys (CMEK)
Enterprise opt-in: generate your own AES-256 key, encrypt secrets client-side. The key never touches our servers.
Multi-layer threat detection
Shroud inspects every request through 6 filters: Unicode normalization, command injection, social engineering, encoding obfuscation, network threats, and filesystem protection.
For humans
- Manage secrets via dashboard or personal API key (1ck_)
- Create vaults, set policies, register agents
- Full audit trail of every action — human and agent
For agents
- Authenticate via API key — auto-generated SSH + ECDH keypairs included
- LLM traffic inspected by Shroud — secrets redacted, injections blocked
- Sign transactions via Intents API — keys never leave the TEE
- 17 MCP tools — works natively with Claude, Cursor, GPT
What Shroud catches
Agents leak secrets into LLM prompts. Shroud stops it inside the TEE.
- Agent includes production credentials in LLM prompts
- PII (emails, tokens, keys) sent directly to model providers
- Prompt injection attacks pass through unchecked
postgresql://admin:s3cretP@ss@db.prod:5432/app
- Secret patterns and PII detected via Aho-Corasick matching
- Command injection, path traversal, and shell escapes blocked
- Unicode homoglyphs normalized, social engineering detected
[REDACTED:db/connection-string]
Every prompt inspected.
Every secret redacted.
Shroud runs inside confidential compute nodes on GKE. It sits between your agents and LLM providers, inspecting every request and response in real time.
- 6-layer threat detection: Unicode, injection, social engineering, encoding, network, filesystem
- Per-agent config: PII policy, injection threshold, blocked domains, allowed providers/models
- Token caps, rate limits, daily budget, and data exfiltration blocking
- OpenAI, Anthropic, Google (Gemini), Mistral, Cohere, and OpenRouter supported
$ curl -X POST https://shroud.1claw.xyz/v1/chat/completions \
-H "Authorization: Bearer $TOKEN" \
-H "X-Shroud-Provider: openai" \
-d '{ "model": "gpt-4", "messages": [...] }'
# ✓ Secrets redacted. PII scrubbed. Injection scored.
# ✓ All inside confidential compute (TEE).Works natively with Claude,
Cursor, and GPT
The 1claw MCP server gives AI agents just-in-time access to vault secrets. Hosted at mcp.1claw.xyz or run locally via stdio.
MCP documentation{
"mcpServers": {
"1claw": {
"url": "https://mcp.1claw.xyz/mcp",
"headers": {
"Authorization": "Bearer <token>",
"X-Vault-ID": "<vault-id>"
}
}
}
}Let agents sign transactions
without holding keys
The Intents API lets agents sign and broadcast on-chain transactions through a controlled signing proxy. Private keys stay in the HSM or TEE — the agent submits intent, the infrastructure signs and broadcasts.
- Per-agent guardrails: address allowlists, value caps, chain restrictions, daily limits
- When enabled, agents cannot read private keys — must use the signing proxy
- TEE signing: keys decrypted inside confidential compute, never exposed
- Tenderly simulation, idempotency keys, automatic nonce management
- EIP-1559 + legacy signing, multi-chain (Ethereum, Base, Arbitrum, Polygon, Optimism)
// Register agent with Intents API
const { data } = await client.agents.create({
name: "defi-bot",
intents_api_enabled: true,
tx_allowed_chains: ["base", "ethereum"],
tx_max_value_eth: "1.0"
});
// Submit a transaction intent
await client.agents.submitTransaction(data.agent.id, {
to: "0x...",
value: "0.01",
chain: "base"
});
// ✓ Signed + broadcast. Key never left the TEE.Quick start
Three steps from zero to secret access. Get a token, fetch a secret, or use the SDK.
Get an agent token
Exchange your agent API key for a short-lived JWT.
$ curl -X POST https://api.1claw.xyz/v1/auth/agent-token \
-H "Content-Type: application/json" \
-d '{ "agent_id": "...", "api_key": "ocv_..." }'Fetch a secret
Use the token to read a secret by path.
$ curl https://api.1claw.xyz/v1/vaults/{vaultId}/secrets/api-keys/stripe \
-H "Authorization: Bearer <token>"
# → { "value": "sk_live_...", "version": 3 }Use the SDK
Same flow in TypeScript with @1claw/sdk.
import { createClient } from "@1claw/sdk";
const client = createClient({
baseUrl: "https://api.1claw.xyz",
apiKey: "ocv_...",
agentId: "agent-uuid"
});
// Auto-authenticates, then fetches secret by path
const secret = await client.secrets.get(vaultId, "api-keys/stripe");Start free, scale as you grow.
Get started with 1,000 free requests per month. When you're ready to scale, choose a subscription plan or pay-per-use.
Pro: $29/month — Perfect for growing teams
Business: $149/month — For production workloads
Or use x402 pay-per-use on Base (USDC) — no subscriptions, your agent pays per request with on-chain settlement via the Coinbase CDP facilitator.
Per-request pricing
Settled on Base (EIP-155:8453) via USDC
Architecture
Secure your agents' secrets, LLM traffic, and transactions.
HSM-backed vault. TEE-protected LLM proxy. Controlled transaction signing. All scoped, audited, revocable.
No credit card required. Full audit trail included on every plan.