Skip to main content

Cordum Edge / CordClaw Architecture

CordClaw is part of Cordum Edge: it is the Edge execution-firewall/OpenClaw adapter capability. The cordclaw-*, job.cordclaw.*, CORDCLAW_*, binary, and package names are compatibility identifiers under the Edge umbrella.

The CordClaw OpenClaw adapter uses a two-process sidecar model:

  • A lightweight OpenClaw plugin intercepts pre-dispatch tool calls.
  • A local Go daemon performs deterministic policy checks.
  • The daemon calls Cordum Safety Kernel over gRPC and enforces outcomes.

Control Flow

OpenClaw Gateway
-> CordClaw Plugin (before_tool_execution hook)
-> HTTP POST localhost:19090/check
-> cordclaw-daemon (cache + circuit breaker + mapper)
-> gRPC PolicyCheckRequest
-> Cordum Safety Kernel
-> Decision: ALLOW | DENY | THROTTLE | REQUIRE_HUMAN | CONSTRAIN
-> Plugin enforcement outcome

Key Components

  • daemon/internal/server: localhost API (/check, /simulate, /health, /status, /audit)
  • daemon/internal/cache: in-memory LRU for repeated decisions
  • daemon/internal/circuit: graduated fail-closed behavior during kernel outages
  • daemon/internal/mapper: OpenClaw action metadata -> CAP policy request
  • plugin/src/index.ts: gateway plugin registration and hook wiring
  • plugin/src/shim.ts: daemon HTTP client wrapper
  • plugin/src/enforcer.ts: decision-to-action enforcement

Design Principles

  • Deterministic enforcement before execution
  • Structured metadata over prompt text for policy evaluation
  • Local-first latency with cache and warm kernel connection
  • Explicit degraded mode when backend governance is unavailable

Source: cordum-io/Cord-Claw/docs/ARCHITECTURE.md — last mirrored 2026-05-16 (task-ea3ad94e).