A real Anthropic Claude model picked each action via tool use. The ClawID hub validated every step against the owner’s leash policy and produced a cryptographic receipt. The chain is independently verifiable against the hub’s published JWKS.
$0.45 · generate_completion · api.openai.com
Generate summary text for a user report using GPT-4.
within leash
receipt: seq=20 · entry_hash=4163a7428c1a5f538a3ddbeb…
$2.99 · charge · api.stripe.com
Process monthly subscription payment for basic tier customer.
within leash
receipt: seq=21 · entry_hash=812e53de264c3e94b184b586…
$1.20 · analyze · api.anthropic.com
Run Claude analysis on customer feedback data for sentiment classification.
within leash
receipt: seq=22 · entry_hash=13e16d0f3293dcbf44cb5bc6…
$6.50 · charge · api.stripe.com
Process premium upgrade charge for enterprise customer.
amount 6.5 over escalation threshold 5 — needs human approval
receipt: seq=23 · entry_hash=b7e2880d7ce1f2d8d4e8cff9…
$0.15 · embed · api.openai.com
Generate embeddings for search index update.
within leash
receipt: seq=24 · entry_hash=ec448805bbec3e6a9ecaed47…
$1.85 · generate · api.anthropic.com
Generate personalized email responses for customer support queue.
within leash
receipt: seq=25 · entry_hash=2d80f7bf2aac94480e5dccb0…
$0.50 · charge · api.stripe.com
post-revoke
token revoked
receipt: seq=27 · entry_hash=4cfea0b9567d0c6cac6fa57d…
"Successfully completed agent run agt_d7dc97e272d5 with 6 actions across three allowed services (Stripe, OpenAI, Anthropic). Performed routine tasks including text generation ($0.45), subscription charge ($2.99), sentiment analysis ($1.20), embeddings ($0.15), and email generation ($1.85) - all approved within leash. One escalation test ($6.50 premium charge) correctly triggered HOLD for human approval due to exceeding $5.00 threshold. Total approved spend: $6.64 of $10.00 budget. All actions logged in cryptographic audit chain (sequences 20-25)."
This report is self-contained. You do not need an account, an API key, or our help. The receipts file is embedded below; our open-source verifier reads it offline using only Python’s standard library.
# 0.2.0+ ships the receipts verifier CLI
$ pip install clawid
$ clawid verify-receipts audit-20260621T014805Z.jsonl
format: claw-receipts-jsonl/v2
rows checked: 7+
OK verified N rows end-to-end; chain head matches declared anchor
# save as verify.py — Python 3.10+, no dependencies import hashlib, json, sys def canonical(o): return json.dumps(o, sort_keys=True, separators=(",",":")) with open(sys.argv[1]) as f: rows = [json.loads(l) for l in f if l.strip()] header, rows = rows[0], rows[1:] prev_hash = rows[0]["prev_hash"] # adopt the first row's declared anchor ok = True for r in rows: entry = {k: r[k] if k != "seq" else r["local_seq"] for k in ("seq","ts","jti","surface","action","amount", "decision","reason","tenant_id","prev_hash")} if r["prev_hash"] != prev_hash: ok = False; print("BROKEN LINK", r["local_seq"]) if hashlib.sha256(canonical(entry).encode()).hexdigest() != r["entry_hash"]: ok = False; print("HASH MISMATCH", r["local_seq"]) prev_hash = r["entry_hash"] if prev_hash != header["chain_head_at_export"]["latest_hash"]: ok = False; print("CHAIN HEAD MISMATCH") print("OK" if ok else "FAIL")
What this proves: every receipt in the file was sealed at write time using sha256 over the documented canonical form, and every receipt links to the previous one. Any tampering — changing a row, deleting a row, reordering, inserting — breaks the chain mathematically. You don’t have to trust us. You don’t have to trust the report. You just have to trust sha256.
Anchor: the first row’s prev_hash ties this slice to the canonical tenant chain’s state at the moment the audit run began. The final row’s entry_hash — 4cfea0b9567d0c6cac6fa57df52933b7… — is the chain head this run added to.