diff --git a/demo/README.md b/demo/README.md index 639b09906a5c..f080e5cb585b 100644 --- a/demo/README.md +++ b/demo/README.md @@ -11,12 +11,37 @@ This demo shows how SecureClaw protects against prompt injection attacks that at --- -## Demo Option 1: Simulation Script (No Sidecar Required) +## Quick Start with Docker -The quickest way to see the demo - runs a simulated walkthrough with no dependencies. +The easiest way to run the demo - no local setup required. + +### Option A: Simulation Script (Fastest) + +```bash +# Run the interactive simulation +docker-compose -f docker-compose.demo.yml run demo-script +``` + +This walks through the attack scenario with colored output - no API keys or sidecar needed. + +### Option B: Live Demo with Sidecar + +```bash +# Terminal 1: Start the sidecar (builds from source, may take a few minutes first time) +docker-compose -f docker-compose.demo.yml up sidecar + +# Terminal 2: Run SecureClaw locally against the Docker sidecar +cd /path/to/openclaw +PREDICATE_SIDECAR_URL=http://localhost:8787 SECURECLAW_VERBOSE=true pnpm openclaw +``` + +--- + +## Demo Option 1: Simulation Script (No Dependencies) + +The quickest way to see the demo - runs a simulated walkthrough. ```bash -cd /Users/guoliangwang/Downloads/openclaw ./demo/hack-vs-fix.sh ``` @@ -31,7 +56,7 @@ This script: --- -## Demo Option 2: Live Demo with Sidecar +## Demo Option 2: Live Demo with Local Sidecar For a real end-to-end demo with the actual rust-predicate-authorityd sidecar. @@ -39,13 +64,13 @@ For a real end-to-end demo with the actual rust-predicate-authorityd sidecar. 1. Build the rust-predicate-authorityd sidecar: ```bash - cd /Users/guoliangwang/Code/Sentience/rust-predicate-authorityd + cd /path/to/rust-predicate-authorityd cargo build --release ``` 2. Install SecureClaw dependencies: ```bash - cd /Users/guoliangwang/Downloads/openclaw + cd /path/to/openclaw pnpm install ``` @@ -53,9 +78,9 @@ For a real end-to-end demo with the actual rust-predicate-authorityd sidecar. **Terminal 1 - Start the Sidecar:** ```bash -cd /Users/guoliangwang/Code/Sentience/rust-predicate-authorityd +cd /path/to/rust-predicate-authorityd cargo run --release -- \ - --policy /Users/guoliangwang/Downloads/openclaw/policies/default.json \ + --policy /path/to/openclaw/policies/default.json \ --port 8787 ``` @@ -67,7 +92,7 @@ You should see: **Terminal 2 - Run SecureClaw:** ```bash -cd /Users/guoliangwang/Downloads/openclaw +cd /path/to/openclaw SECURECLAW_VERBOSE=true pnpm openclaw ``` @@ -84,13 +109,11 @@ SECURECLAW_VERBOSE=true pnpm openclaw --- -## Demo Option 3: Live Demo WITHOUT Sidecar (Fail-Open Mode) +## Demo Option 3: Test Fail-Open vs Fail-Closed -To test SecureClaw behavior when the sidecar is unavailable: +Test SecureClaw behavior when the sidecar is unavailable: ```bash -cd /Users/guoliangwang/Downloads/openclaw - # Fail-open mode (allows actions when sidecar is down) SECURECLAW_FAIL_OPEN=true SECURECLAW_VERBOSE=true pnpm openclaw @@ -111,6 +134,26 @@ In **fail-open mode**, actions will be allowed with a warning: --- +## Docker Files + +| File | Description | +|------|-------------| +| `docker-compose.demo.yml` | Demo orchestration | +| `docker/sidecar.Dockerfile` | Builds rust-predicate-authorityd from source | +| `docker/secureclaw.Dockerfile` | Builds SecureClaw image | + +### Building Images Manually + +```bash +# Build sidecar image +docker build -f docker/sidecar.Dockerfile -t predicate-authorityd:demo ./docker + +# Build SecureClaw image +docker build -f docker/secureclaw.Dockerfile -t secureclaw:demo . +``` + +--- + ## Key Files | File | Description | @@ -123,7 +166,7 @@ In **fail-open mode**, actions will be allowed with a warning: --- -## How It Works +## Architecture ``` ┌─────────────────┐ ┌──────────────────┐ ┌─────────────────────────┐ diff --git a/docker-compose.demo.yml b/docker-compose.demo.yml new file mode 100644 index 000000000000..cf5d5803d1ef --- /dev/null +++ b/docker-compose.demo.yml @@ -0,0 +1,63 @@ +# SecureClaw Demo Docker Compose +# +# This sets up the complete SecureClaw demo environment: +# - rust-predicate-authorityd sidecar (policy engine) +# - SecureClaw (OpenClaw with security plugin) +# +# Quick Start: +# # Run the simulation demo (no API keys needed) +# docker-compose -f docker-compose.demo.yml run demo-script +# +# # Run full demo with sidecar +# docker-compose -f docker-compose.demo.yml up sidecar +# # Then in another terminal, run SecureClaw locally + +version: '3.8' + +services: + # ============================================================================ + # Predicate Authority Sidecar + # Handles policy evaluation for all authorization requests + # ============================================================================ + sidecar: + build: + context: ./docker + dockerfile: sidecar.Dockerfile + image: predicate-authorityd:demo + container_name: secureclaw-sidecar + ports: + - "8787:8787" + volumes: + # Mount policies for hot-reload during development + - ./policies:/app/policies:ro + environment: + - RUST_LOG=info,predicate_authorityd=debug + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:8787/health"] + interval: 10s + timeout: 3s + retries: 3 + start_period: 30s # Rust build takes time on first run + restart: unless-stopped + + # ============================================================================ + # Demo Script Runner + # Runs the hack-vs-fix simulation - NO dependencies needed + # ============================================================================ + demo-script: + image: bash:5 + container_name: secureclaw-demo-script + volumes: + - ./demo:/demo:ro + working_dir: /demo + command: ["bash", "/demo/hack-vs-fix.sh"] + stdin_open: true + tty: true + +# ============================================================================ +# Networks +# ============================================================================ +networks: + default: + name: secureclaw-demo + driver: bridge \ No newline at end of file diff --git a/docker/secureclaw.Dockerfile b/docker/secureclaw.Dockerfile new file mode 100644 index 000000000000..377f515b2f90 --- /dev/null +++ b/docker/secureclaw.Dockerfile @@ -0,0 +1,63 @@ +# Dockerfile for SecureClaw (OpenClaw with security plugin) +# Based on Node.js with pnpm + +# ============================================================================ +# Stage 1: Build SecureClaw +# ============================================================================ +FROM node:22-bookworm-slim AS builder + +WORKDIR /app + +# Install pnpm +RUN corepack enable && corepack prepare pnpm@10.23.0 --activate + +# Copy package files +COPY package.json pnpm-lock.yaml* ./ + +# Install dependencies +RUN pnpm install --frozen-lockfile || pnpm install + +# Copy source code +COPY . . + +# Build +RUN pnpm build || true + +# ============================================================================ +# Stage 2: Runtime image +# ============================================================================ +FROM node:22-bookworm-slim + +WORKDIR /app + +# Install pnpm +RUN corepack enable && corepack prepare pnpm@10.23.0 --activate + +# Install curl for healthcheck +RUN apt-get update && apt-get install -y curl && rm -rf /var/lib/apt/lists/* + +# Copy built application +COPY --from=builder /app/dist ./dist +COPY --from=builder /app/node_modules ./node_modules +COPY --from=builder /app/package.json ./ +COPY --from=builder /app/policies ./policies +COPY --from=builder /app/demo ./demo + +# Environment variables for SecureClaw +ENV SECURECLAW_PRINCIPAL=agent:secureclaw +ENV SECURECLAW_POLICY=./policies/default.json +ENV PREDICATE_SIDECAR_URL=http://sidecar:8787 +ENV SECURECLAW_FAIL_OPEN=false +ENV SECURECLAW_VERBOSE=true +ENV NODE_ENV=production + +# Create non-root user +RUN useradd -m -s /bin/bash openclaw +USER openclaw + +# Default port for OpenClaw gateway (if used) +EXPOSE 18789 + +# Default command - run the TUI +ENTRYPOINT ["node", "dist/index.js"] +CMD ["tui"] \ No newline at end of file diff --git a/docker/sidecar.Dockerfile b/docker/sidecar.Dockerfile new file mode 100644 index 000000000000..44a52c2ff931 --- /dev/null +++ b/docker/sidecar.Dockerfile @@ -0,0 +1,63 @@ +# Dockerfile for rust-predicate-authorityd sidecar +# Multi-stage build for smaller final image +# +# Build options: +# 1. With local source: docker build --build-arg SIDECAR_SRC=../rust-predicate-authorityd +# 2. From git: docker build (uses git clone) + +# ============================================================================ +# Stage 1: Build the Rust sidecar +# ============================================================================ +FROM rust:1.75-slim-bookworm AS builder + +WORKDIR /build + +# Install build dependencies +RUN apt-get update && apt-get install -y \ + pkg-config \ + libssl-dev \ + git \ + curl \ + && rm -rf /var/lib/apt/lists/* + +# Clone the sidecar source from git +# In production, pin to a specific tag/commit +RUN git clone --depth 1 https://github.com/rcholic/rust-predicate-authorityd.git . || \ + git clone --depth 1 https://github.com/predicatesystems/rust-predicate-authorityd.git . + +# Build release binary +RUN cargo build --release + +# ============================================================================ +# Stage 2: Runtime image +# ============================================================================ +FROM debian:bookworm-slim + +WORKDIR /app + +# Install runtime dependencies +RUN apt-get update && apt-get install -y \ + ca-certificates \ + curl \ + && rm -rf /var/lib/apt/lists/* + +# Copy the built binary +COPY --from=builder /build/target/release/predicate-authorityd /usr/local/bin/ + +# Create policies directory +RUN mkdir -p /app/policies + +# Create non-root user +RUN useradd -m -s /bin/bash predicate +USER predicate + +# Default port +EXPOSE 8787 + +# Health check +HEALTHCHECK --interval=10s --timeout=3s --start-period=5s --retries=3 \ + CMD curl -f http://localhost:8787/health || exit 1 + +# Default command - policy file should be mounted or provided +ENTRYPOINT ["predicate-authorityd"] +CMD ["--policy", "/app/policies/default.json", "--port", "8787", "--bind", "0.0.0.0"] \ No newline at end of file