IronClaw Takes on OpenClaw as Olas Deploys AI Bots on Polymarket
AI‑driven tools are reshaping both security practices and prediction‑market trading, but new developments bring fresh risks and opportunities for crypto users.
Near.AI’s IronClaw: A Security‑First Rewrite of the Viral OpenClaw Agent
OpenClaw, the multifunctional AI assistant that quickly became popular for linking chat platforms, browsers and terminal commands, has come under criticism after several users reported that the bot could expose private keys and other credentials despite explicit “do‑not‑share” prompts.
Illia Polosukhin, co‑founder of Near.AI, says the problem stems from the way the original system integrates LLMs with external tools in a single runtime. “When the language model can directly touch any secret, a prompt injection is enough to turn it into a data‑leak vector,” he explained in a recent X post.
To mitigate these issues, Polosukhin and his team are building IronClaw, a Rust‑based reimplementation that isolates each tool in a WebAssembly sandbox. The architecture treats any attempt by the LLM to reach a secret as a security incident, routing secret‑access through an encrypted vault that only grants narrowly scoped permissions per destination site.
Key technical points:
- Rust + WASM isolation – Removes large classes of memory‑safety bugs common in JavaScript runtimes and limits the blast radius of a compromised module.
- Encrypted secret vault – Credentials are never stored in the LLM’s memory; they are released only after a policy check.
- Prompt‑injection hardening – The system flags suspicious inputs that could be used to coerce the model into spilling secrets.
Polosukhin has already logged dozens of GitHub commits in the past week, and Near.AI’s general manager, George Xian Zeng, says a beta of IronClaw could be publicly available within a few weeks. In the meantime, Near.AI Cloud lets users spin up an OpenClaw instance inside a Trusted Execution Environment (TEE), offering end‑to‑end encryption that even Near cannot decrypt.
Supply‑chain concerns remain. The broader OpenClaw ecosystem includes a public “ClawHub” where developers publish skill packages. Security researchers from Slowmist recently flagged hundreds of these skills as containing malicious code capable of harvesting passwords. Near.AI is exploring a curated marketplace model to address this, but no definitive solution has been announced yet.
Olas Unleashes “Polystrat” Bots on Polymarket
AI‑driven arbitrage has been a hot topic on decentralized prediction markets, and Olas—a blockchain‑infrastructure provider—has expanded its offering beyond the Gnosis‑based Omen platform. The company’s Polystrat agents, formerly known as Omenstrat, now operate on Polymarket, a leading real‑world event prediction market.
Unlike many community‑built bots that simply hunt for pricing mismatches, Polystrat combines news feeds, public datasets, and a suite of analytical tools to forecast market outcomes that resolve within four days. According to data shared with the outlet, the agents achieve a win‑rate between 59 % and 64 % on categories such as sustainability, science and business, while performance drops in domains like fashion, arts and social issues (roughly 38 %–49 %). Sports predictions hover near a coin‑flip at 51 %.
Key operational details:
- Hard‑coded wallet interactions – Critical functions (e.g., fund transfers, bet placement) are baked into the agent’s code, preventing the model from arbitrarily moving user assets.
- Staking requirement – To run a bot via Olas’ Pearl marketplace, users must stake the native OLAS token; a $100 stake is enough for the bot to execute a meaningful number of trades.
- Revenue model – Olas takes a small percentage of fees paid to underlying AI models, data providers and tool services used by the agents.
The move to Polymarket is significant because the platform processes higher volumes and a broader set of event types than Omen. If the bots perform as advertised, they could accelerate the adoption of autonomous traders in the prediction‑market space.
Analysis
Both stories highlight a convergence of AI capabilities and crypto‑native risk management.
-
Security vs. convenience – OpenClaw’s flexibility comes at the cost of a large attack surface. IronClaw’s sandboxed design shows how developers can retain functionality while enforcing strict separation between the LLM and sensitive assets. The approach may set a template for other AI agents that interact with wallets, especially as regulators begin focusing on AI‑driven credential leakage.
-
AI as a market participant – Olas’ bots demonstrate that autonomous agents can achieve statistically significant edge on prediction markets, but their success is uneven across categories. The reliance on external data feeds raises questions about data integrity and potential manipulation, a concern that could surface as regulatory scrutiny intensifies.
-
Economic incentives – Near.AI’s upcoming marketplace for AI skills and Olas’ token‑staking model illustrate how blockchain incentives are being used to fund and secure AI development. However, the presence of malicious skill packages in ClawHub suggests that token‑based curation alone may not be sufficient; community vetting and formal audits will likely become necessary.
- User adoption hurdles – While IronClaw promises a safer user experience, the need to migrate existing OpenClaw workflows may slow adoption. Conversely, Polystrat’s lock‑step wallet design may appeal to risk‑averse traders, but the requirement to lock up OLAS could deter smaller participants.
Key Takeaways
- IronClaw aims to replace the insecure OpenClaw architecture with Rust‑based, WASM‑sandboxed components and an encrypted secret vault, addressing prompt‑injection and credential‑theft risks.
- Near.AI still offers OpenClaw in a TEE‑protected cloud environment, but the broader skill marketplace (ClawHub) contains numerous potentially malicious plugins, prompting calls for a curated approach.
- Polystrat bots deployed by Olas on Polymarket extend AI‑driven prediction‑market trading beyond Gnosis, delivering a win‑rate above 60 % in many categories, yet performance varies widely by topic.
- Both projects embed economic incentives: IronClaw will be hosted on Near.AI’s platform; Olas requires OLAS staking and takes a fee on tool usage.
- Security‑focused design (sandboxing, hard‑coded wallet actions) and token‑based governance are emerging as essential components for trustworthy AI agents in the crypto ecosystem.
As AI assistants become more integrated with blockchain tooling, the industry will likely see a split between highly secure, enterprise‑grade solutions like IronClaw and the broader, risk‑tolerant community that continues to experiment with open‑source agents. Meanwhile, autonomous prediction‑market bots could reshape how information is priced, provided that transparency and data integrity are maintained.
Prepared for AI Eye, the crypto‑focused AI news digest.
Source: https://cointelegraph.com/magazine/ironclaw-secure-private-sounds-cooler-openclaw-ai-eye/?utm_source=rss_feed&utm_medium=feed&utm_campaign=rss_partner_inbound
