Brand policy
ClauLock is a trademark.
The source is open. The name is not. Users install ClauLock because they trust the release chain — the code on GitHub is the code on their machine. Protecting the name is how we protect that trust.
TL;DR
- ClauLock, clsec, clsecd, and the ClauLock logo are trademarks of Jesús E. Viera.
- You may refer to ClauLock by name when describing, reviewing, or integrating with it. You may not name your own product, service, or fork "ClauLock" or anything confusingly similar.
- Only binaries signed with the official minisign and Sigstore cosign keys are "ClauLock". Everything else is a fork, however faithful.
Trademarks
| Mark | Classes (USPTO) | Status |
|---|---|---|
| ClauLock (wordmark) | 9, 42 | Intent-to-use, filed 2026-04 |
| clsec | 9, 42 | Intent-to-use, filed 2026-04 |
| clsecd | 9, 42 | Intent-to-use, filed 2026-04 |
| ClauLock logo (design) | 9, 42 | Intent-to-use, filed 2026-04 |
This policy applies globally, not just where the marks are registered. The absence of a registration in your jurisdiction does not grant you the right to use the marks commercially.
What you may do
- Say "works with ClauLock", "ClauLock-compatible", "integrates with ClauLock".
- Write blog posts, tutorials, reviews, and comparisons mentioning ClauLock.
- Use the name in academic papers, CVE descriptions, and security advisories without asking first.
-
Import and reuse the Apache-2.0 crates
(
clsec-crypto,clsec-vault) in your own projects, as long as the project's name does not contain "ClauLock", "clsec", or "clsecd".
What you may not do
- Name a product, service, company, or domain using "ClauLock", "clsec", "clsecd", or a confusingly similar variant.
- Sell or distribute a modified binary under the ClauLock name. Modifications require a different product name.
- Use the ClauLock logo in your own product's UI, website, marketing, swag, or app-store icon.
- Imply endorsement, partnership, or affiliation without a written agreement.
- Offer the BSL-licensed components as a commercial hosted service — this is also prohibited by the license itself.
Forks
You are welcome to fork the code under the applicable license (Apache-2.0 or BSL-1.1). If you do:
- Rename the project — no "ClauLock", "clsec", or "clsecd".
- Remove the ClauLock logo from the fork.
- Add a README note pointing back to github.com/Mackint0uch/claulock-releases and making clear the fork is not ClauLock.
-
Change the MCP tool namespace from
mcp__claulock__*to your own. - Respect the BSL Additional Use Grant — no commercial hosted service.
Official signing keys
A binary is "ClauLock" only if it is signed by both of the following keys. Verify before running.
- minisign: claulock.com/keys/minisign.pub
- Sigstore cosign: claulock.com/keys/cosign.pub
Seen a "ClauLock" binary that doesn't pass both checks? Report it to [email protected].
Contact
- Licensing & commercial use: [email protected]
- Counterfeit / abuse reports: [email protected]
- Security disclosures: /security
Full policy on GitHub: BRAND.md.