A few weeks ago the internet exploded because a lot of people started experiencing what an agent run world looked like with OpenClaw (The App Formally Known As ClawdBot 🟣). People were having their bot order groceries, chatted with their friends in Whatsapp groups and had them do Polymarket arbitrage trading. Something shifted in capability, agents are a real thing and in the wild now. Right away I had mixed feelings, from “I NEED THIS NOW!1!!”, to “do people know what the security and privacy implications are for a tool like this”?

After finding a post on X that explained how to install OpenClaw on an Amazon EC2 instance I immediately set it up and installed OpenClaw on it. I was excited by all the possibilities. But after reading another post on how to securely setup the EC2 instance I fell into a rabbit hole of terminal commands. And after a few hours I was at the point where I could not login myself anymore. I feared for my privacy. I was back in maximizer mode, instead of in satisficer mode. So mission failed.

After that I tried a Hetzner VPS to do something similar, but in the end I wanted to be able to make integrating the bot in my daily workflow simple. So I wanted the Mac Mini to have OpenClaw be in my actual MacOS workflow for more control and sovereignty. No third-party infra (except for the AI models). After buying a Mac Mini and installing it, I finally got it running safely and on its own. So without access to all of my digital life, unless explicitly granted. OpenClaw got its own email address and phone number. All to separate as much as possible to prevent security and privacy concerns I had.

The first thing I did was making sure I had a Telegram integration, so that my bot was able to talk to me via a Telegram chat. This was a magical feeling, a contact on my phone to ask things like “make a daily digest of my X bookmarks”. After a few minutes I got a test email with the posts I bookmarked yesterday and it reported back the results in Telegram. Mind blown.

The beauty of OpenClaw is that there is nothing you cannot ask it. It will try to do everything for you. It has a lot of agency and when allowed starts to do things while you continue your day because it thinks you will like it. It is very intoxicating to have it do stuff for you pro-actively. It starts to get addictive to have your bot do things with the speed of 10 programmers on Red Bull.

I will write a lot more about OpenClaw the next couple of weeks with all the experiments that I had Henk do (which is the name of my bot). Henk feels like my buddy. I am already attached to him in my life. Not sure if that is healthy.

Key insight: Sovereignty over infrastructure does not equal sovereignty over action

Sovereignty for me is about control and protecting my identity. I need clear boundaries to reduce psychological discomfort. As Henk starts to act on my behalf proactively, it does things I cannot always oversee. So after optimizing for control by hardening my infrastructure, I handed over the car keys to Henk. Now I feel like my need to obsess over the infrastructure is escalating from AWS to Hetzner to a Mac Mini. This is trying to compensate for handing over control to Henk.