- Ubuntu 20.04 production runtime in Rust.
- Better memory behavior and predictable throughput.
- Defender layer against prompt injection, unsafe commands, and tampered host/runtime state.
- End-to-end parity status: complete for required OpenClaw surfaces.
- Audit status:
22 implemented,0 partial,0 deferred. - Validation status: full default +
sqlite-statematrix passing.
- Rust runtime process + Gateway WebSocket compatibility.
- Typed protocol frame foundation (
req/resp/event) and method-family classification. - Gateway known-method registry plus first RPC dispatcher for:
healthstatususage.statususage.costsessions.listsessions.previewsessions.patchsessions.resolvesessions.resetsessions.deletesessions.compactsessions.usagesessions.usage.timeseriessessions.usage.logssessions.historysessions.sendsession.status
- Extended
sessions.listwith filter parity forincludeGlobal,includeUnknown,agentId, andsearch. - Extended
sessions.patch+sessions.resolvewith metadata parity forlabelandspawnedByfiltered resolution. - Extended
sessions.usagewith date-range handling (startDate/endDate) and optional context-weight output placeholder. - Extended
sessions.usageenvelope parity withupdatedAt,startDate/endDate, totals, actions, and aggregate sections (messages,tools,byAgent,byChannel,daily). - Extended
sessions.list+sessions.patchparity with upstream-style fields:sessions.listnow supportslabel/spawnedByfilters and optionalincludeDerivedTitles/includeLastMessagehint fields.sessions.patchnow acceptskeyin addition tosessionKeyand returns a parity-style envelope (ok,path,key,entry).
- Extended
sessions.patchwith upstream-style session tuning fields and clear semantics:- Added
thinkingLevel,verboseLevel,reasoningLevel,responseUsage,elevatedLevel,execHost,execSecurity,execAsk,execNode,model, andspawnDepth. - Explicit
nullvalues now clear prior overrides for patchable session fields. - Added parity guardrails for patch mutations: unique labels plus subagent-only immutable
spawnedBy/spawnDepth. - Added canonical normalization/validation for tuning knobs (thinking/reasoning/verbose/elevated/exec).
- Added
- Extended
sessions.delete+sessions.compactresponse parity with upstream-stylepathandarchivedenvelope fields. - Added
sessions.deletehandling fordeleteTranscriptto suppress transcript-archive hints when requested. - Added explicit
sessionIdtracking on session entries,sessions.resolvelookup bysessionId, andsessions.resetsession-id rotation. - Added session-key normalization to canonicalize aliases/short forms (
main, channel-scoped keys) across session RPC operations. - Tightened
sessions.reset/sessions.compactinput parity (reasonlimited tonew|reset,maxLines >= 1, compact default window 400). - Tightened
sessions.patch.sendPolicyparity to upstream schema (allow|deny|nullonly). - Added
sessions.listdelivery-context parity hints (lastAccountId,deliveryContext) andtotalTokensFreshcompatibility fields. - Added
sessions.historyparity lookups for bothkeyaliases andsessionId. - Aligned patch-clear parity for
reasoningLevel/responseUsageso explicit"off"clears persisted overrides. - Aligned preview response parity to preserve requested keys in
sessions.previewoutput. - Tightened session label validation parity (
labelmax length 64; no silent truncation on patch inputs). - Enforced matching label validation for
sessions.list/sessions.resolvequery filters. - Rust defender policy engine with bounded worker concurrency.
- Prompt injection scoring + command risk scoring.
- Host integrity baseline checks.
- VirusTotal signal integration for URL/file indicators.
- Quarantine ledger for blocked actions.
- Move session scheduler and idempotency dedupe cache to Rust.
- Implemented first-pass session FIFO scheduler with configurable queue modes:
followup: preserve all follow-ups in order.steer: keep only the latest pending follow-up while a session is active.collect: merge prompt-only follow-ups into a single pending turn.
- Added group activation gating (
mentionoralways) before scheduling group-context actions. - Added typed session-key parsing (
main/direct/group/channel/cron/hook/node) for routing-aware scheduler behavior. - Implemented first pass idempotency dedupe cache with TTL + bounded entries.
- Implemented dual-backend session state tracking:
- JSON (default)
- SQLite WAL backend behind
sqlite-statefeature (auto-selected for.db/.sqlite/.sqlite3paths)
- Introduce a compact internal event model (
bytes+ pooled buffers). - Advanced routing parity (group isolation/activation policies/reply-back) completed.
- Migrate core channel adapters incrementally behind trait drivers.
- Added trait-based channel adapter scaffold (
whatsapp,telegram,slack,discord, generic fallback) with capability descriptors. - Keep protocol schema stable for existing clients (macOS/iOS/Android/Web/CLI).
- Decommission TypeScript runtime path after parity tests pass.
- Throughput trend automation (upstream-vs-Rust benchmarks in CI).
- Memory hot-path tuning (event fanout pooling and queue pressure profiling).
- Expanded real-transport and failure-injection integration coverage.
- Bounded concurrent evaluations via semaphore.
- Bounded queue target in config.
- Lightweight Linux RSS sampler for runtime memory observability.
- Timeout for each security evaluation to prevent backlog growth.
- Optional external Intel (VirusTotal) behind short timeout.
- Quarantine writes are append-only JSON files for low contention and post-incident forensics.
- Risk-based decision model (
allow,review,block). - Pattern and behavior based prompt-injection detection.
- Command policy with explicit deny patterns and allow-prefix policy.
- Runtime file hash checks to detect tampering.
- Audit-only mode for safe rollout before hard block enforcement.