@badgerclaw/connect 1.0.1 → 1.1.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@badgerclaw/connect",
-  "version": "1.0.1",
+  "version": "1.1.1",
   "description": "BadgerClaw channel plugin for OpenClaw",
   "type": "module",
   "dependencies": {

package/src/matrix/client/backup.ts

@@ -0,0 +1,82 @@
+import type { MatrixClient } from "@vector-im/matrix-bot-sdk";
+import { appendFileSync, mkdirSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+import { getMatrixLogService } from "../sdk-runtime.js";
+
+export type KeyBackupStatus = {
+  enabled: boolean;
+  version: string | null;
+  deviceId: string | null;
+};
+
+export async function getEncryptionKeyBackupStatus(
+  client: MatrixClient,
+): Promise<KeyBackupStatus> {
+  const LogService = getMatrixLogService();
+  try {
+    const backupInfo = await client.getKeyBackupVersion();
+    const whoami = await client.getWhoAmI();
+    const deviceId = whoami.device_id ?? null;
+    return {
+      enabled: backupInfo !== null,
+      version: backupInfo?.version ?? null,
+      deviceId,
+    };
+  } catch (err) {
+    LogService.warn("MatrixKeyBackup", "Failed to check key backup status:", err);
+    return { enabled: false, version: null, deviceId: null };
+  }
+}
+
+export async function setupKeyBackup(client: MatrixClient): Promise<void> {
+  const LogService = getMatrixLogService();
+
+  let deviceId = "(unknown)";
+  try {
+    const whoami = await client.getWhoAmI();
+    deviceId = whoami.device_id ?? deviceId;
+  } catch {
+    // Non-fatal
+  }
+
+  LogService.info("MatrixKeyBackup", `Crypto ready — device ID: ${deviceId}`);
+
+  if (!client.crypto) {
+    LogService.info("MatrixKeyBackup", "Crypto client not available, skipping key backup setup");
+    return;
+  }
+
+  try {
+    const backupInfo = await client.getKeyBackupVersion();
+    if (!backupInfo) {
+      LogService.info(
+        "MatrixKeyBackup",
+        "No key backup version found on server — skipping backup setup",
+      );
+      return;
+    }
+
+    await client.crypto.enableKeyBackup(backupInfo);
+    LogService.info(
+      "MatrixKeyBackup",
+      `Key backup enabled (version ${backupInfo.version}) on device ${deviceId}`,
+    );
+    _persistBackupRecord(backupInfo.version, deviceId);
+  } catch (err) {
+    LogService.warn("MatrixKeyBackup", "Key backup setup failed:", err);
+  }
+}
+
+function _persistBackupRecord(version: string, deviceId: string): void {
+  try {
+    const dir = join(homedir(), ".openclaw", "backup");
+    mkdirSync(dir, { recursive: true });
+    const path = join(dir, "key-backup-record.log");
+    const entry =
+      JSON.stringify({ version, deviceId, timestamp: new Date().toISOString() }) + "\n";
+    appendFileSync(path, entry, "utf8");
+  } catch {
+    // Non-fatal — backup is enabled, record persistence is best-effort
+  }
+}

package/src/matrix/client/config.ts

@@ -100,6 +100,31 @@ export function resolveMatrixConfig(
   return resolveMatrixConfigForAccount(cfg, DEFAULT_ACCOUNT_ID, env);
 }
 
+/**
+ * Resolve the actual homeserver base URL via Matrix .well-known discovery.
+ * Falls back to the provided URL if discovery fails or returns no result.
+ * This ensures the bot always connects to the correct shard even when only
+ * the canonical domain (e.g. badger.signout.io) is configured.
+ */
+async function resolveHomeserverViaWellKnown(homeserver: string): Promise<string> {
+  try {
+    const url = new URL(homeserver);
+    const wellKnownUrl = `${url.protocol}//${url.host}/.well-known/matrix/client`;
+    const resp = await fetch(wellKnownUrl, { signal: AbortSignal.timeout(5000) });
+    if (resp.ok) {
+      const data = (await resp.json()) as Record<string, unknown>;
+      const baseUrl = (data?.["m.homeserver"] as Record<string, unknown>)?.["base_url"];
+      if (typeof baseUrl === "string" && baseUrl.startsWith("http")) {
+        // Strip trailing slash for consistency
+        return baseUrl.replace(/\/$/, "");
+      }
+    }
+  } catch {
+    // Discovery failed — use configured URL as-is
+  }
+  return homeserver;
+}
+
 export async function resolveMatrixAuth(params?: {
   cfg?: CoreConfig;
   env?: NodeJS.ProcessEnv;
@@ -112,6 +137,10 @@ export async function resolveMatrixAuth(params?: {
     throw new Error("BadgerClaw homeserver is required (matrix.homeserver)");
   }
 
+  // Resolve the actual shard via .well-known so we always hit the right server
+  // even when the canonical domain (e.g. badger.signout.io) is configured.
+  resolved.homeserver = await resolveHomeserverViaWellKnown(resolved.homeserver);
+
   const {
     loadMatrixCredentials,
     saveMatrixCredentials,

package/src/matrix/client/shared.ts

@@ -2,6 +2,7 @@ import type { MatrixClient } from "@vector-im/matrix-bot-sdk";
 import { normalizeAccountId } from "openclaw/plugin-sdk/account-id";
 import type { CoreConfig } from "../../types.js";
 import { getMatrixLogService } from "../sdk-runtime.js";
+import { setupKeyBackup } from "./backup.js";
 import { resolveMatrixAuth } from "./config.js";
 import { createMatrixClient } from "./create-client.js";
 import { startMatrixClientWithGrace } from "./startup.js";
@@ -79,6 +80,7 @@ async function ensureSharedClientStarted(params: {
             joinedRooms,
           );
           params.state.cryptoReady = true;
+          await setupKeyBackup(client);
         }
       } catch (err) {
         const LogService = getMatrixLogService();
@@ -91,7 +93,18 @@ async function ensureSharedClientStarted(params: {
       onError: (err: unknown) => {
         params.state.started = false;
         const LogService = getMatrixLogService();
-        LogService.error("MatrixClientLite", "client.start() error:", err);
+        const message = err instanceof Error ? err.message : String(err);
+        // OTK conflict means the server has stale keys for this device.
+        // Log clearly so the user knows to re-pair.
+        if (message.includes("One time key") && message.includes("already exists")) {
+          LogService.error(
+            "MatrixClientLite",
+            "E2EE key conflict detected — the bot's encryption session is stale.",
+            "Run: /bot pair <botname> in BadgerClaw and reconnect with 'openclaw badgerclaw connect <code>'",
+          );
+        } else {
+          LogService.error("MatrixClientLite", "client.start() error:", err);
+        }
       },
     });
     params.state.started = true;

package/src/matrix/monitor/auto-join.ts

@@ -4,6 +4,9 @@ import { getMatrixRuntime } from "../../runtime.js";
 import type { CoreConfig } from "../../types.js";
 import { loadMatrixSdk } from "../sdk-runtime.js";
 
+// Track clients that already have auto-join registered to prevent duplicate listeners
+const autoJoinRegistered = new WeakSet<object>();
+
 export function registerMatrixAutoJoin(params: {
   client: MatrixClient;
   cfg: CoreConfig;
@@ -24,6 +27,13 @@ export function registerMatrixAutoJoin(params: {
     return;
   }
 
+  // Prevent duplicate listener registration on the same client instance
+  if (autoJoinRegistered.has(client)) {
+    logVerbose("badgerclaw: auto-join already registered for this client, skipping");
+    return;
+  }
+  autoJoinRegistered.add(client);
+
   if (autoJoin === "always") {
     // Use the built-in autojoin mixin for "always" mode
     const { AutojoinRoomsMixin } = loadMatrixSdk();

package/src/onboarding.ts

@@ -227,6 +227,7 @@ export const badgerclawOnboardingAdapter: ChannelOnboardingAdapter = {
 
     // Pairing code flow — the primary onboarding path
     const pairing = await promptPairingCode(prompter);
+    const isFreshPairing = Boolean(pairing);
     if (pairing) {
       next = {
         ...next,
@@ -240,7 +241,10 @@ export const badgerclawOnboardingAdapter: ChannelOnboardingAdapter = {
             userId: pairing.userId,
             deviceName: pairing.botName || "OpenClaw Gateway",
             encryption: true,
+            // Auto-join every invite immediately — iMessage-style behavior
             autoJoin: "always",
+            // Open policy: bot responds in any room it's invited to
+            groupPolicy: "open",
             dm: {
               ...next.channels?.badgerclaw?.dm,
               policy: "open",
@@ -255,15 +259,20 @@ export const badgerclawOnboardingAdapter: ChannelOnboardingAdapter = {
       next = await promptMatrixAllowFrom({ cfg: next, prompter });
     }
 
+    // Skip the room allowlist prompt for fresh pairing setups — groupPolicy is already
+    // set to "open" above, which is the correct default (join and respond in any room).
+    // Only show the advanced room config prompt when updating an existing setup.
     const existingGroups = next.channels?.badgerclaw?.groups ?? next.channels?.badgerclaw?.rooms;
-    const accessConfig = await promptChannelAccessConfig({
-      prompter,
-      label: "BadgerClaw rooms",
-      currentPolicy: next.channels?.badgerclaw?.groupPolicy ?? "allowlist",
-      currentEntries: Object.keys(existingGroups ?? {}),
-      placeholder: "!roomId:server, #alias:server, Project Room",
-      updatePrompt: Boolean(existingGroups),
-    });
+    const accessConfig = isFreshPairing
+      ? null
+      : await promptChannelAccessConfig({
+          prompter,
+          label: "BadgerClaw rooms",
+          currentPolicy: next.channels?.badgerclaw?.groupPolicy ?? "open",
+          currentEntries: Object.keys(existingGroups ?? {}),
+          placeholder: "!roomId:server, #alias:server, Project Room",
+          updatePrompt: Boolean(existingGroups),
+        });
     if (accessConfig) {
       if (accessConfig.policy !== "allowlist") {
         next = setMatrixGroupPolicy(next, accessConfig.policy);