@martian-engineering/lossless-claw 0.2.5 → 0.2.7

package/README.md

@@ -2,6 +2,15 @@
 
 Lossless Context Management plugin for [OpenClaw](https://github.com/openclaw/openclaw), based on the [LCM paper](https://papers.voltropy.com/LCM). Replaces OpenClaw's built-in sliding-window compaction with a DAG-based summarization system that preserves every message while keeping active context within model token limits.
 
+## Table of contents
+
+- [What it does](#what-it-does)
+- [Quick start](#quick-start)
+- [Configuration](#configuration)
+- [Documentation](#documentation)
+- [Development](#development)
+- [License](#license)
+
 ## What it does
 
 Two ways to learn: read the below, or [check out this super cool animated visualization](https://losslesscontext.ai).
@@ -18,7 +27,7 @@ Nothing is lost. Raw messages stay in the database. Summaries link back to their
 
 **It feels like talking to an agent that never forgets. Because it doesn't. In normal operation, you'll never need to think about compaction again.**
 
-## Installation
+## Quick start
 
 ### Prerequisites
 
@@ -68,168 +77,6 @@ If you need to set it manually, ensure the context engine slot points at lossles
 
 Restart OpenClaw after configuration changes.
 
-### Optional: enable FTS5 for fast full-text search
-
-`lossless-claw` works without FTS5 as of the current release. When FTS5 is unavailable in the
-Node runtime that runs the OpenClaw gateway, the plugin:
-
-- keeps persisting messages and summaries
-- falls back from `"full_text"` search to a slower `LIKE`-based search
-- loses FTS ranking/snippet quality
-
-If you want native FTS5 search performance and ranking, the **exact Node runtime that runs the
-gateway** must have SQLite FTS5 compiled in.
-
-#### Probe the gateway runtime
-
-Run this with the same `node` binary your gateway uses:
-
-```bash
-node --input-type=module - <<'NODE'
-import { DatabaseSync } from 'node:sqlite';
-const db = new DatabaseSync(':memory:');
-const options = db.prepare('pragma compile_options').all().map((row) => row.compile_options);
-
-console.log(options.filter((value) => value.includes('FTS')).join('\n') || 'no fts compile options');
-
-try {
-  db.exec("CREATE VIRTUAL TABLE t USING fts5(content)");
-  console.log("fts5: ok");
-} catch (err) {
-  console.log("fts5: fail");
-  console.log(err instanceof Error ? err.message : String(err));
-}
-NODE
-```
-
-Expected output:
-
-```text
-ENABLE_FTS5
-fts5: ok
-```
-
-If you get `fts5: fail`, build or install an FTS5-capable Node and point the gateway at that runtime.
-
-#### Build an FTS5-capable Node on macOS
-
-This workflow was verified with Node `v22.15.0`.
-
-```bash
-cd ~/Projects
-git clone --depth 1 --branch v22.15.0 https://github.com/nodejs/node.git node-fts5
-cd node-fts5
-```
-
-Edit `deps/sqlite/sqlite.gyp` and add `SQLITE_ENABLE_FTS5` to the `defines` list for the `sqlite`
-target:
-
-```diff
- 'defines': [
-   'SQLITE_DEFAULT_MEMSTATUS=0',
-+  'SQLITE_ENABLE_FTS5',
-   'SQLITE_ENABLE_MATH_FUNCTIONS',
-   'SQLITE_ENABLE_SESSION',
-   'SQLITE_ENABLE_PREUPDATE_HOOK'
- ],
-```
-
-Important:
-
-- patch `deps/sqlite/sqlite.gyp`, not only `node.gyp`
-- `node:sqlite` uses the embedded SQLite built from `deps/sqlite/sqlite.gyp`
-
-Build the runtime:
-
-```bash
-./configure --prefix="$PWD/out-install"
-make -j8 node
-```
-
-Expose the binary under a Node-compatible basename that OpenClaw recognizes:
-
-```bash
-mkdir -p ~/Projects/node-fts5/bin
-ln -sfn ~/Projects/node-fts5/out/Release/node ~/Projects/node-fts5/bin/node-22.15.0
-```
-
-Use a basename like `node-22.15.0`, `node`, or `nodejs`. Names like
-`node-v22.15.0-fts5` may not be recognized correctly by OpenClaw's CLI/runtime parsing.
-
-Verify the new runtime:
-
-```bash
-~/Projects/node-fts5/bin/node-22.15.0 --version
-~/Projects/node-fts5/bin/node-22.15.0 --input-type=module - <<'NODE'
-import { DatabaseSync } from 'node:sqlite';
-const db = new DatabaseSync(':memory:');
-db.exec("CREATE VIRTUAL TABLE t USING fts5(content)");
-console.log("fts5: ok");
-NODE
-```
-
-#### Point the OpenClaw gateway at that runtime on macOS
-
-Back up the existing LaunchAgent plist first:
-
-```bash
-cp ~/Library/LaunchAgents/ai.openclaw.gateway.plist \
-  ~/Library/LaunchAgents/ai.openclaw.gateway.plist.bak-$(date +%Y%m%d-%H%M%S)
-```
-
-Replace the runtime path, then reload the agent:
-
-```bash
-/usr/libexec/PlistBuddy -c 'Set :ProgramArguments:0 /Users/youruser/Projects/node-fts5/bin/node-22.15.0' \
-  ~/Library/LaunchAgents/ai.openclaw.gateway.plist
-
-launchctl bootout gui/$UID ~/Library/LaunchAgents/ai.openclaw.gateway.plist 2>/dev/null || true
-launchctl bootstrap gui/$UID ~/Library/LaunchAgents/ai.openclaw.gateway.plist
-launchctl kickstart -k gui/$UID/ai.openclaw.gateway
-```
-
-Verify the live runtime:
-
-```bash
-launchctl print gui/$UID/ai.openclaw.gateway | sed -n '1,80p'
-```
-
-You should see:
-
-```text
-program = /Users/youruser/Projects/node-fts5/bin/node-22.15.0
-```
-
-#### Verify `lossless-claw`
-
-Check the logs:
-
-```bash
-tail -n 60 ~/.openclaw/logs/gateway.log
-tail -n 60 ~/.openclaw/logs/gateway.err.log
-```
-
-You want:
-
-- `[gateway] [lcm] Plugin loaded ...`
-- no new `no such module: fts5`
-
-Then force one turn through the gateway and verify the DB fills:
-
-```bash
-/Users/youruser/Projects/node-fts5/bin/node-22.15.0 \
-  /path/to/openclaw/dist/index.js \
-  agent --session-id fts5-smoke --message 'Reply with exactly: ok' --timeout 60
-
-sqlite3 ~/.openclaw/lcm.db '
-  select count(*) as conversations from conversations;
-  select count(*) as messages from messages;
-  select count(*) as summaries from summaries;
-'
-```
-
-Those counts should increase after a real turn.
-
 ## Configuration
 
 LCM is configured through a combination of plugin config and environment variables. Environment variables take precedence for backward compatibility.
@@ -332,212 +179,14 @@ For most long-lived LCM setups, a good starting point is:
 }
 ```
 
-## How it works
-
-See [docs/architecture.md](docs/architecture.md) for the full technical deep-dive. Here's the summary:
-
-### The DAG
-
-LCM builds a directed acyclic graph of summaries:
-
-```
-Raw messages → Leaf summaries (d0) → Condensed (d1) → Condensed (d2) → ...
-```
-
-- **Leaf summaries** (depth 0) are created from chunks of raw messages. They preserve timestamps, decisions, file operations, and key details.
-- **Condensed summaries** (depth 1+) merge multiple summaries at the same depth into a higher-level node. Each depth tier uses a different prompt strategy optimized for its level of abstraction.
-- **Parent links** connect each condensed summary to its source summaries, enabling drill-down via `lcm_expand_query`.
-
-### Context assembly
-
-Each turn, the assembler builds model context by:
-
-1. Fetching the conversation's **context items** (an ordered list of summary and message references)
-2. Resolving each item into an `AgentMessage`
-3. Protecting the **fresh tail** (most recent N messages) from eviction
-4. Filling remaining token budget from oldest to newest, dropping the oldest items first if over budget
-5. Wrapping summaries in XML with metadata (id, depth, timestamps, descendant count)
-
-The model sees something like:
-
-```xml
-<summary id="sum_abc123" kind="condensed" depth="1" descendant_count="8"
-         earliest_at="2026-02-17T07:37:00" latest_at="2026-02-17T15:43:00">
-  <parents>
-    <summary_ref id="sum_def456" />
-    <summary_ref id="sum_ghi789" />
-  </parents>
-  <content>
-    ...summary text...
-  </content>
-</summary>
-```
-
-This gives the model enough information to know what was discussed, when, and how to drill deeper via the expansion tools.
-
-### Compaction triggers
-
-Compaction runs in two modes:
-
-- **Proactive (after each turn):** If raw messages outside the fresh tail exceed `leafChunkTokens`, a leaf pass runs. If `incrementalMaxDepth != 0`, condensation follows (cascading to the configured depth, or unlimited with `-1`).
-- **Reactive (overflow/manual):** When total context exceeds `contextThreshold × tokenBudget`, a full sweep runs: all eligible leaf chunks are compacted, then condensation proceeds depth-by-depth until stable.
-
-### Depth-aware prompts
-
-Each summary depth gets a tailored prompt:
-
-| Depth | Kind | Strategy |
-|-------|------|----------|
-| 0 | Leaf | Narrative with timestamps, file tracking, preserves operational detail |
-| 1 | Condensed | Chronological session summary, deduplicates against `previous_context` |
-| 2 | Condensed | Arc-focused: goals, outcomes, what carries forward. Self-contained. |
-| 3+ | Condensed | Durable context only: key decisions, relationships, lessons learned |
-
-All summaries end with an "Expand for details about:" footer listing what was compressed, guiding agents on when to use `lcm_expand_query`.
-
-### Large file handling
-
-Files over `largeFileTokenThreshold` (default 25k tokens) embedded in messages are intercepted during ingestion:
-
-1. Content is stored to `~/.openclaw/lcm-files/<conversation_id>/<file_id>.<ext>`
-2. A ~200 token exploration summary replaces the file in the message
-3. The `lcm_describe` tool can retrieve the full file content on demand
-
-This prevents large file pastes from consuming the entire context window.
-
-## Agent tools
-
-LCM registers four tools that agents can use to search and recall compacted history:
-
-### `lcm_grep`
-
-Full-text and regex search across messages and summaries.
-
-```
-lcm_grep(pattern: "database migration", mode: "full_text")
-lcm_grep(pattern: "config\\.threshold", mode: "regex", scope: "summaries")
-```
-
-Parameters:
-- `pattern` — Search string (regex or full-text)
-- `mode` — `"regex"` (default) or `"full_text"`
-- `scope` — `"messages"`, `"summaries"`, or `"both"` (default)
-- `conversationId` — Scope to a specific conversation
-- `allConversations` — Search across all conversations
-- `since` / `before` — ISO timestamp filters
-- `limit` — Max results (default 50, max 200)
-
-### `lcm_describe`
-
-Inspect a specific summary or stored file by ID.
-
-```
-lcm_describe(id: "sum_abc123")
-lcm_describe(id: "file_def456")
-```
-
-Returns the full content, metadata, parent/child relationships, and token counts. For files, returns the stored content.
-
-### `lcm_expand_query`
-
-Deep recall via delegated sub-agent. Finds relevant summaries, expands them by walking the DAG down to source material, and answers a focused question.
-
-```
-lcm_expand_query(
-  query: "database migration",
-  prompt: "What migration strategy was decided on?"
-)
-
-lcm_expand_query(
-  summaryIds: ["sum_abc123"],
-  prompt: "What were the exact config changes?"
-)
-```
-
-Parameters:
-- `prompt` — The question to answer (required)
-- `query` — Text query to find relevant summaries (when you don't have IDs)
-- `summaryIds` — Specific summary IDs to expand (when you have them)
-- `maxTokens` — Answer length cap (default 2000)
-- `conversationId` / `allConversations` — Scope control
-
-Returns a compact answer with cited summary IDs.
-
-### `lcm_expand`
-
-Low-level DAG expansion (sub-agent only). Main agents should use `lcm_expand_query` instead; this tool is available to delegated sub-agents spawned by `lcm_expand_query`.
-
-## TUI
-
-The repo includes an interactive terminal UI (`tui/`) for inspecting, repairing, and managing the LCM database. It's a separate Go binary — not part of the npm package.
-
-### Install
-
-**From GitHub releases** (recommended):
-
-Download the latest binary for your platform from [Releases](https://github.com/Martian-Engineering/lossless-claw/releases).
-
-**Build from source:**
-
-```bash
-cd tui
-go build -o lcm-tui .
-# or: make build
-# or: go install github.com/Martian-Engineering/lossless-claw/tui@latest
-```
-
-Requires Go 1.24+.
-
-### Usage
-
-```bash
-lcm-tui [--db path/to/lcm.db] [--sessions path/to/sessions/dir]
-```
+## Documentation
 
-Defaults to `~/.openclaw/lcm.db` and auto-discovers session directories.
-
-### Features
-
-- **Conversation browser** — List all conversations with message/summary counts and token totals
-- **Summary DAG view** — Navigate the full summary hierarchy with depth, kind, token counts, and parent/child relationships
-- **Context view** — See exactly what the model sees: ordered context items with token breakdowns (summaries + fresh tail messages)
-- **Dissolve** — Surgically restore a condensed summary back to its parent summaries (with ordinal shift preview)
-- **Rewrite** — Re-summarize nodes using actual OpenClaw prompts with scrollable diffs and auto-accept mode
-- **Repair** — Fix corrupted summaries (fallback truncations, empty content) using proper LLM summarization
-- **Transplant** — Deep-copy summary DAGs between conversations (preserves all messages, message_parts, summary_messages)
-- **Previous context viewer** — Inspect the `previous_context` text used during summarization
-
-### Keybindings
-
-| Key | Action |
-|-----|--------|
-| `c` | Context view (from conversation list) |
-| `s` | Summary DAG view |
-| `d` | Dissolve a condensed summary |
-| `r` | Rewrite a summary |
-| `R` | Repair corrupted summaries |
-| `t` | Transplant summaries between conversations |
-| `p` | View previous_context |
-| `Enter` | Expand/select |
-| `Esc`/`q` | Back/quit |
-
-## Database
-
-LCM uses SQLite via Node's built-in `node:sqlite` module. The default database path is `~/.openclaw/lcm.db`.
-
-### Schema overview
-
-- **conversations** — Maps session IDs to conversation IDs
-- **messages** — Every ingested message with role, content, token count, timestamps
-- **message_parts** — Structured content blocks (text, tool calls, reasoning, files) linked to messages
-- **summaries** — The summary DAG nodes with content, depth, kind, token counts, timestamps
-- **summary_messages** — Links leaf summaries to their source messages
-- **summary_parents** — Links condensed summaries to their parent summaries
-- **context_items** — The ordered context list for each conversation (what the model sees)
-- **large_files** — Metadata for intercepted large files
-- **expansion_grants** — Delegation grants for sub-agent expansion queries
-
-Migrations run automatically on first use. The schema is forward-compatible; new columns are added with defaults.
+- [Configuration guide](docs/configuration.md)
+- [Architecture](docs/architecture.md)
+- [Agent tools](docs/agent-tools.md)
+- [TUI Reference](docs/tui.md)
+- [lcm-tui](tui/README.md)
+- [Optional: enable FTS5 for fast full-text search](docs/fts5.md)
 
 ## Development
 

package/docs/fts5.md

@@ -0,0 +1,161 @@
+# Optional: enable FTS5 for fast full-text search
+
+`lossless-claw` works without FTS5 as of the current release. When FTS5 is unavailable in the
+Node runtime that runs the OpenClaw gateway, the plugin:
+
+- keeps persisting messages and summaries
+- falls back from `"full_text"` search to a slower `LIKE`-based search
+- loses FTS ranking/snippet quality
+
+If you want native FTS5 search performance and ranking, the **exact Node runtime that runs the
+gateway** must have SQLite FTS5 compiled in.
+
+## Probe the gateway runtime
+
+Run this with the same `node` binary your gateway uses:
+
+```bash
+node --input-type=module - <<'NODE'
+import { DatabaseSync } from 'node:sqlite';
+const db = new DatabaseSync(':memory:');
+const options = db.prepare('pragma compile_options').all().map((row) => row.compile_options);
+
+console.log(options.filter((value) => value.includes('FTS')).join('\n') || 'no fts compile options');
+
+try {
+  db.exec("CREATE VIRTUAL TABLE t USING fts5(content)");
+  console.log("fts5: ok");
+} catch (err) {
+  console.log("fts5: fail");
+  console.log(err instanceof Error ? err.message : String(err));
+}
+NODE
+```
+
+Expected output:
+
+```text
+ENABLE_FTS5
+fts5: ok
+```
+
+If you get `fts5: fail`, build or install an FTS5-capable Node and point the gateway at that runtime.
+
+## Build an FTS5-capable Node on macOS
+
+This workflow was verified with Node `v22.15.0`.
+
+```bash
+cd ~/Projects
+git clone --depth 1 --branch v22.15.0 https://github.com/nodejs/node.git node-fts5
+cd node-fts5
+```
+
+Edit `deps/sqlite/sqlite.gyp` and add `SQLITE_ENABLE_FTS5` to the `defines` list for the `sqlite`
+target:
+
+```diff
+ 'defines': [
+   'SQLITE_DEFAULT_MEMSTATUS=0',
++  'SQLITE_ENABLE_FTS5',
+   'SQLITE_ENABLE_MATH_FUNCTIONS',
+   'SQLITE_ENABLE_SESSION',
+   'SQLITE_ENABLE_PREUPDATE_HOOK'
+ ],
+```
+
+Important:
+
+- patch `deps/sqlite/sqlite.gyp`, not only `node.gyp`
+- `node:sqlite` uses the embedded SQLite built from `deps/sqlite/sqlite.gyp`
+
+Build the runtime:
+
+```bash
+./configure --prefix="$PWD/out-install"
+make -j8 node
+```
+
+Expose the binary under a Node-compatible basename that OpenClaw recognizes:
+
+```bash
+mkdir -p ~/Projects/node-fts5/bin
+ln -sfn ~/Projects/node-fts5/out/Release/node ~/Projects/node-fts5/bin/node-22.15.0
+```
+
+Use a basename like `node-22.15.0`, `node`, or `nodejs`. Names like
+`node-v22.15.0-fts5` may not be recognized correctly by OpenClaw's CLI/runtime parsing.
+
+Verify the new runtime:
+
+```bash
+~/Projects/node-fts5/bin/node-22.15.0 --version
+~/Projects/node-fts5/bin/node-22.15.0 --input-type=module - <<'NODE'
+import { DatabaseSync } from 'node:sqlite';
+const db = new DatabaseSync(':memory:');
+db.exec("CREATE VIRTUAL TABLE t USING fts5(content)");
+console.log("fts5: ok");
+NODE
+```
+
+## Point the OpenClaw gateway at that runtime on macOS
+
+Back up the existing LaunchAgent plist first:
+
+```bash
+cp ~/Library/LaunchAgents/ai.openclaw.gateway.plist \
+  ~/Library/LaunchAgents/ai.openclaw.gateway.plist.bak-$(date +%Y%m%d-%H%M%S)
+```
+
+Replace the runtime path, then reload the agent:
+
+```bash
+/usr/libexec/PlistBuddy -c 'Set :ProgramArguments:0 /Users/youruser/Projects/node-fts5/bin/node-22.15.0' \
+  ~/Library/LaunchAgents/ai.openclaw.gateway.plist
+
+launchctl bootout gui/$UID ~/Library/LaunchAgents/ai.openclaw.gateway.plist 2>/dev/null || true
+launchctl bootstrap gui/$UID ~/Library/LaunchAgents/ai.openclaw.gateway.plist
+launchctl kickstart -k gui/$UID/ai.openclaw.gateway
+```
+
+Verify the live runtime:
+
+```bash
+launchctl print gui/$UID/ai.openclaw.gateway | sed -n '1,80p'
+```
+
+You should see:
+
+```text
+program = /Users/youruser/Projects/node-fts5/bin/node-22.15.0
+```
+
+## Verify `lossless-claw`
+
+Check the logs:
+
+```bash
+tail -n 60 ~/.openclaw/logs/gateway.log
+tail -n 60 ~/.openclaw/logs/gateway.err.log
+```
+
+You want:
+
+- `[gateway] [lcm] Plugin loaded ...`
+- no new `no such module: fts5`
+
+Then force one turn through the gateway and verify the DB fills:
+
+```bash
+/Users/youruser/Projects/node-fts5/bin/node-22.15.0 \
+  /path/to/openclaw/dist/index.js \
+  agent --session-id fts5-smoke --message 'Reply with exactly: ok' --timeout 60
+
+sqlite3 ~/.openclaw/lcm.db '
+  select count(*) as conversations from conversations;
+  select count(*) as messages from messages;
+  select count(*) as summaries from summaries;
+'
+```
+
+Those counts should increase after a real turn.

package/index.ts

@@ -4,8 +4,7 @@
  * DAG-based conversation summarization with incremental compaction,
  * full-text search, and sub-agent expansion.
  */
-import { readFileSync, writeFileSync } from "node:fs";
-import { join } from "node:path";
+import { readFileSync } from "node:fs";
 import type { OpenClawPluginApi } from "openclaw/plugin-sdk";
 import { resolveLcmConfig } from "./src/db/config.js";
 import { LcmContextEngine } from "./src/engine.js";
@@ -42,14 +41,12 @@ function normalizeAgentId(agentId: string | undefined): string {
 type PluginEnvSnapshot = {
   lcmSummaryModel: string;
   lcmSummaryProvider: string;
+  pluginSummaryModel: string;
+  pluginSummaryProvider: string;
   openclawProvider: string;
   openclawDefaultModel: string;
-  agentDir: string;
-  home: string;
 };
 
-type ReadEnvFn = (key: string) => string | undefined;
-
 type CompleteSimpleOptions = {
   apiKey?: string;
   maxTokens: number;
@@ -57,15 +54,51 @@ type CompleteSimpleOptions = {
   reasoning?: string;
 };
 
+type RuntimeModelAuthResult = {
+  apiKey?: string;
+};
+
+type RuntimeModelAuthModel = {
+  id: string;
+  provider: string;
+  api: string;
+  name?: string;
+  reasoning?: boolean;
+  input?: string[];
+  cost?: {
+    input: number;
+    output: number;
+    cacheRead: number;
+    cacheWrite: number;
+  };
+  contextWindow?: number;
+  maxTokens?: number;
+};
+
+type RuntimeModelAuth = {
+  getApiKeyForModel: (params: {
+    model: RuntimeModelAuthModel;
+    cfg?: OpenClawPluginApi["config"];
+    profileId?: string;
+    preferredProfile?: string;
+  }) => Promise<RuntimeModelAuthResult | undefined>;
+  resolveApiKeyForProvider: (params: {
+    provider: string;
+    cfg?: OpenClawPluginApi["config"];
+    profileId?: string;
+    preferredProfile?: string;
+  }) => Promise<RuntimeModelAuthResult | undefined>;
+};
+
 /** Capture plugin env values once during initialization. */
 function snapshotPluginEnv(env: NodeJS.ProcessEnv = process.env): PluginEnvSnapshot {
   return {
     lcmSummaryModel: env.LCM_SUMMARY_MODEL?.trim() ?? "",
     lcmSummaryProvider: env.LCM_SUMMARY_PROVIDER?.trim() ?? "",
+    pluginSummaryModel: "",
+    pluginSummaryProvider: "",
     openclawProvider: env.OPENCLAW_PROVIDER?.trim() ?? "",
     openclawDefaultModel: "",
-    agentDir: env.OPENCLAW_AGENT_DIR?.trim() || env.PI_CODING_AGENT_DIR?.trim() || "",
-    home: env.HOME?.trim() ?? "",
   };
 }
 
@@ -84,58 +117,6 @@ function readDefaultModelFromConfig(config: unknown): string {
   return typeof primary === "string" ? primary.trim() : "";
 }
 
-/** Resolve common provider API keys from environment. */
-function resolveApiKey(provider: string, readEnv: ReadEnvFn): string | undefined {
-  const keyMap: Record<string, string[]> = {
-    openai: ["OPENAI_API_KEY"],
-    anthropic: ["ANTHROPIC_API_KEY"],
-    google: ["GOOGLE_API_KEY", "GEMINI_API_KEY"],
-    groq: ["GROQ_API_KEY"],
-    xai: ["XAI_API_KEY"],
-    mistral: ["MISTRAL_API_KEY"],
-    together: ["TOGETHER_API_KEY"],
-    openrouter: ["OPENROUTER_API_KEY"],
-    "github-copilot": ["GITHUB_COPILOT_API_KEY", "GITHUB_TOKEN"],
-  };
-
-  const providerKey = provider.trim().toLowerCase();
-  const keys = keyMap[providerKey] ?? [];
-  const normalizedProviderEnv = `${providerKey.replace(/[^a-z0-9]/g, "_").toUpperCase()}_API_KEY`;
-  keys.push(normalizedProviderEnv);
-
-  for (const key of keys) {
-    const value = readEnv(key)?.trim();
-    if (value) {
-      return value;
-    }
-  }
-  return undefined;
-}
-
-type AuthProfileCredential =
-  | { type: "api_key"; provider: string; key?: string; email?: string }
-  | { type: "token"; provider: string; token?: string; expires?: number; email?: string }
-  | ({
-      type: "oauth";
-      provider: string;
-      access?: string;
-      refresh?: string;
-      expires?: number;
-      email?: string;
-    } & Record<string, unknown>);
-
-type AuthProfileStore = {
-  profiles: Record<string, AuthProfileCredential>;
-  order?: Record<string, string[]>;
-};
-
-type PiAiOAuthCredentials = {
-  refresh: string;
-  access: string;
-  expires: number;
-  [key: string]: unknown;
-};
-
 type PiAiModule = {
   completeSimple?: (
     model: {
@@ -167,11 +148,6 @@ type PiAiModule = {
   ) => Promise<Record<string, unknown> & { content?: Array<{ type: string; text?: string }> }>;
   getModel?: (provider: string, modelId: string) => unknown;
   getModels?: (provider: string) => unknown[];
-  getEnvApiKey?: (provider: string) => string | undefined;
-  getOAuthApiKey?: (
-    providerId: string,
-    credentials: Record<string, PiAiOAuthCredentials>,
-  ) => Promise<{ apiKey: string; newCredentials: PiAiOAuthCredentials } | null>;
 };
 
 /** Narrow unknown values to plain objects. */
@@ -275,283 +251,45 @@ function resolveProviderApiFromRuntimeConfig(
   return typeof api === "string" && api.trim() ? api.trim() : undefined;
 }
 
-/** Parse auth-profiles JSON into a minimal store shape. */
-function parseAuthProfileStore(raw: string): AuthProfileStore | undefined {
-  try {
-    const parsed = JSON.parse(raw) as unknown;
-    if (!isRecord(parsed) || !isRecord(parsed.profiles)) {
-      return undefined;
-    }
-
-    const profiles: Record<string, AuthProfileCredential> = {};
-    for (const [profileId, value] of Object.entries(parsed.profiles)) {
-      if (!isRecord(value)) {
-        continue;
-      }
-      const type = value.type;
-      const provider = typeof value.provider === "string" ? value.provider.trim() : "";
-      if (!provider || (type !== "api_key" && type !== "token" && type !== "oauth")) {
-        continue;
-      }
-      profiles[profileId] = value as AuthProfileCredential;
-    }
-
-    const rawOrder = isRecord(parsed.order) ? parsed.order : undefined;
-    const order: Record<string, string[]> | undefined = rawOrder
-      ? Object.entries(rawOrder).reduce<Record<string, string[]>>((acc, [provider, value]) => {
-          if (!Array.isArray(value)) {
-            return acc;
-          }
-          const ids = value
-            .map((entry) => (typeof entry === "string" ? entry.trim() : ""))
-            .filter(Boolean);
-          if (ids.length > 0) {
-            acc[provider] = ids;
-          }
-          return acc;
-        }, {})
-      : undefined;
-
-    return {
-      profiles,
-      ...(order && Object.keys(order).length > 0 ? { order } : {}),
-    };
-  } catch {
-    return undefined;
-  }
-}
-
-/** Merge auth stores, letting later stores override earlier profiles/order. */
-function mergeAuthProfileStores(stores: AuthProfileStore[]): AuthProfileStore | undefined {
-  if (stores.length === 0) {
-    return undefined;
-  }
-  const merged: AuthProfileStore = { profiles: {} };
-  for (const store of stores) {
-    merged.profiles = { ...merged.profiles, ...store.profiles };
-    if (store.order) {
-      merged.order = { ...(merged.order ?? {}), ...store.order };
-    }
-  }
-  return merged;
-}
-
-/** Determine candidate auth store paths ordered by precedence. */
-function resolveAuthStorePaths(params: { agentDir?: string; envSnapshot: PluginEnvSnapshot }): string[] {
-  const paths: string[] = [];
-  const directAgentDir = params.agentDir?.trim();
-  if (directAgentDir) {
-    paths.push(join(directAgentDir, "auth-profiles.json"));
-  }
-
-  const envAgentDir = params.envSnapshot.agentDir;
-  if (envAgentDir) {
-    paths.push(join(envAgentDir, "auth-profiles.json"));
-  }
-
-  const home = params.envSnapshot.home;
-  if (home) {
-    paths.push(join(home, ".openclaw", "agents", "main", "agent", "auth-profiles.json"));
-  }
-
-  return [...new Set(paths)];
-}
-
-/** Build profile selection order for provider auth lookup. */
-function resolveAuthProfileCandidates(params: {
-  provider: string;
-  store: AuthProfileStore;
-  authProfileId?: string;
-  runtimeConfig?: unknown;
-}): string[] {
-  const candidates: string[] = [];
-  const normalizedProvider = normalizeProviderId(params.provider);
-  const push = (value: string | undefined) => {
-    const profileId = value?.trim();
-    if (!profileId) {
-      return;
-    }
-    if (!candidates.includes(profileId)) {
-      candidates.push(profileId);
-    }
+/** Resolve runtime.modelAuth from plugin runtime, even before plugin-sdk typings land locally. */
+function getRuntimeModelAuth(api: OpenClawPluginApi): RuntimeModelAuth {
+  const runtime = api.runtime as OpenClawPluginApi["runtime"] & {
+    modelAuth?: RuntimeModelAuth;
   };
-
-  push(params.authProfileId);
-
-  const storeOrder = findProviderConfigValue(params.store.order, params.provider);
-  for (const profileId of storeOrder ?? []) {
-    push(profileId);
-  }
-
-  if (isRecord(params.runtimeConfig)) {
-    const auth = params.runtimeConfig.auth;
-    if (isRecord(auth)) {
-      const order = findProviderConfigValue(
-        isRecord(auth.order) ? (auth.order as Record<string, unknown>) : undefined,
-        params.provider,
-      );
-      if (Array.isArray(order)) {
-        for (const profileId of order) {
-          if (typeof profileId === "string") {
-            push(profileId);
-          }
-        }
-      }
-    }
-  }
-
-  for (const [profileId, credential] of Object.entries(params.store.profiles)) {
-    if (normalizeProviderId(credential.provider) === normalizedProvider) {
-      push(profileId);
-    }
+  if (!runtime.modelAuth) {
+    throw new Error("OpenClaw runtime.modelAuth is required by lossless-claw.");
   }
-
-  return candidates;
+  return runtime.modelAuth;
 }
 
-/** Resolve OAuth/api-key/token credentials from auth-profiles store. */
-async function resolveApiKeyFromAuthProfiles(params: {
+/** Build the minimal model shape required by runtime.modelAuth.getApiKeyForModel(). */
+function buildModelAuthLookupModel(params: {
   provider: string;
-  authProfileId?: string;
-  agentDir?: string;
-  runtimeConfig?: unknown;
-  piAiModule: PiAiModule;
-  envSnapshot: PluginEnvSnapshot;
-}): Promise<string | undefined> {
-  const storesWithPaths = resolveAuthStorePaths({
-    agentDir: params.agentDir,
-    envSnapshot: params.envSnapshot,
-  })
-    .map((path) => {
-      try {
-        const parsed = parseAuthProfileStore(readFileSync(path, "utf8"));
-        return parsed ? { path, store: parsed } : undefined;
-      } catch {
-        return undefined;
-      }
-    })
-    .filter((entry): entry is { path: string; store: AuthProfileStore } => !!entry);
-  if (storesWithPaths.length === 0) {
-    return undefined;
-  }
-
-  const mergedStore = mergeAuthProfileStores(storesWithPaths.map((entry) => entry.store));
-  if (!mergedStore) {
-    return undefined;
-  }
-
-  const candidates = resolveAuthProfileCandidates({
+  model: string;
+  api?: string;
+}): RuntimeModelAuthModel {
+  return {
+    id: params.model,
+    name: params.model,
     provider: params.provider,
-    store: mergedStore,
-    authProfileId: params.authProfileId,
-    runtimeConfig: params.runtimeConfig,
-  });
-  if (candidates.length === 0) {
-    return undefined;
-  }
-
-  const persistPath =
-    params.agentDir?.trim() ? join(params.agentDir.trim(), "auth-profiles.json") : storesWithPaths[0]?.path;
-
-  for (const profileId of candidates) {
-    const credential = mergedStore.profiles[profileId];
-    if (!credential) {
-      continue;
-    }
-    if (normalizeProviderId(credential.provider) !== normalizeProviderId(params.provider)) {
-      continue;
-    }
-
-    if (credential.type === "api_key") {
-      const key = credential.key?.trim();
-      if (key) {
-        return key;
-      }
-      continue;
-    }
-
-    if (credential.type === "token") {
-      const token = credential.token?.trim();
-      if (!token) {
-        continue;
-      }
-      const expires = credential.expires;
-      if (typeof expires === "number" && Number.isFinite(expires) && expires > 0 && Date.now() >= expires) {
-        continue;
-      }
-      return token;
-    }
-
-    const access = credential.access?.trim();
-    const expires = credential.expires;
-    const isExpired =
-      typeof expires === "number" && Number.isFinite(expires) && expires > 0 && Date.now() >= expires;
-
-    if (!isExpired && access) {
-      if (
-        (credential.provider === "google-gemini-cli" || credential.provider === "google-antigravity") &&
-        typeof credential.projectId === "string" &&
-        credential.projectId.trim()
-      ) {
-        return JSON.stringify({
-          token: access,
-          projectId: credential.projectId.trim(),
-        });
-      }
-      return access;
-    }
-
-    if (typeof params.piAiModule.getOAuthApiKey !== "function") {
-      continue;
-    }
-
-    try {
-      const oauthCredential = {
-        access: credential.access ?? "",
-        refresh: credential.refresh ?? "",
-        expires: typeof credential.expires === "number" ? credential.expires : 0,
-        ...(typeof credential.projectId === "string" ? { projectId: credential.projectId } : {}),
-        ...(typeof credential.accountId === "string" ? { accountId: credential.accountId } : {}),
-      };
-      const refreshed = await params.piAiModule.getOAuthApiKey(params.provider, {
-        [params.provider]: oauthCredential,
-      });
-      if (!refreshed?.apiKey) {
-        continue;
-      }
-      mergedStore.profiles[profileId] = {
-        ...credential,
-        ...refreshed.newCredentials,
-        type: "oauth",
-      };
-      if (persistPath) {
-        try {
-          writeFileSync(
-            persistPath,
-            JSON.stringify(
-              {
-                version: 1,
-                profiles: mergedStore.profiles,
-                ...(mergedStore.order ? { order: mergedStore.order } : {}),
-              },
-              null,
-              2,
-            ),
-            "utf8",
-          );
-        } catch {
-          // Ignore persistence errors: refreshed credentials remain usable in-memory for this run.
-        }
-      }
-      return refreshed.apiKey;
-    } catch {
-      if (access) {
-        return access;
-      }
-    }
-  }
+    api: params.api?.trim() || inferApiFromProvider(params.provider),
+    reasoning: false,
+    input: ["text"],
+    cost: {
+      input: 0,
+      output: 0,
+      cacheRead: 0,
+      cacheWrite: 0,
+    },
+    contextWindow: 200_000,
+    maxTokens: 8_000,
+  };
+}
 
-  return undefined;
+/** Normalize an auth result down to the API key that pi-ai expects. */
+function resolveApiKeyFromAuthResult(auth: RuntimeModelAuthResult | undefined): string | undefined {
+  const apiKey = auth?.apiKey?.trim();
+  return apiKey ? apiKey : undefined;
 }
 
 /** Build a minimal but useful sub-agent prompt. */
@@ -614,13 +352,25 @@ function readLatestAssistantReply(messages: unknown[]): string | undefined {
 function createLcmDependencies(api: OpenClawPluginApi): LcmDependencies {
   const envSnapshot = snapshotPluginEnv();
   envSnapshot.openclawDefaultModel = readDefaultModelFromConfig(api.config);
-  const readEnv: ReadEnvFn = (key) => process.env[key];
+  const modelAuth = getRuntimeModelAuth(api);
   const pluginConfig =
     api.pluginConfig && typeof api.pluginConfig === "object" && !Array.isArray(api.pluginConfig)
       ? api.pluginConfig
       : undefined;
   const config = resolveLcmConfig(process.env, pluginConfig);
 
+  // Read model overrides from plugin config
+  if (pluginConfig) {
+    const summaryModel = pluginConfig.summaryModel;
+    const summaryProvider = pluginConfig.summaryProvider;
+    if (typeof summaryModel === "string") {
+      envSnapshot.pluginSummaryModel = summaryModel.trim();
+    }
+    if (typeof summaryProvider === "string") {
+      envSnapshot.pluginSummaryProvider = summaryProvider.trim();
+    }
+  }
+
   return {
     config,
     complete: async ({
@@ -697,19 +447,22 @@ function createLcmDependencies(api: OpenClawPluginApi): LcmDependencies {
                 maxTokens: 8_000,
               };
 
-        let resolvedApiKey = apiKey?.trim() || resolveApiKey(providerId, readEnv);
-        if (!resolvedApiKey && typeof mod.getEnvApiKey === "function") {
-          resolvedApiKey = mod.getEnvApiKey(providerId)?.trim();
-        }
+        let resolvedApiKey = apiKey?.trim();
         if (!resolvedApiKey) {
-          resolvedApiKey = await resolveApiKeyFromAuthProfiles({
-            provider: providerId,
-            authProfileId,
-            agentDir,
-            runtimeConfig,
-            piAiModule: mod,
-            envSnapshot,
-          });
+          try {
+            resolvedApiKey = resolveApiKeyFromAuthResult(
+              await modelAuth.resolveApiKeyForProvider({
+                provider: providerId,
+                cfg: api.config,
+                ...(authProfileId ? { profileId: authProfileId } : {}),
+              }),
+            );
+          } catch (err) {
+            console.error(
+              `[lcm] modelAuth.resolveApiKeyForProvider FAILED:`,
+              err instanceof Error ? err.message : err,
+            );
+          }
         }
 
         const completeOptions = buildCompleteSimpleOptions({
@@ -808,7 +561,10 @@ function createLcmDependencies(api: OpenClawPluginApi): LcmDependencies {
     },
     resolveModel: (modelRef, providerHint) => {
       const raw =
-        (modelRef?.trim() || envSnapshot.lcmSummaryModel || envSnapshot.openclawDefaultModel).trim();
+        (modelRef?.trim() ||
+         envSnapshot.pluginSummaryModel ||
+         envSnapshot.lcmSummaryModel ||
+         envSnapshot.openclawDefaultModel).trim();
       if (!raw) {
         throw new Error("No model configured for LCM summarization.");
       }
@@ -822,18 +578,39 @@ function createLcmDependencies(api: OpenClawPluginApi): LcmDependencies {
       }
 
       const provider = (
-        envSnapshot.lcmSummaryProvider ||
         providerHint?.trim() ||
+        envSnapshot.pluginSummaryProvider ||
+        envSnapshot.lcmSummaryProvider ||
         envSnapshot.openclawProvider ||
         "openai"
       ).trim();
       return { provider, model: raw };
     },
-    getApiKey: (provider) => resolveApiKey(provider, readEnv),
-    requireApiKey: (provider) => {
-      const key = resolveApiKey(provider, readEnv);
+    getApiKey: async (provider, model, options) => {
+      try {
+        return resolveApiKeyFromAuthResult(
+          await modelAuth.getApiKeyForModel({
+            model: buildModelAuthLookupModel({ provider, model }),
+            cfg: api.config,
+            ...(options?.profileId ? { profileId: options.profileId } : {}),
+            ...(options?.preferredProfile ? { preferredProfile: options.preferredProfile } : {}),
+          }),
+        );
+      } catch {
+        return undefined;
+      }
+    },
+    requireApiKey: async (provider, model, options) => {
+      const key = await resolveApiKeyFromAuthResult(
+        await modelAuth.getApiKeyForModel({
+          model: buildModelAuthLookupModel({ provider, model }),
+          cfg: api.config,
+          ...(options?.profileId ? { profileId: options.profileId } : {}),
+          ...(options?.preferredProfile ? { preferredProfile: options.preferredProfile } : {}),
+        }),
+      );
       if (!key) {
-        throw new Error(`Missing API key for provider '${provider}'.`);
+        throw new Error(`Missing API key for provider '${provider}' (model '${model}').`);
       }
       return key;
     },

package/openclaw.plugin.json

@@ -16,6 +16,14 @@
     "dbPath": {
       "label": "Database Path",
       "help": "Path to LCM SQLite database (default: ~/.openclaw/lcm.db)"
+    },
+    "summaryModel": {
+      "label": "Summary Model",
+      "help": "Model override for LCM summarization (e.g., 'gpt-5.4' or 'openai-resp/gpt-5.4')"
+    },
+    "summaryProvider": {
+      "label": "Summary Provider",
+      "help": "Provider override for LCM summarization (e.g., 'openai-resp')"
     }
   },
   "configSchema": {
@@ -56,6 +64,12 @@
       "largeFileThresholdTokens": {
         "type": "integer",
         "minimum": 1000
+      },
+      "summaryModel": {
+        "type": "string"
+      },
+      "summaryProvider": {
+        "type": "string"
       }
     }
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@martian-engineering/lossless-claw",
-  "version": "0.2.5",
+  "version": "0.2.7",
   "description": "Lossless Context Management plugin for OpenClaw — DAG-based conversation summarization with incremental compaction",
   "type": "module",
   "main": "index.ts",
@@ -23,6 +23,9 @@
     "README.md",
     "LICENSE"
   ],
+  "scripts": {
+    "test": "vitest run --dir test"
+  },
   "dependencies": {
     "@mariozechner/pi-agent-core": "*",
     "@mariozechner/pi-ai": "*",

package/src/summarize.ts

@@ -672,8 +672,6 @@ export async function createLcmSummarizeFromLegacyParams(params: {
       : undefined;
   const providerApi = resolveProviderApiFromLegacyConfig(params.legacyParams.config, provider);
 
-  const apiKey = params.deps.getApiKey(provider, model);
-
   const condensedTargetTokens =
     Number.isFinite(params.deps.config.condensedTargetTokens) &&
     params.deps.config.condensedTargetTokens > 0
@@ -691,6 +689,9 @@ export async function createLcmSummarizeFromLegacyParams(params: {
 
     const mode: SummaryMode = aggressive ? "aggressive" : "normal";
     const isCondensed = options?.isCondensed === true;
+    const apiKey = await params.deps.getApiKey(provider, model, {
+      profileId: authProfileId,
+    });
     const targetTokens = resolveTargetTokens({
       inputTokens: estimateTokens(text),
       mode,

package/src/types.ts

@@ -58,8 +58,22 @@ export type ResolveModelFn = (modelRef?: string, providerHint?: string) => {
 /**
  * API key resolution function.
  */
-export type GetApiKeyFn = (provider: string, model: string) => string | undefined;
-export type RequireApiKeyFn = (provider: string, model: string) => string;
+export type ApiKeyLookupOptions = {
+  profileId?: string;
+  preferredProfile?: string;
+};
+
+export type GetApiKeyFn = (
+  provider: string,
+  model: string,
+  options?: ApiKeyLookupOptions,
+) => Promise<string | undefined>;
+
+export type RequireApiKeyFn = (
+  provider: string,
+  model: string,
+  options?: ApiKeyLookupOptions,
+) => Promise<string>;
 
 /**
  * Session key utilities.