@swarmclawai/swarmclaw 0.8.2 → 0.8.3

package/src/lib/server/storage.ts

@@ -11,6 +11,58 @@ import { normalizeRuntimeSettingFields } from '@/lib/runtime-loop'
 import type { AppNotification, ExternalAgentRuntime, GatewayProfile, Message } from '@/types'
 export const UPLOAD_DIR = path.join(DATA_DIR, 'uploads')
 
+// --- TTL Cache (read-through with write-through invalidation) ---
+
+interface TTLEntry<T> {
+  value: T
+  expiresAt: number
+}
+
+/**
+ * Simple TTL cache for hot-path reads that rarely change.
+ * Stored on globalThis so HMR doesn't reset it.
+ */
+class TTLCache<T> {
+  private entry: TTLEntry<T> | null = null
+  constructor(private readonly ttlMs: number) {}
+
+  get(): T | undefined {
+    if (!this.entry) return undefined
+    if (Date.now() > this.entry.expiresAt) {
+      this.entry = null
+      return undefined
+    }
+    return this.entry.value
+  }
+
+  set(value: T): void {
+    this.entry = { value, expiresAt: Date.now() + this.ttlMs }
+  }
+
+  invalidate(): void {
+    this.entry = null
+  }
+}
+
+const ttlCacheKey = '__swarmclaw_ttl_caches__' as const
+type TTLCacheStore = {
+  settings?: TTLCache<Record<string, unknown>>
+  credentials?: TTLCache<Record<string, unknown>>
+  connectors?: TTLCache<Record<string, unknown>>
+  gatewayProfiles?: TTLCache<Record<string, unknown>>
+  agents?: TTLCache<Record<string, unknown>>
+}
+type TTLGlobals = typeof globalThis & { [ttlCacheKey]?: TTLCacheStore }
+const ttlGlobals = globalThis as TTLGlobals
+const ttlCaches: TTLCacheStore = ttlGlobals[ttlCacheKey] ?? (ttlGlobals[ttlCacheKey] = {})
+
+// Lazily initialize each cache with its TTL
+function getSettingsCache() { return ttlCaches.settings ?? (ttlCaches.settings = new TTLCache(60_000)) }
+function getCredentialsCache() { return ttlCaches.credentials ?? (ttlCaches.credentials = new TTLCache(90_000)) }
+function getConnectorsCache() { return ttlCaches.connectors ?? (ttlCaches.connectors = new TTLCache(30_000)) }
+function getGatewayProfilesCache() { return ttlCaches.gatewayProfiles ?? (ttlCaches.gatewayProfiles = new TTLCache(300_000)) }
+function getAgentsCache() { return ttlCaches.agents ?? (ttlCaches.agents = new TTLCache(15_000)) }
+
 // --- LRU Cache ---
 
 const DEFAULT_LRU_CAPACITY = 5000
@@ -670,11 +722,18 @@ export function disableAllSessionHeartbeats(): number {
 
 // --- Credentials ---
 export function loadCredentials(): Record<string, any> {
-  return loadCollection('credentials')
+  const cache = getCredentialsCache()
+  const cached = cache.get()
+  if (cached) return structuredClone(cached) as Record<string, unknown>
+
+  const result = loadCollection('credentials')
+  cache.set(result)
+  return result
 }
 
 export function saveCredentials(c: Record<string, any>) {
   saveCollection('credentials', c)
+  getCredentialsCache().invalidate()
 }
 
 export function encryptKey(plaintext: string): string {
@@ -716,14 +775,25 @@ function migrateAgentPlugins(agents: Record<string, Record<string, unknown>>): b
 }
 
 export function loadAgents(opts?: { includeTrashed?: boolean }): Record<string, any> {
+  // Cache the full (non-trashed) agent set; includeTrashed bypasses cache
+  if (opts?.includeTrashed) {
+    const all = loadCollection('agents')
+    if (migrateAgentPlugins(all)) saveCollection('agents', all)
+    return all
+  }
+
+  const cache = getAgentsCache()
+  const cached = cache.get()
+  if (cached) return structuredClone(cached) as Record<string, unknown>
+
   const all = loadCollection('agents')
   if (migrateAgentPlugins(all)) saveCollection('agents', all)
-  if (opts?.includeTrashed) return all
   const result: Record<string, any> = {}
   for (const [id, agent] of Object.entries(all)) {
     if (!agent.trashedAt) result[id] = agent
   }
-  return result
+  cache.set(result)
+  return structuredClone(result) as Record<string, unknown>
 }
 
 export function loadTrashedAgents(): Record<string, any> {
@@ -737,6 +807,7 @@ export function loadTrashedAgents(): Record<string, any> {
 
 export function saveAgents(p: Record<string, any>) {
   saveCollection('agents', p)
+  getAgentsCache().invalidate()
 }
 
 // --- Schedules ---
@@ -771,7 +842,7 @@ export function upsertTask(id: string, task: unknown) {
 }
 export function deleteTask(id: string) { deleteCollectionItem('tasks', id) }
 export function deleteSession(id: string) { deleteCollectionItem('sessions', id) }
-export function deleteAgent(id: string) { deleteCollectionItem('agents', id) }
+export function deleteAgent(id: string) { deleteCollectionItem('agents', id); getAgentsCache().invalidate() }
 export function deleteSchedule(id: string) { deleteCollectionItem('schedules', id) }
 export function deleteSkill(id: string) { deleteCollectionItem('skills', id) }
 
@@ -798,7 +869,7 @@ type PersistedSettingsRecord = Record<string, any> & {
 }
 
 function cloneRecord<T extends Record<string, any>>(value: T): T {
-  return JSON.parse(JSON.stringify(value || {})) as T
+  return structuredClone(value || {}) as T
 }
 
 function isPlainRecord(value: unknown): value is Record<string, any> {
@@ -870,17 +941,24 @@ function resolveSettingsSecrets(settings: PersistedSettingsRecord): Record<strin
 }
 
 export function loadSettings(): Record<string, any> {
+  const cache = getSettingsCache()
+  const cached = cache.get()
+  if (cached) return structuredClone(cached) as Record<string, unknown>
+
   const persisted = loadSingleton('settings', {}) as PersistedSettingsRecord
   const normalized = buildPersistedSettings(persisted, persisted)
   if (JSON.stringify(persisted) !== JSON.stringify(normalized)) {
     saveSingleton('settings', normalized)
   }
-  return resolveSettingsSecrets(normalized)
+  const resolved = resolveSettingsSecrets(normalized)
+  cache.set(resolved)
+  return structuredClone(resolved) as Record<string, unknown>
 }
 
 export function saveSettings(s: Record<string, any>) {
   const existing = loadSingleton('settings', {}) as PersistedSettingsRecord
   saveSingleton('settings', buildPersistedSettings(s, existing))
+  getSettingsCache().invalidate()
 }
 
 export function loadPublicSettings(): Record<string, any> {
@@ -966,11 +1044,18 @@ export function saveProviderConfigs(p: Record<string, any>) {
 
 // --- Gateway Profiles ---
 export function loadGatewayProfiles(): Record<string, any> {
-  return loadCollection('gateway_profiles') as Record<string, GatewayProfile>
+  const cache = getGatewayProfilesCache()
+  const cached = cache.get()
+  if (cached) return structuredClone(cached) as Record<string, unknown>
+
+  const result = loadCollection('gateway_profiles') as Record<string, GatewayProfile>
+  cache.set(result)
+  return result
 }
 
 export function saveGatewayProfiles(g: Record<string, GatewayProfile>) {
   saveCollection('gateway_profiles', g)
+  getGatewayProfilesCache().invalidate()
 }
 
 // --- Model Overrides (user-added models for built-in providers) ---
@@ -1044,11 +1129,18 @@ export function appendUsage(sessionId: string, record: unknown) {
 
 // --- Connectors ---
 export function loadConnectors(): Record<string, any> {
-  return loadCollection('connectors')
+  const cache = getConnectorsCache()
+  const cached = cache.get()
+  if (cached) return structuredClone(cached) as Record<string, unknown>
+
+  const result = loadCollection('connectors')
+  cache.set(result)
+  return result
 }
 
 export function saveConnectors(c: Record<string, any>) {
   saveCollection('connectors', c)
+  getConnectorsCache().invalidate()
 }
 
 // --- Chatrooms ---

package/src/lib/server/wallet-portfolio.ts

@@ -317,6 +317,12 @@ function getLatestCachedPortfolioEntry(walletId: string): WalletPortfolioCacheEn
   return latest
 }
 
+export function getCachedWalletPortfolio(wallet: Pick<AgentWallet, 'id' | 'updatedAt'>): WalletPortfolio | null {
+  return getCurrentCachedPortfolioEntry(wallet)?.portfolio
+    || getLatestCachedPortfolioEntry(wallet.id)?.portfolio
+    || null
+}
+
 async function withWalletPortfolioTimeout<T>(promise: Promise<T>, timeoutMs: number, label: string): Promise<T> {
   let timer: ReturnType<typeof setTimeout> | null = null
   try {

package/src/lib/session-summary.test.ts

@@ -0,0 +1,49 @@
+import assert from 'node:assert/strict'
+import { describe, it } from 'node:test'
+
+import type { Session } from '@/types'
+import {
+  buildSessionListSummary,
+  getSessionLastAssistantAt,
+  getSessionLastMessage,
+  getSessionMessageCount,
+} from './session-summary'
+
+function makeSession(): Session {
+  return {
+    id: 'session-1',
+    name: 'Test Session',
+    cwd: '/tmp',
+    user: 'default',
+    provider: 'openai',
+    model: 'gpt-4.1',
+    claudeSessionId: null,
+    messages: [
+      { role: 'user', text: 'hello', time: 1 },
+      { role: 'assistant', text: 'world', time: 2, toolEvents: [{ name: 'shell', input: '{}', output: 'ok' }] },
+    ],
+    createdAt: 1,
+    lastActiveAt: 2,
+  }
+}
+
+describe('session summary helpers', () => {
+  it('builds lightweight list summaries without full message history', () => {
+    const session = makeSession()
+    const summary = buildSessionListSummary(session)
+
+    assert.equal(summary.messages.length, 0)
+    assert.equal(summary.messageCount, 2)
+    assert.equal(summary.lastAssistantAt, 2)
+    assert.equal(summary.lastMessageSummary?.text, 'world')
+    assert.equal(summary.lastMessageSummary?.toolEvents, undefined)
+  })
+
+  it('reads summary metadata when available', () => {
+    const summary = buildSessionListSummary(makeSession())
+
+    assert.equal(getSessionMessageCount(summary), 2)
+    assert.equal(getSessionLastAssistantAt(summary), 2)
+    assert.equal(getSessionLastMessage(summary)?.text, 'world')
+  })
+})

package/src/lib/session-summary.ts

@@ -0,0 +1,59 @@
+import type { Message, Session } from '@/types'
+
+const MAX_SESSION_SUMMARY_TEXT = 280
+
+type SessionSummaryLike = Pick<Session, 'messages'> & Partial<Pick<Session, 'messageCount' | 'lastMessageSummary' | 'lastAssistantAt'>>
+
+export function getSessionMessageCount(session: SessionSummaryLike): number {
+  if (typeof session.messageCount === 'number' && Number.isFinite(session.messageCount)) {
+    return session.messageCount
+  }
+  return Array.isArray(session.messages) ? session.messages.length : 0
+}
+
+export function getSessionLastMessage(session: SessionSummaryLike): Message | null {
+  if (session.lastMessageSummary) return session.lastMessageSummary
+  return Array.isArray(session.messages) && session.messages.length > 0
+    ? session.messages[session.messages.length - 1]
+    : null
+}
+
+export function getSessionLastAssistantAt(session: SessionSummaryLike): number | null {
+  if (typeof session.lastAssistantAt === 'number' && Number.isFinite(session.lastAssistantAt)) {
+    return session.lastAssistantAt
+  }
+  if (!Array.isArray(session.messages)) return null
+  for (let index = session.messages.length - 1; index >= 0; index--) {
+    const message = session.messages[index]
+    if (message?.role === 'assistant' && typeof message.time === 'number') {
+      return message.time
+    }
+  }
+  return null
+}
+
+function summarizeMessage(message: Message | null): Message | null {
+  if (!message) return null
+  return {
+    role: message.role,
+    text: typeof message.text === 'string'
+      ? message.text.slice(0, MAX_SESSION_SUMMARY_TEXT)
+      : '',
+    time: message.time,
+    kind: message.kind,
+    source: message.source,
+    suppressed: message.suppressed,
+    streaming: message.streaming,
+    bookmarked: message.bookmarked,
+  }
+}
+
+export function buildSessionListSummary(session: Session): Session {
+  return {
+    ...session,
+    messages: [],
+    messageCount: Array.isArray(session.messages) ? session.messages.length : 0,
+    lastAssistantAt: getSessionLastAssistantAt(session),
+    lastMessageSummary: summarizeMessage(getSessionLastMessage(session)),
+  }
+}

package/src/lib/ws-client.ts

@@ -84,8 +84,7 @@ function connect() {
   }
 }
 
-export function connectWs(key: string) {
-  void key
+export function connectWs() {
   wsEnabled = true
   reconnectDelay = 1000
   connect()

package/src/proxy.test.ts

@@ -28,4 +28,44 @@ describe('proxy', () => {
     assert.equal(response.headers.get('access-control-allow-origin'), 'https://swarmclaw.ai')
     assert.equal(response.headers.get('vary'), 'Origin')
   })
+
+  it('prefers the auth cookie over a stale access-key header', () => {
+    process.env.ACCESS_KEY = 'top-secret'
+
+    const request = new NextRequest('http://localhost/api/agents', {
+      headers: {
+        cookie: 'sc_auth=top-secret',
+        'x-access-key': 'stale-key',
+      },
+    })
+
+    const response = proxy(request)
+    assert.equal(response.status, 200)
+  })
+
+  it('does not lock out invalid requests in development', () => {
+    process.env.ACCESS_KEY = 'top-secret'
+    const originalNodeEnv = process.env.NODE_ENV
+    process.env.NODE_ENV = 'development'
+
+    try {
+      for (let i = 0; i < 6; i++) {
+        const response = proxy(new NextRequest('http://localhost/api/agents', {
+          headers: {
+            'x-access-key': 'bad-key',
+          },
+        }))
+        assert.equal(response.status, 401)
+      }
+      const finalResponse = proxy(new NextRequest('http://localhost/api/agents', {
+        headers: {
+          'x-access-key': 'bad-key',
+        },
+      }))
+      assert.equal(finalResponse.status, 401)
+    } finally {
+      if (originalNodeEnv === undefined) delete process.env.NODE_ENV
+      else process.env.NODE_ENV = originalNodeEnv
+    }
+  })
 })

package/src/proxy.ts

@@ -6,6 +6,7 @@ import {
   isPluginInstallCorsPath,
   resolvePluginInstallCorsOrigin,
 } from '@/lib/plugin-install-cors'
+import { isProductionRuntime } from '@/lib/runtime-env'
 
 /* ------------------------------------------------------------------ */
 /*  Rate-limit state — HMR-safe via globalThis                        */
@@ -24,6 +25,10 @@ const MAX_ATTEMPTS = 5
 const LOCKOUT_MS = 15 * 60 * 1000 // 15 minutes
 const PRUNE_THRESHOLD = 1000
 
+function isRateLimitEnabled(): boolean {
+  return isProductionRuntime()
+}
+
 /** Prune expired entries when the map grows too large. */
 function pruneRateLimitMap() {
   if (rateLimitMap.size <= PRUNE_THRESHOLD) return
@@ -65,6 +70,7 @@ function withPluginInstallCorsHeaders(pathname: string, origin: string | null, h
  *  After 5 failed attempts from a single IP the client is locked out for 15 minutes.
  */
 export function proxy(request: NextRequest) {
+  const rateLimitEnabled = isRateLimitEnabled()
   const { pathname } = request.nextUrl
   const corsOrigin = resolvePluginInstallCorsOrigin(request.headers.get('origin'))
   const isWebhookTrigger = request.method === 'POST'
@@ -99,13 +105,13 @@ export function proxy(request: NextRequest) {
   }
 
   // --- Rate-limit housekeeping ---
-  pruneRateLimitMap()
+  if (rateLimitEnabled) pruneRateLimitMap()
 
   const clientIp = getClientIp(request)
-  const entry = rateLimitMap.get(clientIp)
+  const entry = rateLimitEnabled ? rateLimitMap.get(clientIp) : undefined
 
   // Check lockout before even validating the key
-  if (entry && entry.lockedUntil > Date.now()) {
+  if (rateLimitEnabled && entry && entry.lockedUntil > Date.now()) {
     const retryAfter = Math.ceil((entry.lockedUntil - Date.now()) / 1000)
     return NextResponse.json(
       { error: 'Too many failed attempts. Try again later.', retryAfter },
@@ -116,23 +122,23 @@ export function proxy(request: NextRequest) {
     )
   }
 
-  const providedKey =
-    request.headers.get('x-access-key')?.trim()
-    || request.cookies.get(AUTH_COOKIE_NAME)?.value?.trim()
-    || ''
+  const cookieKey = request.cookies.get(AUTH_COOKIE_NAME)?.value?.trim() || ''
+  const headerKey = request.headers.get('x-access-key')?.trim() || ''
+  const providedKey = cookieKey || headerKey
 
   if (providedKey !== accessKey) {
-    // Record the failed attempt
-    const current = rateLimitMap.get(clientIp) ?? { count: 0, lockedUntil: 0 }
-    current.count += 1
+    let remaining = MAX_ATTEMPTS
+    if (rateLimitEnabled) {
+      const current = rateLimitMap.get(clientIp) ?? { count: 0, lockedUntil: 0 }
+      current.count += 1
 
-    if (current.count >= MAX_ATTEMPTS) {
-      current.lockedUntil = Date.now() + LOCKOUT_MS
-    }
+      if (current.count >= MAX_ATTEMPTS) {
+        current.lockedUntil = Date.now() + LOCKOUT_MS
+      }
 
-    rateLimitMap.set(clientIp, current)
-
-    const remaining = Math.max(0, MAX_ATTEMPTS - current.count)
+      rateLimitMap.set(clientIp, current)
+      remaining = Math.max(0, MAX_ATTEMPTS - current.count)
+    }
     return NextResponse.json(
       { error: 'Unauthorized' },
       {
@@ -143,7 +149,7 @@ export function proxy(request: NextRequest) {
   }
 
   // Successful auth — clear any prior failed-attempt tracking for this IP
-  if (entry) {
+  if (rateLimitEnabled && entry) {
     rateLimitMap.delete(clientIp)
   }
 

package/src/stores/use-app-store.ts

@@ -2,7 +2,7 @@
 
 import { create } from 'zustand'
 import type { Sessions, Session, NetworkInfo, Directory, ProviderInfo, Credentials, Agent, Schedule, AppView, BoardTask, AppSettings, OrchestratorSecret, ProviderConfig, Skill, Connector, Webhook, McpServerConfig, PluginMeta, Project, FleetFilter, ActivityEntry, AppNotification, ApprovalRequest, GatewayProfile, ExternalAgentRuntime } from '../types'
-import { fetchChats, fetchDirs, fetchProviders, fetchCredentials } from '../lib/chats'
+import { fetchChat, fetchChats, fetchDirs, fetchProviders, fetchCredentials } from '../lib/chats'
 import { fetchAgents } from '../lib/agents'
 import { fetchSchedules } from '../lib/schedules'
 import { fetchTasks } from '../lib/tasks'
@@ -10,6 +10,9 @@ import { findLatestObservablePlatformSession, isLocalhostBrowser } from '../lib/
 import { api } from '../lib/api-client'
 import { safeStorageGet, safeStorageGetJson, safeStorageRemove, safeStorageSet } from '../lib/safe-storage'
 
+const inflightAgentThreadLoads = new Map<string, Promise<void>>()
+const inflightSessionRefreshes = new Map<string, Promise<void>>()
+
 interface AppState {
   currentUser: string | null
   _hydrated: boolean
@@ -19,6 +22,7 @@ interface AppState {
   sessions: Sessions
   currentSessionId: string | null
   loadSessions: () => Promise<void>
+  refreshSession: (id: string) => Promise<void>
   setCurrentSession: (id: string | null) => void
   removeSession: (id: string) => void
   clearSessions: (ids: string[]) => Promise<void>
@@ -257,6 +261,36 @@ export const useAppStore = create<AppState>((set, get) => ({
       // ignore
     }
   },
+  refreshSession: async (id) => {
+    if (!id) return
+    const existing = inflightSessionRefreshes.get(id)
+    if (existing) {
+      await existing
+      return
+    }
+
+    const refreshPromise = (async () => {
+      try {
+        const session = await fetchChat(id)
+        const currentSessionId = get().currentSessionId
+        set({
+          sessions: { ...get().sessions, [id]: session },
+          currentSessionId: currentSessionId && currentSessionId === id ? id : currentSessionId,
+        })
+      } catch {
+        // ignore
+      }
+    })()
+
+    inflightSessionRefreshes.set(id, refreshPromise)
+    try {
+      await refreshPromise
+    } finally {
+      if (inflightSessionRefreshes.get(id) === refreshPromise) {
+        inflightSessionRefreshes.delete(id)
+      }
+    }
+  },
   setCurrentSession: (id) => set({ currentSessionId: id }),
   removeSession: (id) => {
     const sessions = { ...get().sessions }
@@ -351,37 +385,47 @@ export const useAppStore = create<AppState>((set, get) => ({
       safeStorageRemove('sc_agent')
       return
     }
+    const currentState = get()
+    const currentSession = currentState.currentSessionId ? currentState.sessions[currentState.currentSessionId] : null
+    if (currentState.currentAgentId === id && currentSession?.agentId === id) {
+      return
+    }
     set({ currentAgentId: id })
     safeStorageSet('sc_agent', id)
     if (isLocalhostBrowser()) {
-      let livePlatformSession = findLatestObservablePlatformSession(get().sessions, id)
-      if (!livePlatformSession) {
-        try {
-          const refreshedSessions = await fetchChats()
-          const currentSessionId = get().currentSessionId
-          set({
-            sessions: refreshedSessions,
-            currentSessionId: currentSessionId && refreshedSessions[currentSessionId] ? currentSessionId : null,
-          })
-          livePlatformSession = findLatestObservablePlatformSession(refreshedSessions, id)
-        } catch {
-          // ignore and fall back to the normal thread path below
-        }
-      }
+      const livePlatformSession = findLatestObservablePlatformSession(get().sessions, id)
       if (livePlatformSession?.id) {
         set({ currentSessionId: livePlatformSession.id })
         return
       }
     }
+
+    const existingLoad = inflightAgentThreadLoads.get(id)
+    if (existingLoad) {
+      await existingLoad
+      return
+    }
+
+    const loadPromise = (async () => {
+      try {
+        const user = get().currentUser || 'default'
+        const session = await api<Session>('POST', `/agents/${id}/thread`, { user })
+        if (session?.id) {
+          const sessions = { ...get().sessions, [session.id]: session }
+          set({ sessions, currentSessionId: session.id })
+        }
+      } catch {
+        // ignore — thread creation failed
+      }
+    })()
+
+    inflightAgentThreadLoads.set(id, loadPromise)
     try {
-      const user = get().currentUser || 'default'
-      const session = await api<Session>('POST', `/agents/${id}/thread`, { user })
-      if (session?.id) {
-        const sessions = { ...get().sessions, [session.id]: session }
-        set({ sessions, currentSessionId: session.id })
+      await loadPromise
+    } finally {
+      if (inflightAgentThreadLoads.get(id) === loadPromise) {
+        inflightAgentThreadLoads.delete(id)
       }
-    } catch {
-      // ignore — thread creation failed
     }
   },
 

package/src/stores/use-chat-store.ts

@@ -431,7 +431,7 @@ export const useChatStore = create<ChatState>((set, get) => ({
       set({ streaming: false, streamingSessionId: null, streamText: '', displayText: '', streamPhase: 'thinking' as const, streamToolName: '', thinkingText: '', thinkingStartTime: 0 })
     }
 
-    useAppStore.getState().loadSessions()
+    void useAppStore.getState().refreshSession(sessionId)
 
     // Auto-dequeue: if there are queued messages, send the next one
     const nextQueued = get().shiftQueuedMessage()
@@ -579,7 +579,7 @@ export const useChatStore = create<ChatState>((set, get) => ({
     }
 
     set((s) => ({ messages: [...s.messages, assistantMsg] }))
-    useAppStore.getState().loadSessions()
+    void useAppStore.getState().refreshSession(sessionId)
   },
 
   clearContext: async () => {

package/src/types/index.ts

@@ -156,6 +156,10 @@ export interface Session {
     gemini?: string | null
   }
   messages: Message[]
+  /** Lightweight summary fields used by list/index APIs to avoid shipping full transcripts. */
+  messageCount?: number
+  lastMessageSummary?: Message | null
+  lastAssistantAt?: number | null
   createdAt: number
   updatedAt?: number | null
   lastActiveAt: number