@swarmclawai/swarmclaw 1.9.32 → 1.9.34

package/src/lib/server/connectors/connector-lifecycle.ts

@@ -164,11 +164,23 @@ async function _startConnectorImpl(connectorId: string): Promise<void> {
 
     // Resolve bot token from credential
     let botToken = ''
+    let credentialDecryptError: string | null = null
     if (connector.credentialId) {
       const creds = loadCredentials()
       const cred = creds[connector.credentialId]
       if (cred?.encryptedKey) {
-        try { botToken = decryptKey(cred.encryptedKey) } catch { /* ignore */ }
+        try {
+          botToken = decryptKey(cred.encryptedKey)
+        } catch (err: unknown) {
+          credentialDecryptError = `Failed to decrypt credential "${connector.credentialId}". CREDENTIAL_SECRET may have changed since this credential was stored; restore the previous credential secret or re-add the key.`
+          log.warn(TAG, credentialDecryptError, {
+            connectorId,
+            connectorName: connector.name,
+            platform: connector.platform,
+            credentialId: connector.credentialId,
+            error: errorMessage(err),
+          })
+        }
       }
     }
     // Also check config for inline token (some platforms)
@@ -182,6 +194,10 @@ async function _startConnectorImpl(connectorId: string): Promise<void> {
       botToken = swarmdockFallbackPrivateKey
     }
 
+    if (!botToken && credentialDecryptError) {
+      throw new Error(credentialDecryptError)
+    }
+
     if (!botToken && connector.platform !== 'whatsapp' && connector.platform !== 'openclaw' && connector.platform !== 'signal' && connector.platform !== 'email' && connector.platform !== 'filequeue' && connector.platform !== 'swarmdock') {
       throw new Error('No bot token configured')
     }

package/src/lib/server/connectors/openclaw.test.ts

@@ -66,6 +66,10 @@ function findReqAt(ws: MockWebSocket, method: string, index: number): WsFrame |
   return matches[index]
 }
 
+function frameParams<T extends Record<string, unknown>>(frame: WsFrame): T {
+  return (frame.params && typeof frame.params === 'object' ? frame.params : {}) as T
+}
+
 async function waitFor<T>(
   getValue: () => T | null | undefined,
   timeoutMs = 2_000,
@@ -114,13 +118,16 @@ async function bootstrapConnector(params?: {
 async function performHandshake(ws: MockWebSocket, helloPayload?: WsFrame) {
   ws.emit({ type: 'event', event: 'connect.challenge', payload: { nonce: 'test-nonce' } })
   const connectReq = await waitFor(() => findReq(ws, 'connect'), 1_500)
+  const connectParams = frameParams<{ minProtocol?: unknown; maxProtocol?: unknown }>(connectReq)
+  assert.equal(connectParams.minProtocol, 4)
+  assert.equal(connectParams.maxProtocol, 4)
   ws.emit({
     type: 'res',
     id: connectReq.id as string,
     ok: true,
     payload: helloPayload || {
       type: 'hello-ok',
-      protocol: 3,
+      protocol: 4,
       auth: { deviceToken: 'device-token-test' },
       policy: { tickIntervalMs: 15_000 },
     },
@@ -362,7 +369,7 @@ test('openclaw connector reconnects when tick watchdog detects stale connection'
   try {
     await performHandshake(ws, {
       type: 'hello-ok',
-      protocol: 3,
+      protocol: 4,
       policy: { tickIntervalMs: 200 },
     })
 

package/src/lib/server/connectors/openclaw.ts

@@ -25,7 +25,7 @@ const TAG = 'openclaw'
  * - chat traffic is event `chat` and RPC method `chat.send`
  */
 
-const PROTOCOL_VERSION = 3
+const PROTOCOL_VERSION = 4
 const RECONNECT_BASE_MS = 2_000
 const RECONNECT_MAX_MS = 30_000
 const RPC_TIMEOUT_MS = 25_000

package/src/lib/server/session-tools/credential-env.ts

@@ -36,7 +36,7 @@ export function buildCredentialEnv(credentialIds: string[]): CredentialEnv {
   const env: Record<string, string> = {}
   const secrets: string[] = []
 
-  const allCredentials = loadCredentials() as Record<string, Credential & { encrypted?: string }>
+  const allCredentials = loadCredentials() as Record<string, Credential & { encryptedKey?: string }>
 
   for (const credId of credentialIds) {
     const cred = allCredentials[credId]
@@ -45,8 +45,9 @@ export function buildCredentialEnv(credentialIds: string[]): CredentialEnv {
       continue
     }
 
-    // Decrypt the stored key
-    const encrypted = cred.encrypted
+    // Credentials persist ciphertext under `encryptedKey`; older reads of
+    // `cred.encrypted` silently skipped injection for execute tool calls.
+    const encrypted = cred.encryptedKey
     if (!encrypted || typeof encrypted !== 'string') {
       log.warn(TAG, `Credential has no encrypted value: ${credId}`)
       continue

package/src/lib/server/session-tools/crud.ts

@@ -603,6 +603,9 @@ export function buildCrudTools(bctx: ToolBuildContext): StructuredToolInterface[
               const raw = buildCrudPayload(normalized, action, data)
               const defaults = RESOURCE_DEFAULTS[toolKey]
               const parsed = defaults ? defaults(raw) : raw
+              if (toolKey === 'manage_tasks' && !Object.prototype.hasOwnProperty.call(raw, 'status')) {
+                delete (parsed as Record<string, unknown>).status
+              }
               if (parsed && typeof parsed === 'object' && 'id' in parsed) {
                 delete (parsed as Record<string, unknown>).id
               }
@@ -696,6 +699,8 @@ export function buildCrudTools(bctx: ToolBuildContext): StructuredToolInterface[
                   now,
                   settings: loadSettings(),
                   fallbackAgentId: ctx?.agentId || null,
+                  creatorAgentId: ctx?.agentId || null,
+                  autoQueueDelegatedTasks: true,
                   defaultCwd: cwd,
                   deriveTitleFromDescription: true,
                   requireMeaningfulTitle: true,

package/src/lib/server/session-tools/discovery-approvals.test.ts

@@ -85,6 +85,55 @@ describe('discovery tool access flows', () => {
     assert.equal(output.extensions.includes('shell'), false)
   })
 
+  it('request_tool_access grants external extensions into the session extensions field', () => {
+    const output = runWithTempDataDir(`
+      const storageMod = await import('./src/lib/server/storage')
+      const toolsMod = await import('./src/lib/server/session-tools/index')
+      const storage = storageMod.default || storageMod
+      const toolsApi = toolsMod.default || toolsMod
+
+      const now = Date.now()
+      storage.saveSessions({
+        session_external_extension: {
+          id: 'session_external_extension',
+          name: 'External Extension Access Test',
+          cwd: process.env.WORKSPACE_DIR,
+          user: 'tester',
+          provider: 'openai',
+          model: 'gpt-test',
+          claudeSessionId: null,
+          messages: [],
+          createdAt: now,
+          lastActiveAt: now,
+          sessionType: 'human',
+          agentId: 'default',
+          tools: [],
+          extensions: [],
+        },
+      })
+
+      const built = await toolsApi.buildSessionTools(process.env.WORKSPACE_DIR, [], {
+        sessionId: 'session_external_extension',
+        agentId: 'default',
+        delegationEnabled: false,
+        delegationTargetMode: 'all',
+        delegationTargetAgentIds: [],
+      })
+      const tool = built.tools.find((entry) => entry.name === 'request_tool_access')
+      const raw = await tool.invoke({ toolId: 'freedzhost-critic.js', reason: 'Need the installed critic extension.' })
+      const session = storage.loadSessions().session_external_extension
+      console.log(JSON.stringify({
+        raw,
+        tools: session.tools || [],
+        extensions: session.extensions || [],
+      }))
+    `)
+
+    assert.match(String(output.raw), /tool_access_granted|granted immediately/i)
+    assert.equal(output.tools.includes('freedzhost-critic.js'), false)
+    assert.equal(output.extensions.includes('freedzhost-critic.js'), true)
+  })
+
   it('manage_capabilities request_access grants tools immediately without approval state', () => {
     const output = runWithTempDataDir(`
       const storageMod = await import('./src/lib/server/storage')

package/src/lib/server/session-tools/execute.test.ts

@@ -87,6 +87,35 @@ describe('credential-env', () => {
       const result = buildCredentialEnv(['nonexistent-id'])
       assert.deepEqual(result, { env: {}, secrets: [] })
     })
+
+    it('injects credentials stored under encryptedKey', () => {
+      const output = runWithTempDataDir<{
+        env: Record<string, string>
+        secrets: string[]
+      }>(`
+        process.env.CREDENTIAL_SECRET = 'a'.repeat(64)
+        const storageMod = await import('@/lib/server/storage')
+        const credentialEnvMod = await import('@/lib/server/session-tools/credential-env')
+        const storage = storageMod.default || storageMod
+        const credentialEnv = credentialEnvMod.default || credentialEnvMod
+        const encryptedKey = storage.encryptKey('github_pat_execute_tool')
+        storage.saveCredentials({
+          'cred-github': {
+            id: 'cred-github',
+            provider: 'github',
+            name: 'token',
+            encryptedKey,
+            createdAt: Date.now(),
+            updatedAt: Date.now(),
+          },
+        })
+        const result = credentialEnv.buildCredentialEnv(['cred-github'])
+        console.log(JSON.stringify(result))
+      `)
+
+      assert.equal(output.env.GITHUB_TOKEN, 'github_pat_execute_tool')
+      assert.deepEqual(output.secrets, ['github_pat_execute_tool'])
+    })
   })
 })
 

package/src/lib/server/session-tools/manage-tasks.test.ts

@@ -192,6 +192,61 @@ describe('manage_tasks tool', () => {
     assert.equal(output.stored.workflowStateId, 'in_progress')
   })
 
+  it('queues agent-delegated tasks when no explicit status is provided', () => {
+    const output = runWithTempDataDir(`
+      const storageMod = await import('./src/lib/server/storage')
+      const crudMod = await import('./src/lib/server/session-tools/crud')
+      const storage = storageMod.default || storageMod
+      const crud = crudMod.default || crudMod
+
+      const now = Date.now()
+      storage.saveAgents({
+        coordinator: {
+          id: 'coordinator',
+          name: 'Coordinator',
+          description: '',
+          systemPrompt: '',
+          provider: 'openai',
+          model: 'gpt-test',
+          createdAt: now,
+          updatedAt: now,
+        },
+        worker: {
+          id: 'worker',
+          name: 'Worker',
+          description: '',
+          systemPrompt: '',
+          provider: 'openai',
+          model: 'gpt-test',
+          createdAt: now,
+          updatedAt: now,
+        },
+      })
+
+      const tools = crud.buildCrudTools({
+        cwd: process.env.WORKSPACE_DIR,
+        ctx: { sessionId: 'session-delegate', agentId: 'coordinator', delegationEnabled: true, delegationTargetMode: 'all', delegationTargetAgentIds: [] },
+        hasExtension: (name) => name === 'manage_tasks',
+      })
+      const tool = tools.find((entry) => entry.name === 'manage_tasks')
+      const raw = await tool.invoke({
+        action: 'create',
+        title: 'Worker follow-up',
+        description: 'Please take this delegated implementation task.',
+        agentId: 'worker',
+      })
+      const response = JSON.parse(raw)
+      const stored = storage.loadTasks()[response.id]
+      const queue = storage.loadQueue()
+      console.log(JSON.stringify({ response, stored, queue }))
+    `)
+
+    assert.equal(output.response.status, 'queued')
+    assert.equal(output.stored.status, 'queued')
+    assert.equal(output.stored.agentId, 'worker')
+    assert.deepEqual(output.queue, [output.response.id])
+  })
+
   it('keeps an explicit assignee but returns delegation advisory when another teammate is a better fit', () => {
     const output = runWithTempDataDir(`
       const storageMod = await import('./src/lib/server/storage')

package/src/lib/server/storage-auth.test.ts

@@ -3,6 +3,116 @@ import { describe, it, beforeEach, afterEach } from 'node:test'
 import fs from 'node:fs'
 import path from 'node:path'
 import os from 'node:os'
+import crypto from 'node:crypto'
+import { spawnSync } from 'node:child_process'
+import Database from 'better-sqlite3'
+
+const repoRoot = path.resolve(path.dirname(new URL(import.meta.url).pathname), '../../..')
+
+function runStorageAuthImport(options: {
+  envLocal?: string
+  generatedEnv?: string
+  credentialSecretFile?: string
+  externalCredentialSecret?: string
+  swarmclawHome?: boolean
+  buildEnvFiles?: Array<{ relativePath: string; content: string }>
+  encryptedCredentialSecrets?: string[]
+}) {
+  const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'storage-auth-import-'))
+  const homeDir = path.join(tmpDir, 'home')
+  const dataDir = options.swarmclawHome ? path.join(homeDir, 'data') : path.join(tmpDir, 'data')
+  const cwd = options.swarmclawHome
+    ? path.join(homeDir, 'builds', 'package-current', '.next', 'standalone')
+    : path.join(tmpDir, 'cwd')
+  fs.mkdirSync(dataDir, { recursive: true })
+  fs.mkdirSync(cwd, { recursive: true })
+  try {
+    for (const [index, entry] of (options.buildEnvFiles ?? []).entries()) {
+      const target = path.join(homeDir, entry.relativePath)
+      fs.mkdirSync(path.dirname(target), { recursive: true })
+      fs.writeFileSync(target, entry.content, 'utf8')
+      const time = new Date(Date.now() - (options.buildEnvFiles!.length - index) * 1000)
+      fs.utimesSync(target, time, time)
+    }
+    if (options.envLocal !== undefined) {
+      fs.writeFileSync(path.join(cwd, '.env.local'), options.envLocal, 'utf8')
+    }
+    if (options.generatedEnv !== undefined) {
+      fs.writeFileSync(path.join(dataDir, '.env.generated'), options.generatedEnv, 'utf8')
+    }
+    if (options.credentialSecretFile !== undefined) {
+      fs.writeFileSync(path.join(dataDir, 'credential-secret'), options.credentialSecretFile, { encoding: 'utf8', mode: 0o600 })
+    }
+    if (options.encryptedCredentialSecrets?.length) {
+      const db = new Database(path.join(dataDir, 'swarmclaw.db'))
+      try {
+        db.exec('CREATE TABLE IF NOT EXISTS credentials (id TEXT PRIMARY KEY, data TEXT NOT NULL)')
+        for (const [index, secret] of options.encryptedCredentialSecrets.entries()) {
+          const id = `cred_${index}`
+          const encryptedKey = encryptForSecret(secret, `token-${index}`)
+          db.prepare('INSERT OR REPLACE INTO credentials (id, data) VALUES (?, ?)').run(id, JSON.stringify({
+            id,
+            provider: 'slack',
+            name: `Credential ${index}`,
+            encryptedKey,
+            createdAt: Date.now(),
+          }))
+        }
+      } finally {
+        db.close()
+      }
+    }
+    const env: NodeJS.ProcessEnv = {
+      ...process.env,
+      DATA_DIR: dataDir,
+      WORKSPACE_DIR: path.join(tmpDir, 'workspace'),
+      SWARMCLAW_DAEMON_AUTOSTART: '0',
+    }
+    if (options.swarmclawHome) env.SWARMCLAW_HOME = homeDir
+    delete env.ACCESS_KEY
+    delete env.CREDENTIAL_SECRET
+    delete env.SWARMCLAW_BUILD_MODE
+    if (options.externalCredentialSecret !== undefined) {
+      env.CREDENTIAL_SECRET = options.externalCredentialSecret
+    }
+    const script = `
+      import fs from 'node:fs'
+      import path from 'node:path'
+      import { pathToFileURL } from 'node:url'
+      process.chdir(${JSON.stringify(cwd)})
+      await import(pathToFileURL(${JSON.stringify(path.join(repoRoot, 'src/lib/server/storage-auth.ts'))}).href)
+      const secretPath = path.join(process.env.DATA_DIR, 'credential-secret')
+      const fileSecret = fs.existsSync(secretPath) ? fs.readFileSync(secretPath, 'utf8').trim() : ''
+      const mode = fs.existsSync(secretPath) ? (fs.statSync(secretPath).mode & 0o777).toString(8) : ''
+      console.log(JSON.stringify({
+        credentialSecret: process.env.CREDENTIAL_SECRET || '',
+        fileSecret,
+        mode,
+      }))
+    `
+    const result = spawnSync(process.execPath, ['--import', 'tsx', '--input-type=module', '--eval', script], {
+      cwd: repoRoot,
+      env,
+      encoding: 'utf8',
+      timeout: 15_000,
+    })
+    assert.equal(result.status, 0, result.stderr || result.stdout || 'storage-auth subprocess failed')
+    const jsonLine = (result.stdout || '').trim().split('\n').reverse().find((line) => line.trim().startsWith('{'))
+    return JSON.parse(jsonLine || '{}') as { credentialSecret: string; fileSecret: string; mode: string }
+  } finally {
+    fs.rmSync(tmpDir, { recursive: true, force: true })
+  }
+}
+
+function encryptForSecret(secret: string, plaintext: string): string {
+  const key = Buffer.from(secret, 'hex')
+  const iv = crypto.randomBytes(12)
+  const cipher = crypto.createCipheriv('aes-256-gcm', key, iv)
+  let encrypted = cipher.update(plaintext, 'utf8', 'hex')
+  encrypted += cipher.final('hex')
+  const tag = cipher.getAuthTag().toString('hex')
+  return `${iv.toString('hex')}:${tag}:${encrypted}`
+}
 
 /**
  * Tests for storage-auth helpers.
@@ -148,3 +258,97 @@ describe('Docker key persistence fallback', () => {
     assert.equal(vars.ACCESS_KEY, 'original')
   })
 })
+
+describe('credential secret persistence precedence', () => {
+  it('migrates a legacy .env.local credential secret into DATA_DIR', () => {
+    const legacySecret = 'a'.repeat(64)
+    const output = runStorageAuthImport({
+      envLocal: `CREDENTIAL_SECRET=${legacySecret}\n`,
+    })
+
+    assert.equal(output.credentialSecret, legacySecret)
+    assert.equal(output.fileSecret, legacySecret)
+    assert.equal(output.mode, '600')
+  })
+
+  it('uses the DATA_DIR credential secret before legacy env files', () => {
+    const fileSecret = 'b'.repeat(64)
+    const legacySecret = 'a'.repeat(64)
+    const output = runStorageAuthImport({
+      credentialSecretFile: fileSecret,
+      envLocal: `CREDENTIAL_SECRET=${legacySecret}\n`,
+    })
+
+    assert.equal(output.credentialSecret, fileSecret)
+    assert.equal(output.fileSecret, fileSecret)
+  })
+
+  it('lets an explicitly supplied environment credential secret override the file', () => {
+    const externalSecret = 'c'.repeat(64)
+    const fileSecret = 'b'.repeat(64)
+    const output = runStorageAuthImport({
+      externalCredentialSecret: externalSecret,
+      credentialSecretFile: fileSecret,
+    })
+
+    assert.equal(output.credentialSecret, externalSecret)
+    assert.equal(output.fileSecret, fileSecret)
+  })
+
+  it('recovers the previous npm-global build credential secret before persisting a fresh current cwd secret', () => {
+    const previousSecret = 'd'.repeat(64)
+    const freshCurrentSecret = 'e'.repeat(64)
+    const output = runStorageAuthImport({
+      swarmclawHome: true,
+      envLocal: `CREDENTIAL_SECRET=${freshCurrentSecret}\n`,
+      encryptedCredentialSecrets: [previousSecret],
+      buildEnvFiles: [
+        {
+          relativePath: 'builds/package-1.9.32/.next/standalone/.env.local',
+          content: `CREDENTIAL_SECRET=${previousSecret}\n`,
+        },
+      ],
+    })
+
+    assert.equal(output.credentialSecret, previousSecret)
+    assert.equal(output.fileSecret, previousSecret)
+  })
+
+  it('replaces a non-decrypting DATA_DIR credential secret when a previous build secret decrypts existing credentials', () => {
+    const previousSecret = 'f'.repeat(64)
+    const wrongFileSecret = '1'.repeat(64)
+    const output = runStorageAuthImport({
+      swarmclawHome: true,
+      credentialSecretFile: wrongFileSecret,
+      encryptedCredentialSecrets: [previousSecret],
+      buildEnvFiles: [
+        {
+          relativePath: 'builds/package-1.9.31/.next/standalone/.env.local.bak',
+          content: `CREDENTIAL_SECRET=${previousSecret}\n`,
+        },
+      ],
+    })
+
+    assert.equal(output.credentialSecret, previousSecret)
+    assert.equal(output.fileSecret, previousSecret)
+  })
+
+  it('keeps a DATA_DIR credential secret when it can decrypt existing credentials', () => {
+    const workingFileSecret = '2'.repeat(64)
+    const previousSecret = '3'.repeat(64)
+    const output = runStorageAuthImport({
+      swarmclawHome: true,
+      credentialSecretFile: workingFileSecret,
+      encryptedCredentialSecrets: [workingFileSecret],
+      buildEnvFiles: [
+        {
+          relativePath: 'builds/package-1.9.31/.next/standalone/.env.local',
+          content: `CREDENTIAL_SECRET=${previousSecret}\n`,
+        },
+      ],
+    })
+
+    assert.equal(output.credentialSecret, workingFileSecret)
+    assert.equal(output.fileSecret, workingFileSecret)
+  })
+})