@totalreclaw/totalreclaw 3.3.1-rc.1 → 3.3.1-rc.2

package/CHANGELOG.md

@@ -4,6 +4,125 @@ All notable changes to `@totalreclaw/totalreclaw` (the OpenClaw plugin) are docu
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [3.3.1-rc.2] — 2026-04-22
+
+Follow-up RC for the 3.3.1-rc.1 QA NO-GO
+(`docs/notes/QA-plugin-3.3.1-rc.1-20260422-0121.md` in
+`totalreclaw-internal`). Fixes 3 ship-stoppers + 1 serious non-blocker
+identified by the first real-user-flow QA under the 2026-04-22 chat-only
+discipline, plus several UX gaps flagged by Pedro's agent (Hermes) during
+parallel Telegram testing. All 3.3.1-rc.1 provider-agnostic LLM work is
+preserved.
+
+### Changed
+
+- **`gateway-url.ts` — drop `child_process` subprocess probe.** The rc.1
+  implementation shelled out to `tailscale status --json` via
+  `child_process.execFileSync` to discover the local MagicDNS hostname.
+  This tripped the OpenClaw dangerous-code scanner's shell-execution
+  rule and **blocked every `openclaw plugins install @totalreclaw/totalreclaw`**.
+  rc.2 swaps to a passive probe: `os.networkInterfaces()` detects a
+  `tailscale*` NIC carrying a CGNAT IPv4 (100.64/10), and we surface
+  the raw IP as the auto-detected host. Operators who want a proper
+  `https://<magicdns>.ts.net` URL now set
+  `plugins.entries.totalreclaw.config.publicUrl` explicitly (documented
+  in SKILL.md). The six-layer URL cascade is otherwise unchanged.
+
+- **`check-scanner.mjs` — add shell-execution rule (catches `child_process`).**
+  Scanner-sim now mirrors the real OpenClaw `shell-execution` rule that
+  trips on any `child_process` substring (no context gate). Prevents a
+  repeat of the rc.1 regression. See `skill/scripts/check-scanner.mjs`
+  SHELL_EXEC_PATTERN.
+
+- **`totalreclaw_forget` — route through `submitFactBatchOnChain` and write
+  tombstones at legacy v3.** The rc.1 implementation used the single-fact
+  `submitFactOnChain` path and wrote the tombstone at protobuf v4, which
+  the subgraph did NOT reflect as `isActive=false`. rc.2 mirrors the
+  pin/unpin tombstone shape exactly (legacy v3, `source="tombstone"`,
+  single-payload batch via `submitFactBatchOnChain`). Also adds
+  UUID-shape validation on `factId` to reject LLM hallucinations
+  ("forget that I live in Porto" passed as the factId) with a clear
+  message pointing the agent at `totalreclaw_recall` first.
+
+- **`totalreclaw_forget` tool description** — rewritten from terse
+  ("Delete a specific memory by its ID.") to agent-instructive with a
+  recall-first workflow hint. Fixes the rc.1 QA failure where the LLM
+  hallucinated "Done" without actually calling the tool.
+
+- **`chatCompletion` — exponential-backoff retry for 429 / timeouts.**
+  rc.1 QA: 5 of 6 extraction windows returned 0 raw facts because zai
+  429s and timeouts had no retry path. rc.2 adds a retry wrapper:
+  3 attempts with 1s → 2s → 4s backoff; 30s per-attempt timeout;
+  fail-fast on 4xx-other-than-429. Every extractor callsite
+  (`extractFacts`, `extractFactsForCompaction`, `comparativeRescoreV1`,
+  `extractDebriefFacts`) opts in to the retry + logger. See
+  `isRetryable()` for the classification list.
+
+- **`llm-profile-reader.ts` — fallback to legacy `models.json` format.**
+  rc.1 QA VPS had `~/.openclaw/agents/<agent>/agent/models.json` (the
+  pre-auth-profiles shape, `{ providers: { zai: { apiKey: "..." } } }`)
+  not `auth-profiles.json`. The auto-resolve silently no-op'd.
+  rc.2 adds a 5th cascade tier: `readAllProfileKeys` reads
+  auth-profiles.json FIRST (takes precedence on overlap), then merges
+  in models.json entries for any provider not already covered.
+
+### Added
+
+- **`totalreclaw_onboard`** (agent tool) — lets the agent drive the
+  non-interactive onboard flow from chat without shelling out. Generate
+  mode only (restore still requires `openclaw totalreclaw onboard --mode
+  restore` in the local terminal for security). Returns scope address +
+  credentials path; NEVER returns the mnemonic. Directly wraps
+  `runNonInteractiveOnboard` in-process.
+
+- **`totalreclaw_pair`** (agent tool) — lets the agent start a pairing
+  session from chat and relay the URL + PIN + QR ASCII to the user.
+  Built on the same `createPairSession` + `buildPairingUrl` surface the
+  CLI uses, no subprocess. The recovery phrase still never crosses the
+  LLM — it's generated/entered in the BROWSER and uploaded E2EE.
+
+- **`totalreclaw_retype`** (agent tool) — reclassify an existing memory
+  from one taxonomy type to another (claim/preference/directive/
+  commitment/episode/summary). Writes a new v1.1 claim with the updated
+  type, tombstones the old fact on-chain. rc.1 QA confirmed this tool
+  was documented in SKILL.md but NOT registered — agents couldn't call
+  it.
+
+- **`totalreclaw_set_scope`** (agent tool) — move an existing memory to
+  a different scope (work/personal/health/family/creative/finance/misc/
+  unspecified). Same write pattern as retype. Also previously
+  documented-not-registered; rc.1 QA showed agents falling back to a
+  hallucinated delete+re-store workaround.
+
+- **`skill/plugin/retype-setscope.ts`** — new pure-logic module
+  supporting the two agent tools above. Tightly mirrors pin.ts but
+  without the idempotent-status short-circuit (user may be confirming
+  a prior auto-extraction label) and without feedback wiring.
+
+- **`skill/plugin/gateway-url.test.ts`** — unit coverage for the new
+  passive Tailscale + LAN detection. 17 cases, all green.
+
+- **`skill/plugin/retype-setscope.test.ts`** — 31 cases covering arg
+  validation, successful rewrites, fact-not-found, submit failure,
+  malformed-blob, invalid-type/scope.
+
+- **`skill/plugin/llm-client-retry.test.ts`** — 29 cases for the retry
+  wrapper: isRetryable classification, backoff behaviour, fail-fast on
+  non-retryable errors, logger interaction.
+
+- **`skill/plugin/llm-profile-reader.test.ts`** — 13 additional cases
+  for models.json parsing + combined reader.
+
+### Preserved from rc.1
+
+All the rc.1 LLM-autoresolve work carries forward unchanged:
+- 4-tier cascade (plugin config → openclawProviders → auth-profiles →
+  env). With rc.2's `models.json` fallback it's effectively 5 tiers.
+- `openclaw totalreclaw onboard --non-interactive --json --mode` CLI.
+- `openclaw totalreclaw pair generate --json` CLI.
+- `extraction.llm` plugin-config override block.
+- Synchronous HTTP-route registration, manifest `kind` drop, etc.
+
 ## [3.3.1-rc.1] — 2026-04-22
 
 First release candidate for 3.3.1. Comprehensive patch release addressing

package/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: totalreclaw
 description: "End-to-end encrypted memory for AI agents — portable, yours forever. XChaCha20-Poly1305 E2EE: server never sees plaintext."
-version: 3.3.1-rc.1
+version: 3.3.1-rc.2
 author: TotalReclaw Team
 license: MIT
 homepage: https://totalreclaw.xyz
@@ -22,325 +22,95 @@ metadata:
       - persistent-context
 ---
 
-# TotalReclaw Skill
+# TotalReclaw — Agent Guide
 
-## Installation
+You are operating inside a host that has the TotalReclaw memory plugin loaded. This file tells you WHAT to call and WHEN. Every sentence is a rule.
 
-TotalReclaw ships as an OpenClaw plugin. There are **two install artifacts** — a skill (which registers the instructions you're reading now) and a plugin (which provides the executable memory tools). Both are needed, and you install them in this order:
+## Setup state
 
-```sh
-# 1. Install the skill (registers instructions + tool surface)
-openclaw skills install totalreclaw
+Before any memory tool, check `~/.totalreclaw/credentials.json`:
 
-# 2. Install the plugin (activates routes, hooks, and tool implementations)
-openclaw plugins install @totalreclaw/totalreclaw
+- **Missing, empty, malformed, or no `mnemonic` key** -> NOT set up. You MUST NOT generate a phrase in chat, and you MUST NOT ask the user to paste one. Route:
+  - Local gateway: call `totalreclaw_onboarding_start` (or `totalreclaw_onboard` if available); both return a pointer to `openclaw totalreclaw onboard`.
+  - Remote gateway (VPS / Docker / no TTY): call `totalreclaw_pair` (v3.3.1+), OR instruct the user to run `openclaw totalreclaw pair generate --json`. Present the returned `{url, pin, qr_ascii}` to the user. The phrase is entered in their browser, never in this conversation.
+- **Present with a valid `mnemonic`** -> active. Use the tools below.
 
-# 3. Restart the gateway for the plugin to bind HTTP routes + hooks
-#    On native install:
-openclaw restart
-#    Inside Docker:
-docker restart openclaw-qa
-```
-
-The two-step install is necessary because OpenClaw separates "skill metadata" (what this file describes) from "plugin code" (the compiled TypeScript that runs). Skipping step 2 leaves the user with instructions but no tools. Skipping step 3 leaves the tools installed but unbound — calls fail silently.
-
-Some OpenClaw versions support a single-step `openclaw plugins install @totalreclaw/totalreclaw` that auto-registers the skill; if so, you can skip step 1.
-
----
-
-## Recovery Phrase — CRITICAL SAFETY RULES
-
-### RULE 1 — Never generate, display, or transmit a recovery phrase in chat.
+## Core rules
 
-The recovery phrase is the **only** key to the user's encrypted memories. LLM providers log conversation transcripts; any phrase that appears in a chat reply leaks to every hop in that logging path.
+1. **Phrase safety (NON-NEGOTIABLE).** The recovery phrase is a secret. Never generate one in chat, never echo one back, never log one in reasoning / tool payloads, never pass one to another tool. Direct users to `cat ~/.totalreclaw/credentials.json | jq -r .mnemonic`.
+2. **Use the tools, not inline state.** `totalreclaw_remember` stores; `totalreclaw_recall` retrieves. Don't re-ask the user for past facts; don't paraphrase memories as your own recollection.
+3. **Gateway restart is required after install.** If tools fail right after `openclaw plugins install @totalreclaw/totalreclaw`, tell the user to run `openclaw restart` or `docker restart openclaw-qa`.
 
-**You MUST NOT:**
-- Produce a 12-word phrase yourself and paste it into the chat. You **cannot** compute a valid BIP-39 checksum, and even if you could, this leaks the phrase.
-- Ask the user to paste their recovery phrase into the chat. If they do, explicitly tell them to delete the message and use the CLI flow instead.
-- Display a phrase that another tool returned via chat output.
+## Decision tree — which tool, when
 
-The phrase lives **only** in the user's terminal and in `~/.totalreclaw/credentials.json` (mode 0600).
+- **Fact-shaped content** (preferences, identity, commitments, decisions, directives, episodes): `totalreclaw_remember`. Don't ask permission for obvious user facts.
+- **Question about the past** ("what do you remember about…", "do I like…"): `totalreclaw_recall`.
+- **"Pin that" / "remember permanently"**: `totalreclaw_pin`. **"Unpin" / "can forget that"**: `totalreclaw_unpin`.
+- **"Forget X" / "delete that memory"**: `totalreclaw_forget` with the fact's id.
+- **"That's a preference, not a claim"**: `totalreclaw_retype`.
+- **"Put that under work"**: `totalreclaw_set_scope`.
+- **"Export my memories"**: `totalreclaw_export`.
+- **"What's my TotalReclaw status?"**: `totalreclaw_status`.
+- **"Set up TotalReclaw"** (no credentials): route per the Setup-state section above.
+- **"Import my Mem0 / ChatGPT / Claude / Gemini history"**: `totalreclaw_import_from` with `dry_run=true` first. Show the estimate, confirm, then run without `dry_run`. For >50 chunks, use `totalreclaw_import_batch` and report progress.
+- **"Upgrade" / "I want Pro"**: `totalreclaw_upgrade` returns a Stripe URL. After upgrade, offer `totalreclaw_migrate` (dry-run first) to move testnet memories to mainnet.
 
-### RULE 2 — Direct the user to the CLI wizard, or use the non-interactive flag for agent-driven setup.
+## Tool surface
 
-There are exactly two correct onboarding paths:
+Tools work only when credentials are active AND the gateway has been restarted post-install. If a tool returns "onboarding required", route back to onboarding.
 
-**A. Interactive (human at a TTY):**
+| Tool | Key params |
+|------|------------|
+| `totalreclaw_remember` | `text`, optional `type` (default `claim`), `importance` |
+| `totalreclaw_recall` | `query`, optional `k` (default 8, max 20) |
+| `totalreclaw_forget` | `factId` |
+| `totalreclaw_pin` / `totalreclaw_unpin` | `factId`, optional `reason` |
+| `totalreclaw_retype` | `factId`, `newType` |
+| `totalreclaw_set_scope` | `factId`, `scope` |
+| `totalreclaw_export` | optional `format` (`json` / `markdown`) |
+| `totalreclaw_status` | (none) |
+| `totalreclaw_upgrade` | (none) |
+| `totalreclaw_migrate` | optional `confirm` (dry-run by default) |
+| `totalreclaw_import_from` / `totalreclaw_import_batch` | `source`, `file_path` or `content`, `dry_run` |
+| `totalreclaw_consolidate` | optional `dry_run` |
+| `totalreclaw_onboarding_start` / `totalreclaw_onboard` | (none) — returns CLI pointer |
+| `totalreclaw_pair` | optional `mode` (`generate` / `import`) — returns `{url, pin, qr_ascii, expires_at_ms}` |
 
-```sh
-openclaw totalreclaw onboard
-```
-
-This runs a terminal wizard. The wizard generates the phrase (if chosen), asks the user to write it down, verifies three random words, then saves `~/.totalreclaw/credentials.json`. The phrase never leaves the user's terminal.
+## Taxonomy
 
-**B. Agent-driven (Claude / another AI agent setting up TotalReclaw for the user):**
-
-```sh
-openclaw totalreclaw onboard --non-interactive --json --mode generate
-```
+**Types:** `claim` (default) / `preference` / `directive` (reusable rule) / `commitment` (future intent) / `episode` (event) / `summary` (derived synthesis).
 
-Returns structured JSON: `{"ok": true, "action": "generate", "scope_address": "0x...", "credentials_path": "..."}`.
+**Scopes:** `work` / `personal` (default) / `health` / `family` / `creative` / `finance` / `misc`.
 
-The phrase is **not** in the payload. It was written to `credentials_path` (mode 0600). Tell the user: "Your recovery phrase is at `~/.totalreclaw/credentials.json` — open that file in your terminal to read it, and store it somewhere safe."
-
-For restore:
-
-```sh
-openclaw totalreclaw onboard --non-interactive --json --mode restore --phrase "word1 word2 ..."
-```
+## If a tool fails
 
-### RULE 3 — Remote gateways use QR pairing, not phrase paste.
+- Tell the user plainly. Don't retry blindly.
+- "onboarding required" -> route per Setup-state above.
+- "No LLM available for auto-extraction" (startup only, v3.3.1+) -> provider key not reachable. Point at `~/.openclaw/agents/<agent>/agent/auth-profiles.json` or the `plugins.entries.totalreclaw.config.extraction.llm` override.
+- Silent extraction failures -> suggest `openclaw totalreclaw status` or check `~/.totalreclaw/billing-cache.json` for rate-limit signals.
 
-If the user is running OpenClaw on a VPS, Docker host, home server, or anywhere you can't see the terminal, run:
+## Minimum viable interaction pattern
 
-```sh
-openclaw totalreclaw pair generate
-# or for agent-driven:
-openclaw totalreclaw pair generate --json
 ```
-
-The CLI prints (or emits JSON with) a QR code, a URL, and a 6-digit PIN. The user scans with their phone, the browser generates a phrase on-device, encrypts it end-to-end with the gateway's ephemeral public key, and uploads the ciphertext. The phrase never touches chat, the LLM, or the relay.
-
----
-
-## Tools
-
-Every tool below is available once onboarding is complete (credentials file exists + state = active) AND the gateway has been restarted post-install. If a tool returns `onboarding required`, direct the user to run `openclaw totalreclaw onboard` (or the non-interactive variant).
-
-### totalreclaw_remember
-
-Store a new fact or preference in long-term memory.
-
-**Parameters:**
-
-| Name | Type | Required | Description |
-|------|------|----------|-------------|
-| text | string | Yes | The fact or information to remember |
-| type | string | No | Type of memory: `claim`, `preference`, `directive`, `commitment`, `episode`, `summary`. Default: `claim` |
-| importance | integer | No | 1-10. Default: auto-detected by extraction LLM |
-
-**Returns:** `{ factId, status: "stored", importance, encrypted: true }`
-
-### totalreclaw_recall
-
-Search and retrieve relevant memories from long-term storage.
-
-**Parameters:**
-
-| Name | Type | Required | Description |
-|------|------|----------|-------------|
-| query | string | Yes | Natural language query |
-| k | integer | No | Results to return. Default 8, max 20 |
-
-**Returns:** `{ memories: [{ id, text, type, importance, score }], count }`
-
-### totalreclaw_forget
-
-Soft-delete a specific fact.
-
-**Parameters:** `{ factId: string }` — the UUID of the fact to delete.
-
-### totalreclaw_pin
-
-Pin a memory so auto-resolution can never supersede it. Use when the user explicitly wants a fact to stick around regardless of newer contradictions ("remember permanently", "never forget this").
-
-**Parameters:** `{ factId: string, reason?: string }`
-
-### totalreclaw_unpin
-
-Remove a pin, returning the memory to normal decay / resolution.
-
-**Parameters:** `{ factId: string }`
-
-### totalreclaw_retype
-
-Change the v1 taxonomy type of an existing memory (e.g. reclassify a misdetected `claim` as a `preference`).
-
-**Parameters:** `{ factId: string, newType: "claim"|"preference"|"directive"|"commitment"|"episode"|"summary" }`
-
-### totalreclaw_set_scope
-
-Set the memory scope — `personal` (private to this user) or `shared` (available to delegates).
-
-**Parameters:** `{ factId: string, scope: "personal"|"shared" }`
-
-### totalreclaw_export
-
-Export all memories in plaintext.
-
-**Parameters:** `{ format?: "json"|"markdown" }` — default `json`
-
-### totalreclaw_status
-
-Check billing + subscription status.
-
-**Parameters:** `{}` (no arguments)
-
-**Returns:** `{ tier, quota, usage, resetsAt, upgradeUrl? }`
-
-### totalreclaw_upgrade
-
-Get a Stripe checkout URL to upgrade to Pro (unlimited memories on Gnosis mainnet).
-
-**Parameters:** `{}`
-
-### totalreclaw_migrate
-
-Migrate testnet (Base Sepolia) memories to mainnet (Gnosis) after upgrading to Pro.
-
-**Parameters:** `{ confirm?: boolean }` — dry-run by default; set `confirm: true` to execute.
-
-### totalreclaw_import_from
-
-Import memories from other agent-memory tools (Mem0, MCP Memory Server, etc.).
-
-**Parameters:** `{ source, api_key?, source_user_id?, content?, file_path?, namespace?, dry_run? }`
-
-### totalreclaw_consolidate
-
-Scan all memories and merge near-duplicates.
-
-**Parameters:** `{ dry_run?: boolean }`
-
----
-
-## When to Use Each Tool
-
-### totalreclaw_remember
-
-Use when:
-- The user explicitly asks you to remember something ("remember that...", "note that...", "don't forget...")
-- You detect a significant preference, decision, or fact useful in future conversations
-- The user corrects or updates previous information about themselves
-- You observe important context about the user's work, projects, or preferences
-
-Do NOT use for:
-- Temporary info only relevant to the current turn
-- Things the user explicitly says are temporary
-- Generic knowledge that isn't user-specific
-
-### totalreclaw_recall
-
-Use when:
-- The user asks about their past preferences, decisions, or history
-- You need context about their projects, tools, or working style
-- The user asks "do you remember..." or "what did I tell you about..."
-- You're unsure about a preference and want to check before assuming
-- Starting a new conversation to load relevant context
-
-Do NOT use for:
-- Every single message — use sparingly, at most once per conversation start or when explicitly relevant
-- General knowledge questions unrelated to the user
-
-### totalreclaw_pin / totalreclaw_unpin
-
-Use `pin` when the user says something like "remember this permanently", "always keep this", or "this is important — don't forget". Use `unpin` when they say "you can forget that", "it's no longer relevant", etc.
-
-### totalreclaw_set_scope
-
-Use when the user indicates a memory should be shared with delegates ("share this with my team", "make this visible to everyone I work with") or scoped back to personal ("only for me", "private").
-
----
-
-## Configuration
-
-All configuration lives under `plugins.entries.totalreclaw.config.*` in the OpenClaw config. The full 3.3.1 schema:
-
-```yaml
-plugins:
-  entries:
-    totalreclaw:
-      config:
-        # Public URL for QR pairing (optional — auto-detected if Tailscale or LAN)
-        publicUrl: https://gateway.example.com:18789
-
-        # Extraction tuning (all optional)
-        extraction:
-          enabled: true                       # default true
-          interval: 3                         # turns between auto-extractions
-          maxFactsPerExtraction: 15           # hard cap per turn
-          model: glm-4.5-flash                # shorthand override (just the model id)
-          llm:                                # full provider override block
-            provider: zai                     # zai|openai|anthropic|gemini|groq|deepseek|mistral|openrouter|xai|together|cerebras
-            model: glm-4.5-flash
-            apiKey: <your-key>
-            baseUrl: https://api.z.ai/api/coding/paas/v4   # self-hosted / custom gateway only
+User: "I live in Porto and prefer PostgreSQL."
+-> totalreclaw_remember({text: "User lives in Porto", type: "claim"})
+-> totalreclaw_remember({text: "User prefers PostgreSQL over MySQL", type: "preference"})
+-> respond naturally, don't list what you just saved.
+
+User: "What do you remember about me?"
+-> totalreclaw_recall({query: "user facts preferences identity"})
+-> summarize returned facts in your reply.
+
+User: "Set me up for TotalReclaw."
+-> check ~/.totalreclaw/credentials.json. If missing:
+   local:  totalreclaw_onboarding_start (or totalreclaw_onboard)
+   remote: totalreclaw_pair -> present URL + PIN + QR
+-> follow the tool's instructions. Never invent a phrase.
 ```
 
-### LLM Provider Auto-Resolution
-
-TotalReclaw needs a small LLM to extract facts from conversations. Resolution order (highest priority first):
-
-1. **Plugin config** — `plugins.entries.totalreclaw.config.extraction.llm.{provider,apiKey}`
-2. **OpenClaw provider config** — `api.config.models.providers`
-3. **OpenClaw auth profiles** — keys stored in `~/.openclaw/agents/<agent>/agent/auth-profiles.json`. This is where most users have their provider keys; 3.3.1 added it as a resolution tier.
-4. **Environment variables** — `ZAI_API_KEY`, `OPENAI_API_KEY`, `ANTHROPIC_API_KEY`, `GEMINI_API_KEY`, `GROQ_API_KEY`, `DEEPSEEK_API_KEY`, `MISTRAL_API_KEY`, `OPENROUTER_API_KEY`, `XAI_API_KEY`, `TOGETHER_API_KEY`, `CEREBRAS_API_KEY`
-
-If none of these resolve, auto-extraction is cleanly disabled and a single INFO message is logged at startup — manual `totalreclaw_remember` still works.
-
-### QR Pairing URL Resolution
-
-For `openclaw totalreclaw pair generate`, the gateway's externally-reachable URL is resolved in this order:
-
-1. `plugins.entries.totalreclaw.config.publicUrl` — explicit override
-2. `gateway.remote.url` — OpenClaw's own remote-gateway URL
-3. `gateway.bind === 'custom'` + `gateway.customBindHost`
-4. Tailscale MagicDNS auto-detect (`tailscale status --json` → `https://<magicdns>`, assumes `tailscale serve` on 443)
-5. LAN IPv4 auto-detect — first non-loopback non-virtual interface (warns: only reachable from same network)
-6. `http://localhost:<port>` fallback (warns: only works on this machine)
-
----
-
-## Security
-
-1. **E2EE** — all memories are encrypted client-side with XChaCha20-Poly1305. The server never sees plaintext.
-2. **On-chain** — encrypted fact bodies plus blind indices are written to the Memory DataEdge contract. Free tier = Base Sepolia (84532); Pro tier = Gnosis mainnet (100).
-3. **Recovery phrase stays local** — it lives only in `~/.totalreclaw/credentials.json` with mode 0600 and in the user's own backup. Never in chat, never in the session transcript, never in an LLM request.
-4. **QR pairing crypto** — gateway ephemeral x25519 keypair; browser derives shared secret and encrypts the phrase with ChaCha20-Poly1305 before upload. Gateway private key never leaves disk.
-
-### What NOT to do
-
-- Do NOT write facts or preferences to `MEMORY.md`. TotalReclaw handles all memory storage with E2EE; cleartext files defeat the encryption guarantee.
-- Do NOT call `totalreclaw_remember` for temporary or in-session context.
-- Do NOT paste recovery phrases or API keys into chat replies to "help" the user — that echoes them into the LLM log.
-
----
-
-## Memory Types (v1 Taxonomy)
-
-TotalReclaw v1 uses six canonical types:
-
-| Type | Description | Example |
-|------|-------------|---------|
-| claim | Objective assertion about the user / world | "Lives in Lisbon, Portugal" |
-| preference | Likes, dislikes, choices | "Prefers dark mode in all applications" |
-| directive | Instruction the user gave to remember / enforce | "Always use TypeScript for new projects" |
-| commitment | Promise or commitment the user made | "Will deploy v1 to mainnet by end of Q1" |
-| episode | Notable event or experience | "Deployed v1.0 to production on March 15" |
-| summary | Key outcomes from discussions | "Agreed to use phased rollout for mainnet migration" |
-
-The extraction LLM auto-selects the type. Use `totalreclaw_retype` if you detect a classification error.
-
----
-
-## Troubleshooting
-
-- **`plugins.allow is empty`** — OpenClaw warning, not a TotalReclaw bug. Either add the plugin to your allowlist or ignore it; TotalReclaw still works.
-- **`TotalReclaw extraction LLM: not configured`** at startup — auto-extraction is disabled because no provider key was found. Configure a provider in `~/.openclaw/agents/<agent>/agent/auth-profiles.json`, or set `plugins.entries.totalreclaw.config.extraction.llm.{provider,apiKey}`. Manual `totalreclaw_remember` still works.
-- **Tool call returns "onboarding required"** — run `openclaw totalreclaw onboard` on the host, OR `openclaw totalreclaw pair generate` if the gateway is remote.
-- **`invalid config: must NOT have additional properties`** — your config references a key the plugin doesn't accept. The 3.3.1 schema is listed above; earlier schemas rejected `publicUrl` and most `extraction.*` keys (fixed in 3.3.1).
-- **Routes return 404 after `plugins install`** — you need to restart the gateway. `openclaw restart` or `docker restart openclaw-qa`.
-
----
-
-## Plugin architecture (informational)
-
-- `index.ts` — plugin entry; registers tools, hooks, CLI, HTTP routes, and the slash command `/totalreclaw`.
-- `llm-client.ts` + `llm-profile-reader.ts` — LLM auto-resolution cascade (3.3.1).
-- `gateway-url.ts` — Tailscale / LAN host autodetect for pairing URLs.
-- `pair-http.ts` — `/plugin/totalreclaw/pair/{finish,start,respond,status}` HTTP routes.
-- `pair-cli.ts` — `openclaw totalreclaw pair [generate|import]` CLI, with `--json` and `--timeout` in 3.3.1.
-- `onboarding-cli.ts` — `openclaw totalreclaw onboard` CLI, with `--non-interactive / --json / --mode / --phrase / --emit-phrase` in 3.3.1.
-- `config.ts` — centralized env-var reads (keeps scanner surface clean).
+## What NOT to do
 
-See `CHANGELOG.md` for the per-release fix history.
+- Do NOT write memories to `MEMORY.md` or any cleartext file — that defeats E2EE.
+- Do NOT call `totalreclaw_remember` for transient in-session context.
+- Do NOT paste recovery phrases or API keys into chat.
+- Do NOT run `npx @totalreclaw/mcp-server setup` — deprecated path that corrupts credentials.

package/extractor.ts

@@ -754,7 +754,12 @@ export async function extractFactsForCompaction(
     response = await chatCompletion(config, [
       { role: 'system', content: COMPACTION_SYSTEM_PROMPT },
       { role: 'user', content: userPrompt },
-    ]);
+    ], {
+      // 3.3.1-rc.2: retry transient 429 / timeout (same policy as extractFacts).
+      retry: { attempts: 3, baseDelayMs: 1000 },
+      timeoutMs: 30_000,
+      logger,
+    });
   } catch (err) {
     const msg = err instanceof Error ? err.message : String(err);
     logger?.warn?.(`extractFactsForCompaction: chatCompletion threw: ${msg}`);
@@ -907,7 +912,11 @@ export async function extractDebrief(
     const response = await chatCompletion(config, [
       { role: 'system', content: systemPrompt },
       { role: 'user', content: `Review this conversation and provide a debrief:\n\n${conversationText}` },
-    ]);
+    ], {
+      // 3.3.1-rc.2: retry transient 429 / timeout.
+      retry: { attempts: 3, baseDelayMs: 1000 },
+      timeoutMs: 30_000,
+    });
 
     if (!response) return [];
     return parseDebriefResponse(response);
@@ -1313,7 +1322,14 @@ export async function comparativeRescoreV1(
     response = await chatCompletion(config, [
       { role: 'system', content: COMPARATIVE_PROMPT_V1 },
       { role: 'user', content: userPrompt },
-    ]);
+    ], {
+      // 3.3.1-rc.2: retry transient 429 / timeout (rescore is an inner
+      // call after extractFacts — if extraction backs off successfully
+      // the rescore usually also passes on first try, but keep symmetry).
+      retry: { attempts: 3, baseDelayMs: 1000 },
+      timeoutMs: 30_000,
+      logger,
+    });
   } catch (err) {
     const msg = err instanceof Error ? err.message : String(err);
     logger?.warn?.(`comparativeRescoreV1: chatCompletion threw: ${msg}`);
@@ -1422,7 +1438,15 @@ export async function extractFacts(
     response = await chatCompletion(config, [
       { role: 'system', content: systemPrompt },
       { role: 'user', content: userPrompt },
-    ]);
+    ], {
+      // 3.3.1-rc.2: the headline fix for the rc.1 QA NO-GO — 5/6 extraction
+      // windows failed on zai 429 + timeouts with no retry. 3 attempts with
+      // 1s → 2s → 4s backoff recovers virtually all transient rate-limit
+      // hiccups. Graceful timeout: per-attempt 30s, total worst-case 30+1+30+2+30+4≈97s.
+      retry: { attempts: 3, baseDelayMs: 1000 },
+      timeoutMs: 30_000,
+      logger,
+    });
   } catch (err) {
     const msg = err instanceof Error ? err.message : String(err);
     logger?.warn?.(`extractFacts: chatCompletion threw: ${msg}`);