npm - @totalreclaw/totalreclaw - Versions diffs - 3.3.1-rc.1 → 3.3.1-rc.3 - Mend

@totalreclaw/totalreclaw 3.3.1-rc.1 → 3.3.1-rc.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -4,6 +4,159 @@ All notable changes to `@totalreclaw/totalreclaw` (the OpenClaw plugin) are docu
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [3.3.1-rc.3] — 2026-04-22
+Patch RC bundling two stability fixes, one new RC-gated tool, two SKILL.md addendums, and a configurable LLM retry budget. All prior rc.1 + rc.2 fixes are preserved.
+### Changed
+- **`llm-client.ts` — configurable `ZAI_BASE_URL` + auto-fallback on "Insufficient balance" 429.** rc.2 QA surfaced that GLM Coding Plan keys hitting the STANDARD zai endpoint (and PAYG keys hitting CODING) return HTTP 429 with body `"Insufficient balance or no resource package. Please recharge."` — misleading because the key itself is valid. rc.3: (a) accepts `ZAI_BASE_URL` env override via `config.ts` / `getZaiBaseUrl()`; (b) auto-detects the error signature and flips CODING ↔ STANDARD once per call (logged at INFO). SKILL.md now documents "GLM Coding Plan → leave unset; PAYG → set `ZAI_BASE_URL=https://api.z.ai/api/paas/v4`."
+- **`llm-client.ts` — retry budget 7s → ~62s (configurable).** rc.1/rc.2 QA: 5–9 of 10 extraction windows returned 0 facts against multi-minute upstream 429 storms. The 3-attempt 1s/2s/4s backoff couldn't outlast a 9-minute outage. rc.3: 5 attempts, 2s/4s/8s/16s/32s backoff, total ~62s. Configurable via `TOTALRECLAW_LLM_RETRY_BUDGET_MS` env (default 60_000). First retry logs at INFO, rest at DEBUG (debounced — no spam during long outages). On exhaustion throws `LLMUpstreamOutageError` (structured, `attempts` + `lastStatus`) so extraction callers can recognise vs bail silently. Non-retryable errors (401/403/404/parse) still propagate as plain `Error`.
+- **`subgraph-store.ts` — per-account submission mutex.** rc.2 logged 16 AA25 `invalid account nonce` events from concurrent `submitFactBatchOnChain` / `submitFactOnChain` calls racing at the `eth_call getNonce(sender, 0)` step. rc.3 wraps both submission entry points in a per-`sender` `Map<scopeAddress, Promise>` chain so only one UserOp is in flight per Smart Account at a time. The existing AA25-retry-with-fresh-nonce path is unchanged and still catches relay-side zombie UserOps.
+### Added
+- **`totalreclaw_report_qa_bug`** (RC-gated tool) — lets agents file structured QA-bug issues to `p-diogo/totalreclaw-internal` without the maintainer opening a fresh issue per RC finding. Only registered when the plugin version matches the `-rc.` token (via `readPluginVersion` in `fs-helpers.ts` + `isRcBuild` in the new `qa-bug-report.ts`). Handler POSTs to `https://api.github.com/repos/.../issues` with `Authorization: Bearer <token>` where `token = CONFIG.qaGithubToken` (reads `TOTALRECLAW_QA_GITHUB_TOKEN` or `GITHUB_TOKEN`). Secrets (BIP-39 phrases, `sk-*`, `AIzaSy*`, Telegram bot tokens, bearer tokens, 64+ char hex blobs, 0x-private-keys, `token=`/`secret=` qualifiers) are redacted fail-close in `redactSecrets()` before POST. Stable builds never expose this tool. See SKILL.md "Filing QA bugs (RC builds only)" for trigger rules — always ask user before filing, never the same bug twice.
+- **`skill/plugin/qa-bug-report.ts`** — new pure-logic + HTTP module. Exports `isRcBuild`, `redactSecrets`, `validateQaBugArgs`, `buildIssueBody`, `postQaBugIssue`. Unit-tested in `qa-bug-report.test.ts`.
+- **`skill/plugin/nonce-serialization.test.ts`** — exercises the per-`sender` mutex primitive: same-sender serializes, different-sender runs in parallel, case-insensitive keying, first-call failure releases the lock for the next.
+- **`fs-helpers.ts` — `readPluginVersion(packageJsonDir)`** — scanner-safe helper used by the RC gate. Resolves via `path.dirname(fileURLToPath(import.meta.url))` in `index.ts` and returns the `version` field from `package.json` next to the module.
+### SKILL.md
+- **First-person recall rule.** rc.2 debug found agents skipped `totalreclaw_recall` in 5/5 attempts on "Where do I live?". SKILL.md now hard-rules it: any first-person factual query ("where do I live/work", "what do I prefer", "my [noun]", etc.) MUST call recall first. If recall returns 0, say "I don't have anything about that yet" rather than invent.
+- **QA bug triggers.** New "Filing QA bugs (RC builds only)" section with the four triggers (repeated tool failure, user friction signals, setup errors, docs-vs-reality mismatch). Offer to file, never auto-file, never same bug twice.
+- **zai endpoint + retry budget** documented in a new "zai provider configuration" section.
+### Tests
+- `llm-client-retry.test.ts` extended from 29 → 59 assertions. Covers: balance-error detection, CODING↔STANDARD fallback URL helper, `ZAI_BASE_URL` env override, full fallback happy/sad paths, `LLMUpstreamOutageError` surfacing, budget short-circuit.
+- `qa-bug-report.test.ts` — 57 assertions covering isRcBuild, redactSecrets (BIP-39 / sk- / AIza / Telegram / Bearer / hex / private-key / preservation of UUIDs+SHAs+addresses), validateQaBugArgs, buildIssueBody, postQaBugIssue success + all failure paths.
+- `nonce-serialization.test.ts` — 9 assertions.
+- All existing tests (`llm-client.test.ts`, `manifest-shape.test.ts`, etc.) unchanged and green.
+### Scanner
+- `check-scanner.mjs` still passes (0 flags). The `TOTALRECLAW_QA_GITHUB_TOKEN` + `ZAI_BASE_URL` + `TOTALRECLAW_LLM_RETRY_BUDGET_MS` env reads live in `config.ts` (the env-harvesting-free house). `llm-client.ts`, `index.ts`, and `qa-bug-report.ts` all stay off `process.env`.
+## [3.3.1-rc.2] — 2026-04-22
+Follow-up RC for the 3.3.1-rc.1 QA NO-GO
+(`docs/notes/QA-plugin-3.3.1-rc.1-20260422-0121.md` in
+`totalreclaw-internal`). Fixes 3 ship-stoppers + 1 serious non-blocker
+identified by the first real-user-flow QA under the 2026-04-22 chat-only
+discipline, plus several UX gaps flagged by Pedro's agent (Hermes) during
+parallel Telegram testing. All 3.3.1-rc.1 provider-agnostic LLM work is
+preserved.
+### Changed
+- **`gateway-url.ts` — drop `child_process` subprocess probe.** The rc.1
+  implementation shelled out to `tailscale status --json` via
+  `child_process.execFileSync` to discover the local MagicDNS hostname.
+  This tripped the OpenClaw dangerous-code scanner's shell-execution
+  rule and **blocked every `openclaw plugins install @totalreclaw/totalreclaw`**.
+  rc.2 swaps to a passive probe: `os.networkInterfaces()` detects a
+  `tailscale*` NIC carrying a CGNAT IPv4 (100.64/10), and we surface
+  the raw IP as the auto-detected host. Operators who want a proper
+  `https://<magicdns>.ts.net` URL now set
+  `plugins.entries.totalreclaw.config.publicUrl` explicitly (documented
+  in SKILL.md). The six-layer URL cascade is otherwise unchanged.
+- **`check-scanner.mjs` — add shell-execution rule (catches `child_process`).**
+  Scanner-sim now mirrors the real OpenClaw `shell-execution` rule that
+  trips on any `child_process` substring (no context gate). Prevents a
+  repeat of the rc.1 regression. See `skill/scripts/check-scanner.mjs`
+  SHELL_EXEC_PATTERN.
+- **`totalreclaw_forget` — route through `submitFactBatchOnChain` and write
+  tombstones at legacy v3.** The rc.1 implementation used the single-fact
+  `submitFactOnChain` path and wrote the tombstone at protobuf v4, which
+  the subgraph did NOT reflect as `isActive=false`. rc.2 mirrors the
+  pin/unpin tombstone shape exactly (legacy v3, `source="tombstone"`,
+  single-payload batch via `submitFactBatchOnChain`). Also adds
+  UUID-shape validation on `factId` to reject LLM hallucinations
+  ("forget that I live in Porto" passed as the factId) with a clear
+  message pointing the agent at `totalreclaw_recall` first.
+- **`totalreclaw_forget` tool description** — rewritten from terse
+  ("Delete a specific memory by its ID.") to agent-instructive with a
+  recall-first workflow hint. Fixes the rc.1 QA failure where the LLM
+  hallucinated "Done" without actually calling the tool.
+- **`chatCompletion` — exponential-backoff retry for 429 / timeouts.**
+  rc.1 QA: 5 of 6 extraction windows returned 0 raw facts because zai
+  429s and timeouts had no retry path. rc.2 adds a retry wrapper:
+  3 attempts with 1s → 2s → 4s backoff; 30s per-attempt timeout;
+  fail-fast on 4xx-other-than-429. Every extractor callsite
+  (`extractFacts`, `extractFactsForCompaction`, `comparativeRescoreV1`,
+  `extractDebriefFacts`) opts in to the retry + logger. See
+  `isRetryable()` for the classification list.
+- **`llm-profile-reader.ts` — fallback to legacy `models.json` format.**
+  rc.1 QA VPS had `~/.openclaw/agents/<agent>/agent/models.json` (the
+  pre-auth-profiles shape, `{ providers: { zai: { apiKey: "..." } } }`)
+  not `auth-profiles.json`. The auto-resolve silently no-op'd.
+  rc.2 adds a 5th cascade tier: `readAllProfileKeys` reads
+  auth-profiles.json FIRST (takes precedence on overlap), then merges
+  in models.json entries for any provider not already covered.
+### Added
+- **`totalreclaw_onboard`** (agent tool) — lets the agent drive the
+  non-interactive onboard flow from chat without shelling out. Generate
+  mode only (restore still requires `openclaw totalreclaw onboard --mode
+  restore` in the local terminal for security). Returns scope address +
+  credentials path; NEVER returns the mnemonic. Directly wraps
+  `runNonInteractiveOnboard` in-process.
+- **`totalreclaw_pair`** (agent tool) — lets the agent start a pairing
+  session from chat and relay the URL + PIN + QR ASCII to the user.
+  Built on the same `createPairSession` + `buildPairingUrl` surface the
+  CLI uses, no subprocess. The recovery phrase still never crosses the
+  LLM — it's generated/entered in the BROWSER and uploaded E2EE.
+- **`totalreclaw_retype`** (agent tool) — reclassify an existing memory
+  from one taxonomy type to another (claim/preference/directive/
+  commitment/episode/summary). Writes a new v1.1 claim with the updated
+  type, tombstones the old fact on-chain. rc.1 QA confirmed this tool
+  was documented in SKILL.md but NOT registered — agents couldn't call
+  it.
+- **`totalreclaw_set_scope`** (agent tool) — move an existing memory to
+  a different scope (work/personal/health/family/creative/finance/misc/
+  unspecified). Same write pattern as retype. Also previously
+  documented-not-registered; rc.1 QA showed agents falling back to a
+  hallucinated delete+re-store workaround.
+- **`skill/plugin/retype-setscope.ts`** — new pure-logic module
+  supporting the two agent tools above. Tightly mirrors pin.ts but
+  without the idempotent-status short-circuit (user may be confirming
+  a prior auto-extraction label) and without feedback wiring.
+- **`skill/plugin/gateway-url.test.ts`** — unit coverage for the new
+  passive Tailscale + LAN detection. 17 cases, all green.
+- **`skill/plugin/retype-setscope.test.ts`** — 31 cases covering arg
+  validation, successful rewrites, fact-not-found, submit failure,
+  malformed-blob, invalid-type/scope.
+- **`skill/plugin/llm-client-retry.test.ts`** — 29 cases for the retry
+  wrapper: isRetryable classification, backoff behaviour, fail-fast on
+  non-retryable errors, logger interaction.
+- **`skill/plugin/llm-profile-reader.test.ts`** — 13 additional cases
+  for models.json parsing + combined reader.
+### Preserved from rc.1
+All the rc.1 LLM-autoresolve work carries forward unchanged:
+- 4-tier cascade (plugin config → openclawProviders → auth-profiles →
+  env). With rc.2's `models.json` fallback it's effectively 5 tiers.
+- `openclaw totalreclaw onboard --non-interactive --json --mode` CLI.
+- `openclaw totalreclaw pair generate --json` CLI.
+- `extraction.llm` plugin-config override block.
+- Synchronous HTTP-route registration, manifest `kind` drop, etc.
 ## [3.3.1-rc.1] — 2026-04-22
 First release candidate for 3.3.1. Comprehensive patch release addressing

package/SKILL.md CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 name: totalreclaw
 description: "End-to-end encrypted memory for AI agents — portable, yours forever. XChaCha20-Poly1305 E2EE: server never sees plaintext."
-version: 3.3.1-rc.1
+version: 3.3.1-rc.3
 author: TotalReclaw Team
 license: MIT
 homepage: https://totalreclaw.xyz
@@ -22,325 +22,140 @@ metadata:
       - persistent-context
 ---
-# TotalReclaw Skill
+# TotalReclaw — Agent Guide
-## Installation
+You are operating inside a host that has the TotalReclaw memory plugin loaded. This file tells you WHAT to call and WHEN. Every sentence is a rule.
-TotalReclaw ships as an OpenClaw plugin. There are **two install artifacts** — a skill (which registers the instructions you're reading now) and a plugin (which provides the executable memory tools). Both are needed, and you install them in this order:
+## Setup state
-```sh
-# 1. Install the skill (registers instructions + tool surface)
-openclaw skills install totalreclaw
+Before any memory tool, check `~/.totalreclaw/credentials.json`:
-# 2. Install the plugin (activates routes, hooks, and tool implementations)
-openclaw plugins install @totalreclaw/totalreclaw
+- **Missing, empty, malformed, or no `mnemonic` key** -> NOT set up. You MUST NOT generate a phrase in chat, and you MUST NOT ask the user to paste one. Route:
+  - Local gateway: call `totalreclaw_onboarding_start` (or `totalreclaw_onboard` if available); both return a pointer to `openclaw totalreclaw onboard`.
+  - Remote gateway (VPS / Docker / no TTY): call `totalreclaw_pair` (v3.3.1+), OR instruct the user to run `openclaw totalreclaw pair generate --json`. Present the returned `{url, pin, qr_ascii}` to the user. The phrase is entered in their browser, never in this conversation.
+- **Present with a valid `mnemonic`** -> active. Use the tools below.
-# 3. Restart the gateway for the plugin to bind HTTP routes + hooks
-#    On native install:
-openclaw restart
-#    Inside Docker:
-docker restart openclaw-qa
-```
+## Core rules
-The two-step install is necessary because OpenClaw separates "skill metadata" (what this file describes) from "plugin code" (the compiled TypeScript that runs). Skipping step 2 leaves the user with instructions but no tools. Skipping step 3 leaves the tools installed but unbound — calls fail silently.
+1. **Phrase safety (NON-NEGOTIABLE).** The recovery phrase is a secret. Never generate one in chat, never echo one back, never log one in reasoning / tool payloads, never pass one to another tool. Direct users to `cat ~/.totalreclaw/credentials.json | jq -r .mnemonic`.
+2. **Use the tools, not inline state.** `totalreclaw_remember` stores; `totalreclaw_recall` retrieves. Don't re-ask the user for past facts; don't paraphrase memories as your own recollection.
+3. **Gateway restart is required after install.** If tools fail right after `openclaw plugins install @totalreclaw/totalreclaw`, tell the user to run `openclaw restart` or `docker restart openclaw-qa`.
-Some OpenClaw versions support a single-step `openclaw plugins install @totalreclaw/totalreclaw` that auto-registers the skill; if so, you can skip step 1.
+## Decision tree — which tool, when
----
+- **Fact-shaped content** (preferences, identity, commitments, decisions, directives, episodes): `totalreclaw_remember`. Don't ask permission for obvious user facts.
+- **Question about the past** ("what do you remember about…", "do I like…"): `totalreclaw_recall`.
+- **"Pin that" / "remember permanently"**: `totalreclaw_pin`. **"Unpin" / "can forget that"**: `totalreclaw_unpin`.
+- **"Forget X" / "delete that memory"**: `totalreclaw_forget` with the fact's id.
+- **"That's a preference, not a claim"**: `totalreclaw_retype`.
+- **"Put that under work"**: `totalreclaw_set_scope`.
+- **"Export my memories"**: `totalreclaw_export`.
+- **"What's my TotalReclaw status?"**: `totalreclaw_status`.
+- **"Set up TotalReclaw"** (no credentials): route per the Setup-state section above.
+- **"Import my Mem0 / ChatGPT / Claude / Gemini history"**: `totalreclaw_import_from` with `dry_run=true` first. Show the estimate, confirm, then run without `dry_run`. For >50 chunks, use `totalreclaw_import_batch` and report progress.
+- **"Upgrade" / "I want Pro"**: `totalreclaw_upgrade` returns a Stripe URL. After upgrade, offer `totalreclaw_migrate` (dry-run first) to move testnet memories to mainnet.
-## Recovery Phrase — CRITICAL SAFETY RULES
+### First-person queries — ALWAYS call `totalreclaw_recall` first
-### RULE 1 — Never generate, display, or transmit a recovery phrase in chat.
+Any user message that references THEIR OWN facts triggers a recall call BEFORE you answer. Triggers (non-exhaustive — err on the side of calling recall):
-The recovery phrase is the **only** key to the user's encrypted memories. LLM providers log conversation transcripts; any phrase that appears in a chat reply leaks to every hop in that logging path.
+- "where do I live / work" / "what's my address / city"
+- "what do I prefer / like / hate / use"
+- "do I have / own / know"
+- "when did I / have I ever"
+- "who is my / my [relation/role]"
+- "what was my / my [object/preference]"
+- any question pattern containing "my / I / me" + a fact-shaped noun (address, job, favourite, project, partner, pet, etc.)
-**You MUST NOT:**
-- Produce a 12-word phrase yourself and paste it into the chat. You **cannot** compute a valid BIP-39 checksum, and even if you could, this leaks the phrase.
-- Ask the user to paste their recovery phrase into the chat. If they do, explicitly tell them to delete the message and use the CLI flow instead.
-- Display a phrase that another tool returned via chat output.
+Call `totalreclaw_recall(query=<semantic version of the question>)` FIRST, THEN answer based on returned facts. Do NOT answer from memory or invent; if recall returns 0 results, say "I don't have anything about that yet." rc.2 QA debug found 5/5 failures to call recall on "where do I live?" — the phrasing was enough to make agents skip the tool. This rule is hard: first-person factual queries are a recall trigger, full stop.
-The phrase lives **only** in the user's terminal and in `~/.totalreclaw/credentials.json` (mode 0600).
+## Tool surface
-### RULE 2 — Direct the user to the CLI wizard, or use the non-interactive flag for agent-driven setup.
+Tools work only when credentials are active AND the gateway has been restarted post-install. If a tool returns "onboarding required", route back to onboarding.
-There are exactly two correct onboarding paths:
+| Tool | Key params |
+|------|------------|
+| `totalreclaw_remember` | `text`, optional `type` (default `claim`), `importance` |
+| `totalreclaw_recall` | `query`, optional `k` (default 8, max 20) |
+| `totalreclaw_forget` | `factId` |
+| `totalreclaw_pin` / `totalreclaw_unpin` | `factId`, optional `reason` |
+| `totalreclaw_retype` | `factId`, `newType` |
+| `totalreclaw_set_scope` | `factId`, `scope` |
+| `totalreclaw_export` | optional `format` (`json` / `markdown`) |
+| `totalreclaw_status` | (none) |
+| `totalreclaw_upgrade` | (none) |
+| `totalreclaw_migrate` | optional `confirm` (dry-run by default) |
+| `totalreclaw_import_from` / `totalreclaw_import_batch` | `source`, `file_path` or `content`, `dry_run` |
+| `totalreclaw_consolidate` | optional `dry_run` |
+| `totalreclaw_onboarding_start` / `totalreclaw_onboard` | (none) — returns CLI pointer |
+| `totalreclaw_pair` | optional `mode` (`generate` / `import`) — returns `{url, pin, qr_ascii, expires_at_ms}` |
-**A. Interactive (human at a TTY):**
+## Taxonomy
-```sh
-openclaw totalreclaw onboard
-```
+**Types:** `claim` (default) / `preference` / `directive` (reusable rule) / `commitment` (future intent) / `episode` (event) / `summary` (derived synthesis).
-This runs a terminal wizard. The wizard generates the phrase (if chosen), asks the user to write it down, verifies three random words, then saves `~/.totalreclaw/credentials.json`. The phrase never leaves the user's terminal.
+**Scopes:** `work` / `personal` (default) / `health` / `family` / `creative` / `finance` / `misc`.
-**B. Agent-driven (Claude / another AI agent setting up TotalReclaw for the user):**
+## If a tool fails
-```sh
-openclaw totalreclaw onboard --non-interactive --json --mode generate
-```
+- Tell the user plainly. Don't retry blindly.
+- "onboarding required" -> route per Setup-state above.
+- "No LLM available for auto-extraction" (startup only, v3.3.1+) -> provider key not reachable. Point at `~/.openclaw/agents/<agent>/agent/auth-profiles.json` or the `plugins.entries.totalreclaw.config.extraction.llm` override.
+- Silent extraction failures -> suggest `openclaw totalreclaw status` or check `~/.totalreclaw/billing-cache.json` for rate-limit signals.
-Returns structured JSON: `{"ok": true, "action": "generate", "scope_address": "0x...", "credentials_path": "..."}`.
+## zai provider configuration (3.3.1-rc.3+)
-The phrase is **not** in the payload. It was written to `credentials_path` (mode 0600). Tell the user: "Your recovery phrase is at `~/.totalreclaw/credentials.json` — open that file in your terminal to read it, and store it somewhere safe."
+zai exposes two endpoints:
+- **Coding plan (subscription)**: `https://api.z.ai/api/coding/paas/v4` — default.
+- **PAYG**: `https://api.z.ai/api/paas/v4` — for pay-as-you-go balances.
-For restore:
+A coding-plan key hitting the PAYG endpoint (or vice-versa) returns `Insufficient balance or no resource package. Please recharge.` rc.3 auto-detects this and flips to the other endpoint on one retry per call, but users can avoid the first-call tax by setting `ZAI_BASE_URL` explicitly:
-```sh
-openclaw totalreclaw onboard --non-interactive --json --mode restore --phrase "word1 word2 ..."
-```
+- GLM Coding Plan users: leave `ZAI_BASE_URL` unset, or set to `https://api.z.ai/api/coding/paas/v4`.
+- PAYG users: set `ZAI_BASE_URL=https://api.z.ai/api/paas/v4`.
-### RULE 3 — Remote gateways use QR pairing, not phrase paste.
+Retry budget: the extraction LLM retries up to 5 attempts with 2s→4s→8s→16s→32s backoff (total ~62s). Configurable via `TOTALRECLAW_LLM_RETRY_BUDGET_MS` (default 60000).
-If the user is running OpenClaw on a VPS, Docker host, home server, or anywhere you can't see the terminal, run:
+## Minimum viable interaction pattern
-```sh
-openclaw totalreclaw pair generate
-# or for agent-driven:
-openclaw totalreclaw pair generate --json
 ```
-The CLI prints (or emits JSON with) a QR code, a URL, and a 6-digit PIN. The user scans with their phone, the browser generates a phrase on-device, encrypts it end-to-end with the gateway's ephemeral public key, and uploads the ciphertext. The phrase never touches chat, the LLM, or the relay.
----
-## Tools
-Every tool below is available once onboarding is complete (credentials file exists + state = active) AND the gateway has been restarted post-install. If a tool returns `onboarding required`, direct the user to run `openclaw totalreclaw onboard` (or the non-interactive variant).
-### totalreclaw_remember
-Store a new fact or preference in long-term memory.
-**Parameters:**
-| Name | Type | Required | Description |
-|------|------|----------|-------------|
-| text | string | Yes | The fact or information to remember |
-| type | string | No | Type of memory: `claim`, `preference`, `directive`, `commitment`, `episode`, `summary`. Default: `claim` |
-| importance | integer | No | 1-10. Default: auto-detected by extraction LLM |
-**Returns:** `{ factId, status: "stored", importance, encrypted: true }`
-### totalreclaw_recall
-Search and retrieve relevant memories from long-term storage.
-**Parameters:**
-| Name | Type | Required | Description |
-|------|------|----------|-------------|
-| query | string | Yes | Natural language query |
-| k | integer | No | Results to return. Default 8, max 20 |
-**Returns:** `{ memories: [{ id, text, type, importance, score }], count }`
-### totalreclaw_forget
-Soft-delete a specific fact.
-**Parameters:** `{ factId: string }` — the UUID of the fact to delete.
-### totalreclaw_pin
-Pin a memory so auto-resolution can never supersede it. Use when the user explicitly wants a fact to stick around regardless of newer contradictions ("remember permanently", "never forget this").
-**Parameters:** `{ factId: string, reason?: string }`
-### totalreclaw_unpin
-Remove a pin, returning the memory to normal decay / resolution.
-**Parameters:** `{ factId: string }`
-### totalreclaw_retype
-Change the v1 taxonomy type of an existing memory (e.g. reclassify a misdetected `claim` as a `preference`).
-**Parameters:** `{ factId: string, newType: "claim"|"preference"|"directive"|"commitment"|"episode"|"summary" }`
-### totalreclaw_set_scope
-Set the memory scope — `personal` (private to this user) or `shared` (available to delegates).
-**Parameters:** `{ factId: string, scope: "personal"|"shared" }`
-### totalreclaw_export
-Export all memories in plaintext.
-**Parameters:** `{ format?: "json"|"markdown" }` — default `json`
-### totalreclaw_status
-Check billing + subscription status.
-**Parameters:** `{}` (no arguments)
-**Returns:** `{ tier, quota, usage, resetsAt, upgradeUrl? }`
-### totalreclaw_upgrade
-Get a Stripe checkout URL to upgrade to Pro (unlimited memories on Gnosis mainnet).
-**Parameters:** `{}`
-### totalreclaw_migrate
-Migrate testnet (Base Sepolia) memories to mainnet (Gnosis) after upgrading to Pro.
-**Parameters:** `{ confirm?: boolean }` — dry-run by default; set `confirm: true` to execute.
-### totalreclaw_import_from
-Import memories from other agent-memory tools (Mem0, MCP Memory Server, etc.).
-**Parameters:** `{ source, api_key?, source_user_id?, content?, file_path?, namespace?, dry_run? }`
-### totalreclaw_consolidate
-Scan all memories and merge near-duplicates.
-**Parameters:** `{ dry_run?: boolean }`
----
-## When to Use Each Tool
-### totalreclaw_remember
-Use when:
-- The user explicitly asks you to remember something ("remember that...", "note that...", "don't forget...")
-- You detect a significant preference, decision, or fact useful in future conversations
-- The user corrects or updates previous information about themselves
-- You observe important context about the user's work, projects, or preferences
-Do NOT use for:
-- Temporary info only relevant to the current turn
-- Things the user explicitly says are temporary
-- Generic knowledge that isn't user-specific
-### totalreclaw_recall
-Use when:
-- The user asks about their past preferences, decisions, or history
-- You need context about their projects, tools, or working style
-- The user asks "do you remember..." or "what did I tell you about..."
-- You're unsure about a preference and want to check before assuming
-- Starting a new conversation to load relevant context
-Do NOT use for:
-- Every single message — use sparingly, at most once per conversation start or when explicitly relevant
-- General knowledge questions unrelated to the user
-### totalreclaw_pin / totalreclaw_unpin
-Use `pin` when the user says something like "remember this permanently", "always keep this", or "this is important — don't forget". Use `unpin` when they say "you can forget that", "it's no longer relevant", etc.
-### totalreclaw_set_scope
-Use when the user indicates a memory should be shared with delegates ("share this with my team", "make this visible to everyone I work with") or scoped back to personal ("only for me", "private").
----
-## Configuration
-All configuration lives under `plugins.entries.totalreclaw.config.*` in the OpenClaw config. The full 3.3.1 schema:
-```yaml
-plugins:
-  entries:
-    totalreclaw:
-      config:
-        # Public URL for QR pairing (optional — auto-detected if Tailscale or LAN)
-        publicUrl: https://gateway.example.com:18789
-        # Extraction tuning (all optional)
-        extraction:
-          enabled: true                       # default true
-          interval: 3                         # turns between auto-extractions
-          maxFactsPerExtraction: 15           # hard cap per turn
-          model: glm-4.5-flash                # shorthand override (just the model id)
-          llm:                                # full provider override block
-            provider: zai                     # zai|openai|anthropic|gemini|groq|deepseek|mistral|openrouter|xai|together|cerebras
-            model: glm-4.5-flash
-            apiKey: <your-key>
-            baseUrl: https://api.z.ai/api/coding/paas/v4   # self-hosted / custom gateway only
+User: "I live in Porto and prefer PostgreSQL."
+-> totalreclaw_remember({text: "User lives in Porto", type: "claim"})
+-> totalreclaw_remember({text: "User prefers PostgreSQL over MySQL", type: "preference"})
+-> respond naturally, don't list what you just saved.
+User: "What do you remember about me?"
+-> totalreclaw_recall({query: "user facts preferences identity"})
+-> summarize returned facts in your reply.
+User: "Set me up for TotalReclaw."
+-> check ~/.totalreclaw/credentials.json. If missing:
+   local:  totalreclaw_onboarding_start (or totalreclaw_onboard)
+   remote: totalreclaw_pair -> present URL + PIN + QR
+-> follow the tool's instructions. Never invent a phrase.
 ```
-### LLM Provider Auto-Resolution
-TotalReclaw needs a small LLM to extract facts from conversations. Resolution order (highest priority first):
-1. **Plugin config** — `plugins.entries.totalreclaw.config.extraction.llm.{provider,apiKey}`
-2. **OpenClaw provider config** — `api.config.models.providers`
-3. **OpenClaw auth profiles** — keys stored in `~/.openclaw/agents/<agent>/agent/auth-profiles.json`. This is where most users have their provider keys; 3.3.1 added it as a resolution tier.
-4. **Environment variables** — `ZAI_API_KEY`, `OPENAI_API_KEY`, `ANTHROPIC_API_KEY`, `GEMINI_API_KEY`, `GROQ_API_KEY`, `DEEPSEEK_API_KEY`, `MISTRAL_API_KEY`, `OPENROUTER_API_KEY`, `XAI_API_KEY`, `TOGETHER_API_KEY`, `CEREBRAS_API_KEY`
-If none of these resolve, auto-extraction is cleanly disabled and a single INFO message is logged at startup — manual `totalreclaw_remember` still works.
-### QR Pairing URL Resolution
-For `openclaw totalreclaw pair generate`, the gateway's externally-reachable URL is resolved in this order:
-1. `plugins.entries.totalreclaw.config.publicUrl` — explicit override
-2. `gateway.remote.url` — OpenClaw's own remote-gateway URL
-3. `gateway.bind === 'custom'` + `gateway.customBindHost`
-4. Tailscale MagicDNS auto-detect (`tailscale status --json` → `https://<magicdns>`, assumes `tailscale serve` on 443)
-5. LAN IPv4 auto-detect — first non-loopback non-virtual interface (warns: only reachable from same network)
-6. `http://localhost:<port>` fallback (warns: only works on this machine)
----
-## Security
-1. **E2EE** — all memories are encrypted client-side with XChaCha20-Poly1305. The server never sees plaintext.
-2. **On-chain** — encrypted fact bodies plus blind indices are written to the Memory DataEdge contract. Free tier = Base Sepolia (84532); Pro tier = Gnosis mainnet (100).
-3. **Recovery phrase stays local** — it lives only in `~/.totalreclaw/credentials.json` with mode 0600 and in the user's own backup. Never in chat, never in the session transcript, never in an LLM request.
-4. **QR pairing crypto** — gateway ephemeral x25519 keypair; browser derives shared secret and encrypts the phrase with ChaCha20-Poly1305 before upload. Gateway private key never leaves disk.
-### What NOT to do
-- Do NOT write facts or preferences to `MEMORY.md`. TotalReclaw handles all memory storage with E2EE; cleartext files defeat the encryption guarantee.
-- Do NOT call `totalreclaw_remember` for temporary or in-session context.
-- Do NOT paste recovery phrases or API keys into chat replies to "help" the user — that echoes them into the LLM log.
----
+## What NOT to do
-## Memory Types (v1 Taxonomy)
+- Do NOT write memories to `MEMORY.md` or any cleartext file — that defeats E2EE.
+- Do NOT call `totalreclaw_remember` for transient in-session context.
+- Do NOT paste recovery phrases or API keys into chat.
+- Do NOT run `npx @totalreclaw/mcp-server setup` — deprecated path that corrupts credentials.
-TotalReclaw v1 uses six canonical types:
+## Filing QA bugs (RC builds only)
-| Type | Description | Example |
-|------|-------------|---------|
-| claim | Objective assertion about the user / world | "Lives in Lisbon, Portugal" |
-| preference | Likes, dislikes, choices | "Prefers dark mode in all applications" |
-| directive | Instruction the user gave to remember / enforce | "Always use TypeScript for new projects" |
-| commitment | Promise or commitment the user made | "Will deploy v1 to mainnet by end of Q1" |
-| episode | Notable event or experience | "Deployed v1.0 to production on March 15" |
-| summary | Key outcomes from discussions | "Agreed to use phased rollout for mainnet migration" |
+If `totalreclaw_report_qa_bug` tool is available (this means you're in an RC build — stable users never see the tool), OFFER to file a bug when ANY of these triggers fire. Never auto-file; always ask the user once per issue.
-The extraction LLM auto-selects the type. Use `totalreclaw_retype` if you detect a classification error.
+Triggers:
+1. A tool call fails 2+ times in a row with the same error signature.
+2. User expresses friction: "this doesn't work" / "error" / "stuck" / "broken" / "not what I expected" / "wrong version" / explicit "file a bug".
+3. Setup flow hits an error that you can't resolve via the docs.
+4. Docs don't match reality (user guide says X; actual behavior is Y).
----
-## Troubleshooting
-- **`plugins.allow is empty`** — OpenClaw warning, not a TotalReclaw bug. Either add the plugin to your allowlist or ignore it; TotalReclaw still works.
-- **`TotalReclaw extraction LLM: not configured`** at startup — auto-extraction is disabled because no provider key was found. Configure a provider in `~/.openclaw/agents/<agent>/agent/auth-profiles.json`, or set `plugins.entries.totalreclaw.config.extraction.llm.{provider,apiKey}`. Manual `totalreclaw_remember` still works.
-- **Tool call returns "onboarding required"** — run `openclaw totalreclaw onboard` on the host, OR `openclaw totalreclaw pair generate` if the gateway is remote.
-- **`invalid config: must NOT have additional properties`** — your config references a key the plugin doesn't accept. The 3.3.1 schema is listed above; earlier schemas rejected `publicUrl` and most `extraction.*` keys (fixed in 3.3.1).
-- **Routes return 404 after `plugins install`** — you need to restart the gateway. `openclaw restart` or `docker restart openclaw-qa`.
----
+Offer: "This looks worth reporting so the maintainer can fix it. Want me to file a QA bug? I'll capture the symptom + repro."
-## Plugin architecture (informational)
+On user yes → call `totalreclaw_report_qa_bug` with the redacted details. Required fields: `integration` (plugin/hermes/nanoclaw/mcp/relay/clawhub/docs/other), `rc_version` (exact version string), `severity` (blocker/high/medium/low), `title` (<60 chars), `symptom`, `expected`, `repro`, `logs`, `environment`.
-- `index.ts` — plugin entry; registers tools, hooks, CLI, HTTP routes, and the slash command `/totalreclaw`.
-- `llm-client.ts` + `llm-profile-reader.ts` — LLM auto-resolution cascade (3.3.1).
-- `gateway-url.ts` — Tailscale / LAN host autodetect for pairing URLs.
-- `pair-http.ts` — `/plugin/totalreclaw/pair/{finish,start,respond,status}` HTTP routes.
-- `pair-cli.ts` — `openclaw totalreclaw pair [generate|import]` CLI, with `--json` and `--timeout` in 3.3.1.
-- `onboarding-cli.ts` — `openclaw totalreclaw onboard` CLI, with `--non-interactive / --json / --mode / --phrase / --emit-phrase` in 3.3.1.
-- `config.ts` — centralized env-var reads (keeps scanner surface clean).
+On user no / ambiguous → proceed without filing.
-See `CHANGELOG.md` for the per-release fix history.
+Do NOT offer the same bug twice in a session. Do NOT include secrets (recovery phrases, API keys, bot tokens) in any field — the tool redacts automatically, but don't pass raw values anyway. The tool requires `TOTALRECLAW_QA_GITHUB_TOKEN` (or `GITHUB_TOKEN`) to be set on the host; if the tool returns a missing-token error, tell the user the operator needs to export one with `repo` scope.

package/config.ts CHANGED Viewed

@@ -157,6 +157,37 @@ export const CONFIG = {
     cerebras: process.env.CEREBRAS_API_KEY || '',
   } as Record<string, string>,
+  // 3.3.1-rc.3: zai base-URL override. Read via a getter so tests can
+  // mutate `process.env.ZAI_BASE_URL` between calls — the value is NOT
+  // frozen at module load. Default is the coding endpoint; the rc.3
+  // auto-fallback flips to the standard endpoint on an "Insufficient
+  // balance" 429.
+  get zaiBaseUrl(): string {
+    const override = process.env.ZAI_BASE_URL;
+    if (override && override.trim()) return override.trim().replace(/\/+$/, '');
+    return 'https://api.z.ai/api/coding/paas/v4';
+  },
+  // 3.3.1-rc.3: retry budget for chatCompletion. Default 60s covers
+  // multi-minute upstream outages. Read as a plain value (not getter)
+  // so tests that patch env need to reload the module — but the default
+  // suffices for production.
+  llmRetryBudgetMs: (() => {
+    const raw = process.env.TOTALRECLAW_LLM_RETRY_BUDGET_MS;
+    const parsed = raw ? parseInt(raw, 10) : NaN;
+    return Number.isFinite(parsed) && parsed > 0 ? parsed : 60_000;
+  })(),
+  // 3.3.1-rc.3: GitHub personal-access token used by the RC-gated
+  // `totalreclaw_report_qa_bug` tool. `TOTALRECLAW_QA_GITHUB_TOKEN` is
+  // the dedicated variable; `GITHUB_TOKEN` is a fallback for CI-style
+  // setups where the same token is shared across tools. Read via getter
+  // so operators can set the var after the process starts (e.g. via a
+  // dotenv reload) and the next tool call picks it up.
+  get qaGithubToken(): string {
+    return process.env.TOTALRECLAW_QA_GITHUB_TOKEN || process.env.GITHUB_TOKEN || '';
+  },
   // Paths
   home,
   billingCachePath: path.join(home, '.totalreclaw', 'billing-cache.json'),