botschat 0.1.19 → 0.1.20

package/packages/api/src/index.ts

@@ -5,6 +5,9 @@ import { authMiddleware, verifyToken, getJwtSecret, verifyMediaSignature, signMe
 import { randomUUID } from "./utils/uuid.js";
 import { auth } from "./routes/auth.js";
 import { agents } from "./routes/agents.js";
+import { agentsV2 } from "./routes/agents-v2.js";
+import { migrateV2 } from "./routes/migrate-v2.js";
+import { historyV2 } from "./routes/history-v2.js";
 import { channels } from "./routes/channels.js";
 import { tasks } from "./routes/tasks.js";
 import { jobs } from "./routes/jobs.js";
@@ -15,7 +18,6 @@ import { upload } from "./routes/upload.js";
 import { push } from "./routes/push.js";
 import { setup } from "./routes/setup.js";
 import { devAuth } from "./routes/dev-auth.js";
-import { demo, isDemoUserId } from "./routes/demo.js";
 
 // Re-export the Durable Object class so wrangler can find it
 export { ConnectionDO } from "./do/connection-do.js";
@@ -89,37 +91,15 @@ app.get("/api/health", (c) => c.json({ status: "ok", version: "0.1.0" }));
 // ---- Public routes (no auth) ----
 app.route("/api/auth", auth);
 app.route("/api/dev-auth", devAuth);
-app.route("/api/demo", demo);
 app.route("/api/setup", setup);
 
 // ---- Protected routes (require Bearer token) ----
 const protectedApp = new Hono<{ Bindings: Env; Variables: { userId: string } }>();
 protectedApp.use("/*", authMiddleware());
-
-// Block sensitive operations for the demo user
-const DEMO_BLOCKED_ROUTES: Array<{ method: string; pattern: RegExp }> = [
-  { method: "POST",   pattern: /^\/pairing-tokens/ },
-  { method: "POST",   pattern: /^\/upload/ },
-  { method: "DELETE", pattern: /^\/$/ },  // DELETE /api (account deletion goes via /api/auth/account)
-];
-protectedApp.use("/*", async (c, next) => {
-  const userId = c.get("userId");
-  if (!isDemoUserId(userId)) return next();
-  const method = c.req.method;
-  const path = c.req.path.replace(/^\/api/, "");
-  // Block pairing tokens, file upload, and any DELETE (channels, tasks, sessions, account)
-  if (method === "DELETE") {
-    return c.json({ error: "Demo account cannot perform this action" }, 403);
-  }
-  for (const r of DEMO_BLOCKED_ROUTES) {
-    if (method === r.method && r.pattern.test(path)) {
-      return c.json({ error: "Demo account cannot perform this action" }, 403);
-    }
-  }
-  return next();
-});
-
 protectedApp.route("/agents", agents);
+protectedApp.route("/v2/agents", agentsV2);
+protectedApp.route("/v2/migrate", migrateV2);
+protectedApp.route("/v2/messages", historyV2);
 protectedApp.route("/channels", channels);
 protectedApp.route("/models", models);
 protectedApp.get("/me", async (c) => {
@@ -235,7 +215,7 @@ protectedApp.get("/tasks", async (c) => {
   const kind = c.req.query("kind") ?? "background";
 
   const { results } = await c.env.DB.prepare(
-    `SELECT t.id, t.channel_id, t.name, t.kind, t.openclaw_cron_job_id,
+    `SELECT t.id, t.channel_id, t.name, t.kind, t.provider_job_id,
             t.session_key, t.enabled, t.created_at, t.updated_at
      FROM tasks t
      JOIN channels ch ON t.channel_id = ch.id
@@ -248,7 +228,7 @@ protectedApp.get("/tasks", async (c) => {
       channel_id: string;
       name: string;
       kind: string;
-      openclaw_cron_job_id: string | null;
+      provider_job_id: string | null;
       session_key: string | null;
       enabled: number;
       created_at: number;
@@ -261,7 +241,7 @@ protectedApp.get("/tasks", async (c) => {
       channelId: r.channel_id,
       name: r.name,
       kind: r.kind,
-      openclawCronJobId: r.openclaw_cron_job_id,
+      providerJobId: r.provider_job_id,
       sessionKey: r.session_key,
       enabled: !!r.enabled,
       createdAt: r.created_at,
@@ -392,6 +372,8 @@ async function verifyUserAccess(c: { req: { header: (n: string) => string | unde
 app.all("/api/gateway/:connId", async (c) => {
   let userId = c.req.param("connId");
 
+  let agentId: string | null = null;
+
   if (!userId.startsWith("u_")) {
     const token =
       c.req.query("token") ??
@@ -402,16 +384,28 @@ app.all("/api/gateway/:connId", async (c) => {
       return c.json({ error: "Token required for gateway connection" }, 401);
     }
 
-    const row = await c.env.DB.prepare(
-      "SELECT user_id FROM pairing_tokens WHERE token = ? AND revoked_at IS NULL",
+    // v2: try agents table first (multi-agent), fallback to pairing_tokens (legacy)
+    const agentRow = await c.env.DB.prepare(
+      "SELECT id, user_id FROM agents WHERE pairing_token = ?",
     )
       .bind(token)
-      .first<{ user_id: string }>();
-
-    if (!row) {
-      return c.json({ error: "Invalid pairing token" }, 401);
+      .first<{ id: string; user_id: string }>();
+
+    if (agentRow) {
+      userId = agentRow.user_id;
+      agentId = agentRow.id;
+    } else {
+      const row = await c.env.DB.prepare(
+        "SELECT user_id FROM pairing_tokens WHERE token = ? AND revoked_at IS NULL",
+      )
+        .bind(token)
+        .first<{ user_id: string }>();
+
+      if (!row) {
+        return c.json({ error: "Invalid pairing token" }, 401);
+      }
+      userId = row.user_id;
     }
-    userId = row.user_id;
   }
 
   // --- Worker-level rate limit (Cache API) ---
@@ -428,17 +422,27 @@ app.all("/api/gateway/:connId", async (c) => {
     });
   }
 
-  // Audit: update pairing token stats (only when not rate-limited)
+  // Audit: update connection stats (agents table for v2, pairing_tokens for legacy)
   const token = c.req.query("token") ?? c.req.header("X-Pairing-Token");
   if (token) {
     const clientIp = c.req.header("CF-Connecting-IP") ?? c.req.header("X-Forwarded-For") ?? "unknown";
-    c.executionCtx.waitUntil(
-      c.env.DB.prepare(
-        `UPDATE pairing_tokens
-         SET last_connected_at = unixepoch(), last_ip = ?, connection_count = connection_count + 1
-         WHERE token = ?`,
-      ).bind(clientIp, token).run(),
-    );
+    if (agentId) {
+      c.executionCtx.waitUntil(
+        c.env.DB.prepare(
+          `UPDATE agents
+           SET status = 'connected', last_connected_at = unixepoch(), last_ip = ?, connection_count = connection_count + 1, updated_at = unixepoch()
+           WHERE id = ?`,
+        ).bind(clientIp, agentId).run(),
+      );
+    } else {
+      c.executionCtx.waitUntil(
+        c.env.DB.prepare(
+          `UPDATE pairing_tokens
+           SET last_connected_at = unixepoch(), last_ip = ?, connection_count = connection_count + 1
+           WHERE token = ?`,
+        ).bind(clientIp, token).run(),
+      );
+    }
   }
 
   const doId = c.env.CONNECTION_DO.idFromName(userId);
@@ -446,6 +450,7 @@ app.all("/api/gateway/:connId", async (c) => {
   const url = new URL(c.req.url);
   url.pathname = `/gateway/${userId}`;
   url.searchParams.set("verified", "1");
+  if (agentId) url.searchParams.set("agentId", agentId);
   const doResp = await stub.fetch(new Request(url.toString(), c.req.raw));
 
   // Cache the rate limit after the DO responds (success or rate-limited).
@@ -518,16 +523,28 @@ app.post("/api/plugin-upload", async (c) => {
   if (!token) {
     return c.json({ error: "Missing X-Pairing-Token header" }, 401);
   }
-  const row = await c.env.DB.prepare(
-    "SELECT user_id FROM pairing_tokens WHERE token = ? AND revoked_at IS NULL",
+
+  // v2: try agents table first, fallback to pairing_tokens
+  const agentRow = await c.env.DB.prepare(
+    "SELECT user_id FROM agents WHERE pairing_token = ?",
   )
     .bind(token)
     .first<{ user_id: string }>();
-  if (!row) {
-    return c.json({ error: "Invalid pairing token" }, 401);
-  }
 
-  const userId = row.user_id;
+  let userId: string;
+  if (agentRow) {
+    userId = agentRow.user_id;
+  } else {
+    const row = await c.env.DB.prepare(
+      "SELECT user_id FROM pairing_tokens WHERE token = ? AND revoked_at IS NULL",
+    )
+      .bind(token)
+      .first<{ user_id: string }>();
+    if (!row) {
+      return c.json({ error: "Invalid pairing token" }, 401);
+    }
+    userId = row.user_id;
+  }
   const contentType = c.req.header("Content-Type") ?? "";
   if (!contentType.includes("multipart/form-data")) {
     return c.json({ error: "Expected multipart/form-data" }, 400);

package/packages/api/src/protocol-v2.ts

@@ -0,0 +1,154 @@
+/**
+ * BotsChat v2 Multi-Agent Protocol
+ *
+ * Core Protocol: all agent bridges MUST implement these message types.
+ * Provider Extensions: optional, provider-specific messages (OpenClaw cron, etc.)
+ *
+ * Agent = Type (engine) × Role (persona). Each agent connects via a separate
+ * WebSocket and authenticates with its own agentId.
+ */
+
+// ── Agent metadata shared across protocol ──
+
+export type AgentType = "openclaw" | "cursor_cli" | "cursor_cloud" | "claude_code" | "mock";
+
+export type AgentInfo = {
+  id: string;
+  name: string;
+  type: AgentType;
+  role: string;
+  capabilities: string[];
+  status: "connected" | "disconnected";
+};
+
+// ── Core Protocol: Agent → Cloud (outbound) ──
+
+export type CoreOutbound =
+  | {
+      type: "auth";
+      token: string;
+      agentId?: string;
+      agentType?: AgentType;
+      agents?: string[];
+      model?: string;
+    }
+  | {
+      type: "agent.text";
+      agentId?: string;
+      sessionKey: string;
+      text: string;
+      requestId?: string;
+      replyToId?: string;
+      threadId?: string;
+      encrypted?: boolean;
+      messageId?: string;
+      notifyPreview?: string;
+    }
+  | {
+      type: "agent.media";
+      agentId?: string;
+      sessionKey: string;
+      mediaUrl: string;
+      caption?: string;
+      replyToId?: string;
+      threadId?: string;
+      encrypted?: boolean;
+      mediaEncrypted?: boolean;
+      messageId?: string;
+      notifyPreview?: string;
+    }
+  | { type: "agent.stream.start"; agentId?: string; sessionKey: string; runId: string }
+  | { type: "agent.stream.chunk"; agentId?: string; sessionKey: string; runId: string; text: string }
+  | { type: "agent.stream.end"; agentId?: string; sessionKey: string; runId: string }
+  | { type: "status"; connected: boolean; agents?: string[]; model?: string }
+  | { type: "pong" };
+
+// ── Core Protocol: Cloud → Agent (inbound) ──
+
+export type CoreInbound =
+  | {
+      type: "auth.ok";
+      userId: string;
+      agentId?: string;
+      availableAgents?: AgentInfo[];
+    }
+  | { type: "auth.fail"; reason: string }
+  | {
+      type: "user.message";
+      sessionKey: string;
+      text: string;
+      userId: string;
+      messageId: string;
+      targetAgentId?: string;
+      mediaUrl?: string;
+      parentMessageId?: string;
+      parentText?: string;
+      parentSender?: string;
+      parentEncrypted?: number;
+    }
+  | { type: "user.media"; sessionKey: string; mediaUrl: string; userId: string }
+  | { type: "user.action"; sessionKey: string; action: string; params: Record<string, unknown> }
+  | { type: "user.command"; sessionKey: string; command: string; args?: string }
+  | { type: "ping" };
+
+// ── Agent-to-Agent Delegation ──
+
+export type AgentRequestMessage = {
+  type: "agent.request";
+  agentId: string;
+  targetAgentId: string;
+  sessionKey: string;
+  text: string;
+  requestId: string;
+  depth: number;
+  context?: {
+    summary: string;
+    constraints?: string[];
+    expectedOutput?: string;
+  };
+  ephemeral?: boolean;
+};
+
+export type AgentResponseMessage = {
+  type: "agent.response";
+  requestId: string;
+  fromAgentId: string;
+  text: string;
+  sessionKey: string;
+  error?: string;
+};
+
+// ── Verbose Trace (lv2/lv3 execution traces) ──
+
+export type AgentTraceMessage = {
+  type: "agent.trace";
+  agentId: string;
+  sessionKey: string;
+  messageId: string;
+  verboseLevel: 2 | 3;
+  traceType: string;
+  // lv2: "thinking" | "planning" | "reasoning" | "decision"
+  // lv3: "file_read" | "file_write" | "command_exec" | "search_result" | "tool_call" | "reference"
+  content: string;
+  metadata?: Record<string, unknown>;
+  encrypted?: boolean;
+};
+
+// ── Combined v2 Protocol Types ──
+
+export type V2Outbound = CoreOutbound | AgentRequestMessage | AgentTraceMessage;
+export type V2Inbound = CoreInbound | AgentResponseMessage;
+
+// ── Delegation safety constants ──
+
+export const MAX_DELEGATION_DEPTH = 5;
+export const DELEGATION_TIMEOUT_MS = 5 * 60 * 1000; // 5 minutes
+
+// ── Pending request tracking (used by ConnectionDO) ──
+
+export type PendingRequest = {
+  fromAgentId: string;
+  sessionKey: string;
+  depth: number;
+  createdAt: number;
+};

package/packages/api/src/routes/agents-v2.ts

@@ -0,0 +1,192 @@
+import { Hono } from "hono";
+import type { Env } from "../env.js";
+import { generateId } from "../utils/id.js";
+
+/**
+ * Agents v2 API — agents are first-class entities (team members),
+ * independent of channels. Each agent has a type (engine) and role (persona).
+ */
+const agentsV2 = new Hono<{ Bindings: Env; Variables: { userId: string } }>();
+
+export type AgentType = "openclaw" | "cursor_cli" | "cursor_cloud" | "claude_code" | "mock";
+
+export type AgentV2 = {
+  id: string;
+  name: string;
+  type: AgentType;
+  role: string;
+  systemPrompt: string;
+  skills: Array<{ name: string; description: string }>;
+  capabilities: string[];
+  status: "connected" | "disconnected";
+  lastConnectedAt: number | null;
+  createdAt: number;
+  updatedAt: number;
+};
+
+const CAPABILITIES_BY_TYPE: Record<AgentType, string[]> = {
+  openclaw: ["chat", "streaming", "cron", "a2ui", "media", "code_edit", "delegate"],
+  cursor_cli: ["chat", "streaming", "code_edit"],
+  cursor_cloud: ["chat", "code_edit"],
+  claude_code: ["chat", "streaming", "code_edit"],
+  mock: ["chat", "streaming"],
+};
+
+function dbRowToAgent(row: Record<string, unknown>): AgentV2 {
+  return {
+    id: row.id as string,
+    name: row.name as string,
+    type: row.type as AgentType,
+    role: row.role as string,
+    systemPrompt: row.system_prompt as string,
+    skills: JSON.parse((row.skills_json as string) || "[]"),
+    capabilities: JSON.parse((row.capabilities as string) || "[]"),
+    status: (row.status as "connected" | "disconnected") ?? "disconnected",
+    lastConnectedAt: row.last_connected_at as number | null,
+    createdAt: row.created_at as number,
+    updatedAt: row.updated_at as number,
+  };
+}
+
+/** GET /api/v2/agents — list all agents for the current user */
+agentsV2.get("/", async (c) => {
+  const userId = c.get("userId");
+  const { results } = await c.env.DB.prepare(
+    `SELECT id, name, type, role, system_prompt, skills_json, capabilities,
+            status, last_connected_at, created_at, updated_at
+     FROM agents WHERE user_id = ? ORDER BY created_at ASC`,
+  )
+    .bind(userId)
+    .all();
+
+  return c.json({ agents: (results ?? []).map(dbRowToAgent) });
+});
+
+/** POST /api/v2/agents — create a new agent */
+agentsV2.post("/", async (c) => {
+  const userId = c.get("userId");
+  const body = await c.req.json<{
+    name: string;
+    type: AgentType;
+    role?: string;
+    systemPrompt?: string;
+    skills?: Array<{ name: string; description: string }>;
+    pairingToken?: string;
+    apiKey?: string;
+    config?: Record<string, unknown>;
+  }>();
+
+  if (!body.name?.trim()) return c.json({ error: "Agent name is required" }, 400);
+  if (!body.type) return c.json({ error: "Agent type is required" }, 400);
+
+  const id = generateId("agt_");
+  const capabilities = CAPABILITIES_BY_TYPE[body.type] ?? ["chat"];
+
+  await c.env.DB.prepare(
+    `INSERT INTO agents (id, user_id, name, type, role, system_prompt, skills_json,
+      pairing_token, api_key, config_json, capabilities)
+     VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+  )
+    .bind(
+      id,
+      userId,
+      body.name.trim(),
+      body.type,
+      body.role ?? "general",
+      body.systemPrompt?.trim() ?? "",
+      JSON.stringify(body.skills ?? []),
+      body.pairingToken ?? null,
+      body.apiKey ?? null,
+      JSON.stringify(body.config ?? {}),
+      JSON.stringify(capabilities),
+    )
+    .run();
+
+  const row = await c.env.DB.prepare(
+    `SELECT id, name, type, role, system_prompt, skills_json, capabilities,
+            status, last_connected_at, created_at, updated_at
+     FROM agents WHERE id = ?`,
+  )
+    .bind(id)
+    .first();
+
+  return c.json(dbRowToAgent(row!), 201);
+});
+
+/** GET /api/v2/agents/:id — get a single agent */
+agentsV2.get("/:id", async (c) => {
+  const userId = c.get("userId");
+  const agentId = c.req.param("id");
+
+  const row = await c.env.DB.prepare(
+    `SELECT id, name, type, role, system_prompt, skills_json, capabilities,
+            status, last_connected_at, created_at, updated_at
+     FROM agents WHERE id = ? AND user_id = ?`,
+  )
+    .bind(agentId, userId)
+    .first();
+
+  if (!row) return c.json({ error: "Agent not found" }, 404);
+  return c.json(dbRowToAgent(row));
+});
+
+/** PATCH /api/v2/agents/:id — update an agent */
+agentsV2.patch("/:id", async (c) => {
+  const userId = c.get("userId");
+  const agentId = c.req.param("id");
+  const body = await c.req.json<{
+    name?: string;
+    role?: string;
+    systemPrompt?: string;
+    skills?: Array<{ name: string; description: string }>;
+    config?: Record<string, unknown>;
+  }>();
+
+  const sets: string[] = [];
+  const values: unknown[] = [];
+
+  if (body.name !== undefined) { sets.push("name = ?"); values.push(body.name.trim()); }
+  if (body.role !== undefined) { sets.push("role = ?"); values.push(body.role); }
+  if (body.systemPrompt !== undefined) { sets.push("system_prompt = ?"); values.push(body.systemPrompt.trim()); }
+  if (body.skills !== undefined) { sets.push("skills_json = ?"); values.push(JSON.stringify(body.skills)); }
+  if (body.config !== undefined) { sets.push("config_json = ?"); values.push(JSON.stringify(body.config)); }
+
+  if (sets.length === 0) return c.json({ error: "No fields to update" }, 400);
+
+  sets.push("updated_at = unixepoch()");
+  values.push(agentId, userId);
+
+  await c.env.DB.prepare(
+    `UPDATE agents SET ${sets.join(", ")} WHERE id = ? AND user_id = ?`,
+  )
+    .bind(...values)
+    .run();
+
+  const row = await c.env.DB.prepare(
+    `SELECT id, name, type, role, system_prompt, skills_json, capabilities,
+            status, last_connected_at, created_at, updated_at
+     FROM agents WHERE id = ? AND user_id = ?`,
+  )
+    .bind(agentId, userId)
+    .first();
+
+  if (!row) return c.json({ error: "Agent not found" }, 404);
+  return c.json(dbRowToAgent(row));
+});
+
+/** DELETE /api/v2/agents/:id — delete an agent */
+agentsV2.delete("/:id", async (c) => {
+  const userId = c.get("userId");
+  const agentId = c.req.param("id");
+
+  const { meta } = await c.env.DB.prepare(
+    "DELETE FROM agents WHERE id = ? AND user_id = ?",
+  )
+    .bind(agentId, userId)
+    .run();
+
+  if (!meta.changes) return c.json({ error: "Agent not found" }, 404);
+  return c.json({ ok: true });
+});
+
+export { agentsV2 };

package/packages/api/src/routes/agents.ts

@@ -23,10 +23,10 @@ agents.get("/", async (c) => {
 
   // 1. Channel-based agents (each channel = one agent, default session = first adhoc task)
   const { results: channels } = await c.env.DB.prepare(
-    "SELECT id, name, openclaw_agent_id FROM channels WHERE user_id = ? ORDER BY created_at ASC",
+    "SELECT id, name, provider_agent_id FROM channels WHERE user_id = ? ORDER BY created_at ASC",
   )
     .bind(userId)
-    .all<{ id: string; name: string; openclaw_agent_id: string }>();
+    .all<{ id: string; name: string; provider_agent_id: string }>();
 
   // Find the "General" channel to associate with the default agent (for session support).
   // If the user has created a "General" channel (auto-created on first session "+"),
@@ -52,7 +52,7 @@ agents.get("/", async (c) => {
       .first<{ session_key: string }>();
 
     const sessionKey =
-      task?.session_key ?? `agent:${ch.openclaw_agent_id}:botschat:${userId}:adhoc`;
+      task?.session_key ?? `agent:${ch.provider_agent_id}:botschat:${userId}:adhoc`;
     list.push({
       id: ch.id,
       name: ch.name,

package/packages/api/src/routes/auth.ts

@@ -357,7 +357,6 @@ auth.get("/me", async (c) => {
 auth.delete("/account", async (c) => {
   const userId = c.get("userId" as never) as string;
   if (!userId) return c.json({ error: "Unauthorized" }, 401);
-  if (userId.startsWith("demo_")) return c.json({ error: "Demo account cannot be deleted" }, 403);
 
   // Delete all user media from R2
   const prefix = `${userId}/`;

package/packages/api/src/routes/channels.ts

@@ -9,14 +9,14 @@ channels.get("/", async (c) => {
   const userId = c.get("userId");
 
   const { results } = await c.env.DB.prepare(
-    "SELECT id, name, description, openclaw_agent_id, system_prompt, created_at, updated_at FROM channels WHERE user_id = ? ORDER BY created_at DESC",
+    "SELECT id, name, description, provider_agent_id, system_prompt, created_at, updated_at FROM channels WHERE user_id = ? ORDER BY created_at DESC",
   )
     .bind(userId)
     .all<{
       id: string;
       name: string;
       description: string;
-      openclaw_agent_id: string;
+      provider_agent_id: string;
       system_prompt: string;
       created_at: number;
       updated_at: number;
@@ -27,7 +27,7 @@ channels.get("/", async (c) => {
       id: r.id,
       name: r.name,
       description: r.description,
-      openclawAgentId: r.openclaw_agent_id,
+      providerAgentId: r.provider_agent_id,
       systemPrompt: r.system_prompt,
       createdAt: r.created_at,
       updatedAt: r.updated_at,
@@ -38,10 +38,10 @@ channels.get("/", async (c) => {
 /** POST /api/channels — create a new channel */
 channels.post("/", async (c) => {
   const userId = c.get("userId");
-  const { name, description, openclawAgentId, systemPrompt } = await c.req.json<{
+  const { name, description, providerAgentId, systemPrompt } = await c.req.json<{
     name: string;
     description?: string;
-    openclawAgentId?: string;
+    providerAgentId?: string;
     systemPrompt?: string;
   }>();
 
@@ -52,7 +52,7 @@ channels.post("/", async (c) => {
   const id = generateId("ch_");
   // Default agent ID derived from channel name (slug)
   const agentId =
-    openclawAgentId?.trim() ||
+    providerAgentId?.trim() ||
     name
       .trim()
       .toLowerCase()
@@ -60,7 +60,7 @@ channels.post("/", async (c) => {
       .replace(/^-|-$/g, "");
 
   await c.env.DB.prepare(
-    "INSERT INTO channels (id, user_id, name, description, openclaw_agent_id, system_prompt) VALUES (?, ?, ?, ?, ?, ?)",
+    "INSERT INTO channels (id, user_id, name, description, provider_agent_id, system_prompt) VALUES (?, ?, ?, ?, ?, ?)",
   )
     .bind(id, userId, name.trim(), description?.trim() ?? "", agentId, systemPrompt?.trim() ?? "")
     .run();
@@ -88,7 +88,7 @@ channels.post("/", async (c) => {
       id,
       name: name.trim(),
       description: description?.trim() ?? "",
-      openclawAgentId: agentId,
+      providerAgentId: agentId,
       systemPrompt: systemPrompt?.trim() ?? "",
     },
     201,
@@ -101,14 +101,14 @@ channels.get("/:id", async (c) => {
   const channelId = c.req.param("id");
 
   const row = await c.env.DB.prepare(
-    "SELECT id, name, description, openclaw_agent_id, system_prompt, created_at, updated_at FROM channels WHERE id = ? AND user_id = ?",
+    "SELECT id, name, description, provider_agent_id, system_prompt, created_at, updated_at FROM channels WHERE id = ? AND user_id = ?",
   )
     .bind(channelId, userId)
     .first<{
       id: string;
       name: string;
       description: string;
-      openclaw_agent_id: string;
+      provider_agent_id: string;
       system_prompt: string;
       created_at: number;
       updated_at: number;
@@ -120,7 +120,7 @@ channels.get("/:id", async (c) => {
     id: row.id,
     name: row.name,
     description: row.description,
-    openclawAgentId: row.openclaw_agent_id,
+    providerAgentId: row.provider_agent_id,
     systemPrompt: row.system_prompt,
     createdAt: row.created_at,
     updatedAt: row.updated_at,