botschat 0.1.20 → 0.1.22

package/packages/api/src/do/connection-do.ts

@@ -4,6 +4,7 @@ import { getFcmAccessToken, sendPushNotification } from "../utils/fcm.js";
 import { sendApnsNotification, type ApnsConfig } from "../utils/apns.js";
 import { generateId as generateIdUtil } from "../utils/id.js";
 import { randomUUID } from "../utils/uuid.js";
+import { isDemoUserId } from "../routes/demo.js";
 
 /** Presence info stored in browser WebSocket attachments (survives DO hibernation). */
 interface BrowserAttachment {
@@ -29,8 +30,7 @@ const DC_GRACE_MS = 30_000;   // 30 s after WebSocket disconnect
  * - Use WebSocket Hibernation API so idle users cost zero compute
  *
  * Connection tagging (via serializeAttachment / deserializeAttachment):
- * - "agent:<agentId>" = WebSocket from an agent plugin (v2, per-agent)
- * - "openclaw" = legacy WebSocket from the OpenClaw plugin (backward compat)
+ * - "openclaw" = the WebSocket from the OpenClaw plugin
  * - "browser:<sessionId>" = a browser client WebSocket
  */
 export class ConnectionDO implements DurableObject {
@@ -54,9 +54,6 @@ export class ConnectionDO implements DurableObject {
   /** Timestamp of last accepted OpenClaw WebSocket (in-memory, no storage write). */
   private lastOpenClawAcceptedAt = 0;
 
-  /** Pending agent.request delegations — maps requestId to originator info. */
-  private pendingRequests = new Map<string, { fromAgentId: string; sessionKey: string; depth: number; createdAt: number }>();
-
   constructor(state: DurableObjectState, env: Env) {
     this.state = state;
     this.env = env;
@@ -92,8 +89,7 @@ export class ConnectionDO implements DurableObject {
         }
       }
       const preVerified = url.searchParams.get("verified") === "1";
-      const agentId = url.searchParams.get("agentId");
-      return this.handleOpenClawConnect(request, preVerified, agentId);
+      return this.handleOpenClawConnect(request, preVerified);
     }
 
     // Route: /client/:sessionId — Browser client connects here
@@ -109,8 +105,9 @@ export class ConnectionDO implements DurableObject {
     // Route: /models — Available models (REST)
     if (url.pathname === "/models") {
       await this.ensureCachedModels();
-      console.log(`[DO] GET /models — returning ${this.cachedModels.length} models`);
-      return Response.json({ models: this.cachedModels });
+      const models = this.cachedModels.length ? this.cachedModels : (await this.isDemoUser() ? ConnectionDO.DEMO_MODELS : []);
+      console.log(`[DO] GET /models — returning ${models.length} models`);
+      return Response.json({ models });
     }
 
     // Route: /scan-data — Cached OpenClaw scan data (schedule/instructions/model)
@@ -146,7 +143,7 @@ export class ConnectionDO implements DurableObject {
         return;
       }
 
-      if (tag === "openclaw" || tag?.startsWith("agent:")) {
+      if (tag === "openclaw") {
         await this.handleOpenClawMessage(ws, parsed);
       } else if (tag?.startsWith("browser:")) {
         await this.handleBrowserMessage(ws, parsed);
@@ -167,7 +164,8 @@ export class ConnectionDO implements DurableObject {
   /** Called when a WebSocket is closed. */
   async webSocketClose(ws: WebSocket, code: number, _reason: string, _wasClean: boolean): Promise<void> {
     const tag = this.getTag(ws);
-    if (tag === "openclaw" || tag?.startsWith("agent:")) {
+    if (tag === "openclaw") {
+      // OpenClaw disconnected — notify all browser clients
       this.broadcastToBrowsers(
         JSON.stringify({ type: "openclaw.disconnected" }),
       );
@@ -190,7 +188,7 @@ export class ConnectionDO implements DurableObject {
 
   // ---- Connection handlers ----
 
-  private handleOpenClawConnect(request: Request, preVerified = false, agentId?: string | null): Response {
+  private handleOpenClawConnect(request: Request, preVerified = false): Response {
     if (request.headers.get("Upgrade") !== "websocket") {
       return new Response("Expected WebSocket upgrade", { status: 426 });
     }
@@ -206,14 +204,12 @@ export class ConnectionDO implements DurableObject {
     }
     this.lastOpenClawAcceptedAt = now;
 
-    const wsTag = agentId ? "agent:" + agentId : "openclaw";
-
-    // Safety valve: if stale sockets with the same tag accumulated (e.g. from
+    // Safety valve: if stale openclaw sockets accumulated (e.g. from
     // rapid reconnects that authenticated but then lost their edge
     // connection), close them all before accepting a new one.
-    const existing = this.state.getWebSockets(wsTag);
+    const existing = this.state.getWebSockets("openclaw");
     if (existing.length > 3) {
-      console.warn(`[DO] Safety valve: ${existing.length} ${wsTag} sockets, closing all`);
+      console.warn(`[DO] Safety valve: ${existing.length} openclaw sockets, closing all`);
       for (const s of existing) {
         try { s.close(4009, "replaced"); } catch { /* dead */ }
       }
@@ -222,12 +218,12 @@ export class ConnectionDO implements DurableObject {
     const pair = new WebSocketPair();
     const [client, server] = [pair[0], pair[1]];
 
-    this.state.acceptWebSocket(server, [wsTag]);
+    this.state.acceptWebSocket(server, ["openclaw"]);
 
     // If the API worker already verified the token against D1, mark as
     // pre-verified. The plugin still sends an auth message, which we'll
     // fast-track through without re-validating the token.
-    server.serializeAttachment({ authenticated: false, tag: wsTag, agentId: agentId ?? null, preVerified });
+    server.serializeAttachment({ authenticated: false, tag: "openclaw", preVerified });
 
     return new Response(null, { status: 101, webSocket: client });
   }
@@ -276,12 +272,11 @@ export class ConnectionDO implements DurableObject {
       const isValid = attachment?.preVerified || await this.validatePairingToken(token);
 
       if (isValid) {
-        // Close other sockets with the SAME tag. Use custom code 4009 so
+        // Close ALL other openclaw sockets. Use custom code 4009 so
         // well-behaved plugins know they were replaced (not a crash)
         // and should NOT reconnect. The Worker-level rate limit (10s)
         // prevents the resulting close event from flooding the DO.
-        const wsTag = attachment?.tag ?? "openclaw";
-        const existingSockets = this.state.getWebSockets(wsTag);
+        const existingSockets = this.state.getWebSockets("openclaw");
         let closedCount = 0;
         for (const oldWs of existingSockets) {
           if (oldWs !== ws) {
@@ -323,15 +318,6 @@ export class ConnectionDO implements DurableObject {
       return;
     }
 
-    // Resolve @channelName session keys to real adhoc task session keys
-    if (
-      (msg.type === "agent.text" || msg.type === "agent.media" || msg.type === "agent.a2ui" ||
-       msg.type === "agent.stream.start" || msg.type === "agent.stream.chunk" || msg.type === "agent.stream.end") &&
-      typeof msg.sessionKey === "string" && msg.sessionKey.startsWith("@")
-    ) {
-      msg.sessionKey = await this.resolveChannelSessionKey(msg.sessionKey);
-    }
-
     // Persist agent messages to D1 (skip transient stream events)
     if (msg.type === "agent.text" || msg.type === "agent.media" || msg.type === "agent.a2ui") {
       console.log("[DO] Agent outbound:", JSON.stringify({
@@ -357,9 +343,6 @@ export class ConnectionDO implements DurableObject {
       // Bitmask: bit 0 = text encrypted, bit 1 = media encrypted
       const encryptedBits = (msg.encrypted ? 1 : 0) | (msg.mediaEncrypted ? 2 : 0);
 
-      // Extract agentId from the sending WebSocket's attachment
-      const wsAtt = ws.deserializeAttachment() as { agentId?: string } | null;
-
       await this.persistMessage({
         id: msg.messageId as string | undefined,
         sender: "agent",
@@ -369,7 +352,6 @@ export class ConnectionDO implements DurableObject {
         mediaUrl: persistedMediaUrl,
         a2ui: msg.jsonl as string | undefined,
         encrypted: encryptedBits,
-        senderAgentId: (msg.agentId as string | undefined) ?? wsAtt?.agentId ?? undefined,
       });
     }
 
@@ -383,7 +365,7 @@ export class ConnectionDO implements DurableObject {
     if (msg.type === "task.schedule.ack" && msg.ok && msg.taskId && msg.cronJobId) {
       try {
         await this.env.DB.prepare(
-          "UPDATE tasks SET provider_job_id = ? WHERE id = ?",
+          "UPDATE tasks SET openclaw_cron_job_id = ? WHERE id = ?",
         ).bind(msg.cronJobId, msg.taskId).run();
         console.log(`[DO] Updated task ${msg.taskId} with cronJobId ${msg.cronJobId}`);
       } catch (err) {
@@ -424,44 +406,11 @@ export class ConnectionDO implements DurableObject {
       await this.handleJobUpdate(msg);
     }
 
-    // Handle agent.request — Agent-to-Agent delegation
-    if (msg.type === "agent.request") {
-      await this.handleAgentRequest(ws, msg);
-      return;
-    }
-
-    // Handle agent.trace — persist verbose execution traces (lv2/lv3)
-    if (msg.type === "agent.trace") {
-      await this.handleAgentTrace(msg);
-      return;
-    }
-
     // Forward all messages to browser clients (strip notifyPreview — plaintext
     // must not be relayed to browser WebSockets; browsers decrypt locally)
     if (msg.type === "agent.text") {
       console.log(`[DO] Forwarding agent.text to browsers: encrypted=${msg.encrypted}, messageId=${msg.messageId}, textLen=${typeof msg.text === "string" ? msg.text.length : "?"}`);
     }
-
-    const wsAttForReply = ws.deserializeAttachment() as { agentId?: string } | null;
-
-    // Check if this agent.text is a response to a pending agent.request
-    if ((msg.type === "agent.text" || msg.type === "agent.stream.end") && msg.requestId) {
-      const pending = this.pendingRequests.get(msg.requestId as string);
-      if (pending) {
-        const originSocket = this.getAgentSocket(pending.fromAgentId);
-        if (originSocket) {
-          originSocket.send(JSON.stringify({
-            type: "agent.response",
-            requestId: msg.requestId,
-            fromAgentId: (msg.agentId as string) ?? wsAttForReply?.agentId ?? null,
-            text: (msg.text ?? "") as string,
-            sessionKey: (msg.sessionKey ?? "") as string,
-          }));
-        }
-        this.pendingRequests.delete(msg.requestId as string);
-      }
-    }
-
     const { notifyPreview: _stripped, ...msgForBrowser } = msg;
     this.broadcastToBrowsers(JSON.stringify(msgForBrowser));
 
@@ -509,40 +458,27 @@ export class ConnectionDO implements DurableObject {
       }
 
       ws.serializeAttachment({ ...attachment, authenticated: true });
+      // Include userId so the browser can derive the E2E key
       const doUserId2 = doUserId ?? payload.sub;
-
-      // Fetch available agents from D1 for the auth.ok response
-      let availableAgents: Array<{ id: string; name: string; type: string; role: string; capabilities: string[]; status: string }> = [];
-      try {
-        const { results } = await this.env.DB.prepare(
-          "SELECT id, name, type, role, capabilities, status FROM agents WHERE user_id = ? ORDER BY created_at ASC",
-        )
-          .bind(doUserId2)
-          .all<{ id: string; name: string; type: string; role: string; capabilities: string; status: string }>();
-        availableAgents = (results ?? []).map((r) => ({
-          id: r.id,
-          name: r.name,
-          type: r.type,
-          role: r.role,
-          capabilities: JSON.parse(r.capabilities || "[]"),
-          status: r.status,
-        }));
-      } catch (err) {
-        console.error("[DO] Failed to fetch agents for auth.ok:", err);
+      // Persist userId to storage so isDemoUser() and other helpers work
+      // even when no OpenClaw plugin has connected (e.g. demo mode).
+      if (!doUserId) {
+        await this.state.storage.put("userId", doUserId2);
       }
+      ws.send(JSON.stringify({ type: "auth.ok", userId: doUserId2 }));
 
-      ws.send(JSON.stringify({ type: "auth.ok", userId: doUserId2, availableAgents }));
-
-      // Send current connection status + cached models
+      // Send current OpenClaw connection status + cached models
       await this.ensureCachedModels();
-      const openclawConnected = this.getOpenClawSocket() !== null;
+      const isDemo = isDemoUserId(doUserId2);
+      const openclawConnected = isDemo || this.getOpenClawSocket() !== null;
+      const models = this.cachedModels.length ? this.cachedModels : (isDemo ? ConnectionDO.DEMO_MODELS : []);
+      const model = this.defaultModel || (isDemo ? "mock/echo-1.0" : null);
       ws.send(
         JSON.stringify({
           type: "connection.status",
           openclawConnected,
-          defaultModel: this.defaultModel,
-          models: this.cachedModels,
-          connectedAgents: availableAgents.filter((a) => a.status === "connected"),
+          defaultModel: model,
+          models,
         }),
       );
       return;
@@ -585,7 +521,6 @@ export class ConnectionDO implements DurableObject {
         type: msg.type,
         sessionKey: msg.sessionKey,
         messageId: msg.messageId,
-        targetAgentId: msg.targetAgentId,
         hasMedia: !!msg.mediaUrl,
       }));
       await this.persistMessage({
@@ -595,34 +530,14 @@ export class ConnectionDO implements DurableObject {
         text: (msg.text ?? "") as string,
         mediaUrl: msg.mediaUrl as string | undefined,
         encrypted: msg.encrypted ? 1 : 0,
-        targetAgentId: msg.targetAgentId as string | undefined,
       });
     }
 
-    // Route user message to the target agent
-    const targetAgentId = msg.targetAgentId as string | undefined;
-    let targetWs: WebSocket | null = null;
-
-    if (targetAgentId) {
-      targetWs = this.getAgentSocket(targetAgentId);
-    }
-    if (!targetWs) {
-      // No explicit target or target not found — try channel's default agent
-      const sessionKey = msg.sessionKey as string | undefined;
-      if (sessionKey) {
-        const channelDefault = await this.resolveDefaultAgentId(sessionKey);
-        if (channelDefault) {
-          targetWs = this.getAgentSocket(channelDefault);
-        }
-      }
-    }
-    if (!targetWs) {
-      // Final fallback: any connected agent (backward compat)
-      targetWs = this.getAnyAgentSocket();
-    }
-
-    if (targetWs) {
-      // Enrich thread messages with parent context
+    // Forward user messages to OpenClaw
+    const openclawWs = this.getOpenClawSocket();
+    if (openclawWs) {
+      // If this is a thread message, look up the parent message and attach it
+      // so the plugin can inject the thread-origin context into the AI conversation.
       const sessionKey = msg.sessionKey as string | undefined;
       const threadMatch = sessionKey?.match(/:thread:(.+)$/);
       let enrichedMsg = msg;
@@ -642,17 +557,20 @@ export class ConnectionDO implements DurableObject {
               parentSender: parentRow.sender as string,
               parentEncrypted: (parentRow.encrypted ?? 0) as number,
             };
+            console.log(`[DO] Attached parent message for thread: parentId=${parentId}, sender=${parentRow.sender}, encrypted=${parentRow.encrypted}`);
           }
         } catch (err) {
-          console.error(`[DO] Failed to fetch parent message for thread:`, err);
+          console.error(`[DO] Failed to fetch parent message for thread ${parentId}:`, err);
         }
       }
-      targetWs.send(JSON.stringify(enrichedMsg));
+      openclawWs.send(JSON.stringify(enrichedMsg));
+    } else if (await this.isDemoUser()) {
+      await this.handleDemoMockReply(ws, msg);
     } else {
       ws.send(
         JSON.stringify({
           type: "error",
-          message: "No agent is currently connected. Please check your agent instances.",
+          message: "OpenClaw is not connected. Please check your OpenClaw instance.",
         }),
       );
     }
@@ -668,6 +586,10 @@ export class ConnectionDO implements DurableObject {
   private async handleGetScanData(): Promise<Response> {
     const openclawWs = this.getOpenClawSocket();
     if (!openclawWs) {
+      // Demo users get mock scan data instead of 503
+      if (await this.isDemoUser()) {
+        return Response.json({ tasks: [] });
+      }
       return Response.json(
         { error: "OpenClaw not connected", tasks: [] },
         { status: 503 },
@@ -708,12 +630,9 @@ export class ConnectionDO implements DurableObject {
     }
   }
 
-  private handleStatus(): Response {
+  private async handleStatus(): Promise<Response> {
     const sockets = this.state.getWebSockets();
-    const openclawSocket = sockets.find((s) => {
-      const t = this.getTag(s);
-      return t === "openclaw" || t?.startsWith("agent:");
-    });
+    const openclawSocket = sockets.find((s) => this.getTag(s) === "openclaw");
     const browserCount = sockets.filter((s) =>
       this.getTag(s)?.startsWith("browser:"),
     ).length;
@@ -724,9 +643,10 @@ export class ConnectionDO implements DurableObject {
       openclawAuthenticated = att?.authenticated ?? false;
     }
 
+    const isDemo = await this.isDemoUser();
     return Response.json({
-      openclawConnected: !!openclawSocket,
-      openclawAuthenticated,
+      openclawConnected: isDemo || !!openclawSocket,
+      openclawAuthenticated: isDemo || openclawAuthenticated,
       browserClients: browserCount,
     });
   }
@@ -784,9 +704,11 @@ export class ConnectionDO implements DurableObject {
     return att?.tag ?? null;
   }
 
-  /** Get a specific agent's socket by agentId. */
-  private getAgentSocket(agentId: string): WebSocket | null {
-    const sockets = this.state.getWebSockets("agent:" + agentId);
+  private getOpenClawSocket(): WebSocket | null {
+    const sockets = this.state.getWebSockets("openclaw");
+    // Return the LAST (newest) authenticated OpenClaw socket.
+    // After a reconnection there may briefly be multiple sockets
+    // before the stale cleanup in handleOpenClawMessage runs.
     let newest: WebSocket | null = null;
     for (const s of sockets) {
       const att = s.deserializeAttachment() as { authenticated: boolean } | null;
@@ -795,147 +717,6 @@ export class ConnectionDO implements DurableObject {
     return newest ?? sockets[sockets.length - 1] ?? null;
   }
 
-  /** Get any connected agent socket (new agent:xxx or legacy openclaw). */
-  private getAnyAgentSocket(): WebSocket | null {
-    const allSockets = this.state.getWebSockets();
-    for (const s of allSockets) {
-      const att = s.deserializeAttachment() as { authenticated: boolean; tag?: string } | null;
-      if (att?.authenticated && att?.tag?.startsWith("agent:")) return s;
-    }
-    const legacySockets = this.state.getWebSockets("openclaw");
-    for (const s of legacySockets) {
-      const att = s.deserializeAttachment() as { authenticated: boolean } | null;
-      if (att?.authenticated) return s;
-    }
-    return legacySockets[legacySockets.length - 1] ?? null;
-  }
-
-  private getOpenClawSocket(): WebSocket | null {
-    return this.getAnyAgentSocket();
-  }
-
-  // ---- Agent-to-Agent delegation ----
-
-  private async handleAgentRequest(ws: WebSocket, msg: Record<string, unknown>): Promise<void> {
-    const MAX_DEPTH = 5;
-    const TIMEOUT_MS = 5 * 60 * 1000;
-    const depth = (msg.depth as number) ?? 0;
-    const requestId = msg.requestId as string;
-    const targetAgentId = msg.targetAgentId as string;
-    const fromAtt = ws.deserializeAttachment() as { agentId?: string } | null;
-    const fromAgentId = (msg.agentId as string) ?? fromAtt?.agentId ?? "unknown";
-
-    if (depth >= MAX_DEPTH) {
-      const originSocket = this.getAgentSocket(fromAgentId);
-      if (originSocket) {
-        originSocket.send(JSON.stringify({
-          type: "agent.response",
-          requestId,
-          fromAgentId: targetAgentId,
-          error: "Maximum delegation depth exceeded",
-          sessionKey: msg.sessionKey,
-        }));
-      }
-      return;
-    }
-
-    const targetSocket = this.getAgentSocket(targetAgentId);
-    if (!targetSocket) {
-      // Target agent offline — notify originator and broadcast system message
-      const originSocket = this.getAgentSocket(fromAgentId);
-      if (originSocket) {
-        originSocket.send(JSON.stringify({
-          type: "agent.response",
-          requestId,
-          fromAgentId: targetAgentId,
-          error: `Agent ${targetAgentId} is currently offline`,
-          sessionKey: msg.sessionKey,
-        }));
-      }
-      this.broadcastToBrowsers(JSON.stringify({
-        type: "system.message",
-        text: `Agent delegation failed: target agent is offline`,
-        sessionKey: msg.sessionKey,
-      }));
-      return;
-    }
-
-    // Track the pending request for response routing
-    this.pendingRequests.set(requestId, {
-      fromAgentId,
-      sessionKey: msg.sessionKey as string,
-      depth,
-      createdAt: Date.now(),
-    });
-
-    // Clean up expired pending requests
-    const now = Date.now();
-    for (const [rid, pr] of this.pendingRequests) {
-      if (now - pr.createdAt > TIMEOUT_MS) {
-        this.pendingRequests.delete(rid);
-      }
-    }
-
-    // Persist the delegation message to D1 (visible as agent-to-agent in chat)
-    await this.persistMessage({
-      sender: "agent",
-      sessionKey: msg.sessionKey as string,
-      text: (msg.text ?? "") as string,
-      senderAgentId: fromAgentId,
-      targetAgentId,
-    });
-
-    // Forward to target agent as a user.message (agents don't need to know it's a delegation)
-    targetSocket.send(JSON.stringify({
-      type: "user.message",
-      sessionKey: msg.sessionKey,
-      text: msg.text,
-      userId: fromAgentId,
-      messageId: requestId,
-      targetAgentId,
-      context: msg.context,
-      depth: depth + 1,
-    }));
-
-    // Also broadcast to browser so user can see the delegation
-    this.broadcastToBrowsers(JSON.stringify({
-      type: "agent.text",
-      agentId: fromAgentId,
-      sessionKey: msg.sessionKey,
-      text: msg.text,
-      targetAgentId,
-      isDelegation: true,
-    }));
-  }
-
-  // ---- Verbose trace persistence ----
-
-  private async handleAgentTrace(msg: Record<string, unknown>): Promise<void> {
-    try {
-      const userId = (await this.state.storage.get<string>("userId")) ?? "unknown";
-      const id = generateIdUtil("mt_");
-      await this.env.DB.prepare(
-        `INSERT INTO message_traces (id, message_id, user_id, session_key, agent_id, verbose_level, trace_type, content, metadata_json, encrypted)
-         VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
-      )
-        .bind(
-          id,
-          (msg.messageId ?? "") as string,
-          userId,
-          (msg.sessionKey ?? "") as string,
-          (msg.agentId ?? "") as string,
-          (msg.verboseLevel ?? 2) as number,
-          (msg.traceType ?? "thinking") as string,
-          (msg.content ?? "") as string,
-          JSON.stringify(msg.metadata ?? {}),
-          msg.encrypted ? 1 : 0,
-        )
-        .run();
-    } catch (err) {
-      console.error("[DO] Failed to persist agent trace:", err);
-    }
-  }
-
   private broadcastToBrowsers(message: string): void {
     const sockets = this.state.getWebSockets();
     for (const s of sockets) {
@@ -1264,8 +1045,6 @@ export class ConnectionDO implements DurableObject {
     mediaUrl?: string;
     a2ui?: string;
     encrypted?: number;
-    senderAgentId?: string;
-    targetAgentId?: string;
   }): Promise<void> {
     try {
       const userId = (await this.state.storage.get<string>("userId")) ?? "unknown";
@@ -1280,10 +1059,10 @@ export class ConnectionDO implements DurableObject {
       }
 
       await this.env.DB.prepare(
-        `INSERT INTO messages (id, user_id, session_key, thread_id, sender, text, media_url, a2ui, encrypted, sender_agent_id, target_agent_id)
-         VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+        `INSERT INTO messages (id, user_id, session_key, thread_id, sender, text, media_url, a2ui, encrypted)
+         VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
       )
-        .bind(id, userId, opts.sessionKey, threadId ?? null, opts.sender, opts.text, opts.mediaUrl ?? null, opts.a2ui ?? null, encrypted, opts.senderAgentId ?? null, opts.targetAgentId ?? null)
+        .bind(id, userId, opts.sessionKey, threadId ?? null, opts.sender, opts.text, opts.mediaUrl ?? null, opts.a2ui ?? null, encrypted)
         .run();
     } catch (err) {
       console.error("Failed to persist message:", err);
@@ -1445,7 +1224,7 @@ export class ConnectionDO implements DurableObject {
 
         // Check if a matching task already exists
         const existingTask = await this.env.DB.prepare(
-          "SELECT id, session_key FROM tasks WHERE provider_job_id = ?",
+          "SELECT id, session_key FROM tasks WHERE openclaw_cron_job_id = ?",
         )
           .bind(t.cronJobId)
           .first<{ id: string; session_key: string }>();
@@ -1464,7 +1243,7 @@ export class ConnectionDO implements DurableObject {
             t.cronJobId,
           ];
           await this.env.DB.prepare(
-            `UPDATE tasks SET ${updateParts.join(", ")} WHERE provider_job_id = ?`,
+            `UPDATE tasks SET ${updateParts.join(", ")} WHERE openclaw_cron_job_id = ?`,
           )
             .bind(...updateVals)
             .run();
@@ -1483,7 +1262,7 @@ export class ConnectionDO implements DurableObject {
           // D1 only stores basic task metadata — schedule/instructions/model
           // belong to OpenClaw and are delivered via task.scan.result WebSocket.
           await this.env.DB.prepare(
-            `INSERT INTO tasks (id, channel_id, name, kind, provider_job_id, session_key, enabled)
+            `INSERT INTO tasks (id, channel_id, name, kind, openclaw_cron_job_id, session_key, enabled)
              VALUES (?, ?, ?, 'background', ?, ?, ?)`,
           )
             .bind(taskId, defaultChannelId, taskName, t.cronJobId, sessionKey, t.enabled ? 1 : 0)
@@ -1494,7 +1273,7 @@ export class ConnectionDO implements DurableObject {
 
         // Resolve the task record for job persistence (may have just been created)
         const taskRecord = await this.env.DB.prepare(
-          "SELECT id, session_key FROM tasks WHERE provider_job_id = ?",
+          "SELECT id, session_key FROM tasks WHERE openclaw_cron_job_id = ?",
         )
           .bind(t.cronJobId)
           .first<{ id: string; session_key: string }>();
@@ -1558,7 +1337,7 @@ export class ConnectionDO implements DurableObject {
   private async ensureDefaultChannel(userId: string): Promise<string> {
     // Check if a default channel already exists
     const existing = await this.env.DB.prepare(
-      "SELECT id FROM channels WHERE user_id = ? AND provider_agent_id = 'main' ORDER BY created_at ASC LIMIT 1",
+      "SELECT id FROM channels WHERE user_id = ? AND openclaw_agent_id = 'main' ORDER BY created_at ASC LIMIT 1",
     )
       .bind(userId)
       .first<{ id: string }>();
@@ -1568,7 +1347,7 @@ export class ConnectionDO implements DurableObject {
     // Create the default channel
     const channelId = this.generateId("ch_");
     await this.env.DB.prepare(
-      "INSERT INTO channels (id, user_id, name, description, provider_agent_id, system_prompt) VALUES (?, ?, 'Default', 'Auto-created channel for imported background tasks', 'main', '')",
+      "INSERT INTO channels (id, user_id, name, description, openclaw_agent_id, system_prompt) VALUES (?, ?, 'Default', 'Auto-created channel for imported background tasks', 'main', '')",
     )
       .bind(channelId, userId)
       .run();
@@ -1586,101 +1365,6 @@ export class ConnectionDO implements DurableObject {
     return channelId;
   }
 
-  /**
-   * Resolve a "@channelName" session key to a real adhoc task session key.
-   * Resolve the default agent ID for a given session key.
-   * Looks up the channel from the session key pattern and returns its default_agent_id.
-   */
-  private async resolveDefaultAgentId(sessionKey: string): Promise<string | null> {
-    try {
-      const userId = await this.state.storage.get<string>("userId");
-      if (!userId) return null;
-
-      // Try to find channel by matching session_key in sessions or tasks table
-      const session = await this.env.DB.prepare(
-        "SELECT channel_id FROM sessions WHERE session_key = ? AND user_id = ? LIMIT 1",
-      )
-        .bind(sessionKey.replace(/:thread:.+$/, ""), userId)
-        .first<{ channel_id: string }>();
-
-      const channelId = session?.channel_id;
-      if (!channelId) return null;
-
-      const channel = await this.env.DB.prepare(
-        "SELECT default_agent_id FROM channels WHERE id = ? LIMIT 1",
-      )
-        .bind(channelId)
-        .first<{ default_agent_id: string | null }>();
-
-      return channel?.default_agent_id ?? null;
-    } catch {
-      return null;
-    }
-  }
-
-  /**
-   * - "@default" → first channel (by created_at ASC)
-   * - "@SomeName" → channel matched by name (case-insensitive)
-   * Returns the original sessionKey if it doesn't start with "@".
-   */
-  private async resolveChannelSessionKey(rawSessionKey: string): Promise<string> {
-    if (!rawSessionKey.startsWith("@")) return rawSessionKey;
-
-    const userId = await this.state.storage.get<string>("userId");
-    if (!userId) {
-      console.error("[DO] resolveChannelSessionKey: no userId in storage");
-      return rawSessionKey;
-    }
-
-    const isDefault = rawSessionKey.toLowerCase() === "@default";
-    const channelName = isDefault ? null : rawSessionKey.slice(1);
-
-    let channel: { id: string; provider_agent_id: string } | null = null;
-
-    if (channelName) {
-      channel = await this.env.DB.prepare(
-        "SELECT id, provider_agent_id FROM channels WHERE user_id = ? AND LOWER(name) = LOWER(?) LIMIT 1",
-      )
-        .bind(userId, channelName)
-        .first<{ id: string; provider_agent_id: string }>();
-    }
-
-    if (!channel) {
-      channel = await this.env.DB.prepare(
-        "SELECT id, provider_agent_id FROM channels WHERE user_id = ? ORDER BY created_at ASC LIMIT 1",
-      )
-        .bind(userId)
-        .first<{ id: string; provider_agent_id: string }>();
-    }
-
-    if (!channel) {
-      const channelId = await this.ensureDefaultChannel(userId);
-      channel = { id: channelId, provider_agent_id: "main" };
-    }
-
-    const task = await this.env.DB.prepare(
-      "SELECT session_key FROM tasks WHERE channel_id = ? AND kind = 'adhoc' LIMIT 1",
-    )
-      .bind(channel.id)
-      .first<{ session_key: string }>();
-
-    if (task?.session_key) {
-      console.log(`[DO] Resolved ${rawSessionKey} → ${task.session_key}`);
-      return task.session_key;
-    }
-
-    const taskId = this.generateId("tsk_");
-    const agentId = channel.provider_agent_id || "main";
-    const sessionKey = `agent:${agentId}:botschat:${userId}:adhoc`;
-    await this.env.DB.prepare(
-      "INSERT INTO tasks (id, channel_id, name, kind, session_key) VALUES (?, ?, 'Ad Hoc Chat', 'adhoc', ?)",
-    )
-      .bind(taskId, channel.id, sessionKey)
-      .run();
-    console.log(`[DO] Created adhoc task for channel ${channel.id}, resolved ${rawSessionKey} → ${sessionKey}`);
-    return sessionKey;
-  }
-
   /** Generate a short random ID (URL-safe) using CSPRNG (bias-free). */
   private generateId(prefix = ""): string {
     return generateIdUtil(prefix);
@@ -1704,7 +1388,7 @@ export class ConnectionDO implements DurableObject {
 
       // Find the task by cronJobId
       const task = await this.env.DB.prepare(
-        "SELECT id FROM tasks WHERE provider_job_id = ?",
+        "SELECT id FROM tasks WHERE openclaw_cron_job_id = ?",
       )
         .bind(cronJobId)
         .first<{ id: string }>();
@@ -1738,6 +1422,126 @@ export class ConnectionDO implements DurableObject {
     }
   }
 
+  // ---- Demo mode (built-in mock OpenClaw) ----
+
+  private static readonly DEMO_MODELS = [
+    { id: "mock/echo-1.0", name: "Echo 1.0", provider: "mock" },
+    { id: "anthropic/claude-sonnet-4-20250514", name: "Claude Sonnet 4", provider: "anthropic" },
+    { id: "openai/gpt-4o", name: "GPT-4o", provider: "openai" },
+  ];
+
+  private async isDemoUser(): Promise<boolean> {
+    const userId = await this.state.storage.get<string>("userId");
+    return !!userId && isDemoUserId(userId);
+  }
+
+  /**
+   * Handle a browser message when no OpenClaw plugin is connected and the
+   * user is a demo account. Simulates the mock OpenClaw responses inline.
+   */
+  private async handleDemoMockReply(
+    ws: WebSocket,
+    msg: Record<string, unknown>,
+  ): Promise<void> {
+    const sessionKey = msg.sessionKey as string;
+
+    if (msg.type === "user.message") {
+      const userText = (msg.text as string) ?? "";
+      const replyText = `Mock reply: ${userText}`;
+      const replyId = randomUUID();
+
+      // Small delay to feel natural
+      await new Promise((r) => setTimeout(r, 300));
+
+      const reply = {
+        type: "agent.text",
+        sessionKey,
+        text: replyText,
+        messageId: replyId,
+      };
+
+      await this.persistMessage({
+        id: replyId,
+        sender: "agent",
+        sessionKey,
+        text: replyText,
+        encrypted: 0,
+      });
+
+      this.broadcastToBrowsers(JSON.stringify(reply));
+    } else if (msg.type === "user.media") {
+      const replyId = randomUUID();
+      await new Promise((r) => setTimeout(r, 300));
+      const reply = {
+        type: "agent.text",
+        sessionKey,
+        text: `📎 Received media: ${msg.mediaUrl}`,
+        messageId: replyId,
+      };
+      await this.persistMessage({ id: replyId, sender: "agent", sessionKey, text: reply.text, encrypted: 0 });
+      this.broadcastToBrowsers(JSON.stringify(reply));
+    } else if (msg.type === "user.command" || msg.type === "user.action") {
+      const replyId = randomUUID();
+      await new Promise((r) => setTimeout(r, 200));
+      const text = msg.type === "user.command"
+        ? `Command received: /${msg.command} ${msg.args || ""}`.trim()
+        : `Action received: ${msg.action}`;
+      const reply = { type: "agent.text", sessionKey, text, messageId: replyId };
+      await this.persistMessage({ id: replyId, sender: "agent", sessionKey, text, encrypted: 0 });
+      this.broadcastToBrowsers(JSON.stringify(reply));
+    } else if (msg.type === "task.schedule") {
+      const ack = {
+        type: "task.schedule.ack",
+        cronJobId: (msg.cronJobId as string) || `mock_cron_${Date.now()}`,
+        taskId: msg.taskId,
+        ok: true,
+      };
+      this.broadcastToBrowsers(JSON.stringify(ack));
+    } else if (msg.type === "task.run") {
+      const jobId = `mock_job_${Date.now()}`;
+      const startedAt = Math.floor(Date.now() / 1000);
+      this.broadcastToBrowsers(JSON.stringify({
+        type: "job.update",
+        cronJobId: msg.cronJobId,
+        jobId,
+        sessionKey: sessionKey ?? "",
+        status: "running",
+        startedAt,
+      }));
+      await new Promise((r) => setTimeout(r, 2000));
+      const finishedAt = Math.floor(Date.now() / 1000);
+      const update = {
+        type: "job.update",
+        cronJobId: msg.cronJobId,
+        jobId,
+        sessionKey: sessionKey ?? "",
+        status: "ok",
+        summary: "Mock task executed successfully",
+        startedAt,
+        finishedAt,
+        durationMs: (finishedAt - startedAt) * 1000,
+      };
+      await this.handleJobUpdate(update);
+      this.broadcastToBrowsers(JSON.stringify(update));
+    } else if (msg.type === "settings.defaultModel") {
+      const model = (msg.defaultModel as string) ?? "";
+      if (model) {
+        this.defaultModel = model;
+        await this.state.storage.put("defaultModel", model);
+      }
+      this.broadcastToBrowsers(JSON.stringify({
+        type: "defaultModel.updated",
+        model,
+      }));
+      this.broadcastToBrowsers(JSON.stringify({
+        type: "connection.status",
+        openclawConnected: true,
+        defaultModel: this.defaultModel,
+        models: this.cachedModels.length ? this.cachedModels : ConnectionDO.DEMO_MODELS,
+      }));
+    }
+  }
+
   private async validatePairingToken(token: string): Promise<boolean> {
     // The API worker validates pairing tokens against D1 before routing
     // to the DO (and passes ?verified=1). Connections that arrive here