npm - openclaw-app - Versions diffs - 1.0.3 → 1.0.4 - Mend

openclaw-app 1.0.3 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/index.ts CHANGED Viewed

@@ -663,10 +663,6 @@ async function handleRelayMessage(ctx: any, accountId: string, state: RelayState
             ctx.log?.warn?.(`[${CHANNEL_ID}] [${accountId}] [E2E] peer_joined missing sessionKey, ignoring`);
             return;
         }
-        if (!state.relayToken) {
-            ctx.log?.error?.(`[${CHANNEL_ID}] [${accountId}] [E2E] Relay token missing, cannot authenticate handshake`);
-            return;
-        }
         // Always restart E2E when peer_joined arrives — the app may have
         // reconnected with a fresh _e2eReadyCompleter and is waiting for a
         // new handshake even if we still hold an old session state.
@@ -678,23 +674,26 @@ async function handleRelayMessage(ctx: any, accountId: string, state: RelayState
         const sessionE2E = makeE2EState();
         state.e2eSessions.set(sessionKey, sessionE2E);
         const pubkey = await e2eInit(sessionE2E);
-        const ts = Date.now();
-        const mac = await buildHandshakeMac(
-            state.relayToken,
-            "plugin",
-            sessionKey,
-            pubkey,
-            ts,
-            HANDSHAKE_AUTH_VERSION
-        );
-        const handshakeWithSession = JSON.stringify({
+        const handshakePayload: Record<string, unknown> = {
             type: "handshake",
-            v: HANDSHAKE_AUTH_VERSION,
             sessionKey,
             pubkey,
-            ts,
-            mac,
-        });
+        };
+        if (state.relayToken) {
+            const ts = Date.now();
+            const mac = await buildHandshakeMac(
+                state.relayToken,
+                "plugin",
+                sessionKey,
+                pubkey,
+                ts,
+                HANDSHAKE_AUTH_VERSION
+            );
+            handshakePayload.v = HANDSHAKE_AUTH_VERSION;
+            handshakePayload.ts = ts;
+            handshakePayload.mac = mac;
+        }
+        const handshakeWithSession = JSON.stringify(handshakePayload);
         if (state.ws?.readyState === WebSocket.OPEN) {
             state.ws.send(handshakeWithSession);
         }
@@ -708,34 +707,36 @@ async function handleRelayMessage(ctx: any, accountId: string, state: RelayState
         const peerMac = msg.mac as string | undefined;
         const version = (msg.v as string | undefined) ?? HANDSHAKE_AUTH_VERSION;
         const peerTs = parseHandshakeTs(msg.ts);
-        if (!sessionKey || !peerPubKey || !peerMac || peerTs == null) {
-            ctx.log?.warn?.(`[${CHANNEL_ID}] [${accountId}] [E2E] Handshake missing auth fields`);
-            return;
-        }
-        if (version !== HANDSHAKE_AUTH_VERSION) {
-            ctx.log?.warn?.(`[${CHANNEL_ID}] [${accountId}] [E2E] Unsupported handshake version: ${version}`);
+        if (!sessionKey || !peerPubKey) {
+            ctx.log?.warn?.(`[${CHANNEL_ID}] [${accountId}] [E2E] Handshake missing sessionKey or pubkey`);
             return;
         }
-        if (!isHandshakeTsFresh(peerTs)) {
-            ctx.log?.warn?.(`[${CHANNEL_ID}] [${accountId}] [E2E] Handshake timestamp out of window, dropping`);
-            return;
-        }
-        if (!state.relayToken) {
-            ctx.log?.error?.(`[${CHANNEL_ID}] [${accountId}] [E2E] Relay token missing, cannot verify handshake`);
-            return;
-        }
-        const verified = await verifyHandshakeMac(
-            state.relayToken,
-            "app",
-            sessionKey,
-            peerPubKey,
-            peerTs,
-            peerMac,
-            version
-        );
-        if (!verified) {
-            ctx.log?.warn?.(`[${CHANNEL_ID}] [${accountId}] [E2E] Handshake MAC verification failed, dropping`);
-            return;
+        if (state.relayToken) {
+            if (!peerMac || peerTs == null) {
+                ctx.log?.warn?.(`[${CHANNEL_ID}] [${accountId}] [E2E] Handshake missing auth fields`);
+                return;
+            }
+            if (version !== HANDSHAKE_AUTH_VERSION) {
+                ctx.log?.warn?.(`[${CHANNEL_ID}] [${accountId}] [E2E] Unsupported handshake version: ${version}`);
+                return;
+            }
+            if (!isHandshakeTsFresh(peerTs)) {
+                ctx.log?.warn?.(`[${CHANNEL_ID}] [${accountId}] [E2E] Handshake timestamp out of window, dropping`);
+                return;
+            }
+            const verified = await verifyHandshakeMac(
+                state.relayToken,
+                "app",
+                sessionKey,
+                peerPubKey,
+                peerTs,
+                peerMac,
+                version
+            );
+            if (!verified) {
+                ctx.log?.warn?.(`[${CHANNEL_ID}] [${accountId}] [E2E] Handshake MAC verification failed, dropping`);
+                return;
+            }
         }
         let sessionE2E = state.e2eSessions.get(sessionKey);
         if (!sessionE2E) {
@@ -744,23 +745,26 @@ async function handleRelayMessage(ctx: any, accountId: string, state: RelayState
             sessionE2E = makeE2EState();
             state.e2eSessions.set(sessionKey, sessionE2E);
             const pubkey = await e2eInit(sessionE2E);
-            const ts = Date.now();
-            const mac = await buildHandshakeMac(
-                state.relayToken,
-                "plugin",
-                sessionKey,
-                pubkey,
-                ts,
-                HANDSHAKE_AUTH_VERSION
-            );
-            const handshakeWithSession = JSON.stringify({
+            const handshakePayload: Record<string, unknown> = {
                 type: "handshake",
-                v: HANDSHAKE_AUTH_VERSION,
                 sessionKey,
                 pubkey,
-                ts,
-                mac,
-            });
+            };
+            if (state.relayToken) {
+                const ts = Date.now();
+                const mac = await buildHandshakeMac(
+                    state.relayToken,
+                    "plugin",
+                    sessionKey,
+                    pubkey,
+                    ts,
+                    HANDSHAKE_AUTH_VERSION
+                );
+                handshakePayload.v = HANDSHAKE_AUTH_VERSION;
+                handshakePayload.ts = ts;
+                handshakePayload.mac = mac;
+            }
+            const handshakeWithSession = JSON.stringify(handshakePayload);
             if (state.ws?.readyState === WebSocket.OPEN) {
                 state.ws.send(handshakeWithSession);
                 ctx.log?.info?.(`[${CHANNEL_ID}] [${accountId}] [E2E] Session ${sessionKey} — sent handshake (reactive, no prior peer_joined)`);

package/openclaw.plugin.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
     "id": "openclaw-app",
     "name": "OpenClaw App",
-    "version": "1.0.3",
+    "version": "1.0.4",
     "description": "Mobile app channel for OpenClaw — chat via the OpenClaw Mobile app through a Cloudflare Worker relay.",
     "channels": [
         "openclaw-app"

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "openclaw-app",
-    "version": "1.0.3",
+    "version": "1.0.4",
     "description": "OpenClaw Mobile channel plugin — relay bridge for the OpenClaw Mobile app",
     "main": "index.ts",
     "type": "module",