#!/bin/bash set -e set -o pipefail # ───────────────────────────────────────────────────────────── # ClawRouter Update Script # Safe update: backs up wallet key BEFORE touching anything, # restores it if the update process somehow wiped it. # ───────────────────────────────────────────────────────────── PLUGIN_DIR="$HOME/.openclaw/extensions/clawrouter" CONFIG_PATH="$HOME/.openclaw/openclaw.json" WALLET_FILE="$HOME/.openclaw/blockrun/wallet.key" WALLET_BACKUP="" PLUGIN_BACKUP="" CONFIG_BACKUP="" cleanup_backups() { if [ -n "$PLUGIN_BACKUP" ] && [ -d "$PLUGIN_BACKUP" ]; then rm -rf "$PLUGIN_BACKUP" fi if [ -n "$CONFIG_BACKUP" ] && [ -f "$CONFIG_BACKUP" ]; then rm -f "$CONFIG_BACKUP" fi } restore_previous_install() { local exit_code=$? if [ "$exit_code" -ne 0 ]; then echo "" echo "✗ Update failed. Restoring previous ClawRouter install..." if [ -d "$PLUGIN_DIR" ] && [ "$PLUGIN_DIR" != "$PLUGIN_BACKUP" ]; then rm -rf "$PLUGIN_DIR" fi if [ -n "$PLUGIN_BACKUP" ] && [ -d "$PLUGIN_BACKUP" ]; then mv "$PLUGIN_BACKUP" "$PLUGIN_DIR" echo " ✓ Restored previous plugin files" fi if [ -n "$CONFIG_BACKUP" ] && [ -f "$CONFIG_BACKUP" ]; then cp "$CONFIG_BACKUP" "$CONFIG_PATH" echo " ✓ Restored previous OpenClaw config" fi fi cleanup_backups } run_dependency_install() { local plugin_dir="$1" local log_file="$HOME/clawrouter-npm-install.log" echo " (log: $log_file)" if (cd "$plugin_dir" && npm install --omit=dev >"$log_file" 2>&1); then tail -1 "$log_file" else echo "" echo " ✗ npm install failed. Error log:" echo " ─────────────────────────────────" tail -30 "$log_file" >&2 || true echo " ─────────────────────────────────" echo "" echo " Full log saved: $log_file" echo " Send this file to @bc1max on Telegram for help." return 1 fi } trap restore_previous_install EXIT # ── Step 1: Back up wallet key ───────────────────────────────── echo "🦞 ClawRouter Update" echo "" echo "→ Checking wallet..." if [ -f "$WALLET_FILE" ]; then # Validate the key looks correct before backing up WALLET_KEY=$(cat "$WALLET_FILE" | tr -d '[:space:]') KEY_LEN=${#WALLET_KEY} if [[ "$WALLET_KEY" == 0x* ]] && [ "$KEY_LEN" -eq 66 ]; then # Derive wallet address via node (viem is available post-install) WALLET_ADDRESS=$(node -e " try { const { privateKeyToAccount } = require('$HOME/.openclaw/extensions/clawrouter/node_modules/viem/accounts/index.js'); const acct = privateKeyToAccount('$WALLET_KEY'); console.log(acct.address); } catch { // viem not available yet (fresh install path), skip address check console.log('(address check skipped)'); } " 2>/dev/null || echo "(address check skipped)") WALLET_BACKUP="$HOME/.openclaw/blockrun/wallet.key.bak.$(date +%s)" cp "$WALLET_FILE" "$WALLET_BACKUP" chmod 600 "$WALLET_BACKUP" echo " ✓ Wallet backed up to: $WALLET_BACKUP" echo " ✓ Wallet address: $WALLET_ADDRESS" else echo " ⚠ Wallet file exists but has invalid format (len=$KEY_LEN)" echo " ⚠ Skipping backup — you should restore your wallet manually" fi else echo " ℹ No existing wallet found (first install or already lost)" fi echo "" echo "→ Backing up existing install..." if [ -d "$PLUGIN_DIR" ]; then PLUGIN_BACKUP="$HOME/.openclaw/extensions/clawrouter.backup.$(date +%s)" mv "$PLUGIN_DIR" "$PLUGIN_BACKUP" echo " ✓ Plugin files staged at: $PLUGIN_BACKUP" else echo " ℹ No existing plugin files found" fi if [ -f "$CONFIG_PATH" ]; then CONFIG_BACKUP="$CONFIG_PATH.clawrouter-update.$(date +%s).bak" cp "$CONFIG_PATH" "$CONFIG_BACKUP" echo " ✓ Config backed up to: $CONFIG_BACKUP" fi echo "" # ── Step 2: Kill old proxy ────────────────────────────────────── echo "→ Stopping old proxy..." kill_port_processes() { local port="$1" local pids="" if command -v lsof >/dev/null 2>&1; then pids="$(lsof -ti :"$port" 2>/dev/null || true)" elif command -v fuser >/dev/null 2>&1; then pids="$(fuser "$port"/tcp 2>/dev/null || true)" fi if [ -n "$pids" ]; then echo "$pids" | xargs kill -9 2>/dev/null || true fi } kill_port_processes 8402 # ── Step 3: Clean stale plugin entry from config ────────────── # The old plugin dir is staged in a backup above. Remove the stale # plugin entry so a fresh install can proceed, and restore it on error. echo "→ Cleaning config..." node -e " const fs = require('fs'); const path = require('path'); const configPath = '$CONFIG_PATH'; if (!fs.existsSync(configPath)) process.exit(0); try { const config = JSON.parse(fs.readFileSync(configPath, 'utf8')); const entries = config?.plugins?.entries; if (entries && entries.clawrouter) { delete entries.clawrouter; const tmp = configPath + '.tmp.' + process.pid; fs.writeFileSync(tmp, JSON.stringify(config, null, 2)); fs.renameSync(tmp, configPath); console.log(' Removed stale plugin entry'); } else { console.log(' Config clean'); } } catch (err) { console.log(' Skipped: ' + err.message); } " # ── Step 3b: Ensure baseUrl is set (must happen BEFORE install, which validates config) ── echo "→ Verifying provider config..." node -e " const fs = require('fs'); const configPath = '$CONFIG_PATH'; if (!fs.existsSync(configPath)) { console.log(' No config, skipping'); process.exit(0); } try { const config = JSON.parse(fs.readFileSync(configPath, 'utf8')); const provider = config?.models?.providers?.blockrun; if (!provider) { console.log(' No blockrun provider, skipping'); process.exit(0); } let changed = false; if (!provider.baseUrl) { provider.baseUrl = 'http://127.0.0.1:8402/v1'; changed = true; console.log(' Fixed missing baseUrl'); } if (!provider.apiKey) { provider.apiKey = 'x402-proxy-handles-auth'; changed = true; console.log(' Fixed missing apiKey'); } if (changed) { const tmp = configPath + '.tmp.' + process.pid; fs.writeFileSync(tmp, JSON.stringify(config, null, 2)); fs.renameSync(tmp, configPath); } else { console.log(' Provider config OK'); } } catch (err) { console.log(' Skipped: ' + err.message); } " # ── Step 4: Install latest version ───────────────────────────── # Back up OpenClaw credentials (channels, WhatsApp/Telegram state) before plugin install CREDS_DIR="$HOME/.openclaw/credentials" CREDS_BACKUP="" if [ -d "$CREDS_DIR" ] && [ "$(ls -A "$CREDS_DIR" 2>/dev/null)" ]; then CREDS_BACKUP="$(mktemp -d)/openclaw-credentials-backup" cp -a "$CREDS_DIR" "$CREDS_BACKUP" echo " ✓ Backed up OpenClaw credentials" fi echo "→ Installing latest ClawRouter..." openclaw plugins install @blockrun/clawrouter # Restore credentials after plugin install (always restore to preserve user's channels) if [ -n "$CREDS_BACKUP" ] && [ -d "$CREDS_BACKUP" ]; then mkdir -p "$CREDS_DIR" cp -a "$CREDS_BACKUP/"* "$CREDS_DIR/" echo " ✓ Restored OpenClaw credentials (channels preserved)" rm -rf "$(dirname "$CREDS_BACKUP")" fi # ── Step 4b: Verify version — force-update if openclaw served a stale cache ── force_install_from_npm() { local version="$1" echo " → Force-fetching v${version} directly from npm registry..." local TMPPACK TMPPACK=$(mktemp -d) if npm pack "@blockrun/clawrouter@${version}" --pack-destination "$TMPPACK" --prefer-online >/dev/null 2>&1; then local TARBALL TARBALL=$(ls "$TMPPACK"/blockrun-clawrouter-*.tgz 2>/dev/null | head -1) if [ -n "$TARBALL" ]; then rm -rf "$PLUGIN_DIR" mkdir -p "$PLUGIN_DIR" tar -xzf "$TARBALL" -C "$PLUGIN_DIR" --strip-components=1 rm -rf "$TMPPACK" echo " ✓ Force-installed v${version} from npm registry" return 0 fi fi rm -rf "$TMPPACK" echo " ✗ Force install failed" return 1 } if [ -d "$PLUGIN_DIR" ] && [ -f "$PLUGIN_DIR/package.json" ]; then INSTALLED_VER=$(node -e "try{const p=require('$PLUGIN_DIR/package.json');console.log(p.version);}catch{console.log('');}" 2>/dev/null || echo "") LATEST_VER=$(npm view @blockrun/clawrouter@latest version 2>/dev/null || echo "") if [ -n "$LATEST_VER" ] && [ -n "$INSTALLED_VER" ] && [ "$INSTALLED_VER" != "$LATEST_VER" ]; then echo " ⚠️ openclaw installed v${INSTALLED_VER} (cached) but latest is v${LATEST_VER}" force_install_from_npm "$LATEST_VER" || true fi INSTALLED_VER=$(node -e "try{const p=require('$PLUGIN_DIR/package.json');console.log(p.version);}catch{console.log('?');}" 2>/dev/null || echo "?") echo " ✓ ClawRouter v${INSTALLED_VER} installed" fi # ── Step 4c: Ensure all dependencies are installed ──────────── # openclaw's plugin installer may skip native/optional deps like @solana/kit. # Run npm install in the plugin directory to fill any gaps. if [ -d "$PLUGIN_DIR" ] && [ -f "$PLUGIN_DIR/package.json" ]; then echo "→ Installing dependencies (Solana, x402, etc.)..." run_dependency_install "$PLUGIN_DIR" fi # ── Step 5: Verify wallet survived ───────────────────────────── echo "" echo "→ Verifying wallet integrity..." if [ -f "$WALLET_FILE" ]; then CURRENT_KEY=$(cat "$WALLET_FILE" | tr -d '[:space:]') CURRENT_LEN=${#CURRENT_KEY} if [[ "$CURRENT_KEY" == 0x* ]] && [ "$CURRENT_LEN" -eq 66 ]; then echo " ✓ Wallet key intact at $WALLET_FILE" else echo " ✗ Wallet file corrupted after update!" if [ -n "$WALLET_BACKUP" ] && [ -f "$WALLET_BACKUP" ]; then cp "$WALLET_BACKUP" "$WALLET_FILE" chmod 600 "$WALLET_FILE" echo " ✓ Restored from backup: $WALLET_BACKUP" else echo " ✗ No backup available — wallet key is lost" echo " Restore manually: set BLOCKRUN_WALLET_KEY env var" fi fi else echo " ✗ Wallet file missing after update!" if [ -n "$WALLET_BACKUP" ] && [ -f "$WALLET_BACKUP" ]; then mkdir -p "$(dirname "$WALLET_FILE")" cp "$WALLET_BACKUP" "$WALLET_FILE" chmod 600 "$WALLET_FILE" echo " ✓ Restored from backup: $WALLET_BACKUP" else echo " ℹ New wallet will be generated on next gateway start" fi fi # ── Step 6: Inject auth profile ───────────────────────────────── echo "→ Refreshing auth profile..." node -e " const os = require('os'); const fs = require('fs'); const path = require('path'); const authDir = path.join(os.homedir(), '.openclaw', 'agents', 'main', 'agent'); const authPath = path.join(authDir, 'auth-profiles.json'); function atomicWrite(filePath, data) { const tmpPath = filePath + '.tmp.' + process.pid; fs.writeFileSync(tmpPath, data); fs.renameSync(tmpPath, filePath); } fs.mkdirSync(authDir, { recursive: true }); let store = { version: 1, profiles: {} }; if (fs.existsSync(authPath)) { try { const existing = JSON.parse(fs.readFileSync(authPath, 'utf8')); if (existing.version && existing.profiles) store = existing; } catch {} } const profileKey = 'blockrun:default'; if (!store.profiles[profileKey]) { store.profiles[profileKey] = { type: 'api_key', provider: 'blockrun', key: 'x402-proxy-handles-auth' }; atomicWrite(authPath, JSON.stringify(store, null, 2)); console.log(' Auth profile created'); } else { console.log(' Auth profile already exists'); } " # ── Step 7: Clean models cache ────────────────────────────────── echo "→ Cleaning models cache..." rm -f ~/.openclaw/agents/*/agent/models.json 2>/dev/null || true # ── Step 8: Populate model allowlist with top 16 models ──────── echo "→ Populating model allowlist..." node -e " const os = require('os'); const fs = require('fs'); const path = require('path'); const configPath = path.join(os.homedir(), '.openclaw', 'openclaw.json'); if (!fs.existsSync(configPath)) { console.log(' No config file found, skipping'); process.exit(0); } try { const config = JSON.parse(fs.readFileSync(configPath, 'utf8')); // Curated models for the /model picker const TOP_MODELS = [ 'auto', 'free', 'eco', 'premium', 'anthropic/claude-sonnet-4.6', 'anthropic/claude-opus-4.6', 'anthropic/claude-haiku-4.5', 'openai/gpt-5.4', 'openai/gpt-5.4-pro', 'openai/gpt-5.3', 'openai/gpt-5.3-codex', 'openai/gpt-5-mini', 'openai/gpt-5-nano', 'openai/gpt-5.4-nano', 'openai/gpt-4o', 'openai/gpt-4o-mini', 'openai/o3', 'openai/o4-mini', 'google/gemini-3.1-pro', 'google/gemini-3.1-flash-lite', 'google/gemini-3-pro-preview', 'google/gemini-3-flash-preview', 'google/gemini-2.5-pro', 'google/gemini-2.5-flash', 'google/gemini-2.5-flash-lite', 'deepseek/deepseek-chat', 'deepseek/deepseek-reasoner', 'moonshot/kimi-k2.5', 'xai/grok-3', 'xai/grok-4-0709', 'xai/grok-4-1-fast-reasoning', 'minimax/minimax-m2.7', 'minimax/minimax-m2.5', 'free/gpt-oss-120b', 'free/gpt-oss-20b', 'free/nemotron-ultra-253b', 'free/deepseek-v3.2', 'free/mistral-large-3-675b', 'free/qwen3-coder-480b', 'free/devstral-2-123b', 'free/llama-4-maverick', 'free/nemotron-3-super-120b', 'free/nemotron-super-49b', 'free/glm-4.7', 'zai/glm-5', 'zai/glm-5-turbo' ]; if (!config.agents) config.agents = {}; if (!config.agents.defaults) config.agents.defaults = {}; if (!config.agents.defaults.models || typeof config.agents.defaults.models !== 'object') { config.agents.defaults.models = {}; } const allowlist = config.agents.defaults.models; const currentKeys = new Set(TOP_MODELS.map(id => 'blockrun/' + id)); // Remove any blockrun/* entries not in the current TOP_MODELS list let removed = 0; for (const key of Object.keys(allowlist)) { if (key.startsWith('blockrun/') && !currentKeys.has(key)) { delete allowlist[key]; removed++; } } // Add any missing current models let added = 0; for (const id of TOP_MODELS) { const key = 'blockrun/' + id; if (!allowlist[key]) { allowlist[key] = {}; added++; } } // Atomic write const tmpPath = configPath + '.tmp.' + process.pid; fs.writeFileSync(tmpPath, JSON.stringify(config, null, 2)); fs.renameSync(tmpPath, configPath); if (removed > 0) { console.log(' Removed ' + removed + ' deprecated models from allowlist'); } if (added > 0) { console.log(' Added ' + added + ' models to allowlist (' + TOP_MODELS.length + ' total)'); } if (added === 0 && removed === 0) { console.log(' Allowlist already up to date'); } } catch (err) { console.log(' Migration skipped: ' + err.message); } " # ── Summary ───────────────────────────────────────────────────── echo "" echo "✓ ClawRouter updated successfully!" echo "" # Show final wallet address if [ -f "$WALLET_FILE" ]; then FINAL_KEY=$(cat "$WALLET_FILE" | tr -d '[:space:]') FINAL_ADDRESS=$(node -e " try { const { privateKeyToAccount } = require('$HOME/.openclaw/extensions/clawrouter/node_modules/viem/accounts/index.js'); console.log(privateKeyToAccount('$FINAL_KEY').address); } catch { console.log('(run /wallet in OpenClaw to see your address)'); } " 2>/dev/null || echo "(run /wallet in OpenClaw to see your address)") echo " Wallet: $FINAL_ADDRESS" echo " Key file: $WALLET_FILE" if [ -n "$WALLET_BACKUP" ]; then echo " Backup: $WALLET_BACKUP" fi fi echo "" echo " Run: openclaw gateway restart" echo "" echo " Commands:" echo " npx @blockrun/clawrouter report # daily usage report" echo " npx @blockrun/clawrouter report weekly # weekly report" echo " npx @blockrun/clawrouter report monthly # monthly report" echo " npx @blockrun/clawrouter doctor # AI diagnostics" echo "" echo " ⚠ Back up your wallet key: /wallet export (in OpenClaw)" echo ""