Bug: Control UI re-pairs without operator.read/operator.write and local 'openclaw devices list' closes on loopback

[machinespirit-reborn]

Bug report: Control UI re-pairs without operator.read/operator.write, and openclaw devices list closes the connection on local loopback

Summary

On OpenClaw 2026.3.13, two related issues appear during local Gateway/operator auth on a single-machine install:

1. The Control UI / webchat client (clientId: openclaw-control-ui, clientMode: webchat) consistently re-pairs with only:

   • operator.admin
   • operator.approvals
   • operator.pairing

   It does not request or receive:

   • operator.read
   • operator.write

2. The local CLI can connect to the Gateway on loopback, but operator RPCs are broken:

   • openclaw gateway probe connects but reports missing scope: operator.read
   • openclaw devices list fails with WebSocket close 1000 / no close reason

This persisted even after:

• repairing device state on disk
• restarting the gateway
• hard-resetting the Control UI/browser identity
• rotating the gateway auth token

Environment

• OpenClaw version: 2026.3.13 (61d171a)
• Host: Jetson Orin Nano
• OS: Ubuntu 22.04.5 / JetPack 6.2.2
• Gateway service: openclaw-gateway.service via systemd user service
• Gateway bind: loopback
• Tailscale: enabled, Serve mode active
• Tailscale MagicDNS: machinespirit.tail8da86f.ts.net

Expected behavior

Control UI

When the Control UI/webchat client pairs as an operator on a trusted single-user machine, it should either:

• request the normal read/write operator scopes it needs, or
• function correctly with whatever reduced scope set it requests.

At minimum, if it lacks operator.read, the resulting UX should not leave the local system in a broken/contradictory state.

CLI

The local CLI should be able to:

• reuse its paired local device identity/token on loopback
• complete openclaw devices list
• complete openclaw gateway probe without degrading to missing scope: operator.read

Actual behavior

A) Control UI always re-pairs with reduced scopes

After clearing paired/pending state for the UI device and resetting browser storage, the newly paired Control UI came back with:

• operator.admin
• operator.approvals
• operator.pairing

and still missing:

• operator.read
• operator.write

This suggests the UI/client pairing request path itself is requesting the reduced scope set again, rather than stale state causing the issue.

B) CLI local device state looks correct on disk, but runtime behavior does not

The local CLI device state shows full operator scopes on disk:

• operator.read
• operator.write
• operator.admin
• operator.approvals
• operator.pairing

However, runtime behavior still acts as if the CLI is not successfully using that paired device identity/token.

Reproduction

1) Observe CLI degradation on loopback

openclaw gateway probe
openclaw devices list

Observed:

• gateway probe:
  • Reachable: yes
  • RPC: limited - missing scope: operator.read
• devices list:
  • Gateway closes socket with code 1000 normal closure
  • no close reason surfaced

2) Inspect paired device state

Paired devices on disk showed:

• CLI device (clientId: cli) had full scopes
• Control UI (clientId: openclaw-control-ui) had only admin/approvals/pairing

3) Patch UI device scopes on disk + restart gateway

Manually patched the Control UI device in ~/.openclaw/devices/paired.json to add:

• operator.read
• operator.write

Also removed stale pending request from ~/.openclaw/devices/pending.json and restarted the gateway.

Result:

• on-disk state updated successfully
• runtime CLI behavior remained broken

4) Hard reset the UI/browser identity

• removed the paired Control UI device from paired.json
• cleared pending UI requests
• restarted gateway
• cleared browser site data / reopened UI

Result:

• Control UI re-paired successfully
• but again requested/received only:
  • operator.admin
  • operator.approvals
  • operator.pairing

Relevant observed output

openclaw gateway probe

Gateway Status
Reachable: yes
Probe budget: 3000ms

Warning:
- Probe diagnostics are limited by gateway scopes (missing operator.read). Connection succeeded, but status details may be incomplete. Hint: pair device identity or use credentials with operator.read.

Discovery (this machine)
Found 2 gateway(s) via Bonjour (local.)

Targets
Local loopback ws://127.0.0.1:18789
 Connect: ok (27ms) · RPC: limited - missing scope: operator.read

openclaw devices list

gateway connect failed: Error: gateway closed (1000):
[openclaw] Failed to start CLI: Error: gateway closed (1000 normal closure): no close reason
Gateway target: ws://127.0.0.1:18789
Source: local loopback
Config: /home/elvis/.openclaw/openclaw.json
Bind: loopback

Discovery JSON showed duplicate Bonjour beacons, not multiple gateway processes

openclaw gateway probe --json showed:

• one actual active target: localLoopback
• two identical Bonjour beacons with the same host/port/wsUrl

This appears cosmetic and unrelated, but was observed during debugging.

Device state after UI hard reset

Paired CLI device

• clientId: cli
• clientMode: cli
• scopes:
  • operator.read
  • operator.write
  • operator.admin
  • operator.approvals
  • operator.pairing

Paired Control UI device (fresh after reset)

• clientId: openclaw-control-ui
• clientMode: webchat
• scopes:
  • operator.admin
  • operator.approvals
  • operator.pairing

Pending requests

• none

Why this looks like a product bug

• The UI reset did not restore normal scopes; it reproduced the same reduced scope request.
• The CLI device auth on disk appears correct, but the runtime still falls back to a degraded scope view or closes the socket during devices list.
• Supplying the real gateway auth token explicitly changed behavior (it avoided token-mismatch), but devices list still closed normally with no reason.

This suggests one or both of:

• the Control UI/webchat client is requesting the wrong operator scope set during pairing
• the local CLI loopback/device-auth path is not consistently reusing its paired device token/identity for operator RPCs

Impact

• local operator management becomes unreliable
• device approval/listing cannot be trusted from CLI on the affected install
• UI/webchat does not gain expected operator read/write capabilities even after reset
• debugging node pairing/Tailscale issues is much harder because operator tooling is degraded

Suggested areas to inspect

• Control UI/webchat pairing request scope generation
• local CLI auth path on loopback when paired device identity exists in ~/.openclaw/identity/device-auth.json
• scope handling / downgrade behavior in gateway probe
• why devices list closes the socket with code 1000 and no surfaced reason instead of returning a structured auth/scope error

Notes

• Any pasted/shared secrets used during troubleshooting were rotated afterward and are intentionally omitted from this report.

[GMTekAI]

I think this report is directionally useful, but it looks like two different seams mixed together, and only one of them is clearly supported by the current source.

What I could verify from code:

• The Control UI scope part does not look like a clear bug on its own. In current gateway auth, operator.admin is treated as satisfying all operator.* scopes, so a paired device record that shows operator.admin but not explicit operator.read / operator.write is not automatically under-scoped:

  • src/shared/operator-scope-compat.ts
  • src/gateway/method-scopes.ts
  • src/gateway/server-methods.ts

• The current client/test surface also points the other way on the “Control UI requests reduced scopes” claim:

  • app-side default operator scopes include operator.admin, operator.read, operator.write, operator.approvals, operator.pairing in apps/shared/OpenClawKit/Sources/OpenClawKit/GatewayChannel.swift
  • control-ui auth tests explicitly exercise full-scope operator connects/pairing in src/gateway/server.auth.control-ui.suite.ts

• The CLI symptom, though, does look real and likely overlaps an issue already in flight:

  • #46557 reports the same local-loopback/operator-scope degradation pattern (missing scope: operator.read on local detail/probe paths)
  • PR #46556 is already open against that issue

So my read is:

• valid issue overall, but narrower than reported
• the strongest confirmed problem here is the local CLI loopback auth/device-token path, not the mere fact that the Control UI paired record contains operator.admin without separately listing read/write
• unless there is a repro showing an actual Control UI method failing specifically because of missing read/write, I would treat the Control UI half as “needs narrower evidence” rather than confirmed root cause

Most useful maintainer next step:

• de-duplicate the CLI half against #46557 / #46556
• ask for a concrete Control UI repro at the RPC/action level if that part should stay open
• if this issue remains open, narrow it to “local operator auth behaves inconsistently across CLI/UI on loopback” rather than “Control UI definitely requests the wrong scopes”

Missing regression seam if we do keep/fix this:

• an end-to-end local token-auth test that verifies a paired CLI identity can complete device.pair.list / similar operator RPCs on loopback without falling back to a limited shared-auth view

[machinespirit-reborn]

Additional triage context after more investigation:

This does not look isolated to one machine or one bad local state dir. I checked for alternate OpenClaw state/config locations and did not find evidence of:

• a second active OpenClaw state directory
• OPENCLAW_STATE_DIR / OPENCLAW_CONFIG_PATH overrides
• a nonstandard systemd service profile pointing elsewhere

A reboot also did not change behavior.

I also found multiple likely-related open issues in the 2026.3.12 / 2026.3.13 regression cluster:

• Control UI may connect with incomplete operator scopes after pairing/reconnect (missing scope: operator.read) #46276 — Control UI may connect with incomplete operator scopes after pairing/reconnect (missing scope: operator.read)
• OpenClaw 2026.3.13 local CLI status/gateway probe reports missing scope: operator.read even though CLI device token includes operator.read #46117 — local CLI status/gateway probe reports missing scope: operator.read even though CLI device token includes it
• gateway probe drops loopback device identity and can falsely report missing operator.read #46014 — gateway probe drops loopback device identity and can falsely report missing operator.read
• CLI local gateway detail probes drop device auth on localhost and localLoopback probe budget is too low #46557 — CLI local gateway detail probes drop device auth on localhost / localLoopback
• [Bug]: 2026.3.12: openclaw devices list / devices approve fail against local loopback gateway, while web UI remains functional #45504 — openclaw devices list / devices approve fail against local loopback gateway
• [Bug]: devices list / nodes status timeout while gateway status shows RPC probe: ok (regression in 2026.3.12/2026.3.13) #46316 — devices list / nodes status timeout while gateway status still looks OK
• [Bug]: Intermittent local gateway websocket handshake failures on loopback (ws://127.0.0.1:18789) #45222 — intermittent local gateway websocket handshake failures on loopback

After a full UI hard reset, the Control UI re-paired and again came back with only:

• operator.admin
• operator.approvals
• operator.pairing

while still missing:

• operator.read
• operator.write

That makes this look especially consistent with either:

1. the Control UI/client pairing request path requesting the wrong scope set, and/or
2. local loopback CLI/device-auth reuse being dropped at runtime.

So the current evidence points to a broader auth/scope regression, not just stale local state.

[steipete]

Closing this as implemented after Codex review.

Current main already covers the two seams in #46583: Control UI requests full operator scopes and gateway auth now preserves/falls back to paired device-token auth for authenticated loopback CLI/probe connections.

What I checked:

• Control UI now requests full operator scope set: CONTROL_UI_OPERATOR_SCOPES includes operator.admin, operator.read, operator.write, operator.approvals, and operator.pairing, and the connect plan uses that full list. (ui/src/ui/gateway.ts:147, 56fe2aab9c87)
• App-side shared gateway client also requests read/write: The shared app gateway channel defaults its operator connect scopes to the same full set, including operator.read and operator.write. (apps/shared/OpenClawKit/Sources/OpenClawKit/GatewayChannel.swift:127, 56fe2aab9c87)
• operator.admin is treated as a superset on current main: Device-auth scope normalization expands operator.admin into operator.read and operator.write, and operator scope checks treat admin as satisfying all operator.* requests. (src/shared/device-auth.ts:29, 56fe2aab9c87)
• Authenticated loopback probes now keep device identity: probeGateway passes device identity for authenticated loopback probes and the current tests assert that behavior for both full and lightweight probes. (src/gateway/probe.ts:234, 56fe2aab9c87)
• Gateway client now reuses and retries paired device tokens on trusted loopback: The client stores issued device tokens, retries with a stored device token after shared-token mismatch, and tests cover both reuse without a shared token and the trusted-endpoint retry path. (src/gateway/client.ts:553, 56fe2aab9c87)
• Server handshake auth now falls back from shared token to paired device token: Current websocket auth resolves a device-token candidate from shared-token auth and verifies it when shared auth fails, matching the loopback CLI/probe regression described in the issue. (src/gateway/server/ws-connection/auth-context.ts:55, 56fe2aab9c87)

So I’m closing this as already implemented rather than keeping a duplicate issue open.

Review notes: reviewed against 56fe2aab9c87; fix evidence: commit f85806b6d786.