[Bug]: CLI commands hang at WebSocket gateway handshake

[WaMaSeDu]

CLI Commands Hang at WebSocket Gateway Handshake

Bug Description

Every CLI subcommand that requires a live gateway connection hangs indefinitely. The CLI successfully connects to the gateway WebSocket endpoint and receives the connect.challenge nonce, but then never sends the connect.reply — the command hangs until killed.

Commands that bypass the gateway transport (--version, --help) work correctly.

Environment

• OpenClaw: 2026.4.15 (041266a)
• Node: v24.13.1
• NPM: 11.10.1
• OS: Windows Server 2022 x64 (Windows_NT 10.0.20348)
• Platform: VPS-760407
• Gateway: Running as scheduled task under SYSTEM account
• Auth: token + device identity (~/.openclaw/identity/)

Affected Commands

Command	Result	Latency
openclaw --version	✅ OK	375ms
openclaw --help	✅ OK	114ms
openclaw sessions	❌ HANG	8000ms+
openclaw cron list	❌ HANG	8000ms+
openclaw status	❌ HANG	8300ms+
openclaw doctor	❌ HANG	8000ms+
openclaw channels list	❌ HANG	8200ms+
openclaw models list	❌ HANG	8200ms+
openclaw agents list	❌ HANG	8200ms+
openclaw gateway status	❌ HANG	8200ms+
openclaw backup list	❌ HANG	6200ms+
openclaw tui	❌ HANG	6200ms+

Root Cause Tracing

Using a WebSocket client with the auth token to trace the connection flow:

1. CLI spawns node process → connects to ws://localhost:18789/gateway ✅
2. Gateway sends connect.challenge event with nonce ✅
3. CLI receives the challenge ✅
4. CLI hangs — never sends connect.reply with signed nonce ❌
5. Gateway waits indefinitely, command times out

The CLI receives the nonce but appears to fail silently when generating/sending the signed reply. This blocks the entire command.

What Was Tried

1. CLI reinstall — npm uninstall -g openclaw + npm install -g openclaw@2026.4.15
   • Result: Same behavior, issue persists
2. Gateway restart via scheduled task (Stop-ScheduledTask + Start-ScheduledTask)
   • Result: Same behavior after restart
3. WebSocket trace using ws library with HMAC-SHA256 signed nonce
   • Result: Gateway rejects HMAC-signed connections, confirming the CLI should use device keypair (EC P-256) signing

Device Identity Status

• identity/device.json — intact, valid EC keypair
• identity/device-auth.json — intact, operator token with correct scopes
• Device ID: 20512fa1c7948b21355756331b40ee88c8e3d27b033ca619b2620d4995cb48f

Possible Causes

1. Node.js v24.x crypto change — v24.13.1 may have changed behavior in crypto.sign() / crypto.verify() for EC P-256 keys
2. CLI device signing silently fails — the signing code path returns an error that is swallowed, causing the CLI to never send the reply
3. CLI respawn transport issue — the CLI respawns itself with modified NODE_OPTIONS; the respawned process may have a different crypto state
4. Stale nonce rejection — gateway may be rejecting nonces from the current CLI process as replayed or malformed

Logs

# CLI trace output
Connecting to ws://localhost:18789/gateway with token...
OPEN
Received: {"type":"event","event":"connect.challenge","payload":{"nonce":"b5e9bb7c-acc1-4d0f-957e-f29b3964e112","ts":1776586770161}}
Got nonce: b5e9bb7c-acc1-4d0f-957e-f29b3964e112
Signing with HMAC-SHA256...
Sent reply
[5s timeout] — never receives connect.ack

# Gateway log (last entry before CLI test)
2026-04-09T12:34:09.320+02:00 [gateway] log file: \tmp\openclaw\openclaw-2026-04-09.log
2026-04-09T12:34:09.327+02:00 [gateway] starting channels and sidecars...
2026-04-09T12:34:11.255+02:00 [hooks] loaded 4 internal hook handlers
2026-04-09T12:34:11.264+02:00 [plugins] embedded acpx runtime backend registered
2026-04-09T12:34:11.346+02:00 [browser] control listening on http://127.0.0.1:18791/
2026-04-09T12:34:16.681+02:00 [plugins] embedded acpx runtime backend ready

Gateway log does not show the CLI connection attempt — the challenge is sent but no corresponding connection is logged as established.

Impact

• All CLI subcommands that interact with the gateway are unusable
• Cannot inspect sessions, cron jobs, channel status, model configs
• Automated scripts that rely on CLI fail
• Gateway health (HTTP) is fine — only the WebSocket transport is affected
• Rubble Board and direct file reads continue to work as a workaround

Workaround

• Direct file reads of JSON state files (sessions, cron configs) work in milliseconds
• Gateway HTTP endpoints respond correctly (/health in 6ms)
• Rubble Board provides a web UI that bypasses the broken CLI transport

Suggestion

1. Add logging to the CLI's challenge reply generation — the signing failure is currently silent
2. Add a timeout on the gateway side for pending challenges — this prevents a stuck CLI from holding resources indefinitely
3. Consider HMAC fallback if device key signing fails — the gateway currently rejects HMAC nonces, making debugging harder
4. Add CLI-level tracing for the WS handshake: openclaw --log-level trace sessions to expose where exactly it hangs

[WaMaSeDu]

Hi @ScientificProgrammer — thanks for linking PR #68614. I wanted to flag a potential mismatch: our issue (#68944) is about the CLI hanging at the WebSocket gateway handshake (CLI receives connect.challenge nonce but never sends connect.reply). The PR #68614 appears to address Google Chat deferred message timeouts.

These seem like different bugs. Can you confirm whether the PR actually addresses the CLI WebSocket handshake issue, or if it was cross-referenced by mistake? If it doesn't fix our issue, we'd risk it auto-closing without a real fix.

Thanks!

[ScientificProgrammer]

Hi @WaMaSeDu — you're absolutely right, and thanks for the careful read. That cross-reference was a mistake on my end; PR #68614 only touches extensions/googlechat/src/monitor.ts (a deferred Google Chat response timeout) and has no bearing on the CLI WebSocket handshake path you've traced. I've removed the Fixes #68944 line from the PR body so this issue isn't auto-closed on merge.

Your diagnosis of a swallowed signing failure is almost certainly correct — here's the exact path:

One correction first: the device key is actually Ed25519, not EC P-256. generateIdentity() at src/infra/device-identity.ts:58 calls crypto.generateKeyPairSync("ed25519"), and the stored privateKeyPem is PKCS#8 Ed25519. The gateway rejected your ws-library HMAC trace for that reason — it expects an Ed25519 signature over the payload, not HMAC. (Your ws trace proved the transport side is fine; the real failure is in the CLI's own signing step.)

The silent-swallow chain: src/gateway/client.ts:486 calls signDevicePayload(privateKeyPem, payload) inside an unguarded IIFE (lines 470–494) in sendConnect(). The helper at src/infra/device-identity.ts:125–129 is:

const key = crypto.createPrivateKey(privateKeyPem);
const sig = crypto.sign(null, Buffer.from(payload, "utf8"), key);

Both calls are synchronous and unguarded. sendConnect() is invoked from handleMessage() at line 741, and handleMessage's outer try/catch at lines 786–788 catches anything thrown inside the entire message-handling body — logging only at logDebug level under the misleading label "gateway client parse error: ...". Net effect: sign throws → caught → logged at debug (off by default) → connect.reply is never emitted → your 8 s hang.

Windows + Node v24.13.1 reproducer (takes 10 seconds):

node -e "const fs=require('fs'),c=require('crypto');const id=JSON.parse(fs.readFileSync(process.env.USERPROFILE+'\\.openclaw\\identity\\device.json','utf8'));const k=c.createPrivateKey(id.privateKeyPem);console.log(c.sign(null,Buffer.from('x'),k).toString('base64url'));"

If that throws, the exception message tells us whether it's createPrivateKey choking on PKCS#8 Ed25519 PEM under OpenSSL 3 strict (plausible on Win32 Node 24 builds — there have been Ed25519 PEM parsing regressions), or crypto.sign(null, …) itself. Either way you get a concrete upstream bug to file.

Two small defensive patches that would have surfaced this for you immediately (happy to put them up if useful):

1. Wrap signDevicePayload in its own try/catch inside sendConnect() and route the error through onConnectError at ERROR level — not swallowed under "parse error".
2. Narrow handleMessage's catch to JSON parse errors only. Signing failures should not be siphoned into a parse-error log line.

Apologies again for the noise on your issue — your bug report is one of the cleanest I've seen.

[WaMaSeDu]

Thanks @ScientificProgrammer for the detailed analysis! A quick follow-up: I ran the Ed25519 signing test you suggested and it returned a valid signature — so the signing itself works on this system. The issue must be elsewhere in the CLI's sendConnect path.

Any suggestions on where to look next? Happy to add more tracing or test specific code paths if you can point me toward the next likely throw point.

[WaMaSeDu]

Thanks for the detailed analysis and the offer to post defensive patches — much appreciated. A few questions:

1. Did you get a chance to post those two patches? Small as they are, they'd immediately surface the real throw point for us rather than us hunting blind.

2. Since the Ed25519 signing works on this system, do you have a suggestion for where to look next in the sendConnect path? We confirmed connect.challenge arrives but connect.reply never goes out. Happy to add targeted tracing if you can point to the next likely candidate.

[mj-deving]

Paste-ready OpenClaw issue / comment draft

I’m seeing a handshake-hang pattern on Linux that looks very close to #68944.

Environment

• OpenClaw: 2026.4.22
• Node: v22.22.2
• OS: Linux 6.8.0-106-generic
• local gateway on loopback

What works

• openclaw --help
• curl http://127.0.0.1:18789/health → {"ok":true,"status":"live"}
• curl http://127.0.0.1:18789/ready → {"ready":true,...}
• raw WebSocket connect to ws://127.0.0.1:18789
• gateway immediately emits connect.challenge

What hangs

These runtime-oriented commands hang or time out with no useful output:

• openclaw status
• openclaw gateway status
• openclaw skills info omniweb-research-agent
• openclaw agents list
• openclaw agent --agent research-agent --local --session-id research-agent-smoke --message "Describe the active OmniWeb skill and return a dry-run plan only. Do not publish or spend DEM."

This happens:

• without PTY
• with PTY

Auth / identity state

These files exist and match:

• ~/.openclaw/identity/device.json
• ~/.openclaw/identity/device-auth.json

Observed:

• both are present with 0600 perms
• device.json contains public/private key material
• device-auth.json contains an operator token
• deviceId matches across both files

So this does not look like a simple missing identity or missing stored token issue.

Why this seems close to #68944

From local inspection of the installed CLI:

• local gateway RPC targets ws://127.0.0.1:18789
• the client waits for connect.challenge
• then sends a signed connect request using local device identity / token state
• then expects hello.ok

Given the behavior above, the likely failure zone seems to be the post-challenge client path:

• device auth / signing
• hello handshake
• or first method request

Not:

• basic gateway liveness
• basic loopback WebSocket connectivity
• simple file permissions
• simple TTY requirement

What seems ruled out

• shell/file permissions: look fine
• missing PTY: PTY did not help
• generic process-kill policy: long sleep and long CPU-burn control processes succeed here

Suggested upstream check

• compare this behavior directly against #68944
• add tracing around the post-challenge connect request / hello.ok path
• check whether client-side signing or request emission can stall silently without surfacing a CLI error

I also have a longer local verification log if useful.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
Keep open: current main and the latest release still have the source-proven post-challenge failure shape where sendConnect() can throw before emitting the signed connect request, and that error is still swallowed as a debug-only parse error.

Reproducibility: yes. for a source-level reproduction: force a synchronous error in sendConnect() after connect.challenge and before request("connect", params), and current main can drop the connect frame under the broad parse catch. I did not reproduce the exact Windows scheduled-task runtime.

Next step
This is a narrow source-proven Gateway client repair with clear files and regression-test seams, and it does not need a product or config decision first.

Review details

Best possible solution:

GatewayClient should surface and settle post-challenge connect assembly failures, keep JSON parsing separate from dispatch errors, and preserve the existing signed nonce protocol.

Do we have a high-confidence way to reproduce the issue?

Yes for a source-level reproduction: force a synchronous error in sendConnect() after connect.challenge and before request("connect", params), and current main can drop the connect frame under the broad parse catch. I did not reproduce the exact Windows scheduled-task runtime.

Is this the best way to solve the issue?

Yes. The narrow maintainable fix is to propagate and settle sendConnect() assembly failures and narrow the message parse catch; a Gateway idle timeout or HMAC fallback would not fix a client that fails before emitting the signed connect request.

Label justifications:

• P1: All gateway-backed CLI commands can hang for real users, and the source-level post-challenge failure path is still present on main.
• impact:crash-loop: The affected user-visible failure is process availability: CLI commands wait until killed or until an outer timeout.
• impact:auth-provider: The failure sits in the device identity, token, and signed Gateway connect-auth handshake path.

Acceptance criteria:

• node scripts/run-vitest.mjs src/gateway/client.test.ts src/gateway/call.test.ts src/gateway/gateway-cli-backend.connect.test.ts
• pnpm exec oxfmt --check --threads=1 src/gateway/client.ts src/gateway/client.test.ts src/gateway/call.ts src/gateway/call.test.ts src/gateway/gateway-cli-backend.connect.test.ts CHANGELOG.md
• Use Testbox/Crabbox for pnpm check:changed from a Codex worktree before handoff.

What I checked:

• Issue discussion confirms this is not the Google Chat PR: The reporter challenged the accidental cross-reference, and ScientificProgrammer confirmed fix(googlechat): add timeout and fallback for deferred responses #68614 only touched Google Chat deferred responses and does not affect the CLI WebSocket handshake path.
• Current main still assembles the signed connect request before request emission: sendConnect() marks connectSent, clears the challenge timeout, builds the device auth payload, calls signDevicePayload(), derives the public key, and only then calls request("connect", params), so a synchronous payload/signing/key error can prevent the connect frame from being sent. (src/gateway/client.ts:509, 167e73cd5f84)
• Current main still catches dispatch failures as parse errors: handleMessage() wraps JSON parsing, event dispatch, and the sendConnect() call in one try/catch; an exception from the connect.challenge branch is logged only as gateway client parse error at debug level. (src/gateway/client.ts:891, 167e73cd5f84)
• CLI one-shot wrapper still does not observe connect assembly errors: executeGatewayRequestWithScopes() wires onHelloOk and onClose but no onConnectError, so a client-side failure during connect assembly can leave the one-shot CLI wrapper waiting for its outer timeout instead of failing with the real error. (src/gateway/call.ts:690, 167e73cd5f84)
• Protocol supports fixing error propagation, not adding HMAC fallback: The Gateway protocol requires clients to wait for connect.challenge, sign the nonce-bound payload, and send the same nonce in connect.params.device.nonce. Public docs: docs/gateway/protocol.md. (docs/gateway/protocol.md:760, 167e73cd5f84)
• Latest shipped release still has the same failure shape: Tag v2026.5.18 points at 50a2481652b6a62d573ece3cead60400dc77020d, and its client.ts and call.ts keep the same unguarded post-challenge connect assembly, broad message catch, and missing wrapper onConnectError path. (src/gateway/client.ts:509, 50a2481652b6)

Likely related people:

• steipete: Path history is dominated by Peter Steinberger, including early challenge race handling, gateway test coverage, handshake timeout wiring, and repeated Gateway client/call changes near this failure path. (role: recent gateway handshake/reconnect contributor; confidence: high; commits: 3243c9b5b064, f5408d82d210, 727fc79ed290; files: src/gateway/client.ts, src/gateway/call.ts, src/gateway/gateway-cli-backend.connect.test.ts)
• vincentkoc: Vincent Koc recently touched gateway credential/auth runtime surfaces and is tied to nearby Gateway client/call repair work, which overlaps the signed connect-auth path. (role: recent gateway call/auth contributor; confidence: medium; commits: 935bd6de7fcb, 87b2a6a16aa2, c109a7623b13; files: src/gateway/client.ts, src/gateway/call.ts, src/gateway/client.test.ts)
• BradGroux: Brad Groux authored the shipped WebSocket handshake reliability change for slow-startup environments, which is adjacent to this CLI gateway handshake failure mode. (role: adjacent handshake reliability contributor; confidence: medium; commits: 6e94b047e2da; files: src/gateway/client.ts, src/gateway/call.ts)
• Takhoffman: Tak Hoffman authored the bounded unanswered client request work, adjacent to how Gateway client requests settle or hang when connect never completes. (role: adjacent gateway request lifecycle contributor; confidence: medium; commits: 5fc43ff0ecd8; files: src/gateway/client.ts, src/gateway/call.ts)

Remaining risk / open question:

• The reporter's exact Windows Server scheduled-task runtime was not live-reproduced; the current proof is source-level and identifies a still-unfixed failure interval.
• Nearby open Gateway PRs touch close handling and diagnostics, so a repair should coordinate with fix(gateway): tolerate transient pre-hello closes in CLI calls #54475 and Improve local gateway RPC diagnostics #65641 to avoid conflicting behavior.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 167e73cd5f84.