[Bug]: `systemPromptHash` in `buildClaudeLiveFingerprint` causes phantom claude-cli session restarts on every turn for chat channels

[benjamin1492]

[Bug]: systemPromptHash in buildClaudeLiveFingerprint causes phantom claude-cli session restarts on every turn for chat channels

Summary

When OpenClaw routes a chat channel (Telegram, Discord, Slack, iMessage, Signal, WhatsApp) through the claude-cli backend, the live-session fingerprint computed by buildClaudeLiveFingerprint (in src/agents/cli-runner/claude-live-session.ts) hashes the entire system prompt, including the per-turn volatile sections that OpenClaw injects on every inbound message:

• channel-specific guidance ("You are in a Telegram direct conversation…")
• inbound metadata block ([Tue 2026-05-12 09:33 EDT], message_id, sender envelope)
• heartbeat poll text
• runtime status line (model, agent, capabilities, thinking level)

Every turn's prompt has a different hash → fingerprint diverges → the runtime decides the live claude-cli subprocess no longer matches the requested session and rotates to a fresh CLI subprocess. The new subprocess has no memory of the previous turn, so the agent loses context between adjacent messages from the same user in the same chat session.

This is claude-cli-only: the API backend (Anthropic Messages, OpenAI, OpenRouter) replays full message history per request and does not maintain a fingerprinted persistent process, so this code path doesn't apply.

Symptom (user-facing)

[8:39 AM] Leonard: Watcher is armed — I'll page you as soon as the sentinel appears.
            Anything else you want to tee up in the meantime?
[8:44 AM] User:    still working on it?
[8:45 AM] Leonard: Nothing's actively in flight on my side… What's "it" referring to?

The agent has no recollection of its own message from 6 minutes earlier. Looks like
amnesia from the user's perspective. Reproduces consistently on Telegram/Discord; likely
all chat channels that inject any per-turn metadata.

Why it happens

src/agents/cli-runner/claude-live-session.ts line 276:

return JSON.stringify({
  command: params.context.preparedBackend.backend.command,
  workspaceDirHash: sha256(params.context.workspaceDir),
  provider: params.context.params.provider,
  model: params.context.normalizedModel,
  systemPromptHash: sha256(params.context.systemPrompt),   // ← THE BUG
  authProfileIdHash: …,
  authEpochHash: …,
  extraSystemPromptHash: params.context.extraSystemPromptHash,
  mcpConfigHash: …,
  skillsFingerprint,
  argv: stableArgv,
  env: …
});

params.context.systemPrompt contains everything OpenClaw assembles for the turn,
including inbound_meta, channel section ("Group Chat Context", "Reactions"), heartbeat
text, sender allowlist, current date/time, and the runtime banner. Most of those are
intentionally per-turn-volatile (that's their whole purpose).

The fingerprint already separately hashes extraSystemPromptHash (which catches static
config changes — the agent's persona prompt, SOUL.md, USER.md, AGENTS.md), so dropping
systemPromptHash does not weaken the integrity check. It just removes the per-turn
volatile component that should never have been part of the stability decision in the
first place.

Suggested fix

Remove the systemPromptHash field from buildClaudeLiveFingerprint's output. Diff:

   workspaceDirHash: sha256(params.context.workspaceDir),
   provider: params.context.params.provider,
   model: params.context.normalizedModel,
-  systemPromptHash: sha256(params.context.systemPrompt),
   authProfileIdHash: …,
   authEpochHash: …,
   extraSystemPromptHash: params.context.extraSystemPromptHash,

extraSystemPromptHash already covers the static-config side of the check.

Repro

1. Configure OpenClaw with a claude-cli backend (Claude Max subscription — see lodekeeper's gist on migrating from API to claude-cli).
2. Connect a Telegram bot channel.
3. Have the agent post a message that opens a thought ("I'll let you know when X").
4. Wait 1–10 minutes; the runtime injects fresh metadata on the next inbound.
5. User says something referential ("still working on it?"). Agent has no memory of the
   prior turn.

Affected versions

Confirmed on 2026.5.7 (current latest at filing time). Code path appears to have existed
since the live-session fingerprint was introduced; likely affects every release with
buildClaudeLiveFingerprint.

Scope

• Affected: claude-cli backend + chat channels with per-turn metadata injection.
  Telegram and Discord confirmed; Slack/iMessage/Signal/WhatsApp/Mattermost likely.
• Not affected: API backends (Anthropic Messages, OpenAI, OpenRouter, Vertex,
  Bedrock, etc.) — they don't keep a fingerprinted persistent process.
• Not affected: one-shot CLI invocations (openclaw run) — those don't have the
  multi-turn context-loss symptom even when running through claude-cli.

Related issues

• openclaw update run mid-turn causes total message loss on Telegram (and likely Discord) #71178 (openclaw update mid-turn message loss on Telegram) — describes
  reason=system-prompt resets, which is downstream of this same fingerprint check.
• Gateway restart causes session state loss, requiring manual intervention to resume autonomous tasks #62442 (gateway restart loses session state) — different surface, same root family.
• CLI backend responses sometimes not delivered to Telegram delivery context #75991 (CLI backend responses sometimes not delivered to Telegram) — adjacent code
  path; may share root cause depending on how the delivery mirror reads transcript.

Workaround

Locally patching the bundled JS to drop systemPromptHash from the fingerprint output
resolves the symptom. Tested on 2026.5.7 with Telegram + claude-cli; cross-turn context
is retained as expected after the change.

Next step

A PR with the source-level fix and tests will follow shortly.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve. Reviewed June 2, 2026, 1:11 AM ET / 05:11 UTC.

Summary
Codex review failed: codex execution failed.

Reproducibility: unclear. The review failed before ClawSweeper could establish a reproduction path.

Ways to help us reproduce this

• Add a screenshot or short recording showing the behavior.
• Add expected vs actual behavior.

Next step
Review did not complete, so no work-lane recommendation was made.

Review details

Best possible solution:

Retry the Codex review after fixing the execution failure.

Do we have a high-confidence way to reproduce the issue?

Unclear. The review failed before ClawSweeper could establish a reproduction path.

Is this the best way to solve the issue?

Unclear. Retry the review first so ClawSweeper can evaluate the actual issue and fix direction.

AGENTS.md: unclear because the file could not be read completely.

Remaining risk / open question:

• No close action taken because the review did not complete.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 93fd17447abd.

Label changes

Label changes:

• add issue-rating: 🦪 silver shellfish: Current issue advisory state selects this label.
• add clawsweeper:needs-info: Current issue advisory state selects this label.

Evidence reviewed

What I checked:

• failure reason: codex execution failed.
• codex failure detail: Codex review failed for this issue with exit 1.
• codex stdout: Per-item Codex failure; continuing with the rest of the shard.

Likely related people:

• unknown: Codex failed before it could trace repository history. (role: review did not complete; confidence: low)

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[openclaw-barnacle]

This issue has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.