fix: preserve Signal group session IDs

[steipete]

Summary

• Preserve Signal group IDs as provider-owned opaque peer IDs while keeping structural session-key tokens canonicalized.
• Carry the Signal-safe normalizer through routing, explicit session keys, inbound recording, session store lookup/migration, delivery info, transcript appends, group metadata, and gateway store/spawnedBy canonicalization.
• Add regressions for mixed-case Signal group IDs and legacy lowercase store entries.

Verification

• node scripts/run-vitest.mjs src/routing/session-key.test.ts src/routing/resolve-route.test.ts src/config/sessions/explicit-session-key-normalization.test.ts src/channels/session.test.ts src/config/sessions/group.test.ts --reporter=verbose
• node scripts/run-vitest.mjs src/config/sessions/store.session-key-normalization.test.ts src/config/sessions/delivery-info.test.ts src/gateway/session-utils.test.ts --reporter=verbose
• node scripts/run-vitest.mjs src/gateway/session-utils.test.ts --reporter=verbose -t "Signal group ids"
• node scripts/run-vitest.mjs src/config/sessions/transcript.test.ts --reporter=verbose
• codex-review --mode local: clean after accepting/fixing transcript legacy lookup finding
• git diff --check
• pnpm exec tsx direct probe for route/peer/history/store/spawnedBy preservation

Real behavior proof

Behavior addressed: Signal group auto-reply sessions no longer lowercase mixed-case group IDs, and legacy lowercase session-store entries remain readable/migratable.
Real environment tested: Local OpenClaw source checkout with focused route/session/store/gateway/transcript suites and direct TypeScript probe of the runtime key-normalization helpers.
Exact steps or command run after this patch: node scripts/run-vitest.mjs src/routing/session-key.test.ts src/routing/resolve-route.test.ts src/config/sessions/explicit-session-key-normalization.test.ts src/channels/session.test.ts src/config/sessions/group.test.ts --reporter=verbose; node scripts/run-vitest.mjs src/config/sessions/store.session-key-normalization.test.ts src/config/sessions/delivery-info.test.ts src/gateway/session-utils.test.ts --reporter=verbose; node scripts/run-vitest.mjs src/config/sessions/transcript.test.ts --reporter=verbose; codex-review --mode local; git diff --check; pnpm exec tsx direct key-preservation probe.
Evidence after fix: Copied terminal output after fix from the direct probe:

{
  "peer": "agent:main:signal:group:VWATodkf2hc8zdOS76q9Tb0+5Bi522E03qLdaQ/9ypg=",
  "route": "agent:main:signal:group:VWATodkf2hc8zdOS76q9Tb0+5Bi522E03qLdaQ/9ypg=",
  "history": "signal:default:group:VWATodkf2hc8zdOS76q9Tb0+5Bi522E03qLdaQ/9ypg=",
  "store": "agent:ops:signal:group:VWATodkf2hc8zdOS76q9Tb0+5Bi522E03qLdaQ/9ypg=",
  "spawnedBy": "agent:ops:signal:group:VWATodkf2hc8zdOS76q9Tb0+5Bi522E03qLdaQ/9ypg="
}

Observed result after fix: Signal group session keys and persisted group metadata retain the original mixed-case group ID, while legacy lowercase entries are still found by delivery and transcript lookup paths.
What was not tested: A live Signal gateway round-trip with signal-cli credentials was not run.

Fixes #82827.

[clawsweeper]

Codex review: needs maintainer review before merge.

Summary
The PR preserves mixed-case Signal group IDs across session-key normalization, routing, inbound session recording, store lookup/migration, delivery info, transcripts, gateway session utilities, and regression tests.

Reproducibility: yes. Current main source shows whole session keys and peer IDs being lowercased in routing, inbound recording, gateway store-key canonicalization, and store lookup paths that can carry signal:group:<mixed-case-id>.

Real behavior proof
Sufficient (terminal): The PR body includes after-fix terminal output from a direct runtime key-preservation probe plus focused route/session/store/gateway/transcript test commands; live Signal delivery was explicitly not tested.

Next step before merge
No ClawSweeper repair job is needed because this is already a focused implementation PR; the remaining action is normal maintainer review, checks, and landing decision.

Security
Cleared: The diff only changes session-key normalization, routing/session persistence lookup behavior, tests, and changelog; it does not alter dependencies, workflows, permissions, secrets, or package execution paths.

Review details

Best possible solution:

Land the focused normalization fix after normal maintainer review and required checks, then close the linked Signal regression as fixed by the merged PR.

Do we have a high-confidence way to reproduce the issue?

Yes. Current main source shows whole session keys and peer IDs being lowercased in routing, inbound recording, gateway store-key canonicalization, and store lookup paths that can carry signal:group:<mixed-case-id>.

Is this the best way to solve the issue?

Yes. For this P1 regression, preserving provider-owned Signal group IDs while retaining lowercase structural tokens and legacy lowercase lookup is the narrowest maintainable fix in the touched paths; a future generic opaque-peer contract can replace the Signal-specific branch if maintainers want to remove the core special case later.

What I checked:

• Current main source repro: peer IDs are lowercased: Current main lowercases non-direct peer IDs in shared session-key construction, which can corrupt a mixed-case signal:group:<id> before persistence or routing. (src/routing/session-key.ts:211, 9b5f5b86510b)
• Current main source repro: inbound keys are lowercased: Current main lowercases inbound session keys and last-route update keys before recording, another path that can rewrite the Signal group ID segment. (src/channels/session.ts:42, 9b5f5b86510b)
• Signal contract preserves group target case: The Signal plugin already treats group: targets as opaque by slicing and returning the original group ID rather than lowercasing it; send target parsing likewise passes groupId through unchanged. (extensions/signal/src/normalize.ts:16, 9b5f5b86510b)
• Patch coverage and proof in PR body: The PR body reports focused route/session/store/gateway/transcript tests plus copied terminal output from a direct runtime probe showing peer, route, history, store, and spawnedBy all preserve the mixed-case Signal group ID after the patch. (8e6d0024389e)
• Related issue and superseded draft context: The linked bug report describes v2026.5.12 Signal group auto-replies failing after mixed-case group IDs are lowercased, and a prior smaller draft fix was closed after this broader maintainer-labeled PR appeared.
• History provenance: Local blame attributes the current lowercasing session/routing/store paths to commit 121cd05, which added the current session-key and session-store implementation files. (src/routing/session-key.ts:211, 121cd054ef0a)

Likely related people:

• Shakker: Blame and file history in the checked-out main attribute the central session-key, store-entry, delivery-info, gateway session-store-key, channel session, and transcript paths to commit 121cd05. (role: introduced current session/routing implementation; confidence: high; commits: 121cd054ef0a; files: src/routing/session-key.ts, src/config/sessions/store-entry.ts, src/config/sessions/delivery-info.ts)
• Peter Steinberger: The PR head is authored by Peter Steinberger and carries the maintainer label; this makes him a practical follow-up route for review/landing, separate from the current-main blame trail. (role: proposed fix owner for this PR; confidence: medium; commits: 8e6d0024389e; files: src/sessions/session-key-utils.ts, src/routing/session-key.ts, src/config/sessions/store-entry.ts)

Remaining risk / open question:

• A live Signal gateway round-trip with signal-cli credentials was not run; the PR proof is focused local runtime probing and regression coverage.
• The patch puts a Signal-specific opaque-ID rule in shared session-key code, which is a pragmatic P1 fix but should still be accepted by the protected-label maintainer review path.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 9b5f5b86510b.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: e6a114a6ea

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Avoid conflating distinct Signal group IDs by lowercase fold

The new candidateMatches fallback treats any store key whose lowercase form equals foldedLegacyKey as a legacy alias, so resolving agent:...:signal:group:<ID> can select a different session whose group ID differs only by case if that entry has a newer updatedAt. In that case, reads/writes (including transcript/session metadata updates) can attach to the wrong conversation. This fallback should only match the true legacy-lowercased form of the requested key, not arbitrary case-colliding canonical keys.

Useful? React with 👍 / 👎.