OpenClaw Architecture

OpenClaw is a personal AI assistant platform designed to run on your own infrastructure — laptop, VPS, Mac Mini, or container — while connecting to the messaging platforms you already use.

Instead of relying only on prompt engineering, OpenClaw builds a structured execution environment around language models: session management, memory systems, tool sandboxing, routing, and access control. The model provides intelligence; OpenClaw provides the operating system layer.

Conversation history, tool execution, and orchestration stay on your infrastructure while model calls go to your chosen provider.

• Hub‑and‑spoke architecture centered on a Gateway.
• Gateway acts as WebSocket control plane.
• Agent Runtime executes the AI loop end‑to‑end.
• Interfaces are separated from intelligence runtime.

Messaging channels, CLI, web UI, and mobile apps connect to the Gateway, which routes messages to the Agent Runtime where context assembly, model calls, and tool execution occur.

OpenClaw is extension‑first and supports plugin categories:

• Channel plugins — new messaging platforms
• Memory plugins — alternative storage backends
• Tool plugins — custom capabilities
• Provider plugins — model providers

Plugins are discovered automatically and loaded when configuration is present, without modifying core code.

Channel Adapters

Normalize inbound and outbound messages across platforms with authentication, parsing, access control, and formatting.

Control Interfaces

• Web UI dashboard
• CLI tooling
• macOS menu bar app
• Mobile nodes

Gateway Control Plane

Single source of truth. Handles routing, sessions, access control, events, and security enforcement.

• Session resolution and isolation
• Context assembly from history + memory
• Streaming model invocation
• Tool interception and execution
• Persistent state updates

Prompts are composed from workspace files, skills, memory search, and tool definitions to produce a structured system prompt.

• Canvas visual workspace with agent‑generated UI
• Agent‑to‑UI declarative components (A2UI)
• Voice wake and talk mode
• Multi‑agent routing per channel or group
• Agent‑to‑agent session tools
• Cron jobs and webhooks

1. Ingestion from channel adapter
2. Access control and session routing
3. Context assembly
4. Model invocation
5. Tool execution loop
6. Response delivery + persistence

The system streams tokens, intercepts tool calls, executes safely, and formats responses per platform.

• JSON5 configuration
• Session event logs with compaction
• SQLite vector memory search
• Workspace memory files
• Credential isolation with strict permissions

• Loopback binding by default
• Token or password auth
• Device pairing
• Channel allowlists + mention gating
• Docker tool sandboxing
• Prompt injection defenses

Defense‑in‑depth combines access control, sandboxing, tool policy, and context isolation.

• Local development
• macOS menu bar production
• Linux / VPS with SSH tunnel
• Tailscale serve or funnel
• Fly.io container deployment

OpenClaw delivers a self‑hosted AI assistant platform with strong control boundaries, multi‑channel access, extensibility, and security. It enables developers and power users to run AI on their own terms while keeping orchestration and state local.