OpenClaw Architecture
Understanding the Gateway architecture and how OpenClaw works under the hood.
architecturetechnical
OpenClaw Architecture
This page explains how OpenClaw works under the hood.
The Gateway Architecture
OpenClaw uses a Gateway architecture that enables unified multi-platform access. Configure once, use the same AI assistant across all supported platforms.
┌────────────────────────────────────────────────────────────────┐
│ OpenClaw Gateway │
│ │
│ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ │
│ │ Session │ │ Channel │ │ Tool │ │ Auth │ │
│ │ Manager │ │ Router │ │ Registry │ │ Guard │ │
│ └──────────┘ └──────────┘ └──────────┘ └──────────┘ │
│ │
└────────────────────────────────────────────────────────────────┘
↑ ↑ ↑
│ │ │
┌────┴────┐ ┌────┴────┐ ┌────┴────┐
│ WeChat │ │ Telegram│ │ Discord │
│ Adapter │ │ Adapter │ │ Adapter │
└─────────┘ └─────────┘ └─────────┘
Core Components
1. Session Manager
Manages conversation sessions across all platforms:
- Creates and maintains conversation context
- Handles session persistence
- Manages session timeouts
2. Channel Router
Routes messages between platforms and AI models:
- Receives messages from platform adapters
- Routes to appropriate AI model
- Returns responses to correct platform
3. Tool Registry
Manages tools and capabilities:
- Registers available tools
- Handles tool invocation
- Manages tool permissions
4. Auth Guard
Handles authentication and security:
- Validates API keys
- Manages platform credentials
- Enforces security policies
Data Flow
- Message Received: Platform adapter receives a message
- Validation: Auth guard validates the request
- Session Lookup: Session manager retrieves or creates session
- AI Processing: Message is sent to configured AI model
- Tool Execution: If tools are needed, they are invoked
- Response Generation: AI generates a response
- Delivery: Response is sent back through the platform adapter
Configuration Structure
# config.yaml
gateway:
session:
timeout: 3600
max_history: 50
channels:
- name: wechat
enabled: true
- name: telegram
enabled: true
- name: discord
enabled: false
models:
- name: claude
provider: anthropic
api_key: ${ANTHROPIC_API_KEY}
- name: gpt
provider: openai
api_key: ${OPENAI_API_KEY}
Security Model
- Local Processing: All processing happens on your machine
- API Key Isolation: Keys are stored locally, never transmitted
- Data Encryption: Optional encryption for stored data
- Access Control: Fine-grained permission management