Techcle Wiki

Known Issues

3 min read

OpenClaw Known Issues

WhatsApp Credential Store Bloat (Critical)

Issue: WhatsApp Baileys library accumulates encryption credential files indefinitely, causing performance degradation and pod crashes.

Upstream Tracking: OpenClaw Issue #19618

Symptoms

  • Pod entering crash loop with liveness probe failures
  • Healthcheck command taking 15-30+ seconds (normal: <5s)
  • High CPU usage (50-90%) on gateway process
  • Large number of files in /home/node/.openclaw/credentials/whatsapp/default/
  • Sender-key files growing to 85KB+ for group chats

Root Cause

The Baileys WhatsApp library (used by OpenClaw) does not implement automatic pruning of:

  1. Pre-key files (pre-key-*.json) - Used for establishing new encrypted sessions
  2. Sender-key files (sender-key-*.json) - Used for group chat encryption

Over time, these accumulate indefinitely:

  • Pre-keys: Can reach 800+ files (only ~100 needed)
  • Sender-keys: Individual files can grow to 85KB+ for active group chats

This causes the node dist/index.js channels status --json command (used by healthcheck) to slow down dramatically as it reads and processes all credential files.

Workarounds Implemented

1. Increased Liveness Probe Timeout

File: infrastructure/kustomize/components/openclaw/deployment.yaml

Changed from:

livenessProbe:
  timeoutSeconds: 10
  periodSeconds: 30

To:

livenessProbe:
  timeoutSeconds: 30
  periodSeconds: 60
env:
  - name: HEALTHCHECK_TIMEOUT
    value: "25"

This gives the healthcheck enough time to complete even with credential bloat.

2. Configurable Healthcheck Timeout

File: services/openclaw/healthcheck.py

Made timeout configurable via HEALTHCHECK_TIMEOUT environment variable (default: 25s) to ensure it’s always less than Kubernetes liveness probe timeout.

3. Manual Credential Cleanup Script

File: services/openclaw/cleanup-whatsapp-credentials.sh

Maintenance script to manually clean up bloated credentials:

# Run from local machine
kubectl exec -n code-server deployment/openclaw -- \
  /bin/bash /home/node/cleanup-whatsapp-credentials.sh

What it does:

  • Keeps only the 99 most recent pre-key files
  • Deletes sender-key files larger than 10KB
  • Tests healthcheck performance after cleanup

When to Run Cleanup

Run the cleanup script when you observe:

  • Pod crash loops due to liveness probe timeouts
  • Healthcheck duration >15 seconds
  • High CPU usage on OpenClaw pod
  • Increased response times for WhatsApp operations

Recommended: Run cleanup monthly or when symptoms appear.

Monitoring

Check credential file count and healthcheck performance:

# Check file counts
kubectl exec -n code-server deployment/openclaw -- \
  sh -c 'cd /home/node/.openclaw/credentials/whatsapp/default && \
  echo "Pre-keys: $(ls pre-key-*.json 2>/dev/null | wc -l)" && \
  echo "Sender-keys: $(find . -name "sender-key-*.json" | wc -l)" && \
  echo "Large sender-keys (>10KB): $(find . -name "sender-key-*.json" -size +10k | wc -l)"'
 
# Test healthcheck duration
kubectl exec -n code-server deployment/openclaw -- \
  sh -c 'time timeout 25 node /home/node/dist/index.js channels status --json'

Long-term Solution

This is a workaround, not a permanent fix. Options for long-term resolution:

  1. Upstream Fix: Monitor OpenClaw issue #19618 for a fix in Baileys library
  2. Automated Cleanup: Implement a CronJob to run cleanup script periodically
  3. Custom Pruning Logic: Fork Baileys and implement credential pruning
  4. Alternative Backend: Consider switching to a different WhatsApp library
  • services/openclaw/cleanup-whatsapp-credentials.sh - Manual cleanup script
  • services/openclaw/healthcheck.py - Configurable healthcheck with timeout
  • infrastructure/kustomize/components/openclaw/deployment.yaml - Increased timeouts

Last Updated: 2026-02-24
Status: Workaround implemented, monitoring required

Graph View

Backlinks