Releases: BlockRunAI/ClawRouter
v0.12.158
- SKILL.md data-flow + key-storage transparency — second-pass fix for the OpenClaw scanner on clawhub.ai. v0.12.157 cleared the original scanner flags (opaque credentials, implied multi-provider keys, no install artifact). A deeper rescan surfaced three new nuanced flags: prompts go to blockrun.ai (data-privacy framing), wallet private-key storage location/encryption undocumented, and users may expect strictly-local routing. All three addressed: description reframed as "Hosted-gateway LLM router" with explicit Ollama pointer for local-only needs; new Data Flow section with ASCII diagram, enumerated sent/not-sent lists, link to https://blockrun.ai/privacy; new Credentials & Local Key Storage section documenting config file paths per OS, 0600 POSIX permissions, plaintext parity with other OpenClaw provider keys, encryption guidance (FileVault/LUKS/BitLocker or burner wallet), src/wallet.ts source pointer; new Supply-Chain Integrity section with npm pack verification and tagged-release invariant.
v0.12.157
- SKILL.md credential transparency — rewrote
skills/clawrouter/SKILL.mdto clear the OpenClaw scanner's medium-confidence suspicious verdict on clawhub.ai. Frontmatter now declaresrepository: https://github.com/BlockRunAI/ClawRouter,license: MIT, and a structuredmetadata.openclaw.installarray (kind: node,package: @blockrun/clawrouter,bins: [clawrouter]) so the registry entry has an auditable install artifact instead of a bare bash block. Body adds a Credentials & Data Handling section fully enumerating whatmodels.providers.blockrunstores (walletKey/solanaKey— auto-generated locally, never transmitted;gateway/routing— non-sensitive), and explicitly states the plugin does not collect or forward third-party provider API keys (OpenAI/Anthropic/Google/DeepSeek/xAI/NVIDIA) — the blockrun.ai gateway owns those relationships and routes on the server side. Addresses the three scanner flags (opaque credential declaration, implied multi-provider credential collection, no install artifact for review) raised against v0.12.156 on https://clawhub.ai/1bcmax/clawrouter.
v0.12.156
v0.12.156 — Apr 20, 2026
- Kimi K2.6 added — Moonshot's new flagship (
moonshot/kimi-k2.6, 256K context, vision + reasoning, $0.95 in / $4.00 out per 1M) registered inBLOCKRUN_MODELSwithkimi-k2.6alias. Added to the curated/modelpicker list (src/index.ts,scripts/update.sh,scripts/reinstall.sh), the README pricing table,docs/routing-profiles.md, and the AI-agent-facing model catalog inskills/clawrouter/SKILL.md. Premium routing tier (blockrun/premium) now uses K2.6 as the SIMPLE primary and as a fallback in MEDIUM/COMPLEX, withnvidia/kimi-k2.5retained as the first fallback for reliability. The generickimi/moonshotaliases still resolve tonvidia/kimi-k2.5(matches BlockRun server'sblockrun/kimistance); users opt in to K2.6 explicitly viakimi-k2.6orblockrun/premium. - GitHub restored as canonical source — BlockRunAI GitHub org is back.
package.jsonrepository.url, README badges, CONTRIBUTING clone URL,openclaw.security.json, all docs (anthropic-*,clawrouter-cuts-*,clawrouter-vs-openrouter,11-free-ai-models,llm-router-benchmark-*,smart-llm-router-14-dimension-classifier,subscription-failover,troubleshooting),skills/release/SKILL.md, and thesse-error-formatregression-test comment now point atgithub.com/BlockRunAI/ClawRouter. GitLab mirror (gitlab.com/blockrunai/ClawRouter) is kept as a secondary remote for redundancy but is no longer advertised. Metadata + docs only; no runtime/code changes.
v0.12.149
Bug Fix
- Suppress remaining duplicate startup logs — The v0.12.147 fix only guarded provider registration logs. This release extends the guard to cover all repeated diagnostic messages on multi-call
register():- "Proxy already started by earlier register() call — skipping" (main offender, fired on every call after proxy start)
- "pluginConfig empty — deferring proxy startup 250ms..."
- Non-gateway wallet source logs + "Not in gateway mode"
Improvements
- Explicit-pin models skip free-model fallback — When a user explicitly picks a model, ClawRouter no longer silently appends a free model as last-resort fallback
- Retry explicit-pin on transient 5xx — Single-model requests now retry once with short backoff on upstream server errors instead of immediately failing
Install: npm i -g @blockrun/clawrouter@latest
v0.12.148
Bug Fixes
Suppress duplicate registration log spam. OpenClaw calls `register()` 4+ times per gateway startup. Each call re-registers providers, commands, and tools (idempotent — last loaded plugin wins) but previously also logged 6 info lines per call, producing 24+ identical lines on every startup.
Now only the first `register()` call emits verbose info logs. Subsequent calls silently re-register without logging.
Before:
```
Commands registered: /wallet, /blockrun, /stats, /exclude
Proxy already started by earlier register() call — skipping
BlockRun provider registered (55+ models via x402)
Registered BlockRun web_search provider (blockrun-exa)
Configured BlockRun MCP server (blockrun) via npx @blockrun/mcp@latest
Registered 9 partner tool(s): blockrun_x_users_lookup, ...
(× 4 times)
```
After:
```
Commands registered: /wallet, /blockrun, /stats, /exclude
BlockRun provider registered (55+ models via x402)
Registered BlockRun web_search provider (blockrun-exa)
Configured BlockRun MCP server (blockrun) via npx @blockrun/mcp@latest
Registered 9 partner tool(s): blockrun_x_users_lookup, ...
(× 1 time)
```
Reported by Cheetah.
v0.12.146
New Feature
Every routed response now carries a `usage.cost` breakdown.
Users on `blockrun/auto` previously had no visible signal of which model actually answered or how much each call cost. Now every response includes:
```json
{
"model": "google/gemini-2.5-flash",
"usage": {
"prompt_tokens": 120,
"completion_tokens": 80,
"total_tokens": 200,
"cost": {
"total": 0.00023,
"input": 0.000018,
"output": 0.000048,
"baseline": 0.00618,
"savings_pct": 96,
"model": "google/gemini-2.5-flash",
"tier": "SIMPLE"
}
}
}
```
What OpenClaw users see (no OpenClaw changes required)
- `/usage full` footer now shows session cost totals that increase as you chat
- `/stats`-style reports aggregate cost per model and per day
- Works automatically — OpenClaw's `session-cost-usage` module already parses the standard `usage.cost.{total,input,output}` fields
Extra metadata (forward-compat)
`baseline`, `savings_pct`, `model`, and `tier` are non-standard fields that current OpenClaw ignores. Future OpenClaw UI work can render them as an inline per-message badge (e.g. `via free/glm-4.7 · $0.0023 · saved 96%`) without any ClawRouter changes.
No context pollution
`usage` is OpenAI metadata — LLMs never see it when the conversation history is replayed. Safe to emit on every turn.
Technical details
- Uses ACTUAL upstream token counts (not pre-request estimates) via `calculateModelCost()`
- Server margin and MIN_PAYMENT_USD floor are applied consistently to both `total` and `baseline`
- Streaming responses emit a final OpenAI `include_usage`-format chunk before `[DONE]`
- Non-streaming responses always overwrite the top-level `model` field (some upstreams omit it)
- 9 new unit tests in `src/proxy.cost.test.ts`
Reported by
This feature was driven by user feedback that "auto" didn't feel transparent — users couldn't tell if it was actually saving money or just a black box.
v0.12.145
Improvements
- eco/premium null fallback (router/strategy.ts): when `ecoTiers` or `premiumTiers` is set to `null`, fall back to regular `tiers` instead of dropping into auto routing. Preserves the eco/premium profile semantics even when the special tier set is disabled.
- provider.ts: `setActiveProxy` now accepts `null` (used by the deactivate path).
- debug-command test: 2s client-side timeout so the test no longer hangs on slow upstream.
- CI green: prettier formatting cleanup in `src/index.ts` and `src/index.lifecycle.test.ts`.
v0.12.144
Bug Fixes
`/model` command now actually switches the model.
When a user ran `/model blockrun/free/glm-4.7` in OpenClaw, the bot's next response often still claimed to be the previously pinned model (typically Sonnet). The model wasn't really switching — it was being silently overridden by ClawRouter's session pinning, which was designed to prevent mid-task model switching but was too aggressive.
What changed
- `SessionEntry` now carries a `userExplicit` flag.
- When ClawRouter receives an explicit non-profile model (e.g. `blockrun/free/glm-4.7`, `anthropic/claude-opus-4.6`), it pins the session with `userExplicit=true`.
- Routing-profile requests (`blockrun/auto`, `blockrun/eco`, etc.) respect a user-explicit pin unconditionally — no tier-rank comparison, no escalation. The user's intent wins.
- The flag is sticky across fallback re-pins; it can only be cleared when the session expires.
User-visible impact
`/model ` actually switches the model, and the choice persists across follow-up messages even when OpenClaw reverts to sending `blockrun/auto` in subsequent chat completions.
v0.12.143
v0.12.142
Bug Fixes (#147)
User routing config in openclaw.json was silently ignored.
OpenClaw calls `register()` twice during gateway startup. The first call runs in a pre-gateway phase before `openclaw.json` has been parsed, so `api.pluginConfig` is empty. The previous `proxyAlreadyStarted` guard caused the proxy to start with `DEFAULT_ROUTING_CONFIG` on that first call, then the second call (the one with the user's actual `plugins.entries.clawrouter.config.routing`) bailed out as a no-op.
Result: any custom `routing`, `walletKey`, `maxCostPerRun`, etc. defined in `openclaw.json` was silently ignored.
Fix
- When `pluginConfig` is empty on a `register()` call, defer proxy startup for 250ms instead of starting immediately.
- If a second `register()` call arrives within that window with a populated `pluginConfig`, it cancels the deferred timer and starts the proxy with the real config.
- If no second call ever arrives (user has no plugin config at all), the timer fires and the proxy starts with defaults — no deadlock.
Reported by @jeegankones in #147.
