OpenClaw LaunchOpenClaw Launch

Security

Last updated: February 20, 2026

OpenClaw Launch is designed to keep your data, credentials, and bot instances safe. This page describes the security measures we have in place and how we handle incidents.

Encryption

  • In transit: All traffic is encrypted with TLS 1.2+ via automatic HTTPS (Caddy reverse proxy). HSTS is enforced to prevent downgrade attacks.
  • At rest (credentials users): Configurations are encrypted client-side using AES-256-GCM before they reach our servers. Encryption keys are derived from your password using PBKDF2 with 100,000 iterations and wrapped with a per-user master key. We never see your plaintext configurations.
  • API keys: OpenRouter API keys provisioned for your instances are encrypted server-side with AES-256-GCM before storage. They are only decrypted in memory when writing your instance configuration.
  • Bot tokens: Telegram and Discord bot tokens you provide are stored in your encrypted configuration and written to the instance config directory, which is isolated per container.

Instance Isolation

  • Container isolation: Each bot instance runs in its own Docker container with dedicated storage. Containers cannot access each other's data, network namespaces, or filesystem.
  • Resource limits: Every container has CPU, memory, and disk quotas enforced at the Docker level. Instances that exceed disk limits are automatically stopped.
  • Network segmentation: Containers are attached to an isolated Docker network. Outbound access is limited to the APIs your bot needs (LLM providers, chat platforms, and the OpenClaw gateway port).
  • Session isolation: Each Telegram/Discord user gets their own conversation session (per-channel-peer scope), preventing cross-talk between users of the same bot.

Authentication & Access Control

  • OAuth: Sign in with Google or GitHub. We never store or handle OAuth passwords — authentication is delegated to the identity provider.
  • Password hashing: Email/password accounts use bcrypt with a cost factor of 12.
  • Session management: Sessions use signed JWTs with short expiry. Tokens are stored in HTTP-only, Secure, SameSite cookies.
  • Gateway authentication: Every deployed instance requires a unique, randomly-generated UUID token to access its web gateway. Device pairing adds an additional layer for remote connections.
  • Two-factor authentication: Credentials accounts can enable TOTP-based 2FA using any authenticator app (Google Authenticator, Authy, 1Password). When enabled, login requires both your password and a 6-digit time-based code.
  • Rate limiting: Login, registration, password reset, and sensitive account operations are rate-limited per IP and per user to prevent brute-force attacks.

Input Validation

  • Schema validation: All API inputs are validated with Zod schemas before processing. Malformed or unexpected data is rejected at the boundary.
  • SQL injection prevention: We use Drizzle ORM with parameterized queries exclusively. No raw SQL is constructed from user input.
  • Bot token verification: Telegram and Discord bot tokens are verified against platform APIs before deployment. Invalid tokens are rejected.
  • URL validation: Redirect URLs are validated to prevent open-redirect vulnerabilities.

Spending Controls

  • Credit limits: Each subscription tier has a built-in AI usage cap enforced through OpenRouter. Lite plans include $1/month in AI credits; Pro plans include $10/month. When credits are exhausted, the LLM provider rejects further requests — your bot remains running but cannot generate AI responses until credits renew or you purchase more.
  • No surprise charges: AI usage is capped, not billed by the token. You choose your plan and optional credit top-ups. We do not charge overage fees.
  • Usage alerts: When your credit usage exceeds 80%, we send you an email alert so you can take action before credits run out. Credit consumption is synced every 30 minutes.

Infrastructure

  • Hosting: All infrastructure runs on Hetzner cloud servers in a dedicated environment. SSH access requires Ed25519 key authentication — password login is disabled.
  • Database backups: PostgreSQL is backed up daily at 3:00 AM UTC with 7-day retention. Backups are stored on the server filesystem and can be restored on demand.
  • HTTPS everywhere: Caddy automatically provisions and renews TLS certificates via Let's Encrypt. All HTTP traffic is redirected to HTTPS.
  • Security headers: We set Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy headers on all responses.
  • Dependency management: We run npm audit as part of our deployment pipeline and address critical/high vulnerabilities before release.

Data Handling

  • No AI training: We do not use your configurations, conversations, or any instance data to train AI models. Your data is used solely to operate the service on your behalf.
  • Minimal data collection: We collect only what's needed to operate the service: account info, configurations, and basic page-view analytics for authenticated users. We do not use third-party analytics services.
  • Data export: You can export your running instance configuration at any time via the instance API. Sensitive fields (API keys, bot tokens, gateway tokens) are automatically redacted in exports.
  • Data deletion: You can delete configurations and instances from your dashboard at any time. Account deletion is available in Settings and removes all associated data, containers, and API keys.
  • GDPR rights: You have the right to access, export, correct, and delete your personal data. Contact [email protected] for data access or portability requests. We respond within 30 days.

Incident Response

  • Audit logging: All security-relevant actions are logged: login attempts (successful and failed), account registration, password changes, 2FA changes, instance creation/deletion/start/stop, and account deletion.
  • Monitoring: Instance health checks run on a continuous cycle. Containers that fail health checks or exceed resource limits are flagged and stopped automatically.
  • Breach notification: In the event of a data breach affecting your account, we will notify you by email within 72 hours of discovery, consistent with GDPR requirements.
  • Vulnerability reporting: If you discover a security vulnerability, please report it to [email protected]. We investigate all reports and aim to acknowledge within 48 hours.
  • Instance kill switch: You can stop or delete any of your instances immediately from the dashboard. If you suspect compromise, stop the instance and rotate your bot tokens on the respective platform.

What We're Working On

Security is an ongoing effort. Here's what's on our roadmap:

  • Gateway token rotation from the dashboard
  • WebAuthn / passkey support

Contact

For security concerns, please email [email protected]. For general questions, see our Privacy Policy and Terms of Service, or reach us at [email protected].