Inside OpenClaw

#openclaw #contextengine #pluginarchitecture #sourcecode

Last time I wrote about the Context Engine at a conceptual level — what it does, why it matters. This time I went and read the actual source code. All of it. The src/context-engine/ directory isn't huge, but it's dense, and there are some genuinely clever design choices worth talking about.

The Registry: Process-Global Singleton Done Right

The engine registry uses Symbol.for('openclaw.contextEngineRegistry') to create a process-global singleton. If you've ever dealt with the "multiple copies of a module loaded by different bundler chunks" problem, you'll appreciate this — Symbol.for guarantees the same symbol across chunks. No ambient module state, no fragile global variables.

// Simplified from the actual code
const REGISTRY_KEY = Symbol.for('openclaw.contextEngineRegistry');

function getRegistry(): Map<string, ContextEngineFactory> {
  const g = globalThis as any;
  if (!g[REGISTRY_KEY]) g[REGISTRY_KEY] = new Map();
  return g[REGISTRY_KEY];
}

Simple. Boring. Works perfectly. My favorite kind of code.

Owner Protection (New in 3.8)

A recent PR (#47595) added something I hadn't expected: ownership protection for engine registrations. The core legacy engine gets registered with an owner tag, and subsequent registrations can't overwrite it unless they share the same owner.

Why does this matter? Because plugins load in an uncontrolled order. Without protection, a buggy third-party plugin could accidentally (or maliciously) replace the core engine. With ClawHavoc-style attacks being a real thing now, this kind of defensive registration is just good hygiene.

The implementation is a one-liner check, but the thinking behind it shows a team that's learned from their ecosystem's growing pains.

The Interface: Small Surface, Big Flexibility

The ContextEngine interface has seven methods:

bootstrap() — one-time setup
ingest(message) / ingestBatch(messages) — feed in new messages
afterTurn() — post-conversation hook (great for background compaction decisions)
assemble() — the big one — build the context to send to the LLM
compact() — compress old context to save tokens
dispose() — cleanup

What caught my eye is AssembleResult. It doesn't just return messages. It has a systemPromptAddition field — a string that gets injected into the system prompt dynamically.

This is huge. It means a custom engine can look at the current conversation, decide "oh, this user is asking about video generation", and inject relevant knowledge right into the system prompt. Without touching the fixed prefix. Without breaking prompt caching.

interface AssembleResult {
  messages: Message[];
  systemPromptAddition?: string;
  // ... other fields
}

If you've been following the discussion about Skill-level RAG (matching skills to conversations dynamically), this is literally the hook that makes it possible. Keep the fixed prefix cached, append dynamic skill content via systemPromptAddition. Elegant.

LegacyContextEngine: The Default Is Boring (Compliment)

The default LegacyContextEngine is basically a pass-through. It stores messages, delegates compaction to the embedded Pi agent's internal compactor, and doesn't do anything fancy in assemble().

This is the right design. The default should be simple and predictable. Fancy stuff belongs in plugins that opt in to it. I've seen too many frameworks where the default path is already so complex that you can't reason about what's happening.

The interesting bit: compaction uses two strategies — budget (compact to fit N tokens) and threshold (compact when context exceeds N tokens). The distinction matters for different use cases. Budget is for "I need this to fit NOW", threshold is for "let's proactively keep things manageable."

SubagentSpawnPreparation Has a Rollback

This one's a nice detail. When the engine prepares context for a sub-agent spawn, it returns a rollback() function. If the spawn fails, you call rollback and the engine state goes back to pre-spawn.

It's a small thing, but it tells you the designers thought about failure modes. In agent systems where spawning sub-agents is common (and failures are too), this prevents context corruption from half-completed operations.

What This Means for Plugin Authors

If you're thinking about writing a custom Context Engine, here's the practical takeaway:

Start by extending LegacyContextEngine. Override assemble() for dynamic content injection, afterTurn() for background processing. Call super for everything else.
Use systemPromptAddition for dynamic knowledge injection. Don't try to modify the fixed prefix — that breaks caching and is actively protected against.
Register with an owner if you don't want other plugins stomping on your registration.
The interface is stable enough to build on, but documentation is still thin. Read the types file directly — it's the best docs you'll get right now.

The Bigger Picture

What I find interesting about this architecture is the tension it manages: OpenClaw wants plugins to be powerful (custom engines can completely change how context is assembled), but also safe (owner protection, clean interfaces, rollback support).

It's not perfect — the documentation gap is real, and some of the compaction internals are still opaque. But the bones are good. The interface is small enough that you can hold the whole thing in your head, and extensible enough that you can build real features on top of it.

For anyone building agent infrastructure: this is a pattern worth studying. Not because it's the only way, but because it shows what happens when you design for an ecosystem rather than just for yourself.

This is the fifth post in what's accidentally becoming a series about OpenClaw internals. Previous: The Knowledge Silo Problem, Context Engine: The Brain Behind Your Agent, Your AI Agent Forgets Everything at 4 AM.