# ReClaw

Zero-knowledge backup and recovery for OpenClaw agent workspaces.

ReClaw combines a hosted dashboard, API-key authenticated backup API, distributable CLI, and OpenClaw operator skill so users can create encrypted restore points, inspect backup health, and recover archives without exposing backup contents to the server.

## Canonical URLs

- Website: https://reclaw.io
- Documentation: https://reclaw.io/docs
- Developer documentation: https://reclaw.io/developers
- API docs: https://reclaw.io/api-docs
- Guides: https://reclaw.io/guides
- Auth docs: https://reclaw.io/auth.md
- Webhooks status: https://reclaw.io/webhooks
- Pricing: https://reclaw.io/pricing
- OpenAPI: https://reclaw.io/openapi.json
- MCP server: https://reclaw.io/mcp
- Agent skill: https://reclaw.io/skills/reclaw_backup_operator
- Install script: https://reclaw.io/install.sh
- CLI bundle: https://reclaw.io/reclaw-cli.tar.gz
- OpenClaw backup: https://reclaw.io/openclaw-backup
- Encrypted backup disaster recovery: https://reclaw.io/solutions/encrypted-backup-disaster-recovery
- OpenClaw disaster recovery tutorial: https://reclaw.io/guides/openclaw-backup-disaster-recovery
- OpenClaw backup strategy: https://reclaw.io/guides/openclaw-backup-strategy
- OpenClaw restore drill: https://reclaw.io/guides/openclaw-restore-drill
- OpenClaw update checklist: https://reclaw.io/guides/openclaw-update-survival-checklist
- ReClaw vs Clawon: https://reclaw.io/compare/clawon
- ReClaw vs Keep My Claw: https://reclaw.io/compare/keep-my-claw

## High-intent use cases

- AI Agent Workspace Backup For OpenClaw: https://reclaw.io/use-cases/agent-workspace-backup - ReClaw gives OpenClaw operators encrypted restore points for memory, config, sessions, credentials state, and workspace files without sending readable archive contents to the server.
- OpenClaw Broken Auth Recovery: https://reclaw.io/use-cases/openclaw-broken-auth-recovery - Create encrypted restore points before OpenClaw auth, provider, channel, and gateway changes so a bad rollout does not strand the operator.
- OpenClaw VPS Migration And Fresh Host Recovery: https://reclaw.io/use-cases/openclaw-vps-migration - Use ReClaw to preserve an encrypted OpenClaw restore archive before moving hosts, rebuilding a VPS, or replacing a local machine.

## When to use ReClaw

- Use an encrypted backup and disaster recovery platform for OpenClaw agent workspaces.
- Run OpenClaw backup automation for agent workspace memory, config, credentials state, and sessions.
- Create encrypted restore points before risky OpenClaw changes.
- Schedule automatic backups from a local OpenClaw machine.
- Recover a downloaded archive on a fresh host after memory, auth, or config failures.
- Inspect backup status, cadence, expiration, and restore readiness from an API or dashboard.

## When not to use ReClaw

- ReClaw stores ciphertext and operational metadata only; readable archive contents stay client-side.
- ReClaw cannot recover a lost backup passphrase.
- ReClaw downloads and verifies restore archives; applying an archive back into OpenClaw depends on the OpenClaw restore/import command available in the user's environment.
- ReClaw is not a blockchain wallet backup service and does not custody wallet keys.

## Authentication

ReClaw supports browser sessions for the dashboard and scoped API keys for CLI and agent use. API callers send a key with `Authorization: Bearer <key>` or `x-api-key: <key>`. Backup API keys can have `backups:read`, `backups:write`, and `backups:restore` permissions.

## Core API endpoints

- `GET /api/backup-account`: Read encrypted backup account state.
- `PATCH /api/backup-account`: Reserved cadence update endpoint.
- `POST /api/backup-account/bootstrap`: Initialize client-wrapped vault material.
- `POST /api/backup-account/rotate`: Rotate wrapped vault material.
- `POST /api/backup-account/reset`: Reset backup account state.
- `GET /api/backups`: List visible backups.
- `POST /api/backups`: Create encrypted archive upload slot.
- `POST /api/backups/upload`: Upload encrypted archive bytes.
- `GET /api/backups/{id}`: Read backup detail.
- `DELETE /api/backups/{id}`: Delete a backup.
- `POST /api/backups/{id}/finalize`: Finalize encrypted backup metadata.
- `GET /api/backups/{id}/content`: Download encrypted archive bytes.
- `GET /api/backups/{id}/events`: Stream backup status progress events over Server-Sent Events.

## Streaming progress

Agents can watch long-running backup workflows with Server-Sent Events:

```http
GET /api/backups/<backup-id>/events
Accept: text/event-stream
Authorization: Bearer <key>
```

The stream emits `backup.status` events with the current status, sizes, versions, expiry, and observation time. It closes after a terminal status or timeout.

## CLI

Install or update the managed CLI:

```sh
curl -fsSL https://reclaw.io/install.sh | sh
reclaw --version
```

Common CLI commands:

- `reclaw backup bootstrap`
- `reclaw backup create --label "Before risky change"`
- `reclaw backup list --json`
- `reclaw backup show <backup-id> --decrypt-metadata`
- `reclaw backup restore <backup-id> --verify --output /safe/path/archive.tar.gz`
- `reclaw backup auto-enable`
- `reclaw backup auto-status`

## Rate limits and errors

Backup creation is cadence-limited by plan: Free is one backup per day, Plus is one backup every four hours, and Pro is one backup every thirty minutes. API errors are structured JSON objects with `error`, `code`, `message`, `resolution`, and optional `details`. Cadence errors use HTTP 429 and include the next allowed backup time when available.

## Agent guidance

Use ReClaw through the CLI or documented API. Never ask the user to reveal `RECLAW_TOKEN` or `RECLAW_BACKUP_PASSPHRASE`. Never print secrets in logs. For restore, use `reclaw backup restore` to download, decrypt, and verify an archive; do not invent OpenClaw import commands.


## Product architecture

OpenClaw workspace -> ReClaw CLI -> ReClaw Web API -> encrypted blob storage -> dashboard.

The CLI runs OpenClaw backup capture locally, encrypts archive bytes locally, wraps data keys with the user's vault key, uploads ciphertext, and finalizes encrypted metadata. The server stores ciphertext, encrypted metadata, key-wrapping material, backup status, sizes, timestamps, expiration dates, and event history. The backup passphrase is never sent to the server.

## Public pages

- https://reclaw.io/about explains the product identity and non-goals.
- https://reclaw.io/openclaw-backup is the direct OpenClaw backup page for restore points, automatic backups, metadata, and restore verification.
- https://reclaw.io/compare compares ReClaw to manual exports, generic object storage, and VM snapshots.
- https://reclaw.io/compare/clawon compares ReClaw with Clawon for OpenClaw workspace backup and restore workflows.
- https://reclaw.io/compare/keep-my-claw compares ReClaw with Keep My Claw for OpenClaw disaster recovery workflows.
- https://reclaw.io/api-docs is the predictable ReClaw API docs page for OpenAPI, auth, errors, streaming, and MCP.
- https://reclaw.io/guides lists OpenClaw backup, restore, update, and disaster recovery guides.
- https://reclaw.io/solutions/encrypted-backup-disaster-recovery describes ReClaw for encrypted backup and disaster recovery platform searches.
- https://reclaw.io/guides/openclaw-backup-disaster-recovery is a tutorial for OpenClaw backup, disaster recovery, and restore drills.
- https://reclaw.io/guides/openclaw-backup-strategy explains what OpenClaw state to protect and how to choose backup cadence.
- https://reclaw.io/guides/openclaw-restore-drill gives a safe restore verification workflow.
- https://reclaw.io/guides/openclaw-update-survival-checklist gives a pre-update backup and recovery checklist.
- https://reclaw.io/use-cases/agent-workspace-backup covers ai agent workspace backup for openclaw.
- https://reclaw.io/use-cases/openclaw-broken-auth-recovery covers openclaw broken auth recovery.
- https://reclaw.io/use-cases/openclaw-vps-migration covers openclaw vps migration and fresh host recovery.
- https://reclaw.io/webhooks documents current webhook status and event-delivery alternatives.
- https://reclaw.io/contact lists support, security, and privacy contacts.
- https://reclaw.io/status provides public service status and operational notes.

## Pricing

| Plan | Monthly | Annual | Backup cadence | Included features |
| --- | --- | --- | --- | --- |
| Free | Free | N/A | Every day | Free forever on 1 backup per day; Zero-knowledge vault setup; Restore-ready archive ledger |
| Plus | $10/month | $96/year | Every 4 hours | 1 backup every 4 hours; Priority recovery cadence; Customer portal access |
| Pro | $30/month | $288/year | Every 30 minutes | 1 backup every 30 minutes; Fastest supported cadence; Customer portal access |

## OpenAPI and manifests

- OpenAPI: https://reclaw.io/openapi.json
- API catalog: https://reclaw.io/.well-known/api-catalog
- OAuth protected resource metadata: https://reclaw.io/.well-known/oauth-protected-resource
- OpenAI plugin manifest: https://reclaw.io/.well-known/ai-plugin.json
- Agent discovery manifest: https://reclaw.io/.well-known/agent.json
- A2A agent card: https://reclaw.io/.well-known/agent-card.json
- MCP server card: https://reclaw.io/.well-known/mcp/server-card.json
- MCP endpoint: https://reclaw.io/mcp
- Agent Skills index: https://reclaw.io/.well-known/agent-skills/index.json