Clack

WebSocket relay server that enables real-time voice conversations with an OpenClaw agent.

Flow: Client audio (PCM 16kHz/16-bit/mono) → STT → OpenClaw Gateway → TTS → PCM audio back to client.

Per-session provider selection: The client can independently choose STT and TTS providers per call — any combination of on-device (Apple speech frameworks) and server-side providers (ElevenLabs, OpenAI, Deepgram). The server auto-detects all available providers based on configured API keys and exposes them via /info.

Prerequisites

Python 3.10+
API key for at least one provider (ElevenLabs, OpenAI, or Deepgram) — not needed for local speech mode
OpenClaw Gateway with chatCompletions endpoint enabled
Root/sudo access (for systemd)
Secure connection: Domain with SSL (recommended) or Tailscale

Setup

Run the setup script. It creates a venv, installs deps, prompts for API keys, configures a systemd service, and optionally sets up SSL.

sudo bash scripts/setup.sh

The script auto-detects your OpenClaw gateway config and interactively prompts for provider API keys (ElevenLabs, OpenAI, Deepgram — all optional). On re-runs, existing keys can be kept, updated, or deleted.

Options

bash scripts/setup.sh [--port 9878] [--domain clack.example.com]

Flag	Default	Description
`--port`	`9878`	Relay server port
`--domain`	(none)	Domain for SSL setup (enables WSS)

Connection modes

All connections are encrypted. The app supports two modes:

Domain with SSL (recommended):

bash scripts/setup.sh --domain clack.yourdomain.com
# → wss://clack.yourdomain.com/voice

Requires a DNS A record pointing the domain to your server IP. The setup script auto-configures SSL via Caddy. You can use a free domain from DuckDNS or your own.

Tailscale:

# Install Tailscale on your server, then connect from the app using your Tailscale IP
# → ws://100.x.x.x:9878/voice (encrypted at network level)

No domain or SSL setup needed. Tailscale encrypts all traffic at the network layer. Install Tailscale on both your server and phone, then use the server's Tailscale IP in the app.

Security note: Port 9878 should be firewalled from the public internet. Only allow access via localhost (for Caddy reverse proxy) and Tailscale. The app does not support unencrypted public connections.

Enable OpenClaw Gateway endpoint

The gateway must have chatCompletions enabled. Apply this config patch:

{"http": {"endpoints": {"chatCompletions": {"enabled": true}}}}

Management

clack status     # Check service status
clack restart    # Restart the server
clack logs       # Tail logs
clack pair       # Generate a new pairing code
clack update     # Pull latest code and restart
clack setup      # Re-run interactive setup (add SSL later, update keys, etc.)
clack uninstall  # Remove service and venv

Client App

📱 iOS — Available on the App Store (or build from source at github.com/fbn3799/clack-app) 🤖 Android — Coming soon!

Security

Authentication

All endpoints except GET /health and POST /pair require a valid auth token (RELAY_AUTH_TOKEN). Tokens are verified using constant-time HMAC comparison to prevent timing attacks.

Pairing System

6-character alphanumeric one-time codes (~2.1 billion combinations)
Codes expire after 5 minutes (TTL) and are single-use
Rate limited: 5 attempts per IP per 5 minutes — returns HTTP 429 after
2-second delay on failed attempts to slow brute force
Generating a code requires the admin auth token (GET /pair)
Redeeming a code is public but rate-limited (POST /pair)

Encrypted Connections

Domain mode: WSS (WebSocket Secure) via Caddy with automatic SSL certificates
Tailscale mode: WireGuard encryption at the network layer
The app enforces encrypted connections — no unencrypted public access
Port 9878 should be firewalled; only accessible via localhost and Tailscale

Input Sanitization

All user-facing text inputs are sanitized before processing:

Voice transcripts: Capped at 300 characters (CLACK_MAX_INPUT_CHARS), echo detection filters feedback loops, hallucination detection discards nonsense STT output
User context: Stripped to natural-language characters only (letters, numbers, common punctuation, whitespace). Control characters, escape sequences, and non-printable characters are removed. Capped at 1000 characters. Context is wrapped in explicit delimiters before injection into the system prompt.
No shell execution: All external communication uses structured HTTP/WebSocket APIs. No user input is ever passed to a shell.

Data Privacy

No analytics, tracking, or telemetry
Voice audio goes to your server and only to the providers you choose
The iOS app stores only settings locally (server address, token, preferences)
Third-party API usage depends on your provider config (ElevenLabs, OpenAI, Deepgram)

Session Routing

Each voice call creates a clack:<uuid> session in OpenClaw. These are small, isolated sessions — one per call — so voice conversations don't pollute your main agent context.

Session Picker

The session picker in the iOS app provides context injection only. When you select a session key, it is added as text context to the LLM prompt — it does not change routing. All voice calls still create their own clack:<uuid> session.

User Context

Users can provide persistent context that gets injected into the system prompt for every voice call. This lets the AI know about the user's preferences, notes, or any background information.

How to set context

App text field: In the Clack app under Settings → Context, enter free-form text
Session picker: Select an OpenClaw session to inject its content as context
WebSocket message: Send {"type": "set_context", "text": "..."} during a voice session
HTTP API: PUT /context?token=...&text=... or POST /context with JSON body {"text": "..."}

Context is sanitized before saving — only natural-language characters are kept (letters, numbers, common punctuation). IP addresses and domains are stripped. The server returns the sanitized text in the response so the app can show the user exactly what will be sent as context.

Context persists across calls and server restarts. Clear it via DELETE /context or by sending an empty set_context message.

Conversation History

The relay maintains a shared history file across calls for continuity. History is stored as JSON in CLACK_HISTORY_DIR (default: /var/lib/clack/history).

Max messages: 50 (configurable via CLACK_MAX_HISTORY)
History persists across calls and server restarts
Viewable via GET /history, clearable via DELETE /history

Echo Test Mode

For testing audio round-trips without using LLM credits:

Server-wide: Set CLACK_ECHO_MODE=true environment variable
Per-session: Send {"type":"start","config":{"echo":true}} from the client

In echo mode, transcribed text is echoed back through TTS instead of being sent to the LLM. Audio is peak-normalized with capped gain to ensure consistent playback volume.

Provider Selection

STT and TTS providers can be configured independently per session. The server auto-detects all available providers at startup based on which API keys are set (ELEVENLABS_API_KEY, OPENAI_API_KEY, DEEPGRAM_API_KEY).

Available modes per direction (STT / TTS):

On-device (local): Uses Apple's built-in speech frameworks. Zero API costs.
Server provider: ElevenLabs, OpenAI, or Deepgram — whichever keys are configured.

How it works:

App fetches GET /info to discover available providers
User picks STT and TTS providers independently in Settings → Voice
On call start, the app sends sttProvider and ttsProvider in the session config
Server creates the appropriate provider instances per session

Example combinations:

STT	TTS	Use case
ElevenLabs	ElevenLabs	Full cloud — best quality
On-device	ElevenLabs	Save STT costs, keep premium voices
On-device	On-device	Fully local — zero API usage, works offline
OpenAI	Deepgram	Mix providers freely

Cost optimization: Use on-device STT (free, unlimited) with a premium cloud TTS voice — get great output quality while eliminating transcription costs entirely. Or go fully on-device for zero API spend.

Text input mode

When STT is set to on-device, the client sends transcribed text instead of audio:

{"type": "text_input", "text": "What's the weather like?"}

When TTS is set to on-device, the server returns response_text only and skips audio synthesis.

AI Response Rules

Responses are enforced to 1–3 sentences for natural voice conversation
Server-side max_tokens: 150 to prevent runaway responses
Server-side max input: 300 characters (CLACK_MAX_INPUT_CHARS) — transcripts exceeding this are truncated

HTTP Endpoints

Endpoint	Method	Auth	Description
`GET /health`	GET	No	Health check — returns service status
`POST /pair`	POST	No	Redeem pairing code → get auth token (rate-limited)
`GET /pair`	GET	Yes	Generate one-time pairing code
`GET /info`	GET	Yes	Server info: agent name, available STT/TTS providers
`GET /voices`	GET	Yes	List available TTS voices
`GET /sessions`	GET	Yes	List active sessions
`GET /history`	GET	Yes	Get conversation history
`DELETE /history`	DELETE	Yes	Clear conversation history
`GET /context`	GET	Yes	Get current user context
`PUT /context`	PUT	Yes	Set user context (query param `text`)
`POST /context`	POST	Yes	Set user context (JSON body `{"text": "..."}`)
`DELETE /context`	DELETE	Yes	Clear user context
`WebSocket /voice`	WS	Yes	Voice relay connection

WebSocket Protocol

Endpoint: ws://<host>:<port>/voice?token=<RELAY_AUTH_TOKEN>

Client → Server

Message	Format	Description
`{"type":"start","config":{...}}`	JSON	Start session. Config: `voice`, `systemPrompt`, `echo`, `sttProvider`, `ttsProvider`
Binary frames	bytes	Raw PCM audio (16kHz, 16-bit, mono)
`{"type":"text_input","text":"..."}`	JSON	Local speech mode — send text directly
`{"type":"end_speech"}`	JSON	Signal end of speech, triggers processing
`{"type":"interrupt"}`	JSON	Cancel current TTS playback
`{"type":"ping"}`	JSON	Keepalive
`{"type":"set_context","text":"..."}`	JSON	Set user context (sanitized before saving)
`{"type":"auth","token":"..."}`	JSON	Authenticate (alternative to query param)

Server → Client

Message	Format	Description
`{"type":"ready"}`	JSON	Session ready
`{"type":"auth_ok"}` / `{"type":"auth_failed"}`	JSON	Auth result
`{"type":"processing","stage":"..."}`	JSON	Stage: `transcribing`, `thinking`, `speaking`, `filtered`
`{"type":"transcript","text":"...","final":true}`	JSON	STT result
`{"type":"response_text","text":"..."}`	JSON	LLM text response
`{"type":"response_start","format":"pcm_16000"}`	JSON	Audio stream starting
Binary frames	bytes	TTS audio (PCM 16kHz, 16-bit, mono)
`{"type":"response_end"}`	JSON	Audio stream done
`{"type":"tts_cancelled"}`	JSON	TTS playback was interrupted
`{"type":"context_updated","text":"..."}`	JSON	Context saved — `text` contains the sanitized version
`{"type":"context_cleared"}`	JSON	Context was cleared

Features

Multi-provider STT/TTS: ElevenLabs, OpenAI, and Deepgram support
Independent voice input/output configuration: Choose STT and TTS providers separately — full control over how your voice is transcribed and how the AI speaks back
On-device speech: Apple speech frameworks for STT and/or TTS — zero API costs, mix with cloud providers freely
Cost optimization: Use free on-device transcription with premium cloud voices, or go fully local for zero spend
Voice response rules: AI responses enforced short (1-3 sentences, max_tokens 150)
Input length limiting: Configurable max transcript length (default 300 chars)
Confidence filtering: Low-confidence STT results are discarded
Echo detection: Prevents feedback loops (TTS → mic → STT)
Echo test mode: Test audio pipeline without LLM (server-wide or per-session)
Audio normalization: Peak normalization with capped gain for echo mode playback
Audio chunking: Long recordings auto-split for reliable transcription
Hallucination detection: Filters repetitive/nonsense STT output
Interrupt/TTS cancellation: Cancel in-progress TTS for all providers
Pairing system: Rate-limited one-time codes for secure device pairing
Session isolation: Each call gets its own clack:<uuid> session
Conversation history: Shared across calls, 50 messages max, persistent
Token auth: Constant-time HMAC verification
Keepalive pings: Prevents client timeout during long LLM responses
Silence detection: Default threshold 220, configurable range 20–1000
Auto-restart: systemd restarts on crash

Voice Configuration

20 built-in ElevenLabs voices available. Default: Will. Pass voice name or ID in session config:

{"type": "start", "config": {"voice": "aria"}}

Available aliases: will, aria, roger, sarah, laura, charlie, george, callum, river, liam, charlotte, alice, matilda, jessica, eric, chris, brian, daniel, lily, bill.

Environment Variables

Variable	Default	Description
`RELAY_AUTH_TOKEN`	—	Required. Client auth token (32-char)
`OPENCLAW_GATEWAY_URL`	`http://127.0.0.1:18789`	OpenClaw Gateway URL
`OPENCLAW_GATEWAY_TOKEN`	—	Gateway bearer token
`STT_PROVIDER`	`elevenlabs`	STT provider (`elevenlabs`, `openai`, `deepgram`)
`TTS_PROVIDER`	`elevenlabs`	TTS provider (`elevenlabs`, `openai`, `deepgram`)
`TTS_VOICE`	`Will`	Default voice (name or ID)
`VOICE_RELAY_PORT`	`9878`	Server port
`CLACK_ECHO_MODE`	`false`	Enable echo test mode server-wide
`CLACK_MAX_INPUT_CHARS`	`300`	Max transcript length (chars)
`CLACK_HISTORY_DIR`	`/var/lib/clack/history`	History file storage directory
`CLACK_MAX_HISTORY`	`50`	Max conversation history messages
`CLACK_AGENT_NAME`	`Storm`	Agent name shown in the iOS app

Provider API keys (ELEVENLABS_API_KEY, OPENAI_API_KEY, DEEPGRAM_API_KEY) are stored in config.json with restricted file permissions, not as environment variables. The setup script manages these interactively.