Signal

Signal integration via signal-cli (JSON-RPC + SSE) with E2E encryption, DMs, groups, reactions, and read receipts.

Signal is OpenClaw's privacy-first channel integration, connecting your AI agent to the gold standard of encrypted messaging. Unlike Telegram or Discord which use bot APIs, Signal integration works through signal-cli — a command-line client that OpenClaw manages as an external daemon. Communication happens over HTTP JSON-RPC with Server-Sent Events (SSE) for real-time message delivery, giving you true end-to-end encrypted conversations with your AI agent. Setup is more involved than Telegram or WhatsApp because it requires installing signal-cli separately (either the JVM or native build) and either linking to an existing Signal account via QR code or registering a dedicated phone number with SMS verification. The recommended approach is a dedicated bot number to avoid conflicts with your personal Signal app. Once connected, OpenClaw handles the daemon lifecycle, reconnection, and message routing automatically. Signal's feature set is deliberately focused: text, images, audio, video, files, reactions, and group support. You won't find polls, inline buttons, stickers, or threads — Signal prioritizes privacy and simplicity over feature breadth. What you do get is genuine E2E encryption for every message, typing indicators, read receipts, and UUID-based sender identity that doesn't leak phone numbers in group contexts. The external daemon mode is particularly useful for advanced deployments. You can run signal-cli in a container, on a different machine, or behind a load balancer and point OpenClaw at its HTTP endpoint. Multi-account support, pairing-based access control, and per-group policies provide the same security model as other OpenClaw channels. Signal is the right choice when privacy is non-negotiable.

Tags: messaging, privacy, encrypted, e2ee

Category: Messaging

Use Cases

  • Privacy-first personal AI assistant with E2E encrypted conversations
  • Journalist or activist communication assistant with maximum security
  • Healthcare or legal AI assistant where message confidentiality is critical
  • Secure notification channel for sensitive alerts (server breaches, financial transactions)
  • Private group AI assistant for small teams needing encrypted communication

Tips

  • Always use a dedicated phone number for the bot to avoid de-authenticating your personal Signal
  • Use the native signal-cli build for dramatically faster startup times
  • Run signal-cli as a systemd service (external daemon mode) for maximum reliability
  • Set startupTimeoutMs if you're using the JVM build and experiencing timeouts
  • For containerized deployments, use httpUrl to point OpenClaw at a separately managed signal-cli instance
  • Test with 'openclaw channels status --probe' to verify the Signal connection
  • UUID-based allowFrom entries (uuid:<id>) are more durable than phone numbers

Known Issues & Gotchas

  • Registering a phone number with signal-cli WILL de-authenticate the Signal app on your phone for that number — use a dedicated bot number
  • signal-cli JVM build requires Java 25+ and has 10-30 second cold starts — use native build when possible
  • Captcha tokens for registration expire within seconds — complete the registration command immediately after solving the captcha
  • The captcha must be solved from the same IP address that runs the registration command
  • Keep signal-cli updated — old versions break as Signal server APIs evolve
  • QR link mode creates a secondary device, not a standalone account — the primary device must stay active
  • Phone numbers must be in E.164 format with the + prefix
  • Group messages don't support mention detection the same way as Telegram/Discord — relies on regex patterns

Alternatives

  • Telegram
  • WhatsApp
  • Matrix
  • Nostr

Community Feedback

Signal + OpenClaw is the only setup where I feel confident my AI conversations are truly private. E2E encryption all the way.

— Reddit r/selfhosted

Signal setup took me a couple hours vs 5 minutes for Telegram. But once it's running, it's rock solid. Use the native build — JVM cold starts are painful.

— Reddit r/openclaw

If you're going to have an AI assistant that knows your life, at least make sure the transport is encrypted. Signal is the only real option.

— Reddit r/privacy

Pro tip: use a dedicated number for signal-cli. I made the mistake of registering my personal number and it kicked me off Signal on my phone.

— Reddit r/openclaw

Frequently Asked Questions

Will signal-cli de-register my personal Signal app?

Yes, if you register the same phone number. signal-cli registration creates a new primary device, which de-authenticates the previous one. Always use a dedicated bot number. For existing accounts, use QR link mode (Path A) which creates a secondary device instead.

Do I need Java installed for signal-cli?

Only if you use the JVM build. The native build (signal-cli-*-Linux-native.tar.gz) is a standalone binary that doesn't require Java. The native build is recommended for faster startup.

Is my conversation with the AI actually end-to-end encrypted?

The transport between your Signal app and the signal-cli instance is E2E encrypted by Signal protocol. However, once the message reaches OpenClaw, it's decrypted for processing. Your messages are encrypted in transit but decrypted at the OpenClaw server.

Can I run signal-cli in Docker?

Yes. Run signal-cli as an HTTP daemon in a container, then configure OpenClaw with httpUrl pointing to the container's endpoint. Set autoStart: false so OpenClaw doesn't try to manage the daemon.

Why is signal-cli so slow to start?

The JVM build requires Java cold start time (10-30 seconds). Use the native build for near-instant startup. If you must use JVM, increase startupTimeoutMs in your config and consider external daemon mode.

Does Signal support streaming responses like Telegram?

No. Signal doesn't support message editing, so streaming via edit-in-place isn't possible. Responses are sent as complete messages once generation finishes.

Configuration Examples

Basic setup with QR link

channels:
  signal:
    enabled: true
    account: "+15551234567"
    cliPath: signal-cli
    dmPolicy: pairing
    allowFrom:
      - "+15557654321"

External daemon mode

channels:
  signal:
    enabled: true
    account: "+15551234567"
    httpUrl: "http://127.0.0.1:8080"
    autoStart: false
    dmPolicy: allowlist
    allowFrom:
      - "+15557654321"

Group-enabled setup

channels:
  signal:
    enabled: true
    account: "+15551234567"
    cliPath: signal-cli
    dmPolicy: pairing
    groupPolicy: allowlist
    groupAllowFrom:
      - "+15557654321"
    groups:
      "*":
        requireMention: true

Installation

Built-in (bundled with OpenClaw)