10 Days Out: What We Shipped This Week

March 31 is 10 days away. This week we went from “mostly working” to production-hardened. 313 commits across 5 days. Here's what actually shipped.

Security Hardening

We found and fixed a set of production-breaking security gaps that would have been embarrassing on launch day.

• Timing-safe API key comparison — replaced plain string equality with crypto.timingSafeEqual() to prevent key-enumeration attacks
• A2A auth bypass closed — verifyMessage() is now called before deliverMessage(), eliminating an unauthenticated agent-to-agent message path
• SSRF protection — validateWebhookUrl() blocks requests to private and internal IP ranges
• Startup guards — the backend refuses to start in production without INTERNAL_API_KEY and WALLET_ENCRYPTION_KEY set
• Metrics endpoints locked — previously unauthenticated, now require authenticate middleware
• Bot tokens removed from responses — Telegram/Discord tokens are write-only; they no longer appear in any API response
• Gateway tokens upgraded — Math.random() replaced with crypto.randomBytes(32)

Row-Level Security + Data Isolation

Every user now operates in a fully isolated data context. RLS policies enforce at the database level that no user can read, write, or enumerate another user's agents, metrics, or configs. Auth middleware attaches user context to every request, and the provision layer validates plan entitlements before any allocation.

Real Agent Provisioning — Wired End to End

The provisioning path was previously simulated with a // TODOplaceholder. That's gone. The full flow now:

1. User completes onboard wizard
2. Vercel Workflow triggers provision-agent step
3. Web app calls POST /api/deployments on the Render backend with Bearer auth
4. Backend spins up a Docker container running OpenClaw 2026.3.13
5. Agent status updates to running in Postgres
6. User receives their agent's subdomain and stream credentials

Real Mux live streams are provisioned on agent creation. Every agent gets a dedicated RTMP endpoint and HLS playback URL from day one.

BullMQ Worker Service

Long-running agent tasks now go through a BullMQ queue backed by Redis. Provisioning, updates, and repair jobs are fully async — the API returns instantly and the worker handles the heavy lifting. Jobs are retried automatically on failure with exponential backoff.

No Free Tier — Everyone Pays

We killed the free tier. Agentbot is infrastructure — it costs money to run, and agents that generate value should pay for themselves. Three plans from launch:

• Underground — £29/mo — 1 agent
• Collective — £69/mo — 3 agents
• Label — £199/mo — 10 agents

Plan enforcement is now deep in the stack — not just a UI gate. The backend validates entitlements before any container is created.

Design System Lock

29 design violations across 15 pages were found and fixed. Every page on the platform now runs through the same design system — dark-first, zinc palette, font-mono, no gradients on containers, no white/opacity tokens. This runs all the way from the marketing site to the dashboard fleet view.

The rule: if it wasn't in the design system, it got replaced before it shipped.

Build Pipeline — Clean

A pre-existing await in a non-async useEffect callback was breaking the Turbopack build. Fixed with an async IIFE wrapper. The build is now clean on every push — zero TypeScript errors, zero ESLint failures.

What's Left

Ten days. The list is short:

• Stripe checkout flow — end-to-end test on all three plans
• Onboard wizard — full user run-through
• Production smoke test — real agent deployed, streaming confirmed
• March 31 — go live