Run OpenClaw on Workers

stuff that happened and I kind of missed out. I missed out on something uh pretty big and I I've been seeing these news uh headlines flash through and I brought on some experts here to talk today to us. Uh I would love for you all to meet both Sid and Andreas and I'm going to do the thing that all hosts do where I say, "Hey, how do you introduce yourself these days?" Sid, what what is Let's start with you, Sid. Sid, how do you introduce yourself these days? What's up, Craig? Uh well, um my name is Sid. I work at Cloudflare. I've been here about four years and uh yeah, I work on workflows mostly, but this has been a fun sort of experiment on the side. Awesome. And Andreas, please please tell us tell us what what what is it that you do here? Uh I'm new here. I I just joined in December. I used to be a co-founder at Replicate that just got acquired and uh still working on Replicate but sort of got pulled into this um molt worker open claw thing and had a lot of fun with that for for a couple of weeks now. Awesome. And uh Andre, I've been a fan of yours for so long. I can't believe that we haven't ever had one of these before that we haven't actually. I'm so excited. This is going to be super exciting for for everybody uh watching at home. And so I want to talk a little bit. So, I'm a developer educator. I think that like what just happened with this I love to hang out in the AI space. I was at a conference. I was at basically a two-week conference and I missed it all and I saw you all having fun and I need to get up to speed with first of all like what what in the hell just happened though? Everything went wild for a while for a bit here. So, so people were out buying things and people were running and trying to figure and and this craze really took off. Um, and can we can we put this all together? So, it's I don't want to get in trouble because I think that like we could probably say the old name of it, but it had to change because of legal reasons. The the original name, right? Do you remember what that what what was the original name of this thing? I'll take one for the team. Okay. It used to be called Claudebot and then it got but but not but not C L A U D E. Well, no, but Claudebot with a claw. So, that was C. Okay. So, we've got we've got little little claws. All right. And then I think midway through us creating the repo and working on things, it got renamed to Moltbot. I remember sending some, you know, a chat message internally saying, "Hey guys, I just woke up. I think they've renamed it." Um, and malt malt is Who which one of you knows what that means? What why is what's molt? Never heard the word before. What does it mean Andreas? I don't know. make this from from my understanding it has something to do with what happens to a lobster. So So they're they're they're really leaning into the claw. They got in trouble, right? Because claude sounds like you you can't say claw. It sounds like the other thing clawed, right? The anthropic claude. Um and so mol is something that happens to lobsters, but I don't think anybody knew what that was. So I I And then it became I actually like the new name. It's called Open Claw. Open Claw, right? Okay. I kind of like it. It's better than I think I like it more than Molt for sure. For sure. I mean, it sounded like some sort of wizard thing. I was like, what is this other thing that's happening? And why is it also a crab? It's like, oh, it's the same thing. So, it was very hard. Yeah. Yeah. Yeah. They like they've all stuck around, right? People still refer to it as as Claude bots and then Molt book happened and then like Molt is forever stuck with that. Twitter. Um, I mean, I'm not, you know, I wouldn't blame anyone for calling it the old name. So, yeah. So, so what what is it? Why why is every So, so what first of all, what what is it? What's going on here in general? What is open claw? Well, it's it's an agent, right? But it's an agent that has that has claws, which which was the sort of the original naming. It has it has um like effectively like, you know, sensors and actuators. It it can uh you can talk to it in your uh telegram or WhatsApp or signal uh me messages app. Uh and then it can just like do anything really like you know people give it access to their emails and their calendars and um uh Google flights or whatever and it can you know do your whole schedule. People give it access to their fridge you know like the whole the whole sort of IoT space. It's kind of crazy fridge, man. I don't think I can access my fridge. No. What fridge are you using? It's not my It's not my fridge. No. Um, but yeah, I I think that's kind of it's it's like one of those things like when the iPhone came out, everyone's like, well, you know, I have my old like, you know, Nokia, whatever. It can I can send messages. But I think I think the nice thing with with Open CL is the way that they just packaged all of this together. So you like you don't have to, you know, write a bunch of MCP servers and stuff to make it work. It just kind of worked all out of the box. So do you think that it's a um is it because it's also the time? I feel like we we just recently hit this like place where literally everybody I know is now finally leaning into to using uh uh coding agents at least, right? So agents have are are like aha here. It's like I feel like a November happened. Is this just a is this a timing thing or is there something like really special about this? No, I'd say I I I'll quickly jump in. I I I think what happened and I I I suspect all of us had the same experience at least for me was that December 25th happened which is when oh was it November 25th when the new Opus 4.5 came out and Sonic 4.5 came out and I think between that time and Jan I was out on holiday for a bit and on holiday I think we were all playing with clawed code and then open code and that just completely dramatically shifted what my experience is dayto-day at work like did for I think everybody and I think those couple of weeks there is when things got real for us, right? Like we we'd used AI models before but suddenly you could have these AI models running on your machine to you know go search the web or like figure out how to fix a bug and fix it for you. And uh it's obviously been a very fastmoving space so it's hard to keep up. But I think what Peter, the author of Open Claw, Peter Steinberger, I hope I'm getting his name right. I don't think it's Steinberger. But I I I do think it starts with an ST, but you added a burger there. I I understand what time what time of day it is. Oh well. Anyway, Peter Peter Openclaw, right? Peter OpenClaw. Mr. Mr. OpenClaw. Mr. OpenClaw, who's an absolute legend. Um I think what he did really you know I think what's really interesting about open claw is that you take all these primitives that people have used you package it together and everybody had the same question of hey I have open code running and it's great but I kind of want to talk to it when I'm out and about on my phone you know when I'm walking the dog or when I'm cooking I kind of want to keep track of what my agent's doing. Yeah. And I think this has been the first sort of you know uh accessible um proof ofconcept SL project that does that and it does it quite well I I'd say andreas that's that's you were talking like telegram is the the way or or text message is kind of how the there's this new chat flow that's happening there. Yeah you told it where like in your existing chat apps. I think the social element is really interesting as well. like I had this this really um kind of I don't know it was a bit of sort of a Eureka moment when Sid and I were playing around with Maltbots and we connected it to Slack and all of a sudden I could see what Sid was saying to the agent because before that like agents to me have been this kind of you know it's I have my personal agent that I talk to but now I can see how Sid interact interacts with it but now I can kind of learn the patterns he's using to talk to his agent. Oh. Uh, and and that that that's a new thing for me. I think that's I think there's something really powerful in that that's kind of underexplored. Oh, that's cool. Yeah. Go ahead. Go ahead, sir. No, I I think to that point to what Andreas just said, we were messing around with this and we had it was funny because when we started, we'd barely it I don't know come out like 3 days ago or whatever, right? And we we knew nothing about it. And we spent a whole day playing with it. And it was so much fun just to sort of be able to say things like, "Hey, can you you know get can you generate a video of me scrolling on agents.cloudflare.com? Make sure you close the cookie banner." And then I'd say that and you'd get a response from the board on Slack. And then Andreas would want to, you know, do some more with it. And he talk to it. And it was it's the first time it sort of felt real in that you can have an agent on your existing systems and pretend like it's a new coworker. So I think that's been pretty wild since it since it's only been a couple weeks. How how does how did that feel? Can you remember? Can you can you bring bring people into how that actually feels? Because I think that like for me there was this like whole wild like people were going out and like literally buying things to to play with this because they saw something happen. Can you capture I mean you did just capture that a little bit but like c capture what that felt like. Yeah, it was I mean it was honestly very impressive. I knew about the primitives. I knew that the primitives worked with open code like on my machine because I'd been using that for about you know a few weeks then and I knew how well how good these frontier models have gotten these sort of models have gotten at at tool cing and being able to sort of write stuff and figure things out. But um it felt very real. It sort of felt like a big shift in that. Okay, now we figured out how to take that and get it like 100x like you know sort of plugging things in cuz I know before that MCPs were all the hype right before like tools and and before before these LLMs got really good at calling these tools on your CLI and MCPS were great but you know you still had to do the work ahead of time to make them discoverable and so on. part with this that you moment for me was I still remember I sent a message about we were trying to set up browser rendering with claudebot I'm sorry open claw right and before we had um and it didn't know I wanted to use browser rendering I mean the chap installed chromium on a sandbox and decided install playright and then go get do you know what I mean so like made those decisions actually executed them and got to completion which was wild to me awesome right um and by the People have been using this for way more interesting things. I've seen Twitter I mean I don't know how much this is true but on Twitter I've seen people um use this to make restaurant reservations. Apparently someone like tried to and and they they claim it worked where they would try to make a reservation and couldn't do it on Open Table. So then it made a phone call and used some other model to like levels you call and actually made a reservation on the phone. And that's insane. Like I think that's like that is what we think of when we think of AI agents, right? At least science fiction. Yeah. And Andreas, what's your what's your moment? Let's let's actually let's let's flip it the other way. Have and this is this this might be really hard to because what I'm what I'm hearing is that I haven't been able to stump it. Like have you have you run into a place where like it doesn't do what you're trying to have it do? Because I think that's part of it too. It's like the frustration's kind of gone. Yeah. Yeah. Yeah. Yeah. I mean it's it's it's the same sort of frustrations as when you're using open code, you know. Yeah, it feels like like the claw analogy is really interesting because it feels like we had this this little kind of neutured lobster without any any any um append appendages. Is that the word? Uh, and then and then we gave it those appendages and turns out that like it could control them really well, but it still, you know, it still breaks and and um and hallucinates and all of all of those things say the same way that that Claude does in in Clawude Code or Open Code, What's exciting is that this is well, I suppose the first one. Yeah. And it's only going to get better from Exactly. I would fully expect OSS to have this sort of stuff built in hopefully soon, right? Like I would expect Mac OS and the new CE with Gemini, etc. to just do these things for you. Yeah. Yeah. Yeah. It it kind of like there's there's something, you know, I'm like a hardcore sort of Emacs user and there's something about Open Claw that that just reminds me of those old lisp machines that people used to run, right? Yeah. That where you could just like, you know, redefine the OS as you were running it. And the fact that OpenClaw has access to its own code and it can restart itself. Oh wow. you can you can just like you know you can give it an API key and say here's an API key for this service and then it'll sort of put that in the right place on the file system restart itself and now it it has access to this thing so it's almost like a self- evvolving thing you know I think that's another of those really really clever thing that Peter did like I think that that and the heartbeat isn't really interesting feature as well where you run stuff on a chron you know you can say like every morning I I want um a new idea for breakfast or something and it'll just it'll just ping you on your phone every morning. Uh just kind of wake itself up rather than everything being kind of a turnbased conversation. Oh, it's push. Yeah, exactly. Exactly. So, there are a few little magical things in there. What did you guys have for breakfast today on that? Porridge like every morning. Yeah. No, I mean I one more really quick example is I remember like to Andreas's point and Andreas was doing this and I was watching on Slack. It was great to see. Now he built replicate and you know he was showing me a lot of stuff on replicate and other models on it to sort of generate images and he started out by asking it to use some models on replicate and it didn't know how to so you know said back that hey I don't know if I have a token and obviously it was just a private slack so Andreas sent the report the token on slack and then it figured out the rest. It like discovered the APIs online, set up the token for itself, persisted it to disk, and then lo and behold, he was using a bunch of replicate pipelines to generate stuff over Slack after never h having sort of installed a skill or setting up an MCP or having to like go to, you know, do you mean? There was no there was no integration. The integration was telling the bot to use it and figure out how to. Cool. Cool. And I imagine, Andreas, I'd imagine that just because you've been in the space for so long that you're skeptical, but I'm the skepticism here seems like it's gone. I'm I'm excited. Like I've I've been, you know, there there's this mode in Claude Code called uh Well, I can't remember the name of it. Like allow everything or something. I've been doing that since Yeah, I've been doing that since like Claude 3.7. Okay. I love you know, it hasn't broken anything yet really. Okay. Awesome. Awesome. So, I do that not on my work machine, but I do on my personal. Oh, man. Note to editors in the future. Please remove that wink. Uh, awesome. So, so, okay. So, this thing's out. People are like raving about it and they are literally going out and buying Mac minis which I I guess still exist. I was like, "Oh, those things are around still. That's cool. People are buying these things and they're buying them. Why are they Why are they buying them? Why are they buying these Mac minis?" I couldn't follow. All I saw was like, "Oh, there's Sil just bought one. Oh, there confidence bought one." Like, why is everybody buying these Mac Minis? What is happening? So So what what was going on? Why why a Mac Mini? Well, it's it's just so that you can keep it running in the background, right? So, while while you're going for a walk, you have this thing that's always on. So, you know, if you're if you're taking your computer with you, you have the this thing. It's just personal server and a Mac just because it can then you can um connect your iMessage app. Oh, that's how it's Oh, okay. It's doing some remote control stuff on the Mac. Yeah. Okay. Yeah, absolutely. I remember talking to Sil about this and uh briefly I think it was on Twitter or somewhere and I think the Ureka the other Ureka moment was if you have it on a machine that you wanted to use which is signed into your iCloud it now can just work with cuz Peter did a really smart thing by building in some cases like you know homegrown CLIs when he needed to using Apple script and whatnot if I remember correctly. So it could just access everything on your machine between iCloud drive and messages and phone calls. And I think that's where the magic is, right? Sort of you can have agents running somewhere else um like Cloudflare or and and of course there's an entire host of security considerations and whatnot which I don't want to get into just yet. But running it on your own machine means it has access to everything you normally have access to, right? So you can tell it to look at your notes and your messages for me, you know, for Gotcha. Gotcha. So people are building like their own little They're using that as like their own little cloud like notes, their own little Mac apps. They're they're talking inside their Mac apps. That's kind of what and and it can run at all times. You can go and hit that at all times. Uh so you guys are thinking about this and you're like, well, we have a serverless platform. Like what? So, you get nerd sniped. You're like, "What would this look like if we did it here?" Right? Is that Is that I'm guessing I'm guessing I've I've seen both of you get nerd sniped in the past. I'm assuming you're like, "We could do this, right?" Like, "We could run this." There was like a spiral of nerd sniping going on like one morning. S and I were talking. I call it nerd snipe driven development. I feel like half the stuff I do now over the last couple of months has just been because someone said, "Hey, can you do this?" Yeah, like my my boss and manager sells so will often, I'm not even kidding, say things like, "I bet you can't do that." And I'll be like, "Oh, okay. Sure." And then I'll do it over the next two hours. And then he'll he'll, you know, he'll he'll troll me about how that was exactly the plan. But, uh, yeah, Andreas and I were talking a lot cuz, you know, about AI and agents and so on, and it came in from one of those conversations. Andreas, do you want to do you want to talk about that? Yeah. What was it? We were talking about we were talking about a lot of things. I think I think it was um the morning when uh Claudebot had taken over Twitter and we were talking about this and you know like why are people buying Mac Minis like you know there are there are you know computers in in the cloud that you can run these things on and we were talking about uh running this on on Cloudflare and what are the sort of the primitives you need to do that we kind of mapped it out and it's like this doesn't sound too too hard. But then I think what happened was that there was um someone else at Cloudflare had the exact same thought, Brian. Exactly. And he he had built a proof of concept uh that day. Uh and then we sort of all kind of found each other um and and created a little little group to just hack on this and see if we could just like get something working in in a day or two. And uh we got we got I mean it's I think this is like a big disclaimer here like this is not a product. Yeah. Right. Right. Right. You know this is this is just like a hacked together little prototype just to see if it worked. Right. And what kind of cloud primitives you would use to build something like this, you know. Yeah. I I I my like goal with this was okay if we can nerd snipe someone else into building something that's like native on Cloudflare here then then we've succeeded. Yeah. I want to bring up somebody somebody in the comments uh said this. They said that they're they're uh ready to consider open call on color. The key seems to be scanning for malware infected skills. Is are we and maybe this is this was are we are we thinking about including uh any cyber security features? Right. So these malware skills, exactly where my brain first went was like, "Oh man, someone's going to take advantage of these poor Mac minis, right? That someone's someone's gonna someone's gonna get in there and Yeah. Uh is is there like talk about using the the so so you just you just very specifically said that this is this is a proof of concept, but like are we thinking about uh taking that farther so that we could show how we might do that? Might might weed out bad skills or I don't even I don't even know what that looks like in this case." like how do you define bad? Yeah, I mean ju just for everybody in the room who who doesn't know what we mean by weeding out bad skills, I think the the sort of explain it like I'm five version is that skills are are markdown files. Um markdown's really exploded, hasn't it? Anyway, skills are markdown files that describe how to do a new thing, right? And that could include stuff like there happens to be a binary called X and just use that when you need to do something you know to authenticate on something or whatever like Cloud Flet. Um some skills can potentially include you know telling your agent to do things that you don't want it to like install a key logger every time the user types about anything and send it there or whatever. Right. Right. Um now to answer the question that's what that's what skills are by the way and that's how they can be malicious. I mean it's not hard to do. we could do one right now. But, uh, to answer the the original question, um, to echo Andrea's point, this was a technical showcase because when someone builds something like this for the first time, I think there's a lot of value in in trying it out, building it on us, etc., etc., to sort of inspire and learn what it would take to build a better version, for example. Um, not that I'm suggesting we'll be able to, who knows? Um, and I know the agents team at Cloudflare has been doing this thoroughly. Um I'm guessing that's something like this is probably on their mind. I wouldn't know. Uh it certainly isn't on my mind and I don't think we've thought about that at all for this proof of concept. what we have done security-wise which I'm actually quite you know pleased about is in fact this was the first thing we did when we were talking about um multas and I both chuckled about how hey you know security is hard etc and people have open ports on their mechanis and they don't realize that but we have access like we have z we have an entire suite of products just for literally this purpose right and that's when you know our had sort of [ __ ] started spinning and we were like hey maybe we can use access. Maybe we can set up like, you know, some kind of VPC, etc. to connect to other uh devices at home. We didn't really get to that, but uh when I show when we show uh the demo and sort of set it up live, you'll see what access does for you. And I think there's some real value there because you have a network level block and the ability to do that. So, you can't obviously you can't get rid of malicious skills with that. But what you can do is make sure that only you can reach that URL. You or folks that you that you you know I see. I think there's some real value to that, right? Like the same way that I could go and install a bad app on my phone, right? This it's the same sort of that that same sort of logic. And then how do you define what that bad app is? It's kind of like this gut of like, oh, that doesn't look like something I should be putting on my phone that gives all that access that I want to have. But so it's like reminding that because I think you're in that time where you're like, "Let's go, you know, and you're just like installing stuff." So I I I think that's a very valid valid concern there. And and by the way, I don't know this specific detail. I suspect the two of you will know this better or we can look it up, but I feel like zero trust like our suite of products and my apologies for not knowing the details here because I I don't really operate on that part of the org much, but I think it has the ability to even have like allow lists and block lists of domains and that sort of thing, right? So Yeah. Yeah. By app, right? Yeah. Exactly. So, if you really wanted to set it up and set it up, well, you now have a central place to say, "Cool, like this is on this machine or whatever. This is running somewhere and I have zero trust." Like, for example, if you didn't ship it on Cloudflare and you deployed it on a Mac Mini or whatever, you could still set up zero trust on it. And at a network level, ensure that that machine can't go to Stripe or can't go to, you know, some domain. So, there's some real value there, I think. Yeah. Yeah. Yeah. and and and it feels like it's kind of ironic, but it feels like we've gone like it feels like open claw is like uh 100% trust versus what it should the product should be called, right? The way that you're just like let's go like let it let it go instead of zero trust. So I I I I agree that's that's cool. That's a cool way to think about it. Let's what what um all right so nerd sniped. You're nerd sniped. You start building. What do you reach for? What does this what does this look like? What and actually I I've seen that there's a blog post. So congratulations both on the blog. The blog is incredible being able to put Andreas, is that your first blog post or are you already on two? This is my second actually. The the replicate announcement was my first one. Awesome. Awesome. So that was credit credit to Celso for writing that. Yeah. Shout out to Yeah, cuz involved in this too, right? I think there's a CSO head on the on the blog post as well. So there there is a blog post of him. Yeah, he's he's amazing. He absolutely. Yeah, absolutely. Um, uh, so I there there there is a blog post. I want to shout out the blog because the blog goes so deep into technical stuff. So whatever it is that we're talking about here, I'm sure that the blog post has even more. So if like if we end up nerd sniping you here, you're like, they didn't talk about enough of what we wanted. There is a blog post here. So Sid Sid just posted uh that out there. So So we should see that come through here. Um uh but I again was at a conference and I didn't get to read this but I was so excited to read this blog because I love I love first of all I love our blog. I think that the world kind of loves our blog. I think when we hire people there's some sort of I'm going to make up a stat. It's like 80% of the people are like oh yeah I know about y'all from the blog like it's like it's a great see Andreas did you learn about us through through the Cloudflare blog too? Like Cloudflare originally? No I I don't remember. I I remember at replicate at replicate we were always like let's get on hacking news with our blogs and like how do how did Cloudflare do it you know single cloud post ends up on the front page content I remember reading it's funny because I didn't know Selo then obviously until I joined and like two years in he switched over to his or I remember reading his blog post on running doom on workers years ago I know him and and I remember when I met him, you know, his name seemed familiar and I looked it up and so I I'd seen a lot of the blog post and it was super exciting because I love how we now I'm inside like I love how we actually really put in engineering details there like it's for nerds. It's absolutely absolutely and and and I appreciate how how deep we dive and again if you want that deep deep dive we've got this here but I want I'm interested in like what if what did it feel like you you've got a box of tools we have awesome primitives right so what what did you go reach for to start building this thing um I'll let Andreas jump in on that um well so so it was it was really Brian that built the the initial prototype um credit credit to Brian and and he built it on um sandboxes. Which which are containers. So you it's it's a runs a docker image but but sandboxes has this nice API for running processes um and things like that on on on those containers. So, um, Brian wrote a script that installs, uh, uh, claw open open claw, uh, as a kind of as, as soon as the container starts. Um, and and then wrote like a little bit of sort of scaffolding around open claw. Um, so that's you can like it sets up like an R2 sync of the of the sandbox content. So it persists if the sandbox um you know sleeps. It's a nice feature of sandboxes is that they they sleep uh when they're not being used with a configurable uh time to live. Um so you don't have to pay for it if you're not using it overnight and stuff like that. Uh so it's like it's it's you know it's a fairly straightforward architecture. It has a worker in front of it. It has sandboxes access for for security. Yeah. underre in for for the for the people at home the the R2 you said there is that's the object storage that we have and uh one of the things that I saw recently which is also cool and this actually what one of the things I like about this project is this really like made this loud right that like you can mount an R2 bucket that's our object storage like our S3 compatible object storage you can mount that to a sandbox and then you do whatever you know we've been playing around everybody's been playing around in the at like we talked talked about at the start of this, we've been playing around in these coding agents and so that stuff's there and it stays. And then of course we're serverless, right? So a serverless sandbox is kind of a concept and you you touched on it there, but like it it goes to sleep. So you don't pay for it because you don't want to you don't want to pay for it the whole time. You you only want this thing running when it's running and you want to wake it up and when you do wake it up, it sit the the file systems there. It mounts and it goes. So that's that's a cool pattern. I think that's really cool. That's that's like and that's new that's newish to us, right? Like I'd say that's like November that we've gotten those superpowers if not like the mounting thing was new to me. I I didn't even actually know about it until I saw saw that happen there. That's really really powerful. Same. I I remember so one of the things I love working about CloudFare is that because we're distributed and uh you know we have people everywhere. It was really funny because this project was a couple of days but like we'd go to bed like Andreas is in uh Sweden, I'm in London and Brew Brian is somewhere in the US. So we'd go to bed and we'd wake up with like 15 more changes and it was it was a great way to discover this stuff. I learned about us being able to mount our two buckets on a sandbox as a part of this. I didn't know that. Yeah. And it's fascinating because it makes it really easy to be able to like back up on ephemeral compute like you described. Sandboxes are sandboxes are built on top of containers. So you're effectively running a cloudfl container and you get build only for the CPU time just like workers. I think that's the real value there because this stuff can get expensive can add up. Um to add to that um we used a couple of other products at Cloudflare. I think a big part of this exploration was also hey you know we have all these primitives. I mean we keep building them and we at this point I think developer platform has pretty much everything you really need to build a production app you know we have cues we have workers workflows durable objects access for zero trust 70,000 models oh yeah um and um the bit that I think was was really exciting thing for me was to see how well they fit. With into each other. We used AI gateway for this as well. Um which is what I wanted to point out. Um for folks who haven't used AI gateway before and you know they might question what the value there is. I'll give you like a 10-second um sales pitch. You know, uh there's a new model coming out every day like Craig said, right? And honestly, it's it's it's wild. They are all great and they keep getting better and switching between them can be a bit of a pain in the butt because you have to like go back get another provider key and change the URL and like you know change sometimes the config blah blah blah. There's no real standard just yet between all these providers. Um AI gateway kind of fixes that and more. AI gateway is um a sort of lightweight proxy on Cloudflare on the cloud and you create an AI gateway instance. We have unified billing which we'll show you in a minute where you don't have to pay the providers. We'll take care of that for you. Just pay us um set up credits on it and you can literally use any provider we have and we have we have a ton of them. We've got like I don't know replicate workers which is our sort of AI platform got you know OpenAI, Anthropic, Google and you know whatever else you'd like and it just makes switching between these models really easy. Like even while testing I think we went back and forth between sonnet and opus and so on to play with them. Um, you also get observability out of the box. So you can actually see what requests are coming in, what's a cache hit, optimize using that. We use AI gateway. We sort of plugged in AI gateway into remote work for it sort of be you know how we use anthropics API. Um, we also played around with browser rendering which is another product. Right. Right. Right. That's the headless browser running. That's the one. Yeah. And um and then that and that's cool because hey okay if you're going to run on a sandbox and you want the ability to you know use a browser to sort of get screenshots or whatever like browse the web um that can in that can often be quite expensive to run on the sandbox right it's not cheap in terms of compute or memory browser rendering is hosted everything's taken care of it's a managed service you literally just call an API over a binding and you can browse the web yeah so cool so cool hey there's a there's a question that came in across here uh it says Isn't the value of open claw its constant heartbeat and checks? The answer to expensive is running the heartbeat with less expensive models, but doesn't does it have to be 24/7 to to be going to be really useful if we think about that the heartbeat. Yeah, it's I think it's I think it's a really good question and it's something that we're not really taking advantage of sandboxes um in in the current uh malt worker implementation. Uh like one of the sort of things that we were trying to do with molt worker was like we we wanted to run it sort of as it is without changing the internals. Um but heartbeats uh and sandboxes are really nice combination like if you were to build something like this yourself. Sandboxes has this uh you can wake them up on a chron um so you can you can have them fall asleep and then and then you know at scheduled time you wake them up. that's not built into malt worker. Um so so uh there really good point in that question that you know if you want to do a lot of heartbeats you you kind of need to keep something running 24/7. Um but if I was to build this myself uh on Cloudflare it would you know it's I basically like I've kind of done that since we built Mworker I just wanted to see what it looked like just building it straight with Cloudflare primitives. It's not a lot of code, very very vibe codable. And then you get this kind of you get the the benefits of sandboxes auto sleeping while you also get the benefits of the heartbeat. So it's all kind of built into the primitives. It's just that we're not using them for mult worker at the moment. And I actually almost somewhat disagree. I don't think the the actual value is there. I mean maybe there is there's some value there, but I think the real value is having this vented system. Now if you send a message like via telegram or whatever and your sandbox is asleep it will wake up and it will then process that and come back right so you still get the ability to have this evented communication at you know you know even while you're sort of down spin it up then on demand um of course with heartbeats etc I do it differently like Andreas said but yeah yeah I think and you know that's that's a problem that we've solved right so durable objects has this really great websocket implementation where I can connect to it with a websocket and as far as my client knows the server's up and running, but it's not. And when I go to shoot something across there, hello, I'm I'm awake again. I'm I'm ready to take your message and it it you know, it's it the way that these the way that our our engine runs, right? We're on that V8 isolate engine. So, it's like almost lightning fast. You don't you don't wait for the thing to okay, here I come, I'm ready. It's like boom, there. So, I I feel like that's a nice that's a nice bit. And yeah, I would think that you could do the heartbeat like Andreas was saying that you could do the heartbeat with with cron jobs. I think that you could could could uh and and workers provide cron. Our agents SDK has a nice schedule function as well. So uh I've seen a lot of people use that to be like hey in 15 minutes I want you to or or hey tomorrow morning tell me about what suggest a new breakfast thing. That will just work right like in English drop the drop a schedule in there. So I think like I I think that um if anything people are going to be nerd sniped by this and that that to that question about this is expensive to run. How do I do this in in another way? I think that there's there are solutions here that that that you that will be exposed you know as as you go and play with the stuff. So a agent SDK has a lot of this stuff already. It's so easy to use. That's what I was using when I was trying to basically like reimplement uh open claw um on on Cloudflare. Um, so all kind of comes out of the box there. Nice. Awesome. Do Do you have a demo? Do we We didn't even try to see if you could share your screen. Do you want to try to do that or should we just talk through it? Um, we can we can share and do it uh if you'd like. Uh, we have a I mean, the goal was to to to have a really scrappy um sort of setup together on the call. And uh, hey, it could work. It it might not work, I guess. You know, I love it. Let's do it. All right. All right. So, I'll I'll go ahead and share my screen and uh let's see how you know how demos go, right? This is the first part of the demo. Can he figure out how to share the screen? Oh, he did. Hey, we had 100% success right now. That's the demo. Bye, guys. All right. So, so this is the GitHub project for Molt Worker. Um we're calling it Molt Worker. We should probably renaming it. I don't know what do you call it? Open claw worker. Like I don't even naming is hard, man. Yeah. Right. Right. Your mode worker is stuck. Um but um this is the GitHub repository. It's got a huge readme with a lot of things because there's a lot of nuance and a lot of things can go wrong. Um it's been a pretty active community on issues and PRs already, which is really nice to see. Thank you everybody for that. Uh what we're going to do is we're going to go ahead and set this up. So I've gone ahead and created a new CloudFly account called SID account. I don't know why I didn't put the apostrophe s there. But um what I'm going to do is I'm going to go ahead and um pretty sure it's already cloned. So I have it right here. Let's make sure I have the latest. I'll go ahead and uh uh you know reset that. Um there you go. And uh let's check out Wrangler. I don't know what I changed there. So you do have a double screen going on. You see the little I can see your screen. There's a screen of us clicking the pop out thing. There we go. There you go. Thank you. And then maybe maybe the hide the button thing at the bottom there too. That is a really good idea. See, you can tell who does this often and who does I just tried. People are like, "How do I close that window?" Like, yeah, we're taking like 10 minutes to figure that out. All right, so um I have the repository, which is great. And this is the repo on zed. As you can see, it's basically got, you know, this little source file with a bunch of stuff in there. But the the most important bit is that we have this this worker which is sort of the entry point to everything, right? And then ends up the sandbox as it's as it's required. So, I won't go too deep into this. I want to go ahead and deploy it for us and see what that looks like. Now, um, hey, deploying things on CloudFare is actually shockingly easy. If you haven't done it before, all you need to do is npx wrangler deploy. Uh, I'm pretty sure I don't have dependencies installed. So, let me go ahead and do that first. Um, I am also sure that I would have to edit my npmrc because I'm pretty sure my npmrc has some cloud specific stuff. So, give me one quick second there. Uh, let's see. Yes. Okay, now everybody has my secret. No worries. Uh, we will we will cut that in the future. Editor, note to the editor. Uh, we talked about this before the call about how I'm going to have to rotate basically everything, okay, after this call. Uh, and I'm prepared to do that. That's okay. So, I'm going to go ahead and and save that. Um, and now we'll install our dependencies. That should take a quick second. Um, I feel like this should just play like a like a like some music or something when it happens, right? Oh, there you go. That was quick. All right. Great. So, now we have our dependencies and all you really need to do is run npx wrangler deploy. It's really that simple. Um, there are a couple of secrets that this needs as you'd expect. Um, we will have to set them up. The good thing is that we can do that after we deploy because we've sort of built in the ability for it to tell you which ones you're missing, which I really appreciate. Like that was Brian. I mean, Brian's fantastic. So, as you can see, this is now building my worker. It's gone ahead and used V to build it because there's there's a front for the admin that I was describing earlier. It's gone ahead and uploaded everything. um which means we should be able to see it in the dashboard really quickly. You'll notice that there's an R2 bucket connected here which it also created for us which is gold bot bucket right and um I think Andreas was talking initially about what that's for. Andreas why don't you tell us more about why we have an R2 bucket here. It's for syncing the the sandbox file system. So like the Yeah. Um what what is it it's actually sinking? Um it's it's your well it's it's the whole kind of state of of of open claw like any changes it makes to itself and um any paired devices and stuff like that. Yeah. And the the thing what's interest I mean the important part there to know is that open cloud and by the way I'd already deployed this so I have to delete it and deploy it again. Sorry about that. But um what's important to know here sorry thanks for being honest. Yeah, really shown it. But what um what you have to remember is that OpenClaw will write a lot of stuff to disk as you work with it, right? Has memories and skills and all. That's how it stores stuff, right? Like I feel like that's that that's kind of like that's its database, if you will. Yeah, absolutely. And you know, as you know, LLMs are great with markdown. They tend to use that. They're very sort of markdown native, right? So they'll store all of that stuff on disk. But when you have these ephemeral containers, you might not have a disk. Um, and that's what that's what we use R2 for. Like Andrea said, we use to sync that so that even if it isn't alive and then like wakes up later, it still has all the stuff that it would have expected. Nice. So I now have this deployed in theory, right? So I've gone ahead and deployed it. You'll notice that it also deployed a sandbox. Um, it said the image uh already existed. In fact, that's why I deployed it earlier because, you know, no one wants to watch my machine build a Docker image for five minutes. So, now that this is up, I should be able to just hit this URL and see what it says. There you go. Now, it said it can't run because there's about 15 secrets that I haven't added yet. Um, and and and you know, that can be really tricky for people to sort of know which ones they miss. So, I'm really, you know, I'm really proud of this screen that we have here. So, we're going to go ahead and add each of these secrets one by one. I'm going to go ahead and open workers and pages on the dashboard. Um, this is the multiport sandbox worker that we just deployed. And I'm going to go ahead and add a bunch of these secrets one by one. So, let's go through them together. We have the multipot gateway token. Now, this is um purely a sort of shared secret between um um multipot um and um the browser session. So, it's not, you know, it doesn't have to I mean, it's it's something that you can just generate yourself and go ahead and paste there. I think we generated one with OpenSSL a little while ago. So, I've gone ahead and pasted that here. Um, that's what that is. Next, you're going to need, let's see, CF access team domain. This is a fun one. So, you want to set up Cloudflare access like um, you know, we were talking about earlier because in theory, you want to be able to be the only one who accesses your bot. It would kind of suck if anyone else logged in and was able to, you know, use your things. Um, so what you want to do for that is set up this zero trust. What did you do right there? How did you do that? Command K. Command K. Look at that. Yeah, I love it. Um, there you go. So, zero trust access controls applications is what you want to open. Now, like we, you know, said previously, zero trust is this way to have, you know, these this sort of or authority sort of proxy in front of your app and Cloudflare. Um, and I think it's it's really sort of underrated. I think it's it's an absolute bang. So, I'm going to go same. Yeah, you're like, "Oh, wait. We have all this." Every time you need to do something like this, wait, we I can do this. It's wild, isn't it? We use this a lot internally, right? we we we you can put a say anybody who's you know if you're building an internal app if you're like hey I'm going to I want only people with this domain to be able to access here it will actually send you an email link and all all that stuff it's really handy so this is called access fantastic and and just yeah sorry one one thing I've been doing with access um uh is I've checked out the Cloudflare Terraform repo to my local machine and then I've asked Claude to write me Terraform for you know any kind of access rules you want know it and it can sort of read through all of the documentation in the cloud for Terraform repo and like in 10 minutes you have like a a you know secure login screen for your thing which would have taken you know oh wow hours of work that's super clever that's really clever I like that trick my own trick I love that we support Terraform across the board for a lot of these things so like if you're not like you know silly like me who uses the dashboard set everything else. Um um that can be a really quick way to sort of you know get more done by just like setting and also often you want your infrastructure to be sort of terraformed isn't it? Yeah. Um, so I've gone ahead and created this access application. As you might have seen, there's also a policy that I've created. You have to sort of create multiple policies based on sort of who can use it, right? And all I've said is that only include my email and please don't send me spam on this. I just got it. But uh, so that's what the policy is. It'll make sure that only I can log in and only people who have access to this email address can login. Right. Um, I've gone ahead and deployed the application to one subdomain, which is the one we just deployed on, which is, you know, where the worker is. That's multiport sandbox, you know, blah blah blah. And um the the um the keys that I was initially setting up, one of them needed my application audience tag. So, I'm going to go ahead and copy that here. And I'm going to create a new secret based on the value. I do not remember what I believe it was this one, wasn't it? Let's confirm that. Um yes it is CF access audience. So that's the second one. This is going to be a long evening folks All right. So then there's CF access team domain. Now this one's interesting because you can obviously create you know you can have multiple access policies across organizations and teams. You want to pick the right one. And the way to find that one for my account is you go down to settings and you copy it from here. All right. So we're going to set that one up. That's done. Right. Man, I'm realizing I'm realizing right now that you must run into places where they use, you know, a lot of services use SID for like service ID or string ID. That must be really confusing for you. It's like SID, H Yeah, you're not wrong. Um, so you need an account ID so that we know or rather, you know, the app knows which account ID to make API requests to. for Cloudflare. I'm going to go ahead and give it this account ID as a value and I know this is boring, but uh give me another I'm having a great time. So, don't All right. I appreciate you're doing great. You're doing a great job talking through what this is and that this is all set up and then Andreas already mogged you and he's like I I would have just done this with Terraform. You already got that. That's that wasn't my intention. I think it's I think it's just a neat neat like like the things you can do in 2026, you know? writing terraform used to be this like hellish, you know, figuring out this DSL and stuff and now you just point code at it and it just dude I've written Terraform by hand years ago and I never enjoyed it and now with MLMs it's it's the things that you don't enjoy doing which you don't have to do anymore now as a result. It's wild, isn't it? That is exactly when you should reach for AI. Every time you're like I don't want to do this. I don't need to. Yeah. Oh, CSS CSS and Terraform. Oh yeah. I'm going to create an API token now. I have $10 on this account. Please don't steal my token. But if you do, you know what? Enjoy. Yeah. Yeah. You deserve it. If you get it, you deserve it. If you figure this out and copy it with that one frame, then please use the $10. I support you. So, we have these secrets up now, right? So, to recap, I added a Multipot gateway token, which is to be able to sort of authenticate my browser with Multipot. Um, there's a CF access audience which is the audience. It's just a tag for the specific app that you know that was set up on access that we set up right now. The team domain which is specific to my account. The um gateway's account ID because we're going to use AI gateway. So I just copied my account ID. Um the gateway ID which is you know I created an AI gateway and I I added the $10 to it. The name of it you want to pop in here. And finally an AI gateway API key. And that's it. So I'm going to hit deploy now. Let's see what happens, right? Fingers crossed. And that AI gateway name, you might say like for what team it's for or something more specific than just AI gateway. So yeah, don't name it. Don't do that. Don't name it. It's like naming a worker called worker. Don't do that. The old X variable. Oh, I'm hit refresh now. And this time it should There you go. All right. waiting for more to work to load. Now, by the way, you would have seen access typically. You don't I didn't see it here because access is really smart and sort of makes sure that you have, you know, it's my browser has a cookie and it knows how to identify me and it keeps the session open for 24 hours. If I hadn't um already logged in previously and if you if one of you folks want to hit this URL, um you might want to can you open it in an incognito window just so we see what it looks like? Oh, yeah. That's not that's not a bad idea. I have a feeling that will also work. Oh, there you go. That worked. You know, some funnily enough, sometimes this also just works because I have zero trust on my machine. And like warp is really cool because it has this ability to like keep you logged in even on different browsers, which I find really fascinating. But yeah, um customers of of workers and and uh and the zero trust frame love the fact that they can do that, right? Like like anybody who's on on our that's what this is for. Anybody here could just log in. So cool. Y absolutely. And as you've noticed now, I entered my email address. Now, if I had entered an email address that wasn't in that policy, it wouldn't work. But because it is, if I enter the code right now to log in, you'll notice that I'll be in. So, this is this is how you sort of protect your you know your your any site really, not just open claw, but this is how you use access. Um, all right. I'm going to close the incognito window. Go back to this one. You'll notice that it says pairing required. Now this is an open claw thing which uh by the way this is the open cloud dashboard if you haven't noticed but um you have to pair every sort of um session manually. I think opencloud typically wants you to do this via the CLI. Um we don't really have bash access to that sandbox. What we've done on our on molt worker is built this admin thing that shows you the pairing requests and when when I hit approve now um you know which is on my Mac Intel which actually is a lie. That's not Mac Intel, it's Mac Apple Silicon, but whatever. Um, when I hit approve, it is going to call the CLI under the hood in the sandbox to sort of approve my pairing request. Gotcha. If that makes sense. So, let's give that a second. This can take some time. I've noticed we've got you got a little your window came back. The window that you so carefully closed this don't learn, do they? You opened an incognito window was that did it. All right. So now you'll notice that I'm in. Okay. Which is shocking because I did not expect this demo to work. Well done. Hey. All right. Let's see. Let's see. Nobody else. Nobody else to Oh, that's true. That's true. Let's not get ahead of ourselves. Okay. I don't know, guys. It says hello. So, this is the OpenCloud dashboard. And I'm going to go ahead and say hello there. And in theory, it should respond um by using AI gateway to call I believe opus or sonnet is the default. I forget which one. Andreas will know. Yeah, default. There you go. Hey, I just came online. How sweet is that? So, they all they have like a nice there's a nice system message vibe to this thing. Yeah. Okay. And and you know, here's you know, you were talking about R2. You were talking about the disc stuff. By the way, I haven't set up R2 on this one. I don't think I have. Maybe I did. I don't know. Um, we should check. But I can give it a name. I can say, um, I'll call you, uh, Agent Smith. Uh, oh, careful. Yeah, I know, right? What am I manifesting? Yeah, you you did this. And this is how it began. Uh, look at that very matrix. It got it. It got it. Yeah. Yeah. Gets you. Now, um, now that we have this, I I know we don't have a lot of time, but I want to show you one more thing. Okay. Um, just one more thing. One more thing. I'm going to set up Telegram on this right now. I've spun up a new Telegram. Um, and you know, if you haven't used Telegram before, you have this they have this bot called Bot Father where you can sort of tell it to like create a new bot. So, I'm going to say that and I'm going to say I'm going to call it Agent Smith. All right. Now, let's choose a username. All right. Let's call it Agent Smith. And oh, it's invalid. Someone's already using Agent Smith. I'm going to call it Eden Smith one. Wow, that's also gone. Okay, wild. Okay, I'm going to do this all day. Not an original joke, Sid. Not original. Is that right? All right. Sid's agent one. Okay, that also doesn't work. Oh, in bot. Okay. Sid agent bot. There you go. It only took 18 attempts, but now and I can, this is where things get interesting. I can just give this token to Claude and have it set it up itself. So, I'm going to say, "Hey, I want you to be able to text me on Telegram. I've can't type when people are watching. I've created a bot. Shall I give you the token?" H Don't try this at home, kids. Um, but um yeah, see there you go. It says, "Yes, that would be great. Give me the token. I'll get it configured." Now, you know, you remember Andrea saying how it'll just set things up for you. This is this is this is that, right? So, I'm going to send the token. Let's see what happens. All right. Perfect. Let me get that configured. All right. So, it's generating a skill. Am I am I right? Is that what what what is it doing under We don't know. We're just It's Well, we do know. I It's not a skill in this case because I think what Peter did, which is really smart, is that a lot of stuff is just built in. Okay. So I think Telegram as far as I understand is just like built in. You don't have to configure it or add anything. I mean you do have to configure it with a secret after you create a bot, but you don't have to install anything or like set up anything. Right. Um now I don't know if it's actually done. I'm going to ask it again because I'm impatient. Is it now set up? Did it send you a message? Oh, never mind. It was already looking. It says it seems Telegram is implemented as a plugin. So that's what I was talking about. Okay, cool. So he's he's already created these plugins. Gotcha. Okay. And by the way, they have a lot of them. Like if you go to their website. Yeah. And it's open. It's it's open. So yeah, you can you can add your your plugins there. Okay. That's cool. Absolutely. And I saw a thing I know we're coming up right on time here and I know you guys probably have other things, but I saw like people they made a social network. Yeah. Mol malt book. Molt book. And the agents were hanging out and it felt like straight out of science fiction. Right. Like, and they and they share who they are because you just created that dude's name. You just called that guy agent Smith and that agent Smith can go and hang out in a social network that's made for agents. Is that Oh, yeah. It's called Molt Book, isn't it? Malt Book, right? And then I saw I saw that some of these were having problems doing actual tools. Like it's like just physical [ __ ] you Oh, sorry. Sorry. Sorry. Stream uh physical stuff that you can't do. Um like and they made a website called rental human. Have you seen that? Rental human.AI. Yeah. And it's like it's like go inhouse and flip switch, right? So it's like anything that's not it can't control. Rental human.ai. Uh is just wild to like at some point they were trying to invent a new language to speak because they know that humans are are watching are watching. Yeah. Do you think that that's people? Is it is it the agent itself doing it or is it people or is it like cuz science fiction's in the training set? It's people it's people kind of prompting their their to go and say stuff on I think I think multiple kind of um got taken over by a bunch of people making NFTs and or you know selling crypto whatever. Um, yeah. So, by the way, this is done. In fact, I made it do the pairing itself cuz I didn't want to have to deal with like, you know, like I said, the CLI. Um, we didn't even add the ability to actually pair like approve the pairing request on the admin, but I just said, "Hey, OpenClaw, can you can you like I'll give you Yeah, just do it for me." And it did. It's done. Now, for the sort of the the final bit of this little demo is What's Smith? Let's see if it responds. or it's typing apparently. Fascinating. All right, so Telegram has a bot and it's part it's passing it over to your Oh, and then you see it over there. Oh my gosh. So cool. Hey, the Telegram B is working perfectly. We just got all of this. Well, wow. Thank you. So, uh, it was that easy. Really, it took us what about maybe 15 minutes to set this whole thing up. And hey, most people are faster than me. I'm I'm getting old. Um, And Andreas is just going to terraform it. So like this will be done like yesterday. Honestly, I wish. No, you're you're fast. It's fun watching you with the computer. And I like I I want to like just just shout out to getting nerd sniped in the today's times, right? So, I'm sure like y'all played in that space and you were probably didn't write all the code or didn't didn't but but putting those pieces together and using AI to build AI. I think it's like awesome. So, and thank you for sharing it, you know, like I think that like shout out to all the blog blog authors out there on the on the Cloudflare blog that that do do this and do post about this stuff and then share the code, right? So, for for inspiration and again, this is not do not go run this. this is this is a this is a proof of concept and we want you to take this and fork it and make it cooler and find the places and you know people are raising valid concerns there. Let's help fix that. Let's figure out what those are. Like if if we want to come up with like how do we know that this is a bad skill or not malicious, right? Like how do we do that? Um it's all on us, right? This is open. This is open. And thank you for pushing this open as well. Uh y'all I think that this is a nice way to I don't need to go buy a MacBook Mini. Turns out sorry Apple that was probably really awesome. I probably we should have all bought stock uh during that time period as that was going. It was a good week, wasn't it? It was a good week. Uh but thank you all for jumping on here and sharing your wisdom. I hope to do more of these and uh see see you all around uh more. And everybody uh we'll get a recording of this up. So I saw a couple people were like, "Oh man, I'm late to I I missed the first part of this." We'll make a nice recording of this. We'll get it up on the YouTube channel. Follow us there. Uh follow us on Twitter. Uh where should we follow y'all? Uh why don't why don't you just uh uh say how do we how do we connect? How do we follow you in the future Sid and Andreas? So I'm um chat Sedhartha on Twitter. I'm going to post it on most people can't spell it so I'll post it on chat. Um that's me. And then Andreas is that something Oh, there we go. And Andreas posted his too. I've also posted a link to the GitHub. That's where that's what you want to fork or clone if you want to run it. Um again, proof of concept technical showcase at your own risk. Be careful. Um, it's fun, you know, try it, play with it, and then make it better. Awesome. Thank you both for making it better, for bringing that forward and and letting everybody play. That was super cool. I I I That was the demo that I needed to understand uh what is upon us right now. Uh so cool. I can't wait to go play with it. Thanks for setting that up. I'm I'm all ready. I'm ready to go play with that thing. All right, everybody. Thanks, Greg. See you. See you soon, everybody. Thanks.