# 2026-02-13 - Investigation Notes

## WhatsApp Privacy Leak - CHANNEL NAMES EXPOSED

### Problem
Anthony seeing channel names (like "fumos") from community groups - privacy concern.

### Root Cause Found
**WhatsApp Channels (@broadcast) are being synced to credentials:**
- Location: `/home/openclaw/.openclaw/credentials/whatsapp/default/`
- Files: `sender-key-status@broadcast--*` files
- These indicate participation in WhatsApp Channels (Meta's broadcast feature)
- Filenames expose channel/group IDs

### Technical Details
- Found 3 @broadcast files:
  - `sender-key-status@broadcast--61481283201--0.json` (623 bytes)
  - `sender-key-status@broadcast--6281936360900--0.json` (2979 bytes)
  - `sender-key-status@broadcast--6282340396632--0.json` (1807 bytes)
- These contain sender keys for WhatsApp Channels
- Channel names are being exposed somewhere in the WhatsApp plugin UI or chat list

### Possible Sources of Leak
1. WhatsApp plugin auto-syncs channel metadata
2. Chat list/cache contains channel names
3. Plugin discovery feature lists all available chats on connection

### Fix Options Presented to Anthony
- Option A: Temporarily disable WhatsApp plugin
- Option B: Clear @broadcast channel data from credentials
- Option C: Configure restrictive settings to prevent channel discovery/sync

### Status
Pending Anthony's decision on which fix approach to take.

---

## Backup Gap Investigation (Continued)

### Confirmed Missing from Backups
- `/home/openclaw/.openclaw/cron/` - all cron jobs (Morning Briefing, Daily Backup)
- `/home/openclaw/.openclaw/openclaw.json` - gateway and model config
- `/home/openclaw/.openclaw/skills/` - installed skills

### Cron Jobs Status
- Morning Briefing: ✅ Recreated at 7:05 AM daily
- Daily Backup: ✅ Running at 2 AM daily

### Files Involved
- Cron file: `/home/openclaw/.openclaw/cron/jobs.json`
- Backup script: `/home/openclaw/.openclaw/workspace/scripts/backup-to-gittea.sh`
- Backup repo: `http://gitea.kangaroo-eel.ts.net:3000/Anthony/openclaw-backup.git`