Summary

Gateway startup currently tries to reconcile persisted ACP session identities even when those records are terminal one-shot ACP sessions. If the stored identity remains pending, startup logs a scary warning like:

[gateway] acp startup identity reconcile (renderer=v1): checked=7 resolved=0 failed=7

In this case fresh ACP launches still worked for both Codex and Claude, so the warning appears to be stale terminal metadata rather than a current ACP runtime failure.

Environment

• OpenClaw: 2026.4.24 (cbcfdf6)
• macOS / arm64
• Gateway mode: local loopback
• ACP backend: acpx
• Allowed ACP agents: codex, claude

What I observed

1. Gateway startup repeatedly logged checked=7 resolved=0 failed=7 for ACP identity reconcile.
2. The 7 records were persisted under the isolated codex / claude agent session stores.
3. Each affected record had ACP metadata like:
   • mode: "oneshot"
   • identity.state: "pending"
   • an acpxRecordId
   • an acpxSessionId
4. Some records were idle/successful one-shot smoke sessions; some were historical error sessions.
5. Fresh smoke tests passed through both paths:
   • direct plugin-local acpx Codex and Claude one-shot prompts succeeded
   • OpenClaw ACP runtime sessions_spawn(runtime="acp") Codex and Claude one-shot prompts succeeded
6. Newly successful one-shot ACP sessions also remained identity.state: "pending", so clearing old records alone does not solve the source behavior.

Expected behavior

Startup identity reconciliation should not try to resurrect/resolve terminal one-shot or closed ACP sessions, or should handle unresolved one-shot identity as non-fatal/noisy cleanup rather than a warning that looks like current ACP is broken.

Likely fix direction

In AcpSessionManager.reconcilePendingSessionIdentities, skip terminal records before attempting runtime re-ensure/reconcile. Local mitigation that cleared the warning:

for (const session of acpSessions) {
  if (!session.acp || !session.sessionKey) continue;
  const acpMeta = session.acp;
  if (acpMeta.mode === "oneshot" || acpMeta.state === "closed") continue;
  const currentIdentity = resolveSessionIdentityFromMeta(acpMeta);
  if (!isSessionIdentityPending(currentIdentity) || !identityHasStableSessionId(currentIdentity)) continue;
  // existing reconcile path...
}

There may be an even better source-level fix: mark successful one-shot identities as resolved before closing, or classify closed one-shot records separately. But startup should not warn as if active ACP is unhealthy when only terminal one-shot metadata is unresolved.

Why this matters

The warning makes it look like ACP/Codex/Claude agent routing is broken, even though fresh ACP sessions are healthy. It also gets repeated on every gateway restart until stale records are manually archived.