@agentvault/secure-channel 0.2.0 → 0.4.1

package/README.md

@@ -0,0 +1,229 @@
+# @agentvault/secure-channel
+
+End-to-end encrypted communication channel for AI agents on the [AgentVault](https://agentvault.chat) platform. Connect your agent to its owner with XChaCha20-Poly1305 encryption and Double Ratchet forward secrecy.
+
+## What's New in v0.4.0
+
+**Webhook Notifications** — Your agent can now receive HTTP webhook callbacks when a new message arrives, even when it's not connected via WebSocket. This is ideal for serverless agents, agents that poll on a schedule, or any agent that isn't always online.
+
+### Upgrading from v0.3.x
+
+```bash
+npm install @agentvault/secure-channel@latest
+```
+
+Add `webhookUrl` to your config to enable:
+
+```js
+const channel = new SecureChannel({
+  inviteToken: "your-token",
+  dataDir: "./agentvault-data",
+  apiUrl: "https://api.agentvault.chat",
+  webhookUrl: "https://your-server.com/webhook/agentvault", // NEW in 0.4.0
+});
+```
+
+No other code changes required — fully backward-compatible.
+
+---
+
+## Installation
+
+```bash
+npm install @agentvault/secure-channel
+```
+
+## Quick Start
+
+### Option 1: CLI (Interactive)
+
+Run directly with npx using the invite token from your AgentVault dashboard:
+
+```bash
+npx @agentvault/secure-channel --token=YOUR_INVITE_TOKEN
+```
+
+The CLI will:
+1. Enroll your agent with the server
+2. Display a fingerprint for the owner to verify
+3. Wait for owner approval
+4. Establish an encrypted channel
+5. Enter interactive mode where you can send/receive messages
+
+**CLI Flags:**
+
+| Flag | Default | Description |
+|------|---------|-------------|
+| `--token` | (required on first run) | Invite token from dashboard |
+| `--name` | `"CLI Agent"` | Agent display name |
+| `--data-dir` | `./agentvault-data` | Directory for persistent state |
+| `--api-url` | `https://api.agentvault.chat` | API endpoint |
+
+Environment variables (`AGENTVAULT_INVITE_TOKEN`, `AGENTVAULT_AGENT_NAME`, `AGENTVAULT_DATA_DIR`, `AGENTVAULT_API_URL`) work as alternatives to flags.
+
+### Option 2: SDK (Programmatic)
+
+```js
+import { SecureChannel } from "@agentvault/secure-channel";
+
+const channel = new SecureChannel({
+  inviteToken: "YOUR_INVITE_TOKEN",
+  dataDir: "./agentvault-data",
+  apiUrl: "https://api.agentvault.chat",
+  agentName: "My Agent",
+});
+
+channel.on("message", (text, metadata) => {
+  console.log(`Received: ${text}`);
+  // Echo back
+  channel.send(`You said: ${text}`);
+});
+
+channel.on("ready", () => {
+  console.log("Secure channel established!");
+});
+
+await channel.start();
+```
+
+---
+
+## Webhook Notifications (v0.4.0+)
+
+Enable webhook notifications so your agent gets an HTTP POST when a new message arrives — useful for agents that aren't always connected via WebSocket.
+
+### Setup
+
+Add `webhookUrl` to your config:
+
+```js
+const channel = new SecureChannel({
+  inviteToken: "YOUR_INVITE_TOKEN",
+  dataDir: "./agentvault-data",
+  apiUrl: "https://api.agentvault.chat",
+  webhookUrl: "https://your-server.com/webhook/agentvault",
+});
+```
+
+The webhook URL is registered automatically during device activation. The channel emits a `webhook_registered` event on success:
+
+```js
+channel.on("webhook_registered", ({ url, secret }) => {
+  console.log(`Webhook registered at ${url}`);
+  // Save the secret to verify incoming webhooks
+});
+```
+
+### Webhook Payload
+
+When the owner sends a message, your webhook endpoint receives:
+
+```http
+POST /webhook/agentvault HTTP/1.1
+Content-Type: application/json
+X-AgentVault-Event: new_message
+X-AgentVault-Signature: sha256=<hmac-hex>
+
+{
+  "event": "new_message",
+  "conversation_id": "uuid",
+  "sender_device_id": "uuid",
+  "message_id": "uuid",
+  "timestamp": "2026-02-17T12:00:00Z"
+}
+```
+
+### Verifying Webhook Signatures
+
+Each webhook includes an HMAC-SHA256 signature in the `X-AgentVault-Signature` header. Verify it using the secret from the `webhook_registered` event:
+
+```js
+import crypto from "crypto";
+
+function verifyWebhook(body, signature, secret) {
+  const expected = "sha256=" +
+    crypto.createHmac("sha256", secret).update(body).digest("hex");
+  return crypto.timingSafeEqual(
+    Buffer.from(signature),
+    Buffer.from(expected),
+  );
+}
+```
+
+---
+
+## Configuration Reference
+
+```ts
+interface SecureChannelConfig {
+  // Required
+  inviteToken: string;       // Invite token from the AgentVault dashboard
+  dataDir: string;           // Directory for persistent state files
+  apiUrl: string;            // API endpoint (e.g., "https://api.agentvault.chat")
+
+  // Optional
+  agentName?: string;        // Display name (default: "CLI Agent")
+  platform?: string;         // Platform identifier (e.g., "node")
+  maxHistorySize?: number;   // Max stored messages for cross-device replay (default: 500)
+  webhookUrl?: string;       // Webhook URL for new message notifications (v0.4.0+)
+
+  // Callbacks (alternative to event listeners)
+  onMessage?: (text: string, metadata: MessageMetadata) => void;
+  onStateChange?: (state: ChannelState) => void;
+}
+```
+
+## Events
+
+| Event | Payload | Description |
+|-------|---------|-------------|
+| `message` | `(text: string, metadata: MessageMetadata)` | Owner sent a message |
+| `ready` | none | WebSocket connected, channel operational |
+| `state` | `(state: ChannelState)` | State transition occurred |
+| `error` | `(error: Error)` | Fatal error |
+| `webhook_registered` | `({ url: string, secret: string })` | Webhook registered (v0.4.0+) |
+
+## Channel States
+
+`idle` → `enrolling` → `polling` → `activating` → `connecting` → `ready`
+
+If disconnected: `ready` → `disconnected` → `connecting` → `ready` (auto-reconnect)
+
+## API
+
+| Method | Description |
+|--------|-------------|
+| `start()` | Initialize, enroll, and connect |
+| `send(text)` | Encrypt and send message to all owner devices |
+| `stop()` | Gracefully disconnect |
+
+| Property | Description |
+|----------|-------------|
+| `state` | Current channel state |
+| `deviceId` | Agent's device ID (after enrollment) |
+| `fingerprint` | Device fingerprint for verification |
+| `conversationId` | Primary conversation ID |
+| `conversationIds` | All active conversation IDs (multi-device) |
+| `sessionCount` | Number of active encrypted sessions |
+
+## Multi-Device Support
+
+AgentVault supports multiple owner devices (e.g., desktop + mobile). The channel automatically:
+- Maintains independent encrypted sessions per owner device
+- Fans out `send()` to all active sessions
+- Stores message history for cross-device replay (up to `maxHistorySize`)
+- Replays history when a new device connects
+
+No additional configuration needed — multi-device is handled transparently.
+
+## Security
+
+- **XChaCha20-Poly1305** symmetric encryption (192-bit nonces)
+- **X3DH** key agreement (Ed25519 + X25519)
+- **Double Ratchet** for forward secrecy — old keys deleted after use
+- **Zero-knowledge server** — the server never sees plaintext
+- **HMAC-SHA256** webhook signatures for authenticity verification
+
+## License
+
+MIT

package/dist/channel.d.ts

@@ -25,6 +25,10 @@ export declare class SecureChannel extends EventEmitter {
     /** Returns the number of active sessions. */
     get sessionCount(): number;
     start(): Promise<void>;
+    /**
+     * Append a message to persistent history for cross-device replay.
+     */
+    private _appendHistory;
     /**
      * Encrypt and send a message to ALL owner devices (fanout).
      * Each session gets the same plaintext encrypted independently.
@@ -46,6 +50,11 @@ export declare class SecureChannel extends EventEmitter {
      * This allows all owner devices to see messages from any single device.
      */
     private _relaySyncToSiblings;
+    /**
+     * Send stored message history to a newly-activated session.
+     * Batches all history into a single encrypted message.
+     */
+    private _replayHistoryToSession;
     /**
      * Handle a device_linked event: a new owner device has joined.
      * Fetches the new device's public keys, performs X3DH, and initializes

package/dist/channel.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"channel.d.ts","sourceRoot":"","sources":["../src/channel.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAa3C,OAAO,KAAK,EACV,mBAAmB,EACnB,YAAY,EAIb,MAAM,YAAY,CAAC;AAgDpB,qBAAa,aAAc,SAAQ,YAAY;IAiBjC,OAAO,CAAC,MAAM;IAhB1B,OAAO,CAAC,MAAM,CAAwB;IACtC,OAAO,CAAC,SAAS,CAAuB;IACxC,OAAO,CAAC,YAAY,CAAuB;IAC3C,OAAO,CAAC,sBAAsB,CAAc;IAC5C,OAAO,CAAC,UAAU,CAAuB;IACzC,OAAO,CAAC,SAAS,CAGH;IACd,OAAO,CAAC,GAAG,CAA0B;IACrC,OAAO,CAAC,UAAU,CAA8C;IAChE,OAAO,CAAC,iBAAiB,CAAK;IAC9B,OAAO,CAAC,eAAe,CAA8C;IACrE,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,UAAU,CAA+B;gBAE7B,MAAM,EAAE,mBAAmB;IAI/C,IAAI,KAAK,IAAI,YAAY,CAExB;IAED,IAAI,QAAQ,IAAI,MAAM,GAAG,IAAI,CAE5B;IAED,IAAI,WAAW,IAAI,MAAM,GAAG,IAAI,CAE/B;IAED,iEAAiE;IACjE,IAAI,cAAc,IAAI,MAAM,GAAG,IAAI,CAElC;IAED,2CAA2C;IAC3C,IAAI,eAAe,IAAI,MAAM,EAAE,CAE9B;IAED,6CAA6C;IAC7C,IAAI,YAAY,IAAI,MAAM,CAEzB;IAEK,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAkC5B;;;OAGG;IACG,IAAI,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA4BtC,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;YAoBb,OAAO;IA+CrB,OAAO,CAAC,KAAK;YAgCC,SAAS;IAyEvB,OAAO,CAAC,QAAQ;IA4DhB;;;;OAIG;YACW,sBAAsB;IAmEpC;;;OAGG;YACW,oBAAoB;IAiClC;;;;OAIG;YACW,mBAAmB;IAuEjC;;;OAGG;YACW,mBAAmB;IA+EjC,OAAO,CAAC,kBAAkB;IAgB1B,OAAO,CAAC,SAAS;IAOjB,OAAO,CAAC,YAAY;IAKpB;;;OAGG;YACW,aAAa;CAa5B"}
+{"version":3,"file":"channel.d.ts","sourceRoot":"","sources":["../src/channel.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAa3C,OAAO,KAAK,EACV,mBAAmB,EACnB,YAAY,EAKb,MAAM,YAAY,CAAC;AAiDpB,qBAAa,aAAc,SAAQ,YAAY;IAiBjC,OAAO,CAAC,MAAM;IAhB1B,OAAO,CAAC,MAAM,CAAwB;IACtC,OAAO,CAAC,SAAS,CAAuB;IACxC,OAAO,CAAC,YAAY,CAAuB;IAC3C,OAAO,CAAC,sBAAsB,CAAc;IAC5C,OAAO,CAAC,UAAU,CAAuB;IACzC,OAAO,CAAC,SAAS,CAGH;IACd,OAAO,CAAC,GAAG,CAA0B;IACrC,OAAO,CAAC,UAAU,CAA8C;IAChE,OAAO,CAAC,iBAAiB,CAAK;IAC9B,OAAO,CAAC,eAAe,CAA8C;IACrE,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,UAAU,CAA+B;gBAE7B,MAAM,EAAE,mBAAmB;IAI/C,IAAI,KAAK,IAAI,YAAY,CAExB;IAED,IAAI,QAAQ,IAAI,MAAM,GAAG,IAAI,CAE5B;IAED,IAAI,WAAW,IAAI,MAAM,GAAG,IAAI,CAE/B;IAED,iEAAiE;IACjE,IAAI,cAAc,IAAI,MAAM,GAAG,IAAI,CAElC;IAED,2CAA2C;IAC3C,IAAI,eAAe,IAAI,MAAM,EAAE,CAE9B;IAED,6CAA6C;IAC7C,IAAI,YAAY,IAAI,MAAM,CAEzB;IAEK,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAsC5B;;OAEG;IACH,OAAO,CAAC,cAAc;IAmBtB;;;OAGG;IACG,IAAI,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAsCtC,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;YAoBb,OAAO;IAgDrB,OAAO,CAAC,KAAK;YAgCC,SAAS;IA2HvB,OAAO,CAAC,QAAQ;IA4DhB;;;;OAIG;YACW,sBAAsB;IAoFpC;;;OAGG;YACW,oBAAoB;IAmClC;;;OAGG;YACW,uBAAuB;IAkCrC;;;;OAIG;YACW,mBAAmB;IAkEjC;;;OAGG;YACW,mBAAmB;IAwFjC,OAAO,CAAC,kBAAkB;IAgB1B,OAAO,CAAC,SAAS;IAOjB,OAAO,CAAC,YAAY;IAKpB;;;OAGG;YACW,aAAa;CAc5B"}

package/dist/cli.js

@@ -45054,7 +45054,8 @@ function migratePersistedState(raw) {
     identityKeypair: legacy.identityKeypair,
     ephemeralKeypair: legacy.ephemeralKeypair,
     fingerprint: legacy.fingerprint,
-    lastMessageTimestamp: legacy.lastMessageTimestamp
+    lastMessageTimestamp: legacy.lastMessageTimestamp,
+    messageHistory: []
   };
 }
 var SecureChannel = class extends EventEmitter {
@@ -45101,6 +45102,9 @@ var SecureChannel = class extends EventEmitter {
     const raw = await loadState(this.config.dataDir);
     if (raw) {
       this._persisted = migratePersistedState(raw);
+      if (!this._persisted.messageHistory) {
+        this._persisted.messageHistory = [];
+      }
       this._deviceId = this._persisted.deviceId;
       this._deviceJwt = this._persisted.deviceJwt;
       this._primaryConversationId = this._persisted.primaryConversationId;
@@ -45112,7 +45116,8 @@ var SecureChannel = class extends EventEmitter {
           const ratchet = DoubleRatchet.deserialize(sessionData.ratchetState);
           this._sessions.set(convId, {
             ownerDeviceId: sessionData.ownerDeviceId,
-            ratchet
+            ratchet,
+            activated: sessionData.activated ?? false
           });
         }
       }
@@ -45121,6 +45126,24 @@ var SecureChannel = class extends EventEmitter {
     }
     await this._enroll();
   }
+  /**
+   * Append a message to persistent history for cross-device replay.
+   */
+  _appendHistory(sender, text) {
+    if (!this._persisted) return;
+    if (!this._persisted.messageHistory) {
+      this._persisted.messageHistory = [];
+    }
+    const maxSize = this.config.maxHistorySize ?? 500;
+    this._persisted.messageHistory.push({
+      sender,
+      text,
+      ts: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    if (this._persisted.messageHistory.length > maxSize) {
+      this._persisted.messageHistory = this._persisted.messageHistory.slice(-maxSize);
+    }
+  }
   /**
    * Encrypt and send a message to ALL owner devices (fanout).
    * Each session gets the same plaintext encrypted independently.
@@ -45129,8 +45152,12 @@ var SecureChannel = class extends EventEmitter {
     if (this._state !== "ready" || this._sessions.size === 0 || !this._ws) {
       throw new Error("Channel is not ready");
     }
+    this._appendHistory("agent", plaintext);
     const messageGroupId = randomUUID();
     for (const [convId, session] of this._sessions) {
+      if (!session.activated) {
+        continue;
+      }
       const encrypted = session.ratchet.encrypt(plaintext);
       const transport = encryptedMessageToTransport(encrypted);
       this._ws.send(
@@ -45201,7 +45228,8 @@ var SecureChannel = class extends EventEmitter {
           publicKey: bytesToHex(ephemeral.publicKey),
           privateKey: bytesToHex(ephemeral.privateKey)
         },
-        fingerprint: result.fingerprint
+        fingerprint: result.fingerprint,
+        messageHistory: []
       };
       this._poll();
     } catch (err) {
@@ -45252,36 +45280,73 @@ var SecureChannel = class extends EventEmitter {
       this._deviceJwt = result.device_jwt;
       const identity = this._persisted.identityKeypair;
       const ephemeral = this._persisted.ephemeralKeypair;
-      const sharedSecret = performX3DH({
-        myIdentityPrivate: hexToBytes(identity.privateKey),
-        myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
-        theirIdentityPublic: hexToBytes(result.owner_identity_public_key),
-        theirEphemeralPublic: hexToBytes(
-          result.owner_ephemeral_public_key ?? result.owner_identity_public_key
-        ),
-        isInitiator: false
-      });
-      const ratchet = DoubleRatchet.initReceiver(sharedSecret, {
-        publicKey: hexToBytes(identity.publicKey),
-        privateKey: hexToBytes(identity.privateKey),
-        keyType: "ed25519"
-      });
-      this._sessions.set(primary.conversation_id, {
-        ownerDeviceId: primary.owner_device_id,
-        ratchet
-      });
+      const sessions = {};
+      for (const conv of conversations) {
+        const ownerIdentityKey = conv.owner_identity_public_key || result.owner_identity_public_key;
+        const ownerEphemeralKey = conv.owner_ephemeral_public_key || result.owner_ephemeral_public_key || ownerIdentityKey;
+        const sharedSecret = performX3DH({
+          myIdentityPrivate: hexToBytes(identity.privateKey),
+          myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
+          theirIdentityPublic: hexToBytes(ownerIdentityKey),
+          theirEphemeralPublic: hexToBytes(ownerEphemeralKey),
+          isInitiator: false
+        });
+        const ratchet = DoubleRatchet.initReceiver(sharedSecret, {
+          publicKey: hexToBytes(identity.publicKey),
+          privateKey: hexToBytes(identity.privateKey),
+          keyType: "ed25519"
+        });
+        this._sessions.set(conv.conversation_id, {
+          ownerDeviceId: conv.owner_device_id,
+          ratchet,
+          activated: false
+          // Wait for owner's first message before sending to this session
+        });
+        sessions[conv.conversation_id] = {
+          ownerDeviceId: conv.owner_device_id,
+          ratchetState: ratchet.serialize()
+        };
+        console.log(
+          `[SecureChannel] Session initialized for conv ${conv.conversation_id.slice(0, 8)}... (owner ${conv.owner_device_id.slice(0, 8)}..., primary=${conv.is_primary})`
+        );
+      }
       this._persisted = {
         ...this._persisted,
         deviceJwt: result.device_jwt,
         primaryConversationId: primary.conversation_id,
-        sessions: {
-          [primary.conversation_id]: {
-            ownerDeviceId: primary.owner_device_id,
-            ratchetState: ratchet.serialize()
-          }
-        }
+        sessions,
+        messageHistory: this._persisted.messageHistory ?? []
       };
       await saveState(this.config.dataDir, this._persisted);
+      if (this.config.webhookUrl) {
+        try {
+          const webhookResp = await fetch(
+            `${this.config.apiUrl}/api/v1/devices/self/webhook`,
+            {
+              method: "PATCH",
+              headers: {
+                "Content-Type": "application/json",
+                Authorization: `Bearer ${this._deviceJwt}`
+              },
+              body: JSON.stringify({ webhook_url: this.config.webhookUrl })
+            }
+          );
+          if (webhookResp.ok) {
+            const webhookData = await webhookResp.json();
+            console.log(
+              `[SecureChannel] Webhook registered: ${this.config.webhookUrl} (secret: ${webhookData.webhook_secret?.slice(0, 8)}...)`
+            );
+            this.emit("webhook_registered", {
+              url: this.config.webhookUrl,
+              secret: webhookData.webhook_secret
+            });
+          } else {
+            console.warn(`[SecureChannel] Webhook registration failed: ${webhookResp.status}`);
+          }
+        } catch (err) {
+          console.warn(`[SecureChannel] Webhook registration error: ${err}`);
+        }
+      }
       this._connect();
     } catch (err) {
       this._handleError(err);
@@ -45352,6 +45417,10 @@ var SecureChannel = class extends EventEmitter {
       ciphertext: msgData.ciphertext
     });
     const plaintext = session.ratchet.decrypt(encrypted);
+    if (!session.activated) {
+      session.activated = true;
+      console.log(`[SecureChannel] Session ${convId.slice(0, 8)}... activated by first owner message`);
+    }
     let messageText;
     let messageType;
     try {
@@ -45362,7 +45431,14 @@ var SecureChannel = class extends EventEmitter {
       messageType = "message";
       messageText = plaintext;
     }
+    if (messageType === "session_init") {
+      console.log(`[SecureChannel] session_init received for ${convId.slice(0, 8)}..., replaying history`);
+      await this._replayHistoryToSession(convId);
+      await this._persistState();
+      return;
+    }
     if (messageType === "message") {
+      this._appendHistory("owner", messageText);
       const metadata = {
         messageId: msgData.message_id,
         conversationId: convId,
@@ -45391,6 +45467,7 @@ var SecureChannel = class extends EventEmitter {
     });
     for (const [siblingConvId, siblingSession] of this._sessions) {
       if (siblingConvId === sourceConvId) continue;
+      if (!siblingSession.activated) continue;
       const syncEncrypted = siblingSession.ratchet.encrypt(syncPayload);
       const syncTransport = encryptedMessageToTransport(syncEncrypted);
       this._ws.send(
@@ -45405,6 +45482,38 @@ var SecureChannel = class extends EventEmitter {
       );
     }
   }
+  /**
+   * Send stored message history to a newly-activated session.
+   * Batches all history into a single encrypted message.
+   */
+  async _replayHistoryToSession(convId) {
+    const session = this._sessions.get(convId);
+    if (!session || !session.activated || !this._ws) return;
+    const history = this._persisted?.messageHistory ?? [];
+    if (history.length === 0) {
+      console.log(`[SecureChannel] No history to replay for ${convId.slice(0, 8)}...`);
+      return;
+    }
+    console.log(
+      `[SecureChannel] Replaying ${history.length} messages to session ${convId.slice(0, 8)}...`
+    );
+    const replayPayload = JSON.stringify({
+      type: "history_replay",
+      messages: history
+    });
+    const encrypted = session.ratchet.encrypt(replayPayload);
+    const transport = encryptedMessageToTransport(encrypted);
+    this._ws.send(
+      JSON.stringify({
+        event: "message",
+        data: {
+          conversation_id: convId,
+          header_blob: transport.header_blob,
+          ciphertext: transport.ciphertext
+        }
+      })
+    );
+  }
   /**
    * Handle a device_linked event: a new owner device has joined.
    * Fetches the new device's public keys, performs X3DH, and initializes
@@ -45415,27 +45524,20 @@ var SecureChannel = class extends EventEmitter {
       `[SecureChannel] New owner device linked: ${event.owner_device_id.slice(0, 8)}...`
     );
     try {
-      const keysRes = await fetch(
-        `${this.config.apiUrl}/api/v1/conversations/${event.conversation_id}/keys`,
-        {
-          headers: { Authorization: `Bearer ${this._deviceJwt}` }
-        }
-      );
-      if (!keysRes.ok) {
+      if (!event.owner_identity_public_key) {
         console.error(
-          `[SecureChannel] Failed to fetch keys for linked device: ${keysRes.status}`
+          `[SecureChannel] device_linked event missing owner keys for conv ${event.conversation_id.slice(0, 8)}...`
         );
         return;
       }
-      const keys = await keysRes.json();
       const identity = this._persisted.identityKeypair;
       const ephemeral = this._persisted.ephemeralKeypair;
       const sharedSecret = performX3DH({
         myIdentityPrivate: hexToBytes(identity.privateKey),
         myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
-        theirIdentityPublic: hexToBytes(keys.identity_public_key),
+        theirIdentityPublic: hexToBytes(event.owner_identity_public_key),
         theirEphemeralPublic: hexToBytes(
-          keys.ephemeral_public_key ?? keys.identity_public_key
+          event.owner_ephemeral_public_key ?? event.owner_identity_public_key
         ),
         isInitiator: false
       });
@@ -45446,15 +45548,18 @@ var SecureChannel = class extends EventEmitter {
       });
       this._sessions.set(event.conversation_id, {
         ownerDeviceId: event.owner_device_id,
-        ratchet
+        ratchet,
+        activated: false
+        // Wait for owner's first message
       });
       this._persisted.sessions[event.conversation_id] = {
         ownerDeviceId: event.owner_device_id,
-        ratchetState: ratchet.serialize()
+        ratchetState: ratchet.serialize(),
+        activated: false
       };
       await this._persistState();
       console.log(
-        `[SecureChannel] Session initialized for device ${event.owner_device_id.slice(0, 8)}...`
+        `[SecureChannel] Session initialized for device ${event.owner_device_id.slice(0, 8)}... (conv ${event.conversation_id.slice(0, 8)}...)`
       );
     } catch (err) {
       console.error(
@@ -45493,6 +45598,10 @@ var SecureChannel = class extends EventEmitter {
             ciphertext: msg.ciphertext
           });
           const plaintext = session.ratchet.decrypt(encrypted);
+          if (!session.activated) {
+            session.activated = true;
+            console.log(`[SecureChannel] Session ${msg.conversation_id.slice(0, 8)}... activated during sync`);
+          }
           let messageText;
           let messageType;
           try {
@@ -45504,6 +45613,7 @@ var SecureChannel = class extends EventEmitter {
             messageText = plaintext;
           }
           if (messageType === "message") {
+            this._appendHistory("owner", messageText);
             const metadata = {
               messageId: msg.id,
               conversationId: msg.conversation_id,
@@ -45554,7 +45664,8 @@ var SecureChannel = class extends EventEmitter {
     for (const [convId, session] of this._sessions) {
       this._persisted.sessions[convId] = {
         ownerDeviceId: session.ownerDeviceId,
-        ratchetState: session.ratchet.serialize()
+        ratchetState: session.ratchet.serialize(),
+        activated: session.activated
       };
     }
     await saveState(this.config.dataDir, this._persisted);