@agfpd/iapeer-memory 0.1.13 → 0.2.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agfpd/iapeer-memory",
-  "version": "0.1.13",
+  "version": "0.2.1",
   "description": "iapeer-memory — peer memory for the iapeer ecosystem: vault, memoryd (index/search/MCP-http), layer-5 context fragments, role doctrines. The package IS the system; the claude/codex plugins are thin session sockets (docs/10-distribution.md, ADR-009).",
   "license": "MIT",
   "type": "module",
@@ -27,7 +27,7 @@
     "access": "public"
   },
   "dependencies": {
-    "@agfpd/iapeer-memory-core": "0.1.13"
+    "@agfpd/iapeer-memory-core": "0.2.1"
   },
   "devDependencies": {
     "@types/bun": "^1.2.0",

package/src/binary.ts

@@ -23,7 +23,9 @@
 
 import fs from "node:fs";
 import path from "node:path";
+import type { Egress } from "./egress.js";
 import { signInstalledBinary, type SigningOutcome } from "./signing.js";
+import { guardedUnlinkSync } from "@agfpd/iapeer-memory-core";
 
 export function isCompiledRuntime(): boolean {
   return import.meta.url.includes("/$bunfs/");
@@ -34,7 +36,10 @@ export type InstallBinaryOutcome =
   | { action: "skipped-compiled"; outPath: string }
   | { action: "failed"; outPath: string; detail: string };
 
-export function installBinary(opts: { outPath: string }): InstallBinaryOutcome {
+export function installBinary(
+  egress: Egress,
+  opts: { outPath: string },
+): InstallBinaryOutcome {
   const { outPath } = opts;
   if (isCompiledRuntime()) {
     return { action: "skipped-compiled", outPath };
@@ -47,20 +52,22 @@ export function installBinary(opts: { outPath: string }): InstallBinaryOutcome {
     `.${path.basename(outPath)}.build.tmp`,
   );
 
-  const proc = Bun.spawnSync(
-    [process.execPath, "build", "--compile", cliPath, "--outfile", tmp],
-    { stdout: "pipe", stderr: "pipe" },
-  );
-  if (proc.exitCode !== 0 || !fs.existsSync(tmp)) {
+  // Self-runtime spawn (egress allowance 2): compiling OUR cli with OUR bun
+  // to a path-conventioned target — works in sandboxed e2e by design.
+  const proc = egress.spawnSync([
+    process.execPath, "build", "--compile", cliPath, "--outfile", tmp,
+  ]);
+  if (proc.spawnError || proc.exitCode !== 0 || !fs.existsSync(tmp)) {
     try {
-      if (fs.existsSync(tmp)) fs.unlinkSync(tmp);
+      if (fs.existsSync(tmp)) guardedUnlinkSync(tmp);
     } catch {
       // best effort
     }
     return {
       action: "failed",
       outPath,
-      detail: proc.stderr.toString().trim() || `bun build exited ${proc.exitCode}`,
+      detail:
+        proc.spawnError || proc.stderr.trim() || `bun build exited ${proc.exitCode}`,
     };
   }
 
@@ -68,12 +75,12 @@ export function installBinary(opts: { outPath: string }): InstallBinaryOutcome {
   fs.renameSync(tmp, outPath); // atomic swap — safe over a running binary on macOS
   // Stable-identity re-sign on EVERY compile path (TCC grants survive
   // updates — contract with iapeer, see signing.ts). Soft-fail by design.
-  const signing = signInstalledBinary(outPath);
+  const signing = signInstalledBinary(egress, outPath);
   return { action: "compiled", outPath, bytes: fs.statSync(outPath).size, signing };
 }
 
 export function removeBinary(outPath: string): "removed" | "absent" {
   if (!fs.existsSync(outPath)) return "absent";
-  fs.unlinkSync(outPath);
+  guardedUnlinkSync(outPath);
   return "removed";
 }

package/src/cli.ts

@@ -13,7 +13,9 @@
  * verify found problems, 2 usage error or not-yet-implemented stage.
  */
 
+import { isUnderProdAnchor, sandboxEnvArmed } from "@agfpd/iapeer-memory-core";
 import { loadConfigFile } from "./config-env.js";
+import { liveEgress } from "./egress.js";
 import { memoryPaths } from "./paths.js";
 import { packageVersion } from "./version.js";
 import { cmdFmUpdate } from "./commands/fm-update.js";
@@ -22,6 +24,7 @@ import { cmdInit } from "./commands/init.js";
 import { cmdInstallBinary } from "./commands/install-binary.js";
 import { cmdMemoryd } from "./commands/memoryd.js";
 import { cmdMigrate } from "./commands/migrate.js";
+import { cmdProvisionPeer, cmdUnprovisionPeer } from "./commands/provision-peer.js";
 import { cmdRender } from "./commands/render.js";
 import { cmdStatus } from "./commands/status.js";
 import { cmdUninstall } from "./commands/uninstall.js";
@@ -47,6 +50,13 @@ Commands:
                             launcher, managed memoryd restart
   install-binary [--out P]  compile the stable CLI binary (~/.local/bin) —
                             init step / repair path; needs package sources
+  provision-peer --cwd P --runtime claude|codex --personality NAME [--occasion O]
+                            merge the direct session surfaces into one peer's
+                            cwd (claude: hooks/MCP/skills; codex: project MCP;
+                            idempotent, own keys only); the iapeer core shells
+                            into this at peer birth
+  unprovision-peer --cwd P --runtime claude|codex [--occasion O]
+                            strip OUR surfaces from one peer's cwd (mirror)
   fm-update [ops] FILE...   structural frontmatter edits + attribution stamp
   migrate --source DIR      move harness auto-memory into the vault
                             (dry-run by default; --apply to execute)
@@ -70,10 +80,26 @@ export async function main(argv: string[]): Promise<number> {
 
   // The config file is the env context of every command (except pure
   // help/version, where a broken file must not block the output).
+  // Deny-by-default §7.2 (accepted): under a test sandbox the LIVE host's
+  // config.env is never read — it would pull the live vault path, the
+  // embedding/reranker endpoints and the production port into a sandboxed
+  // process. A test must pass ITS OWN IAPEER_MEMORY_CONFIG_FILE.
   if (cmd && !["help", "--help", "-h", "version", "--version", "-V"].includes(cmd)) {
-    loadConfigFile(memoryPaths().configFile);
+    const configFile = memoryPaths().configFile;
+    if (sandboxEnvArmed() && isUnderProdAnchor(configFile)) {
+      console.error(
+        `iapeer-memory: live config.env skipped under the test sandbox (${configFile}) — pass IAPEER_MEMORY_CONFIG_FILE`,
+      );
+    } else {
+      loadConfigFile(configFile);
+    }
   }
 
+  // The ONE egress construction point (deny-by-default §4 П2): under a
+  // test-sandbox env this is a refusing handle — commands degrade to their
+  // SKIP semantics; nothing below re-checks the env.
+  const egress = liveEgress();
+
   switch (cmd) {
     case undefined:
     case "help":
@@ -87,17 +113,21 @@ export async function main(argv: string[]): Promise<number> {
       console.log(packageVersion());
       return 0;
     case "init":
-      return cmdInit(rest);
+      return cmdInit(rest, egress);
     case "uninstall":
-      return cmdUninstall(rest);
+      return cmdUninstall(rest, egress);
     case "status":
-      return cmdStatus(rest);
+      return cmdStatus(rest, egress);
     case "verify":
-      return cmdVerify(rest);
+      return cmdVerify(rest, egress);
     case "update":
-      return cmdUpdate(rest);
+      return cmdUpdate(rest, egress);
     case "install-binary":
-      return cmdInstallBinary(rest);
+      return cmdInstallBinary(rest, egress);
+    case "provision-peer":
+      return cmdProvisionPeer(rest);
+    case "unprovision-peer":
+      return cmdUnprovisionPeer(rest);
     case "fm-update":
       return cmdFmUpdate(rest);
     case "migrate":
@@ -107,7 +137,7 @@ export async function main(argv: string[]): Promise<number> {
     case "memoryd":
       return cmdMemoryd(rest);
     case "hook":
-      return cmdHook(rest);
+      return cmdHook(rest, egress);
     default:
       console.error(`iapeer-memory: unknown command: ${cmd}\n`);
       console.error(USAGE);

package/src/commands/hook.ts

@@ -32,6 +32,7 @@
 
 import fs from "node:fs";
 import path from "node:path";
+import type { Egress } from "../egress.js";
 import {
   DEFAULT_CURATOR_SET,
   fmUpdate,
@@ -41,6 +42,7 @@ import {
 } from "@agfpd/iapeer-memory-core";
 import { memoryPaths, type MemoryPaths } from "../paths.js";
 import { DEFAULT_HEARTBEAT_STALE_MS } from "./verify.js";
+import { guardedWriteFileSync } from "@agfpd/iapeer-memory-core";
 
 /** Tools whose writes stamp frontmatter. P5 adds "apply_patch" (codex). */
 export const POST_WRITE_TOOLS: ReadonlySet<string> = new Set([
@@ -193,7 +195,7 @@ export function runSessionStart(opts: {
   if (!recentKick) {
     try {
       fs.mkdirSync(paths.stateDir, { recursive: true });
-      fs.writeFileSync(stamp, `${new Date(nowMs).toISOString()}\n`);
+      guardedWriteFileSync(stamp, `${new Date(nowMs).toISOString()}\n`);
       opts.kick?.();
       kicked = true;
     } catch {
@@ -227,7 +229,7 @@ function logHookError(err: unknown): void {
   }
 }
 
-export async function cmdHook(argv: string[]): Promise<number> {
+export async function cmdHook(argv: string[], egress: Egress): Promise<number> {
   const [event] = argv;
   try {
     switch (event) {
@@ -239,13 +241,10 @@ export async function cmdHook(argv: string[]): Promise<number> {
       case "session-start": {
         const result = runSessionStart({
           kick: () => {
+            // Self-runtime detached spawn (egress allowance 2): the child
+            // re-enters main() with its own egress — sandbox env inherits.
             const cli = new URL("../cli.ts", import.meta.url).pathname;
-            const proc = Bun.spawn([process.execPath, cli, "verify", "--repair"], {
-              stdout: "ignore",
-              stderr: "ignore",
-              stdin: "ignore",
-            });
-            proc.unref();
+            egress.spawnDetached([process.execPath, cli, "verify", "--repair"]);
           },
         });
         if (result.output) console.log(result.output);

package/src/commands/init.ts

@@ -13,10 +13,12 @@
  * (sent only when exactly one natural peer exists in the registry).
  *
  * Step order: deps → vault → config → binary → templates → role peers +
- * doctrines + roles manifest → watcher registration → slot declaration →
- * native-memory sweep (core verb, soft-skip on old cores) → host-wide
- * guide fragment. Ecosystem steps are skippable (--skip-ecosystem) for
- * sandboxed runs; the binary compile is skippable (--skip-binary) for
+ * doctrines + roles manifest → fleet map → watcher registration → direct
+ * session surfaces sweep (ADR-009 v1.2) → legacy v1.1 plugin off (while the
+ * old declaration is still readable) → slot declaration (v1.2 provision
+ * command) → native-memory sweep (core verb, soft-skip on old cores) →
+ * host-wide guide fragment. Ecosystem steps are skippable (--skip-ecosystem)
+ * for sandboxed runs; the binary compile is skippable (--skip-binary) for
  * fast tests.
  */
 
@@ -30,11 +32,15 @@ import {
   type LocaleId,
 } from "@agfpd/iapeer-memory-core";
 import { installBinary } from "../binary.js";
+import { IAPEER_BIN, type Egress } from "../egress.js";
 import { memoryPaths } from "../paths.js";
 import { provisionVault, writeDefaultConfig } from "../provision.js";
 import { writeRolesManifest, type RoleEntry } from "../roles.js";
-import { applyMemoryPlugin, writeSlot } from "../slot.js";
-import { writeFleetMap } from "../fleet.js";
+import { applyMemoryPlugin, readSlot, writeSlot, SLOT_PROVIDER } from "../slot.js";
+import { readFleetMap, writeFleetMap } from "../fleet.js";
+import { withProvisionLock } from "../surfaces/lock.js";
+import { sweepProvision } from "../surfaces/sweep.js";
+import { mcpPort } from "./provision-peer.js";
 import {
   doctrineOwnership,
   guideText,
@@ -68,7 +74,9 @@ type InitFlags = {
    *  the fleet may still carry the predecessor's guide; ours lands by a separate
    *  decision after the plugin swap). */
   skipGuide: boolean;
-  iapeerBin: string;
+  /** Explicitly named core binary (--iapeer-bin) — undefined means the PATH
+   *  default; the distinction feeds the egress explicit-bin allowance. */
+  iapeerBin?: string;
 };
 
 function parseFlags(argv: string[]): InitFlags | null {
@@ -78,7 +86,6 @@ function parseFlags(argv: string[]): InitFlags | null {
     skipEcosystem: false,
     skipBinary: false,
     skipGuide: false,
-    iapeerBin: "iapeer",
   };
   for (let i = 0; i < argv.length; i++) {
     const a = argv[i];
@@ -94,7 +101,7 @@ function parseFlags(argv: string[]): InitFlags | null {
       case "--skip-ecosystem": f.skipEcosystem = true; break;
       case "--skip-binary": f.skipBinary = true; break;
       case "--skip-guide": f.skipGuide = true; break;
-      case "--iapeer-bin": f.iapeerBin = take() ?? "iapeer"; break;
+      case "--iapeer-bin": f.iapeerBin = take(); break;
       default:
         console.error(`iapeer-memory init: unknown flag: ${a}`);
         return null;
@@ -109,22 +116,23 @@ type PeerInfo = { personality: string; intelligence?: string; cwd?: string };
 
 type RunResult = { exitCode: number; stdout: string; stderr: string };
 
-/** spawnSync that never throws — a missing binary is a result, not a crash. */
-function run(cmd: string[]): RunResult {
-  try {
-    const proc = Bun.spawnSync(cmd, { stdout: "pipe", stderr: "pipe" });
-    return {
-      exitCode: proc.exitCode,
-      stdout: proc.stdout.toString(),
-      stderr: proc.stderr.toString(),
-    };
-  } catch (err) {
-    return { exitCode: 127, stdout: "", stderr: String(err) };
-  }
+/** Egress spawn that never throws — a missing binary (and a refusing test
+ *  egress) is a result, not a crash: the ecosystem half degrades to the
+ *  same skip path as «iapeer not on this host». */
+function run(
+  egress: Egress,
+  cmd: string[],
+  opts?: { explicitBin?: boolean },
+): RunResult {
+  const proc = egress.spawnSync(cmd, { explicitBin: opts?.explicitBin });
+  if (proc.spawnError) return { exitCode: 127, stdout: "", stderr: proc.spawnError };
+  return { exitCode: proc.exitCode, stdout: proc.stdout, stderr: proc.stderr };
 }
 
-function listPeers(iapeerBin: string): PeerInfo[] | null {
-  const proc = run([iapeerBin, "list", "--json"]);
+function listPeers(egress: Egress, iapeerBin?: string): PeerInfo[] | null {
+  const proc = run(egress, [iapeerBin ?? IAPEER_BIN, "list", "--json"], {
+    explicitBin: iapeerBin !== undefined,
+  });
   if (proc.exitCode !== 0) return null;
   try {
     return JSON.parse(proc.stdout) as PeerInfo[];
@@ -150,7 +158,7 @@ function ask(question: string, fallback: string): string {
 
 // ── the command ──────────────────────────────────────────────────────────────
 
-export async function cmdInit(argv: string[]): Promise<number> {
+export async function cmdInit(argv: string[], egress: Egress): Promise<number> {
   const flags = parseFlags(argv);
   if (!flags) return 2;
 
@@ -164,7 +172,7 @@ export async function cmdInit(argv: string[]): Promise<number> {
   let embeddingEndpoint = flags.embeddingEndpoint ?? "";
   const rerankerEndpoint = flags.rerankerEndpoint ?? "";
 
-  const peers = flags.skipEcosystem ? null : listPeers(flags.iapeerBin);
+  const peers = flags.skipEcosystem ? null : listPeers(egress, flags.iapeerBin);
   const humanDefault = flags.human ?? naturalPeerDefault(peers) ?? "";
 
   if (!vault) {
@@ -210,7 +218,7 @@ export async function cmdInit(argv: string[]): Promise<number> {
   if (flags.skipDeps) {
     step("deps", "skipped (--skip-deps)");
   } else {
-    const ver = run([flags.iapeerBin, "version"]);
+    const ver = run(egress, [flags.iapeerBin ?? IAPEER_BIN, "version"], { explicitBin: flags.iapeerBin !== undefined });
     if (ver.exitCode !== 0) {
       step("deps", "iapeer foundation not found on PATH — install it first (npx @agfpd/iapeer)", false);
     } else {
@@ -254,7 +262,7 @@ export async function cmdInit(argv: string[]): Promise<number> {
   if (flags.skipBinary) {
     step("binary", "skipped (--skip-binary)");
   } else {
-    const bin = installBinary({ outPath: paths.binaryPath });
+    const bin = installBinary(egress, { outPath: paths.binaryPath });
     step(
       "binary",
       bin.action === "compiled"
@@ -285,7 +293,7 @@ export async function cmdInit(argv: string[]): Promise<number> {
       const personality = rolePersonality(role);
       const exists = (peers ?? []).some((p) => p.personality === personality);
       if (!exists) {
-        const created = run([flags.iapeerBin, "create", personality]);
+        const created = run(egress, [flags.iapeerBin ?? IAPEER_BIN, "create", personality], { explicitBin: flags.iapeerBin !== undefined });
         if (created.exitCode !== 0) {
           rolesOk = false;
           console.log(`      roles       create ${personality} failed: ${created.stderr.trim()}`);
@@ -298,7 +306,7 @@ export async function cmdInit(argv: string[]): Promise<number> {
     // `iapeer list --json` — iapeer 0.2.14), otherwise the core's
     // DOCUMENTED create default (no --path — требование Артура;
     // IAPEER_ROOT-aware).
-    const freshPeers = createdAny ? listPeers(flags.iapeerBin) : peers;
+    const freshPeers = createdAny ? listPeers(egress, flags.iapeerBin) : peers;
     for (const role of ROLE_NAMES) {
       const personality = rolePersonality(role);
       const registryCwd = (freshPeers ?? []).find((p) => p.personality === personality)?.cwd;
@@ -349,7 +357,7 @@ export async function cmdInit(argv: string[]): Promise<number> {
   if (flags.skipEcosystem) {
     step("fleet", "skipped (--skip-ecosystem)");
   } else {
-    const fleet = writeFleetMap({
+    const fleet = writeFleetMap(egress, {
       fleetMapPath: paths.fleetMapPath,
       iapeerBin: flags.iapeerBin,
     });
@@ -371,7 +379,7 @@ export async function cmdInit(argv: string[]): Promise<number> {
     step("timers", "skipped (--skip-ecosystem)");
   } else {
     writeLauncherScript({ launcherPath: paths.launcherPath, binaryPath: paths.binaryPath });
-    const sent = registerWatcher({
+    const sent = registerWatcher(egress, {
       launcherPath: paths.launcherPath,
       iapeerBin: flags.iapeerBin,
     });
@@ -390,11 +398,11 @@ export async function cmdInit(argv: string[]): Promise<number> {
       vaultPath: vault,
       inboxFolders: [getTaxonomy(locale).folders.inbox, getTaxonomy(locale).folders.inboxHuman],
     });
-    const sweep = registerTimer({
+    const sweep = registerTimer(egress, {
       message: sweepTimerMessage({ checkScriptPath: paths.checkScriptPath }),
       iapeerBin: flags.iapeerBin,
     });
-    const dream = registerTimer({
+    const dream = registerTimer(egress, {
       message: dreamTimerMessage(),
       iapeerBin: flags.iapeerBin,
     });
@@ -410,39 +418,101 @@ export async function cmdInit(argv: string[]): Promise<number> {
     );
   }
 
-  // 8. slot declaration (the contract: written by the provider, atomic) —
-  // v1.1: includes the plugin block the core derives installs from.
-  const slot = writeSlot({
-    slotPath: paths.slotPath,
-    version,
-    heartbeat: paths.heartbeatPath,
-  });
-  step(
-    "slot",
-    slot.action === "refused-foreign"
-      ? `slot held by foreign provider "${slot.existing?.provider}" — uninstall it first`
-      : `${paths.slotPath} (${slot.action}, v${version})`,
-    slot.action !== "refused-foreign",
-  );
-
-  // 8b. session plugin across the fleet — the core verb derives the plugin
-  // from the block JUST written (order matters), installs per-peer on claude
-  // and host-globally on codex; new peers get it from the core's birth-hook.
-  // Soft-skip on an older core (verb landed in iapeer 0.2.25).
-  if (flags.skipEcosystem) {
-    step("plugin", "skipped (--skip-ecosystem)");
-  } else if (slot.action === "refused-foreign") {
-    step("plugin", "skipped (slot refused — nothing to derive the plugin from)");
+  // 8. slot + surfaces + v1.1 migration — ORDER MATTERS (ADR-009 v1.2):
+  //   8a. a FOREIGN slot refuses the whole block (never lay surfaces over
+  //       another provider's host);
+  //   8b. direct surfaces sweep across the existing fleet (the new channel
+  //       must be in place BEFORE the old one is stripped);
+  //   8c. legacy plugin off — while the v1.1 slot is STILL on disk (the
+  //       core verb derives the plugin identity from the live declaration;
+  //       overwriting first would leave it nothing to derive from);
+  //   8d. slot declaration re-written in the v1.2 form (provision command,
+  //       no plugin block). Newborns are then the core birth-hook's duty.
+  const existingSlot = readSlot(paths.slotPath);
+  const slotForeign = existingSlot !== null && existingSlot.provider !== SLOT_PROVIDER;
+  if (slotForeign) {
+    step("slot", `slot held by foreign provider "${existingSlot?.provider}" — uninstall it first`, false);
+    step("surfaces", "skipped (foreign slot — not our host)");
   } else {
-    const plug = applyMemoryPlugin({ mode: "on", iapeerBin: flags.iapeerBin });
-    step(
-      "plugin",
-      plug.suppressed
-        ? "skipped (test sandbox — core calls suppressed)"
-        : plug.ok
-          ? "session plugin rolled out across the fleet (iapeer memory-plugin on --all)"
-          : `soft-skip: ${plug.detail.slice(0, 160) || "verb failed"} — upgrade the iapeer core (≥0.2.25) or run manually: iapeer memory-plugin on --all`,
-    );
+    // 8b. direct session surfaces across the EXISTING fleet — the package's
+    // own rail over the fleet map written in 6b.
+    let surfacesOk = false;
+    if (flags.skipEcosystem) {
+      step("surfaces", "skipped (--skip-ecosystem)");
+      surfacesOk = true; // sandboxed run — don't block the slot/migration steps
+    } else {
+      const fleet = readFleetMap(paths.fleetMapPath) ?? [];
+      const locked = withProvisionLock({
+        stateDir: paths.stateDir,
+        fn: () => sweepProvision({ fleet, hooksDir: paths.hooksDir, port: mcpPort() }),
+      });
+      if (!locked.acquired) {
+        step("surfaces", locked.detail, false);
+      } else {
+        const { results, skipped } = locked.result;
+        const failed = results.filter((r) => !r.ok);
+        surfacesOk = failed.length === 0;
+        step(
+          "surfaces",
+          `${results.length - failed.length}/${results.length} peer-runtime(s) provisioned` +
+            (skipped.length ? `, ${skipped.length} skipped (no session runtime / missing cwd)` : "") +
+            " — live sessions pick them up on next restart",
+          surfacesOk,
+        );
+        for (const f of failed) {
+          console.log(
+            `      surfaces    FAIL ${f.personality}:${f.runtime} — ${f.outcomes
+              .filter((o) => o.action === "failed")
+              .map((o) => `${o.surface}: ${o.detail ?? "failed"}`)
+              .join("; ")}`,
+          );
+        }
+      }
+    }
+
+    // 8c. v1.1 → v1.2 migration: sweep the legacy session plugin off the
+    // fleet while the old declaration is STILL readable — and ONLY after
+    // the direct surfaces landed cleanly.
+    let migrationBlocked = false;
+    if (!flags.skipEcosystem && existingSlot?.plugin) {
+      if (!surfacesOk) {
+        migrationBlocked = true;
+        step(
+          "plugin-off",
+          "POSTPONED: direct surfaces did not land cleanly — legacy plugin and v1.1 slot kept (re-run init after fixing)",
+          false,
+        );
+      } else {
+        const off = applyMemoryPlugin(egress, { mode: "off", iapeerBin: flags.iapeerBin });
+        step(
+          "plugin-off",
+          off.suppressed
+            ? "skipped (test sandbox — core calls suppressed)"
+            : off.ok
+              ? "legacy v1.1 session plugin swept off the fleet (memory-plugin off --all)"
+              : `legacy plugin off failed (${off.detail.slice(0, 120)}) — manual: iapeer memory-plugin off --all (or per peer: claude plugin uninstall iapeer-memory@agfpd --scope project)`,
+        );
+      }
+    }
+
+    // 8d. slot declaration (atomic; provider-owned). Kept in the v1.1 form
+    // while the migration is blocked — the legacy plugin channel stays
+    // derivable until the new channel lands.
+    if (migrationBlocked) {
+      step("slot", "kept v1.1 declaration (migration postponed — see plugin-off)", false);
+    } else {
+      const slot = writeSlot({
+        slotPath: paths.slotPath,
+        version,
+        binaryPath: paths.binaryPath,
+        heartbeat: paths.heartbeatPath,
+      });
+      step(
+        "slot",
+        `${paths.slotPath} (${slot.action}, v${version}, provision-command declared)`,
+        slot.action !== "refused-foreign",
+      );
+    }
   }
 
   // 9. native-memory sweep — the core's lever (one home of runtime forms);
@@ -450,7 +520,7 @@ export async function cmdInit(argv: string[]): Promise<number> {
   if (flags.skipEcosystem) {
     step("sweep", "skipped (--skip-ecosystem)");
   } else {
-    const sweep = run([flags.iapeerBin, "native-memory", "off", "--all"]);
+    const sweep = run(egress, [flags.iapeerBin ?? IAPEER_BIN, "native-memory", "off", "--all"], { explicitBin: flags.iapeerBin !== undefined });
     // One line per peer-runtime — summarise ALL peers, not the last line
     // (e2e §A finding: ".pop()" named one peer while three were swept).
     const sweepLines = sweep.stdout.trim().split("\n").filter(Boolean);

package/src/commands/install-binary.ts

@@ -6,9 +6,10 @@
  */
 
 import { installBinary } from "../binary.js";
+import type { Egress } from "../egress.js";
 import { memoryPaths } from "../paths.js";
 
-export function cmdInstallBinary(argv: string[]): number {
+export function cmdInstallBinary(argv: string[], egress: Egress): number {
   let outPath = memoryPaths().binaryPath;
   for (let i = 0; i < argv.length; i++) {
     if (argv[i] === "--out") {
@@ -24,7 +25,7 @@ export function cmdInstallBinary(argv: string[]): number {
     }
   }
 
-  const outcome = installBinary({ outPath });
+  const outcome = installBinary(egress, { outPath });
   switch (outcome.action) {
     case "compiled":
       console.log(

package/src/commands/memoryd.ts

@@ -19,6 +19,7 @@
 import fs from "node:fs";
 import { configFromEnv, startMemoryd } from "@agfpd/iapeer-memory-core";
 import { authorIndexPath, memoryPaths } from "../paths.js";
+import { guardedWriteFileSync, guardedUnlinkSync } from "@agfpd/iapeer-memory-core";
 
 export async function cmdMemoryd(argv: string[]): Promise<number> {
   let mcpPort: number | undefined;
@@ -56,7 +57,7 @@ export async function cmdMemoryd(argv: string[]): Promise<number> {
   }
   // pid file — uninstall's stop handle (best-effort; stale files are
   // harmless: the reader checks liveness before signalling).
-  fs.writeFileSync(paths.pidPath, `${process.pid}\n`);
+  guardedWriteFileSync(paths.pidPath, `${process.pid}\n`);
 
   const freshEditWindowRaw = process.env.IAPEER_MEMORY_FRESH_EDIT_WINDOW_S;
   const freshEditWindowS =
@@ -101,7 +102,7 @@ export async function cmdMemoryd(argv: string[]): Promise<number> {
         .close()
         .then(() => {
           try {
-            fs.unlinkSync(paths.pidPath);
+            guardedUnlinkSync(paths.pidPath);
           } catch {
             // best effort
           }