@aria-cli/server 1.0.19

package/dist/routes/invite-relay.d.ts

@@ -0,0 +1,2 @@
+import type { FastifyInstance } from "fastify";
+export declare function registerInviteRelayRoute(server: FastifyInstance): Promise<void>;

package/dist/routes/local-control.d.ts

@@ -0,0 +1,3 @@
+import type { FastifyInstance } from "fastify";
+import "../types.js";
+export declare function registerLocalControlRoute(server: FastifyInstance): Promise<void>;

package/dist/routes/message.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Control plane routes — join (key exchange) and message listing.
+ *
+ * POST /api/v1/message has been removed. All agent-to-agent data flows
+ * through WireGuard tunnels (Transport 3 in Mailbox). HTTPS is only used
+ * for the coordination server: key exchange (join) and peer discovery.
+ */
+import type { FastifyInstance } from "fastify";
+import "../types.js";
+/** Reset join rate limits (for testing only) */
+export declare function resetJoinRateLimits(): void;
+/** Reset PoW challenges (for testing only) */
+export declare function resetPowChallenges(): void;
+/**
+ * Register control plane routes (join + message listing).
+ */
+export declare function registerMessageRoute(server: FastifyInstance): Promise<void>;

package/dist/routes/network.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Coordination server routes — Tailscale-style control plane for peer discovery.
+ *
+ * These endpoints manage the peer mesh: listing peers, heartbeat/registration,
+ * and revocation. All agent-to-agent data flows through WireGuard tunnels;
+ * these HTTPS endpoints are control-plane only.
+ *
+ * SECURITY: All mutation routes require MutationEnvelope auth. Legacy Ed25519
+ * signature-over-string auth has been removed — envelope is the single auth path.
+ * Peer-list control-plane access is envelope-authenticated with no bootstrap bypass.
+ */
+import type { FastifyInstance } from "fastify";
+import "../types.js";
+export declare function registerNetworkRoutes(server: FastifyInstance): Promise<void>;

package/dist/routes/pair.d.ts

@@ -0,0 +1,57 @@
+/**
+ * Pair request/response routes — AirDrop-style interactive pairing.
+ *
+ * Protocol (v2 — encrypted):
+ * 1. Initiator POSTs pair-request with ephemeral X25519 pubkey + CA cert
+ * 2. Response includes responder's signing key fingerprint + CA cert
+ * 3. Responder's CLI shows accept/reject overlay
+ * 4. Initiator long-polls GET /pair/status/:requestId via HTTPS (TLS verified by CA)
+ * 5. On accept: responder generates ephemeral X25519 → ECDH → AES-256-GCM encrypts token
+ * 6. Long-poll resolves with encrypted invite token + responder's ephemeral pubkey
+ * 7. Initiator decrypts token, calls POST /pair/accept-invite on its OWN server
+ * 8. WireGuard tunnel established automatically on both sides
+ *
+ * Security layers:
+ * - Layer 1: HTTPS via auto-generated private CA (transport encryption)
+ * - Layer 2: ECDH + AES-256-GCM (application-layer defense-in-depth)
+ * - Rate limited: 3 pair requests per IP per minute
+ * - Dedup: one pending request per durable node principal
+ * - Long-poll bound to initiator IP (prevents requestId race/MITM)
+ * - Global concurrent long-poll limit (prevents fd exhaustion)
+ * - Rate limit map capped at 10K entries (prevents spoofed-IP DoS)
+ * - Forward secrecy: ephemeral X25519 keys discarded after pairing
+ *
+ * WAN support:
+ * - POST /pair/relay: relay pair requests through coordination server
+ * - GET /pair/pending: includes relayed requests alongside local ones
+ */
+import type { FastifyInstance } from "fastify";
+import "../types.js";
+import { type PrincipalFingerprint, type NodeId, type RuntimeBootstrapRecord } from "@aria-cli/tools";
+type SharedSigningPublicKey = RuntimeBootstrapRecord["signingPublicKey"];
+/** Pending pair request with 5-minute TTL */
+export interface PendingPairRequest {
+    id: string;
+    nodeId: NodeId;
+    displayNameSnapshot: string;
+    principalFingerprint: PrincipalFingerprint;
+    signingPublicKey: SharedSigningPublicKey;
+    port: number;
+    host: string;
+    responderControlHostHint?: string;
+    ingressHost: string;
+    createdAt: number;
+    expiresAt: number;
+    /** Initiator's ephemeral X25519 public key for ECDH (base64 SPKI DER) */
+    ephemeralPublicKey?: string;
+    /** Ed25519 signature over ephemeralPublicKey — binds identity to ECDH exchange */
+    ephemeralKeySignature?: string;
+    /** Initiator's TLS CA cert (PEM) — for responder to connect back via HTTPS */
+    caCert?: string;
+    /** Whether this request was relayed through the coordination server */
+    relayed?: boolean;
+    /** For relayed requests: the target node principal (who should respond) */
+    relayTargetNodeId?: NodeId;
+}
+export declare function registerPairRoutes(server: FastifyInstance): Promise<void>;
+export {};

package/dist/routes/pair.js

@@ -0,0 +1 @@
+import{sa as a}from"../index-6extw9n6.js";import"../index-raeajnr7.js";import"../index-ghh3ag4c.js";import"../index-9xs3gn0p.js";export{a as registerPairRoutes};

package/dist/routes/pipeline-mailbox.d.ts

@@ -0,0 +1,10 @@
+import type { FastifyInstance } from "fastify";
+import type { Mailbox } from "@aria-cli/aria/messaging";
+import "../types.js";
+type SessionWithMailbox = {
+    mailbox?: unknown;
+    bindRelayTransport?: ((transport: Parameters<RelayConfigurableMailbox["setRelayTransport"]>[0]) => void) | undefined;
+} | null | undefined;
+type RelayConfigurableMailbox = Pick<Mailbox, "setRelayTransport">;
+export declare function bindRuntimeOutbox(server: FastifyInstance, session: SessionWithMailbox): () => void;
+export {};

package/dist/routes/relay.d.ts

@@ -0,0 +1,29 @@
+/**
+ * DERP relay route — WebSocket relay for NAT-punched WireGuard traffic.
+ *
+ * When both peers are behind symmetric NAT, direct UDP tunnels fail.
+ * This relay forwards WireGuard packets between peers via WebSocket.
+ * WireGuard payloads are encrypted end-to-end (server cannot read WireGuard content).
+ * NOTE: The mailbox fallback path sends JSON payloads through this relay — those
+ * are application-layer messages that the relay CAN read. Only WireGuard tunnel
+ * traffic has true end-to-end confidentiality.
+ *
+ * Protocol:
+ *   1. Client connects via WebSocket to /api/v1/relay
+ *   2. Client sends: { type: "auth", nodeId, signingPublicKey }
+ *   3. Server sends: { type: "challenge", nonce }
+ *   4. Client sends: { type: "challenge_response", signature }
+ *   5. Server verifies Ed25519 signature, sends: { type: "auth_ok", nodeId, displayNameSnapshot? }
+ *   6. Client sends: { type: "relay", toNodeId: "node-id", data: "<base64>" }
+ *   7. Server routes to recipient's WebSocket
+ *   8. Recipient receives: { type: "relay", fromNodeId: "node-id", displayNameSnapshot?: "...", data: "<base64>" }
+ *
+ * Security:
+ *   - Ed25519 signature challenge prevents impersonation
+ *   - Rate limit: 1000 packets/min per peer
+ *   - Max payload: 65535 bytes (WireGuard MTU)
+ *   - Only registered + active peers can connect
+ */
+import type { FastifyInstance } from "fastify";
+import "../types.js";
+export declare function registerRelayRoute(server: FastifyInstance): Promise<void>;

package/dist/routes/resume.d.ts

@@ -0,0 +1,2 @@
+import type { FastifyInstance } from "fastify";
+export declare function registerResumeRoute(server: FastifyInstance): Promise<void>;

package/dist/routes/run-control-surface.d.ts

@@ -0,0 +1,24 @@
+import type { FastifyInstance } from "fastify";
+import type { RuntimeRunEvent } from "@aria-cli/tools";
+import type { AttachedClientExecutionContext, NormalizedStreamRequest, ResumeRouteRequestBody, ResumeRouteResponse, RunControlLogger, RunRouteRequestBody, RunRouteResponse } from "../runtime/runtime-run-control.js";
+export type { ResumeRouteRequestBody, ResumeRouteResponse, RunRouteRequestBody, RunRouteResponse, } from "../runtime/runtime-run-control.js";
+export declare function submitRunViaLoadedRuntimeControl(server: FastifyInstance, requestBody: RunRouteRequestBody, requestLog?: RunControlLogger, attachedClient?: AttachedClientExecutionContext): Promise<{
+    status: number;
+    body: RunRouteResponse;
+}>;
+export declare function resumeRunViaLoadedRuntimeControl(server: FastifyInstance, requestBody: ResumeRouteRequestBody, requestLog?: RunControlLogger, attachedClient?: AttachedClientExecutionContext): Promise<{
+    status: number;
+    body: ResumeRouteResponse;
+}>;
+export declare function loadStreamRuntimeSurface(): Promise<{
+    parseStreamRequest(payload: unknown): {
+        request?: NormalizedStreamRequest;
+        error?: string;
+    };
+    invalidStreamRequest(message: string): AsyncGenerator<RuntimeRunEvent, void, unknown>;
+    streamRunViaRuntimeControl(server: FastifyInstance, parsed: NormalizedStreamRequest, requestLog?: RunControlLogger, signal?: AbortSignal, attachedClient?: AttachedClientExecutionContext): AsyncGenerator<RuntimeRunEvent, void, unknown>;
+    getToolResultHighlight(toolName: string, toolInput: unknown, toolResult: unknown): {
+        highlighted?: string;
+        language?: string;
+    };
+}>;

package/dist/routes/run.d.ts

@@ -0,0 +1,6 @@
+import type { FastifyInstance } from "fastify";
+/**
+ * Register the /api/v1/run route.
+ * The route is a thin adapter over the shared runtime run-control surface.
+ */
+export declare function registerRunRoute(server: FastifyInstance): Promise<void>;

package/dist/routes/runtime-bootstrap.d.ts

@@ -0,0 +1,3 @@
+import type { FastifyInstance } from "fastify";
+import "../types.js";
+export declare function registerRuntimeBootstrapRoute(server: FastifyInstance): Promise<void>;

package/dist/routes/runtime-node-advertisement.d.ts

@@ -0,0 +1,3 @@
+import type { FastifyInstance } from "fastify";
+import "../types.js";
+export declare function registerRuntimeNodeAdvertisementRoute(server: FastifyInstance): Promise<void>;

package/dist/routes/runtime-run-room.d.ts

@@ -0,0 +1,8 @@
+import type { FastifyInstance } from "fastify";
+import { Room } from "@aria-cli/aria/server-arions";
+import { createArionManager } from "./arions.js";
+export declare function createRequestRoom(server: FastifyInstance): Promise<{
+    room: Room;
+    manager: Awaited<ReturnType<typeof createArionManager>> | null;
+}>;
+export declare function activateMentionedArions(manager: Awaited<ReturnType<typeof createArionManager>> | null, room: Room, task: string): Promise<void>;

package/dist/routes/shared.d.ts

@@ -0,0 +1,45 @@
+import { type createRunPipeline } from "@aria-cli/aria/server-runner";
+import type { InboxAddress } from "@aria-cli/tools";
+import type { Message } from "@aria-cli/types";
+export declare const APPROVAL_PAUSE_SIGNAL: unique symbol;
+type EntrypointRunOptions = NonNullable<Parameters<typeof createRunPipeline>[0]["runOptionsOverrides"]>;
+export interface EntrypointRunPolicyInput {
+    approvalMode?: "pause" | "approve" | "deny";
+    askUserAnswers?: string[];
+    budget?: number;
+    maxTurns?: number;
+    autonomy?: "minimal" | "balanced" | "high" | "full";
+    allowedTools?: string[];
+    deniedTools?: string[];
+    noMemory?: boolean;
+    systemPrompt?: string;
+}
+export declare class AskUserAnswersExhaustedError extends Error {
+    readonly code: "ASK_USER_ANSWERS_EXHAUSTED";
+    readonly questions: Array<{
+        question: string;
+        options?: string[];
+    }>;
+    constructor(message: string, questions?: Array<{
+        question: string;
+        options?: string[];
+    }>);
+}
+export declare function createApprovalHandler(mode: "pause" | "approve" | "deny"): () => Promise<boolean | symbol>;
+export declare function createAskUserHandler(preloadedAnswers: string[], exhaustionMode?: "pause" | "error"): (questions: Array<{
+    question: string;
+    options?: string[];
+}>) => Promise<Array<{
+    answer: string;
+}>>;
+export declare function isAskUserAnswersExhaustedError(error: unknown): error is AskUserAnswersExhaustedError;
+export declare function getToolResultHighlight(toolName: string, toolInput: unknown, toolResult: unknown): {
+    highlighted?: string;
+    language?: string;
+};
+export declare function normalizeEntrypointHistory(history: ReadonlyArray<unknown> | undefined): Message[] | undefined;
+export declare function buildEntrypointRunOptions(input: {
+    workingDir: string;
+    inboxAddress?: InboxAddress;
+} & EntrypointRunPolicyInput): EntrypointRunOptions;
+export {};

package/dist/routes/stream.d.ts

@@ -0,0 +1,10 @@
+import type { FastifyInstance } from "fastify";
+import "../types.js";
+/**
+ * Register the /api/v1/stream WebSocket route.
+ * Delegates lifecycle to RunSession for parity with CLI and /run.
+ *
+ * aria-mhq.1 fix: loads config from disk (previously passed config: {}).
+ * aria-mhq.2 fix: uses server-level MemoriaFactory singleton.
+ */
+export declare function registerStreamRoute(server: FastifyInstance): Promise<void>;

package/dist/routes/validation.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Shared validation utilities for server routes.
+ */
+/**
+ * Check whether an arion name contains path traversal or separator characters.
+ */
+export declare function isUnsafeArionName(name: string): boolean;

package/dist/routes/ws-revocation.d.ts

@@ -0,0 +1,25 @@
+/**
+ * GAP-9: WebSocket endpoint for push-based revocation notifications.
+ *
+ * Peers subscribe to /api/v1/ws/revocations to receive instant revocation
+ * events instead of waiting for the 60s poll cycle. This closes the 0-60s
+ * window where a revoked peer could still operate.
+ *
+ * Protocol (Ed25519 challenge-response, same as relay.ts):
+ *   1. Client connects via WebSocket to /api/v1/ws/revocations
+ *   2. Client sends: { type: "auth", nodeId: "...", signingPublicKey: "..." }
+ *   3. Server sends: { type: "challenge", nonce: "<hex>" }
+ *   4. Client sends: { type: "challenge_response", signature: "<base64>" }
+ *   5. Server verifies Ed25519 signature, sends: { type: "auth_ok", nodeId, displayNameSnapshot? }
+ *   6. Client is now subscribed to revocation events
+ *   7. On revocation, server pushes: { type: "revocation", nodeId: "...", displayNameSnapshot?: "...", revokedAt: <ms> }
+ *
+ * Security:
+ *   - Ed25519 signature challenge prevents impersonation
+ *   - Only registered + active peers can subscribe
+ *   - Revoked peers rejected at auth AND kicked from active subscriptions
+ *   - 10s auth timeout — close if not authenticated
+ */
+import type { FastifyInstance } from "fastify";
+import "../types.js";
+export declare function registerWsRevocationRoute(server: FastifyInstance): Promise<void>;

package/dist/runtime/attached-sender-inbox.d.ts

@@ -0,0 +1,3 @@
+import { type InboxAddress } from "@aria-cli/tools";
+export declare function attachedClientInboxAddress(clientId: string): InboxAddress;
+export declare function attachSenderInboxMetadata(rawMessage: Record<string, unknown>, senderInbox: InboxAddress): Record<string, unknown>;

package/dist/runtime/authoritative-peer-endpoint.d.ts

@@ -0,0 +1,27 @@
+import { type NodeId } from "@aria-cli/tools";
+import { type PrincipalBindingAuthority, type ResolvedPrincipalBinding } from "./principal-binding-authority.js";
+export type AuthoritativePeerEndpointErrorCode = "not_found" | "stale_revision" | "conflicting_revision" | "endpoint_conflict";
+export declare class AuthoritativePeerEndpointError extends Error {
+    readonly code: AuthoritativePeerEndpointErrorCode;
+    constructor(code: AuthoritativePeerEndpointErrorCode, message: string);
+}
+export declare function withAuthoritativePeerEndpointMutation<T>(input: {
+    ariaHome: string;
+    ownerGeneration?: number;
+    authority: PrincipalBindingAuthority;
+    nodeId: NodeId;
+    endpointHost: string;
+    endpointPort: number;
+    endpointRevision: number;
+    apply(binding: {
+        binding: ResolvedPrincipalBinding;
+        endpointHost: string;
+        endpointPort: number;
+        endpointRevision: number;
+        decision: "applied" | "idempotent";
+    }): T;
+}): {
+    decision: "applied" | "idempotent";
+    binding: ResolvedPrincipalBinding;
+    projected: T;
+};

package/dist/runtime/continuity-bind-suspicion.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Suspicious continuity bind detection.
+ *
+ * Architecture ref: 2026-03-08-network-runtime-first-principles-architecture.md §11e
+ *
+ * The runtime MUST require explicit operator approval (not auto-accept)
+ * for a continuity_bind when any of these conditions are true:
+ *
+ * 1. bindingGeneration jump > 1 (skipped generations suggest replay or out-of-order)
+ * 2. Both signing key AND transport key rotate simultaneously (total identity change)
+ * 3. Previous continuity was less than threshold ago (rapid rotation suggests compromise)
+ * 4. Nonce/timestamp outside acceptable bounds
+ */
+import type { ContinuityStatement } from "@aria-cli/tools/network-runtime";
+export interface ContinuityBindSuspicionInput {
+    /** The proposed continuity statement. */
+    statement: ContinuityStatement;
+    /** The current binding generation for this peer (from the store). */
+    currentBindingGeneration: number;
+    /** The previous principal fingerprint for this peer (from the store). */
+    currentPrincipalFingerprint?: string;
+    /** The current transport public key for this peer (from the store). */
+    currentTransportPublicKey?: string;
+    /** When the last continuity bind was committed for this peer (ISO 8601). */
+    lastContinuityBindAt?: string;
+    /** Minimum interval between continuity binds (milliseconds). Default: 60000 (1 minute). */
+    rapidRotationThresholdMs?: number;
+}
+export type ContinuityBindSuspicionResult = {
+    suspicious: false;
+} | {
+    suspicious: true;
+    reasons: string[];
+};
+/**
+ * Assess whether a continuity bind proposal is suspicious and
+ * requires explicit operator approval before acceptance.
+ */
+export declare function assessContinuityBindSuspicion(input: ContinuityBindSuspicionInput): ContinuityBindSuspicionResult;

package/dist/runtime/continuity-verification.d.ts

@@ -0,0 +1,54 @@
+import type { SignedContinuityBind, PrincipalFingerprint } from "@aria-cli/tools";
+declare const VERIFIED_CONTINUITY: unique symbol;
+/**
+ * A `SignedContinuityBind` whose dual Ed25519 signatures, fingerprint chain,
+ * and monotonic generation have been cryptographically verified.
+ *
+ * This type can ONLY be obtained by calling `verifyContinuityBind()` and
+ * receiving a non-error result.  The unique-symbol brand makes it impossible
+ * to construct manually (outside this module).
+ */
+export type VerifiedContinuityBind = SignedContinuityBind & {
+    readonly [VERIFIED_CONTINUITY]: true;
+};
+export type ContinuityBindError = {
+    kind: "delegation_signature_invalid";
+} | {
+    kind: "acceptance_signature_invalid";
+} | {
+    kind: "fingerprint_key_mismatch";
+    field: "previous" | "new";
+} | {
+    kind: "generation_not_monotonic";
+    current: number;
+    proposed: number;
+} | {
+    kind: "previous_fingerprint_mismatch";
+    expected: PrincipalFingerprint;
+    actual: PrincipalFingerprint;
+} | {
+    kind: "revocation_generation_mismatch";
+    expected: number;
+    actual: number | undefined;
+};
+/**
+ * Verify a dual-signed continuity bind against the current binding state.
+ *
+ * Checks, in order:
+ *  1. previousPublicKey fingerprint matches statement.previousPrincipalFingerprint
+ *  2. newPublicKey fingerprint matches statement.newPrincipalFingerprint
+ *  3. statement.previousPrincipalFingerprint matches currentBinding.principalFingerprint
+ *  4. statement.bindingGeneration > currentBinding.continuityRevision
+ *  5. delegationSignature is valid (old key over canonical statement bytes)
+ *  6. acceptanceSignature is valid (new key over canonical statement bytes)
+ *
+ * Returns the branded `VerifiedContinuityBind` on success, or a discriminated
+ * `ContinuityBindError` on failure.
+ */
+export declare function verifyContinuityBind(signed: SignedContinuityBind, currentBinding: {
+    principalFingerprint: PrincipalFingerprint;
+    continuityRevision: number;
+    /** Present only when the current binding is revoked. */
+    revocationGeneration?: number;
+}): VerifiedContinuityBind | ContinuityBindError;
+export {};

package/dist/runtime/decorate-runtime-surface.d.ts

@@ -0,0 +1,2 @@
+import type { FastifyInstance } from "fastify";
+export declare function decorateRuntimeSurface(server: FastifyInstance, name: string, value: unknown): void;

package/dist/runtime/durable-network-store-surface.d.ts

@@ -0,0 +1,51 @@
+import type Database from "better-sqlite3";
+import { DurablePairStore, DurableNonceStore, InviteConsumeLedger, PeerSigningKeyStore, PeerTrustStore } from "./network-state-stores.js";
+export declare function createDurableNetworkStoreSurface(input: {
+    ariaHome: string;
+    networkStateDb: Database.Database;
+    ownerGeneration: number;
+}): {
+    revocationStore: {
+        revoke(event: {
+            nodeId: import("@aria-cli/aria").NodeId;
+            displayNameSnapshot?: string;
+            fingerprint: import("@aria-cli/aria").PrincipalFingerprint;
+            revokedAt: number;
+            localNodeId: import("@aria-cli/aria").NodeId;
+            operatorConfirmation: import("@aria-cli/aria").RevocationOperatorConfirmation;
+            reason?: string;
+            revocationGeneration?: number;
+        }): void;
+        isPeerRevoked(nodeId: import("@aria-cli/aria").NodeId): boolean;
+        read(nodeId: import("@aria-cli/aria").NodeId): {
+            localNodeId: string & import("zod").$brand<"NodeId">;
+            nodeId: import("@aria-cli/aria").NodeId;
+            displayNameSnapshot?: string;
+            fingerprint: import("@aria-cli/aria").PrincipalFingerprint;
+            revokedAt: number;
+            revokedBy: import("@aria-cli/aria").NodeId;
+            operatorConfirmation: import("@aria-cli/aria").RevocationOperatorConfirmation;
+            reason?: string;
+            revocationGeneration: number;
+        } | null;
+        getPeerRevocationGeneration(nodeId: import("@aria-cli/aria").NodeId): number | null;
+        clearRevocationForNodeId(nodeId: import("@aria-cli/aria").NodeId, expectedGeneration?: number): boolean;
+        list(): {
+            localNodeId: string & import("zod").$brand<"NodeId">;
+            nodeId: import("@aria-cli/aria").NodeId;
+            displayNameSnapshot?: string;
+            fingerprint: import("@aria-cli/aria").PrincipalFingerprint;
+            revokedAt: number;
+            revokedBy: import("@aria-cli/aria").NodeId;
+            operatorConfirmation: import("@aria-cli/aria").RevocationOperatorConfirmation;
+            reason?: string;
+            revocationGeneration: number;
+        }[];
+        close(): void;
+    };
+    peerSigningKeyStore: PeerSigningKeyStore;
+    durablePairStore: DurablePairStore;
+    nonceStore: DurableNonceStore;
+    peerTrustStore: PeerTrustStore;
+    inviteConsumeLedger: InviteConsumeLedger;
+};

package/dist/runtime/error-diagnostic.d.ts

@@ -0,0 +1,12 @@
+export declare function serializeErrorDiagnostic(error: unknown, seen?: Set<unknown>): Record<string, unknown>;
+/**
+ * Sentinel error class for attached-local-client-only failures.
+ * Carries a machine-readable `reason` sub-code so callers can
+ * distinguish missing credentials from expired/invalid ones.
+ */
+export declare class AttachedClientAuthError extends Error {
+    readonly code: "attached-local-client-only";
+    readonly reason: AttachedClientAuthErrorReason;
+    constructor(reason: AttachedClientAuthErrorReason);
+}
+export type AttachedClientAuthErrorReason = "missing_client_id" | "missing_proof" | "invalid_or_expired_lease" | "no_authority";

package/dist/runtime/headless-dispatch-handler.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Daemon-side headless dispatch handler.
+ *
+ * Maps headless operation names to authority registry calls.
+ * This is the daemon's implementation of headless commands that were
+ * previously handled CLI-side. It delegates to the same subsystem
+ * instances via the RuntimeAuthorityRegistry.
+ *
+ * Returns HeadlessResult-shaped responses (ok + result or error).
+ */
+import type { RuntimeAuthorityRegistry } from "./runtime-authority-registry.js";
+interface HeadlessDispatchRequest {
+    operation: string;
+    payload?: unknown;
+    arionName?: string;
+    sessionId?: string;
+}
+interface HeadlessDispatchResult {
+    kind: "result";
+    requestId: string;
+    op: string;
+    ok: boolean;
+    result?: unknown;
+    error?: {
+        code: string;
+        message: string;
+    };
+}
+export declare function createHeadlessDispatchHandler(registry: RuntimeAuthorityRegistry): (request: HeadlessDispatchRequest) => Promise<HeadlessDispatchResult>;
+export {};

package/dist/runtime/host-supervisor.d.ts

@@ -0,0 +1,109 @@
+import { type ClientId, type LocalRuntimeSummary, type NodeId, type RuntimeId } from "@aria-cli/tools";
+import type { LocalControlApi } from "./local-control-api.js";
+import { type ResolvedNode } from "./node-metadata.js";
+import { type NodeRuntimeAutonomousLoopBootstrapOptions, type NodeRuntimeControl, type NodeRuntimeOptions } from "./node-runtime.js";
+import { findRuntimeOwnerRecordByAriaHome, listRuntimeOwnerRecords as listProjectedRuntimeOwnerRecords, resolveRuntimeRootDirectory, runtimeOwnerRecordPathForNodeId, runtimeSocketsDirectory, runtimeSocketPathForNodeId, type RuntimeOwnerRecord } from "./runtime-registry.js";
+export type HostClientKind = "tui" | "daemon-launcher" | "pipe" | "local-api";
+export interface HostSupervisorAttachInput {
+    ariaHome: string;
+    arionName: string;
+    clientKind: HostClientKind;
+    signal?: AbortSignal;
+    silent?: boolean;
+    runtimeLifecycle?: "scoped" | "persistent";
+}
+export interface HostSupervisorAttachment {
+    nodeId: NodeId;
+    runtimeId: RuntimeId;
+    clientId: ClientId;
+    ownership: "started" | "reattached";
+    control: LocalControlApi;
+    runtime: NodeRuntimeControl;
+    release(options?: {
+        preserveRuntime?: boolean;
+    }): Promise<void>;
+}
+interface HostSupervisorRuntimeOverrides extends Pick<NodeRuntimeOptions, "memoriaFactory" | "router" | "authResolver" | "networkManager" | "port" | "mailboxRef" | "runSessionConfig" | "mcpServers" | "daemonSafetyPolicy" | "autonomousIntervalMs"> {
+}
+export interface HostSupervisorOptions {
+    runtimeRoot?: string;
+    heartbeatIntervalMs?: number;
+    /**
+     * How long (ms) a client can be inactive before the heartbeat loop evicts it.
+     * Prevents unbounded growth of the clients Map when CLI sessions disconnect
+     * without calling release(). Default: 10 minutes.
+     */
+    staleClientTtlMs?: number;
+    runtimeFactory?: (options: NodeRuntimeOptions) => Promise<{
+        runtimeId?: RuntimeId;
+        start(): Promise<void>;
+        configureAutonomousLoop?: (options: NodeRuntimeAutonomousLoopBootstrapOptions) => NodeRuntimeAutonomousLoopBootstrapOptions;
+        startAutonomousLoop?: () => Promise<void>;
+        shutdown(): Promise<void>;
+        runtimeControl?: () => NodeRuntimeControl;
+        control?: () => NodeRuntimeControl;
+    }>;
+    isPidAlive?: (pid: number) => boolean;
+    now?: () => Date;
+    resolveNode?: (options: {
+        ariaHome: string;
+    }) => Promise<ResolvedNode>;
+}
+export declare class HostSupervisorSplitBrainError extends Error {
+    readonly nodeId: NodeId;
+    readonly ownerPid: number;
+    readonly ownerRuntimeId: RuntimeId;
+    constructor(record: RuntimeOwnerRecord);
+}
+export declare class HostSupervisor {
+    private readonly runtimeRoot;
+    private readonly heartbeatIntervalMs;
+    private readonly staleClientTtlMs;
+    private readonly runtimeFactory;
+    private readonly isPidAlive;
+    private heartbeatCount;
+    private memoryLogPath;
+    private peakRssMb;
+    /**
+     * Check if a runtime's heartbeat is stale (missed 3+ consecutive heartbeats).
+     * A stale heartbeat with an alive PID means the process is a zombie
+     * (e.g., GC stall, I/O block, unreaped process).
+     */
+    private isHeartbeatStale;
+    private readonly now;
+    private readonly resolveNode;
+    private gcRanOnce;
+    constructor(options?: HostSupervisorOptions);
+    /**
+     * One-shot garbage collection of orphaned runtime artifacts (sockets + owner records)
+     * left behind by hard crashes where shutdown hooks never ran.
+     * Runs at most once per HostSupervisor instance, on the first attach() call.
+     */
+    private runStartupGCOnce;
+    attach(input: HostSupervisorAttachInput & HostSupervisorRuntimeOverrides): Promise<HostSupervisorAttachment>;
+    shutdownRuntime(nodeId: NodeId): Promise<void>;
+    startRuntimeAutonomousLoop(nodeId: NodeId, options: NodeRuntimeAutonomousLoopBootstrapOptions): Promise<void>;
+    listRuntimes(): LocalRuntimeSummary[];
+    private attachClient;
+    private startHeartbeatLoop;
+    /**
+     * Evict clients whose lastSeenAt is older than staleClientTtlMs.
+     * Prevents unbounded growth of the clients Map when CLI sessions
+     * disconnect without calling release() (crash, network drop, etc.).
+     */
+    private evictStaleClients;
+    /**
+     * Write a memory snapshot to ~/.aria/logs/memory-timeline.jsonl every ~60s.
+     * Captures V8 heap breakdown + RSS so post-mortem analysis can trace which
+     * memory region grew. The file is append-only; rotation is the user's concern.
+     */
+    private logMemorySnapshot;
+    private writeHeartbeatRecord;
+    private writeRuntimeOwnerRecord;
+    private publishBootstrapRecord;
+}
+export declare function getHostSupervisor(): HostSupervisor;
+export { findRuntimeOwnerRecordByAriaHome, resolveRuntimeRootDirectory, runtimeOwnerRecordPathForNodeId, runtimeSocketsDirectory, runtimeSocketPathForNodeId, listProjectedRuntimeOwnerRecords as listRuntimeOwnerRecords, };
+export declare function readRuntimeOwnerRecord(runtimeRoot: string, nodeId: NodeId): RuntimeOwnerRecord | null;
+export declare function removeRuntimeOwnerRecord(runtimeRoot: string, nodeId: NodeId): void;
+export declare function writeRuntimeOwnerRecord(runtimeRoot: string, record: RuntimeOwnerRecord): RuntimeOwnerRecord;

package/dist/runtime/host-supervisor.js

@@ -0,0 +1 @@
+import{A as k,B as l,w as g,x as h,y as i,z as j}from"../index-mnt9k223.js";import"../index-pe0pkp0v.js";import"../index-rr0sea4c.js";import{S as a,U as b,V as c,W as d,_ as e,da as f}from"../index-9n50yafd.js";import"../index-5tav2m70.js";import"../index-6extw9n6.js";import"../index-raeajnr7.js";import"../index-ghh3ag4c.js";import"../index-9xs3gn0p.js";export{l as writeRuntimeOwnerRecord,b as runtimeSocketsDirectory,d as runtimeSocketPathForNodeId,c as runtimeOwnerRecordPathForNodeId,a as resolveRuntimeRootDirectory,k as removeRuntimeOwnerRecord,j as readRuntimeOwnerRecord,e as listRuntimeOwnerRecords,i as getHostSupervisor,f as findRuntimeOwnerRecordByAriaHome,g as HostSupervisorSplitBrainError,h as HostSupervisor};

package/dist/runtime/join-control.d.ts

@@ -0,0 +1,3 @@
+import type { FastifyInstance } from "fastify";
+import "../types.js";
+export declare function ensureJoinControl(server: FastifyInstance): void;