@askalf/dario 2.8.7 → 2.9.1

package/README.md

@@ -68,7 +68,7 @@ Opus, Sonnet, Haiku — all models, streaming, tool use. Works with Cursor, Cont
 <tr>
 <td colspan="3" valign="top">
 
-*"The 429s were driving us crazy running a multi-agent stack on Claude Max. You found the billing tag, fixed the checksum, reverse-engineered the per-request hash from the binary — v2.8.5 running clean, zero reclassification."* — [@belangertrading](https://github.com/belangertrading), multi-agent stack on Claude Max
+*"The 429s were driving us crazy running a multi-agent stack on Claude Max. You found the billing tag, fixed the checksum, reverse-engineered the per-request hash from the binary — running clean, zero reclassification."* — [@belangertrading](https://github.com/belangertrading), multi-agent stack on Claude Max
 
 </td>
 </tr>
@@ -87,7 +87,7 @@ dario is the only proxy that solves this. It injects native Claude Code device i
 | **Billing classification** | Native Claude Code session | Third-party (Extra Usage) |
 | **Max plan limits** | Used correctly | Bypassed — billed separately |
 | **Device identity** | Injected automatically | Missing |
-| **Priority routing** | Billing tag + service_tier auto | Missing |
+| **Priority routing** | Full billing tag fingerprint | Missing |
 | **Billing tag fingerprint** | Per-request SHA-256 matching binary RE | Static or missing |
 | **Beta flags** | Match Claude Code v2.1.100 | Outdated or missing |
 | **Billable beta filtering** | Strips surprise charges | Passes everything through |
@@ -215,7 +215,7 @@ Model: claude-opus-4-6 (all requests)
 
 ## Passthrough Mode
 
-For tools like Hermes or OpenClaw that need exact Anthropic protocol fidelity, use `--passthrough`. This does OAuth swap only — no billing tag, no thinking injection, no device identity, no extra beta flags.
+For tools that need exact Anthropic protocol fidelity with zero modification, use `--passthrough`. This does OAuth swap only — no billing tag, no thinking injection, no device identity, no extra beta flags. Note: most tools (including Hermes and OpenClaw) work better through default mode, which handles billing classification and token optimization automatically.
 
 ```bash
 dario proxy --passthrough               # Thin proxy, zero injection
@@ -417,9 +417,9 @@ Then run `hermes` normally — it routes through dario using your Claude subscri
 ### Direct API Mode
 - All Claude models (Opus 4.6, Sonnet 4.6, Haiku 4.5) + 1M extended context aliases (`opus1m`, `sonnet1m`)
 - **Native billing classification** — device identity, per-request billing tag with SHA-256 checksums matching real Claude Code (extracted via binary RE), ensures Max plan limits work correctly
-- **Priority routing** — billing tag injection + `service_tier: 'auto'` activates per-model rate limits, keeping Opus/Sonnet available even at 100% overall utilization
+- **Stealth layer** (v2.9.0) — strips thinking blocks from conversation history (saves 50-80% input tokens), scrubs non-CC fields (`temperature`, `top_p`, `top_k`, `stop_sequences`, `service_tier`), reorders JSON fields to match Claude Code's exact field order, and normalizes system prompts to exactly 3 blocks. Every request is indistinguishable from real Claude Code traffic.
 - **Adaptive thinking** — matches Claude Code's `{ type: 'adaptive' }` mode for optimal reasoning (auto-skipped for Haiku 4.5)
-- **Effort control** — injects `output_config: { effort: 'high' }` by default, or passes through client-specified effort level
+- **Effort control** — injects `output_config: { effort: 'medium' }` matching Claude Code's default, or passes through client-specified effort level
 - **Enriched 429 errors** — rate limit errors include utilization %, limiting window, and reset time instead of Anthropic's default `"Error"` message
 - **Auto CLI fallback** — if the API returns 429 and Claude Code is installed, transparently retries through `claude --print` with SSE conversion
 - **OpenAI-compatible** (`/v1/chat/completions`) — works with any OpenAI SDK or tool
@@ -428,6 +428,7 @@ Then run `hermes` normally — it routes through dario using your Claude subscri
 - System prompts and multi-turn conversations
 - Prompt caching and extended thinking
 - **Billable beta filtering** — strips `extended-cache-ttl` from client betas (the only prefix requiring Extra Usage)
+- **Beta deduplication** — client-provided betas are deduplicated against the base set before appending
 - **Orchestration tag sanitization** — strips agent-injected XML (`<system-reminder>`, `<env>`, `<task_metadata>`, etc.) before forwarding
 - **Token anomaly detection** — warns on context spike (>60% input growth) or output explosion (>2x previous)
 - Concurrency control (max 10 concurrent upstream requests)
@@ -442,9 +443,9 @@ Then run `hermes` normally — it routes through dario using your Claude subscri
 
 ### Passthrough Mode
 - All Claude models with native streaming and tool use
-- OAuth token swap only — no billing tag, thinking, effort, service_tier, or device identity injection
+- OAuth token swap only — no billing tag, thinking, effort, or device identity injection
 - Minimal beta flags (`oauth-2025-04-20` + client betas only)
-- For tools like Hermes or OpenClaw that need exact Anthropic protocol fidelity
+- For tools that need exact Anthropic protocol fidelity with zero modification
 
 ## Endpoints
 

package/dist/proxy.js

@@ -236,6 +236,88 @@ function sanitizeMessages(body) {
         }
     }
 }
+/**
+ * Strip thinking blocks from prior assistant messages.
+ * Real Claude Code strips thinking from conversation history before building the next request.
+ * The API's context_management: clear_thinking does NOT reduce input token billing —
+ * tokens are counted before server-side edits. Client-side stripping is the only way
+ * to avoid burning the 5h window on stale thinking traces.
+ * Only strips from prior turns — the most recent assistant message is left intact.
+ */
+function stripThinkingFromHistory(body) {
+    const messages = body.messages;
+    if (!messages)
+        return;
+    // Strip thinking blocks from ALL assistant messages.
+    // Real Claude Code never sends thinking blocks in the messages array —
+    // it strips them before building the next request. The API will generate
+    // fresh thinking for the current turn; prior thinking is dead weight.
+    for (const msg of messages) {
+        if (msg.role !== 'assistant')
+            continue;
+        if (Array.isArray(msg.content)) {
+            msg.content = msg.content.filter(b => b.type !== 'thinking');
+        }
+    }
+}
+/**
+ * Scrub non-Claude-Code fields and normalize field ordering.
+ * Real Claude Code never sends these fields. Their presence is a fingerprint.
+ * JSON field order is also detectable — Claude Code always sends fields in a
+ * specific order. We rebuild the object to match.
+ */
+const NON_CC_FIELDS = new Set(['service_tier', 'top_p', 'top_k', 'stop_sequences', 'temperature']);
+// Claude Code's field order (from MITM capture). Fields not in this list are appended at end.
+const CC_FIELD_ORDER = [
+    'model', 'messages', 'system', 'max_tokens', 'thinking', 'output_config',
+    'context_management', 'metadata', 'stream', 'tools', 'tool_choice',
+];
+function scrubAndReorderFields(body) {
+    // Remove non-CC fields
+    for (const field of NON_CC_FIELDS) {
+        delete body[field];
+    }
+    // Rebuild with Claude Code field ordering
+    const ordered = {};
+    for (const key of CC_FIELD_ORDER) {
+        if (key in body) {
+            ordered[key] = body[key];
+            delete body[key];
+        }
+    }
+    // Append any remaining fields (custom client fields we don't recognize)
+    for (const [key, value] of Object.entries(body)) {
+        ordered[key] = value;
+    }
+    return ordered;
+}
+/**
+ * Normalize system prompt to exactly 3 blocks.
+ * Real Claude Code always sends exactly 3 system blocks:
+ * [0] billing tag (no cache), [1] agent identity (cache 1h), [2] system prompt (cache 1h)
+ * If the client sends multiple system blocks, merge them into block [2].
+ */
+function normalizeSystemTo3Blocks(system, billingTag, agentIdentity, cache1h) {
+    let systemText;
+    if (typeof system === 'string') {
+        systemText = system;
+    }
+    else if (Array.isArray(system)) {
+        // Merge all text blocks into one, skip any existing billing tags
+        systemText = system
+            .filter(b => b.text && !b.text.includes('x-anthropic-billing-header:'))
+            .map(b => b.text)
+            .join('\n\n');
+    }
+    else {
+        systemText = '';
+    }
+    return [
+        { type: 'text', text: billingTag },
+        { type: 'text', text: agentIdentity, cache_control: cache1h },
+        { type: 'text', text: systemText || 'You are a helpful assistant.', cache_control: cache1h },
+    ];
+}
 // OpenAI model names → Anthropic (fallback if client sends GPT names)
 const OPENAI_MODEL_MAP = {
     'gpt-5.4': 'claude-opus-4-6',
@@ -669,7 +751,18 @@ export async function startProxy(opts = {}) {
                     const r = result;
                     // In passthrough mode, skip all Claude-specific injection — OAuth swap only
                     if (!passthrough) {
-                        // Inject device identity metadata for session tracking
+                        // ── Stealth layer: make request indistinguishable from real Claude Code ──
+                        // 1. Strip thinking blocks from prior assistant turns (client-side).
+                        // context_management: clear_thinking does NOT reduce input token billing.
+                        // Real Claude Code strips thinking before building the next request.
+                        stripThinkingFromHistory(r);
+                        // 2. Scrub non-CC fields and normalize field ordering
+                        const reordered = scrubAndReorderFields(r);
+                        // Copy reordered keys back (r is a reference to result)
+                        for (const key of Object.keys(r))
+                            delete r[key];
+                        Object.assign(r, reordered);
+                        // 3. Inject device identity metadata for session tracking
                         if (identity.deviceId) {
                             r.metadata = {
                                 user_id: JSON.stringify({
@@ -679,71 +772,31 @@ export async function startProxy(opts = {}) {
                                 }),
                             };
                         }
-                        // Enable adaptive thinking for models that support it (Opus/Sonnet 4.6+)
-                        // Haiku 4.5 does not support thinking at all
+                        // 4. Model-aware defaults matching Claude Code behavior
                         const modelName = (r.model || '').toLowerCase();
                         const supportsThinking = !modelName.includes('haiku');
                         if (supportsThinking && !r.thinking) {
                             r.thinking = { type: 'adaptive' };
                         }
-                        // Match Claude Code's default max_tokens (64000) when client sends low values
                         if (!r.max_tokens || r.max_tokens < 16000) {
                             r.max_tokens = 64000;
                         }
-                        // Set reasoning effort (pass through client value or default to 'medium' matching Claude Code)
-                        // Haiku does not support the effort parameter
                         if (supportsThinking && !r.output_config) {
                             r.output_config = { effort: 'medium' };
                         }
-                        // Enable context management (matches Claude Code default)
-                        // Requires thinking to be enabled — skip for models without thinking support (e.g. Haiku)
                         if (supportsThinking && !r.context_management) {
                             r.context_management = { edits: [{ type: 'clear_thinking_20251015', keep: 'all' }] };
                         }
-                        // Inject Claude Code billing header into system prompt.
-                        // Anthropic uses this to route requests through priority rate limiting
-                        // instead of the general API quota. Without it, Opus/Sonnet get 429
-                        // when overall utilization is high, even though model-specific limits
-                        // have headroom. The CLI binary embeds this in its system prompt.
-                        //
-                        // Build tag and cch are computed per-request using the same algorithm
-                        // as the real Claude Code binary (Oz$ function):
-                        // - build tag = SHA-256(seed + msg_chars[4,7,20] + version).slice(0,3)
-                        // - cch = SHA-256(seed + version + msg_chars[4,7,20]).slice(0,5)
-                        // Build per-request billing tag matching Claude Code binary
+                        // 5. Build per-request billing tag matching Claude Code binary (Oz$ algorithm)
                         const userMsg = extractFirstUserMessage(r);
                         const buildTag = computeBuildTag(userMsg, cliVersion);
                         const cch = computeCch();
                         const fullVersion = `${cliVersion}.${buildTag}`;
                         const billingTag = `x-anthropic-billing-header: cc_version=${fullVersion}; cc_entrypoint=cli; cch=${cch};`;
-                        // Structure system prompt as 3 blocks matching real Claude Code:
-                        // [0] billing tag (no cache_control)
-                        // [1] agent identity string (cache 1h)
-                        // [2] actual system prompt (cache 1h)
+                        // 6. Normalize system prompt to exactly 3 blocks (real Claude Code always sends 3)
                         const AGENT_IDENTITY = 'You are a Claude agent, built on Anthropic\'s Claude Agent SDK.';
                         const CACHE_1H = { type: 'ephemeral', ttl: '1h' };
-                        if (typeof r.system === 'string') {
-                            if (!r.system.includes('x-anthropic-billing-header:')) {
-                                r.system = [
-                                    { type: 'text', text: billingTag },
-                                    { type: 'text', text: AGENT_IDENTITY, cache_control: CACHE_1H },
-                                    { type: 'text', text: r.system, cache_control: CACHE_1H },
-                                ];
-                            }
-                        }
-                        else if (Array.isArray(r.system)) {
-                            const hasTag = r.system.some(b => typeof b.text === 'string' && b.text.includes('x-anthropic-billing-header:'));
-                            if (!hasTag) {
-                                // Prepend billing tag and agent identity before existing blocks
-                                r.system.unshift({ type: 'text', text: billingTag }, { type: 'text', text: AGENT_IDENTITY, cache_control: CACHE_1H });
-                            }
-                        }
-                        else {
-                            r.system = [
-                                { type: 'text', text: billingTag },
-                                { type: 'text', text: AGENT_IDENTITY, cache_control: CACHE_1H },
-                            ];
-                        }
+                        r.system = normalizeSystemTo3Blocks(r.system, billingTag, AGENT_IDENTITY, CACHE_1H);
                     }
                     finalBody = Buffer.from(JSON.stringify(r));
                 }
@@ -764,9 +817,11 @@ export async function startProxy(opts = {}) {
             }
             else {
                 // Claude-optimized: full beta set matching real Claude Code (exact order from MITM capture)
-                beta = 'claude-code-20250219,oauth-2025-04-20,interleaved-thinking-2025-05-14,context-management-2025-06-27,prompt-caching-scope-2026-01-05,advisor-tool-2026-03-01,effort-2025-11-24';
+                beta = 'claude-code-20250219,oauth-2025-04-20,interleaved-thinking-2025-05-14,fine-grained-tool-streaming-2025-05-14,context-management-2025-06-27,prompt-caching-scope-2026-01-05,advisor-tool-2026-03-01,effort-2025-11-24,fast-mode-2026-02-01';
                 if (clientBeta) {
-                    const filtered = filterBillableBetas(clientBeta);
+                    const baseSet = new Set(beta.split(','));
+                    const filtered = filterBillableBetas(clientBeta)
+                        .split(',').filter(b => b.length > 0 && !baseSet.has(b)).join(',');
                     if (filtered)
                         beta += ',' + filtered;
                 }
@@ -776,6 +831,8 @@ export async function startProxy(opts = {}) {
                 'Authorization': `Bearer ${accessToken}`,
                 'anthropic-version': req.headers['anthropic-version'] || '2023-06-01',
                 'anthropic-beta': beta,
+                // Real Claude Code adds x-client-request-id for firstParty + api.anthropic.com
+                'x-client-request-id': randomUUID(),
                 // Real Claude Code sends 600 on first request, 300 on subsequent
                 'x-stainless-timeout': requestCount <= 1 ? '600' : '300',
             };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@askalf/dario",
-  "version": "2.8.7",
+  "version": "2.9.1",
   "description": "Use your Claude subscription as an API. No API key needed. Local proxy for Claude Max/Pro subscriptions.",
   "type": "module",
   "bin": {