@botcord/daemon 0.2.36 → 0.2.37

package/dist/config.d.ts

@@ -84,6 +84,29 @@ export interface OpenclawDiscoveryConfig {
     /** Defaults to false. When false, discovery only persists gateways. */
     autoProvision?: boolean;
 }
+/** Third-party messaging provider supported by the daemon's channel factory. */
+export type ThirdPartyGatewayType = "telegram" | "wechat";
+/**
+ * One third-party gateway profile bound to a BotCord agent. `id` is the
+ * channel id (typically `gw_...` minted by the Hub); `accountId` is the
+ * BotCord agent the inbound traffic should be attributed to. Secrets and
+ * provider cursors live outside this struct — see `secretFile` and
+ * `stateFile`. When omitted, the daemon derives them as
+ * `~/.botcord/daemon/gateways/{id}.json` and `{id}.state.json`.
+ */
+export interface ThirdPartyGatewayProfile {
+    id: string;
+    type: ThirdPartyGatewayType;
+    accountId: string;
+    label?: string;
+    enabled?: boolean;
+    secretFile?: string;
+    stateFile?: string;
+    allowedSenderIds?: string[];
+    allowedChatIds?: string[];
+    splitAt?: number;
+    baseUrl?: string;
+}
 export interface DaemonConfig {
     /**
      * @deprecated Kept for backward compatibility with pre-multi-agent configs.
@@ -128,6 +151,12 @@ export interface DaemonConfig {
      * search paths/ports and automatic adoption of discovered agents.
      */
     openclawDiscovery?: OpenclawDiscoveryConfig;
+    /**
+     * Third-party messaging gateways (Telegram, WeChat, …) bound to BotCord
+     * agents on this daemon. Each entry becomes one channel in the gateway
+     * runtime; `enabled === false` entries are filtered out at boot.
+     */
+    thirdPartyGateways?: ThirdPartyGatewayProfile[];
 }
 /**
  * Persistent transcript settings (design §6). Default-off — `botcord-daemon

package/dist/config.js

@@ -202,6 +202,33 @@ export function loadConfig() {
         }
         out.openclawDiscovery = copy;
     }
+    const tpg = parsed.thirdPartyGateways;
+    if (tpg !== undefined) {
+        if (!Array.isArray(tpg)) {
+            throw new Error(`daemon config "thirdPartyGateways" must be an array (${CONFIG_PATH})`);
+        }
+        const seen = new Set();
+        for (const [i, g] of tpg.entries()) {
+            if (!g || typeof g !== "object") {
+                throw new Error(`daemon config thirdPartyGateways[${i}] is not an object (${CONFIG_PATH})`);
+            }
+            const gg = g;
+            if (typeof gg.id !== "string" || gg.id.length === 0) {
+                throw new Error(`daemon config thirdPartyGateways[${i}].id must be a non-empty string (${CONFIG_PATH})`);
+            }
+            if (gg.type !== "telegram" && gg.type !== "wechat") {
+                throw new Error(`daemon config thirdPartyGateways[${i}].type must be "telegram" or "wechat" (${CONFIG_PATH})`);
+            }
+            if (typeof gg.accountId !== "string" || gg.accountId.length === 0) {
+                throw new Error(`daemon config thirdPartyGateways[${i}].accountId must be a non-empty string (${CONFIG_PATH})`);
+            }
+            if (seen.has(gg.id)) {
+                throw new Error(`daemon config thirdPartyGateways[${i}].id "${gg.id}" duplicated (${CONFIG_PATH})`);
+            }
+            seen.add(gg.id);
+        }
+        out.thirdPartyGateways = tpg.map((g) => ({ ...g }));
+    }
     return out;
 }
 function validateAdapter(id, field) {

package/dist/daemon-config-map.d.ts

@@ -52,6 +52,9 @@ export interface ToGatewayConfigOptions {
 export declare const DEFAULT_BOTCORD_CHANNEL_ID = "botcord-main";
 /** Channel `type` tag used by `createBotCordChannel`. */
 export declare const BOTCORD_CHANNEL_TYPE = "botcord";
+/** Channel `type` tags for built-in third-party providers. */
+export declare const TELEGRAM_CHANNEL_TYPE = "telegram";
+export declare const WECHAT_CHANNEL_TYPE = "wechat";
 /**
  * Convert the daemon's on-disk config into a gateway runtime config. Only
  * used in-process at daemon boot; the daemon config file itself is the

package/dist/daemon-config-map.js

@@ -74,6 +74,9 @@ function resolveGateway(profiles, gatewayName, agentOverride, where) {
 export const DEFAULT_BOTCORD_CHANNEL_ID = "botcord-main";
 /** Channel `type` tag used by `createBotCordChannel`. */
 export const BOTCORD_CHANNEL_TYPE = "botcord";
+/** Channel `type` tags for built-in third-party providers. */
+export const TELEGRAM_CHANNEL_TYPE = "telegram";
+export const WECHAT_CHANNEL_TYPE = "wechat";
 /**
  * Map daemon's historical narrower TrustLevel ("owner" | "untrusted") onto
  * gateway's ("owner" | "trusted" | "public"). Matches the adapter-level
@@ -165,6 +168,33 @@ export function toGatewayConfig(cfg, opts = {}) {
         accountId: agentId,
         agentId,
     }));
+    // Append one channel per enabled third-party gateway. Disabled entries are
+    // dropped here so the gateway runtime never sees them; re-enabling requires
+    // an `upsert_gateway` (Phase B) or a config reload.
+    for (const g of cfg.thirdPartyGateways ?? []) {
+        if (g.enabled === false)
+            continue;
+        const ch = {
+            id: g.id,
+            type: g.type,
+            accountId: g.accountId,
+        };
+        if (g.label !== undefined)
+            ch.label = g.label;
+        if (g.secretFile !== undefined)
+            ch.secretFile = g.secretFile;
+        if (g.stateFile !== undefined)
+            ch.stateFile = g.stateFile;
+        if (g.allowedSenderIds !== undefined)
+            ch.allowedSenderIds = g.allowedSenderIds;
+        if (g.allowedChatIds !== undefined)
+            ch.allowedChatIds = g.allowedChatIds;
+        if (g.splitAt !== undefined)
+            ch.splitAt = g.splitAt;
+        if (g.baseUrl !== undefined)
+            ch.baseUrl = g.baseUrl;
+        channels.push(ch);
+    }
     // DaemonConfig's typed surface doesn't carry `trustLevel`, but we read it
     // defensively so future config extensions can propagate without a shape bump.
     const profiles = prepareGatewayProfiles(cfg.openclawGateways);

package/dist/daemon.d.ts

@@ -1,4 +1,4 @@
-import { type GatewayInboundMessage, type GatewayLogger, type GatewayRuntimeSnapshot } from "./gateway/index.js";
+import { type ChannelAdapter, type GatewayChannelConfig, type GatewayInboundMessage, type GatewayLogger, type GatewayRuntimeSnapshot } from "./gateway/index.js";
 import type { DaemonConfig } from "./config.js";
 import { type BootAgentsResult } from "./agent-discovery.js";
 import { ensureAgentWorkspace } from "./agent-workspace.js";
@@ -31,6 +31,20 @@ export declare function createActivityRecorder(opts: {
     activityTracker: ActivityRecorderTarget;
     fallbackAgentId?: string;
 }): (msg: GatewayInboundMessage) => void;
+/** Per-call dependencies for {@link createDaemonChannel}. */
+export interface CreateDaemonChannelDeps {
+    credentialPathByAgentId: Map<string, string>;
+    defaultCredentialsPath?: string;
+    hubBaseUrl?: string;
+}
+/**
+ * Dispatch a `GatewayChannelConfig` to the right adapter constructor based on
+ * `chCfg.type`. Phase A wires up the BotCord adapter and stub constructors
+ * for telegram/wechat (which throw "not implemented"); Phase B will fill the
+ * latter in. Unknown types throw so misconfigured channels fail loudly at
+ * boot rather than silently dropping inbound traffic.
+ */
+export declare function createDaemonChannel(chCfg: GatewayChannelConfig, deps: CreateDaemonChannelDeps): ChannelAdapter;
 /**
  * Minimal send-capable surface used by {@link pushRuntimeSnapshot}.
  * Exists so the helper is trivially mockable from unit tests without needing

package/dist/daemon.js

@@ -1,5 +1,5 @@
 import { CONTROL_FRAME_TYPES, shouldWake, } from "@botcord/protocol-core";
-import { Gateway, createBotCordChannel, resolveTranscriptEnabled, sanitizeUntrustedContent, } from "./gateway/index.js";
+import { Gateway, createBotCordChannel, createTelegramChannel, createWechatChannel, resolveTranscriptEnabled, sanitizeUntrustedContent, } from "./gateway/index.js";
 import { ActivityTracker } from "./activity-tracker.js";
 import { SESSIONS_PATH, SNAPSHOT_PATH } from "./config.js";
 import { resolveBootAgents } from "./agent-discovery.js";
@@ -70,6 +70,56 @@ export function createActivityRecorder(opts) {
         });
     };
 }
+/**
+ * Dispatch a `GatewayChannelConfig` to the right adapter constructor based on
+ * `chCfg.type`. Phase A wires up the BotCord adapter and stub constructors
+ * for telegram/wechat (which throw "not implemented"); Phase B will fill the
+ * latter in. Unknown types throw so misconfigured channels fail loudly at
+ * boot rather than silently dropping inbound traffic.
+ */
+export function createDaemonChannel(chCfg, deps) {
+    switch (chCfg.type) {
+        case "botcord": {
+            const agentId = typeof chCfg.agentId === "string" ? chCfg.agentId : chCfg.accountId;
+            return createBotCordChannel({
+                id: chCfg.id,
+                accountId: chCfg.accountId,
+                agentId,
+                credentialsPath: deps.credentialPathByAgentId.get(agentId) ?? deps.defaultCredentialsPath,
+                hubBaseUrl: deps.hubBaseUrl,
+            });
+        }
+        case "telegram":
+            return createTelegramChannel({
+                id: chCfg.id,
+                accountId: chCfg.accountId,
+                ...(typeof chCfg.baseUrl === "string" ? { baseUrl: chCfg.baseUrl } : {}),
+                ...(Array.isArray(chCfg.allowedSenderIds)
+                    ? { allowedSenderIds: chCfg.allowedSenderIds }
+                    : {}),
+                ...(Array.isArray(chCfg.allowedChatIds)
+                    ? { allowedChatIds: chCfg.allowedChatIds }
+                    : {}),
+                ...(typeof chCfg.splitAt === "number" ? { splitAt: chCfg.splitAt } : {}),
+                ...(typeof chCfg.secretFile === "string" ? { secretFile: chCfg.secretFile } : {}),
+                ...(typeof chCfg.stateFile === "string" ? { stateFile: chCfg.stateFile } : {}),
+            });
+        case "wechat":
+            return createWechatChannel({
+                id: chCfg.id,
+                accountId: chCfg.accountId,
+                ...(typeof chCfg.baseUrl === "string" ? { baseUrl: chCfg.baseUrl } : {}),
+                ...(Array.isArray(chCfg.allowedSenderIds)
+                    ? { allowedSenderIds: chCfg.allowedSenderIds }
+                    : {}),
+                ...(typeof chCfg.splitAt === "number" ? { splitAt: chCfg.splitAt } : {}),
+                ...(typeof chCfg.secretFile === "string" ? { secretFile: chCfg.secretFile } : {}),
+                ...(typeof chCfg.stateFile === "string" ? { stateFile: chCfg.stateFile } : {}),
+            });
+        default:
+            throw new Error(`unknown channel type "${chCfg.type}"`);
+    }
+}
 /**
  * Emit one `runtime_snapshot` event frame on the control channel. Plan §8.5
  * P0: first-connect push only — reconnect-push and diffing are P1. A send
@@ -282,16 +332,11 @@ export async function startDaemon(opts) {
     const gateway = new Gateway({
         config: gwConfig,
         sessionStorePath: opts.sessionStorePath ?? SESSIONS_PATH,
-        createChannel: (chCfg) => {
-            const agentId = typeof chCfg.agentId === "string" ? chCfg.agentId : chCfg.accountId;
-            return createBotCordChannel({
-                id: chCfg.id,
-                accountId: chCfg.accountId,
-                agentId,
-                credentialsPath: credentialPathByAgentId.get(agentId) ?? opts.credentialsPath,
-                hubBaseUrl: opts.hubBaseUrl,
-            });
-        },
+        createChannel: (chCfg) => createDaemonChannel(chCfg, {
+            credentialPathByAgentId,
+            defaultCredentialsPath: opts.credentialsPath,
+            hubBaseUrl: opts.hubBaseUrl,
+        }),
         log: logger,
         turnTimeoutMs: DEFAULT_TURN_TIMEOUT_MS,
         buildSystemContext,

package/dist/gateway/channels/botcord.js

@@ -823,6 +823,7 @@ function normalizeBlockForHub(block, seq) {
             payload.session_id = raw.session_id;
         if (typeof raw?.model === "string")
             payload.model = raw.model;
+        payload.details = formatBlockDetails(raw);
         return { kind: "system", seq, payload };
     }
     if (kind === "thinking") {
@@ -836,6 +837,7 @@ function normalizeBlockForHub(block, seq) {
             payload.label = raw.label;
         if (typeof raw?.source === "string")
             payload.source = raw.source;
+        payload.details = formatBlockDetails(raw);
         return { kind: "thinking", seq, payload };
     }
     // "other" — e.g. Claude Code `type:"result"` end-of-turn summary.
@@ -849,3 +851,45 @@ function normalizeBlockForHub(block, seq) {
     }
     return { kind: "other", seq, payload };
 }
+function formatBlockDetails(raw) {
+    if (!raw || typeof raw !== "object")
+        return "";
+    const r = raw;
+    const direct = typeof r.text === "string" ? r.text
+        : typeof r.message === "string" ? r.message
+            : typeof r.summary === "string" ? r.summary
+                : typeof r.label === "string" ? r.label
+                    : "";
+    if (direct)
+        return direct;
+    const contentText = extractContentText(r.content ?? r.message?.content ?? r.params?.update?.content);
+    if (contentText)
+        return contentText;
+    try {
+        return JSON.stringify(raw, null, 2);
+    }
+    catch {
+        return String(raw);
+    }
+}
+function extractContentText(content) {
+    if (!content)
+        return "";
+    if (typeof content === "string")
+        return content;
+    if (Array.isArray(content)) {
+        return content.map(extractContentText).filter(Boolean).join("\n");
+    }
+    if (typeof content === "object") {
+        const c = content;
+        if (typeof c.text === "string")
+            return c.text;
+        if (typeof c.thinking === "string")
+            return c.thinking;
+        if (typeof c.content === "string")
+            return c.content;
+        if (Array.isArray(c.content))
+            return extractContentText(c.content);
+    }
+    return "";
+}

package/dist/gateway/channels/http-types.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Canonical `fetch`-compatible signature shared by gateway-control.ts and
+ * the WeChat HTTP helpers. Lets tests inject a stub without depending on
+ * undici's full type surface.
+ *
+ * Kept structurally compatible with both `globalThis.fetch` and the
+ * narrower wechat-http test stubs — `body` is optional so callers that
+ * only issue GETs (e.g. Telegram `getMe` test probe) can omit it.
+ */
+export type FetchLike = (input: string, init?: {
+    method?: string;
+    headers?: Record<string, string>;
+    body?: string;
+    signal?: AbortSignal;
+}) => Promise<{
+    status?: number;
+    ok?: boolean;
+    text(): Promise<string>;
+}>;

package/dist/gateway/channels/http-types.js

@@ -0,0 +1 @@
+export {};

package/dist/gateway/channels/index.d.ts

@@ -1,2 +1,7 @@
 export { createBotCordChannel } from "./botcord.js";
 export type { BotCordChannelClient, BotCordChannelOptions, BotCordClientFactory, } from "./botcord.js";
+export { createTelegramChannel, type TelegramChannelOptions } from "./telegram.js";
+export { createWechatChannel, type WechatChannelOptions } from "./wechat.js";
+export { getBotQrcode, getQrcodeStatus, DEFAULT_WECHAT_BASE_URL, type WechatQrcode, type WechatQrcodeStatus, type WechatLoginOptions, } from "./wechat-login.js";
+export { defaultGatewaySecretPath, loadGatewaySecret, saveGatewaySecret, deleteGatewaySecret, } from "./secret-store.js";
+export { GatewayStateStore, defaultGatewayStatePath, type GatewayStateStoreOptions, type ThirdPartyGatewayState, } from "./state-store.js";

package/dist/gateway/channels/index.js

@@ -1 +1,6 @@
 export { createBotCordChannel } from "./botcord.js";
+export { createTelegramChannel } from "./telegram.js";
+export { createWechatChannel } from "./wechat.js";
+export { getBotQrcode, getQrcodeStatus, DEFAULT_WECHAT_BASE_URL, } from "./wechat-login.js";
+export { defaultGatewaySecretPath, loadGatewaySecret, saveGatewaySecret, deleteGatewaySecret, } from "./secret-store.js";
+export { GatewayStateStore, defaultGatewayStatePath, } from "./state-store.js";

package/dist/gateway/channels/login-session.d.ts

@@ -0,0 +1,83 @@
+/**
+ * In-memory login-session store used by the daemon's third-party gateway
+ * control frames. Today only WeChat consumes it (qrcode → bot token), but
+ * the shape is provider-generic so future LINE/Discord OAuth callbacks can
+ * reuse the same store without a control-frame churn.
+ *
+ * The store is intentionally NOT persisted — bot tokens never live anywhere
+ * outside the daemon process or the per-gateway secret file. A daemon
+ * restart drops in-flight logins; the user just rescans.
+ */
+export type LoginProvider = "wechat" | "telegram";
+export interface LoginSession {
+    loginId: string;
+    accountId: string;
+    gatewayId?: string;
+    provider: LoginProvider;
+    /** WeChat: opaque qrcode string returned by `get_bot_qrcode`. */
+    qrcode?: string;
+    /** Optional renderable URL for the qrcode. */
+    qrcodeUrl?: string;
+    /** WeChat iLink base URL the bot token will be used against. */
+    baseUrl?: string;
+    /** Stored only after the user confirms the qrcode. Never returned to Hub. */
+    botToken?: string;
+    /** Masked preview safe for Hub/dashboard display. */
+    tokenPreview?: string;
+    /** Unix millis. */
+    expiresAt: number;
+}
+/** Default session TTL: 5 minutes per the design doc. */
+export declare const LOGIN_SESSION_TTL_MS: number;
+export interface LoginSessionStoreOptions {
+    /** Override the wall clock — used by tests. */
+    now?: () => number;
+    /** Override the TTL applied at `create` time. */
+    ttlMs?: number;
+}
+/**
+ * Lazy-evicting login session map. Eviction runs inline on every read/write
+ * so no background timer is required and tests can scrub state by advancing
+ * a fake clock.
+ */
+export declare class LoginSessionStore {
+    private readonly sessions;
+    private readonly now;
+    private readonly ttlMs;
+    constructor(opts?: LoginSessionStoreOptions);
+    /**
+     * Insert a fresh session. `expiresAt` is computed as `now() + ttlMs`
+     * unless the caller pre-populated it. Returns the persisted record.
+     */
+    create(input: Omit<LoginSession, "expiresAt"> & {
+        expiresAt?: number;
+    }): LoginSession;
+    /** Get a non-expired session by id, or `null` when missing/expired. */
+    get(loginId: string): LoginSession | null;
+    /**
+     * Apply a partial patch to the session in place. No-op when the session
+     * is missing or expired. Returns the updated record (or `null`).
+     */
+    update(loginId: string, patch: Partial<LoginSession>): LoginSession | null;
+    delete(loginId: string): boolean;
+    /** Drop every entry whose `expiresAt` is in the past. */
+    sweep(): void;
+    /** Test helper: number of live sessions after sweep. */
+    size(): number;
+}
+/**
+ * Build a masked preview suitable for dashboard display. Returns the raw
+ * value untouched when shorter than 8 chars (no point masking) or `""` when
+ * empty. Default format: `"abcd...wxyz"` with a single ellipsis, never
+ * leaking the middle of the secret.
+ */
+export declare function maskTokenPreview(token: string | undefined | null): string;
+/**
+ * Allocate a new login id. Format `wxl_<base36ts>_<rand>` so it sorts by
+ * creation time and is trivially distinguishable from BotCord agent ids.
+ *
+ * W8: the random tail uses `crypto.randomBytes` (cryptographically secure)
+ * instead of `Math.random()` so an attacker cannot predict in-flight login
+ * ids and racefully claim someone else's session.
+ */
+export declare function mintLoginId(provider: LoginProvider): string;

package/dist/gateway/channels/login-session.js

@@ -0,0 +1,99 @@
+/**
+ * In-memory login-session store used by the daemon's third-party gateway
+ * control frames. Today only WeChat consumes it (qrcode → bot token), but
+ * the shape is provider-generic so future LINE/Discord OAuth callbacks can
+ * reuse the same store without a control-frame churn.
+ *
+ * The store is intentionally NOT persisted — bot tokens never live anywhere
+ * outside the daemon process or the per-gateway secret file. A daemon
+ * restart drops in-flight logins; the user just rescans.
+ */
+import { randomBytes } from "node:crypto";
+/** Default session TTL: 5 minutes per the design doc. */
+export const LOGIN_SESSION_TTL_MS = 5 * 60 * 1000;
+/**
+ * Lazy-evicting login session map. Eviction runs inline on every read/write
+ * so no background timer is required and tests can scrub state by advancing
+ * a fake clock.
+ */
+export class LoginSessionStore {
+    sessions = new Map();
+    now;
+    ttlMs;
+    constructor(opts = {}) {
+        this.now = opts.now ?? (() => Date.now());
+        this.ttlMs = opts.ttlMs ?? LOGIN_SESSION_TTL_MS;
+    }
+    /**
+     * Insert a fresh session. `expiresAt` is computed as `now() + ttlMs`
+     * unless the caller pre-populated it. Returns the persisted record.
+     */
+    create(input) {
+        this.sweep();
+        const expiresAt = typeof input.expiresAt === "number" ? input.expiresAt : this.now() + this.ttlMs;
+        const session = { ...input, expiresAt };
+        this.sessions.set(session.loginId, session);
+        return session;
+    }
+    /** Get a non-expired session by id, or `null` when missing/expired. */
+    get(loginId) {
+        this.sweep();
+        return this.sessions.get(loginId) ?? null;
+    }
+    /**
+     * Apply a partial patch to the session in place. No-op when the session
+     * is missing or expired. Returns the updated record (or `null`).
+     */
+    update(loginId, patch) {
+        const cur = this.get(loginId);
+        if (!cur)
+            return null;
+        const next = { ...cur, ...patch };
+        this.sessions.set(loginId, next);
+        return next;
+    }
+    delete(loginId) {
+        return this.sessions.delete(loginId);
+    }
+    /** Drop every entry whose `expiresAt` is in the past. */
+    sweep() {
+        const t = this.now();
+        for (const [id, s] of this.sessions) {
+            if (s.expiresAt <= t)
+                this.sessions.delete(id);
+        }
+    }
+    /** Test helper: number of live sessions after sweep. */
+    size() {
+        this.sweep();
+        return this.sessions.size;
+    }
+}
+/**
+ * Build a masked preview suitable for dashboard display. Returns the raw
+ * value untouched when shorter than 8 chars (no point masking) or `""` when
+ * empty. Default format: `"abcd...wxyz"` with a single ellipsis, never
+ * leaking the middle of the secret.
+ */
+export function maskTokenPreview(token) {
+    if (!token)
+        return "";
+    if (token.length <= 8)
+        return token;
+    return `${token.slice(0, 4)}...${token.slice(-4)}`;
+}
+/**
+ * Allocate a new login id. Format `wxl_<base36ts>_<rand>` so it sorts by
+ * creation time and is trivially distinguishable from BotCord agent ids.
+ *
+ * W8: the random tail uses `crypto.randomBytes` (cryptographically secure)
+ * instead of `Math.random()` so an attacker cannot predict in-flight login
+ * ids and racefully claim someone else's session.
+ */
+export function mintLoginId(provider) {
+    const prefix = provider === "wechat" ? "wxl" : "tgl";
+    const ts = Date.now().toString(36);
+    // 32 hex chars = 128 bits of entropy — W5 regression fix from round 2.
+    const rand = randomBytes(16).toString("hex");
+    return `${prefix}_${ts}_${rand}`;
+}

package/dist/gateway/channels/secret-store.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Resolve the on-disk secret-file path for a third-party gateway. Honors an
+ * explicit override when provided; otherwise falls back to
+ * `~/.botcord/daemon/gateways/{id}.json` (mode 0600 inside a 0700 dir).
+ */
+export declare function defaultGatewaySecretPath(gatewayId: string, override?: string): string;
+/**
+ * Load a previously-written secret blob. Returns `null` when the file is
+ * absent — callers treat that as "not yet authorized" rather than an error.
+ */
+export declare function loadGatewaySecret<T = Record<string, unknown>>(gatewayId: string, override?: string): T | null;
+/**
+ * Persist a secret blob with mode `0600`, ensuring the parent directory
+ * exists with mode `0700`. Writes go through a `.tmp` rename for atomicity.
+ *
+ * The parent directory mode is re-applied on every write so a permission
+ * drift (e.g. operator chmod) is corrected the next time the daemon writes.
+ */
+export declare function saveGatewaySecret(gatewayId: string, secret: Record<string, unknown>, override?: string): string;
+/** Remove a previously-saved secret. No-op when the file is missing. */
+export declare function deleteGatewaySecret(gatewayId: string, override?: string): void;

package/dist/gateway/channels/secret-store.js

@@ -0,0 +1,75 @@
+import { chmodSync, existsSync, mkdirSync, readFileSync, renameSync, unlinkSync, writeFileSync, } from "node:fs";
+import { homedir } from "node:os";
+import path from "node:path";
+// W3: logger for corrupt-file warnings. Using console so no circular dep on log.ts.
+const _warn = (msg) => console.warn(`[secret-store] ${msg}`);
+const DEFAULT_GATEWAYS_DIR = path.join(homedir(), ".botcord", "daemon", "gateways");
+/**
+ * Resolve the on-disk secret-file path for a third-party gateway. Honors an
+ * explicit override when provided; otherwise falls back to
+ * `~/.botcord/daemon/gateways/{id}.json` (mode 0600 inside a 0700 dir).
+ */
+export function defaultGatewaySecretPath(gatewayId, override) {
+    if (override && override.length > 0)
+        return override;
+    return path.join(DEFAULT_GATEWAYS_DIR, `${gatewayId}.json`);
+}
+/**
+ * Load a previously-written secret blob. Returns `null` when the file is
+ * absent — callers treat that as "not yet authorized" rather than an error.
+ */
+export function loadGatewaySecret(gatewayId, override) {
+    const file = defaultGatewaySecretPath(gatewayId, override);
+    if (!existsSync(file))
+        return null;
+    const raw = readFileSync(file, "utf8");
+    // W3: guard against corrupt files — JSON.parse throws on malformed input.
+    try {
+        return JSON.parse(raw);
+    }
+    catch {
+        _warn(`corrupt secret file at ${file} — ignoring`);
+        return null;
+    }
+}
+/**
+ * Persist a secret blob with mode `0600`, ensuring the parent directory
+ * exists with mode `0700`. Writes go through a `.tmp` rename for atomicity.
+ *
+ * The parent directory mode is re-applied on every write so a permission
+ * drift (e.g. operator chmod) is corrected the next time the daemon writes.
+ */
+export function saveGatewaySecret(gatewayId, secret, override) {
+    const file = defaultGatewaySecretPath(gatewayId, override);
+    const dir = path.dirname(file);
+    mkdirSync(dir, { recursive: true, mode: 0o700 });
+    try {
+        chmodSync(dir, 0o700);
+    }
+    catch {
+        // best-effort
+    }
+    const tmp = `${file}.tmp`;
+    writeFileSync(tmp, JSON.stringify(secret, null, 2), { mode: 0o600 });
+    try {
+        chmodSync(tmp, 0o600);
+    }
+    catch {
+        // best-effort
+    }
+    renameSync(tmp, file);
+    try {
+        chmodSync(file, 0o600);
+    }
+    catch {
+        // best-effort
+    }
+    return file;
+}
+/** Remove a previously-saved secret. No-op when the file is missing. */
+export function deleteGatewaySecret(gatewayId, override) {
+    const file = defaultGatewaySecretPath(gatewayId, override);
+    if (!existsSync(file))
+        return;
+    unlinkSync(file);
+}