@decentnetwork/lan 0.1.0 → 0.1.4

package/dist/cli/commands.d.ts

@@ -104,6 +104,31 @@ export declare function cmdFriendAccept(args: {
 export declare function cmdFriendsList(args: {
     configDir?: string;
 }): Promise<void>;
+/**
+ * List queued friend-requests held by the running daemon (the ones
+ * received while `friends.autoAccept` was false). Goes over IPC —
+ * the daemon must be up.
+ */
+export declare function cmdFriendsPending(args: {
+    configDir?: string;
+}): Promise<void>;
+/**
+ * Accept a queued friend-request by userid. Routes through IPC;
+ * the daemon's own Carrier peer does the actual acceptFriendRequest
+ * call and drops the entry from disk. No daemon shutdown needed.
+ */
+export declare function cmdFriendsAccept(args: {
+    userid: string;
+    configDir?: string;
+}): Promise<void>;
+/**
+ * Drop a queued friend-request without accepting. Sender doesn't
+ * get a notification — they just see no acceptance.
+ */
+export declare function cmdFriendsReject(args: {
+    userid: string;
+    configDir?: string;
+}): Promise<void>;
 /**
  * Show audit log
  */
@@ -198,12 +223,20 @@ export declare function cmdDiag(args: {
     configDir?: string;
 }): Promise<void>;
 /**
- * Enable dora integration and add a dora server's userid to the
- * registry list. Subsequent `agentnet up` runs will register with
- * dora to get a virtual IP and fetch the peer roster automatically.
+ * Enable dora integration. Accepts either `--address` (preferred — the
+ * full Carrier address of the dora server; we derive its userid and
+ * also send the one-time friend-request automatically) or `--userid`
+ * (legacy — expects the operator to have already friended the server).
+ *
+ * The one-shot `--address` path is the right UX: an operator setting
+ * up a fresh node only knows "use this dora server, here's its
+ * address" — they shouldn't have to know that dora is also a Carrier
+ * peer, that they need to friend it first, or what the difference
+ * between userid and address is.
  */
 export declare function cmdDoraEnable(args: {
-    userid: string;
+    address?: string;
+    userid?: string;
     configDir?: string;
 }): Promise<void>;
 /**
@@ -221,3 +254,14 @@ export declare function cmdDoraDisable(args: {
 export declare function cmdDoraStatus(args: {
     configDir?: string;
 }): Promise<void>;
+/**
+ * Set the dora auto-friend policy. Three modes:
+ *   - 'none' (default): never auto-friend roster peers
+ *   - 'all':           friend every roster entry that carries an address
+ *   - 'allow <id-or-name>...' / 'remove <id-or-name>...': whitelist
+ */
+export declare function cmdDoraAutofriend(args: {
+    mode: "none" | "all" | "allow" | "remove" | "list";
+    values?: string[];
+    configDir?: string;
+}): Promise<void>;

package/dist/cli/commands.js

@@ -405,8 +405,15 @@ export async function cmdFriendRequest(args) {
     const waitMs = args.waitMs ?? 30000;
     console.log(`Waiting ${waitMs}ms for relay delivery...`);
     await new Promise((r) => setTimeout(r, waitMs));
+    const myPubkey = peer.pubkey();
+    const myUserid = peer.userid();
     await peer.stop();
-    console.log(`Friend request sent. The recipient must run 'agentnet friend-accept --pubkey ${peer.pubkey()}'.`);
+    console.log(`Friend request sent.`);
+    console.log(`If the recipient's daemon is running with friends.autoAccept (the default), it has already accepted —`);
+    console.log(`no action needed on their side. They can confirm with 'agentnet diag' and look for userid ${myUserid}.`);
+    console.log(`If their daemon was offline, the request is queued via the express relay; their daemon will`);
+    console.log(`pick it up on next start (and still auto-accept). Only run 'agentnet friend-accept --pubkey ${myPubkey}'`);
+    console.log(`manually if their daemon is down AND they've disabled autoAccept.`);
 }
 /**
  * Accept a pending friend request.
@@ -500,10 +507,10 @@ export async function cmdFriendsList(args) {
     for (const friend of friends) {
         console.log(``);
         console.log(`  ${friend.name || "(unnamed)"}  status=${friend.status}`);
-        console.log(`    pubkey:  ${friend.pubkey}`);
-        if (friend.userid && friend.userid !== friend.pubkey) {
-            console.log(`    userid:  ${friend.userid}`);
-        }
+        // userid is Carrier's first-class identifier; show that, hide
+        // the raw hex pubkey unless someone explicitly needs it.
+        const userid = friend.userid && friend.userid !== friend.pubkey ? friend.userid : friend.pubkey;
+        console.log(`    userid:  ${userid}`);
         if (friend.address)
             console.log(`    address: ${friend.address}`);
         if (friend.acceptedAt)
@@ -511,6 +518,69 @@ export async function cmdFriendsList(args) {
     }
     await peer.stop();
 }
+/**
+ * List queued friend-requests held by the running daemon (the ones
+ * received while `friends.autoAccept` was false). Goes over IPC —
+ * the daemon must be up.
+ */
+export async function cmdFriendsPending(args) {
+    const dir = args.configDir || ConfigLoader.defaultConfigDir();
+    const config = await ConfigLoader.load(resolve(dir, "config.yaml"));
+    if (daemonPid(config) === null) {
+        throw new Error("Daemon not running — pending friend-requests are held by the daemon. Start it with 'agentnet up' first.");
+    }
+    const res = await ipcCall(config, { op: "friends-pending" });
+    if (!res.ok)
+        throw new Error(`Daemon refused: ${res.error}`);
+    const list = res.data?.pending ?? [];
+    if (list.length === 0) {
+        console.log("No pending friend-requests.");
+        return;
+    }
+    console.log(`Pending friend-requests (${list.length}):`);
+    for (const e of list) {
+        console.log("");
+        console.log(`  ${e.name || "(unnamed)"}`);
+        console.log(`    userid:  ${e.userid}`);
+        if (e.hello)
+            console.log(`    hello:   ${e.hello}`);
+        console.log(`    arrived: ${e.arrivedAt}`);
+    }
+    console.log("");
+    console.log("Accept with:  agentnet friends accept --userid <USERID>");
+    console.log("Reject with:  agentnet friends reject --userid <USERID>");
+}
+/**
+ * Accept a queued friend-request by userid. Routes through IPC;
+ * the daemon's own Carrier peer does the actual acceptFriendRequest
+ * call and drops the entry from disk. No daemon shutdown needed.
+ */
+export async function cmdFriendsAccept(args) {
+    const dir = args.configDir || ConfigLoader.defaultConfigDir();
+    const config = await ConfigLoader.load(resolve(dir, "config.yaml"));
+    if (daemonPid(config) === null) {
+        throw new Error("Daemon not running. Start it with 'agentnet up' first — pending friend-requests are managed by the live daemon.");
+    }
+    const res = await ipcCall(config, { op: "friends-accept", userid: args.userid });
+    if (!res.ok)
+        throw new Error(`Daemon refused: ${res.error}`);
+    console.log(`Accepted ${args.userid}.`);
+}
+/**
+ * Drop a queued friend-request without accepting. Sender doesn't
+ * get a notification — they just see no acceptance.
+ */
+export async function cmdFriendsReject(args) {
+    const dir = args.configDir || ConfigLoader.defaultConfigDir();
+    const config = await ConfigLoader.load(resolve(dir, "config.yaml"));
+    if (daemonPid(config) === null) {
+        throw new Error("Daemon not running. Start it with 'agentnet up' first.");
+    }
+    const res = await ipcCall(config, { op: "friends-reject", userid: args.userid });
+    if (!res.ok)
+        throw new Error(`Daemon refused: ${res.error}`);
+    console.log(`Rejected ${args.userid}.`);
+}
 /**
  * Show audit log
  */
@@ -861,27 +931,75 @@ export async function cmdDiag(args) {
     console.log(JSON.stringify(res.data, null, 2));
 }
 /**
- * Enable dora integration and add a dora server's userid to the
- * registry list. Subsequent `agentnet up` runs will register with
- * dora to get a virtual IP and fetch the peer roster automatically.
+ * Enable dora integration. Accepts either `--address` (preferred — the
+ * full Carrier address of the dora server; we derive its userid and
+ * also send the one-time friend-request automatically) or `--userid`
+ * (legacy — expects the operator to have already friended the server).
+ *
+ * The one-shot `--address` path is the right UX: an operator setting
+ * up a fresh node only knows "use this dora server, here's its
+ * address" — they shouldn't have to know that dora is also a Carrier
+ * peer, that they need to friend it first, or what the difference
+ * between userid and address is.
  */
 export async function cmdDoraEnable(args) {
+    if (!args.address && !args.userid) {
+        throw new Error("Need one of --address (preferred) or --userid");
+    }
+    // Derive userid from address when given an address. Address format:
+    // base58(pubkey || nospam || checksum); userid: base58(pubkey).
+    let userid = args.userid;
+    if (args.address) {
+        const { carrierIdFromAddress } = await import("@decentnetwork/peer");
+        try {
+            userid = carrierIdFromAddress(args.address);
+        }
+        catch (err) {
+            throw new Error(`--address didn't parse as a Carrier address: ${err instanceof Error ? err.message : err}`);
+        }
+    }
     const dir = args.configDir || ConfigLoader.defaultConfigDir();
     const configPath = resolve(dir, "config.yaml");
     const config = await ConfigLoader.load(configPath);
+    // Send the friend-request first when we have an address. We route
+    // it via the daemon's IPC if it's running, or fall back to a
+    // standalone short-lived Peer when it isn't (same logic as
+    // cmdFriendRequest).
+    if (args.address) {
+        console.log(`Friending dora server at ${args.address.slice(0, 24)}...`);
+        try {
+            await cmdFriendRequest({
+                address: args.address,
+                hello: "decentlan: enable dora",
+                waitMs: 8000,
+                configDir: args.configDir,
+            });
+        }
+        catch (err) {
+            // If the SDK already knows this address as an accepted friend
+            // it short-circuits — treat that as success, not failure.
+            const msg = err instanceof Error ? err.message : String(err);
+            if (!/already (accepted|a friend|friend)/i.test(msg)) {
+                console.warn(`(friend-request had a warning: ${msg})`);
+                console.warn(`Proceeding with config update anyway — re-run 'agentnet friend-request' later if you see "friend offline" in the daemon log.`);
+            }
+        }
+    }
     const existing = config.dora ?? { enabled: false, userids: [], refreshIntervalMs: 60_000 };
     const userids = new Set(existing.userids ?? []);
-    userids.add(args.userid);
+    userids.add(userid);
     config.dora = {
         enabled: true,
         userids: [...userids],
         refreshIntervalMs: existing.refreshIntervalMs ?? 60_000,
     };
     await ConfigLoader.save(config, configPath);
-    console.log(`Dora enabled. Server userid added: ${args.userid}`);
+    console.log(`Dora enabled. Server userid added: ${userid}`);
     console.log(`Total dora servers configured: ${config.dora.userids?.length}`);
-    console.log(`The dora server must be a Carrier friend — add it with 'agentnet friend-request' if you haven't.`);
-    console.log(`Restart the daemon to take effect.`);
+    if (!args.address) {
+        console.log(`Heads-up: passed --userid only; if you haven't friended the dora server, run 'agentnet friend-request --address <ADDRESS>' before starting the daemon.`);
+    }
+    console.log(`Restart the daemon (or just 'agentnet up') to take effect.`);
 }
 /**
  * Disable dora integration without losing the configured server list.
@@ -927,6 +1045,65 @@ export async function cmdDoraStatus(args) {
     }
     const refresh = dora.refreshIntervalMs ?? 60_000;
     console.log(`  refresh:       every ${Math.round(refresh / 1000)}s`);
+    const af = dora.autoFriend ?? "none";
+    if (af === "none" || af === "all") {
+        console.log(`  auto-friend:   ${af}`);
+    }
+    else {
+        console.log(`  auto-friend:   whitelist [${af.length}]: ${af.join(", ")}`);
+    }
     console.log("");
     console.log("Note: live state (allocated IP, last refresh) requires querying a running daemon — not yet wired.");
 }
+/**
+ * Set the dora auto-friend policy. Three modes:
+ *   - 'none' (default): never auto-friend roster peers
+ *   - 'all':           friend every roster entry that carries an address
+ *   - 'allow <id-or-name>...' / 'remove <id-or-name>...': whitelist
+ */
+export async function cmdDoraAutofriend(args) {
+    const dir = args.configDir || ConfigLoader.defaultConfigDir();
+    const configPath = resolve(dir, "config.yaml");
+    const config = await ConfigLoader.load(configPath);
+    const dora = config.dora ?? { enabled: false, userids: [], refreshIntervalMs: 60_000 };
+    const current = dora.autoFriend ?? "none";
+    if (args.mode === "list") {
+        if (current === "none" || current === "all") {
+            console.log(`auto-friend: ${current}`);
+        }
+        else {
+            console.log(`auto-friend: whitelist (${current.length})`);
+            for (const t of current)
+                console.log(`  - ${t}`);
+        }
+        return;
+    }
+    let next;
+    if (args.mode === "none" || args.mode === "all") {
+        next = args.mode;
+    }
+    else if (args.mode === "allow") {
+        const list = Array.isArray(current) ? new Set(current) : new Set();
+        for (const v of args.values ?? [])
+            list.add(v);
+        next = [...list];
+    }
+    else if (args.mode === "remove") {
+        const list = Array.isArray(current) ? new Set(current) : new Set();
+        for (const v of args.values ?? [])
+            list.delete(v);
+        next = list.size === 0 ? "none" : [...list];
+    }
+    else {
+        throw new Error(`unknown autofriend mode: ${args.mode}`);
+    }
+    config.dora = { ...dora, autoFriend: next };
+    await ConfigLoader.save(config, configPath);
+    if (next === "none" || next === "all") {
+        console.log(`auto-friend set to '${next}'.`);
+    }
+    else {
+        console.log(`auto-friend whitelist now (${next.length}): ${next.join(", ")}`);
+    }
+    console.log(`Takes effect on the next roster refresh (~60s) or daemon restart.`);
+}

package/dist/cli/index.js

@@ -10,7 +10,7 @@ import { hideBin } from "yargs/helpers";
 // Belt-and-braces — also raise it here in case the CLI is run directly
 // (e.g. `node dist/cli/index.js` rather than via dist/index.js).
 EventEmitter.defaultMaxListeners = 100;
-import { cmdInit, cmdIdentityShow, cmdPeersList, cmdIpamAssign, cmdGrant, cmdRevoke, cmdResolve, cmdStatus, cmdUp, cmdAuditLog, cmdFriendRequest, cmdFriendAccept, cmdFriendsList, cmdProxyEnable, cmdProxyDisable, cmdProxyStatus, cmdProxyAllowHost, cmdProxyRevokeHost, cmdProxyListHosts, cmdProxyUse, cmdDoraEnable, cmdDoraDisable, cmdDoraStatus, cmdDiag, cmdDnsInstall, cmdDnsHosts, } from "./commands.js";
+import { cmdInit, cmdIdentityShow, cmdPeersList, cmdIpamAssign, cmdGrant, cmdRevoke, cmdResolve, cmdStatus, cmdUp, cmdAuditLog, cmdFriendRequest, cmdFriendAccept, cmdFriendsList, cmdFriendsPending, cmdFriendsAccept, cmdFriendsReject, cmdProxyEnable, cmdProxyDisable, cmdProxyStatus, cmdProxyAllowHost, cmdProxyRevokeHost, cmdProxyListHosts, cmdProxyUse, cmdDoraEnable, cmdDoraDisable, cmdDoraStatus, cmdDoraAutofriend, cmdDiag, cmdDnsInstall, cmdDnsHosts, } from "./commands.js";
 async function main() {
     await yargs(hideBin(process.argv))
         .scriptName("agentnet")
@@ -126,8 +126,21 @@ async function main() {
             configDir: argv["config-dir"],
         });
     })
-        .command("friends list", "List Carrier friends", (y) => y.option("config-dir", { type: "string" }), async (argv) => {
+        .command("friends list", "List Carrier friends (daemon must be down)", (y) => y.option("config-dir", { type: "string" }), async (argv) => {
         await cmdFriendsList({ configDir: argv["config-dir"] });
+    })
+        .command("friends pending", "List queued friend-requests (over IPC; daemon must be up)", (y) => y.option("config-dir", { type: "string" }), async (argv) => {
+        await cmdFriendsPending({ configDir: argv["config-dir"] });
+    })
+        .command("friends accept", "Accept a queued friend-request by userid (over IPC; daemon stays up)", (y) => y
+        .option("userid", { type: "string", demandOption: true, describe: "Sender's Carrier userid (base58)" })
+        .option("config-dir", { type: "string" }), async (argv) => {
+        await cmdFriendsAccept({ userid: argv.userid, configDir: argv["config-dir"] });
+    })
+        .command("friends reject", "Drop a queued friend-request by userid (over IPC; daemon stays up)", (y) => y
+        .option("userid", { type: "string", demandOption: true })
+        .option("config-dir", { type: "string" }), async (argv) => {
+        await cmdFriendsReject({ userid: argv.userid, configDir: argv["config-dir"] });
     })
         .command("audit log", "View audit log", (y) => y.option("tail", { type: "number", default: 50 }).option("config-dir", { type: "string" }), async (argv) => {
         await cmdAuditLog({ tail: argv.tail, configDir: argv["config-dir"] });
@@ -170,16 +183,46 @@ async function main() {
         // parent handler — never invoked because demandCommand above
     })
         .command("dora", "Manage the dora (DHCP-style) registry integration (run 'agentnet dora --help')", (y) => y
-        .command("enable", "Enable dora and register a server's Carrier userid", (yy) => yy
-        .option("userid", { type: "string", demandOption: true, describe: "Dora server's Carrier userid" })
-        .option("config-dir", { type: "string" }), async (argv) => {
-        await cmdDoraEnable({ userid: argv.userid, configDir: argv["config-dir"] });
+        .command("enable", "Enable dora — preferred: --address <addr> (we friend + derive userid); legacy: --userid <id>", (yy) => yy
+        .option("address", { type: "string", describe: "Dora server's full Carrier address — friends it and derives the userid for you" })
+        .option("userid", { type: "string", describe: "Legacy: server's userid; only use if you've already friended it separately" })
+        .option("config-dir", { type: "string" })
+        .check((argv) => {
+        if (!argv.address && !argv.userid) {
+            throw new Error("Need one of --address (preferred) or --userid");
+        }
+        return true;
+    }), async (argv) => {
+        await cmdDoraEnable({
+            address: argv.address,
+            userid: argv.userid,
+            configDir: argv["config-dir"],
+        });
     })
         .command("disable", "Disable dora integration (keep configured server list)", (yy) => yy.option("config-dir", { type: "string" }), async (argv) => {
         await cmdDoraDisable({ configDir: argv["config-dir"] });
     })
         .command("status", "Show dora configuration", (yy) => yy.option("config-dir", { type: "string" }), async (argv) => {
         await cmdDoraStatus({ configDir: argv["config-dir"] });
+    })
+        .command("autofriend <mode> [values..]", "Auto-friend policy: 'none' (default), 'all', 'allow <name|userid>...', 'remove <name|userid>...', or 'list'", (yy) => yy
+        .positional("mode", {
+        type: "string",
+        demandOption: true,
+        choices: ["none", "all", "allow", "remove", "list"],
+        describe: "Policy mode",
+    })
+        .positional("values", {
+        type: "string",
+        array: true,
+        describe: "For 'allow'/'remove': one or more names or userids",
+    })
+        .option("config-dir", { type: "string" }), async (argv) => {
+        await cmdDoraAutofriend({
+            mode: argv.mode,
+            values: argv.values,
+            configDir: argv["config-dir"],
+        });
     })
         .demandCommand(1, "Specify a dora subcommand (run 'agentnet dora --help')"), () => {
         // parent handler — never invoked because demandCommand above

package/dist/config/loader.js

@@ -108,6 +108,11 @@ export class ConfigLoader {
                 enabled: false,
                 userids: [],
                 refreshIntervalMs: 60_000,
+                // Default: do NOT auto-friend roster peers. Dora is a naming
+                // / IP service, not a trust statement. Operators opt in with
+                // `agentnet dora autofriend all` (closed labs) or
+                // `agentnet dora autofriend allow <name|userid>` (whitelist).
+                autoFriend: "none",
             },
         };
     }

package/dist/daemon/ipc.d.ts

@@ -29,11 +29,22 @@ export interface IpcHandlers {
      *  Used by `agentnet diag` to inspect a live daemon without
      *  restarting it with AGENTNET_LOG_LEVEL=debug. */
     diag: () => Promise<Record<string, unknown>>;
+    /** List queued friend-requests that arrived while autoAccept was
+     *  off. Returns an array of {userid, name, hello, arrivedAt}. */
+    friendsPending: () => Promise<Record<string, unknown>>;
+    /** Accept a queued friend-request by userid. Drops it from the
+     *  queue and calls peer.acceptFriendRequest. Idempotent — no-op
+     *  if userid isn't in the queue. */
+    friendsAccept: (userid: string) => Promise<void>;
+    /** Reject (drop) a queued friend-request by userid. Doesn't
+     *  notify the sender — they'll just see no acceptance. */
+    friendsReject: (userid: string) => Promise<void>;
 }
 export interface IpcRequest {
-    op: "friend-request" | "ping" | "diag";
+    op: "friend-request" | "ping" | "diag" | "friends-pending" | "friends-accept" | "friends-reject";
     address?: string;
     hello?: string;
+    userid?: string;
 }
 export interface IpcResponseOk {
     ok: true;

package/dist/daemon/ipc.js

@@ -130,6 +130,20 @@ export class IpcServer {
             }
             case "diag":
                 return await this.handlers.diag();
+            case "friends-pending":
+                return await this.handlers.friendsPending();
+            case "friends-accept": {
+                if (!req.userid)
+                    throw new Error("userid is required");
+                await this.handlers.friendsAccept(req.userid);
+                return;
+            }
+            case "friends-reject": {
+                if (!req.userid)
+                    throw new Error("userid is required");
+                await this.handlers.friendsReject(req.userid);
+                return;
+            }
             default:
                 throw new Error(`unknown op: ${req.op}`);
         }

package/dist/daemon/pending-friends.d.ts

@@ -0,0 +1,52 @@
+/**
+ * Pending-friend-request store.
+ *
+ * When `friends.autoAccept` is false (or for any other reason the
+ * operator wants to gate inbound friend requests), the daemon must
+ * NOT block the running session waiting for a CLI dance. It buffers
+ * each incoming request to disk and exposes IPC ops so an operator
+ * can list / accept / reject them on their own time, without
+ * stopping the daemon. Lost-on-restart pending requests would be
+ * frustrating, so the queue is persisted.
+ *
+ * File format: a single JSON array under
+ * `<configDir>/pending-friends.json`. Each entry is the same shape
+ * the SDK emits in the friend-request event, plus an arrivedAt
+ * timestamp.
+ */
+export interface PendingFriendEntry {
+    /** Carrier userid (base58, same 32 pubkey bytes as the hex form
+     *  the SDK emits — we store the userid form because that's what
+     *  every user-facing surface uses). */
+    userid: string;
+    /** Hex pubkey, kept for compatibility with SDK calls that expect
+     *  that form (acceptFriendRequest takes the pubkey/userid string
+     *  the original event carried). */
+    pubkey: string;
+    name?: string;
+    hello?: string;
+    /** ISO 8601 timestamp; helps operators triage queues of pending
+     *  requests. */
+    arrivedAt: string;
+}
+export declare class PendingFriendsStore {
+    private filePath;
+    private logger;
+    private entries;
+    constructor(filePath: string);
+    private load;
+    private save;
+    list(): PendingFriendEntry[];
+    /**
+     * Add (or replace) a pending request. The same userid arriving
+     * twice replaces the older entry — operators see the latest
+     * `hello` / `name` / `arrivedAt`, never a stale duplicate.
+     */
+    add(entry: PendingFriendEntry): void;
+    /**
+     * Drop an entry by userid. Returns the removed entry (so the
+     * caller has the original pubkey to pass to the SDK's
+     * acceptFriendRequest), or null if not present.
+     */
+    remove(userid: string): PendingFriendEntry | null;
+}

package/dist/daemon/pending-friends.js

@@ -0,0 +1,80 @@
+/**
+ * Pending-friend-request store.
+ *
+ * When `friends.autoAccept` is false (or for any other reason the
+ * operator wants to gate inbound friend requests), the daemon must
+ * NOT block the running session waiting for a CLI dance. It buffers
+ * each incoming request to disk and exposes IPC ops so an operator
+ * can list / accept / reject them on their own time, without
+ * stopping the daemon. Lost-on-restart pending requests would be
+ * frustrating, so the queue is persisted.
+ *
+ * File format: a single JSON array under
+ * `<configDir>/pending-friends.json`. Each entry is the same shape
+ * the SDK emits in the friend-request event, plus an arrivedAt
+ * timestamp.
+ */
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import { dirname } from "path";
+import { Logger } from "../utils/logger.js";
+export class PendingFriendsStore {
+    filePath;
+    logger;
+    entries = [];
+    constructor(filePath) {
+        this.filePath = filePath;
+        this.logger = new Logger({ prefix: "PendingFriends" });
+        this.load();
+    }
+    load() {
+        if (!existsSync(this.filePath))
+            return;
+        try {
+            const raw = readFileSync(this.filePath, "utf-8");
+            const parsed = JSON.parse(raw);
+            if (Array.isArray(parsed)) {
+                this.entries = parsed.filter((e) => typeof e === "object" &&
+                    e !== null &&
+                    typeof e.userid === "string");
+            }
+        }
+        catch (err) {
+            this.logger.warn(`Could not parse ${this.filePath}: ${err}`);
+        }
+    }
+    save() {
+        try {
+            mkdirSync(dirname(this.filePath), { recursive: true });
+            writeFileSync(this.filePath, JSON.stringify(this.entries, null, 2), "utf-8");
+        }
+        catch (err) {
+            this.logger.warn(`Could not write ${this.filePath}: ${err}`);
+        }
+    }
+    list() {
+        return [...this.entries];
+    }
+    /**
+     * Add (or replace) a pending request. The same userid arriving
+     * twice replaces the older entry — operators see the latest
+     * `hello` / `name` / `arrivedAt`, never a stale duplicate.
+     */
+    add(entry) {
+        this.entries = this.entries.filter((e) => e.userid !== entry.userid);
+        this.entries.push(entry);
+        this.save();
+    }
+    /**
+     * Drop an entry by userid. Returns the removed entry (so the
+     * caller has the original pubkey to pass to the SDK's
+     * acceptFriendRequest), or null if not present.
+     */
+    remove(userid) {
+        const idx = this.entries.findIndex((e) => e.userid === userid);
+        if (idx < 0)
+            return null;
+        const [removed] = this.entries.splice(idx, 1);
+        this.save();
+        return removed;
+    }
+}

package/dist/daemon/server.d.ts

@@ -32,6 +32,7 @@ export declare class DaemonServer {
     private doraIntegration?;
     private ipcServer?;
     private dnsServer?;
+    private pendingFriends?;
     private startedAt;
     private isRunning;
     private pidFile?;

package/dist/daemon/server.js

@@ -16,6 +16,7 @@ import { ConnectProxy } from "../proxy/connect-proxy.js";
 import { DoraIntegration } from "../dora/dora-integration.js";
 import { DnsServer } from "../dns/server.js";
 import { IpcServer, ipcSocketPath } from "./ipc.js";
+import { PendingFriendsStore } from "./pending-friends.js";
 import { Logger } from "../utils/logger.js";
 export class DaemonServer {
     config;
@@ -35,6 +36,7 @@ export class DaemonServer {
     doraIntegration;
     ipcServer;
     dnsServer;
+    pendingFriends;
     startedAt = 0;
     isRunning = false;
     pidFile;
@@ -107,6 +109,31 @@ export class DaemonServer {
                 friendRequest: async (address, hello) => {
                     await this.peerManager.sendFriendRequest(address, hello);
                 },
+                friendsPending: async () => {
+                    const entries = this.pendingFriends?.list() ?? [];
+                    // Hide the legacy hex `pubkey` field from the wire — the
+                    // CLI side only needs userid + metadata to display + accept.
+                    return {
+                        pending: entries.map((e) => ({
+                            userid: e.userid,
+                            name: e.name,
+                            hello: e.hello,
+                            arrivedAt: e.arrivedAt,
+                        })),
+                    };
+                },
+                friendsAccept: async (userid) => {
+                    const entry = this.pendingFriends?.remove(userid);
+                    if (!entry)
+                        throw new Error(`No pending friend-request for userid ${userid}`);
+                    await this.peerManager.acceptFriendRequest(entry.pubkey);
+                },
+                friendsReject: async (userid) => {
+                    const entry = this.pendingFriends?.remove(userid);
+                    if (!entry)
+                        throw new Error(`No pending friend-request for userid ${userid}`);
+                    // No-op at the Carrier level — sender just sees no acceptance.
+                },
                 diag: async () => {
                     // Snapshot of everything an operator needs to debug why
                     // packets aren't moving: forwarding counters, friend
@@ -188,24 +215,49 @@ export class DaemonServer {
                 });
             }
             // Live friend-request handling. The daemon stays up and accepts
-            // (or just logs) incoming requests — no more `friend-accept --wait`
-            // ceremony where the operator has to stop the daemon. Default is
-            // auto-accept; the Carrier friend store IS the trust boundary, and
-            // requests only reach a peer whose address was deliberately shared.
+            // (or queues) every incoming request — no `friend-accept --wait`
+            // ceremony where the operator has to stop the daemon. Default
+            // is auto-accept; the Carrier friend store IS the trust
+            // boundary, and requests only reach a peer whose address was
+            // deliberately shared.
+            //
+            // When autoAccept is off, the request is persisted to
+            // pending-friends.json on disk. The operator inspects/handles
+            // it later via the IPC-routed CLI:
+            //   agentnet friends pending
+            //   agentnet friends accept --userid <userid>
+            //   agentnet friends reject --userid <userid>
+            // Pending requests survive daemon restarts.
             const autoAcceptFriends = this.config.friends?.autoAccept ?? true;
+            const pendingPath = resolve(this.config.carrier.dataDir, "..", "pending-friends.json");
+            this.pendingFriends = new PendingFriendsStore(pendingPath);
+            const pubkeyHexToUserid = async (pubkeyHex) => {
+                const { carrierIdFromPublicKey } = await import("@decentnetwork/peer");
+                const bytes = Buffer.from(pubkeyHex, "hex");
+                return carrierIdFromPublicKey(new Uint8Array(bytes));
+            };
             this.peerManager.on("friend-request", (req) => {
-                const who = `${req.name || "(unnamed)"} ${req.pubkey.slice(0, 16)}...`;
-                const hello = req.hello ? ` hello="${req.hello.slice(0, 60)}"` : "";
-                if (autoAcceptFriends) {
-                    this.logger.info(`Friend request from ${who}${hello} — auto-accepting`);
-                    this.peerManager?.acceptFriendRequest(req.pubkey).catch((err) => {
-                        this.logger.warn(`Auto-accept failed for ${who}: ${err}`);
-                    });
-                }
-                else {
-                    this.logger.info(`Friend request from ${who}${hello} — NOT auto-accepting ` +
-                        `(friends.autoAccept=false; accept manually later)`);
-                }
+                void pubkeyHexToUserid(req.pubkey).then((userid) => {
+                    const who = `${req.name || "(unnamed)"} ${userid}`;
+                    const hello = req.hello ? ` hello="${req.hello.slice(0, 60)}"` : "";
+                    if (autoAcceptFriends) {
+                        this.logger.info(`Friend request from ${who}${hello} — auto-accepting`);
+                        this.peerManager?.acceptFriendRequest(req.pubkey).catch((err) => {
+                            this.logger.warn(`Auto-accept failed for ${who}: ${err}`);
+                        });
+                    }
+                    else {
+                        this.logger.info(`Friend request from ${who}${hello} — queued (friends.autoAccept=false). ` +
+                            `Run 'agentnet friends pending' to triage.`);
+                        this.pendingFriends?.add({
+                            userid,
+                            pubkey: req.pubkey,
+                            name: req.name,
+                            hello: req.hello,
+                            arrivedAt: new Date().toISOString(),
+                        });
+                    }
+                });
             });
             // NOTE: auto-IPAM (hash-derived virtual IP per userid) was tried and
             // reverted — it produced IPs like 10.86.175.35 that conflicted with

package/dist/dora/dora-integration.d.ts

@@ -87,4 +87,10 @@ export declare class DoraIntegration {
      * re-register the peer or fall back to a manual friend-request.
      */
     private maybeFriend;
+    /**
+     * Decide whether a roster entry is allowed by the autoFriend
+     * policy. Names match case-insensitively against the entry's
+     * `name`; userids match exact base58.
+     */
+    private policyAllows;
 }

package/dist/dora/dora-integration.js

@@ -304,6 +304,22 @@ export class DoraIntegration {
             this.friendRequested.add(entry.userid);
             return;
         }
+        // Policy gate. Dora is a name service, not a trust statement.
+        // Default ("none") means we DON'T auto-friend roster peers —
+        // an operator on a multi-tenant dora isn't asking to be
+        // mutually-friended with everyone else just because they share
+        // a name service. "all" reproduces the old behavior (closed
+        // labs). Otherwise the policy is a whitelist of names or
+        // userids; only matches are friended.
+        const policy = this.opts.config.autoFriend ?? "none";
+        if (!this.policyAllows(entry, policy)) {
+            // Mark as "seen" so we don't re-evaluate the policy every
+            // 60s for entries we deliberately skip — but DON'T mark as
+            // "friendRequested" since the operator may flip the policy
+            // later and we should pick them up on next refresh after a
+            // daemon restart.
+            return;
+        }
         if (!entry.address) {
             this.logger.warn(`Roster entry ${entry.name} (${entry.userid.slice(0, 12)}...) has no address — can't auto-friend. ` +
                 `Have them re-register against a newer dora server, or run 'agentnet friend-request' manually.`);
@@ -322,4 +338,25 @@ export class DoraIntegration {
             this.friendRequested.delete(entry.userid);
         });
     }
+    /**
+     * Decide whether a roster entry is allowed by the autoFriend
+     * policy. Names match case-insensitively against the entry's
+     * `name`; userids match exact base58.
+     */
+    policyAllows(entry, policy) {
+        if (policy === "all")
+            return true;
+        if (policy === "none")
+            return false;
+        if (!Array.isArray(policy) || policy.length === 0)
+            return false;
+        const nameLower = entry.name.toLowerCase();
+        for (const token of policy) {
+            if (token === entry.userid)
+                return true;
+            if (token.toLowerCase() === nameLower)
+                return true;
+        }
+        return false;
+    }
 }

package/dist/types.d.ts

@@ -142,6 +142,25 @@ export interface DoraConfig {
     userids?: string[];
     /** How often to re-fetch the full roster from dora. Default 60_000ms. */
     refreshIntervalMs?: number;
+    /**
+     * Policy for auto-friending peers found in the dora roster. Dora is
+     * a NAMING and IP-ALLOCATION service — it does NOT imply trust.
+     * On a large dora (many tenants, customer machines, etc.) you do
+     * NOT want to auto-friend everyone.
+     *
+     * - `"none"` (default): never auto-friend roster peers. The operator
+     *    initiates friend-requests explicitly with `agentnet
+     *    friend-request --address <addr>`. The dora server itself is
+     *    always friended out-of-band when you run `agentnet dora enable
+     *    --address`.
+     * - `"all"`: friend every roster entry that carries an address.
+     *    Useful for a closed lab of trusted peers; **dangerous on a
+     *    shared / public dora.**
+     * - `string[]`: whitelist by peer NAME (matches `name` in the roster
+     *    record) or by userid (base58). Matching entries are auto-
+     *    friended on every refresh; everything else is left alone.
+     */
+    autoFriend?: "none" | "all" | string[];
 }
 export interface DecentAgentNetConfig {
     node: NodeConfig;

package/docs/CONFIGURATION.md

@@ -112,7 +112,27 @@ ACL-gated; see `agentnet proxy --help`.
 - **`userids`** — list of dora servers to try, in order. First
   responder wins.
 - **`refreshIntervalMs`** — how often to re-pull the roster from
-  dora (default 60s). Drives auto-friend discovery of new peers.
+  dora (default 60s).
+- **`autoFriend`** — policy for friending peers found in the dora
+  roster. Dora is a name service, NOT a trust statement; on a
+  multi-tenant dora you do not want the daemon to silently friend
+  every other peer.
+  - `"none"` (default) — never auto-friend roster peers; only the
+    dora server itself is friended (you do that explicitly with
+    `agentnet dora enable --address`).
+  - `"all"` — friend every roster entry that carries an address.
+    Reasonable for closed labs of mutually-trusted peers.
+  - `string[]` — whitelist by peer name OR userid. Only matching
+    entries get auto-friended.
+
+  CLI:
+  ```
+  agentnet dora autofriend none                                 # default
+  agentnet dora autofriend all                                  # closed lab
+  agentnet dora autofriend allow mac-dev snoopy peerX-userid    # whitelist
+  agentnet dora autofriend remove snoopy
+  agentnet dora autofriend list
+  ```
 
 ## `policy.yaml` reference
 

package/docs/INSTALL.md

@@ -41,17 +41,20 @@ agentnet --help
 # 1. Generate this machine's Carrier identity + default config
 agentnet init --name my-laptop
 
-# 2. (Once per network) friend the dora name server.
-#    Get the address from whoever runs dora.
-agentnet friend-request --address Jt7w1pKkyLT5GVue9h6ZPkjg1EeuuTbD6JVSLycXLsdm6nvBGSUd
+# 2. Point at the dora name server. Pass the FULL ADDRESS (whoever
+#    runs dora publishes it). This one command friends dora,
+#    derives its userid, and writes the config — no separate
+#    friend-request step needed.
+agentnet dora enable --address <dora's Carrier address>
 
-# 3. Tell decentlan to use that dora server
-agentnet dora enable --userid 98rsHv17h8G6AP9RagyrBiT1kmw4cn8MFPEembS6ZVjv
-
-# 4. Start the daemon (needs sudo for the TUN device)
+# 3. Start the daemon (needs sudo for the TUN device)
 sudo $(which agentnet) up --real-tun
 ```
 
+Three commands, no "userid vs address" gymnastics. The daemon will
+register with dora, pull the roster, and auto-friend every other
+peer in the network.
+
 The daemon will:
 
 1. Open a Carrier connection

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@decentnetwork/lan",
-  "version": "0.1.0",
+  "version": "0.1.4",
   "description": "Private virtual LAN for self-hosted services and AI agents, built on Elastos Carrier. NAT-traversal, name service, ACL, all over a peer-to-peer mesh — no public IP required.",
   "type": "module",
   "main": "./dist/index.js",