@dmsdc-ai/aigentry-telepty 0.5.1 → 0.5.3

package/daemon.js

@@ -3,12 +3,14 @@ const cors = require('cors');
 const pty = require('node-pty');
 const os = require('os');
 const crypto = require('crypto');
-const { WebSocketServer } = require('ws');
 const { getConfig } = require('./auth');
 const pkg = require('./package.json');
 const { claimDaemonState, clearDaemonState, isProcessRunning } = require('./daemon-control');
 const { checkEntitlement } = require('./entitlement');
 const terminalBackend = require('./terminal-backend');
+const { installWebSocketTransport, isOpenWebSocket } = require('./src/transport/websocket');
+const { createPeerRelay, relayPeersFromEnv } = require('./src/transport/peer-relay');
+const { createAuthMiddleware, createIsAllowedPeer, createVerifyJwt } = require('./src/protocol/http-auth');
 const { FileMailbox } = require('./src/mailbox/index');
 const { DeliveryEngine } = require('./src/mailbox/delivery');
 const { UnixSocketNotifier } = require('./src/mailbox/notifier');
@@ -17,33 +19,18 @@ const { classifyReportPrompt, buildAutoSummary } = require('./src/report-enforce
 const submitGate = require('./src/submit-gate');
 const readyRegistry = require('./src/prompt-symbol-registry');
 const lifecycle = require('./src/lifecycle');
+const { SURFACE_ORPHAN_SECONDS, SURFACE_MISMATCH_SECONDS, decideSurfaceGc, applySurfaceMismatchProbe } = lifecycle;
 const { loadTeleptyConfig } = require('./src/config-file');
+const sessionPersistence = require('./src/session-store/persistence');
 
 const config = getConfig();
 const EXPECTED_TOKEN = config.authToken;
 const MACHINE_ID = process.env.TELEPTY_MACHINE_ID || os.hostname();
 const net = require('net');
 const fs = require('fs');
-const SESSION_PERSIST_PATH = require('path').join(os.homedir(), '.config', 'aigentry-telepty', 'sessions.json');
+const SESSION_PERSIST_PATH = sessionPersistence.defaultSessionPersistPath();
 const SESSION_STALE_SECONDS = Math.max(1, Number(process.env.TELEPTY_SESSION_STALE_SECONDS || 60));
 const SESSION_CLEANUP_SECONDS = Math.max(SESSION_STALE_SECONDS, Number(process.env.TELEPTY_SESSION_CLEANUP_SECONDS || 300));
-// #17: grace window before a cmux session whose workspace was explicitly closed (bridge
-// survived → headless zombie) is reclaimed. Shorter than the 300s disconnect-GC: the surface
-// is confirmed gone (not merely disconnected). The window absorbs cmux transient hiccups.
-const SURFACE_ORPHAN_SECONDS = Math.max(5, Number(process.env.TELEPTY_SURFACE_ORPHAN_SECONDS || 30));
-// #17: pure verdict→action mapping for the surface-liveness GC, exposed for unit-testing.
-// Returns 'mark' (start the grace window), 'reclaim' (grace elapsed → teardown), 'recover'
-// (surface returned within grace → clear), or 'skip'. INV-17: 'unknown' (cmux unreachable)
-// always maps to 'skip' — GC nothing. Pure, no side effects; the caller performs the action.
-function decideSurfaceGc(liveness, session, nowMs, graceSeconds = SURFACE_ORPHAN_SECONDS) {
-  if (liveness === 'gone') {
-    if (!session.surfaceGoneAt) return 'mark';
-    const goneSeconds = Math.floor((nowMs - new Date(session.surfaceGoneAt).getTime()) / 1000);
-    return goneSeconds >= graceSeconds ? 'reclaim' : 'skip';
-  }
-  if (liveness === 'alive' && session.surfaceGoneAt) return 'recover';
-  return 'skip';
-}
 const DELIVERY_TIMEOUT_MS = Math.max(100, Number(process.env.TELEPTY_DELIVERY_TIMEOUT_MS || 5000));
 const HEALTH_POLL_MS = Math.max(100, Number(process.env.TELEPTY_HEALTH_POLL_MS || 10000));
 const IDLE_REAPER_POLL_MS = Math.max(100, Number(process.env.TELEPTY_IDLE_REAPER_POLL_MS || 60000));
@@ -84,6 +71,15 @@ sessionStateManager.onTransition((sessionId, from, to, detail) => {
     extra: { auto_state: to, auto_state_from: from, auto_detail: detail }
   });
 
+  const transitionPendingReport = getPendingReport(sessionId);
+  if ((to === 'working' || to === 'thinking') && transitionPendingReport) {
+    const pendingReport = transitionPendingReport;
+    if (!pendingReport.submitExpected || pendingReport.submitStartedAt) {
+      pendingReport.sawWorkingAfterInject = true;
+      pendingReport.workingAfterInjectAt = new Date().toISOString();
+    }
+  }
+
   // Fire TASK_IDLE_NO_REPORT on idle transition (for sessions with pendingReports).
   // Session still needs to self-inject a content REPORT — this event only observes.
   // Legacy TASK_COMPLETE text-inject is also fired for back-compat (0.2.x grandfather).
@@ -119,43 +115,11 @@ sessionStateManager.onTransition((sessionId, from, to, detail) => {
 });
 
 function persistSessions() {
-  try {
-    const data = {};
-    for (const [id, s] of Object.entries(sessions)) {
-      data[id] = {
-        id,
-        type: s.type,
-        command: s.command,
-        cwd: s.cwd,
-        backend: s.backend || null,
-        cmuxWorkspaceId: s.cmuxWorkspaceId || null,
-        cmuxSurfaceId: s.cmuxSurfaceId || null,
-        termProgram: s.termProgram || null,
-        term: s.term || null,
-        delivery: s.delivery || null,
-        deliveryEndpoint: s.deliveryEndpoint || null,
-        createdAt: s.createdAt,
-        lastActivityAt: s.lastActivityAt || null,
-        lastConnectedAt: s.lastConnectedAt || null,
-        lastDisconnectedAt: s.lastDisconnectedAt || null,
-        lastStateReportAt: s.lastStateReportAt || null,
-        stateReport: s.stateReport || null,
-        idleTtl: s.idleTtl || null,
-        idleTtlMs: s.idleTtlMs == null ? null : s.idleTtlMs,
-        ownerPid: s.ownerPid || null,
-        ptyPid: s.ptyPid || null
-      };
-    }
-    fs.mkdirSync(require('path').dirname(SESSION_PERSIST_PATH), { recursive: true });
-    fs.writeFileSync(SESSION_PERSIST_PATH, JSON.stringify(data, null, 2));
-  } catch {}
+  sessionPersistence.savePersistedSessions(sessions, SESSION_PERSIST_PATH);
 }
 
 function loadPersistedSessions() {
-  try {
-    if (!fs.existsSync(SESSION_PERSIST_PATH)) return {};
-    return JSON.parse(fs.readFileSync(SESSION_PERSIST_PATH, 'utf8'));
-  } catch { return {}; }
+  return sessionPersistence.loadPersistedSessions(SESSION_PERSIST_PATH);
 }
 
 const app = express();
@@ -166,63 +130,19 @@ app.use(express.json());
 const PEER_ALLOWLIST = (process.env.TELEPTY_PEER_ALLOWLIST || '').split(',').map(s => s.trim()).filter(Boolean);
 
 // Cross-machine bus relay: forward bus events to peer daemons
-const RELAY_PEERS = (process.env.TELEPTY_RELAY_PEERS || '').split(',').map(s => s.trim()).filter(Boolean);
-const RELAY_SEEN = new Set(); // dedup by message_id
-
-function relayToPeers(msg) {
-  if (RELAY_PEERS.length === 0) return;
-  if (!msg.message_id) msg.message_id = crypto.randomUUID();
-  if (RELAY_SEEN.has(msg.message_id)) return; // already relayed
-  RELAY_SEEN.add(msg.message_id);
-  // Prevent unbounded growth
-  if (RELAY_SEEN.size > 10000) {
-    const arr = [...RELAY_SEEN];
-    arr.splice(0, 5000);
-    RELAY_SEEN.clear();
-    arr.forEach(id => RELAY_SEEN.add(id));
-  }
-
-  msg.source_host = msg.source_host || MACHINE_ID;
-  msg._relayed_from = MACHINE_ID;
-
-  for (const peer of RELAY_PEERS) {
-    fetch(`http://${peer}:${PORT}/api/bus/publish`, {
-      method: 'POST',
-      headers: { 'Content-Type': 'application/json', 'x-telepty-token': EXPECTED_TOKEN },
-      body: JSON.stringify(msg),
-      signal: AbortSignal.timeout(3000)
-    }).catch(() => {}); // fire-and-forget
-  }
-}
+const relayToPeers = createPeerRelay({
+  relayPeers: relayPeersFromEnv(process.env),
+  relaySeen: new Set(), // dedup by message_id
+  machineId: MACHINE_ID,
+  expectedToken: EXPECTED_TOKEN,
+  getPort: () => PORT
+});
 
 // JWT auth: set TELEPTY_JWT_SECRET to enable. Tokens in Authorization: Bearer <token>
 const JWT_SECRET = process.env.TELEPTY_JWT_SECRET || null;
 
-function verifyJwt(token) {
-  if (!JWT_SECRET || !token) return false;
-  try {
-    // Simple HS256 JWT verification (no external deps)
-    const [headerB64, payloadB64, sigB64] = token.split('.');
-    if (!headerB64 || !payloadB64 || !sigB64) return false;
-    const expected = crypto.createHmac('sha256', JWT_SECRET)
-      .update(`${headerB64}.${payloadB64}`).digest('base64url');
-    if (sigB64 !== expected) return false;
-    const payload = JSON.parse(Buffer.from(payloadB64, 'base64url').toString());
-    if (payload.exp && Date.now() / 1000 > payload.exp) return false;
-    return payload;
-  } catch { return false; }
-}
-
-function isAllowedPeer(ip) {
-  if (!ip) return false;
-  const cleanIp = ip.replace('::ffff:', '');
-  // Localhost always allowed (includes SSH tunnel traffic)
-  if (cleanIp === '127.0.0.1' || ip === '::1') return true;
-  // Peer allowlist
-  if (PEER_ALLOWLIST.length > 0) return PEER_ALLOWLIST.includes(cleanIp);
-  // No allowlist = allow all authenticated
-  return true;
-}
+const verifyJwt = createVerifyJwt(JWT_SECRET);
+const isAllowedPeer = createIsAllowedPeer(PEER_ALLOWLIST);
 
 // Health check – no auth required
 app.get('/api/health', (req, res) => {
@@ -230,27 +150,7 @@ app.get('/api/health', (req, res) => {
 });
 
 // Authentication Middleware
-app.use((req, res, next) => {
-  const clientIp = req.ip;
-
-  if (isAllowedPeer(clientIp)) {
-    return next(); // Trust local and allowlisted peers (SSH tunnels arrive as localhost)
-  }
-
-  const token = req.headers['x-telepty-token'] || req.query.token;
-  if (token === EXPECTED_TOKEN) {
-    return next();
-  }
-
-  // JWT Bearer token
-  const authHeader = req.headers['authorization'] || '';
-  if (authHeader.startsWith('Bearer ') && verifyJwt(authHeader.slice(7))) {
-    return next();
-  }
-
-  console.warn(`[AUTH] Rejected unauthorized request from ${clientIp}`);
-  res.status(401).json({ error: 'Unauthorized: Invalid or missing token.', code: 'PERMISSION_DENIED' });
-});
+app.use(createAuthMiddleware({ isAllowedPeer, expectedToken: EXPECTED_TOKEN, verifyJwt }));
 
 const PORT = process.env.PORT || 3848;
 
@@ -268,7 +168,7 @@ if (require.main === module) {
   }
 }
 
-const pendingReports = {}; // {targetSessionId: {source, injectedAt, injectId}}
+const pendingReports = Object.create(null); // {targetSessionId: {source, injectedAt, injectId}}
 const AUTO_REPORT_IDLE_SECONDS = Number(process.env.TELEPTY_AUTO_REPORT_IDLE_SECONDS) || 10;
 // #32: a legacy auto-report can fire ~0.0s after the inject (silence-timeout / ready-signal)
 // even when the inject never reached the target TUI — indistinguishable from a real completion
@@ -276,6 +176,62 @@ const AUTO_REPORT_IDLE_SECONDS = Number(process.env.TELEPTY_AUTO_REPORT_IDLE_SEC
 // completion; the text-inject is relabeled so a stuck/hung target is never reported as DONE.
 const AUTO_REPORT_MIN_REAL_SECONDS = Number(process.env.TELEPTY_AUTO_REPORT_MIN_REAL_SECONDS) || 1.0;
 
+function pendingReportHasSubmitEvidence(pendingReport) {
+  return !!(pendingReport && (
+    pendingReport.submitConfirmedAt ||
+    pendingReport.sawWorkingAfterInject ||
+    (pendingReport.submitConfirm && pendingReport.submitConfirm.accepted === true)
+  ));
+}
+
+function getPendingReport(sessionId, registry = pendingReports) {
+  if (typeof sessionId !== 'string') return null;
+  if (sessionId === '__proto__' || sessionId === 'prototype' || sessionId === 'constructor') return null;
+  if (!registry || !Object.prototype.hasOwnProperty.call(registry, sessionId)) return null;
+  return registry[sessionId];
+}
+
+function markPendingReportSubmitStarted(sessionId, bodyText) {
+  const pendingReport = getPendingReport(sessionId);
+  if (!pendingReport) return;
+  pendingReport.submitExpected = true;
+  pendingReport.submitInProgress = true;
+  pendingReport.submitStartedAt = new Date().toISOString();
+  if (typeof bodyText === 'string') {
+    pendingReport.injectedBodyPreview = bodyText.slice(0, 500);
+  }
+}
+
+function markPendingReportSubmitConfirmed(sessionId, confirm) {
+  const pendingReport = getPendingReport(sessionId);
+  if (!pendingReport) return;
+  pendingReport.submitExpected = true;
+  pendingReport.submitInProgress = false;
+  pendingReport.submitFinishedAt = new Date().toISOString();
+  pendingReport.submitConfirmedAt = pendingReport.submitFinishedAt;
+  pendingReport.submitConfirm = {
+    accepted: true,
+    reason: confirm && confirm.reason ? confirm.reason : 'confirmed',
+    attempts: confirm && confirm.attempts ? confirm.attempts : undefined,
+    ambiguous: !!(confirm && confirm.ambiguous),
+  };
+}
+
+function markPendingReportSubmitUnconfirmed(sessionId, confirm) {
+  const pendingReport = getPendingReport(sessionId);
+  if (!pendingReport) return;
+  pendingReport.submitExpected = true;
+  pendingReport.submitInProgress = false;
+  pendingReport.submitFinishedAt = new Date().toISOString();
+  pendingReport.submitUnconfirmedAt = pendingReport.submitFinishedAt;
+  pendingReport.submitConfirm = {
+    accepted: false,
+    reason: confirm && confirm.reason ? confirm.reason : 'submit_unconfirmed',
+    attempts: confirm && confirm.attempts ? confirm.attempts : undefined,
+    retryable: !!(confirm && confirm.retryable),
+  };
+}
+
 // #32: single provenance-tagged auto-report path (was 3 byte-identical builders at the
 // onTransition-idle / silence-timeout / ready-signal sites). `trigger` distinguishes the
 // originating path; sub-floor elapsed is relabeled TASK_IDLE_UNCONFIRMED instead of TASK_COMPLETE.
@@ -285,15 +241,46 @@ const AUTO_REPORT_MIN_REAL_SECONDS = Number(process.env.TELEPTY_AUTO_REPORT_MIN_
 // for the production callers, which pass no deps.
 function fireAutoReport(targetId, targetSession, pendingReport, trigger, deps = {}) {
   const _now = deps.now || Date.now;
+  const _setTimeout = deps.setTimeout || setTimeout;
   const _broadcast = deps.broadcastSessionEvent || broadcastSessionEvent;
   const _resolveAlias = deps.resolveSessionAlias || resolveSessionAlias;
   const _sessions = deps.sessions || sessions;
+  const _pendingReports = deps.pendingReports || pendingReports;
   const _deliver = deps.deliverInjectionToSession || deliverInjectionToSession;
 
-  pendingReport.idleNotified = true;
-  pendingReport.idleAt = new Date(_now()).toISOString();
   const elapsedNum = (_now() - new Date(pendingReport.injectedAt).getTime()) / 1000;
   const elapsed = elapsedNum.toFixed(1);
+  const hasSubmitEvidence = pendingReportHasSubmitEvidence(pendingReport);
+
+  if (trigger === 'ready-signal' && pendingReport.submitExpected) {
+    if (hasSubmitEvidence) {
+      console.log(`[AUTO-REPORT] ${targetId} ready-signal suppressed; submit already confirmed`);
+      return;
+    }
+
+    const shouldWaitForSubmit = pendingReport.submitInProgress === true || elapsedNum < AUTO_REPORT_MIN_REAL_SECONDS;
+    if (shouldWaitForSubmit) {
+      if (!pendingReport.readySignalTimer) {
+        const floorDelayMs = Math.max(50, Math.ceil((AUTO_REPORT_MIN_REAL_SECONDS - elapsedNum) * 1000));
+        const delayMs = pendingReport.submitInProgress === true ? Math.min(250, Math.max(50, floorDelayMs)) : floorDelayMs;
+        pendingReport.readySignalTimer = _setTimeout(() => {
+          pendingReport.readySignalTimer = null;
+          const currentPending = getPendingReport(targetId, _pendingReports);
+          if (!currentPending || currentPending.idleNotified) return;
+          if (pendingReportHasSubmitEvidence(currentPending)) {
+            console.log(`[AUTO-REPORT] ${targetId} ready-signal dwell suppressed; submit confirmed`);
+            return;
+          }
+          fireAutoReport(targetId, _sessions[targetId] || targetSession, currentPending, 'ready-signal', deps);
+        }, delayMs);
+      }
+      console.log(`[AUTO-REPORT] ${targetId} ready-signal deferred; awaiting submit confirmation`);
+      return;
+    }
+  }
+
+  pendingReport.idleNotified = true;
+  pendingReport.idleAt = new Date(_now()).toISOString();
 
   // Richer bus event (observability) — now also carries the trigger provenance.
   _broadcast('TASK_IDLE_NO_REPORT', targetId, targetSession, {
@@ -311,7 +298,9 @@ function fireAutoReport(targetId, targetSession, pendingReport, trigger, deps =
   const srcSession = _sessions[srcId];
   if (!srcSession) return;
 
-  const confirmed = elapsedNum >= AUTO_REPORT_MIN_REAL_SECONDS;
+  const confirmed = trigger === 'ready-signal' && pendingReport.submitExpected
+    ? false
+    : (elapsedNum >= AUTO_REPORT_MIN_REAL_SECONDS || hasSubmitEvidence);
   const injTag = pendingReport.injectId ? ` inject=${pendingReport.injectId}` : '';
   const reportMsg = confirmed
     ? `TASK_COMPLETE: ${targetId} is now idle after processing inject (${elapsed}s, via ${trigger}${injTag})`
@@ -346,10 +335,6 @@ function respondWithError(res, httpStatus, code, error, extra = {}) {
   return res.status(httpStatus).json(buildErrorBody(code, error, extra));
 }
 
-function isOpenWebSocket(ws) {
-  return Boolean(ws && ws.readyState === 1);
-}
-
 function normalizeNullableText(value) {
   if (value === undefined || value === null) {
     return null;
@@ -592,9 +577,57 @@ async function executeBootstrapInject(sessionId, session, op) {
   };
 }
 
+function parseSubmitRetryOptions(body = {}, injectedBody = null) {
+  const hasExplicitRetries = body && body.retries !== undefined && body.retries !== null;
+  const retries = Math.min(Math.max(Number(hasExplicitRetries ? body.retries : (injectedBody ? 1 : 0)) || 0, 0), 3);
+  const retryDelayMs = Math.min(Math.max(Number(body?.retry_delay_ms) || 500, 100), 2000);
+  const verifyTimeoutMs = Math.min(Math.max(Number(body?.verify_timeout_ms) || 1500, 200), 5000);
+  return { retries, retryDelayMs, verifyTimeoutMs };
+}
+
+function buildSubmitVerify(confirm) {
+  if (!confirm) return null;
+  return {
+    consumed: confirm.accepted === true,
+    waited_ms: confirm.waited_ms || 0,
+    reason: confirm.reason || null,
+    source: confirm.visibility && confirm.visibility.source ? confirm.visibility.source : undefined,
+    ambiguous: confirm.ambiguous === true || undefined,
+    retryable: confirm.retryable === true || undefined,
+  };
+}
+
+function buildSubmitConfirmOptions(id, session, submittedAtMs, verifyTimeoutMs) {
+  return {
+    timeoutMs: verifyTimeoutMs,
+    intervalMs: 50,
+    submittedAtMs,
+    stripAnsi: stripAnsiState,
+    getState: () => sessionStateManager.getState(id),
+  };
+}
+
+async function confirmSubmitAfterDispatch(id, session, injectedBody, submittedAtMs, verifyTimeoutMs) {
+  if (!injectedBody || injectedBody.length === 0) {
+    return null;
+  }
+  return submitGate.confirmSubmitAccepted(session, injectedBody, buildSubmitConfirmOptions(id, session, submittedAtMs, verifyTimeoutMs));
+}
+
 async function executeBootstrapSubmit(sessionId, session, op) {
-  const strategy = terminalLevelSubmit(sessionId, session);
+  const body = op.body || {};
+  const injectedBody = typeof body.injected_body === 'string' ? body.injected_body : null;
+  const { retries, retryDelayMs, verifyTimeoutMs } = parseSubmitRetryOptions(body, injectedBody);
+  if (injectedBody) {
+    markPendingReportSubmitStarted(sessionId, injectedBody);
+  }
+
+  const submittedAtMs = Date.now();
+  let strategy = terminalLevelSubmit(sessionId, session);
   if (!strategy) {
+    if (injectedBody) {
+      markPendingReportSubmitUnconfirmed(sessionId, { reason: 'strategy_failed', attempts: 0, retryable: false });
+    }
     return {
       status: 503,
       body: {
@@ -606,14 +639,47 @@ async function executeBootstrapSubmit(sessionId, session, op) {
       }
     };
   }
+  let attempts = 1;
+  let confirm = await confirmSubmitAfterDispatch(sessionId, session, injectedBody, submittedAtMs, verifyTimeoutMs);
+  while (confirm && !confirm.accepted && confirm.retryable && attempts <= retries) {
+    await sleep(retryDelayMs);
+    const retrySubmittedAtMs = Date.now();
+    const retryStrategy = terminalLevelSubmit(sessionId, session);
+    if (!retryStrategy) break;
+    strategy = retryStrategy;
+    attempts++;
+    confirm = await confirmSubmitAfterDispatch(sessionId, session, injectedBody, retrySubmittedAtMs, verifyTimeoutMs);
+  }
+
+  if (confirm && !confirm.accepted) {
+    markPendingReportSubmitUnconfirmed(sessionId, { ...confirm, attempts });
+    return {
+      status: 504,
+      body: {
+        error: 'Submit body still visible after bounded confirmation retry',
+        reason: 'submit_unconfirmed',
+        strategy,
+        attempts,
+        gated: false,
+        verify: buildSubmitVerify(confirm),
+        confirm,
+        bootstrap_queued: true
+      }
+    };
+  }
+
+  if (injectedBody) {
+    markPendingReportSubmitConfirmed(sessionId, { ...(confirm || { reason: 'empty_body' }), attempts });
+  }
   return {
     status: 200,
     body: {
       success: true,
       strategy,
-      attempts: 1,
+      attempts,
       gated: false,
-      verify: null,
+      verify: buildSubmitVerify(confirm),
+      confirm,
       bootstrap_queued: true
     }
   };
@@ -1372,29 +1438,11 @@ console.log(`[DAEMON] Terminal backend: ${DETECTED_TERMINAL}`);
 // Restore persisted session metadata (wrapped sessions await reconnect)
 const _persisted = loadPersistedSessions();
 for (const [id, meta] of Object.entries(_persisted)) {
-  if (meta.type === 'wrapped') {
-    sessions[id] = {
-      id, type: 'wrapped', ptyProcess: null, ownerWs: null,
-      command: meta.command || 'wrapped', cwd: meta.cwd || process.cwd(),
-      backend: meta.backend || 'kitty',
-      cmuxWorkspaceId: meta.cmuxWorkspaceId || null,
-      cmuxSurfaceId: meta.cmuxSurfaceId || null,
-      termProgram: meta.termProgram || null,
-      term: meta.term || null,
-      createdAt: meta.createdAt || new Date().toISOString(),
-      lastActivityAt: meta.lastActivityAt || new Date().toISOString(),
-      lastConnectedAt: meta.lastConnectedAt || null,
-      lastDisconnectedAt: meta.lastDisconnectedAt || meta.lastActivityAt || new Date().toISOString(),
-      lastStateReportAt: meta.lastStateReportAt || null,
-      stateReport: meta.stateReport || null,
-      idleTtl: meta.idleTtl || null,
-      idleTtlMs: meta.idleTtlMs == null ? null : meta.idleTtlMs,
-      ownerPid: meta.ownerPid || null,
-      ptyPid: meta.ptyPid || null,
-      clients: new Set(), isClosing: false, outputRing: [], ready: true,     };
-    initializeBootstrapState(sessions[id]);
-    console.log(`[PERSIST] Restored session ${id} (awaiting reconnect)`);
-  }
+  const restored = sessionPersistence.buildRestoredWrappedSession(id, meta, { cwd: process.cwd() });
+  if (!restored) continue;
+  sessions[id] = restored;
+  initializeBootstrapState(sessions[id]);
+  console.log(`[PERSIST] Restored session ${id} (awaiting reconnect)`);
 }
 const STRIPPED_SESSION_ENV_KEYS = [
   'CLAUDECODE',
@@ -2075,15 +2123,13 @@ app.post('/api/sessions/:id/submit', async (req, res) => {
   const session = sessions[resolvedId];
   const id = resolvedId;
 
-  const retries = Math.min(Math.max(Number(req.body?.retries) || 0, 0), 3);
-  const retryDelayMs = Math.min(Math.max(Number(req.body?.retry_delay_ms) || 500, 100), 2000);
   const preDelayMs = Math.min(Math.max(Number(req.body?.pre_delay_ms) || 0, 0), 1000);
   // Default raised 5000 → 10000 (0.3.1) to cover empirical claude REPL
   // ready window (3-6s on fresh spawn) with margin. Upper clamp raised
   // 15000 → 30000 for the rare extreme-cold case.
   const gateTimeoutMs = Math.min(Math.max(Number(req.body?.gate_timeout_ms) || 10000, 500), 30000);
-  const verifyTimeoutMs = Math.min(Math.max(Number(req.body?.verify_timeout_ms) || 1500, 200), 5000);
   const injectedBody = typeof req.body?.injected_body === 'string' ? req.body.injected_body : null;
+  const { retries, retryDelayMs, verifyTimeoutMs } = parseSubmitRetryOptions(req.body || {}, injectedBody);
   const minConfidence = req.body?.min_confidence != null
     ? Math.min(Math.max(Number(req.body.min_confidence), 0), 1)
     : undefined;
@@ -2095,6 +2141,10 @@ app.post('/api/sessions/:id/submit', async (req, res) => {
 
   console.log(`[SUBMIT] Session ${id} (${session.command})${retries > 0 ? `, retries: ${retries}, pre_delay: ${preDelayMs}ms` : ''}${gateOff ? ' [gate=off]' : ''}`);
 
+  if (injectedBody) {
+    markPendingReportSubmitStarted(id, injectedBody);
+  }
+
   // #471 (0.4.5): force=true must bypass the bootstrap gate. Without `!force`
   // here the per-request escape hatch (cli.js --submit-force) is enqueued and
   // 504s before the force-bypass block below ever runs.
@@ -2107,6 +2157,13 @@ app.post('/api/sessions/:id/submit', async (req, res) => {
       drainBootstrapQueue(id, session);
     }
     const queuedSubmit = await waitForBootstrapSubmit(op, session, gateTimeoutMs);
+    if (queuedSubmit.status >= 400 && injectedBody) {
+      markPendingReportSubmitUnconfirmed(id, {
+        reason: queuedSubmit.body && queuedSubmit.body.reason ? queuedSubmit.body.reason : 'bootstrap_submit_failed',
+        attempts: queuedSubmit.body && queuedSubmit.body.attempts ? queuedSubmit.body.attempts : 0,
+        retryable: false
+      });
+    }
     return res.status(queuedSubmit.status).json(queuedSubmit.body);
   }
 
@@ -2128,11 +2185,20 @@ app.post('/api/sessions/:id/submit', async (req, res) => {
   // escape-hatch but at request scope.
   // See: docs/superpowers/specs/2026-04-26-submit-gate-fixes-v2.md §3.1
   if (force) {
+    if (injectedBody) {
+      markPendingReportSubmitStarted(id, injectedBody);
+    }
     const strategy = terminalLevelSubmit(id, session);
     if (strategy) {
+      if (injectedBody) {
+        markPendingReportSubmitConfirmed(id, { reason: 'force', attempts: 1 });
+      }
       emitSubmitBus({ strategy, attempts: 1, gated: false, forced: true });
       return res.json({ success: true, strategy, attempts: 1, gated: false, forced: true });
     }
+    if (injectedBody) {
+      markPendingReportSubmitUnconfirmed(id, { reason: 'strategy_failed', attempts: 0, retryable: false });
+    }
     return res.status(503).json({
       error: 'Submit failed via all strategies (kitty/cmux/pty)',
       strategy: 'none',
@@ -2144,6 +2210,9 @@ app.post('/api/sessions/:id/submit', async (req, res) => {
 
   // ── Legacy escape-hatch path: blind pre-delay + retries (0.2.x behavior) ──
   if (gateOff) {
+    if (injectedBody) {
+      markPendingReportSubmitStarted(id, injectedBody);
+    }
     if (preDelayMs > 0) {
       await new Promise(resolve => setTimeout(resolve, preDelayMs));
     }
@@ -2155,9 +2224,15 @@ app.post('/api/sessions/:id/submit', async (req, res) => {
       legacyAttempts++;
     }
     if (legacyStrategy) {
+      if (injectedBody) {
+        markPendingReportSubmitConfirmed(id, { reason: 'gate_off', attempts: legacyAttempts });
+      }
       emitSubmitBus({ strategy: legacyStrategy, attempts: legacyAttempts, gated: false });
       return res.json({ success: true, strategy: legacyStrategy, attempts: legacyAttempts, gated: false });
     }
+    if (injectedBody) {
+      markPendingReportSubmitUnconfirmed(id, { reason: 'strategy_failed', attempts: legacyAttempts, retryable: false });
+    }
     return res.status(503).json({
       error: 'Submit failed via all strategies (kitty/cmux/pty)',
       strategy: 'none',
@@ -2225,9 +2300,16 @@ app.post('/api/sessions/:id/submit', async (req, res) => {
   }
 
   // Step 2: dispatch Enter via existing kitty → cmux → PTY chain.
+  if (injectedBody) {
+    markPendingReportSubmitStarted(id, injectedBody);
+  }
+  let submittedAtMs = Date.now();
   let strategy = terminalLevelSubmit(id, session);
   let attempts = strategy ? 1 : 0;
   if (!strategy) {
+    if (injectedBody) {
+      markPendingReportSubmitUnconfirmed(id, { reason: 'strategy_failed', attempts: 0, retryable: false });
+    }
     return res.status(503).json({
       error: 'Submit failed via all strategies (kitty/cmux/pty)',
       strategy: 'none',
@@ -2238,47 +2320,51 @@ app.post('/api/sessions/:id/submit', async (req, res) => {
     });
   }
 
-  // Step 3: verify body consumption (only when the caller provided the body).
+  // Step 3: confirm the submit was accepted (only when caller provided body).
   // Without `injected_body`, this is a bare Enter press (`telepty enter` or
-  // `telepty send-key` without force) — there is nothing to verify and one
-  // shot is enough.
+  // `telepty send-key` without force) — there is nothing to confirm and one
+  // shot is enough. A retry is idempotent only when the body is still visible.
   let verify = null;
+  let confirm = null;
   if (injectedBody && injectedBody.length > 0) {
-    verify = await submitGate.verifyBodyConsumed(session, injectedBody, {
-      timeoutMs: verifyTimeoutMs,
-      stripAnsi: stripAnsiState,
-    });
-    if (!verify.consumed) {
+    confirm = await confirmSubmitAfterDispatch(id, session, injectedBody, submittedAtMs, verifyTimeoutMs);
+    while (confirm && !confirm.accepted && confirm.retryable && attempts <= retries) {
       await new Promise(resolve => setTimeout(resolve, retryDelayMs));
+      submittedAtMs = Date.now();
       const retryStrategy = terminalLevelSubmit(id, session);
-      if (retryStrategy) {
-        strategy = retryStrategy;
-        attempts++;
-        verify = await submitGate.verifyBodyConsumed(session, injectedBody, {
-          timeoutMs: verifyTimeoutMs,
-          stripAnsi: stripAnsiState,
-        });
-      }
+      if (!retryStrategy) break;
+      strategy = retryStrategy;
+      attempts++;
+      confirm = await confirmSubmitAfterDispatch(id, session, injectedBody, submittedAtMs, verifyTimeoutMs);
     }
-    // Honest 504: gate timed out AND the body never left the input box even
-    // after the best-effort dispatch + verify. Distinguishable from the legacy
-    // `gate_timeout` reason (which dropped dispatch entirely).
-    if (gatedDispatchAfterTimeout && !verify.consumed) {
+    verify = buildSubmitVerify(confirm);
+
+    if (confirm && !confirm.accepted) {
+      const reason = gatedDispatchAfterTimeout ? 'gated_dispatch_unconsumed' : 'submit_unconfirmed';
       const failBody = {
-        error: 'Submit gated-timeout and body not consumed after best-effort dispatch',
-        reason: 'gated_dispatch_unconsumed',
+        error: gatedDispatchAfterTimeout
+          ? 'Submit gated-timeout and body not consumed after best-effort dispatch'
+          : 'Submit body still visible after bounded confirmation retry',
+        reason,
         last_state: gateResult.last_state,
         strategy,
         attempts,
         gated: true,
         gate_wait_ms: gateResult.waited_ms,
         verify,
+        confirm,
         gated_dispatch_after_timeout: true,
         ...(promptSymbol ? { prompt_symbol: promptSymbol } : {}),
       };
+      if (!gatedDispatchAfterTimeout) {
+        delete failBody.gated_dispatch_after_timeout;
+      }
+      markPendingReportSubmitUnconfirmed(id, { ...confirm, attempts });
       emitSubmitBus(failBody);
       return res.status(504).json(failBody);
     }
+
+    markPendingReportSubmitConfirmed(id, { ...(confirm || { reason: 'empty_body' }), attempts });
   }
 
   const responseBody = {
@@ -2288,6 +2374,7 @@ app.post('/api/sessions/:id/submit', async (req, res) => {
     gated: true,
     gate_wait_ms: gateResult.waited_ms,
     verify,
+    confirm,
     ...(gatedDispatchAfterTimeout ? { gated_dispatch_after_timeout: true } : {}),
     ...(promptSymbol ? { prompt_symbol: promptSymbol } : {}),
   };
@@ -2432,6 +2519,9 @@ app.post('/api/sessions/:id/inject', async (req, res) => {
         source: from,
         injectedAt: injectTimestamp,
         injectId: inject_id,
+        submitExpected: !!no_enter,
+        noEnter: !!no_enter,
+        injectedBodyPreview: prompt.slice(0, 500),
         awaitingReport: true,
         idleNotified: false
       };
@@ -2511,6 +2601,11 @@ app.get('/api/pendingReports/:id', (req, res) => {
     idle_notified: !!entry.idleNotified,
     idle_at: entry.idleAt || null,
     awaiting_report: !!entry.awaitingReport,
+    submit_expected: !!entry.submitExpected,
+    submit_in_progress: !!entry.submitInProgress,
+    submit_confirmed_at: entry.submitConfirmedAt || null,
+    submit_unconfirmed_at: entry.submitUnconfirmedAt || null,
+    saw_working_after_inject: !!entry.sawWorkingAfterInject,
     auto_summary: autoSummary
   });
 });
@@ -2662,6 +2757,18 @@ app.delete('/api/sessions/:id', (req, res) => {
   const session = sessions[resolvedId];
   const id = resolvedId;
   if (session.isClosing) return res.json({ success: true, status: 'closing' });
+  // BUG-C (shared-fate): a wrapped session can be co-bound by a stale/displaced owner bridge
+  // (duplicate --id). A DELETE carrying a token that is NOT the current owner's, while a live
+  // owner ws is still open, is that stale bridge exiting — it must NOT tear down the live owner.
+  // Detach-only (no-op): leave the record and every client untouched. Tokenless callers
+  // (operator `telepty delete`, ghost clean) and matching-token current-owner exits are
+  // unaffected. Forceful kills go through POST /:id/kill (teardownSessionById), not here.
+  const ownerToken = req.query.owner_token;
+  if (session.type === 'wrapped'
+      && ownerToken && session.ownerToken && ownerToken !== session.ownerToken
+      && isOpenWebSocket(session.ownerWs)) {
+    return res.json({ success: true, status: 'stale-detached' });
+  }
   try {
     session.isClosing = true;
     if (session.type === 'wrapped') {
@@ -3236,6 +3343,19 @@ if (require.main === module) setInterval(() => {
     // once), so this GCs NOTHING in that case — preserving the #486/#488 survival guarantee.
     if (session.type === 'wrapped' && session.backend === 'cmux' && session.cmuxWorkspaceId
         && isOpenWebSocket(session.ownerWs)) {
+      const mismatchProbe = terminalBackend.detectSurfaceMismatch(session, { sessionId: id });
+      const mismatchAction = applySurfaceMismatchProbe(id, session, mismatchProbe, {
+        nowMs: now,
+        emit: (extra) => broadcastSessionEvent('surface_mismatched', id, session, { nowMs: now, extra })
+      });
+      if (mismatchAction.action === 'mark') {
+        console.log(`[SURFACE-MISMATCH] mismatch candidate for ${id} (${mismatchProbe.observedSurface}) — ${SURFACE_MISMATCH_SECONDS}s debounce started`);
+      } else if (mismatchAction.action === 'emit') {
+        console.log(`[SURFACE-MISMATCH] emitted surface_mismatched for ${id}: ${mismatchProbe.observedSurface} (${mismatchAction.mismatchSeconds}s)`);
+      } else if (mismatchAction.action === 'recover') {
+        console.log(`[SURFACE-MISMATCH] ${id} recovered/indeterminate — clearing mismatch debounce`);
+      }
+
       const liveness = terminalBackend.isSurfaceAlive(session);
       const gcAction = decideSurfaceGc(liveness, session, now);
       if (gcAction === 'mark') {
@@ -3317,250 +3437,33 @@ if (server) server.on('error', async (error) => {
   throw error;
 });
 
-
-const wss = new WebSocketServer({ noServer: true });
-
-wss.on('connection', (ws, req) => {
-  const url = new URL(req.url, 'http://' + req.headers.host);
-  const sessionId = url.pathname.split('/').pop();
-  const session = sessions[sessionId];
-  // ?owner=1 indicates the allow bridge (PTY owner), not an attach viewer
-  const isOwnerConnect = url.searchParams.get('owner') === '1';
-
-  // Ping/pong heartbeat — detect and terminate stale TCP half-open connections (30s interval)
-  let isAlive = true;
-  ws.on('pong', () => { isAlive = true; });
-  const pingInterval = setInterval(() => {
-    if (!isAlive) {
-      console.log(`[WS] Terminating stale connection (no pong) for ${sessionId}`);
-      ws.terminate();
-      return;
-    }
-    isAlive = false;
-    ws.ping();
-  }, 30000);
-
-  if (!session) {
-    const connectedAt = new Date().toISOString();
-    // Auto-register wrapped session on WS connect (supports reconnect after daemon restart)
-    const autoSession = {
-      id: sessionId,
-      type: 'wrapped',
-      ptyProcess: null,
-      ownerWs: ws,
-      command: 'wrapped',
-      cwd: process.cwd(),
-      createdAt: connectedAt,
-      lastActivityAt: connectedAt,
-      lastConnectedAt: connectedAt,
-      lastDisconnectedAt: null,
-      clients: new Set([ws]),
-      isClosing: false,
-      outputRing: [],
-      ready: true,
-          };
-    initializeBootstrapState(autoSession);
-    sessions[sessionId] = autoSession;
-    console.log(`[WS] Auto-registered wrapped session ${sessionId} on reconnect`);
-    // Set tab title via kitty (no \x0c redraw — it causes flickering on multi-session reconnect)
-    setTimeout(() => {
-      const sock = findKittySocket();
-      const wid = findKittyWindowId(sock, sessionId);
-      if (sock && wid) {
-        try {
-          require('child_process').execSync(`kitty @ --to unix:${sock} set-tab-title --match id:${wid} '⚡ telepty :: ${sessionId}'`, {
-            timeout: 2000, stdio: ['pipe', 'pipe', 'pipe']
-          });
-        } catch {}
-      }
-    }, 1000);
-  } else {
-    session.clients.add(ws);
-  }
-
-  const activeSession = sessions[sessionId];
-
-  // For wrapped sessions, first connector OR explicit ?owner=1 claim becomes the owner.
-  // ?owner=1 reclaim handles the stale-ownerWs bug: allow bridge reconnects but stale TCP
-  // half-open connection still holds ownerWs slot → reconnect wrongly becomes a viewer.
-  if (activeSession.type === 'wrapped' && (!activeSession.ownerWs || isOwnerConnect)) {
-    const hadDisconnectedOwner = !isOpenWebSocket(activeSession.ownerWs) && activeSession.lastDisconnectedAt;
-    if (isOwnerConnect && activeSession.ownerWs && activeSession.ownerWs !== ws) {
-      // Terminate the stale owner connection before claiming ownership
-      console.log(`[WS] Replacing stale ownerWs for session ${sessionId}`);
-      activeSession.ownerWs.terminate();
-    }
-    activeSession.ownerWs = ws;
-    markSessionConnected(activeSession);
-    initializeBootstrapState(activeSession);
-    console.log(`[WS] Wrap owner ${isOwnerConnect && activeSession.clients.size > 1 ? 're-' : ''}connected for session ${sessionId} (Total: ${activeSession.clients.size})`);
-    scheduleBootstrapPromptPoll(sessionId, activeSession);
-    if (hadDisconnectedOwner) {
-      emitSessionLifecycleEvent('session_reconnect', sessionId, activeSession);
-    }
-    persistSessions();
-  } else {
-    console.log(`[WS] Client attached to session ${sessionId} (Total: ${activeSession.clients.size})`);
-  }
-
-  ws.on('message', (message) => {
-    try {
-      const { type, data, cols, rows } = JSON.parse(message);
-
-      if (activeSession.type === 'wrapped') {
-        if (ws === activeSession.ownerWs) {
-          // Owner sending output -> broadcast to other clients + update activity
-          if (type === 'output') {
-            activeSession.lastActivityAt = new Date().toISOString();
-            appendToOutputRing(activeSession, data);
-            sessionStateManager.feed(sessionId, data);
-            activeSession.clients.forEach(client => {
-              if (client !== ws && client.readyState === 1) {
-                client.send(JSON.stringify({ type: 'output', data }));
-              }
-            });
-          } else if (type === 'ready') {
-            if (isBootstrapGatedSession(activeSession)) {
-              markBootstrapReady(sessionId, activeSession, 'bridge_ready');
-            } else {
-              activeSession.ready = true;
-            }
-            activeSession.lastActivityAt = new Date().toISOString();
-            console.log(`[READY] Session ${sessionId} CLI is ready for inject`);
-            // Broadcast readiness to bus (cmux/kitty paths now enabled for this session)
-            const readyMsg = JSON.stringify({
-              type: 'session_ready',
-              session_id: sessionId,
-              timestamp: new Date().toISOString()
-            });
-            busClients.forEach(client => {
-              if (client.readyState === 1) client.send(readyMsg);
-            });
-            // Auto-report: notify source that target completed inject task
-            // Legacy ready-signal auto-report path. Skip if onTransition already
-            // fired (pendingReports[sessionId].idleNotified === true).
-            const pendingReport = pendingReports[sessionId];
-            if (pendingReport && !pendingReport.idleNotified) {
-              // ready-signal: cli.js bridge emitted a 'ready' WS frame.
-              fireAutoReport(sessionId, activeSession, pendingReport, 'ready-signal');
-            }
-          }
-        } else {
-          // Non-owner client input -> forward to owner as inject
-          if (type === 'input' && activeSession.ownerWs && activeSession.ownerWs.readyState === 1) {
-            activeSession.ownerWs.send(JSON.stringify({ type: 'inject', data }));
-          } else if (type === 'resize' && activeSession.ownerWs && activeSession.ownerWs.readyState === 1) {
-            activeSession.ownerWs.send(JSON.stringify({ type: 'resize', cols, rows }));
-          }
-        }
-      } else {
-        // Existing spawned session logic
-        if (type === 'input') {
-          activeSession.ptyProcess.write(data);
-        } else if (type === 'resize') {
-          activeSession.ptyProcess.resize(cols, rows);
-        }
-      }
-    } catch (e) {
-      console.error('[WS] Invalid message format', e);
-    }
-  });
-
-  ws.on('close', () => {
-    clearInterval(pingInterval);
-    activeSession.clients.delete(ws);
-    if (activeSession.type === 'wrapped' && ws === activeSession.ownerWs) {
-      activeSession.ownerWs = null;
-      // #29: cancel any pending owner-alive optimistic timer — the owner is gone, so the
-      // floor must not flip a disconnected session ready (hygiene; the timer also re-guards
-      // on isOpenWebSocket, but clearing avoids a dangling handle).
-      if (activeSession.bootstrapOptimisticTimer) {
-        clearTimeout(activeSession.bootstrapOptimisticTimer);
-        activeSession.bootstrapOptimisticTimer = null;
-      }
-      markSessionDisconnected(activeSession);
-      console.log(`[WS] Wrap owner disconnected from session ${sessionId} (Total: ${activeSession.clients.size})`);
-      emitSessionLifecycleEvent('session_disconnect', sessionId, activeSession, {
-        clients: activeSession.clients.size
-      });
-      persistSessions();
-    } else {
-      console.log(`[WS] Client detached from session ${sessionId} (Total: ${activeSession.clients.size})`);
-    }
-  });
-});
-
-const busWss = new WebSocketServer({ noServer: true });
 const busClients = new Set();
 
-busWss.on('connection', (ws, req) => {
-  busClients.add(ws);
-  console.log('[BUS] New agent connected to event bus');
-
-  ws.on('message', (message) => {
-    try {
-      const msg = JSON.parse(message);
-      if (msg.type === 'session_state_report') {
-        const resolvedId = resolveSessionAlias(msg.session_id || '');
-        if (!resolvedId || !sessions[resolvedId]) {
-          return;
-        }
-
-        const applied = applySessionStateReport(resolvedId, sessions[resolvedId], msg);
-        if (!applied.success) {
-          return;
-        }
-
-        if (!msg._relayed_from) relayToPeers(applied.event);
-        persistSessions();
-        return;
-      }
-
-      // Broadcast to all other bus clients
-      busClients.forEach(client => {
-        if (client !== ws && client.readyState === 1) {
-          client.send(JSON.stringify(msg));
-        }
-      });
-
-      // Auto-route turn_request events (shared logic with HTTP publish)
-      busAutoRoute(msg);
-      // Relay to peer daemons (dedup prevents loops)
-      if (!msg._relayed_from) relayToPeers(msg);
-    } catch (e) {
-      console.error('[BUS] Invalid message format', e);
-    }
-  });
-
-  ws.on('close', () => {
-    busClients.delete(ws);
-    console.log('[BUS] Agent disconnected from event bus');
-  });
-});
-
-if (server) server.on('upgrade', (req, socket, head) => {
-  const url = new URL(req.url, 'http://' + req.headers.host);
-  const token = url.searchParams.get('token');
-  
-  const wsAuthHeader = req.headers['authorization'] || '';
-  const wsJwtValid = wsAuthHeader.startsWith('Bearer ') && verifyJwt(wsAuthHeader.slice(7));
-  if (!isAllowedPeer(req.socket.remoteAddress) && token !== EXPECTED_TOKEN && !wsJwtValid) {
-    socket.write('HTTP/1.1 401 Unauthorized\r\n\r\n');
-    socket.destroy();
-    return;
-  }
-
-  if (url.pathname.startsWith('/api/sessions/')) {
-    wss.handleUpgrade(req, socket, head, (ws) => {
-      wss.emit('connection', ws, req);
-    });
-  } else if (url.pathname === '/api/bus') {
-    busWss.handleUpgrade(req, socket, head, (ws) => {
-      busWss.emit('connection', ws, req);
-    });
-  } else {
-    socket.destroy();
-  }
+installWebSocketTransport({
+  server,
+  sessions,
+  busClients,
+  expectedToken: EXPECTED_TOKEN,
+  verifyJwt,
+  isAllowedPeer,
+  initializeBootstrapState,
+  findKittySocket,
+  findKittyWindowId,
+  markSessionConnected,
+  scheduleBootstrapPromptPoll,
+  emitSessionLifecycleEvent,
+  persistSessions,
+  appendToOutputRing,
+  sessionStateManager,
+  isBootstrapGatedSession,
+  markBootstrapReady,
+  pendingReports,
+  fireAutoReport,
+  markSessionDisconnected,
+  resolveSessionAlias,
+  applySessionStateReport,
+  relayToPeers,
+  busAutoRoute
 });
 
 function shutdown(code) {
@@ -3589,4 +3492,5 @@ module.exports = {
   shouldApplyOwnerAliveFloor,     // #29: owner-alive optimistic-floor decision (deps DI: isProcessRunning/...)
   scheduleBootstrapPromptPoll,    // #29: arms the floor timer (deps DI: setTimeout/...)
   decideSurfaceGc,                // #17: surface-liveness verdict→action (incl. INV-17 unknown→skip)
+  applySurfaceMismatchProbe,      // surface_mismatched debounce + payload helper (deps DI: emit/clock)
 };