@hackersbaby/plugin 0.4.3 → 0.5.1

package/dist/hooks/cursor/tool-call.js

@@ -6,9 +6,16 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
 var __commonJS = (cb, mod) => function __require() {
   return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
 };
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
 var __copyProps = (to, from, except, desc) => {
   if (from && typeof from === "object" || typeof from === "function") {
     for (let key of __getOwnPropNames(from))
@@ -25,6 +32,7 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
   isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
   mod
 ));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
 // ../shared/dist/types.js
 var require_types = __commonJS({
@@ -98,6 +106,45 @@ var require_scoring = __commonJS({
   }
 });
 
+// ../shared/dist/anticheat.js
+var require_anticheat = __commonJS({
+  "../shared/dist/anticheat.js"(exports2) {
+    "use strict";
+    Object.defineProperty(exports2, "__esModule", { value: true });
+    exports2.hashEvent = hashEvent;
+    exports2.computeChainHash = computeChainHash2;
+    exports2.signBatch = signBatch2;
+    exports2.verifyBatchSignature = verifyBatchSignature;
+    var crypto_1 = require("crypto");
+    function hashEvent(event, prevHash) {
+      const payload = `${prevHash}|${event.action_type}|${event.value}|${event.timestamp}`;
+      return (0, crypto_1.createHash)("sha256").update(payload).digest("hex").slice(0, 16);
+    }
+    function computeChainHash2(events, initialHash = "0000000000000000") {
+      let hash = initialHash;
+      for (const event of events) {
+        hash = hashEvent(event, hash);
+      }
+      return hash;
+    }
+    function signBatch2(sessionId, events, chainHash, secret) {
+      const valueSum = events.reduce((s, e) => s + e.value, 0);
+      const message = `${sessionId}|${chainHash}|${events.length}|${valueSum}`;
+      return (0, crypto_1.createHmac)("sha256", secret).update(message).digest("hex");
+    }
+    function verifyBatchSignature(sessionId, events, chainHash, signature, secret) {
+      const expected = signBatch2(sessionId, events, chainHash, secret);
+      if (expected.length !== signature.length)
+        return false;
+      let mismatch = 0;
+      for (let i = 0; i < expected.length; i++) {
+        mismatch |= expected.charCodeAt(i) ^ signature.charCodeAt(i);
+      }
+      return mismatch === 0;
+    }
+  }
+});
+
 // ../shared/dist/index.js
 var require_dist = __commonJS({
   "../shared/dist/index.js"(exports2) {
@@ -121,22 +168,11 @@ var require_dist = __commonJS({
     Object.defineProperty(exports2, "__esModule", { value: true });
     __exportStar(require_types(), exports2);
     __exportStar(require_scoring(), exports2);
+    __exportStar(require_anticheat(), exports2);
   }
 });
 
-// src/hooks/shared/tool-call.ts
-var import_shared = __toESM(require_dist());
-
-// src/collector.ts
-var import_uuid = require("uuid");
-
 // src/config.ts
-var import_fs = __toESM(require("fs"));
-var import_path = __toESM(require("path"));
-var import_os = __toESM(require("os"));
-var CONFIG_DIR = import_path.default.join(import_os.default.homedir(), ".hackersbaby");
-var CONFIG_FILE = import_path.default.join(CONFIG_DIR, "config.json");
-var QUEUE_FILE = import_path.default.join(CONFIG_DIR, "queue.jsonl");
 function sessionStateFile(source) {
   return import_path.default.join(CONFIG_DIR, `active-session-${source}.json`);
 }
@@ -158,122 +194,188 @@ function saveConfig(config) {
   ensureConfigDir();
   import_fs.default.writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2), "utf-8");
 }
+var import_fs, import_path, import_os, CONFIG_DIR, CONFIG_FILE, QUEUE_FILE;
+var init_config = __esm({
+  "src/config.ts"() {
+    "use strict";
+    import_fs = __toESM(require("fs"));
+    import_path = __toESM(require("path"));
+    import_os = __toESM(require("os"));
+    CONFIG_DIR = import_path.default.join(import_os.default.homedir(), ".hackersbaby");
+    CONFIG_FILE = import_path.default.join(CONFIG_DIR, "config.json");
+    QUEUE_FILE = import_path.default.join(CONFIG_DIR, "queue.jsonl");
+  }
+});
 
 // src/api-client.ts
-var APIClient = class {
-  config = loadConfig();
-  get headers() {
-    return {
-      "Content-Type": "application/json",
-      Authorization: `Bearer ${this.config?.token || ""}`
-    };
-  }
-  async sendBatch(batch) {
-    try {
-      const server = this.config?.server || "https://hackers.baby";
-      const res = await fetch(`${server}/api/scores/batch`, {
-        method: "POST",
-        headers: this.headers,
-        body: JSON.stringify(batch)
-      });
-      return res.ok;
-    } catch {
-      return false;
-    }
-  }
-  async refreshTokenIfNeeded() {
-    if (!this.config) return;
-    try {
-      const parts = this.config.token.split(".");
-      if (parts.length !== 3) return;
-      const payload = JSON.parse(Buffer.from(parts[1], "base64").toString("utf-8"));
-      const expMs = payload.exp * 1e3;
-      const oneDayMs = 24 * 60 * 60 * 1e3;
-      if (Date.now() + oneDayMs < expMs) return;
-      const res = await fetch(`${this.config.server}/api/auth/cli-token/refresh`, {
-        method: "POST",
-        headers: this.headers,
-        body: JSON.stringify({ refresh_token: this.config.refresh_token })
-      });
-      if (res.ok) {
-        const data = await res.json();
-        if (data.token) {
-          this.config.token = data.token;
-          if (data.refresh_token) this.config.refresh_token = data.refresh_token;
-          saveConfig(this.config);
+var import_shared, APIClient;
+var init_api_client = __esm({
+  "src/api-client.ts"() {
+    "use strict";
+    init_config();
+    import_shared = __toESM(require_dist());
+    APIClient = class {
+      config = loadConfig();
+      sessionSecret = null;
+      chainHash = "0000000000000000";
+      onChainUpdate = null;
+      /** Set callback to persist chain state between hook processes */
+      setChainUpdateCallback(cb) {
+        this.onChainUpdate = cb;
+      }
+      /** Restore crypto state from a previous session */
+      restoreCryptoState(secret, chainHash) {
+        this.sessionSecret = secret;
+        this.chainHash = chainHash;
+      }
+      get headers() {
+        return {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${this.config?.token || ""}`
+        };
+      }
+      /** Get current crypto state for persistence */
+      getCryptoState() {
+        if (!this.sessionSecret) return null;
+        return { secret: this.sessionSecret, chainHash: this.chainHash };
+      }
+      /** Register session with server and get cryptographic secret */
+      async startSession(sessionId) {
+        try {
+          const server = this.config?.server || "https://hackers.baby";
+          const res = await fetch(`${server}/api/sessions/start`, {
+            method: "POST",
+            headers: this.headers,
+            body: JSON.stringify({ session_id: sessionId })
+          });
+          if (res.ok) {
+            const data = await res.json();
+            this.sessionSecret = data.session_secret;
+            this.chainHash = data.initial_chain_hash;
+            return true;
+          }
+          return false;
+        } catch {
+          return false;
         }
       }
-    } catch {
-    }
-  }
-  async getStatus() {
-    const server = this.config?.server || "https://hackers.baby";
-    const res = await fetch(`${server}/api/users/me`, { headers: this.headers });
-    if (!res.ok) throw new Error(`getStatus failed: ${res.status}`);
-    return res.json();
-  }
-  async getRank() {
-    const server = this.config?.server || "https://hackers.baby";
-    const res = await fetch(`${server}/api/users/me/rank`, { headers: this.headers });
-    if (!res.ok) throw new Error(`getRank failed: ${res.status}`);
-    return res.json();
-  }
-  async getLeaderboard() {
-    const server = this.config?.server || "https://hackers.baby";
-    const res = await fetch(`${server}/api/leaderboard/global?limit=10`, { headers: this.headers });
-    if (!res.ok) throw new Error(`getLeaderboard failed: ${res.status}`);
-    return res.json();
-  }
-  async getPublicStats() {
-    try {
-      const server = this.config?.server || "https://hackers.baby";
-      const res = await fetch(`${server}/api/stats/public`);
-      if (!res.ok) return null;
-      return res.json();
-    } catch {
-      return null;
-    }
-  }
-  async getNotifications() {
-    try {
-      const server = this.config?.server || "https://hackers.baby";
-      const res = await fetch(`${server}/api/users/me/notifications`, { headers: this.headers });
-      if (!res.ok) return null;
-      return res.json();
-    } catch {
-      return null;
-    }
-  }
-  async claimReferral(code) {
-    try {
-      const server = this.config?.server || "https://hackers.baby";
-      const res = await fetch(`${server}/api/referral/claim`, {
-        method: "POST",
-        headers: this.headers,
-        body: JSON.stringify({ referral_code: code })
-      });
-      if (!res.ok) return null;
-      return res.json();
-    } catch {
-      return null;
-    }
-  }
-  async getReferralStats() {
-    try {
-      const server = this.config?.server || "https://hackers.baby";
-      const res = await fetch(`${server}/api/referral/stats`, { headers: this.headers });
-      if (!res.ok) return null;
-      return res.json();
-    } catch {
-      return null;
-    }
+      async sendBatch(batch) {
+        try {
+          const server = this.config?.server || "https://hackers.baby";
+          if (this.sessionSecret) {
+            const prevChainHash = this.chainHash;
+            const newChainHash = (0, import_shared.computeChainHash)(batch.events, prevChainHash);
+            const signature = (0, import_shared.signBatch)(batch.session_id, batch.events, newChainHash, this.sessionSecret);
+            batch.signature = signature;
+            batch.chain_hash = newChainHash;
+            batch.prev_chain_hash = prevChainHash;
+            this.chainHash = newChainHash;
+            if (this.onChainUpdate) {
+              this.onChainUpdate(this.chainHash, this.sessionSecret);
+            }
+          }
+          const res = await fetch(`${server}/api/scores/batch`, {
+            method: "POST",
+            headers: this.headers,
+            body: JSON.stringify(batch)
+          });
+          return res.ok;
+        } catch {
+          return false;
+        }
+      }
+      async refreshTokenIfNeeded() {
+        if (!this.config) return;
+        try {
+          const parts = this.config.token.split(".");
+          if (parts.length !== 3) return;
+          const payload = JSON.parse(Buffer.from(parts[1], "base64").toString("utf-8"));
+          const expMs = payload.exp * 1e3;
+          const oneDayMs = 24 * 60 * 60 * 1e3;
+          if (Date.now() + oneDayMs < expMs) return;
+          const res = await fetch(`${this.config.server}/api/auth/cli-token/refresh`, {
+            method: "POST",
+            headers: this.headers,
+            body: JSON.stringify({ refresh_token: this.config.refresh_token })
+          });
+          if (res.ok) {
+            const data = await res.json();
+            if (data.token) {
+              this.config.token = data.token;
+              if (data.refresh_token) this.config.refresh_token = data.refresh_token;
+              saveConfig(this.config);
+            }
+          }
+        } catch {
+        }
+      }
+      async getStatus() {
+        const server = this.config?.server || "https://hackers.baby";
+        const res = await fetch(`${server}/api/users/me`, { headers: this.headers });
+        if (!res.ok) throw new Error(`getStatus failed: ${res.status}`);
+        return res.json();
+      }
+      async getRank() {
+        const server = this.config?.server || "https://hackers.baby";
+        const res = await fetch(`${server}/api/users/me/rank`, { headers: this.headers });
+        if (!res.ok) throw new Error(`getRank failed: ${res.status}`);
+        return res.json();
+      }
+      async getLeaderboard() {
+        const server = this.config?.server || "https://hackers.baby";
+        const res = await fetch(`${server}/api/leaderboard/global?limit=10`, { headers: this.headers });
+        if (!res.ok) throw new Error(`getLeaderboard failed: ${res.status}`);
+        return res.json();
+      }
+      async getPublicStats() {
+        try {
+          const server = this.config?.server || "https://hackers.baby";
+          const res = await fetch(`${server}/api/stats/public`);
+          if (!res.ok) return null;
+          return res.json();
+        } catch {
+          return null;
+        }
+      }
+      async getNotifications() {
+        try {
+          const server = this.config?.server || "https://hackers.baby";
+          const res = await fetch(`${server}/api/users/me/notifications`, { headers: this.headers });
+          if (!res.ok) return null;
+          return res.json();
+        } catch {
+          return null;
+        }
+      }
+      async claimReferral(code) {
+        try {
+          const server = this.config?.server || "https://hackers.baby";
+          const res = await fetch(`${server}/api/referral/claim`, {
+            method: "POST",
+            headers: this.headers,
+            body: JSON.stringify({ referral_code: code })
+          });
+          if (!res.ok) return null;
+          return res.json();
+        } catch {
+          return null;
+        }
+      }
+      async getReferralStats() {
+        try {
+          const server = this.config?.server || "https://hackers.baby";
+          const res = await fetch(`${server}/api/referral/stats`, { headers: this.headers });
+          if (!res.ok) return null;
+          return res.json();
+        } catch {
+          return null;
+        }
+      }
+    };
   }
-};
+});
 
 // src/queue.ts
-var import_fs2 = __toESM(require("fs"));
-var MAX_QUEUE_SIZE = 1e4;
-var MAX_AGE_MS = 24 * 60 * 60 * 1e3;
 function enqueueEvents(events) {
   ensureConfigDir();
   const lines = events.map((e) => JSON.stringify(e)).join("\n");
@@ -311,75 +413,132 @@ function drainQueue() {
     return [];
   }
 }
+var import_fs2, MAX_QUEUE_SIZE, MAX_AGE_MS;
+var init_queue = __esm({
+  "src/queue.ts"() {
+    "use strict";
+    import_fs2 = __toESM(require("fs"));
+    init_config();
+    MAX_QUEUE_SIZE = 1e4;
+    MAX_AGE_MS = 24 * 60 * 60 * 1e3;
+  }
+});
 
 // src/collector.ts
-var EventCollector = class {
-  sessionId;
-  buffer = [];
-  flushInterval = null;
-  client;
-  source;
-  constructor(sessionId, source) {
-    this.sessionId = sessionId ?? (0, import_uuid.v4)();
-    this.client = new APIClient();
-    this.source = source;
-  }
-  addEvent(event) {
-    const metadata = this.source ? { ...event.metadata, source: this.source } : event.metadata;
-    this.buffer.push({
-      ...event,
-      metadata,
-      timestamp: (/* @__PURE__ */ new Date()).toISOString()
-    });
-  }
-  async start() {
-    await this.client.refreshTokenIfNeeded();
-    const queued = drainQueue();
-    if (queued.length > 0) {
-      const batch = { session_id: this.sessionId, events: queued };
-      const ok = await this.client.sendBatch(batch);
-      if (!ok) {
-        enqueueEvents(queued);
+var collector_exports = {};
+__export(collector_exports, {
+  EventCollector: () => EventCollector
+});
+var import_uuid, EventCollector;
+var init_collector = __esm({
+  "src/collector.ts"() {
+    "use strict";
+    import_uuid = require("uuid");
+    init_api_client();
+    init_queue();
+    init_config();
+    EventCollector = class {
+      sessionId;
+      buffer = [];
+      flushInterval = null;
+      client;
+      source;
+      constructor(sessionId, source) {
+        this.sessionId = sessionId ?? (0, import_uuid.v4)();
+        this.client = new APIClient();
+        this.source = source;
       }
-    }
-    const config = loadConfig();
-    const intervalMs = config?.preferences?.batch_interval_ms ?? 1e4;
-    this.flushInterval = setInterval(() => {
-      this.flush().catch(() => {
-      });
-    }, intervalMs);
-  }
-  async flush() {
-    if (this.buffer.length === 0) return;
-    const events = this.buffer.splice(0);
-    const batch = { session_id: this.sessionId, events };
-    const ok = await this.client.sendBatch(batch);
-    if (!ok) {
-      enqueueEvents(events);
-    }
-  }
-  async stop() {
-    if (this.flushInterval !== null) {
-      clearInterval(this.flushInterval);
-      this.flushInterval = null;
-    }
-    this.addEvent({ action_type: "session_completed", value: 1, metadata: {} });
-    await this.flush();
+      /** Restore crypto state from persisted session data */
+      restoreCrypto(secret, chainHash) {
+        this.client.restoreCryptoState(secret, chainHash);
+      }
+      /** Set callback to persist crypto state after each batch */
+      setCryptoUpdateCallback(cb) {
+        this.client.setChainUpdateCallback(cb);
+      }
+      addEvent(event) {
+        const metadata = this.source ? { ...event.metadata, source: this.source } : event.metadata;
+        this.buffer.push({
+          ...event,
+          metadata,
+          timestamp: (/* @__PURE__ */ new Date()).toISOString()
+        });
+      }
+      async start() {
+        await this.client.refreshTokenIfNeeded();
+        await this.client.startSession(this.sessionId);
+        const queued = drainQueue();
+        if (queued.length > 0) {
+          const batch = { session_id: this.sessionId, events: queued };
+          const ok = await this.client.sendBatch(batch);
+          if (!ok) {
+            enqueueEvents(queued);
+          }
+        }
+        const config = loadConfig();
+        const intervalMs = config?.preferences?.batch_interval_ms ?? 1e4;
+        this.flushInterval = setInterval(() => {
+          this.flush().catch(() => {
+          });
+        }, intervalMs);
+      }
+      async flush() {
+        if (this.buffer.length === 0) return;
+        const events = this.buffer.splice(0);
+        const batch = { session_id: this.sessionId, events };
+        const ok = await this.client.sendBatch(batch);
+        if (!ok) {
+          enqueueEvents(events);
+        }
+      }
+      async stop() {
+        if (this.flushInterval !== null) {
+          clearInterval(this.flushInterval);
+          this.flushInterval = null;
+        }
+        this.addEvent({ action_type: "session_completed", value: 1, metadata: {} });
+        await this.flush();
+      }
+    };
   }
-};
+});
+
+// src/hooks/shared/tool-call.ts
+var import_shared2 = __toESM(require_dist());
 
 // src/hooks/shared/utils.ts
 var import_fs3 = __toESM(require("fs"));
-function loadSessionId(source) {
+init_config();
+function loadSessionState(source) {
   try {
     const file = sessionStateFile(source);
     if (!import_fs3.default.existsSync(file)) return void 0;
-    const data = JSON.parse(import_fs3.default.readFileSync(file, "utf-8"));
-    return data.sessionId;
+    return JSON.parse(import_fs3.default.readFileSync(file, "utf-8"));
   } catch {
     return void 0;
   }
 }
+function loadSessionId(source) {
+  return loadSessionState(source)?.sessionId;
+}
+function updateSessionState(source, updates) {
+  const state = loadSessionState(source);
+  if (!state) return;
+  const file = sessionStateFile(source);
+  import_fs3.default.writeFileSync(file, JSON.stringify({ ...state, ...updates }));
+}
+function createCollector(sessionId, source) {
+  const { EventCollector: EventCollector2 } = (init_collector(), __toCommonJS(collector_exports));
+  const collector = new EventCollector2(sessionId, source);
+  const state = loadSessionState(source);
+  if (state?.sessionSecret && state?.chainHash && state.sessionId === sessionId) {
+    collector.restoreCrypto(state.sessionSecret, state.chainHash);
+    collector.setCryptoUpdateCallback((chainHash, secret) => {
+      updateSessionState(source, { chainHash, sessionSecret: secret });
+    });
+  }
+  return collector;
+}
 function readStdin() {
   return new Promise((resolve) => {
     let input = "";
@@ -411,7 +570,7 @@ async function handleToolCall(source) {
     const toolName = hookData.tool_name || "unknown";
     const toolInput = hookData.tool_input || {};
     const sessionId = hookData.session_id || loadSessionId(detected);
-    const collector = new EventCollector(sessionId, detected);
+    const collector = createCollector(sessionId, detected);
     collector.addEvent({ action_type: "tool_call", value: 1, metadata: { tool_name: toolName } });
     if (hookData.input_tokens) {
       collector.addEvent({ action_type: "token_input", value: hookData.input_tokens, metadata: {} });
@@ -419,7 +578,7 @@ async function handleToolCall(source) {
     if (hookData.output_tokens) {
       collector.addEvent({ action_type: "token_output", value: hookData.output_tokens, metadata: {} });
     }
-    if (toolName === "Bash" && toolInput.command && (0, import_shared.isDeployCommand)(toolInput.command)) {
+    if (toolName === "Bash" && toolInput.command && (0, import_shared2.isDeployCommand)(toolInput.command)) {
       collector.addEvent({ action_type: "deployment", value: 1, metadata: {} });
     }
     if (toolName === "Write") {