npm - @hivemind-os/collective-daemon - Versions diffs - 0.2.0 - Mend

@hivemind-os/collective-daemon 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

package/dist/chunk-57QD6553.js +803 -0
package/dist/chunk-57QD6553.js.map +1 -0
package/dist/chunk-BHN4GOYD.js +1196 -0
package/dist/chunk-BHN4GOYD.js.map +1 -0
package/dist/chunk-BJW47ZD5.js +341 -0
package/dist/chunk-BJW47ZD5.js.map +1 -0
package/dist/chunk-CJHYQ7RR.js +656 -0
package/dist/chunk-CJHYQ7RR.js.map +1 -0
package/dist/chunk-NXIFS427.js +183 -0
package/dist/chunk-NXIFS427.js.map +1 -0
package/dist/chunk-Q3V4V7UR.js +305 -0
package/dist/chunk-Q3V4V7UR.js.map +1 -0
package/dist/chunk-VHECO532.js +1005 -0
package/dist/chunk-VHECO532.js.map +1 -0
package/dist/config-SuloXL2_.d.ts +90 -0
package/dist/config.d.ts +3 -0
package/dist/config.js +19 -0
package/dist/config.js.map +1 -0
package/dist/index.d.ts +4 -0
package/dist/index.js +523 -0
package/dist/index.js.map +1 -0
package/dist/ipc/server.d.ts +69 -0
package/dist/ipc/server.js +8 -0
package/dist/ipc/server.js.map +1 -0
package/dist/portal/server.d.ts +72 -0
package/dist/portal/server.js +10 -0
package/dist/portal/server.js.map +1 -0
package/dist/provider/index.d.ts +202 -0
package/dist/provider/index.js +22 -0
package/dist/provider/index.js.map +1 -0
package/dist/relay/index.d.ts +55 -0
package/dist/relay/index.js +7 -0
package/dist/relay/index.js.map +1 -0
package/dist/session-monitor-P9hNAFw4.d.ts +16 -0
package/dist/state.d.ts +59 -0
package/dist/state.js +11 -0
package/dist/state.js.map +1 -0
package/package.json +72 -0

package/dist/index.js ADDED Viewed

@@ -0,0 +1,523 @@
+#!/usr/bin/env node
+import {
+  IpcServer
+} from "./chunk-BHN4GOYD.js";
+import {
+  PortalServer
+} from "./chunk-VHECO532.js";
+import {
+  getConfigPath,
+  loadConfig
+} from "./chunk-CJHYQ7RR.js";
+import {
+  DaemonState,
+  createDaemonIdentityContext
+} from "./chunk-Q3V4V7UR.js";
+import "./chunk-NXIFS427.js";
+import {
+  ProviderRuntime,
+  loadProviderConfig
+} from "./chunk-57QD6553.js";
+import "./chunk-BJW47ZD5.js";
+// src/index.ts
+import { mkdir as mkdir2 } from "fs/promises";
+import { dirname as dirname2, join as join2 } from "path";
+import pino from "pino";
+import open from "open";
+// src/auth/session-monitor.ts
+import { EventEmitter } from "events";
+var DEFAULT_CHECK_INTERVAL_MS = 6e4;
+var DEFAULT_WARNING_WINDOW_MS = 5 * 60 * 1e3;
+var SessionMonitor = class extends EventEmitter {
+  constructor(options) {
+    super();
+    this.options = options;
+    this.checkIntervalMs = options.checkIntervalMs ?? DEFAULT_CHECK_INTERVAL_MS;
+    this.warningWindowMs = options.warningWindowMs ?? DEFAULT_WARNING_WINDOW_MS;
+    this.logger = options.logger;
+    this.status = this.createStatus(null, "reauth_required");
+  }
+  options;
+  checkIntervalMs;
+  warningWindowMs;
+  logger;
+  interval;
+  checkInFlight;
+  status;
+  on(eventName, listener) {
+    return super.on(eventName, listener);
+  }
+  emit(eventName, ...args) {
+    return super.emit(eventName, ...args);
+  }
+  start() {
+    if (this.interval) {
+      return;
+    }
+    void this.checkNow();
+    this.interval = setInterval(() => {
+      void this.checkNow();
+    }, this.checkIntervalMs);
+  }
+  stop() {
+    if (!this.interval) {
+      return;
+    }
+    clearInterval(this.interval);
+    this.interval = void 0;
+  }
+  getStatus() {
+    return { ...this.status };
+  }
+  async checkNow() {
+    if (this.checkInFlight) {
+      return await this.checkInFlight;
+    }
+    this.checkInFlight = this.evaluate().finally(() => {
+      this.checkInFlight = void 0;
+    });
+    return await this.checkInFlight;
+  }
+  async evaluate() {
+    const previous = this.status;
+    const session = this.options.authProvider.getSession();
+    if (!session || !this.options.authProvider.isAuthenticated()) {
+      const status = this.updateStatus(this.createStatus(session, "reauth_required"));
+      if (previous.state !== status.state || previous.address !== status.address) {
+        this.emit("session:reauth_required", { ...status });
+      }
+      return status;
+    }
+    const expiresAt = this.options.authProvider.getSessionExpiryMs(session);
+    const now = Date.now();
+    const expiresInMs = expiresAt === null ? null : expiresAt - now;
+    if (expiresInMs !== null && expiresInMs <= 0) {
+      const expiredStatus = this.updateStatus(this.createStatus(session, "expired", null, expiresAt, expiresInMs));
+      if (previous.state !== expiredStatus.state || previous.expiresAt !== expiredStatus.expiresAt) {
+        this.emit("session:expired", { ...expiredStatus });
+      }
+      await this.options.authProvider.clearSession(session);
+      const reauthStatus = this.updateStatus(
+        this.createStatus(null, "reauth_required", "Authentication expired. Please re-authenticate via the daemon portal.")
+      );
+      this.emit("session:reauth_required", { ...reauthStatus });
+      this.logger?.warn?.({ expiresAt }, "zkLogin session expired.");
+      return reauthStatus;
+    }
+    if (expiresInMs !== null && expiresInMs <= this.warningWindowMs) {
+      const expiringStatus = this.updateStatus(this.createStatus(session, "expiring", null, expiresAt, expiresInMs));
+      if (previous.state !== expiringStatus.state || previous.expiresAt !== expiringStatus.expiresAt) {
+        this.emit("session:expiring", { ...expiringStatus });
+      }
+      try {
+        const refreshed2 = await this.options.authProvider.refreshSessionIfNeeded(void 0, {
+          force: true,
+          invalidateOnFailure: true,
+          throwOnFailure: true
+        });
+        if (!refreshed2) {
+          const reauthStatus = this.updateStatus(
+            this.createStatus(null, "reauth_required", "Authentication expired. Please re-authenticate via the daemon portal.")
+          );
+          this.emit("session:reauth_required", { ...reauthStatus });
+          return reauthStatus;
+        }
+        const refreshedStatus = this.updateStatus(this.createStatus(refreshed2, "authenticated"));
+        this.emit("session:refreshed", { ...refreshedStatus });
+        this.logger?.info?.({ expiresAt: refreshedStatus.expiresAt }, "zkLogin session refreshed.");
+        return refreshedStatus;
+      } catch (error) {
+        const detail = error instanceof Error && error.message ? error.message : "Authentication expired. Please re-authenticate via the daemon portal.";
+        const reauthStatus = this.updateStatus(this.createStatus(null, "reauth_required", detail));
+        this.emit("session:reauth_required", { ...reauthStatus });
+        this.logger?.warn?.({ err: error }, "zkLogin session refresh failed.");
+        return reauthStatus;
+      }
+    }
+    const refreshed = await this.options.authProvider.refreshSessionIfNeeded();
+    if (!refreshed) {
+      const reauthStatus = this.updateStatus(
+        this.createStatus(null, "reauth_required", "Authentication expired. Please re-authenticate via the daemon portal.")
+      );
+      if (previous.state !== reauthStatus.state || previous.address !== reauthStatus.address) {
+        this.emit("session:reauth_required", { ...reauthStatus });
+      }
+      return reauthStatus;
+    }
+    if (refreshed.jwt !== session.jwt || refreshed.updatedAt !== session.updatedAt) {
+      const refreshedStatus = this.updateStatus(this.createStatus(refreshed, "authenticated"));
+      this.emit("session:refreshed", { ...refreshedStatus });
+      return refreshedStatus;
+    }
+    return this.updateStatus(this.createStatus(refreshed, "authenticated"));
+  }
+  createStatus(session, state, lastError = null, expiresAt = session ? this.options.authProvider.getSessionExpiryMs(session) : null, expiresInMs = expiresAt === null ? null : expiresAt - Date.now()) {
+    return {
+      authMode: this.options.authProvider.mode,
+      authenticated: state === "authenticated" || state === "expiring",
+      state,
+      address: session?.address ?? null,
+      expiresAt,
+      expiresInMs,
+      refreshAvailable: Boolean(session?.refreshToken),
+      lastError,
+      updatedAt: Date.now()
+    };
+  }
+  updateStatus(nextStatus) {
+    this.status = nextStatus;
+    return nextStatus;
+  }
+};
+// src/lifecycle.ts
+import { chmod, mkdir, readFile, rm, writeFile } from "fs/promises";
+import { dirname } from "path";
+var DaemonLifecycle = class {
+  constructor(pidFilePath) {
+    this.pidFilePath = pidFilePath;
+  }
+  pidFilePath;
+  async acquireLock() {
+    await mkdir(dirname(this.pidFilePath), { recursive: true, mode: 448 });
+    try {
+      await writePrivateFile(this.pidFilePath, `${process.pid}
+`);
+      return;
+    } catch (error) {
+      if (!isErrnoException(error, "EEXIST")) {
+        throw error;
+      }
+    }
+    if (await this.isRunning()) {
+      throw new Error(`Daemon is already running (pid file: ${this.pidFilePath}).`);
+    }
+    await rm(this.pidFilePath, { force: true });
+    await writePrivateFile(this.pidFilePath, `${process.pid}
+`);
+  }
+  async isRunning() {
+    try {
+      const contents = await readFile(this.pidFilePath, "utf8");
+      const pid = Number.parseInt(contents.trim(), 10);
+      if (!Number.isInteger(pid) || pid <= 0) {
+        return false;
+      }
+      if (isProcessRunning(pid)) {
+        return true;
+      }
+      await rm(this.pidFilePath, { force: true });
+      return false;
+    } catch (error) {
+      if (isErrnoException(error, "ENOENT")) {
+        return false;
+      }
+      throw error;
+    }
+  }
+  async releaseLock() {
+    await rm(this.pidFilePath, { force: true });
+  }
+  setupSignalHandlers(onShutdown) {
+    let shuttingDown = false;
+    const handleSignal = (signal) => {
+      if (shuttingDown) {
+        return;
+      }
+      shuttingDown = true;
+      void (async () => {
+        try {
+          await onShutdown();
+          process.exit(0);
+        } catch (error) {
+          console.error(`Failed to shut down cleanly after ${signal}:`, error);
+          process.exit(1);
+        }
+      })();
+    };
+    for (const signal of ["SIGINT", "SIGTERM"]) {
+      process.once(signal, () => {
+        handleSignal(signal);
+      });
+    }
+  }
+};
+async function writePrivateFile(path, contents) {
+  await writeFile(path, contents, { encoding: "utf8", flag: "wx", mode: 384 });
+  await chmod(path, 384);
+}
+function isProcessRunning(pid) {
+  try {
+    process.kill(pid, 0);
+    return true;
+  } catch (error) {
+    return !isErrnoException(error, "ESRCH");
+  }
+}
+function isErrnoException(error, code) {
+  return error instanceof Error && "code" in error && error.code === code;
+}
+// src/mcp/tool-context.ts
+import { join } from "path";
+import {
+  DisputeClient,
+  MarketplaceClient,
+  PaymentRailSelector,
+  RelayRegistryClient,
+  ReputationEventPublisher,
+  ReputationStore,
+  StakingClient
+} from "@hivemind-os/collective-core";
+function buildMeshToolContext(state, dataDir) {
+  const base = {
+    did: state.did,
+    keypair: state.keypair,
+    suiClient: state.suiClient,
+    registryClient: state.registryClient,
+    taskClient: state.taskClient,
+    agentCache: state.agentCache,
+    blobStore: state.blobStore,
+    spendingPolicy: state.spendingPolicy,
+    networkConfig: state.network,
+    encryption: state.encryption,
+    authProvider: state.authProvider,
+    relayAuthProvider: state.relayAuthProvider,
+    x402Client: state.x402Client
+  };
+  defineLazy(base, "stakingClient", () => new StakingClient(state.suiClient, { packageId: state.network.packageId }));
+  defineLazy(base, "disputeClient", () => new DisputeClient(state.suiClient, { packageId: state.network.packageId }));
+  defineLazy(base, "marketplaceClient", () => new MarketplaceClient(state.suiClient, state.network));
+  defineLazy(base, "relayRegistryClient", () => new RelayRegistryClient(state.suiClient, { packageId: state.network.packageId }));
+  defineLazy(base, "paymentRailSelector", () => new PaymentRailSelector());
+  defineLazy(base, "reputationPublisher", () => new ReputationEventPublisher(state.blobStore, state.authProvider));
+  defineLazy(base, "reputationStore", () => new ReputationStore(join(dataDir, "reputation.sqlite")));
+  return base;
+}
+function defineLazy(obj, key, factory) {
+  let cached;
+  Object.defineProperty(obj, key, {
+    configurable: true,
+    enumerable: true,
+    get() {
+      if (cached === void 0) {
+        cached = factory();
+      }
+      return cached;
+    }
+  });
+}
+// src/index.ts
+async function main() {
+  const configPath = getConfigPath();
+  const config = loadConfig(configPath);
+  if (config.daemon.logFile) {
+    await mkdir2(dirname2(config.daemon.logFile), { recursive: true });
+  }
+  const destination = config.daemon.logFile ? pino.destination(config.daemon.logFile) : void 0;
+  const logger = pino(
+    {
+      name: "@hivemind-os/collective-daemon",
+      level: config.daemon.logLevel
+    },
+    destination
+  );
+  const lifecycle = new DaemonLifecycle(config.daemon.pidFile);
+  if (await lifecycle.isRunning()) {
+    logger.info("Daemon is already running.");
+    process.exit(0);
+  }
+  let state;
+  let ipcServer;
+  let providerRuntime;
+  let setupPortal;
+  let portal;
+  let sessionMonitor;
+  let reauthPortalOpen = false;
+  try {
+    await lifecycle.acquireLock();
+    const identityContext = await createDaemonIdentityContext(config);
+    const zkloginProvider = config.auth.mode === "zklogin" ? identityContext.authProvider : void 0;
+    sessionMonitor = zkloginProvider ? new SessionMonitor({
+      authProvider: zkloginProvider,
+      logger
+    }) : void 0;
+    if (zkloginProvider && !zkloginProvider.isAuthenticated()) {
+      setupPortal = new PortalServer({
+        config,
+        configPath,
+        authProvider: zkloginProvider,
+        logger
+      });
+      const portalUrl = await setupPortal.start();
+      logger.info({ portalUrl }, "Waiting for zkLogin onboarding");
+      await openPortalUrl(portalUrl, logger, "continue onboarding");
+      await setupPortal.waitForAuth();
+      await setupPortal.stop();
+      setupPortal = void 0;
+    }
+    const daemonState = await DaemonState.create(config, identityContext);
+    state = daemonState;
+    daemonState.setProviderRunning(false);
+    logger.info({ did: daemonState.did }, "Daemon state initialized");
+    const getAuthStatus = () => sessionMonitor?.getStatus() ?? createFallbackAuthStatus(daemonState);
+    const openReauthPortal = async (force = false) => {
+      const portalUrl = portal?.getReauthUrl() ?? null;
+      if (!portalUrl) {
+        return {
+          portalUrl: null,
+          browserOpened: false,
+          status: getAuthStatus()
+        };
+      }
+      if (!force && reauthPortalOpen) {
+        return {
+          portalUrl,
+          browserOpened: false,
+          status: getAuthStatus()
+        };
+      }
+      const browserOpened = await openPortalUrl(portalUrl, logger, "re-authenticate");
+      reauthPortalOpen ||= browserOpened;
+      return {
+        portalUrl,
+        browserOpened,
+        status: getAuthStatus()
+      };
+    };
+    if (zkloginProvider) {
+      portal = new PortalServer({
+        config,
+        configPath,
+        authProvider: zkloginProvider,
+        state: daemonState,
+        logger,
+        getAuthStatus
+      });
+      const portalUrl = await portal.start();
+      logger.info({ portalUrl }, "Portal server listening");
+    }
+    ipcServer = new IpcServer(config.daemon.ipcPath, daemonState, {
+      getAuthStatus,
+      triggerReauth: () => openReauthPortal(true)
+    });
+    ipcServer.toolContext = buildMeshToolContext(daemonState, config.daemon.dataDir);
+    await ipcServer.start();
+    logger.info({ ipcPath: config.daemon.ipcPath }, "IPC server listening");
+    if (sessionMonitor) {
+      sessionMonitor.on("session:expiring", (status) => {
+        ipcServer?.notifyAuthStatusChanged(status);
+      });
+      sessionMonitor.on("session:expired", async (status) => {
+        ipcServer?.notifyAuthStatusChanged(status);
+        await openReauthPortal(false);
+      });
+      sessionMonitor.on("session:refreshed", (status) => {
+        reauthPortalOpen = false;
+        ipcServer?.notifyAuthStatusChanged(status);
+      });
+      sessionMonitor.on("session:reauth_required", async (status) => {
+        ipcServer?.notifyAuthStatusChanged(status);
+        await openReauthPortal(false);
+      });
+      sessionMonitor.start();
+    }
+    const providerConfig = loadProviderConfig(config);
+    if (providerConfig?.enabled) {
+      const ipcRef = ipcServer;
+      providerRuntime = new ProviderRuntime({
+        state: daemonState,
+        providerConfig,
+        cursorDbPath: join2(config.daemon.dataDir, "provider-cursors.db"),
+        relayConfig: config.relay,
+        mcpSamplingFn: ipcRef ? async (appName, params) => {
+          const server = ipcRef.getMcpServerForApp(appName);
+          if (!server) {
+            throw new Error(`No MCP client connected with appName "${appName}"`);
+          }
+          return server.createMessage(params);
+        } : void 0,
+        broadcastNotification: ipcRef ? (method, params) => ipcRef.broadcastNotification(method, params) : void 0
+      });
+      await providerRuntime.start();
+      daemonState.setProviderRunning(true);
+      logger.info("Provider runtime started");
+    }
+    lifecycle.setupSignalHandlers(async () => {
+      logger.info("Shutting down...");
+      sessionMonitor?.stop();
+      state?.setProviderRunning(false);
+      await providerRuntime?.stop();
+      await ipcServer?.stop();
+      await portal?.stop();
+      await state?.shutdown();
+      await lifecycle.releaseLock();
+      logger.info("Daemon stopped");
+    });
+  } catch (error) {
+    sessionMonitor?.stop();
+    state?.setProviderRunning(false);
+    await cleanupWithLogging(logger, "provider runtime", () => providerRuntime?.stop());
+    await cleanupWithLogging(logger, "IPC server", () => ipcServer?.stop());
+    await cleanupWithLogging(logger, "setup portal server", () => setupPortal?.stop());
+    await cleanupWithLogging(logger, "portal server", () => portal?.stop());
+    await cleanupWithLogging(logger, "daemon state", () => state?.shutdown());
+    await cleanupWithLogging(logger, "daemon lock", () => lifecycle.releaseLock());
+    throw error;
+  }
+}
+async function cleanupWithLogging(logger, label, cleanup) {
+  try {
+    await cleanup();
+  } catch (error) {
+    logger.warn({ err: error }, `Failed to clean up ${label}.`);
+  }
+}
+function createFallbackAuthStatus(state) {
+  const authenticated = state.authProvider.isAuthenticated();
+  return {
+    authMode: state.authProvider.mode,
+    authenticated,
+    state: authenticated ? "authenticated" : "reauth_required",
+    address: authenticated ? state.address : null,
+    expiresAt: null,
+    expiresInMs: null,
+    refreshAvailable: false,
+    lastError: null,
+    updatedAt: Date.now()
+  };
+}
+async function openPortalUrl(portalUrl, logger, action) {
+  if (isHeadlessEnvironment()) {
+    logger.warn({ portalUrl }, `Headless environment detected. Open the portal URL manually to ${action}.`);
+    return false;
+  }
+  try {
+    await open(portalUrl);
+    return true;
+  } catch (error) {
+    logger.warn({ err: error, portalUrl }, "Failed to open browser automatically.");
+    logger.info({ portalUrl }, `Open the portal URL manually to ${action}.`);
+    return false;
+  }
+}
+function isHeadlessEnvironment() {
+  if (process.env.COLLECTIVE_HEADLESS === "1" || process.env.CI === "true") {
+    return true;
+  }
+  if (process.env.SSH_CONNECTION || process.env.SSH_TTY) {
+    return true;
+  }
+  return process.platform === "linux" && !process.env.DISPLAY && !process.env.WAYLAND_DISPLAY;
+}
+main().catch((error) => {
+  console.error("Fatal:", error);
+  process.exit(1);
+});
+export {
+  main
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/index.ts","../src/auth/session-monitor.ts","../src/lifecycle.ts","../src/mcp/tool-context.ts"],"sourcesContent":["#!/usr/bin/env node\n\nimport { mkdir } from 'node:fs/promises';\nimport { dirname, join } from 'node:path';\n\nimport pino from 'pino';\n\nimport open from 'open';\n\nimport type { DaemonAuthStatus, SessionMonitorAuthProvider } from './auth/session-monitor.js';\nimport { SessionMonitor } from './auth/session-monitor.js';\nimport { getConfigPath, loadConfig } from './config.js';\nimport { IpcServer } from './ipc/server.js';\nimport { DaemonLifecycle } from './lifecycle.js';\nimport { buildMeshToolContext } from './mcp/tool-context.js';\nimport { PortalServer, type PortalAuthProvider } from './portal/server.js';\nimport { loadProviderConfig, ProviderRuntime } from './provider/index.js';\nimport { createDaemonIdentityContext, DaemonState } from './state.js';\n\nexport async function main(): Promise<void> {\n const configPath = getConfigPath();\n const config = loadConfig(configPath);\n\n if (config.daemon.logFile) {\n await mkdir(dirname(config.daemon.logFile), { recursive: true });\n }\n\n const destination = config.daemon.logFile ? pino.destination(config.daemon.logFile) : undefined;\n const logger = pino(\n {\n name: '@hivemind-os/collective-daemon',\n level: config.daemon.logLevel,\n },\n destination,\n );\n const lifecycle = new DaemonLifecycle(config.daemon.pidFile);\n\n if (await lifecycle.isRunning()) {\n logger.info('Daemon is already running.');\n process.exit(0);\n }\n\n let state: DaemonState | undefined;\n let ipcServer: IpcServer | undefined;\n let providerRuntime: ProviderRuntime | undefined;\n let setupPortal: PortalServer | undefined;\n let portal: PortalServer | undefined;\n let sessionMonitor: SessionMonitor | undefined;\n let reauthPortalOpen = false;\n\n try {\n await lifecycle.acquireLock();\n\n const identityContext = await createDaemonIdentityContext(config);\n const zkloginProvider =\n config.auth.mode === 'zklogin' ? (identityContext.authProvider as PortalAuthProvider & SessionMonitorAuthProvider) : undefined;\n sessionMonitor = zkloginProvider\n ? new SessionMonitor({\n authProvider: zkloginProvider,\n logger,\n })\n : undefined;\n\n if (zkloginProvider && !zkloginProvider.isAuthenticated()) {\n setupPortal = new PortalServer({\n config,\n configPath,\n authProvider: zkloginProvider,\n logger,\n });\n const portalUrl = await setupPortal.start();\n logger.info({ portalUrl }, 'Waiting for zkLogin onboarding');\n await openPortalUrl(portalUrl, logger, 'continue onboarding');\n await setupPortal.waitForAuth();\n await setupPortal.stop();\n setupPortal = undefined;\n }\n\n const daemonState = await DaemonState.create(config, identityContext);\n state = daemonState;\n daemonState.setProviderRunning(false);\n logger.info({ did: daemonState.did }, 'Daemon state initialized');\n\n const getAuthStatus = () => sessionMonitor?.getStatus() ?? createFallbackAuthStatus(daemonState);\n\n const openReauthPortal = async (force = false) => {\n const portalUrl = portal?.getReauthUrl() ?? null;\n if (!portalUrl) {\n return {\n portalUrl: null,\n browserOpened: false,\n status: getAuthStatus(),\n };\n }\n\n if (!force && reauthPortalOpen) {\n return {\n portalUrl,\n browserOpened: false,\n status: getAuthStatus(),\n };\n }\n\n const browserOpened = await openPortalUrl(portalUrl, logger, 're-authenticate');\n reauthPortalOpen ||= browserOpened;\n return {\n portalUrl,\n browserOpened,\n status: getAuthStatus(),\n };\n };\n\n if (zkloginProvider) {\n portal = new PortalServer({\n config,\n configPath,\n authProvider: zkloginProvider,\n state: daemonState,\n logger,\n getAuthStatus,\n });\n const portalUrl = await portal.start();\n logger.info({ portalUrl }, 'Portal server listening');\n }\n\n ipcServer = new IpcServer(config.daemon.ipcPath, daemonState, {\n getAuthStatus,\n triggerReauth: () => openReauthPortal(true),\n });\n ipcServer.toolContext = buildMeshToolContext(daemonState, config.daemon.dataDir);\n await ipcServer.start();\n logger.info({ ipcPath: config.daemon.ipcPath }, 'IPC server listening');\n\n if (sessionMonitor) {\n sessionMonitor.on('session:expiring', (status) => {\n ipcServer?.notifyAuthStatusChanged(status);\n });\n sessionMonitor.on('session:expired', async (status) => {\n ipcServer?.notifyAuthStatusChanged(status);\n await openReauthPortal(false);\n });\n sessionMonitor.on('session:refreshed', (status) => {\n reauthPortalOpen = false;\n ipcServer?.notifyAuthStatusChanged(status);\n });\n sessionMonitor.on('session:reauth_required', async (status) => {\n ipcServer?.notifyAuthStatusChanged(status);\n await openReauthPortal(false);\n });\n sessionMonitor.start();\n }\n\n const providerConfig = loadProviderConfig(config);\n if (providerConfig?.enabled) {\n const ipcRef = ipcServer;\n providerRuntime = new ProviderRuntime({\n state: daemonState,\n providerConfig,\n cursorDbPath: join(config.daemon.dataDir, 'provider-cursors.db'),\n relayConfig: config.relay,\n mcpSamplingFn: ipcRef\n ? async (appName, params) => {\n const server = ipcRef.getMcpServerForApp(appName);\n if (!server) {\n throw new Error(`No MCP client connected with appName \"${appName}\"`);\n }\n return server.createMessage(params);\n }\n : undefined,\n broadcastNotification: ipcRef\n ? (method, params) => ipcRef.broadcastNotification(method, params)\n : undefined,\n });\n await providerRuntime.start();\n daemonState.setProviderRunning(true);\n logger.info('Provider runtime started');\n }\n\n lifecycle.setupSignalHandlers(async () => {\n logger.info('Shutting down...');\n sessionMonitor?.stop();\n state?.setProviderRunning(false);\n await providerRuntime?.stop();\n await ipcServer?.stop();\n await portal?.stop();\n await state?.shutdown();\n await lifecycle.releaseLock();\n logger.info('Daemon stopped');\n });\n } catch (error) {\n sessionMonitor?.stop();\n state?.setProviderRunning(false);\n await cleanupWithLogging(logger, 'provider runtime', () => providerRuntime?.stop());\n await cleanupWithLogging(logger, 'IPC server', () => ipcServer?.stop());\n await cleanupWithLogging(logger, 'setup portal server', () => setupPortal?.stop());\n await cleanupWithLogging(logger, 'portal server', () => portal?.stop());\n await cleanupWithLogging(logger, 'daemon state', () => state?.shutdown());\n await cleanupWithLogging(logger, 'daemon lock', () => lifecycle.releaseLock());\n throw error;\n }\n}\n\nasync function cleanupWithLogging(\n logger: { warn: (bindings: { err: unknown }, message: string) => void },\n label: string,\n cleanup: () => Promise<void> | undefined,\n): Promise<void> {\n try {\n await cleanup();\n } catch (error) {\n logger.warn({ err: error }, `Failed to clean up ${label}.`);\n }\n}\n\nfunction createFallbackAuthStatus(state: DaemonState): DaemonAuthStatus {\n const authenticated = state.authProvider.isAuthenticated();\n return {\n authMode: state.authProvider.mode,\n authenticated,\n state: authenticated ? 'authenticated' : 'reauth_required',\n address: authenticated ? state.address : null,\n expiresAt: null,\n expiresInMs: null,\n refreshAvailable: false,\n lastError: null,\n updatedAt: Date.now(),\n };\n}\n\nasync function openPortalUrl(\n portalUrl: string,\n logger: {\n info: (bindings: { portalUrl: string }, message: string) => void;\n warn: (bindings: { portalUrl: string; err?: unknown }, message: string) => void;\n },\n action: string,\n): Promise<boolean> {\n if (isHeadlessEnvironment()) {\n logger.warn({ portalUrl }, `Headless environment detected. Open the portal URL manually to ${action}.`);\n return false;\n }\n\n try {\n await open(portalUrl);\n return true;\n } catch (error) {\n logger.warn({ err: error, portalUrl }, 'Failed to open browser automatically.');\n logger.info({ portalUrl }, `Open the portal URL manually to ${action}.`);\n return false;\n }\n}\n\nfunction isHeadlessEnvironment(): boolean {\n if (process.env.COLLECTIVE_HEADLESS === '1' || process.env.CI === 'true') {\n return true;\n }\n\n if (process.env.SSH_CONNECTION || process.env.SSH_TTY) {\n return true;\n }\n\n return process.platform === 'linux' && !process.env.DISPLAY && !process.env.WAYLAND_DISPLAY;\n}\n\nmain().catch((error) => {\n console.error('Fatal:', error);\n process.exit(1);\n});\n","import { EventEmitter } from 'node:events';\n\nimport type { AuthMode, StoredZkLoginSession } from '@hivemind-os/collective-core';\n\nexport type DaemonAuthState = 'authenticated' | 'expiring' | 'expired' | 'reauth_required';\n\nexport interface DaemonAuthStatus {\n authMode: AuthMode;\n authenticated: boolean;\n state: DaemonAuthState;\n address: string | null;\n expiresAt: number | null;\n expiresInMs: number | null;\n refreshAvailable: boolean;\n lastError: string | null;\n updatedAt: number;\n}\n\nexport interface SessionMonitorAuthProvider {\n mode: 'zklogin';\n isAuthenticated(): boolean;\n getSession(): StoredZkLoginSession | null;\n getSessionExpiryMs(session?: StoredZkLoginSession | null): number | null;\n refreshSessionIfNeeded(\n currentEpoch?: number,\n options?: { force?: boolean; invalidateOnFailure?: boolean; throwOnFailure?: boolean },\n ): Promise<StoredZkLoginSession | null>;\n clearSession(session?: StoredZkLoginSession | null): Promise<void>;\n}\n\nexport interface SessionMonitorOptions {\n authProvider: SessionMonitorAuthProvider;\n checkIntervalMs?: number;\n warningWindowMs?: number;\n logger?: {\n debug?: (payload: unknown, message?: string) => void;\n info?: (payload: unknown, message?: string) => void;\n warn?: (payload: unknown, message?: string) => void;\n };\n}\n\ntype SessionMonitorEvents = {\n 'session:expiring': [DaemonAuthStatus];\n 'session:expired': [DaemonAuthStatus];\n 'session:refreshed': [DaemonAuthStatus];\n 'session:reauth_required': [DaemonAuthStatus];\n};\n\nconst DEFAULT_CHECK_INTERVAL_MS = 60_000;\nconst DEFAULT_WARNING_WINDOW_MS = 5 * 60 * 1000;\n\nexport class SessionMonitor extends EventEmitter {\n private readonly checkIntervalMs: number;\n private readonly warningWindowMs: number;\n private readonly logger;\n private interval?: ReturnType<typeof setInterval>;\n private checkInFlight?: Promise<DaemonAuthStatus>;\n private status: DaemonAuthStatus;\n\n constructor(private readonly options: SessionMonitorOptions) {\n super();\n this.checkIntervalMs = options.checkIntervalMs ?? DEFAULT_CHECK_INTERVAL_MS;\n this.warningWindowMs = options.warningWindowMs ?? DEFAULT_WARNING_WINDOW_MS;\n this.logger = options.logger;\n this.status = this.createStatus(null, 'reauth_required');\n }\n\n override on<EventName extends keyof SessionMonitorEvents>(\n eventName: EventName,\n listener: (...args: SessionMonitorEvents[EventName]) => void,\n ): this {\n return super.on(eventName, listener);\n }\n\n override emit<EventName extends keyof SessionMonitorEvents>(eventName: EventName, ...args: SessionMonitorEvents[EventName]): boolean {\n return super.emit(eventName, ...args);\n }\n\n start(): void {\n if (this.interval) {\n return;\n }\n\n void this.checkNow();\n this.interval = setInterval(() => {\n void this.checkNow();\n }, this.checkIntervalMs);\n }\n\n stop(): void {\n if (!this.interval) {\n return;\n }\n\n clearInterval(this.interval);\n this.interval = undefined;\n }\n\n getStatus(): DaemonAuthStatus {\n return { ...this.status };\n }\n\n async checkNow(): Promise<DaemonAuthStatus> {\n if (this.checkInFlight) {\n return await this.checkInFlight;\n }\n\n this.checkInFlight = this.evaluate().finally(() => {\n this.checkInFlight = undefined;\n });\n return await this.checkInFlight;\n }\n\n private async evaluate(): Promise<DaemonAuthStatus> {\n const previous = this.status;\n const session = this.options.authProvider.getSession();\n if (!session || !this.options.authProvider.isAuthenticated()) {\n const status = this.updateStatus(this.createStatus(session, 'reauth_required'));\n if (previous.state !== status.state || previous.address !== status.address) {\n this.emit('session:reauth_required', { ...status });\n }\n return status;\n }\n\n const expiresAt = this.options.authProvider.getSessionExpiryMs(session);\n const now = Date.now();\n const expiresInMs = expiresAt === null ? null : expiresAt - now;\n\n if (expiresInMs !== null && expiresInMs <= 0) {\n const expiredStatus = this.updateStatus(this.createStatus(session, 'expired', null, expiresAt, expiresInMs));\n if (previous.state !== expiredStatus.state || previous.expiresAt !== expiredStatus.expiresAt) {\n this.emit('session:expired', { ...expiredStatus });\n }\n await this.options.authProvider.clearSession(session);\n const reauthStatus = this.updateStatus(\n this.createStatus(null, 'reauth_required', 'Authentication expired. Please re-authenticate via the daemon portal.'),\n );\n this.emit('session:reauth_required', { ...reauthStatus });\n this.logger?.warn?.({ expiresAt }, 'zkLogin session expired.');\n return reauthStatus;\n }\n\n if (expiresInMs !== null && expiresInMs <= this.warningWindowMs) {\n const expiringStatus = this.updateStatus(this.createStatus(session, 'expiring', null, expiresAt, expiresInMs));\n if (previous.state !== expiringStatus.state || previous.expiresAt !== expiringStatus.expiresAt) {\n this.emit('session:expiring', { ...expiringStatus });\n }\n\n try {\n const refreshed = await this.options.authProvider.refreshSessionIfNeeded(undefined, {\n force: true,\n invalidateOnFailure: true,\n throwOnFailure: true,\n });\n if (!refreshed) {\n const reauthStatus = this.updateStatus(\n this.createStatus(null, 'reauth_required', 'Authentication expired. Please re-authenticate via the daemon portal.'),\n );\n this.emit('session:reauth_required', { ...reauthStatus });\n return reauthStatus;\n }\n\n const refreshedStatus = this.updateStatus(this.createStatus(refreshed, 'authenticated'));\n this.emit('session:refreshed', { ...refreshedStatus });\n this.logger?.info?.({ expiresAt: refreshedStatus.expiresAt }, 'zkLogin session refreshed.');\n return refreshedStatus;\n } catch (error) {\n const detail = error instanceof Error && error.message ? error.message : 'Authentication expired. Please re-authenticate via the daemon portal.';\n const reauthStatus = this.updateStatus(this.createStatus(null, 'reauth_required', detail));\n this.emit('session:reauth_required', { ...reauthStatus });\n this.logger?.warn?.({ err: error }, 'zkLogin session refresh failed.');\n return reauthStatus;\n }\n }\n\n const refreshed = await this.options.authProvider.refreshSessionIfNeeded();\n if (!refreshed) {\n const reauthStatus = this.updateStatus(\n this.createStatus(null, 'reauth_required', 'Authentication expired. Please re-authenticate via the daemon portal.'),\n );\n if (previous.state !== reauthStatus.state || previous.address !== reauthStatus.address) {\n this.emit('session:reauth_required', { ...reauthStatus });\n }\n return reauthStatus;\n }\n\n if (refreshed.jwt !== session.jwt || refreshed.updatedAt !== session.updatedAt) {\n const refreshedStatus = this.updateStatus(this.createStatus(refreshed, 'authenticated'));\n this.emit('session:refreshed', { ...refreshedStatus });\n return refreshedStatus;\n }\n\n return this.updateStatus(this.createStatus(refreshed, 'authenticated'));\n }\n\n private createStatus(\n session: StoredZkLoginSession | null,\n state: DaemonAuthState,\n lastError: string | null = null,\n expiresAt = session ? this.options.authProvider.getSessionExpiryMs(session) : null,\n expiresInMs = expiresAt === null ? null : expiresAt - Date.now(),\n ): DaemonAuthStatus {\n return {\n authMode: this.options.authProvider.mode,\n authenticated: state === 'authenticated' || state === 'expiring',\n state,\n address: session?.address ?? null,\n expiresAt,\n expiresInMs,\n refreshAvailable: Boolean(session?.refreshToken),\n lastError,\n updatedAt: Date.now(),\n };\n }\n\n private updateStatus(nextStatus: DaemonAuthStatus): DaemonAuthStatus {\n this.status = nextStatus;\n return nextStatus;\n }\n}\n","import { chmod, mkdir, readFile, rm, writeFile } from 'node:fs/promises';\nimport { dirname } from 'node:path';\n\nexport class DaemonLifecycle {\n constructor(private readonly pidFilePath: string) {}\n\n async acquireLock(): Promise<void> {\n await mkdir(dirname(this.pidFilePath), { recursive: true, mode: 0o700 });\n\n try {\n await writePrivateFile(this.pidFilePath, `${process.pid}\\n`);\n return;\n } catch (error) {\n if (!isErrnoException(error, 'EEXIST')) {\n throw error;\n }\n }\n\n if (await this.isRunning()) {\n throw new Error(`Daemon is already running (pid file: ${this.pidFilePath}).`);\n }\n\n await rm(this.pidFilePath, { force: true });\n await writePrivateFile(this.pidFilePath, `${process.pid}\\n`);\n }\n\n async isRunning(): Promise<boolean> {\n try {\n const contents = await readFile(this.pidFilePath, 'utf8');\n const pid = Number.parseInt(contents.trim(), 10);\n if (!Number.isInteger(pid) || pid <= 0) {\n return false;\n }\n\n if (isProcessRunning(pid)) {\n return true;\n }\n\n await rm(this.pidFilePath, { force: true });\n return false;\n } catch (error) {\n if (isErrnoException(error, 'ENOENT')) {\n return false;\n }\n\n throw error;\n }\n }\n\n async releaseLock(): Promise<void> {\n await rm(this.pidFilePath, { force: true });\n }\n\n setupSignalHandlers(onShutdown: () => Promise<void>): void {\n let shuttingDown = false;\n\n const handleSignal = (signal: NodeJS.Signals) => {\n if (shuttingDown) {\n return;\n }\n\n shuttingDown = true;\n void (async () => {\n try {\n await onShutdown();\n process.exit(0);\n } catch (error) {\n console.error(`Failed to shut down cleanly after ${signal}:`, error);\n process.exit(1);\n }\n })();\n };\n\n for (const signal of ['SIGINT', 'SIGTERM'] as const) {\n process.once(signal, () => {\n handleSignal(signal);\n });\n }\n }\n}\n\nasync function writePrivateFile(path: string, contents: string): Promise<void> {\n await writeFile(path, contents, { encoding: 'utf8', flag: 'wx', mode: 0o600 });\n await chmod(path, 0o600);\n}\n\nfunction isProcessRunning(pid: number): boolean {\n try {\n process.kill(pid, 0);\n return true;\n } catch (error) {\n return !isErrnoException(error, 'ESRCH');\n }\n}\n\nfunction isErrnoException(error: unknown, code: string): error is NodeJS.ErrnoException {\n return error instanceof Error && 'code' in error && error.code === code;\n}\n","import { join } from 'node:path';\n\nimport {\n DisputeClient,\n MarketplaceClient,\n PaymentRailSelector,\n RelayRegistryClient,\n ReputationEventPublisher,\n ReputationStore,\n StakingClient,\n} from '@hivemind-os/collective-core';\nimport type { MeshToolContext } from '@hivemind-os/collective-mcp-server';\n\nimport type { DaemonState } from '../state.js';\n\n/**\n * Build a {@link MeshToolContext} from daemon state so the\n * `@hivemind-os/collective-mcp-server` tool handlers can run inside the daemon.\n *\n * Optional clients are lazily instantiated on first access to avoid\n * allocating resources (SQLite databases, objects) that may never be used.\n */\nexport function buildMeshToolContext(state: DaemonState, dataDir: string): MeshToolContext {\n const base: MeshToolContext = {\n did: state.did,\n keypair: state.keypair,\n suiClient: state.suiClient,\n registryClient: state.registryClient,\n taskClient: state.taskClient,\n agentCache: state.agentCache,\n blobStore: state.blobStore,\n spendingPolicy: state.spendingPolicy,\n networkConfig: state.network,\n encryption: state.encryption,\n authProvider: state.authProvider,\n relayAuthProvider: state.relayAuthProvider,\n x402Client: state.x402Client,\n };\n\n // Lazy getters for optional clients — instantiated on first access\n defineLazy(base, 'stakingClient', () => new StakingClient(state.suiClient, { packageId: state.network.packageId }));\n defineLazy(base, 'disputeClient', () => new DisputeClient(state.suiClient, { packageId: state.network.packageId }));\n defineLazy(base, 'marketplaceClient', () => new MarketplaceClient(state.suiClient, state.network));\n defineLazy(base, 'relayRegistryClient', () => new RelayRegistryClient(state.suiClient, { packageId: state.network.packageId }));\n defineLazy(base, 'paymentRailSelector', () => new PaymentRailSelector());\n defineLazy(base, 'reputationPublisher', () => new ReputationEventPublisher(state.blobStore, state.authProvider));\n defineLazy(base, 'reputationStore', () => new ReputationStore(join(dataDir, 'reputation.sqlite')));\n\n return base;\n}\n\nfunction defineLazy<T extends object, K extends keyof T>(obj: T, key: K, factory: () => T[K]): void {\n let cached: T[K] | undefined;\n Object.defineProperty(obj, key, {\n configurable: true,\n enumerable: true,\n get() {\n if (cached === undefined) {\n cached = factory();\n }\n return cached;\n },\n });\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAEA,SAAS,SAAAA,cAAa;AACtB,SAAS,WAAAC,UAAS,QAAAC,aAAY;AAE9B,OAAO,UAAU;AAEjB,OAAO,UAAU;;;ACPjB,SAAS,oBAAoB;AAgD7B,IAAM,4BAA4B;AAClC,IAAM,4BAA4B,IAAI,KAAK;AAEpC,IAAM,iBAAN,cAA6B,aAAa;AAAA,EAQ/C,YAA6B,SAAgC;AAC3D,UAAM;AADqB;AAE3B,SAAK,kBAAkB,QAAQ,mBAAmB;AAClD,SAAK,kBAAkB,QAAQ,mBAAmB;AAClD,SAAK,SAAS,QAAQ;AACtB,SAAK,SAAS,KAAK,aAAa,MAAM,iBAAiB;AAAA,EACzD;AAAA,EAN6B;AAAA,EAPZ;AAAA,EACA;AAAA,EACA;AAAA,EACT;AAAA,EACA;AAAA,EACA;AAAA,EAUC,GACP,WACA,UACM;AACN,WAAO,MAAM,GAAG,WAAW,QAAQ;AAAA,EACrC;AAAA,EAES,KAAmD,cAAyB,MAAgD;AACnI,WAAO,MAAM,KAAK,WAAW,GAAG,IAAI;AAAA,EACtC;AAAA,EAEA,QAAc;AACZ,QAAI,KAAK,UAAU;AACjB;AAAA,IACF;AAEA,SAAK,KAAK,SAAS;AACnB,SAAK,WAAW,YAAY,MAAM;AAChC,WAAK,KAAK,SAAS;AAAA,IACrB,GAAG,KAAK,eAAe;AAAA,EACzB;AAAA,EAEA,OAAa;AACX,QAAI,CAAC,KAAK,UAAU;AAClB;AAAA,IACF;AAEA,kBAAc,KAAK,QAAQ;AAC3B,SAAK,WAAW;AAAA,EAClB;AAAA,EAEA,YAA8B;AAC5B,WAAO,EAAE,GAAG,KAAK,OAAO;AAAA,EAC1B;AAAA,EAEA,MAAM,WAAsC;AAC1C,QAAI,KAAK,eAAe;AACtB,aAAO,MAAM,KAAK;AAAA,IACpB;AAEA,SAAK,gBAAgB,KAAK,SAAS,EAAE,QAAQ,MAAM;AACjD,WAAK,gBAAgB;AAAA,IACvB,CAAC;AACD,WAAO,MAAM,KAAK;AAAA,EACpB;AAAA,EAEA,MAAc,WAAsC;AAClD,UAAM,WAAW,KAAK;AACtB,UAAM,UAAU,KAAK,QAAQ,aAAa,WAAW;AACrD,QAAI,CAAC,WAAW,CAAC,KAAK,QAAQ,aAAa,gBAAgB,GAAG;AAC5D,YAAM,SAAS,KAAK,aAAa,KAAK,aAAa,SAAS,iBAAiB,CAAC;AAC9E,UAAI,SAAS,UAAU,OAAO,SAAS,SAAS,YAAY,OAAO,SAAS;AAC1E,aAAK,KAAK,2BAA2B,EAAE,GAAG,OAAO,CAAC;AAAA,MACpD;AACA,aAAO;AAAA,IACT;AAEA,UAAM,YAAY,KAAK,QAAQ,aAAa,mBAAmB,OAAO;AACtE,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,cAAc,cAAc,OAAO,OAAO,YAAY;AAE5D,QAAI,gBAAgB,QAAQ,eAAe,GAAG;AAC5C,YAAM,gBAAgB,KAAK,aAAa,KAAK,aAAa,SAAS,WAAW,MAAM,WAAW,WAAW,CAAC;AAC3G,UAAI,SAAS,UAAU,cAAc,SAAS,SAAS,cAAc,cAAc,WAAW;AAC5F,aAAK,KAAK,mBAAmB,EAAE,GAAG,cAAc,CAAC;AAAA,MACnD;AACA,YAAM,KAAK,QAAQ,aAAa,aAAa,OAAO;AACpD,YAAM,eAAe,KAAK;AAAA,QACxB,KAAK,aAAa,MAAM,mBAAmB,uEAAuE;AAAA,MACpH;AACA,WAAK,KAAK,2BAA2B,EAAE,GAAG,aAAa,CAAC;AACxD,WAAK,QAAQ,OAAO,EAAE,UAAU,GAAG,0BAA0B;AAC7D,aAAO;AAAA,IACT;AAEA,QAAI,gBAAgB,QAAQ,eAAe,KAAK,iBAAiB;AAC/D,YAAM,iBAAiB,KAAK,aAAa,KAAK,aAAa,SAAS,YAAY,MAAM,WAAW,WAAW,CAAC;AAC7G,UAAI,SAAS,UAAU,eAAe,SAAS,SAAS,cAAc,eAAe,WAAW;AAC9F,aAAK,KAAK,oBAAoB,EAAE,GAAG,eAAe,CAAC;AAAA,MACrD;AAEA,UAAI;AACF,cAAMC,aAAY,MAAM,KAAK,QAAQ,aAAa,uBAAuB,QAAW;AAAA,UAClF,OAAO;AAAA,UACP,qBAAqB;AAAA,UACrB,gBAAgB;AAAA,QAClB,CAAC;AACD,YAAI,CAACA,YAAW;AACd,gBAAM,eAAe,KAAK;AAAA,YACxB,KAAK,aAAa,MAAM,mBAAmB,uEAAuE;AAAA,UACpH;AACA,eAAK,KAAK,2BAA2B,EAAE,GAAG,aAAa,CAAC;AACxD,iBAAO;AAAA,QACT;AAEA,cAAM,kBAAkB,KAAK,aAAa,KAAK,aAAaA,YAAW,eAAe,CAAC;AACvF,aAAK,KAAK,qBAAqB,EAAE,GAAG,gBAAgB,CAAC;AACrD,aAAK,QAAQ,OAAO,EAAE,WAAW,gBAAgB,UAAU,GAAG,4BAA4B;AAC1F,eAAO;AAAA,MACT,SAAS,OAAO;AACd,cAAM,SAAS,iBAAiB,SAAS,MAAM,UAAU,MAAM,UAAU;AACzE,cAAM,eAAe,KAAK,aAAa,KAAK,aAAa,MAAM,mBAAmB,MAAM,CAAC;AACzF,aAAK,KAAK,2BAA2B,EAAE,GAAG,aAAa,CAAC;AACxD,aAAK,QAAQ,OAAO,EAAE,KAAK,MAAM,GAAG,iCAAiC;AACrE,eAAO;AAAA,MACT;AAAA,IACF;AAEA,UAAM,YAAY,MAAM,KAAK,QAAQ,aAAa,uBAAuB;AACzE,QAAI,CAAC,WAAW;AACd,YAAM,eAAe,KAAK;AAAA,QACxB,KAAK,aAAa,MAAM,mBAAmB,uEAAuE;AAAA,MACpH;AACA,UAAI,SAAS,UAAU,aAAa,SAAS,SAAS,YAAY,aAAa,SAAS;AACtF,aAAK,KAAK,2BAA2B,EAAE,GAAG,aAAa,CAAC;AAAA,MAC1D;AACA,aAAO;AAAA,IACT;AAEA,QAAI,UAAU,QAAQ,QAAQ,OAAO,UAAU,cAAc,QAAQ,WAAW;AAC9E,YAAM,kBAAkB,KAAK,aAAa,KAAK,aAAa,WAAW,eAAe,CAAC;AACvF,WAAK,KAAK,qBAAqB,EAAE,GAAG,gBAAgB,CAAC;AACrD,aAAO;AAAA,IACT;AAEA,WAAO,KAAK,aAAa,KAAK,aAAa,WAAW,eAAe,CAAC;AAAA,EACxE;AAAA,EAEQ,aACN,SACA,OACA,YAA2B,MAC3B,YAAY,UAAU,KAAK,QAAQ,aAAa,mBAAmB,OAAO,IAAI,MAC9E,cAAc,cAAc,OAAO,OAAO,YAAY,KAAK,IAAI,GAC7C;AAClB,WAAO;AAAA,MACL,UAAU,KAAK,QAAQ,aAAa;AAAA,MACpC,eAAe,UAAU,mBAAmB,UAAU;AAAA,MACtD;AAAA,MACA,SAAS,SAAS,WAAW;AAAA,MAC7B;AAAA,MACA;AAAA,MACA,kBAAkB,QAAQ,SAAS,YAAY;AAAA,MAC/C;AAAA,MACA,WAAW,KAAK,IAAI;AAAA,IACtB;AAAA,EACF;AAAA,EAEQ,aAAa,YAAgD;AACnE,SAAK,SAAS;AACd,WAAO;AAAA,EACT;AACF;;;AC3NA,SAAS,OAAO,OAAO,UAAU,IAAI,iBAAiB;AACtD,SAAS,eAAe;AAEjB,IAAM,kBAAN,MAAsB;AAAA,EAC3B,YAA6B,aAAqB;AAArB;AAAA,EAAsB;AAAA,EAAtB;AAAA,EAE7B,MAAM,cAA6B;AACjC,UAAM,MAAM,QAAQ,KAAK,WAAW,GAAG,EAAE,WAAW,MAAM,MAAM,IAAM,CAAC;AAEvE,QAAI;AACF,YAAM,iBAAiB,KAAK,aAAa,GAAG,QAAQ,GAAG;AAAA,CAAI;AAC3D;AAAA,IACF,SAAS,OAAO;AACd,UAAI,CAAC,iBAAiB,OAAO,QAAQ,GAAG;AACtC,cAAM;AAAA,MACR;AAAA,IACF;AAEA,QAAI,MAAM,KAAK,UAAU,GAAG;AAC1B,YAAM,IAAI,MAAM,wCAAwC,KAAK,WAAW,IAAI;AAAA,IAC9E;AAEA,UAAM,GAAG,KAAK,aAAa,EAAE,OAAO,KAAK,CAAC;AAC1C,UAAM,iBAAiB,KAAK,aAAa,GAAG,QAAQ,GAAG;AAAA,CAAI;AAAA,EAC7D;AAAA,EAEA,MAAM,YAA8B;AAClC,QAAI;AACF,YAAM,WAAW,MAAM,SAAS,KAAK,aAAa,MAAM;AACxD,YAAM,MAAM,OAAO,SAAS,SAAS,KAAK,GAAG,EAAE;AAC/C,UAAI,CAAC,OAAO,UAAU,GAAG,KAAK,OAAO,GAAG;AACtC,eAAO;AAAA,MACT;AAEA,UAAI,iBAAiB,GAAG,GAAG;AACzB,eAAO;AAAA,MACT;AAEA,YAAM,GAAG,KAAK,aAAa,EAAE,OAAO,KAAK,CAAC;AAC1C,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UAAI,iBAAiB,OAAO,QAAQ,GAAG;AACrC,eAAO;AAAA,MACT;AAEA,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAM,cAA6B;AACjC,UAAM,GAAG,KAAK,aAAa,EAAE,OAAO,KAAK,CAAC;AAAA,EAC5C;AAAA,EAEA,oBAAoB,YAAuC;AACzD,QAAI,eAAe;AAEnB,UAAM,eAAe,CAAC,WAA2B;AAC/C,UAAI,cAAc;AAChB;AAAA,MACF;AAEA,qBAAe;AACf,YAAM,YAAY;AAChB,YAAI;AACF,gBAAM,WAAW;AACjB,kBAAQ,KAAK,CAAC;AAAA,QAChB,SAAS,OAAO;AACd,kBAAQ,MAAM,qCAAqC,MAAM,KAAK,KAAK;AACnE,kBAAQ,KAAK,CAAC;AAAA,QAChB;AAAA,MACF,GAAG;AAAA,IACL;AAEA,eAAW,UAAU,CAAC,UAAU,SAAS,GAAY;AACnD,cAAQ,KAAK,QAAQ,MAAM;AACzB,qBAAa,MAAM;AAAA,MACrB,CAAC;AAAA,IACH;AAAA,EACF;AACF;AAEA,eAAe,iBAAiB,MAAc,UAAiC;AAC7E,QAAM,UAAU,MAAM,UAAU,EAAE,UAAU,QAAQ,MAAM,MAAM,MAAM,IAAM,CAAC;AAC7E,QAAM,MAAM,MAAM,GAAK;AACzB;AAEA,SAAS,iBAAiB,KAAsB;AAC9C,MAAI;AACF,YAAQ,KAAK,KAAK,CAAC;AACnB,WAAO;AAAA,EACT,SAAS,OAAO;AACd,WAAO,CAAC,iBAAiB,OAAO,OAAO;AAAA,EACzC;AACF;AAEA,SAAS,iBAAiB,OAAgB,MAA8C;AACtF,SAAO,iBAAiB,SAAS,UAAU,SAAS,MAAM,SAAS;AACrE;;;ACjGA,SAAS,YAAY;AAErB;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAYA,SAAS,qBAAqB,OAAoB,SAAkC;AACzF,QAAM,OAAwB;AAAA,IAC5B,KAAK,MAAM;AAAA,IACX,SAAS,MAAM;AAAA,IACf,WAAW,MAAM;AAAA,IACjB,gBAAgB,MAAM;AAAA,IACtB,YAAY,MAAM;AAAA,IAClB,YAAY,MAAM;AAAA,IAClB,WAAW,MAAM;AAAA,IACjB,gBAAgB,MAAM;AAAA,IACtB,eAAe,MAAM;AAAA,IACrB,YAAY,MAAM;AAAA,IAClB,cAAc,MAAM;AAAA,IACpB,mBAAmB,MAAM;AAAA,IACzB,YAAY,MAAM;AAAA,EACpB;AAGA,aAAW,MAAM,iBAAiB,MAAM,IAAI,cAAc,MAAM,WAAW,EAAE,WAAW,MAAM,QAAQ,UAAU,CAAC,CAAC;AAClH,aAAW,MAAM,iBAAiB,MAAM,IAAI,cAAc,MAAM,WAAW,EAAE,WAAW,MAAM,QAAQ,UAAU,CAAC,CAAC;AAClH,aAAW,MAAM,qBAAqB,MAAM,IAAI,kBAAkB,MAAM,WAAW,MAAM,OAAO,CAAC;AACjG,aAAW,MAAM,uBAAuB,MAAM,IAAI,oBAAoB,MAAM,WAAW,EAAE,WAAW,MAAM,QAAQ,UAAU,CAAC,CAAC;AAC9H,aAAW,MAAM,uBAAuB,MAAM,IAAI,oBAAoB,CAAC;AACvE,aAAW,MAAM,uBAAuB,MAAM,IAAI,yBAAyB,MAAM,WAAW,MAAM,YAAY,CAAC;AAC/G,aAAW,MAAM,mBAAmB,MAAM,IAAI,gBAAgB,KAAK,SAAS,mBAAmB,CAAC,CAAC;AAEjG,SAAO;AACT;AAEA,SAAS,WAAgD,KAAQ,KAAQ,SAA2B;AAClG,MAAI;AACJ,SAAO,eAAe,KAAK,KAAK;AAAA,IAC9B,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,MAAM;AACJ,UAAI,WAAW,QAAW;AACxB,iBAAS,QAAQ;AAAA,MACnB;AACA,aAAO;AAAA,IACT;AAAA,EACF,CAAC;AACH;;;AH5CA,eAAsB,OAAsB;AAC1C,QAAM,aAAa,cAAc;AACjC,QAAM,SAAS,WAAW,UAAU;AAEpC,MAAI,OAAO,OAAO,SAAS;AACzB,UAAMC,OAAMC,SAAQ,OAAO,OAAO,OAAO,GAAG,EAAE,WAAW,KAAK,CAAC;AAAA,EACjE;AAEA,QAAM,cAAc,OAAO,OAAO,UAAU,KAAK,YAAY,OAAO,OAAO,OAAO,IAAI;AACtF,QAAM,SAAS;AAAA,IACb;AAAA,MACE,MAAM;AAAA,MACN,OAAO,OAAO,OAAO;AAAA,IACvB;AAAA,IACA;AAAA,EACF;AACA,QAAM,YAAY,IAAI,gBAAgB,OAAO,OAAO,OAAO;AAE3D,MAAI,MAAM,UAAU,UAAU,GAAG;AAC/B,WAAO,KAAK,4BAA4B;AACxC,YAAQ,KAAK,CAAC;AAAA,EAChB;AAEA,MAAI;AACJ,MAAI;AACJ,MAAI;AACJ,MAAI;AACJ,MAAI;AACJ,MAAI;AACJ,MAAI,mBAAmB;AAEvB,MAAI;AACF,UAAM,UAAU,YAAY;AAE5B,UAAM,kBAAkB,MAAM,4BAA4B,MAAM;AAChE,UAAM,kBACJ,OAAO,KAAK,SAAS,YAAa,gBAAgB,eAAmE;AACvH,qBAAiB,kBACb,IAAI,eAAe;AAAA,MACjB,cAAc;AAAA,MACd;AAAA,IACF,CAAC,IACD;AAEJ,QAAI,mBAAmB,CAAC,gBAAgB,gBAAgB,GAAG;AACzD,oBAAc,IAAI,aAAa;AAAA,QAC7B;AAAA,QACA;AAAA,QACA,cAAc;AAAA,QACd;AAAA,MACF,CAAC;AACD,YAAM,YAAY,MAAM,YAAY,MAAM;AAC1C,aAAO,KAAK,EAAE,UAAU,GAAG,gCAAgC;AAC3D,YAAM,cAAc,WAAW,QAAQ,qBAAqB;AAC5D,YAAM,YAAY,YAAY;AAC9B,YAAM,YAAY,KAAK;AACvB,oBAAc;AAAA,IAChB;AAEA,UAAM,cAAc,MAAM,YAAY,OAAO,QAAQ,eAAe;AACpE,YAAQ;AACR,gBAAY,mBAAmB,KAAK;AACpC,WAAO,KAAK,EAAE,KAAK,YAAY,IAAI,GAAG,0BAA0B;AAEhE,UAAM,gBAAgB,MAAM,gBAAgB,UAAU,KAAK,yBAAyB,WAAW;AAE/F,UAAM,mBAAmB,OAAO,QAAQ,UAAU;AAChD,YAAM,YAAY,QAAQ,aAAa,KAAK;AAC5C,UAAI,CAAC,WAAW;AACd,eAAO;AAAA,UACL,WAAW;AAAA,UACX,eAAe;AAAA,UACf,QAAQ,cAAc;AAAA,QACxB;AAAA,MACF;AAEA,UAAI,CAAC,SAAS,kBAAkB;AAC9B,eAAO;AAAA,UACL;AAAA,UACA,eAAe;AAAA,UACf,QAAQ,cAAc;AAAA,QACxB;AAAA,MACF;AAEA,YAAM,gBAAgB,MAAM,cAAc,WAAW,QAAQ,iBAAiB;AAC9E,2BAAqB;AACrB,aAAO;AAAA,QACL;AAAA,QACA;AAAA,QACA,QAAQ,cAAc;AAAA,MACxB;AAAA,IACF;AAEA,QAAI,iBAAiB;AACnB,eAAS,IAAI,aAAa;AAAA,QACxB;AAAA,QACA;AAAA,QACA,cAAc;AAAA,QACd,OAAO;AAAA,QACP;AAAA,QACA;AAAA,MACF,CAAC;AACD,YAAM,YAAY,MAAM,OAAO,MAAM;AACrC,aAAO,KAAK,EAAE,UAAU,GAAG,yBAAyB;AAAA,IACtD;AAEA,gBAAY,IAAI,UAAU,OAAO,OAAO,SAAS,aAAa;AAAA,MAC5D;AAAA,MACA,eAAe,MAAM,iBAAiB,IAAI;AAAA,IAC5C,CAAC;AACD,cAAU,cAAc,qBAAqB,aAAa,OAAO,OAAO,OAAO;AAC/E,UAAM,UAAU,MAAM;AACtB,WAAO,KAAK,EAAE,SAAS,OAAO,OAAO,QAAQ,GAAG,sBAAsB;AAEtE,QAAI,gBAAgB;AAClB,qBAAe,GAAG,oBAAoB,CAAC,WAAW;AAChD,mBAAW,wBAAwB,MAAM;AAAA,MAC3C,CAAC;AACD,qBAAe,GAAG,mBAAmB,OAAO,WAAW;AACrD,mBAAW,wBAAwB,MAAM;AACzC,cAAM,iBAAiB,KAAK;AAAA,MAC9B,CAAC;AACD,qBAAe,GAAG,qBAAqB,CAAC,WAAW;AACjD,2BAAmB;AACnB,mBAAW,wBAAwB,MAAM;AAAA,MAC3C,CAAC;AACD,qBAAe,GAAG,2BAA2B,OAAO,WAAW;AAC7D,mBAAW,wBAAwB,MAAM;AACzC,cAAM,iBAAiB,KAAK;AAAA,MAC9B,CAAC;AACD,qBAAe,MAAM;AAAA,IACvB;AAEA,UAAM,iBAAiB,mBAAmB,MAAM;AAChD,QAAI,gBAAgB,SAAS;AAC3B,YAAM,SAAS;AACf,wBAAkB,IAAI,gBAAgB;AAAA,QACpC,OAAO;AAAA,QACP;AAAA,QACA,cAAcC,MAAK,OAAO,OAAO,SAAS,qBAAqB;AAAA,QAC/D,aAAa,OAAO;AAAA,QACpB,eAAe,SACX,OAAO,SAAS,WAAW;AACzB,gBAAM,SAAS,OAAO,mBAAmB,OAAO;AAChD,cAAI,CAAC,QAAQ;AACX,kBAAM,IAAI,MAAM,yCAAyC,OAAO,GAAG;AAAA,UACrE;AACA,iBAAO,OAAO,cAAc,MAAM;AAAA,QACpC,IACA;AAAA,QACJ,uBAAuB,SACnB,CAAC,QAAQ,WAAW,OAAO,sBAAsB,QAAQ,MAAM,IAC/D;AAAA,MACN,CAAC;AACD,YAAM,gBAAgB,MAAM;AAC5B,kBAAY,mBAAmB,IAAI;AACnC,aAAO,KAAK,0BAA0B;AAAA,IACxC;AAEA,cAAU,oBAAoB,YAAY;AACxC,aAAO,KAAK,kBAAkB;AAC9B,sBAAgB,KAAK;AACrB,aAAO,mBAAmB,KAAK;AAC/B,YAAM,iBAAiB,KAAK;AAC5B,YAAM,WAAW,KAAK;AACtB,YAAM,QAAQ,KAAK;AACnB,YAAM,OAAO,SAAS;AACtB,YAAM,UAAU,YAAY;AAC5B,aAAO,KAAK,gBAAgB;AAAA,IAC9B,CAAC;AAAA,EACH,SAAS,OAAO;AACd,oBAAgB,KAAK;AACrB,WAAO,mBAAmB,KAAK;AAC/B,UAAM,mBAAmB,QAAQ,oBAAoB,MAAM,iBAAiB,KAAK,CAAC;AAClF,UAAM,mBAAmB,QAAQ,cAAc,MAAM,WAAW,KAAK,CAAC;AACtE,UAAM,mBAAmB,QAAQ,uBAAuB,MAAM,aAAa,KAAK,CAAC;AACjF,UAAM,mBAAmB,QAAQ,iBAAiB,MAAM,QAAQ,KAAK,CAAC;AACtE,UAAM,mBAAmB,QAAQ,gBAAgB,MAAM,OAAO,SAAS,CAAC;AACxE,UAAM,mBAAmB,QAAQ,eAAe,MAAM,UAAU,YAAY,CAAC;AAC7E,UAAM;AAAA,EACR;AACF;AAEA,eAAe,mBACb,QACA,OACA,SACe;AACf,MAAI;AACF,UAAM,QAAQ;AAAA,EAChB,SAAS,OAAO;AACd,WAAO,KAAK,EAAE,KAAK,MAAM,GAAG,sBAAsB,KAAK,GAAG;AAAA,EAC5D;AACF;AAEA,SAAS,yBAAyB,OAAsC;AACtE,QAAM,gBAAgB,MAAM,aAAa,gBAAgB;AACzD,SAAO;AAAA,IACL,UAAU,MAAM,aAAa;AAAA,IAC7B;AAAA,IACA,OAAO,gBAAgB,kBAAkB;AAAA,IACzC,SAAS,gBAAgB,MAAM,UAAU;AAAA,IACzC,WAAW;AAAA,IACX,aAAa;AAAA,IACb,kBAAkB;AAAA,IAClB,WAAW;AAAA,IACX,WAAW,KAAK,IAAI;AAAA,EACtB;AACF;AAEA,eAAe,cACb,WACA,QAIA,QACkB;AAClB,MAAI,sBAAsB,GAAG;AAC3B,WAAO,KAAK,EAAE,UAAU,GAAG,kEAAkE,MAAM,GAAG;AACtG,WAAO;AAAA,EACT;AAEA,MAAI;AACF,UAAM,KAAK,SAAS;AACpB,WAAO;AAAA,EACT,SAAS,OAAO;AACd,WAAO,KAAK,EAAE,KAAK,OAAO,UAAU,GAAG,uCAAuC;AAC9E,WAAO,KAAK,EAAE,UAAU,GAAG,mCAAmC,MAAM,GAAG;AACvE,WAAO;AAAA,EACT;AACF;AAEA,SAAS,wBAAiC;AACxC,MAAI,QAAQ,IAAI,wBAAwB,OAAO,QAAQ,IAAI,OAAO,QAAQ;AACxE,WAAO;AAAA,EACT;AAEA,MAAI,QAAQ,IAAI,kBAAkB,QAAQ,IAAI,SAAS;AACrD,WAAO;AAAA,EACT;AAEA,SAAO,QAAQ,aAAa,WAAW,CAAC,QAAQ,IAAI,WAAW,CAAC,QAAQ,IAAI;AAC9E;AAEA,KAAK,EAAE,MAAM,CAAC,UAAU;AACtB,UAAQ,MAAM,UAAU,KAAK;AAC7B,UAAQ,KAAK,CAAC;AAChB,CAAC;","names":["mkdir","dirname","join","refreshed","mkdir","dirname","join"]}

package/dist/ipc/server.d.ts ADDED Viewed

@@ -0,0 +1,69 @@
+import { D as DaemonAuthStatus } from '../session-monitor-P9hNAFw4.js';
+import { DaemonStatusBase, DaemonState } from '../state.js';
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+import { MeshToolContext } from '@hivemind-os/collective-mcp-server';
+import { C as ClientValidationResult, P as PipeSecurityStatus } from '../config-SuloXL2_.js';
+import '@hivemind-os/collective-core';
+import '@hivemind-os/collective-types';
+import '@mysten/sui/cryptography';
+import '@mysten/sui/keypairs/ed25519';
+import 'node:fs';
+interface ConnectedApp {
+    connectionId: string;
+    appName: string;
+    appPid: number;
+    profile?: string;
+    connectedAt: number;
+}
+interface ConnectedAppMetadata {
+    appName: string;
+    appPid: number;
+    profile?: string;
+}
+interface DaemonStatusSnapshot extends DaemonStatusBase {
+    connectedApps: ConnectedApp[];
+}
+interface IpcServerOptions {
+    validateClient?: (metadata: ConnectedAppMetadata) => Promise<ClientValidationResult>;
+    verifyPipeSecurity?: (ipcPath: string) => Promise<PipeSecurityStatus>;
+    getAuthStatus?: () => DaemonAuthStatus;
+    triggerReauth?: () => Promise<{
+        portalUrl: string | null;
+        browserOpened: boolean;
+        status: DaemonAuthStatus;
+    }>;
+}
+declare class IpcServer {
+    private readonly ipcPath;
+    private readonly state;
+    private readonly options;
+    private server?;
+    private readonly connections;
+    private readonly connectionRegistry;
+    toolContext?: MeshToolContext;
+    constructor(ipcPath: string, state: DaemonState, options?: IpcServerOptions);
+    start(): Promise<void>;
+    stop(): Promise<void>;
+    getConnectedApps(): ConnectedApp[];
+    getStatus(): DaemonStatusSnapshot;
+    getAuthStatus(): DaemonAuthStatus;
+    notifyAuthStatusChanged(status?: DaemonAuthStatus): void;
+    /**
+     * Broadcast a notification to all connected MCP sessions.
+     * Used for provider inbound task notifications and other system-wide events.
+     */
+    broadcastNotification(method: string, params?: unknown): void;
+    /**
+     * Look up the low-level MCP Server for a connected app by name.
+     * Throws if multiple connections match (ambiguous).
+     * Returns undefined if no match is found.
+     */
+    getMcpServerForApp(appName: string): Server | undefined;
+    private handleConnection;
+    private logPipeSecurity;
+    private validateClient;
+}
+export { type DaemonStatusSnapshot, IpcServer, type IpcServerOptions };

package/dist/ipc/server.js ADDED Viewed

@@ -0,0 +1,8 @@
+import {
+  IpcServer
+} from "../chunk-BHN4GOYD.js";
+import "../chunk-NXIFS427.js";
+export {
+  IpcServer
+};
+//# sourceMappingURL=server.js.map

package/dist/ipc/server.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}