@muhaven/mcp 0.1.3 → 0.1.5

package/dist/broker.js

@@ -1,11 +1,14 @@
+import path, { join, dirname, resolve } from 'path';
+import { fileURLToPath } from 'url';
 import { platform, release, hostname, homedir } from 'os';
-import { exec } from 'child_process';
-import { join, dirname } from 'path';
+import { exec, spawn } from 'child_process';
 import { connect, createServer } from 'net';
 import { mkdir, chmod, writeFile, readFile, unlink, stat } from 'fs/promises';
-import { privateKeyToAccount } from 'viem/accounts';
+import { privateKeyToAccount, generatePrivateKey } from 'viem/accounts';
 
-// src/broker/cli.ts
+var getFilename = () => fileURLToPath(import.meta.url);
+var getDirname = () => path.dirname(getFilename());
+var __dirname$1 = /* @__PURE__ */ getDirname();
 var DEFAULT_BACKEND_URL = "https://api.muhaven.app";
 var DEFAULT_DASHBOARD_URL = "https://muhaven.app";
 var DEFAULT_REQUEST_TIMEOUT_MS = 15e3;
@@ -418,8 +421,8 @@ var OsKeystore = class {
   }
 };
 var FileKeystore = class {
-  constructor(path) {
-    this.path = path;
+  constructor(path2) {
+    this.path = path2;
   }
   path;
   backend = "file";
@@ -657,7 +660,8 @@ async function handleBrokerRequest(req, signer, keystore, nowSec = () => Math.fl
         sessionKeyAddress: signer.address,
         hasJwt,
         hasSessionKey,
-        ...options.effectiveConfig ? { effectiveConfig: options.effectiveConfig } : {}
+        ...options.effectiveConfig ? { effectiveConfig: options.effectiveConfig } : {},
+        ...options.pid !== void 0 ? { pid: options.pid } : {}
       };
     }
     case "sign_hash": {
@@ -888,7 +892,8 @@ var BrokerDaemon = class {
           effectiveConfig: {
             backendBaseUrl: this.config.backendBaseUrl,
             dashboardBaseUrl: this.config.dashboardBaseUrl
-          }
+          },
+          pid: process.pid
         }
       );
       socket.end(serializeResponse(res));
@@ -932,6 +937,408 @@ async function runBrokerDaemonCli() {
   await new Promise(() => {
   });
 }
+var DANGEROUS_NODE_ENV_VARS = [
+  "NODE_OPTIONS",
+  "NODE_TLS_REJECT_UNAUTHORIZED",
+  "NODE_EXTRA_CA_CERTS",
+  "NODE_PATH"
+];
+function applyEnvDefaults(input) {
+  const { env } = input;
+  const platformId = input.platformId ?? process.platform;
+  const osRelease = input.osRelease ?? release();
+  const toSet = {};
+  const preserved = [];
+  const defaultIfUnset = (name, value) => {
+    if (env[name] && env[name].length > 0) {
+      preserved.push(name);
+    } else {
+      toSet[name] = value;
+    }
+  };
+  defaultIfUnset("MUHAVEN_BACKEND_URL", "https://api.muhaven.app");
+  defaultIfUnset("MUHAVEN_DASHBOARD_URL", "https://muhaven.app");
+  const wantFileKeyring = platformId === "win32" || platformId === "linux" && (env.WSL_DISTRO_NAME !== void 0 || /microsoft/i.test(osRelease)) || env.REMOTE_CONTAINERS === "true" || env.CODESPACES === "true" || env.SSH_CONNECTION !== void 0;
+  if (wantFileKeyring) {
+    defaultIfUnset("MUHAVEN_KEYRING", "file");
+  } else if (env.MUHAVEN_KEYRING) {
+    preserved.push("MUHAVEN_KEYRING");
+  }
+  return { toSet, preserved };
+}
+function mintSessionKey() {
+  return generatePrivateKey();
+}
+function decideSetupAction(input) {
+  if (input.hello === null) return "spawn_and_login";
+  if (!input.hello.hasJwt) return "login_only";
+  return "already_ready";
+}
+function spawnDaemon(options) {
+  const sanitized = {};
+  for (const [k, v] of Object.entries(process.env)) {
+    if (!DANGEROUS_NODE_ENV_VARS.includes(k)) {
+      sanitized[k] = v;
+    }
+  }
+  const merged = { ...sanitized, ...options.env };
+  const child = spawn(process.execPath, [options.binPath], {
+    detached: true,
+    stdio: "ignore",
+    windowsHide: true,
+    env: merged
+  });
+  child.unref();
+  if (child.pid === void 0) {
+    throw new Error("failed to spawn muhaven-broker daemon \u2014 child pid is undefined");
+  }
+  return child.pid;
+}
+function validateHttpUrlFlag(name, value) {
+  let parsed;
+  try {
+    parsed = new URL(value);
+  } catch {
+    return `${name} is not a valid URL: ${value}`;
+  }
+  if (parsed.protocol === "https:") return null;
+  if (parsed.protocol === "http:") {
+    const host = parsed.hostname;
+    if (host === "localhost" || host === "127.0.0.1" || host === "[::1]") return null;
+    return `${name} must use https:// (got http:// to ${host} \u2014 refusing to ship JWT cleartext)`;
+  }
+  return `${name} must use https:// (got ${parsed.protocol})`;
+}
+function validateBrokerEndpointFlag(value, platformId) {
+  if (!value || value.length === 0) {
+    return "--broker-endpoint cannot be empty";
+  }
+  if (platformId === "win32") {
+    if (value.startsWith("\\\\.\\pipe\\") || value.startsWith("//./pipe/")) {
+      return null;
+    }
+    return "--broker-endpoint on Windows must be a named pipe path (\\\\.\\pipe\\...)";
+  }
+  if (!value.startsWith("/")) {
+    return "--broker-endpoint on POSIX must be an absolute path (e.g. /run/muhaven/broker.sock)";
+  }
+  return null;
+}
+var defaultSleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
+async function waitForBroker(options) {
+  const timeoutMs = options.timeoutMs ?? 8e3;
+  const intervalMs = options.intervalMs ?? 200;
+  const sleep = options.sleep ?? defaultSleep;
+  const now = options.now ?? Date.now;
+  const deadline = now() + timeoutMs;
+  let lastErr = null;
+  while (now() < deadline) {
+    try {
+      const hello = await options.broker.hello();
+      return { hasJwt: hello.hasJwt };
+    } catch (err) {
+      lastErr = err;
+      if (now() + intervalMs < deadline) {
+        await sleep(intervalMs);
+      } else {
+        break;
+      }
+    }
+  }
+  throw new Error(
+    `muhaven-broker daemon did not become reachable within ${timeoutMs}ms: ${lastErr instanceof Error ? lastErr.message : String(lastErr)}`
+  );
+}
+function parseSetupFlags(argv) {
+  let foreground = false;
+  let noLaunchBrowser = false;
+  let brokerEndpoint;
+  let backendBaseUrl;
+  let dashboardBaseUrl;
+  let skipLogin = false;
+  for (let i = 0; i < argv.length; i++) {
+    const a = argv[i];
+    if (a === "--foreground" || a === "-f") foreground = true;
+    else if (a === "--no-launch-browser") noLaunchBrowser = true;
+    else if (a === "--skip-login") skipLogin = true;
+    else if (a === "--broker-endpoint" && i + 1 < argv.length) brokerEndpoint = argv[++i];
+    else if (a === "--backend-base-url" && i + 1 < argv.length) backendBaseUrl = argv[++i];
+    else if (a === "--dashboard-base-url" && i + 1 < argv.length) dashboardBaseUrl = argv[++i];
+    else throw new Error(`unknown flag: ${a}`);
+  }
+  return {
+    foreground,
+    noLaunchBrowser,
+    brokerEndpoint,
+    backendBaseUrl,
+    dashboardBaseUrl,
+    skipLogin
+  };
+}
+async function runSetup(argv, deps) {
+  let flags;
+  try {
+    flags = parseSetupFlags(argv);
+  } catch (err) {
+    deps.printErr(`error: ${err.message}`);
+    deps.printErr(
+      "usage: muhaven-broker setup [--foreground|-f] [--no-launch-browser] [--skip-login]\n                            [--broker-endpoint PATH] [--backend-base-url URL]\n                            [--dashboard-base-url URL]"
+    );
+    return 2;
+  }
+  if (flags.backendBaseUrl) {
+    const err = validateHttpUrlFlag("--backend-base-url", flags.backendBaseUrl);
+    if (err) {
+      deps.printErr(`error: ${err}`);
+      return 2;
+    }
+  }
+  if (flags.dashboardBaseUrl) {
+    const err = validateHttpUrlFlag("--dashboard-base-url", flags.dashboardBaseUrl);
+    if (err) {
+      deps.printErr(`error: ${err}`);
+      return 2;
+    }
+  }
+  if (flags.brokerEndpoint) {
+    const err = validateBrokerEndpointFlag(flags.brokerEndpoint, deps.platformId);
+    if (err) {
+      deps.printErr(`error: ${err}`);
+      return 2;
+    }
+  }
+  const overrides = applyEnvDefaults({
+    env: deps.env,
+    platformId: deps.platformId,
+    osRelease: deps.osRelease
+  });
+  const effectiveEnv = {};
+  for (const [k, v] of Object.entries(deps.env)) {
+    if (typeof v === "string") effectiveEnv[k] = v;
+  }
+  for (const [k, v] of Object.entries(overrides.toSet)) {
+    effectiveEnv[k] = v;
+  }
+  if (flags.brokerEndpoint) effectiveEnv.MUHAVEN_BROKER_ENDPOINT = flags.brokerEndpoint;
+  if (flags.backendBaseUrl) effectiveEnv.MUHAVEN_BACKEND_URL = flags.backendBaseUrl;
+  if (flags.dashboardBaseUrl) effectiveEnv.MUHAVEN_DASHBOARD_URL = flags.dashboardBaseUrl;
+  for (const name of overrides.preserved) {
+    deps.print(`Env preserved: ${name} (set in your shell)`);
+  }
+  for (const [k, v] of Object.entries(overrides.toSet)) {
+    deps.print(`Env defaulted: ${k}=${v}`);
+  }
+  let sessionKey = effectiveEnv.MUHAVEN_BROKER_SESSION_KEY;
+  let mintedKey = false;
+  if (!sessionKey || sessionKey === "") {
+    sessionKey = deps.mintSessionKey();
+    mintedKey = true;
+    deps.print("Session key: minted fresh (secp256k1, ephemeral to this daemon).");
+  } else {
+    deps.print("Session key: using MUHAVEN_BROKER_SESSION_KEY from env.");
+  }
+  effectiveEnv.MUHAVEN_BROKER_SESSION_KEY = sessionKey;
+  if (flags.foreground) {
+    deps.print("Foreground mode \u2014 running daemon attached to this shell. Ctrl-C to stop.");
+    const restorationKeys = [
+      ...Object.keys(overrides.toSet),
+      "MUHAVEN_BROKER_SESSION_KEY",
+      ...flags.brokerEndpoint ? ["MUHAVEN_BROKER_ENDPOINT"] : [],
+      ...flags.backendBaseUrl ? ["MUHAVEN_BACKEND_URL"] : [],
+      ...flags.dashboardBaseUrl ? ["MUHAVEN_DASHBOARD_URL"] : []
+    ];
+    const originalValues = {};
+    for (const k of restorationKeys) {
+      originalValues[k] = process.env[k];
+      process.env[k] = effectiveEnv[k];
+    }
+    try {
+      await deps.runForegroundDaemon();
+    } finally {
+      for (const k of restorationKeys) {
+        if (originalValues[k] === void 0) delete process.env[k];
+        else process.env[k] = originalValues[k];
+      }
+    }
+    return 0;
+  }
+  const config = loadMcpConfig(effectiveEnv);
+  const broker = deps.newBrokerClient(config.brokerEndpoint, config.brokerTimeoutMs);
+  let helloProbe = null;
+  try {
+    helloProbe = await broker.hello();
+  } catch {
+  }
+  const action = decideSetupAction({ hello: helloProbe });
+  let daemonPid = null;
+  if (action === "spawn_and_login") {
+    deps.print("Broker daemon: not running, starting one (detached) ...");
+    daemonPid = deps.spawnDaemon({
+      binPath: deps.resolveBinPath(),
+      env: {
+        // Explicit env for the spawned daemon. Includes every var that the
+        // daemon's loadBrokerConfig will read, sourced from our resolved
+        // effectiveEnv (NOT from process.env). spawnDaemon will sanitize
+        // process.env-inherited values further (strips NODE_OPTIONS etc.).
+        ...overrides.toSet,
+        MUHAVEN_BROKER_ENDPOINT: config.brokerEndpoint,
+        MUHAVEN_BACKEND_URL: effectiveEnv.MUHAVEN_BACKEND_URL,
+        MUHAVEN_DASHBOARD_URL: effectiveEnv.MUHAVEN_DASHBOARD_URL,
+        MUHAVEN_BROKER_SESSION_KEY: sessionKey
+      }
+    });
+    try {
+      const readyHello = await deps.waitForBroker({ broker });
+      helloProbe = readyHello;
+      deps.print(`Broker daemon: ready (PID ${daemonPid}, endpoint ${config.brokerEndpoint}).`);
+    } catch (err) {
+      deps.printErr(err.message);
+      deps.printErr(
+        "  hint: re-run `muhaven-broker setup` after checking that no other broker is bound to the same endpoint."
+      );
+      return 1;
+    }
+  } else {
+    deps.print(`Broker daemon: already reachable at ${config.brokerEndpoint}.`);
+  }
+  const needsLogin = !flags.skipLogin && !(helloProbe && helloProbe.hasJwt);
+  if (flags.skipLogin) {
+    deps.print("Login: skipped per --skip-login.");
+  } else if (helloProbe && helloProbe.hasJwt) {
+    deps.print("Login: skipped \u2014 JWT already in keystore.");
+  }
+  if (needsLogin) {
+    const loginArgv = [];
+    if (flags.noLaunchBrowser) loginArgv.push("--no-launch-browser");
+    if (flags.brokerEndpoint) {
+      loginArgv.push("--broker-endpoint", flags.brokerEndpoint);
+    }
+    if (flags.backendBaseUrl) {
+      loginArgv.push("--backend-base-url", flags.backendBaseUrl);
+    }
+    if (flags.dashboardBaseUrl) {
+      loginArgv.push("--dashboard-base-url", flags.dashboardBaseUrl);
+    }
+    const restorationKeys = ["MUHAVEN_BACKEND_URL", "MUHAVEN_DASHBOARD_URL", "MUHAVEN_BROKER_ENDPOINT"];
+    const originalValues = {};
+    for (const k of restorationKeys) {
+      originalValues[k] = process.env[k];
+      if (effectiveEnv[k]) process.env[k] = effectiveEnv[k];
+    }
+    let code;
+    try {
+      code = await deps.runLogin(loginArgv);
+    } finally {
+      for (const k of restorationKeys) {
+        if (originalValues[k] === void 0) delete process.env[k];
+        else process.env[k] = originalValues[k];
+      }
+    }
+    if (code !== 0) {
+      deps.printErr(
+        "Setup: login step failed \u2014 daemon is still running, re-run `muhaven-broker login` to retry."
+      );
+      if (daemonPid !== null) {
+        const killCmd = deps.platformId === "win32" ? `Stop-Process -Id ${daemonPid}` : `kill ${daemonPid}`;
+        deps.printErr(`  (daemon PID ${daemonPid}; stop with: ${killCmd})`);
+      }
+      return code;
+    }
+  }
+  deps.print("");
+  deps.print("================================");
+  deps.print("Setup complete.");
+  if (daemonPid !== null) {
+    deps.print(`  Daemon PID : ${daemonPid}`);
+    const killCmd = deps.platformId === "win32" ? `Stop-Process -Id ${daemonPid}` : `kill ${daemonPid}`;
+    deps.print(`  Stop daemon: ${killCmd}`);
+  } else {
+    deps.print("  Daemon     : already running");
+  }
+  deps.print(`  Endpoint   : ${config.brokerEndpoint}`);
+  deps.print("  Sign out   : muhaven-broker logout   (clears JWT, leaves daemon running)");
+  if (mintedKey) {
+    deps.print("  Session key: ephemeral \u2014 minted by setup, lives only in the daemon process.");
+  }
+  deps.print("================================");
+  return 0;
+}
+
+// src/broker/stop.ts
+async function runStop(deps) {
+  const gracefulShutdownMs = deps.gracefulShutdownMs ?? 5e3;
+  const pollIntervalMs = deps.pollIntervalMs ?? 200;
+  const broker = deps.newBrokerClient(deps.endpoint, deps.brokerTimeoutMs);
+  let hello;
+  try {
+    hello = await broker.hello();
+  } catch {
+    deps.print("Broker daemon: not running, nothing to stop.");
+    return 0;
+  }
+  try {
+    await broker.clearJwt();
+    deps.print("JWT cleared from keystore.");
+  } catch (err) {
+    deps.print(
+      `Warning: clearJwt failed (${err instanceof Error ? err.message : String(err)}); continuing with daemon shutdown.`
+    );
+  }
+  const pid = hello.pid;
+  if (pid === void 0) {
+    deps.printErr(
+      "Broker daemon did not advertise its PID (older than @muhaven/mcp@0.1.5)."
+    );
+    deps.printErr("Stop manually with:");
+    deps.printErr("  POSIX:   pkill -f muhaven-broker");
+    deps.printErr("  Windows: Stop-Process -Name node -Force  (filter to muhaven-broker)");
+    return 1;
+  }
+  try {
+    deps.killProcess(pid, "SIGTERM");
+    deps.print(`Sent SIGTERM to broker daemon (PID ${pid}). Waiting up to ${gracefulShutdownMs}ms for clean exit...`);
+  } catch (err) {
+    deps.printErr(
+      `Failed to send SIGTERM to PID ${pid}: ${err instanceof Error ? err.message : String(err)}`
+    );
+    return 1;
+  }
+  const maxAttempts = Math.ceil(gracefulShutdownMs / pollIntervalMs);
+  for (let i = 0; i < maxAttempts; i++) {
+    await deps.sleep(pollIntervalMs);
+    try {
+      await broker.hello();
+    } catch {
+      deps.print("Broker daemon stopped cleanly.");
+      return 0;
+    }
+  }
+  deps.print(`Daemon did not exit after ${gracefulShutdownMs}ms \u2014 sending SIGKILL.`);
+  try {
+    deps.killProcess(pid, "SIGKILL");
+    deps.print(`Broker daemon force-killed (PID ${pid}).`);
+    return 0;
+  } catch (err) {
+    deps.printErr(
+      `Failed to SIGKILL PID ${pid}: ${err instanceof Error ? err.message : String(err)}`
+    );
+    deps.printErr(
+      "  Daemon process may be orphaned. Inspect with `ps aux | grep muhaven-broker` and kill manually."
+    );
+    return 1;
+  }
+}
+function defaultKillProcess(pid, signal) {
+  try {
+    process.kill(pid, signal);
+    return true;
+  } catch (err) {
+    if (err.code === "ESRCH") {
+      return false;
+    }
+    throw err;
+  }
+}
 
 // src/broker/cli.ts
 function print(line) {
@@ -941,7 +1348,7 @@ function printErr(line) {
   process.stderr.write(line + "\n");
 }
 function detectMcpHost() {
-  return process.env.MCP_HOST_NAME ?? process.env.CLAUDE_CODE_HOST ?? process.env.npm_lifecycle_event ?? "muhaven-broker-cli";
+  return process.env.MCP_HOST_NAME ?? process.env.CLAUDE_CODE_HOST ?? "muhaven-broker-cli";
 }
 function detectEnvironment() {
   const warnings = [];
@@ -1195,11 +1602,59 @@ function printUsage() {
   print("usage: muhaven-broker [<subcommand>] [options]");
   print("");
   print("  (no subcommand)    Run the daemon (production mode)");
+  print("  setup              One-shot install: env defaults + session key + detached daemon + login");
+  print("                       [--foreground|-f] keeps the daemon attached (skip background spawn)");
+  print("                       [--skip-login] starts the daemon but lets you run login later");
+  print("                       [--no-launch-browser] pass-through to login");
+  print("  stop               Cleanly stop a running daemon (SIGTERM with SIGKILL fallback");
+  print("                       after 5s). Also clears the keystore JWT as a best effort.");
   print("  login              Acquire a JWT via the device-code flow + store in keystore");
   print("                       [--from-daemon] resolves backend/dashboard URLs from the running daemon");
-  print("  logout             Clear the JWT from the keystore");
+  print("  logout             Clear the JWT from the keystore (does NOT stop the daemon)");
   print("  doctor             Print environment + keystore + reachability report");
   print("  -h, --help         Show this help");
+  print("  -v, --version      Print the @muhaven/mcp package version");
+}
+function getBrokerPackageVersion() {
+  {
+    return "0.1.5";
+  }
+}
+function printVersion() {
+  print(`muhaven-broker @muhaven/mcp@${getBrokerPackageVersion()}`);
+}
+function resolveBrokerBinPath() {
+  return resolve(__dirname$1, "..", "bin", "muhaven-broker.cjs");
+}
+async function runSetup2(argv) {
+  const deps = {
+    print,
+    printErr,
+    mintSessionKey,
+    newBrokerClient: (endpoint, timeoutMs) => new BrokerClient({ endpoint, timeoutMs }),
+    spawnDaemon,
+    waitForBroker,
+    runLogin,
+    runForegroundDaemon: runBrokerDaemonCli,
+    resolveBinPath: resolveBrokerBinPath,
+    env: process.env,
+    platformId: process.platform,
+    osRelease: release()
+  };
+  return runSetup(argv, deps);
+}
+async function runStop2() {
+  const config = loadMcpConfig();
+  const deps = {
+    print,
+    printErr,
+    newBrokerClient: (endpoint, timeoutMs) => new BrokerClient({ endpoint, timeoutMs }),
+    killProcess: defaultKillProcess,
+    sleep: (ms) => new Promise((resolve) => setTimeout(resolve, ms)),
+    endpoint: config.brokerEndpoint,
+    brokerTimeoutMs: config.brokerTimeoutMs
+  };
+  return runStop(deps);
 }
 async function runCli(argv) {
   const [sub, ...rest] = argv;
@@ -1207,6 +1662,10 @@ async function runCli(argv) {
     case void 0:
       await runBrokerDaemonCli();
       return 0;
+    case "setup":
+      return runSetup2(rest);
+    case "stop":
+      return runStop2();
     case "login":
       return runLogin(rest);
     case "logout":
@@ -1217,6 +1676,10 @@ async function runCli(argv) {
     case "--help":
       printUsage();
       return 0;
+    case "-v":
+    case "--version":
+      printVersion();
+      return 0;
     default:
       printErr(`unknown subcommand: ${sub}`);
       printUsage();
@@ -1224,4 +1687,4 @@ async function runCli(argv) {
   }
 }
 
-export { parseLoginFlags, runCli, runDoctor, runLogin, runLogout };
+export { getBrokerPackageVersion, parseLoginFlags, runCli, runDoctor, runLogin, runLogout, runSetup2 as runSetup, runStop2 as runStop };

package/dist/index.cjs

@@ -1210,7 +1210,7 @@ var SERVER_NAME = "@muhaven/mcp";
 var SERVER_VERSION = resolveServerVersion();
 function resolveServerVersion() {
   {
-    return "0.1.3";
+    return "0.1.5";
   }
 }
 function toJsonInputSchema(schema) {
@@ -1794,7 +1794,8 @@ async function handleBrokerRequest(req, signer, keystore, nowSec = () => Math.fl
         sessionKeyAddress: signer.address,
         hasJwt,
         hasSessionKey,
-        ...options.effectiveConfig ? { effectiveConfig: options.effectiveConfig } : {}
+        ...options.effectiveConfig ? { effectiveConfig: options.effectiveConfig } : {},
+        ...options.pid !== void 0 ? { pid: options.pid } : {}
       };
     }
     case "sign_hash": {
@@ -2025,7 +2026,8 @@ var BrokerDaemon = class {
           effectiveConfig: {
             backendBaseUrl: this.config.backendBaseUrl,
             dashboardBaseUrl: this.config.dashboardBaseUrl
-          }
+          },
+          pid: process.pid
         }
       );
       socket.end(serializeResponse(res));

package/dist/index.d.cts

@@ -18,6 +18,12 @@ import { z } from 'zod';
  * keeper of the device-flow JWT (per ADR-3 D1 "polling, not loopback
  * callback") in addition to the session-key private half.
  *
+ * @muhaven/mcp@0.1.5 added `hello.pid` (still protocol 0.3.0 — additive
+ * optional field) so `muhaven-broker stop` can reach into the daemon
+ * process by PID without forcing operators to grep `ps` output. Older
+ * 0.1.4 daemons omit the field; `runStop` falls back to a structured
+ * error message in that case.
+ *
  * Threat-model invariants:
  *  - The broker NEVER reaches out to the network. It only:
  *      (a) signs hashes that the MCP server received from the backend,
@@ -94,6 +100,13 @@ interface BrokerHelloResponse {
         readonly backendBaseUrl: string;
         readonly dashboardBaseUrl: string;
     };
+    /**
+     * OS process id of the daemon. Surfaced so `muhaven-broker stop` can
+     * `process.kill(pid, 'SIGTERM')` without grepping `ps` output. Added in
+     * @muhaven/mcp@0.1.5 (no protocol-version bump — additive optional
+     * field). Older daemons omit; consumers MUST handle `undefined`.
+     */
+    readonly pid?: number;
 }
 interface BrokerSignHashResponse {
     readonly type: 'sign_hash';
@@ -804,6 +817,13 @@ interface HandleBrokerRequestOptions {
         readonly backendBaseUrl: string;
         readonly dashboardBaseUrl: string;
     };
+    /**
+     * The daemon's own OS PID. Injectable so unit tests can pin a value;
+     * production callers pass `process.pid` from the daemon process at
+     * handler-construction time. Surfaced via `hello.pid` so
+     * `muhaven-broker stop` can SIGTERM by PID. Added in @muhaven/mcp@0.1.5.
+     */
+    pid?: number;
 }
 declare function handleBrokerRequest(req: BrokerRequest, signer: ISigner, keystore: IKeystore, nowSec?: () => number, options?: HandleBrokerRequestOptions): Promise<BrokerResponse>;
 declare class BrokerDaemon {

package/dist/index.d.ts

@@ -18,6 +18,12 @@ import { z } from 'zod';
  * keeper of the device-flow JWT (per ADR-3 D1 "polling, not loopback
  * callback") in addition to the session-key private half.
  *
+ * @muhaven/mcp@0.1.5 added `hello.pid` (still protocol 0.3.0 — additive
+ * optional field) so `muhaven-broker stop` can reach into the daemon
+ * process by PID without forcing operators to grep `ps` output. Older
+ * 0.1.4 daemons omit the field; `runStop` falls back to a structured
+ * error message in that case.
+ *
  * Threat-model invariants:
  *  - The broker NEVER reaches out to the network. It only:
  *      (a) signs hashes that the MCP server received from the backend,
@@ -94,6 +100,13 @@ interface BrokerHelloResponse {
         readonly backendBaseUrl: string;
         readonly dashboardBaseUrl: string;
     };
+    /**
+     * OS process id of the daemon. Surfaced so `muhaven-broker stop` can
+     * `process.kill(pid, 'SIGTERM')` without grepping `ps` output. Added in
+     * @muhaven/mcp@0.1.5 (no protocol-version bump — additive optional
+     * field). Older daemons omit; consumers MUST handle `undefined`.
+     */
+    readonly pid?: number;
 }
 interface BrokerSignHashResponse {
     readonly type: 'sign_hash';
@@ -804,6 +817,13 @@ interface HandleBrokerRequestOptions {
         readonly backendBaseUrl: string;
         readonly dashboardBaseUrl: string;
     };
+    /**
+     * The daemon's own OS PID. Injectable so unit tests can pin a value;
+     * production callers pass `process.pid` from the daemon process at
+     * handler-construction time. Surfaced via `hello.pid` so
+     * `muhaven-broker stop` can SIGTERM by PID. Added in @muhaven/mcp@0.1.5.
+     */
+    pid?: number;
 }
 declare function handleBrokerRequest(req: BrokerRequest, signer: ISigner, keystore: IKeystore, nowSec?: () => number, options?: HandleBrokerRequestOptions): Promise<BrokerResponse>;
 declare class BrokerDaemon {

package/dist/index.js

@@ -1206,7 +1206,7 @@ var SERVER_NAME = "@muhaven/mcp";
 var SERVER_VERSION = resolveServerVersion();
 function resolveServerVersion() {
   {
-    return "0.1.3";
+    return "0.1.5";
   }
 }
 function toJsonInputSchema(schema) {
@@ -1790,7 +1790,8 @@ async function handleBrokerRequest(req, signer, keystore, nowSec = () => Math.fl
         sessionKeyAddress: signer.address,
         hasJwt,
         hasSessionKey,
-        ...options.effectiveConfig ? { effectiveConfig: options.effectiveConfig } : {}
+        ...options.effectiveConfig ? { effectiveConfig: options.effectiveConfig } : {},
+        ...options.pid !== void 0 ? { pid: options.pid } : {}
       };
     }
     case "sign_hash": {
@@ -2021,7 +2022,8 @@ var BrokerDaemon = class {
           effectiveConfig: {
             backendBaseUrl: this.config.backendBaseUrl,
             dashboardBaseUrl: this.config.dashboardBaseUrl
-          }
+          },
+          pid: process.pid
         }
       );
       socket.end(serializeResponse(res));