@naisys/hub 3.0.0-beta.39 → 3.0.0-beta.41

package/README.md

@@ -46,7 +46,9 @@ The hub owns mail, context logs and [attachments](../../docs/011-mail-attachment
 
 - `Authorization: Bearer` header auth with a rotatable access key
 - Hardened spawning: no shell interpretation, timeouts on `execFileSync`
-- API keys read from headers, not query params
+- API keys stored as SHA-256 hashes; per-user keys read from headers, not query params
+- Dynamic runtime API keys minted per agent and re-issued on hub restart
+- Redaction service scrubs sensitive variables and runtime keys from logs and mail before they hit the DB
 - Hub socket served at `/hub` for reverse-proxy friendliness (TLS terminated at the proxy)
 
 ### Deployment

package/dist/handlers/hubAgentService.js

@@ -1,29 +1,7 @@
-import { hashToken } from "@naisys/common-node";
 import { AgentPeekRequestSchema, AgentRunCommandRequestSchema, AgentRunPauseRequestSchema, AgentStartInboundSchema, AgentStopRequestSchema, HubEvents, } from "@naisys/hub-protocol";
-import { randomBytes } from "crypto";
 /** Handles agent_start requests by routing them to the least-loaded eligible host */
-export function createHubAgentService(naisysServer, { hubDb }, logService, heartbeatService, sendMailService, hostRegistrar) {
-    /**
-     * Mint a fresh runtime API key for a user, rotating any prior key. Plaintext
-     * is returned only here and travels once over the AGENT_START message; the
-     * DB only stores the hash. Keys persist across hub restarts/crashes/updates;
-     * revocation lives on the user disable/archive/delete paths and on graceful
-     * AGENT_STOP.
-     */
-    async function issueRuntimeApiKey(userId) {
-        const token = randomBytes(32).toString("hex");
-        await hubDb.users.update({
-            where: { id: userId },
-            data: { api_key_hash: hashToken(token) },
-        });
-        return token;
-    }
-    async function revokeRuntimeApiKey(userId) {
-        await hubDb.users.update({
-            where: { id: userId },
-            data: { api_key_hash: null },
-        });
-    }
+export function createHubAgentService(naisysServer, { hubDb }, logService, heartbeatService, sendMailService, hostRegistrar, runtimeKeyService, configService) {
+    const { issueRuntimeApiKey, revokeRuntimeApiKey } = runtimeKeyService;
     /** Find the least-loaded eligible host for a given user */
     async function findBestHost(startUserId) {
         // Look up which hosts this user is assigned to
@@ -93,22 +71,102 @@ export function createHubAgentService(naisysServer, { hubDb }, logService, heart
         return { kind: "go", bestHostId };
     }
     /**
-     * Issue a runtime key and send AGENT_START. Stranded keys from a failed
-     * send or failed response stay in the DB until the next AGENT_START for
-     * that user rotates them, or the user is disabled/archived/deleted — the
-     * agent process that would have used the key never started, so there's
-     * nobody to authenticate with it in the meantime.
+     * Mint and ship a key with AGENT_START so the agent's authenticated from
+     * spawn time, avoiding the one-RTT window heartbeat-only would create.
+     * Heartbeat-driven reissue covers later hash mismatches.
+     *
+     * The run_session row is written up front with model_name="" so the
+     * agent's command loop (which starts before the host acks) can FK-safely
+     * write logs/costs. model_name is patched in from the ack; the session
+     * is pushed to supervisors and runId/sessionId returned to the caller
+     * only on success. Any failure rolls back the placeholder.
      */
     async function dispatchAgentStart(args) {
         const { bestHostId, payload, onResponse } = args;
         const startUserId = payload.startUserId;
         const runtimeApiKey = await issueRuntimeApiKey(startUserId);
-        const sent = naisysServer.sendMessage(bestHostId, HubEvents.AGENT_START, { ...payload, runtimeApiKey }, (response) => {
-            if (response.success) {
-                heartbeatService.addStartedAgent(bestHostId, startUserId);
+        const lastRun = await hubDb.run_session.findFirst({
+            select: { run_id: true },
+            orderBy: { run_id: "desc" },
+        });
+        const runId = lastRun ? lastRun.run_id + 1 : 1;
+        const sessionId = 1;
+        const subagentId = 0;
+        const now = new Date().toISOString();
+        const rowWhere = {
+            user_id: startUserId,
+            run_id: runId,
+            subagent_id: subagentId,
+            session_id: sessionId,
+        };
+        await hubDb.run_session.create({
+            data: {
+                ...rowWhere,
+                host_id: bestHostId,
+                model_name: "",
+                created_at: now,
+                last_active: now,
+            },
+        });
+        async function rollbackPlaceholder(reason) {
+            try {
+                await hubDb.run_session.deleteMany({ where: rowWhere });
+            }
+            catch (err) {
+                logService.error(`[Hub:Agents] Failed to roll back run_session row for run ${runId} (${reason}): ${err}`);
+            }
+        }
+        const sent = naisysServer.sendMessage(bestHostId, HubEvents.AGENT_START, { ...payload, runtimeApiKey, runId, sessionId }, async (response) => {
+            if (response.success && response.modelName) {
+                const modelName = response.modelName;
+                try {
+                    await hubDb.run_session.updateMany({
+                        where: rowWhere,
+                        data: { model_name: modelName },
+                    });
+                    heartbeatService.addStartedAgent(bestHostId, startUserId);
+                    naisysServer.broadcastToSupervisors(HubEvents.SESSION_PUSH, {
+                        session: {
+                            userId: startUserId,
+                            runId,
+                            sessionId,
+                            modelName,
+                            createdAt: now,
+                            lastActive: now,
+                            latestLogId: 0,
+                            totalLines: 0,
+                            totalCost: 0,
+                        },
+                    });
+                    onResponse({ ...response, runId, sessionId });
+                }
+                catch (err) {
+                    logService.error(`[Hub:Agents] Failed to finalize run_session row for run ${runId}: ${err}`);
+                    await rollbackPlaceholder("update failed");
+                    onResponse({
+                        success: false,
+                        error: `Failed to finalize run_session row: ${err}`,
+                        hostname: response.hostname,
+                    });
+                }
+            }
+            else {
+                if (response.success && !response.modelName) {
+                    logService.error(`[Hub:Agents] Host ${bestHostId} acked agent_start without modelName for user ${startUserId}; treating as failure`);
+                }
+                await rollbackPlaceholder(response.success ? "missing modelName" : "host failure");
+                onResponse(response.success
+                    ? {
+                        success: false,
+                        error: "Host did not return modelName",
+                        hostname: response.hostname,
+                    }
+                    : response);
             }
-            onResponse(response);
         });
+        if (!sent) {
+            await rollbackPlaceholder("send failed");
+        }
         return { sent };
     }
     /** Try to start an agent on the best available host (fire-and-forget) */
@@ -177,12 +235,16 @@ export function createHubAgentService(naisysServer, { hubDb }, logService, heart
     });
     async function sendTaskMail(startUserId, requesterUserId, taskDescription) {
         try {
+            const mailEnabled = !!configService.getConfig().config?.mailServiceEnabled;
             await sendMailService.sendMail({
                 fromUserId: requesterUserId,
                 recipientUserIds: [startUserId],
-                subject: "Agent Start", // Agent will send a 'Session Completed' mail when session is completed
-                body: taskDescription,
-                kind: "mail",
+                // Agent will send a 'Session Completed' message when session is completed
+                subject: mailEnabled ? "Agent Start" : "",
+                body: mailEnabled
+                    ? taskDescription
+                    : `Agent Start: ${taskDescription}`,
+                kind: mailEnabled ? "mail" : "chat",
             });
         }
         catch (err) {

package/dist/handlers/hubConfigService.js

@@ -1,4 +1,4 @@
-import { buildClientConfig, builtInImageModels, builtInLlmModels, } from "@naisys/common";
+import { buildClientConfig, builtInImageModels, builtInLlmModels, OPENAI_CODEX_ACCESS_TOKEN_VAR, OPENAI_CODEX_REFRESH_TOKEN_VAR, } from "@naisys/common";
 import { HubEvents } from "@naisys/hub-protocol";
 import dotenv from "dotenv";
 /** Pushes the global config to NAISYS instances when they connect or when variables change */
@@ -7,10 +7,13 @@ export async function createHubConfigService(naisysServer, { hubDb }, logService
         success: false,
         error: "Not yet loaded",
     };
-    // API key variable names referenced by built-in models — always sensitive
+    // API key variable names referenced by built-in models — always sensitive.
+    // EXPIRES_AT is a timestamp, not a credential — keep it out so nearby
+    // millisecond values in logs don't get rewritten as redactions.
     const sensitiveKeys = new Set([...builtInLlmModels, ...builtInImageModels]
         .map((m) => m.apiKeyVar)
-        .filter(Boolean));
+        .filter(Boolean)
+        .concat([OPENAI_CODEX_ACCESS_TOKEN_VAR, OPENAI_CODEX_REFRESH_TOKEN_VAR]));
     // Seed DB from .env on first run
     const existing = await hubDb.variables.findMany();
     if (existing.length > 0) {
@@ -93,6 +96,7 @@ export async function createHubConfigService(naisysServer, { hubDb }, logService
     await buildConfigPayload();
     return {
         getConfig: () => cachedConfig,
+        broadcastConfig,
     };
 }
 /** Create variable placeholders if they don't already exist.

package/dist/handlers/hubHeartbeatService.js

@@ -1,6 +1,7 @@
+import { hashToken } from "@naisys/common-node";
 import { HeartbeatSchema, HUB_HEARTBEAT_INTERVAL_MS, HubEvents, } from "@naisys/hub-protocol";
 /** Tracks NAISYS instance heartbeats and pushes aggregate active user status to all instances */
-export function createHubHeartbeatService(naisysServer, { hubDb }, logService) {
+export function createHubHeartbeatService(naisysServer, { hubDb }, logService, redactionService, runtimeKeyService) {
     // Active agent user ids per host. Subagents ride under the parent's userId.
     const hostActiveAgents = new Map();
     const hostActiveSessions = new Map();
@@ -69,14 +70,48 @@ export function createHubHeartbeatService(naisysServer, { hubDb }, logService) {
                 });
             }
             hostActiveSessions.set(hostId, sessionMap);
+            // Self-heal: register each plaintext with the redactor (idempotent),
+            // then mint + push a fresh key if the hash is missing or mismatched.
+            // Old plaintexts accumulate per user so leaks during the rotate
+            // transition window still get scrubbed; AGENT_STOP clears the set.
+            if (parsed.runtimeApiKeys?.length) {
+                const userIds = parsed.runtimeApiKeys.map((k) => k.userId);
+                const users = await hubDb.users.findMany({
+                    where: { id: { in: userIds } },
+                    select: { id: true, api_key_hash: true, enabled: true, archived: true },
+                });
+                const userMap = new Map(users.map((u) => [u.id, u]));
+                for (const claim of parsed.runtimeApiKeys) {
+                    if (claim.runtimeApiKey) {
+                        redactionService.registerRuntimeApiKey(claim.userId, claim.runtimeApiKey);
+                    }
+                    const user = userMap.get(claim.userId);
+                    if (!user || !user.enabled || user.archived)
+                        continue;
+                    if (claim.runtimeApiKey &&
+                        user.api_key_hash &&
+                        hashToken(claim.runtimeApiKey) === user.api_key_hash) {
+                        continue; // hub already knows this key — nothing to do
+                    }
+                    try {
+                        const runtimeApiKey = await runtimeKeyService.issueRuntimeApiKey(claim.userId);
+                        naisysServer.sendMessage(hostId, HubEvents.RUNTIME_KEY_REISSUE, {
+                            userId: claim.userId,
+                            runtimeApiKey,
+                        });
+                    }
+                    catch (err) {
+                        logService.error(`[Hub:Heartbeat] Failed to reissue runtime key for user ${claim.userId}: ${err}`);
+                    }
+                }
+            }
         }
         catch (error) {
             logService.error(`[Hub:Heartbeat] Error updating heartbeat for host ${hostId}: ${error}`);
         }
     });
-    // Clean up tracking when a host disconnects. Runtime API keys are not
-    // touched here — they're rotated on the next AGENT_START and revoked
-    // explicitly on user disable/archive/delete.
+    // Runtime keys aren't touched on disconnect — the DB hash stays valid;
+    // if the agent reconnects, heartbeat re-registers the plaintext.
     naisysServer.registerEvent(HubEvents.CLIENT_DISCONNECTED, (hostId) => {
         hostActiveAgents.delete(hostId);
         hostActiveSessions.delete(hostId);

package/dist/handlers/hubLogService.js

@@ -1,6 +1,6 @@
 import { HubEvents, LogWriteRequestSchema, } from "@naisys/hub-protocol";
 /** Handles log_write events from NAISYS instances (fire-and-forget) */
-export function createHubLogService(naisysServer, { hubDb }, logService, heartbeatService) {
+export function createHubLogService(naisysServer, { hubDb }, logService, heartbeatService, redactionService) {
     // Track last pushed log ID per session for gap detection
     const lastPushedLogId = new Map();
     naisysServer.registerEvent(HubEvents.LOG_WRITE, async (hostId, data) => {
@@ -11,7 +11,8 @@ export function createHubLogService(naisysServer, { hubDb }, logService, heartbe
             const sessionUpdates = new Map();
             for (const entry of parsed.entries) {
                 const now = new Date().toISOString();
-                const lineCount = entry.message.split("\n").length;
+                const message = redactionService.redact(entry.message);
+                const lineCount = message.split("\n").length;
                 const subagentId = entry.subagentId ?? 0;
                 // Wire format: undefined for parent (subagent_id 0 in DB), number otherwise
                 const wireSubagentId = subagentId === 0 ? undefined : subagentId;
@@ -25,7 +26,7 @@ export function createHubLogService(naisysServer, { hubDb }, logService, heartbe
                         role: entry.role,
                         source: entry.source ?? null,
                         type: entry.type ?? null,
-                        message: entry.message,
+                        message,
                         created_at: entry.createdAt,
                         attachment_id: entry.attachmentId ?? null,
                     },
@@ -86,7 +87,7 @@ export function createHubLogService(naisysServer, { hubDb }, logService, heartbe
                     role: entry.role,
                     source: entry.source,
                     type: entry.type,
-                    message: entry.message,
+                    message,
                     createdAt: entry.createdAt,
                     attachmentId: attachmentPublicId,
                     attachmentFilename,

package/dist/handlers/hubRedactionService.js

@@ -0,0 +1,93 @@
+import { HubEvents } from "@naisys/hub-protocol";
+const MIN_SECRET_LENGTH = 6;
+const PATTERN_REPLACEMENTS = [
+    {
+        pattern: /Authorization:\s*(Bearer|Basic)\s+\S+/gi,
+        replacement: "Authorization: $1 [REDACTED]",
+    },
+    {
+        pattern: /-----BEGIN [A-Z ]*PRIVATE KEY-----[\s\S]+?-----END [A-Z ]*PRIVATE KEY-----/g,
+        replacement: "[REDACTED:PRIVATE_KEY]",
+    },
+    {
+        pattern: /eyJ[A-Za-z0-9_-]{8,}\.[A-Za-z0-9_-]{8,}\.[A-Za-z0-9_-]{8,}/g,
+        replacement: "[REDACTED:JWT]",
+    },
+    {
+        pattern: /AKIA[0-9A-Z]{16}/g,
+        replacement: "[REDACTED:AWS_KEY]",
+    },
+];
+/**
+ * Strips sensitive values before they hit the DB or get rebroadcast. Two
+ * sources:
+ *  - DB variables flagged sensitive
+ *  - Runtime NAISYS_API_KEY plaintexts, registered by issueRuntimeApiKey
+ *    and accumulated per-user as a Set. Heartbeat-driven re-registration
+ *    self-heals across hub restarts; AGENT_STOP clears the Set.
+ */
+export async function createHubRedactionService(naisysServer, { hubDb }, logService) {
+    // Sorted longest-first so a secret that is a prefix of another doesn't
+    // get partially replaced before the longer match runs.
+    let dbSecrets = [];
+    const runtimeApiKeys = new Map();
+    async function rebuildDbSecrets() {
+        const rows = await hubDb.variables.findMany({ where: { sensitive: true } });
+        dbSecrets = rows
+            .filter((r) => r.value && r.value.length >= MIN_SECRET_LENGTH)
+            .map((r) => ({ value: r.value, key: r.key }))
+            .sort((a, b) => b.value.length - a.value.length);
+    }
+    function redact(text) {
+        if (!text)
+            return text ?? "";
+        let out = text;
+        for (const { value, key } of dbSecrets) {
+            if (out.includes(value)) {
+                out = out.split(value).join(`[REDACTED:${key}]`);
+            }
+        }
+        for (const [userId, plaintexts] of runtimeApiKeys) {
+            for (const plaintext of plaintexts) {
+                if (out.includes(plaintext)) {
+                    out = out
+                        .split(plaintext)
+                        .join(`[REDACTED:NAISYS_API_KEY:${userId}]`);
+                }
+            }
+        }
+        for (const { pattern, replacement } of PATTERN_REPLACEMENTS) {
+            out = out.replace(pattern, replacement);
+        }
+        return out;
+    }
+    function registerRuntimeApiKey(userId, plaintext) {
+        if (!plaintext || plaintext.length < MIN_SECRET_LENGTH)
+            return;
+        let set = runtimeApiKeys.get(userId);
+        if (!set) {
+            set = new Set();
+            runtimeApiKeys.set(userId, set);
+        }
+        set.add(plaintext);
+    }
+    function revokeRuntimeApiKey(userId) {
+        runtimeApiKeys.delete(userId);
+    }
+    naisysServer.registerEvent(HubEvents.VARIABLES_CHANGED, async () => {
+        try {
+            await rebuildDbSecrets();
+        }
+        catch (error) {
+            logService.error(`[Hub:Redaction] Failed to rebuild secrets after VARIABLES_CHANGED: ${error}`);
+        }
+    });
+    await rebuildDbSecrets();
+    return {
+        redact,
+        registerRuntimeApiKey,
+        revokeRuntimeApiKey,
+        rebuildDbSecrets,
+    };
+}
+//# sourceMappingURL=hubRedactionService.js.map

package/dist/handlers/hubRedactionService.test.js

@@ -0,0 +1,116 @@
+import { HubEvents } from "@naisys/hub-protocol";
+import { beforeEach, describe, expect, test, vi } from "vitest";
+import { createHubRedactionService } from "./hubRedactionService.js";
+function createServerHarness() {
+    const handlers = new Map();
+    const server = {
+        registerEvent: vi.fn((event, handler) => {
+            handlers.set(event, handler);
+        }),
+    };
+    async function emit(event, ...args) {
+        const handler = handlers.get(event);
+        if (!handler)
+            throw new Error(`No handler for ${event}`);
+        await handler(...args);
+    }
+    return { server, emit };
+}
+function createHubDb(initialRows) {
+    let rows = [...initialRows];
+    const hubDb = {
+        variables: {
+            findMany: vi.fn(({ where }) => Promise.resolve(rows.filter((r) => r.sensitive === where.sensitive))),
+        },
+    };
+    return {
+        hubDb,
+        setRows: (next) => {
+            rows = [...next];
+        },
+    };
+}
+function createLogger() {
+    return {
+        log: vi.fn(),
+        error: vi.fn(),
+        disableConsole: vi.fn(),
+    };
+}
+describe("hubRedactionService", () => {
+    let server;
+    let emit;
+    beforeEach(() => {
+        const harness = createServerHarness();
+        server = harness.server;
+        emit = harness.emit;
+    });
+    test("redacts sensitive variable values", async () => {
+        const { hubDb } = createHubDb([
+            { key: "OPENAI_API_KEY", value: "sk-abc123def456", sensitive: true },
+            { key: "PUBLIC_VAR", value: "not-a-secret", sensitive: false },
+        ]);
+        const svc = await createHubRedactionService(server, { hubDb }, createLogger());
+        expect(svc.redact("call with sk-abc123def456 here")).toBe("call with [REDACTED:OPENAI_API_KEY] here");
+        expect(svc.redact("not-a-secret stays")).toBe("not-a-secret stays");
+    });
+    test("skips sensitive values shorter than 6 chars", async () => {
+        const { hubDb } = createHubDb([
+            { key: "SHORT", value: "abc", sensitive: true },
+            { key: "LONG_ENOUGH", value: "123456", sensitive: true },
+        ]);
+        const svc = await createHubRedactionService(server, { hubDb }, createLogger());
+        expect(svc.redact("abc and 123456")).toBe("abc and [REDACTED:LONG_ENOUGH]");
+    });
+    test("longest-first ordering avoids partial replacement", async () => {
+        const { hubDb } = createHubDb([
+            { key: "SHORT_KEY", value: "abc123", sensitive: true },
+            { key: "LONG_KEY", value: "abc1234567", sensitive: true },
+        ]);
+        const svc = await createHubRedactionService(server, { hubDb }, createLogger());
+        expect(svc.redact("token=abc1234567")).toBe("token=[REDACTED:LONG_KEY]");
+    });
+    test("registers and revokes runtime API keys per user", async () => {
+        const { hubDb } = createHubDb([]);
+        const svc = await createHubRedactionService(server, { hubDb }, createLogger());
+        svc.registerRuntimeApiKey(7, "deadbeefcafebabe");
+        expect(svc.redact("auth=deadbeefcafebabe")).toBe("auth=[REDACTED:NAISYS_API_KEY:7]");
+        svc.revokeRuntimeApiKey(7);
+        expect(svc.redact("auth=deadbeefcafebabe")).toBe("auth=deadbeefcafebabe");
+    });
+    test("accumulates plaintexts per user so old keys stay redactable mid-rotation", async () => {
+        const { hubDb } = createHubDb([]);
+        const svc = await createHubRedactionService(server, { hubDb }, createLogger());
+        svc.registerRuntimeApiKey(7, "oldkey1234567");
+        svc.registerRuntimeApiKey(7, "newkey7654321");
+        expect(svc.redact("oldkey1234567 and newkey7654321")).toBe("[REDACTED:NAISYS_API_KEY:7] and [REDACTED:NAISYS_API_KEY:7]");
+        svc.revokeRuntimeApiKey(7);
+        expect(svc.redact("oldkey1234567 and newkey7654321")).toBe("oldkey1234567 and newkey7654321");
+    });
+    test("pattern fallbacks catch shapes not in the secret list", async () => {
+        const { hubDb } = createHubDb([]);
+        const svc = await createHubRedactionService(server, { hubDb }, createLogger());
+        expect(svc.redact("Authorization: Bearer xyz.token.here")).toBe("Authorization: Bearer [REDACTED]");
+        expect(svc.redact("AKIAIOSFODNN7EXAMPLE")).toBe("[REDACTED:AWS_KEY]");
+        expect(svc.redact("header eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c trail")).toBe("header [REDACTED:JWT] trail");
+    });
+    test("redact returns empty string for null/undefined", async () => {
+        const { hubDb } = createHubDb([]);
+        const svc = await createHubRedactionService(server, { hubDb }, createLogger());
+        expect(svc.redact(null)).toBe("");
+        expect(svc.redact(undefined)).toBe("");
+        expect(svc.redact("")).toBe("");
+    });
+    test("rebuilds dbSecrets on VARIABLES_CHANGED", async () => {
+        const { hubDb, setRows } = createHubDb([
+            { key: "OLD_KEY", value: "old-secret-value", sensitive: true },
+        ]);
+        const svc = await createHubRedactionService(server, { hubDb }, createLogger());
+        expect(svc.redact("old-secret-value")).toBe("[REDACTED:OLD_KEY]");
+        setRows([{ key: "NEW_KEY", value: "new-secret-value", sensitive: true }]);
+        await emit(HubEvents.VARIABLES_CHANGED, 1);
+        expect(svc.redact("old-secret-value")).toBe("old-secret-value");
+        expect(svc.redact("new-secret-value")).toBe("[REDACTED:NEW_KEY]");
+    });
+});
+//# sourceMappingURL=hubRedactionService.test.js.map

package/dist/handlers/hubRuntimeKeyService.js

@@ -0,0 +1,27 @@
+import { hashToken } from "@naisys/common-node";
+import { randomBytes } from "crypto";
+/**
+ * Mints and revokes per-user runtime API keys. 32 random bytes; only the
+ * hash is persisted. Plaintext is registered with the redactor on issue so
+ * leaks get scrubbed; the user's Set is cleared on revoke.
+ */
+export function createHubRuntimeKeyService({ hubDb }, redactionService) {
+    async function issueRuntimeApiKey(userId) {
+        const token = randomBytes(32).toString("hex");
+        await hubDb.users.update({
+            where: { id: userId },
+            data: { api_key_hash: hashToken(token) },
+        });
+        redactionService.registerRuntimeApiKey(userId, token);
+        return token;
+    }
+    async function revokeRuntimeApiKey(userId) {
+        await hubDb.users.update({
+            where: { id: userId },
+            data: { api_key_hash: null },
+        });
+        redactionService.revokeRuntimeApiKey(userId);
+    }
+    return { issueRuntimeApiKey, revokeRuntimeApiKey };
+}
+//# sourceMappingURL=hubRuntimeKeyService.js.map

package/dist/handlers/hubSendMailService.js

@@ -1,9 +1,13 @@
 import { HubEvents, } from "@naisys/hub-protocol";
 /** Pure send-mail service with no auto-start logic, breaking the circular dependency */
-export function createHubSendMailService(naisysServer, { hubDb }, heartbeatService) {
+export function createHubSendMailService(naisysServer, { hubDb }, heartbeatService, redactionService) {
     /** Send a mail message directly by user IDs */
     async function sendMail(params) {
         const now = new Date();
+        // Redact once at entry — DB row, supervisor push, and any future fan-out
+        // all read from these locals.
+        const subject = redactionService.redact(params.subject);
+        const body = redactionService.redact(params.body);
         // Build participants string from usernames (sorted alphabetically)
         const allUserIds = [
             ...new Set([params.fromUserId, ...params.recipientUserIds]),
@@ -24,8 +28,8 @@ export function createHubSendMailService(naisysServer, { hubDb }, heartbeatServi
                     host_id: params.hostId,
                     kind: params.kind,
                     participants,
-                    subject: params.subject,
-                    body: params.body,
+                    subject,
+                    body,
                     created_at: now,
                 },
             });
@@ -114,8 +118,8 @@ export function createHubSendMailService(naisysServer, { hubDb }, heartbeatServi
             fromUserId: params.fromUserId,
             kind: params.kind,
             messageId: message.id,
-            subject: params.subject,
-            body: params.body,
+            subject,
+            body,
             createdAt: now.toISOString(),
             participants,
             attachments,

package/dist/handlers/hubVariablePatchService.js

@@ -0,0 +1,54 @@
+import { OPENAI_CODEX_ACCESS_TOKEN_VAR, OPENAI_CODEX_EXPIRES_AT_VAR, OPENAI_CODEX_REFRESH_TOKEN_VAR, } from "@naisys/common";
+import { HubEvents, VariablePatchRequestSchema, } from "@naisys/hub-protocol";
+// Allowlist + per-key storage policy. Without this, a compromised host could
+// rotate any API key and have the hub broadcast it to every other host.
+const clientPatchableVariables = new Map([
+    [OPENAI_CODEX_ACCESS_TOKEN_VAR, { sensitive: true, exportToShell: false }],
+    [OPENAI_CODEX_REFRESH_TOKEN_VAR, { sensitive: true, exportToShell: false }],
+    [OPENAI_CODEX_EXPIRES_AT_VAR, { sensitive: false, exportToShell: false }],
+]);
+export function createHubVariablePatchService(naisysServer, { hubDb }, configService, redactionService, logService) {
+    async function patchVariables(hostId, request) {
+        const denied = request.updates.find(({ key }) => !clientPatchableVariables.has(key));
+        if (denied) {
+            logService.error(`[Hub:Variables] Rejected patch from host ${hostId}: variable '${denied.key}' is not patchable by NAISYS clients.`);
+            return;
+        }
+        await hubDb.$transaction(async (tx) => {
+            for (const update of request.updates) {
+                const policy = clientPatchableVariables.get(update.key);
+                await tx.variables.upsert({
+                    where: { key: update.key },
+                    update: {
+                        value: update.value,
+                        export_to_shell: policy.exportToShell,
+                        sensitive: policy.sensitive,
+                        updated_by: `host:${hostId}`,
+                    },
+                    create: {
+                        key: update.key,
+                        value: update.value,
+                        export_to_shell: policy.exportToShell,
+                        sensitive: policy.sensitive,
+                        created_by: `host:${hostId}`,
+                        updated_by: `host:${hostId}`,
+                    },
+                });
+            }
+        });
+        // Inline rather than firing VARIABLES_CHANGED so the redaction set is
+        // rebuilt before any subsequent log lines ingest.
+        await redactionService.rebuildDbSecrets();
+        await configService.broadcastConfig();
+    }
+    naisysServer.registerEvent(HubEvents.VARIABLE_PATCH, async (hostId, request) => {
+        try {
+            await patchVariables(hostId, request);
+        }
+        catch (error) {
+            logService.error(`[Hub:Variables] Failed to apply variable patch from host ${hostId}: ${error}`);
+        }
+    }, VariablePatchRequestSchema);
+    return { patchVariables };
+}
+//# sourceMappingURL=hubVariablePatchService.js.map

package/dist/handlers/hubVariablePatchService.test.js

@@ -0,0 +1,85 @@
+import { OPENAI_CODEX_ACCESS_TOKEN_VAR, OPENAI_CODEX_EXPIRES_AT_VAR, OPENAI_CODEX_REFRESH_TOKEN_VAR, } from "@naisys/common";
+import { HubEvents } from "@naisys/hub-protocol";
+import { describe, expect, test, vi } from "vitest";
+import { createHubVariablePatchService } from "./hubVariablePatchService.js";
+function createMocks() {
+    const variables = {
+        upsert: vi.fn(),
+    };
+    const hubDb = {
+        $transaction: vi.fn(async (callback) => callback({ variables })),
+    };
+    const configService = {
+        broadcastConfig: vi.fn(async () => { }),
+    };
+    const redactionService = {
+        rebuildDbSecrets: vi.fn(async () => { }),
+    };
+    const logService = {
+        error: vi.fn(),
+    };
+    const naisysServer = {
+        registerEvent: vi.fn(),
+    };
+    return {
+        variables,
+        hubDb,
+        configService,
+        redactionService,
+        logService,
+        naisysServer,
+    };
+}
+describe("hub variable patch service", () => {
+    test("persists Codex OAuth variables with per-key policy and broadcasts config", async () => {
+        const mocks = createMocks();
+        createHubVariablePatchService(mocks.naisysServer, { hubDb: mocks.hubDb }, mocks.configService, mocks.redactionService, mocks.logService);
+        const [, handler, schema] = mocks.naisysServer.registerEvent.mock
+            .calls[0];
+        expect(mocks.naisysServer.registerEvent).toHaveBeenCalledWith(HubEvents.VARIABLE_PATCH, expect.any(Function), expect.any(Object));
+        expect(schema.safeParse({
+            updates: [{ key: OPENAI_CODEX_ACCESS_TOKEN_VAR, value: "access" }],
+        }).success).toBe(true);
+        await handler(42, {
+            updates: [
+                { key: OPENAI_CODEX_ACCESS_TOKEN_VAR, value: "access" },
+                { key: OPENAI_CODEX_REFRESH_TOKEN_VAR, value: "refresh" },
+                { key: OPENAI_CODEX_EXPIRES_AT_VAR, value: "1700000000000" },
+            ],
+        });
+        expect(mocks.variables.upsert).toHaveBeenCalledTimes(3);
+        expect(mocks.variables.upsert).toHaveBeenCalledWith(expect.objectContaining({
+            where: { key: OPENAI_CODEX_ACCESS_TOKEN_VAR },
+            update: expect.objectContaining({
+                value: "access",
+                export_to_shell: false,
+                sensitive: true,
+                updated_by: "host:42",
+            }),
+        }));
+        expect(mocks.variables.upsert).toHaveBeenCalledWith(expect.objectContaining({
+            where: { key: OPENAI_CODEX_EXPIRES_AT_VAR },
+            update: expect.objectContaining({
+                value: "1700000000000",
+                export_to_shell: false,
+                sensitive: false,
+                updated_by: "host:42",
+            }),
+        }));
+        expect(mocks.redactionService.rebuildDbSecrets).toHaveBeenCalledOnce();
+        expect(mocks.configService.broadcastConfig).toHaveBeenCalledOnce();
+    });
+    test("logs and skips persistence for non-allowlisted variables", async () => {
+        const mocks = createMocks();
+        createHubVariablePatchService(mocks.naisysServer, { hubDb: mocks.hubDb }, mocks.configService, mocks.redactionService, mocks.logService);
+        const [, handler] = mocks.naisysServer.registerEvent.mock.calls[0];
+        await handler(7, {
+            updates: [{ key: "GOOGLE_API_KEY", value: "secret" }],
+        });
+        expect(mocks.hubDb.$transaction).not.toHaveBeenCalled();
+        expect(mocks.redactionService.rebuildDbSecrets).not.toHaveBeenCalled();
+        expect(mocks.configService.broadcastConfig).not.toHaveBeenCalled();
+        expect(mocks.logService.error).toHaveBeenCalledWith(expect.stringContaining("GOOGLE_API_KEY"));
+    });
+});
+//# sourceMappingURL=hubVariablePatchService.test.js.map

package/dist/naisysHub.js

@@ -15,9 +15,12 @@ import { createHubHostService } from "./handlers/hubHostService.js";
 import { createHubLogService } from "./handlers/hubLogService.js";
 import { createHubMailService } from "./handlers/hubMailService.js";
 import { createHubModelsService } from "./handlers/hubModelsService.js";
+import { createHubRedactionService } from "./handlers/hubRedactionService.js";
 import { createHubRunService } from "./handlers/hubRunService.js";
+import { createHubRuntimeKeyService } from "./handlers/hubRuntimeKeyService.js";
 import { createHubSendMailService } from "./handlers/hubSendMailService.js";
 import { createHubUserService } from "./handlers/hubUserService.js";
+import { createHubVariablePatchService } from "./handlers/hubVariablePatchService.js";
 import { loadOrCreateAccessKey } from "./services/accessKeyService.js";
 import { seedAgentConfigs } from "./services/agentRegistrar.js";
 import { createHostRegistrar } from "./services/hostRegistrar.js";
@@ -65,20 +68,28 @@ export const startHub = async (startupType, startSupervisor, plugins, startupAge
         createHubUserService(naisysServer, hubDatabaseService, logService);
         // Register hub models service for seeding and broadcasting models
         await createHubModelsService(naisysServer, hubDatabaseService, logService);
+        // Register redaction service so log/mail ingest can scrub sensitive values
+        // before they hit the DB or get rebroadcast. Must come after the models
+        // service since that upgrades built-in model API key variables to sensitive
+        // — initializing the redactor earlier would snapshot them as non-sensitive.
+        const redactionService = await createHubRedactionService(naisysServer, hubDatabaseService, logService);
+        createHubVariablePatchService(naisysServer, hubDatabaseService, configService, redactionService, logService);
+        // Shared mint/revoke for runtime API keys (agent service + heartbeat).
+        const runtimeKeyService = createHubRuntimeKeyService(hubDatabaseService, redactionService);
         // Register hub host service for broadcasting connected host list
         createHubHostService(naisysServer, hostRegistrar, logService);
         // Register hub run service for session_create/session_increment requests
         createHubRunService(naisysServer, hubDatabaseService, logService);
         // Register hub heartbeat service for NAISYS instance heartbeat tracking
-        const heartbeatService = createHubHeartbeatService(naisysServer, hubDatabaseService, logService);
+        const heartbeatService = createHubHeartbeatService(naisysServer, hubDatabaseService, logService, redactionService, runtimeKeyService);
         // Register hub log service for log_write events from NAISYS instances
-        createHubLogService(naisysServer, hubDatabaseService, logService, heartbeatService);
+        createHubLogService(naisysServer, hubDatabaseService, logService, heartbeatService, redactionService);
         // Register hub cost service for cost_write events from NAISYS instances
         const costService = createHubCostService(naisysServer, hubDatabaseService, logService, heartbeatService, configService);
         // Register hub send mail service (pure mail sending, no auto-start logic)
-        const sendMailService = createHubSendMailService(naisysServer, hubDatabaseService, heartbeatService);
+        const sendMailService = createHubSendMailService(naisysServer, hubDatabaseService, heartbeatService, redactionService);
         // Register hub agent service for agent_start requests routed to target hosts
-        const agentService = createHubAgentService(naisysServer, hubDatabaseService, logService, heartbeatService, sendMailService, hostRegistrar);
+        const agentService = createHubAgentService(naisysServer, hubDatabaseService, logService, heartbeatService, sendMailService, hostRegistrar, runtimeKeyService, configService);
         // Register hub mail service for mail events from NAISYS instances
         const mailService = createHubMailService(naisysServer, hubDatabaseService, logService, heartbeatService, sendMailService, agentService, costService, configService);
         /**

package/npm-shrinkwrap.json

@@ -1,17 +1,17 @@
 {
   "name": "@naisys/hub",
-  "version": "3.0.0-beta.39",
+  "version": "3.0.0-beta.41",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@naisys/hub",
-      "version": "3.0.0-beta.39",
+      "version": "3.0.0-beta.41",
       "dependencies": {
-        "@naisys/common": "3.0.0-beta.39",
-        "@naisys/common-node": "3.0.0-beta.39",
-        "@naisys/hub-database": "3.0.0-beta.39",
-        "@naisys/hub-protocol": "3.0.0-beta.39",
+        "@naisys/common": "3.0.0-beta.41",
+        "@naisys/common-node": "3.0.0-beta.41",
+        "@naisys/hub-database": "3.0.0-beta.41",
+        "@naisys/hub-protocol": "3.0.0-beta.41",
         "commander": "^14.0.3",
         "dotenv": "^17.3.1",
         "fastify": "^5.8.2",
@@ -24,7 +24,7 @@
         "node": ">=22.0.0"
       },
       "peerDependencies": {
-        "@naisys/supervisor": "3.0.0-beta.39"
+        "@naisys/supervisor": "3.0.0-beta.41"
       },
       "peerDependenciesMeta": {
         "@naisys/supervisor": {
@@ -189,32 +189,32 @@
       "license": "MIT"
     },
     "node_modules/@naisys/common": {
-      "version": "3.0.0-beta.39",
-      "resolved": "https://registry.npmjs.org/@naisys/common/-/common-3.0.0-beta.39.tgz",
-      "integrity": "sha512-H65s+TNhjKC+6piF9sP9LpydRL+K7IEyD6gUgXDekiQ1+6OV9xgxzZmeOgTAGs/Mk3fSs73OJ6JC4WPjBwVSdA==",
+      "version": "3.0.0-beta.41",
+      "resolved": "https://registry.npmjs.org/@naisys/common/-/common-3.0.0-beta.41.tgz",
+      "integrity": "sha512-TuaJbDPsNkqTM7HCcMjGM6g9SvwohkEcOSieWAsl4z4uSOvlfYd064vjCmJkhjPNwXTiKYd3OAj23HD1adv0cg==",
       "dependencies": {
         "semver": "^7.7.4",
         "zod": "^4.3.6"
       }
     },
     "node_modules/@naisys/common-node": {
-      "version": "3.0.0-beta.39",
-      "resolved": "https://registry.npmjs.org/@naisys/common-node/-/common-node-3.0.0-beta.39.tgz",
-      "integrity": "sha512-UGQwcHx8hbeTHjYKYB0Y9BQouwip614bOxUXeo2U+552gUTjmdjc2T7ng14opVqtZmYYzTidLWQrblS8mNa+sw==",
+      "version": "3.0.0-beta.41",
+      "resolved": "https://registry.npmjs.org/@naisys/common-node/-/common-node-3.0.0-beta.41.tgz",
+      "integrity": "sha512-Zmxs6kwIWdIXlZuoCuUhGiu3pky5wDZv62YsoN3N11xLRt0CB0M6jsU8n2kygSHxvjV3qZ+HXEB8GdNTUDuY3Q==",
       "dependencies": {
-        "@naisys/common": "3.0.0-beta.39",
+        "@naisys/common": "3.0.0-beta.41",
         "better-sqlite3": "^12.6.2",
         "js-yaml": "^4.1.1",
         "pino": "^10.3.1"
       }
     },
     "node_modules/@naisys/hub-database": {
-      "version": "3.0.0-beta.39",
-      "resolved": "https://registry.npmjs.org/@naisys/hub-database/-/hub-database-3.0.0-beta.39.tgz",
-      "integrity": "sha512-rTKKwhRWGp/5LcBiFLurY3VYdk6a5YNiEj7nfGMWYGbTozTw1X6PlCoBT3UV6g/brFPKDIlsS9tMDAhI/ibuuw==",
+      "version": "3.0.0-beta.41",
+      "resolved": "https://registry.npmjs.org/@naisys/hub-database/-/hub-database-3.0.0-beta.41.tgz",
+      "integrity": "sha512-p87AlaYVn7YT3Rw2o22+KDvRtYJWXOPDiVVUcyt4pNdB3xcqezVkf9a9LdqhqvE7hkzWaBGJsXDEDl3ILX6H5Q==",
       "dependencies": {
-        "@naisys/common": "3.0.0-beta.39",
-        "@naisys/common-node": "3.0.0-beta.39",
+        "@naisys/common": "3.0.0-beta.41",
+        "@naisys/common-node": "3.0.0-beta.41",
         "@prisma/adapter-better-sqlite3": "^7.5.0",
         "@prisma/client": "^7.5.0",
         "better-sqlite3": "^12.6.2",
@@ -222,11 +222,11 @@
       }
     },
     "node_modules/@naisys/hub-protocol": {
-      "version": "3.0.0-beta.39",
-      "resolved": "https://registry.npmjs.org/@naisys/hub-protocol/-/hub-protocol-3.0.0-beta.39.tgz",
-      "integrity": "sha512-zYBhBSVuN/RlEiMpY4ke2J9SwL5Nyd4VNZmP2ZH7hXiL3bDlp8K3odZQqfd1kIUKidnhNzqEH4H+CLOwB4kJPA==",
+      "version": "3.0.0-beta.41",
+      "resolved": "https://registry.npmjs.org/@naisys/hub-protocol/-/hub-protocol-3.0.0-beta.41.tgz",
+      "integrity": "sha512-pTh7zBSWF+S2/hLG07m/BLlQxXwxzl/LLWF3LnHOXlwjIvByS3VKsTp0K2Slo3H/qHKz41q8sE66HNpjdHezPA==",
       "dependencies": {
-        "@naisys/common": "3.0.0-beta.39",
+        "@naisys/common": "3.0.0-beta.41",
         "zod": "^4.3.6"
       }
     },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@naisys/hub",
-  "version": "3.0.0-beta.39",
+  "version": "3.0.0-beta.41",
   "description": "NAISYS Hub - Adds persistence and multi-instance coordination to NAISYS",
   "type": "module",
   "main": "dist/naisysHub.js",
@@ -32,7 +32,7 @@
     "!dist/**/*.d.ts.map"
   ],
   "peerDependencies": {
-    "@naisys/supervisor": "3.0.0-beta.39"
+    "@naisys/supervisor": "3.0.0-beta.41"
   },
   "peerDependenciesMeta": {
     "@naisys/supervisor": {
@@ -40,10 +40,10 @@
     }
   },
   "dependencies": {
-    "@naisys/common": "3.0.0-beta.39",
-    "@naisys/common-node": "3.0.0-beta.39",
-    "@naisys/hub-database": "3.0.0-beta.39",
-    "@naisys/hub-protocol": "3.0.0-beta.39",
+    "@naisys/common": "3.0.0-beta.41",
+    "@naisys/common-node": "3.0.0-beta.41",
+    "@naisys/hub-database": "3.0.0-beta.41",
+    "@naisys/hub-protocol": "3.0.0-beta.41",
     "commander": "^14.0.3",
     "dotenv": "^17.3.1",
     "fastify": "^5.8.2",