@raysonmeng/agentbridge 0.1.11 → 0.1.13

package/plugins/agentbridge/server/daemon.js

@@ -1,10 +1,19 @@
 #!/usr/bin/env bun
 // @bun
 
+// src/daemon.ts
+import { rmSync as rmSync2 } from "fs";
+import { randomUUID as randomUUID4 } from "crypto";
+
 // src/contract-version.ts
 var CONTRACT_VERSION = 1;
 
 // src/build-info.ts
+var CODE_HASH_SENTINEL = "source";
+function hasValidCodeHash(build) {
+  const hash = build?.codeHash;
+  return typeof hash === "string" && hash.length > 0 && hash !== CODE_HASH_SENTINEL;
+}
 function defineString(value, fallback) {
   return typeof value === "string" && value.length > 0 ? value : fallback;
 }
@@ -17,10 +26,11 @@ function defineNumber(value, fallback) {
   return typeof value === "number" && Number.isFinite(value) ? value : fallback;
 }
 var BUILD_INFO = Object.freeze({
-  version: defineString("0.1.11", "0.0.0-source"),
-  commit: defineString("48eb0ed", "source"),
+  version: defineString("0.1.13", "0.0.0-source"),
+  commit: defineString("7a71869", "source"),
   bundle: defineBundle("plugin"),
-  contractVersion: defineNumber(1, CONTRACT_VERSION)
+  contractVersion: defineNumber(1, CONTRACT_VERSION),
+  codeHash: defineString("e1fd67d07c62", "source")
 });
 function daemonStatusBuildInfo() {
   return { ...BUILD_INFO };
@@ -28,7 +38,14 @@ function daemonStatusBuildInfo() {
 function sameRuntimeContract(a, b) {
   if (!a || !b)
     return false;
-  return a.version === b.version && a.commit === b.commit && a.contractVersion === b.contractVersion;
+  if (a.version !== b.version || a.contractVersion !== b.contractVersion)
+    return false;
+  if (hasValidCodeHash(a) && hasValidCodeHash(b))
+    return a.codeHash === b.codeHash;
+  return a.commit === b.commit;
+}
+function runtimeContractComparisonBasis(a, b) {
+  return hasValidCodeHash(a) && hasValidCodeHash(b) ? "codeHash" : "commit";
 }
 function compatibleContractVersion(a, b) {
   if (!a || !b)
@@ -38,7 +55,175 @@ function compatibleContractVersion(a, b) {
 function formatBuildInfo(build) {
   if (!build)
     return "<unknown>";
-  return `${build.version}/${build.commit}/${build.bundle}/contract-v${build.contractVersion}`;
+  const codeHash = hasValidCodeHash(build) ? `/code-${build.codeHash}` : "";
+  return `${build.version}/${build.commit}/${build.bundle}/contract-v${build.contractVersion}${codeHash}`;
+}
+
+// src/daemon-record.ts
+import { readFileSync } from "fs";
+
+// src/atomic-json.ts
+import * as fs from "fs";
+import { randomUUID } from "crypto";
+import { dirname } from "path";
+function tmpPathFor(targetPath) {
+  return `${targetPath}.tmp.${process.pid}.${randomUUID()}`;
+}
+function atomicWriteText(path, content, options = {}) {
+  fs.mkdirSync(dirname(path), { recursive: true });
+  const tmp = tmpPathFor(path);
+  let renamed = false;
+  const fd = fs.openSync(tmp, "w", options.mode ?? 438);
+  try {
+    try {
+      fs.writeFileSync(fd, content, "utf-8");
+      if (options.fsync)
+        fs.fsyncSync(fd);
+    } finally {
+      fs.closeSync(fd);
+    }
+    fs.renameSync(tmp, path);
+    renamed = true;
+  } finally {
+    if (!renamed) {
+      try {
+        fs.unlinkSync(tmp);
+      } catch {}
+    }
+  }
+}
+function atomicWriteJson(path, value, options = {}) {
+  atomicWriteText(path, JSON.stringify(value, null, 2) + `
+`, options);
+}
+
+// src/daemon-record.ts
+var defaultRead = (path) => readFileSync(path, "utf-8");
+function writeDaemonRecord(path, record) {
+  atomicWriteJson(path, record);
+}
+function sanitizePorts(value) {
+  if (typeof value !== "object" || value === null)
+    return;
+  const raw = value;
+  const ports = {};
+  if (typeof raw.appPort === "number")
+    ports.appPort = raw.appPort;
+  if (typeof raw.proxyPort === "number")
+    ports.proxyPort = raw.proxyPort;
+  if (typeof raw.controlPort === "number")
+    ports.controlPort = raw.controlPort;
+  return Object.keys(ports).length > 0 ? ports : undefined;
+}
+function readDaemonRecord(path, read = defaultRead) {
+  let parsed;
+  try {
+    parsed = JSON.parse(read(path));
+  } catch {
+    return null;
+  }
+  if (typeof parsed !== "object" || parsed === null)
+    return null;
+  const obj = parsed;
+  if (typeof obj.pid !== "number" || !Number.isFinite(obj.pid))
+    return null;
+  const phase = obj.phase === "ready" ? "ready" : "booting";
+  const record = { pid: obj.pid, phase };
+  if (typeof obj.startedAt === "number")
+    record.startedAt = obj.startedAt;
+  if (typeof obj.nonce === "string")
+    record.nonce = obj.nonce;
+  if (obj.pairId === null || typeof obj.pairId === "string")
+    record.pairId = obj.pairId;
+  if (obj.cwd === null || typeof obj.cwd === "string")
+    record.cwd = obj.cwd;
+  if (obj.stateDir === null || typeof obj.stateDir === "string")
+    record.stateDir = obj.stateDir;
+  if (typeof obj.proxyUrl === "string")
+    record.proxyUrl = obj.proxyUrl;
+  if (typeof obj.appServerUrl === "string")
+    record.appServerUrl = obj.appServerUrl;
+  const ports = sanitizePorts(obj.ports);
+  if (ports !== undefined)
+    record.ports = ports;
+  if (typeof obj.build === "object" && obj.build !== null) {
+    record.build = obj.build;
+  }
+  if (typeof obj.turnPhase === "string")
+    record.turnPhase = obj.turnPhase;
+  if (typeof obj.turnInProgress === "boolean")
+    record.turnInProgress = obj.turnInProgress;
+  if (typeof obj.attentionWindowActive === "boolean") {
+    record.attentionWindowActive = obj.attentionWindowActive;
+  }
+  return record;
+}
+function synthesizeLegacyRecord(pidFilePath, statusFilePath, read = defaultRead) {
+  let pidFromPidFile = null;
+  try {
+    const raw = read(pidFilePath).trim();
+    const n = Number.parseInt(raw, 10);
+    if (Number.isFinite(n))
+      pidFromPidFile = n;
+  } catch {}
+  let status = null;
+  try {
+    const parsed = JSON.parse(read(statusFilePath));
+    if (typeof parsed === "object" && parsed !== null)
+      status = parsed;
+  } catch {}
+  const pidFromStatus = status && typeof status.pid === "number" && Number.isFinite(status.pid) ? status.pid : null;
+  const pid = pidFromPidFile ?? pidFromStatus;
+  if (pid === null)
+    return null;
+  const record = {
+    pid,
+    phase: status ? "ready" : "booting"
+  };
+  if (status) {
+    if (typeof status.proxyUrl === "string")
+      record.proxyUrl = status.proxyUrl;
+    if (typeof status.appServerUrl === "string")
+      record.appServerUrl = status.appServerUrl;
+    const controlPort = typeof status.controlPort === "number" ? status.controlPort : undefined;
+    const proxyPort = portFromUrl(status.proxyUrl);
+    const appPort = portFromUrl(status.appServerUrl);
+    if (controlPort !== undefined || proxyPort !== undefined || appPort !== undefined) {
+      record.ports = {};
+      if (appPort !== undefined)
+        record.ports.appPort = appPort;
+      if (proxyPort !== undefined)
+        record.ports.proxyPort = proxyPort;
+      if (controlPort !== undefined)
+        record.ports.controlPort = controlPort;
+    }
+    if (status.pairId === null || typeof status.pairId === "string")
+      record.pairId = status.pairId;
+    if (status.cwd === null || typeof status.cwd === "string")
+      record.cwd = status.cwd;
+    if (status.stateDir === null || typeof status.stateDir === "string")
+      record.stateDir = status.stateDir;
+    if (typeof status.build === "object" && status.build !== null) {
+      record.build = status.build;
+    }
+    if (typeof status.turnPhase === "string")
+      record.turnPhase = status.turnPhase;
+    if (typeof status.turnInProgress === "boolean")
+      record.turnInProgress = status.turnInProgress;
+    if (typeof status.attentionWindowActive === "boolean") {
+      record.attentionWindowActive = status.attentionWindowActive;
+    }
+  }
+  return record;
+}
+function readUnifiedDaemonRecord(paths, read = defaultRead) {
+  return readDaemonRecord(paths.daemonRecordFile, read) ?? synthesizeLegacyRecord(paths.pidFile, paths.statusFile, read);
+}
+function portFromUrl(url) {
+  if (typeof url !== "string")
+    return;
+  const match = url.match(/:(\d+)(?:[/?]|$)/);
+  return match ? Number.parseInt(match[1], 10) : undefined;
 }
 
 // src/codex-adapter.ts
@@ -47,9 +232,13 @@ import { createInterface } from "readline";
 import { EventEmitter } from "events";
 
 // src/state-dir.ts
-import { mkdirSync, existsSync } from "fs";
+import { mkdirSync as mkdirSync2, existsSync } from "fs";
 import { join } from "path";
 import { homedir, platform } from "os";
+function resolveXdgStateBase(rawXdg = process.env.XDG_STATE_HOME) {
+  const xdgState = rawXdg && rawXdg.length > 0 ? rawXdg : join(homedir(), ".local", "state");
+  return join(xdgState, "agentbridge");
+}
 
 class StateDirResolver {
   stateDir;
@@ -57,8 +246,7 @@ class StateDirResolver {
     if (platform() === "darwin") {
       return join(homedir(), "Library", "Application Support", "AgentBridge");
     }
-    const xdgState = process.env.XDG_STATE_HOME ?? join(homedir(), ".local", "state");
-    return join(xdgState, "agentbridge");
+    return resolveXdgStateBase(process.env.XDG_STATE_HOME);
   }
   constructor(envOverride) {
     const override = envOverride ?? process.env.AGENTBRIDGE_STATE_DIR;
@@ -66,7 +254,7 @@ class StateDirResolver {
   }
   ensure() {
     if (!existsSync(this.stateDir)) {
-      mkdirSync(this.stateDir, { recursive: true });
+      mkdirSync2(this.stateDir, { recursive: true });
     }
   }
   get dir() {
@@ -84,8 +272,8 @@ class StateDirResolver {
   get statusFile() {
     return join(this.stateDir, "status.json");
   }
-  get portsFile() {
-    return join(this.stateDir, "ports.json");
+  get daemonRecordFile() {
+    return join(this.stateDir, "daemon.json");
   }
   get currentThreadFile() {
     return join(this.stateDir, "current-thread.json");
@@ -205,17 +393,18 @@ async function cleanupPorts(options) {
 }
 
 // src/rotating-log.ts
-import { appendFileSync, existsSync as existsSync2, renameSync, statSync, unlinkSync } from "fs";
-import { dirname } from "path";
+import { appendFileSync, existsSync as existsSync2, renameSync as renameSync2, statSync, unlinkSync as unlinkSync2 } from "fs";
+import { dirname as dirname2 } from "path";
 var DEFAULT_MAX_BYTES = 5 * 1024 * 1024;
 var DEFAULT_KEEP = 3;
-function appendRotatingLog(path, content, options = {}) {
+var REAL_FS_OPS = { statSync, renameSync: renameSync2, unlinkSync: unlinkSync2, appendFileSync, existsSync: existsSync2 };
+function appendRotatingLog(path, content, options = {}, fsOps = REAL_FS_OPS) {
   const maxBytes = options.maxBytes ?? positiveIntFromEnv("AGENTBRIDGE_LOG_MAX_BYTES", DEFAULT_MAX_BYTES);
   const keep = options.keep ?? positiveIntFromEnv("AGENTBRIDGE_LOG_ROTATE_KEEP", DEFAULT_KEEP);
-  if (!existsSync2(dirname(path)))
+  if (!fsOps.existsSync(dirname2(path)))
     return;
-  rotateIfNeeded(path, Buffer.byteLength(content), maxBytes, keep);
-  appendFileSync(path, content, "utf-8");
+  rotateIfNeeded(path, Buffer.byteLength(content), maxBytes, keep, fsOps);
+  fsOps.appendFileSync(path, content, "utf-8");
 }
 function positiveIntFromEnv(name, fallback) {
   const value = process.env[name];
@@ -224,26 +413,48 @@ function positiveIntFromEnv(name, fallback) {
   const parsed = Number(value);
   return Number.isFinite(parsed) && parsed > 0 ? Math.floor(parsed) : fallback;
 }
-function rotateIfNeeded(path, incomingBytes, maxBytes, keep) {
+function isEnoent(error) {
+  return !!error && error.code === "ENOENT";
+}
+function renameIfPresent(from, to, fsOps) {
+  try {
+    fsOps.renameSync(from, to);
+  } catch (error) {
+    if (!isEnoent(error))
+      throw error;
+  }
+}
+function unlinkIfPresent(path, fsOps) {
+  try {
+    fsOps.unlinkSync(path);
+  } catch (error) {
+    if (!isEnoent(error))
+      throw error;
+  }
+}
+function rotateIfNeeded(path, incomingBytes, maxBytes, keep, fsOps) {
   if (!Number.isFinite(maxBytes) || maxBytes <= 0 || keep <= 0)
     return;
-  if (!existsSync2(path))
-    return;
-  const size = statSync(path).size;
+  let size;
+  try {
+    size = fsOps.statSync(path).size;
+  } catch (error) {
+    if (isEnoent(error))
+      return;
+    throw error;
+  }
   if (size + incomingBytes <= maxBytes)
     return;
   for (let index = keep;index >= 1; index--) {
     const current = `${path}.${index}`;
     const next = `${path}.${index + 1}`;
-    if (!existsSync2(current))
-      continue;
     if (index === keep) {
-      unlinkSync(current);
+      unlinkIfPresent(current, fsOps);
     } else {
-      renameSync(current, next);
+      renameIfPresent(current, next, fsOps);
     }
   }
-  renameSync(path, `${path}.1`);
+  renameIfPresent(path, `${path}.1`, fsOps);
 }
 
 // src/process-log.ts
@@ -340,6 +551,16 @@ var APP_SERVER_NOTIFICATION_METHODS = [
 var TRACKED_REQUEST_METHOD_SET = new Set(APP_SERVER_TRACKED_REQUEST_METHODS);
 var SERVER_REQUEST_METHOD_SET = new Set(APP_SERVER_SERVER_REQUEST_METHODS);
 var NOTIFICATION_METHOD_SET = new Set(APP_SERVER_NOTIFICATION_METHODS);
+function parseAppServerVersion(userAgent) {
+  if (typeof userAgent !== "string")
+    return null;
+  const match = userAgent.match(/\/([^\s]+)/);
+  return match ? match[1] : null;
+}
+var APP_SERVER_RATE_LIMIT_ERROR_CODES = new Set([
+  -32603,
+  -32600
+]);
 function isObjectRecord(value) {
   return typeof value === "object" && value !== null && !Array.isArray(value);
 }
@@ -362,10 +583,32 @@ function isAppServerResponseMessage(value) {
   return (typeof value.id === "number" || typeof value.id === "string") && value.method === undefined && (("result" in value) || ("error" in value));
 }
 
+// src/env-utils.ts
+function parsePositiveIntEnv(name, fallback, log = () => {}, env = process.env) {
+  const raw = env[name];
+  if (raw == null || raw === "")
+    return fallback;
+  const parsed = Number(raw);
+  if (!Number.isInteger(parsed) || parsed <= 0 || parsed > Number.MAX_SAFE_INTEGER) {
+    log(`Invalid ${name}=${JSON.stringify(raw)} (must be a positive integer within ` + `Number.MAX_SAFE_INTEGER); falling back to ${fallback}`);
+    return fallback;
+  }
+  return parsed;
+}
+
+// src/interrupt-timing.ts
+var CLIENT_REPLY_TIMEOUT_MS = 15000;
+var INTERRUPT_CLIENT_MARGIN_MS = 2000;
+var DEFAULT_INTERRUPT_TIMEOUT_MS = 1e4;
+var MAX_INTERRUPT_TIMEOUT_MS = CLIENT_REPLY_TIMEOUT_MS - INTERRUPT_CLIENT_MARGIN_MS;
+function clampInterruptTimeoutMs(requested) {
+  return Math.min(requested, MAX_INTERRUPT_TIMEOUT_MS);
+}
+
 // src/codex-transport.ts
 import { createServer, connect } from "net";
 import { spawnSync } from "child_process";
-import { mkdirSync as mkdirSync2, rmSync, chmodSync } from "fs";
+import { mkdirSync as mkdirSync3, rmSync, chmodSync } from "fs";
 import { join as join2 } from "path";
 import { tmpdir } from "os";
 var CODEX_TRANSPORT_ENV = "AGENTBRIDGE_CODEX_TRANSPORT";
@@ -426,7 +669,7 @@ function ensureSocketDir(socketPath) {
   const dir = socketPath.slice(0, socketPath.lastIndexOf("/"));
   if (!dir)
     return;
-  mkdirSync2(dir, { recursive: true, mode: 448 });
+  mkdirSync3(dir, { recursive: true, mode: 448 });
   try {
     chmodSync(dir, 448);
   } catch (err) {
@@ -556,10 +799,13 @@ async function waitForUnixWsReady(socketPath, maxRetries = 40, delayMs = 250) {
 function attemptUnixWsUpgrade(socketPath) {
   return new Promise((resolve) => {
     let settled = false;
+    let timeout;
     const done = (ok) => {
       if (settled)
         return;
       settled = true;
+      if (timeout !== undefined)
+        clearTimeout(timeout);
       try {
         socket.destroy();
       } catch {}
@@ -584,7 +830,8 @@ Sec-WebSocket-Version: 13\r
     });
     socket.on("error", () => done(false));
     socket.on("close", () => done(false));
-    setTimeout(() => done(false), 1500);
+    timeout = setTimeout(() => done(false), 1500);
+    timeout.unref?.();
   });
 }
 
@@ -602,6 +849,95 @@ function buildTurnAbortedNotice(reason, replyWasRequired) {
   return `\u26A0\uFE0F Codex's current turn ended without completing (${reason}). ` + "This usually means Codex hit an error (e.g. a rate limit / 429), the app-server connection dropped, or the turn was interrupted." + tail;
 }
 
+// src/ws-origin-guard.ts
+var ALLOWED_ORIGINS_ENV = "AGENTBRIDGE_WS_ALLOWED_ORIGINS";
+function parseAllowedWsOrigins(env = process.env) {
+  const raw = env[ALLOWED_ORIGINS_ENV];
+  if (raw == null || raw === "")
+    return new Set;
+  const origins = raw.split(",").map((entry) => entry.trim()).filter((entry) => entry.length > 0);
+  return new Set(origins);
+}
+function isAllowedWsUpgrade(req, allowedOrigins = parseAllowedWsOrigins()) {
+  const origin = req.headers.get("origin");
+  if (origin == null || origin === "")
+    return true;
+  return allowedOrigins.has(origin);
+}
+function wsOriginRejectedResponse() {
+  return new Response("Forbidden: WebSocket Origin not allowed", { status: 403 });
+}
+
+// src/pending-request-registry.ts
+class PendingRequestRegistry {
+  entries = new Map;
+  setTimer;
+  clearTimer;
+  constructor(deps = {}) {
+    this.setTimer = deps.setTimer ?? ((fn, ms) => setTimeout(fn, ms));
+    this.clearTimer = deps.clearTimer ?? ((handle) => clearTimeout(handle));
+  }
+  get size() {
+    return this.entries.size;
+  }
+  has(id) {
+    return this.entries.has(id);
+  }
+  register(id, options) {
+    const existing = this.entries.get(id);
+    if (existing) {
+      this.clearTimer(existing.timer);
+      this.entries.delete(id);
+    }
+    return new Promise((resolve, reject) => {
+      const timer = this.setTimer(() => {
+        if (!this.entries.has(id))
+          return;
+        this.entries.delete(id);
+        options.onTimeout({ resolve, reject });
+      }, options.timeoutMs);
+      if (options.unref) {
+        timer.unref?.();
+      }
+      this.entries.set(id, { resolve, reject, timer });
+    });
+  }
+  settle(id, value) {
+    const entry = this.entries.get(id);
+    if (!entry)
+      return false;
+    this.clearTimer(entry.timer);
+    this.entries.delete(id);
+    entry.resolve(value);
+    return true;
+  }
+  reject(id, error) {
+    const entry = this.entries.get(id);
+    if (!entry)
+      return false;
+    this.clearTimer(entry.timer);
+    this.entries.delete(id);
+    entry.reject(error);
+    return true;
+  }
+  settleAll(value) {
+    const make = typeof value === "function" ? value : () => value;
+    for (const [id, entry] of this.entries) {
+      this.clearTimer(entry.timer);
+      this.entries.delete(id);
+      entry.resolve(make(id));
+    }
+  }
+  rejectAll(error) {
+    const make = typeof error === "function" ? error : () => error;
+    for (const [id, entry] of this.entries) {
+      this.clearTimer(entry.timer);
+      this.entries.delete(id);
+      entry.reject(make(id));
+    }
+  }
+}
+
 // src/codex-adapter.ts
 class CodexAdapter extends EventEmitter {
   static RESPONSE_TRACKING_TTL_MS = 30000;
@@ -651,8 +987,13 @@ class CodexAdapter extends EventEmitter {
   static OUTAGE_TIMEOUT_MS = 1e4;
   lastInitializeRaw = null;
   lastInitializedRaw = null;
+  pendingInitializeProxyIds = new Set;
+  appServerInfo = null;
+  warnedAppServerVersions = new Set;
+  warnedFragileRateLimitMessages = new Set;
   sessionRestoreInProgress = false;
-  replayPending = new Map;
+  replayPending = new PendingRequestRegistry;
+  replayMethods = new Map;
   static SESSION_REPLAY_TIMEOUT_MS = 5000;
   constructor(appPort = 4500, proxyPort = 4501, logFile = new StateDirResolver().logFile) {
     super();
@@ -670,16 +1011,40 @@ class CodexAdapter extends EventEmitter {
   get activeThreadId() {
     return this.threadId;
   }
+  get capturedAppServerInfo() {
+    return this.appServerInfo;
+  }
   async start() {
     this.intentionalDisconnect = false;
     await this.checkPorts();
-    this.resolveTransport();
-    const listen = codexListenArg(this.transport, this.appPort, this.socketPath ?? "");
-    if (this.transport === "unix" && this.socketPath) {
-      ensureSocketDir(this.socketPath);
-      removeSocketFile(this.socketPath);
+    try {
+      this.resolveTransport();
+      const listen = codexListenArg(this.transport, this.appPort, this.socketPath ?? "");
+      if (this.transport === "unix" && this.socketPath) {
+        ensureSocketDir(this.socketPath);
+        removeSocketFile(this.socketPath);
+      }
+      this.log(`Spawning codex app-server (transport=${this.transport}) --listen ${listen}`);
+      this.spawnAppServer(listen);
+      if (this.transport === "unix" && this.socketPath) {
+        await waitForUnixWsReady(this.socketPath);
+        this.relay = new TcpToUnixRelay("127.0.0.1", this.appPort, this.socketPath, (m) => this.log(`[relay] ${m}`));
+        await this.relay.start();
+        this.log(`Transport relay ready: ws://127.0.0.1:${this.appPort} \u2192 unix://${this.socketPath}`);
+      } else {
+        await this.waitForHealthy();
+      }
+      await this.connectToAppServer();
+      this.startProxy();
+      this.log(`Proxy ready on ${this.proxyUrl}`);
+    } catch (err) {
+      const m = err instanceof Error ? err.message : String(err);
+      this.log(`start() failed (${m}) \u2014 tearing down partial transport before rethrow`);
+      this.cleanupAfterFailedStart();
+      throw err;
     }
-    this.log(`Spawning codex app-server (transport=${this.transport}) --listen ${listen}`);
+  }
+  spawnAppServer(listen) {
     this.proc = spawn("codex", ["app-server", "--listen", listen], {
       stdio: ["pipe", "pipe", "pipe"]
     });
@@ -693,17 +1058,25 @@ class CodexAdapter extends EventEmitter {
     stderrRl.on("line", (l) => this.log(`[codex-server] ${l}`));
     const stdoutRl = createInterface({ input: this.proc.stdout });
     stdoutRl.on("line", (l) => this.log(`[codex-stdout] ${l}`));
-    if (this.transport === "unix" && this.socketPath) {
-      await waitForUnixWsReady(this.socketPath);
-      this.relay = new TcpToUnixRelay("127.0.0.1", this.appPort, this.socketPath, (m) => this.log(`[relay] ${m}`));
-      await this.relay.start();
-      this.log(`Transport relay ready: ws://127.0.0.1:${this.appPort} \u2192 unix://${this.socketPath}`);
-    } else {
-      await this.waitForHealthy();
+  }
+  teardownTransport() {
+    this.proxyServer?.stop();
+    this.proxyServer = null;
+    if (this.relay) {
+      this.relay.stop();
+      this.relay = null;
+    }
+    if (this.socketPath)
+      removeSocketFile(this.socketPath);
+  }
+  cleanupAfterFailedStart() {
+    try {
+      this.teardownTransport();
+    } catch (e) {
+      this.log(`cleanupAfterFailedStart: teardownTransport error: ${e.message}`);
     }
-    await this.connectToAppServer();
-    this.startProxy();
-    this.log(`Proxy ready on ${this.proxyUrl}`);
+    this.forceKillAppServerSync();
+    this.proc = null;
   }
   resolveTransport() {
     const mode = parseTransportMode(process.env[CODEX_TRANSPORT_ENV]);
@@ -727,14 +1100,7 @@ class CodexAdapter extends EventEmitter {
       } catch {}
       this.secondaryConnections.delete(id);
     }
-    this.proxyServer?.stop();
-    this.proxyServer = null;
-    if (this.relay) {
-      this.relay.stop();
-      this.relay = null;
-    }
-    if (this.socketPath)
-      removeSocketFile(this.socketPath);
+    this.teardownTransport();
     this.clearResponseTrackingState();
     this.resetTurnState(ADAPTER_DISCONNECT_REASON);
   }
@@ -764,15 +1130,15 @@ class CodexAdapter extends EventEmitter {
   injectMessage(text, overrides) {
     if (!this.threadId) {
       this.log("Cannot inject: no active thread");
-      return false;
+      return null;
     }
     if (!this.appServerWs || this.appServerWs.readyState !== WebSocket.OPEN) {
       this.log("Cannot inject: app-server WebSocket not connected");
-      return false;
+      return null;
     }
     if (this.turnInProgress) {
       this.log(`Rejected injection: Codex turn is in progress (thread ${this.threadId})`);
-      return false;
+      return null;
     }
     this.log(`Injecting message into Codex (${text.length} chars)`);
     const requestId = this.nextInjectionId--;
@@ -791,30 +1157,30 @@ class CodexAdapter extends EventEmitter {
         id: requestId,
         params
       }));
-      return true;
+      return requestId;
     } catch (err) {
       this.untrackBridgeRequestId(requestId);
       this.log(`Injection send failed: ${err.message}`);
-      return false;
+      return null;
     }
   }
   steerMessage(text) {
     if (!this.threadId) {
       this.log("Cannot steer: no active thread");
-      return false;
+      return null;
     }
     if (!this.appServerWs || this.appServerWs.readyState !== WebSocket.OPEN) {
       this.log("Cannot steer: app-server WebSocket not connected");
-      return false;
+      return null;
     }
     if (!this.turnInProgress) {
       this.log("Cannot steer: no turn in progress (use injectMessage)");
-      return false;
+      return null;
     }
     const expectedTurnId = this.currentSteerableTurnId();
     if (!expectedTurnId) {
       this.log("Cannot steer: no addressable active turn id (turn/started carried no id)");
-      return false;
+      return null;
     }
     this.log(`Steering message into active Codex turn ${expectedTurnId} (${text.length} chars)`);
     const requestId = this.nextInjectionId--;
@@ -830,12 +1196,96 @@ class CodexAdapter extends EventEmitter {
         id: requestId,
         params
       }));
-      return true;
+      return requestId;
     } catch (err) {
       this.untrackBridgeRequestId(requestId);
       this.log(`Steer send failed: ${err.message}`);
-      return false;
+      return null;
+    }
+  }
+  interruptActiveTurns() {
+    if (!this.threadId) {
+      this.log("Cannot interrupt: no active thread");
+      return { ok: false, code: "interrupt_unavailable", error: "no active thread" };
+    }
+    if (!this.appServerWs || this.appServerWs.readyState !== WebSocket.OPEN) {
+      this.log("Cannot interrupt: app-server WebSocket not connected");
+      return { ok: false, code: "interrupt_unavailable", error: "app-server WebSocket not connected" };
+    }
+    const addressable = [...this.activeTurnIds].filter((id) => !id.startsWith("unknown:"));
+    if (addressable.length === 0) {
+      this.log("Cannot interrupt: no addressable active turn id (turn/started carried no id)");
+      return {
+        ok: false,
+        code: "interrupt_unavailable",
+        error: "no addressable active turn id (turn/started carried no id)"
+      };
+    }
+    for (const turnId of addressable) {
+      const requestId = this.nextInjectionId--;
+      this.trackBridgeRequestId(requestId, "interrupt");
+      const params = { threadId: this.threadId, turnId };
+      try {
+        this.appServerWs.send(JSON.stringify({
+          method: "turn/interrupt",
+          id: requestId,
+          params
+        }));
+        this.log(`Sent turn/interrupt for active turn ${turnId} (request ${requestId})`);
+      } catch (err) {
+        this.untrackBridgeRequestId(requestId);
+        this.log(`turn/interrupt send failed for ${turnId}: ${err.message}`);
+        return {
+          ok: false,
+          code: "interrupt_unavailable",
+          error: `turn/interrupt send failed (${err.message}); earlier interrupts may still land`
+        };
+      }
     }
+    return { ok: true, turnIds: addressable };
+  }
+  interruptTimeoutMs() {
+    const requested = parsePositiveIntEnv("AGENTBRIDGE_INTERRUPT_TIMEOUT_MS", DEFAULT_INTERRUPT_TIMEOUT_MS, (m) => this.log(m));
+    const clamped = clampInterruptTimeoutMs(requested);
+    if (clamped !== requested) {
+      this.log(`AGENTBRIDGE_INTERRUPT_TIMEOUT_MS=${requested}ms exceeds the safe ceiling \u2014 ` + `clamped to ${clamped}ms (must resolve before the client reply timeout to avoid a double-turn)`);
+    }
+    return clamped;
+  }
+  waitForTurnsTerminal(turnIds, timeoutMs = this.interruptTimeoutMs(), signal) {
+    const satisfied = () => turnIds.every((id) => !this.activeTurnIds.has(id) && !this.currentlyStalledTurnIds.has(id));
+    if (satisfied())
+      return Promise.resolve({ ok: true });
+    if (signal?.aborted)
+      return Promise.resolve({ ok: false, code: "interrupt_aborted" });
+    return new Promise((resolve) => {
+      let settled = false;
+      const finish = (result) => {
+        if (settled)
+          return;
+        settled = true;
+        clearTimeout(timer);
+        this.off("turnIdCompleted", check);
+        this.off("turnTrackingReset", check);
+        this.off("turnPhaseChanged", check);
+        signal?.removeEventListener("abort", onAbort);
+        resolve(result);
+      };
+      const check = () => {
+        if (satisfied())
+          finish({ ok: true });
+      };
+      const onAbort = () => finish({ ok: false, code: "interrupt_aborted" });
+      const timer = setTimeout(() => {
+        this.log(`waitForTurnsTerminal timed out after ${timeoutMs}ms (still active: ` + `${turnIds.filter((id) => this.activeTurnIds.has(id)).join(", ") || "none"}, phase=${this.turnPhase})`);
+        finish({ ok: false, code: "interrupt_timeout" });
+      }, timeoutMs);
+      timer.unref?.();
+      this.on("turnIdCompleted", check);
+      this.on("turnTrackingReset", check);
+      this.on("turnPhaseChanged", check);
+      signal?.addEventListener("abort", onAbort, { once: true });
+    });
   }
   async waitForHealthy(maxRetries = 20, delayMs = 500) {
     for (let i = 0;i < maxRetries; i++) {
@@ -1077,36 +1527,38 @@ class CodexAdapter extends EventEmitter {
       const m = e instanceof Error ? e.message : String(e);
       return Promise.reject(new Error(`replay parse failed for ${method}: ${m}`));
     }
-    return new Promise((resolve, reject) => {
-      const timer = setTimeout(() => {
-        this.replayPending.delete(id);
-        reject(new Error(`replay timeout (${CodexAdapter.SESSION_REPLAY_TIMEOUT_MS}ms) for ${method} id=${JSON.stringify(id)}`));
-      }, CodexAdapter.SESSION_REPLAY_TIMEOUT_MS);
-      this.replayPending.set(id, { method, resolve, reject, timer });
-      try {
-        this.appServerWs.send(raw);
-      } catch (e) {
-        clearTimeout(timer);
-        this.replayPending.delete(id);
-        const m = e instanceof Error ? e.message : String(e);
-        reject(new Error(`replay send failed for ${method}: ${m}`));
+    const timeoutMs = CodexAdapter.SESSION_REPLAY_TIMEOUT_MS;
+    this.replayMethods.set(id, method);
+    const pending = this.replayPending.register(id, {
+      timeoutMs,
+      onTimeout: ({ reject }) => {
+        this.replayMethods.delete(id);
+        reject(new Error(`replay timeout (${timeoutMs}ms) for ${method} id=${JSON.stringify(id)}`));
       }
     });
+    try {
+      this.appServerWs.send(raw);
+    } catch (e) {
+      this.replayMethods.delete(id);
+      const m = e instanceof Error ? e.message : String(e);
+      this.replayPending.reject(id, new Error(`replay send failed for ${method}: ${m}`));
+    }
+    return pending;
   }
   tryConsumeReplayResponse(payload) {
     const id = payload.id;
     if (id === undefined)
       return false;
-    const pending = this.replayPending.get(id);
-    if (!pending)
+    const key = id;
+    if (!this.replayPending.has(key))
       return false;
-    clearTimeout(pending.timer);
-    this.replayPending.delete(id);
+    const method = this.replayMethods.get(key) ?? "replay";
+    this.replayMethods.delete(key);
     if (payload.error !== undefined) {
       const errMsg = typeof payload.error === "object" && payload.error !== null && "message" in payload.error ? String(payload.error.message ?? "unknown") : JSON.stringify(payload.error);
-      pending.reject(new Error(`${pending.method} rejected: ${errMsg}`));
+      this.replayPending.reject(key, new Error(`${method} rejected: ${errMsg}`));
     } else {
-      pending.resolve(payload);
+      this.replayPending.settle(key, payload);
     }
     return true;
   }
@@ -1151,6 +1603,10 @@ class CodexAdapter extends EventEmitter {
           }
           return fetch(`http://127.0.0.1:${self.appPort}${url.pathname}`);
         }
+        if (isUpgrade && !isAllowedWsUpgrade(req)) {
+          self.log("Rejected WS upgrade on proxy port: Origin header present (possible CSWSH)");
+          return wsOriginRejectedResponse();
+        }
         if (server.upgrade(req, { data: { connId: 0 } }))
           return;
         self.log(`WARNING: non-upgrade HTTP request not handled: ${req.method} ${url.pathname}`);
@@ -1397,6 +1853,9 @@ class CodexAdapter extends EventEmitter {
         const proxyId = this.nextProxyId++;
         this.upstreamToClient.set(proxyId, { connId, clientId: parsed.id });
         this.trackPendingRequest(parsed, connId, proxyId);
+        if (parsed.method === "initialize") {
+          this.pendingInitializeProxyIds.add(proxyId);
+        }
         parsed.id = proxyId;
         forwarded = JSON.stringify(parsed);
       } else {
@@ -1549,6 +2008,9 @@ class CodexAdapter extends EventEmitter {
     const mapping = !isNaN(numericId) ? this.upstreamToClient.get(numericId) : undefined;
     if (mapping) {
       this.upstreamToClient.delete(numericId);
+      if (!isNaN(numericId) && this.pendingInitializeProxyIds.delete(numericId)) {
+        this.captureAppServerInfo(parsed.result);
+      }
       if (mapping.connId !== this.tuiConnId) {
         this.log(`Dropping stale response (upstream id ${responseId}, from conn #${mapping.connId}, current #${this.tuiConnId})`);
         return null;
@@ -1564,16 +2026,30 @@ class CodexAdapter extends EventEmitter {
       if (parsed.error) {
         this.log(`Bridge-originated ${bridgeKind} request failed (id ${responseId}): ${parsed.error.message ?? "unknown error"}`);
         if (bridgeKind === "steer") {
-          this.emit("steerFailed", parsed.error.message ?? "unknown error");
+          this.emit("steerFailed", { requestId: numericId, reason: parsed.error.message ?? "unknown error" });
+        } else if (bridgeKind === "interrupt") {
+          this.emit("interruptFailed", parsed.error.message ?? "unknown error");
         } else {
           this.lastTurnEndedAbnormally = true;
           this.emit("turnAborted", `injected turn/start rejected: ${parsed.error.message ?? "unknown error"}`);
+          this.emit("bridgeTurnRejected", {
+            requestId: numericId,
+            error: parsed.error.message ?? "unknown error"
+          });
           this.notifyPhaseIfChanged();
         }
       } else {
         this.log(`Bridge-originated ${bridgeKind} request completed (id ${responseId})`);
         if (bridgeKind === "steer") {
-          this.emit("steerAccepted");
+          this.emit("steerAccepted", { requestId: numericId });
+        } else if (bridgeKind === "turn-start") {
+          const result = parsed.result;
+          const turnId = result?.turn?.id;
+          if (typeof turnId === "string" && turnId.length > 0) {
+            this.emit("bridgeTurnStarted", { requestId: numericId, turnId });
+          } else {
+            this.log(`Bridge-originated turn/start response carried no turn id (id ${responseId}) \u2014 turn_started ACK skipped`);
+          }
         }
       }
       return null;
@@ -1585,11 +2061,40 @@ class CodexAdapter extends EventEmitter {
     this.log(`Dropping unmatched app-server response id ${String(responseId)}`);
     return null;
   }
+  captureAppServerInfo(result) {
+    const init = typeof result === "object" && result !== null ? result : {};
+    const userAgent = typeof init.userAgent === "string" ? init.userAgent : null;
+    const version = parseAppServerVersion(userAgent);
+    const info = {
+      version,
+      userAgent,
+      platformFamily: typeof init.platformFamily === "string" ? init.platformFamily : null,
+      platformOs: typeof init.platformOs === "string" ? init.platformOs : null
+    };
+    this.appServerInfo = info;
+    this.log(`Captured app-server initialize: version=${version ?? "unknown"} ` + `userAgent=${userAgent ?? "none"} platform=${info.platformOs ?? "?"}/${info.platformFamily ?? "?"}`);
+    if (version === null) {
+      const dedupKey = userAgent ?? "<missing-userAgent>";
+      if (!this.warnedAppServerVersions.has(dedupKey)) {
+        this.warnedAppServerVersions.add(dedupKey);
+        this.log(`WARNING: app-server initialize response carried no parseable version ` + `(userAgent=${userAgent ?? "missing"}). The proxy's intercept points assume a ` + `known protocol snapshot \u2014 verify the version-coupling checklist if Codex was upgraded.`);
+      }
+    }
+  }
   patchResponse(parsed, raw) {
     if (isAppServerResponseMessage(parsed) && parsed.error && parsed.id !== undefined) {
       const errMsg = parsed.error.message ?? "";
-      if (errMsg.includes("rate limits") || errMsg.includes("rateLimits")) {
-        this.log(`Patching rateLimits error \u2192 mock success (id: ${parsed.id})`);
+      const errCode = parsed.error.code;
+      const textMatchesRateLimit = errMsg.includes("rate limits") || errMsg.includes("rateLimits");
+      const codeRecognized = typeof errCode === "number" && APP_SERVER_RATE_LIMIT_ERROR_CODES.has(errCode);
+      const structuredMatch = codeRecognized && textMatchesRateLimit;
+      if (structuredMatch || textMatchesRateLimit) {
+        if (structuredMatch) {
+          this.log(`Patching rateLimits error \u2192 mock success via structured code ${errCode} (id: ${parsed.id})`);
+        } else {
+          this.warnFragileRateLimitMatch(errMsg, errCode);
+          this.log(`Patching rateLimits error \u2192 mock success via fragile text fallback (id: ${parsed.id})`);
+        }
         return JSON.stringify({
           id: parsed.id,
           result: {
@@ -1608,6 +2113,12 @@ class CodexAdapter extends EventEmitter {
     }
     return raw;
   }
+  warnFragileRateLimitMatch(errMsg, errCode) {
+    if (this.warnedFragileRateLimitMessages.has(errMsg))
+      return;
+    this.warnedFragileRateLimitMessages.add(errMsg);
+    this.log(`WARNING: fragile-match \u2014 patched a rate-limit error by human-readable text ` + `(code=${errCode ?? "none"} not in the recognized set). If Codex changed the ` + `error wording or code, update patchResponse / APP_SERVER_RATE_LIMIT_ERROR_CODES. ` + `Message: ${errMsg.slice(0, 120)}`);
+  }
   interceptServerMessage(msg, connId) {
     this.handleTrackedResponse(msg, connId);
     if ("method" in msg && typeof msg.method === "string" && isAppServerNotification(msg)) {
@@ -1775,6 +2286,9 @@ class CodexAdapter extends EventEmitter {
     }
     return newest;
   }
+  get steerableTurnId() {
+    return this.currentSteerableTurnId();
+  }
   get turnPhase() {
     if (this.activeTurnIds.size > 0) {
       const allStalled = [...this.activeTurnIds].every((id) => this.currentlyStalledTurnIds.has(id));
@@ -1806,19 +2320,33 @@ class CodexAdapter extends EventEmitter {
     this.notifyPhaseIfChanged();
   }
   markTurnCompleted(turnId) {
-    if (typeof turnId === "string" && turnId.length > 0) {
-      this.activeTurnIds.delete(turnId);
-      this.clearTurnWatchdog(turnId);
-      this.stalledTurnIds.delete(turnId);
-      this.currentlyStalledTurnIds.delete(turnId);
+    const completedId = typeof turnId === "string" && turnId.length > 0 ? turnId : null;
+    if (completedId !== null) {
+      const idWasTracked = this.activeTurnIds.has(completedId);
+      this.activeTurnIds.delete(completedId);
+      this.clearTurnWatchdog(completedId);
+      this.stalledTurnIds.delete(completedId);
+      this.currentlyStalledTurnIds.delete(completedId);
+      if (!idWasTracked) {
+        const placeholders = [...this.activeTurnIds].filter((id) => id.startsWith("unknown:"));
+        if (placeholders.length === 1) {
+          const placeholder = placeholders[0];
+          this.activeTurnIds.delete(placeholder);
+          this.clearTurnWatchdog(placeholder);
+          this.stalledTurnIds.delete(placeholder);
+          this.currentlyStalledTurnIds.delete(placeholder);
+        }
+      }
     } else {
       this.activeTurnIds.clear();
       this.clearAllTurnWatchdogs();
       this.stalledTurnIds.clear();
       this.currentlyStalledTurnIds.clear();
+      this.agentMessageBuffers.clear();
     }
     this.lastTurnEndedAbnormally = false;
     this.turnInProgress = this.activeTurnIds.size > 0;
+    this.emit("turnIdCompleted", completedId);
     this.notifyPhaseIfChanged();
   }
   turnWatchdogMs() {
@@ -1877,6 +2405,7 @@ class CodexAdapter extends EventEmitter {
     this.clearAllTurnWatchdogs();
     this.stalledTurnIds.clear();
     this.currentlyStalledTurnIds.clear();
+    this.agentMessageBuffers.clear();
     this.turnInProgress = false;
     if (wasInProgress) {
       this.lastTurnEndedAbnormally = !emitCompleted;
@@ -1888,6 +2417,7 @@ class CodexAdapter extends EventEmitter {
       this.log(`Turn state reset (${reason})`);
     }
     this.notifyPhaseIfChanged();
+    this.emit("turnTrackingReset", reason);
   }
   requestKey(id) {
     if (typeof id === "number" || typeof id === "string")
@@ -1964,6 +2494,7 @@ class CodexAdapter extends EventEmitter {
   clearTransientResponseTrackingState() {
     this.pendingRequests.clear();
     this.upstreamToClient.clear();
+    this.pendingInitializeProxyIds.clear();
     for (const timer of this.staleProxyIds.values()) {
       clearTimeout(timer);
     }
@@ -2019,11 +2550,65 @@ var CLOSE_CODE_REPLACED = 4001;
 var CLOSE_CODE_EVICTED_STALE = 4002;
 var CLOSE_CODE_PROBE_IN_PROGRESS = 4003;
 var CLOSE_CODE_PAIR_MISMATCH = 4004;
+var CLOSE_CODE_TOKEN_MISMATCH = 4005;
+var CLOSE_CODE_CONTRACT_MISMATCH = 4006;
+
+// src/control-token.ts
+import { chmodSync as chmodSync2, readFileSync as readFileSync2 } from "fs";
+import { join as join3 } from "path";
+import { randomUUID as randomUUID2 } from "crypto";
+var CONTROL_TOKEN_FILENAME = "control-token";
+function resolveControlTokenPath(stateDir) {
+  return join3(stateDir, CONTROL_TOKEN_FILENAME);
+}
+function generateControlToken() {
+  return randomUUID2();
+}
+function writeControlToken(path, token) {
+  atomicWriteText(path, token, { mode: 384 });
+  chmodSync2(path, 384);
+}
+function validateControlToken(input) {
+  const { expectedToken } = input;
+  if (expectedToken == null || expectedToken.length === 0) {
+    return { ok: true };
+  }
+  const provided = input.providedToken;
+  if (provided == null || provided.length === 0) {
+    return { ok: false, reason: "missing control token" };
+  }
+  if (!constantTimeEquals(provided, expectedToken)) {
+    return { ok: false, reason: "control token mismatch" };
+  }
+  return { ok: true };
+}
+function constantTimeEquals(a, b) {
+  const len = Math.max(a.length, b.length);
+  let diff = a.length ^ b.length;
+  for (let i = 0;i < len; i++) {
+    diff |= (a.charCodeAt(i) || 0) ^ (b.charCodeAt(i) || 0);
+  }
+  return diff === 0;
+}
 
 // src/daemon-identity.ts
 function validateClaudeClientIdentity(input) {
-  if (!input.expectedPairId)
-    return { ok: true };
+  if (input.expectedControlToken && input.identity) {
+    const tokenResult = validateControlToken({
+      expectedToken: input.expectedControlToken,
+      providedToken: input.identity.controlToken
+    });
+    if (!tokenResult.ok) {
+      return {
+        ok: false,
+        closeCode: CLOSE_CODE_TOKEN_MISMATCH,
+        reason: tokenResult.reason
+      };
+    }
+  }
+  if (!input.expectedPairId) {
+    return input.identity ? validateContractVersion(input) : { ok: true };
+  }
   if (!input.identity) {
     return input.allowIdentityless ? { ok: true } : { ok: false, closeCode: CLOSE_CODE_PAIR_MISMATCH, reason: "missing client identity" };
   }
@@ -2041,10 +2626,43 @@ function validateClaudeClientIdentity(input) {
       reason: `cwd mismatch: expected ${input.daemonCwd}, got ${input.identity.cwd ?? "<none>"}`
     };
   }
+  return validateContractVersion(input);
+}
+function validateContractVersion(input) {
+  if (input.expectedContractVersion === undefined)
+    return { ok: true };
+  const provided = input.identity?.contractVersion;
+  if (provided === undefined || provided === null) {
+    return {
+      ok: false,
+      closeCode: CLOSE_CODE_CONTRACT_MISMATCH,
+      reason: `missing contract version: daemon speaks contract v${input.expectedContractVersion}`
+    };
+  }
+  if (provided !== input.expectedContractVersion) {
+    return {
+      ok: false,
+      closeCode: CLOSE_CODE_CONTRACT_MISMATCH,
+      reason: `contract version mismatch: daemon v${input.expectedContractVersion}, client v${provided}`
+    };
+  }
   return { ok: true };
 }
+function evaluateInjectionAttachGuard(attachedSocket, requestingSocket) {
+  if (attachedSocket != null && attachedSocket === requestingSocket) {
+    return { allowed: true };
+  }
+  return {
+    allowed: false,
+    code: "not_attached",
+    reason: "This socket is not the attached Claude session. Send `claude_connect` " + "(with a valid control token) and win the attach slot before injecting a turn."
+  };
+}
 
 // src/message-filter.ts
+import { randomUUID as randomUUID3 } from "crypto";
+var STATUS_SUMMARY_SALT = randomUUID3().slice(0, 8);
+var statusSummaryCounter = 0;
 var MARKER_REGEX = /^\s*\[(IMPORTANT|STATUS|FYI)\]\s*/i;
 function parseMarker(content) {
   const match = content.match(MARKER_REGEX);
@@ -2070,6 +2688,37 @@ function classifyMessage(content, mode) {
       return { action: "forward", marker };
   }
 }
+function routeCodexMessage(content, ctx) {
+  const result = classifyMessage(content, ctx.mode);
+  if (ctx.replyArmed) {
+    return {
+      action: "forward",
+      marker: result.marker,
+      reason: "force-forward-reply-required",
+      flushStatusBuffer: true,
+      noteReplyForwarded: true
+    };
+  }
+  if (ctx.inAttentionWindow && result.marker === "status") {
+    return {
+      action: "buffer",
+      marker: result.marker,
+      reason: "buffer-attention"
+    };
+  }
+  if (result.action === "forward" && result.marker === "important") {
+    return {
+      ...result,
+      reason: "forward",
+      flushStatusBuffer: true,
+      startAttentionWindow: true
+    };
+  }
+  return {
+    ...result,
+    reason: result.action
+  };
+}
 var REPLY_REQUIRED_INSTRUCTION = `
 
 [\u26A0\uFE0F REPLY REQUIRED] Claude has explicitly requested a reply. You MUST send an agentMessage with [IMPORTANT] marker containing your response. This is a mandatory requirement \u2014 do not skip or use [STATUS]/[FYI] markers for this reply.`;
@@ -2079,11 +2728,14 @@ class StatusBuffer {
   flushTimer = null;
   flushThreshold;
   flushTimeoutMs;
+  maxBuffered;
   paused = false;
+  droppedCount = 0;
   constructor(onFlush, options) {
     this.onFlush = onFlush;
     this.flushThreshold = options?.flushThreshold ?? 3;
     this.flushTimeoutMs = options?.flushTimeoutMs ?? 15000;
+    this.maxBuffered = options?.maxBuffered ?? 200;
   }
   get size() {
     return this.buffer.length;
@@ -2103,6 +2755,10 @@ class StatusBuffer {
   }
   add(message) {
     this.buffer.push(message);
+    while (this.buffer.length > this.maxBuffered) {
+      this.buffer.shift();
+      this.droppedCount++;
+    }
     if (this.paused)
       return;
     this.resetTimer();
@@ -2117,19 +2773,22 @@ class StatusBuffer {
     const combined = this.buffer.map((m) => parseMarker(m.content).body).join(`
 ---
 `);
+    const droppedNote = this.droppedCount > 0 ? `, ${this.droppedCount} older dropped` : "";
     const summary = {
-      id: `status_summary_${Date.now()}`,
+      id: `status_summary_${STATUS_SUMMARY_SALT}_${++statusSummaryCounter}`,
       source: "codex",
-      content: `[STATUS summary \u2014 ${this.buffer.length} update(s), flushed: ${reason}]
+      content: `[STATUS summary \u2014 ${this.buffer.length} update(s)${droppedNote}, flushed: ${reason}]
 ${combined}`,
       timestamp: Date.now()
     };
     this.onFlush(summary);
     this.buffer = [];
+    this.droppedCount = 0;
   }
   dispose() {
     this.clearTimer();
     this.buffer = [];
+    this.droppedCount = 0;
   }
   clearTimer() {
     if (this.flushTimer) {
@@ -2226,22 +2885,9 @@ class TuiConnectionState {
 
 // src/daemon-lifecycle.ts
 import { spawn as spawn2 } from "child_process";
-import { existsSync as existsSync3, readFileSync, statSync as statSync2, unlinkSync as unlinkSync2, writeFileSync, openSync, closeSync, constants } from "fs";
+import { existsSync as existsSync3, readFileSync as readFileSync3, statSync as statSync2, unlinkSync as unlinkSync3, writeFileSync as writeFileSync2, openSync as openSync2, closeSync as closeSync2, constants } from "fs";
 import { fileURLToPath } from "url";
 
-// src/env-utils.ts
-function parsePositiveIntEnv(name, fallback, log = () => {}, env = process.env) {
-  const raw = env[name];
-  if (raw == null || raw === "")
-    return fallback;
-  const parsed = Number(raw);
-  if (!Number.isInteger(parsed) || parsed <= 0 || parsed > Number.MAX_SAFE_INTEGER) {
-    log(`Invalid ${name}=${JSON.stringify(raw)} (must be a positive integer within ` + `Number.MAX_SAFE_INTEGER); falling back to ${fallback}`);
-    return fallback;
-  }
-  return parsed;
-}
-
 // src/process-lifecycle.ts
 import { execFileSync as execFileSync2 } from "child_process";
 function commandForPid(pid) {
@@ -2283,19 +2929,74 @@ var DAEMON_ENTRY = process.env.AGENTBRIDGE_DAEMON_ENTRY || DEFAULT_DAEMON_ENTRY;
 var DAEMON_PATH = fileURLToPath(new URL(DAEMON_ENTRY, import.meta.url));
 var REUSE_READY_RETRIES = parsePositiveIntEnv("AGENTBRIDGE_REUSE_READY_RETRIES", 12);
 var REUSE_READY_DELAY_MS = 250;
+var WAIT_READY_RETRIES = 40;
+var WAIT_READY_DELAY_MS = 250;
 var HEALTH_FETCH_TIMEOUT_MS = 500;
 var LOCK_IDENTITY_GRACE_MS = parsePositiveIntEnv("AGENTBRIDGE_LOCK_IDENTITY_GRACE_MS", 120000);
-
-class DaemonLifecycle {
-  stateDir;
-  controlPort;
-  log;
-  constructor(opts) {
-    this.stateDir = opts.stateDir;
-    this.controlPort = opts.controlPort;
-    this.log = opts.log;
+function isReuseVerdict(verdict) {
+  return verdict === "reuse" || verdict === "reuse-despite-drift";
+}
+function classifyDaemon(expectedPairId, status, buildInfo) {
+  if (!status) {
+    return { verdict: "unreachable", reason: "daemon status is unavailable or unparseable" };
   }
-  get healthUrl() {
+  const reportedPairId = status.pairId;
+  if (!expectedPairId && reportedPairId != null) {
+    return {
+      verdict: "manual-conflict",
+      reason: `manual mode must not adopt registered pair ${reportedPairId}`
+    };
+  }
+  if (expectedPairId) {
+    if (reportedPairId == null) {
+      return {
+        verdict: "replace-foreign",
+        reason: `pair ${expectedPairId} found daemon without pair identity`
+      };
+    }
+    if (reportedPairId !== expectedPairId) {
+      return {
+        verdict: "replace-foreign",
+        reason: `pair ${expectedPairId} found daemon for pair ${reportedPairId}`
+      };
+    }
+  }
+  if (!sameRuntimeContract(status.build, buildInfo)) {
+    if (compatibleContractVersion(status.build, buildInfo) && status.tuiConnected === true) {
+      return {
+        verdict: "reuse-despite-drift",
+        reason: "runtime build drift has a compatible contract and a live Codex TUI is attached"
+      };
+    }
+    const basis = runtimeContractComparisonBasis(status.build, buildInfo) === "codeHash" ? "compared by codeHash" : "compared by commit stamp; legacy build without codeHash";
+    return {
+      verdict: "replace-drifted",
+      reason: `runtime build ${formatBuildInfo(status.build)} does not match launcher ` + `${formatBuildInfo(buildInfo)} (${basis})`
+    };
+  }
+  return { verdict: "reuse", reason: "daemon pair and runtime contract match" };
+}
+function resolveTiming(timing) {
+  return {
+    reuseReadyRetries: timing?.reuseReadyRetries ?? REUSE_READY_RETRIES,
+    reuseReadyDelayMs: timing?.reuseReadyDelayMs ?? REUSE_READY_DELAY_MS,
+    waitReadyRetries: timing?.waitReadyRetries ?? WAIT_READY_RETRIES,
+    waitReadyDelayMs: timing?.waitReadyDelayMs ?? WAIT_READY_DELAY_MS
+  };
+}
+
+class DaemonLifecycle {
+  stateDir;
+  controlPort;
+  log;
+  timing;
+  constructor(opts) {
+    this.stateDir = opts.stateDir;
+    this.controlPort = opts.controlPort;
+    this.log = opts.log;
+    this.timing = resolveTiming(opts.timing);
+  }
+  get healthUrl() {
     return `http://127.0.0.1:${this.controlPort}/healthz`;
   }
   get readyUrl() {
@@ -2317,55 +3018,40 @@ class DaemonLifecycle {
       return null;
     }
   }
-  isForeignDaemon(status) {
-    const expected = this.expectedPairId;
-    if (!expected)
-      return false;
-    if (!status)
-      return false;
-    const reported = status.pairId;
-    if (reported == null)
-      return true;
-    return reported !== expected;
-  }
-  isRegisteredPairDaemonInManualMode(status) {
-    return !this.expectedPairId && status?.pairId != null;
-  }
-  isBuildDrifted(status) {
-    if (process.env.AGENTBRIDGE_ALLOW_BUILD_DRIFT === "1")
-      return false;
-    const runtime = status?.build;
-    if (!runtime)
-      return true;
-    return !sameRuntimeContract(runtime, BUILD_INFO);
+  classifyDaemon(status) {
+    const classification = classifyDaemon(this.expectedPairId, status, BUILD_INFO);
+    if (process.env.AGENTBRIDGE_ALLOW_BUILD_DRIFT === "1" && (classification.verdict === "replace-drifted" || classification.verdict === "unreachable")) {
+      return { verdict: "reuse", reason: "build drift replacement disabled by AGENTBRIDGE_ALLOW_BUILD_DRIFT" };
+    }
+    return classification;
   }
-  canReuseDespiteDrift(status) {
-    if (!compatibleContractVersion(status?.build, BUILD_INFO))
-      return false;
-    return status?.tuiConnected === true;
+  manualConflictError(status) {
+    return new Error(`Control port ${this.controlPort} is owned by registered pair ${status?.pairId}. ` + `This session has no pair identity (manual mode) and will not reuse or replace it \u2014 ` + `start with \`agentbridge claude\` from that pair's directory, or set AGENTBRIDGE_CONTROL_PORT to a free port.`);
   }
   async ensureRunning() {
     if (await this.isHealthy()) {
       const status = await this.fetchStatus();
-      if (this.isRegisteredPairDaemonInManualMode(status)) {
-        throw new Error(`Control port ${this.controlPort} is owned by registered pair ${status?.pairId}. ` + `This session has no pair identity (manual mode) and will not reuse or replace it \u2014 ` + `start with \`agentbridge claude\` from that pair's directory, or set AGENTBRIDGE_CONTROL_PORT to a free port.`);
-      }
-      if (this.isForeignDaemon(status)) {
-        this.log(`Control port ${this.controlPort} held by a daemon for pair ${status?.pairId ?? "<none>"}, ` + `but this pair is ${this.expectedPairId} \u2014 replacing foreign daemon`);
-        await this.replaceUnhealthyDaemon(status?.pid);
-        return;
-      }
-      if (this.isBuildDrifted(status)) {
-        if (this.canReuseDespiteDrift(status)) {
-          this.log(`Daemon on control port ${this.controlPort} is running build ${formatBuildInfo(status?.build)} ` + `(launcher ${formatBuildInfo(BUILD_INFO)}) but a live Codex TUI is attached \u2014 reusing instead of ` + `replacing; the new build is picked up at the next restart (abg kill, then relaunch)`);
-        } else {
+      const classification = this.classifyDaemon(status);
+      switch (classification.verdict) {
+        case "manual-conflict":
+          throw this.manualConflictError(status);
+        case "replace-foreign":
+          this.log(`Control port ${this.controlPort} held by a daemon for pair ${status?.pairId ?? "<none>"}, ` + `but this pair is ${this.expectedPairId} \u2014 replacing foreign daemon`);
+          await this.replaceUnhealthyDaemon(status?.pid);
+          return;
+        case "replace-drifted":
+        case "unreachable":
           this.log(`Daemon on control port ${this.controlPort} is running build ${formatBuildInfo(status?.build)} ` + `but launcher is ${formatBuildInfo(BUILD_INFO)} \u2014 replacing drifted daemon`);
           await this.replaceUnhealthyDaemon(status?.pid);
           return;
-        }
+        case "reuse-despite-drift":
+          this.log(`Daemon on control port ${this.controlPort} is running build ${formatBuildInfo(status?.build)} ` + `(launcher ${formatBuildInfo(BUILD_INFO)}) but a live Codex TUI is attached \u2014 reusing instead of ` + `replacing; the new build is picked up at the next restart (abg kill, then relaunch)`);
+          break;
+        case "reuse":
+          break;
       }
       try {
-        await this.waitForReady(REUSE_READY_RETRIES, REUSE_READY_DELAY_MS);
+        await this.waitForReady(this.timing.reuseReadyRetries, this.timing.reuseReadyDelayMs);
         return;
       } catch {
         this.log(`Daemon on control port ${this.controlPort} is healthy but not ready within reuse window \u2014 replacing`);
@@ -2378,7 +3064,7 @@ class DaemonLifecycle {
       if (isProcessAlive(existingPid)) {
         if (isAgentBridgeDaemon(existingPid)) {
           try {
-            await this.waitForReady(REUSE_READY_RETRIES, REUSE_READY_DELAY_MS);
+            await this.waitForReady(this.timing.reuseReadyRetries, this.timing.reuseReadyDelayMs);
             return;
           } catch {
             this.log(`Existing daemon process ${existingPid} never became ready \u2014 replacing`);
@@ -2392,18 +3078,21 @@ class DaemonLifecycle {
     }
     await this.withStartupLockStrict(async (locked) => {
       if (!locked) {
-        this.log("Another process holds the startup lock, waiting for readiness+identity...");
-        await this.waitForReadyAndOurs();
+        await this.waitForContendedStartupLock();
         return;
       }
       if (await this.isHealthy()) {
         const status = await this.fetchStatus();
-        if (this.isForeignDaemon(status) || this.isBuildDrifted(status) && !this.canReuseDespiteDrift(status)) {
-          this.log(`Daemon on control port ${this.controlPort} is not reusable under startup lock ` + `(pair=${status?.pairId ?? "<none>"}, build=${formatBuildInfo(status?.build)}) \u2014 replacing`);
+        const classification = this.classifyDaemon(status);
+        if (classification.verdict === "manual-conflict") {
+          throw this.manualConflictError(status);
+        }
+        if (!isReuseVerdict(classification.verdict)) {
+          this.log(`Daemon on control port ${this.controlPort} is not reusable under startup lock ` + `(pair=${status?.pairId ?? "<none>"}, build=${formatBuildInfo(status?.build)}, ` + `reason=${classification.reason}) \u2014 replacing`);
           await this.kill(3000, status?.pid);
         } else {
           try {
-            await this.waitForReady(REUSE_READY_RETRIES, REUSE_READY_DELAY_MS);
+            await this.waitForReady(this.timing.reuseReadyRetries, this.timing.reuseReadyDelayMs);
             return;
           } catch {
             this.log(`Daemon on control port ${this.controlPort} is healthy but not ready under startup lock \u2014 replacing`);
@@ -2412,7 +3101,7 @@ class DaemonLifecycle {
         }
       }
       this.launch();
-      await this.waitForReady();
+      await this.waitForReady(this.timing.waitReadyRetries, this.timing.waitReadyDelayMs);
     });
   }
   async isHealthy() {
@@ -2439,7 +3128,7 @@ class DaemonLifecycle {
       return false;
     }
   }
-  async waitForReady(maxRetries = 40, delayMs = 250) {
+  async waitForReady(maxRetries = WAIT_READY_RETRIES, delayMs = WAIT_READY_DELAY_MS) {
     for (let attempt = 0;attempt < maxRetries; attempt++) {
       if (await this.isReady())
         return;
@@ -2447,11 +3136,15 @@ class DaemonLifecycle {
     }
     throw new Error(`Timed out waiting for AgentBridge daemon readiness on ${this.readyUrl}`);
   }
-  async waitForReadyAndOurs(maxRetries = 40, delayMs = 250) {
+  async waitForReadyAndOurs(maxRetries = WAIT_READY_RETRIES, delayMs = WAIT_READY_DELAY_MS) {
     for (let attempt = 0;attempt < maxRetries; attempt++) {
       if (await this.isReady()) {
         const status = await this.fetchStatus();
-        if (!this.isForeignDaemon(status) && (!this.isBuildDrifted(status) || this.canReuseDespiteDrift(status))) {
+        const classification = this.classifyDaemon(status);
+        if (classification.verdict === "manual-conflict") {
+          throw this.manualConflictError(status);
+        }
+        if (isReuseVerdict(classification.verdict)) {
           return;
         }
       }
@@ -2459,22 +3152,35 @@ class DaemonLifecycle {
     }
     throw new Error(`Timed out waiting for AgentBridge daemon readiness+identity on ${this.readyUrl} (control port ${this.controlPort})`);
   }
+  readDaemonRecord() {
+    return readUnifiedDaemonRecord({
+      daemonRecordFile: this.stateDir.daemonRecordFile,
+      pidFile: this.stateDir.pidFile,
+      statusFile: this.stateDir.statusFile
+    });
+  }
+  writeDaemonRecord(record) {
+    writeDaemonRecord(this.stateDir.daemonRecordFile, record);
+  }
+  removeDaemonRecord() {
+    try {
+      unlinkSync3(this.stateDir.daemonRecordFile);
+    } catch {}
+  }
   readStatus() {
     try {
-      const raw = readFileSync(this.stateDir.statusFile, "utf-8");
+      const raw = readFileSync3(this.stateDir.statusFile, "utf-8");
       return JSON.parse(raw);
     } catch {
       return null;
     }
   }
   writeStatus(status) {
-    this.stateDir.ensure();
-    writeFileSync(this.stateDir.statusFile, JSON.stringify(status, null, 2) + `
-`, "utf-8");
+    atomicWriteJson(this.stateDir.statusFile, status);
   }
   readPid() {
     try {
-      const raw = readFileSync(this.stateDir.pidFile, "utf-8").trim();
+      const raw = readFileSync3(this.stateDir.pidFile, "utf-8").trim();
       if (!raw)
         return null;
       const pid = Number.parseInt(raw, 10);
@@ -2484,28 +3190,27 @@ class DaemonLifecycle {
     }
   }
   writePid(pid) {
-    this.stateDir.ensure();
-    writeFileSync(this.stateDir.pidFile, `${pid ?? process.pid}
-`, "utf-8");
+    atomicWriteText(this.stateDir.pidFile, `${pid ?? process.pid}
+`);
   }
   removePidFile() {
     try {
-      unlinkSync2(this.stateDir.pidFile);
+      unlinkSync3(this.stateDir.pidFile);
     } catch {}
   }
   removeStatusFile() {
     try {
-      unlinkSync2(this.stateDir.statusFile);
+      unlinkSync3(this.stateDir.statusFile);
     } catch {}
   }
   markKilled() {
     this.stateDir.ensure();
-    writeFileSync(this.stateDir.killedFile, `${Date.now()}
+    writeFileSync2(this.stateDir.killedFile, `${Date.now()}
 `, "utf-8");
   }
   clearKilled() {
     try {
-      unlinkSync2(this.stateDir.killedFile);
+      unlinkSync3(this.stateDir.killedFile);
     } catch {}
   }
   wasKilled() {
@@ -2527,21 +3232,26 @@ class DaemonLifecycle {
     daemonProc.unref();
   }
   removeStalePidFile() {
-    this.log("Removing stale pid file");
+    this.log("Removing stale daemon identity files");
     this.removePidFile();
+    this.removeStatusFile();
+    this.removeDaemonRecord();
   }
   async replaceUnhealthyDaemon(statusPid) {
     await this.withStartupLockStrict(async (locked) => {
       if (!locked) {
-        this.log("Another process holds the startup lock, waiting for readiness+identity...");
-        await this.waitForReadyAndOurs();
+        await this.waitForContendedStartupLock();
         return;
       }
       if (await this.isHealthy()) {
         const status = await this.fetchStatus();
-        if (!this.isForeignDaemon(status) && (!this.isBuildDrifted(status) || this.canReuseDespiteDrift(status))) {
+        const classification = this.classifyDaemon(status);
+        if (classification.verdict === "manual-conflict") {
+          throw this.manualConflictError(status);
+        }
+        if (isReuseVerdict(classification.verdict)) {
           try {
-            await this.waitForReady(REUSE_READY_RETRIES, REUSE_READY_DELAY_MS);
+            await this.waitForReady(this.timing.reuseReadyRetries, this.timing.reuseReadyDelayMs);
             return;
           } catch {}
         }
@@ -2549,9 +3259,13 @@ class DaemonLifecycle {
       this.log(`Killing unhealthy daemon on control port ${this.controlPort} and relaunching`);
       await this.kill(3000, statusPid);
       this.launch();
-      await this.waitForReady();
+      await this.waitForReady(this.timing.waitReadyRetries, this.timing.waitReadyDelayMs);
     });
   }
+  async waitForContendedStartupLock() {
+    this.log("Another process holds the startup lock, waiting for readiness+identity...");
+    await this.waitForReadyAndOurs(this.timing.waitReadyRetries, this.timing.waitReadyDelayMs);
+  }
   async withStartupLockStrict(fn) {
     const locked = this.acquireLockStrict();
     try {
@@ -2565,15 +3279,15 @@ class DaemonLifecycle {
     this.stateDir.ensure();
     let fd = null;
     try {
-      fd = openSync(this.stateDir.lockFile, constants.O_CREAT | constants.O_EXCL | constants.O_WRONLY);
-      writeFileSync(fd, `${process.pid}
+      fd = openSync2(this.stateDir.lockFile, constants.O_CREAT | constants.O_EXCL | constants.O_WRONLY);
+      writeFileSync2(fd, `${process.pid}
 `);
-      closeSync(fd);
+      closeSync2(fd);
       return true;
     } catch (err) {
       if (fd !== null && err.code !== "EEXIST") {
         try {
-          closeSync(fd);
+          closeSync2(fd);
         } catch {}
         this.releaseLock();
       }
@@ -2581,7 +3295,7 @@ class DaemonLifecycle {
         if (reclaimed)
           return false;
         try {
-          const holderPid = Number.parseInt(readFileSync(this.stateDir.lockFile, "utf-8").trim(), 10);
+          const holderPid = Number.parseInt(readFileSync3(this.stateDir.lockFile, "utf-8").trim(), 10);
           if (Number.isFinite(holderPid) && !isProcessAlive(holderPid)) {
             this.log(`Stale startup lock from dead process ${holderPid}, reclaiming`);
             this.releaseLock();
@@ -2610,7 +3324,7 @@ class DaemonLifecycle {
   }
   releaseLock() {
     try {
-      unlinkSync2(this.stateDir.lockFile);
+      unlinkSync3(this.stateDir.lockFile);
     } catch {}
   }
   async kill(gracefulTimeoutMs = 3000, pidOverride) {
@@ -2656,6 +3370,7 @@ class DaemonLifecycle {
   cleanup() {
     this.removePidFile();
     this.removeStatusFile();
+    this.removeDaemonRecord();
   }
 }
 async function fetchWithTimeout(url, timeoutMs = HEALTH_FETCH_TIMEOUT_MS) {
@@ -2669,11 +3384,11 @@ async function fetchWithTimeout(url, timeoutMs = HEALTH_FETCH_TIMEOUT_MS) {
 }
 
 // src/config-service.ts
-import { readFileSync as readFileSync2, writeFileSync as writeFileSync2, mkdirSync as mkdirSync3, existsSync as existsSync4 } from "fs";
-import { join as join3 } from "path";
+import { readFileSync as readFileSync4, mkdirSync as mkdirSync4, existsSync as existsSync4 } from "fs";
+import { join as join4 } from "path";
 var DEFAULT_BUDGET_CONFIG = {
   enabled: true,
-  pollSeconds: 60,
+  pollSeconds: 300,
   pauseAt: 90,
   resumeBelow: 30,
   syncDriftPct: 10,
@@ -2702,9 +3417,52 @@ var DEFAULT_CONFIG = {
 };
 var CONFIG_DIR = ".agentbridge";
 var CONFIG_FILE = "config.json";
+var NOOP_LOGGER = () => {};
 function isRecord(value) {
   return typeof value === "object" && value !== null && !Array.isArray(value);
 }
+function isCoercibleNumber(value) {
+  if (typeof value === "number")
+    return Number.isFinite(value);
+  if (typeof value === "string")
+    return Number.isFinite(Number(value));
+  return false;
+}
+function findShapeViolation(raw) {
+  if ("idleShutdownSeconds" in raw && !isCoercibleNumber(raw.idleShutdownSeconds)) {
+    return "idleShutdownSeconds is present but not a number";
+  }
+  if ("budget" in raw) {
+    const budget = raw.budget;
+    if (!isRecord(budget)) {
+      return "budget is present but not an object";
+    }
+    const numericKeys = ["pauseAt", "resumeBelow", "pollSeconds", "syncDriftPct"];
+    for (const key of numericKeys) {
+      if (key in budget && !isCoercibleNumber(budget[key])) {
+        return `budget.${key} is present but not a number`;
+      }
+    }
+    if ("parallel" in budget) {
+      const parallel = budget.parallel;
+      if (!isRecord(parallel)) {
+        return "budget.parallel is present but not an object";
+      }
+      for (const key of ["minRemainingPct", "timeWindowSec"]) {
+        if (key in parallel && !isCoercibleNumber(parallel[key])) {
+          return `budget.parallel.${key} is present but not a number`;
+        }
+      }
+    }
+  }
+  return null;
+}
+function hasCustomDecisionValues(config) {
+  const d = DEFAULT_CONFIG;
+  const b = config.budget;
+  const db = d.budget;
+  return config.idleShutdownSeconds !== d.idleShutdownSeconds || config.turnCoordination.attentionWindowSeconds !== d.turnCoordination.attentionWindowSeconds || config.codex.appPort !== d.codex.appPort || config.codex.proxyPort !== d.codex.proxyPort || b.enabled !== db.enabled || b.pollSeconds !== db.pollSeconds || b.pauseAt !== db.pauseAt || b.resumeBelow !== db.resumeBelow || b.syncDriftPct !== db.syncDriftPct || b.parallel.minRemainingPct !== db.parallel.minRemainingPct || b.parallel.timeWindowSec !== db.parallel.timeWindowSec || b.codexTierControl !== db.codexTierControl;
+}
 function normalizeInteger(value, fallback) {
   if (typeof value === "number" && Number.isFinite(value))
     return value;
@@ -2740,35 +3498,35 @@ function normalizeCodexOverride(raw) {
     override.effort = raw.effort.trim();
   return Object.keys(override).length > 0 ? override : null;
 }
-function normalizeCodexTiers(raw) {
+function normalizeCodexTiers(raw, fallback = DEFAULT_BUDGET_CONFIG.codexTiers) {
   const tiers = isRecord(raw) ? raw : {};
   return {
     full: normalizeCodexOverride(tiers.full),
-    balanced: normalizeCodexOverride(tiers.balanced) ?? DEFAULT_BUDGET_CONFIG.codexTiers.balanced,
-    eco: normalizeCodexOverride(tiers.eco) ?? DEFAULT_BUDGET_CONFIG.codexTiers.eco
+    balanced: normalizeCodexOverride(tiers.balanced) ?? fallback.balanced,
+    eco: normalizeCodexOverride(tiers.eco) ?? fallback.eco
   };
 }
-function normalizeBudgetConfig(raw) {
+function normalizeBudgetConfig(raw, fallback = DEFAULT_BUDGET_CONFIG) {
   const budget = isRecord(raw) ? raw : {};
   const parallel = isRecord(budget.parallel) ? budget.parallel : {};
-  const codexTiers = normalizeCodexTiers(budget.codexTiers);
-  let pauseAt = normalizeBoundedInteger(budget.pauseAt, DEFAULT_BUDGET_CONFIG.pauseAt, 1, 100);
-  let resumeBelow = normalizeBoundedInteger(budget.resumeBelow, DEFAULT_BUDGET_CONFIG.resumeBelow, 0, 99);
+  const codexTiers = normalizeCodexTiers(budget.codexTiers, fallback.codexTiers);
+  let pauseAt = normalizeBoundedInteger(budget.pauseAt, fallback.pauseAt, 1, 100);
+  let resumeBelow = normalizeBoundedInteger(budget.resumeBelow, fallback.resumeBelow, 0, 99);
   if (pauseAt <= resumeBelow) {
     pauseAt = DEFAULT_BUDGET_CONFIG.pauseAt;
     resumeBelow = DEFAULT_BUDGET_CONFIG.resumeBelow;
   }
   return {
-    enabled: normalizeBoolean(budget.enabled, DEFAULT_BUDGET_CONFIG.enabled),
-    pollSeconds: normalizeBoundedInteger(budget.pollSeconds, DEFAULT_BUDGET_CONFIG.pollSeconds, 5, 3600),
+    enabled: normalizeBoolean(budget.enabled, fallback.enabled),
+    pollSeconds: normalizeBoundedInteger(budget.pollSeconds, fallback.pollSeconds, 5, 3600),
     pauseAt,
     resumeBelow,
-    syncDriftPct: normalizeBoundedInteger(budget.syncDriftPct, DEFAULT_BUDGET_CONFIG.syncDriftPct, 1, 100),
+    syncDriftPct: normalizeBoundedInteger(budget.syncDriftPct, fallback.syncDriftPct, 1, 100),
     parallel: {
-      minRemainingPct: normalizeBoundedInteger(parallel.minRemainingPct, DEFAULT_BUDGET_CONFIG.parallel.minRemainingPct, 1, 100),
-      timeWindowSec: normalizeBoundedInteger(parallel.timeWindowSec, DEFAULT_BUDGET_CONFIG.parallel.timeWindowSec, 60, 604800)
+      minRemainingPct: normalizeBoundedInteger(parallel.minRemainingPct, fallback.parallel.minRemainingPct, 1, 100),
+      timeWindowSec: normalizeBoundedInteger(parallel.timeWindowSec, fallback.parallel.timeWindowSec, 60, 604800)
     },
-    codexTierControl: normalizeBoolean(budget.codexTierControl, DEFAULT_BUDGET_CONFIG.codexTierControl) && codexTiers.full !== null,
+    codexTierControl: normalizeBoolean(budget.codexTierControl, fallback.codexTierControl) && codexTiers.full !== null,
     codexTiers
   };
 }
@@ -2786,7 +3544,7 @@ function applyBudgetEnvOverrides(budget, env = process.env) {
     codexTierControl: env.AGENTBRIDGE_BUDGET_CODEX_TIER_CONTROL ?? budget.codexTierControl,
     codexTiers: budget.codexTiers
   };
-  return normalizeBudgetConfig(overlay);
+  return normalizeBudgetConfig(overlay, budget);
 }
 function normalizeConfig(raw) {
   if (!isRecord(raw))
@@ -2798,13 +3556,13 @@ function normalizeConfig(raw) {
   return {
     version: typeof config.version === "string" ? config.version : DEFAULT_CONFIG.version,
     codex: {
-      appPort: normalizeInteger(codex.appPort ?? daemon.port, DEFAULT_CONFIG.codex.appPort),
-      proxyPort: normalizeInteger(codex.proxyPort ?? daemon.proxyPort, DEFAULT_CONFIG.codex.proxyPort)
+      appPort: normalizeBoundedInteger(codex.appPort ?? daemon.port, DEFAULT_CONFIG.codex.appPort, 1, 65535),
+      proxyPort: normalizeBoundedInteger(codex.proxyPort ?? daemon.proxyPort, DEFAULT_CONFIG.codex.proxyPort, 1, 65535)
     },
     turnCoordination: {
-      attentionWindowSeconds: normalizeInteger(turnCoordination.attentionWindowSeconds, DEFAULT_CONFIG.turnCoordination.attentionWindowSeconds)
+      attentionWindowSeconds: normalizeBoundedInteger(turnCoordination.attentionWindowSeconds, DEFAULT_CONFIG.turnCoordination.attentionWindowSeconds, 0, Number.MAX_SAFE_INTEGER)
     },
-    idleShutdownSeconds: normalizeInteger(config.idleShutdownSeconds, DEFAULT_CONFIG.idleShutdownSeconds),
+    idleShutdownSeconds: normalizeBoundedInteger(config.idleShutdownSeconds, DEFAULT_CONFIG.idleShutdownSeconds, 1, Number.MAX_SAFE_INTEGER),
     budget: normalizeBudgetConfig(config.budget)
   };
 }
@@ -2814,27 +3572,69 @@ class ConfigService {
   configPath;
   constructor(projectRoot) {
     const root = projectRoot ?? process.cwd();
-    this.configDir = join3(root, CONFIG_DIR);
-    this.configPath = join3(this.configDir, CONFIG_FILE);
+    this.configDir = join4(root, CONFIG_DIR);
+    this.configPath = join4(this.configDir, CONFIG_FILE);
   }
   hasConfig() {
     return existsSync4(this.configPath);
   }
   load() {
+    let raw;
     try {
-      const raw = readFileSync2(this.configPath, "utf-8");
-      return normalizeConfig(JSON.parse(raw));
-    } catch {
-      return null;
+      raw = readFileSync4(this.configPath, "utf-8");
+    } catch (err) {
+      if (err?.code === "ENOENT") {
+        return { state: "absent" };
+      }
+      return { state: "corrupt", reason: `config.json is unreadable: ${err.message}` };
     }
+    let parsed;
+    try {
+      parsed = JSON.parse(raw);
+    } catch (err) {
+      return {
+        state: "corrupt",
+        reason: `config.json is not valid JSON: ${err.message}`
+      };
+    }
+    if (!isRecord(parsed)) {
+      return { state: "corrupt", reason: "config.json is not a JSON object" };
+    }
+    const violation = findShapeViolation(parsed);
+    if (violation) {
+      return { state: "corrupt", reason: `config.json is shape-invalid: ${violation}` };
+    }
+    const config = normalizeConfig(parsed);
+    if (!config) {
+      return { state: "corrupt", reason: "config.json could not be normalized" };
+    }
+    return { state: "parsed", config };
+  }
+  loadOrDefault(log = NOOP_LOGGER) {
+    const result = this.load();
+    if (result.state === "parsed")
+      return result.config;
+    if (result.state === "corrupt") {
+      log(`config.json at ${this.configPath} is unusable (${result.reason}); ` + "falling back to defaults \u2014 your custom budget thresholds / idle-shutdown settings are NOT in effect. " + "Fix the file and restart to re-apply them.");
+    }
+    return structuredClone(DEFAULT_CONFIG);
   }
-  loadOrDefault() {
-    return this.load() ?? structuredClone(DEFAULT_CONFIG);
+  describeConfig() {
+    const result = this.load();
+    if (result.state === "absent") {
+      return { state: "absent", path: this.configPath, customValues: false };
+    }
+    if (result.state === "corrupt") {
+      return { state: "corrupt", path: this.configPath, reason: result.reason, customValues: false };
+    }
+    return {
+      state: "parsed",
+      path: this.configPath,
+      customValues: hasCustomDecisionValues(result.config)
+    };
   }
   save(config) {
-    this.ensureConfigDir();
-    writeFileSync2(this.configPath, JSON.stringify(config, null, 2) + `
-`, "utf-8");
+    atomicWriteJson(this.configPath, config);
   }
   initDefaults() {
     this.ensureConfigDir();
@@ -2850,11 +3650,32 @@ class ConfigService {
   }
   ensureConfigDir() {
     if (!existsSync4(this.configDir)) {
-      mkdirSync3(this.configDir, { recursive: true });
+      mkdirSync4(this.configDir, { recursive: true });
     }
   }
 }
 
+// src/budget/budget-gate.ts
+function matchingGateReset(usage) {
+  if (!usage)
+    return 0;
+  const windows = [usage.fiveHour, usage.weekly].filter((window) => !!window && window.resetEpoch > 0);
+  const matching = windows.filter((window) => Math.abs(window.util - usage.gateUtil) < 0.0001);
+  const candidates = matching.length > 0 ? matching : windows;
+  if (candidates.length === 0)
+    return 0;
+  return Math.min(...candidates.map((window) => window.resetEpoch));
+}
+function resumeBlockingEpoch(usage, cfg, now) {
+  if (!usage)
+    return 0;
+  if (usage.rateLimitedUntil > now)
+    return usage.rateLimitedUntil;
+  if (usage.gateUtil >= cfg.resumeBelow)
+    return matchingGateReset(usage);
+  return 0;
+}
+
 // src/budget/types.ts
 var STALE_MAX_AGE_SEC = 600;
 
@@ -2879,25 +3700,6 @@ function usageSummary(name, usage) {
     return `${AGENT_LABEL[name]} \u672A\u77E5`;
   return `${AGENT_LABEL[name]} gate=${pct(usage.gateUtil)} warn=${pct(usage.warnUtil)} 5h\u91CD\u7F6E=${formatEpoch(usage.fiveHour?.resetEpoch ?? 0)}`;
 }
-function matchingGateReset(usage) {
-  if (!usage)
-    return 0;
-  const windows = [usage.fiveHour, usage.weekly].filter((window) => !!window && window.resetEpoch > 0);
-  const matching = windows.filter((window) => Math.abs(window.util - usage.gateUtil) < 0.0001);
-  const candidates = matching.length > 0 ? matching : windows;
-  if (candidates.length === 0)
-    return 0;
-  return Math.min(...candidates.map((window) => window.resetEpoch));
-}
-function resumeBlockingEpoch(usage, cfg, now) {
-  if (!usage)
-    return 0;
-  if (usage.rateLimitedUntil > now)
-    return usage.rateLimitedUntil;
-  if (usage.gateUtil >= cfg.resumeBelow)
-    return matchingGateReset(usage);
-  return 0;
-}
 function resumeAfterEpoch(claude, codex, cfg, now) {
   const epochs = [
     resumeBlockingEpoch(claude, cfg, now),
@@ -3080,7 +3882,7 @@ function computeBudgetState(claude, codex, cfg, now) {
   };
 }
 
-// src/budget/budget-coordinator.ts
+// src/budget/budget-fingerprint.ts
 var RESET_FINGERPRINT_BUCKET_SEC = 600;
 var AGENT_LABEL2 = {
   claude: "Claude",
@@ -3089,20 +3891,231 @@ var AGENT_LABEL2 = {
 function pct2(value) {
   return `${Math.round(value * 10) / 10}%`;
 }
-function usageLine(agent, usage) {
+function formatEpoch2(epoch) {
+  return new Date(epoch * 1000).toISOString().replace("T", " ").replace(/\.\d+Z$/, "Z");
+}
+var INITIAL_FINGERPRINT_STATE = {
+  side: null,
+  fingerprint: null,
+  resumeEpoch: null,
+  reason: null
+};
+function sideToAgents(side) {
+  if (side === "both")
+    return ["claude", "codex"];
+  if (side === "claude")
+    return ["claude"];
+  if (side === "codex")
+    return ["codex"];
+  return [];
+}
+function agentsToSide(agents) {
+  const claude = agents.has("claude");
+  const codex = agents.has("codex");
+  if (claude && codex)
+    return "both";
+  if (claude)
+    return "claude";
+  if (codex)
+    return "codex";
+  return null;
+}
+function shouldEnter(usage, cfg, now) {
+  if (!isDecisionGrade(usage, now))
+    return false;
+  return usage.gateUtil >= cfg.pauseAt;
+}
+function canAgentResume(usage, cfg, now) {
+  if (!isDecisionGrade(usage, now))
+    return false;
+  if (usage.rateLimitedUntil > now)
+    return false;
+  return usage.gateUtil < cfg.resumeBelow;
+}
+function nextActiveSide(prevSide, state, cfg) {
+  const active = new Set(sideToAgents(prevSide));
+  for (const agent of ["claude", "codex"]) {
+    const usage = state.perAgent[agent];
+    if (shouldEnter(usage, cfg, state.now)) {
+      active.add(agent);
+    } else if (active.has(agent) && canAgentResume(usage, cfg, state.now)) {
+      active.delete(agent);
+    }
+  }
+  return agentsToSide(active);
+}
+function activeSideReason(agent, usage, cfg, now) {
   if (!usage)
-    return `${AGENT_LABEL2[agent]} \u672A\u77E5`;
-  return `${AGENT_LABEL2[agent]} gate=${pct2(usage.gateUtil)} warn=${pct2(usage.warnUtil)}`;
+    return `${AGENT_LABEL2[agent]} \u63A2\u6D4B\u6682\u65F6\u4E0D\u53EF\u7528\uFF0C\u4FDD\u6301\u4E0A\u4E00\u8F6E\u9884\u7B97\u5E72\u9884`;
+  if (usage.rateLimitedUntil > now) {
+    return `${AGENT_LABEL2[agent]} \u63A2\u9488\u88AB\u9650\u6D41\u81F3 ${formatEpoch2(usage.rateLimitedUntil)}`;
+  }
+  if (usage.gateUtil >= cfg.pauseAt) {
+    return `${AGENT_LABEL2[agent]} gateUtil ${pct2(usage.gateUtil)} \u2265 pauseAt ${pct2(cfg.pauseAt)}`;
+  }
+  return `${AGENT_LABEL2[agent]} gateUtil ${pct2(usage.gateUtil)} \u5C1A\u672A\u4F4E\u4E8E resumeBelow ${pct2(cfg.resumeBelow)}`;
+}
+function interventionReason(side, state, cfg) {
+  return sideToAgents(side).map((agent) => activeSideReason(agent, state.perAgent[agent], cfg, state.now)).join("\uFF1B");
+}
+function resumeAfterEpoch2(side, state, cfg) {
+  const epochs = sideToAgents(side).map((agent) => resumeBlockingEpoch(state.perAgent[agent], cfg, state.now)).filter((epoch) => epoch > 0);
+  if (epochs.length === 0)
+    return null;
+  return Math.max(...epochs);
+}
+function activeSideProbeUncertain(side, state) {
+  return sideToAgents(side).some((agent) => {
+    const usage = state.perAgent[agent];
+    return usage === null || usage.rateLimitedUntil > state.now || !isDecisionGrade(usage, state.now);
+  });
+}
+function directiveFingerprint(state, activeSide) {
+  const side = activeSide ?? (state.phase === "balance" ? state.drift.lighter ?? "none" : state.pause.side ?? "none");
+  let reset = 0;
+  if (activeSide === "claude") {
+    reset = state.pause.resetEpochs.claude;
+  } else if (activeSide === "codex") {
+    reset = state.pause.resetEpochs.codex;
+  } else if (activeSide === "both") {
+    reset = Math.max(state.pause.resetEpochs.claude, state.pause.resetEpochs.codex);
+  } else if (state.phase === "balance" && state.drift.lighter) {
+    reset = state.perAgent[state.drift.lighter]?.fiveHour?.resetEpoch ?? 0;
+  }
+  const heavier = activeSide ? "" : state.drift.heavier ?? "none";
+  return [
+    activeSide ? "paused" : state.phase,
+    heavier,
+    side,
+    Math.round(reset / RESET_FINGERPRINT_BUCKET_SEC)
+  ].join("|");
+}
+function classifyPoll(prev, state, cfg) {
+  const previousSide = prev.side;
+  const currentSide = nextActiveSide(previousSide, state, cfg);
+  if (currentSide) {
+    const reason = interventionReason(currentSide, state, cfg);
+    const nextResumeRaw = resumeAfterEpoch2(currentSide, state, cfg);
+    const resumeEpoch = previousSide === currentSide ? nextResumeRaw ?? prev.resumeEpoch : nextResumeRaw;
+    const uncertain = previousSide === currentSide && activeSideProbeUncertain(currentSide, state) && prev.fingerprint;
+    const fingerprint2 = uncertain ? prev.fingerprint : directiveFingerprint(state, currentSide);
+    const pauseChanged = !previousSide;
+    const emit = !previousSide || previousSide !== currentSide || fingerprint2 !== prev.fingerprint;
+    return {
+      next: { side: currentSide, fingerprint: fingerprint2, resumeEpoch, reason },
+      effect: {
+        kind: uncertain ? "hold-uncertain" : "enter",
+        side: currentSide,
+        reason,
+        resumeEpoch,
+        emit,
+        pauseChanged
+      }
+    };
+  }
+  if (previousSide) {
+    return {
+      next: { side: null, fingerprint: null, resumeEpoch: null, reason: null },
+      effect: { kind: "exit", previousSide }
+    };
+  }
+  if (!isDecisionGrade(state.perAgent.claude, state.now) || !isDecisionGrade(state.perAgent.codex, state.now)) {
+    return { next: prev, effect: { kind: "none" } };
+  }
+  if (!state.directiveToClaude) {
+    return {
+      next: { side: null, fingerprint: null, resumeEpoch: null, reason: null },
+      effect: { kind: "none" }
+    };
+  }
+  const fingerprint = directiveFingerprint(state);
+  if (fingerprint !== prev.fingerprint) {
+    return {
+      next: { side: null, fingerprint, resumeEpoch: null, reason: null },
+      effect: { kind: "advise", phase: state.phase }
+    };
+  }
+  return { next: prev, effect: { kind: "none" } };
+}
+
+// src/budget/budget-coordinator.ts
+var LOW_UTIL_PCT = 50;
+var NEAR_PAUSE_MARGIN_PCT = 10;
+var NEAR_WARN_UTIL_PCT = 75;
+var NEAR_THRESHOLD_POLL_MS = 60000;
+var PAUSED_POLL_MS = 15000;
+var RESET_WAKE_AFTER_SEC = 5;
+var RESET_RECENTLY_PASSED_WINDOW_SEC = 120;
+var REAL_BUDGET_POLL_SCHEDULER = {
+  setTimeout(callback, delayMs) {
+    return setTimeout(() => {
+      callback();
+    }, delayMs);
+  },
+  clearTimeout(timer) {
+    clearTimeout(timer);
+  }
+};
+var AGENT_LABEL3 = {
+  claude: "Claude",
+  codex: "Codex"
+};
+function pct3(value) {
+  return `${Math.round(value * 10) / 10}%`;
 }
-function matchingGateReset2(usage) {
+function usageLine(agent, usage) {
   if (!usage)
+    return `${AGENT_LABEL3[agent]} \u672A\u77E5`;
+  return `${AGENT_LABEL3[agent]} gate=${pct3(usage.gateUtil)} warn=${pct3(usage.warnUtil)}`;
+}
+function maxPollDelayMs(config) {
+  return Math.max(0, config.pollSeconds * 1000);
+}
+function capDelay(delayMs, maxDelayMs) {
+  if (maxDelayMs <= 0)
     return 0;
-  const windows = [usage.fiveHour, usage.weekly].filter((window) => !!window && window.resetEpoch > 0);
-  const matching = windows.filter((window) => Math.abs(window.util - usage.gateUtil) < 0.0001);
-  const candidates = matching.length > 0 ? matching : windows;
+  return Math.min(delayMs, maxDelayMs);
+}
+function usagePressure(usage) {
+  const readings = [usage?.claude, usage?.codex].filter((agentUsage) => agentUsage !== null && agentUsage !== undefined).flatMap((agentUsage) => [agentUsage.gateUtil, agentUsage.warnUtil]);
+  if (readings.length === 0)
+    return null;
+  return Math.max(...readings);
+}
+function usageResetEpochs(usage) {
+  return [usage?.claude, usage?.codex].filter((agentUsage) => agentUsage !== null && agentUsage !== undefined).flatMap((agentUsage) => [agentUsage.fiveHour?.resetEpoch ?? 0, agentUsage.weekly?.resetEpoch ?? 0]).filter((epoch) => epoch > 0);
+}
+function adaptiveBudgetPollDelayMs(input) {
+  const maxDelayMs = maxPollDelayMs(input.config);
+  if (input.paused)
+    return capDelay(PAUSED_POLL_MS, maxDelayMs);
+  const pressure = usagePressure(input.usage);
+  if (pressure === null || pressure < LOW_UTIL_PCT)
+    return maxDelayMs;
+  const nearPauseAt = Math.max(0, input.config.pauseAt - NEAR_PAUSE_MARGIN_PCT);
+  if (pressure >= nearPauseAt || pressure >= NEAR_WARN_UTIL_PCT) {
+    return capDelay(NEAR_THRESHOLD_POLL_MS, maxDelayMs);
+  }
+  return capDelay(maxDelayMs / 2, maxDelayMs);
+}
+function resetAlignedDelayMs(input, adaptiveDelayMs) {
+  const epochs = usageResetEpochs(input.usage);
+  if (epochs.length === 0)
+    return null;
+  const candidates = epochs.map((epoch) => {
+    if (epoch >= input.now)
+      return (epoch - input.now + RESET_WAKE_AFTER_SEC) * 1000;
+    if (input.now - epoch <= RESET_RECENTLY_PASSED_WINDOW_SEC)
+      return RESET_WAKE_AFTER_SEC * 1000;
+    return null;
+  }).filter((delayMs) => delayMs !== null && delayMs >= 0 && delayMs <= adaptiveDelayMs);
   if (candidates.length === 0)
-    return 0;
-  return Math.min(...candidates.map((window) => window.resetEpoch));
+    return null;
+  return Math.min(...candidates);
+}
+function nextBudgetPollDelayMs(input) {
+  const adaptiveDelayMs = adaptiveBudgetPollDelayMs(input);
+  return resetAlignedDelayMs(input, adaptiveDelayMs) ?? adaptiveDelayMs;
 }
 
 class BudgetCoordinator {
@@ -3110,15 +4123,14 @@ class BudgetCoordinator {
   config;
   emit;
   onPauseChange;
+  onSnapshot;
   now;
+  scheduler;
   log;
   timer = null;
   running = false;
-  activeSides = new Set;
-  lastDirectiveFingerprint = null;
+  fpState = INITIAL_FINGERPRINT_STATE;
   latestSnapshot = null;
-  pauseReason = null;
-  pauseResumeAfterEpoch = null;
   pendingOverrideTier = null;
   pendingOverrides = null;
   lastAppliedTier = "full";
@@ -3129,7 +4141,9 @@ class BudgetCoordinator {
     this.config = options.config;
     this.emit = options.emit;
     this.onPauseChange = options.onPauseChange;
+    this.onSnapshot = options.onSnapshot ?? (() => {});
     this.now = options.now ?? (() => Math.floor(Date.now() / 1000));
+    this.scheduler = options.scheduler ?? REAL_BUDGET_POLL_SCHEDULER;
     this.log = options.log ?? (() => {});
   }
   async start() {
@@ -3143,15 +4157,15 @@ class BudgetCoordinator {
   stop() {
     this.running = false;
     if (this.timer) {
-      clearTimeout(this.timer);
+      this.scheduler.clearTimeout(this.timer);
       this.timer = null;
     }
   }
   isPaused() {
-    return this.activeSides.size > 0;
+    return this.fpState.side !== null;
   }
   isGateClosed() {
-    return this.activeSides.has("codex");
+    return this.fpState.side === "codex" || this.fpState.side === "both";
   }
   getSnapshot() {
     return this.latestSnapshot;
@@ -3177,11 +4191,17 @@ class BudgetCoordinator {
     if (!this.running)
       return;
     if (this.timer)
-      clearTimeout(this.timer);
-    const delayMs = Math.max(0, this.config.pollSeconds * 1000);
-    this.timer = setTimeout(() => {
+      this.scheduler.clearTimeout(this.timer);
+    const snapshotUsage = this.latestSnapshot ? { claude: this.latestSnapshot.claude, codex: this.latestSnapshot.codex } : null;
+    const delayMs = nextBudgetPollDelayMs({
+      config: this.config,
+      usage: snapshotUsage,
+      now: this.now(),
+      paused: this.isPaused()
+    });
+    this.timer = this.scheduler.setTimeout(() => {
       this.timer = null;
-      this.pollAndReschedule();
+      return this.pollAndReschedule();
     }, delayMs);
   }
   async pollAndReschedule() {
@@ -3199,7 +4219,7 @@ class BudgetCoordinator {
     }
     if (!usage) {
       if (!this.isPaused())
-        this.latestSnapshot = null;
+        this.setSnapshot(null);
       return;
     }
     if (!this.running) {
@@ -3208,85 +4228,39 @@ class BudgetCoordinator {
     const state = computeBudgetState(usage.claude, usage.codex, this.config, this.now());
     this.updatePendingOverrides(state.effort.codexTier);
     this.applyState(state);
-    this.latestSnapshot = this.toSnapshot(state);
+    this.setSnapshot(this.toSnapshot(state));
+  }
+  setSnapshot(snapshot) {
+    this.latestSnapshot = snapshot;
+    this.onSnapshot(snapshot);
   }
   applyState(state) {
-    const previousSide = this.pauseSide();
-    this.updateActiveSides(state);
-    const currentSide = this.pauseSide();
-    if (currentSide) {
-      this.pauseReason = this.interventionReason(state);
-      const nextResumeAfterEpoch = this.resumeAfterEpoch(state);
-      this.pauseResumeAfterEpoch = previousSide === currentSide ? nextResumeAfterEpoch ?? this.pauseResumeAfterEpoch : nextResumeAfterEpoch;
-      const fingerprint2 = previousSide === currentSide && this.activeSideProbeUncertain(state) && this.lastDirectiveFingerprint ? this.lastDirectiveFingerprint : this.directiveFingerprint(state, currentSide);
-      if (!previousSide) {
-        this.onPauseChange(true);
+    const { next, effect } = classifyPoll(this.fpState, state, this.config);
+    this.fpState = next;
+    switch (effect.kind) {
+      case "enter":
+      case "hold-uncertain": {
+        if (effect.pauseChanged)
+          this.onPauseChange(true);
+        if (effect.emit) {
+          this.emitDirective(this.interventionPrefix(effect.side), this.interventionDirective(state, effect.side, effect.reason, effect.resumeEpoch));
+        }
+        return;
       }
-      if (!previousSide || previousSide !== currentSide || fingerprint2 !== this.lastDirectiveFingerprint) {
-        this.emitDirective(this.interventionPrefix(currentSide), this.interventionDirective(state, currentSide));
+      case "exit": {
+        this.onPauseChange(false);
+        this.emitDirective(this.recoveryPrefix(effect.previousSide), this.recoveryDirective(state, effect.previousSide));
+        return;
       }
-      this.lastDirectiveFingerprint = fingerprint2;
-      return;
-    }
-    if (previousSide) {
-      this.pauseReason = null;
-      this.pauseResumeAfterEpoch = null;
-      this.lastDirectiveFingerprint = null;
-      this.onPauseChange(false);
-      this.emitDirective(this.recoveryPrefix(previousSide), this.recoveryDirective(state, previousSide));
-      return;
-    }
-    if (!isDecisionGrade(state.perAgent.claude, state.now) || !isDecisionGrade(state.perAgent.codex, state.now)) {
-      return;
-    }
-    if (!state.directiveToClaude) {
-      this.lastDirectiveFingerprint = null;
-      return;
-    }
-    const fingerprint = this.directiveFingerprint(state);
-    if (fingerprint !== this.lastDirectiveFingerprint) {
-      const prefix = state.phase === "balance" ? "system_budget_balance" : "system_budget_parallel";
-      this.emitDirective(prefix, state.directiveToClaude);
-      this.lastDirectiveFingerprint = fingerprint;
-    }
-  }
-  updateActiveSides(state) {
-    for (const agent of ["claude", "codex"]) {
-      const usage = state.perAgent[agent];
-      if (this.shouldEnter(usage, state.now)) {
-        this.activeSides.add(agent);
-      } else if (this.activeSides.has(agent) && this.canAgentResume(usage, state.now)) {
-        this.activeSides.delete(agent);
+      case "advise": {
+        const prefix = effect.phase === "balance" ? "system_budget_balance" : "system_budget_parallel";
+        this.emitDirective(prefix, state.directiveToClaude);
+        return;
       }
+      case "none":
+        return;
     }
   }
-  shouldEnter(usage, now) {
-    if (!isDecisionGrade(usage, now))
-      return false;
-    return usage.gateUtil >= this.config.pauseAt;
-  }
-  canAgentResume(usage, now) {
-    if (!isDecisionGrade(usage, now))
-      return false;
-    if (usage.rateLimitedUntil > now)
-      return false;
-    return usage.gateUtil < this.config.resumeBelow;
-  }
-  resumeAfterEpoch(state) {
-    const epochs = ["claude", "codex"].filter((agent) => this.activeSides.has(agent)).map((agent) => this.resumeBlockingEpoch(state.perAgent[agent], state.now)).filter((epoch) => epoch > 0);
-    if (epochs.length === 0)
-      return null;
-    return Math.max(...epochs);
-  }
-  resumeBlockingEpoch(usage, now) {
-    if (!usage)
-      return 0;
-    if (usage.rateLimitedUntil > now)
-      return usage.rateLimitedUntil;
-    if (usage.gateUtil >= this.config.resumeBelow)
-      return matchingGateReset2(usage);
-    return 0;
-  }
   tierControlEnabled() {
     if (!this.config.codexTierControl)
       return false;
@@ -3320,82 +4294,24 @@ class BudgetCoordinator {
     this.pendingOverrideTier = tier;
     this.pendingOverrides = { ...overrides };
   }
-  directiveFingerprint(state, activeSide) {
-    const side = activeSide ?? (state.phase === "balance" ? state.drift.lighter ?? "none" : state.pause.side ?? "none");
-    let reset = 0;
-    if (activeSide === "claude") {
-      reset = state.pause.resetEpochs.claude;
-    } else if (activeSide === "codex") {
-      reset = state.pause.resetEpochs.codex;
-    } else if (activeSide === "both") {
-      reset = Math.max(state.pause.resetEpochs.claude, state.pause.resetEpochs.codex);
-    } else if (state.phase === "balance" && state.drift.lighter) {
-      reset = state.perAgent[state.drift.lighter]?.fiveHour?.resetEpoch ?? 0;
-    } else if (side === "claude") {
-      reset = state.pause.resetEpochs.claude;
-    } else if (side === "codex") {
-      reset = state.pause.resetEpochs.codex;
-    } else if (side === "both") {
-      reset = Math.max(state.pause.resetEpochs.claude, state.pause.resetEpochs.codex);
-    }
-    return [
-      activeSide ? "paused" : state.phase,
-      state.drift.heavier ?? "none",
-      side,
-      Math.round(reset / RESET_FINGERPRINT_BUCKET_SEC)
-    ].join("|");
-  }
   emitDirective(prefix, content) {
     this.emit(`${prefix}_${this.sequence++}`, content);
   }
-  pauseSide() {
-    const claude = this.activeSides.has("claude");
-    const codex = this.activeSides.has("codex");
-    if (claude && codex)
-      return "both";
-    if (claude)
-      return "claude";
-    if (codex)
-      return "codex";
-    return null;
-  }
   interventionPrefix(side) {
     return side === "claude" ? "system_budget_handoff" : "system_budget_pause";
   }
   recoveryPrefix(previousSide) {
     return previousSide === "claude" ? "system_budget_claude_recovered" : "system_budget_resume";
   }
-  interventionDirective(state, side) {
-    return renderBudgetInterventionDirective(state.perAgent.claude, state.perAgent.codex, side, this.pauseReason ?? "\u9884\u7B97\u63A5\u8FD1\u8017\u5C3D", this.pauseResumeAfterEpoch, this.config);
-  }
-  interventionReason(state) {
-    return ["claude", "codex"].filter((agent) => this.activeSides.has(agent)).map((agent) => this.activeSideReason(agent, state.perAgent[agent], state.now)).join("\uFF1B");
-  }
-  activeSideProbeUncertain(state) {
-    return ["claude", "codex"].some((agent) => {
-      if (!this.activeSides.has(agent))
-        return false;
-      const usage = state.perAgent[agent];
-      return usage === null || usage.rateLimitedUntil > state.now || !isDecisionGrade(usage, state.now);
-    });
-  }
-  activeSideReason(agent, usage, now) {
-    if (!usage)
-      return `${AGENT_LABEL2[agent]} \u63A2\u6D4B\u6682\u65F6\u4E0D\u53EF\u7528\uFF0C\u4FDD\u6301\u4E0A\u4E00\u8F6E\u9884\u7B97\u5E72\u9884`;
-    if (usage.rateLimitedUntil > now) {
-      return `${AGENT_LABEL2[agent]} \u63A2\u9488\u88AB\u9650\u6D41\u81F3 ${this.formatEpoch(usage.rateLimitedUntil)}`;
-    }
-    if (usage.gateUtil >= this.config.pauseAt) {
-      return `${AGENT_LABEL2[agent]} gateUtil ${pct2(usage.gateUtil)} \u2265 pauseAt ${pct2(this.config.pauseAt)}`;
-    }
-    return `${AGENT_LABEL2[agent]} gateUtil ${pct2(usage.gateUtil)} \u5C1A\u672A\u4F4E\u4E8E resumeBelow ${pct2(this.config.resumeBelow)}`;
+  interventionDirective(state, side, reason, resumeEpoch) {
+    return renderBudgetInterventionDirective(state.perAgent.claude, state.perAgent.codex, side, reason || "\u9884\u7B97\u63A5\u8FD1\u8017\u5C3D", resumeEpoch, this.config);
   }
   recoveryDirective(state, previousSide) {
     if (previousSide === "claude") {
       return [
         "\u3010\u9884\u7B97\u534F\u8C03 \xB7 \u8D26\u53F7\u7EA7\u3011Claude \u4FA7\u9884\u7B97\u5DF2\u6062\u590D\u3002",
         `${usageLine("claude", state.perAgent.claude)}\uFF1B${usageLine("codex", state.perAgent.codex)}\u3002`,
-        `Claude gateUtil \u5DF2\u4F4E\u4E8E ${pct2(this.config.resumeBelow)}\uFF0C\u4E14\u6CA1\u6709\u6709\u6548 rate_limit\u3002`,
+        `Claude gateUtil \u5DF2\u4F4E\u4E8E ${pct3(this.config.resumeBelow)}\uFF0C\u4E14\u6CA1\u6709\u6709\u6548 rate_limit\u3002`,
         "Claude \u53EF\u6062\u590D orchestrator \u89D2\u8272\uFF1B\u540E\u7EED\u5206\u914D\u524D\u8BF7\u91CD\u65B0\u67E5\u8BE2\u5B9E\u65F6\u989D\u5EA6\uFF0C\u4E0D\u8981\u4F9D\u8D56\u65E7\u6570\u5B57\u3002"
       ].join(`
 `);
@@ -3404,7 +4320,7 @@ class BudgetCoordinator {
       return [
         "\u3010\u9884\u7B97\u534F\u8C03 \xB7 \u8D26\u53F7\u7EA7\u3011Codex \u4FA7\u9884\u7B97\u95F8\u95E8\u89E3\u9664\u3002",
         `${usageLine("claude", state.perAgent.claude)}\uFF1B${usageLine("codex", state.perAgent.codex)}\u3002`,
-        `\u95F8\u95E8\u5DF2\u653E\u5F00\uFF1ACodex gateUtil \u4F4E\u4E8E ${pct2(this.config.resumeBelow)}\uFF0C\u4E14\u6CA1\u6709\u6709\u6548 rate_limit\u3002`,
+        `\u95F8\u95E8\u5DF2\u653E\u5F00\uFF1ACodex gateUtil \u4F4E\u4E8E ${pct3(this.config.resumeBelow)}\uFF0C\u4E14\u6CA1\u6709\u6709\u6548 rate_limit\u3002`,
         "\u5EFA\u8BAE Claude \u7528 reply \u5E26\u4E0A\u5F53\u524D\u76EE\u6807\u3001checkpoint \u548C\u4E0B\u4E00\u6B65\uFF0C\u5524\u9192 Codex \u63A5\u7EED\u6267\u884C\u3002"
       ].join(`
 `);
@@ -3412,14 +4328,11 @@ class BudgetCoordinator {
     return [
       "\u3010\u9884\u7B97\u534F\u8C03 \xB7 \u8D26\u53F7\u7EA7\u3011\u8054\u5408\u6682\u505C\u89E3\u9664\u3002",
       `${usageLine("claude", state.perAgent.claude)}\uFF1B${usageLine("codex", state.perAgent.codex)}\u3002`,
-      `\u95F8\u95E8\u5DF2\u653E\u5F00\uFF1A\u53CC\u65B9 gateUtil \u5747\u4F4E\u4E8E ${pct2(this.config.resumeBelow)}\uFF0C\u4E14\u6CA1\u6709\u6709\u6548 rate_limit\u3002`,
+      `\u95F8\u95E8\u5DF2\u653E\u5F00\uFF1A\u53CC\u65B9 gateUtil \u5747\u4F4E\u4E8E ${pct3(this.config.resumeBelow)}\uFF0C\u4E14\u6CA1\u6709\u6709\u6548 rate_limit\u3002`,
       "\u5EFA\u8BAE Claude \u7528 reply \u5E26\u4E0A\u5F53\u524D\u76EE\u6807\u3001checkpoint \u548C\u4E0B\u4E00\u6B65\uFF0C\u5524\u9192 Codex \u63A5\u7EED\u6267\u884C\u3002"
     ].join(`
 `);
   }
-  formatEpoch(epoch) {
-    return new Date(epoch * 1000).toISOString().replace("T", " ").replace(/\.\d+Z$/, "Z");
-  }
   toSnapshot(state) {
     const paused = this.isPaused();
     return {
@@ -3430,9 +4343,9 @@ class BudgetCoordinator {
       driftPct: state.drift.pct,
       paused,
       gateClosed: this.isGateClosed(),
-      pauseSide: this.pauseSide(),
-      pauseReason: paused ? this.pauseReason ?? state.pause.reason : null,
-      resumeAfterEpoch: paused ? this.pauseResumeAfterEpoch ?? state.pause.resumeAfterEpoch : null,
+      pauseSide: this.fpState.side,
+      pauseReason: paused ? this.fpState.reason ?? state.pause.reason : null,
+      resumeAfterEpoch: paused ? this.fpState.resumeEpoch ?? state.pause.resumeAfterEpoch : null,
       parallelRecommended: paused ? false : state.parallel.recommended,
       codexTier: state.effort.codexTier,
       claudeAdvice: state.effort.claudeAdvice
@@ -3444,7 +4357,7 @@ class BudgetCoordinator {
 import { execFile } from "child_process";
 import { existsSync as existsSync5 } from "fs";
 import { homedir as homedir2 } from "os";
-import { basename, join as join4 } from "path";
+import { basename, join as join5 } from "path";
 var DEFAULT_TIMEOUT_MS = 1e4;
 var MAX_BUFFER = 1024 * 1024;
 function defaultRunner(command, args, options) {
@@ -3553,38 +4466,44 @@ function identifyWindows(buckets) {
   const weeklyMatches = buckets.filter((bucket) => bucket.id.includes("seven_day") || bucket.id.includes("secondary_window"));
   let fiveHour = toWindow(pickHighestUtil(fiveHourMatches));
   let weekly = toWindow(pickHighestUtil(weeklyMatches));
+  let parsedVia = "id-match";
   const sorted = [...buckets].sort((a, b) => bucketSortKey(a) - bucketSortKey(b));
   if (!fiveHour && sorted.length > 0) {
     fiveHour = toWindow(sorted[0]);
+    parsedVia = "positional";
   }
   if (!weekly && sorted.length > 1) {
     const latestDistinct = [...sorted].reverse().find((bucket) => !sameBucketWindow(bucket, fiveHour));
     weekly = toWindow(latestDistinct);
+    if (latestDistinct)
+      parsedVia = "positional";
   }
-  return { fiveHour, weekly };
+  return { fiveHour, weekly, parsedVia };
 }
-function normalizeProbeResult(raw) {
-  const record = asRecord(raw);
-  if (!record)
-    return null;
+function normalizeTolerantProbeRecord(record) {
   const fetchedAt = numberOr(record.fetched_at ?? record.fetchedAt ?? record.now_epoch ?? record.nowEpoch, 0);
   const hasFiniteUtil = asFiniteNumber(record.util ?? record.hard_util ?? record.hardUtil) !== null || asFiniteNumber(record.warn_util ?? record.warnUtil) !== null;
   const gateUtil = clamp(numberOr(record.util ?? record.hard_util ?? record.hardUtil, 0), 0, 100);
   const warnUtil = clamp(numberOr(record.warn_util ?? record.warnUtil, gateUtil), 0, 100);
   const rawBuckets = Array.isArray(record.buckets) ? record.buckets : [];
   const buckets = rawBuckets.map((bucket) => normalizeBucket(bucket, fetchedAt)).filter((bucket) => bucket !== null);
+  let parsedVia = "id-match";
   if (buckets.length === 0 && hasFiniteUtil) {
     const topLevelBucket = normalizeTopLevelBucket(record, gateUtil, fetchedAt);
-    if (topLevelBucket)
+    if (topLevelBucket) {
       buckets.push(topLevelBucket);
+      parsedVia = "top-level";
+    }
   }
   const rateLimitedUntil = Math.max(0, numberOr(record.rate_limited_until ?? record.rateLimitedUntil, 0));
   const ok = record.ok === true;
   if (!ok && rateLimitedUntil <= 0 && buckets.length === 0)
     return null;
-  const { fiveHour, weekly } = identifyWindows(buckets);
+  const { fiveHour, weekly, parsedVia: bucketParsedVia } = identifyWindows(buckets);
   if (!fiveHour && !weekly && rateLimitedUntil === 0 && !hasFiniteUtil)
     return null;
+  if (parsedVia !== "top-level")
+    parsedVia = bucketParsedVia;
   return {
     ok,
     stale: record.stale === true,
@@ -3594,9 +4513,37 @@ function normalizeProbeResult(raw) {
     weekly,
     remaining: clamp(100 - gateUtil, 0, 100),
     rateLimitedUntil,
-    fetchedAt
+    fetchedAt,
+    parsedVia
   };
 }
+var PROBE_SCHEMA_PARSERS = {
+  "1": normalizeTolerantProbeRecord
+};
+function schemaVersionKey(record) {
+  const value = record.schema_version ?? record.schemaVersion;
+  if (typeof value === "number" && Number.isFinite(value))
+    return String(value);
+  if (typeof value === "string" && value.trim() !== "")
+    return value.trim();
+  return null;
+}
+function normalizeProbeResultWithDiagnostics(raw) {
+  const record = asRecord(raw);
+  if (!record)
+    return { usage: null, unknownSchemaVersion: null };
+  const schemaVersion = schemaVersionKey(record);
+  if (schemaVersion) {
+    const parser = PROBE_SCHEMA_PARSERS[schemaVersion];
+    if (parser)
+      return { usage: parser(record), unknownSchemaVersion: null };
+    return {
+      usage: normalizeTolerantProbeRecord(record),
+      unknownSchemaVersion: schemaVersion
+    };
+  }
+  return { usage: normalizeTolerantProbeRecord(record), unknownSchemaVersion: null };
+}
 function withTimeout(promise, timeoutMs) {
   let timer = null;
   const timeout = new Promise((_, reject) => {
@@ -3622,6 +4569,8 @@ class QuotaSource {
   log;
   now;
   degradedLogged = new Map;
+  positionalFallbackLogged = false;
+  unknownSchemaVersionsLogged = new Set;
   constructor(options = {}) {
     this.env = options.env ?? process.env;
     this.homeDir = options.homeDir ?? homedir2();
@@ -3656,11 +4605,11 @@ class QuotaSource {
       add(command, commandKind(command));
       return candidates;
     }
-    const binDir = join4(this.homeDir, ".budget-guard/bin");
-    const installedBudgetProbe = join4(binDir, "budget-probe");
+    const binDir = join5(this.homeDir, ".budget-guard/bin");
+    const installedBudgetProbe = join5(binDir, "budget-probe");
     if (existsSync5(installedBudgetProbe))
       add(installedBudgetProbe, "budget-probe");
-    const installedProbeMjs = join4(binDir, "probe.mjs");
+    const installedProbeMjs = join5(binDir, "probe.mjs");
     if (existsSync5(installedProbeMjs))
       add(installedProbeMjs, "probe-mjs");
     return candidates;
@@ -3683,7 +4632,9 @@ class QuotaSource {
           this.log(`budget probe output unparseable for ${agent}: ${candidate.command} \u2014 raw: ${text.slice(0, 200)}`);
           continue;
         }
-        const usage = normalizeProbeResult(parsed);
+        const normalized = normalizeProbeResultWithDiagnostics(parsed);
+        this.noteParserDiagnostics(agent, normalized);
+        const usage = normalized.usage;
         if (usage) {
           this.noteDegradation(agent, usage);
           return usage;
@@ -3695,6 +4646,16 @@ class QuotaSource {
     }
     return null;
   }
+  noteParserDiagnostics(agent, normalized) {
+    if (normalized.unknownSchemaVersion && !this.unknownSchemaVersionsLogged.has(normalized.unknownSchemaVersion)) {
+      this.unknownSchemaVersionsLogged.add(normalized.unknownSchemaVersion);
+      this.log(`unknown budget probe schema_version ${normalized.unknownSchemaVersion} for ${agent}; using tolerant legacy parser`);
+    }
+    if (normalized.usage?.parsedVia === "positional" && !this.positionalFallbackLogged) {
+      this.positionalFallbackLogged = true;
+      this.log(`budget probe positional bucket fallback for ${agent}: bucket ids did not identify quota windows; check probe schema_version/bucket ids`);
+    }
+  }
   noteDegradation(agent, usage) {
     const degraded = isDegradedUsage(usage, this.now());
     const wasDegraded = this.degradedLogged.get(agent) === true;
@@ -3711,6 +4672,148 @@ function createQuotaSource(options) {
   return new QuotaSource(options);
 }
 
+// src/daemon-identity-ownership.ts
+import { readFileSync as readFileSync5 } from "fs";
+var defaultRead2 = (path) => readFileSync5(path, "utf-8");
+function pidFileOwnedByUs(pidFilePath, ourPid, read = defaultRead2) {
+  let raw;
+  try {
+    raw = read(pidFilePath);
+  } catch {
+    return false;
+  }
+  const trimmed = raw.trim();
+  if (trimmed.length === 0)
+    return false;
+  if (!/^[+-]?\d+$/.test(trimmed))
+    return false;
+  const pid = Number.parseInt(trimmed, 10);
+  if (!Number.isFinite(pid))
+    return false;
+  return pid === ourPid;
+}
+
+// src/idempotency-tracker.ts
+var DEFAULT_TOMBSTONE_TTL_MS = 20 * 60 * 1000;
+
+class IdempotencyTracker {
+  entries = new Map;
+  ttlMs;
+  now;
+  constructor(options = {}) {
+    this.ttlMs = options.ttlMs ?? DEFAULT_TOMBSTONE_TTL_MS;
+    this.now = options.now ?? Date.now;
+  }
+  get size() {
+    return this.entries.size;
+  }
+  check(threadId, key) {
+    const entry = this.getLive(threadId, key);
+    if (!entry)
+      return { duplicate: false };
+    if (entry.state.phase === "terminal") {
+      return { duplicate: true, code: "duplicate_terminal", state: entry.state };
+    }
+    return { duplicate: true, code: "duplicate_in_flight", state: entry.state };
+  }
+  peek(threadId, key) {
+    return this.getLive(threadId, key)?.state ?? null;
+  }
+  accept(threadId, key) {
+    if (this.getLive(threadId, key))
+      return;
+    this.entries.set(this.compositeKey(threadId, key), {
+      threadId,
+      state: { phase: "accepted" },
+      expiresAtMs: null,
+      timer: null
+    });
+  }
+  release(threadId, key) {
+    const composite = this.compositeKey(threadId, key);
+    const entry = this.entries.get(composite);
+    if (!entry || entry.state.phase === "terminal")
+      return;
+    this.entries.delete(composite);
+  }
+  markStarted(threadId, key, turnId) {
+    const entry = this.getLive(threadId, key);
+    if (!entry || entry.state.phase === "terminal")
+      return;
+    entry.state = { phase: "started", turnId };
+  }
+  markRejected(threadId, key) {
+    const entry = this.getLive(threadId, key);
+    if (!entry || entry.state.phase === "terminal")
+      return;
+    this.terminate(entry, "rejected");
+  }
+  completeTurn(turnId, threadId) {
+    for (const entry of this.entries.values()) {
+      if (entry.state.phase !== "started")
+        continue;
+      if (turnId !== null) {
+        if (entry.state.turnId !== turnId)
+          continue;
+      } else if (threadId !== undefined && entry.threadId !== threadId) {
+        continue;
+      }
+      this.terminate(entry, "completed");
+    }
+  }
+  terminateThread(threadId, outcome) {
+    for (const entry of this.entries.values()) {
+      if (entry.threadId !== threadId || entry.state.phase === "terminal")
+        continue;
+      this.terminate(entry, outcome);
+    }
+  }
+  terminateAll(outcome) {
+    for (const entry of this.entries.values()) {
+      if (entry.state.phase === "terminal")
+        continue;
+      this.terminate(entry, outcome);
+    }
+  }
+  dispose() {
+    for (const entry of this.entries.values()) {
+      if (entry.timer)
+        clearTimeout(entry.timer);
+    }
+    this.entries.clear();
+  }
+  compositeKey(threadId, key) {
+    return `${threadId}\x00${key}`;
+  }
+  getLive(threadId, key) {
+    const composite = this.compositeKey(threadId, key);
+    const entry = this.entries.get(composite);
+    if (!entry)
+      return null;
+    if (entry.expiresAtMs !== null && this.now() >= entry.expiresAtMs) {
+      if (entry.timer)
+        clearTimeout(entry.timer);
+      this.entries.delete(composite);
+      return null;
+    }
+    return entry;
+  }
+  terminate(entry, outcome) {
+    entry.state = { phase: "terminal", outcome };
+    entry.expiresAtMs = this.now() + this.ttlMs;
+    const timer = setTimeout(() => {
+      for (const [composite, candidate] of this.entries.entries()) {
+        if (candidate === entry) {
+          this.entries.delete(composite);
+          break;
+        }
+      }
+    }, this.ttlMs);
+    timer.unref?.();
+    entry.timer = timer;
+  }
+}
+
 // src/reply-required-tracker.ts
 class ReplyRequiredTracker {
   armed = false;
@@ -3740,14 +4843,11 @@ class ReplyRequiredTracker {
 // src/thread-state.ts
 import {
   existsSync as existsSync6,
-  mkdirSync as mkdirSync4,
   readdirSync,
-  readFileSync as readFileSync3,
-  renameSync as renameSync2,
-  writeFileSync as writeFileSync3
+  readFileSync as readFileSync6
 } from "fs";
 import { homedir as homedir3 } from "os";
-import { basename as basename2, dirname as dirname2, join as join5 } from "path";
+import { basename as basename2, join as join6 } from "path";
 function nowIso() {
   return new Date().toISOString();
 }
@@ -3756,18 +4856,11 @@ function threadTag(identity) {
   return `abg:${name}:${identity.cwd}`;
 }
 function codexHome(env = process.env) {
-  return env.CODEX_HOME && env.CODEX_HOME.length > 0 ? env.CODEX_HOME : join5(homedir3(), ".codex");
-}
-function atomicWriteJson(path, value) {
-  mkdirSync4(dirname2(path), { recursive: true });
-  const tmp = `${path}.tmp.${process.pid}.${Date.now()}`;
-  writeFileSync3(tmp, JSON.stringify(value, null, 2) + `
-`, "utf-8");
-  renameSync2(tmp, path);
+  return env.CODEX_HOME && env.CODEX_HOME.length > 0 ? env.CODEX_HOME : join6(homedir3(), ".codex");
 }
 function readRawCurrentThread(stateDir) {
   try {
-    const parsed = JSON.parse(readFileSync3(stateDir.currentThreadFile, "utf-8"));
+    const parsed = JSON.parse(readFileSync6(stateDir.currentThreadFile, "utf-8"));
     if (parsed?.version === 1 && typeof parsed.threadId === "string" && parsed.threadId.length > 0 && (parsed.status === "pending" || parsed.status === "current") && typeof parsed.cwd === "string") {
       return parsed;
     }
@@ -3775,7 +4868,7 @@ function readRawCurrentThread(stateDir) {
   return null;
 }
 function findCodexRolloutFile(threadId, env = process.env, maxEntries = 20000) {
-  const sessionsDir = join5(codexHome(env), "sessions");
+  const sessionsDir = join6(codexHome(env), "sessions");
   if (!threadId || !existsSync6(sessionsDir))
     return null;
   const exactName = `rollout-${threadId}.jsonl`;
@@ -3791,7 +4884,7 @@ function findCodexRolloutFile(threadId, env = process.env, maxEntries = 20000) {
     }
     for (const entry of entries) {
       visited++;
-      const path = join5(dir, entry.name);
+      const path = join6(dir, entry.name);
       if (entry.isDirectory()) {
         stack.push(path);
         continue;
@@ -3885,6 +4978,7 @@ function formatWaitingForCodexTuiMessage(options) {
 // src/pair-registry.ts
 var PAIR_BASE_PORT = 4500;
 var PAIR_SLOT_STRIDE = 10;
+var RECLAIMABLE_MIN_AGE_MS = 24 * 60 * 60 * 1000;
 var MAX_PAIR_SLOT = Math.floor((65535 - 2 - PAIR_BASE_PORT) / PAIR_SLOT_STRIDE);
 
 // src/liveness-probe.ts
@@ -3915,12 +5009,57 @@ async function probeLiveness(target, options) {
   return target.pongCount > baseline;
 }
 
+// src/delivery-buffer.ts
+class BoundedMessageBuffer {
+  messages = [];
+  cap;
+  overflowLabel;
+  overflowNoun;
+  log;
+  constructor(options) {
+    this.cap = options.cap;
+    this.overflowLabel = options.overflowLabel;
+    this.overflowNoun = options.overflowNoun ?? "message(s)";
+    this.log = options.log;
+  }
+  get length() {
+    return this.messages.length;
+  }
+  push(message) {
+    this.messages.push(message);
+    this.enforceCap();
+  }
+  unshiftMany(messages) {
+    if (messages.length === 0)
+      return;
+    this.messages.unshift(...messages);
+    this.enforceCap();
+  }
+  drainAll() {
+    return this.messages.splice(0, this.messages.length);
+  }
+  clear() {
+    this.messages.length = 0;
+  }
+  enforceCap() {
+    if (this.messages.length > this.cap) {
+      const dropped = this.messages.length - this.cap;
+      this.messages.splice(0, dropped);
+      this.log(`${this.overflowLabel}: dropped ${dropped} oldest ${this.overflowNoun}, ${this.cap} remaining`);
+    }
+  }
+}
+
 // src/daemon.ts
 var stateDir = new StateDirResolver;
 stateDir.ensure();
-var configService = new ConfigService;
-var config = configService.loadOrDefault();
 var processLogger = createProcessLogger({ component: "AgentBridgeDaemon", logFile: stateDir.logFile });
+var controlTokenPath = resolveControlTokenPath(stateDir.dir);
+var controlToken = generateControlToken();
+var weWroteToken = false;
+var weWrotePid = false;
+var configService = new ConfigService;
+var config = configService.loadOrDefault(processLogger.log);
 var CODEX_APP_PORT = parseInt(process.env.CODEX_WS_PORT ?? String(config.codex.appPort), 10);
 var CODEX_PROXY_PORT = parseInt(process.env.CODEX_PROXY_PORT ?? String(config.codex.proxyPort), 10);
 var CONTROL_PORT = parseInt(process.env.AGENTBRIDGE_CONTROL_PORT ?? "4502", 10);
@@ -3935,16 +5074,24 @@ var CODEX_BOOT_RETRIES = parsePositiveIntEnv("AGENTBRIDGE_CODEX_BOOT_RETRIES", 2
 var ALLOW_IDENTITYLESS_CLIENT = process.env.AGENTBRIDGE_COMPAT_IDENTITYLESS === "1";
 var BUDGET_CONFIG = applyBudgetEnvOverrides(config.budget);
 var daemonLifecycle = new DaemonLifecycle({ stateDir, controlPort: CONTROL_PORT, log });
+var DAEMON_NONCE = randomUUID4();
+var DAEMON_STARTED_AT = Date.now();
 var codex = new CodexAdapter(CODEX_APP_PORT, CODEX_PROXY_PORT, stateDir.logFile);
 var attachCmd = `codex --enable tui_app_server --remote ${codex.proxyUrl}`;
 var controlServer = null;
+var boundControlPort = false;
 var attachedClaude = null;
 var nextControlClientId = 0;
 var nextSystemMessageId = 0;
+var SYSTEM_MSG_SALT = randomUUID4().slice(0, 8);
 var codexBootstrapped = false;
 var attentionWindowTimer = null;
 var inAttentionWindow = false;
 var replyTracker = new ReplyRequiredTracker;
+var idempotencyTracker = new IdempotencyTracker;
+var pendingTurnStarts = new Map;
+var pendingSteerDispatches = new Map;
+var BUSY_RETRY_ADVISORY_MS = 15000;
 var shuttingDown = false;
 var bootDeadlineTimer = null;
 var idleShutdownTimer = null;
@@ -3954,9 +5101,20 @@ var ATTACH_STATUS_COOLDOWN_MS = 30000;
 var LIVENESS_PROBE_TIMEOUT_MS = parsePositiveIntEnv("AGENTBRIDGE_LIVENESS_PROBE_TIMEOUT_MS", 3000, log);
 var LIVENESS_PROBE_POLL_MS = 50;
 var challengeInProgress = false;
-var bufferedMessages = [];
+var bufferedMessages = new BoundedMessageBuffer({
+  cap: MAX_BUFFERED_MESSAGES,
+  overflowLabel: "Message buffer overflow",
+  log
+});
+function createPendingBackpressureBuffer() {
+  return new BoundedMessageBuffer({
+    cap: MAX_BUFFERED_MESSAGES,
+    overflowLabel: "Backpressure overflow",
+    overflowNoun: "tracked message(s)",
+    log
+  });
+}
 var budgetCoordinator = null;
-var budgetStatusTimer = null;
 function ensureBudgetCoordinatorStarted() {
   if (!BUDGET_CONFIG.enabled)
     return;
@@ -3967,27 +5125,18 @@ function ensureBudgetCoordinatorStarted() {
       config: BUDGET_CONFIG,
       emit: (id, content) => {
         emitToClaude(systemMessage(id, content));
-        queueMicrotask(() => broadcastStatus());
       },
       onPauseChange: (paused) => {
         log(`Budget intervention ${paused ? "ACTIVE" : "CLEARED"} ` + `(gate ${budgetCoordinator?.isGateClosed() ? "CLOSED" : "OPEN"})`);
-        queueMicrotask(() => broadcastStatus());
       },
+      onSnapshot: () => broadcastStatus(),
       log
     });
   }
   budgetCoordinator.start();
-  if (!budgetStatusTimer) {
-    budgetStatusTimer = setInterval(() => broadcastStatus(), BUDGET_CONFIG.pollSeconds * 1000);
-    budgetStatusTimer.unref?.();
-  }
 }
 function stopBudgetCoordinator() {
   budgetCoordinator?.stop();
-  if (budgetStatusTimer) {
-    clearInterval(budgetStatusTimer);
-    budgetStatusTimer = null;
-  }
 }
 function budgetPauseGateError() {
   const snapshot = budgetCoordinator?.getSnapshot() ?? null;
@@ -4019,13 +5168,70 @@ codex.on("turnPhaseChanged", ({ phase, previous }) => {
   tryWriteStatusFile(`turnPhase:${phase}`);
   broadcastStatus();
 });
-codex.on("steerFailed", (reason) => {
+codex.on("steerFailed", ({ requestId, reason }) => {
   log(`Steer rejected by app-server: ${reason}`);
+  const dispatch = pendingSteerDispatches.get(requestId);
+  pendingSteerDispatches.delete(requestId);
+  if (dispatch?.idempotencyKey && dispatch.threadId) {
+    idempotencyTracker.release(dispatch.threadId, dispatch.idempotencyKey);
+    log(`Released idempotency key after steer failure (request ${requestId}) \u2014 same key is retryable again`);
+  }
   const advice = codex.turnInProgress ? "wait for it to finish (\u2705), then send normally" : "the turn has ended \u2014 resend as a normal reply";
   emitToClaude(systemMessage("system_steer_failed", `\u26A0\uFE0F Your steer message did NOT reach Codex (${reason}). The original turn continues unaffected \u2014 ${advice}.`));
 });
-codex.on("steerAccepted", () => {
+codex.on("steerAccepted", ({ requestId }) => {
   log("Steer accepted by app-server");
+  const dispatch = pendingSteerDispatches.get(requestId);
+  pendingSteerDispatches.delete(requestId);
+  if (dispatch?.requireReply) {
+    replyTracker.arm();
+    log("Reply required armed on steer-accept (steer-scoped expectation)");
+  }
+});
+codex.on("bridgeTurnStarted", ({ requestId, turnId }) => {
+  const pending = pendingTurnStarts.get(requestId);
+  if (!pending) {
+    log(`bridgeTurnStarted for unknown injection ${requestId} (turn ${turnId}) \u2014 correlation dropped`);
+    return;
+  }
+  pendingTurnStarts.delete(requestId);
+  log(`Bridge turn started: injection ${requestId} \u2192 turn ${turnId} (request ${pending.requestId})`);
+  if (pending.idempotencyKey) {
+    idempotencyTracker.markStarted(pending.threadId, pending.idempotencyKey, turnId);
+  }
+  if (attachedClaude) {
+    sendProtocolMessage(attachedClaude, {
+      type: "turn_started",
+      requestId: pending.requestId,
+      ...pending.idempotencyKey ? { idempotencyKey: pending.idempotencyKey } : {},
+      threadId: pending.threadId,
+      turnId
+    });
+  }
+});
+codex.on("bridgeTurnRejected", ({ requestId, error }) => {
+  const pending = pendingTurnStarts.get(requestId);
+  if (!pending)
+    return;
+  pendingTurnStarts.delete(requestId);
+  log(`Bridge turn rejected before start: injection ${requestId} (request ${pending.requestId}): ${error}`);
+  if (pending.idempotencyKey) {
+    idempotencyTracker.markRejected(pending.threadId, pending.idempotencyKey);
+  }
+});
+codex.on("turnIdCompleted", (turnId) => {
+  idempotencyTracker.completeTurn(turnId, codex.activeThreadId ?? undefined);
+});
+codex.on("turnTrackingReset", (reason) => {
+  idempotencyTracker.terminateAll("aborted");
+  if (pendingTurnStarts.size > 0) {
+    log(`Cleared ${pendingTurnStarts.size} pending turn-start correlation(s) on turn tracking reset (${reason})`);
+  }
+  if (pendingSteerDispatches.size > 0) {
+    log(`Cleared ${pendingSteerDispatches.size} pending steer dispatch(es) on turn tracking reset (${reason})`);
+  }
+  pendingTurnStarts.clear();
+  pendingSteerDispatches.clear();
 });
 codex.on("turnStarted", () => {
   log("Codex turn started");
@@ -4034,29 +5240,22 @@ codex.on("turnStarted", () => {
 codex.on("agentMessage", (msg) => {
   if (msg.source !== "codex")
     return;
-  const result = classifyMessage(msg.content, FILTER_MODE);
-  if (replyTracker.isArmed) {
-    log(`Codex \u2192 Claude [${result.marker}/force-forward-reply-required] (${msg.content.length} chars)`);
+  const route = routeCodexMessage(msg.content, {
+    mode: FILTER_MODE,
+    replyArmed: replyTracker.isArmed,
+    inAttentionWindow
+  });
+  log(`Codex \u2192 Claude [${route.marker}/${route.reason}] (${msg.content.length} chars)`);
+  if (route.noteReplyForwarded) {
     replyTracker.noteForwarded();
-    if (statusBuffer.size > 0) {
-      statusBuffer.flush("reply-required message arrived");
-    }
-    emitToClaude(msg);
-    return;
   }
-  if (inAttentionWindow && result.marker === "status") {
-    log(`Codex \u2192 Claude [${result.marker}/buffer-attention] (${msg.content.length} chars)`);
-    statusBuffer.add(msg);
-    return;
+  if (route.flushStatusBuffer) {
+    statusBuffer.flush(route.noteReplyForwarded ? "reply-required message arrived" : "important message arrived");
   }
-  log(`Codex \u2192 Claude [${result.marker}/${result.action}] (${msg.content.length} chars)`);
-  switch (result.action) {
+  switch (route.action) {
     case "forward":
-      if (result.marker === "important" && statusBuffer.size > 0) {
-        statusBuffer.flush("important message arrived");
-      }
       emitToClaude(msg);
-      if (result.marker === "important") {
+      if (route.startAttentionWindow) {
         startAttentionWindow();
       }
       break;
@@ -4131,64 +5330,86 @@ codex.on("error", (err) => {
 });
 codex.on("exit", (code) => {
   log(`Codex process exited (code ${code})`);
+  const wasBootstrapped = codexBootstrapped;
   codexBootstrapped = false;
   replyTracker.reset();
+  idempotencyTracker.terminateAll("aborted");
+  pendingTurnStarts.clear();
+  pendingSteerDispatches.clear();
   statusBuffer.flush("codex exited");
   tuiConnectionState.handleCodexExit();
   clearPendingClaudeDisconnect("Codex process exited");
-  emitToClaude(systemMessage("system_codex_exit", `\u26A0\uFE0F Codex app-server exited (code ${code ?? "unknown"}). AgentBridge daemon is still running. ` + `Restart the Codex side (\`agentbridge codex\`); if it does not come back within ` + `${Math.round(BOOTSTRAP_TIMEOUT_MS / 1000)}s the daemon will self-replace so the next launch starts clean.`));
+  if (wasBootstrapped) {
+    emitToClaude(systemMessage("system_codex_exit", `\u26A0\uFE0F Codex app-server exited (code ${code ?? "unknown"}). AgentBridge daemon is still running. ` + `Restart the Codex side (\`agentbridge codex\`); if it does not come back within ` + `${Math.round(BOOTSTRAP_TIMEOUT_MS / 1000)}s the daemon will self-replace so the next launch starts clean.`));
+  }
   broadcastStatus();
-  armBootDeadline();
+  if (wasBootstrapped) {
+    armBootDeadline();
+  }
 });
 function startControlServer() {
-  controlServer = Bun.serve({
-    port: CONTROL_PORT,
-    hostname: "127.0.0.1",
-    fetch(req, server) {
-      const url = new URL(req.url);
-      if (url.pathname === "/healthz") {
-        return Response.json(currentStatus());
-      }
-      if (url.pathname === "/readyz") {
-        return Response.json(currentStatus(), { status: codexBootstrapped ? 200 : 503 });
-      }
-      if (url.pathname === "/ws" && server.upgrade(req, { data: { clientId: 0, attached: false, lastPongAt: Date.now(), pongCount: 0, pendingBackpressure: [] } })) {
-        return;
-      }
-      return new Response("AgentBridge daemon");
-    },
-    websocket: {
-      idleTimeout: 960,
-      sendPings: true,
-      open: (ws) => {
-        ws.data.clientId = ++nextControlClientId;
-        ws.data.lastPongAt = Date.now();
-        ws.data.pendingBackpressure = [];
-        log(`Frontend socket opened (#${ws.data.clientId})`);
-      },
-      close: (ws, code, reason) => {
-        log(`Frontend socket closed (#${ws.data.clientId}, code=${code}, reason=${reason || "none"}, wasAttached=${attachedClaude === ws})`);
-        if (attachedClaude === ws) {
-          detachClaude(ws, "frontend socket closed");
+  let server;
+  try {
+    server = Bun.serve({
+      port: CONTROL_PORT,
+      hostname: "127.0.0.1",
+      fetch(req, server2) {
+        const url = new URL(req.url);
+        if (url.pathname === "/healthz") {
+          return Response.json(currentStatus());
         }
-      },
-      message: (ws, raw) => {
-        handleControlMessage(ws, raw);
-      },
-      pong: (ws) => {
-        ws.data.lastPongAt = Date.now();
-        ws.data.pongCount++;
-      },
-      drain: (ws) => {
-        if (ws.data.pendingBackpressure.length > 0 && ws.getBufferedAmount() === 0) {
-          ws.data.pendingBackpressure = [];
+        if (url.pathname === "/readyz") {
+          return Response.json(currentStatus(), { status: codexBootstrapped ? 200 : 503 });
         }
-        if (ws === attachedClaude && bufferedMessages.length > 0) {
-          flushBufferedMessages(ws);
+        if (url.pathname === "/ws") {
+          if (!isAllowedWsUpgrade(req)) {
+            log("Rejected WS upgrade on control port: Origin header present (possible CSWSH)");
+            return wsOriginRejectedResponse();
+          }
+          if (server2.upgrade(req, { data: { clientId: 0, attached: false, lastPongAt: Date.now(), pongCount: 0, pendingBackpressure: createPendingBackpressureBuffer() } })) {
+            return;
+          }
+        }
+        return new Response("AgentBridge daemon");
+      },
+      websocket: {
+        idleTimeout: 960,
+        sendPings: true,
+        open: (ws) => {
+          ws.data.clientId = ++nextControlClientId;
+          ws.data.lastPongAt = Date.now();
+          ws.data.pendingBackpressure = createPendingBackpressureBuffer();
+          log(`Frontend socket opened (#${ws.data.clientId})`);
+        },
+        close: (ws, code, reason) => {
+          log(`Frontend socket closed (#${ws.data.clientId}, code=${code}, reason=${reason || "none"}, wasAttached=${attachedClaude === ws})`);
+          if (attachedClaude === ws) {
+            detachClaude(ws, "frontend socket closed");
+          }
+        },
+        message: (ws, raw) => {
+          handleControlMessage(ws, raw);
+        },
+        pong: (ws) => {
+          ws.data.lastPongAt = Date.now();
+          ws.data.pongCount++;
+        },
+        drain: (ws) => {
+          if (ws.data.pendingBackpressure.length > 0 && ws.getBufferedAmount() === 0) {
+            ws.data.pendingBackpressure.clear();
+          }
+          if (ws === attachedClaude && bufferedMessages.length > 0) {
+            flushBufferedMessages(ws);
+          }
         }
       }
-    }
-  });
+    });
+  } catch (err) {
+    log(`Control port ${CONTROL_PORT} bind failed (${err?.code ?? err?.message ?? err}) \u2014 ` + `another daemon owns it; exiting without touching shared identity files`);
+    process.exit(0);
+  }
+  controlServer = server;
+  boundControlPort = true;
 }
 function handleControlMessage(ws, raw) {
   let message;
@@ -4205,7 +5426,9 @@ function handleControlMessage(ws, raw) {
         expectedPairId: process.env.AGENTBRIDGE_PAIR_ID ?? null,
         daemonCwd: process.cwd(),
         identity: message.identity,
-        allowIdentityless: ALLOW_IDENTITYLESS_CLIENT
+        allowIdentityless: ALLOW_IDENTITYLESS_CLIENT,
+        expectedControlToken: controlToken,
+        expectedContractVersion: BUILD_INFO.contractVersion
       });
       if (!admission.ok) {
         log(`Rejecting Claude frontend #${ws.data.clientId}: ${admission.reason}`);
@@ -4228,98 +5451,238 @@ function handleControlMessage(ws, raw) {
       });
       return;
     case "claude_to_codex": {
-      if (message.message.source !== "claude") {
-        sendProtocolMessage(ws, {
-          type: "claude_to_codex_result",
-          requestId: message.requestId,
-          success: false,
-          error: "Invalid message source"
-        });
-        return;
-      }
-      if (!tuiConnectionState.canReply()) {
-        sendProtocolMessage(ws, {
-          type: "claude_to_codex_result",
-          requestId: message.requestId,
-          success: false,
-          error: "Codex is not ready. Wait for TUI to connect and create a thread."
-        });
-        return;
-      }
-      if (budgetCoordinator?.isGateClosed()) {
-        const reason = budgetPauseGateError();
-        log(`Injection rejected by budget pause gate`);
-        sendProtocolMessage(ws, {
-          type: "claude_to_codex_result",
-          requestId: message.requestId,
+      handleClaudeToCodex(ws, message).catch((err) => {
+        log(`handleClaudeToCodex threw for request ${message.requestId}: ${err?.message ?? err}`);
+        sendClaudeToCodexResult(ws, message.requestId, {
           success: false,
-          error: reason
+          code: "internal_error",
+          error: `Internal bridge error: ${err?.message ?? err}`
         });
+      });
+      return;
+    }
+  }
+}
+function sendClaudeToCodexResult(ws, requestId, opts) {
+  sendProtocolMessage(ws, {
+    type: "claude_to_codex_result",
+    requestId,
+    success: opts.success,
+    ...opts.error !== undefined ? { error: opts.error } : {},
+    ok: opts.success,
+    ...opts.code !== undefined ? { code: opts.code } : {},
+    phase: codex.turnPhase,
+    ...opts.retryAfterMs !== undefined ? { retryAfterMs: opts.retryAfterMs } : {}
+  });
+}
+function describeDuplicate(dup) {
+  if (dup.code === "duplicate_terminal") {
+    const outcome = dup.state.phase === "terminal" ? dup.state.outcome : "unknown";
+    return `Duplicate idempotency_key: the original message already reached a terminal state (${outcome}) ` + `and was NOT re-injected. Use a fresh key to send a genuinely new message.`;
+  }
+  const detail = dup.state.phase === "started" ? `already running as turn ${dup.state.turnId}` : "still in flight";
+  return `Duplicate idempotency_key: a message with this key is ${detail} \u2014 NOT re-injected. ` + `Wait for its outcome, or use a fresh key for a genuinely new message.`;
+}
+function waitForInterruptOutcome(turnIds) {
+  return new Promise((resolve) => {
+    let settled = false;
+    const abort = new AbortController;
+    const finish = (result) => {
+      if (settled)
         return;
+      settled = true;
+      codex.off("interruptFailed", onFailed);
+      abort.abort();
+      resolve(result);
+    };
+    const onFailed = (reason) => finish({ ok: false, code: "interrupt_rejected", reason });
+    codex.on("interruptFailed", onFailed);
+    codex.waitForTurnsTerminal(turnIds, undefined, abort.signal).then((result) => {
+      if (result.ok) {
+        finish({ ok: true });
+      } else if (result.code === "interrupt_timeout") {
+        finish({ ok: false, code: "interrupt_timeout" });
       }
-      const requireReply = !!message.requireReply;
-      let contentToSend = message.message.content;
-      if (requireReply) {
-        contentToSend += REPLY_REQUIRED_INSTRUCTION;
-      }
-      log(`Forwarding Claude \u2192 Codex (${message.message.content.length} chars, requireReply=${requireReply})`);
-      const tierOverrides = BUDGET_CONFIG.codexTierControl ? budgetCoordinator?.getCodexTurnOverrides() ?? undefined : undefined;
-      if (codex.turnInProgress && message.onBusy === "steer") {
-        if (requireReply) {
-          sendProtocolMessage(ws, {
-            type: "claude_to_codex_result",
-            requestId: message.requestId,
-            success: false,
-            error: 'require_reply is not supported together with on_busy="steer" yet. Send the steer without require_reply, or wait for the turn to finish.'
-          });
-          return;
-        }
-        const steerContent = `[STEER from Claude]
+    });
+  });
+}
+async function handleClaudeToCodex(ws, message) {
+  const attachGuard = evaluateInjectionAttachGuard(attachedClaude, ws);
+  if (!attachGuard.allowed) {
+    log(`Rejecting claude_to_codex from non-attached socket #${ws.data.clientId} ` + `(request ${message.requestId}, attached=${attachedClaude ? "#" + attachedClaude.data.clientId : "none"})`);
+    sendClaudeToCodexResult(ws, message.requestId, {
+      success: false,
+      code: attachGuard.code,
+      error: attachGuard.reason
+    });
+    return;
+  }
+  if (message.message.source !== "claude") {
+    sendClaudeToCodexResult(ws, message.requestId, {
+      success: false,
+      code: "invalid_source",
+      error: "Invalid message source"
+    });
+    return;
+  }
+  const idempotencyKey = typeof message.idempotencyKey === "string" && message.idempotencyKey.length > 0 ? message.idempotencyKey : undefined;
+  if (idempotencyKey && codex.activeThreadId) {
+    const dup = idempotencyTracker.check(codex.activeThreadId, idempotencyKey);
+    if (dup.duplicate) {
+      log(`Rejected duplicate idempotency key (${dup.code})`);
+      sendClaudeToCodexResult(ws, message.requestId, {
+        success: false,
+        code: dup.code,
+        error: describeDuplicate(dup)
+      });
+      return;
+    }
+  }
+  if (!tuiConnectionState.canReply()) {
+    sendClaudeToCodexResult(ws, message.requestId, {
+      success: false,
+      code: "no_thread",
+      error: "Codex is not ready. Wait for TUI to connect and create a thread."
+    });
+    return;
+  }
+  if (budgetCoordinator?.isGateClosed()) {
+    const reason = budgetPauseGateError();
+    log(`Injection rejected by budget pause gate`);
+    const resumeAfterEpoch3 = budgetCoordinator?.getSnapshot()?.resumeAfterEpoch ?? null;
+    const retryAfterMs = resumeAfterEpoch3 !== null ? Math.max(0, resumeAfterEpoch3 * 1000 - Date.now()) : undefined;
+    sendClaudeToCodexResult(ws, message.requestId, {
+      success: false,
+      code: "budget_paused",
+      error: reason,
+      ...retryAfterMs !== undefined ? { retryAfterMs } : {}
+    });
+    return;
+  }
+  const requireReply = !!message.requireReply;
+  let contentToSend = message.message.content;
+  if (requireReply) {
+    contentToSend += REPLY_REQUIRED_INSTRUCTION;
+  }
+  log(`Forwarding Claude \u2192 Codex (${message.message.content.length} chars, requireReply=${requireReply})`);
+  const tierOverrides = BUDGET_CONFIG.codexTierControl ? budgetCoordinator?.getCodexTurnOverrides() ?? undefined : undefined;
+  if (codex.turnInProgress && message.onBusy === "steer") {
+    const steerContent = `[STEER from Claude]
 ` + `Mid-turn update for the current Codex turn. Integrate if relevant; do not restart work unless explicitly requested.
 
-` + message.message.content;
-        const steered = codex.steerMessage(steerContent);
-        log(`Steer ${steered ? "transport-accepted" : "failed"} (${message.message.content.length} chars)`);
-        if (steered) {
-          clearAttentionWindow();
+` + contentToSend;
+    const steerTurnId = codex.steerableTurnId;
+    const steerThreadId = codex.activeThreadId;
+    const steerRequestId = codex.steerMessage(steerContent);
+    const steered = steerRequestId !== null;
+    log(`Steer ${steered ? "transport-accepted" : "failed"} (${message.message.content.length} chars, requireReply=${requireReply})`);
+    if (steered) {
+      clearAttentionWindow();
+      pendingSteerDispatches.set(steerRequestId, {
+        requireReply,
+        ...idempotencyKey ? { idempotencyKey } : {},
+        ...steerThreadId ? { threadId: steerThreadId } : {}
+      });
+      if (idempotencyKey && steerThreadId) {
+        idempotencyTracker.accept(steerThreadId, idempotencyKey);
+        if (steerTurnId) {
+          idempotencyTracker.markStarted(steerThreadId, idempotencyKey, steerTurnId);
         }
-        const steerFailureAdvice = codex.turnInProgress ? "Steer failed: the running turn cannot be steered right now \u2014 wait for it to finish (\u2705), then send normally." : "Steer failed: the turn may have just ended or the connection dropped \u2014 retry as a normal reply.";
-        sendProtocolMessage(ws, {
-          type: "claude_to_codex_result",
-          requestId: message.requestId,
-          success: steered,
-          error: steered ? undefined : steerFailureAdvice
-        });
-        return;
-      }
-      const injected = codex.injectMessage(contentToSend, tierOverrides);
-      if (!injected) {
-        const reason = codex.turnInProgress ? 'Codex is busy executing a turn. Options: wait for it to finish, or retry with on_busy="steer" to feed this message into the running turn without interrupting it.' : "Injection failed: no active thread or WebSocket not connected.";
-        log(`Injection rejected: ${reason}`);
-        sendProtocolMessage(ws, {
-          type: "claude_to_codex_result",
-          requestId: message.requestId,
-          success: false,
-          error: reason
-        });
-        return;
       }
-      if (tierOverrides) {
-        budgetCoordinator?.notifyOverridesDelivered();
-      }
-      if (requireReply) {
-        replyTracker.arm();
-        log(`Reply required flag set for this message`);
+    }
+    const steerFailureAdvice = codex.turnInProgress ? "Steer failed: the running turn cannot be steered right now \u2014 wait for it to finish (\u2705), then send normally." : "Steer failed: the turn may have just ended or the connection dropped \u2014 retry as a normal reply.";
+    sendClaudeToCodexResult(ws, message.requestId, {
+      success: steered,
+      ...steered ? {} : { code: "steer_failed", error: steerFailureAdvice }
+    });
+    return;
+  }
+  if (codex.turnInProgress && message.onBusy === "interrupt") {
+    const interruptThreadId = codex.activeThreadId;
+    if (idempotencyKey && interruptThreadId) {
+      idempotencyTracker.accept(interruptThreadId, idempotencyKey);
+    }
+    const releaseInterruptKey = () => {
+      if (idempotencyKey && interruptThreadId) {
+        idempotencyTracker.release(interruptThreadId, idempotencyKey);
       }
-      clearAttentionWindow();
-      sendProtocolMessage(ws, {
-        type: "claude_to_codex_result",
-        requestId: message.requestId,
-        success: true
+    };
+    const interrupted = codex.interruptActiveTurns();
+    if (!interrupted.ok) {
+      releaseInterruptKey();
+      log(`Interrupt unavailable: ${interrupted.error}`);
+      sendClaudeToCodexResult(ws, message.requestId, {
+        success: false,
+        code: interrupted.code,
+        error: `Interrupt failed (${interrupted.error}). The original turn keeps running \u2014 ` + `your message was NOT injected. Wait for \u2705, or retry with on_busy="steer".`
+      });
+      return;
+    }
+    log(`Interrupt dispatched for turn(s) ${interrupted.turnIds.join(", ")} \u2014 waiting for terminal boundary`);
+    const outcome = await waitForInterruptOutcome(interrupted.turnIds);
+    if (!outcome.ok) {
+      releaseInterruptKey();
+      const error = outcome.code === "interrupt_rejected" ? `Interrupt was rejected by the app-server (${outcome.reason ?? "unknown reason"}). ` + `The original turn keeps running \u2014 your message was NOT injected. ` + `Wait for \u2705, or retry with on_busy="steer".` : `Interrupt did not reach a terminal boundary in time. The turn MAY still be running \u2014 ` + `do not assume it stopped. Your message was NOT injected (this avoids a double-turn race); ` + `check for \u2705/\u26A0\uFE0F notices before retrying.`;
+      log(`Interrupt failed (${outcome.code})`);
+      sendClaudeToCodexResult(ws, message.requestId, {
+        success: false,
+        code: outcome.code,
+        error
+      });
+      return;
+    }
+    log("Interrupt reached terminal boundary \u2014 injecting the message as a new turn");
+    const postWaitAttachGuard = evaluateInjectionAttachGuard(attachedClaude, ws);
+    if (!postWaitAttachGuard.allowed) {
+      releaseInterruptKey();
+      log(`Rejecting interrupt-path injection from socket #${ws.data.clientId} that lost the attach ` + `slot during the terminal-boundary wait (request ${message.requestId}, ` + `attached=${attachedClaude ? "#" + attachedClaude.data.clientId : "none"})`);
+      sendClaudeToCodexResult(ws, message.requestId, {
+        success: false,
+        code: "not_attached",
+        error: "The original Claude session disconnected (or was replaced by a newer session) while " + "the interrupt was waiting to take effect. Your message was NOT injected \u2014 this avoids " + "delivering it into a different session's thread. Reconnect and resend if still needed."
       });
       return;
     }
+    if (interruptThreadId && codex.activeThreadId !== interruptThreadId) {
+      releaseInterruptKey();
+    }
+  }
+  const injectThreadId = codex.activeThreadId;
+  const injectionId = codex.injectMessage(contentToSend, tierOverrides);
+  if (injectionId === null) {
+    if (idempotencyKey && injectThreadId) {
+      idempotencyTracker.release(injectThreadId, idempotencyKey);
+    }
+    const busy = codex.turnInProgress;
+    const reason = busy ? 'Codex is busy executing a turn. Options: wait for it to finish, retry with on_busy="steer" to feed this message into the running turn without interrupting it, or retry with on_busy="interrupt" to stop the current turn and start a new one with this message.' : "Injection failed: no active thread or WebSocket not connected.";
+    log(`Injection rejected: ${reason}`);
+    sendClaudeToCodexResult(ws, message.requestId, {
+      success: false,
+      code: busy ? "busy_reject" : "no_thread",
+      error: reason,
+      ...busy ? { retryAfterMs: BUSY_RETRY_ADVISORY_MS } : {}
+    });
+    return;
+  }
+  if (tierOverrides) {
+    budgetCoordinator?.notifyOverridesDelivered();
+  }
+  if (requireReply) {
+    replyTracker.arm();
+    log(`Reply required flag set for this message`);
+  }
+  clearAttentionWindow();
+  if (injectThreadId) {
+    if (idempotencyKey) {
+      idempotencyTracker.accept(injectThreadId, idempotencyKey);
+    }
+    pendingTurnStarts.set(injectionId, {
+      requestId: message.requestId,
+      ...idempotencyKey ? { idempotencyKey } : {},
+      threadId: injectThreadId
+    });
   }
+  sendClaudeToCodexResult(ws, message.requestId, { success: true });
 }
 async function attachClaude(ws, identity) {
   const occupant = attachedClaude;
@@ -4387,14 +5750,9 @@ function detachClaude(ws, reason) {
   ws.data.attached = false;
   log(`Claude frontend detached (#${ws.data.clientId}, ${reason})`);
   if (ws.data.pendingBackpressure.length > 0) {
-    bufferedMessages.unshift(...ws.data.pendingBackpressure);
-    log(`Re-buffered ${ws.data.pendingBackpressure.length} backpressured message(s) for redelivery on reconnect`);
-    ws.data.pendingBackpressure = [];
-    if (bufferedMessages.length > MAX_BUFFERED_MESSAGES) {
-      const dropped = bufferedMessages.length - MAX_BUFFERED_MESSAGES;
-      bufferedMessages.splice(0, dropped);
-      log(`Message buffer overflow: dropped ${dropped} oldest message(s), ${MAX_BUFFERED_MESSAGES} remaining`);
-    }
+    const reBuffered = ws.data.pendingBackpressure.drainAll();
+    log(`Re-buffered ${reBuffered.length} backpressured message(s) for redelivery on reconnect`);
+    bufferedMessages.unshiftMany(reBuffered);
   }
   scheduleClaudeDisconnectNotification(ws.data.clientId);
   scheduleIdleShutdown();
@@ -4517,11 +5875,6 @@ function emitToClaude(message) {
     log("Send to Claude failed, buffering message for retry on reconnect");
   }
   bufferedMessages.push(message);
-  if (bufferedMessages.length > MAX_BUFFERED_MESSAGES) {
-    const dropped = bufferedMessages.length - MAX_BUFFERED_MESSAGES;
-    bufferedMessages.splice(0, dropped);
-    log(`Message buffer overflow: dropped ${dropped} oldest message(s), ${MAX_BUFFERED_MESSAGES} remaining`);
-  }
 }
 function trySendBridgeMessage(ws, message) {
   try {
@@ -4532,11 +5885,6 @@ function trySendBridgeMessage(ws, message) {
     }
     if (typeof result === "number" && result === -1) {
       ws.data.pendingBackpressure.push(message);
-      if (ws.data.pendingBackpressure.length > MAX_BUFFERED_MESSAGES) {
-        const dropped = ws.data.pendingBackpressure.length - MAX_BUFFERED_MESSAGES;
-        ws.data.pendingBackpressure.splice(0, dropped);
-        log(`Backpressure overflow: dropped ${dropped} oldest tracked message(s), ${MAX_BUFFERED_MESSAGES} remaining`);
-      }
     }
     return true;
   } catch (err) {
@@ -4545,11 +5893,11 @@ function trySendBridgeMessage(ws, message) {
   }
 }
 function flushBufferedMessages(ws) {
-  const messages = bufferedMessages.splice(0, bufferedMessages.length);
+  const messages = bufferedMessages.drainAll();
   for (let i = 0;i < messages.length; i++) {
     if (!trySendBridgeMessage(ws, messages[i])) {
       const remaining = messages.slice(i);
-      bufferedMessages.unshift(...remaining);
+      bufferedMessages.unshiftMany(remaining);
       log(`Flush interrupted: re-buffered ${remaining.length} message(s) after send failure`);
       return;
     }
@@ -4593,7 +5941,8 @@ function currentStatus() {
     budget: budgetCoordinator?.getSnapshot() ?? undefined,
     turnInProgress: codex.turnInProgress,
     turnPhase: codex.turnPhase,
-    attentionWindowActive: inAttentionWindow
+    attentionWindowActive: inAttentionWindow,
+    appServerInfo: codex.capturedAppServerInfo
   };
 }
 function currentWaitingMessage() {
@@ -4614,7 +5963,7 @@ function currentReadyMessage() {
 }
 function systemMessage(idPrefix, content) {
   return {
-    id: `${idPrefix}_${++nextSystemMessageId}`,
+    id: `${idPrefix}_${SYSTEM_MSG_SALT}_${++nextSystemMessageId}`,
     source: "codex",
     content,
     timestamp: Date.now()
@@ -4622,9 +5971,47 @@ function systemMessage(idPrefix, content) {
 }
 function writePidFile() {
   daemonLifecycle.writePid();
+  daemonLifecycle.writeDaemonRecord(buildDaemonRecord("booting"));
+  weWrotePid = true;
+}
+function writeControlTokenPostBind() {
+  if (controlToken === null)
+    return;
+  try {
+    writeControlToken(controlTokenPath, controlToken);
+    weWroteToken = true;
+  } catch (err) {
+    controlToken = null;
+    processLogger.log(`Failed to write control token (${controlTokenPath}): ${err?.message ?? err} \u2014 ` + `token layer DISABLED for this daemon (attach guard + Origin guard still active)`);
+  }
 }
 function removePidFile() {
+  if (!weWrotePid || !pidFileOwnedByUs(stateDir.pidFile, process.pid))
+    return;
   daemonLifecycle.removePidFile();
+  daemonLifecycle.removeDaemonRecord();
+}
+function buildDaemonRecord(phase) {
+  return {
+    pid: process.pid,
+    phase,
+    startedAt: DAEMON_STARTED_AT,
+    nonce: DAEMON_NONCE,
+    pairId: process.env.AGENTBRIDGE_PAIR_ID ?? null,
+    cwd: process.cwd(),
+    stateDir: stateDir.dir,
+    proxyUrl: codex.proxyUrl,
+    appServerUrl: codex.appServerUrl,
+    ports: {
+      appPort: portFromUrl(codex.appServerUrl) ?? CODEX_APP_PORT,
+      proxyPort: portFromUrl(codex.proxyUrl) ?? CODEX_PROXY_PORT,
+      controlPort: CONTROL_PORT
+    },
+    build: daemonStatusBuildInfo(),
+    turnInProgress: codex.turnInProgress,
+    turnPhase: codex.turnPhase,
+    attentionWindowActive: inAttentionWindow
+  };
 }
 function writeStatusFile() {
   daemonLifecycle.writeStatus({
@@ -4638,11 +6025,16 @@ function writeStatusFile() {
     build: daemonStatusBuildInfo(),
     turnInProgress: codex.turnInProgress,
     turnPhase: codex.turnPhase,
-    attentionWindowActive: inAttentionWindow
+    attentionWindowActive: inAttentionWindow,
+    appServerInfo: codex.capturedAppServerInfo
   });
+  daemonLifecycle.writeDaemonRecord(buildDaemonRecord("ready"));
 }
 function removeStatusFile() {
+  if (!boundControlPort)
+    return;
   daemonLifecycle.removeStatusFile();
+  daemonLifecycle.removeDaemonRecord();
 }
 function armBootDeadline() {
   if (bootDeadlineTimer)
@@ -4707,6 +6099,7 @@ function shutdown(reason, exitCode = 0) {
   log(`Shutting down daemon (${reason})...`);
   clearBootDeadline();
   stopBudgetCoordinator();
+  idempotencyTracker.dispose();
   tuiConnectionState.dispose(`daemon shutdown (${reason})`);
   clearPendingClaudeDisconnect(`daemon shutdown (${reason})`);
   controlServer?.stop();
@@ -4714,20 +6107,41 @@ function shutdown(reason, exitCode = 0) {
   codex.stop();
   removePidFile();
   removeStatusFile();
+  removeControlToken();
   process.exit(exitCode);
 }
+function removeControlToken() {
+  if (!weWroteToken)
+    return;
+  try {
+    rmSync2(controlTokenPath, { force: true });
+  } catch {}
+}
 process.on("SIGINT", () => shutdown("SIGINT"));
 process.on("SIGTERM", () => shutdown("SIGTERM"));
 process.on("exit", () => {
   codex.forceKillAppServerSync();
   removePidFile();
   removeStatusFile();
+  removeControlToken();
 });
 process.on("uncaughtException", (err) => {
-  processLogger.fatal("UNCAUGHT EXCEPTION", err);
+  processLogger.fatal("UNCAUGHT EXCEPTION \u2014 auto-shutting down daemon", err);
+  try {
+    shutdown("uncaught exception", 1);
+  } catch (shutdownErr) {
+    processLogger.fatal("shutdown during uncaughtException failed", shutdownErr);
+  }
+  process.exit(1);
 });
 process.on("unhandledRejection", (reason) => {
-  processLogger.fatal("UNHANDLED REJECTION", reason);
+  processLogger.fatal("UNHANDLED REJECTION \u2014 auto-shutting down daemon", reason);
+  try {
+    shutdown("unhandled rejection", 1);
+  } catch (shutdownErr) {
+    processLogger.fatal("shutdown during unhandledRejection failed", shutdownErr);
+  }
+  process.exit(1);
 });
 function log(msg) {
   processLogger.log(msg);
@@ -4736,7 +6150,8 @@ if (daemonLifecycle.wasKilled()) {
   log("Killed sentinel found \u2014 daemon was intentionally stopped. Exiting immediately.");
   process.exit(0);
 }
-writePidFile();
 startControlServer();
+writePidFile();
+writeControlTokenPostBind();
 armBootDeadline();
 bootCodex();