ai-browser-profile 1.0.5

package/setup/SKILL.md

@@ -0,0 +1,177 @@
+---
+name: ai-browser-profile-setup
+description: "Set up ai-browser-profile for a new user. Installs via npm, creates Python venv, extracts browser data, and optionally enables semantic search. Use when: 'set up browser profile', 'install ai browser profile', 'configure browser profile'."
+---
+
+# AI Browser Profile Setup
+
+Interactive setup wizard for ai-browser-profile. Walk the user through installation and first extraction.
+
+## When to use
+
+- First-time setup of ai-browser-profile
+- Reinstalling after a fresh machine setup
+- Troubleshooting a broken installation
+
+## Prerequisites
+
+- Node.js 16+ (for `npx`)
+- Python 3.10+
+- macOS (browser paths are macOS-specific)
+
+---
+
+## Setup Flow
+
+Run each step sequentially. **After each step, print a progress status to the user** so they can follow along:
+
+```
+[1/7] Install ............ done (12s)
+[2/7] Verify ............. done (1s)
+[3/7] Extract ............ running...
+```
+
+### Step 1: Install via npm
+
+Check if already installed:
+
+```bash
+ls ~/ai-browser-profile/extract.py 2>/dev/null && echo "FOUND" || echo "NOT_FOUND"
+```
+
+If NOT_FOUND, install:
+```bash
+npx ai-browser-profile init
+```
+
+This:
+- Copies Python source + skills to `~/ai-browser-profile/`
+- Creates a Python venv at `~/ai-browser-profile/.venv/`
+- Installs core deps (`ccl_chromium_reader`, `numpy`)
+- Symlinks skills into `~/.claude/skills/`
+
+To update code later without touching data:
+```bash
+npx ai-browser-profile update
+```
+
+**Tell the user:** "Installed ai-browser-profile to ~/ai-browser-profile. Python venv created, core deps installed, skills symlinked."
+
+### Step 2: Verify the installation
+
+```bash
+~/ai-browser-profile/.venv/bin/python -c "
+import sys
+sys.path.insert(0, '$HOME/ai-browser-profile')
+from ai_browser_profile import MemoryDB
+print('MemoryDB imported successfully')
+"
+```
+
+Expected: `MemoryDB imported successfully`
+
+If it fails, check:
+- Python venv exists: `ls ~/ai-browser-profile/.venv/bin/python`
+- Deps installed: `~/ai-browser-profile/.venv/bin/pip list | grep ccl`
+
+**Tell the user:** "Python environment verified - MemoryDB loads correctly."
+
+### Step 3: Run extraction
+
+**IMPORTANT:** Run extraction in the background so you can report progress to the user. The extraction has 8 stages and logs timing for each.
+
+```bash
+cd ~/ai-browser-profile && source .venv/bin/activate && python extract.py 2>&1
+```
+
+This scans all detected browsers (Arc, Chrome, Brave, Edge, Safari, Firefox) and extracts:
+- Autofill profiles (names, emails, phones, addresses)
+- Login data (accounts per domain)
+- Browser history (tools/services used)
+- Bookmarks (interests, tool usage)
+- IndexedDB (WhatsApp contacts)
+- Local Storage (LinkedIn connections)
+- Notion (workspace contacts, if configured)
+- Embeddings (semantic vectors, backfilled at end)
+
+**INTERIM PROFILE:** The extraction pipeline prints an interim profile after the fast steps (autofill, history, bookmarks, logins, Notion — ~1s total) but before the slow steps (WhatsApp ~10s, embeddings ~3min). **As soon as you see the "Interim profile ready" log line, show the profile to the user immediately.** Don't wait for WhatsApp or embeddings to finish — the profile already has all identity, email, address, payment, account, and tool data. WhatsApp only adds a contact count.
+
+Look for this in the logs:
+```
+Interim profile ready (WhatsApp + embeddings still running):
+## User Profile
+**Name:** ...
+```
+
+**Show this to the user right away**, then let the extraction continue in the background. Tell them: "Here's your profile from browser data. WhatsApp contacts and semantic embeddings are still processing..."
+
+**After extraction + cleanup finish, report a final summary to the user:**
+
+```
+Extraction complete:
+  Browsers scanned: 8 profiles (Arc, Chrome, Safari, Firefox)
+  Raw memories: 5,878
+  After cleanup: 5,431
+  Time: 54s
+
+  Breakdown:
+    Autofill:      0.1s  (forms, addresses, cards)
+    History:       1.8s  (tools & services)
+    Bookmarks:     0.4s  (interests & links)
+    Logins:        2.1s  (saved accounts)
+    LinkedIn:      8.7s  (connections)
+    Notion:        0.1s  (contacts & pages)
+    WhatsApp:     15.3s  (contacts)
+    Embeddings:   22.4s  (semantic vectors)
+```
+
+### Step 4: Verify extraction
+
+```bash
+~/ai-browser-profile/.venv/bin/python -c "
+import sys, os
+sys.path.insert(0, os.path.expanduser('~/ai-browser-profile'))
+from ai_browser_profile import MemoryDB
+mem = MemoryDB(os.path.expanduser('~/ai-browser-profile/memories.db'))
+stats = mem.stats()
+print(f'Total memories: {stats[\"total_memories\"]}')
+print()
+print(mem.profile_text())
+mem.close()
+"
+```
+
+**Show the profile to the user.** Check that name, email, phone, address look reasonable. If the primary email is wrong (a contact's email ranked higher), note that the review pipeline will fix this.
+
+### Step 5: Set up automation (optional)
+
+Ask: "Do you want weekly automatic extraction + review? (y/n)"
+
+If yes (macOS):
+```bash
+ln -sf ~/ai-browser-profile/launchd/com.m13v.memory-review.plist ~/Library/LaunchAgents/
+launchctl load ~/Library/LaunchAgents/com.m13v.memory-review.plist
+```
+
+Schedule: extracts new browser data weekly, then runs Claude to review new entries.
+
+### Step 6: Summary
+
+Print a final status card:
+
+```
+Setup Complete
+
+  Location:     ~/ai-browser-profile
+  Database:     ~/ai-browser-profile/memories.db
+  Python:       ~/ai-browser-profile/.venv/bin/python
+  Skills:       ~/.claude/skills/ai-browser-profile (+ 4 more)
+
+  Memories:     5,431
+  Embeddings:   5,431 vectors (semantic search enabled)
+  Automation:   launchd weekly / not set up
+
+  Try it:       Tell Claude "what's my email address"
+  Update:       npx ai-browser-profile update
+  Review:       /memory-review (Claude-powered cleanup)
+```

package/skill/SKILL.md

@@ -0,0 +1,180 @@
+---
+name: ai-browser-profile
+description: "Query the user's AI browser profile: identity, accounts, tools, contacts, addresses, payments extracted from browser data. Use when you need context about the user to help with any task: form filling, emailing, booking, payments, or any task where knowing the user's info helps."
+---
+
+# AI Browser Profile
+
+A self-ranking database of everything learned about the user from browser data. Memories are ranked by how often they're accessed vs how often they appear in search results — frequently useful memories rise, noise sinks.
+
+## Quick Reference
+
+| Item | Value |
+|------|-------|
+| Database | `~/ai-browser-profile/memories.db` |
+| Module | `~/ai-browser-profile/ai_browser_profile/` |
+| Python | `~/ai-browser-profile/.venv/bin/python` |
+| Rebuild | `~/ai-browser-profile/.venv/bin/python ~/ai-browser-profile/extract.py` |
+
+## How to Use
+
+### User profile (start here)
+
+Get a compact overview of the user — name, emails, addresses, accounts, tools, contacts. This is deterministic (no LLM) and computed from the database. Use it as baseline context before doing any task.
+
+```python
+import sys, os
+sys.path.insert(0, os.path.expanduser("~/ai-browser-profile"))
+from ai_browser_profile import MemoryDB
+
+mem = MemoryDB(os.path.expanduser("~/ai-browser-profile/memories.db"))
+print(mem.profile_text())  # markdown formatted, ~1.5KB
+mem.close()
+```
+
+The profile shows: name, all known emails, phone numbers, handles, addresses, payment info, companies, top tools/services, accounts grouped by email, Notion projects, and contact count. Values are ranked by frequency across browser profiles — higher frequency = more likely to be the user's own data.
+
+### Search by tags
+
+```python
+import sys, os
+sys.path.insert(0, os.path.expanduser("~/ai-browser-profile"))
+from ai_browser_profile import MemoryDB
+
+mem = MemoryDB(os.path.expanduser("~/ai-browser-profile/memories.db"))
+
+# Search returns results ranked by hit_rate (accessed/appeared), then counts
+# accessed_count and appeared_count are auto-incremented on every search call
+results = mem.search(["identity", "contact_info"], limit=10)
+for r in results:
+    print(f'{r["key"]}: {r["value"]}')
+
+mem.close()
+```
+
+### Semantic search (natural language)
+
+```python
+# Find memories by meaning, not just keywords
+results = mem.semantic_search("what products does the user build")
+for r in results[:5]:
+    print(f'{r["key"]}: {r["value"][:80]} (sim={r["similarity"]:.3f})')
+
+# Falls back to text_search() if embeddings not installed
+# Install with: npx ai-browser-profile install-embeddings
+```
+
+### Quick SQL queries
+
+```bash
+sqlite3 ~/ai-browser-profile/memories.db
+```
+
+```sql
+-- All identity info
+SELECT m.key, m.value FROM memories m
+JOIN memory_tags t ON m.id = t.memory_id WHERE t.tag = 'identity'
+AND m.superseded_by IS NULL;
+
+-- All contact info (emails, phones)
+SELECT m.key, m.value, m.source FROM memories m
+JOIN memory_tags t ON m.id = t.memory_id WHERE t.tag = 'contact_info'
+AND m.superseded_by IS NULL;
+
+-- All contacts
+SELECT m.key, m.value FROM memories m
+JOIN memory_tags t ON m.id = t.memory_id WHERE t.tag = 'contact'
+AND m.superseded_by IS NULL
+ORDER BY m.accessed_count DESC;
+
+-- Most accessed memories (the ones that proved useful)
+SELECT key, value, accessed_count, appeared_count,
+       CAST(accessed_count AS REAL) / MAX(appeared_count, 1) AS hit_rate
+FROM memories WHERE accessed_count > 0
+ORDER BY hit_rate DESC;
+
+-- Search by key pattern
+SELECT key, value FROM memories WHERE key LIKE 'account:%'
+AND superseded_by IS NULL;
+```
+
+## Canonical Tags
+
+| Tag | What it covers | Example keys |
+|-----|---------------|-------------|
+| `identity` | Name, DOB, gender, job title, language | `first_name`, `last_name`, `full_name`, `date_of_birth` |
+| `contact_info` | Email addresses, phone numbers | `email`, `phone` |
+| `address` | Physical addresses | `street_address`, `city`, `state`, `zip`, `country` |
+| `payment` | Card holder names, expiry | `card_holder_name`, `card_expiry`, `card_nickname` |
+| `account` | Service accounts, login credentials | `account:{domain}` |
+| `tool` | Tools/services used (from history) | `tool:GitHub`, `tool:Slack`, `tool:Stripe` |
+| `contact` | People the user knows | `contact:{Name}`, `linkedin:{Name}` |
+| `work` | Work-related (company, LinkedIn) | `company`, `linkedin:*` |
+| `knowledge` | Interests, skills, projects, products | `product:*`, `project:*`, `interest:*` |
+| `communication` | Messaging platforms | `tool:Slack`, `tool:WhatsApp` |
+| `social` | Social platforms | `tool:LinkedIn`, `tool:X/Twitter` |
+| `finance` | Financial tools | `tool:Stripe`, `tool:QuickBooks` |
+
+## Ranking System
+
+Every `search()`, `semantic_search()`, and `text_search()` call automatically increments both `appeared_count` and `accessed_count` for all returned results. No manual `mark_accessed()` calls needed.
+
+**hit_rate** = `accessed_count / appeared_count`
+
+Memories that are frequently returned by searches rise in ranking. The system is fully automatic — no manual curation or agent instrumentation needed.
+
+## Semantic Dedup
+
+On `upsert()`, near-duplicate memories (cosine similarity >= 0.92 with same key prefix) are automatically superseded. This prevents storing "Screen recording tool for compliance" and "Screen recording tool launched on Product Hunt for compliance use cases" as separate entries.
+
+## Task-Specific Tag Queries
+
+| Task | Tags to search |
+|------|---------------|
+| Fill out a form | `["identity", "contact_info", "address"]` |
+| Send an email | `["contact_info", "communication"]` + search contact by name |
+| Book a flight/hotel | `["identity", "address", "payment"]` |
+| Log into a service | `["account"]` |
+| Invoice a client | `["identity", "work", "address", "payment"]` |
+| Find a contact | `["contact"]` + filter by key pattern |
+| Dev/deploy task | `["account", "tool"]` |
+| Social media post | `["account", "social"]` |
+| Research question | `mem.semantic_search("your question here")` |
+
+## Rebuilding Memories
+
+To refresh from latest browser data:
+
+```bash
+cd ~/ai-browser-profile
+source .venv/bin/activate
+python extract.py                                    # full scan
+python extract.py --browsers arc chrome              # specific browsers
+python extract.py --no-indexeddb --no-localstorage   # fast, skip LevelDB
+```
+
+### Backfill embeddings (after install-embeddings)
+
+```python
+import sys, os
+sys.path.insert(0, os.path.expanduser("~/ai-browser-profile"))
+from ai_browser_profile import MemoryDB
+mem = MemoryDB(os.path.expanduser("~/ai-browser-profile/memories.db"))
+n = mem.backfill_embeddings()
+print(f"Embedded {n} memories")
+mem.close()
+```
+
+This reads browser files directly (History, Login Data, Web Data, IndexedDB, Local Storage). The memory database preserves `appeared_count` and `accessed_count` across rebuilds via UPSERT logic — rankings are never lost.
+
+## Dependencies
+
+**Core** (installed by `npx ai-browser-profile init`):
+- `ccl_chromium_reader` — IndexedDB + Local Storage LevelDB files
+- `numpy` — vector math for cosine similarity
+
+**Embeddings** (optional, installed by `npx ai-browser-profile install-embeddings`):
+- `onnxruntime` — ONNX model inference
+- `huggingface_hub` — model downloading
+- `tokenizers` — text tokenization
+- Model: nomic-embed-text-v1.5 (~131MB, downloads on first use)

package/whatsapp/SKILL.md

@@ -0,0 +1,321 @@
+---
+name: whatsapp-analysis
+description: "Analyze WhatsApp Web data — contacts, groups, social graph, AND decrypt actual message content via live browser interception. Use when: 'WhatsApp contacts', 'WhatsApp groups', 'WhatsApp analysis', 'who do I talk to', 'WhatsApp messages', 'decrypt WhatsApp', 'read WhatsApp messages', 'WhatsApp network', 'social graph', 'inner circle'."
+---
+
+# WhatsApp Analysis
+
+Two capabilities:
+1. **Live message decryption** — intercept `crypto.subtle.decrypt` via Playwright to read actual message text (requires open browser session)
+2. **Metadata analysis** — contacts, groups, social graph from IndexedDB (offline, fast)
+
+## Part 1: Live Message Decryption (Playwright)
+
+### How It Works
+
+WhatsApp Web encrypts messages in IndexedDB (`msgRowOpaqueData`) using **AES-CBC-128** with keys derived via **HKDF-SHA256**. The crypto happens on the **main thread** (not Web Workers). By intercepting `crypto.subtle` before page JS loads, we capture plaintext output and extractable keys.
+
+### Prerequisites
+
+- MCP Playwright browser available
+- WhatsApp Web logged in (or QR code scan needed)
+
+### Step 1: Navigate to WhatsApp Web
+
+```
+Use browser_navigate to go to https://web.whatsapp.com
+Wait for the page to load. If QR code appears, user must scan it.
+Use browser_snapshot to verify the chat list is visible.
+```
+
+### Step 2: Install the crypto interceptor
+
+Use `browser_run_code` with this **exact** code to install the interceptor via `addInitScript` (runs before any page JS on reload):
+
+```javascript
+async (page) => {
+    await page.addInitScript(() => {
+        const scope = (typeof globalThis !== 'undefined') ? globalThis : self;
+        scope.__waCaptured = { decrypt: [], deriveKey: [], importKey: [] };
+
+        const origImportKey = crypto.subtle.importKey.bind(crypto.subtle);
+        crypto.subtle.importKey = function(format, keyData, algorithm, extractable, keyUsages) {
+            return origImportKey(format, keyData, algorithm, true, keyUsages);
+        };
+
+        const origGenerateKey = crypto.subtle.generateKey.bind(crypto.subtle);
+        crypto.subtle.generateKey = function(algorithm, extractable, keyUsages) {
+            return origGenerateKey(algorithm, true, keyUsages);
+        };
+
+        const origDeriveKey = crypto.subtle.deriveKey.bind(crypto.subtle);
+        crypto.subtle.deriveKey = async function(algorithm, baseKey, derivedKeyType, extractable, keyUsages) {
+            const result = await origDeriveKey(algorithm, baseKey, derivedKeyType, true, keyUsages);
+            try {
+                const raw = await crypto.subtle.exportKey('raw', result);
+                const b64 = btoa(String.fromCharCode(...new Uint8Array(raw)));
+                scope.__waCaptured.deriveKey.push({
+                    ts: Date.now(),
+                    alg: algorithm.name,
+                    saltLen: algorithm.salt ? algorithm.salt.byteLength : 0,
+                    derivedAlg: derivedKeyType.name,
+                    derivedLen: derivedKeyType.length,
+                    keyB64: b64,
+                    usages: keyUsages
+                });
+            } catch(e) {}
+            return result;
+        };
+
+        const origDecrypt = crypto.subtle.decrypt.bind(crypto.subtle);
+        crypto.subtle.decrypt = async function(algorithm, key, data) {
+            const result = await origDecrypt(algorithm, key, data);
+            let keyB64 = null;
+            try {
+                const raw = await crypto.subtle.exportKey('raw', key);
+                keyB64 = btoa(String.fromCharCode(...new Uint8Array(raw)));
+            } catch(e) { keyB64 = 'export-failed'; }
+
+            const entry = {
+                ts: Date.now(),
+                alg: algorithm.name,
+                key: keyB64,
+                inSize: data.byteLength,
+                outSize: result.byteLength
+            };
+
+            if (result.byteLength > 0 && result.byteLength < 500000) {
+                const slice = new Uint8Array(result.slice(0, Math.min(1500, result.byteLength)));
+                entry.outB64 = btoa(String.fromCharCode(...slice));
+            }
+            scope.__waCaptured.decrypt.push(entry);
+            return result;
+        };
+    });
+
+    await page.reload({ waitUntil: 'networkidle' });
+    await page.waitForTimeout(8000);
+    return 'Interceptor installed and page reloaded. Decryptions are being captured.';
+}
+```
+
+### Step 3: Collect captured decryptions
+
+Wait 10-15 seconds after reload, then extract with `browser_run_code`:
+
+```javascript
+async (page) => {
+    const data = await page.evaluate(() => {
+        const c = (globalThis || self).__waCaptured;
+        if (!c) return JSON.stringify({error: 'no captures'});
+        return JSON.stringify({
+            decryptCount: c.decrypt.length,
+            deriveKeyCount: c.deriveKey.length,
+            derivedKeys: c.deriveKey,
+            sample: c.decrypt.slice(0, 5)
+        });
+    });
+    return data;
+}
+```
+
+### Step 4: Extract and parse message text
+
+Decrypted output is **protobuf**. Extract text with `browser_run_code`:
+
+```javascript
+async (page) => {
+    const result = await page.evaluate(() => {
+        const c = (globalThis || self).__waCaptured;
+        if (!c) return JSON.stringify({error: 'no captures'});
+
+        function readVarint(bytes, pos) {
+            let result = 0, shift = 0;
+            while (pos < bytes.length) {
+                const byte = bytes[pos];
+                result |= (byte & 0x7f) << shift;
+                shift += 7; pos++;
+                if (!(byte & 0x80)) return [result, pos];
+            }
+            return [null, pos];
+        }
+
+        function parseProtobufText(bytes) {
+            if (!bytes || bytes[0] !== 0x0a) return null;
+            let pos = 1;
+            let [outerLen, p1] = readVarint(bytes, pos);
+            if (outerLen === null || p1 >= bytes.length) return null;
+            pos = p1;
+            if (bytes[pos] !== 0x0a) return null;
+            pos++;
+            let [textLen, p2] = readVarint(bytes, pos);
+            if (textLen === null || textLen <= 0 || p2 + textLen > bytes.length) return null;
+            pos = p2;
+            try {
+                return new TextDecoder('utf-8').decode(bytes.slice(pos, pos + textLen));
+            } catch(e) { return null; }
+        }
+
+        function extractSender(bytes) {
+            try {
+                const str = Array.from(bytes).map(b => String.fromCharCode(b)).join('');
+                const match = str.match(/(\d+@(?:s\.whatsapp\.net|lid|g\.us))/);
+                return match ? match[1] : null;
+            } catch(e) { return null; }
+        }
+
+        const messages = [];
+        for (const d of c.decrypt) {
+            if (!d.outB64 || d.alg !== 'AES-CBC') continue;
+            try {
+                const bytes = Uint8Array.from(atob(d.outB64), c => c.charCodeAt(0));
+                const text = parseProtobufText(bytes);
+                if (text && text.length > 0) {
+                    messages.push({
+                        text: text,
+                        sender: extractSender(bytes),
+                        ts: d.ts
+                    });
+                }
+            } catch(e) {}
+        }
+
+        return JSON.stringify({
+            totalDecrypts: c.decrypt.length,
+            textMessages: messages.length,
+            messages: messages
+        });
+    });
+    return result;
+}
+```
+
+### Step 5: Navigate to more chats for additional messages
+
+WhatsApp only decrypts messages for loaded chats. To capture more:
+
+```
+Use browser_snapshot to see the chat list.
+Click on different chats using browser_click with the ref for each chat.
+Wait 3-5 seconds between clicks for decryption to complete.
+Re-run Step 4 to collect newly decrypted messages.
+```
+
+### Step 6: Store messages in memories.db
+
+```python
+import sys, os
+sys.path.insert(0, os.path.expanduser("~/ai-browser-profile"))
+from ai_browser_profile import MemoryDB
+from ai_browser_profile.ingestors.messages import ingest_messages, message_stats
+
+mem = MemoryDB(os.path.expanduser("~/ai-browser-profile/memories.db"))
+
+# messages = the parsed messages list from Step 4
+inserted = ingest_messages(mem, messages)
+print(f"Inserted {inserted} new messages")
+
+stats = message_stats(mem)
+print(f"Total stored: {stats['total_messages']}")
+
+mem.close()
+```
+
+### Step 7: Analyze messages and write relationship memories
+
+```python
+from ai_browser_profile.ingestors.messages import get_messages
+
+mem = MemoryDB(os.path.expanduser("~/ai-browser-profile/memories.db"))
+
+all_msgs = get_messages(mem, limit=1000)
+
+# After analyzing, write relationship/interest memories:
+mem.upsert("relationship:ContactName", "description of relationship",
+           ["contact", "relationship"], 0.8, "whatsapp:messages")
+
+mem.conn.commit()
+mem.close()
+```
+
+---
+
+## Part 2: Metadata Analysis (Offline from IndexedDB)
+
+### Prerequisites
+
+Run the memory extraction first to populate contacts in `memories.db`:
+
+```bash
+cd ~/ai-browser-profile
+source .venv/bin/activate
+python extract.py
+```
+
+For deeper metadata analysis, read IndexedDB directly:
+
+```python
+import shutil, tempfile, json
+from pathlib import Path
+from ccl_chromium_reader import ccl_chromium_indexeddb
+
+APP_SUPPORT = Path.home() / "Library" / "Application Support"
+arc_idb = APP_SUPPORT / "Arc" / "User Data" / "Default" / "IndexedDB"
+
+for db_dir in arc_idb.glob("*whatsapp*_0.indexeddb.leveldb"):
+    tmp = Path(tempfile.mkdtemp())
+    shutil.copytree(db_dir, tmp / db_dir.name)
+    blob_dir = db_dir.parent / db_dir.name.replace(".leveldb", ".blob")
+    tmp_blob = None
+    if blob_dir.exists():
+        tmp_blob = Path(tempfile.mkdtemp())
+        shutil.copytree(blob_dir, tmp_blob / blob_dir.name)
+
+    wrapper = ccl_chromium_indexeddb.WrappedIndexDB(
+        str(tmp / db_dir.name),
+        str(tmp_blob / blob_dir.name) if tmp_blob else None,
+    )
+    # Now iterate stores...
+```
+
+### Data Available
+
+WhatsApp Web stores 51 IndexedDB object stores. Message bodies are encrypted (Signal protocol), but all metadata is plaintext:
+
+| Store | Records | What's in it |
+|-------|---------|-------------|
+| contact | 1000 | Phone numbers, names, isAddressBook, isBusiness |
+| chat | 1000 | Chat IDs, last message timestamps, unread counts |
+| group-metadata | 400+ | Group subjects, creation dates, owner phone |
+| participant | 400+ | Group member phone lists |
+| message | 1000 | Message type, from/to/author, timestamps (NOT body) |
+| reactions | 900+ | Emoji reactions with sender, timestamp |
+
+### Inner Circle Analysis
+
+Count shared group membership to find closest contacts:
+
+```python
+your_groups = set()
+person_groups = {}
+
+for participant_record in participants:
+    gid = record['groupId']
+    for p in record['participants']:
+        phone = p.split('@')[0]
+        resolved = lid_to_phone.get(phone, phone)
+        if resolved == YOUR_NUMBER:
+            your_groups.add(gid)
+        person_groups.setdefault(resolved, set()).add(gid)
+
+shared = {p: len(gs & your_groups) for p, gs in person_groups.items() if p != YOUR_NUMBER}
+top_connections = sorted(shared.items(), key=lambda x: -x[1])
+```
+
+## Known Limitations
+
+- **Session-specific keys**: HKDF-derived keys change per browser session
+- **Offline decryption**: Does not work across sessions
+- **Record cap**: 1000 per IndexedDB store
+- **Contact names**: Only available for address book contacts
+- **Timestamps**: Unix epoch seconds — convert with `datetime.fromtimestamp(t, tz=timezone.utc)`