claude-cac 1.0.0

package/cac

@@ -0,0 +1,1193 @@
+#!/usr/bin/env bash
+# cac — Claude Anti-fingerprint Cloak
+# 由 build.sh 从 src/ 构建，勿直接编辑本文件
+set -euo pipefail
+
+CAC_DIR="$HOME/.cac"
+ENVS_DIR="$CAC_DIR/envs"
+
+# ━━━ utils.sh ━━━
+# ── utils: 颜色、读写、UUID、proxy 解析 ───────────────────────
+
+_read()   { [[ -f "$1" ]] && tr -d '[:space:]' < "$1" || echo "${2:-}"; }
+_bold()   { printf '\033[1m%s\033[0m' "$*"; }
+_green()  { printf '\033[32m%s\033[0m' "$*"; }
+_red()    { printf '\033[31m%s\033[0m' "$*"; }
+_yellow() { printf '\033[33m%s\033[0m' "$*"; }
+
+_detect_os() {
+    case "$(uname -s)" in
+        Darwin) echo "macos" ;;
+        Linux)  echo "linux" ;;
+        MINGW*|MSYS*|CYGWIN*) echo "windows" ;;
+        *) echo "unknown" ;;
+    esac
+}
+
+_new_uuid()    { uuidgen | tr '[:lower:]' '[:upper:]'; }
+_new_sid()     { uuidgen | tr '[:upper:]' '[:lower:]'; }
+_new_user_id() { python3 -c "import os; print(os.urandom(32).hex())"; }
+_new_machine_id() { uuidgen | tr -d '-' | tr '[:upper:]' '[:lower:]'; }
+_new_hostname() { echo "host-$(uuidgen | cut -d- -f1 | tr '[:upper:]' '[:lower:]')"; }
+_new_mac() { od -An -tx1 -N5 /dev/urandom | awk '{printf "02:%s:%s:%s:%s:%s",$1,$2,$3,$4,$5}'; }
+
+# host:port:user:pass → http://user:pass@host:port
+# 或直接传入完整 URL（http://、https://、socks5://）
+_parse_proxy() {
+    local raw="$1"
+    # 如果已经是完整 URL，直接返回
+    if [[ "$raw" =~ ^(http|https|socks5):// ]]; then
+        echo "$raw"
+        return
+    fi
+    # 否则解析 host:port:user:pass 格式
+    local host port user pass
+    host=$(echo "$raw" | cut -d: -f1)
+    port=$(echo "$raw" | cut -d: -f2)
+    user=$(echo "$raw" | cut -d: -f3)
+    pass=$(echo "$raw" | cut -d: -f4)
+    if [[ -z "$user" ]]; then
+        echo "http://${host}:${port}"
+    else
+        echo "http://${user}:${pass}@${host}:${port}"
+    fi
+}
+
+# socks5://user:pass@host:port → host:port
+_proxy_host_port() {
+    echo "$1" | sed 's|.*@||' | sed 's|.*://||'
+}
+
+_proxy_reachable() {
+    local hp host port
+    hp=$(_proxy_host_port "$1")
+    host=$(echo "$hp" | cut -d: -f1)
+    port=$(echo "$hp" | cut -d: -f2)
+    (echo >/dev/tcp/"$host"/"$port") 2>/dev/null
+}
+
+_current_env()  { _read "$CAC_DIR/current"; }
+_env_dir()      { echo "$ENVS_DIR/$1"; }
+
+_require_setup() {
+    [[ -f "$CAC_DIR/real_claude" ]] || {
+        echo "错误：请先运行 'cac setup'" >&2; exit 1
+    }
+}
+
+_require_env() {
+    [[ -d "$ENVS_DIR/$1" ]] || {
+        echo "错误：环境 '$1' 不存在，用 'cac ls' 查看" >&2; exit 1
+    }
+}
+
+_find_real_claude() {
+    PATH=$(echo "$PATH" | tr ':' '\n' | grep -v "$CAC_DIR/bin" | tr '\n' ':') \
+        command -v claude 2>/dev/null || true
+}
+
+_update_statsig() {
+    local statsig="$HOME/.claude/statsig"
+    [[ -d "$statsig" ]] || return 0
+    for f in "$statsig"/statsig.stable_id.*; do
+        [[ -f "$f" ]] && printf '"%s"' "$1" > "$f"
+    done
+}
+
+_update_claude_json_user_id() {
+    local user_id="$1"
+    local claude_json="$HOME/.claude.json"
+    [[ -f "$claude_json" ]] || return 0
+    python3 - "$claude_json" "$user_id" << 'PYEOF'
+import json, sys
+fpath, uid = sys.argv[1], sys.argv[2]
+with open(fpath) as f:
+    d = json.load(f)
+d['userID'] = uid
+with open(fpath, 'w') as f:
+    json.dump(d, f, indent=2, ensure_ascii=False)
+PYEOF
+    [[ $? -eq 0 ]] || echo "警告：更新 ~/.claude.json userID 失败" >&2
+}
+
+# ━━━ dns_block.sh ━━━
+# ── DNS 拦截 & 遥测域名屏蔽 ─────────────────────────────────────
+
+# 需要拦截的遥测域名
+TELEMETRY_DOMAINS=(
+    "statsig.anthropic.com"
+    "sentry.io"
+    "o1137031.ingest.sentry.io"
+)
+
+# 写入 HOSTALIASES 文件（备用层：gethostbyname 级别拦截）
+# HOSTALIASES 格式为 hostname-to-hostname 映射（非 IP）
+_write_blocked_hosts() {
+    local hosts_file="$CAC_DIR/blocked_hosts"
+    {
+        echo "# cac — blocked telemetry domains"
+        echo "# Generated by cac setup, used via HOSTALIASES"
+        for domain in "${TELEMETRY_DOMAINS[@]}"; do
+            printf '%s\tlocalhost\n' "$domain"
+        done
+    } > "$hosts_file"
+}
+
+# 写入 Node.js DNS guard 模块（核心层：dns.lookup / dns.resolve 级别拦截 + mTLS）
+_write_dns_guard_js() {
+    local guard_file="$CAC_DIR/cac-dns-guard.js"
+    cat > "$guard_file" << 'DNSGUARD_EOF'
+// ═══════════════════════════════════════════════════════════════
+// cac-dns-guard.js
+// NS 层级遥测域名拦截 ｜ mTLS 证书注入 ｜ fetch 防泄露
+// 通过 NODE_OPTIONS="--require <this>" 注入到 Claude Code 进程
+// ═══════════════════════════════════════════════════════════════
+'use strict';
+
+var dns  = require('dns');
+var net  = require('net');
+var tls  = require('tls');
+var http = require('http');
+var https = require('https');
+var fs   = require('fs');
+
+// ─── 1. NS 层级遥测域名拦截 ──────────────────────────────────
+
+var BLOCKED_DOMAINS = new Set([
+    'statsig.anthropic.com',
+    'sentry.io',
+    'o1137031.ingest.sentry.io',
+]);
+
+/**
+ * 检查域名是否在拦截名单中（含子域匹配）
+ * e.g. "foo.sentry.io" 会匹配 "sentry.io"
+ */
+function isDomainBlocked(hostname) {
+    if (!hostname) return false;
+    var h = hostname.toLowerCase().replace(/\.$/,'');
+    if (BLOCKED_DOMAINS.has(h)) return true;
+    var parts = h.split('.');
+    for (var i = 1; i < parts.length - 1; i++) {
+        if (BLOCKED_DOMAINS.has(parts.slice(i).join('.'))) return true;
+    }
+    return false;
+}
+
+function makeBlockedError(hostname, syscall) {
+    var msg = 'connect ECONNREFUSED (blocked by cac): ' + hostname;
+    var err = new Error(msg);
+    err.code     = 'ECONNREFUSED';
+    err.errno    = -111;
+    err.hostname = hostname;
+    err.syscall  = syscall || 'connect';
+    return err;
+}
+
+// ── 1a. 拦截 dns.lookup ──
+var _origLookup = dns.lookup;
+dns.lookup = function cacLookup(hostname, options, callback) {
+    if (typeof options === 'function') { callback = options; options = {}; }
+    if (isDomainBlocked(hostname)) {
+        var err = makeBlockedError(hostname, 'getaddrinfo');
+        if (typeof callback === 'function') process.nextTick(function() { callback(err); });
+        return {};
+    }
+    return _origLookup.call(dns, hostname, options, callback);
+};
+
+// ── 1b. 拦截 dns.resolve / resolve4 / resolve6 ──
+['resolve','resolve4','resolve6'].forEach(function(method) {
+    var orig = dns[method];
+    if (!orig) return;
+    dns[method] = function(hostname) {
+        var args = Array.prototype.slice.call(arguments);
+        var cb = args[args.length - 1];
+        if (isDomainBlocked(hostname)) {
+            var err = makeBlockedError(hostname, 'query');
+            if (typeof cb === 'function') process.nextTick(function() { cb(err); });
+            return;
+        }
+        return orig.apply(dns, args);
+    };
+});
+
+// ── 1c. 拦截 dns.promises ──
+if (dns.promises) {
+    var _origPLookup = dns.promises.lookup;
+    if (_origPLookup) {
+        dns.promises.lookup = function cacPromiseLookup(hostname, options) {
+            if (isDomainBlocked(hostname)) return Promise.reject(makeBlockedError(hostname, 'getaddrinfo'));
+            return _origPLookup.call(dns.promises, hostname, options);
+        };
+    }
+    ['resolve','resolve4','resolve6'].forEach(function(method) {
+        var orig = dns.promises[method];
+        if (!orig) return;
+        dns.promises[method] = function(hostname) {
+            if (isDomainBlocked(hostname)) return Promise.reject(makeBlockedError(hostname, 'query'));
+            return orig.apply(dns.promises, arguments);
+        };
+    });
+}
+
+// ── 1d. 网络层安全网：拦截 net.connect 到遥测域名 ──
+var _origNetConnect    = net.connect;
+var _origNetCreateConn = net.createConnection;
+
+function getHostFromArgs(args) {
+    if (typeof args[0] === 'object') return args[0].host || args[0].hostname || '';
+    return '';
+}
+
+function makeBlockedSocket(host) {
+    var sock = new net.Socket();
+    var err = makeBlockedError(host, 'connect');
+    process.nextTick(function() { sock.destroy(err); });
+    return sock;
+}
+
+net.connect = function cacNetConnect() {
+    var host = getHostFromArgs(arguments);
+    if (isDomainBlocked(host)) return makeBlockedSocket(host);
+    return _origNetConnect.apply(net, arguments);
+};
+net.createConnection = function cacNetCreateConnection() {
+    var host = getHostFromArgs(arguments);
+    if (isDomainBlocked(host)) return makeBlockedSocket(host);
+    return _origNetCreateConn.apply(net, arguments);
+};
+
+
+// ─── 2. mTLS 客户端证书注入 ──────────────────────────────────
+
+var mtlsCert = process.env.CAC_MTLS_CERT;
+var mtlsKey  = process.env.CAC_MTLS_KEY;
+var mtlsCa   = process.env.CAC_MTLS_CA;
+var proxyHostPort = process.env.CAC_PROXY_HOST || '';
+
+if (mtlsCert && mtlsKey) {
+    var certData, keyData, caData;
+    try {
+        certData = fs.readFileSync(mtlsCert);
+        keyData  = fs.readFileSync(mtlsKey);
+        if (mtlsCa) caData = fs.readFileSync(mtlsCa);
+    } catch(e) {
+        certData = null; keyData = null;
+    }
+
+    if (certData && keyData) {
+        // 仅对代理服务器连接注入 mTLS 证书
+        var proxyHost = proxyHostPort.split(':')[0];
+        var proxyPort = parseInt(proxyHostPort.split(':')[1], 10) || 0;
+
+        // 2a. 拦截 tls.connect，在代理连接时注入客户端证书
+        var _origTlsConnect = tls.connect;
+        tls.connect = function cacTlsConnect() {
+            // 规范化参数：tls.connect(options[, cb]) 或 tls.connect(port[, host][, options][, cb])
+            var args = Array.prototype.slice.call(arguments);
+            var options, callback;
+
+            if (typeof args[0] === 'object') {
+                options = args[0];
+                callback = (typeof args[1] === 'function') ? args[1] : undefined;
+            } else {
+                // tls.connect(port, host, options, cb) 形式
+                var port = args[0];
+                var host = (typeof args[1] === 'string') ? args[1] : 'localhost';
+                var optIdx = (typeof args[1] === 'string') ? 2 : 1;
+                options = (typeof args[optIdx] === 'object') ? args[optIdx] : {};
+                options.port = port;
+                options.host = host;
+                callback = args[args.length - 1];
+                if (typeof callback !== 'function') callback = undefined;
+            }
+
+            // 仅在连接代理时注入（精确匹配 host:port）
+            var targetHost = options.host || options.hostname || '';
+            var targetPort = options.port || 0;
+            if (proxyHost && targetHost === proxyHost &&
+                (proxyPort === 0 || targetPort === proxyPort)) {
+                if (!options.cert) {
+                    options.cert = certData;
+                    options.key  = keyData;
+                    if (caData) {
+                        options.ca = options.ca
+                            ? [].concat(options.ca, caData)
+                            : [caData];
+                    }
+                }
+            }
+
+            if (callback) return _origTlsConnect.call(tls, options, callback);
+            return _origTlsConnect.call(tls, options);
+        };
+
+        // 2b. 注入 CA 到 https.globalAgent（仅信任 CA，不注入客户端私钥）
+        if (caData && https.globalAgent && https.globalAgent.options) {
+            https.globalAgent.options.ca = https.globalAgent.options.ca
+                ? [].concat(https.globalAgent.options.ca, caData)
+                : [caData];
+        }
+    }
+}
+
+
+// ─── 3. fetch 遥测拦截补丁 ──────────────────────────────────
+// Node.js 原生 fetch (undici) 不经过 dns.lookup，会绕过 DNS 拦截
+// 策略：优先用 node-fetch（走 http/https 模块 → dns.lookup）
+//       否则 wrap 原生 fetch 拦截遥测域名
+
+(function patchFetch() {
+    if (typeof globalThis === 'undefined') return;
+
+    // 优先加载 node-fetch（基于 http/https 模块，天然走 dns.lookup 拦截链）
+    try {
+        var nodeFetch = require('node-fetch');
+        if (nodeFetch && typeof nodeFetch === 'function') {
+            globalThis.fetch = nodeFetch;
+            if (nodeFetch.Headers)  globalThis.Headers  = nodeFetch.Headers;
+            if (nodeFetch.Request)  globalThis.Request  = nodeFetch.Request;
+            if (nodeFetch.Response) globalThis.Response = nodeFetch.Response;
+            return;
+        }
+    } catch(e) {
+        // node-fetch 不可用
+    }
+
+    // 兜底：包装原生 fetch，至少确保遥测域名被拦截
+    if (typeof globalThis.fetch === 'function') {
+        var _origFetch = globalThis.fetch;
+        globalThis.fetch = function cacFetch(input, init) {
+            var hostname;
+            try {
+                var urlStr = typeof input === 'string' ? input :
+                             (input && input.url) ? input.url : '';
+                if (urlStr) hostname = new URL(urlStr).hostname;
+            } catch(e) { /* ignore */ }
+
+            if (hostname && isDomainBlocked(hostname)) {
+                return Promise.reject(makeBlockedError(hostname, 'fetch'));
+            }
+            return _origFetch(input, init);
+        };
+    }
+})();
+DNSGUARD_EOF
+    chmod 644 "$guard_file"
+}
+
+# 验证 DNS 拦截是否生效
+_check_dns_block() {
+    local domain="${1:-statsig.anthropic.com}"
+    local guard_file="$CAC_DIR/cac-dns-guard.js"
+
+    if [[ ! -f "$guard_file" ]]; then
+        echo "$(_red "✗") DNS guard 模块不存在"
+        return 1
+    fi
+
+    local result
+    result=$(node -e '
+        require(process.argv[1]);
+        var dns = require("dns");
+        dns.lookup(process.argv[2], function(err) {
+            process.stdout.write(err && (err.code === "ECONNREFUSED" || err.code === "ENOTFOUND") ? "BLOCKED" : "OPEN");
+        });
+    ' "$guard_file" "$domain" 2>/dev/null || echo "ERROR")
+
+    if [[ "$result" == "BLOCKED" ]]; then
+        echo "$(_green "✓") $domain 已拦截"
+        return 0
+    else
+        echo "$(_red "✗") $domain 未被拦截 ($result)"
+        return 1
+    fi
+}
+
+# ━━━ mtls.sh ━━━
+# ── mTLS 客户端证书管理 ─────────────────────────────────────────
+
+# 生成自签 CA（setup 时调用，仅生成一次）
+_generate_ca_cert() {
+    local ca_dir="$CAC_DIR/ca"
+    local ca_key="$ca_dir/ca_key.pem"
+    local ca_cert="$ca_dir/ca_cert.pem"
+
+    if [[ -f "$ca_cert" ]] && [[ -f "$ca_key" ]]; then
+        echo "  CA 证书已存在，跳过生成"
+        return 0
+    fi
+
+    mkdir -p "$ca_dir"
+
+    # 生成 CA 私钥（4096 位 RSA）
+    openssl genrsa -out "$ca_key" 4096 2>/dev/null || {
+        echo "错误：生成 CA 私钥失败" >&2; return 1
+    }
+    chmod 600 "$ca_key"
+
+    # 生成自签 CA 证书（有效期 10 年）
+    openssl req -new -x509 \
+        -key "$ca_key" \
+        -out "$ca_cert" \
+        -days 3650 \
+        -subj "/CN=cac-privacy-ca/O=cac/OU=mtls" \
+        -addext "basicConstraints=critical,CA:TRUE,pathlen:0" \
+        -addext "keyUsage=critical,keyCertSign,cRLSign" \
+        2>/dev/null || {
+        echo "错误：生成 CA 证书失败" >&2; return 1
+    }
+    chmod 644 "$ca_cert"
+}
+
+# 为指定环境生成客户端证书（cac add 时调用）
+_generate_client_cert() {
+    local name="$1"
+    local env_dir="$ENVS_DIR/$name"
+    local ca_key="$CAC_DIR/ca/ca_key.pem"
+    local ca_cert="$CAC_DIR/ca/ca_cert.pem"
+
+    if [[ ! -f "$ca_key" ]] || [[ ! -f "$ca_cert" ]]; then
+        echo "  警告：CA 证书不存在，跳过客户端证书生成" >&2
+        return 1
+    fi
+
+    local client_key="$env_dir/client_key.pem"
+    local client_csr="$env_dir/client_csr.pem"
+    local client_cert="$env_dir/client_cert.pem"
+
+    # 生成客户端私钥（2048 位 RSA）
+    openssl genrsa -out "$client_key" 2048 2>/dev/null || {
+        echo "错误：生成客户端私钥失败" >&2; return 1
+    }
+    chmod 600 "$client_key"
+
+    # 生成 CSR
+    openssl req -new \
+        -key "$client_key" \
+        -out "$client_csr" \
+        -subj "/CN=cac-client-${name}/O=cac/OU=env-${name}" \
+        2>/dev/null || {
+        echo "错误：生成 CSR 失败" >&2; return 1
+    }
+
+    # 用 CA 签发客户端证书（有效期 1 年）
+    openssl x509 -req \
+        -in "$client_csr" \
+        -CA "$ca_cert" \
+        -CAkey "$ca_key" \
+        -CAcreateserial \
+        -out "$client_cert" \
+        -days 365 \
+        -extfile <(printf "keyUsage=critical,digitalSignature\nextendedKeyUsage=clientAuth") \
+        2>/dev/null || {
+        echo "错误：签发客户端证书失败" >&2; return 1
+    }
+    chmod 644 "$client_cert"
+
+    # 清理 CSR（不再需要）
+    rm -f "$client_csr"
+}
+
+# 验证 mTLS 证书状态
+_check_mtls() {
+    local env_dir="$1"
+    local ca_cert="$CAC_DIR/ca/ca_cert.pem"
+    local client_cert="$env_dir/client_cert.pem"
+    local client_key="$env_dir/client_key.pem"
+
+    # 检查 CA
+    if [[ ! -f "$ca_cert" ]]; then
+        echo "$(_red "✗") CA 证书不存在"
+        return 1
+    fi
+
+    # 检查客户端证书
+    if [[ ! -f "$client_cert" ]] || [[ ! -f "$client_key" ]]; then
+        echo "$(_yellow "⚠") 客户端证书不存在"
+        return 1
+    fi
+
+    # 验证证书链
+    if openssl verify -CAfile "$ca_cert" "$client_cert" >/dev/null 2>&1; then
+        # 检查证书有效期
+        local expiry
+        expiry=$(openssl x509 -in "$client_cert" -noout -enddate 2>/dev/null | cut -d= -f2)
+        local cn
+        cn=$(openssl x509 -in "$client_cert" -noout -subject 2>/dev/null | sed 's/.*CN *= *//')
+        echo "$(_green "✓") mTLS 证书有效 (CN=$cn, 到期: $expiry)"
+        return 0
+    else
+        echo "$(_red "✗") 证书链验证失败"
+        return 1
+    fi
+}
+
+# ━━━ templates.sh ━━━
+# ── templates: 写入 wrapper 和 ioreg shim ──────────────────────
+
+_write_wrapper() {
+    mkdir -p "$CAC_DIR/bin"
+    cat > "$CAC_DIR/bin/claude" << 'WRAPPER_EOF'
+#!/usr/bin/env bash
+set -euo pipefail
+
+CAC_DIR="$HOME/.cac"
+ENVS_DIR="$CAC_DIR/envs"
+
+# cacstop 状态：直接透传
+if [[ -f "$CAC_DIR/stopped" ]]; then
+    _real=$(tr -d '[:space:]' < "$CAC_DIR/real_claude" 2>/dev/null || true)
+    [[ -x "$_real" ]] && exec "$_real" "$@"
+    echo "[cac] 错误：找不到真实 claude，运行 'cac setup'" >&2; exit 1
+fi
+
+# 读取当前环境
+if [[ ! -f "$CAC_DIR/current" ]]; then
+    echo "[cac] 错误：未激活任何环境，运行 'cac <name>'" >&2; exit 1
+fi
+_name=$(tr -d '[:space:]' < "$CAC_DIR/current")
+_env_dir="$ENVS_DIR/$_name"
+[[ -d "$_env_dir" ]] || { echo "[cac] 错误：环境 '$_name' 不存在" >&2; exit 1; }
+
+PROXY=$(tr -d '[:space:]' < "$_env_dir/proxy")
+
+# pre-flight：代理连通性（纯 bash，无 fork）
+_hp="${PROXY##*@}"; _hp="${_hp##*://}"
+_host="${_hp%%:*}"
+_port="${_hp##*:}"
+if ! (echo >/dev/tcp/"$_host"/"$_port") 2>/dev/null; then
+    echo "[cac] 错误：[$_name] 代理 $_hp 不通，拒绝启动。" >&2
+    echo "[cac] 提示：运行 'cac check' 排查，或 'cacstop' 临时停用" >&2
+    exit 1
+fi
+
+# 注入 statsig stable_id
+if [[ -f "$_env_dir/stable_id" ]]; then
+    _sid=$(tr -d '[:space:]' < "$_env_dir/stable_id")
+    for _f in "$HOME/.claude/statsig"/statsig.stable_id.*; do
+        [[ -f "$_f" ]] && printf '"%s"' "$_sid" > "$_f"
+    done
+fi
+
+# 注入环境变量 —— 代理
+export HTTPS_PROXY="$PROXY" HTTP_PROXY="$PROXY" ALL_PROXY="$PROXY"
+export NO_PROXY="localhost,127.0.0.1"
+export PATH="$CAC_DIR/shim-bin:$PATH"
+
+# ── 多层环境变量遥测保护 ──
+# Layer 1: Claude Code 原生开关
+export CLAUDE_CODE_ENABLE_TELEMETRY=
+# Layer 2: 通用遥测标准 (https://consoledonottrack.com)
+export DO_NOT_TRACK=1
+# Layer 3: OpenTelemetry SDK 全面禁用
+export OTEL_SDK_DISABLED=true
+export OTEL_TRACES_EXPORTER=none
+export OTEL_METRICS_EXPORTER=none
+export OTEL_LOGS_EXPORTER=none
+# Layer 4: Sentry DSN 置空，阻止错误上报
+export SENTRY_DSN=
+# Layer 5: Claude Code 特有开关
+export DISABLE_ERROR_REPORTING=1
+export DISABLE_BUG_COMMAND=1
+export CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1
+# Layer 6: 其他已知遥测标志
+export TELEMETRY_DISABLED=1
+export DISABLE_TELEMETRY=1
+
+# 清除第三方 API 配置，强制走 OAuth 官方端点
+unset ANTHROPIC_BASE_URL
+unset ANTHROPIC_AUTH_TOKEN
+unset ANTHROPIC_API_KEY
+
+# ── NS 层级 DNS 拦截 ──
+if [[ -f "$CAC_DIR/cac-dns-guard.js" ]]; then
+    case "${NODE_OPTIONS:-}" in
+        *cac-dns-guard.js*) ;; # 已注入，跳过
+        *) export NODE_OPTIONS="${NODE_OPTIONS:-} --require $CAC_DIR/cac-dns-guard.js" ;;
+    esac
+fi
+# 备用层：HOSTALIASES（gethostbyname 级别）
+[[ -f "$CAC_DIR/blocked_hosts" ]] && export HOSTALIASES="$CAC_DIR/blocked_hosts"
+
+# ── mTLS 客户端证书 ──
+if [[ -f "$_env_dir/client_cert.pem" ]] && [[ -f "$_env_dir/client_key.pem" ]]; then
+    export CAC_MTLS_CERT="$_env_dir/client_cert.pem"
+    export CAC_MTLS_KEY="$_env_dir/client_key.pem"
+    [[ -f "$CAC_DIR/ca/ca_cert.pem" ]] && {
+        export CAC_MTLS_CA="$CAC_DIR/ca/ca_cert.pem"
+        export NODE_EXTRA_CA_CERTS="$CAC_DIR/ca/ca_cert.pem"
+    }
+    export CAC_PROXY_HOST="$_hp"
+fi
+
+[[ -f "$_env_dir/tz" ]]   && export TZ=$(tr -d '[:space:]' < "$_env_dir/tz")
+[[ -f "$_env_dir/lang" ]] && export LANG=$(tr -d '[:space:]' < "$_env_dir/lang")
+[[ -f "$_env_dir/hostname" ]] && export HOSTNAME=$(tr -d '[:space:]' < "$_env_dir/hostname")
+
+# 执行真实 claude
+_real=$(tr -d '[:space:]' < "$CAC_DIR/real_claude")
+[[ -x "$_real" ]] || { echo "[cac] 错误：$_real 不可执行，运行 'cac setup'" >&2; exit 1; }
+exec "$_real" "$@"
+WRAPPER_EOF
+    chmod +x "$CAC_DIR/bin/claude"
+}
+
+_write_ioreg_shim() {
+    mkdir -p "$CAC_DIR/shim-bin"
+    cat > "$CAC_DIR/shim-bin/ioreg" << 'IOREG_EOF'
+#!/usr/bin/env bash
+CAC_DIR="$HOME/.cac"
+
+# 非目标调用：透传真实 ioreg
+if ! echo "$*" | grep -q "IOPlatformExpertDevice"; then
+    _real=$(PATH=$(echo "$PATH" | tr ':' '\n' | grep -v "$CAC_DIR/shim-bin" | tr '\n' ':') \
+            command -v ioreg 2>/dev/null || true)
+    [[ -n "$_real" ]] && exec "$_real" "$@"
+    exit 0
+fi
+
+# 读取当前环境的 UUID
+_uuid_file="$CAC_DIR/envs/$(tr -d '[:space:]' < "$CAC_DIR/current" 2>/dev/null)/uuid"
+if [[ ! -f "$_uuid_file" ]]; then
+    _real=$(PATH=$(echo "$PATH" | tr ':' '\n' | grep -v "$CAC_DIR/shim-bin" | tr '\n' ':') \
+            command -v ioreg 2>/dev/null || true)
+    [[ -n "$_real" ]] && exec "$_real" "$@"
+    exit 0
+fi
+FAKE_UUID=$(tr -d '[:space:]' < "$_uuid_file")
+
+cat <<EOF
++-o Root  <class IORegistryEntry, id 0x100000100, retain 11>
+  +-o J314sAP  <class IOPlatformExpertDevice, id 0x100000101, registered, matched, active, busy 0 (0 ms), retain 28>
+    {
+      "IOPlatformUUID" = "$FAKE_UUID"
+      "IOPlatformSerialNumber" = "C02FAKE000001"
+      "manufacturer" = "Apple Inc."
+      "model" = "Mac14,5"
+    }
+EOF
+IOREG_EOF
+    chmod +x "$CAC_DIR/shim-bin/ioreg"
+}
+
+_write_machine_id_shim() {
+    mkdir -p "$CAC_DIR/shim-bin"
+    cat > "$CAC_DIR/shim-bin/cat" << 'CAT_EOF'
+#!/usr/bin/env bash
+CAC_DIR="$HOME/.cac"
+
+# 先获取真实 cat 路径（避免递归调用自身）
+_real=$(PATH=$(echo "$PATH" | tr ':' '\n' | grep -v "$CAC_DIR/shim-bin" | tr '\n' ':') command -v cat 2>/dev/null || true)
+
+# 拦截 /etc/machine-id 和 /var/lib/dbus/machine-id
+if [[ "$1" == "/etc/machine-id" ]] || [[ "$1" == "/var/lib/dbus/machine-id" ]]; then
+    _mid_file="$CAC_DIR/envs/$(tr -d '[:space:]' < "$CAC_DIR/current" 2>/dev/null)/machine_id"
+    if [[ -f "$_mid_file" ]] && [[ -n "$_real" ]]; then
+        exec "$_real" "$_mid_file"
+    fi
+fi
+
+# 非目标调用：透传真实 cat
+[[ -n "$_real" ]] && exec "$_real" "$@"
+exit 1
+CAT_EOF
+    chmod +x "$CAC_DIR/shim-bin/cat"
+}
+
+_write_hostname_shim() {
+    mkdir -p "$CAC_DIR/shim-bin"
+    cat > "$CAC_DIR/shim-bin/hostname" << 'HOSTNAME_EOF'
+#!/usr/bin/env bash
+CAC_DIR="$HOME/.cac"
+
+# 读取伪造的 hostname
+_hn_file="$CAC_DIR/envs/$(tr -d '[:space:]' < "$CAC_DIR/current" 2>/dev/null)/hostname"
+if [[ -f "$_hn_file" ]]; then
+    cat "$_hn_file"
+    exit 0
+fi
+
+# 透传真实 hostname
+_real=$(PATH=$(echo "$PATH" | tr ':' '\n' | grep -v "$CAC_DIR/shim-bin" | tr '\n' ':') command -v hostname 2>/dev/null || true)
+[[ -n "$_real" ]] && exec "$_real" "$@"
+exit 1
+HOSTNAME_EOF
+    chmod +x "$CAC_DIR/shim-bin/hostname"
+}
+
+_write_ifconfig_shim() {
+    mkdir -p "$CAC_DIR/shim-bin"
+    cat > "$CAC_DIR/shim-bin/ifconfig" << 'IFCONFIG_EOF'
+#!/usr/bin/env bash
+CAC_DIR="$HOME/.cac"
+
+_real=$(PATH=$(echo "$PATH" | tr ':' '\n' | grep -v "$CAC_DIR/shim-bin" | tr '\n' ':') command -v ifconfig 2>/dev/null || true)
+
+_mac_file="$CAC_DIR/envs/$(tr -d '[:space:]' < "$CAC_DIR/current" 2>/dev/null)/mac_address"
+if [[ -f "$_mac_file" ]] && [[ -n "$_real" ]]; then
+    FAKE_MAC=$(tr -d '[:space:]' < "$_mac_file")
+    "$_real" "$@" | sed "s/ether [0-9a-f:]\{17\}/ether $FAKE_MAC/g" && exit 0
+fi
+
+[[ -n "$_real" ]] && exec "$_real" "$@"
+exit 1
+IFCONFIG_EOF
+    chmod +x "$CAC_DIR/shim-bin/ifconfig"
+}
+
+# ━━━ cmd_setup.sh ━━━
+# ── cmd: setup ─────────────────────────────────────────────────
+
+cmd_setup() {
+    echo "=== cac setup ==="
+
+    local real_claude
+    real_claude=$(_find_real_claude)
+    if [[ -z "$real_claude" ]]; then
+        echo "错误：找不到 claude 命令，请先安装 Claude CLI" >&2
+        echo "  npm install -g @anthropic-ai/claude-code" >&2
+        exit 1
+    fi
+    echo "  真实 claude：$real_claude"
+
+    mkdir -p "$ENVS_DIR"
+    echo "$real_claude" > "$CAC_DIR/real_claude"
+
+    local os; os=$(_detect_os)
+    _write_wrapper
+    _write_hostname_shim
+    _write_ifconfig_shim
+
+    if [[ "$os" == "macos" ]]; then
+        _write_ioreg_shim
+        echo "  ✓ ioreg shim → $CAC_DIR/shim-bin/ioreg"
+    elif [[ "$os" == "linux" ]]; then
+        _write_machine_id_shim
+        echo "  ✓ machine-id shim → $CAC_DIR/shim-bin/cat"
+    fi
+
+    echo "  ✓ wrapper → $CAC_DIR/bin/claude"
+    echo "  ✓ hostname shim → $CAC_DIR/shim-bin/hostname"
+    echo "  ✓ ifconfig shim → $CAC_DIR/shim-bin/ifconfig"
+
+    # DNS guard (NS 层级遥测拦截 + DoH)
+    _write_dns_guard_js
+    _write_blocked_hosts
+    echo "  ✓ DNS guard → $CAC_DIR/cac-dns-guard.js"
+    echo "  ✓ blocked hosts → $CAC_DIR/blocked_hosts"
+
+    # mTLS CA 证书
+    _generate_ca_cert
+    echo "  ✓ mTLS CA → $CAC_DIR/ca/ca_cert.pem"
+
+    echo
+    echo "── 下一步 ──────────────────────────────────────────────"
+    echo "1. 将以下两行加到 ~/.zshrc 最前面："
+    echo
+    echo "   export PATH=\"\$HOME/bin:\$PATH\"          # cac 命令"
+    echo "   export PATH=\"$CAC_DIR/bin:\$PATH\"  # claude wrapper"
+    echo
+    echo "2. source ~/.zshrc"
+    echo
+    echo "3. 添加第一个代理环境："
+    echo "   cac add <名字> <host:port:user:pass>"
+}
+
+# ━━━ cmd_env.sh ━━━
+# ── cmd: add / switch / ls ─────────────────────────────────────
+
+cmd_add() {
+    _require_setup
+    if [[ $# -lt 2 ]]; then
+        echo "用法：cac add <名字> <host:port:user:pass>" >&2
+        echo "示例：cac add us1 1.2.3.4:1080:username:password" >&2
+        exit 1
+    fi
+
+    local name="$1" raw_proxy="$2"
+    local env_dir="$ENVS_DIR/$name"
+
+    if [[ -d "$env_dir" ]]; then
+        echo "错误：环境 '$name' 已存在，用 'cac ls' 查看" >&2
+        exit 1
+    fi
+
+    local proxy
+    proxy=$(_parse_proxy "$raw_proxy")
+
+    echo "即将创建环境：$(_bold "$name")"
+    echo "  代理：$proxy"
+    echo
+
+    printf "  检测代理 ... "
+    if _proxy_reachable "$proxy"; then
+        echo "$(_green "✓ 可达")"
+    else
+        echo "$(_red "✗ 不通")"
+        echo "  警告：代理当前不可达（代理客户端可能未启动）"
+    fi
+
+    # 自动检测出口 IP 的时区和语言
+    printf "  检测时区 ... "
+    local exit_ip tz lang
+    exit_ip=$(curl -s --proxy "$proxy" --connect-timeout 8 https://api.ipify.org 2>/dev/null || true)
+    if [[ -n "$exit_ip" ]]; then
+        local ip_info
+        ip_info=$(curl -s --connect-timeout 8 "http://ip-api.com/json/${exit_ip}?fields=timezone,countryCode" 2>/dev/null || true)
+        tz=$(echo "$ip_info" | python3 -c "import sys,json; d=json.load(sys.stdin); print(d.get('timezone',''))" 2>/dev/null || true)
+        country=$(echo "$ip_info" | python3 -c "import sys,json; d=json.load(sys.stdin); print(d.get('countryCode',''))" 2>/dev/null || true)
+        [[ -z "$tz" ]] && tz="America/New_York"
+        [[ "$country" == "US" || "$country" == "GB" || "$country" == "AU" || "$country" == "CA" ]] && lang="en_US.UTF-8" || lang="en_US.UTF-8"
+        echo "$(_green "✓ $tz")"
+    else
+        tz="America/New_York"
+        lang="en_US.UTF-8"
+        echo "$(_yellow "⚠ 获取失败，默认 $tz")"
+    fi
+    echo
+
+    printf "确认创建？[yes/N] "
+    read -r confirm
+    [[ "$confirm" == "yes" ]] || { echo "已取消。"; exit 0; }
+
+    mkdir -p "$env_dir"
+    echo "$proxy"            > "$env_dir/proxy"
+    echo "$(_new_uuid)"      > "$env_dir/uuid"
+    echo "$(_new_sid)"       > "$env_dir/stable_id"
+    echo "$(_new_user_id)"   > "$env_dir/user_id"
+    echo "$(_new_machine_id)" > "$env_dir/machine_id"
+    echo "$(_new_hostname)"  > "$env_dir/hostname"
+    echo "$(_new_mac)"       > "$env_dir/mac_address"
+    echo "$tz"               > "$env_dir/tz"
+    echo "$lang"             > "$env_dir/lang"
+
+    # 生成 mTLS 客户端证书
+    printf "  生成 mTLS 证书 ... "
+    if _generate_client_cert "$name"; then
+        echo "$(_green "✓")"
+    else
+        echo "$(_yellow "⚠ 跳过")"
+    fi
+
+    echo
+    echo "$(_green "✓") 环境 '$(_bold "$name")' 已创建"
+    echo "  UUID     ：$(cat "$env_dir/uuid")"
+    echo "  stable_id：$(cat "$env_dir/stable_id")"
+    echo "  mTLS     ：$([ -f "$env_dir/client_cert.pem" ] && echo "已配置" || echo "未配置")"
+    echo "  TZ       ：$tz"
+    echo "  LANG     ：$lang"
+    echo
+    echo "切换到该环境：cac $name"
+}
+
+cmd_switch() {
+    _require_setup
+    local name="$1"
+    _require_env "$name"
+
+    local proxy; proxy=$(_read "$ENVS_DIR/$name/proxy")
+
+    printf "检测 [%s] 代理 ... " "$name"
+    if _proxy_reachable "$proxy"; then
+        echo "$(_green "✓ 可达")"
+    else
+        echo "$(_yellow "⚠ 不通")"
+        echo "警告：代理不可达，仍切换（启动 claude 时会拦截）"
+    fi
+
+    echo "$name" > "$CAC_DIR/current"
+    rm -f "$CAC_DIR/stopped"
+
+    _update_statsig "$(_read "$ENVS_DIR/$name/stable_id")"
+    _update_claude_json_user_id "$(_read "$ENVS_DIR/$name/user_id")"
+
+    echo "$(_green "✓") 已切换到 $(_bold "$name")"
+}
+
+cmd_ls() {
+    _require_setup
+
+    if [[ ! -d "$ENVS_DIR" ]] || [[ -z "$(ls -A "$ENVS_DIR" 2>/dev/null)" ]]; then
+        echo "（暂无环境，用 'cac add <名字> <proxy>' 添加）"
+        return
+    fi
+
+    local current; current=$(_current_env)
+    local stopped_tag=""
+    [[ -f "$CAC_DIR/stopped" ]] && stopped_tag=" $(_red "[stopped]")"
+
+    for env_dir in "$ENVS_DIR"/*/; do
+        local name; name=$(basename "$env_dir")
+        local proxy; proxy=$(_read "$env_dir/proxy" "（未配置）")
+        if [[ "$name" == "$current" ]]; then
+            printf "  %s %s%s\n" "$(_green "▶")" "$(_bold "$name")" "$stopped_tag"
+            printf "    %s\n" "$proxy"
+        else
+            printf "    %s\n" "$name"
+            printf "    %s\n" "$proxy"
+        fi
+    done
+}
+
+# ━━━ cmd_check.sh ━━━
+# ── cmd: check ─────────────────────────────────────────────────
+
+# 检测本地代理软件冲突（Clash / Surge / Shadowrocket 等）
+_check_proxy_conflict() {
+    local proxy="$1" proxy_ip="$2"
+    local proxy_hp; proxy_hp=$(_proxy_host_port "$proxy")
+    local proxy_host="${proxy_hp%%:*}"
+
+    local os; os=$(_detect_os)
+    local conflicts=()
+
+    # ── 1. 检测 TUN 模式进程 ──
+    local tun_procs="clash|mihomo|sing-box|surge|shadowrocket|v2ray|xray|hysteria|tuic|nekoray"
+    local running
+    if [[ "$os" == "macos" ]]; then
+        running=$(ps aux 2>/dev/null | grep -iE "$tun_procs" | grep -v grep || true)
+    else
+        running=$(ps -eo comm 2>/dev/null | grep -iE "$tun_procs" || true)
+    fi
+
+    if [[ -n "$running" ]]; then
+        local proc_names
+        proc_names=$(echo "$running" | grep -ioE "$tun_procs" | sort -u | head -3)
+        if [[ -n "$proc_names" ]]; then
+            conflicts+=("检测到本地代理进程: $(echo "$proc_names" | tr '\n' ' ')")
+        fi
+    fi
+
+    # ── 2. 检测 TUN 网卡（utun / tun）──
+    if [[ "$os" == "macos" ]]; then
+        local tun_count
+        tun_count=$(ifconfig 2>/dev/null | grep -cE '^utun[0-9]+' || echo 0)
+        if [[ "$tun_count" -gt 3 ]]; then
+            conflicts+=("检测到多个 TUN 网卡 (${tun_count} 个)，可能有代理软件启用了 TUN 模式")
+        fi
+    elif [[ "$os" == "linux" ]]; then
+        if ip link show tun0 >/dev/null 2>&1; then
+            conflicts+=("检测到 tun0 网卡，可能有代理软件启用了 TUN 模式")
+        fi
+    fi
+
+    # ── 3. 检测系统代理是否指向本机（macOS）──
+    if [[ "$os" == "macos" ]]; then
+        local net_service
+        net_service=$(networksetup -listallnetworkservices 2>/dev/null | grep -iE 'Wi-Fi|Ethernet|以太网' | head -1 || true)
+        if [[ -n "$net_service" ]]; then
+            local sys_http_proxy
+            sys_http_proxy=$(networksetup -getwebproxy "$net_service" 2>/dev/null || true)
+            if echo "$sys_http_proxy" | grep -qi "Enabled: Yes"; then
+                local sys_host sys_port
+                sys_host=$(echo "$sys_http_proxy" | awk '/^Server:/{print $2}')
+                sys_port=$(echo "$sys_http_proxy" | awk '/^Port:/{print $2}')
+                [[ -n "$sys_host" ]] && conflicts+=("系统 HTTP 代理已开启: ${sys_host}:${sys_port}")
+            fi
+        fi
+    fi
+
+    # ── 4. 检测代理流量是否被二次转发（复用已获取的 proxy_ip）──
+    local direct_ip
+    direct_ip=$(curl -s --noproxy '*' --connect-timeout 5 https://api.ipify.org 2>/dev/null || true)
+    if [[ -n "$direct_ip" ]] && [[ -n "$proxy_ip" ]] && [[ "$direct_ip" == "$proxy_ip" ]]; then
+        conflicts+=("代理出口 IP ($proxy_ip) 与直连出口 IP 相同，代理流量可能被本地软件拦截")
+    fi
+
+    # ── 输出结果 ──
+    if [[ ${#conflicts[@]} -eq 0 ]]; then
+        echo "$(_green "✓") 未检测到本地代理软件冲突"
+        return 0
+    fi
+
+    echo "$(_yellow "⚠ 检测到可能的代理冲突")："
+    for msg in "${conflicts[@]}"; do
+        echo "    $(_yellow "•") $msg"
+    done
+    echo
+    echo "    $(_bold "解决方法")：在本地代理软件中为 cac 代理服务器 IP 添加 DIRECT 规则"
+    echo "    代理服务器：$(_bold "$proxy_host")"
+    echo
+    if [[ "$os" == "macos" ]]; then
+        echo "    Clash 示例（添加到规则列表最前面）："
+        echo "      - IP-CIDR,${proxy_host}/32,DIRECT"
+    fi
+    return 1
+}
+
+cmd_check() {
+    _require_setup
+
+    local current; current=$(_current_env)
+
+    if [[ -f "$CAC_DIR/stopped" ]]; then
+        echo "$(_yellow "⚠ cac 已停用（cac stop）") — claude 裸跑中"
+        echo "  恢复：cac ${current:-<name>}"
+        return
+    fi
+
+    if [[ -z "$current" ]]; then
+        echo "错误：未激活任何环境，运行 'cac <name>'" >&2; exit 1
+    fi
+
+    local env_dir="$ENVS_DIR/$current"
+    local proxy; proxy=$(_read "$env_dir/proxy")
+
+    echo "当前环境：$(_bold "$current")"
+    echo "  代理      ：$proxy"
+    echo "  UUID      ：$(_read "$env_dir/uuid")"
+    echo "  stable_id ：$(_read "$env_dir/stable_id")"
+    echo "  user_id   ：$(_read "$env_dir/user_id" "（旧环境，无此字段）")"
+    echo "  TZ        ：$(_read "$env_dir/tz" "（未设置）")"
+    echo "  LANG      ：$(_read "$env_dir/lang" "（未设置）")"
+    echo
+
+    # ── 网络连通性 ──
+    printf "  TCP 连通  ... "
+    if ! _proxy_reachable "$proxy"; then
+        echo "$(_red "✗ 不通")"; return
+    fi
+    echo "$(_green "✓")"
+
+    printf "  出口 IP   ... "
+    local proxy_ip
+    proxy_ip=$(curl -s --proxy "$proxy" \
+         --connect-timeout 8 https://api.ipify.org 2>/dev/null || true)
+    if [[ -n "$proxy_ip" ]]; then
+        echo "$(_green "$proxy_ip")"
+    else
+        echo "$(_yellow "获取失败")"
+    fi
+
+    # ── 本地代理冲突检测（复用已获取的 proxy_ip）──
+    echo
+    echo "── 冲突检测 ────────────────────────────────────────────"
+    printf "  代理冲突  ... "
+    _check_proxy_conflict "$proxy" "$proxy_ip"
+
+    echo
+    echo "── 安全防护状态 ──────────────────────────────────────"
+
+    # ── NS 层级 DNS 拦截 ──
+    printf "  DNS 拦截  ... "
+    _check_dns_block "statsig.anthropic.com"
+
+    # ── 多层环境变量保护（单次读取 wrapper 文件）──
+    echo "  环境变量保护："
+    local wrapper_file="$CAC_DIR/bin/claude"
+    local wrapper_content=""
+    [[ -f "$wrapper_file" ]] && wrapper_content=$(<"$wrapper_file")
+    local env_vars=(
+        "CLAUDE_CODE_ENABLE_TELEMETRY"
+        "DO_NOT_TRACK"
+        "OTEL_SDK_DISABLED"
+        "OTEL_TRACES_EXPORTER"
+        "OTEL_METRICS_EXPORTER"
+        "OTEL_LOGS_EXPORTER"
+        "SENTRY_DSN"
+        "DISABLE_ERROR_REPORTING"
+        "DISABLE_BUG_COMMAND"
+        "CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC"
+        "TELEMETRY_DISABLED"
+        "DISABLE_TELEMETRY"
+    )
+    for var in "${env_vars[@]}"; do
+        printf "    %-32s" "$var"
+        if [[ "$wrapper_content" == *"$var"* ]]; then
+            echo "$(_green "✓ 已配置")"
+        else
+            echo "$(_red "✗ 未找到")"
+        fi
+    done
+
+    # ── mTLS 证书 ──
+    printf "  mTLS 认证 ... "
+    _check_mtls "$env_dir"
+}
+
+# ━━━ cmd_stop.sh ━━━
+# ── cmd: stop / continue ───────────────────────────────────────
+
+cmd_stop() {
+    touch "$CAC_DIR/stopped"
+    local current; current=$(_current_env)
+    echo "$(_yellow "⚠ cac 已停用") — claude 将裸跑（无代理、无伪装）"
+    echo "  恢复：cac -c"
+}
+
+cmd_continue() {
+    if [[ ! -f "$CAC_DIR/stopped" ]]; then
+        echo "cac 当前未停用，无需恢复"
+        return
+    fi
+
+    local current; current=$(_current_env)
+    if [[ -z "$current" ]]; then
+        echo "错误：没有已激活的环境，运行 'cac <name>'" >&2; exit 1
+    fi
+
+    rm -f "$CAC_DIR/stopped"
+    echo "$(_green "✓") cac 已恢复 — 当前环境：$(_bold "$current")"
+}
+
+# ━━━ cmd_help.sh ━━━
+# ── cmd: help ──────────────────────────────────────────────────
+
+cmd_help() {
+cat <<EOF
+$(_bold "cac") — Claude Anti-fingerprint Cloak
+
+$(_bold "用法：")
+  cac setup                         首次安装
+  cac add <名字> <host:port:u:p>    添加新环境（需要 yes 确认）
+  cac <名字>                        切换到指定环境
+  cac ls                            列出所有环境
+  cac check                         核查当前环境（代理 + 安全防护）
+  cac stop                          临时停用，claude 裸跑
+  cac -c                            恢复停用
+
+$(_bold "代理格式：")
+  host:port:user:pass    带认证的 SOCKS5
+  host:port              无认证的 SOCKS5
+
+$(_bold "安全防护：")
+  NS 层级 DNS 拦截       拦截 statsig.anthropic.com 等遥测域名
+  fetch 遥测拦截         替换原生 fetch，防止绕过 DNS 拦截
+  多层环境变量保护       DO_NOT_TRACK / OTEL_SDK_DISABLED 等 12 层遥测阻断
+  mTLS 客户端证书        自签 CA + 客户端证书 + https.globalAgent 注入
+
+$(_bold "示例：")
+  cac add us1 1.2.3.4:1080:username:password
+  cac us1
+  cac check
+  cac stop
+
+$(_bold "文件目录：")
+  ~/.cac/bin/claude           wrapper（拦截所有 claude 调用）
+  ~/.cac/shim-bin/            ioreg / hostname / ifconfig shim
+  ~/.cac/cac-dns-guard.js     NS 层级 DNS 拦截 + DoH + mTLS 注入模块
+  ~/.cac/blocked_hosts        HOSTALIASES 遥测域名拦截
+  ~/.cac/ca/                  mTLS 自签 CA 证书
+  ~/.cac/current              当前激活的环境名
+  ~/.cac/envs/<name>/         各环境：proxy / uuid / stable_id / client_cert
+EOF
+}
+
+# ━━━ main.sh ━━━
+# ── 入口：分发命令 ──────────────────────────────────────────────
+
+[[ $# -eq 0 ]] && { cmd_help; exit 0; }
+
+case "$1" in
+    setup)          cmd_setup         ;;
+    add)            cmd_add  "${@:2}" ;;
+    ls|list)        cmd_ls            ;;
+    check)          cmd_check         ;;
+    stop)           cmd_stop          ;;
+    -c)             cmd_continue      ;;
+    help|--help|-h) cmd_help          ;;
+    *)              cmd_switch "$1"   ;;
+esac
+