clawmoney 0.15.5 → 0.15.7

package/dist/relay/provider.js

@@ -3,7 +3,7 @@ import { join } from "node:path";
 import { homedir } from "node:os";
 import YAML from "yaml";
 import { RelayWsClient } from "./ws-client.js";
-import { callClaudeApi, preflightClaudeApi, getRateGuardSnapshot as getClaudeRateGuardSnapshot, } from "./upstream/claude-api.js";
+import { callClaudeApi, callClaudeApiPassthrough, preflightClaudeApi, getRateGuardSnapshot as getClaudeRateGuardSnapshot, } from "./upstream/claude-api.js";
 import { callCodexApi, preflightCodexApi, getRateGuardSnapshot as getCodexRateGuardSnapshot, } from "./upstream/codex-api.js";
 import { callGeminiApi, preflightGeminiApi, getGeminiRateGuardSnapshot, } from "./upstream/gemini-api.js";
 import { callAntigravityApi, preflightAntigravityApi, getAntigravityRateGuardSnapshot, } from "./upstream/antigravity-api.js";
@@ -161,7 +161,7 @@ function extractMessageText(content) {
 function messagesToPrompt(messages) {
     return messages.map((m) => extractMessageText(m.content)).join("\n");
 }
-async function executeRelayRequest(request, config) {
+async function executeRelayRequest(request, config, sendChunk) {
     const { request_id, max_budget_usd } = request;
     const cliType = request.cli_type ?? config.relay.cli_type;
     const model = request.model ?? config.relay.model;
@@ -213,11 +213,38 @@ async function executeRelayRequest(request, config) {
             });
         }
         else {
-            parsed = await callClaudeApi({
-                prompt,
-                model,
-                maxTokens: max_budget_usd ? undefined : 4096,
-            });
+            // Claude: two modes.
+            //
+            // 1. PASSTHROUGH (preferred when Hub supplies request.passthrough_body):
+            //    the Hub is acting as a transparent ANTHROPIC_BASE_URL proxy for a
+            //    real Claude Code (or anthropic-SDK) client. Forward the buyer's
+            //    actual body — tools, multi-turn messages, thinking, system, etc.
+            //    all preserved — with surgical fingerprint rewrites so Anthropic
+            //    sees a stable per-OAuth-account identity instead of a rotating
+            //    buyer-identity signal.
+            //
+            // 2. TEMPLATE (fallback when no passthrough_body): the legacy
+            //    chat-relay path. Daemon constructs a synthetic single-user-message
+            //    request body that matches the real CC wire fingerprint exactly,
+            //    dropping everything the buyer sent except the concatenated prompt
+            //    text. Used for OpenAI-compatible /v1/chat/completions and any
+            //    other client that doesn't need real agentic support.
+            if (request.passthrough_body) {
+                parsed = await callClaudeApiPassthrough({
+                    clientBody: request.passthrough_body,
+                    model,
+                    clientBeta: request.anthropic_beta,
+                    onRawEvent: sendChunk,
+                });
+            }
+            else {
+                parsed = await callClaudeApi({
+                    prompt,
+                    model,
+                    maxTokens: max_budget_usd ? undefined : 4096,
+                    onRawEvent: sendChunk,
+                });
+            }
         }
         const elapsedMs = Date.now() - startMs;
         const answer = parsed.text.replace(/\n/g, " ").slice(0, 80);
@@ -330,7 +357,20 @@ export function runRelayProvider(cliOverride) {
         }
         activeTasks.add(request.request_id);
         logger.info(`Processing relay request=${request.request_id} (active=${activeTasks.size}/${config.relay.concurrency})`);
-        executeRelayRequest(request, config)
+        // Per-request SSE chunk forwarder. Each raw Anthropic SSE frame is sent
+        // to the Hub as its own WS event so the Hub can relay it straight to the
+        // buyer — drops TTFT from "whole response" to "first-token-from-upstream".
+        // WS sends are fire-and-forget here; the final relay_response still
+        // carries the fully aggregated content as a fallback for Hubs that
+        // haven't wired up chunk forwarding yet.
+        const sendChunk = (sse) => {
+            wsClient.send({
+                event: "relay_stream_chunk",
+                request_id: request.request_id,
+                sse,
+            });
+        };
+        executeRelayRequest(request, config, sendChunk)
             .then((response) => {
             const sent = wsClient.send(response);
             if (sent) {

package/dist/relay/types.d.ts

@@ -17,6 +17,8 @@ export interface RelayRequest {
     stateful?: boolean;
     model?: string;
     max_budget_usd?: number;
+    passthrough_body?: Record<string, unknown>;
+    anthropic_beta?: string;
 }
 export interface RelayConnectedEvent {
     event: "connected";
@@ -51,7 +53,12 @@ export interface RelayResponse {
     error?: string;
     session_window?: RelayResponseSessionWindow;
 }
-export type RelayOutgoingEvent = RelayResponse;
+export interface RelayStreamChunkEvent {
+    event: "relay_stream_chunk";
+    request_id: string;
+    sse: string;
+}
+export type RelayOutgoingEvent = RelayResponse | RelayStreamChunkEvent;
 export interface ParsedOutput {
     text: string;
     sessionId: string;

package/dist/relay/upstream/claude-api.d.ts

@@ -27,5 +27,13 @@ export interface CallClaudeApiOptions {
     prompt: string;
     model: string;
     maxTokens?: number;
+    onRawEvent?: (rawFrame: string) => void;
 }
 export declare function callClaudeApi(opts: CallClaudeApiOptions): Promise<ParsedOutput>;
+export interface CallClaudeApiPassthroughOptions {
+    clientBody: Record<string, unknown>;
+    model: string;
+    clientBeta?: string;
+    onRawEvent?: (rawFrame: string) => void;
+}
+export declare function callClaudeApiPassthrough(opts: CallClaudeApiPassthroughOptions): Promise<ParsedOutput>;

package/dist/relay/upstream/claude-api.js

@@ -696,6 +696,12 @@ export async function callClaudeApi(opts) {
         configureRateGuard();
     return rateGuard.run(() => doCallClaudeApi(opts));
 }
+export async function callClaudeApiPassthrough(opts) {
+    configureDispatcher();
+    if (!rateGuard)
+        configureRateGuard();
+    return rateGuard.run(() => doCallClaudeApiPassthrough(opts));
+}
 // Maximum number of automatic retries on transient upstream errors
 // (429 / 5xx). Matches the Anthropic official SDK default. Does NOT count
 // the initial attempt or the one-shot 401-refresh retry.
@@ -820,7 +826,10 @@ async function doCallClaudeApi(opts) {
             // Stream parser — real Claude Code's main path uses stream:true; see
             // body construction above. parseClaudeSseResponse aggregates text
             // deltas + usage until message_stop, matching SDK semantics.
-            const parsed = await parseClaudeSseResponse(resp, opts.model);
+            // When opts.onRawEvent is set, each SSE frame is also forwarded
+            // verbatim so the Hub can stream it through to the end client in
+            // real time instead of waiting for the whole response.
+            const parsed = await parseClaudeSseResponse(resp, opts.model, opts.onRawEvent);
             recordSpendFromUsage(parsed, opts.model);
             return parsed;
         }
@@ -871,6 +880,230 @@ async function doCallClaudeApi(opts) {
         throw new Error(`Anthropic ${resp.status}: ${errText.slice(0, 400)}`);
     }
 }
+// ── Passthrough helpers ──────────────────────────────────────────────────
+// Extract the first user message's text content, regardless of whether
+// content is a plain string (OpenAI-style) or an array of content blocks
+// (real Anthropic shape). Used for computing the attribution header FP3.
+function extractFirstUserMessageText(messages) {
+    if (!Array.isArray(messages))
+        return "";
+    for (const msg of messages) {
+        if (!msg || typeof msg !== "object")
+            continue;
+        const m = msg;
+        if (m.role !== "user")
+            continue;
+        const content = m.content;
+        if (typeof content === "string")
+            return content;
+        if (Array.isArray(content)) {
+            for (const block of content) {
+                if (block &&
+                    typeof block === "object" &&
+                    block.type === "text" &&
+                    typeof block.text === "string") {
+                    return block.text;
+                }
+            }
+        }
+        return "";
+    }
+    return "";
+}
+// Merge the fingerprint-required betas with the buyer's anthropic-beta
+// list. Required betas (oauth, claude-code, interleaved-thinking) are
+// non-negotiable — they must be present for an OAuth token to work. The
+// buyer's extras (context-management, advisor-tool, etc.) are appended so
+// newer Claude Code versions can request features our fingerprint file
+// doesn't know about yet. Deduplicates and preserves order.
+function mergeBetas(required, clientBeta) {
+    const seen = new Set();
+    const out = [];
+    for (const b of required) {
+        const t = b.trim();
+        if (t && !seen.has(t)) {
+            seen.add(t);
+            out.push(t);
+        }
+    }
+    if (clientBeta) {
+        for (const b of clientBeta.split(",")) {
+            const t = b.trim();
+            if (t && !seen.has(t)) {
+                seen.add(t);
+                out.push(t);
+            }
+        }
+    }
+    return out.join(",");
+}
+// Rewrite the first system block's x-anthropic-billing-header (if present)
+// so cc_version and FP3 match OUR fingerprint and the buyer's actual
+// first user message. Real Claude Code always emits this block; sub2api's
+// gateway_service.go mirrors it verbatim but rewrites the version to
+// match the account's pinned UA (syncBillingHeaderVersion, gateway_billing_header.go).
+//
+// Critical because Anthropic's validator expects cc_version.<FP3> where
+// FP3 is a deterministic hash of (message_chars + cli_version). If we
+// leave the buyer's FP3 in place but their UA was a different version
+// from our pinned UA, the FP3 no longer matches cli_version in the header
+// and the validator rejects the request.
+function syncPassthroughBillingHeader(body, fingerprint) {
+    if (!Array.isArray(body.system))
+        return;
+    const system = body.system;
+    if (system.length === 0)
+        return;
+    const firstBlock = system[0];
+    if (!firstBlock ||
+        typeof firstBlock !== "object" ||
+        firstBlock.type !== "text" ||
+        typeof firstBlock.text !== "string") {
+        return;
+    }
+    const currentText = firstBlock.text;
+    if (!currentText.startsWith("x-anthropic-billing-header:")) {
+        // Non-CC client didn't include a billing header — leave system alone.
+        // If we're strict about this we could PREPEND one, but for now we
+        // only touch what exists so non-CC passthrough (e.g. anthropic SDK
+        // direct) works without extra surgery.
+        return;
+    }
+    const firstUserMsg = extractFirstUserMessageText(body.messages);
+    const newHeader = buildClaudeAttributionHeader(firstUserMsg, fingerprint.cc_version, fingerprint.cc_entrypoint);
+    firstBlock.text = newHeader;
+}
+// Walk system text blocks and rewrite third-party identity sentences
+// (OpenCode, etc.) to the Claude Code banner. sub2api does the same thing
+// in gateway_service.go:sanitizeSystemText — without it Anthropic's
+// system-prompt dice-coefficient validator will 403 the request because
+// the system prompt doesn't score high enough against the known real
+// Claude Code templates.
+function sanitizePassthroughSystemArray(body) {
+    if (!Array.isArray(body.system))
+        return;
+    for (const block of body.system) {
+        if (block &&
+            typeof block === "object" &&
+            block.type === "text" &&
+            typeof block.text === "string") {
+            block.text = sanitizePrompt(block.text);
+        }
+    }
+}
+async function doCallClaudeApiPassthrough(opts) {
+    const fingerprint = loadFingerprint();
+    autoBumpFingerprintUaVersion();
+    // Fresh read after any autobump, since it mutates cachedFingerprint in place.
+    const fp = loadFingerprint();
+    const sessionId = getMaskedSessionId();
+    // Shallow clone so we don't mutate the buyer's dict on the way back out
+    // of provider.ts — defensive against the Hub reusing the same dict for
+    // multiple dispatch attempts.
+    const body = { ...opts.clientBody };
+    // Normalize model to canonical long-form. Anthropic OAuth rejects the
+    // short form for some versions (e.g. claude-sonnet-4-5 → must be
+    // claude-sonnet-4-5-20250929).
+    body.model = normalizeModel(opts.model);
+    // Force stream:true. Daemon always needs SSE wire format to drive
+    // parseClaudeSseResponse, regardless of what the buyer asked for.
+    body.stream = true;
+    // sub2api drops these on OAuth (gateway_service.go:1082-1092). Keeping
+    // them in the body risks Anthropic flagging the request shape as
+    // non-Claude-Code, since real CC never sends them.
+    delete body.temperature;
+    delete body.tool_choice;
+    // Rewrite metadata.user_id with our masked-session-bound fingerprint
+    // identity. All other metadata fields are preserved.
+    const metadata = body.metadata && typeof body.metadata === "object"
+        ? body.metadata
+        : {};
+    body.metadata = {
+        ...metadata,
+        user_id: buildMetadataUserID(fp, sessionId),
+    };
+    // Sanitize system: replace third-party identity sentences + sync
+    // billing header cc_version to match our pinned CLI version.
+    sanitizePassthroughSystemArray(body);
+    syncPassthroughBillingHeader(body, fp);
+    // Clamp thinking.budget_tokens to Anthropic's minimum so buyer-chosen
+    // small budgets don't 400. If max_tokens < budget_tokens + 1, bump
+    // max_tokens too so the request stays valid.
+    const thinking = body.thinking;
+    if (thinking && typeof thinking === "object") {
+        const t = thinking;
+        if (t.type === "enabled" && typeof t.budget_tokens === "number") {
+            if (t.budget_tokens < CLAUDE_MIN_THINKING_BUDGET) {
+                t.budget_tokens = CLAUDE_MIN_THINKING_BUDGET;
+            }
+            if (typeof body.max_tokens === "number" &&
+                body.max_tokens <= t.budget_tokens) {
+                body.max_tokens = t.budget_tokens + 1;
+            }
+        }
+    }
+    // Ensure tools is at least an empty array so request shape matches real
+    // CC (which always sends tools even if empty).
+    if (!Array.isArray(body.tools)) {
+        body.tools = [];
+    }
+    const bodyJson = JSON.stringify(body);
+    // Merge required betas with buyer's betas for the header.
+    const requiredBetas = pickClaudeBetasForModel(opts.model);
+    const mergedBetas = mergeBetas(requiredBetas, opts.clientBeta);
+    let transientAttempt = 0;
+    let hasRefreshed = false;
+    while (true) {
+        const creds = await getFreshCreds();
+        const resp = await fetch(ANTHROPIC_MESSAGES_URL, {
+            method: "POST",
+            headers: {
+                ...STATIC_CLAUDE_CODE_HEADERS,
+                "accept": "application/json, text/event-stream",
+                "anthropic-beta": mergedBetas,
+                "user-agent": fp.user_agent,
+                "authorization": `Bearer ${creds.accessToken}`,
+                "x-claude-code-session-id": sessionId,
+            },
+            body: bodyJson,
+        });
+        const sessionWin = extractSessionWindowFromHeaders(resp.headers);
+        if (sessionWin)
+            rateGuard?.setSessionWindow(sessionWin);
+        if (resp.ok) {
+            const parsed = await parseClaudeSseResponse(resp, opts.model, opts.onRawEvent);
+            recordSpendFromUsage(parsed, opts.model);
+            return parsed;
+        }
+        const errText = await resp.text();
+        if (resp.status === 429) {
+            const cooldown = extractCooldownUntilFromHeaders(resp.headers);
+            if (cooldown && rateGuard) {
+                rateGuard.triggerCooldown(cooldown.untilMs, cooldown.reason);
+            }
+            else if (rateGuard) {
+                rateGuard.triggerCooldown(Date.now() + 5 * 60_000, "fallback 5m (no reset header)");
+            }
+            throw new Error(`Anthropic 429 rate-limited: ${errText.slice(0, 300)}`);
+        }
+        if (resp.status === 401 && !hasRefreshed) {
+            logger.warn("[claude-api] 401 from upstream (passthrough), refreshing token + retry");
+            hasRefreshed = true;
+            cachedCreds = null;
+            continue;
+        }
+        const isTransient = resp.status >= 500 && resp.status <= 599;
+        if (isTransient && transientAttempt < MAX_TRANSIENT_RETRIES) {
+            const retryAfter = parseRetryAfterMs(resp.headers.get("retry-after"));
+            const backoffMs = retryAfter ?? 500 * Math.pow(2, transientAttempt) + Math.random() * 500;
+            logger.warn(`[claude-api] ${resp.status} from upstream (passthrough attempt ${transientAttempt + 1}/${MAX_TRANSIENT_RETRIES + 1}), retrying in ${Math.round(backoffMs)}ms — ${errText.slice(0, 200)}`);
+            await new Promise((r) => setTimeout(r, backoffMs));
+            transientAttempt++;
+            continue;
+        }
+        throw new Error(`Anthropic ${resp.status}: ${errText.slice(0, 400)}`);
+    }
+}
 function recordSpendFromUsage(parsed, model) {
     if (!rateGuard)
         return;
@@ -911,7 +1144,7 @@ function recordSpendFromUsage(parsed, model) {
  *   event: error           (upstream error — throw)
  *   data: {"type":"error","error":{"type":"overloaded_error","message":"..."}}
  */
-async function parseClaudeSseResponse(resp, fallbackModel) {
+async function parseClaudeSseResponse(resp, fallbackModel, onRawFrame) {
     const reader = resp.body?.getReader();
     if (!reader) {
         throw new Error("Claude streamGenerateContent returned no body");
@@ -925,6 +1158,10 @@ async function parseClaudeSseResponse(resp, fallbackModel) {
     let cacheCreation = 0;
     let cacheRead = 0;
     let streamError;
+    // Accumulates one SSE frame (everything between blank lines) so we can
+    // emit the full `event: X\ndata: Y\n\n` block via onRawFrame. SSE frames
+    // are terminated by an empty line per the spec.
+    let frameLines = [];
     const processChunk = (jsonStr) => {
         const trimmed = jsonStr.trim();
         if (!trimmed)
@@ -992,6 +1229,22 @@ async function parseClaudeSseResponse(resp, fallbackModel) {
                 break;
         }
     };
+    const flushFrame = () => {
+        if (frameLines.length === 0)
+            return;
+        // Forward the raw SSE frame verbatim so consumers see it exactly as
+        // Anthropic emitted it (including the event: name line, which Claude
+        // Code's SDK parser uses as the dispatch key).
+        if (onRawFrame) {
+            onRawFrame(frameLines.join("\n") + "\n\n");
+        }
+        for (const line of frameLines) {
+            if (line.startsWith("data:")) {
+                processChunk(line.slice(5));
+            }
+        }
+        frameLines = [];
+    };
     while (true) {
         const { value, done } = await reader.read();
         if (done)
@@ -1001,19 +1254,18 @@ async function parseClaudeSseResponse(resp, fallbackModel) {
         while ((newlineIdx = buffer.indexOf("\n")) >= 0) {
             const line = buffer.slice(0, newlineIdx).replace(/\r$/, "");
             buffer = buffer.slice(newlineIdx + 1);
-            if (!line)
-                continue;
-            // SSE dispatches on `data: ...` lines. `event: ...` names are
-            // informational (the chunk JSON's `type` field is authoritative).
-            if (line.startsWith("data:")) {
-                processChunk(line.slice(5));
+            if (line === "") {
+                // Blank line = end of SSE frame.
+                flushFrame();
+            }
+            else {
+                frameLines.push(line);
             }
         }
     }
-    // Flush trailing line (rare — most servers end with a \n\n).
-    if (buffer.startsWith("data:")) {
-        processChunk(buffer.slice(5));
-    }
+    // Flush any trailing frame without a final blank line. Rare, but SSE
+    // allows a stream to end without a terminating \n\n.
+    flushFrame();
     if (streamError) {
         throw new Error(`Anthropic stream error: ${streamError.type ?? "unknown"} — ${streamError.message ?? ""}`);
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clawmoney",
-  "version": "0.15.5",
+  "version": "0.15.7",
   "description": "ClawMoney CLI -- Earn rewards with your AI agent",
   "type": "module",
   "bin": {