cli-chat-mcp 0.2.0

package/dist/server-net.js

@@ -0,0 +1,819 @@
+#!/usr/bin/env node
+
+// src/server-net.ts
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { z } from "zod";
+import { mkdirSync, writeFileSync as writeFileSync3 } from "node:fs";
+import { randomBytes } from "node:crypto";
+import { userInfo } from "node:os";
+
+// src/crypto.ts
+var s = null;
+async function initCrypto() {
+  if (s) return;
+  const mod = await import("libsodium-wrappers");
+  const sodium = mod.default ?? mod;
+  await sodium.ready;
+  s = sodium;
+}
+var B64 = () => s.base64_variants.ORIGINAL;
+function generateIdentity() {
+  const box = s.crypto_box_keypair();
+  const sign = s.crypto_sign_keypair();
+  return {
+    boxPub: s.to_hex(box.publicKey),
+    boxSec: s.to_hex(box.privateKey),
+    signPub: s.to_hex(sign.publicKey),
+    signSec: s.to_hex(sign.privateKey)
+  };
+}
+function seal(plaintext, recipientBoxPubHex) {
+  const ct = s.crypto_box_seal(
+    s.from_string(plaintext),
+    s.from_hex(recipientBoxPubHex)
+  );
+  return s.to_base64(ct, B64());
+}
+function open(cipherB64, boxPubHex, boxSecHex) {
+  const pt = s.crypto_box_seal_open(
+    s.from_base64(cipherB64, B64()),
+    s.from_hex(boxPubHex),
+    s.from_hex(boxSecHex)
+  );
+  return s.to_string(pt);
+}
+function signDetached(message, signSecHex) {
+  const sig = s.crypto_sign_detached(s.from_string(message), s.from_hex(signSecHex));
+  return s.to_hex(sig);
+}
+
+// src/identity.ts
+import { readFileSync } from "node:fs";
+function loadIdentity(path) {
+  const id = JSON.parse(readFileSync(path, "utf8"));
+  for (const k of ["boxPub", "boxSec", "signPub", "signSec"]) {
+    if (!id[k]) throw new Error(`identity at ${path} missing ${k}`);
+  }
+  return id;
+}
+
+// src/contacts.ts
+import { readFileSync as readFileSync2 } from "node:fs";
+function loadContacts(path) {
+  const raw = readFileSync2(path, "utf8");
+  const book = JSON.parse(raw);
+  if (!book.me || !Array.isArray(book.contacts)) {
+    throw new Error(`Invalid contact book at ${path}: needs { me, contacts[] }`);
+  }
+  return book;
+}
+function resolve(book, query) {
+  const q = query.trim().toLowerCase();
+  const namesOf = (c) => [c.name, ...c.aliases ?? []].map((n) => n.toLowerCase());
+  const exact = book.contacts.filter((c) => namesOf(c).includes(q));
+  if (exact.length === 1) return { status: "resolved", contact: exact[0] };
+  if (exact.length > 1) return { status: "ambiguous", query, candidates: exact };
+  if (!q) return { status: "none", query };
+  const fuzzy = book.contacts.filter((c) => namesOf(c).some((n) => n.includes(q)));
+  if (fuzzy.length === 1) return { status: "resolved", contact: fuzzy[0] };
+  if (fuzzy.length > 1) return { status: "ambiguous", query, candidates: fuzzy };
+  return { status: "none", query };
+}
+function displayNameByKey(book, signPub) {
+  const c = book.contacts.find((c2) => c2.signPub === signPub);
+  return c?.name ?? `${signPub.slice(0, 8)}\u2026`;
+}
+function contactByKey(book, signPub) {
+  return book.contacts.find((c) => c.signPub === signPub);
+}
+
+// src/db.ts
+import { DatabaseSync } from "node:sqlite";
+function openMailbox(path) {
+  const db = new DatabaseSync(path);
+  try {
+    db.exec(`PRAGMA journal_mode = WAL; PRAGMA busy_timeout = 3000;`);
+  } catch {
+  }
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS messages (
+      id          TEXT PRIMARY KEY,
+      recipient   TEXT NOT NULL,
+      sender      TEXT NOT NULL,
+      body        TEXT NOT NULL,
+      tags        TEXT,
+      created_at  INTEGER NOT NULL,
+      fetched_at  INTEGER,
+      read_at     INTEGER,
+      in_reply_to TEXT
+    );
+    CREATE INDEX IF NOT EXISTS idx_recipient ON messages (recipient, created_at);
+  `);
+  return db;
+}
+function insertMessage(db, m) {
+  db.prepare(
+    `INSERT INTO messages
+       (id, recipient, sender, body, tags, created_at, fetched_at, read_at, in_reply_to)
+     VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`
+  ).run(
+    m.id,
+    m.recipient,
+    m.sender,
+    m.body,
+    m.tags,
+    m.created_at,
+    m.fetched_at,
+    m.read_at,
+    m.in_reply_to
+  );
+}
+function unreadFor(db, me) {
+  return db.prepare(
+    `SELECT * FROM messages
+       WHERE recipient = ? AND read_at IS NULL
+       ORDER BY created_at ASC`
+  ).all(me);
+}
+function getMessage(db, id) {
+  return db.prepare(`SELECT * FROM messages WHERE id = ?`).get(id);
+}
+function markRead(db, id, now2) {
+  db.prepare(`UPDATE messages SET read_at = ?, fetched_at = COALESCE(fetched_at, ?) WHERE id = ?`).run(
+    now2,
+    now2,
+    id
+  );
+}
+
+// src/canonical.ts
+var MAX_SKEW_MS = 5 * 60 * 1e3;
+function canonical(method, path, timestamp, body) {
+  return `${method.toUpperCase()}
+${path}
+${timestamp}
+${body}`;
+}
+
+// src/auth.ts
+function makeAuthHeaders(signPubHex, signSecHex, method, path, body, now2) {
+  const sig = signDetached(canonical(method, path, now2, body), signSecHex);
+  return {
+    "x-pubkey": signPubHex,
+    "x-timestamp": String(now2),
+    "x-signature": sig
+  };
+}
+
+// src/mailbox-client.ts
+function createMailboxClient(baseUrl, identity, now2) {
+  const base = baseUrl.replace(/\/$/, "");
+  function headers(method, path, body) {
+    return makeAuthHeaders(
+      identity.signPub,
+      identity.signSec,
+      method,
+      path,
+      body,
+      now2()
+    );
+  }
+  async function fail(res, what) {
+    let detail = "";
+    try {
+      detail = JSON.stringify(await res.json());
+    } catch {
+    }
+    throw new Error(`${what} failed: ${res.status} ${detail}`);
+  }
+  return {
+    async send(msg) {
+      const body = JSON.stringify(msg);
+      const res = await fetch(`${base}/messages`, {
+        method: "POST",
+        headers: { "content-type": "application/json", ...headers("POST", "/messages", body) },
+        body
+      });
+      if (!res.ok) await fail(res, "send");
+    },
+    async summary() {
+      const res = await fetch(`${base}/mailbox`, {
+        headers: headers("GET", "/mailbox", "")
+      });
+      if (!res.ok) await fail(res, "summary");
+      return await res.json();
+    },
+    async drain() {
+      const res = await fetch(`${base}/messages`, {
+        headers: headers("GET", "/messages", "")
+      });
+      if (!res.ok) await fail(res, "drain");
+      const data = await res.json();
+      return data.messages;
+    },
+    async registerHandle(handle) {
+      const body = JSON.stringify({ handle, signPub: identity.signPub, boxPub: identity.boxPub });
+      const res = await fetch(`${base}/register`, {
+        method: "POST",
+        headers: { "content-type": "application/json", ...headers("POST", "/register", body) },
+        body
+      });
+      if (res.status === 409) return "taken";
+      if (!res.ok) await fail(res, "register");
+      return "ok";
+    },
+    async resolveHandle(handle) {
+      const res = await fetch(`${base}/resolve/${encodeURIComponent(handle)}`);
+      if (res.status === 404) return null;
+      if (!res.ok) await fail(res, "resolve");
+      return await res.json();
+    }
+  };
+}
+
+// src/key-code.ts
+var ALPHABET = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+var KEY_BYTES = 64;
+var WIDTH = 86;
+function hexToBytes(hex) {
+  const out = new Uint8Array(hex.length / 2);
+  for (let i = 0; i < out.length; i++) out[i] = parseInt(hex.substr(i * 2, 2), 16);
+  return out;
+}
+function bytesToHex(bytes) {
+  let s2 = "";
+  for (const b of bytes) s2 += b.toString(16).padStart(2, "0");
+  return s2;
+}
+function bytesToBase62(bytes) {
+  let n = 0n;
+  for (const b of bytes) n = n << 8n | BigInt(b);
+  let out = "";
+  while (n > 0n) {
+    out = ALPHABET[Number(n % 62n)] + out;
+    n /= 62n;
+  }
+  return out.padStart(WIDTH, ALPHABET[0]);
+}
+function base62ToBytes(str, len) {
+  let n = 0n;
+  for (const ch of str) {
+    const v = ALPHABET.indexOf(ch);
+    if (v < 0) return null;
+    n = n * 62n + BigInt(v);
+  }
+  const bytes = new Uint8Array(len);
+  for (let i = len - 1; i >= 0; i--) {
+    bytes[i] = Number(n & 0xffn);
+    n >>= 8n;
+  }
+  return n === 0n ? bytes : null;
+}
+function encodeKey(signPubHex, boxPubHex) {
+  const blob = new Uint8Array(KEY_BYTES);
+  blob.set(hexToBytes(signPubHex), 0);
+  blob.set(hexToBytes(boxPubHex), 32);
+  return bytesToBase62(blob);
+}
+var HANDLE_LEN = 6;
+function isHandle(s2) {
+  return new RegExp(`^[0-9A-Za-z]{${HANDLE_LEN}}$`).test(s2.trim());
+}
+function randomHandle(randomBytes2) {
+  let h = "";
+  for (let i = 0; i < HANDLE_LEN; i++) h += ALPHABET[randomBytes2[i] % 62];
+  return h;
+}
+function parseKey(raw) {
+  const s2 = raw.trim();
+  if (s2.length !== WIDTH) return null;
+  const bytes = base62ToBytes(s2, KEY_BYTES);
+  if (!bytes) return null;
+  return {
+    signPub: bytesToHex(bytes.slice(0, 32)),
+    boxPub: bytesToHex(bytes.slice(32, 64))
+  };
+}
+
+// src/current-user.ts
+import { existsSync as existsSync2, readFileSync as readFileSync3, readdirSync, writeFileSync } from "node:fs";
+import { join as join2 } from "node:path";
+
+// src/paths.ts
+import { existsSync } from "node:fs";
+import { homedir } from "node:os";
+import { join, resolve as resolve2 } from "node:path";
+var codeRoot = resolve2(import.meta.dirname, "..");
+function dataHome() {
+  const env = process.env.MESSENGER_HOME?.trim();
+  if (env) return env;
+  if (existsSync(join(codeRoot, "users"))) return codeRoot;
+  return join(homedir(), ".cli-chat");
+}
+function usersDir() {
+  return join(dataHome(), "users");
+}
+function userDir(user) {
+  return join(usersDir(), user);
+}
+function identityFile(user) {
+  return join(userDir(user), "identity.json");
+}
+function contactsFile(user) {
+  return join(userDir(user), "contacts.json");
+}
+function inboxFile(user) {
+  return join(userDir(user), "inbox.db");
+}
+
+// src/current-user.ts
+var pointerPath = () => join2(usersDir(), ".current");
+function identityDirs() {
+  const dir = usersDir();
+  if (!existsSync2(dir)) return [];
+  return readdirSync(dir, { withFileTypes: true }).filter((d) => d.isDirectory()).map((d) => d.name).filter((name) => existsSync2(identityFile(name)));
+}
+function readMeta(dir) {
+  try {
+    return JSON.parse(readFileSync3(identityFile(dir), "utf8"));
+  } catch {
+    return null;
+  }
+}
+function resolveDir(sel) {
+  const dirs = identityDirs();
+  if (dirs.includes(sel)) return sel;
+  const low = sel.toLowerCase();
+  for (const d of dirs) {
+    const id = readMeta(d);
+    if (!id) continue;
+    if (id.handle === sel || id.signPub === sel) return d;
+    if (id.name && id.name.toLowerCase() === low) return d;
+  }
+  return null;
+}
+function currentUser() {
+  const env = process.env.MESSENGER_USER?.trim();
+  if (env) return resolveDir(env) ?? env;
+  const pointer = pointerPath();
+  if (existsSync2(pointer)) {
+    const val = readFileSync3(pointer, "utf8").trim();
+    if (val) return resolveDir(val) ?? val;
+  }
+  const dirs = identityDirs();
+  if (dirs.length === 1) return dirs[0];
+  return null;
+}
+function setCurrentUser(key) {
+  writeFileSync(pointerPath(), key + "\n");
+}
+
+// src/config.ts
+var DEFAULT_MAILBOX_URL = "https://mailbox.cli-chat-mcp.workers.dev";
+function resolveMailboxUrl() {
+  return process.env.MESSENGER_MAILBOX_URL?.trim() || DEFAULT_MAILBOX_URL;
+}
+
+// src/core-net.ts
+import { randomUUID } from "node:crypto";
+import { writeFileSync as writeFileSync2 } from "node:fs";
+function rememberContact(ctx, c) {
+  const id = c.name.toLowerCase();
+  ctx.book.contacts = ctx.book.contacts.filter(
+    (x) => x.id !== id && x.signPub !== c.signPub
+  );
+  ctx.book.contacts.push({ id, name: c.name, signPub: c.signPub, boxPub: c.boxPub });
+  if (ctx.contactsPath) {
+    writeFileSync2(ctx.contactsPath, JSON.stringify(ctx.book, null, 2) + "\n");
+  }
+}
+async function resolveCode(ctx, code) {
+  const full = parseKey(code);
+  if (full) return full;
+  if (isHandle(code)) return await ctx.client.resolveHandle(code.trim());
+  return null;
+}
+async function addContact(ctx, args) {
+  if (!parseKey(args.key) && !isHandle(args.key)) return { ok: false, reason: "bad_key" };
+  const keys = await resolveCode(ctx, args.key);
+  if (!keys) return { ok: false, reason: "not_found" };
+  rememberContact(ctx, { name: args.name, signPub: keys.signPub, boxPub: keys.boxPub });
+  return { ok: true, name: args.name };
+}
+async function sync(ctx) {
+  const blobs = await ctx.client.drain();
+  let added = 0;
+  for (const b of blobs) {
+    if (getMessage(ctx.cache, b.id)) continue;
+    let body;
+    try {
+      body = open(b.body, ctx.me.boxPub, ctx.me.boxSec);
+    } catch {
+      body = "[unable to decrypt \u2014 not sealed to this identity]";
+    }
+    const row = {
+      id: b.id,
+      recipient: ctx.me.signPub,
+      sender: b.sender,
+      body,
+      tags: b.tags,
+      created_at: b.created_at,
+      fetched_at: ctx.now(),
+      read_at: null,
+      in_reply_to: b.in_reply_to
+    };
+    insertMessage(ctx.cache, row);
+    added++;
+  }
+  return added;
+}
+async function sendSealed(ctx, to, body, in_reply_to) {
+  const wire = {
+    id: randomUUID(),
+    recipient: to.signPub,
+    sender: ctx.me.signPub,
+    body: seal(body, to.boxPub),
+    tags: null,
+    created_at: ctx.now(),
+    in_reply_to
+  };
+  await ctx.client.send(wire);
+  return wire.id;
+}
+async function sendMessage(ctx, args) {
+  const r = resolve(ctx.book, args.to);
+  if (r.status === "none") {
+    if (args.key) {
+      if (!parseKey(args.key) && !isHandle(args.key))
+        return { ok: false, reason: "bad_key", query: args.to };
+      const keys = await resolveCode(ctx, args.key);
+      if (!keys) return { ok: false, reason: "bad_key", query: args.to };
+      rememberContact(ctx, { name: args.to, signPub: keys.signPub, boxPub: keys.boxPub });
+      const id2 = await sendSealed(ctx, { name: args.to, ...keys }, args.body, null);
+      return { ok: true, id: id2, to: { name: args.to, signPub: keys.signPub }, saved: true };
+    }
+    return { ok: false, reason: "no_contact", query: args.to };
+  }
+  if (r.status === "ambiguous")
+    return {
+      ok: false,
+      reason: "ambiguous",
+      query: args.to,
+      candidates: r.candidates.map((c2) => c2.name)
+    };
+  const c = r.contact;
+  if (!c.signPub || !c.boxPub)
+    return { ok: false, reason: "no_keys", query: args.to };
+  const id = await sendSealed(ctx, { name: c.name, signPub: c.signPub, boxPub: c.boxPub }, args.body, null);
+  return { ok: true, id, to: { name: c.name, signPub: c.signPub } };
+}
+async function messagesAvailable(ctx) {
+  await sync(ctx);
+  const rows = unreadFor(ctx.cache, ctx.me.signPub);
+  return {
+    count: rows.length,
+    messages: rows.map((m) => ({
+      id: m.id,
+      from: displayNameByKey(ctx.book, m.sender),
+      preview: m.body.length > 200 ? m.body.slice(0, 197) + "..." : m.body,
+      at: m.created_at
+    }))
+  };
+}
+async function readMessage(ctx, args) {
+  await sync(ctx);
+  let row;
+  if (args.id) {
+    row = getMessage(ctx.cache, args.id);
+    if (!row || row.recipient !== ctx.me.signPub) return { ok: false, reason: "not_found" };
+  } else {
+    row = unreadFor(ctx.cache, ctx.me.signPub)[0];
+    if (!row) return { ok: false, reason: "empty" };
+  }
+  markRead(ctx.cache, row.id, ctx.now());
+  return {
+    ok: true,
+    id: row.id,
+    from: displayNameByKey(ctx.book, row.sender),
+    body: row.body,
+    at: row.created_at,
+    in_reply_to: row.in_reply_to
+  };
+}
+async function draftReply(ctx, args) {
+  const original = getMessage(ctx.cache, args.in_reply_to);
+  if (!original) return { ok: false, reason: "not_found" };
+  const c = contactByKey(ctx.book, original.sender);
+  if (!c || !c.signPub || !c.boxPub) return { ok: false, reason: "no_keys" };
+  const id = await sendSealed(ctx, { name: c.name, signPub: c.signPub, boxPub: c.boxPub }, args.body, original.id);
+  return { ok: true, id, to: { name: c.name, signPub: c.signPub } };
+}
+
+// src/server-net.ts
+var mailboxUrl = resolveMailboxUrl();
+var now = () => Date.now();
+var sleep = (ms) => new Promise((r) => setTimeout(r, ms));
+var WATCH_MS = Number(process.env.MESSENGER_WATCH_MS ?? 5e4);
+await initCrypto();
+function buildSession(user) {
+  const contactsPath = contactsFile(user);
+  const me = loadIdentity(identityFile(user));
+  const book = loadContacts(contactsPath);
+  const cache = openMailbox(inboxFile(user));
+  const ctx = {
+    me,
+    book,
+    cache,
+    client: createMailboxClient(mailboxUrl, me, now),
+    now,
+    contactsPath
+  };
+  return { user, me, book, cache, ctx };
+}
+var S = null;
+var existing = currentUser();
+if (existing) {
+  try {
+    S = buildSession(existing);
+  } catch (e) {
+    console.error(`Found user "${existing}" but couldn't load identity: ${e.message}`);
+  }
+}
+async function claimHandle(client) {
+  for (let i = 0; i < 8; i++) {
+    const candidate = randomHandle(randomBytes(8));
+    if (await client.registerHandle(candidate) === "ok") return candidate;
+  }
+  throw new Error("couldn't find a free handle after several tries");
+}
+var INSTRUCTIONS = `You are the user's personal CLI messenger, backed by the cli-chat MCP server.
+
+GETTING STARTED: a tool returning \`no_account\` means this device has no account
+yet. Just fix it automatically \u2014 call \`create_account\` (pass name=their name if
+the user gave one, otherwise let it default to the OS login name), then retry
+whatever they were doing. You don't need to ask permission for this. If the user
+explicitly asks to be set up ("set me up as Sam"), do the same. After creating,
+report the new 6-char code in one line so they can share it. If they already have
+an account, \`create_account\` just returns their existing code.
+
+AT THE START OF A SESSION: a startup hook may inject an inbox notice telling you
+how many messages are waiting and who they're from \u2014 but NOT the bodies (those
+are given to you privately, hidden from the user). Do NOT print the bodies. Just
+tell the user how many are waiting and from whom, then ASK if they want them read
+("1 new message from Sam \u2014 want me to read it?"). Only when the user says yes
+(e.g. "read it", "go on", "yes") do you print the message in full. Also, once per
+session, you may add a short suggestion that they can have you watch for incoming
+messages live with the \`watch\` tool. If no hook ran, call \`messages_available\`
+to get the count and offer the same way.
+
+REPLYING: when the user's input answers a message they've had read out (e.g.
+"reply not much", "tell him yes", or just "not much"), send it immediately with
+\`draft_reply\` (in_reply_to = that message's id) and confirm in one line. Only
+pause to ask if you're missing a fact you can't infer.
+
+REPLYING: draft a reply and send it with \`draft_reply\` (in_reply_to = the
+message id). Don't ask "want me to send this?" \u2014 just send, then say what you
+sent. The ONE exception: if the reply needs a fact you don't have (the user's
+availability, a yes/no decision, a preference), ask that one question first, then
+send once they answer. Never invent the answer.
+
+SENDING by name: when the user says "write <name>: ..." call \`send_message\`
+right away, then report what you sent. The resolver already matches partial names
+(so "Niels" finds a saved "Niels - bankdata"). It only returns no_contact when
+nothing matches at all \u2014 then offer to add them by code. It returns ambiguous
+with a list of candidates when several match \u2014 name them and ask which; don't
+guess.
+
+MESSAGING SOMEONE NEW: people share a short 6-character code. When the user says
+"write Sam at AbC123: hey", call \`send_message\` with to="Sam", body=the message,
+key="AbC123". It saves them, so next time just "write Sam".
+
+WATCHING: when the user says "watch" (or "watch for"/"wait for"/"listen for"/
+"keep an eye out for" messages), call \`watch\`. It blocks up to ~50s and returns
+any new mail (already marked read). After it returns \u2014 whether it found messages
+or was idle \u2014 call it AGAIN to keep watching, and keep looping until the user
+tells you to stop. On an idle return, re-call SILENTLY: print nothing to the user
+(no "still watching" heartbeat). In watch mode the user has opted into hands-free
+chat, so when mail arrives READ IT OUT IN FULL automatically (sender + body,
+straight into the chat) and offer to reply \u2014 do NOT ask "want me to read it?"
+here; that ask is only for the passive inbox notice.
+
+OTHER: \`add_contact\` saves a person from their code; \`list_contacts\` shows the
+user's saved address book; \`my_key\` returns the user's own 6-char code to share.
+
+RENAMING: when the user says "rename Niels to Bob" (or "call Niels something
+else"), call \`list_contacts\`, take that contact's \`fullKey\`, then call
+\`add_contact\` with name="Bob" and key=that fullKey. Saving a name against a key
+already on file replaces the old entry, so it renames in place with no duplicate
+and no need to ask the user for a code. Confirm in one line ("Renamed Niels to
+Bob.").
+
+Always keep the human in control of what's sent.`;
+var server = new McpServer({ name: "cli-chat", version: "0.2.0" }, { instructions: INSTRUCTIONS });
+var ok = (data) => ({
+  content: [{ type: "text", text: JSON.stringify(data, null, 2) }]
+});
+var noAccount = () => ok({
+  ok: false,
+  reason: "no_account",
+  note: "No account on this device yet. Call create_account to generate your identity and 6-char code."
+});
+server.registerTool(
+  "create_account",
+  {
+    title: "Create your account and get your 6-char code",
+    description: "Set up the USER'S OWN identity on this device: generate their keypair (private keys never leave the machine), claim a short 6-character code (their 'number') in the registry, and return it to share. Use when the user wants to get set up / join / get their code, or when another tool reported `no_account`. Idempotent: if they already have an account it just returns their existing code. (This is for the user themselves \u2014 to save OTHER people, use add_contact.)",
+    inputSchema: {
+      name: z.string().optional().describe("What to call this user, e.g. 'Sam'. Defaults to the OS login name.")
+    }
+  },
+  async ({ name }) => {
+    if (S) {
+      let changed = false;
+      if (name && name.trim() && S.me.name !== name.trim()) {
+        S.me.name = name.trim();
+        changed = true;
+      } else if (!S.me.name) {
+        S.me.name = S.user;
+        changed = true;
+      }
+      if (!S.me.handle) {
+        S.me.handle = await claimHandle(S.ctx.client);
+        changed = true;
+      }
+      if (changed) {
+        writeFileSync3(identityFile(S.user), JSON.stringify(S.me, null, 2) + "\n");
+      }
+      return ok({
+        ok: true,
+        created: false,
+        name: S.me.name,
+        handle: S.me.handle,
+        fullKey: encodeKey(S.me.signPub, S.me.boxPub),
+        note: "You already have an account \u2014 this is your code to share."
+      });
+    }
+    const display = (name ?? process.env.MESSENGER_USER ?? userInfo().username ?? "me").trim() || "me";
+    const id = generateIdentity();
+    id.name = display;
+    id.handle = await claimHandle(createMailboxClient(mailboxUrl, id, now));
+    mkdirSync(userDir(id.handle), { recursive: true });
+    writeFileSync3(identityFile(id.handle), JSON.stringify(id, null, 2) + "\n");
+    writeFileSync3(
+      contactsFile(id.handle),
+      JSON.stringify({ me: id.signPub, contacts: [] }, null, 2) + "\n"
+    );
+    setCurrentUser(id.handle);
+    S = buildSession(id.handle);
+    return ok({
+      ok: true,
+      created: true,
+      name: S.me.name,
+      handle: S.me.handle,
+      fullKey: encodeKey(S.me.signPub, S.me.boxPub),
+      note: `Account ready. Share this 6-character code so people can message you: ${S.me.handle}`
+    });
+  }
+);
+server.registerTool(
+  "send_message",
+  {
+    title: "Send an encrypted message by name or key",
+    description: "Seal a message and post it to the hosted mailbox. Normally pass `to` = a known contact name; matching is partial, so a short name like 'Niels' resolves a saved 'Niels - bankdata'. To message someone NEW, the user gives you their key code (a long string of letters and numbers) \u2014 pass it as `key` and put their name in `to`; they'll be saved as a contact so next time just use the name. Returns the resolved contact; `no_contact` means nothing matched (offer to add by code), `ambiguous` returns the candidates to disambiguate.",
+    inputSchema: {
+      to: z.string().describe("Contact name, e.g. 'Sam'"),
+      body: z.string().describe("The message text (encrypted end-to-end)"),
+      key: z.string().optional().describe("Key code for a new person (long letters+numbers); saves them under `to`")
+    }
+  },
+  async ({ to, body, key }) => S ? ok(await sendMessage(S.ctx, { to, body, key })) : noAccount()
+);
+server.registerTool(
+  "add_contact",
+  {
+    title: "Save or rename a contact",
+    description: "Remember a person by name from the key code they shared, so the user can later just say 'write <name>'. Use when the user says something like 'add my mate Sam, his key is \u2026'. ALSO renames an existing contact: saving a name against a key that's already on file REPLACES the old entry (the book is upserted by key, not name), so there's no duplicate. To rename (e.g. 'rename Niels to Bob'), first call `list_contacts`, copy that contact's `fullKey`, then call this with name=the new name and key=that fullKey. No need to ask the user for a code \u2014 it's already saved.",
+    inputSchema: {
+      name: z.string().describe("What to call them, e.g. 'Sam'"),
+      key: z.string().describe("Their key code (a long string of letters and numbers)")
+    }
+  },
+  async ({ name, key }) => S ? ok(await addContact(S.ctx, { name, key })) : noAccount()
+);
+server.registerTool(
+  "my_key",
+  {
+    title: "Show my own code to share",
+    description: "Return the user's own short handle (a 6-character code) to hand to anyone who wants to message them. Use when the user asks 'what's my key/number/handle/invite?'.",
+    inputSchema: {}
+  },
+  async () => S ? ok({
+    name: S.me.name ?? S.user,
+    handle: S.me.handle ?? null,
+    note: S.me.handle ? void 0 : "No handle yet \u2014 call create_account to claim one.",
+    fullKey: encodeKey(S.me.signPub, S.me.boxPub)
+  }) : noAccount()
+);
+server.registerTool(
+  "list_contacts",
+  {
+    title: "List my saved contacts",
+    description: "Return all people the user has saved, with the name to address them by, any aliases, and their shareable key. Use when the user asks 'who are my contacts?', 'who can I message?', or 'show my address book'.",
+    inputSchema: {}
+  },
+  async () => S ? ok({
+    count: S.book.contacts.length,
+    contacts: S.book.contacts.map((c) => ({
+      name: c.name,
+      aliases: c.aliases ?? [],
+      fullKey: c.signPub && c.boxPub ? encodeKey(c.signPub, c.boxPub) : null
+    }))
+  }) : noAccount()
+);
+server.registerTool(
+  "messages_available",
+  {
+    title: "Check for waiting messages",
+    description: "Proactive inbox signal. Pulls and decrypts any new mail, then returns the count and previews of unread messages. Call this when the CLI opens.",
+    inputSchema: {}
+  },
+  async () => S ? ok(await messagesAvailable(S.ctx)) : noAccount()
+);
+server.registerTool(
+  "watch",
+  {
+    title: "Watch for incoming messages (long-poll loop)",
+    description: "Block for up to ~50 seconds waiting for new mail, then return it (already marked read) or report idle if none arrived. This is the building block of a watch loop: after it returns, call it AGAIN to keep watching, and repeat until the user says to stop. On an idle return, re-call SILENTLY \u2014 print nothing to the user; only speak when mail actually arrives. Use when the user asks to watch for / wait for / keep an eye out for messages.",
+    inputSchema: {}
+  },
+  async (_args, extra) => {
+    if (!S) return noAccount();
+    const deadline = now() + WATCH_MS;
+    const progressToken = extra?._meta?.progressToken;
+    let ticks = 0;
+    for (; ; ) {
+      if (extra?.signal?.aborted) return ok({ status: "idle", count: 0, note: "Watch cancelled." });
+      await sync(S.ctx);
+      const rows = unreadFor(S.cache, S.me.signPub);
+      if (rows.length > 0) {
+        const messages = rows.map((m) => {
+          markRead(S.cache, m.id, now());
+          return {
+            id: m.id,
+            from: S.book.contacts.find((c) => c.signPub === m.sender)?.name ?? m.sender,
+            body: m.body,
+            at: m.created_at,
+            in_reply_to: m.in_reply_to
+          };
+        });
+        return ok({
+          status: "messages",
+          count: messages.length,
+          messages,
+          note: "Read these out in full (sender + body) and offer to reply (draft_reply). Call watch again to keep watching."
+        });
+      }
+      if (now() >= deadline) {
+        return ok({
+          status: "idle",
+          count: 0,
+          note: "No new messages. Silently call watch again to keep watching \u2014 do NOT print anything to the user on idle (no heartbeat); only speak when mail actually arrives or the user is done."
+        });
+      }
+      if (progressToken !== void 0) {
+        await extra.sendNotification({
+          method: "notifications/progress",
+          params: { progressToken, progress: ++ticks }
+        });
+      }
+      await sleep(3e3);
+    }
+  }
+);
+server.registerTool(
+  "read_message",
+  {
+    title: "Read a waiting message",
+    description: "Read a decrypted message by id (or oldest unread). Marks it read.",
+    inputSchema: { id: z.string().optional().describe("Message id; omit for oldest unread") }
+  },
+  async ({ id }) => S ? ok(await readMessage(S.ctx, { id })) : noAccount()
+);
+server.registerTool(
+  "draft_reply",
+  {
+    title: "Send an encrypted reply",
+    description: "Reply to a message, sealed and threaded. Draft it yourself; if it needs a fact you lack (the human's availability, a decision), ask the human first.",
+    inputSchema: {
+      in_reply_to: z.string().describe("Id of the message being replied to"),
+      body: z.string().describe("The reply text")
+    }
+  },
+  async ({ in_reply_to, body }) => S ? ok(await draftReply(S.ctx, { in_reply_to, body })) : noAccount()
+);
+var transport = new StdioServerTransport();
+await server.connect(transport);
+console.error(
+  S ? `cli-chat (Phase 1) up as "${S.user}" \u2192 mailbox ${mailboxUrl}` : `cli-chat (Phase 1) up with NO account \u2192 mailbox ${mailboxUrl} (call create_account)`
+);