codexuse-cli 5.0.6 → 5.0.8

package/dist/index.js

@@ -2616,13 +2616,15 @@ function createDefaultAppState() {
       lastPushAt: null,
       lastPullAt: null,
       lastError: null,
-      remoteUpdatedAt: null
+      remoteUpdatedAt: null,
+      remoteKind: "none"
     },
     analytics: {
       anonymousId: null,
       enabled: true,
       lastFlushAt: null,
-      lastError: null
+      lastError: null,
+      reportedNativeCrashIncidentIds: []
     },
     profilesByName: {}
   };
@@ -3203,6 +3205,9 @@ function normalizeAppState(raw) {
   merged.sync.lastPullAt = asString(merged.sync.lastPullAt);
   merged.sync.lastError = asString(merged.sync.lastError);
   merged.sync.remoteUpdatedAt = asString(merged.sync.remoteUpdatedAt);
+  if (merged.sync.remoteKind !== "legacy-plaintext" && merged.sync.remoteKind !== "encrypted") {
+    merged.sync.remoteKind = "none";
+  }
   if (!isRecord2(merged.analytics)) {
     merged.analytics = clone2(defaults.analytics);
   }
@@ -3212,6 +3217,9 @@ function normalizeAppState(raw) {
   }
   merged.analytics.lastFlushAt = asString(merged.analytics.lastFlushAt);
   merged.analytics.lastError = asString(merged.analytics.lastError);
+  merged.analytics.reportedNativeCrashIncidentIds = asStringArray(
+    merged.analytics.reportedNativeCrashIncidentIds
+  ).slice(-20);
   if ("telemetry" in merged) {
     delete merged.telemetry;
   }
@@ -3575,12 +3583,12 @@ function getActiveOffer() {
   return {
     basePriceUsd,
     basePriceDisplay: `$${basePriceUsd}`,
-    couponCode: "SPRING50",
+    couponCode: "SUMMER50",
     discountPercent,
     salePriceUsd,
     salePriceDisplay: `$${salePriceUsd.toFixed(2)}`,
     isActive: true,
-    campaign: "spring-2026",
+    campaign: "summer-2026",
     productPermalink: "codex-use",
     checkoutBaseUrl: "https://hweihwang.gumroad.com/l/codex-use"
   };
@@ -7294,8 +7302,8 @@ Usage:
   codexuse license activate <license-key>
 
   codexuse sync status
-  codexuse sync pull
-  codexuse sync push
+  codexuse sync pull [--passphrase-stdin]
+  codexuse sync push [--passphrase-stdin]
 
 Flags:
   -h, --help       Show help
@@ -7313,7 +7321,9 @@ Flags:
   --profile=NAME   Run Codex with one saved profile
   --runtime=NAME   Accounts Pool runtime store: desktop
   --state-dir=PATH Override the runtime state dir for Accounts Pool inspection
+  --passphrase-stdin Read Cloud Sync passphrase from stdin
 Note: profile autoroll requires Pro.
+Cloud Sync: set CODEXUSE_SYNC_PASSPHRASE or use --passphrase-stdin unless the passphrase is saved in Keychain.
 `);
 }
 
@@ -9544,7 +9554,7 @@ function buildInCodexStatusOverlayCssRules() {
     `${id}[data-open='false']:not([data-collapsed='true']):hover .codexuse-status-trigger{padding:8px 10px;gap:8px;}`,
     `${id}[data-open='false']:not([data-collapsed='true']):hover .codexuse-status-label{max-width:160px;font-size:12px;}`,
     `${id}[data-open='false']:not([data-collapsed='true']):hover .codexuse-status-chip{display:inline-flex;}`,
-    `${id} .codexuse-action-menu{display:none;position:absolute;right:0;bottom:calc(100% + 8px);width:min(280px,calc(100vw - 24px));border:1px solid var(--cu-border);border-radius:12px;background:var(--cu-popover);padding:6px;box-shadow:0 12px 36px rgba(0,0,0,.32);}`,
+    `${id} .codexuse-action-menu{display:none;position:absolute;right:0;bottom:calc(100% + 8px);width:min(280px,calc(100vw - 24px));max-height:min(420px,calc(100vh - 32px));overflow-y:auto;border:1px solid var(--cu-border);border-radius:12px;background:var(--cu-popover);padding:6px;box-shadow:0 12px 36px rgba(0,0,0,.32);}`,
     `${id}[data-drop='down'] .codexuse-action-menu{bottom:auto;top:calc(100% + 8px);}`,
     `${id}[data-open='true'] .codexuse-action-menu{display:flex;flex-direction:column;gap:2px;}`,
     `${id} .codexuse-target-list{display:flex;max-height:210px;flex-direction:column;gap:2px;overflow-y:auto;}`,
@@ -9566,10 +9576,10 @@ function buildInCodexStatusOverlayCssRules() {
     `${id} .codexuse-intro-detail{margin-top:2px;font-size:10px;color:var(--cu-muted);}`,
     `${id} .codexuse-decision-secondary{border:1px solid var(--cu-border)!important;color:var(--cu-muted)!important;}`,
     `${id} .codexuse-menu-divider{height:1px;margin:4px 2px;background:var(--cu-border);}`,
-    `${id} .codexuse-command-row{display:flex;width:100%;align-items:center;justify-content:space-between;gap:10px;padding:6px 9px;border-radius:8px;cursor:pointer;text-align:left;transition:background 120ms ease-out;}`,
-    `${id} .codexuse-command-row:hover{background:var(--cu-hover);}`,
     `${id} .codexuse-setting-row{display:flex;width:100%;align-items:center;justify-content:space-between;gap:10px;padding:6px 9px;border-radius:8px;cursor:pointer;text-align:left;transition:background 120ms ease-out;}`,
     `${id} .codexuse-setting-row:hover{background:var(--cu-hover);}`,
+    `${id} .codexuse-setting-copy{display:flex;min-width:0;flex:1;flex-direction:column;gap:1px;}`,
+    `${id} .codexuse-setting-copy .codexuse-target-detail{min-width:0;flex-shrink:1;overflow:hidden;text-overflow:ellipsis;}`,
     `${id} .codexuse-toggle{position:relative;flex-shrink:0;width:26px;height:15px;border-radius:999px;background:var(--cu-border);transition:background 120ms ease-out;}`,
     `${id} .codexuse-toggle::after{content:'';position:absolute;left:2px;top:2px;width:11px;height:11px;border-radius:50%;background:var(--cu-fg,#ececf1);transition:transform 120ms ease-out;}`,
     `${id} .codexuse-setting-row[data-on='true'] .codexuse-toggle{background:var(--cu-accent);}`,
@@ -9578,13 +9588,17 @@ function buildInCodexStatusOverlayCssRules() {
     `${id} .codexuse-action-status{min-width:0;overflow:hidden;text-overflow:ellipsis;white-space:nowrap;color:var(--cu-muted);font-size:10px;}`,
     `${id} .codexuse-overlay-hide{flex-shrink:0;padding:2px 6px;border-radius:6px;color:var(--cu-muted);font-size:10px;cursor:pointer;}`,
     `${id} .codexuse-overlay-hide:hover{background:var(--cu-hover);color:var(--cu-fg,#ececf1);}`,
-    `${chip}{${palette}position:fixed;z-index:2147483001;display:inline-flex;align-items:center;gap:6px;padding:5px 10px;border-radius:999px;border:1px solid var(--cu-border);background:var(--cu-surface);color:var(--cu-fg,#ececf1);font-family:inherit;font-size:11px;font-weight:600;line-height:1.2;cursor:pointer;box-shadow:0 4px 16px rgba(0,0,0,.2);transition:background 120ms ease-out;}`,
-    `${chip}:hover{background:var(--cu-hover);}`,
-    `${chip}:disabled{opacity:.6;cursor:default;}`,
+    `${chip}{${palette}position:fixed;z-index:2147483002;display:inline-flex;align-items:center;gap:4px;border-radius:999px;border:1px solid var(--cu-border);background:var(--cu-surface);color:var(--cu-fg,#ececf1);font-family:inherit;font-size:11px;font-weight:600;line-height:1.2;white-space:nowrap;box-shadow:0 4px 16px rgba(0,0,0,.2);transition:background 120ms ease-out;pointer-events:auto;user-select:none;-webkit-user-select:none;}`,
+    `${chip}:hover,${chip}[data-open='true']{background:var(--cu-hover);}`,
+    `${chip}[data-disabled='true']{opacity:.6;}`,
+    `${chip} button{font:inherit;font-family:inherit;color:inherit;border:0;background:transparent;}`,
+    `${chip} .codexuse-handoff-main{display:inline-flex;align-items:center;padding:5px 8px 5px 10px;border-radius:999px;cursor:pointer;}`,
+    `${chip} .codexuse-handoff-hide{display:inline-flex;width:20px;height:20px;align-items:center;justify-content:center;margin-right:3px;border-radius:50%;color:var(--cu-muted);cursor:pointer;font-size:12px;line-height:1;}`,
+    `${chip} .codexuse-handoff-hide:hover{background:var(--cu-border);color:var(--cu-fg,#ececf1);}`,
     // Hand-off account picker is a standalone body child (not inside the pill),
     // so the pill-scoped popover rules don't reach it — give it its own palette
     // + popover styling, mirroring the chip.
-    `${picker}{${palette}position:fixed;z-index:2147483001;display:flex;flex-direction:column;gap:2px;width:min(280px,calc(100vw - 24px));max-height:240px;overflow-y:auto;border:1px solid var(--cu-border);border-radius:12px;background:var(--cu-popover);color:var(--cu-fg,#ececf1);font-family:inherit;font-size:12px;line-height:1.4;padding:6px;box-shadow:0 12px 36px rgba(0,0,0,.32);}`,
+    `${picker}{${palette}position:fixed;z-index:2147483003;display:flex;flex-direction:column;gap:2px;width:min(280px,calc(100vw - 24px));max-height:240px;overflow-y:auto;border:1px solid var(--cu-border);border-radius:12px;background:var(--cu-popover);color:var(--cu-fg,#ececf1);font-family:inherit;font-size:12px;line-height:1.4;padding:6px;box-shadow:0 12px 36px rgba(0,0,0,.32);pointer-events:auto;}`,
     `${picker} button{font:inherit;font-family:inherit;color:inherit;border:0;background:transparent;}`,
     `${picker} .codexuse-target-list{display:flex;flex-direction:column;gap:2px;}`,
     `${picker} .codexuse-target-row{display:flex;width:100%;align-items:center;justify-content:space-between;gap:10px;padding:7px 9px;border-radius:8px;cursor:pointer;text-align:left;transition:background 120ms ease-out;}`,
@@ -9616,6 +9630,9 @@ function createBridgeApplyQolExpression(settings) {
   )};
     const overlayAutoRollEnabled = ${JSON.stringify(
     typeof settings.overlayAutoRollEnabled === "boolean" ? settings.overlayAutoRollEnabled : null
+  )};
+    const overlayRunningThreadHandoffEnabled = ${JSON.stringify(
+    typeof settings.overlayRunningThreadHandoffEnabled === "boolean" ? settings.overlayRunningThreadHandoffEnabled : null
   )};
     const versions = {
       wideView: "3",
@@ -9957,6 +9974,8 @@ function createBridgeApplyQolExpression(settings) {
     const overlayHiddenKey = "codexuse:overlay:hidden";
     const overlayIntroKey = "codexuse:overlay:intro-shown";
     const overlayPosKey = "codexuse:overlay:pos";
+    const handoffHiddenKey = "codexuse:handoff:hidden";
+    const handoffPosKey = "codexuse:handoff:pos:v2";
     const readOverlayStore = (key) => {
       try {
         return window.localStorage.getItem(key);
@@ -10055,6 +10074,41 @@ function createBridgeApplyQolExpression(settings) {
       const y = Math.max(72, Math.min(140, Math.round(window.innerHeight * 0.16)));
       placeOverlay(pill, x, y);
     };
+    const rectsOverlap = (a, b, gap = 0) =>
+      a.left < b.right + gap &&
+      a.right > b.left - gap &&
+      a.top < b.bottom + gap &&
+      a.bottom > b.top - gap;
+    const positionedRect = (rect, pos) => ({
+      left: pos.x,
+      top: pos.y,
+      right: pos.x + rect.width,
+      bottom: pos.y + rect.height
+    });
+    const placeInitialHandoffPosition = (chip, anchorRect = null) => {
+      const rect = chip.getBoundingClientRect();
+      if (anchorRect && rect.width > 0 && rect.height > 0) {
+        const gap = 8;
+        const middleY = Math.round(anchorRect.top + (anchorRect.height - rect.height) / 2);
+        const candidates = [
+          { x: anchorRect.right + gap, y: middleY },
+          { x: anchorRect.left - rect.width - gap, y: middleY },
+          { x: anchorRect.right - rect.width, y: anchorRect.top - rect.height - gap },
+          { x: anchorRect.left, y: anchorRect.top - rect.height - gap },
+          { x: anchorRect.right - rect.width, y: anchorRect.bottom + gap }
+        ];
+        for (const candidate of candidates) {
+          const next = clampOverlayXY(chip, candidate.x, candidate.y);
+          if (!rectsOverlap(positionedRect(rect, next), anchorRect, 6)) {
+            placeOverlay(chip, next.x, next.y);
+            return;
+          }
+        }
+      }
+      const x = Math.max(8, window.innerWidth - rect.width - 16);
+      const y = Math.max(64, Math.min(128, Math.round(window.innerHeight * 0.14)));
+      placeOverlay(chip, x, y);
+    };
     const setOverlayMessage = (value) => {
       const node = document.querySelector("#" + statusId + " [data-codexuse-action-status]");
       if (node) node.textContent = value || "";
@@ -10098,7 +10152,7 @@ function createBridgeApplyQolExpression(settings) {
         state.lastActionRequest = payload;
         setOverlayMessage(
           action === "switch" ? "Switching\u2026"
-            : action === "continue" ? "Handing off\u2026"
+            : action === "continue" ? "Continuing in another account\u2026"
             : action === "auto-roll-accept" ? "Switching\u2026"
             : action === "auto-roll-cancel" ? "Staying here"
             : action === "restart" ? "Waiting to restart; keeping draft\u2026"
@@ -10259,7 +10313,7 @@ function createBridgeApplyQolExpression(settings) {
         introTitle.textContent = "CodexUse controls";
         const introDetail = document.createElement("div");
         introDetail.className = "codexuse-intro-detail";
-        introDetail.textContent = "Switch accounts, restart Codex, and confirm auto-roll from here. Drag to move, or Hide to dismiss.";
+        introDetail.textContent = "Switch accounts, tune CodexUse controls, and confirm Auto-roll from here. Drag to move, or Hide to dismiss.";
         intro.appendChild(introTitle);
         intro.appendChild(introDetail);
         menu.appendChild(intro);
@@ -10383,34 +10437,92 @@ function createBridgeApplyQolExpression(settings) {
         empty.textContent = "No other account ready";
         menu.appendChild(empty);
       }
-      const restartRow = document.createElement("button");
-      restartRow.type = "button";
-      restartRow.className = "codexuse-command-row";
-      restartRow.title = "Restart Official Codex";
-      const restartLabel = document.createElement("span");
-      restartLabel.textContent = "Restart Codex";
-      restartRow.appendChild(restartLabel);
-      const restartDetail = document.createElement("span");
-      restartDetail.className = "codexuse-target-detail";
-      restartDetail.textContent = "Keeps draft when possible";
-      restartRow.appendChild(restartDetail);
-      restartRow.addEventListener("click", (event) => {
-        event.preventDefault();
-        event.stopPropagation();
-        pill.dataset.open = "false";
-        state.overlayMenuOpen = false;
-        requestAction("restart");
-      }, true);
-      menu.appendChild(restartRow);
-      // In-app tweaks (auto-roll, wide view, scroll restore, timeline, hand-off)
-      // are configured in the CodexUse cockpit's Advanced section, not here \u2014
-      // the overlay stays focused on account status, switching, and recovery.
+      const appendSettingRow = (item) => {
+        const row = document.createElement("button");
+        row.type = "button";
+        row.className = "codexuse-setting-row";
+        row.dataset.key = item.key;
+        row.dataset.on = item.enabled ? "true" : "false";
+        row.title = item.detail;
+        const copy = document.createElement("span");
+        copy.className = "codexuse-setting-copy";
+        const label = document.createElement("span");
+        label.className = "codexuse-target-label";
+        label.textContent = item.label;
+        copy.appendChild(label);
+        const detail = document.createElement("span");
+        detail.className = "codexuse-target-detail";
+        detail.textContent = item.detail;
+        copy.appendChild(detail);
+        const toggle = document.createElement("span");
+        toggle.className = "codexuse-toggle";
+        row.appendChild(copy);
+        row.appendChild(toggle);
+        row.addEventListener("click", (event) => {
+          event.preventDefault();
+          event.stopPropagation();
+          const next = row.dataset.on !== "true";
+          row.dataset.on = next ? "true" : "false";
+          requestAction("setting", null, { key: item.key, value: next });
+        }, true);
+        menu.appendChild(row);
+      };
+      const settingRows = [
+        {
+          key: "autoRoll",
+          label: "Auto-roll",
+          detail: "Switch when quota is low",
+          enabled: overlayAutoRollEnabled === true,
+        },
+        {
+          key: "runningThreadHandoff",
+          label: "Continue running threads",
+          detail: "Beta \xB7 after account switch",
+          enabled: overlayRunningThreadHandoffEnabled === true,
+        },
+        {
+          key: "wideView",
+          label: "Wide conversations",
+          detail: "More message room",
+          enabled: wideViewEnabled,
+        },
+        {
+          key: "scrollRestore",
+          label: "Remember position",
+          detail: "Return to last spot",
+          enabled: scrollRestoreEnabled,
+        },
+        {
+          key: "conversationTimeline",
+          label: "Jump to user turns",
+          detail: "Show turn markers",
+          enabled: conversationTimelineEnabled,
+        },
+      ];
+      const divider = document.createElement("div");
+      divider.className = "codexuse-menu-divider";
+      menu.appendChild(divider);
+      settingRows.forEach(appendSettingRow);
       const footer = document.createElement("div");
       footer.className = "codexuse-menu-footer";
       const actionStatus = document.createElement("span");
       actionStatus.className = "codexuse-action-status";
       actionStatus.setAttribute("data-codexuse-action-status", "true");
       footer.appendChild(actionStatus);
+      if (handoffChipEnabled && readOverlayStore(handoffHiddenKey) === "1") {
+        const showHandoff = document.createElement("button");
+        showHandoff.type = "button";
+        showHandoff.className = "codexuse-overlay-hide";
+        showHandoff.textContent = "Show handoff";
+        showHandoff.addEventListener("click", (event) => {
+          event.preventDefault();
+          event.stopPropagation();
+          writeOverlayStore(handoffHiddenKey, null);
+          renderStatus();
+          renderHandoff();
+        }, true);
+        footer.appendChild(showHandoff);
+      }
       const hide = document.createElement("button");
       hide.type = "button";
       hide.className = "codexuse-overlay-hide";
@@ -10436,7 +10548,7 @@ function createBridgeApplyQolExpression(settings) {
       }
       return true;
     };
-    // Thread-scoped hand-off control: pinned to the composer, only shown when
+    // Thread-scoped hand-off control: separate draggable chip, only shown when
     // a conversation is on screen and another account is ready to take over.
     // Log the hand-off chip's visibility gate only when it CHANGES \u2014 this runs
     // on every mutation tick, and the reason is the first question every
@@ -10446,9 +10558,17 @@ function createBridgeApplyQolExpression(settings) {
       state.lastHandoffReason = reason;
       cuLog("handoff.render", { reason, targets: switchable.length });
     };
+    let cleanupHandoffPicker = null;
     const renderHandoff = () => {
-      document.getElementById(handoffId)?.remove();
+      const previous = document.getElementById(handoffId);
+      if (previous?.dataset.dragging === "true") return true;
+      const wasOpen = previous?.dataset.open === "true";
+      previous?.remove();
       document.getElementById(handoffPickerId)?.remove();
+      if (typeof cleanupHandoffPicker === "function") {
+        cleanupHandoffPicker();
+        cleanupHandoffPicker = null;
+      }
       if (!inCodexStatusEnabled || !handoffChipEnabled) {
         reportHandoff("disabled");
         return false;
@@ -10457,6 +10577,10 @@ function createBridgeApplyQolExpression(settings) {
         reportHandoff("overlay-hidden");
         return false;
       }
+      if (readOverlayStore(handoffHiddenKey) === "1") {
+        reportHandoff("handoff-hidden");
+        return false;
+      }
       // Codex desktop marks turns with data-turn-key / data-user-message-bubble;
       // the ChatGPT-style selectors are kept as a fallback.
       const inThread = Boolean(domActiveThreadId() || document.querySelector(
@@ -10473,22 +10597,28 @@ function createBridgeApplyQolExpression(settings) {
         reportHandoff("no-composer");
         return false;
       }
-      const composer = textbox.closest("form,[class*='composer'],[data-testid*='composer']") || textbox;
-      const rect = composer.getBoundingClientRect();
+      const rect = textbox.getBoundingClientRect();
       if (rect.width <= 0 || rect.height <= 0) {
         reportHandoff("composer-hidden");
         return false;
       }
-      const chipTop = Math.max(8, rect.top - 36);
-      const chipRight = Math.max(8, window.innerWidth - rect.right);
-      const chip = document.createElement("button");
-      chip.type = "button";
+      const chip = document.createElement("div");
       chip.id = handoffId;
       applyOverlayTheme(chip);
-      chip.textContent = "Continue there";
-      chip.title = "Continue this thread on another account";
-      chip.style.top = chipTop + "px";
-      chip.style.right = chipRight + "px";
+      chip.title = "Choose an account, then continue this thread there";
+      chip.dataset.open = wasOpen ? "true" : "false";
+      const chipMain = document.createElement("button");
+      chipMain.type = "button";
+      chipMain.className = "codexuse-handoff-main";
+      chipMain.textContent = "Continue in another account";
+      const chipHide = document.createElement("button");
+      chipHide.type = "button";
+      chipHide.className = "codexuse-handoff-hide";
+      chipHide.textContent = "x";
+      chipHide.title = "Hide Continue in another account";
+      chipHide.setAttribute("aria-label", "Hide Continue in another account");
+      chip.appendChild(chipMain);
+      chip.appendChild(chipHide);
       // Hand off needs BOTH a thread (this chip only shows in-thread) and a
       // target account. Clicking opens a picker of ready accounts; the chosen
       // account becomes the explicit continue target (the request also carries
@@ -10496,26 +10626,47 @@ function createBridgeApplyQolExpression(settings) {
       // the "continue" message is auto-sent there).
       const closePicker = () => {
         document.getElementById(handoffPickerId)?.remove();
+        if (typeof cleanupHandoffPicker === "function") {
+          cleanupHandoffPicker();
+          cleanupHandoffPicker = null;
+        }
         chip.dataset.open = "false";
       };
       const handOffTo = (target) => {
         closePicker();
-        chip.disabled = true;
-        chip.textContent = "Handing off\u2026";
+        chip.dataset.disabled = "true";
+        chipMain.textContent = "Continuing...";
         requestAction("continue", target);
       };
+      const placePicker = (picker) => {
+        const chipRect = chip.getBoundingClientRect();
+        const pickerRect = picker.getBoundingClientRect();
+        const width = pickerRect.width || Math.min(280, window.innerWidth - 24);
+        const height = pickerRect.height || 120;
+        const left = Math.min(
+          Math.max(8, chipRect.right - width),
+          Math.max(8, window.innerWidth - width - 8)
+        );
+        const below = chipRect.bottom + 6;
+        const above = chipRect.top - height - 6;
+        const top = below + height <= window.innerHeight - 8
+          ? below
+          : Math.max(8, above);
+        picker.style.left = left + "px";
+        picker.style.top = Math.min(top, Math.max(8, window.innerHeight - height - 8)) + "px";
+        picker.style.right = "auto";
+        picker.style.bottom = "auto";
+      };
       const openPicker = (skipRefresh = false) => {
         document.getElementById(handoffPickerId)?.remove();
+        if (typeof cleanupHandoffPicker === "function") {
+          cleanupHandoffPicker();
+          cleanupHandoffPicker = null;
+        }
         const picker = document.createElement("div");
         picker.id = handoffPickerId;
         picker.className = "codexuse-action-menu";
         applyOverlayTheme(picker);
-        picker.style.position = "fixed";
-        picker.style.right = chipRight + "px";
-        picker.style.bottom = Math.max(8, window.innerHeight - chipTop + 4) + "px";
-        picker.style.maxHeight = "240px";
-        picker.style.overflowY = "auto";
-        picker.style.zIndex = "2147483647";
         const list = document.createElement("div");
         list.className = "codexuse-target-list";
         if (switchable.length === 0) {
@@ -10528,7 +10679,7 @@ function createBridgeApplyQolExpression(settings) {
           const row = document.createElement("button");
           row.type = "button";
           row.className = "codexuse-target-row";
-          row.title = "Continue this thread on " + (target.label || "account");
+          row.title = "Continue this thread in " + (target.label || "account");
           const label = document.createElement("span");
           label.className = "codexuse-target-label";
           label.textContent = typeof target.label === "string" && target.label.trim() ? target.label.trim() : "Account";
@@ -10542,12 +10693,14 @@ function createBridgeApplyQolExpression(settings) {
           row.addEventListener("click", (event) => {
             event.preventDefault();
             event.stopPropagation();
+            event.stopImmediatePropagation?.();
             handOffTo(target);
           }, true);
           list.appendChild(row);
         });
         picker.appendChild(list);
         document.body.appendChild(picker);
+        placePicker(picker);
         chip.dataset.open = "true";
         // Rebuild the open picker once fresh targets arrive; skipRefresh stops
         // the rebuilt picker from requesting again in a loop.
@@ -10558,14 +10711,56 @@ function createBridgeApplyQolExpression(settings) {
         }
         const onDocPointer = (event) => {
           if (picker.contains(event.target) || chip.contains(event.target)) return;
-          document.removeEventListener("pointerdown", onDocPointer, true);
           closePicker();
         };
+        const onKeyDown = (event) => {
+          if (event.key === "Escape") closePicker();
+        };
         document.addEventListener("pointerdown", onDocPointer, true);
+        document.addEventListener("keydown", onKeyDown, true);
+        cleanupHandoffPicker = () => {
+          document.removeEventListener("pointerdown", onDocPointer, true);
+          document.removeEventListener("keydown", onKeyDown, true);
+        };
       };
-      chip.addEventListener("click", (event) => {
+      let dragMoved = false;
+      chip.addEventListener("pointerdown", (event) => {
+        if (event.button !== 0 || event.target?.closest?.(".codexuse-handoff-hide")) return;
+        event.stopPropagation();
+        event.stopImmediatePropagation?.();
+        const startX = event.clientX;
+        const startY = event.clientY;
+        const startRect = chip.getBoundingClientRect();
+        const offsetX = startX - startRect.left;
+        const offsetY = startY - startRect.top;
+        dragMoved = false;
+        const onMove = (moveEvent) => {
+          if (!dragMoved && Math.hypot(moveEvent.clientX - startX, moveEvent.clientY - startY) < 4) return;
+          dragMoved = true;
+          chip.dataset.dragging = "true";
+          closePicker();
+          placeOverlay(chip, moveEvent.clientX - offsetX, moveEvent.clientY - offsetY);
+        };
+        const onUp = () => {
+          window.removeEventListener("pointermove", onMove, true);
+          window.removeEventListener("pointerup", onUp, true);
+          if (chip.dataset.dragging === "true") {
+            delete chip.dataset.dragging;
+            const chipRect = chip.getBoundingClientRect();
+            writeOverlayStore(handoffPosKey, JSON.stringify({ x: chipRect.left, y: chipRect.top }));
+          }
+        };
+        window.addEventListener("pointermove", onMove, true);
+        window.addEventListener("pointerup", onUp, true);
+      }, true);
+      chipMain.addEventListener("click", (event) => {
         event.preventDefault();
         event.stopPropagation();
+        event.stopImmediatePropagation?.();
+        if (dragMoved || chip.dataset.disabled === "true") {
+          dragMoved = false;
+          return;
+        }
         // Always make the user pick the destination account explicitly \u2014 never
         // auto-hand-off to a server-chosen account (which could be out of quota).
         if (chip.dataset.open === "true") {
@@ -10574,7 +10769,38 @@ function createBridgeApplyQolExpression(settings) {
           openPicker();
         }
       }, true);
+      chipHide.addEventListener("click", (event) => {
+        event.preventDefault();
+        event.stopPropagation();
+        event.stopImmediatePropagation?.();
+        writeOverlayStore(handoffHiddenKey, "1");
+        closePicker();
+        renderHandoff();
+        renderStatus();
+      }, true);
       document.body.appendChild(chip);
+      const rawPos = readOverlayStore(handoffPosKey);
+      if (rawPos) {
+        try {
+          const pos = JSON.parse(rawPos);
+          if (typeof pos?.x === "number" && typeof pos?.y === "number") {
+            const next = clampOverlayXY(chip, pos.x, pos.y);
+            const chipRect = chip.getBoundingClientRect();
+            if (rectsOverlap(positionedRect(chipRect, next), rect, 6)) {
+              placeInitialHandoffPosition(chip, rect);
+            } else {
+              placeOverlay(chip, next.x, next.y);
+            }
+          } else {
+            placeInitialHandoffPosition(chip, rect);
+          }
+        } catch {
+          placeInitialHandoffPosition(chip, rect);
+        }
+      } else {
+        placeInitialHandoffPosition(chip, rect);
+      }
+      if (wasOpen) openPicker();
       reportHandoff("rendered");
       return true;
     };
@@ -10626,12 +10852,16 @@ function createBridgeApplyQolExpression(settings) {
         clearTimelineTargets();
         document.getElementById(statusId)?.remove();
         document.getElementById(handoffId)?.remove();
+        document.getElementById(handoffPickerId)?.remove();
+        if (typeof cleanupHandoffPicker === "function") cleanupHandoffPicker();
       };
     } else {
       document.querySelectorAll("." + timelineClass).forEach((node) => node.remove());
       clearTimelineTargets();
       document.getElementById(statusId)?.remove();
       document.getElementById(handoffId)?.remove();
+      document.getElementById(handoffPickerId)?.remove();
+      if (typeof cleanupHandoffPicker === "function") cleanupHandoffPicker();
     }
 
     state.wideViewEnabled = wideViewEnabled;
@@ -11926,7 +12156,8 @@ function normalizeOfficialCodexQolSettings2(value) {
     actionTargets,
     canonicalSyncLine: typeof value.canonicalSyncLine === "string" && value.canonicalSyncLine.trim() ? value.canonicalSyncLine.trim().slice(0, 40) : null,
     autoRollDecision: normalizeOverlayAutoRollDecision(value.autoRollDecision),
-    overlayAutoRollEnabled: typeof value.overlayAutoRollEnabled === "boolean" ? value.overlayAutoRollEnabled : null
+    overlayAutoRollEnabled: typeof value.overlayAutoRollEnabled === "boolean" ? value.overlayAutoRollEnabled : null,
+    overlayRunningThreadHandoffEnabled: typeof value.overlayRunningThreadHandoffEnabled === "boolean" ? value.overlayRunningThreadHandoffEnabled : null
   };
 }
 function hasActiveQolSettings(settings) {
@@ -12753,7 +12984,7 @@ function startOfficialCodexBridgeActionListener(args) {
       if (!action) {
         return;
       }
-      const settingKey = payload.settingKey === "autoRoll" || payload.settingKey === "wideView" || payload.settingKey === "scrollRestore" || payload.settingKey === "conversationTimeline" || payload.settingKey === "handoffChip" ? payload.settingKey : null;
+      const settingKey = payload.settingKey === "autoRoll" || payload.settingKey === "runningThreadHandoff" || payload.settingKey === "wideView" || payload.settingKey === "scrollRestore" || payload.settingKey === "conversationTimeline" || payload.settingKey === "handoffChip" ? payload.settingKey : null;
       const settingValue = typeof payload.settingValue === "boolean" ? payload.settingValue : null;
       if (action === "setting" && (!settingKey || settingValue === null)) {
         return;
@@ -15118,7 +15349,8 @@ async function handleProfileCommand(args, version) {
 }
 
 // ../../packages/contracts/src/cloud-sync/types.ts
-var CLOUD_SYNC_SCHEMA_VERSION = 1;
+var CLOUD_SYNC_PLAINTEXT_SCHEMA_VERSION = 1;
+var CLOUD_SYNC_ENCRYPTED_SCHEMA_VERSION = 2;
 
 // ../../packages/shared/src/core/type-guards.ts
 function isRecord6(value) {
@@ -15158,6 +15390,12 @@ function buildSyncUrl(pathname) {
   const normalizedPath = pathname.startsWith("/") ? pathname : `/${pathname}`;
   return `${baseUrl}${normalizedPath}`;
 }
+function normalizeSnapshotKind(value) {
+  if (value === "encrypted" || value === "legacy-plaintext") {
+    return value;
+  }
+  return "none";
+}
 function normalizeSnapshot(value) {
   if (!isRecord6(value)) {
     return null;
@@ -15167,7 +15405,37 @@ function normalizeSnapshot(value) {
     return null;
   }
   const schemaVersion = Number(value.schemaVersion);
-  if (!Number.isFinite(schemaVersion) || schemaVersion !== CLOUD_SYNC_SCHEMA_VERSION) {
+  if (schemaVersion === CLOUD_SYNC_ENCRYPTED_SCHEMA_VERSION) {
+    if (!isRecord6(value.encryption)) {
+      return null;
+    }
+    const encryption = value.encryption;
+    const params = isRecord6(encryption.kdfParams) ? encryption.kdfParams : null;
+    if (!params) {
+      return null;
+    }
+    const N = Number(params.N);
+    const r = Number(params.r);
+    const p = Number(params.p);
+    const keyLength = Number(params.keyLength);
+    if (encryption.cipher !== "aes-256-gcm" || encryption.kdf !== "scrypt" || !Number.isSafeInteger(N) || !Number.isSafeInteger(r) || !Number.isSafeInteger(p) || !Number.isSafeInteger(keyLength) || keyLength !== 32 || typeof encryption.salt !== "string" || typeof encryption.iv !== "string" || typeof encryption.tag !== "string" || typeof encryption.ciphertext !== "string") {
+      return null;
+    }
+    return {
+      schemaVersion: CLOUD_SYNC_ENCRYPTED_SCHEMA_VERSION,
+      updatedAt,
+      encryption: {
+        cipher: "aes-256-gcm",
+        kdf: "scrypt",
+        kdfParams: { N, r, p, keyLength },
+        salt: encryption.salt,
+        iv: encryption.iv,
+        tag: encryption.tag,
+        ciphertext: encryption.ciphertext
+      }
+    };
+  }
+  if (schemaVersion !== CLOUD_SYNC_PLAINTEXT_SCHEMA_VERSION) {
     return null;
   }
   const rawProfiles = Array.isArray(value.profiles) ? value.profiles : [];
@@ -15191,7 +15459,7 @@ function normalizeSnapshot(value) {
   const rawSettings = value.settingsJson;
   const settingsJson = isRecord6(rawSettings) ? rawSettings : null;
   return {
-    schemaVersion: CLOUD_SYNC_SCHEMA_VERSION,
+    schemaVersion: CLOUD_SYNC_PLAINTEXT_SCHEMA_VERSION,
     updatedAt,
     profiles,
     configTomlContent: typeof value.configTomlContent === "string" ? value.configTomlContent : null,
@@ -15243,7 +15511,12 @@ async function fetchRemoteSnapshotMeta(licenseKey) {
     "/v1/sync/snapshot/meta",
     licenseKey
   );
-  return toIsoOrNull(response.updatedAt);
+  const updatedAt = toIsoOrNull(response.updatedAt);
+  const snapshotKind = normalizeSnapshotKind(response.snapshotKind);
+  return {
+    updatedAt,
+    snapshotKind: updatedAt && response.snapshotKind === void 0 ? "legacy-plaintext" : snapshotKind
+  };
 }
 async function pushRemoteSnapshot(licenseKey, snapshot, options) {
   const serializedSnapshot = typeof options?.serializedSnapshot === "string" ? options.serializedSnapshot : JSON.stringify(snapshot);
@@ -16224,6 +16497,170 @@ async function saveCodexConfigContent(content, options) {
   return buildSnapshot(normalized, true, options);
 }
 
+// ../../packages/runtime-profiles/src/cloud-sync/encryption.ts
+var import_node_child_process7 = require("child_process");
+var import_node_crypto6 = require("crypto");
+var KEYCHAIN_SERVICE = "CODEXUSE_CLOUD_SYNC_PASSPHRASE";
+var KEYCHAIN_ACCOUNT_PREFIX = "license-sha256:";
+var ENCRYPTION_AAD = Buffer.from("codexuse-cloud-sync-v2", "utf8");
+var SCRYPT_PARAMS = {
+  N: 32768,
+  r: 8,
+  p: 1,
+  keyLength: 32
+};
+function normalizePassphrase(value) {
+  if (typeof value !== "string" || value.length === 0) {
+    return null;
+  }
+  return value;
+}
+function requireCloudSyncPassphrase(value) {
+  const normalized = normalizePassphrase(value);
+  if (!normalized) {
+    throw new Error("Cloud Sync passphrase is required.");
+  }
+  return normalized;
+}
+async function deriveKey(passphrase, salt, params = SCRYPT_PARAMS) {
+  return new Promise((resolve, reject) => {
+    (0, import_node_crypto6.scrypt)(passphrase, salt, params.keyLength, {
+      N: params.N,
+      r: params.r,
+      p: params.p,
+      maxmem: 64 * 1024 * 1024
+    }, (error, key) => {
+      if (error) {
+        reject(error);
+        return;
+      }
+      resolve(Buffer.from(key));
+    });
+  });
+}
+function toBase64(value) {
+  return value.toString("base64");
+}
+function fromBase64(value) {
+  return Buffer.from(value, "base64");
+}
+function normalizeDecryptedSnapshot(value) {
+  if (!isRecord6(value) || Number(value.schemaVersion) !== CLOUD_SYNC_PLAINTEXT_SCHEMA_VERSION) {
+    throw new Error("Cloud Sync snapshot payload is invalid.");
+  }
+  const updatedAt = toIsoOrNull(value.updatedAt);
+  if (!updatedAt) {
+    throw new Error("Cloud Sync snapshot timestamp is invalid.");
+  }
+  return {
+    schemaVersion: CLOUD_SYNC_PLAINTEXT_SCHEMA_VERSION,
+    updatedAt,
+    profiles: Array.isArray(value.profiles) ? value.profiles : [],
+    configTomlContent: typeof value.configTomlContent === "string" ? value.configTomlContent : null,
+    settingsJson: isRecord6(value.settingsJson) ? value.settingsJson : null
+  };
+}
+async function encryptCloudSyncSnapshot(snapshot, passphrase) {
+  const salt = (0, import_node_crypto6.randomBytes)(16);
+  const iv = (0, import_node_crypto6.randomBytes)(12);
+  const key = await deriveKey(requireCloudSyncPassphrase(passphrase), salt);
+  const cipher = (0, import_node_crypto6.createCipheriv)("aes-256-gcm", key, iv);
+  cipher.setAAD(ENCRYPTION_AAD);
+  const plaintext = Buffer.from(JSON.stringify(snapshot), "utf8");
+  const ciphertext = Buffer.concat([cipher.update(plaintext), cipher.final()]);
+  const tag = cipher.getAuthTag();
+  const encryption = {
+    cipher: "aes-256-gcm",
+    kdf: "scrypt",
+    kdfParams: SCRYPT_PARAMS,
+    salt: toBase64(salt),
+    iv: toBase64(iv),
+    tag: toBase64(tag),
+    ciphertext: toBase64(ciphertext)
+  };
+  return {
+    schemaVersion: CLOUD_SYNC_ENCRYPTED_SCHEMA_VERSION,
+    updatedAt: snapshot.updatedAt,
+    encryption
+  };
+}
+async function decryptCloudSyncSnapshot(snapshot, passphrase) {
+  try {
+    const salt = fromBase64(snapshot.encryption.salt);
+    const iv = fromBase64(snapshot.encryption.iv);
+    const tag = fromBase64(snapshot.encryption.tag);
+    const ciphertext = fromBase64(snapshot.encryption.ciphertext);
+    const key = await deriveKey(requireCloudSyncPassphrase(passphrase), salt, snapshot.encryption.kdfParams);
+    const decipher = (0, import_node_crypto6.createDecipheriv)("aes-256-gcm", key, iv);
+    decipher.setAAD(ENCRYPTION_AAD);
+    decipher.setAuthTag(tag);
+    const plaintext = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+    return normalizeDecryptedSnapshot(JSON.parse(plaintext.toString("utf8")));
+  } catch (error) {
+    if (error instanceof Error && error.message === "Cloud Sync passphrase is required.") {
+      throw error;
+    }
+    const wrapped = new Error("Cloud Sync passphrase is incorrect or snapshot is corrupted.");
+    wrapped.cause = error;
+    throw wrapped;
+  }
+}
+function keychainAccountForLicense(licenseKey) {
+  const digest = (0, import_node_crypto6.createHash)("sha256").update(licenseKey).digest("hex");
+  return KEYCHAIN_ACCOUNT_PREFIX + digest;
+}
+function runSecurityCommand(args) {
+  return new Promise((resolve, reject) => {
+    const child = (0, import_node_child_process7.spawn)("security", args, { stdio: ["ignore", "pipe", "ignore"] });
+    let stdout = "";
+    child.stdout?.on("data", (chunk) => {
+      stdout += String(chunk);
+    });
+    child.on("error", () => {
+      reject(new Error("keychain-command-failed"));
+    });
+    child.on("close", (code) => {
+      resolve({ code, stdout });
+    });
+  });
+}
+async function readRememberedCloudSyncPassphrase(licenseKey) {
+  if (process.platform !== "darwin") {
+    return null;
+  }
+  const result = await runSecurityCommand([
+    "find-generic-password",
+    "-a",
+    keychainAccountForLicense(licenseKey),
+    "-s",
+    KEYCHAIN_SERVICE,
+    "-w"
+  ]);
+  if (result.code !== 0) {
+    return null;
+  }
+  return result.stdout.length > 0 ? result.stdout.replace(/\n$/, "") : null;
+}
+async function writeRememberedCloudSyncPassphrase(licenseKey, passphrase) {
+  if (process.platform !== "darwin") {
+    throw new Error("keychain-unsupported");
+  }
+  const value = requireCloudSyncPassphrase(passphrase);
+  const result = await runSecurityCommand([
+    "add-generic-password",
+    "-U",
+    "-a",
+    keychainAccountForLicense(licenseKey),
+    "-s",
+    KEYCHAIN_SERVICE,
+    "-w",
+    value
+  ]);
+  if (result.code !== 0) {
+    throw new Error("keychain-write-failed");
+  }
+}
+
 // ../../packages/runtime-profiles/src/cloud-sync/service.ts
 var SYNC_SIZE_WARN_BYTES = 1 * 1024 * 1024;
 var SYNC_SIZE_MAX_BYTES = 5 * 1024 * 1024;
@@ -16276,7 +16713,8 @@ async function readState() {
     lastPushAt: state.sync.lastPushAt ?? void 0,
     lastPullAt: state.sync.lastPullAt ?? void 0,
     lastError: state.sync.lastError ?? void 0,
-    remoteUpdatedAt: state.sync.remoteUpdatedAt ?? void 0
+    remoteUpdatedAt: state.sync.remoteUpdatedAt ?? void 0,
+    remoteKind: state.sync.remoteKind ?? "none"
   };
 }
 async function writeState(patch) {
@@ -16285,7 +16723,8 @@ async function writeState(patch) {
       ...typeof patch.lastPushAt === "string" ? { lastPushAt: patch.lastPushAt } : {},
       ...typeof patch.lastPullAt === "string" ? { lastPullAt: patch.lastPullAt } : {},
       ...typeof patch.lastError === "string" ? { lastError: patch.lastError } : patch.lastError === void 0 ? { lastError: null } : {},
-      ...typeof patch.remoteUpdatedAt === "string" ? { remoteUpdatedAt: patch.remoteUpdatedAt } : {}
+      ...typeof patch.remoteUpdatedAt === "string" ? { remoteUpdatedAt: patch.remoteUpdatedAt } : patch.remoteUpdatedAt === void 0 ? {} : { remoteUpdatedAt: null },
+      ...patch.remoteKind ? { remoteKind: patch.remoteKind } : {}
     }
   });
 }
@@ -16338,7 +16777,7 @@ async function buildLocalSnapshot(profileManager, options = {}) {
     throw new Error("Refusing to push an empty cloud sync snapshot.");
   }
   const snapshot = {
-    schemaVersion: CLOUD_SYNC_SCHEMA_VERSION,
+    schemaVersion: CLOUD_SYNC_PLAINTEXT_SCHEMA_VERSION,
     updatedAt: (/* @__PURE__ */ new Date()).toISOString(),
     profiles,
     configTomlContent: config.exists ? config.content : null,
@@ -16363,6 +16802,34 @@ async function applyRemoteSnapshot(profileManager, snapshot) {
     await writeCodexSettingsJsonRaw({});
   }
 }
+function getSnapshotKind(snapshot) {
+  if (!snapshot) {
+    return "none";
+  }
+  return snapshot.schemaVersion === CLOUD_SYNC_ENCRYPTED_SCHEMA_VERSION ? "encrypted" : "legacy-plaintext";
+}
+async function resolvePassphrase(licenseKey, options) {
+  if (typeof options?.passphrase === "string" && options.passphrase.length > 0) {
+    return { value: requireCloudSyncPassphrase(options.passphrase), source: "input" };
+  }
+  const remembered = await readRememberedCloudSyncPassphrase(licenseKey);
+  if (remembered) {
+    return { value: remembered, source: "keychain" };
+  }
+  throw new Error("Cloud Sync passphrase is required.");
+}
+async function rememberPassphraseIfRequested(licenseKey, options, passphrase) {
+  if (options?.rememberPassphrase !== true || passphrase.source !== "input") {
+    return;
+  }
+  try {
+    await writeRememberedCloudSyncPassphrase(licenseKey, passphrase.value);
+  } catch (error) {
+    logWarn("[cloud-sync] failed to remember passphrase in keychain", {
+      error: error instanceof Error ? error.message : String(error)
+    });
+  }
+}
 function toRunError(mode, error) {
   const message = formatUserFacingError(error, {
     fallback: `Cloud sync ${mode} failed.`
@@ -16379,14 +16846,23 @@ async function getCloudSyncStatus() {
   const eligibility = await resolveEligibility();
   const state = await readState();
   let remoteUpdatedAt = state.remoteUpdatedAt ?? null;
+  let remoteKind = state.remoteKind ?? "none";
+  let hasRememberedPassphrase = false;
   if (eligibility.canSync && eligibility.licenseKey) {
+    hasRememberedPassphrase = Boolean(
+      await readRememberedCloudSyncPassphrase(eligibility.licenseKey).catch(() => null)
+    );
     try {
-      remoteUpdatedAt = await fetchRemoteSnapshotMeta(eligibility.licenseKey);
+      const remoteMeta = await fetchRemoteSnapshotMeta(eligibility.licenseKey);
+      remoteUpdatedAt = remoteMeta.updatedAt;
+      remoteKind = remoteMeta.snapshotKind;
+      await writeState({ remoteUpdatedAt, remoteKind });
     } catch (error) {
       if (error instanceof CloudSyncClientError && error.status === 404) {
         try {
           const remote = await fetchRemoteSnapshot(eligibility.licenseKey);
           remoteUpdatedAt = remote?.updatedAt ?? null;
+          remoteKind = getSnapshotKind(remote);
         } catch {
         }
       }
@@ -16397,13 +16873,15 @@ async function getCloudSyncStatus() {
     reason: eligibility.reason,
     licenseState: eligibility.licenseState,
     hasLicenseKey: Boolean(eligibility.licenseKey),
+    hasRememberedPassphrase,
     lastPushAt: state.lastPushAt ?? null,
     lastPullAt: state.lastPullAt ?? null,
     lastError: state.lastError ?? null,
-    remoteUpdatedAt
+    remoteUpdatedAt,
+    remoteKind
   };
 }
-async function pushCloudSync() {
+async function pushCloudSync(options = {}) {
   const eligibility = await resolveEligibility();
   if (!eligibility.canSync || !eligibility.licenseKey) {
     return {
@@ -16418,7 +16896,9 @@ async function pushCloudSync() {
   try {
     await profileManager.initialize();
     const localSnapshot = await buildLocalSnapshot(profileManager, { enforcePushGuards: true });
-    const serializedSnapshot = JSON.stringify(localSnapshot);
+    const passphrase = await resolvePassphrase(eligibility.licenseKey, options);
+    const encryptedSnapshot = await encryptCloudSyncSnapshot(localSnapshot, passphrase.value);
+    const serializedSnapshot = JSON.stringify(encryptedSnapshot);
     const snapshotBytes = Buffer.byteLength(serializedSnapshot, "utf8");
     if (snapshotBytes > SYNC_SIZE_WARN_BYTES) {
       logWarn("[cloud-sync] push snapshot is large", {
@@ -16434,12 +16914,14 @@ async function pushCloudSync() {
     if (process.env.NODE_ENV !== "production") {
       logInfo("[cloud-sync] push snapshot summary", summarizeSnapshot(localSnapshot));
     }
-    const remote = await pushRemoteSnapshot(eligibility.licenseKey, localSnapshot, {
+    const remote = await pushRemoteSnapshot(eligibility.licenseKey, encryptedSnapshot, {
       serializedSnapshot
     });
+    const remoteKind = getSnapshotKind(remote.snapshot);
     await writeState({
       lastPushAt: (/* @__PURE__ */ new Date()).toISOString(),
       remoteUpdatedAt: remote.snapshot.updatedAt,
+      remoteKind,
       lastError: void 0
     });
     if (remote.status === "stale") {
@@ -16451,6 +16933,7 @@ async function pushCloudSync() {
         remoteUpdatedAt: remote.snapshot.updatedAt
       };
     }
+    await rememberPassphraseIfRequested(eligibility.licenseKey, options, passphrase);
     return {
       mode: "push",
       status: "applied",
@@ -16465,7 +16948,7 @@ async function pushCloudSync() {
     return result;
   }
 }
-async function pullCloudSync() {
+async function pullCloudSync(options = {}) {
   const eligibility = await resolveEligibility();
   if (!eligibility.canSync || !eligibility.licenseKey) {
     return {
@@ -16481,6 +16964,7 @@ async function pullCloudSync() {
     await profileManager.initialize();
     const remote = await fetchRemoteSnapshot(eligibility.licenseKey);
     if (!remote) {
+      await writeState({ remoteUpdatedAt: null, remoteKind: "none" });
       return {
         mode: "pull",
         status: "skipped",
@@ -16489,17 +16973,30 @@ async function pullCloudSync() {
         remoteUpdatedAt: null
       };
     }
-    await applyRemoteSnapshot(profileManager, remote);
+    const remoteKind = getSnapshotKind(remote);
+    let passphrase = null;
+    let plainSnapshot;
+    if (remote.schemaVersion === CLOUD_SYNC_ENCRYPTED_SCHEMA_VERSION) {
+      passphrase = await resolvePassphrase(eligibility.licenseKey, options);
+      plainSnapshot = await decryptCloudSyncSnapshot(remote, passphrase.value);
+    } else {
+      plainSnapshot = remote;
+    }
+    await applyRemoteSnapshot(profileManager, plainSnapshot);
     await writeState({
       lastPullAt: (/* @__PURE__ */ new Date()).toISOString(),
       remoteUpdatedAt: remote.updatedAt,
+      remoteKind,
       lastError: void 0
     });
+    if (passphrase) {
+      await rememberPassphraseIfRequested(eligibility.licenseKey, options, passphrase);
+    }
     return {
       mode: "pull",
       status: "applied",
-      message: "Cloud sync pull completed.",
-      localUpdatedAt: remote.updatedAt,
+      message: remoteKind === "legacy-plaintext" ? "Legacy cloud sync pull completed. Push again to encrypt the remote snapshot." : "Cloud sync pull completed.",
+      localUpdatedAt: plainSnapshot.updatedAt,
       remoteUpdatedAt: remote.updatedAt
     };
   } catch (error) {
@@ -16511,6 +17008,20 @@ async function pullCloudSync() {
 }
 
 // src/commands/sync.ts
+async function readPassphraseFromStdin() {
+  let value = "";
+  for await (const chunk of process.stdin) {
+    value += String(chunk);
+  }
+  return value.replace(/\r?\n$/, "");
+}
+async function resolvePassphraseOptions(flags) {
+  if (hasFlag(flags, "--passphrase-stdin")) {
+    return { passphrase: await readPassphraseFromStdin() };
+  }
+  const fromEnv = process.env.CODEXUSE_SYNC_PASSPHRASE;
+  return { passphrase: typeof fromEnv === "string" && fromEnv.length > 0 ? fromEnv : null };
+}
 function printSyncResult(result) {
   console.log(result.message);
   if (result.localUpdatedAt) {
@@ -16542,6 +17053,8 @@ async function handleSync(args, version) {
       if (status.remoteUpdatedAt) {
         console.log(`Remote snapshot: ${status.remoteUpdatedAt}`);
       }
+      console.log(`Remote kind: ${status.remoteKind}`);
+      console.log(`Remembered passphrase: ${status.hasRememberedPassphrase ? "yes" : "no"}`);
       if (status.lastPushAt) {
         console.log(`Last push: ${status.lastPushAt}`);
       }
@@ -16554,7 +17067,7 @@ async function handleSync(args, version) {
       return;
     }
     case "pull": {
-      const result = await pullCloudSync();
+      const result = await pullCloudSync(await resolvePassphraseOptions(flags));
       printSyncResult(result);
       if (result.status === "error") {
         process.exitCode = 1;
@@ -16562,7 +17075,7 @@ async function handleSync(args, version) {
       return;
     }
     case "push": {
-      const result = await pushCloudSync();
+      const result = await pushCloudSync(await resolvePassphraseOptions(flags));
       printSyncResult(result);
       if (result.status === "error") {
         process.exitCode = 1;
@@ -16590,7 +17103,7 @@ async function ensureCliStorageReady() {
 }
 
 // src/app/main.ts
-var VERSION = true ? "5.0.6" : "0.0.0";
+var VERSION = true ? "5.0.8" : "0.0.0";
 async function runCli() {
   const args = process.argv.slice(2);
   if (args.length === 0) {