ethagent 1.1.2 → 2.0.0

package/src/runtime/turn.ts

@@ -55,12 +55,6 @@ function normalize(event: StreamEvent): ProviderTurnEvent {
   }
 }
 
-/**
- * MAX_CONTINUATION_NUDGES: if the model stops a turn without emitting any
- * tool_use AND the last assistant text signals intent to continue (e.g.
- * "now I'll..."), we re-invoke the provider up to this many times with a
- * small meta nudge appended.
- */
 export const MAX_CONTINUATION_NUDGES = 3
 
 export type ContinuationNudgeReason =
@@ -97,11 +91,6 @@ const PRIVATE_CONTINUITY_REPAIR_NUDGE_TEXT =
 const REASONING_ONLY_NUDGE_TEXT =
   'You produced private reasoning but no user-visible answer. Answer the user now in visible text. Do not continue only with reasoning.'
 
-/**
- * TurnEvent - events emitted by the runtime turn loop. The UI layer subscribes
- * and translates these into Ink rows, notes, permission prompts, and session
- * writes. The shape is intentionally trimmed to what ethagent actually uses.
- */
 export type TurnEvent =
   | { type: 'iteration_start'; index: number }
   | { type: 'text'; delta: string }
@@ -144,66 +133,21 @@ export type ExecutedToolUse = {
   cwd: string
 }
 
-/**
- * The runtime loop needs a way to hand pending tool_uses to the host (the UI
- * adapter) so the host can:
- *   - render tool_use / tool_result rows,
- *   - persist tool_use / tool_result session messages,
- *   - route permission prompts,
- *   - and detect cancellation mid-execution.
- *
- * The host returns what actually happened so the loop can feed tool_results
- * back to the provider for the next iteration.
- */
 export type ToolBatchRunner = (
   pendingToolUses: PendingToolUse[],
 ) => Promise<{ cancelled: boolean; completedTools: ExecutedToolUse[] }>
 
-/**
- * rebuildWorkingMessages: after every tool batch, the host recomputes the
- * Message[] it wants to send to the provider. This keeps microcompact,
- * system-prompt composition, and file-mention context completely outside the
- * loop - the loop only cares about "give me the next prompt window".
- */
 export type RebuildMessages = () => Message[] | Promise<Message[]>
 
 export type RuntimeTurnParams = {
   provider: Provider
   signal: AbortSignal
-  /** Initial Message[] to send. */
   initialMessages: Message[]
-  /**
-   * Called after every tool execution round to rebuild the Message[] for the
-   * next provider call. The host is responsible for microcompact, system
-   * prompt, and any mention context - the loop is deliberately dumb here.
-   */
   rebuildMessages: RebuildMessages
   runToolBatch: ToolBatchRunner
-  /** Upper bound on continuation nudges per turn. Defaults to MAX_CONTINUATION_NUDGES. */
   maxContinuationNudges?: number
 }
 
-/**
- * runRuntimeTurn - the one and only turn loop.
- *
- * Shape:
- *   1. Stream the provider.
- *   2. Collect tool_use blocks from native `tool_use_stop` events.
- *   3. If the model emitted tool_uses: execute them, feed results back, loop.
- *   4. If it didn't: check if the last assistant text signals intent to
- *      continue ("now I'll..."). If yes and we're under the cap, append a
- *      soft meta nudge and loop. Otherwise exit.
- *
- * Intentionally absent:
- *   - No provider-family branching (no isLocalProvider specialization).
- *   - No broad regex fallback tool parsing. A narrow local-model
- *     compatibility parser handles standalone JSON tool payloads only.
- *   - No duplicate-tool-call suppression. The model is allowed to repeat.
- *   - No broad forced-repair retries on tool input validation errors - errors
- *     go back to the model as tool_result(is_error). Private continuity gets
- *     one narrow local-model repair nudge because bad JSON there is common and
- *     user-visible.
- */
 export async function* runRuntimeTurn(
   params: RuntimeTurnParams,
 ): AsyncGenerator<TurnEvent, void, void> {
@@ -301,8 +245,6 @@ export async function* runRuntimeTurn(
       const parsedToolUses = parseLocalModelTextToolUses(provider, assistantText, iterationIndex - 1)
       if (parsedToolUses.length > 0) {
         pendingToolUses.push(...parsedToolUses)
-        // Signal the orchestrator to discard any streamed assistant text
-        // rows that contained the JSON blob - they should not be persisted.
         yield { type: 'local_tool_recovery' }
         for (const parsedToolUse of parsedToolUses) {
           yield {
@@ -371,10 +313,6 @@ export async function* runRuntimeTurn(
             attempt: continuationNudges,
             reason: 'tool_state_claim',
           }
-          // Rebuild from scratch, inject a correction context message to
-          // demote prior unsupported assistant claims, then append the nudge.
-          // This prevents the model from reinforcing its own false claims
-          // on subsequent iterations within the same turn.
           workingMessages = [
             ...await rebuildMessages(),
             {
@@ -397,7 +335,6 @@ export async function* runRuntimeTurn(
       }
     }
 
-    // No tool work: model decided this turn is over (modulo continuation nudge).
     if (pendingToolUses.length === 0) {
       if (!assistantText && thinkingSeen) {
         if (continuationNudges < maxContinuationNudges) {
@@ -423,9 +360,6 @@ export async function* runRuntimeTurn(
 
       const nudge = nextNudge(provider, assistantText)
       if (assistantText && continuationNudges < maxContinuationNudges && nudge) {
-        // After a tool batch, the model's summary text often accidentally
-        // matches the continuation-intent heuristic ("I've updated...").
-        // Commit the text and end the turn instead of nudging again.
         if (hadToolsLastRound && nudge.reason === 'continuation') {
           yield { type: 'assistant_message_committed', text: assistantText }
           yield doneEvent(true, stopReason)
@@ -461,10 +395,6 @@ export async function* runRuntimeTurn(
       return
     }
 
-    // Tool work: hand the batch to the host. The host renders rows, persists
-    // the tool_use/tool_result session messages, and routes permission prompts.
-    // We then emit tool_executed events so UI adapters that care (e.g., tests)
-    // can observe each completed tool before we loop back to the provider.
     const batch = await runToolBatch(pendingToolUses)
     for (const completed of batch.completedTools) {
       toolEvidenceThisTurn.push({
@@ -659,11 +589,6 @@ function parseTextToolPayloads(payload: string): Array<{ name: string; input: Re
   return normalizeParsedToolPayloads(parsed)
 }
 
-function parseTextToolPayload(payload: string): { name: string; input: Record<string, unknown> } | null {
-  const calls = parseTextToolPayloads(payload)
-  return calls.length === 1 ? calls[0]! : null
-}
-
 function normalizeParsedToolPayloads(value: unknown): Array<{ name: string; input: Record<string, unknown> }> {
   if (Array.isArray(value)) {
     return value.flatMap(normalizeParsedToolPayloads)
@@ -687,11 +612,6 @@ function normalizeParsedToolPayloads(value: unknown): Array<{ name: string; inpu
   return call ? [call] : []
 }
 
-function normalizeParsedToolPayload(value: unknown): { name: string; input: Record<string, unknown> } | null {
-  const calls = normalizeParsedToolPayloads(value)
-  return calls.length === 1 ? calls[0]! : null
-}
-
 function normalizeNameAndInput(
   name: unknown,
   rawInput: unknown,
@@ -808,18 +728,6 @@ export function looksLikeToolDelegationText(text: string): boolean {
   return askUser || selfIntent || commandForm || asksForOutput
 }
 
-/**
- * looksLikeContinuationIntent - heuristic for continuation nudge detection.
- *
- * Two rules:
- *   1. If the text contains an explicit completion marker ("done", "all set",
- *      "let me know if"), never nudge.
- *   2. Otherwise, nudge iff at least one action-intent pattern matches
- *      ("now I'll edit", "let me create", "time to run", etc.).
- *
- * Deliberately narrow. We never rewrite the model's output; we only decide
- * whether to append a short meta user message and re-stream.
- */
 export function looksLikeContinuationIntent(text: string): boolean {
   const lower = text.toLowerCase()
 

package/src/storage/atomicWrite.ts

@@ -1,8 +1,11 @@
+import crypto from 'node:crypto'
 import fs from 'node:fs/promises'
 
 const RETRYABLE_RENAME_CODES = new Set(['EPERM', 'EBUSY', 'EACCES'])
 const RETRY_DELAYS_MS = [20, 60, 120]
 
+let tempCounter = 0
+
 type WriteOptions = {
   mode?: number
 }
@@ -12,7 +15,7 @@ export async function atomicWriteText(
   data: string,
   options: WriteOptions = {},
 ): Promise<void> {
-  const tmp = `${file}.${process.pid}.${Date.now()}.tmp`
+  const tmp = `${file}.${process.pid}.${Date.now()}.${(tempCounter = (tempCounter + 1) >>> 0)}.${crypto.randomBytes(4).toString('hex')}.tmp`
   const mode = options.mode ?? 0o600
 
   await fs.writeFile(tmp, data, { encoding: 'utf8', mode })

package/src/storage/config.ts

@@ -8,7 +8,7 @@ export const PROVIDERS = ['llamacpp', 'openai', 'anthropic', 'gemini'] as const
 export type ProviderId = (typeof PROVIDERS)[number]
 const LEGACY_PROVIDERS = ['ollama', ...PROVIDERS] as const
 
-export const SELECTABLE_NETWORKS = ['mainnet', 'arbitrum', 'base', 'optimism', 'polygon'] as const
+export const SELECTABLE_NETWORKS = ['mainnet', 'base'] as const
 export type SelectableNetwork = (typeof SELECTABLE_NETWORKS)[number]
 
 const IdentitySchema = z.object({
@@ -16,6 +16,7 @@ const IdentitySchema = z.object({
   createdAt: z.string(),
   source: z.enum(['local-key', 'erc8004']).optional(),
   ownerAddress: z.string().regex(/^0x[a-fA-F0-9]{40}$/).optional(),
+  connectedWallet: z.string().regex(/^0x[a-fA-F0-9]{40}$/).optional(),
   chainId: z.number().int().positive().optional(),
   rpcUrl: z.string().url().optional(),
   identityRegistryAddress: z.string().regex(/^0x[a-fA-F0-9]{40}$/).optional(),
@@ -37,6 +38,14 @@ const IdentitySchema = z.object({
     agentUri: z.string().min(1).optional(),
     metadataCid: z.string().min(1).optional(),
     txHash: z.string().regex(/^0x[a-fA-F0-9]+$/).optional(),
+    transferSnapshot: z.object({
+      kind: z.literal('dual-wallet'),
+      senderAddress: z.string().regex(/^0x[a-fA-F0-9]{40}$/),
+      receiverAddress: z.string().regex(/^0x[a-fA-F0-9]{40}$/),
+      receiverHandle: z.string().min(1).optional(),
+      slotCount: z.number().int().positive(),
+      createdAt: z.string().optional(),
+    }).optional(),
     pastBackups: z.array(z.object({
       cid: z.string().min(1),
       createdAt: z.string(),
@@ -48,6 +57,22 @@ const IdentitySchema = z.object({
     updatedAt: z.string().optional(),
     status: z.enum(['pinned', 'failed', 'unknown']).optional(),
   }).optional(),
+  pendingTx: z.object({
+    hash: z.string().regex(/^0x[a-fA-F0-9]+$/),
+    kind: z.enum([
+      'register',
+      'rebackup-uri',
+      'rebackup-uri-vault',
+      'token-transfer',
+      'public-profile',
+      'vault-deploy',
+      'vault-deposit',
+      'vault-unwrap',
+      'vault-withdraw',
+    ]),
+    chainId: z.number().int().positive(),
+    submittedAt: z.string(),
+  }).optional(),
 })
 
 const ConfigSchema = z.object({
@@ -62,8 +87,13 @@ const ConfigSchema = z.object({
     rpcUrl: z.string().url(),
     identityRegistryAddress: z.string().regex(/^0x[a-fA-F0-9]{40}$/),
     fromBlock: z.string().regex(/^\d+$/).optional(),
+    operatorVaults: z.record(
+      z.string().regex(/^\d+$/),
+      z.string().regex(/^0x[a-fA-F0-9]{40}$/),
+    ).optional(),
   }).optional(),
   selectedNetwork: z.enum(SELECTABLE_NETWORKS).optional(),
+  configVersion: z.number().int().nonnegative().optional(),
 })
 
 const LEGACY_OLLAMA_BASE_URL = 'http://localhost:11434/v1'
@@ -74,6 +104,7 @@ const LegacyConfigSchema = ConfigSchema.extend({
 type LegacyConfig = z.infer<typeof LegacyConfigSchema>
 
 export type EthagentIdentity = z.infer<typeof IdentitySchema>
+export type TransferSnapshotMetadata = NonNullable<NonNullable<EthagentIdentity['backup']>['transferSnapshot']>
 
 export type EthagentConfig = z.infer<typeof ConfigSchema>
 
@@ -112,11 +143,143 @@ export async function loadConfig(): Promise<EthagentConfig | null> {
 
 export async function saveConfig(config: EthagentConfig): Promise<void> {
   await ensureConfigDir()
-  const validated = ConfigSchema.parse(normalizeConfig(config))
+  const bumped: EthagentConfig = {
+    ...normalizeConfig(config),
+    configVersion: (config.configVersion ?? 0) + 1,
+  }
+  const validated = ConfigSchema.parse(bumped)
   const file = getConfigPath()
   await atomicWriteText(file, JSON.stringify(validated, null, 2) + '\n')
 }
 
+export class ConfigVersionStaleError extends Error {
+  readonly baseVersion: number | undefined
+  readonly currentVersion: number | undefined
+  constructor(baseVersion: number | undefined, currentVersion: number | undefined) {
+    super('Config write conflict detected: another writer beat this update. Retry to merge.')
+    this.name = 'ConfigVersionStaleError'
+    this.baseVersion = baseVersion
+    this.currentVersion = currentVersion
+  }
+}
+
+export async function saveConfigGuarded(
+  prev: EthagentConfig | null,
+  next: EthagentConfig,
+): Promise<EthagentConfig> {
+  const current = await loadConfig()
+  const currentVersion = current?.configVersion
+  const baseVersion = prev?.configVersion
+  if (currentVersion !== baseVersion) {
+    throw new ConfigVersionStaleError(baseVersion, currentVersion)
+  }
+  const toWrite: EthagentConfig = { ...next, configVersion: currentVersion ?? 0 }
+  await saveConfig(toWrite)
+  return { ...toWrite, configVersion: (currentVersion ?? 0) + 1 }
+}
+
+export async function saveConfigWithMerge(
+  applyPatch: (current: EthagentConfig | null) => EthagentConfig | Promise<EthagentConfig>,
+  attempts: number = 3,
+): Promise<EthagentConfig> {
+  let lastErr: ConfigVersionStaleError | undefined
+  for (let attempt = 0; attempt < attempts; attempt++) {
+    const current = await loadConfig()
+    const next = await applyPatch(current)
+    try {
+      return await saveConfigGuarded(current, next)
+    } catch (err: unknown) {
+      if (!(err instanceof ConfigVersionStaleError)) throw err
+      lastErr = err
+    }
+  }
+  throw lastErr ?? new ConfigVersionStaleError(undefined, undefined)
+}
+
+export function getConfiguredOperatorVaultAddress(
+  config: EthagentConfig | null | undefined,
+  chainId: number,
+): string | undefined {
+  return config?.erc8004?.operatorVaults?.[String(chainId)]
+}
+
+export function buildSeedConfigForIdentity(args: {
+  identity: EthagentIdentity
+  chainId: number
+  rpcUrl: string
+  identityRegistryAddress: string
+}): EthagentConfig {
+  return {
+    version: 1,
+    provider: 'llamacpp',
+    model: defaultModelFor('llamacpp'),
+    firstRunAt: new Date().toISOString(),
+    identity: { ...args.identity, source: 'erc8004' },
+    erc8004: {
+      chainId: args.chainId,
+      rpcUrl: args.rpcUrl,
+      identityRegistryAddress: args.identityRegistryAddress,
+    },
+  }
+}
+
+export function setConfiguredOperatorVaultAddress(
+  config: EthagentConfig,
+  chainId: number,
+  vaultAddress: string,
+): EthagentConfig {
+  if (!config.erc8004) {
+    throw new Error('Cannot record operator delegation vault address: erc8004 registry config is not set')
+  }
+  return {
+    ...config,
+    erc8004: {
+      ...config.erc8004,
+      operatorVaults: {
+        ...(config.erc8004.operatorVaults ?? {}),
+        [String(chainId)]: vaultAddress,
+      },
+    },
+  }
+}
+
+export type PendingTxRecord = NonNullable<EthagentIdentity['pendingTx']>
+export type PendingTxKind = PendingTxRecord['kind']
+
+export async function recordPendingTx(record: PendingTxRecord): Promise<EthagentConfig | null> {
+  return savePendingTxMutation(identity => ({ ...identity, pendingTx: record }))
+}
+
+export async function clearPendingTx(): Promise<EthagentConfig | null> {
+  return savePendingTxMutation(identity => {
+    if (!identity.pendingTx) return null
+    const { pendingTx: _drop, ...identityRest } = identity
+    return identityRest
+  })
+}
+
+async function savePendingTxMutation(
+  mutate: (identity: NonNullable<EthagentConfig['identity']>) => NonNullable<EthagentConfig['identity']> | null,
+): Promise<EthagentConfig | null> {
+  for (let attempt = 0; attempt < 2; attempt++) {
+    const config = await loadConfig()
+    if (!config?.identity) return config
+    const mutatedIdentity = mutate(config.identity)
+    if (!mutatedIdentity) return config
+    const next: EthagentConfig = { ...config, identity: mutatedIdentity }
+    try {
+      return await saveConfigGuarded(config, next)
+    } catch (err: unknown) {
+      if (!(err instanceof ConfigVersionStaleError)) throw err
+      if (attempt === 1) {
+        console.warn('[ethagent] pending-tx config write skipped: cross-tab conflict persisted after retry')
+        return null
+      }
+    }
+  }
+  return null
+}
+
 export async function deleteConfig(): Promise<void> {
   try {
     await fs.unlink(getConfigPath())
@@ -148,9 +311,22 @@ export function localProviderBaseUrlFor(provider: LocalProviderId, baseUrl?: str
 }
 
 export function normalizeConfig(config: EthagentConfig): EthagentConfig {
-  if (config.provider !== 'llamacpp') return config
-  const baseUrl = localProviderBaseUrlFor(config.provider, config.baseUrl)
-  return config.baseUrl === baseUrl ? config : { ...config, baseUrl }
+  let next = config
+  if (next.provider === 'llamacpp') {
+    const baseUrl = localProviderBaseUrlFor(next.provider, next.baseUrl)
+    if (next.baseUrl !== baseUrl) next = { ...next, baseUrl }
+  }
+  if (!next.erc8004 && next.identity?.chainId && next.identity.identityRegistryAddress && next.identity.rpcUrl) {
+    next = {
+      ...next,
+      erc8004: {
+        chainId: next.identity.chainId,
+        rpcUrl: next.identity.rpcUrl,
+        identityRegistryAddress: next.identity.identityRegistryAddress,
+      },
+    }
+  }
+  return next
 }
 
 function migrateLegacyConfig(config: LegacyConfig): EthagentConfig {

package/src/storage/identity.ts

@@ -5,7 +5,6 @@ import {
   type EthagentIdentity,
 } from './config.js'
 import {
-  getSecret,
   rmSecret,
   hasSecret,
   whichBackend,
@@ -59,7 +58,7 @@ export async function setTokenIdentity(
   identity: EthagentIdentity,
 ): Promise<EthagentConfig> {
   if (!identity.address || !identity.agentId || !identity.agentUri || !identity.ownerAddress) {
-    throw new Error('token identity is missing ERC-8004 metadata')
+    throw new Error('Token identity is missing ERC-8004 metadata')
   }
   const next: EthagentConfig = {
     ...config,
@@ -68,6 +67,13 @@ export async function setTokenIdentity(
       source: 'erc8004',
     },
   }
+  if (!next.erc8004 && identity.chainId && identity.rpcUrl && identity.identityRegistryAddress) {
+    next.erc8004 = {
+      chainId: identity.chainId,
+      rpcUrl: identity.rpcUrl,
+      identityRegistryAddress: identity.identityRegistryAddress,
+    }
+  }
   await saveConfig(next)
   return next
 }
@@ -76,7 +82,7 @@ export async function updateIdentityBackup(
   config: EthagentConfig,
   backup: NonNullable<EthagentIdentity['backup']>,
 ): Promise<EthagentConfig> {
-  if (!config.identity) throw new Error('no identity set')
+  if (!config.identity) throw new Error('No identity set')
   const next: EthagentConfig = {
     ...config,
     identity: {

package/src/storage/secrets.ts

@@ -24,7 +24,7 @@ async function loadKeytar(): Promise<Keytar | null> {
     if (typeof api.getPassword !== 'function'
       || typeof api.setPassword !== 'function'
       || typeof api.deletePassword !== 'function') {
-      throw new Error('keytar module shape unexpected')
+      throw new Error('Keytar module shape unexpected')
     }
     await api.getPassword(KEYTAR_SERVICE, '__ethagent_probe__')
     keytarCache = api
@@ -130,7 +130,7 @@ export async function getSecret(account: string): Promise<string | null> {
 
 export async function setSecret(account: string, value: string): Promise<KeyBackend> {
   const trimmed = value.trim()
-  if (!trimmed) throw new Error('secret value is empty')
+  if (!trimmed) throw new Error('Secret value is empty')
   const keytar = await loadKeytar()
   if (keytar) {
     await keytar.setPassword(KEYTAR_SERVICE, account, trimmed)

package/src/tools/bashSafety.ts

@@ -132,6 +132,14 @@ export function validateBashCommandInput(command: string): string | undefined {
     return `command must be an actual shell command, not an ethagent tool name. ${nativeToolMessage}`
   }
 
+  if (normalizedFirstToken === 'echo' || normalizedFirstToken === 'printf') {
+    const rest = trimmed.slice(firstToken.length)
+    const hasShellMeta = /[|&;<>`$]/.test(rest)
+    if (!hasShellMeta) {
+      return `do not use ${normalizedFirstToken} to emit conversational text; reply directly in your assistant message instead.`
+    }
+  }
+
   if (
     /\b(you can|you should|you need|run the following command|written in|under the|to run(?: the game)?|copy and paste|save (?:it|this))/i.test(trimmed)
   ) {

package/src/tools/changeDirectoryTool.ts

@@ -56,7 +56,7 @@ function resolveTargetDirectory(workspaceRoot: string, requestedPath: string): s
 function resolveDirectoryIntent(input: string, workspaceRoot: string): string {
   const normalized = normalizeIntentInput(input)
   if (!normalized) {
-    throw new Error('missing directory path')
+    throw new Error('Missing directory path')
   }
 
   if (looksLikeConcretePath(normalized)) {

package/src/tools/deleteFileTool.ts

@@ -70,7 +70,7 @@ async function prepareDelete(input: z.infer<typeof schema>, context: { workspace
   const fullPath = resolveWorkspacePath(context.workspaceRoot, input.path)
   const stats = await fs.stat(fullPath)
   if (stats.isDirectory()) {
-    throw new Error('delete_file path points to a directory; provide a file path')
+    throw new Error('Tool delete_file path points to a directory; provide a file path')
   }
   const before = await fs.readFile(fullPath, 'utf8')
   return {
@@ -83,13 +83,13 @@ async function prepareDelete(input: z.infer<typeof schema>, context: { workspace
 function assertSafeDeletePath(requestedPath: string): void {
   const trimmed = requestedPath.trim()
   if (trimmed !== requestedPath || trimmed.length === 0) {
-    throw new Error('delete_file path must be a clean workspace-relative file path')
+    throw new Error('Tool delete_file path must be a clean workspace-relative file path')
   }
   if (/[|;&<>`]/.test(trimmed)) {
-    throw new Error('delete_file path must not contain shell operators')
+    throw new Error('Tool delete_file path must not contain shell operators')
   }
   if (/^(?:rm|del|erase|rmdir|remove-item|mkdir|type|cat|echo|copy|move|mv|cp)\b/i.test(trimmed)) {
-    throw new Error('delete_file path looks like a shell command; pass only the file path')
+    throw new Error('Tool delete_file path looks like a shell command; pass only the file path')
   }
 }
 

package/src/tools/editTool.ts

@@ -114,7 +114,7 @@ async function assertEditableFileTarget(fullPath: string): Promise<void> {
   try {
     const stats = await fs.stat(fullPath)
     if (stats.isDirectory()) {
-      throw new Error('edit_file path points to a directory; provide a file path')
+      throw new Error('Tool edit_file path points to a directory; provide a file path')
     }
   } catch (error: unknown) {
     if ((error as NodeJS.ErrnoException).code === 'ENOENT') return
@@ -125,15 +125,15 @@ async function assertEditableFileTarget(fullPath: string): Promise<void> {
 function assertSafeEditPath(requestedPath: string): void {
   const trimmed = requestedPath.trim()
   if (trimmed !== requestedPath || trimmed.length === 0) {
-    throw new Error('edit_file path must be a clean workspace-relative file path')
+    throw new Error('Tool edit_file path must be a clean workspace-relative file path')
   }
 
   if (/[|;&<>`]/.test(trimmed)) {
-    throw new Error('edit_file path must not contain shell operators')
+    throw new Error('Tool edit_file path must not contain shell operators')
   }
 
   if (/^(?:rm|del|erase|rmdir|remove-item|mkdir|type|cat|echo|copy|move|mv|cp)\b/i.test(trimmed)) {
-    throw new Error('edit_file path looks like a shell command; pass only the file path')
+    throw new Error('Tool edit_file path looks like a shell command; pass only the file path')
   }
 }
 

package/src/tools/editUtils.ts

@@ -21,7 +21,7 @@ export function applyRequestedEdit(
 ): AppliedEdit {
   if (!oldText) {
     if (newText.length === 0) {
-      throw new Error('edit_file newText is empty; empty whole-file writes are not valid unless replacing a specific oldText range')
+      throw new Error('Field newText is empty; empty whole-file writes are not valid unless replacing a specific oldText range')
     }
     return {
       before,
@@ -34,7 +34,7 @@ export function applyRequestedEdit(
 
   if (replaceAll) {
     const matchCount = countOccurrences(before, oldText)
-    if (matchCount === 0) throw new Error('oldText was not found in the file')
+    if (matchCount === 0) throw new Error('Field oldText was not found in the file')
     return {
       before,
       after: before.replaceAll(oldText, () => newText),
@@ -45,9 +45,9 @@ export function applyRequestedEdit(
   }
 
   const actualOldText = findUniqueEditableMatch(before, oldText)
-  if (!actualOldText) throw new Error('oldText was not found in the file')
+  if (!actualOldText) throw new Error('Field oldText was not found in the file')
   if (countOccurrences(before, actualOldText) > 1) {
-    throw new Error('oldText matched multiple locations; provide more context or use replaceAll')
+    throw new Error('Field oldText matched multiple locations; provide more context or use replaceAll')
   }
 
   const adjustedNewText = preserveQuoteStyle(oldText, actualOldText, newText)
@@ -62,7 +62,7 @@ export function applyRequestedEdit(
 
 function replaceSingleOccurrence(content: string, search: string, replace: string): string {
   const index = content.indexOf(search)
-  if (index === -1) throw new Error('oldText was not found in the file')
+  if (index === -1) throw new Error('Field oldText was not found in the file')
   return `${content.slice(0, index)}${replace}${content.slice(index + search.length)}`
 }
 

package/src/tools/privateContinuityEditTool.ts

@@ -82,7 +82,7 @@ export const privateContinuityEditTool: Tool<typeof schema> = {
     'For persona or standing behavior call exactly: {"file":"SOUL.md","appendToSection":"Persona","appendText":"- Persona or standing behavior note."}.',
     'Prefer appendToSection+appendText to build on an existing scaffold section; use oldText+newText only for targeted replacement after exact text is known.',
     'Whole-file replacement is disabled for private continuity.',
-    'Approved private continuity edits are not managed by /rewind; the previous version is saved to private identity history before writing.',
+    'Approved private continuity edits are not managed by /rewind.',
   ].join(' '),
   inputSchema: schema,
   inputSchemaJson: {
@@ -108,7 +108,7 @@ export const privateContinuityEditTool: Tool<typeof schema> = {
       path: prepared.fullPath,
       relativePath: prepared.relativePath,
       directoryPath: prepared.directoryPath,
-      title: 'approve private continuity edit?',
+      title: 'Approve Private Continuity Edit?',
       subtitle: prepared.fullPath,
       file: prepared.file,
       before: prepared.previewBefore,
@@ -132,7 +132,6 @@ export const privateContinuityEditTool: Tool<typeof schema> = {
       previousFiles,
       previousPublicSkills,
       changeSummary: prepared.changeSummary,
-      createdAt: new Date().toISOString(),
       sessionId: context.checkpoint?.sessionId,
       turnId: context.checkpoint?.turnId,
       promptSnippet: context.checkpoint?.promptSnippet,
@@ -153,9 +152,9 @@ function formatPrivateContinuityEditResult(file: 'SOUL.md' | 'MEMORY.md', fullPa
     '',
     `- File: \`identity-vault/${file}\``,
     `- Review file: \`${fullPath}\``,
-    '- Open: Identity Hub > Memory and Persona',
-    '- Save: Identity Hub > Recovery > Save Snapshot Now',
     '- History: previous version saved to private identity history; `/rewind` does not restore identity continuity',
+    '- Open: Identity Hub > Soul, Memory, and Skills',
+    '- Save: Identity Hub > Recovery > Save Snapshot Now',
   ].join('\n')
 }