forkoff 1.0.19 → 1.1.0

package/dist/websocket.js

@@ -6,6 +6,7 @@ const events_1 = require("events");
 const uuid_1 = require("uuid");
 const e2eeManager_1 = require("./crypto/e2eeManager");
 const server_1 = require("./server");
+const cloud_client_1 = require("./cloud-client");
 // Whitelist of events allowed via encrypted_message channel (inbound from mobile)
 const ALLOWED_ENCRYPTED_EVENTS = new Set([
     'terminal_command',
@@ -35,36 +36,40 @@ const ALLOWED_ENCRYPTED_EVENTS = new Set([
 // Events that carry user data and MUST be encrypted — plaintext fallback is refused.
 // If E2EE is not established, these are queued (not sent in plaintext).
 const ENFORCED_SENSITIVE_EVENTS = new Set([
-    // Core sensitive data
+    // Core sensitive data — these truly contain code/file contents
     'terminal_output',
     'read_file_response',
-    'directory_list_response',
     'permission_prompt',
     // Transcript data (contains full code, file contents, conversation history)
     'transcript_history',
     'transcript_update',
-    // Claude reasoning and session data
+    // Claude reasoning
     'thinking_content',
-    'task_progress',
-    'tool_activity',
-    // Approval context
+    // Approval context (contains code details)
     'claude_approval_request',
     'approval_request',
-    // Session metadata (contains directory paths, file paths, working directories)
+    // Pending permissions (contains prompt details)
+    'pending_permissions_sync',
+    // Session metadata (contains directory paths, session identifiers)
     'claude_session_update',
     'claude_session_batch_update',
+    'claude_session_event',
+    // Directory/file data
+    'directory_list_response',
     'terminal_cwd',
     'file_changed',
-    // Token usage (contains session identifiers)
+    // Token/usage/progress data
     'token_usage',
-    // Pending permissions (contains prompt details)
-    'pending_permissions_sync',
-    // Session events (may contain error messages with paths)
-    'claude_session_event',
-    // Usage analytics sync
+    'task_progress',
+    'tool_activity',
+    // Usage analytics
     'usage_stats_sync',
     'daily_usage_sync',
     'streak_info_sync',
+    // Tool status (contains tool state)
+    'tool_status_update',
+    // Session loading state signal
+    'session_loading',
 ]);
 // SECURITY: Inbound events from mobile that MUST arrive via E2EE decryption when active.
 // Plaintext versions are dropped when E2EE session is established with mobile peer.
@@ -84,7 +89,7 @@ const PLAINTEXT_DROP_EVENTS = [
     'directory_list', 'transcript_fetch', 'transcript_subscribe',
     'read_file', 'claude_approval_response', 'permission_response',
     'permission_rules_sync', 'claude_abort', 'tab_complete',
-    'usage_stats_request',
+    'usage_stats_request', 'sdk_session_history',
 ];
 /** Events forwarded from server that do NOT need plaintext-drop checking */
 const PASSTHROUGH_EVENTS = [
@@ -96,10 +101,14 @@ class WebSocketClient extends events_1.EventEmitter {
         this.server = null;
         this.heartbeatInterval = null;
         this._sessionId = '';
+        this.isCloudRelay = false;
         this.e2eeManager = null;
         this.e2eeInitialized = false;
         // The mobile device ID learned from key exchange (used for encrypting CLI→mobile messages)
         this.e2eePeerDeviceId = null;
+        this._keyExchangePending = false;
+        this._keyExchangeDebounceTimer = null;
+        this._keyExchangeDebounceTarget = null;
         // Queue for sensitive messages waiting for E2EE session establishment
         this.pendingSensitiveMessages = [];
         this.usageTracker = null;
@@ -117,38 +126,89 @@ class WebSocketClient extends events_1.EventEmitter {
         if (!deviceId) {
             throw new Error('Device not registered');
         }
+        this.isCloudRelay = false;
         this.server = new server_1.EmbeddedRelayServer({
             port,
             deviceId,
             deviceName: config_1.config.deviceName,
         });
         await this.server.start();
+        this.wireUpTransportEvents();
+    }
+    /** Connect to a cloud relay as a Socket.io client (instead of running a local server) */
+    async connectToRelay(url) {
+        const deviceId = config_1.config.deviceId;
+        if (!deviceId) {
+            throw new Error('Device not registered');
+        }
+        this.isCloudRelay = true;
+        const cloudClient = new cloud_client_1.CloudRelayClient({
+            url,
+            deviceId,
+            deviceName: config_1.config.deviceName,
+            relayToken: config_1.config.relayToken,
+        });
+        this.server = cloudClient;
+        await cloudClient.start();
+        this.wireUpTransportEvents();
+    }
+    /** Wire up event forwarding from the transport (shared between startServer and connectToRelay) */
+    wireUpTransportEvents() {
+        if (!this.server)
+            return;
         // When mobile connects, emit connected + start heartbeat + initiate E2EE
         this.server.on('mobile_connected', (data) => {
             console.log(`[WS] Mobile connected: ${data.deviceId}`);
             this.emit('connected');
             this.startHeartbeat();
-            // Initiate E2EE key exchange with the connected mobile device
-            if (this.e2eeManager && this.e2eeInitialized) {
+            // SECURITY: Clear stale E2EE peer state on every mobile connect.
+            // Mobile sessions are in-memory only — lost on app restart/reconnect.
+            // Without this, CLI would encrypt with a restored persisted session
+            // that mobile can't decrypt, causing "No session established" errors.
+            // A fresh key exchange will re-establish the session after debounce.
+            if (this.e2eePeerDeviceId) {
+                console.log(`[E2EE] Clearing stale peer state for ${this.e2eePeerDeviceId} (mobile reconnected)`);
+                this.e2eeManager?.clearSession(this.e2eePeerDeviceId);
+                this.e2eePeerDeviceId = null;
+            }
+            // Debounce E2EE key exchange initiation.
+            // Relay fires multiple mobile_connected events with different IDs per connection cycle.
+            // Wait for them to settle, then initiate ONE key exchange with the last ID.
+            // NOTE: Don't guard on e2eeInitialized here — initE2EE() is async and may not
+            // be done when mobile_connected fires. Check inside the callback instead;
+            // by the time the 1.5s debounce fires, initE2EE() will have completed.
+            if (this._keyExchangeDebounceTimer) {
+                clearTimeout(this._keyExchangeDebounceTimer);
+            }
+            this._keyExchangeDebounceTarget = data.deviceId;
+            this._keyExchangeDebounceTimer = setTimeout(() => {
+                this._keyExchangeDebounceTimer = null;
+                const targetId = this._keyExchangeDebounceTarget;
+                if (!targetId || !this.e2eeManager || !this.e2eeInitialized)
+                    return;
                 try {
-                    // Clear any old session keys for this device — forces fresh key exchange.
-                    // Without this, queued messages would be encrypted with stale keys from
-                    // a previous connection that the mobile no longer has.
-                    this.e2eeManager.clearSession(data.deviceId);
-                    const initPayload = this.e2eeManager.createKeyExchangeInit(data.deviceId);
+                    this._keyExchangePending = true;
+                    console.log(`[E2EE] Initiating key exchange with ${targetId} (after debounce)`);
+                    this.e2eeManager.clearSession(targetId);
+                    const initPayload = this.e2eeManager.createKeyExchangeInit(targetId);
                     this.server?.emitToMobile('encrypted_key_exchange_init', {
                         ...initPayload,
-                        recipientDeviceId: data.deviceId,
+                        recipientDeviceId: targetId,
                     });
-                    // E2EE key exchange initiated
                 }
                 catch (err) {
+                    this._keyExchangePending = false;
                     console.warn('[E2EE] Failed to initiate key exchange');
                 }
-            }
+            }, 1500); // 1.5s debounce — wait for all mobile_connected events to settle
         });
         this.server.on('mobile_disconnected', (data) => {
             console.log(`[WS] Mobile disconnected: ${data.reason}`);
+            if (this._keyExchangeDebounceTimer) {
+                clearTimeout(this._keyExchangeDebounceTimer);
+                this._keyExchangeDebounceTimer = null;
+            }
+            this._keyExchangePending = false;
             this.emit('disconnected', data.reason);
             this.stopHeartbeat();
         });
@@ -172,20 +232,24 @@ class WebSocketClient extends events_1.EventEmitter {
                 this.emit(event, data);
             });
         }
-        // On successful pairing, reset TOFU trust for that specific device (handles re-pair with new keys).
-        // Don't delete pending exchange or re-initiate — the init from mobile_connected is in-flight.
+        // On successful pairing, reset TOFU trust
         this.server.on('pair_device', (data) => {
             const mobileDeviceId = data.mobileDeviceId;
             if (mobileDeviceId && this.e2eeManager) {
                 this.e2eeManager.clearTrustOnly(mobileDeviceId);
-                // Reset TOFU trust for re-pair
             }
         });
-        // E2EE key exchange events — forwarded from server, handled here
+        // E2EE key exchange events
         this.server.on('encrypted_key_exchange_init', (data) => {
             if (!this.e2eeManager)
                 return;
+            // Guard: ignore our own init echoed back by the relay
+            if (data.senderDeviceId === config_1.config.deviceId) {
+                console.log('[E2EE] Ignoring own key exchange init echo');
+                return;
+            }
             try {
+                console.log(`[E2EE] Received key exchange init from ${data.senderDeviceId}`);
                 const ack = this.e2eeManager.handleKeyExchangeInit(data);
                 this.e2eePeerDeviceId = data.senderDeviceId;
                 this.server?.emitToMobile('encrypted_key_exchange_ack', {
@@ -198,21 +262,33 @@ class WebSocketClient extends events_1.EventEmitter {
                 this.sendAllUsageStats();
             }
             catch (err) {
-                console.error('[E2EE] Key exchange init failed');
+                const msg = err instanceof Error ? err.message : String(err);
+                console.error(`[E2EE] Key exchange init failed: ${msg}`);
             }
         });
         this.server.on('encrypted_key_exchange_ack', (data) => {
             if (!this.e2eeManager)
                 return;
             try {
+                console.log(`[E2EE] Received key exchange ack from ${data.senderDeviceId}`);
                 this.e2eeManager.handleKeyExchangeAck(data);
+                this._keyExchangePending = false;
                 this.e2eePeerDeviceId = data.senderDeviceId;
+                console.log(`[E2EE] Key exchange complete — session established with ${data.senderDeviceId}`);
                 this.emit('e2ee_established', { peerDeviceId: data.senderDeviceId });
                 this.flushSensitiveQueue();
                 this.sendAllUsageStats();
             }
             catch (err) {
-                console.error('[E2EE] Key exchange ack failed');
+                const msg = err instanceof Error ? err.message : String(err);
+                // Only suppress if it's truly a duplicate ack (pending exchange already consumed)
+                if (msg.includes('No pending key exchange')) {
+                    console.log(`[E2EE] Duplicate ack from ${data.senderDeviceId} — ignored`);
+                }
+                else {
+                    console.error(`[E2EE] Key exchange ack failed: ${msg}`);
+                    this._keyExchangePending = false;
+                }
             }
         });
         // Encrypted messages — decrypt and re-emit as original event
@@ -227,7 +303,6 @@ class WebSocketClient extends events_1.EventEmitter {
                 console.error('[E2EE] Decryption failed — message dropped');
                 return;
             }
-            // Validate JSON structure separately from decryption
             let parsed;
             try {
                 parsed = JSON.parse(plaintext);
@@ -236,7 +311,6 @@ class WebSocketClient extends events_1.EventEmitter {
                 console.error('[E2EE] Invalid JSON in decrypted message — dropped');
                 return;
             }
-            // Validate payload structure
             if (!parsed || typeof parsed !== 'object') {
                 console.error('[E2EE] Decrypted payload is not an object — dropped');
                 return;
@@ -253,7 +327,7 @@ class WebSocketClient extends events_1.EventEmitter {
             }
             this.emit(eventName, payload._data);
         });
-        // Initialize E2EE (non-blocking — don't delay server start)
+        // Initialize E2EE (non-blocking)
         this.initE2EE().catch((err) => {
             console.warn('[E2EE] \u26a0 End-to-end encryption initialization failed. Messages will be sent without E2EE protection.');
             if (process.env.DEBUG) {
@@ -261,7 +335,7 @@ class WebSocketClient extends events_1.EventEmitter {
             }
         });
     }
-    /** Set pairing code on the embedded server for in-process validation */
+    /** Set pairing code on the transport for validation */
     setPairingCode(code) {
         this.server?.setPairingCode(code);
     }
@@ -301,6 +375,35 @@ class WebSocketClient extends events_1.EventEmitter {
                 return;
             }
             catch (err) {
+                const errMsg = err instanceof Error ? err.message : String(err);
+                if (errMsg.includes('re-key required')) {
+                    // Session expired — automatically initiate a new key exchange
+                    console.warn(`[E2EE] Session expired with ${targetDeviceId} — initiating re-key`);
+                    this.e2eePeerDeviceId = null;
+                    try {
+                        this._keyExchangePending = true;
+                        this.e2eeManager.clearSession(targetDeviceId);
+                        const initPayload = this.e2eeManager.createKeyExchangeInit(targetDeviceId);
+                        this.server?.emitToMobile('encrypted_key_exchange_init', {
+                            ...initPayload,
+                            recipientDeviceId: targetDeviceId,
+                        });
+                    }
+                    catch (reKeyErr) {
+                        this._keyExchangePending = false;
+                        console.error('[E2EE] Re-key initiation failed');
+                    }
+                    // Queue the original message so it can be sent once re-keying completes
+                    if (this.pendingSensitiveMessages.length < WebSocketClient.MAX_PENDING_SENSITIVE) {
+                        this.pendingSensitiveMessages.push({
+                            event,
+                            data,
+                            targetDeviceId,
+                            queuedAt: Date.now(),
+                        });
+                    }
+                    return;
+                }
                 console.error('[E2EE] Encryption failed, message NOT sent (refusing plaintext fallback)');
                 return;
             }
@@ -357,7 +460,9 @@ class WebSocketClient extends events_1.EventEmitter {
             sent++;
         }
         this.pendingSensitiveMessages = [];
-        // Flushed sensitive queue
+        if (sent > 0 || dropped > 0) {
+            console.log(`[E2EE] Flushed sensitive queue: ${sent} sent, ${dropped} expired`);
+        }
     }
     /** Get the E2EE manager (for external key exchange initiation) */
     getE2EEManager() {
@@ -369,6 +474,10 @@ class WebSocketClient extends events_1.EventEmitter {
     }
     /** SECURITY: Check if plaintext inbound events should be dropped (E2EE active with peer) */
     shouldDropPlaintextInbound() {
+        // In cloud relay mode, events arrive via API forwarding — trusted, don't drop
+        if (this.isCloudRelay)
+            return false;
+        // In embedded relay mode, mobile connects directly — drop plaintext when E2EE active
         return !!(this.e2eePeerDeviceId && this.e2eeManager?.hasSessionKey(this.e2eePeerDeviceId));
     }
     disconnect() {
@@ -377,6 +486,7 @@ class WebSocketClient extends events_1.EventEmitter {
         this.e2eeManager = null;
         this.e2eeInitialized = false;
         this.e2eePeerDeviceId = null;
+        this.isCloudRelay = false;
         if (this.server) {
             this.server.stop();
             this.server = null;
@@ -393,11 +503,11 @@ class WebSocketClient extends events_1.EventEmitter {
             this.heartbeatInterval = null;
         }
     }
-    // Send heartbeat to connected mobile
+    // Send heartbeat to connected mobile (plaintext — only carries status, no sensitive data)
     sendHeartbeat(status = 'online') {
         this.server?.emitToMobile('device_status', { status, deviceId: config_1.config.deviceId });
     }
-    // Update device status
+    // Update device status (plaintext — only carries status, no sensitive data)
     updateStatus(status) {
         this.server?.emitToMobile('device_status', { status, deviceId: config_1.config.deviceId });
     }
@@ -408,17 +518,20 @@ class WebSocketClient extends events_1.EventEmitter {
     // Send multiple Claude sessions as a single batch event (sensitive — contains directory paths)
     sendClaudeSessions(sessions) {
         if (sessions.length > 0) {
+            const peer = this.e2eePeerDeviceId;
+            const hasE2EE = peer ? this.e2eeManager?.hasSessionKey(peer) : false;
+            console.log(`[WS] sendClaudeSessions: ${sessions.length} sessions, peer=${peer || 'none'}, e2ee=${hasE2EE}, queue=${this.pendingSensitiveMessages.length}`);
             const withDeviceId = sessions.map(s => ({ ...s, deviceId: config_1.config.deviceId }));
-            this.emitSensitive('claude_session_batch_update', { sessions: withDeviceId }, this.e2eePeerDeviceId ?? undefined);
+            this.emitSensitive('claude_session_batch_update', { sessions: withDeviceId }, peer ?? undefined);
         }
     }
-    // Send tool status update (e.g., Claude active/inactive)
+    // Send tool status update (e.g., Claude active/inactive) — encrypted via E2EE
     sendToolStatusUpdate(toolType, status) {
-        this.server?.emitToMobile('tool_status_update', {
+        this.emitSensitive('tool_status_update', {
             toolType,
             status,
             timestamp: new Date().toISOString(),
-        });
+        }, this.e2eePeerDeviceId ?? undefined);
     }
     // Send approval request (sensitive — contains code change descriptions)
     sendApprovalRequest(data) {
@@ -511,6 +624,10 @@ class WebSocketClient extends events_1.EventEmitter {
         this.emitSensitive('streak_info_sync', { ...streak, deviceId }, this.e2eePeerDeviceId ?? undefined);
         console.log(`[WS] Sent usage stats sync to mobile`);
     }
+    // Send session loading state to mobile (so mobile shows/hides loading indicator)
+    sendSessionLoading(data) {
+        this.emitSensitive('session_loading', data, this.e2eePeerDeviceId ?? undefined);
+    }
     // Send Claude session event (sensitive — may contain error messages with paths)
     sendClaudeSessionEvent(data) {
         this.emitSensitive('claude_session_event', data, this.e2eePeerDeviceId ?? undefined);
@@ -520,7 +637,7 @@ class WebSocketClient extends events_1.EventEmitter {
     }
 }
 exports.WebSocketClient = WebSocketClient;
-WebSocketClient.SENSITIVE_QUEUE_TTL_MS = 30000; // 30 seconds max wait
+WebSocketClient.SENSITIVE_QUEUE_TTL_MS = 120000; // 2 minutes max wait
 WebSocketClient.MAX_PENDING_SENSITIVE = 200;
 exports.wsClient = new WebSocketClient();
 exports.default = exports.wsClient;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "forkoff",
-  "version": "1.0.19",
+  "version": "1.1.0",
   "description": "CLI tool to connect your AI coding tools to mobile | Open Beta - Download the app: https://testflight.apple.com/join/dhh5FrN7",
   "main": "dist/integration.js",
   "types": "dist/integration.d.ts",
@@ -50,6 +50,7 @@
   },
   "license": "MIT",
   "dependencies": {
+    "@noble/hashes": "^1.8.0",
     "chalk": "^4.1.2",
     "chokidar": "^3.6.0",
     "commander": "^14.0.2",
@@ -60,6 +61,7 @@
     "ora": "^5.4.1",
     "qrcode-terminal": "^0.12.0",
     "socket.io": "^4.8.3",
+    "socket.io-client": "^4.8.3",
     "tweetnacl": "^1.0.3",
     "tweetnacl-util": "^0.15.1",
     "uuid": "^8.3.2"