happy-coder 0.10.0-3 → 0.10.0

package/dist/{index-tqOLc1Il.cjs → index-ettJex_e.cjs}

@@ -3,7 +3,7 @@
 var chalk = require('chalk');
 var os = require('node:os');
 var node_crypto = require('node:crypto');
-var types = require('./types-CsJGQvQ3.cjs');
+var types = require('./types-CQOz_mPp.cjs');
 var node_child_process = require('node:child_process');
 var node_path = require('node:path');
 var node_readline = require('node:readline');
@@ -25,6 +25,7 @@ var path = require('path');
 var psList = require('ps-list');
 var spawn = require('cross-spawn');
 var os$1 = require('os');
+var tmp = require('tmp');
 var qrcode = require('qrcode-terminal');
 var open = require('open');
 var fastify = require('fastify');
@@ -37,6 +38,25 @@ var http = require('http');
 var util = require('util');
 
 var _documentCurrentScript = typeof document !== 'undefined' ? document.currentScript : null;
+function _interopNamespaceDefault(e) {
+    var n = Object.create(null);
+    if (e) {
+        Object.keys(e).forEach(function (k) {
+            if (k !== 'default') {
+                var d = Object.getOwnPropertyDescriptor(e, k);
+                Object.defineProperty(n, k, d.get ? d : {
+                    enumerable: true,
+                    get: function () { return e[k]; }
+                });
+            }
+        });
+    }
+    n.default = e;
+    return Object.freeze(n);
+}
+
+var tmp__namespace = /*#__PURE__*/_interopNamespaceDefault(tmp);
+
 class Session {
   path;
   logPath;
@@ -923,7 +943,7 @@ class AbortError extends Error {
   }
 }
 
-const __filename$1 = node_url.fileURLToPath((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('index-tqOLc1Il.cjs', document.baseURI).href)));
+const __filename$1 = node_url.fileURLToPath((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('index-ettJex_e.cjs', document.baseURI).href)));
 const __dirname$1 = node_path.join(__filename$1, "..");
 function getDefaultClaudeCodePath() {
   return node_path.join(__dirname$1, "..", "..", "..", "node_modules", "@anthropic-ai", "claude-code", "cli.js");
@@ -3684,7 +3704,7 @@ function displayQRCode(url) {
 
 function generateWebAuthUrl(publicKey) {
   const publicKeyBase64 = types.encodeBase64(publicKey, "base64url");
-  return `https://app.happy.engineering/terminal/connect#key=${publicKeyBase64}`;
+  return `${types.configuration.webappUrl}/terminal/connect#key=${publicKeyBase64}`;
 }
 
 async function openBrowser(url) {
@@ -3751,7 +3771,8 @@ async function doAuth() {
     console.log(`[AUTH DEBUG] Sending auth request to: ${types.configuration.serverUrl}/v1/auth/request`);
     console.log(`[AUTH DEBUG] Public key: ${types.encodeBase64(keypair.publicKey).substring(0, 20)}...`);
     await axios.post(`${types.configuration.serverUrl}/v1/auth/request`, {
-      publicKey: types.encodeBase64(keypair.publicKey)
+      publicKey: types.encodeBase64(keypair.publicKey),
+      supportsV2: true
     });
     console.log(`[AUTH DEBUG] Auth request sent successfully`);
   } catch (error) {
@@ -3830,20 +3851,50 @@ async function waitForAuthentication(keypair) {
     while (!cancelled) {
       try {
         const response = await axios.post(`${types.configuration.serverUrl}/v1/auth/request`, {
-          publicKey: types.encodeBase64(keypair.publicKey)
+          publicKey: types.encodeBase64(keypair.publicKey),
+          supportsV2: true
         });
         if (response.data.state === "authorized") {
           let token = response.data.token;
           let r = types.decodeBase64(response.data.response);
           let decrypted = decryptWithEphemeralKey(r, keypair.secretKey);
           if (decrypted) {
-            const credentials = {
-              secret: decrypted,
-              token
-            };
-            await types.writeCredentials(credentials);
-            console.log("\n\n\u2713 Authentication successful\n");
-            return credentials;
+            if (decrypted.length === 32) {
+              const credentials = {
+                secret: decrypted,
+                token
+              };
+              await types.writeCredentialsLegacy(credentials);
+              console.log("\n\n\u2713 Authentication successful\n");
+              return {
+                encryption: {
+                  type: "legacy",
+                  secret: decrypted
+                },
+                token
+              };
+            } else {
+              if (decrypted[0] === 0) {
+                const credentials = {
+                  publicKey: decrypted.slice(1, 33),
+                  machineKey: node_crypto.randomBytes(32),
+                  token
+                };
+                await types.writeCredentialsDataKey(credentials);
+                console.log("\n\n\u2713 Authentication successful\n");
+                return {
+                  encryption: {
+                    type: "dataKey",
+                    publicKey: credentials.publicKey,
+                    machineKey: credentials.machineKey
+                  },
+                  token
+                };
+              } else {
+                console.log("\n\nFailed to decrypt response. Please try again.");
+                return null;
+              }
+            }
           } else {
             console.log("\n\nFailed to decrypt response. Please try again.");
             return null;
@@ -3875,6 +3926,7 @@ function decryptWithEphemeralKey(encryptedBundle, recipientSecretKey) {
 async function authAndSetupMachineIfNeeded() {
   types.logger.debug("[AUTH] Starting auth and machine setup...");
   let credentials = await types.readCredentials();
+  let newAuth = false;
   if (!credentials) {
     types.logger.debug("[AUTH] No credentials found, starting authentication flow...");
     const authResult = await doAuth();
@@ -3882,13 +3934,12 @@ async function authAndSetupMachineIfNeeded() {
       throw new Error("Authentication failed or was cancelled");
     }
     credentials = authResult;
+    newAuth = true;
   } else {
     types.logger.debug("[AUTH] Using existing credentials");
   }
   const settings = await types.updateSettings(async (s) => {
-    if (!s.machineId) {
-      const newMachineId = node_crypto.randomUUID();
-      types.logger.debug(`[AUTH] No machine ID found, generating new one: ${newMachineId}; We will not create machine on startup since we don't have api client intialized`);
+    if (newAuth || !s.machineId) {
       return {
         ...s,
         machineId: node_crypto.randomUUID()
@@ -4237,7 +4288,22 @@ async function startDaemon() {
         }
       }
       try {
+        let extraEnv = {};
+        if (options.token) {
+          if (options.agent === "codex") {
+            const codexHomeDir = tmp__namespace.dirSync();
+            fs$1.writeFile(path.join(codexHomeDir.name, "auth.json"), options.token);
+            extraEnv = {
+              CODEX_HOME: codexHomeDir.name
+            };
+          } else {
+            extraEnv = {
+              CLAUDE_CODE_OAUTH_TOKEN: options.token
+            };
+          }
+        }
         const args = [
+          options.agent === "claude" ? "claude" : "codex",
           "--happy-starting-mode",
           "remote",
           "--started-by",
@@ -4247,9 +4313,12 @@ async function startDaemon() {
           cwd: directory,
           detached: true,
           // Sessions stay alive when daemon stops
-          stdio: ["ignore", "pipe", "pipe"]
+          stdio: ["ignore", "pipe", "pipe"],
           // Capture stdout/stderr for debugging
-          // env is inherited automatically from parent process
+          env: {
+            ...process.env,
+            ...extraEnv
+          }
         });
         if (process.env.DEBUG) {
           happyProcess.stdout?.on("data", (data) => {
@@ -4368,7 +4437,7 @@ async function startDaemon() {
       httpPort: controlPort,
       startedAt: Date.now()
     };
-    const api = new types.ApiClient(credentials.token, credentials.secret);
+    const api = await types.ApiClient.create(credentials);
     const machine = await api.getOrCreateMachine({
       machineId,
       metadata: initialMachineMetadata,
@@ -4572,7 +4641,7 @@ async function runClaude(credentials, options = {}) {
     types.logger.debug("Daemon spawn requested with local mode - forcing remote mode");
     options.startingMode = "remote";
   }
-  const api = new types.ApiClient(credentials.token, credentials.secret);
+  const api = await types.ApiClient.create(credentials);
   let state = {};
   const settings = await types.readSettings();
   let machineId = settings?.machineId;
@@ -4600,7 +4669,8 @@ async function runClaude(credentials, options = {}) {
     startedBy: options.startedBy || "terminal",
     // Initialize lifecycle state
     lifecycleState: "running",
-    lifecycleStateSince: Date.now()
+    lifecycleStateSince: Date.now(),
+    flavor: "claude"
   };
   const response = await api.getOrCreateSession({ tag: sessionTag, metadata, state });
   types.logger.debug(`Session created: ${response.id}`);
@@ -4942,33 +5012,6 @@ async function uninstall() {
   await uninstall$1();
 }
 
-const BASE32_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
-function bytesToBase32(bytes) {
-  let result = "";
-  let buffer = 0;
-  let bufferLength = 0;
-  for (const byte of bytes) {
-    buffer = buffer << 8 | byte;
-    bufferLength += 8;
-    while (bufferLength >= 5) {
-      bufferLength -= 5;
-      result += BASE32_ALPHABET[buffer >> bufferLength & 31];
-    }
-  }
-  if (bufferLength > 0) {
-    result += BASE32_ALPHABET[buffer << 5 - bufferLength & 31];
-  }
-  return result;
-}
-function formatSecretKeyForBackup(secretBytes) {
-  const base32 = bytesToBase32(secretBytes);
-  const groups = [];
-  for (let i = 0; i < base32.length; i += 5) {
-    groups.push(base32.slice(i, i + 5));
-  }
-  return groups.join("-");
-}
-
 async function handleAuthCommand(args) {
   const subcommand = args[0];
   if (!subcommand || subcommand === "help" || subcommand === "--help" || subcommand === "-h") {
@@ -4982,9 +5025,9 @@ async function handleAuthCommand(args) {
     case "logout":
       await handleAuthLogout();
       break;
-    case "show-backup":
-      await handleAuthShowBackup();
-      break;
+    // case 'backup':
+    //   await handleAuthShowBackup();
+    //   break;
     case "status":
       await handleAuthStatus();
       break;
@@ -5007,11 +5050,6 @@ ${chalk.bold("Usage:")}
 
 ${chalk.bold("Options:")}
   --force    Clear credentials, machine ID, and stop daemon before re-auth
-
-${chalk.bold("Notes:")} 
-  \u2022 Use 'auth login --force' when you need to re-register your machine
-  \u2022 'auth show-backup' displays the key format expected by mobile/web clients
-  \u2022 The backup key allows linking multiple devices to the same account
 `);
 }
 async function handleAuthLogin(args) {
@@ -5096,31 +5134,6 @@ async function handleAuthLogout() {
     console.log(chalk.blue("Logout cancelled"));
   }
 }
-async function handleAuthShowBackup() {
-  const credentials = await types.readCredentials();
-  const settings = await types.readSettings();
-  if (!credentials) {
-    console.log(chalk.yellow("Not authenticated"));
-    console.log(chalk.gray('Run "happy auth login" to authenticate first'));
-    return;
-  }
-  const formattedBackupKey = formatSecretKeyForBackup(credentials.secret);
-  console.log(chalk.bold("\n\u{1F4F1} Backup Key\n"));
-  console.log(chalk.cyan("Your backup key:"));
-  console.log(chalk.bold(formattedBackupKey));
-  console.log("");
-  console.log(chalk.cyan("Machine Information:"));
-  console.log(`  Machine ID: ${settings?.machineId || "not set"}`);
-  console.log(`  Host: ${os.hostname()}`);
-  console.log("");
-  console.log(chalk.bold("How to use this backup key:"));
-  console.log(chalk.gray("\u2022 In Happy mobile app: Go to restore/link device and enter this key"));
-  console.log(chalk.gray("\u2022 This key format matches what the mobile app expects"));
-  console.log(chalk.gray("\u2022 You can type it with or without dashes - the app will normalize it"));
-  console.log(chalk.gray("\u2022 Common typos (0\u2192O, 1\u2192I) are automatically corrected"));
-  console.log("");
-  console.log(chalk.yellow("\u26A0\uFE0F  Keep this key secure - it provides full access to your account"));
-}
 async function handleAuthStatus() {
   const credentials = await types.readCredentials();
   const settings = await types.readSettings();
@@ -5657,7 +5670,7 @@ ${chalk.bold("happy connect")} - Connect AI vendor API keys to Happy cloud
 
 ${chalk.bold("Usage:")}
   happy connect codex        Store your Codex API key in Happy cloud
-  happy connect anthropic    Store your Anthropic API key in Happy cloud
+  happy connect claude       Store your Anthropic API key in Happy cloud
   happy connect gemini       Store your Gemini API key in Happy cloud
   happy connect help         Show this help message
 
@@ -5668,7 +5681,7 @@ ${chalk.bold("Description:")}
 
 ${chalk.bold("Examples:")}
   happy connect codex
-  happy connect anthropic
+  happy connect claude
   happy connect gemini
 
 ${chalk.bold("Notes:")} 
@@ -5687,7 +5700,7 @@ async function handleConnectVendor(vendor, displayName) {
     console.log(chalk.gray('  Please run "happy auth login" first'));
     process.exit(1);
   }
-  const api = new types.ApiClient(credentials.token, credentials.secret);
+  const api = await types.ApiClient.create(credentials);
   if (vendor === "codex") {
     console.log("\u{1F680} Registering Codex token with server");
     const codexAuthTokens = await authenticateCodex();
@@ -5752,11 +5765,17 @@ async function handleConnectVendor(vendor, displayName) {
     return;
   } else if (subcommand === "codex") {
     try {
-      const { runCodex } = await Promise.resolve().then(function () { return require('./runCodex-BxLD6H6G.cjs'); });
+      const { runCodex } = await Promise.resolve().then(function () { return require('./runCodex-QdQBx9HK.cjs'); });
+      let startedBy = void 0;
+      for (let i = 1; i < args.length; i++) {
+        if (args[i] === "--started-by") {
+          startedBy = args[++i];
+        }
+      }
       const {
         credentials
       } = await authAndSetupMachineIfNeeded();
-      await runCodex(credentials);
+      await runCodex({ credentials, startedBy });
     } catch (error) {
       console.error(chalk.red("Error:"), error instanceof Error ? error.message : "Unknown error");
       if (process.env.DEBUG) {
@@ -5889,6 +5908,9 @@ ${chalk.bold("To clean up runaway processes:")} Use ${chalk.cyan("happy doctor c
     }
     return;
   } else {
+    if (args.length > 0 && args[0] === "claude") {
+      args.shift();
+    }
     const options = {};
     let showHelp = false;
     let showVersion = false;
@@ -5924,6 +5946,9 @@ ${chalk.bold("happy")} - Claude Code On the Go
 ${chalk.bold("Usage:")}
   happy [options]         Start Claude with mobile control
   happy auth              Manage authentication
+  happy codex             Start Codex mode
+  happy connect           Connect AI vendor API keys
+  happy notify            Send push notification
   happy daemon            Manage background service that allows
                             to spawn new sessions away from your computer
   happy doctor            System diagnostics & troubleshooting
@@ -6022,12 +6047,12 @@ ${chalk.bold("Examples:")}
   }
   let credentials = await types.readCredentials();
   if (!credentials) {
-    console.error(chalk.red('Error: Not authenticated. Please run "happy --auth" first.'));
+    console.error(chalk.red('Error: Not authenticated. Please run "happy auth login" first.'));
     process.exit(1);
   }
   console.log(chalk.blue("\u{1F4F1} Sending push notification..."));
   try {
-    const api = new types.ApiClient(credentials.token, credentials.secret);
+    const api = await types.ApiClient.create(credentials);
     const notificationTitle = title || "Happy";
     api.push().sendToAllDevices(
       notificationTitle,
@@ -6052,5 +6077,8 @@ exports.MessageBuffer = MessageBuffer;
 exports.MessageQueue2 = MessageQueue2;
 exports.hashObject = hashObject;
 exports.initialMachineMetadata = initialMachineMetadata;
+exports.notifyDaemonSessionStarted = notifyDaemonSessionStarted;
+exports.registerKillSessionHandler = registerKillSessionHandler;
 exports.startHappyServer = startHappyServer;
+exports.stopCaffeinate = stopCaffeinate;
 exports.trimIdent = trimIdent;

package/dist/index.cjs

@@ -1,8 +1,8 @@
 'use strict';
 
 require('chalk');
-require('./index-tqOLc1Il.cjs');
-require('./types-CsJGQvQ3.cjs');
+require('./index-ettJex_e.cjs');
+require('./types-CQOz_mPp.cjs');
 require('zod');
 require('node:child_process');
 require('node:os');
@@ -27,6 +27,7 @@ require('path');
 require('ps-list');
 require('cross-spawn');
 require('os');
+require('tmp');
 require('qrcode-terminal');
 require('open');
 require('fastify');

package/dist/index.mjs

@@ -1,6 +1,6 @@
 import 'chalk';
-import './index-DPVbp4Yx.mjs';
-import './types-xds_c-JJ.mjs';
+import './index-BI37NnoW.mjs';
+import './types-8Ad05p3x.mjs';
 import 'zod';
 import 'node:child_process';
 import 'node:os';
@@ -25,6 +25,7 @@ import 'path';
 import 'ps-list';
 import 'cross-spawn';
 import 'os';
+import 'tmp';
 import 'qrcode-terminal';
 import 'open';
 import 'fastify';

package/dist/lib.cjs

@@ -1,6 +1,6 @@
 'use strict';
 
-var types = require('./types-CsJGQvQ3.cjs');
+var types = require('./types-CQOz_mPp.cjs');
 require('axios');
 require('chalk');
 require('fs');

package/dist/lib.d.cts

@@ -308,11 +308,9 @@ interface RpcRequest {
  * Configuration for RPC handler manager
  */
 interface RpcHandlerConfig {
-    /** Prefix to add to all method names (e.g., sessionId or machineId) */
     scopePrefix: string;
-    /** Secret key for encryption/decryption */
-    secret: Uint8Array;
-    /** Logger function for debugging */
+    encryptionKey: Uint8Array;
+    encryptionVariant: 'legacy' | 'dataKey';
     logger?: (message: string, data?: any) => void;
 }
 
@@ -324,7 +322,8 @@ interface RpcHandlerConfig {
 declare class RpcHandlerManager {
     private handlers;
     private readonly scopePrefix;
-    private readonly secret;
+    private readonly encryptionKey;
+    private readonly encryptionVariant;
     private readonly logger;
     private socket;
     constructor(config: RpcHandlerConfig);
@@ -364,7 +363,6 @@ declare class RpcHandlerManager {
 
 declare class ApiSessionClient extends EventEmitter {
     private readonly token;
-    private readonly secret;
     readonly sessionId: string;
     private metadata;
     private metadataVersion;
@@ -376,7 +374,9 @@ declare class ApiSessionClient extends EventEmitter {
     readonly rpcHandlerManager: RpcHandlerManager;
     private agentStateLock;
     private metadataLock;
-    constructor(token: string, secret: Uint8Array, session: Session);
+    private encryptionKey;
+    private encryptionVariant;
+    constructor(token: string, session: Session);
     onUserMessage(callback: (data: UserMessage) => void): void;
     /**
      * Send message to session
@@ -434,53 +434,16 @@ type Usage = z.infer<typeof UsageSchema>;
 /**
  * Session information
  */
-declare const SessionSchema: z.ZodObject<{
-    createdAt: z.ZodNumber;
-    id: z.ZodString;
-    seq: z.ZodNumber;
-    updatedAt: z.ZodNumber;
-    metadata: z.ZodAny;
-    metadataVersion: z.ZodNumber;
-    agentState: z.ZodNullable<z.ZodAny>;
-    agentStateVersion: z.ZodNumber;
-    connectivityStatus: z.ZodOptional<z.ZodUnion<[z.ZodEnum<["neverConnected", "online", "offline"]>, z.ZodString]>>;
-    connectivityStatusSince: z.ZodOptional<z.ZodNumber>;
-    connectivityStatusReason: z.ZodOptional<z.ZodString>;
-    state: z.ZodOptional<z.ZodUnion<[z.ZodEnum<["running", "archiveRequested", "archived"]>, z.ZodString]>>;
-    stateSince: z.ZodOptional<z.ZodNumber>;
-    stateReason: z.ZodOptional<z.ZodString>;
-}, "strip", z.ZodTypeAny, {
-    id: string;
-    seq: number;
-    createdAt: number;
-    updatedAt: number;
-    metadataVersion: number;
-    agentStateVersion: number;
-    metadata?: any;
-    agentState?: any;
-    connectivityStatus?: string | undefined;
-    connectivityStatusSince?: number | undefined;
-    connectivityStatusReason?: string | undefined;
-    state?: string | undefined;
-    stateSince?: number | undefined;
-    stateReason?: string | undefined;
-}, {
+type Session = {
     id: string;
     seq: number;
-    createdAt: number;
-    updatedAt: number;
+    encryptionKey: Uint8Array;
+    encryptionVariant: 'legacy' | 'dataKey';
+    metadata: Metadata;
     metadataVersion: number;
+    agentState: AgentState | null;
     agentStateVersion: number;
-    metadata?: any;
-    agentState?: any;
-    connectivityStatus?: string | undefined;
-    connectivityStatusSince?: number | undefined;
-    connectivityStatusReason?: string | undefined;
-    state?: string | undefined;
-    stateSince?: number | undefined;
-    stateReason?: string | undefined;
-}>;
-type Session = z.infer<typeof SessionSchema>;
+};
 /**
  * Machine metadata - static information (rarely changes)
  */
@@ -533,59 +496,15 @@ declare const DaemonStateSchema: z.ZodObject<{
     shutdownSource?: string | undefined;
 }>;
 type DaemonState = z.infer<typeof DaemonStateSchema>;
-/**
- * Machine information - similar to Session
- */
-declare const MachineSchema: z.ZodObject<{
-    id: z.ZodString;
-    metadata: z.ZodAny;
-    metadataVersion: z.ZodNumber;
-    daemonState: z.ZodNullable<z.ZodAny>;
-    daemonStateVersion: z.ZodNumber;
-    active: z.ZodBoolean;
-    activeAt: z.ZodNumber;
-    createdAt: z.ZodNumber;
-    updatedAt: z.ZodNumber;
-    connectivityStatus: z.ZodOptional<z.ZodUnion<[z.ZodEnum<["neverConnected", "online", "offline"]>, z.ZodString]>>;
-    connectivityStatusSince: z.ZodOptional<z.ZodNumber>;
-    connectivityStatusReason: z.ZodOptional<z.ZodString>;
-    state: z.ZodOptional<z.ZodUnion<[z.ZodEnum<["running", "archiveRequested", "archived"]>, z.ZodString]>>;
-    stateSince: z.ZodOptional<z.ZodNumber>;
-    stateReason: z.ZodOptional<z.ZodString>;
-}, "strip", z.ZodTypeAny, {
-    id: string;
-    createdAt: number;
-    updatedAt: number;
-    metadataVersion: number;
-    daemonStateVersion: number;
-    active: boolean;
-    activeAt: number;
-    metadata?: any;
-    daemonState?: any;
-    connectivityStatus?: string | undefined;
-    connectivityStatusSince?: number | undefined;
-    connectivityStatusReason?: string | undefined;
-    state?: string | undefined;
-    stateSince?: number | undefined;
-    stateReason?: string | undefined;
-}, {
+type Machine = {
     id: string;
-    createdAt: number;
-    updatedAt: number;
+    encryptionKey: Uint8Array;
+    encryptionVariant: 'legacy' | 'dataKey';
+    metadata: MachineMetadata;
     metadataVersion: number;
+    daemonState: DaemonState | null;
     daemonStateVersion: number;
-    active: boolean;
-    activeAt: number;
-    metadata?: any;
-    daemonState?: any;
-    connectivityStatus?: string | undefined;
-    connectivityStatusSince?: number | undefined;
-    connectivityStatusReason?: string | undefined;
-    state?: string | undefined;
-    stateSince?: number | undefined;
-    stateReason?: string | undefined;
-}>;
-type Machine = z.infer<typeof MachineSchema>;
+};
 declare const UserMessageSchema: z.ZodObject<{
     role: z.ZodLiteral<"user">;
     content: z.ZodObject<{
@@ -719,6 +638,8 @@ interface SpawnSessionOptions {
     directory: string;
     sessionId?: string;
     approvedNewDirectoryCreation?: boolean;
+    agent?: 'claude' | 'codex';
+    token?: string;
 }
 type SpawnSessionResult = {
     type: 'success';
@@ -743,12 +664,11 @@ type MachineRpcHandlers = {
 };
 declare class ApiMachineClient {
     private token;
-    private secret;
     private machine;
     private socket;
     private keepAliveInterval;
     private rpcHandlerManager;
-    constructor(token: string, secret: Uint8Array, machine: Machine);
+    constructor(token: string, machine: Machine);
     setRPCHandlers({ spawnSession, stopSession, requestShutdown }: MachineRpcHandlers): void;
     /**
      * Update machine metadata
@@ -796,11 +716,29 @@ declare class PushNotificationClient {
     sendToAllDevices(title: string, body: string, data?: Record<string, any>): void;
 }
 
+/**
+ * Minimal persistence functions for happy CLI
+ *
+ * Handles settings and private key storage in ~/.happy/ or local .happy/
+ */
+
+type Credentials = {
+    token: string;
+    encryption: {
+        type: 'legacy';
+        secret: Uint8Array;
+    } | {
+        type: 'dataKey';
+        publicKey: Uint8Array;
+        machineKey: Uint8Array;
+    };
+};
+
 declare class ApiClient {
-    private readonly token;
-    private readonly secret;
+    static create(credential: Credentials): Promise<ApiClient>;
+    private readonly credential;
     private readonly pushClient;
-    constructor(token: string, secret: Uint8Array);
+    private constructor();
     /**
      * Create a new session or load existing one with the given tag
      */
@@ -809,11 +747,6 @@ declare class ApiClient {
         metadata: Metadata;
         state: AgentState | null;
     }): Promise<Session>;
-    /**
-     * Get machine by ID from the server
-     * Returns the current machine state from the server with decrypted metadata and daemonState
-     */
-    getMachine(machineId: string): Promise<Machine | null>;
     /**
      * Register or update machine with the server
      * Returns the current machine state from the server with decrypted metadata and daemonState
@@ -864,6 +797,7 @@ declare let logger: Logger;
  */
 declare class Configuration {
     readonly serverUrl: string;
+    readonly webappUrl: string;
     readonly isDaemonProcess: boolean;
     readonly happyHomeDir: string;
     readonly logsDir: string;