kojee-mcp 0.5.3 → 0.5.6

package/dist/{chunk-YEC7IHIG.js → chunk-2BDAM3TH.js}

@@ -1,518 +1,29 @@
+import {
+  buildCatchUpNote,
+  buildMonitorSpawn,
+  buildReplyRecipe
+} from "./chunk-X672ZN7V.js";
 import {
   deriveDiscoveryKey,
   findClaudeAncestorPid
 } from "./chunk-BJMASMKX.js";
 import {
-  buildCatchUpNote,
-  buildMonitorSpawn,
-  buildReplyRecipe
-} from "./chunk-C6GZ2L2W.js";
+  AuthModule
+} from "./chunk-6SK6ITFE.js";
+import {
+  GatewayClient
+} from "./chunk-3XDJOHMZ.js";
 import {
-  MCP_SESSION_ID,
-  createDPoPProof,
   startEventStream
-} from "./chunk-WBMX4CHB.js";
+} from "./chunk-UEGQGXPY.js";
 import {
-  secureDir,
-  secureFile
-} from "./chunk-BLEGIR35.js";
+  translateToolCallResult
+} from "./chunk-LDZXU3DW.js";
 
 // src/index.ts
-import fs3 from "fs";
-import os2 from "os";
-import path3 from "path";
-
-// src/auth/auth-module.ts
-import { calculateJwkThumbprint } from "jose";
-import crypto from "crypto";
-
-// src/auth/keystore.ts
-import { importJWK, exportJWK, generateKeyPair } from "jose";
-import fs from "fs";
+import fs2 from "fs";
 import os from "os";
-import path from "path";
-var DEFAULT_PATH = path.join(os.homedir(), ".kojee", "keypair.json");
-async function loadKeystore(keystorePath = DEFAULT_PATH, expectedBrokerUrl) {
-  if (!fs.existsSync(keystorePath)) {
-    return null;
-  }
-  const raw = fs.readFileSync(keystorePath, "utf-8");
-  const data = JSON.parse(raw);
-  if (expectedBrokerUrl && data.broker_url !== expectedBrokerUrl) {
-    return null;
-  }
-  const privateKey = await importJWK(data.private_key_jwk, "ES256");
-  return {
-    privateKey,
-    publicJwk: data.public_jwk,
-    kid: data.kid,
-    data
-  };
-}
-async function saveKeystore(privateKey, publicJwk, kid, brokerUrl, keystorePath = DEFAULT_PATH) {
-  const dir = path.dirname(keystorePath);
-  fs.mkdirSync(dir, { recursive: true, mode: 448 });
-  secureDir(dir);
-  const privateJwk = await exportJWK(privateKey);
-  const data = {
-    private_key_jwk: privateJwk,
-    kid,
-    broker_url: brokerUrl,
-    public_jwk: publicJwk,
-    enrolled_at: (/* @__PURE__ */ new Date()).toISOString()
-  };
-  fs.writeFileSync(keystorePath, JSON.stringify(data, null, 2), {
-    mode: 384
-  });
-  secureFile(keystorePath);
-}
-async function generateES256KeyPair() {
-  const { privateKey, publicKey } = await generateKeyPair("ES256");
-  const publicJwk = await exportJWK(publicKey);
-  publicJwk.kty = "EC";
-  publicJwk.crv = "P-256";
-  return { privateKey, publicJwk };
-}
-
-// src/auth/registration.ts
-async function registerKey(brokerUrl, token, publicJwk) {
-  const url = `${brokerUrl}/api/v1/bots/keys/register/`;
-  const response = await fetch(url, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json",
-      Authorization: `Bearer ${token}`
-    },
-    body: JSON.stringify({ public_jwk: publicJwk })
-  });
-  if (!response.ok) {
-    const body = await response.text();
-    throw new Error(
-      `Key registration failed (${response.status}): ${body}`
-    );
-  }
-  return await response.json();
-}
-async function confirmKey(brokerUrl, token, botKeyId, challenge, signature) {
-  const url = `${brokerUrl}/api/v1/bots/keys/confirm/`;
-  const response = await fetch(url, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json",
-      Authorization: `Bearer ${token}`
-    },
-    body: JSON.stringify({
-      bot_key_id: botKeyId,
-      challenge,
-      signature
-    })
-  });
-  if (!response.ok) {
-    const body = await response.text();
-    throw new Error(
-      `Key confirmation failed (${response.status}): ${body}`
-    );
-  }
-  return await response.json();
-}
-
-// src/auth/auth-module.ts
-async function signChallengeRaw(privateKey, data) {
-  const signer = crypto.createSign("SHA256");
-  signer.update(data);
-  signer.end();
-  const derSignature = signer.sign(
-    privateKey
-  );
-  return derSignature.toString("base64url");
-}
-var AuthModule = class {
-  constructor(token, brokerUrl, keystorePath) {
-    this.token = token;
-    this.brokerUrl = brokerUrl;
-    this.keystorePath = keystorePath;
-  }
-  token;
-  brokerUrl;
-  keystorePath;
-  privateKey = null;
-  publicJwk = null;
-  kid = null;
-  /**
-   * Ensure we have an enrolled keypair. Either loads from disk or
-   * performs the full enrollment flow.
-   */
-  async ensureEnrolled() {
-    const existing = await loadKeystore(this.keystorePath, this.brokerUrl);
-    if (existing) {
-      this.privateKey = existing.privateKey;
-      this.publicJwk = existing.publicJwk;
-      this.kid = existing.kid;
-      console.error("[auth] Loaded existing keypair from keystore");
-      return {
-        privateKey: existing.privateKey,
-        publicJwk: existing.publicJwk,
-        kid: existing.kid
-      };
-    }
-    console.error("[auth] No valid keystore found, enrolling new keypair...");
-    const { privateKey, publicJwk } = await generateES256KeyPair();
-    const regResult = await registerKey(this.brokerUrl, this.token, publicJwk);
-    console.error(`[auth] Key registered: ${regResult.bot_key_id}`);
-    const thumbprint = await calculateJwkThumbprint(publicJwk, "sha256");
-    const challengeData = `${regResult.challenge}.${thumbprint}`;
-    const signature = await signChallengeRaw(privateKey, challengeData);
-    const confirmResult = await confirmKey(
-      this.brokerUrl,
-      this.token,
-      regResult.bot_key_id,
-      regResult.challenge,
-      signature
-    );
-    if (!confirmResult.key_confirmed) {
-      throw new Error("Key enrollment failed: confirmation was rejected");
-    }
-    console.error("[auth] Key enrollment confirmed");
-    await saveKeystore(
-      privateKey,
-      publicJwk,
-      regResult.bot_key_id,
-      this.brokerUrl,
-      this.keystorePath
-    );
-    this.privateKey = privateKey;
-    this.publicJwk = publicJwk;
-    this.kid = regResult.bot_key_id;
-    return {
-      privateKey,
-      publicJwk,
-      kid: regResult.bot_key_id
-    };
-  }
-  getPrivateKey() {
-    if (!this.privateKey) throw new Error("Not enrolled yet");
-    return this.privateKey;
-  }
-  getPublicJwk() {
-    if (!this.publicJwk) throw new Error("Not enrolled yet");
-    return this.publicJwk;
-  }
-  getKid() {
-    if (!this.kid) throw new Error("Not enrolled yet");
-    return this.kid;
-  }
-};
-
-// src/gateway-client.ts
-import crypto2 from "crypto";
-
-// src/error-translator.ts
-function translateGovernanceResult(result) {
-  const governance = result._meta?.governance;
-  if (!governance) return result;
-  if (governance.decision === "deny") {
-    return formatDenied(governance);
-  }
-  if (governance.decision === "require_approval") {
-    return formatApprovalRequired(governance);
-  }
-  return result;
-}
-function formatApprovalRequired(governance) {
-  const rules = formatRules(governance.triggered_guardrails);
-  const text = `APPROVAL REQUIRED: This action needs user approval before executing. Approval ID: ${governance.approval_id}. Expires: ${governance.expires_at ?? "unknown"}. Triggered rules: ${rules}. The user has been notified. Call kojee_check_approval with this approval_id to check the status.`;
-  return {
-    content: [{ type: "text", text }],
-    isError: true
-  };
-}
-function formatDenied(governance) {
-  const rules = formatRules(governance.triggered_guardrails);
-  const text = `DENIED: This action was blocked by governance policy. Triggered rules: ${rules}. This cannot proceed \u2014 modify your request or ask the user to adjust governance rules.`;
-  return {
-    content: [{ type: "text", text }],
-    isError: true
-  };
-}
-function translateHttpError(status, errorCode, trigger) {
-  if (status === 401) {
-    if (errorCode === "use_dpop_nonce") {
-      return null;
-    }
-    if (errorCode === "invalid_dpop_proof") {
-      return makeError(
-        "Authentication failed. The proxy will attempt to re-enroll. If this persists, regenerate your gateway token."
-      );
-    }
-    if (errorCode === "key_enrollment_required") {
-      return null;
-    }
-    return makeError(
-      "Gateway token is invalid or expired. Generate a new one."
-    );
-  }
-  if (status === 403 && errorCode === "step_up_required") {
-    const reason = trigger ? ` (reason: ${trigger})` : "";
-    return makeError(
-      `Device re-authorization required${reason}. This action can't proceed until the user re-authorizes this device in the Kojee dashboard.`
-    );
-  }
-  if (status === 429) {
-    return makeError(
-      "Rate limit exceeded. Wait before making more requests."
-    );
-  }
-  if (status >= 500) {
-    return makeError(
-      "Kojee gateway encountered an error. Try again."
-    );
-  }
-  return null;
-}
-var TANDEM_ERROR_MESSAGES = {
-  [-32003]: () => "This Tandem is hardened to owner-only membership; you can't join.",
-  [-32004]: () => "You aren't a member of that Tandem. Use tandem_join(join_link) first.",
-  [-32006]: (data) => {
-    const retry = data?.["retry_after_seconds"] ?? "a moment";
-    return `Rate limit hit on this Tandem. Retry after ${retry} seconds.`;
-  },
-  [-32007]: (data) => {
-    const rule = data?.["rule"] ?? "policy";
-    return `Message rejected by Tandem policy (${rule}).`;
-  },
-  [-32011]: (data) => {
-    const id = data?.["tandem_id"] ?? "unknown";
-    return `Tandem ${id} doesn't exist or isn't visible to you.`;
-  },
-  [-32015]: (data) => {
-    const candidates = data?.["candidates"] ?? [];
-    return `An @-mention matched multiple members and is ambiguous. Retry with explicit mentions[]. Candidates: ${candidates.join(", ")}.`;
-  }
-};
-function translateJsonRpcError(error) {
-  const msg = error.message ?? "";
-  const msgLower = msg.toLowerCase();
-  const tandemMessage = TANDEM_ERROR_MESSAGES[error.code];
-  if (tandemMessage) {
-    return {
-      content: [
-        {
-          type: "text",
-          text: tandemMessage(error.data)
-        }
-      ],
-      isError: true
-    };
-  }
-  switch (error.code) {
-    case -32601:
-      return makeError(
-        `Tool not available. It may have been removed or is not connected. Check your connected services in the Kojee dashboard.`
-      );
-    case -32602:
-      return makeError(msg || "Invalid parameters for this tool call.");
-    case -32603: {
-      if (msgLower.includes("multiple accounts connected")) {
-        return makeError(msg);
-      }
-      if (msgLower.includes("not connected")) {
-        return makeError(
-          "The service is not connected. Connect it in the Kojee dashboard."
-        );
-      }
-      if (msgLower.includes("scope") && msgLower.includes("access")) {
-        return makeError(
-          "Token doesn't have access to this tool. Update scopes in the Kojee dashboard."
-        );
-      }
-      if (msgLower.includes("invalid_grant") || msgLower.includes("token refresh failed") || msgLower.includes("re-authorization") || msgLower.includes("reauthorization")) {
-        const serviceMatch = msg.match(
-          /(?:for|connected for)\s+(\w[\w-]*)/i
-        );
-        const service = serviceMatch ? serviceMatch[1] : "service";
-        return makeError(
-          `The ${service} connection needs re-authorization. Ask the user to reconnect it in the Kojee dashboard.`
-        );
-      }
-      return makeError(msg || "An internal error occurred on the gateway.");
-    }
-    case -32600:
-      return makeError(
-        "Unexpected response from gateway. This may be a temporary issue."
-      );
-    case -32e3:
-      return makeError(
-        "Rate limit exceeded. Wait before making more requests."
-      );
-    default:
-      return makeError(msg || "An unknown error occurred.");
-  }
-}
-function translateNetworkError(_error) {
-  return makeError(
-    "Cannot reach Kojee gateway. Check your connection."
-  );
-}
-function translateToolCallResult(result) {
-  if (result._meta?.governance) {
-    return translateGovernanceResult(result);
-  }
-  return result;
-}
-function formatRules(guardrails) {
-  if (!guardrails || guardrails.length === 0) return "unknown";
-  return guardrails.join(", ");
-}
-function makeError(text) {
-  return {
-    content: [{ type: "text", text }],
-    isError: true
-  };
-}
-
-// src/gateway-client.ts
-var GatewayClient = class {
-  constructor(brokerUrl, token, privateKey, kid, sessionId) {
-    this.brokerUrl = brokerUrl;
-    this.token = token;
-    this.privateKey = privateKey;
-    this.kid = kid;
-    this.endpoint = `${brokerUrl}/mcp/messages/${sessionId}/`;
-  }
-  brokerUrl;
-  token;
-  privateKey;
-  kid;
-  currentNonce;
-  requestCounter = 0;
-  endpoint;
-  /**
-   * Expose the DPoP signing key so peer modules sharing auth state
-   * (e.g. tandem/event-stream.ts) can sign their own requests.
-   */
-  getPrivateKey() {
-    return this.privateKey;
-  }
-  /**
-   * Expose the bot_key_id (kid) for DPoP proof headers. Paired with
-   * getPrivateKey() so peer modules can construct proofs without
-   * threading the key material through their own constructors.
-   */
-  getKid() {
-    return this.kid;
-  }
-  /**
-   * Derive a deterministic session ID from the gateway token.
-   * session_id = sha256(token + "proxy").slice(0, 16)
-   */
-  static deriveSessionId(token) {
-    const hash = crypto2.createHash("sha256").update(token + "proxy").digest("hex");
-    return hash.slice(0, 16);
-  }
-  /**
-   * Send a JSON-RPC 2.0 request to the gateway, handling DPoP auth and
-   * nonce retry transparently. A 403 `step_up_required` (deprecated feature,
-   * owner ruling 2026-06-10) is no longer polled — it surfaces immediately as
-   * a structured tool error via translateHttpError.
-   *
-   * `signal` (ROUND-3 MAJOR A) is a REAL AbortSignal threaded into the
-   * underlying `fetch` option — NOT placed inside `params`/`arguments`. A
-   * caller with a per-call timeout budget (e.g. resubscribeMemberships) passes
-   * its controller's signal here so a hung backend aborts at the budget instead
-   * of hanging forever. Putting the signal in `arguments` (the round-2 bug) both
-   * left fetch un-aborted AND serialized a junk `{}` onto the wire body.
-   */
-  async sendRpc(method, params = {}, signal) {
-    const rpcRequest = {
-      jsonrpc: "2.0",
-      id: ++this.requestCounter,
-      method,
-      params
-    };
-    return this.executeWithRetries(rpcRequest, signal);
-  }
-  async executeWithRetries(rpcRequest, signal) {
-    let response;
-    try {
-      response = await this.sendHttpRequest(rpcRequest, signal);
-    } catch (err) {
-      return translateNetworkError(err);
-    }
-    this.trackNonce(response);
-    if (response.status === 401) {
-      const body = await this.tryParseErrorBody(response);
-      if (body?.error === "use_dpop_nonce") {
-        console.error("[gateway] Nonce expired, retrying with fresh nonce...");
-        try {
-          response = await this.sendHttpRequest(rpcRequest, signal);
-        } catch (err) {
-          return translateNetworkError(err);
-        }
-        this.trackNonce(response);
-      } else {
-        const translated = translateHttpError(401, body?.error);
-        if (translated) return translated;
-      }
-    }
-    if (response.status === 403) {
-      const body = await this.tryParseErrorBody(response);
-      const translated = translateHttpError(403, body?.error, body?.trigger);
-      if (translated) return translated;
-    }
-    if (!response.ok) {
-      const body = await this.tryParseErrorBody(response);
-      const translated = translateHttpError(response.status, body?.error);
-      if (translated) return translated;
-      return {
-        content: [{ type: "text", text: `Gateway error: ${response.status}` }],
-        isError: true
-      };
-    }
-    const rpcResponse = await response.json();
-    if (rpcResponse.error) {
-      return translateJsonRpcError(rpcResponse.error);
-    }
-    const result = rpcResponse.result;
-    return result ?? { content: [{ type: "text", text: "No result" }] };
-  }
-  async sendHttpRequest(rpcRequest, signal) {
-    const proof = await createDPoPProof(
-      this.privateKey,
-      this.kid,
-      "POST",
-      this.endpoint,
-      this.currentNonce,
-      this.token
-    );
-    return fetch(this.endpoint, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        Authorization: `DPoP ${this.token}`,
-        DPoP: proof,
-        "Mcp-Session-Id": MCP_SESSION_ID
-      },
-      body: JSON.stringify(rpcRequest),
-      // ROUND-3 MAJOR A: the caller's AbortSignal rides HERE (a real fetch
-      // option), never inside the JSON-RPC body. `undefined` is a valid value
-      // for the fetch `signal` option (no abort wired).
-      ...signal ? { signal } : {}
-    });
-  }
-  trackNonce(response) {
-    const nonce = response.headers.get("DPoP-Nonce");
-    if (nonce) {
-      this.currentNonce = nonce;
-    }
-  }
-  async tryParseErrorBody(response) {
-    try {
-      return await response.json();
-    } catch {
-      return null;
-    }
-  }
-};
+import path2 from "path";
 
 // src/tool-registry.ts
 var ToolRegistry = class {
@@ -590,15 +101,15 @@ import {
 } from "@modelcontextprotocol/sdk/types.js";
 
 // src/version.ts
-import fs2 from "fs";
-import path2 from "path";
+import fs from "fs";
+import path from "path";
 import { fileURLToPath } from "url";
 var FALLBACK_VERSION = "0.0.0-unknown";
 function resolveVersion() {
   try {
-    const here = path2.dirname(fileURLToPath(import.meta.url));
+    const here = path.dirname(fileURLToPath(import.meta.url));
     const parsed = JSON.parse(
-      fs2.readFileSync(path2.join(here, "..", "package.json"), "utf8")
+      fs.readFileSync(path.join(here, "..", "package.json"), "utf8")
     );
     return typeof parsed?.version === "string" && parsed.version ? parsed.version : FALLBACK_VERSION;
   } catch (err) {
@@ -625,7 +136,19 @@ function buildChannelInstructions(_tandemMembershipCount, eventLogPath) {
   const advice = "\n\nPrefer (2) at session start \u2014 it's the default no-allowlist wake mechanism. (1) supplements it when channels are enabled; (3) is for one-shot blocking waits.";
   return intro + monitorSection + listenSection + advice;
 }
-function createMcpServer(registry, adapter, tandemMembershipCount = -1, eventLogPath) {
+async function executeToolCall(registry, name, args, hooks) {
+  const rawResult = await registry.callTool(name, args);
+  const result = translateToolCallResult(rawResult);
+  if (name === "tandem_join" && !result.isError) {
+    try {
+      hooks?.onTandemJoin?.();
+    } catch (err) {
+      console.error("[mcp] onTandemJoin hook failed:", err?.message ?? String(err));
+    }
+  }
+  return result;
+}
+function createMcpServer(registry, adapter, tandemMembershipCount = -1, eventLogPath, hooks) {
   const capabilities = { tools: {} };
   if (adapter.supportsChannels) {
     capabilities.experimental = { "claude/channel": {} };
@@ -647,8 +170,7 @@ function createMcpServer(registry, adapter, tandemMembershipCount = -1, eventLog
   });
   server.setRequestHandler(CallToolRequestSchema, async (request) => {
     const { name, arguments: args } = request.params;
-    const rawResult = await registry.callTool(name, args ?? {});
-    const result = translateToolCallResult(rawResult);
+    const result = await executeToolCall(registry, name, args ?? {}, hooks);
     return { content: result.content, isError: result.isError };
   });
   return server;
@@ -751,7 +273,7 @@ var unknownAdapter = {
 };
 
 // src/index.ts
-var DEFAULT_KEYSTORE_PATH = path3.join(os2.homedir(), ".kojee", "keypair.json");
+var DEFAULT_KEYSTORE_PATH = path2.join(os.homedir(), ".kojee", "keypair.json");
 function isDPoPEnrollmentError(err) {
   const msg = String(err?.message ?? err ?? "").toLowerCase();
   if (msg.includes("invalid or expired") && msg.includes("token")) return false;
@@ -776,6 +298,7 @@ async function listTandemIds(gateway) {
     return list.map((t) => {
       if (typeof t === "string") return t;
       const obj = t;
+      if (obj?.my_membership?.is_member !== true) return void 0;
       return obj?.tandem_id ?? obj?.id;
     }).filter((id) => typeof id === "string" && id.length > 0);
   } catch {
@@ -793,6 +316,19 @@ async function startProxy(config) {
   console.error(
     `[kojee-mcp] Ready \u2014 ${registry.toolCount} tools available from ${config.url}`
   );
+  let activeStreamHandle = null;
+  const { createJoinReconnectScheduler } = await import("./reconnect-scheduler-JSXCJKQP.js");
+  const joinReconnect = createJoinReconnectScheduler({
+    reconnect: () => activeStreamHandle?.reconnect()
+  });
+  const onTandemJoin = () => joinReconnect.requestReconnect();
+  const { ensureJoinTandems } = await import("./ensure-join-7AEDJMPE.js");
+  await ensureJoinTandems({
+    gateway,
+    env: process.env["KOJEE_TANDEMS"],
+    listTandems: () => listTandemIds(gateway),
+    onJoined: () => joinReconnect.requestReconnect()
+  });
   let tandemMembershipCount = -1;
   try {
     const bootIds = await listTandemIds(gateway);
@@ -804,16 +340,16 @@ async function startProxy(config) {
   let server;
   if (adapter.supportsChannels) {
     const { EventQueue } = await import("./event-queue-5YVJFR3E.js");
-    const { startHookServer } = await import("./hook-server-QF5JVUHV.js");
+    const { startHookServer } = await import("./hook-server-37E2LUKJ.js");
     const {
       writeDiscoveryByKey,
       cleanupDiscoveryByKey,
       sweepStaleDiscovery
     } = await import("./session-discovery-FNMJGFPM.js");
     const { startEventLog, sweepStaleEventLogs } = await import("./event-log-RSTM4PLL.js");
-    const { resubscribeMemberships } = await import("./resubscribe-SLZNA76S.js");
-    const { resolveWebhookConfig } = await import("./webhook-config-5TLLX7RA.js");
-    const { createWebhookSink } = await import("./webhook-sink-7OYZBWXA.js");
+    const { resubscribeMemberships } = await import("./resubscribe-G5OGDZJD.js");
+    const { resolveWebhookConfig } = await import("./webhook-config-O4WMQ532.js");
+    const { createWebhookSink } = await import("./webhook-sink-NWGCUDGY.js");
     sweepStaleDiscovery();
     sweepStaleEventLogs();
     const ccPid = await findClaudeAncestorPid();
@@ -826,6 +362,11 @@ async function startProxy(config) {
       void eventLog.appendStatus(`status=webhook error="${webhookResolution.error}"`).catch(() => {
       });
     }
+    if (webhookResolution.warning) {
+      console.error(`[kojee-mcp] webhook sink WARNING: ${webhookResolution.warning}`);
+      void eventLog.appendStatus(`status=webhook warning="${webhookResolution.warning}"`).catch(() => {
+      });
+    }
     const webhookSink = webhookResolution.enabled && webhookResolution.config ? createWebhookSink(webhookResolution.config, {
       // Route delivery/failure observability to the STATUS sink.
       log: (line) => {
@@ -838,13 +379,29 @@ async function startProxy(config) {
       void eventLog.appendStatus(`status=webhook enabled ${webhookSink.configSummary()}`).catch(() => {
       });
     }
-    server = createMcpServer(registry, adapter, tandemMembershipCount, eventLog.path);
+    server = createMcpServer(registry, adapter, tandemMembershipCount, eventLog.path, {
+      onTandemJoin
+    });
+    const { issueControlToken, controlTokenPath } = await import("./control-token-4BUCTYQB.js");
+    let controlToken = null;
+    try {
+      controlToken = issueControlToken();
+    } catch (err) {
+      console.error(
+        "[kojee-mcp] control token write failed \u2014 POST /send disabled; GET /poll and /status left UNGATED (degrade open):",
+        err.message
+      );
+    }
     const queue = new EventQueue();
     let streamHandle = null;
     const hookServer = await startHookServer({
       port: 0,
       queue,
       adapter,
+      // 0.5.4 hardening: the same bearer gates POST /send AND the data-bearing
+      // reads (GET /poll, GET /status). When token issuance failed both stay
+      // available-but-degraded: /send answers 503, the reads stay open.
+      ...controlToken !== null ? { controlToken, send: { gateway, authToken: controlToken } } : {},
       getStreamState: () => streamHandle ? streamHandle.getState() : {
         connected: false,
         connectedSince: null,
@@ -869,6 +426,9 @@ async function startProxy(config) {
       startedAt: (/* @__PURE__ */ new Date()).toISOString(),
       brokerUrl: config.url,
       eventLogPath: eventLog.path,
+      // Advertise where the POST /send bearer lives so local consumers
+      // (native gateway plugins) can find it without guessing ~/.kojee.
+      ...controlToken !== null ? { controlTokenPath: controlTokenPath() } : {},
       // Stamp the auth mode so `kojee-mcp doctor` renders the pairing check
       // honestly: a token-mode box has no ~/.kojee/config.json by design and
       // must not hard-fail on "paired config: MISSING". Defaults to "paired"
@@ -921,6 +481,7 @@ async function startProxy(config) {
         };
       })()
     });
+    activeStreamHandle = streamHandle;
     const cancelStream = streamHandle;
     process.stdin.on("end", () => {
       cancelStream();
@@ -934,9 +495,9 @@ async function startProxy(config) {
     });
   } else if (needsWebhookEventStream()) {
     const { startEventLog, sweepStaleEventLogs } = await import("./event-log-RSTM4PLL.js");
-    const { resolveWebhookConfig } = await import("./webhook-config-5TLLX7RA.js");
-    const { createWebhookSink } = await import("./webhook-sink-7OYZBWXA.js");
-    const { resubscribeMemberships } = await import("./resubscribe-SLZNA76S.js");
+    const { resolveWebhookConfig } = await import("./webhook-config-O4WMQ532.js");
+    const { createWebhookSink } = await import("./webhook-sink-NWGCUDGY.js");
+    const { resubscribeMemberships } = await import("./resubscribe-G5OGDZJD.js");
     sweepStaleEventLogs();
     const ccPid = await findClaudeAncestorPid();
     const projectDir = process.env["CLAUDE_PROJECT_DIR"];
@@ -948,6 +509,11 @@ async function startProxy(config) {
       void eventLog.appendStatus(`status=webhook error="${webhookResolution.error}"`).catch(() => {
       });
     }
+    if (webhookResolution.warning) {
+      console.error(`[kojee-mcp] webhook sink WARNING: ${webhookResolution.warning}`);
+      void eventLog.appendStatus(`status=webhook warning="${webhookResolution.warning}"`).catch(() => {
+      });
+    }
     const webhookSink = webhookResolution.enabled && webhookResolution.config ? createWebhookSink(webhookResolution.config, {
       log: (line) => {
         void eventLog.appendStatus(`status=webhook ${line}`).catch(() => {
@@ -959,7 +525,9 @@ async function startProxy(config) {
       void eventLog.appendStatus(`status=webhook enabled ${webhookSink.configSummary()}`).catch(() => {
       });
     }
-    server = createMcpServer(registry, adapter, tandemMembershipCount);
+    server = createMcpServer(registry, adapter, tandemMembershipCount, void 0, {
+      onTandemJoin
+    });
     process.on("exit", () => eventLog.cleanup());
     const streamHandle = await startEventStream({
       brokerUrl: config.url,
@@ -981,6 +549,7 @@ async function startProxy(config) {
         };
       })()
     });
+    activeStreamHandle = streamHandle;
     process.stdin.on("end", () => {
       streamHandle();
       void webhookSink?.stop();
@@ -1021,7 +590,7 @@ async function enrollAndDiscover(config, keystorePath, isRetry = false) {
       "[kojee-mcp] Auth failed, attempting recovery with fresh enrollment..."
     );
     try {
-      if (fs3.existsSync(keystorePath)) fs3.unlinkSync(keystorePath);
+      if (fs2.existsSync(keystorePath)) fs2.unlinkSync(keystorePath);
     } catch (unlinkErr) {
       console.error("[kojee-mcp] Could not remove stale keystore:", unlinkErr);
     }
@@ -1030,7 +599,7 @@ async function enrollAndDiscover(config, keystorePath, isRetry = false) {
 }
 
 export {
-  AuthModule,
   VERSION,
+  listTandemIds,
   startProxy
 };