minivibe 0.1.4 → 0.2.1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024-2025 MiniVibe
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -11,26 +11,23 @@ CLI wrapper for Claude Code with mobile remote control via MiniVibe iOS app.
 - Token usage tracking
 - Headless authentication for servers (EC2, etc.)
 - Skip permissions mode for automation
+- **End-to-end encryption** - Optional E2E encryption so bridge server cannot read message content
 
 ## Quick Start
 
 ```bash
-# Install globally from npm
+# Install
 npm install -g minivibe
 
-# Authenticate (one-time)
-vibe --login              # Desktop (opens browser)
-vibe --login --headless   # Server/EC2 (device code)
-
-# Option 1: Direct bridge connection
-vibe --bridge wss://ws.neng.ai
+# Login (one-time)
+vibe --login
 
-# Option 2: Agent mode (recommended for servers)
-vibe-agent --bridge wss://ws.neng.ai &   # Start agent
-vibe --agent                              # Create sessions
+# Start coding with remote control!
+vibe
+vibe "Fix the bug in main.js"
 ```
 
-See [GETTING_STARTED.md](GETTING_STARTED.md) for detailed setup instructions.
+> **Note:** For local-only use without remote control, just run `claude` directly.
 
 ## Installation
 
@@ -47,8 +44,8 @@ This installs two commands:
 ### From Source
 
 ```bash
-git clone https://github.com/python3isfun/neng.git
-cd neng/vibe-cli
+git clone https://github.com/minivibeapp/minivibe.git
+cd minivibe
 npm install
 npm link
 ```
@@ -81,22 +78,24 @@ Get token from MiniVibe iOS app: Settings > Copy Token for CLI.
 
 ## Usage Modes
 
-### Direct Bridge Mode
+### Direct Mode (Default)
 
-Connect directly to the bridge server:
+Just run `vibe` after logging in:
 
 ```bash
-vibe --bridge wss://ws.neng.ai
-vibe --bridge wss://ws.neng.ai "Fix the bug in main.js"
+vibe                      # Start session
+vibe "Fix the bug"        # With initial prompt
+vibe --e2e                # With end-to-end encryption
 ```
 
 ### Agent Mode (Recommended for Servers)
 
-Use a local agent to manage sessions:
+Use a local agent to manage multiple sessions:
 
 ```bash
 # Terminal 1: Start the agent (runs continuously)
-vibe-agent --bridge wss://ws.neng.ai
+vibe-agent --login       # First time only
+vibe-agent               # Start daemon
 
 # Terminal 2+: Create sessions via agent
 vibe --agent
@@ -110,30 +109,25 @@ vibe --agent --name "Backend Work"
 - Sessions survive network hiccups
 - Cleaner process management
 
-### Local Mode (No Bridge)
-
-Run without remote control:
-
-```bash
-vibe                          # Interactive
-vibe "Explain this code"      # With prompt
-```
-
 ## Options
 
 ### vibe
 
 | Option | Description |
 |--------|-------------|
-| `--bridge <url>` | Connect to bridge server |
-| `--agent [url]` | Connect via local vibe-agent (default: auto-discover) |
-| `--name <name>` | Name this session (shown in mobile app) |
-| `--resume <id>` | Resume a previous session |
 | `--login` | Sign in with Google |
 | `--headless` | Use device code flow for headless environments |
+| `--agent [url]` | Connect via local vibe-agent (default: auto-discover) |
+| `--name <name>` | Name this session (shown in mobile app) |
+| `--resume <id>` | Resume a previous session (auto-detects directory) |
+| `--attach <id>` | Attach to running session via local agent |
+| `--remote <id>` | Remote control session via bridge (no local Claude needed) |
+| `--list` | List running sessions on local agent |
+| `--e2e` | Enable end-to-end encryption (auto key exchange with iOS) |
+| `--dangerously-skip-permissions` | Auto-approve all tool executions |
+| `--bridge <url>` | Override bridge URL (default: wss://ws.minivibeapp.com) |
 | `--token <token>` | Set Firebase auth token manually |
 | `--logout` | Remove stored auth token |
-| `--dangerously-skip-permissions` | Auto-approve all tool executions |
 | `--node-pty` | Use Node.js PTY wrapper (required for Windows) |
 | `--help, -h` | Show help message |
 
@@ -141,8 +135,11 @@ vibe "Explain this code"      # With prompt
 
 | Option | Description |
 |--------|-------------|
-| `--bridge <url>` | Bridge server URL (required) |
-| `--port <port>` | Local WebSocket port (default: 9999) |
+| `--login` | Sign in via device code flow |
+| `--name <name>` | Set host display name |
+| `--status` | Show current status and exit |
+| `--bridge <url>` | Override bridge URL (default: wss://ws.minivibeapp.com) |
+| `--token <token>` | Use specific Firebase token |
 | `--help, -h` | Show help message |
 
 ## Skip Permissions Mode
@@ -150,12 +147,48 @@ vibe "Explain this code"      # With prompt
 For automated/headless environments where you trust the execution context:
 
 ```bash
-vibe --dangerously-skip-permissions --bridge wss://ws.neng.ai
+vibe --dangerously-skip-permissions
 vibe --dangerously-skip-permissions --agent
 ```
 
 **Warning:** This mode auto-approves ALL tool executions (commands, file writes, etc.) without prompting. Only use in trusted/sandboxed environments.
 
+## End-to-End Encryption
+
+Enable E2E encryption to ensure the bridge server cannot read your message content:
+
+```bash
+# Start with E2E encryption enabled
+vibe --e2e
+```
+
+Key exchange happens automatically when both CLI and iOS connect to the bridge:
+
+1. Enable E2E in MiniVibe iOS app: **Settings > Security > E2E Encryption**
+2. Start CLI with `--e2e` flag
+3. Both sides exchange public keys automatically on connect
+4. Encryption is established - no QR scanning needed!
+
+### How It Works
+
+- Uses **X25519** key exchange (same as Signal, WhatsApp)
+- Messages encrypted with **AES-256-GCM**
+- Keys derived using **HKDF-SHA256**
+- Bridge server sees message routing info but cannot read content
+
+### Key Storage
+
+| Location | Description |
+|----------|-------------|
+| `~/.vibe/e2e-keys.json` | CLI keypair and peer info |
+| iOS Keychain | iOS keypair and peer info |
+
+### Security Notes
+
+- E2E is optional and backward compatible
+- Once paired, encryption persists across sessions
+- To re-pair: delete `~/.vibe/e2e-keys.json` and reset in iOS Settings
+
 ## Architecture
 
 ```
@@ -165,7 +198,7 @@ vibe --dangerously-skip-permissions --agent
 └─────────────┘     └─────────────┘     └─────────────┘     └─────────────┘
 ```
 
-**Direct mode:** `vibe --bridge` connects directly to bridge server
+**Direct mode:** `vibe` connects directly to bridge server
 
 **Agent mode:** `vibe --agent` connects to local `vibe-agent`, which manages bridge connection
 
@@ -196,7 +229,7 @@ May also need Visual Studio Build Tools and Python for native compilation.
 | Path | Description |
 |------|-------------|
 | `~/.vibe/auth.json` | Stored authentication (token + refresh token) |
-| `~/.vibe/token` | Legacy token file |
+| `~/.vibe/e2e-keys.json` | E2E encryption keypair and peer info |
 | `~/.vibe-agent/port` | Agent port file for auto-discovery |
 
 ## License