neozip-mcp 0.1.0-beta

package/dist/connection/interactive.js

@@ -0,0 +1,814 @@
+import * as readline from "node:readline/promises";
+import { stdin as input, stdout as output } from "node:process";
+import { buildAccountStatusReport } from "../account/account-state.js";
+import { formatAccountStatusText } from "../account/format-account-status.js";
+import { evmIdentityFromMnemonic, evmIdentityFromPrivateKey, generateEvmIdentity, } from "../account/wallet-evm.js";
+import { connectFinish, connectPhoneRequest, connectPhoneVerify, connectRegister, connectVerify, } from "./onboarding.js";
+import { isPhoneVerified } from "./phone.js";
+import { promoteReadyActiveConnection } from "./promote-active.js";
+import { computeConnectionPhase, computeConnectionPhaseForId, listReadyConnectionIds, } from "./phase.js";
+import { KNOWN_TOKEN_SERVICE_PRESETS, NEOZIP_TOKEN_SERVICE_DEFAULT_URL, NEOZIP_TOKEN_SERVICE_LOCALHOST, NEOZIP_TOKEN_SERVICE_PRODUCTION_URL, defaultTokenServiceMenuChoice, connectionLabelForOrigin, normalizeTokenServiceOrigin, resolveTokenServiceOrigin, } from "./origin.js";
+import { createConnection, deleteConnection, getActiveConnection, getActiveConnectionId, getConnectionDir, listConnections, readConnectionPublic, readActiveConnectionSecrets, saveEvmWallet, selectConnection, } from "./store.js";
+import { hasLegacyMcpProfiles, migrateFromMcpProfileStore } from "./migrate.js";
+import { fetchCoordinatorConfigParsed, probeTokenServiceReachable } from "./coordinator.js";
+import { buildConnectionDump, formatConnectionDump, formatConnectionsSummaryText } from "./dump.js";
+import { diagnoseUnrecoverableStore, formatUnrecoverableStoreMessage, tryAutoRecoverConnectionStore, } from "./incomplete-setup.js";
+import { resetConnectionStore } from "./reset.js";
+import { fetchServerLinkedWalletAddress } from "./wallet-setup.js";
+function defaultPrompter(rl) {
+    return {
+        async question(prompt, defaultValue) {
+            const suffix = defaultValue ? ` [${defaultValue}]` : "";
+            const answer = (await rl.question(`${prompt}${suffix}: `)).trim();
+            return answer || defaultValue || "";
+        },
+    };
+}
+function promptWithDefault(prompter, prompt, defaultValue) {
+    return prompter.question(prompt, defaultValue);
+}
+export async function promptTokenServiceUrl(prompter, options) {
+    if (options?.tokenServiceUrl?.trim()) {
+        return resolveTokenServiceOrigin(options.tokenServiceUrl);
+    }
+    console.error(`
+Token Service — choose deployment:
+  1) NeoZip Testnet — ${NEOZIP_TOKEN_SERVICE_DEFAULT_URL} (default)
+  2) NeoZip Production — ${NEOZIP_TOKEN_SERVICE_PRODUCTION_URL}
+  3) Local Development — ${NEOZIP_TOKEN_SERVICE_LOCALHOST}
+  4) Custom URL
+`);
+    const choice = await promptWithDefault(prompter, "Choice", defaultTokenServiceMenuChoice());
+    switch (choice) {
+        case "1":
+        case "testnet":
+            return normalizeTokenServiceOrigin(KNOWN_TOKEN_SERVICE_PRESETS[0].url);
+        case "2":
+        case "production":
+        case "prod":
+            return normalizeTokenServiceOrigin(KNOWN_TOKEN_SERVICE_PRESETS[1].url);
+        case "3":
+        case "local":
+            return normalizeTokenServiceOrigin(KNOWN_TOKEN_SERVICE_PRESETS[2].url);
+        case "4":
+        case "custom": {
+            const customDefault = process.env.TOKEN_SERVICE_URL?.trim() || undefined;
+            const url = await promptWithDefault(prompter, "Custom Token Service URL", customDefault);
+            if (!url)
+                throw new Error("Token Service URL is required");
+            return resolveTokenServiceOrigin(url);
+        }
+        default:
+            throw new Error(`Invalid choice: ${choice}. Enter 1, 2, 3, or 4.`);
+    }
+}
+async function ensureConnectionShell(prompter, options) {
+    const phase = computeConnectionPhase();
+    if (phase !== "no_profile")
+        return;
+    const existing = listConnections();
+    if (existing.length > 0) {
+        if (existing.length === 1) {
+            selectConnection(existing[0].id);
+            console.error(`Using connection: ${existing[0].label} (${existing[0].id})`);
+            return;
+        }
+        console.error("Existing connections:");
+        existing.forEach((c, i) => {
+            console.error(`  ${i + 1}) ${c.label} — ${c.email ?? "no email"} (${c.id})`);
+        });
+        console.error(`  ${existing.length + 1}) Create new connection`);
+        const pick = await promptWithDefault(prompter, `Select connection (1-${existing.length + 1})`, "1");
+        const idx = parseInt(pick, 10);
+        if (idx >= 1 && idx <= existing.length) {
+            selectConnection(existing[idx - 1].id);
+            return;
+        }
+    }
+    const tokenServiceUrl = await promptTokenServiceUrl(prompter, options);
+    const label = options?.label?.trim() || connectionLabelForOrigin(tokenServiceUrl);
+    createConnection({ label, tokenServiceUrl });
+    console.error(`Connection "${label}" stored under ${getConnectionDir()}`);
+}
+async function sendVerificationCode(origin, email, label) {
+    console.error(`Sending verification code to ${email}…`);
+    const reg = await connectRegister({
+        email,
+        tokenServiceUrl: origin,
+        label,
+    });
+    if (!reg.success) {
+        throw new Error(reg.message ?? "Failed to send verification email.");
+    }
+    console.error(`Verification code sent to ${email}.`);
+}
+export function parseVerificationCodeInput(input) {
+    const trimmed = input.trim();
+    if (!trimmed)
+        return null;
+    const key = trimmed.toLowerCase();
+    if (key === "r" || key === "resend")
+        return { kind: "resend" };
+    if (key === "c" || key === "change")
+        return { kind: "change_email" };
+    if (key === "a" || key === "abort")
+        return { kind: "abort" };
+    return { kind: "code", code: trimmed };
+}
+export async function promptVerificationCode(prompter) {
+    const answer = await prompter.question("6-digit verification code from email [r=resend, c=change email, a=abort]");
+    return parseVerificationCodeInput(answer);
+}
+async function runEmailStep(prompter) {
+    if (computeConnectionPhase() !== "email_unverified")
+        return;
+    const conn = getActiveConnection();
+    if (!conn)
+        throw new Error("No active connection");
+    const origin = conn.tokenServiceOrigin;
+    const reachable = await probeTokenServiceReachable(origin);
+    if (!reachable) {
+        throw new Error(`Token Service unreachable at ${origin}. Start the server (e.g. local development on port 14789) or choose another deployment.`);
+    }
+    const defaultEmail = conn.email?.trim() ||
+        process.env.NEOZIP_RECIPIENT_EMAIL?.trim() ||
+        undefined;
+    let email = await promptWithDefault(prompter, "Email for Token Service", defaultEmail);
+    if (!email)
+        throw new Error("Email is required");
+    await sendVerificationCode(origin, email, conn.label);
+    while (true) {
+        const input = await promptVerificationCode(prompter);
+        if (input === null) {
+            console.error("Enter the verification code, r to resend, c to change email, or a to abort.");
+            continue;
+        }
+        if (input.kind === "abort") {
+            throw new Error("Email verification aborted.");
+        }
+        if (input.kind === "change_email") {
+            email = await promptWithDefault(prompter, "Email for Token Service");
+            if (!email) {
+                console.error("Email is required.");
+                continue;
+            }
+            await sendVerificationCode(origin, email, conn.label);
+            continue;
+        }
+        if (input.kind === "resend") {
+            await sendVerificationCode(origin, email, conn.label);
+            continue;
+        }
+        console.error("Verifying email…");
+        try {
+            const ver = await connectVerify({
+                email,
+                code: input.code,
+                tokenServiceUrl: origin,
+            });
+            if (!ver.success && ver.phase === "phone_required" && !ver.message?.includes("Email verified")) {
+                throw new Error(ver.message ?? "Phone verification required");
+            }
+            console.error("Email verified.");
+            return;
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : String(err);
+            console.error(message);
+            console.error("Try again, enter r to resend, c to change email, or a to abort.");
+        }
+    }
+}
+async function runPhoneStep(prompter) {
+    const conn = getActiveConnection();
+    if (!conn)
+        throw new Error("No active connection");
+    if (isPhoneVerified(conn))
+        return;
+    const coordinator = await fetchCoordinatorConfigParsed(conn.tokenServiceOrigin);
+    if (!coordinator?.cryptoRequirePhoneVerified)
+        return;
+    console.error(`
+Phone verification — required by this Token Service deployment.
+Enter your phone in E.164 format (e.g. +14155551234). We will send a 6-digit SMS code.
+`);
+    let phone = conn.phoneE164?.trim() || "";
+    if (!phone) {
+        phone = await promptWithDefault(prompter, "Phone number (E.164)", undefined);
+    }
+    if (!phone)
+        throw new Error("Phone number is required");
+    let smsSent = false;
+    while (true) {
+        if (!smsSent) {
+            console.error(`Sending SMS code to ${phone}…`);
+            const req = await connectPhoneRequest({
+                phone,
+                tokenServiceUrl: conn.tokenServiceOrigin,
+            });
+            if (!req.success) {
+                throw new Error(req.message ?? "Failed to send SMS code");
+            }
+            smsSent = true;
+            console.error(req.message ?? "SMS code sent.");
+        }
+        const answer = await prompter.question("6-digit SMS code [r=resend, c=change phone, a=abort]");
+        const trimmed = answer.trim().toLowerCase();
+        if (trimmed === "a" || trimmed === "abort") {
+            throw new Error("Phone verification aborted.");
+        }
+        if (trimmed === "r" || trimmed === "resend") {
+            smsSent = false;
+            continue;
+        }
+        if (trimmed === "c" || trimmed === "change") {
+            phone = await promptWithDefault(prompter, "Phone number (E.164)");
+            if (!phone) {
+                console.error("Phone number is required.");
+                continue;
+            }
+            smsSent = false;
+            continue;
+        }
+        if (!trimmed) {
+            console.error("Enter the SMS code, r to resend, c to change phone, or a to abort.");
+            continue;
+        }
+        console.error("Verifying phone…");
+        try {
+            const ver = await connectPhoneVerify({
+                phone,
+                code: trimmed,
+                tokenServiceUrl: conn.tokenServiceOrigin,
+            });
+            if (!ver.success) {
+                console.error(ver.message ?? "Verification failed");
+                continue;
+            }
+            console.error("Phone verified.");
+            return;
+        }
+        catch (err) {
+            console.error(err instanceof Error ? err.message : String(err));
+        }
+    }
+}
+export async function promptRecoveryPhraseBackup(prompter, input) {
+    console.error(`
+Back up your Data Wallet (same as NeoZip Desktop)
+This is the one and only time we will show this recovery phrase. Write it down and store it
+somewhere safe. NeoZip does not store this phrase on the server.
+
+Note: This is your wallet recovery phrase. Connection file encryption uses this machine by
+default unless you set NEOZIP_UNLOCK_PASSPHRASE.
+
+Address: ${input.address}
+
+Recovery phrase:
+${input.mnemonic}
+`);
+    while (true) {
+        const ack = (await prompter.question("Have you written down and stored your recovery phrase? (yes/no)", "no"))
+            .trim()
+            .toLowerCase();
+        if (ack === "yes" || ack === "y") {
+            return;
+        }
+        if (ack === "no" || ack === "n") {
+            console.error("You must save your recovery phrase before continuing. You cannot recover this wallet without it.");
+            continue;
+        }
+        console.error('Answer "yes" or "no".');
+    }
+}
+export async function promptWalletOverwriteConfirm(prompter, serverAddress, newAddress) {
+    console.error(`
+WARNING: Token Service wallet on file: ${serverAddress}
+Your choice would use a different wallet: ${newAddress}
+Continuing will replace the server-linked wallet when you finish setup.
+`);
+    const answer = (await prompter.question('Type "yes" to continue', "no"))
+        .trim()
+        .toLowerCase();
+    return answer === "yes" || answer === "y";
+}
+export async function promptWalletChoice(prompter, options) {
+    const serverLinkedAddress = options?.serverLinkedAddress?.trim() || null;
+    if (serverLinkedAddress) {
+        console.error(`
+This account already has a Data Wallet on Token Service: ${serverLinkedAddress}
+Restore it with your recovery phrase or private key, or create a new wallet (requires confirmation).
+`);
+    }
+    console.error(`
+Data Wallet — choose one (same options as NeoZip Desktop):
+  1) Create new wallet (generated locally; secrets stay on this device)
+  2) Import recovery phrase (12 or 24 words)
+  3) Import private key (hex, with or without 0x prefix)
+`);
+    const defaultChoice = serverLinkedAddress ? "2" : "1";
+    const choice = await promptWithDefault(prompter, "Choice", defaultChoice);
+    switch (choice) {
+        case "1":
+        case "create":
+        case "new": {
+            const evm = generateEvmIdentity();
+            if (!evm.mnemonic) {
+                throw new Error("Failed to generate recovery phrase for new Data Wallet");
+            }
+            if (serverLinkedAddress &&
+                evm.address.toLowerCase() !== serverLinkedAddress.toLowerCase()) {
+                const ok = await promptWalletOverwriteConfirm(prompter, serverLinkedAddress, evm.address);
+                if (!ok)
+                    throw new Error("Wallet creation cancelled.");
+            }
+            await promptRecoveryPhraseBackup(prompter, {
+                mnemonic: evm.mnemonic,
+                address: evm.address,
+            });
+            console.error(`New Data Wallet: ${evm.address}`);
+            return evm;
+        }
+        case "2":
+        case "mnemonic":
+        case "phrase": {
+            const mnemonic = await promptWithDefault(prompter, "Recovery phrase (space-separated words)");
+            if (!mnemonic)
+                throw new Error("Recovery phrase is required");
+            const evm = evmIdentityFromMnemonic(mnemonic);
+            if (serverLinkedAddress &&
+                evm.address.toLowerCase() !== serverLinkedAddress.toLowerCase()) {
+                const ok = await promptWalletOverwriteConfirm(prompter, serverLinkedAddress, evm.address);
+                if (!ok)
+                    throw new Error("Wallet import cancelled.");
+            }
+            console.error(`Imported wallet: ${evm.address}`);
+            return evm;
+        }
+        case "3":
+        case "key":
+        case "private": {
+            const privateKey = await promptWithDefault(prompter, "EVM private key (hex)");
+            if (!privateKey)
+                throw new Error("Private key is required");
+            const evm = evmIdentityFromPrivateKey(privateKey);
+            if (serverLinkedAddress &&
+                evm.address.toLowerCase() !== serverLinkedAddress.toLowerCase()) {
+                const ok = await promptWalletOverwriteConfirm(prompter, serverLinkedAddress, evm.address);
+                if (!ok)
+                    throw new Error("Wallet import cancelled.");
+            }
+            console.error(`Imported wallet: ${evm.address}`);
+            return evm;
+        }
+        default:
+            throw new Error(`Invalid choice: ${choice}. Enter 1, 2, or 3.`);
+    }
+}
+async function runWalletStep(prompter) {
+    if (computeConnectionPhase() !== "no_wallet")
+        return;
+    const conn = getActiveConnection();
+    if (!conn)
+        throw new Error("No active connection");
+    let serverLinkedAddress = null;
+    const secrets = readActiveConnectionSecrets();
+    if (secrets?.accessToken) {
+        console.error("Checking Token Service for an existing linked wallet…");
+        serverLinkedAddress = await fetchServerLinkedWalletAddress(conn.tokenServiceOrigin, secrets.accessToken);
+    }
+    const evm = await promptWalletChoice(prompter, { serverLinkedAddress });
+    saveEvmWallet(conn.id, evm.privateKey, evm.address);
+    console.error("Data Wallet saved to encrypted connection file.");
+}
+export async function promptBrokenStoreReset(prompter, message) {
+    console.error(`\n${message}\n`);
+    console.error(`  1) Reset all connection data and start fresh (recommended)
+  2) Exit without changes
+  3) Show account summary
+  4) Show connection JSON (no secrets)
+`);
+    while (true) {
+        const choice = await promptWithDefault(prompter, "Choice", "1");
+        switch (choice) {
+            case "1":
+            case "reset":
+                return "reset";
+            case "2":
+            case "exit":
+            case "quit":
+                return "exit";
+            case "3":
+            case "summary":
+            case "accounts":
+                return "summary";
+            case "4":
+            case "dump":
+            case "json":
+                return "dump";
+            default:
+                console.error("Invalid choice. Enter 1, 2, 3, or 4.");
+        }
+    }
+}
+function rollbackFailedNewConnection(previousActiveId) {
+    const currentId = getActiveConnectionId();
+    if (currentId &&
+        currentId !== previousActiveId &&
+        computeConnectionPhaseForId(currentId) === "email_unverified") {
+        const removed = deleteConnection(currentId);
+        console.error(`Removed incomplete account "${removed.label}".`);
+    }
+    if (previousActiveId && readConnectionPublic(previousActiveId)) {
+        const restored = selectConnection(previousActiveId);
+        console.error(`Restored active account: ${formatConnectionSummary(restored, restored.id)}`);
+        return;
+    }
+    const promoted = promoteReadyActiveConnection();
+    if (promoted.connectionId && promoted.label) {
+        console.error(`Restored active account: ${promoted.label}`);
+    }
+}
+export async function promptIncompleteAccountAction(prompter, active) {
+    const email = active.email ?? "no email yet";
+    console.error(`
+Incomplete account setup (${active.label} — ${email} — ${active.tokenServiceOrigin}).
+  1) Continue setup
+  2) Delete this incomplete account
+  3) Switch to a ready account
+  4) Show account summary
+  5) Show connection JSON (no secrets)
+`);
+    while (true) {
+        const choice = await promptWithDefault(prompter, "Choice", "3");
+        switch (choice) {
+            case "1":
+            case "continue":
+                return "continue_setup";
+            case "2":
+            case "delete":
+                return "delete";
+            case "3":
+            case "switch":
+            case "ready":
+                return "switch_ready";
+            case "4":
+            case "summary":
+            case "accounts":
+                return "summary";
+            case "5":
+            case "dump":
+            case "json":
+                return "dump";
+            default:
+                console.error("Invalid choice. Enter 1, 2, 3, 4, or 5.");
+        }
+    }
+}
+function formatConnectionSummary(meta, activeId) {
+    const active = activeId === meta.id ? " (active)" : "";
+    const email = meta.email ?? "no email";
+    return `${meta.label} — ${email} — ${meta.tokenServiceOrigin}${active}`;
+}
+export async function promptReadyAccountAction(prompter, active) {
+    const all = listConnections();
+    const switchLine = all.length > 1 ? `\n  5) Switch active account (${all.length} saved)` : "";
+    const summaryChoice = all.length > 1 ? "6" : "5";
+    const dumpChoice = all.length > 1 ? "7" : "6";
+    console.error(`
+Account is ready. What would you like to do?
+  1) Done — use current account (default)
+  2) Add another account on ${active.tokenServiceOrigin}
+  3) Add another account on a different Token Service
+  4) Delete an account${switchLine}
+  ${summaryChoice}) Show account summary
+  ${dumpChoice}) Show connection JSON (no secrets)
+`);
+    while (true) {
+        const choice = await promptWithDefault(prompter, "Choice", "1");
+        switch (choice) {
+            case "1":
+            case "done":
+                return "done";
+            case "2":
+            case "add":
+            case "same":
+                return "add_same";
+            case "3":
+            case "other":
+                return "add_other";
+            case "4":
+            case "delete":
+                return "delete";
+            case "5":
+                if (all.length > 1)
+                    return "switch";
+                return "summary";
+            case "6":
+                if (all.length > 1)
+                    return "summary";
+                return "dump";
+            case "7":
+            case "dump":
+            case "json":
+            case "show":
+                if (all.length > 1)
+                    return "dump";
+                break;
+            case "summary":
+            case "accounts":
+                return "summary";
+            default:
+                break;
+        }
+        const valid = all.length > 1 ? "1, 2, 3, 4, 5, 6, or 7" : "1, 2, 3, 4, 5, or 6";
+        console.error(`Invalid choice. Enter ${valid}.`);
+    }
+}
+export async function promptSwitchConnection(prompter) {
+    const connections = listConnections();
+    if (connections.length <= 1) {
+        console.error("Only one account is saved.");
+        return;
+    }
+    console.error("\nSaved accounts:");
+    connections.forEach((conn, index) => {
+        console.error(`  ${index + 1}) ${formatConnectionSummary(conn, getActiveConnectionId())}`);
+    });
+    const pick = await promptWithDefault(prompter, `Switch active account (1-${connections.length})`, "1");
+    const idx = parseInt(pick, 10);
+    if (idx < 1 || idx > connections.length) {
+        throw new Error(`Invalid selection: ${pick}`);
+    }
+    const selected = selectConnection(connections[idx - 1].id);
+    console.error(`Active account: ${formatConnectionSummary(selected, selected.id)}`);
+}
+export async function promptDeleteConnection(prompter) {
+    const connections = listConnections();
+    if (connections.length === 0) {
+        console.error("No accounts to delete.");
+        return;
+    }
+    console.error("\nSaved accounts:");
+    connections.forEach((conn, index) => {
+        console.error(`  ${index + 1}) ${formatConnectionSummary(conn, getActiveConnectionId())}`);
+    });
+    const pick = await promptWithDefault(prompter, `Delete which account (1-${connections.length}, or cancel)`, "cancel");
+    if (pick === "cancel" || pick === "") {
+        console.error("Delete cancelled.");
+        return;
+    }
+    const idx = parseInt(pick, 10);
+    if (idx < 1 || idx > connections.length) {
+        throw new Error(`Invalid selection: ${pick}`);
+    }
+    const target = connections[idx - 1];
+    const confirm = (await promptWithDefault(prompter, `Delete "${target.label}" (${target.email ?? target.id})? Type yes to confirm`, "no"))
+        .trim()
+        .toLowerCase();
+    if (confirm !== "yes") {
+        console.error("Delete cancelled.");
+        return;
+    }
+    const deleted = deleteConnection(target.id);
+    console.error(`Deleted account "${deleted.label}".`);
+    if (deleted.newActiveConnectionId) {
+        const next = readConnectionPublic(deleted.newActiveConnectionId);
+        if (next) {
+            console.error(`Active account is now: ${formatConnectionSummary(next, next.id)}`);
+        }
+    }
+    else {
+        console.error("No accounts remain.");
+    }
+}
+async function runNewConnectionSetup(prompter, options) {
+    await ensureConnectionShell(prompter, options);
+    await runEmailStep(prompter);
+    await runPhoneStep(prompter);
+    await runWalletStep(prompter);
+    return runFinishStep(options?.tokenServiceUrl ?? getActiveConnection()?.tokenServiceOrigin);
+}
+async function runAddConnectionOnService(prompter, tokenServiceUrl) {
+    const label = connectionLabelForOrigin(tokenServiceUrl);
+    createConnection({ label, tokenServiceUrl });
+    console.error(`New account on ${tokenServiceUrl}`);
+    await runEmailStep(prompter);
+    await runPhoneStep(prompter);
+    await runWalletStep(prompter);
+    return runFinishStep(tokenServiceUrl);
+}
+async function logFinishMeta() {
+    const meta = getActiveConnection();
+    if (meta?.walletId != null && meta.linkId != null) {
+        console.error(`Wallet linked (walletId=${meta.walletId})`);
+    }
+    if (meta?.identityKeyId != null) {
+        console.error(`Identity ready (identityKeyId=${meta.identityKeyId})`);
+    }
+}
+function readyResult(origin, message) {
+    return {
+        success: true,
+        phase: "ready",
+        connectionId: getActiveConnection()?.id ?? null,
+        tokenServiceOrigin: getActiveConnection()?.tokenServiceOrigin ?? origin,
+        message,
+    };
+}
+async function runFinishStep(tokenServiceUrl) {
+    const phase = computeConnectionPhase();
+    if (phase === "ready") {
+        return connectFinish({ tokenServiceUrl });
+    }
+    if (phase === "wallet_unlinked") {
+        console.error("Linking wallet on Token Service (signed challenges)…");
+    }
+    if (phase === "identity_missing") {
+        console.error("Provisioning X25519 identity key (wallet-encrypted)…");
+    }
+    return connectFinish({ tokenServiceUrl });
+}
+/** Interactive wizard — desktop-equivalent onboarding (email → wallet → link → identity). */
+export async function runInteractiveConnect(options) {
+    if (hasLegacyMcpProfiles()) {
+        const migrated = migrateFromMcpProfileStore();
+        if (migrated.migrated > 0) {
+            console.error(`Migrated ${migrated.migrated} legacy profile(s) to ${migrated.connectionDir}.`);
+        }
+    }
+    const origin = resolveTokenServiceOrigin(options?.tokenServiceUrl);
+    const ownsRl = !options?.prompter;
+    const rl = ownsRl ? readline.createInterface({ input, output }) : null;
+    const prompter = options?.prompter ?? defaultPrompter(rl);
+    try {
+        const autoRecover = tryAutoRecoverConnectionStore();
+        if (autoRecover.recovered && autoRecover.message) {
+            console.error(autoRecover.message);
+        }
+        let unrecoverable = diagnoseUnrecoverableStore();
+        while (unrecoverable) {
+            const action = await promptBrokenStoreReset(prompter, formatUnrecoverableStoreMessage(unrecoverable));
+            if (action === "exit") {
+                return {
+                    success: false,
+                    phase: computeConnectionPhase(),
+                    connectionId: getActiveConnectionId(),
+                    tokenServiceOrigin: origin,
+                    message: "Exited without resetting connection data.",
+                };
+            }
+            if (action === "dump") {
+                console.log(formatConnectionDump(buildConnectionDump()));
+                unrecoverable = diagnoseUnrecoverableStore();
+                continue;
+            }
+            if (action === "summary") {
+                console.error(`\n${formatConnectionsSummaryText()}\n`);
+                unrecoverable = diagnoseUnrecoverableStore();
+                continue;
+            }
+            const reset = resetConnectionStore();
+            console.error(reset.removedConnection
+                ? "Connection store reset. Starting fresh setup.\n"
+                : "Nothing to reset.\n");
+            break;
+        }
+        while (true) {
+            const phase = computeConnectionPhase();
+            if (phase === "ready") {
+                const active = getActiveConnection();
+                if (!active) {
+                    throw new Error("Connection phase is ready but no active connection was found.");
+                }
+                const report = await buildAccountStatusReport({ probeTokenService: true });
+                console.error(formatAccountStatusText(report));
+                const action = await promptReadyAccountAction(prompter, active);
+                if (action === "done") {
+                    console.error("\nReload MCP in Cursor Settings if you changed the active account.");
+                    return readyResult(origin, "Connection ready.");
+                }
+                if (action === "add_same") {
+                    const previousActiveId = active.id;
+                    try {
+                        const finish = await runAddConnectionOnService(prompter, active.tokenServiceOrigin);
+                        if (!finish.success) {
+                            rollbackFailedNewConnection(previousActiveId);
+                            console.error(finish.message ?? "Setup failed.");
+                            continue;
+                        }
+                        await logFinishMeta();
+                    }
+                    catch (err) {
+                        rollbackFailedNewConnection(previousActiveId);
+                        console.error(err instanceof Error ? err.message : String(err));
+                        console.error("Setup paused. Start the Token Service and try again, or delete the incomplete account from the menu.");
+                    }
+                    continue;
+                }
+                if (action === "add_other") {
+                    const previousActiveId = active.id;
+                    try {
+                        const tokenServiceUrl = await promptTokenServiceUrl(prompter, options);
+                        const finish = await runAddConnectionOnService(prompter, tokenServiceUrl);
+                        if (!finish.success) {
+                            rollbackFailedNewConnection(previousActiveId);
+                            console.error(finish.message ?? "Setup failed.");
+                            continue;
+                        }
+                        await logFinishMeta();
+                    }
+                    catch (err) {
+                        rollbackFailedNewConnection(previousActiveId);
+                        console.error(err instanceof Error ? err.message : String(err));
+                        console.error("Setup paused. Start the Token Service and try again, or delete the incomplete account from the menu.");
+                    }
+                    continue;
+                }
+                if (action === "delete") {
+                    await promptDeleteConnection(prompter);
+                    continue;
+                }
+                if (action === "switch") {
+                    await promptSwitchConnection(prompter);
+                    continue;
+                }
+                if (action === "summary") {
+                    console.error(`\n${formatConnectionsSummaryText()}\n`);
+                    continue;
+                }
+                if (action === "dump") {
+                    console.log(formatConnectionDump(buildConnectionDump()));
+                    continue;
+                }
+            }
+            if (listReadyConnectionIds().length > 0) {
+                const incomplete = getActiveConnection();
+                if (!incomplete) {
+                    promoteReadyActiveConnection();
+                    continue;
+                }
+                const incompleteAction = await promptIncompleteAccountAction(prompter, incomplete);
+                if (incompleteAction === "continue_setup") {
+                    try {
+                        await runEmailStep(prompter);
+                        await runPhoneStep(prompter);
+                        await runWalletStep(prompter);
+                        const finish = await runFinishStep(incomplete.tokenServiceOrigin);
+                        if (!finish.success) {
+                            console.error(finish.message ?? "Setup failed.");
+                        }
+                        else {
+                            await logFinishMeta();
+                        }
+                    }
+                    catch (err) {
+                        console.error(err instanceof Error ? err.message : String(err));
+                    }
+                    continue;
+                }
+                if (incompleteAction === "delete") {
+                    await promptDeleteConnection(prompter);
+                    promoteReadyActiveConnection();
+                    continue;
+                }
+                if (incompleteAction === "switch_ready") {
+                    const promoted = promoteReadyActiveConnection();
+                    if (promoted.label) {
+                        console.error(`Active account: ${promoted.label}`);
+                    }
+                    continue;
+                }
+                if (incompleteAction === "summary") {
+                    console.error(`\n${formatConnectionsSummaryText()}\n`);
+                    continue;
+                }
+                if (incompleteAction === "dump") {
+                    console.log(formatConnectionDump(buildConnectionDump()));
+                    continue;
+                }
+            }
+            console.error("NeoZip Connect — interactive setup");
+            console.error("Complete this once in a terminal before starting the MCP server.\n");
+            try {
+                const finish = await runNewConnectionSetup(prompter, options);
+                if (!finish.success) {
+                    return finish;
+                }
+                await logFinishMeta();
+            }
+            catch (err) {
+                console.error(err instanceof Error ? err.message : String(err));
+                if (listReadyConnectionIds().length > 0) {
+                    promoteReadyActiveConnection();
+                    continue;
+                }
+                throw err;
+            }
+        }
+    }
+    finally {
+        rl?.close();
+    }
+}
+//# sourceMappingURL=interactive.js.map