openfused 0.3.4 → 0.3.6

package/README.md

@@ -10,25 +10,32 @@ No vendor lock-in. No proprietary protocol. Just a directory convention that any
 
 ## Install
 
+Review the source at [github.com/wearethecompute/openfused](https://github.com/wearethecompute/openfused) before installing.
+
 ```bash
-# TypeScript (npm)
+# TypeScript (npm) — package: openfused
 npm install -g openfused
 
-# Rust (from source)
-cd rust && cargo install --path .
+# Rust (crates.io) — package: openfuse
+cargo install openfuse
 
 # Docker (daemon)
 docker compose up
 ```
 
+**Security:** Only public keys (signing + age recipient) are ever transmitted to peers or the registry. Private keys never leave `.keys/`. All key files are created with `chmod 600`.
+
 ## Quick Start
 
 ```bash
+# Agent context store
 openfuse init --name "my-agent"
-```
 
-This creates a context store:
+# Shared workspace (multi-agent collaboration)
+openfuse init --name "project-alpha" --workspace
+```
 
+### Agent store:
 ```
 CONTEXT.md     — working memory (what's happening now)
 PROFILE.md     — public address card (name, endpoint, keys)
@@ -36,19 +43,34 @@ inbox/         — messages from other agents (encrypted)
 outbox/        — sent message copies (moved to .sent/ after delivery)
 shared/        — files shared with the mesh (plaintext)
 knowledge/     — persistent knowledge base
-history/       — conversation & decision logs
+history/       — archived [DONE] context (via openfuse compact)
 .keys/         — ed25519 signing + age encryption keypairs
 .mesh.json     — mesh config, peers, keyring
 .peers/        — synced peer context (auto-populated)
 ```
 
+### Shared workspace:
+```
+CHARTER.md     — workspace purpose, rules, member list
+CONTEXT.md     — shared working memory (all agents read/write)
+tasks/         — task coordination
+messages/      — agent-to-agent DMs (messages/{recipient}/)
+_broadcast/    — all-hands announcements
+shared/        — shared files
+history/       — archived [DONE] context
+```
+
 ## Usage
 
 ```bash
-# Read/update context
+# Read/update context (auto-timestamps appended entries)
 openfuse context
 openfuse context --append "## Update\nFinished the research phase."
 
+# Mark work as done, then compact to history/
+# (edit CONTEXT.md, add [DONE] to the header, then:)
+openfuse compact
+
 # Send a message (auto-encrypted if peer's age key is on file)
 openfuse inbox send agent-bob "Check out shared/findings.md"
 
@@ -124,7 +146,7 @@ The `age` format is interoperable — Rust CLI and TypeScript SDK use the same k
 
 ## Registry — DNS for Agents
 
-Public registry at `openfuse-registry.wzmcghee.workers.dev`. Any agent can register, discover others, and send messages.
+Public registry at `registry.openfused.dev`. Any agent can register, discover others, and send messages.
 
 ```bash
 # Register your agent
@@ -146,7 +168,7 @@ openfuse send wearethecompute "hello from the mesh"
 
 ## Sync
 
-Pull peer context and push outbox messages. Two transports:
+Pull peer context, pull their outbox for your mail, push your outbox. Two transports:
 
 ```bash
 # LAN — rsync over SSH (uses your ~/.ssh/config for host aliases)
@@ -155,12 +177,34 @@ openfuse peer add ssh://alice.local:/home/agent/context --name wisp
 # WAN — HTTP against the OpenFused daemon
 openfuse peer add http://agent.example.com:9781 --name wisp
 
-# Sync
+# Sync all peers
 openfuse sync
+
+# Watch mode — sync every 60s + local file watcher
+openfuse watch
+
+# Watch + reverse SSH tunnel (NAT traversal)
+openfuse watch --tunnel alice.local
 ```
 
-Sync pulls: `CONTEXT.md`, `shared/`, `knowledge/` into `.peers/<name>/`.
-Sync pushes: outbox messages to the peer's inbox. Delivered messages move to `outbox/.sent/`.
+Sync does three things:
+1. **Pulls** peer's CONTEXT.md, PROFILE.md, shared/, knowledge/ into `.peers/<name>/`
+2. **Pulls** peer's outbox for messages addressed to you (`*_to-{your-name}.json`)
+3. **Pushes** your outbox to peer's inbox, archives delivered messages to `outbox/.sent/`
+
+### Message envelope format
+
+Filenames encode routing metadata so agents know what's for them:
+
+```
+{timestamp}_from-{sender}_to-{recipient}.json
+```
+
+Examples:
+- `2026-03-21T07-59-44Z_from-claude-code_to-wisp.json` — DM, encrypted for wisp
+- `2026-03-21T08-00-00Z_from-wisp_to-all.json` — broadcast, signed but not encrypted
+
+Agents only process files matching `_to-{their-name}` or `_to-all`.
 
 SSH transport uses hostnames from `~/.ssh/config` — not raw IPs.
 
@@ -179,7 +223,7 @@ Any MCP client (Claude Desktop, Claude Code, Cursor) can use OpenFused as a tool
 }
 ```
 
-13 tools: `context_read/write/append`, `soul_read/write`, `inbox_list/send`, `shared_list/read/write`, `status`, `peer_list/add`.
+13 tools: `context_read/write/append`, `profile_read/write`, `inbox_list/send`, `shared_list/read/write`, `status`, `peer_list/add`.
 
 ## Docker
 
@@ -191,12 +235,29 @@ docker compose up
 TUNNEL_TOKEN=your-token docker compose --profile tunnel up
 ```
 
-The daemon serves your context store over HTTP and accepts inbox messages via POST.
+The daemon has two modes:
+
+```bash
+# Full mode — serves everything to trusted LAN peers
+openfused serve --store ./my-context --port 9781
+
+# Public mode — only PROFILE.md + inbox (for WAN/tunnels)
+openfused serve --store ./my-context --port 9781 --public
+```
+
+## File Watching
+
+`openfuse watch` combines three things:
+
+1. **Local inbox watcher** — chokidar (inotify on Linux) for instant notification when messages arrive
+2. **CONTEXT.md watcher** — detects local changes
+3. **Periodic peer sync** — pulls from all peers every 60s (configurable)
 
 ```bash
-# Or build manually
-cd daemon && cargo build --release
-./target/release/openfused serve --store ./my-context --port 9781
+openfuse watch -d ./store                      # sync every 60s
+openfuse watch -d ./store --sync-interval 30   # sync every 30s
+openfuse watch -d ./store --sync-interval 0    # local watch only
+openfuse watch -d ./store --tunnel alice.local  # + reverse SSH tunnel
 ```
 
 ## Reachability

package/dist/cli.js

@@ -3,12 +3,12 @@ import { Command } from "commander";
 import { nanoid } from "nanoid";
 import { ContextStore } from "./store.js";
 import { watchInbox, watchContext, watchSync } from "./watch.js";
-import { syncAll, syncOne } from "./sync.js";
+import { syncAll, syncOne, deliverOne } from "./sync.js";
 import * as registry from "./registry.js";
 import { fingerprint } from "./crypto.js";
 import { resolve } from "node:path";
 import { readFile } from "node:fs/promises";
-const VERSION = "0.3.4";
+const VERSION = "0.3.6";
 const program = new Command();
 program
     .name("openfuse")
@@ -17,9 +17,10 @@ program
 // --- init ---
 program
     .command("init")
-    .description("Initialize a new context store")
+    .description("Initialize a new context store or shared workspace")
     .option("-n, --name <name>", "Agent name", "agent")
     .option("-d, --dir <path>", "Directory to init", ".")
+    .option("--workspace", "Initialize as a shared workspace (CHARTER.md + tasks/ + messages/ + _broadcast/)")
     .action(async (opts) => {
     const store = new ContextStore(resolve(opts.dir));
     if (await store.exists()) {
@@ -27,14 +28,27 @@ program
         process.exit(1);
     }
     const id = nanoid(12);
-    await store.init(opts.name, id);
-    const config = await store.readConfig();
-    console.log(`Initialized context store: ${store.root}`);
-    console.log(`  Agent ID: ${id}`);
-    console.log(`  Name: ${opts.name}`);
-    console.log(`  Signing key: ${config.publicKey}`);
-    console.log(`  Encryption key: ${config.encryptionKey}`);
-    console.log(`  Fingerprint: ${fingerprint(config.publicKey)}`);
+    if (opts.workspace) {
+        await store.initWorkspace(opts.name, id);
+        console.log(`Initialized shared workspace: ${store.root}`);
+        console.log(`  Workspace: ${opts.name} (${id})`);
+        console.log(`\nStructure:`);
+        console.log(`  CHARTER.md   — workspace rules and purpose`);
+        console.log(`  CONTEXT.md   — shared working memory`);
+        console.log(`  tasks/       — task coordination`);
+        console.log(`  messages/    — agent-to-agent DMs`);
+        console.log(`  _broadcast/  — all-hands messages`);
+    }
+    else {
+        await store.init(opts.name, id);
+        const config = await store.readConfig();
+        console.log(`Initialized context store: ${store.root}`);
+        console.log(`  Agent ID: ${id}`);
+        console.log(`  Name: ${opts.name}`);
+        console.log(`  Signing key: ${config.publicKey}`);
+        console.log(`  Encryption key: ${config.encryptionKey}`);
+        console.log(`  Fingerprint: ${fingerprint(config.publicKey)}`);
+    }
 });
 // --- status ---
 program
@@ -73,7 +87,8 @@ program
     else if (opts.append) {
         const existing = await store.readContext();
         const text = opts.append.replace(/\\n/g, "\n");
-        await store.writeContext(existing + "\n" + text);
+        const timestamp = `<!-- openfuse:added: ${new Date().toISOString()} -->`;
+        await store.writeContext(existing + "\n" + timestamp + "\n" + text);
         console.log("Context appended.");
     }
     else {
@@ -117,14 +132,55 @@ inbox
         console.log(opts.raw ? msg.content : msg.wrappedContent);
     }
 });
+inbox
+    .command("archive [file]")
+    .description("Archive inbox message(s) to inbox/.read/ — specific file or --all")
+    .option("-d, --dir <path>", "Context store directory", ".")
+    .option("--all", "Archive all inbox messages")
+    .action(async (file, opts) => {
+    const store = new ContextStore(resolve(opts.dir));
+    const { readdir: rd, mkdir, rename } = await import("node:fs/promises");
+    const { join, basename } = await import("node:path");
+    const inboxDir = join(store.root, "inbox");
+    const readDir = join(inboxDir, ".read");
+    await mkdir(readDir, { recursive: true });
+    if (opts.all) {
+        const files = (await rd(inboxDir)).filter(f => f.endsWith(".json") || f.endsWith(".md"));
+        for (const f of files)
+            await rename(join(inboxDir, f), join(readDir, f));
+        console.log(`Archived ${files.length} messages.`);
+    }
+    else if (file) {
+        const safe = basename(file);
+        try {
+            await rename(join(inboxDir, safe), join(readDir, safe));
+            console.log(`Archived: ${safe}`);
+        }
+        catch {
+            console.error(`Not found in inbox: ${safe}`);
+            process.exit(1);
+        }
+    }
+    else {
+        console.error("Specify a filename or use --all");
+        process.exit(1);
+    }
+});
 inbox
     .command("send <peerId> <message>")
     .description("Send a message to a peer's inbox")
     .option("-d, --dir <path>", "Context store directory", ".")
     .action(async (peerId, message, opts) => {
     const store = new ContextStore(resolve(opts.dir));
-    await store.sendInbox(peerId, message);
-    console.log(`Message sent to ${peerId}'s outbox.`);
+    const filename = await store.sendInbox(peerId, message);
+    // Try immediate delivery — if peer is reachable, deliver now
+    const delivered = await deliverOne(store, peerId, filename);
+    if (delivered) {
+        console.log(`Delivered to ${peerId}.`);
+    }
+    else {
+        console.log(`Queued for ${peerId}. Will deliver on next sync.`);
+    }
 });
 // --- watch ---
 program
@@ -132,8 +188,9 @@ program
     .description("Watch for inbox messages, context changes, and sync with peers")
     .option("-d, --dir <path>", "Context store directory", ".")
     .option("--sync-interval <seconds>", "Peer sync interval in seconds (0 to disable)", "60")
-    .option("--tunnel <host>", "Open reverse SSH tunnel to host (makes your store reachable from behind NAT)")
-    .option("--tunnel-port <port>", "Remote port for reverse tunnel", "2222")
+    .option("--tunnel <host>", "Reverse SSH tunnel to host for NAT traversal (uses autossh if available)")
+    .option("--tunnel-port <port>", "Remote port for reverse SSH tunnel", "2222")
+    .option("--cloudflared", "Start a cloudflared quick tunnel (no config needed, gives you a public URL)")
     .action(async (opts) => {
     const store = new ContextStore(resolve(opts.dir));
     if (!(await store.exists())) {
@@ -175,6 +232,24 @@ program
         console.log(`Tunnel: ${cmd} -R ${tunnelPort}:localhost:9781 ${tunnelHost}`);
         console.log(`Your store is reachable at ssh://${tunnelHost}:${tunnelPort} (via daemon on :9781)`);
     }
+    // Cloudflared quick tunnel (optional) — gives you a public *.trycloudflare.com URL
+    if (opts.cloudflared) {
+        const { spawn } = await import("node:child_process");
+        const cf = spawn("cloudflared", ["tunnel", "--url", "http://localhost:9781"], {
+            stdio: ["ignore", "pipe", "pipe"],
+        });
+        cf.on("error", (e) => console.error(`[cloudflared] failed: ${e.message}. Install: https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/downloads/`));
+        cf.stderr.on("data", (data) => {
+            const line = data.toString();
+            const match = line.match(/https:\/\/[^\s]+\.trycloudflare\.com/);
+            if (match) {
+                console.log(`[cloudflared] Your public URL: ${match[0]}`);
+                console.log(`  Register it: openfuse register --endpoint ${match[0]}`);
+            }
+        });
+        process.on("exit", () => cf.kill());
+        console.log("Starting cloudflared tunnel...");
+    }
     console.log(`Press Ctrl+C to stop.\n`);
     watchInbox(store.root, (from, message) => {
         console.log(`\n[inbox] New message from ${from}:`);
@@ -198,6 +273,21 @@ program
     }
     await new Promise(() => { });
 });
+// --- compact ---
+program
+    .command("compact")
+    .description("Move [DONE] sections from CONTEXT.md to history/")
+    .option("-d, --dir <path>", "Context store directory", ".")
+    .action(async (opts) => {
+    const store = new ContextStore(resolve(opts.dir));
+    const { moved, kept } = await store.compactContext();
+    if (moved === 0) {
+        console.log("Nothing to compact. Mark sections with [DONE] to archive them.");
+    }
+    else {
+        console.log(`Compacted: ${moved} done, ${kept} kept.`);
+    }
+});
 // --- share ---
 program
     .command("share <file>")

package/dist/mcp.js

@@ -23,7 +23,7 @@ const storeDir = process.env.OPENFUSE_DIR || process.argv[3] || ".";
 const store = new ContextStore(resolve(storeDir));
 const server = new McpServer({
     name: "openfuse",
-    version: "0.3.4",
+    version: "0.3.6",
 });
 // --- Context ---
 server.tool("context_read", "Read the agent's CONTEXT.md (working memory)", async () => {

package/dist/registry.d.ts

@@ -1,5 +1,5 @@
 import { ContextStore } from "./store.js";
-export declare const DEFAULT_REGISTRY = "https://openfuse-registry.wzmcghee.workers.dev";
+export declare const DEFAULT_REGISTRY = "https://registry.openfused.dev";
 export interface Manifest {
     name: string;
     endpoint: string;

package/dist/registry.js

@@ -7,7 +7,7 @@
 // This is TOFU (Trust On First Use) done right: the registry distributes keys,
 // but never asserts trust. Trust is a local decision.
 import { signMessage, fingerprint } from "./crypto.js";
-export const DEFAULT_REGISTRY = "https://openfuse-registry.wzmcghee.workers.dev";
+export const DEFAULT_REGISTRY = "https://registry.openfused.dev";
 export function resolveRegistry(flag) {
     return flag || process.env.OPENFUSE_REGISTRY || DEFAULT_REGISTRY;
 }
@@ -41,7 +41,22 @@ export async function register(store, endpoint, registry) {
     }
     return manifest;
 }
+// Discovery: try DNS TXT first (decentralized, no registry needed), fall back to Worker API.
+// DNS format: v=of1 e={endpoint} pk={pubkey} ek={agekey} fp={fingerprint}
+// Self-hosted: _openfuse.{name}.{their-domain} — user manages their own TXT records.
+// Our zone: _openfuse.{name}.openfused.dev — managed by the registry Worker on registration.
 export async function discover(name, registry) {
+    // If name contains a dot, it's a domain — try DNS TXT directly
+    // Otherwise try DNS at openfused.dev, then fall back to registry API
+    const dnsNames = name.includes(".")
+        ? [`_openfuse.${name}`]
+        : [`_openfuse.${name}.openfused.dev`];
+    for (const dnsName of dnsNames) {
+        const manifest = await discoverViaDns(dnsName, name);
+        if (manifest)
+            return manifest;
+    }
+    // Fall back to registry API
     const resp = await fetch(`${registry.replace(/\/$/, "")}/discover/${name}`);
     if (!resp.ok) {
         const body = await resp.json().catch(() => ({ error: `HTTP ${resp.status}` }));
@@ -49,6 +64,43 @@ export async function discover(name, registry) {
     }
     return (await resp.json());
 }
+async function discoverViaDns(dnsName, agentName) {
+    try {
+        // Use DNS-over-HTTPS (Cloudflare 1.1.1.1) to resolve TXT records
+        const resp = await fetch(`https://1.1.1.1/dns-query?name=${encodeURIComponent(dnsName)}&type=TXT`, {
+            headers: { "Accept": "application/dns-json" },
+        });
+        if (!resp.ok)
+            return null;
+        const data = await resp.json();
+        if (!data.Answer || data.Answer.length === 0)
+            return null;
+        // Parse v=of1 format from TXT record
+        const txt = data.Answer[0].data.replace(/"/g, "");
+        if (!txt.startsWith("v=of1"))
+            return null;
+        const fields = {};
+        for (const part of txt.split(" ")) {
+            const [k, v] = part.split("=", 2);
+            if (k && v)
+                fields[k] = v;
+        }
+        if (!fields.e || !fields.pk)
+            return null;
+        return {
+            name: agentName,
+            endpoint: fields.e,
+            publicKey: fields.pk,
+            encryptionKey: fields.ek || undefined,
+            fingerprint: fields.fp || "",
+            created: "",
+            capabilities: ["inbox", "shared", "knowledge"],
+        };
+    }
+    catch {
+        return null;
+    }
+}
 // Revocation is permanent and self-authenticated: the agent signs its own revocation
 // with the key being revoked. No admin needed — if you have the private key, you can kill it.
 export async function revoke(store, registry) {

package/dist/store.d.ts

@@ -22,13 +22,18 @@ export declare class ContextStore {
     get configPath(): string;
     exists(): Promise<boolean>;
     init(name: string, id: string): Promise<void>;
+    initWorkspace(name: string, id: string): Promise<void>;
     readConfig(): Promise<MeshConfig>;
     writeConfig(config: MeshConfig): Promise<void>;
     readContext(): Promise<string>;
     writeContext(content: string): Promise<void>;
+    compactContext(): Promise<{
+        moved: number;
+        kept: number;
+    }>;
     readProfile(): Promise<string>;
     writeProfile(content: string): Promise<void>;
-    sendInbox(peerId: string, message: string): Promise<void>;
+    sendInbox(peerId: string, message: string): Promise<string>;
     readInbox(): Promise<Array<{
         file: string;
         content: string;

package/dist/store.js

@@ -11,7 +11,7 @@
 //   .keys/      — Ed25519 + age keypairs (gitignored)
 //   .mesh.json  — config, peer list, keyring
 // No database, no daemon required. `ls` is your status command.
-import { readFile, writeFile, mkdir, readdir } from "node:fs/promises";
+import { readFile, writeFile, mkdir, readdir, appendFile } from "node:fs/promises";
 import { join, resolve } from "node:path";
 import { existsSync } from "node:fs";
 import { generateKeys, signMessage, signAndEncrypt, verifyMessage, decryptMessage, deserializeSignedMessage, serializeSignedMessage, wrapExternalMessage, fingerprint, } from "./crypto.js";
@@ -54,6 +54,32 @@ export class ContextStore {
         };
         await this.writeConfig(config);
     }
+    // Shared workspace: multiple agents mount the same directory.
+    // CHARTER.md = system prompt (purpose, rules). CONTEXT.md = shared working memory.
+    // tasks/ for coordination, messages/{agent}/ for DMs, _broadcast/ for all-hands.
+    async initWorkspace(name, id) {
+        await mkdir(this.root, { recursive: true });
+        for (const dir of ["tasks", "messages", "_broadcast", "shared", "history"]) {
+            await mkdir(join(this.root, dir), { recursive: true });
+        }
+        const templatesDir = new URL("../templates/", import.meta.url).pathname;
+        for (const file of ["CHARTER.md", "CONTEXT.md"]) {
+            const templatePath = join(templatesDir, file);
+            const destPath = join(this.root, file);
+            if (!existsSync(destPath)) {
+                const content = await readFile(templatePath, "utf-8");
+                await writeFile(destPath, content);
+            }
+        }
+        const config = {
+            id,
+            name,
+            created: new Date().toISOString(),
+            peers: [],
+            keyring: [],
+        };
+        await this.writeConfig(config);
+    }
     async readConfig() {
         const raw = await readFile(this.configPath, "utf-8");
         const config = JSON.parse(raw);
@@ -91,6 +117,45 @@ export class ContextStore {
     async writeContext(content) {
         await writeFile(join(this.root, "CONTEXT.md"), content);
     }
+    // --- Context compaction ---
+    // Agents mark sections as [DONE] when work is complete. `openfuse compact`
+    // moves done sections to history/YYYY-MM-DD.md, keeping CONTEXT.md lean.
+    // Sections are delimited by markdown headers (## or ###).
+    async compactContext() {
+        const content = await this.readContext();
+        const lines = content.split("\n");
+        const kept = [];
+        const done = [];
+        let current = [];
+        let currentDone = false;
+        const flush = () => {
+            if (current.length > 0) {
+                (currentDone ? done : kept).push(current.join("\n"));
+                current = [];
+                currentDone = false;
+            }
+        };
+        for (const line of lines) {
+            if (/^#{1,3}\s/.test(line)) {
+                flush();
+                currentDone = /\[DONE\]/i.test(line);
+            }
+            current.push(line);
+        }
+        flush();
+        if (done.length === 0)
+            return { moved: 0, kept: kept.length };
+        // Write kept sections back to CONTEXT.md
+        await this.writeContext(kept.join("\n\n") || "# Context\n\n*Working memory — what's happening right now.*\n");
+        // Append done sections to history/YYYY-MM-DD.md
+        const historyDir = join(this.root, "history");
+        await mkdir(historyDir, { recursive: true });
+        const dateStr = new Date().toISOString().split("T")[0];
+        const historyFile = join(historyDir, `${dateStr}.md`);
+        const header = existsSync(historyFile) ? "\n---\n\n" : `# Context History — ${dateStr}\n\n`;
+        await appendFile(historyFile, header + done.join("\n\n") + "\n");
+        return { moved: done.length, kept: kept.length };
+    }
     async readProfile() {
         return readFile(join(this.root, "PROFILE.md"), "utf-8");
     }
@@ -114,6 +179,7 @@ export class ContextStore {
         const timestamp = new Date().toISOString().replace(/[:.]/g, "-");
         const filename = `${timestamp}_from-${config.name}_to-${peerId}.json`;
         await writeFile(join(this.root, "outbox", filename), serializeSignedMessage(signed));
+        return filename;
     }
     async readInbox() {
         const inboxDir = join(this.root, "inbox");

package/dist/sync.d.ts

@@ -5,5 +5,7 @@ export interface SyncResult {
     pushed: string[];
     errors: string[];
 }
+/** Try to deliver a single outbox message immediately. Returns true if delivered. */
+export declare function deliverOne(store: ContextStore, peerName: string, filename: string): Promise<boolean>;
 export declare function syncAll(store: ContextStore): Promise<SyncResult[]>;
 export declare function syncOne(store: ContextStore, peerName: string): Promise<SyncResult>;

package/dist/sync.js

@@ -39,6 +39,42 @@ function parseUrl(url) {
     }
     throw new Error(`Unknown URL scheme: ${url}. Use http:// or ssh://`);
 }
+/** Try to deliver a single outbox message immediately. Returns true if delivered. */
+export async function deliverOne(store, peerName, filename) {
+    const config = await store.readConfig();
+    const peer = config.peers.find((p) => p.name === peerName || p.id === peerName);
+    if (!peer)
+        return false;
+    const outboxDir = join(store.root, "outbox");
+    const filePath = join(outboxDir, filename);
+    if (!existsSync(filePath))
+        return false;
+    try {
+        const transport = parseUrl(peer.url);
+        if (transport.type === "http") {
+            const body = await readFile(filePath, "utf-8");
+            const r = await fetch(`${transport.baseUrl}/inbox`, {
+                method: "POST",
+                headers: { "Content-Type": "application/json" },
+                body,
+            });
+            if (!r.ok)
+                return false;
+        }
+        else {
+            await execFile("rsync", [
+                "-az", filePath,
+                `${transport.host}:${transport.path}/inbox/${filename}`,
+            ]);
+        }
+        // Delivered — archive to .sent/
+        await archiveSent(outboxDir, filename);
+        return true;
+    }
+    catch {
+        return false; // stays in outbox for next sync
+    }
+}
 export async function syncAll(store) {
     const config = await store.readConfig();
     const results = [];
@@ -120,7 +156,7 @@ async function syncHttp(store, peer, baseUrl, peerDir) {
         for (const fname of await readdir(outboxDir)) {
             if (!fname.endsWith(".json"))
                 continue;
-            if (!fname.includes(`_to-${peer.name}`) && !fname.includes(peer.id))
+            if (!fname.includes(`_to-${peer.name}.json`) && !fname.includes(peer.id))
                 continue;
             try {
                 const body = await readFile(join(outboxDir, fname), "utf-8");
@@ -180,6 +216,7 @@ async function syncSsh(store, peer, host, remotePath, peerDir) {
             "-az", "--ignore-existing",
             "--include", `*_to-${myName}.json`,
             "--include", `*_to-all.json`,
+            "--include", `*_${myName}.json`, // legacy format (pre-envelope)
             "--exclude", "*",
             `${host}:${remotePath}/outbox/`,
             `${inboxDir}/`,
@@ -197,7 +234,7 @@ async function syncSsh(store, peer, host, remotePath, peerDir) {
         for (const fname of await readdir(outboxDir)) {
             if (!fname.endsWith(".json"))
                 continue;
-            if (!fname.includes(`_to-${peer.name}`) && !fname.includes(peer.id))
+            if (!fname.includes(`_to-${peer.name}.json`) && !fname.includes(peer.id))
                 continue;
             try {
                 await execFile("rsync", ["-az", join(outboxDir, fname), `${host}:${remotePath}/inbox/${fname}`]);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "openfused",
-  "version": "0.3.4",
+  "version": "0.3.6",
   "description": "Decentralized context mesh for AI agents. Encrypted sync, signed messaging, MCP server. The protocol is files.",
   "license": "MIT",
   "type": "module",

package/templates/CHARTER.md

@@ -0,0 +1,18 @@
+# Charter
+
+## Purpose
+_What is this workspace for? What are we building?_
+
+## Members
+_Who participates in this workspace?_
+
+## Rules
+- Agents mark completed work with `[DONE]` in CONTEXT.md
+- Messages to all members go in `_broadcast/`
+- Direct messages go in `messages/{recipient}/`
+- Tasks are tracked in `tasks/`
+
+## Conventions
+- Sign all messages
+- Encrypt DMs, broadcast in plaintext
+- Check CONTEXT.md before starting new work