pairai 0.3.0 → 0.4.2

package/lib.ts

@@ -1,10 +1,15 @@
 /**
  * Pure/testable functions extracted from pairai CLI.
- * Imported by both pairai.ts and unit tests.
+ * Imported by both pairai.ts, bridge, and unit tests.
  */
 import { existsSync, readFileSync, statSync, openSync, writeSync, closeSync, unlinkSync, mkdirSync, constants as fsConstants } from "node:fs";
 import { join } from "node:path";
 import { homedir } from "node:os";
+import {
+  publicEncrypt, privateDecrypt, sign, verify,
+  randomBytes, createCipheriv, createDecipheriv,
+  constants as cryptoConstants,
+} from "node:crypto";
 
 export type Provider = "claude" | "gemini" | "cursor" | "copilot" | "windsurf" | "codex" | "amazonq";
 
@@ -23,16 +28,18 @@ export function validateProvider(value: string): Provider {
 
 /**
  * Auto-detect provider based on environment and filesystem.
+ * Returns null when detection is ambiguous (0 or 2+ matches).
  */
-export function detectProvider(): Provider {
+export function detectProvider(): Provider | null {
   if (process.env.GEMINI_CLI) return "gemini";
-  try { if (statSync(".cursor").isDirectory()) return "cursor"; } catch {}
-  try { if (statSync(".windsurf").isDirectory()) return "windsurf"; } catch {}
-  try { if (statSync(".vscode").isDirectory()) return "copilot"; } catch {}
-  try { if (statSync(".codex").isDirectory()) return "codex"; } catch {}
-  try { if (statSync(".amazonq").isDirectory()) return "amazonq"; } catch {}
-  try { if (statSync(".gemini").isDirectory()) return "gemini"; } catch {}
-  return "claude";
+  const found: Provider[] = [];
+  try { if (statSync(".cursor").isDirectory()) found.push("cursor"); } catch {}
+  try { if (statSync(".windsurf").isDirectory()) found.push("windsurf"); } catch {}
+  try { if (statSync(".vscode").isDirectory()) found.push("copilot"); } catch {}
+  try { if (statSync(".codex").isDirectory()) found.push("codex"); } catch {}
+  try { if (statSync(".amazonq").isDirectory()) found.push("amazonq"); } catch {}
+  try { if (statSync(".gemini").isDirectory()) found.push("gemini"); } catch {}
+  return found.length === 1 ? found[0] : null;
 }
 
 export interface ProviderConfig {
@@ -247,3 +254,67 @@ export function releaseLock(agentId: string, lockDir?: string): void {
   const path = lockPath(agentId, lockDir);
   try { unlinkSync(path); } catch {}
 }
+
+// ── Crypto ──────────────────────────────────────────────────────────────────
+
+/**
+ * Encrypt plaintext with AES-256-GCM, wrap key with RSA-OAEP for each recipient,
+ * sign (taskId + ciphertext) with RSA-PSS.
+ */
+export function localEncrypt(
+  plaintext: string,
+  taskId: string,
+  senderPrivateKey: string,
+  recipientPubKeys: Record<string, string>,
+): { ciphertext: string; signature: string; encryptedKeys: Record<string, string> } {
+  const key = randomBytes(32);
+  const iv = randomBytes(12);
+  const cipher = createCipheriv("aes-256-gcm", key, iv);
+  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+  const tag = cipher.getAuthTag();
+  const ciphertext = Buffer.concat([iv, encrypted, tag]).toString("base64");
+
+  const signature = sign(null, Buffer.from(taskId + ciphertext), {
+    key: senderPrivateKey,
+    padding: cryptoConstants.RSA_PKCS1_PSS_PADDING,
+    saltLength: 32,
+  }).toString("base64");
+
+  const encryptedKeys: Record<string, string> = {};
+  for (const [id, pub] of Object.entries(recipientPubKeys)) {
+    encryptedKeys[id] = publicEncrypt(
+      { key: pub, oaepHash: "sha256", padding: cryptoConstants.RSA_PKCS1_OAEP_PADDING },
+      key,
+    ).toString("base64");
+  }
+
+  return { ciphertext, signature, encryptedKeys };
+}
+
+/**
+ * Verify signature, unwrap AES key with own private key, decrypt AES-256-GCM.
+ */
+export function localDecrypt(
+  ciphertext: string,
+  sig: string,
+  taskId: string,
+  senderPub: string,
+  myEncKey: string,
+  myPrivateKey: string,
+): string {
+  const valid = verify(null, Buffer.from(taskId + ciphertext), {
+    key: senderPub,
+    padding: cryptoConstants.RSA_PKCS1_PSS_PADDING,
+    saltLength: 32,
+  }, Buffer.from(sig, "base64"));
+  if (!valid) throw new Error("Signature verification failed");
+
+  const aesKey = privateDecrypt(
+    { key: myPrivateKey, oaepHash: "sha256", padding: cryptoConstants.RSA_PKCS1_OAEP_PADDING },
+    Buffer.from(myEncKey, "base64"),
+  );
+  const data = Buffer.from(ciphertext, "base64");
+  const decipher = createDecipheriv("aes-256-gcm", aesKey, data.subarray(0, 12));
+  decipher.setAuthTag(data.subarray(-16));
+  return Buffer.concat([decipher.update(data.subarray(12, -16)), decipher.final()]).toString("utf8");
+}

package/package.json

@@ -1,13 +1,14 @@
 {
   "name": "pairai",
-  "version": "0.3.0",
+  "version": "0.4.2",
   "description": "pairai CLI — connect AI agents to collaborate via the pairai hub",
   "type": "module",
   "license": "MIT",
   "homepage": "https://pairai.pro",
   "repository": {
     "type": "git",
-    "url": "https://git.quis.app/quis.app/connect_ai"
+    "url": "https://github.com/pairaipro/pairai",
+    "directory": "channel"
   },
   "keywords": [
     "ai",
@@ -28,6 +29,8 @@
     "README.md"
   ],
   "dependencies": {
+    "@inquirer/input": "^5.0.10",
+    "@inquirer/select": "^5.1.2",
     "@modelcontextprotocol/sdk": "^1.10.0",
     "nanoid": "^5.0.0",
     "tsx": "^4.0.0"

package/pairai.ts

@@ -8,29 +8,55 @@
  *   npx pairai upgrade     — update to latest version (preserves keys and config)
  *   npx pairai version     — show current version
  *
- * Env: PAIRAI_HUB_URL, PAIRAI_AGENT_CRED, PAIRAI_KEY_FILE, PAIRAI_POLL_MS
+ * Env: PAIRAI_HUB_URL      — hub URL (default: https://pairai.pro)
+ *      PAIRAI_AGENT_CRED   — agent API key (from setup)
+ *      PAIRAI_KEY_FILE     — path to RSA private key .pem
+ *      PAIRAI_POLL_MS      — poll interval in ms (default: 5000)
+ *      PAIRAI_LOCK_DIR     — lock file directory (default: ~/.pairai/locks)
+ *      PAIRAI_DEBUG        — verbose log: "1" for ~/.pairai/debug.log, or a file path
  * Legacy: PAIRAI_URL, PAIRAI_API_KEY, PAIRAI_PRIVATE_KEY_PATH
  */
 import { execSync } from "node:child_process";
-import {
-  generateKeyPairSync,
-  publicEncrypt, privateDecrypt, sign, verify,
-  randomBytes, createCipheriv, createDecipheriv, constants,
-} from "node:crypto";
-import { writeFileSync, mkdirSync, readFileSync, existsSync } from "node:fs";
+import { generateKeyPairSync } from "node:crypto";
+import { writeFileSync, mkdirSync, readFileSync, existsSync, appendFileSync } from "node:fs";
 import { homedir } from "node:os";
 import { join, dirname } from "node:path";
 import { fileURLToPath } from "node:url";
-import { validateProvider, detectProvider, checkExistingConfig, formatKeyBackupBox, acquireLock, releaseLock, getProviderConfig } from "./lib.js";
+import { validateProvider, detectProvider, checkExistingConfig, formatKeyBackupBox, acquireLock, releaseLock, getProviderConfig, localEncrypt as _localEncrypt, localDecrypt as _localDecrypt } from "./lib.js";
 import type { Provider } from "./lib.js";
+import select from "@inquirer/select";
+import input from "@inquirer/input";
 
 const __dirname = dirname(fileURLToPath(import.meta.url));
 const PKG = JSON.parse(readFileSync(join(__dirname, "package.json"), "utf-8"));
 const VERSION: string = PKG.version;
 
+const PROVIDER_CHOICES: { name: string; value: Provider }[] = [
+  { name: "Claude Code", value: "claude" },
+  { name: "Gemini CLI", value: "gemini" },
+  { name: "Cursor", value: "cursor" },
+  { name: "GitHub Copilot (VS Code)", value: "copilot" },
+  { name: "Windsurf", value: "windsurf" },
+  { name: "OpenAI Codex CLI", value: "codex" },
+  { name: "Amazon Q", value: "amazonq" },
+];
+
 const args = process.argv.slice(2);
 const command = args[0];
 
+// ── Debug logging ────────────────────────────────────────────────────────────
+// Enable with PAIRAI_DEBUG=1 or PAIRAI_DEBUG=/path/to/file.log
+// When enabled, writes verbose poll/notification logs to the specified file
+// (or ~/.pairai/debug.log if set to "1").
+const DEBUG_LOG = process.env.PAIRAI_DEBUG;
+const debugLogPath = DEBUG_LOG === "1" ? join(homedir(), ".pairai", "debug.log")
+  : DEBUG_LOG || null;
+function debugLog(msg: string) {
+  if (!debugLogPath) return;
+  const line = `${new Date().toISOString()} ${msg}\n`;
+  try { appendFileSync(debugLogPath, line); } catch {}
+}
+
 // ── Version ─────────────────────────────────────────────────────────────────
 
 if (command === "version" || args.includes("--version") || args.includes("-v")) {
@@ -72,6 +98,20 @@ if (command === "setup") {
   const rest = args.slice(1);
   const hubIdx = rest.indexOf("--hub");
   const hubUrl = hubIdx !== -1 ? rest.splice(hubIdx, 2)[1] : "https://pairai.pro";
+  try {
+    const parsed = new URL(hubUrl);
+    if (!["http:", "https:"].includes(parsed.protocol)) {
+      console.error("  Error: Hub URL must use http: or https: protocol.");
+      process.exit(1);
+    }
+    const isLocal = parsed.hostname === "localhost" || parsed.hostname === "127.0.0.1" || parsed.hostname === "::1";
+    if (parsed.protocol === "http:" && !isLocal) {
+      console.error("  Warning: Hub URL uses HTTP (insecure). Use HTTPS for production deployments.");
+    }
+  } catch {
+    console.error("  Error: Invalid hub URL.");
+    process.exit(1);
+  }
   const providerIdx = rest.indexOf("--provider");
   const providerArg = providerIdx !== -1 ? rest.splice(providerIdx, 2)[1] : undefined;
   if (providerArg) {
@@ -80,16 +120,39 @@ if (command === "setup") {
       process.exit(1);
     }
   }
-  const provider = (providerArg as Provider) ?? detectProvider();
+  let provider: Provider;
+  if (providerArg) {
+    provider = providerArg as Provider;
+  } else {
+    const detected = detectProvider();
+    if (detected) {
+      provider = detected;
+    } else if (process.stdin.isTTY) {
+      provider = await select({
+        message: "Select your AI tool:",
+        choices: PROVIDER_CHOICES,
+      });
+    } else {
+      console.error('Cannot auto-detect provider. Use --provider flag (e.g. npx pairai setup "My Agent" --provider cursor)');
+      process.exit(1);
+    }
+  }
   const globalIdx = rest.indexOf("--global");
   const useGlobal = globalIdx !== -1 ? (rest.splice(globalIdx, 1), true) : false;
-  const agentName = rest.find((a) => !a.startsWith("--"));
+  let agentName = rest.find((a) => !a.startsWith("--"));
 
   const forceIdx = rest.indexOf("--force");
   const useForce = forceIdx !== -1 ? (rest.splice(forceIdx, 1), true) : false;
   if (!agentName) {
-    console.error('Usage: npx pairai setup "Agent Name" [--hub URL] [--provider claude|gemini|cursor|copilot|windsurf|codex|amazonq] [--global] [--force]');
-    process.exit(1);
+    if (process.stdin.isTTY) {
+      agentName = await input({
+        message: 'What should we call your agent? Other agents and users will see this name. (e.g. "Alice\'s Assistant", "Travel Bot")',
+        validate: (v) => v.trim().length > 0 && v.trim().length <= 64 ? true : "Name must be 1-64 characters",
+      });
+    } else {
+      console.error('Usage: npx pairai setup "Agent Name" [--hub URL] [--provider claude|gemini|cursor|copilot|windsurf|codex|amazonq] [--global] [--force]');
+      process.exit(1);
+    }
   }
 
   // Check for existing config to avoid accidental overwrites
@@ -129,7 +192,7 @@ if (command === "setup") {
   console.log(`  API Key:   ${apiKey}`);
 
   const keyDir = join(homedir(), ".pairai", "keys");
-  mkdirSync(keyDir, { recursive: true });
+  mkdirSync(keyDir, { recursive: true, mode: 0o700 });
   const keyPath = join(keyDir, `${id}.pem`);
   writeFileSync(keyPath, privateKey, { mode: 0o600 });
   console.log(`  Private key: ${keyPath}`);
@@ -149,7 +212,7 @@ if (command === "setup") {
   };
 
   // Ensure config directory exists
-  mkdirSync(dirname(cfg.configPath), { recursive: true });
+  mkdirSync(dirname(cfg.configPath), { recursive: true, mode: 0o700 });
 
   if (cfg.format === "toml") {
     // Codex CLI uses TOML
@@ -165,14 +228,14 @@ if (command === "setup") {
       `PAIRAI_AGENT_CRED = "${apiKey}"`,
       `PAIRAI_KEY_FILE = "${keyPath}"`,
     ].join("\n");
-    writeFileSync(cfg.configPath, existing + tomlBlock + "\n");
+    writeFileSync(cfg.configPath, existing + tomlBlock + "\n", { mode: 0o600 });
   } else {
     // JSON — merge with existing config
     let existing: any = {};
     try { if (existsSync(cfg.configPath)) existing = JSON.parse(readFileSync(cfg.configPath, "utf-8")); } catch {}
     if (!existing.mcpServers) existing.mcpServers = {};
     existing.mcpServers[cfg.mcpKey] = serverEntry;
-    writeFileSync(cfg.configPath, JSON.stringify(existing, null, 2) + "\n");
+    writeFileSync(cfg.configPath, JSON.stringify(existing, null, 2) + "\n", { mode: 0o600 });
   }
 
   console.log(`  Config: ${cfg.configPath}`);
@@ -200,6 +263,15 @@ if (command !== "serve") {
   console.error("  npx pairai serve [--provider claude|gemini|cursor|copilot|windsurf|codex|amazonq]");
   console.error("  npx pairai upgrade        — update to latest version");
   console.error("  npx pairai version        — show current version");
+  console.error("");
+  console.error("Environment variables:");
+  console.error("  PAIRAI_HUB_URL      Hub URL (default: https://pairai.pro)");
+  console.error("  PAIRAI_AGENT_CRED   Agent API key (from setup)");
+  console.error("  PAIRAI_KEY_FILE     Path to RSA private key .pem file");
+  console.error("  PAIRAI_POLL_MS      Poll interval in ms (default: 5000)");
+  console.error("  PAIRAI_LOCK_DIR     Lock file directory (default: ~/.pairai/locks)");
+  console.error("  PAIRAI_DEBUG=1      Verbose log to ~/.pairai/debug.log");
+  console.error("  PAIRAI_DEBUG=<path> Verbose log to custom file");
   process.exit(1);
 }
 
@@ -219,6 +291,16 @@ if (serveProviderArg) {
 const serveProvider = (serveProviderArg as Provider) ?? "claude";
 
 const HUB_URL = process.env.PAIRAI_HUB_URL ?? process.env.PAIRAI_URL ?? "https://pairai.pro";
+try {
+  const parsedHub = new URL(HUB_URL);
+  if (!["http:", "https:"].includes(parsedHub.protocol)) {
+    console.error("[pairai] Error: Hub URL must use http: or https: protocol.");
+    process.exit(1);
+  }
+} catch {
+  console.error("[pairai] Error: Invalid hub URL.");
+  process.exit(1);
+}
 const API_KEY = process.env.PAIRAI_AGENT_CRED ?? process.env.PAIRAI_API_KEY;
 const POLL_MS = Number(process.env.PAIRAI_POLL_MS ?? "5000");
 const PRIVATE_KEY_PATH = process.env.PAIRAI_KEY_FILE ?? process.env.PAIRAI_PRIVATE_KEY_PATH;
@@ -236,29 +318,51 @@ const headers = {
 
 // ── Hub API ──────────────────────────────────────────────────────────────────
 
+const HUB_TIMEOUT_MS = 30_000;
+
+const API_PREFIX = "/api/v1";
+
 async function hubGet(path: string) {
-  const res = await fetch(`${HUB_URL}${path}`, { headers });
+  const res = await fetch(`${HUB_URL}${API_PREFIX}${path}`, { headers, signal: AbortSignal.timeout(HUB_TIMEOUT_MS) });
   if (!res.ok) throw new Error(`GET ${path}: ${res.status}`);
   return res.json();
 }
 
 async function hubPost(path: string, body?: unknown) {
-  const res = await fetch(`${HUB_URL}${path}`, {
+  const res = await fetch(`${HUB_URL}${API_PREFIX}${path}`, {
     method: "POST",
     headers: body ? headers : { Authorization: headers.Authorization },
     body: body ? JSON.stringify(body) : undefined,
+    signal: AbortSignal.timeout(HUB_TIMEOUT_MS),
   });
   if (!res.ok) throw new Error(`POST ${path}: ${res.status}`);
   return res.json();
 }
 
 async function hubPatch(path: string, body: unknown) {
-  const res = await fetch(`${HUB_URL}${path}`, {
+  const res = await fetch(`${HUB_URL}${API_PREFIX}${path}`, {
     method: "PATCH",
     headers,
     body: JSON.stringify(body),
+    signal: AbortSignal.timeout(HUB_TIMEOUT_MS),
+  });
+  if (!res.ok) {
+    const body = await res.json().catch(() => ({})) as { error?: string };
+    throw new Error(body.error ?? `PATCH ${path}: ${res.status}`);
+  }
+  return res.json();
+}
+
+async function hubDelete(path: string) {
+  const res = await fetch(`${HUB_URL}${API_PREFIX}${path}`, {
+    method: "DELETE",
+    headers: { Authorization: headers.Authorization },
+    signal: AbortSignal.timeout(HUB_TIMEOUT_MS),
   });
-  if (!res.ok) throw new Error(`PATCH ${path}: ${res.status}`);
+  if (!res.ok) {
+    const body = await res.json().catch(() => ({})) as { error?: string };
+    throw new Error(body.error ?? `DELETE ${path}: ${res.status}`);
+  }
   return res.json();
 }
 
@@ -273,7 +377,9 @@ async function loadAgentInfo() {
     const me = (await hubGet("/agents/me")) as { id: string; name: string; publicKey?: string };
     myAgentId = me.id;
     myPublicKey = me.publicKey ?? "";
-  } catch {}
+  } catch (err) {
+    console.error("[pairai] failed to load agent info:", (err as Error).message);
+  }
 }
 
 async function loadPublicKeys() {
@@ -282,32 +388,14 @@ async function loadPublicKeys() {
     for (const c of conns) {
       if (c.publicKey) pubKeyCache.set(c.agentId, c.publicKey);
     }
-  } catch {}
+  } catch (err) {
+    console.error("[pairai] failed to load public keys:", (err as Error).message);
+  }
 }
 
 function localEncrypt(plaintext: string, taskId: string, recipientPubKeys: Record<string, string>) {
   if (!PRIVATE_KEY) throw new Error("No private key configured");
-  const key = randomBytes(32);
-  const iv = randomBytes(12);
-  const cipher = createCipheriv("aes-256-gcm", key, iv);
-  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
-  const tag = cipher.getAuthTag();
-  const ciphertext = Buffer.concat([iv, encrypted, tag]).toString("base64");
-
-  const signature = sign(null, Buffer.from(taskId + ciphertext), {
-    key: PRIVATE_KEY,
-    padding: constants.RSA_PKCS1_PSS_PADDING,
-    saltLength: 32,
-  }).toString("base64");
-
-  const encryptedKeys: Record<string, string> = {};
-  for (const [id, pub] of Object.entries(recipientPubKeys)) {
-    encryptedKeys[id] = publicEncrypt(
-      { key: pub, oaepHash: "sha256", padding: constants.RSA_PKCS1_OAEP_PADDING },
-      key,
-    ).toString("base64");
-  }
-  return { ciphertext, signature, encryptedKeys };
+  return _localEncrypt(plaintext, taskId, PRIVATE_KEY, recipientPubKeys);
 }
 
 function localDecrypt(
@@ -318,21 +406,7 @@ function localDecrypt(
   myEncKey: string,
 ): string {
   if (!PRIVATE_KEY) throw new Error("No private key configured");
-  const valid = verify(null, Buffer.from(taskId + ciphertext), {
-    key: senderPub,
-    padding: constants.RSA_PKCS1_PSS_PADDING,
-    saltLength: 32,
-  }, Buffer.from(sig, "base64"));
-  if (!valid) throw new Error("Signature verification failed");
-
-  const aesKey = privateDecrypt(
-    { key: PRIVATE_KEY, oaepHash: "sha256", padding: constants.RSA_PKCS1_OAEP_PADDING },
-    Buffer.from(myEncKey, "base64"),
-  );
-  const data = Buffer.from(ciphertext, "base64");
-  const decipher = createDecipheriv("aes-256-gcm", aesKey, data.subarray(0, 12));
-  decipher.setAuthTag(data.subarray(-16));
-  return Buffer.concat([decipher.update(data.subarray(12, -16)), decipher.final()]).toString("utf8");
+  return _localDecrypt(ciphertext, sig, taskId, senderPub, myEncKey, PRIVATE_KEY);
 }
 
 // ── MCP Server ───────────────────────────────────────────────────────────────
@@ -340,6 +414,7 @@ function localDecrypt(
 const instructions = [
   "You are connected to the pairai agent hub. Messages from other AI agents arrive as notifications.",
   "The channel server polls for updates automatically — you don't need to poll manually.",
+  "When the user asks about updates, new messages, or pending work, use pairai_check_updates (not pairai_list_tasks).",
   "",
   "Notification attributes:",
   "  task_id     — the task this message belongs to",
@@ -369,7 +444,7 @@ mcp.setRequestHandler(ListToolsRequestSchema, async () => ({
   tools: [
     {
       name: "pairai_check_updates",
-      description: "Check for new tasks or unread messages. Call this at the start of every conversation and periodically during active collaborations.",
+      description: "Check for NEW incoming tasks and UNREAD messages from other agents. This is the primary way to discover what needs your attention — returns only unseen items, not all tasks. Call this first when asked about updates, new messages, or pending work.",
       inputSchema: {
         type: "object" as const,
         properties: {
@@ -441,6 +516,17 @@ mcp.setRequestHandler(ListToolsRequestSchema, async () => ({
         required: ["code"],
       },
     },
+    {
+      name: "pairai_connect_directly",
+      description: "Connect directly to an agent that has auto-accept enabled — no pairing code needed. Use pairai_discover_agents to find agents with autoAccept: true.",
+      inputSchema: {
+        type: "object" as const,
+        properties: {
+          agent_id: { type: "string", description: "ID of the agent to connect with" },
+        },
+        required: ["agent_id"],
+      },
+    },
     {
       name: "pairai_update_profile",
       description: "Update your agent's profile — name, description, capabilities, and metadata. Returns the updated profile.",
@@ -452,6 +538,7 @@ mcp.setRequestHandler(ListToolsRequestSchema, async () => ({
           capabilities: { type: "array", items: { type: "string" }, description: "List of capabilities, e.g. ['scheduling', 'code-review']" },
           metadata: { type: "object", description: "Arbitrary JSON metadata (max 4KB)" },
           discoverable: { type: "boolean", description: "Whether to appear in the public agent directory" },
+          autoAccept: { type: "boolean", description: "Whether to accept direct connections without pairing codes" },
           defaultApprovalRule: { type: "string", enum: ["auto", "require"], description: "Default approval rule for new connections" },
         },
       },
@@ -504,6 +591,17 @@ mcp.setRequestHandler(ListToolsRequestSchema, async () => ({
         required: ["connection_id", "rule"],
       },
     },
+    {
+      name: "pairai_disconnect",
+      description: "Disconnect from an agent. Cascades: cancels active tasks, notifies the other agent.",
+      inputSchema: {
+        type: "object" as const,
+        properties: {
+          connection_id: { type: "string", description: "Connection ID to delete" },
+        },
+        required: ["connection_id"],
+      },
+    },
     {
       name: "pairai_list_pending_approvals",
       description: "List tasks waiting for your approval.",
@@ -534,7 +632,7 @@ mcp.setRequestHandler(ListToolsRequestSchema, async () => ({
     },
     {
       name: "pairai_list_tasks",
-      description: "List all tasks you are involved in (as initiator or target).",
+      description: "List ALL tasks (not just new ones). Use this to browse your full task history or filter by status. For checking what's new, use pairai_check_updates instead.",
       inputSchema: {
         type: "object" as const,
         properties: {
@@ -567,6 +665,18 @@ mcp.setRequestHandler(ListToolsRequestSchema, async () => ({
         required: ["task_id", "filename", "mime_type", "base64_content"],
       },
     },
+    {
+      name: "pairai_download_file",
+      description: "Download a file from a task. For encrypted tasks, the file is automatically decrypted.",
+      inputSchema: {
+        type: "object" as const,
+        properties: {
+          task_id: { type: "string", description: "Task ID the file belongs to" },
+          file_id: { type: "string", description: "File ID to download" },
+        },
+        required: ["task_id", "file_id"],
+      },
+    },
     {
       name: "pairai_create_encrypted_task",
       description: "Create an encrypted task. Title and description are encrypted — the hub cannot read them.",
@@ -580,6 +690,78 @@ mcp.setRequestHandler(ListToolsRequestSchema, async () => ({
         required: ["target_agent_id", "title"],
       },
     },
+    {
+      name: "pairai_delete_message",
+      description: "Delete (tombstone) a message you sent. The message content is replaced with [deleted].",
+      inputSchema: {
+        type: "object" as const,
+        properties: {
+          task_id: { type: "string", description: "Task ID" },
+          message_id: { type: "string", description: "Message ID to delete" },
+        },
+        required: ["task_id", "message_id"],
+      },
+    },
+    {
+      name: "pairai_delete_file",
+      description: "Delete a file you uploaded. Removes from disk and tombstones the associated message.",
+      inputSchema: {
+        type: "object" as const,
+        properties: {
+          file_id: { type: "string", description: "File ID to delete" },
+        },
+        required: ["file_id"],
+      },
+    },
+    {
+      name: "pairai_delete_task",
+      description: "Permanently delete a terminal task (completed, failed, cancelled) and all its messages and files.",
+      inputSchema: {
+        type: "object" as const,
+        properties: {
+          task_id: { type: "string", description: "Task ID to delete" },
+        },
+        required: ["task_id"],
+      },
+    },
+    {
+      name: "pairai_rotate_api_key",
+      description: "Generate a new API key. WARNING: old key immediately invalidated. Save the new key before doing anything else.",
+      inputSchema: {
+        type: "object" as const,
+        properties: {},
+      },
+    },
+    {
+      name: "pairai_delete_account",
+      description: "PERMANENTLY delete your agent and ALL associated data. IRREVERSIBLE.",
+      inputSchema: {
+        type: "object" as const,
+        properties: {},
+      },
+    },
+    {
+      name: "pairai_block_agent",
+      description: "Block an agent. They cannot discover or connect with you. Disconnects if connected.",
+      inputSchema: {
+        type: "object" as const,
+        properties: {
+          agent_id: { type: "string", description: "ID of the agent to block" },
+        },
+        required: ["agent_id"],
+      },
+    },
+    {
+      name: "pairai_unblock_agent",
+      description: "Unblock a previously blocked agent.",
+      inputSchema: {
+        type: "object" as const,
+        properties: {
+          agent_id: { type: "string", description: "ID of the agent to unblock" },
+        },
+        required: ["agent_id"],
+      },
+    },
   ],
 }));
 
@@ -593,6 +775,7 @@ mcp.setRequestHandler(CallToolRequestSchema, async (req) => {
       hasUpdates: boolean;
       pendingTasks: Array<{ id: string; title: string; fromAgent: string }>;
       unreadMessages: Array<{ taskId: string; taskTitle: string; count: number }>;
+      cursor: number;
     };
 
     if (!updates.hasUpdates) {
@@ -628,8 +811,10 @@ mcp.setRequestHandler(CallToolRequestSchema, async (req) => {
       parts.push(`**Unread messages:**\n${enriched.join("\n")}`);
     }
 
-    if ((args as any).acknowledge) {
-      await hubPost("/updates/ack");
+    // Always ack — this is the authoritative "user has seen these" signal.
+    // The poll loop does NOT ack; only this tool does.
+    if (updates.cursor > 0) {
+      await hubPost("/updates/ack", { cursor: updates.cursor });
     }
 
     return { content: [{ type: "text" as const, text: parts.join("\n\n") }] };
@@ -650,17 +835,22 @@ mcp.setRequestHandler(CallToolRequestSchema, async (req) => {
         return { content: [{ type: "text" as const, text: "Error: Cannot reply to encrypted task — missing cryptographic keys. Re-run setup or reconnect." }] };
       }
       const envelope = JSON.stringify({ contentType: content_type ?? "text", body: text });
-      const { ciphertext, signature, encryptedKeys } = localEncrypt(envelope, task_id, {
-        [myAgentId]: myPublicKey,
-        [otherId]: otherPub,
-      });
-      await hubPost(`/tasks/${task_id}/messages`, {
-        content: ciphertext,
-        contentType: "encrypted",
-        encryptedKeys,
-        senderSignature: signature,
-      });
-      return { content: [{ type: "text" as const, text: "Sent (encrypted)." }] };
+      try {
+        const { ciphertext, signature, encryptedKeys } = localEncrypt(envelope, task_id, {
+          [myAgentId]: myPublicKey,
+          [otherId]: otherPub,
+        });
+        await hubPost(`/tasks/${task_id}/messages`, {
+          content: ciphertext,
+          contentType: "encrypted",
+          encryptedKeys,
+          senderSignature: signature,
+        });
+        return { content: [{ type: "text" as const, text: "Sent (encrypted)." }] };
+      } catch (err) {
+        console.error(`[pairai] encryption failed for task ${task_id}: ${(err as Error).message}`);
+        return { content: [{ type: "text" as const, text: `Error: Failed to encrypt reply — ${(err as Error).message}. The other agent may have an invalid public key.` }], isError: true };
+      }
     }
     // Non-encrypted task: send plaintext
     await hubPost(`/tasks/${task_id}/messages`, {
@@ -671,8 +861,16 @@ mcp.setRequestHandler(CallToolRequestSchema, async (req) => {
   }
 
   if (name === "pairai_update_status") {
-    await hubPatch(`/tasks/${args.task_id}`, { status: args.status });
-    return { content: [{ type: "text" as const, text: `Status → ${args.status}` }] };
+    try {
+      await hubPatch(`/tasks/${args.task_id}`, { status: args.status });
+      return { content: [{ type: "text" as const, text: `Status → ${args.status}` }] };
+    } catch (err) {
+      const msg = (err as Error).message;
+      if (msg.includes("409") || msg.includes("400")) {
+        return { content: [{ type: "text" as const, text: `Cannot update status — ${msg}` }] };
+      }
+      throw err;
+    }
   }
 
   if (name === "pairai_get_profile") {
@@ -734,6 +932,14 @@ mcp.setRequestHandler(CallToolRequestSchema, async (req) => {
     return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] };
   }
 
+  if (name === "pairai_connect_directly") {
+    const { agent_id } = args as { agent_id: string };
+    const data = await hubPost(`/connect/${agent_id}`);
+    // Refresh public keys after new connection
+    await loadPublicKeys();
+    return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] };
+  }
+
   if (name === "pairai_update_profile") {
     const body: Record<string, unknown> = {};
     if (args.name !== undefined) body.name = args.name;
@@ -741,6 +947,7 @@ mcp.setRequestHandler(CallToolRequestSchema, async (req) => {
     if (args.capabilities !== undefined) body.capabilities = args.capabilities;
     if (args.metadata !== undefined) body.metadata = args.metadata;
     if (args.discoverable !== undefined) body.discoverable = args.discoverable === "true" || args.discoverable === true;
+    if (args.autoAccept !== undefined) body.autoAccept = args.autoAccept === "true" || args.autoAccept === true;
     if (args.defaultApprovalRule !== undefined) body.defaultApprovalRule = args.defaultApprovalRule;
     const data = await hubPatch("/agents/me", body);
     return { content: [{ type: "text" as const, text: "Profile updated.\n" + JSON.stringify(data, null, 2) }] };
@@ -777,6 +984,16 @@ mcp.setRequestHandler(CallToolRequestSchema, async (req) => {
     return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] };
   }
 
+  if (name === "pairai_disconnect") {
+    const { connection_id } = args as { connection_id: string };
+    try {
+      const result = (await hubDelete(`/connections/${connection_id}`)) as { cancelledTasks?: number };
+      return { content: [{ type: "text" as const, text: `Disconnected. ${result.cancelledTasks ?? 0} task(s) cancelled.` }] };
+    } catch (err) {
+      return { content: [{ type: "text" as const, text: `Error: ${(err as Error).message}` }], isError: true };
+    }
+  }
+
   if (name === "pairai_list_pending_approvals") {
     const data = await hubGet("/approvals");
     return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] };
@@ -822,13 +1039,20 @@ mcp.setRequestHandler(CallToolRequestSchema, async (req) => {
       encryptedKeys?: any; senderSignature?: string;
     }>;
     if (data.encrypted) {
-      const desc = decryptTaskDescription(data, data.id);
-      data.description = desc;
+      try {
+        data.description = decryptTaskDescription(data, data.id);
+      } catch {
+        data.description = "[decryption failed]";
+      }
     }
     const decryptedMsgs = msgs.map((m) => {
       if (data.encrypted) {
-        const d = decryptMessage(m, data.id);
-        return { ...m, content: d.content, contentType: d.contentType };
+        try {
+          const d = decryptMessage(m, data.id);
+          return { ...m, content: d.content, contentType: d.contentType };
+        } catch {
+          return { ...m, content: "[decryption failed]", contentType: "text" };
+        }
       }
       return m;
     });
@@ -839,12 +1063,151 @@ mcp.setRequestHandler(CallToolRequestSchema, async (req) => {
     const { task_id, filename, mime_type, base64_content } = args as {
       task_id: string; filename: string; mime_type: string; base64_content: string;
     };
+
+    // Check if task is encrypted
+    const taskData = (await hubGet(`/tasks/${task_id}`)) as any;
+    if (taskData.encrypted) {
+      // Size guardrail: encryption overhead (~37%) could exceed hub's 50MB limit
+      const rawSize = Buffer.from(base64_content, "base64").byteLength;
+      if (rawSize > 28 * 1024 * 1024) {
+        return { content: [{ type: "text" as const, text: "Error: File too large for encrypted upload (max ~28 MB before encryption overhead)." }] };
+      }
+
+      await loadPublicKeys();
+      const otherId =
+        taskData.initiatorAgentId === myAgentId ? taskData.targetAgentId : taskData.initiatorAgentId;
+      const otherPub = pubKeyCache.get(otherId);
+      if (!otherPub || !myPublicKey || !PRIVATE_KEY) {
+        return { content: [{ type: "text" as const, text: "Error: Cannot upload to encrypted task — missing cryptographic keys. Re-run setup or reconnect." }] };
+      }
+
+      const envelope = JSON.stringify({ filename, mimeType: mime_type, data: base64_content });
+      const { ciphertext, signature, encryptedKeys } = localEncrypt(envelope, task_id, {
+        [myAgentId]: myPublicKey,
+        [otherId]: otherPub,
+      });
+
+      const data = await hubPost(`/tasks/${task_id}/files/json`, {
+        filename: "encrypted_file",
+        mimeType: "application/octet-stream",
+        base64Content: ciphertext,
+        encryptedKeys,
+        senderSignature: signature,
+      });
+      return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] };
+    }
+
+    // Non-encrypted task: pass through
     const data = await hubPost(`/tasks/${task_id}/files/json`, {
       filename, mimeType: mime_type, base64Content: base64_content,
     });
     return { content: [{ type: "text" as const, text: JSON.stringify(data, null, 2) }] };
   }
 
+  if (name === "pairai_download_file") {
+    const { task_id, file_id } = args as { task_id: string; file_id: string };
+
+    // Fetch the task to check encryption status
+    const taskData = (await hubGet(`/tasks/${task_id}`)) as any;
+
+    // Download raw file bytes
+    const response = await fetch(`${HUB_URL}/files/${file_id}`, {
+      headers: { Authorization: `Bearer ${API_KEY}` },
+      signal: AbortSignal.timeout(HUB_TIMEOUT_MS),
+    });
+    if (!response.ok) {
+      return { content: [{ type: "text" as const, text: `Error: Failed to download file (${response.status}).` }] };
+    }
+    const fileBuffer = Buffer.from(await response.arrayBuffer());
+
+    if (!taskData.encrypted) {
+      // Non-encrypted: return raw file info
+      const contentType = response.headers.get("content-type") ?? "application/octet-stream";
+      const disposition = response.headers.get("content-disposition") ?? "";
+      const filenameMatch = disposition.match(/filename="([^"]+)"/);
+      return {
+        content: [{
+          type: "text" as const,
+          text: JSON.stringify({
+            filename: filenameMatch?.[1] ?? "file",
+            mimeType: contentType,
+            data: fileBuffer.toString("base64"),
+            sizeBytes: fileBuffer.byteLength,
+          }, null, 2),
+        }],
+      };
+    }
+
+    // Encrypted task: find the message that holds the encryption keys for this file
+    const taskMessages = (await hubGet(`/tasks/${task_id}/messages`)) as Array<{
+      id: string; content: string; contentType: string; senderAgentId: string;
+      encryptedKeys?: any; senderSignature?: string;
+    }>;
+    const fileMsg = taskMessages.find((m) => m.content === file_id);
+    if (!fileMsg) {
+      return { content: [{ type: "text" as const, text: "Error: Could not find message for this file." }] };
+    }
+
+    // Legacy plaintext file in encrypted task (no keys stored)
+    if (!fileMsg.encryptedKeys || !fileMsg.senderSignature) {
+      const contentType = response.headers.get("content-type") ?? "application/octet-stream";
+      return {
+        content: [{
+          type: "text" as const,
+          text: JSON.stringify({
+            filename: "file",
+            mimeType: contentType,
+            data: fileBuffer.toString("base64"),
+            sizeBytes: fileBuffer.byteLength,
+            warning: "File was uploaded without encryption (legacy).",
+          }, null, 2),
+        }],
+      };
+    }
+
+    // Decrypt the file
+    if (!PRIVATE_KEY) {
+      return { content: [{ type: "text" as const, text: "Error: No private key configured. Re-run setup." }] };
+    }
+
+    await loadPublicKeys();
+    const senderPub = fileMsg.senderAgentId === myAgentId
+      ? myPublicKey
+      : pubKeyCache.get(fileMsg.senderAgentId);
+    const keys = typeof fileMsg.encryptedKeys === "string"
+      ? JSON.parse(fileMsg.encryptedKeys)
+      : fileMsg.encryptedKeys;
+    const myKey = keys[myAgentId];
+
+    if (!senderPub || !myKey) {
+      return { content: [{ type: "text" as const, text: "Error: Decryption keys not found for this agent." }] };
+    }
+
+    try {
+      // The hub stores binary (decoded from base64 ciphertext); re-encode for localDecrypt
+      const ciphertextB64 = fileBuffer.toString("base64");
+      const plain = localDecrypt(ciphertextB64, fileMsg.senderSignature, task_id, senderPub, myKey);
+      const envelope = JSON.parse(plain);
+      return {
+        content: [{
+          type: "text" as const,
+          text: JSON.stringify({
+            filename: envelope.filename,
+            mimeType: envelope.mimeType,
+            data: envelope.data,
+            sizeBytes: Buffer.from(envelope.data, "base64").byteLength,
+          }, null, 2),
+        }],
+      };
+    } catch (err) {
+      const msg = (err as Error).message;
+      if (msg.includes("Signature")) {
+        return { content: [{ type: "text" as const, text: "Error: File signature verification failed — possible tampering." }] };
+      }
+      return { content: [{ type: "text" as const, text: `Error: Failed to decrypt file — ${msg}` }] };
+    }
+  }
+
   if (name === "pairai_create_encrypted_task") {
     if (!PRIVATE_KEY)
       return { content: [{ type: "text" as const, text: "No private key configured. Re-run setup." }] };
@@ -881,12 +1244,81 @@ mcp.setRequestHandler(CallToolRequestSchema, async (req) => {
     return { content: [{ type: "text" as const, text: `Encrypted task created. ID: ${taskId}` }] };
   }
 
+  if (name === "pairai_delete_message") {
+    const { task_id, message_id } = args as { task_id: string; message_id: string };
+    try {
+      await hubDelete(`/tasks/${task_id}/messages/${message_id}`);
+      return { content: [{ type: "text" as const, text: "Message deleted." }] };
+    } catch (err) {
+      return { content: [{ type: "text" as const, text: `Error: ${(err as Error).message}` }], isError: true };
+    }
+  }
+
+  if (name === "pairai_delete_file") {
+    const { file_id } = args as { file_id: string };
+    try {
+      await hubDelete(`/files/${file_id}`);
+      return { content: [{ type: "text" as const, text: "File deleted." }] };
+    } catch (err) {
+      return { content: [{ type: "text" as const, text: `Error: ${(err as Error).message}` }], isError: true };
+    }
+  }
+
+  if (name === "pairai_delete_task") {
+    const { task_id } = args as { task_id: string };
+    try {
+      const result = (await hubDelete(`/tasks/${task_id}`)) as { deletedMessages?: number; deletedFiles?: number };
+      return { content: [{ type: "text" as const, text: `Task deleted. ${result.deletedMessages ?? 0} message(s) and ${result.deletedFiles ?? 0} file(s) removed.` }] };
+    } catch (err) {
+      return { content: [{ type: "text" as const, text: `Error: ${(err as Error).message}` }], isError: true };
+    }
+  }
+
+  if (name === "pairai_rotate_api_key") {
+    try {
+      const result = (await hubPost("/agents/me/rotate-key")) as { apiKey: string };
+      return { content: [{ type: "text" as const, text: `New API key: ${result.apiKey}\n\nWARNING: Your old key is now invalid. Save this key immediately — it will not be shown again.` }] };
+    } catch (err) {
+      return { content: [{ type: "text" as const, text: `Error: ${(err as Error).message}` }], isError: true };
+    }
+  }
+
+  if (name === "pairai_delete_account") {
+    try {
+      await hubDelete("/agents/me");
+      return { content: [{ type: "text" as const, text: "Account deleted." }] };
+    } catch (err) {
+      return { content: [{ type: "text" as const, text: `Error: ${(err as Error).message}` }], isError: true };
+    }
+  }
+
+  if (name === "pairai_block_agent") {
+    const { agent_id } = args as { agent_id: string };
+    try {
+      await hubPost("/agents/me/block", { agentId: agent_id });
+      return { content: [{ type: "text" as const, text: "Agent blocked." }] };
+    } catch (err) {
+      return { content: [{ type: "text" as const, text: `Error: ${(err as Error).message}` }], isError: true };
+    }
+  }
+
+  if (name === "pairai_unblock_agent") {
+    const { agent_id } = args as { agent_id: string };
+    try {
+      await hubDelete(`/agents/me/block/${agent_id}`);
+      return { content: [{ type: "text" as const, text: "Agent unblocked." }] };
+    } catch (err) {
+      return { content: [{ type: "text" as const, text: `Error: ${(err as Error).message}` }], isError: true };
+    }
+  }
+
   throw new Error(`Unknown tool: ${name}`);
 });
 
 // ── Polling ──────────────────────────────────────────────────────────────────
 
 const seenMessages = new Set<string>();
+const SEEN_MESSAGES_MAX = 10_000;
 
 function decryptMessage(
   msg: { content: string; contentType: string; senderAgentId: string; encryptedKeys?: any; senderSignature?: string },
@@ -943,13 +1375,16 @@ async function poll() {
       hasUpdates: boolean;
       pendingTasks: Array<{ id: string; title: string; fromAgent: string }>;
       unreadMessages: Array<{ taskId: string; taskTitle: string; count: number }>;
+      cursor: number;
     };
 
+    debugLog(`poll: hasUpdates=${updates.hasUpdates} tasks=${updates.pendingTasks.length} messages=${updates.unreadMessages.length} cursor=${updates.cursor}`);
     if (!updates.hasUpdates) return;
+    console.error(`[pairai] poll: ${updates.pendingTasks.length} tasks, ${updates.unreadMessages.length} messages`);
 
     for (const task of updates.pendingTasks) {
       const key = `task:${task.id}`;
-      if (seenMessages.has(key)) continue;
+      if (seenMessages.has(key)) { debugLog(`skip seen task ${task.id}`); continue; }
       seenMessages.add(key);
 
       const full = (await hubGet(`/tasks/${task.id}`)) as {
@@ -959,19 +1394,27 @@ async function poll() {
         senderSignature?: string;
         initiatorAgentId?: string;
         approvalStatus?: string | null;
-        messages: Array<{
-          content: string;
-          contentType: string;
-          senderAgentId: string;
-          encryptedKeys?: any;
-          senderSignature?: string;
-        }>;
       };
+      const taskMsgs = (await hubGet(`/tasks/${task.id}/messages`)) as Array<{
+        content: string;
+        contentType: string;
+        senderAgentId: string;
+        encryptedKeys?: any;
+        senderSignature?: string;
+      }>;
 
       const desc = decryptTaskDescription(full, task.id);
-      const decryptedMessages = (full.messages ?? []).map((m) => {
-        const d = decryptMessage(m, task.id);
-        return d.content;
+      const decryptedMessages = (taskMsgs ?? []).map((m) => {
+        // Encrypted file messages: content is a file ID (short nanoid), not ciphertext
+        if (m.contentType === "encrypted" && m.encryptedKeys && m.content.length < 30) {
+          return "[File attachment — use pairai_download_file to retrieve]";
+        }
+        try {
+          const d = decryptMessage(m, task.id);
+          return d.content;
+        } catch {
+          return "[decryption failed]";
+        }
       });
 
       const isPendingApproval = full.approvalStatus === "pending";
@@ -997,24 +1440,34 @@ async function poll() {
     }
 
     for (const unread of updates.unreadMessages) {
-      const full = (await hubGet(`/tasks/${unread.taskId}`)) as {
-        messages: Array<{
-          id: string;
-          content: string;
-          contentType: string;
-          senderAgentId: string;
-          encryptedKeys?: any;
-          senderSignature?: string;
-        }>;
-      };
+      const msgs = (await hubGet(`/tasks/${unread.taskId}/messages`)) as Array<{
+        id: string;
+        content: string;
+        contentType: string;
+        senderAgentId: string;
+        encryptedKeys?: any;
+        senderSignature?: string;
+      }>;
 
-      if (!full?.messages) continue;
-      for (const msg of full.messages.slice(-unread.count)) {
+      debugLog(`unread: taskId=${unread.taskId} count=${unread.count} fetched=${msgs?.length ?? 0}`);
+      if (!msgs || msgs.length === 0) continue;
+      for (const msg of msgs.slice(-unread.count)) {
         const key = `msg:${msg.id}`;
-        if (seenMessages.has(key)) continue;
+        if (seenMessages.has(key)) { debugLog(`skip seen msg ${msg.id}`); continue; }
         seenMessages.add(key);
 
-        const decrypted = decryptMessage(msg, unread.taskId);
+        // Encrypted file messages: content is a file ID (short nanoid), not ciphertext
+        const isEncryptedFile = msg.contentType === "encrypted" && msg.encryptedKeys && msg.content.length < 30;
+        let decrypted: { content: string; contentType: string };
+        if (isEncryptedFile) {
+          decrypted = { content: "[File attachment — use pairai_download_file to retrieve]", contentType: "text" };
+        } else {
+          try {
+            decrypted = decryptMessage(msg, unread.taskId);
+          } catch {
+            decrypted = { content: "[decryption failed]", contentType: "text" };
+          }
+        }
 
         try {
           await mcp.notification({
@@ -1037,9 +1490,20 @@ async function poll() {
       }
     }
 
-    await hubPost("/updates/ack");
+    // Do NOT ack the hub here — the hub's lastSeenRowid is only advanced
+    // when the user explicitly calls pairai_check_updates (authoritative ack).
+    // The seenMessages Set prevents duplicate notifications within this session.
+    debugLog(`poll: processed cursor=${updates.cursor} (hub NOT acked — seenMessages dedup only)`);
+
+    // Prevent unbounded memory growth
+    if (seenMessages.size > SEEN_MESSAGES_MAX) {
+      const excess = seenMessages.size - SEEN_MESSAGES_MAX;
+      const iter = seenMessages.values();
+      for (let i = 0; i < excess; i++) seenMessages.delete(iter.next().value!);
+    }
   } catch (err) {
     console.error(`[pairai] poll error: ${(err as Error).message}`);
+    debugLog(`poll error: ${(err as Error).message}`);
   }
 }
 
@@ -1066,6 +1530,15 @@ process.on("SIGINT", cleanupLock);
 process.on("beforeExit", cleanupLock);
 process.on("exit", cleanupLock);
 
+// Detect parent death — when the MCP host (Claude/Gemini) exits, stdin closes.
+// Without this, the process becomes an orphan reparented to systemd.
+process.stdin.on("end", () => {
+  console.error("[pairai] stdin closed (parent exited). Shutting down.");
+  cleanupLock();
+  process.exit(0);
+});
+process.stdin.resume(); // ensure 'end' fires even if nothing reads stdin
+
 console.error(`[pairai] agent=${myAgentId} keys=${pubKeyCache.size} polling every ${POLL_MS}ms`);
 setInterval(poll, POLL_MS);
 poll();