npm - stellavault - Versions diffs - 0.5.0 → 0.5.2 - Mend

stellavault 0.5.0 → 0.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/stellavault.js CHANGED Viewed

@@ -2240,6 +2240,592 @@ var init_file_extractors = __esm({
   }
 });
+// packages/core/dist/federation/identity.js
+import { randomBytes, createHash as createHash3, createHmac } from "node:crypto";
+import { readFileSync as readFileSync11, writeFileSync as writeFileSync10, existsSync as existsSync10, mkdirSync as mkdirSync10, chmodSync } from "node:fs";
+import { join as join11 } from "node:path";
+import { homedir as homedir4 } from "node:os";
+function getOrCreateIdentity(displayName) {
+  if (existsSync10(IDENTITY_FILE)) {
+    const raw = JSON.parse(readFileSync11(IDENTITY_FILE, "utf-8"));
+    return {
+      peerId: raw.peerId,
+      publicKey: Buffer.from(raw.publicKey, "hex"),
+      secretKey: Buffer.from(raw.secretKey, "hex"),
+      displayName: raw.displayName,
+      createdAt: raw.createdAt
+    };
+  }
+  const secretKey = randomBytes(32);
+  const publicKey = createHash3("sha256").update(secretKey).digest();
+  const peerId = createHash3("sha256").update(publicKey).digest("hex").slice(0, 16);
+  const identity = {
+    peerId,
+    publicKey,
+    secretKey,
+    displayName: displayName ?? `node-${peerId.slice(0, 6)}`,
+    createdAt: (/* @__PURE__ */ new Date()).toISOString()
+  };
+  mkdirSync10(IDENTITY_DIR, { recursive: true });
+  const content = JSON.stringify({
+    peerId: identity.peerId,
+    publicKey: publicKey.toString("hex"),
+    secretKey: secretKey.toString("hex"),
+    displayName: identity.displayName,
+    createdAt: identity.createdAt
+  }, null, 2);
+  writeFileSync10(IDENTITY_FILE, content, { encoding: "utf-8", mode: 384 });
+  try {
+    chmodSync(IDENTITY_FILE, 384);
+  } catch {
+  }
+  return identity;
+}
+var IDENTITY_DIR, IDENTITY_FILE;
+var init_identity = __esm({
+  "packages/core/dist/federation/identity.js"() {
+    "use strict";
+    IDENTITY_DIR = join11(homedir4(), ".stellavault", "federation");
+    IDENTITY_FILE = join11(IDENTITY_DIR, "identity.json");
+  }
+});
+// packages/core/dist/federation/node.js
+import { createHash as createHash4 } from "node:crypto";
+import { EventEmitter } from "node:events";
+var FEDERATION_TOPIC, FederationNode;
+var init_node = __esm({
+  "packages/core/dist/federation/node.js"() {
+    "use strict";
+    init_identity();
+    FEDERATION_TOPIC = createHash4("sha256").update("stellavault-federation-v1").digest();
+    FederationNode = class extends EventEmitter {
+      swarm = null;
+      identity;
+      peers = /* @__PURE__ */ new Map();
+      running = false;
+      documentCount = 0;
+      topTopics = [];
+      constructor(displayName) {
+        super();
+        this.identity = getOrCreateIdentity(displayName);
+      }
+      get peerId() {
+        return this.identity.peerId;
+      }
+      get displayName() {
+        return this.identity.displayName;
+      }
+      get peerCount() {
+        return this.peers.size;
+      }
+      get isRunning() {
+        return this.running;
+      }
+      setLocalStats(documentCount, topTopics) {
+        this.documentCount = documentCount;
+        this.topTopics = topTopics.slice(0, 5);
+      }
+      // Design Ref: §4 — join()
+      async join() {
+        if (this.running)
+          return;
+        const Hyperswarm = (await import("hyperswarm")).default;
+        this.swarm = new Hyperswarm({ maxPeers: 50 });
+        this.swarm.on("connection", (conn, _info) => {
+          this.handleConnection(conn);
+        });
+        const discovery = this.swarm.join(FEDERATION_TOPIC, { server: true, client: true });
+        await discovery.flushed();
+        this.running = true;
+        this.emit("joined", { peerId: this.peerId, topic: FEDERATION_TOPIC.toString("hex").slice(0, 16) });
+      }
+      // Design Ref: §4 — joinDirect() 수동 IP 폴백
+      async joinDirect(host, port) {
+        const net = await import("node:net");
+        const conn = net.connect(port, host);
+        await new Promise((resolve22, reject) => {
+          conn.on("connect", () => {
+            this.handleConnection(conn);
+            resolve22();
+          });
+          conn.on("error", reject);
+          setTimeout(() => reject(new Error("Connection timeout")), 15e3);
+        });
+        if (!this.running)
+          this.running = true;
+      }
+      async leave() {
+        if (!this.running)
+          return;
+        for (const [, peer] of this.peers) {
+          try {
+            this.sendMessage(peer.conn, { type: "leave", peerId: this.peerId });
+            peer.conn.end();
+          } catch {
+          }
+        }
+        this.peers.clear();
+        await this.swarm?.destroy();
+        this.swarm = null;
+        this.running = false;
+        this.emit("left");
+      }
+      getPeers() {
+        return [...this.peers.values()].map((p) => p.info);
+      }
+      // 피어에게 검색 쿼리 전송 (FederatedSearch에서 사용)
+      sendSearchQuery(peerId, queryId, embedding, limit) {
+        const peer = this.peers.get(peerId);
+        if (!peer)
+          return;
+        this.sendMessage(peer.conn, { type: "search_query", queryId, embedding, limit });
+      }
+      // 피어에게 검색 결과 응답 (FederatedSearch에서 사용)
+      sendSearchResult(peerId, queryId, results) {
+        const peer = this.peers.get(peerId);
+        if (!peer)
+          return;
+        this.sendMessage(peer.conn, { type: "search_result", queryId, results });
+      }
+      // --- Private ---
+      handleConnection(conn) {
+        this.sendMessage(conn, {
+          type: "handshake",
+          peerId: this.peerId,
+          displayName: this.identity.displayName,
+          version: "0.1.0",
+          documentCount: this.documentCount,
+          topTopics: this.topTopics
+        });
+        let buffer = "";
+        const MAX_BUFFER = 1024 * 1024;
+        const MAX_MESSAGE = 64 * 1024;
+        conn.on("data", (data) => {
+          buffer += data.toString();
+          if (buffer.length > MAX_BUFFER) {
+            console.error("Federation: buffer overflow from peer, disconnecting");
+            buffer = "";
+            conn.end();
+            return;
+          }
+          const lines = buffer.split("\n");
+          buffer = lines.pop() ?? "";
+          for (const line of lines) {
+            if (!line.trim())
+              continue;
+            if (line.length > MAX_MESSAGE)
+              continue;
+            try {
+              const msg = JSON.parse(line);
+              this.handleMessage(conn, msg);
+            } catch {
+            }
+          }
+        });
+        conn.on("close", () => {
+          for (const [peerId, peer] of this.peers) {
+            if (peer.conn === conn) {
+              this.peers.delete(peerId);
+              this.emit("peer_left", { peerId });
+              break;
+            }
+          }
+        });
+        conn.on("error", () => {
+        });
+      }
+      // MED: 메시지 스키마 기본 검증
+      validateMessage(msg) {
+        if (!msg || typeof msg !== "object" || typeof msg.type !== "string")
+          return false;
+        if (msg.type === "handshake" && (typeof msg.peerId !== "string" || typeof msg.displayName !== "string"))
+          return false;
+        if (msg.type === "search_query" && (!Array.isArray(msg.embedding) || msg.embedding.length !== 384))
+          return false;
+        if (msg.type === "search_result" && !Array.isArray(msg.results))
+          return false;
+        return true;
+      }
+      handleMessage(conn, msg) {
+        if (!this.validateMessage(msg))
+          return;
+        switch (msg.type) {
+          case "handshake": {
+            const safeName = (msg.displayName ?? "").slice(0, 50);
+            const peerInfo = {
+              peerId: msg.peerId,
+              displayName: safeName,
+              documentCount: Math.min(msg.documentCount ?? 0, 1e6),
+              // 합리적 상한
+              topTopics: (msg.topTopics ?? []).slice(0, 10),
+              joinedAt: (/* @__PURE__ */ new Date()).toISOString(),
+              lastSeen: (/* @__PURE__ */ new Date()).toISOString()
+            };
+            this.peers.set(msg.peerId, { info: peerInfo, conn });
+            this.emit("peer_joined", peerInfo);
+            break;
+          }
+          case "search_query": {
+            this.emit("search_request", {
+              peerId: msg.queryId,
+              // queryId를 추적용으로 사용
+              queryId: msg.queryId,
+              embedding: msg.embedding,
+              limit: msg.limit,
+              // respond 함수: 호출 측에서 사용
+              respondTo: (() => {
+                for (const [pid, peer] of this.peers) {
+                  if (peer.conn === conn)
+                    return pid;
+                }
+                return null;
+              })()
+            });
+            break;
+          }
+          case "search_result": {
+            this.emit("search_response", {
+              queryId: msg.queryId,
+              results: msg.results,
+              peerId: (() => {
+                for (const [pid, peer] of this.peers) {
+                  if (peer.conn === conn)
+                    return pid;
+                }
+                return "unknown";
+              })()
+            });
+            break;
+          }
+          case "leave": {
+            this.peers.delete(msg.peerId);
+            this.emit("peer_left", { peerId: msg.peerId });
+            break;
+          }
+        }
+      }
+      // Design Ref: §7 — JSON + newline delimiter
+      sendMessage(conn, msg) {
+        try {
+          conn.write(JSON.stringify(msg) + "\n");
+        } catch {
+        }
+      }
+    };
+  }
+});
+// packages/core/dist/federation/privacy.js
+function maskSnippet(snippet, maskRate = 0.3) {
+  const words = snippet.split(/\s+/);
+  return words.map((w) => {
+    if (Math.random() < maskRate && w.length > 2) {
+      return w[0] + "***";
+    }
+    return w;
+  }).join(" ");
+}
+var init_privacy = __esm({
+  "packages/core/dist/federation/privacy.js"() {
+    "use strict";
+  }
+});
+// packages/core/dist/federation/sharing.js
+import { readFileSync as readFileSync12, writeFileSync as writeFileSync11, existsSync as existsSync11, mkdirSync as mkdirSync11 } from "node:fs";
+import { join as join12 } from "node:path";
+import { homedir as homedir5 } from "node:os";
+function loadSharingConfig() {
+  if (existsSync11(SHARING_FILE)) {
+    const raw = JSON.parse(readFileSync12(SHARING_FILE, "utf-8"));
+    return { ...DEFAULT_CONFIG2, ...raw };
+  }
+  return { ...DEFAULT_CONFIG2 };
+}
+function saveSharingConfig(config) {
+  mkdirSync11(join12(homedir5(), ".stellavault", "federation"), { recursive: true });
+  writeFileSync11(SHARING_FILE, JSON.stringify(config, null, 2), "utf-8");
+}
+function getDocumentLevel(doc, config) {
+  const cfg = config ?? loadSharingConfig();
+  if (cfg.blockedDocIds.includes(doc.id))
+    return 0;
+  if (cfg.blockSensitivePatterns) {
+    for (const pattern of SENSITIVE_PATTERNS) {
+      if (pattern.test(doc.content))
+        return 0;
+    }
+  }
+  let matchedLevel = null;
+  for (const rule of cfg.rules) {
+    if (rule.type === "doc" && rule.pattern === doc.id) {
+      return rule.level;
+    }
+  }
+  const docTags = doc.tags.map((t2) => t2.toLowerCase());
+  for (const rule of cfg.rules) {
+    if (rule.type === "tag" && docTags.includes(rule.pattern.toLowerCase())) {
+      if (matchedLevel === null || rule.level < matchedLevel) {
+        matchedLevel = rule.level;
+      }
+    }
+  }
+  for (const rule of cfg.rules) {
+    if (rule.type === "folder" && doc.filePath.startsWith(rule.pattern)) {
+      if (matchedLevel === null || rule.level < matchedLevel) {
+        matchedLevel = rule.level;
+      }
+    }
+  }
+  return matchedLevel ?? cfg.defaultLevel;
+}
+function isDocumentShareable(doc, config) {
+  return getDocumentLevel(doc, config) > 0;
+}
+function approveRequest(requestId) {
+  const cfg = loadSharingConfig();
+  const req = cfg.pendingRequests.find((r) => r.requestId === requestId);
+  if (!req)
+    return false;
+  req.status = "approved";
+  saveSharingConfig(cfg);
+  return true;
+}
+function denyRequest(requestId) {
+  const cfg = loadSharingConfig();
+  const req = cfg.pendingRequests.find((r) => r.requestId === requestId);
+  if (!req)
+    return false;
+  req.status = "denied";
+  saveSharingConfig(cfg);
+  return true;
+}
+function getPendingRequests() {
+  return loadSharingConfig().pendingRequests.filter((r) => r.status === "pending");
+}
+function sanitizeSnippet(snippet) {
+  let safe = snippet;
+  for (const pattern of SENSITIVE_PATTERNS) {
+    safe = safe.replace(pattern, "[REDACTED]");
+  }
+  return safe;
+}
+function setTagLevel(tag, level) {
+  const cfg = loadSharingConfig();
+  const existing = cfg.rules.findIndex((r) => r.type === "tag" && r.pattern.toLowerCase() === tag.toLowerCase());
+  if (existing >= 0)
+    cfg.rules[existing].level = level;
+  else
+    cfg.rules.push({ pattern: tag.toLowerCase(), type: "tag", level });
+  saveSharingConfig(cfg);
+}
+function setFolderLevel(folder, level) {
+  const cfg = loadSharingConfig();
+  const existing = cfg.rules.findIndex((r) => r.type === "folder" && r.pattern === folder);
+  if (existing >= 0)
+    cfg.rules[existing].level = level;
+  else
+    cfg.rules.push({ pattern: folder, type: "folder", level });
+  saveSharingConfig(cfg);
+}
+function setNodeLevel(level) {
+  const cfg = loadSharingConfig();
+  cfg.myNodeLevel = level;
+  saveSharingConfig(cfg);
+}
+function getSharingSummary(config) {
+  const cfg = config ?? loadSharingConfig();
+  const lines = [];
+  lines.push(`My Node Level: ${LEVEL_ICONS[cfg.myNodeLevel]} Level ${cfg.myNodeLevel} (${LEVEL_LABELS[cfg.myNodeLevel]})`);
+  lines.push(`Default Doc Level: ${LEVEL_ICONS[cfg.defaultLevel]} Level ${cfg.defaultLevel}`);
+  lines.push(`Credit Multiplier: ${LEVEL_CREDIT_MULTIPLIER[cfg.myNodeLevel]}x`);
+  lines.push("");
+  lines.push("Rules:");
+  for (const rule of cfg.rules) {
+    lines.push(`  ${LEVEL_ICONS[rule.level]} [${rule.type}] ${rule.pattern} \u2192 Level ${rule.level}`);
+  }
+  if (cfg.blockedDocIds.length > 0) {
+    lines.push(`  \u{1F6AB} ${cfg.blockedDocIds.length} docs individually blocked`);
+  }
+  lines.push("");
+  const pending = cfg.pendingRequests.filter((r) => r.status === "pending");
+  if (pending.length > 0) {
+    lines.push(`\u{1F4EC} ${pending.length} pending full-text requests`);
+  }
+  lines.push(`Sensitive pattern filter: ${cfg.blockSensitivePatterns ? "ON" : "OFF"}`);
+  return lines.join("\n");
+}
+var LEVEL_LABELS, LEVEL_ICONS, LEVEL_CREDIT_MULTIPLIER, SHARING_FILE, SENSITIVE_PATTERNS, DEFAULT_CONFIG2;
+var init_sharing = __esm({
+  "packages/core/dist/federation/sharing.js"() {
+    "use strict";
+    LEVEL_LABELS = {
+      0: "Blocked (not searchable)",
+      1: "Title + similarity only",
+      2: "Title + snippet (50 chars)",
+      3: "Full text on request (approval needed)",
+      4: "Full text auto-shared"
+    };
+    LEVEL_ICONS = {
+      0: "\u{1F6AB}",
+      1: "\u{1F4CC}",
+      2: "\u{1F4DD}",
+      3: "\u{1F4D6}",
+      4: "\u{1F310}"
+    };
+    LEVEL_CREDIT_MULTIPLIER = {
+      0: 0,
+      1: 1,
+      2: 2,
+      3: 5,
+      4: 10
+    };
+    SHARING_FILE = join12(homedir5(), ".stellavault", "federation", "sharing.json");
+    SENSITIVE_PATTERNS = [
+      /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/,
+      /\b\d{3}[-.]?\d{4}[-.]?\d{4}\b/,
+      /\b(sk-|pk-|api[_-]?key|token|secret)[a-zA-Z0-9_-]{10,}\b/i,
+      /\bpassword\s*[:=]\s*\S+/i,
+      /\b\d{6}[-]\d{7}\b/
+    ];
+    DEFAULT_CONFIG2 = {
+      defaultLevel: 2,
+      // 기본: 스니펫까지
+      myNodeLevel: 2,
+      // 내 노드 기본: 스니펫까지
+      rules: [
+        // 기본 규칙
+        { pattern: "public", type: "tag", level: 4 },
+        { pattern: "opensource", type: "tag", level: 4 },
+        { pattern: "personal", type: "tag", level: 1 },
+        { pattern: "private", type: "tag", level: 0 },
+        { pattern: "secret", type: "tag", level: 0 },
+        { pattern: "diary", type: "tag", level: 0 },
+        { pattern: "salary", type: "tag", level: 0 },
+        { pattern: "password", type: "tag", level: 0 },
+        { pattern: "credential", type: "tag", level: 0 },
+        { pattern: "03_Daily", type: "folder", level: 1 },
+        { pattern: "06_Archive", type: "folder", level: 1 },
+        { pattern: ".obsidian", type: "folder", level: 0 }
+      ],
+      blockedDocIds: [],
+      blockSensitivePatterns: true,
+      pendingRequests: []
+    };
+  }
+});
+// packages/core/dist/federation/search.js
+import { randomUUID } from "node:crypto";
+var FederatedSearch;
+var init_search = __esm({
+  "packages/core/dist/federation/search.js"() {
+    "use strict";
+    init_privacy();
+    init_sharing();
+    FederatedSearch = class {
+      node;
+      store;
+      embedder;
+      additionalStores = [];
+      constructor(node, store, embedder) {
+        this.node = node;
+        this.store = store;
+        this.embedder = embedder;
+      }
+      // Multi-vault: 추가 store 등록 (Federation 검색 응답 시 전체 vault 검색)
+      addStore(store) {
+        this.additionalStores.push(store);
+      }
+      // Design Ref: §5 — search() 요청 측
+      async search(query, options = {}) {
+        const { limit = 5, timeout = 5e3 } = options;
+        const peers = this.node.getPeers();
+        if (peers.length === 0) {
+          return [];
+        }
+        const embedding = await this.embedder.embed(query);
+        const queryId = randomUUID().slice(0, 8);
+        const results = [];
+        const peerMap = new Map(peers.map((p) => [p.peerId, p.displayName]));
+        const responsePromises = peers.map((peer) => {
+          return new Promise((resolve22) => {
+            const timer = setTimeout(resolve22, timeout);
+            const handler = (data) => {
+              if (data.queryId !== queryId)
+                return;
+              for (const r of data.results) {
+                results.push({
+                  title: r.title,
+                  similarity: r.similarity,
+                  snippet: r.snippet,
+                  peerId: peer.peerId,
+                  peerName: peer.displayName
+                });
+              }
+              clearTimeout(timer);
+              this.node.removeListener("search_response", handler);
+              resolve22();
+            };
+            this.node.on("search_response", handler);
+            this.node.sendSearchQuery(peer.peerId, queryId, Array.from(embedding), limit);
+          });
+        });
+        await Promise.allSettled(responsePromises);
+        return results.sort((a, b) => b.similarity - a.similarity).slice(0, limit);
+      }
+      // Design Ref: §5 — startResponder() 피어 요청 수신 측
+      startResponder() {
+        this.node.on("search_request", async (req) => {
+          if (!req.respondTo)
+            return;
+          try {
+            const allStores = [this.store, ...this.additionalStores];
+            const allScored = await Promise.all(allStores.map((s) => s.searchSemantic(req.embedding, req.limit).catch(() => [])));
+            const scored = allScored.flat().sort((a, b) => b.score - a.score).slice(0, req.limit);
+            const safe = [];
+            for (const s of scored) {
+              const chunk = await this.store.getChunk(s.chunkId);
+              if (!chunk)
+                continue;
+              const doc = await this.store.getDocument(chunk.documentId);
+              if (!doc)
+                continue;
+              if (!isDocumentShareable({ tags: doc.tags, filePath: doc.filePath, id: doc.id, content: doc.content }))
+                continue;
+              safe.push({
+                title: doc.title ?? chunk.heading ?? "Untitled",
+                similarity: Math.round(s.score * 1e3) / 1e3,
+                snippet: sanitizeSnippet(maskSnippet(chunk.content.slice(0, 50), 0.2))
+              });
+            }
+            this.node.sendSearchResult(req.respondTo, req.queryId, safe);
+          } catch (err) {
+            this.node.sendSearchResult(req.respondTo, req.queryId, []);
+          }
+        });
+      }
+    };
+  }
+});
+// packages/core/dist/federation/index.js
+var federation_exports = {};
+__export(federation_exports, {
+  FederatedSearch: () => FederatedSearch,
+  FederationNode: () => FederationNode,
+  getOrCreateIdentity: () => getOrCreateIdentity
+});
+var init_federation = __esm({
+  "packages/core/dist/federation/index.js"() {
+    "use strict";
+    init_node();
+    init_search();
+    init_identity();
+  }
+});
 // packages/cli/dist/index.js
 import { Command } from "commander";
@@ -5312,12 +5898,108 @@ ${content}`;
       res.status(500).json({ error: "Clip failed" });
     }
   });
-  return {
-    async start() {
-      return new Promise((resolve22) => {
-        app.listen(port, "127.0.0.1", () => {
-          console.error(`\u{1F310} API server running at http://127.0.0.1:${port}`);
-          resolve22();
+  let federationNode = null;
+  let federationAvailable = null;
+  async function probeFederationAvailable() {
+    if (federationAvailable !== null)
+      return federationAvailable;
+    try {
+      await import("hyperswarm");
+      federationAvailable = true;
+    } catch {
+      federationAvailable = false;
+    }
+    return federationAvailable;
+  }
+  app.get("/api/federate/status", async (_req, res) => {
+    const available = await probeFederationAvailable();
+    if (!available) {
+      return res.json({ available: false, active: false, peerCount: 0, peers: [], displayName: null, peerId: null });
+    }
+    if (!federationNode || !federationNode.isRunning) {
+      return res.json({ available: true, active: false, peerCount: 0, peers: [], displayName: null, peerId: null });
+    }
+    try {
+      const peers = federationNode.getPeers().map((p) => ({
+        peerId: p.peerId || "",
+        displayName: p.displayName || "Peer",
+        documentCount: p.documentCount ?? 0,
+        topTopics: p.topTopics ?? []
+      }));
+      res.json({
+        available: true,
+        active: true,
+        peerCount: peers.length,
+        peers,
+        displayName: federationNode.displayName,
+        peerId: federationNode.peerId
+      });
+    } catch (err) {
+      console.error(err);
+      res.json({ available: true, active: false, peerCount: 0, peers: [], displayName: null, peerId: null });
+    }
+  });
+  app.post("/api/federate/join", async (req, res) => {
+    const available = await probeFederationAvailable();
+    if (!available) {
+      return res.status(501).json({
+        success: false,
+        error: "federation-unavailable",
+        message: 'Federation requires optional dependency "hyperswarm". Reinstall stellavault with hyperswarm enabled.'
+      });
+    }
+    if (federationNode && federationNode.isRunning) {
+      return res.json({
+        success: true,
+        active: true,
+        displayName: federationNode.displayName,
+        peerId: federationNode.peerId,
+        peerCount: federationNode.peerCount,
+        message: "Already joined"
+      });
+    }
+    try {
+      const { FederationNode: FederationNode2 } = await Promise.resolve().then(() => (init_federation(), federation_exports));
+      const displayName = req.body?.displayName || void 0;
+      federationNode = new FederationNode2(displayName);
+      try {
+        const stats = await store.getStats();
+        federationNode.setLocalStats(stats.documentCount ?? 0, []);
+      } catch {
+      }
+      await federationNode.join();
+      res.json({
+        success: true,
+        active: true,
+        displayName: federationNode.displayName,
+        peerId: federationNode.peerId,
+        peerCount: federationNode.peerCount
+      });
+    } catch (err) {
+      console.error("Federation join failed:", err);
+      federationNode = null;
+      res.status(500).json({ success: false, error: err?.message || "Federation join failed" });
+    }
+  });
+  app.post("/api/federate/leave", async (_req, res) => {
+    if (!federationNode || !federationNode.isRunning) {
+      return res.json({ success: true, active: false, message: "Not active" });
+    }
+    try {
+      await federationNode.leave();
+      federationNode = null;
+      res.json({ success: true, active: false });
+    } catch (err) {
+      console.error("Federation leave failed:", err);
+      res.status(500).json({ success: false, error: err?.message || "Federation leave failed" });
+    }
+  });
+  return {
+    async start() {
+      return new Promise((resolve22) => {
+        app.listen(port, "127.0.0.1", () => {
+          console.error(`\u{1F310} API server running at http://127.0.0.1:${port}`);
+          resolve22();
         });
       });
     },
@@ -5560,18 +6242,18 @@ init_zettelkasten();
 init_ingest_pipeline();
 // packages/core/dist/multi-vault/index.js
-import { readFileSync as readFileSync11, writeFileSync as writeFileSync10, existsSync as existsSync10, mkdirSync as mkdirSync10 } from "node:fs";
-import { join as join11 } from "node:path";
-import { homedir as homedir4 } from "node:os";
-var VAULTS_FILE = join11(homedir4(), ".stellavault", "vaults.json");
+import { readFileSync as readFileSync13, writeFileSync as writeFileSync12, existsSync as existsSync12, mkdirSync as mkdirSync12 } from "node:fs";
+import { join as join13 } from "node:path";
+import { homedir as homedir6 } from "node:os";
+var VAULTS_FILE = join13(homedir6(), ".stellavault", "vaults.json");
 function loadVaults() {
-  if (!existsSync10(VAULTS_FILE))
+  if (!existsSync12(VAULTS_FILE))
     return [];
-  return JSON.parse(readFileSync11(VAULTS_FILE, "utf-8"));
+  return JSON.parse(readFileSync13(VAULTS_FILE, "utf-8"));
 }
 function saveVaults(vaults) {
-  mkdirSync10(join11(homedir4(), ".stellavault"), { recursive: true });
-  writeFileSync10(VAULTS_FILE, JSON.stringify(vaults, null, 2), "utf-8");
+  mkdirSync12(join13(homedir6(), ".stellavault"), { recursive: true });
+  writeFileSync12(VAULTS_FILE, JSON.stringify(vaults, null, 2), "utf-8");
 }
 function addVault(id, name, vaultPath, dbPath, shared = false) {
   const vaults = loadVaults();
@@ -5601,7 +6283,7 @@ async function searchAllVaults(query, embedder, createStore, options = {}) {
   const embedding = await embedder.embed(query);
   const searches = vaults.map(async (vault2) => {
     try {
-      if (!existsSync10(vault2.dbPath))
+      if (!existsSync12(vault2.dbPath))
         return;
       const store = createStore(vault2.dbPath);
       await store.initialize();
@@ -5630,8 +6312,8 @@ async function searchAllVaults(query, embedder, createStore, options = {}) {
 // packages/core/dist/capture/voice.js
 import { execFileSync, execSync } from "node:child_process";
-import { writeFileSync as writeFileSync11, mkdirSync as mkdirSync11, existsSync as existsSync11 } from "node:fs";
-import { join as join12, basename as basename4 } from "node:path";
+import { writeFileSync as writeFileSync13, mkdirSync as mkdirSync13, existsSync as existsSync13 } from "node:fs";
+import { join as join14, basename as basename4 } from "node:path";
 var ALLOWED_MODELS = ["tiny", "base", "small", "medium", "large"];
 var ALLOWED_LANGUAGES = ["auto", "en", "ko", "ja", "zh", "es", "fr", "de", "it", "pt", "ru", "ar", "hi"];
 function validateModel(model) {
@@ -5654,7 +6336,7 @@ function isWhisperAvailable() {
 }
 async function transcribeAudio(audioPath, options = {}) {
   const { model = "base", language } = options;
-  if (!existsSync11(audioPath)) {
+  if (!existsSync13(audioPath)) {
     throw new Error(`Audio file not found: ${audioPath}`);
   }
   if (isWhisperAvailable()) {
@@ -5662,12 +6344,12 @@ async function transcribeAudio(audioPath, options = {}) {
     const args = [audioPath, "--model", safeModel, "--output_format", "txt", "--output_dir", "/tmp/sv-whisper"];
     if (language)
       args.push("--language", validateLanguage(language));
-    mkdirSync11("/tmp/sv-whisper", { recursive: true });
+    mkdirSync13("/tmp/sv-whisper", { recursive: true });
     try {
       execFileSync("whisper", args, { stdio: "pipe", timeout: 3e5 });
       const outputName = basename4(audioPath).replace(/\.[^.]+$/, ".txt");
       const { readFileSync: readFileSync18 } = await import("node:fs");
-      return readFileSync18(join12("/tmp/sv-whisper", outputName), "utf-8").trim();
+      return readFileSync18(join14("/tmp/sv-whisper", outputName), "utf-8").trim();
     } catch (err) {
       throw new Error(`Whisper failed: ${err instanceof Error ? err.message : err}`);
     }
@@ -5724,10 +6406,10 @@ async function captureVoice(audioPath, options) {
       transcript,
       ""
     ].join("\n");
-    const dir = join12(vaultPath, folder);
-    mkdirSync11(dir, { recursive: true });
-    const filePath = join12(dir, `${date.slice(0, 10)} ${safeTitle}.md`);
-    writeFileSync11(filePath, content, "utf-8");
+    const dir = join14(vaultPath, folder);
+    mkdirSync13(dir, { recursive: true });
+    const filePath = join14(dir, `${date.slice(0, 10)} ${safeTitle}.md`);
+    writeFileSync13(filePath, content, "utf-8");
     return {
       title: safeTitle,
       filePath,
@@ -5748,15 +6430,15 @@ async function captureVoice(audioPath, options) {
 }
 // packages/core/dist/cloud/sync.js
-import { createCipheriv, createDecipheriv, randomBytes, createHash as createHash3 } from "node:crypto";
-import { readFileSync as readFileSync12, writeFileSync as writeFileSync12, existsSync as existsSync12, mkdirSync as mkdirSync12, chmodSync } from "node:fs";
-import { join as join13 } from "node:path";
-import { homedir as homedir5 } from "node:os";
-var CLOUD_DIR = join13(homedir5(), ".stellavault", "cloud");
-var KEY_FILE = join13(CLOUD_DIR, "encryption.key");
-var SYNC_STATE_FILE = join13(CLOUD_DIR, "sync-state.json");
+import { createCipheriv, createDecipheriv, randomBytes as randomBytes2, createHash as createHash5 } from "node:crypto";
+import { readFileSync as readFileSync14, writeFileSync as writeFileSync14, existsSync as existsSync14, mkdirSync as mkdirSync14, chmodSync as chmodSync2 } from "node:fs";
+import { join as join15 } from "node:path";
+import { homedir as homedir7 } from "node:os";
+var CLOUD_DIR = join15(homedir7(), ".stellavault", "cloud");
+var KEY_FILE = join15(CLOUD_DIR, "encryption.key");
+var SYNC_STATE_FILE = join15(CLOUD_DIR, "sync-state.json");
 function encrypt(data, key) {
-  const iv = randomBytes(16);
+  const iv = randomBytes2(16);
   const cipher = createCipheriv("aes-256-gcm", key, iv);
   const encrypted = Buffer.concat([cipher.update(data), cipher.final()]);
   const tag = cipher.getAuthTag();
@@ -5768,19 +6450,19 @@ function decrypt(encrypted, key, iv, tag) {
   return Buffer.concat([decipher.update(encrypted), decipher.final()]);
 }
 function getOrCreateEncryptionKey(userKey) {
-  mkdirSync12(CLOUD_DIR, { recursive: true });
+  mkdirSync14(CLOUD_DIR, { recursive: true });
   if (userKey) {
-    const key2 = createHash3("sha256").update(userKey).digest();
-    writeFileSync12(KEY_FILE, key2.toString("hex"), "utf-8");
+    const key2 = createHash5("sha256").update(userKey).digest();
+    writeFileSync14(KEY_FILE, key2.toString("hex"), "utf-8");
     return key2;
   }
-  if (existsSync12(KEY_FILE)) {
-    return Buffer.from(readFileSync12(KEY_FILE, "utf-8").trim(), "hex");
+  if (existsSync14(KEY_FILE)) {
+    return Buffer.from(readFileSync14(KEY_FILE, "utf-8").trim(), "hex");
   }
-  const key = randomBytes(32);
-  writeFileSync12(KEY_FILE, key.toString("hex"), { encoding: "utf-8", mode: 384 });
+  const key = randomBytes2(32);
+  writeFileSync14(KEY_FILE, key.toString("hex"), { encoding: "utf-8", mode: 384 });
   try {
-    chmodSync(KEY_FILE, 384);
+    chmodSync2(KEY_FILE, 384);
   } catch {
   }
   return key;
@@ -5804,7 +6486,7 @@ async function s3Put(config, objectKey, data, contentType = "application/octet-s
       "Content-Type": contentType,
       "Content-Length": String(data.length),
       "x-amz-date": date,
-      "x-amz-content-sha256": createHash3("sha256").update(data).digest("hex"),
+      "x-amz-content-sha256": createHash5("sha256").update(data).digest("hex"),
       // R2는 Bearer token 지원
       "Authorization": `Bearer ${secretAccessKey}`
     },
@@ -5824,18 +6506,18 @@ async function s3Get(config, objectKey) {
 async function syncToCloud(dbPath, config) {
   const timestamp = (/* @__PURE__ */ new Date()).toISOString();
   try {
-    if (!existsSync12(dbPath)) {
+    if (!existsSync14(dbPath)) {
       return { action: "upload", dbSize: 0, encryptedSize: 0, timestamp, success: false, error: "DB not found" };
     }
-    const dbData = readFileSync12(dbPath);
+    const dbData = readFileSync14(dbPath);
     const key = getOrCreateEncryptionKey(config.encryptionKey);
     const { encrypted, iv, tag } = encrypt(dbData, key);
     const payload = Buffer.concat([iv, tag, encrypted]);
     const objectKey = `stellavault/index.db.enc`;
     const success = await s3Put(config, objectKey, payload);
     const state = { lastSync: timestamp, dbSize: dbData.length, encryptedSize: payload.length, objectKey };
-    mkdirSync12(CLOUD_DIR, { recursive: true });
-    writeFileSync12(SYNC_STATE_FILE, JSON.stringify(state, null, 2), "utf-8");
+    mkdirSync14(CLOUD_DIR, { recursive: true });
+    writeFileSync14(SYNC_STATE_FILE, JSON.stringify(state, null, 2), "utf-8");
     return { action: "upload", dbSize: dbData.length, encryptedSize: payload.length, timestamp, success };
   } catch (err) {
     return { action: "upload", dbSize: 0, encryptedSize: 0, timestamp, success: false, error: err instanceof Error ? err.message : String(err) };
@@ -5854,579 +6536,46 @@ async function restoreFromCloud(dbPath, config) {
     const tag = payload.subarray(16, 32);
     const encrypted = payload.subarray(32);
     const dbData = decrypt(encrypted, key, iv, tag);
-    if (existsSync12(dbPath)) {
-      writeFileSync12(dbPath + ".backup", readFileSync12(dbPath));
+    if (existsSync14(dbPath)) {
+      writeFileSync14(dbPath + ".backup", readFileSync14(dbPath));
     }
-    writeFileSync12(dbPath, dbData);
+    writeFileSync14(dbPath, dbData);
     return { action: "download", dbSize: dbData.length, encryptedSize: payload.length, timestamp, success: true };
   } catch (err) {
     return { action: "download", dbSize: 0, encryptedSize: 0, timestamp, success: false, error: err instanceof Error ? err.message : String(err) };
   }
 }
 function getSyncState() {
-  if (!existsSync12(SYNC_STATE_FILE))
+  if (!existsSync14(SYNC_STATE_FILE))
     return null;
-  return JSON.parse(readFileSync12(SYNC_STATE_FILE, "utf-8"));
+  return JSON.parse(readFileSync14(SYNC_STATE_FILE, "utf-8"));
 }
 // packages/core/dist/team/index.js
-import { join as join14 } from "node:path";
-import { homedir as homedir6 } from "node:os";
-var TEAM_DIR = join14(homedir6(), ".stellavault", "team");
-var TEAM_FILE = join14(TEAM_DIR, "team.json");
-// packages/core/dist/federation/node.js
-import { createHash as createHash5 } from "node:crypto";
-import { EventEmitter } from "node:events";
-// packages/core/dist/federation/identity.js
-import { randomBytes as randomBytes2, createHash as createHash4, createHmac } from "node:crypto";
-import { readFileSync as readFileSync13, writeFileSync as writeFileSync13, existsSync as existsSync13, mkdirSync as mkdirSync13, chmodSync as chmodSync2 } from "node:fs";
-import { join as join15 } from "node:path";
-import { homedir as homedir7 } from "node:os";
-var IDENTITY_DIR = join15(homedir7(), ".stellavault", "federation");
-var IDENTITY_FILE = join15(IDENTITY_DIR, "identity.json");
-function getOrCreateIdentity(displayName) {
-  if (existsSync13(IDENTITY_FILE)) {
-    const raw = JSON.parse(readFileSync13(IDENTITY_FILE, "utf-8"));
-    return {
-      peerId: raw.peerId,
-      publicKey: Buffer.from(raw.publicKey, "hex"),
-      secretKey: Buffer.from(raw.secretKey, "hex"),
-      displayName: raw.displayName,
-      createdAt: raw.createdAt
-    };
-  }
-  const secretKey = randomBytes2(32);
-  const publicKey = createHash4("sha256").update(secretKey).digest();
-  const peerId = createHash4("sha256").update(publicKey).digest("hex").slice(0, 16);
-  const identity = {
-    peerId,
-    publicKey,
-    secretKey,
-    displayName: displayName ?? `node-${peerId.slice(0, 6)}`,
-    createdAt: (/* @__PURE__ */ new Date()).toISOString()
-  };
-  mkdirSync13(IDENTITY_DIR, { recursive: true });
-  const content = JSON.stringify({
-    peerId: identity.peerId,
-    publicKey: publicKey.toString("hex"),
-    secretKey: secretKey.toString("hex"),
-    displayName: identity.displayName,
-    createdAt: identity.createdAt
-  }, null, 2);
-  writeFileSync13(IDENTITY_FILE, content, { encoding: "utf-8", mode: 384 });
-  try {
-    chmodSync2(IDENTITY_FILE, 384);
-  } catch {
-  }
-  return identity;
-}
-// packages/core/dist/federation/node.js
-var FEDERATION_TOPIC = createHash5("sha256").update("stellavault-federation-v1").digest();
-var FederationNode = class extends EventEmitter {
-  swarm = null;
-  identity;
-  peers = /* @__PURE__ */ new Map();
-  running = false;
-  documentCount = 0;
-  topTopics = [];
-  constructor(displayName) {
-    super();
-    this.identity = getOrCreateIdentity(displayName);
-  }
-  get peerId() {
-    return this.identity.peerId;
-  }
-  get displayName() {
-    return this.identity.displayName;
-  }
-  get peerCount() {
-    return this.peers.size;
-  }
-  get isRunning() {
-    return this.running;
-  }
-  setLocalStats(documentCount, topTopics) {
-    this.documentCount = documentCount;
-    this.topTopics = topTopics.slice(0, 5);
-  }
-  // Design Ref: §4 — join()
-  async join() {
-    if (this.running)
-      return;
-    const Hyperswarm = (await import("hyperswarm")).default;
-    this.swarm = new Hyperswarm({ maxPeers: 50 });
-    this.swarm.on("connection", (conn, _info) => {
-      this.handleConnection(conn);
-    });
-    const discovery = this.swarm.join(FEDERATION_TOPIC, { server: true, client: true });
-    await discovery.flushed();
-    this.running = true;
-    this.emit("joined", { peerId: this.peerId, topic: FEDERATION_TOPIC.toString("hex").slice(0, 16) });
-  }
-  // Design Ref: §4 — joinDirect() 수동 IP 폴백
-  async joinDirect(host, port) {
-    const net = await import("node:net");
-    const conn = net.connect(port, host);
-    await new Promise((resolve22, reject) => {
-      conn.on("connect", () => {
-        this.handleConnection(conn);
-        resolve22();
-      });
-      conn.on("error", reject);
-      setTimeout(() => reject(new Error("Connection timeout")), 15e3);
-    });
-    if (!this.running)
-      this.running = true;
-  }
-  async leave() {
-    if (!this.running)
-      return;
-    for (const [, peer] of this.peers) {
-      try {
-        this.sendMessage(peer.conn, { type: "leave", peerId: this.peerId });
-        peer.conn.end();
-      } catch {
-      }
-    }
-    this.peers.clear();
-    await this.swarm?.destroy();
-    this.swarm = null;
-    this.running = false;
-    this.emit("left");
-  }
-  getPeers() {
-    return [...this.peers.values()].map((p) => p.info);
-  }
-  // 피어에게 검색 쿼리 전송 (FederatedSearch에서 사용)
-  sendSearchQuery(peerId, queryId, embedding, limit) {
-    const peer = this.peers.get(peerId);
-    if (!peer)
-      return;
-    this.sendMessage(peer.conn, { type: "search_query", queryId, embedding, limit });
-  }
-  // 피어에게 검색 결과 응답 (FederatedSearch에서 사용)
-  sendSearchResult(peerId, queryId, results) {
-    const peer = this.peers.get(peerId);
-    if (!peer)
-      return;
-    this.sendMessage(peer.conn, { type: "search_result", queryId, results });
-  }
-  // --- Private ---
-  handleConnection(conn) {
-    this.sendMessage(conn, {
-      type: "handshake",
-      peerId: this.peerId,
-      displayName: this.identity.displayName,
-      version: "0.1.0",
-      documentCount: this.documentCount,
-      topTopics: this.topTopics
-    });
-    let buffer = "";
-    const MAX_BUFFER = 1024 * 1024;
-    const MAX_MESSAGE = 64 * 1024;
-    conn.on("data", (data) => {
-      buffer += data.toString();
-      if (buffer.length > MAX_BUFFER) {
-        console.error("Federation: buffer overflow from peer, disconnecting");
-        buffer = "";
-        conn.end();
-        return;
-      }
-      const lines = buffer.split("\n");
-      buffer = lines.pop() ?? "";
-      for (const line of lines) {
-        if (!line.trim())
-          continue;
-        if (line.length > MAX_MESSAGE)
-          continue;
-        try {
-          const msg = JSON.parse(line);
-          this.handleMessage(conn, msg);
-        } catch {
-        }
-      }
-    });
-    conn.on("close", () => {
-      for (const [peerId, peer] of this.peers) {
-        if (peer.conn === conn) {
-          this.peers.delete(peerId);
-          this.emit("peer_left", { peerId });
-          break;
-        }
-      }
-    });
-    conn.on("error", () => {
-    });
-  }
-  // MED: 메시지 스키마 기본 검증
-  validateMessage(msg) {
-    if (!msg || typeof msg !== "object" || typeof msg.type !== "string")
-      return false;
-    if (msg.type === "handshake" && (typeof msg.peerId !== "string" || typeof msg.displayName !== "string"))
-      return false;
-    if (msg.type === "search_query" && (!Array.isArray(msg.embedding) || msg.embedding.length !== 384))
-      return false;
-    if (msg.type === "search_result" && !Array.isArray(msg.results))
-      return false;
-    return true;
-  }
-  handleMessage(conn, msg) {
-    if (!this.validateMessage(msg))
-      return;
-    switch (msg.type) {
-      case "handshake": {
-        const safeName = (msg.displayName ?? "").slice(0, 50);
-        const peerInfo = {
-          peerId: msg.peerId,
-          displayName: safeName,
-          documentCount: Math.min(msg.documentCount ?? 0, 1e6),
-          // 합리적 상한
-          topTopics: (msg.topTopics ?? []).slice(0, 10),
-          joinedAt: (/* @__PURE__ */ new Date()).toISOString(),
-          lastSeen: (/* @__PURE__ */ new Date()).toISOString()
-        };
-        this.peers.set(msg.peerId, { info: peerInfo, conn });
-        this.emit("peer_joined", peerInfo);
-        break;
-      }
-      case "search_query": {
-        this.emit("search_request", {
-          peerId: msg.queryId,
-          // queryId를 추적용으로 사용
-          queryId: msg.queryId,
-          embedding: msg.embedding,
-          limit: msg.limit,
-          // respond 함수: 호출 측에서 사용
-          respondTo: (() => {
-            for (const [pid, peer] of this.peers) {
-              if (peer.conn === conn)
-                return pid;
-            }
-            return null;
-          })()
-        });
-        break;
-      }
-      case "search_result": {
-        this.emit("search_response", {
-          queryId: msg.queryId,
-          results: msg.results,
-          peerId: (() => {
-            for (const [pid, peer] of this.peers) {
-              if (peer.conn === conn)
-                return pid;
-            }
-            return "unknown";
-          })()
-        });
-        break;
-      }
-      case "leave": {
-        this.peers.delete(msg.peerId);
-        this.emit("peer_left", { peerId: msg.peerId });
-        break;
-      }
-    }
-  }
-  // Design Ref: §7 — JSON + newline delimiter
-  sendMessage(conn, msg) {
-    try {
-      conn.write(JSON.stringify(msg) + "\n");
-    } catch {
-    }
-  }
-};
-// packages/core/dist/federation/search.js
-import { randomUUID } from "node:crypto";
-// packages/core/dist/federation/privacy.js
-function maskSnippet(snippet, maskRate = 0.3) {
-  const words = snippet.split(/\s+/);
-  return words.map((w) => {
-    if (Math.random() < maskRate && w.length > 2) {
-      return w[0] + "***";
-    }
-    return w;
-  }).join(" ");
-}
-// packages/core/dist/federation/sharing.js
-import { readFileSync as readFileSync14, writeFileSync as writeFileSync14, existsSync as existsSync14, mkdirSync as mkdirSync14 } from "node:fs";
 import { join as join16 } from "node:path";
 import { homedir as homedir8 } from "node:os";
-var LEVEL_LABELS = {
-  0: "Blocked (not searchable)",
-  1: "Title + similarity only",
-  2: "Title + snippet (50 chars)",
-  3: "Full text on request (approval needed)",
-  4: "Full text auto-shared"
-};
-var LEVEL_ICONS = {
-  0: "\u{1F6AB}",
-  1: "\u{1F4CC}",
-  2: "\u{1F4DD}",
-  3: "\u{1F4D6}",
-  4: "\u{1F310}"
-};
-var LEVEL_CREDIT_MULTIPLIER = {
-  0: 0,
-  1: 1,
-  2: 2,
-  3: 5,
-  4: 10
-};
-var SHARING_FILE = join16(homedir8(), ".stellavault", "federation", "sharing.json");
-var SENSITIVE_PATTERNS = [
-  /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/,
-  /\b\d{3}[-.]?\d{4}[-.]?\d{4}\b/,
-  /\b(sk-|pk-|api[_-]?key|token|secret)[a-zA-Z0-9_-]{10,}\b/i,
-  /\bpassword\s*[:=]\s*\S+/i,
-  /\b\d{6}[-]\d{7}\b/
-];
-var DEFAULT_CONFIG2 = {
-  defaultLevel: 2,
-  // 기본: 스니펫까지
-  myNodeLevel: 2,
-  // 내 노드 기본: 스니펫까지
-  rules: [
-    // 기본 규칙
-    { pattern: "public", type: "tag", level: 4 },
-    { pattern: "opensource", type: "tag", level: 4 },
-    { pattern: "personal", type: "tag", level: 1 },
-    { pattern: "private", type: "tag", level: 0 },
-    { pattern: "secret", type: "tag", level: 0 },
-    { pattern: "diary", type: "tag", level: 0 },
-    { pattern: "salary", type: "tag", level: 0 },
-    { pattern: "password", type: "tag", level: 0 },
-    { pattern: "credential", type: "tag", level: 0 },
-    { pattern: "03_Daily", type: "folder", level: 1 },
-    { pattern: "06_Archive", type: "folder", level: 1 },
-    { pattern: ".obsidian", type: "folder", level: 0 }
-  ],
-  blockedDocIds: [],
-  blockSensitivePatterns: true,
-  pendingRequests: []
-};
-function loadSharingConfig() {
-  if (existsSync14(SHARING_FILE)) {
-    const raw = JSON.parse(readFileSync14(SHARING_FILE, "utf-8"));
-    return { ...DEFAULT_CONFIG2, ...raw };
-  }
-  return { ...DEFAULT_CONFIG2 };
-}
-function saveSharingConfig(config) {
-  mkdirSync14(join16(homedir8(), ".stellavault", "federation"), { recursive: true });
-  writeFileSync14(SHARING_FILE, JSON.stringify(config, null, 2), "utf-8");
-}
-function getDocumentLevel(doc, config) {
-  const cfg = config ?? loadSharingConfig();
-  if (cfg.blockedDocIds.includes(doc.id))
-    return 0;
-  if (cfg.blockSensitivePatterns) {
-    for (const pattern of SENSITIVE_PATTERNS) {
-      if (pattern.test(doc.content))
-        return 0;
-    }
-  }
-  let matchedLevel = null;
-  for (const rule of cfg.rules) {
-    if (rule.type === "doc" && rule.pattern === doc.id) {
-      return rule.level;
-    }
-  }
-  const docTags = doc.tags.map((t2) => t2.toLowerCase());
-  for (const rule of cfg.rules) {
-    if (rule.type === "tag" && docTags.includes(rule.pattern.toLowerCase())) {
-      if (matchedLevel === null || rule.level < matchedLevel) {
-        matchedLevel = rule.level;
-      }
-    }
-  }
-  for (const rule of cfg.rules) {
-    if (rule.type === "folder" && doc.filePath.startsWith(rule.pattern)) {
-      if (matchedLevel === null || rule.level < matchedLevel) {
-        matchedLevel = rule.level;
-      }
-    }
-  }
-  return matchedLevel ?? cfg.defaultLevel;
-}
-function isDocumentShareable(doc, config) {
-  return getDocumentLevel(doc, config) > 0;
-}
-function approveRequest(requestId) {
-  const cfg = loadSharingConfig();
-  const req = cfg.pendingRequests.find((r) => r.requestId === requestId);
-  if (!req)
-    return false;
-  req.status = "approved";
-  saveSharingConfig(cfg);
-  return true;
-}
-function denyRequest(requestId) {
-  const cfg = loadSharingConfig();
-  const req = cfg.pendingRequests.find((r) => r.requestId === requestId);
-  if (!req)
-    return false;
-  req.status = "denied";
-  saveSharingConfig(cfg);
-  return true;
-}
-function getPendingRequests() {
-  return loadSharingConfig().pendingRequests.filter((r) => r.status === "pending");
-}
-function sanitizeSnippet(snippet) {
-  let safe = snippet;
-  for (const pattern of SENSITIVE_PATTERNS) {
-    safe = safe.replace(pattern, "[REDACTED]");
-  }
-  return safe;
-}
-function setTagLevel(tag, level) {
-  const cfg = loadSharingConfig();
-  const existing = cfg.rules.findIndex((r) => r.type === "tag" && r.pattern.toLowerCase() === tag.toLowerCase());
-  if (existing >= 0)
-    cfg.rules[existing].level = level;
-  else
-    cfg.rules.push({ pattern: tag.toLowerCase(), type: "tag", level });
-  saveSharingConfig(cfg);
-}
-function setFolderLevel(folder, level) {
-  const cfg = loadSharingConfig();
-  const existing = cfg.rules.findIndex((r) => r.type === "folder" && r.pattern === folder);
-  if (existing >= 0)
-    cfg.rules[existing].level = level;
-  else
-    cfg.rules.push({ pattern: folder, type: "folder", level });
-  saveSharingConfig(cfg);
-}
-function setNodeLevel(level) {
-  const cfg = loadSharingConfig();
-  cfg.myNodeLevel = level;
-  saveSharingConfig(cfg);
-}
-function getSharingSummary(config) {
-  const cfg = config ?? loadSharingConfig();
-  const lines = [];
-  lines.push(`My Node Level: ${LEVEL_ICONS[cfg.myNodeLevel]} Level ${cfg.myNodeLevel} (${LEVEL_LABELS[cfg.myNodeLevel]})`);
-  lines.push(`Default Doc Level: ${LEVEL_ICONS[cfg.defaultLevel]} Level ${cfg.defaultLevel}`);
-  lines.push(`Credit Multiplier: ${LEVEL_CREDIT_MULTIPLIER[cfg.myNodeLevel]}x`);
-  lines.push("");
-  lines.push("Rules:");
-  for (const rule of cfg.rules) {
-    lines.push(`  ${LEVEL_ICONS[rule.level]} [${rule.type}] ${rule.pattern} \u2192 Level ${rule.level}`);
-  }
-  if (cfg.blockedDocIds.length > 0) {
-    lines.push(`  \u{1F6AB} ${cfg.blockedDocIds.length} docs individually blocked`);
-  }
-  lines.push("");
-  const pending = cfg.pendingRequests.filter((r) => r.status === "pending");
-  if (pending.length > 0) {
-    lines.push(`\u{1F4EC} ${pending.length} pending full-text requests`);
-  }
-  lines.push(`Sensitive pattern filter: ${cfg.blockSensitivePatterns ? "ON" : "OFF"}`);
-  return lines.join("\n");
-}
+var TEAM_DIR = join16(homedir8(), ".stellavault", "team");
+var TEAM_FILE = join16(TEAM_DIR, "team.json");
-// packages/core/dist/federation/search.js
-var FederatedSearch = class {
-  node;
-  store;
-  embedder;
-  additionalStores = [];
-  constructor(node, store, embedder) {
-    this.node = node;
-    this.store = store;
-    this.embedder = embedder;
-  }
-  // Multi-vault: 추가 store 등록 (Federation 검색 응답 시 전체 vault 검색)
-  addStore(store) {
-    this.additionalStores.push(store);
-  }
-  // Design Ref: §5 — search() 요청 측
-  async search(query, options = {}) {
-    const { limit = 5, timeout = 5e3 } = options;
-    const peers = this.node.getPeers();
-    if (peers.length === 0) {
-      return [];
-    }
-    const embedding = await this.embedder.embed(query);
-    const queryId = randomUUID().slice(0, 8);
-    const results = [];
-    const peerMap = new Map(peers.map((p) => [p.peerId, p.displayName]));
-    const responsePromises = peers.map((peer) => {
-      return new Promise((resolve22) => {
-        const timer = setTimeout(resolve22, timeout);
-        const handler = (data) => {
-          if (data.queryId !== queryId)
-            return;
-          for (const r of data.results) {
-            results.push({
-              title: r.title,
-              similarity: r.similarity,
-              snippet: r.snippet,
-              peerId: peer.peerId,
-              peerName: peer.displayName
-            });
-          }
-          clearTimeout(timer);
-          this.node.removeListener("search_response", handler);
-          resolve22();
-        };
-        this.node.on("search_response", handler);
-        this.node.sendSearchQuery(peer.peerId, queryId, Array.from(embedding), limit);
-      });
-    });
-    await Promise.allSettled(responsePromises);
-    return results.sort((a, b) => b.similarity - a.similarity).slice(0, limit);
-  }
-  // Design Ref: §5 — startResponder() 피어 요청 수신 측
-  startResponder() {
-    this.node.on("search_request", async (req) => {
-      if (!req.respondTo)
-        return;
-      try {
-        const allStores = [this.store, ...this.additionalStores];
-        const allScored = await Promise.all(allStores.map((s) => s.searchSemantic(req.embedding, req.limit).catch(() => [])));
-        const scored = allScored.flat().sort((a, b) => b.score - a.score).slice(0, req.limit);
-        const safe = [];
-        for (const s of scored) {
-          const chunk = await this.store.getChunk(s.chunkId);
-          if (!chunk)
-            continue;
-          const doc = await this.store.getDocument(chunk.documentId);
-          if (!doc)
-            continue;
-          if (!isDocumentShareable({ tags: doc.tags, filePath: doc.filePath, id: doc.id, content: doc.content }))
-            continue;
-          safe.push({
-            title: doc.title ?? chunk.heading ?? "Untitled",
-            similarity: Math.round(s.score * 1e3) / 1e3,
-            snippet: sanitizeSnippet(maskSnippet(chunk.content.slice(0, 50), 0.2))
-          });
-        }
-        this.node.sendSearchResult(req.respondTo, req.queryId, safe);
-      } catch (err) {
-        this.node.sendSearchResult(req.respondTo, req.queryId, []);
-      }
-    });
-  }
-};
+// packages/core/dist/index.js
+init_federation();
 // packages/core/dist/federation/trust.js
 import { join as join17 } from "node:path";
 import { homedir as homedir9 } from "node:os";
 var TRUST_FILE = join17(homedir9(), ".stellavault", "federation", "trust.json");
+// packages/core/dist/index.js
+init_sharing();
 // packages/core/dist/federation/reputation.js
 import { join as join18 } from "node:path";
 import { homedir as homedir10 } from "node:os";
 var REP_FILE = join18(homedir10(), ".stellavault", "federation", "reputation.json");
+// packages/core/dist/index.js
+init_privacy();
 // packages/core/dist/federation/credits.js
 import { join as join19 } from "node:path";
 import { homedir as homedir11 } from "node:os";
@@ -8917,7 +9066,8 @@ async function autopilotCommand(options) {
 // packages/cli/dist/index.js
 var program = new Command();
-program.name("stellavault").description("Stellavault \u2014 Turn your Obsidian vault into a 3D neural knowledge graph").version("0.3.0").option("--json", "Output in JSON format (for scripting)").option("--quiet", "Suppress non-essential output");
+var SV_VERSION = true ? "0.5.2" : "0.0.0-dev";
+program.name("stellavault").description("Stellavault \u2014 Turn your Obsidian vault into a 3D neural knowledge graph").version(SV_VERSION).option("--json", "Output in JSON format (for scripting)").option("--quiet", "Suppress non-essential output");
 program.command("init").description("Interactive setup wizard \u2014 get started in 3 minutes").action(initCommand);
 program.command("index [vault-path]").description("Obsidian vault\uB97C \uBCA1\uD130\uD654\uD558\uC5EC \uC778\uB371\uC2F1\uD569\uB2C8\uB2E4").action(indexCommand);
 program.command("search <query>").description("\uC9C0\uC2DD \uBCA0\uC774\uC2A4\uC5D0\uC11C \uAC80\uC0C9\uD569\uB2C8\uB2E4").option("-l, --limit <n>", "\uACB0\uACFC \uC218", "5").action(searchCommand);