teleportation-cli 1.1.4 → 1.2.0

package/lib/daemon/teleportation-daemon.js

@@ -38,8 +38,26 @@ import http from 'http';
 import { fileURLToPath } from 'url';
 import { spawn, exec } from 'child_process';
 import { promisify } from 'util';
-import { acquirePidLock, releasePidLock } from './pid-manager.js';
-import { setupSignalHandlers } from './lifecycle.js';
+import { homedir, tmpdir } from 'os';
+import { existsSync, appendFileSync } from 'fs';
+import { join } from 'path';
+// NOTE: PID locking is handled by agent-process at the platform level (launchd/systemd/pm2).
+// Signal handling and heartbeat management are handled inline below.
+// The following were removed in PRD-0025 migration:
+//   - pid-manager.js (replaced by agent-process platform locking)
+//   - lifecycle.js (replaced by inline signal handlers)
+//   - heartbeat-manager.js (replaced by inline heartbeat interval)
+
+// Task executor for autonomous tasks (PRD-0016)
+// V2 (timeline-driven stateless executor)
+import {
+  executeTaskTurn,
+  stopTask,
+  stopAllTasks,
+} from './task-executor-v2.js';
+
+// Transcript ingestion for timeline completeness
+import { ingestTranscriptToTimeline } from './transcript-ingestion.js';
 
 // Machine coder adapters for multi-provider support
 import { getAvailableCoders, getBestCoder } from '../machine-coders/index.js';
@@ -51,12 +69,15 @@ import { createRouter, classifyTask } from '../router/index.js';
 import { logError, logWarn, logInfo, logDebug, logVerbose } from '../utils/logger.js';
 import { sanitizeForLog, truncateForLog, prepareForLog } from '../utils/log-sanitizer.js';
 
+// Credential management for loading API keys
+import { CredentialManager } from '../auth/credentials.js';
+
 const execAsync = promisify(exec);
 console.log('[daemon] Starting up...');
 
 const PORT = parseInt(process.env.TELEPORTATION_DAEMON_PORT || '3050', 10);
-const RELAY_API_URL = process.env.RELAY_API_URL || 'https://api.teleportation.dev';
-const RELAY_API_KEY = process.env.RELAY_API_KEY || '';
+let RELAY_API_URL = process.env.RELAY_API_URL || 'https://api.teleportation.dev';
+let RELAY_API_KEY = process.env.RELAY_API_KEY || '';
 const POLL_INTERVAL_MS = parseInt(process.env.DAEMON_POLL_INTERVAL_MS || '5000', 10);
 const CHILD_TIMEOUT_MS = parseInt(process.env.DAEMON_CHILD_TIMEOUT_MS || '600000', 10); // 10 min
 const IDLE_CHECK_INTERVAL_MS = parseInt(process.env.DAEMON_IDLE_CHECK_INTERVAL_MS || '300000', 10); // 5 min
@@ -64,6 +85,7 @@ const IDLE_TIMEOUT_MS = parseInt(process.env.DAEMON_IDLE_TIMEOUT_MS || '1800000'
 const CLAUDE_CLI = process.env.CLAUDE_CLI_PATH || 'claude'; // Configurable Claude CLI path
 const ALLOW_ALL_COMMANDS = process.env.TELEPORTATION_DAEMON_ALLOW_ALL_COMMANDS === 'true';
 const HEARTBEAT_INTERVAL_MS = parseInt(process.env.DAEMON_HEARTBEAT_INTERVAL_MS || '30000', 10); // 30 sec default
+const HEARTBEAT_CHECK_INTERVAL_MS = parseInt(process.env.DAEMON_HEARTBEAT_CHECK_INTERVAL_MS || '60000', 10); // 1 min default
 
 // Message routing configuration
 // REQUIRE_COMMAND_WHITELIST: If true, use legacy shell execution with command whitelist
@@ -84,6 +106,29 @@ const ROUTER_ENABLED = process.env.TELEPORTATION_ROUTER_ENABLED !== 'false' && !
 const ROUTER_VERBOSE = process.env.TELEPORTATION_ROUTER_VERBOSE === 'true';
 const ROUTER_MAX_ESCALATIONS = parseInt(process.env.TELEPORTATION_ROUTER_MAX_ESCALATIONS || '2', 10);
 
+// Debug logging configuration
+const DEBUG = process.env.TELEPORTATION_DEBUG === 'true';
+const LOG_DIR = process.env.TELEPORTATION_LOG_DIR || tmpdir();
+
+/**
+ * Cross-platform debug logging utility
+ * Only logs when TELEPORTATION_DEBUG=true
+ * Uses os.tmpdir() for cross-platform compatibility
+ * @param {string} filename - Log file name (e.g., 'daemon-poll-debug.log')
+ * @param {string} message - Message to log
+ */
+function debugLog(filename, message) {
+  if (!DEBUG) return;
+
+  try {
+    const logPath = join(LOG_DIR, filename);
+    appendFileSync(logPath, `[${new Date().toISOString()}] ${message}\n`);
+  } catch (error) {
+    // Silently fail - debug logging should never crash the daemon
+    console.error(`[daemon] Failed to write debug log: ${error.message}`);
+  }
+}
+
 // Test helper: allows mocking executeWithMachineCoder in tests
 // In production, this just holds null and the real function is called
 const _executeWithMachineCoderRef = { fn: null };
@@ -184,9 +229,59 @@ const OUTPUT_PREVIEW_LONG = 1000;   // Full output displays
 const heartbeatState = new Map();
 let lastHeartbeatTime = 0;
 
-// Session registry: session_id -> { session_id, cwd, meta, registered_at }
+// In-memory registry of active teleportation sessions handled by this daemon
 const sessions = new Map();
 
+// Track sessions that have been explicitly stopped and should not be re-activated
+const stoppedSessions = new Set();
+
+// Session activity tracking for cleanup
+const sessionActivity = new Map(); // sessionId -> lastActivityTimestamp
+
+// Transcript ingestion throttling: Prevents concurrent ingestion runs per session
+// Map<session_id, Promise> tracks in-progress ingestion promises
+// If ingestion takes >5 seconds, prevents stacking multiple concurrent calls
+const ingestionInProgress = new Map();
+
+// Session cleanup configuration
+const SESSION_HEARTBEAT_INTERVAL_MS = 120000; // 2 minutes (should match hook config)
+const SESSION_TIMEOUT_MS = SESSION_HEARTBEAT_INTERVAL_MS * 2; // 4 minutes (2 missed heartbeats)
+const SESSION_CLEANUP_INTERVAL_MS = 60000; // Check every minute
+const LOG_COMPACT_INTERVAL_MS = 300000; // Compact log every 5 minutes
+
+// Periodically cleanup stale sessions from memory
+// Sessions with no heartbeat in 4+ minutes are considered dead
+// Note: With timeline-driven architecture (V2), we no longer track task state in memory.
+// Task state is derived from timeline events, making the system stateless and crash-resistant.
+setInterval(() => {
+  const now = Date.now();
+  let sessionCleanedCount = 0;
+
+  for (const [sessionId, lastActivity] of sessionActivity) {
+    const timeSinceActivity = now - lastActivity;
+
+    // Remove sessions with no activity in SESSION_TIMEOUT_MS (4 minutes)
+    if (timeSinceActivity > SESSION_TIMEOUT_MS) {
+      sessions.delete(sessionId);
+      sessionActivity.delete(sessionId);
+      heartbeatState.delete(sessionId);
+      sessionCleanedCount++;
+
+      if (process.env.DEBUG) {
+        console.log(`[daemon] Expired session ${sessionId.slice(0, 8)}... (no heartbeat for ${Math.floor(timeSinceActivity / 60000)} minutes)`);
+      }
+    }
+  }
+
+  if (sessionCleanedCount > 0) {
+    console.log(`[daemon] Cleaned up ${sessionCleanedCount} stale session(s) (no heartbeat > ${SESSION_TIMEOUT_MS / 60000} min)`);
+  }
+}, SESSION_CLEANUP_INTERVAL_MS);
+
+/**
+ * Sync daemon state to relay API
+ */
+
 // Approval queue: FIFO queue of pending approvals
 // { approval_id, session_id, tool_name, tool_input, queued_at }
 const approvalQueue = [];
@@ -354,6 +449,8 @@ let server = null;
 let pollingTimer = null;
 let cleanupTimer = null;
 let idleTimer = null;
+let logCompactTimer = null;
+let heartbeatTimer = null;
 let isShuttingDown = false;
 
 // Track last time we had any registered sessions (or last time we checked while sessions were present)
@@ -541,6 +638,38 @@ function validateToolName(tool_name) {
   return tool_name;
 }
 
+/**
+ * Check if a Claude Code session exists locally.
+ * Claude Code stores sessions in ~/.claude/projects/<project-path-encoded>/<session-id>.jsonl
+ *
+ * @param {string} sessionId - The session ID (UUID format)
+ * @param {string} [cwd] - The working directory to derive the project path
+ * @returns {boolean} - True if the session file exists locally
+ */
+function claudeSessionExistsLocally(sessionId, cwd) {
+  if (!sessionId) return false;
+
+  // Validate UUID format
+  const UUID_V4_PATTERN = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
+  if (!UUID_V4_PATTERN.test(sessionId)) return false;
+
+  // Normalize path separators for cross-platform support
+  // Windows uses backslashes (C:\Users\...), Unix uses forward slashes (/Users/...)
+  // Claude Code encodes the project path by:
+  // 1. Normalizing Windows backslashes to forward slashes
+  // 2. Replacing both / and _ with -
+  // e.g., C:\Users\project -> C:-Users-project
+  // e.g., /Users/kefentse/dev_env -> -Users-kefentse-dev-env
+  const projectPath = cwd || process.cwd();
+  const normalizedPath = projectPath.replace(/\\/g, '/'); // Windows to Unix
+  const encodedPath = normalizedPath.replace(/[/_]/g, '-');
+
+  const claudeProjectsDir = join(homedir(), '.claude', 'projects');
+  const sessionFile = join(claudeProjectsDir, encodedPath, `${sessionId}.jsonl`);
+
+  return existsSync(sessionFile);
+}
+
 // Helper to send JSON response
 function sendJSON(res, statusCode, data) {
   res.writeHead(statusCode, { 'Content-Type': 'application/json' });
@@ -599,6 +728,60 @@ async function handleRequest(req, res) {
         return;
       }
 
+      // Check if session has been explicitly stopped BY THIS DAEMON and refuse to re-activate
+      // Note: We only block sessions stopped by THIS daemon process, not previous daemon instances
+      // This allows sessions to re-register after daemon restarts
+      if (stoppedSessions.has(session_id)) {
+        console.warn(`[daemon] Refusing to re-activate stopped session: ${session_id}`);
+        sendJSON(res, 403, {
+          error: 'session_stopped',
+          message: 'This session has ended and cannot be re-activated'
+        });
+        return;
+      }
+
+      // Check if session was marked "stopped" in Redis by a previous daemon
+      // If so, clear that state and allow re-registration
+      // This handles daemon restarts gracefully - if Claude Code is still alive and trying to
+      // register, we should honor that even if a previous daemon marked it as stopped
+      if (RELAY_API_URL && RELAY_API_KEY) {
+        try {
+          const stateRes = await fetch(
+            `${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/daemon-state`,
+            {
+              headers: {
+                'Authorization': `Bearer ${RELAY_API_KEY}`
+              },
+              signal: AbortSignal.timeout(3000)
+            }
+          );
+
+          if (stateRes.ok) {
+            const state = await stateRes.json();
+            if (state.daemon_state?.status === 'stopped') {
+              console.log(`[daemon] Session ${session_id} was marked stopped, but Claude Code is still alive - clearing stopped state`);
+              // Clear the stopped state in Redis
+              await fetch(
+                `${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/daemon-state`,
+                {
+                  method: 'POST',
+                  headers: {
+                    'Content-Type': 'application/json',
+                    'Authorization': `Bearer ${RELAY_API_KEY}`
+                  },
+                  body: JSON.stringify({ status: 'active' }),
+                  signal: AbortSignal.timeout(3000)
+                }
+              );
+            }
+          }
+        } catch (err) {
+          // If we can't check/clear the state, log warning but allow registration
+          // This prevents relay API outages from blocking all session registrations
+          console.warn(`[daemon] Failed to check/clear daemon_state for ${session_id}: ${err.message}`);
+        }
+      }
+
       sessions.set(session_id, {
         session_id,
         claude_session_id: claude_session_id || session_id, // Fallback to session_id if not provided
@@ -710,6 +893,8 @@ async function handleRequest(req, res) {
 }
 
 function hasIdleTimedOut(now, lastActivityAt, timeoutMs, sessionCount) {
+  // timeoutMs === 0 disables idle timeout
+  if (timeoutMs <= 0) return false;
   if (sessionCount > 0) return false;
   return now - lastActivityAt >= timeoutMs;
 }
@@ -812,6 +997,80 @@ async function executeCommand(session_id, command) {
   }
 }
 
+/**
+ * Helper: Check if user is away for a given session
+ * Returns { isAway: boolean, state: object | null }
+ */
+async function checkIsAwayState(session_id) {
+  try {
+    const stateResponse = await fetch(
+      `${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/daemon-state`,
+      {
+        headers: { 'Authorization': `Bearer ${RELAY_API_KEY}` },
+        signal: AbortSignal.timeout(3000)
+      }
+    );
+
+    if (stateResponse.ok) {
+      const daemonState = await stateResponse.json();
+      return {
+        isAway: daemonState.is_away === true,
+        state: daemonState
+      };
+    }
+
+    return { isAway: null, state: null };
+  } catch (error) {
+    logWarn(`[daemon] Failed to check is_away state: ${error.message}`);
+    return { isAway: null, state: null };
+  }
+}
+
+/**
+ * Helper: Acknowledge message and log handoff cancellation
+ */
+async function ackAndLogCancellation(session_id, message, triggeredBy = {}) {
+  const toolName = triggeredBy.tool_name || 'the tool';
+  const approvalId = triggeredBy.approval_id || 'unknown';
+
+  // Acknowledge message to prevent redelivery
+  try {
+    await fetch(`${RELAY_API_URL}/api/messages/${encodeURIComponent(message.id)}/ack`, {
+      method: 'POST',
+      headers: { 'Authorization': `Bearer ${RELAY_API_KEY}` }
+    });
+    logDebug(`[daemon] Acknowledged message ${message.id}`);
+  } catch (ackError) {
+    logWarn(`[daemon] Failed to acknowledge message ${message.id}: ${ackError.message}`);
+    // Continue to log cancellation event even if ack fails
+  }
+
+  // Log handoff cancellation
+  try {
+    await fetch(`${RELAY_API_URL}/api/timeline`, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Authorization': `Bearer ${RELAY_API_KEY}`
+      },
+      body: JSON.stringify({
+        session_id,
+        type: 'handoff_cancelled',
+        data: {
+          reason: 'user_returned_locally',
+          approval_id: approvalId,
+          tool_name: toolName,
+          message: `Auto-continue cancelled: user returned to local session after approving ${toolName} from mobile.`,
+          timestamp: Date.now()
+        }
+      })
+    });
+    logInfo(`[daemon] 📝 Logged handoff_cancelled event to timeline`);
+  } catch (notifyError) {
+    logWarn(`[daemon] Failed to log handoff event: ${notifyError.message}`);
+  }
+}
+
 async function handleInboxMessage(session_id, message) {
   try {
     const sanitizedPreview = prepareForLog(message.text || '', 200).replace(/\s+/g, ' ');
@@ -820,6 +1079,41 @@ async function handleInboxMessage(session_id, message) {
     logDebug(`[daemon]    ↳ Preview: ${sanitizedPreview}`);
 
     const meta = message.meta || {};
+    const messageContext = message.context || meta.context;
+
+    // Check if this is an auto-continue message (from approval handoff)
+    // If the user came back (is_away: false), skip auto-continue messages
+    // to avoid executing while the user is active locally
+    //
+    // P0 FIX: TOCTOU Race Condition Protection
+    // We check is_away TWICE:
+    // 1. Here (initial check) - fast fail if user is already back
+    // 2. Right before execution - prevents race where user returns during setup
+    if (messageContext === 'approval_continue' || message.source === 'auto') {
+      // FIRST CHECK: Initial is_away validation
+      const { isAway: initialIsAway } = await checkIsAwayState(session_id);
+
+      // If we can't determine state or user is not away, skip for safety
+      if (initialIsAway === null) {
+        logWarn(`[daemon] Failed to check is_away state, skipping auto-continue for safety`);
+        await fetch(`${RELAY_API_URL}/api/messages/${encodeURIComponent(message.id)}/ack`, {
+          method: 'POST',
+          headers: { 'Authorization': `Bearer ${RELAY_API_KEY}` }
+        }).catch(() => {});
+        return;
+      }
+
+      if (!initialIsAway) {
+        logInfo(`[daemon] 🚫 Skipping auto-continue: user is back (is_away: false)`);
+        logDebug(`[daemon]    ↳ Message ID: ${message.id}`);
+
+        const triggeredBy = message.triggered_by || meta.triggered_by || {};
+        await ackAndLogCancellation(session_id, message, triggeredBy);
+        return;
+      }
+
+      logInfo(`[daemon] ✅ Initial check passed: user is away, preparing auto-continue`);
+    }
 
     // For command messages, execute the command and post result back to the main agent inbox
     if (meta.type === 'command') {
@@ -898,11 +1192,57 @@ async function handleInboxMessage(session_id, message) {
         const sanitizedCommand = prepareForLog(commandText, 100);
         logInfo(`[daemon] 🚀 Routing message to Claude Code: ${sanitizedCommand}`);
 
+        // Check for handoff metadata - allows mobile to continue local sessions
+        // The handoff object contains claude_session_id and cwd needed for resumption
+        const handoffInfo = message.handoff || meta.handoff;
+        if (handoffInfo && handoffInfo.use_resume && handoffInfo.claude_session_id) {
+          // Update session with handoff information for proper resumption
+          const session = sessions.get(session_id);
+          if (session) {
+            session.claude_session_id = handoffInfo.claude_session_id;
+            if (handoffInfo.cwd) {
+              session.cwd = handoffInfo.cwd;
+            }
+            logInfo(`[daemon] 🔄 Handoff session update: will resume ${handoffInfo.claude_session_id}`);
+            logDebug(`[daemon]    ↳ CWD: ${handoffInfo.cwd || 'unchanged'}`);
+          } else {
+            // Session not in local cache - register it with handoff info
+            sessions.set(session_id, {
+              session_id,
+              claude_session_id: handoffInfo.claude_session_id,
+              cwd: handoffInfo.cwd || process.cwd(),
+              meta: {},
+              registered_at: Date.now()
+            });
+            // Track activity for cleanup (prevents memory leak)
+            sessionActivity.set(session_id, Date.now());
+            logInfo(`[daemon] 🔄 Handoff: registered new session for resumption: ${handoffInfo.claude_session_id}`);
+          }
+        }
+
         // Stream output callback for message execution
         const onOutput = createStreamingCallback(session_id, message.id, {
           message_id: message.id
         });
 
+        // SECOND CHECK: Final is_away validation before execution
+        // This prevents race condition where user returns during setup phase
+        // (between the initial check and now)
+        if (messageContext === 'approval_continue' || message.source === 'auto') {
+          const { isAway: finalIsAway } = await checkIsAwayState(session_id);
+
+          if (finalIsAway === null || !finalIsAway) {
+            logWarn(`[daemon] ⚠️  User returned during setup, aborting auto-continue`);
+            const triggeredBy = message.triggered_by || meta.triggered_by || {};
+            await ackAndLogCancellation(session_id, message, triggeredBy);
+
+            // Important: Don't proceed with execution
+            return;
+          }
+
+          logDebug(`[daemon] ✅ Final check passed: user still away, proceeding with execution`);
+        }
+
         // Use the unified machine coder interface
         // This supports Claude Code, Gemini CLI, and future backends
         // Note: _executeWithMachineCoderRef.fn is used for test mocking
@@ -1121,18 +1461,29 @@ async function sendHeartbeat(session_id) {
  * Polls relay API every 5 seconds for approved requests
  */
 async function pollRelayAPI() {
+  // Debug: Mark that polling started
+  debugLog('daemon-poll-debug.log', `pollRelayAPI() called, isShuttingDown=${isShuttingDown}`);
+
   if (isShuttingDown) return;
 
   try {
     // Fetch pending approvals and inbox messages for all registered sessions
     const TEST_SESSION_FILTER = process.env.TELEPORTATION_TEST_SESSION_FILTER;
-    for (const [session_id] of sessions) {
+    debugLog('daemon-poll-debug.log', `sessions.size=${sessions.size}`);
+
+    for (const [session_id, sessionData] of sessions) {
       // Optional: Filter sessions for testing (if TEST_SESSION_FILTER env var set)
       if (TEST_SESSION_FILTER && !session_id.startsWith(TEST_SESSION_FILTER)) {
         continue;
       }
       console.log(`Polling for session ${session_id}`);
 
+      // Debug: Log to file for visibility
+      debugLog('daemon-poll-debug.log', `Polling session ${session_id}`);
+
+      // Update activity timestamp for cleanup tracking
+      sessionActivity.set(session_id, Date.now());
+
       // 1) Approvals polling (existing behavior)
       try {
         const response = await fetch(
@@ -1158,6 +1509,13 @@ async function pollRelayAPI() {
             // Skip if already acknowledged (already handled by hook's fast path)
             if (approval.acknowledgedAt) continue;
 
+            // Skip if decision was made from mobile or local (handled by hooks, not daemon)
+            // Daemon should only execute approvals without decision_location (timeout cases)
+            if (approval.decision_location) {
+              console.log(`[daemon] Skipping approval ${approval.id} - decided by ${approval.decision_location} (hooks will execute)`);
+              continue;
+            }
+
             approvalQueue.push({
               approval_id: approval.id,
               session_id: approval.session_id,
@@ -1203,12 +1561,122 @@ async function pollRelayAPI() {
         console.error(`[daemon] Inbox polling error for session ${session_id}:`, inboxError.message);
       }
 
-      // 3) Heartbeat - send periodically to keep session alive
+      // 3) Tasks polling (PRD-0016) - Timeline-Driven V2
+      //
+      // ARCHITECTURE: Stateless, Timeline-Driven Execution
+      // ------------------------------------------------
+      // The daemon has NO in-memory task state. Instead, it:
+      // 1. Polls Redis for tasks
+      // 2. Calls executeTaskTurn() which queries timeline
+      // 3. Timeline analysis determines what to do next
+      // 4. Executes one turn if ready, or skips if waiting
+      //
+      // Benefits:
+      // - Crash-resistant: Daemon can restart without losing state
+      // - No state drift: Timeline is source of truth
+      // - Idempotent: Can retry execution safely
+      // - Concurrent-safe: Multiple daemons could process tasks
+      //
+      // See: docs/TIMELINE_DRIVEN_TASK_EXECUTION.md
+      try {
+        const tasksResponse = await fetch(
+          `${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/tasks`,
+          {
+            headers: {
+              'Authorization': `Bearer ${RELAY_API_KEY}`
+            }
+          }
+        );
+
+        if (tasksResponse.ok) {
+          const tasks = await tasksResponse.json();
+
+          // Process each task (stateless - queries timeline each time)
+          for (const task of tasks) {
+            // Skip stopped/completed tasks
+            if (task.status === 'stopped' || task.status === 'completed') {
+              continue;
+            }
+
+            try {
+              // Execute one turn (stateless - will check timeline and decide what to do)
+              const result = await executeTaskTurn({
+                task_id: task.id,
+                session_id: task.session_id,
+                config: {
+                  relayApiUrl: RELAY_API_URL,
+                  apiKey: RELAY_API_KEY
+                }
+              });
+
+              if (result.executed) {
+                console.log(`[daemon] ✅ Task ${task.id.slice(0, 20)}... executed turn ${result.turn_count}`);
+              } else if (result.waiting) {
+                console.log(`[daemon] ⏸️  Task ${task.id.slice(0, 20)}... waiting: ${result.reason}`);
+              } else if (result.stopped) {
+                console.log(`[daemon] 🛑 Task ${task.id.slice(0, 20)}... stopped: ${result.reason}`);
+              } else if (result.error) {
+                console.error(`[daemon] ❌ Task ${task.id.slice(0, 20)}... error: ${result.error}`);
+              }
+            } catch (error) {
+              console.error(`[daemon] Task execution error for ${task.id}:`, error.message);
+            }
+          }
+        }
+      } catch (taskError) {
+        console.error(`[daemon] Task polling error for session ${session_id}:`, taskError.message);
+      }
+
+      // 4) Transcript ingestion - backup to stop hook for timeline completeness
+      // Non-blocking: Fire-and-forget to avoid blocking the polling loop
+      // Processes only the most recent 100 events to stay fast
+      const claude_session_id = sessionData.claude_session_id || session_id;
+      const cwd = sessionData.cwd || process.cwd();
+
+      // Throttling: Check if ingestion is already in progress for this session
+      // Prevents concurrent ingestion runs that could cause race conditions
+      if (ingestionInProgress.has(session_id)) {
+        debugLog('daemon-transcript-debug.log', `Ingestion already in progress for ${session_id}, skipping`);
+        // Skip this polling cycle for this session
+        continue;
+      }
+
+      // Debug marker
+      debugLog('daemon-transcript-debug.log', `Starting ingestion for ${session_id}`);
+
+      // Start ingestion and track promise to prevent concurrent runs
+      const ingestionPromise = ingestTranscriptToTimeline({
+        claude_session_id,
+        parent_session_id: session_id,
+        task_id: null, // Not a task execution, just regular session
+        cwd,
+        config: {
+          relayApiUrl: RELAY_API_URL,
+          apiKey: RELAY_API_KEY
+        },
+        maxEvents: 100 // Limit to recent 100 events (prevents blocking on large backlogs)
+      }).catch(transcriptError => {
+        // Log errors but don't block the daemon
+        console.error(`[daemon] ❌ Transcript ingestion error for session ${session_id}:`, transcriptError.message);
+        if (process.env.DEBUG) {
+          console.error(transcriptError.stack);
+        }
+      }).finally(() => {
+        // Remove from tracking when done (success or failure)
+        // This allows next polling cycle to run ingestion again
+        ingestionInProgress.delete(session_id);
+        debugLog('daemon-transcript-debug.log', `Ingestion completed for ${session_id}`);
+      });
+
+      // Track the promise (but don't await - fire-and-forget)
+      ingestionInProgress.set(session_id, ingestionPromise);
+
+      // 5) Heartbeat - send periodically to keep session alive
       // Only send heartbeat if enough time has passed since last one (throttled per session)
       const now = Date.now();
       const sessionHeartbeat = heartbeatState.get(session_id);
       const lastSent = sessionHeartbeat?.lastSent || 0;
-      if (now - lastSent >= HEARTBEAT_INTERVAL_MS) {
+      if (now - lastSent >= SESSION_HEARTBEAT_INTERVAL_MS) {
         await sendHeartbeat(session_id);
       }
     }
@@ -1714,18 +2182,51 @@ async function executeWithMachineCoder(session_id, prompt, options = {}) {
   const startedAt = Date.now();
 
   try {
-    // Always use execute() for remote inbox messages since our claude_session_id
-    // is actually the teleportation UUID, not a real Claude Code session ID.
-    // Passing UUID to claude --resume causes it to fail.
-    // Use UUID v4 regex pattern for robust detection instead of fragile hyphen check.
-    const UUID_V4_PATTERN = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
+    // Determine if we can resume an existing Claude Code session.
+    // We can resume if:
+    // 1. We have a claude_session_id (UUID)
+    // 2. The corresponding session file exists locally (~/.claude/projects/<project>/<id>.jsonl)
+    //
+    // Note: Claude Code DOES use UUIDs for session IDs (confirmed via testing).
+    // The session file check ensures we only resume valid local sessions,
+    // not sessions created remotely (e.g., from mobile) that don't have local transcripts.
     let result;
-    const isValidClaudeSession = session.claude_session_id &&
-      session.claude_session_id !== session.session_id &&
-      !UUID_V4_PATTERN.test(session.claude_session_id);
+    const canResumeSession = session.claude_session_id &&
+      claudeSessionExistsLocally(session.claude_session_id, session.cwd);
+
+    if (coder.name === 'claude-code' && canResumeSession) {
+      try {
+        console.log(`[daemon] Resuming existing Claude session: ${session.claude_session_id}`);
+        result = await coder.resume(session.claude_session_id, prompt, execOptions);
+      } catch (resumeError) {
+        // Resume failed (corrupted session file, permissions, etc.) - fallback to fresh execution
+        logWarn(`[daemon] Resume failed: ${resumeError.message}, falling back to fresh execution`);
 
-    if (coder.name === 'claude-code' && isValidClaudeSession) {
-      result = await coder.resume(session.claude_session_id, prompt, execOptions);
+        // Log timeline event for visibility
+        try {
+          await fetch(`${RELAY_API_URL}/api/timeline`, {
+            method: 'POST',
+            headers: {
+              'Content-Type': 'application/json',
+              'Authorization': `Bearer ${RELAY_API_KEY}`
+            },
+            body: JSON.stringify({
+              session_id,
+              type: 'resume_fallback',
+              source: 'system',
+              data: {
+                error: resumeError.message,
+                claude_session_id: session.claude_session_id,
+                cwd: session.cwd,
+                timestamp: Date.now()
+              }
+            })
+          }).catch(() => {}); // Ignore timeline logging failures
+        } catch (ignore) {}
+
+        // Fallback to fresh execution
+        result = await coder.execute(execOptions);
+      }
     } else {
       result = await coder.execute(execOptions);
     }
@@ -2090,6 +2591,13 @@ async function cleanup() {
   console.log('[daemon] Cleaning up...');
   isShuttingDown = true;
 
+  // Stop all task tasks (PRD-0016)
+  try {
+    stopAllTasks();
+  } catch (e) {
+    console.error('[daemon] Error stopping task tasks during cleanup:', e.message);
+  }
+
   // Stop polling
   if (pollingTimer) {
     clearTimeout(pollingTimer);
@@ -2107,11 +2615,25 @@ async function cleanup() {
     idleTimer = null;
   }
 
+  if (logCompactTimer) {
+    clearInterval(logCompactTimer);
+    logCompactTimer = null;
+  }
+
+  // Stop heartbeat timer
+  if (heartbeatTimer) {
+    clearInterval(heartbeatTimer);
+    heartbeatTimer = null;
+  }
+
   // Update daemon_state to 'stopped' for all registered sessions
   if (RELAY_API_URL && RELAY_API_KEY) {
     console.log(`[daemon] Updating daemon_state to 'stopped' for ${sessions.size} session(s)...`);
     const updatePromises = [];
     for (const [session_id] of sessions) {
+      // Mark session as stopped to prevent re-activation
+      stoppedSessions.add(session_id);
+
       updatePromises.push(
         fetch(
           `${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/daemon-state`,
@@ -2142,23 +2664,194 @@ async function cleanup() {
     });
   }
 
-  // Release PID lock
-  await releasePidLock(process.pid);
+  // PID lock release is handled by agent-process at the platform level
 
   console.log('[daemon] Cleanup complete');
 }
 
+/**
+ * Discover active sessions from shared log file
+ * Enables daemon to recover sessions after restart
+ */
+async function discoverSessionsFromLog() {
+  const SESSION_LOG_FILE = join(homedir(), '.teleportation', 'session-events.log');
+
+  try {
+    const { readFile } = await import('fs/promises');
+    const content = await readFile(SESSION_LOG_FILE, 'utf8');
+    const lines = content.trim().split('\n').filter(Boolean);
+
+    // Build session state by replaying events
+    const sessionState = new Map();
+
+    for (const line of lines) {
+      try {
+        const event = JSON.parse(line);
+
+        switch (event.type) {
+          case 'register':
+            sessionState.set(event.session_id, {
+              session_id: event.session_id,
+              claude_session_id: event.claude_session_id || event.session_id,
+              cwd: event.cwd || process.cwd(),
+              meta: event.meta || {},
+              pid: event.pid,
+              last_heartbeat: event.timestamp,
+              registered_at: event.timestamp
+            });
+            break;
+
+          case 'heartbeat':
+            if (sessionState.has(event.session_id)) {
+              const session = sessionState.get(event.session_id);
+              session.last_heartbeat = event.timestamp;
+              session.pid = event.pid; // Update PID in case process changed
+            }
+            break;
+
+          case 'unregister':
+            sessionState.delete(event.session_id);
+            break;
+        }
+      } catch (parseError) {
+        // Skip malformed lines
+        if (process.env.DEBUG) {
+          console.error(`[daemon] Failed to parse log line: ${parseError.message}`);
+        }
+      }
+    }
+
+    // Only keep sessions with recent heartbeat
+    // Use same timeout as runtime cleanup for consistency
+    const cutoffTime = Date.now() - SESSION_TIMEOUT_MS;
+    const activeSessions = Array.from(sessionState.values()).filter(
+      s => s.last_heartbeat > cutoffTime
+    );
+
+    // Add to daemon's session Map
+    for (const session of activeSessions) {
+      sessions.set(session.session_id, session);
+      sessionActivity.set(session.session_id, session.last_heartbeat);
+    }
+
+    if (activeSessions.length > 0) {
+      console.log(`[daemon] 🔍 Discovered ${activeSessions.length} active session(s) from log`);
+      for (const session of activeSessions) {
+        console.log(`[daemon]   - ${session.session_id.slice(0, 8)}... (PID: ${session.pid}, cwd: ${session.cwd})`);
+      }
+    } else {
+      console.log(`[daemon] No active sessions found in log`);
+    }
+
+    // Optional: Compact log to remove old entries
+    await compactSessionLog(activeSessions);
+
+  } catch (error) {
+    if (error.code === 'ENOENT') {
+      console.log('[daemon] Session log file not found (first run)');
+    } else {
+      console.error(`[daemon] Failed to read session log: ${error.message}`);
+    }
+  }
+}
+
+/**
+ * Compact session log to remove old entries
+ * Keeps only active sessions to prevent unbounded growth
+ */
+async function compactSessionLog(activeSessions) {
+  const SESSION_LOG_FILE = join(homedir(), '.teleportation', 'session-events.log');
+
+  try {
+    const { writeFile } = await import('fs/promises');
+
+    // Rewrite log with only active sessions
+    const compactedLog = activeSessions.flatMap(session => [
+      JSON.stringify({
+        type: 'register',
+        session_id: session.session_id,
+        claude_session_id: session.claude_session_id,
+        pid: session.pid,
+        cwd: session.cwd,
+        meta: session.meta,
+        timestamp: session.registered_at
+      }),
+      JSON.stringify({
+        type: 'heartbeat',
+        session_id: session.session_id,
+        claude_session_id: session.claude_session_id,
+        pid: session.pid,
+        cwd: session.cwd,
+        timestamp: session.last_heartbeat
+      })
+    ]).join('\n') + '\n';
+
+    await writeFile(SESSION_LOG_FILE, compactedLog, { mode: 0o600 });
+    console.log(`[daemon] Compacted session log (${activeSessions.length} active sessions)`);
+  } catch (error) {
+    // Non-critical - log compaction can fail
+    if (process.env.DEBUG) {
+      console.error(`[daemon] Failed to compact session log: ${error.message}`);
+    }
+  }
+}
+
 /**
  * Start daemon
  */
 async function main() {
   console.log('[daemon] Main function started.');
+
+  // Load credentials from encrypted file if not in environment
+  if (!RELAY_API_KEY) {
+    try {
+      console.log('[daemon] RELAY_API_KEY not in environment, loading from credentials file...');
+      const credManager = new CredentialManager();
+      const creds = await credManager.load();
+      if (creds && creds.apiKey) {
+        RELAY_API_KEY = creds.apiKey;
+        RELAY_API_URL = creds.relayUrl || RELAY_API_URL;
+        console.log('[daemon] ✅ Loaded credentials from encrypted file');
+      } else {
+        console.warn('[daemon] ⚠️  No API key found in credentials file');
+      }
+    } catch (e) {
+      console.warn('[daemon] ⚠️  Failed to load credentials:', e.message);
+      console.warn('[daemon] Daemon will run but cannot authenticate with relay API');
+    }
+  } else {
+    console.log('[daemon] Using RELAY_API_KEY from environment');
+  }
+
   try {
-    // Acquire PID lock
-    await acquirePidLock(process.pid);
+    // PID locking is handled at the platform level by agent-process (launchd/systemd/pm2)
+    // via agentStart() in session_start.mjs. No need for file-based PID lock here.
+
+    // Signal handlers for graceful shutdown
+    const shutdownHandler = async (signal) => {
+      if (isShuttingDown) return;
+      console.log(`[daemon] Received ${signal}, shutting down...`);
+      await cleanup();
+      process.exit(0);
+    };
+    process.on('SIGTERM', () => shutdownHandler('SIGTERM'));
+    process.on('SIGINT', () => shutdownHandler('SIGINT'));
 
-    // Setup signal handlers
-    setupSignalHandlers(cleanup);
+    // Crash handlers: log the error and attempt cleanup before agent-process restarts us
+    const crashHandler = async (signal, err) => {
+      console.error(`[daemon] FATAL ${signal}:`, err instanceof Error ? err.message : err);
+      if (err instanceof Error) console.error(err.stack);
+      try {
+        // Attempt cleanup with a hard timeout so we don't hang
+        await Promise.race([cleanup(), new Promise(r => setTimeout(r, 3000))]);
+      } catch { /* best-effort */ }
+      process.exit(1);
+    };
+    process.on('uncaughtException', (err) => crashHandler('uncaughtException', err));
+    process.on('unhandledRejection', (reason) => crashHandler('unhandledRejection', reason));
+
+    // Discover active sessions from shared log file
+    await discoverSessionsFromLog();
 
     // Start HTTP server (using built-in http module)
     server = http.createServer(handleRequest);
@@ -2169,6 +2862,30 @@ async function main() {
       console.log(`[daemon] PID: ${process.pid}`);
     });
 
+    // Heartbeat interval: send heartbeats for all active sessions to relay
+    // Replaces the previous HeartbeatManager + per-session heartbeat.mjs processes
+    heartbeatTimer = setInterval(async () => {
+      if (isShuttingDown || sessions.size === 0) return;
+      for (const [sessionId] of sessions) {
+        try {
+          await fetch(`${RELAY_API_URL}/api/sessions/${encodeURIComponent(sessionId)}/heartbeat`, {
+            method: 'POST',
+            headers: {
+              'Content-Type': 'application/json',
+              'Authorization': `Bearer ${RELAY_API_KEY}`
+            },
+            body: JSON.stringify({ timestamp: Date.now() }),
+            signal: AbortSignal.timeout(5000)
+          });
+        } catch (err) {
+          if (process.env.DEBUG) {
+            console.error(`[daemon] Heartbeat failed for ${sessionId}: ${err.message}`);
+          }
+        }
+      }
+    }, HEARTBEAT_INTERVAL_MS);
+    console.log(`[daemon] Session heartbeat interval started (${HEARTBEAT_INTERVAL_MS / 1000}s)`);
+
     // Start polling loop
     console.log('[daemon] Starting relay API polling...');
     pollRelayAPI();
@@ -2183,6 +2900,29 @@ async function main() {
       });
     }, IDLE_CHECK_INTERVAL_MS);
     console.log(`[daemon] Idle timeout: ${IDLE_TIMEOUT_MS / 60000}m, check interval: ${IDLE_CHECK_INTERVAL_MS / 1000}s`);
+
+    // Start periodic log compaction
+    logCompactTimer = setInterval(async () => {
+      try {
+        // Get current active sessions
+        const activeSessions = Array.from(sessions.values()).map(session => ({
+          session_id: session.session_id,
+          claude_session_id: session.claude_session_id,
+          pid: session.meta?.daemon_pid || process.pid,
+          cwd: session.cwd,
+          meta: session.meta,
+          registered_at: session.registered_at,
+          last_heartbeat: sessionActivity.get(session.session_id) || Date.now()
+        }));
+
+        if (activeSessions.length > 0) {
+          await compactSessionLog(activeSessions);
+        }
+      } catch (error) {
+        console.error('[daemon] Log compaction failed:', error.message);
+      }
+    }, LOG_COMPACT_INTERVAL_MS);
+    console.log(`[daemon] Session log compaction interval: ${LOG_COMPACT_INTERVAL_MS / 60000}m`);
   } catch (error) {
     console.error('[daemon] Failed to start:', error.message);
     process.exit(1);
@@ -2212,7 +2952,11 @@ const __test = {
   // Heartbeat state test helpers
   _getHeartbeatState: (session_id) => heartbeatState.get(session_id),
   _setHeartbeatState: (session_id, state) => heartbeatState.set(session_id, state),
-  _getSessions: () => sessions
+  _getSessions: () => sessions,
+  // Stopped sessions test helpers
+  _getStoppedSessions: () => stoppedSessions,
+  _addStoppedSession: (session_id) => stoppedSessions.add(session_id),
+  _clearStoppedSessions: () => stoppedSessions.clear()
 };
 
 // Test helper to register a session
@@ -2294,6 +3038,7 @@ export {
   validateSessionId,
   validateApprovalId,
   validateToolName,
+  claudeSessionExistsLocally,
   parseJSONBody,
   cleanupOldExecutions,
   executeCommand,