zyndo 0.2.1 → 0.3.0

package/dist/sellerDaemon.js

@@ -1,7 +1,10 @@
 // ---------------------------------------------------------------------------
 // Seller daemon — poll for tasks, run agent loop, deliver results
 // ---------------------------------------------------------------------------
-import { connect, reconnect, heartbeat, pollEvents, acceptTask, deliverTask, sendTaskMessage, getTaskMessages, getTaskDetail } from './connection.js';
+import { resolve } from 'node:path';
+import { connect, reconnect, heartbeat, pollEvents, acceptTask, deliverTask, sendTaskMessage, getTaskMessages, getTaskDetail, registerIdentity } from './connection.js';
+import { ensureIdentityKeypair, signDelivery } from './identity.js';
+import { composeSystemPrompt, truncateToContract } from './scopeContract.js';
 import { runAgentLoop } from './agentLoop.js';
 import { createAnthropicProvider } from './providers/anthropic.js';
 import { createOpenAIProvider } from './providers/openai.js';
@@ -13,7 +16,7 @@ import { createBashTool } from './tools/bash.js';
 import { createGlobTool } from './tools/glob.js';
 import { createGrepTool } from './tools/grep.js';
 import { createAskBuyerTool } from './tools/askBuyer.js';
-import { loadState, saveState, deleteState, loadSession, saveSession } from './state.js';
+import { loadState, saveState, deleteState, loadSession, saveSession, loadLastEventId, saveLastEventId } from './state.js';
 const POLL_INTERVAL_MS = 25_000;
 const HEARTBEAT_INTERVAL_MS = 45_000;
 // ---------------------------------------------------------------------------
@@ -91,6 +94,22 @@ function loadTools(allowedTools, workingDirectory) {
 export async function startSellerDaemon(config, opts) {
     const logger = opts?.logger ?? defaultLogger;
     const signal = opts?.signal;
+    // Slice 3b — load or generate the Ed25519 identity key once. Private key
+    // stays in memory for the lifetime of the daemon; the public key is
+    // registered with the broker after every fresh connect / re-connect so
+    // rotations are a single env change + restart.
+    let identityPrivateKey;
+    let identityPublicKeyB64;
+    try {
+        const keyPath = config.identityKeyPath ?? resolve(process.env.HOME ?? '.', '.zyndo', 'keys', `${config.name}.pem`);
+        const keypair = ensureIdentityKeypair(keyPath);
+        identityPrivateKey = keypair.privateKey;
+        identityPublicKeyB64 = keypair.publicKeyB64;
+        logger.info(`Identity key loaded: ${keyPath}`);
+    }
+    catch (err) {
+        logger.error(`Identity key setup failed: ${err instanceof Error ? err.message : String(err)}. Continuing unsigned.`);
+    }
     // Try to reconnect as the same agent from a previous session
     let session;
     const previousSession = loadSession();
@@ -123,13 +142,26 @@ export async function startSellerDaemon(config, opts) {
             description: config.description,
             skills: [...config.skills],
             categories: [...config.categories],
-            maxConcurrentTasks: config.maxConcurrentTasks
+            maxConcurrentTasks: config.maxConcurrentTasks,
+            sellerSlug: config.id
         });
         logger.info(`Connected: agentId=${session.agentId}`);
     }
     // Persist session for future restarts
     saveSession(session.agentId, session.reconnectToken);
-    let lastEventId = 0;
+    // Slice 3b — register the Ed25519 public key with the broker. Failures
+    // are logged but non-fatal because signing is soft-enforced until
+    // rollout > 80%.
+    if (identityPublicKeyB64 !== undefined) {
+        try {
+            await registerIdentity(session, identityPublicKeyB64);
+            logger.info('Identity public key registered with broker.');
+        }
+        catch (err) {
+            logger.error(`Identity registration failed: ${err instanceof Error ? err.message : String(err)}. Deliveries will be unsigned.`);
+        }
+    }
+    let lastEventId = loadLastEventId();
     let lastHeartbeat = Date.now();
     const activeTasks = new Set();
     while (signal === undefined || !signal.aborted) {
@@ -193,7 +225,8 @@ export async function startSellerDaemon(config, opts) {
                                 description: config.description,
                                 skills: [...config.skills],
                                 categories: [...config.categories],
-                                maxConcurrentTasks: config.maxConcurrentTasks
+                                maxConcurrentTasks: config.maxConcurrentTasks,
+                                sellerSlug: config.id
                             });
                             saveSession(session.agentId, session.reconnectToken);
                             logger.info(`Re-registered: agentId=${session.agentId}`);
@@ -235,7 +268,7 @@ export async function startSellerDaemon(config, opts) {
                     if (event.eventId > lastEventId)
                         lastEventId = event.eventId;
                     logger.info(`Task assigned: ${taskId} (active: ${activeTasks.size}/${config.maxConcurrentTasks})`);
-                    handleTask(session, taskId, config, logger)
+                    handleTask(session, taskId, config, logger, identityPrivateKey)
                         .catch((err) => {
                         logger.error(`Task ${taskId} failed: ${err instanceof Error ? err.message : String(err)}`);
                     })
@@ -252,7 +285,7 @@ export async function startSellerDaemon(config, opts) {
                         continue; // Task handler is already running
                     activeTasks.add(taskId);
                     logger.info(`Message received for task: ${taskId}`);
-                    handleBuyerMessage(session, taskId, config, logger)
+                    handleBuyerMessage(session, taskId, config, logger, identityPrivateKey)
                         .catch((err) => {
                         logger.error(`Message handling for ${taskId} failed: ${err instanceof Error ? err.message : String(err)}`);
                     })
@@ -265,12 +298,25 @@ export async function startSellerDaemon(config, opts) {
                         continue;
                     activeTasks.add(taskId);
                     logger.info(`Revision requested for task: ${taskId}`);
-                    handleRevision(session, taskId, feedback, config, logger)
+                    handleRevision(session, taskId, feedback, config, logger, identityPrivateKey)
                         .catch((err) => {
                         logger.error(`Revision for ${taskId} failed: ${err instanceof Error ? err.message : String(err)}`);
                     })
                         .finally(() => activeTasks.delete(taskId));
                 }
+                // Dispute lifecycle events — log so the seller operator is aware
+                if (event.type === 'task.dispute.opened') {
+                    const taskId = event.payload.taskId;
+                    const reason = event.payload.reason ?? '';
+                    const disputeId = event.payload.disputeId ?? '';
+                    logger.info(`DISPUTE OPENED on task ${taskId} (${disputeId}): ${reason}`);
+                }
+                if (event.type === 'task.dispute.resolved') {
+                    const taskId = event.payload.taskId;
+                    const resolution = event.payload.resolution ?? '';
+                    const disputeId = event.payload.disputeId ?? '';
+                    logger.info(`DISPUTE RESOLVED on task ${taskId} (${disputeId}): ${resolution}`);
+                }
                 // Clean up state on terminal events
                 if (event.type === 'task.completed' || event.type === 'task.rejected' || event.type === 'task.failed' || event.type === 'task.canceled') {
                     const taskId = event.payload.taskId;
@@ -282,6 +328,8 @@ export async function startSellerDaemon(config, opts) {
             if (minDeferredEventId !== undefined && lastEventId >= minDeferredEventId) {
                 lastEventId = minDeferredEventId - 1;
             }
+            // Persist cursor so restarts resume from here
+            saveLastEventId(lastEventId);
         }
         catch (error) {
             logger.error(`Poll error: ${error instanceof Error ? error.message : String(error)}`);
@@ -293,8 +341,18 @@ export async function startSellerDaemon(config, opts) {
 // ---------------------------------------------------------------------------
 // Task handler
 // ---------------------------------------------------------------------------
-async function handleTask(session, taskId, config, logger) {
-    await acceptTask(session, taskId);
+async function handleTask(session, taskId, config, logger, identityPrivateKey) {
+    try {
+        await acceptTask(session, taskId);
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        if (msg.includes('409')) {
+            logger.info(`Task ${taskId}: already in progress or completed, skipping.`);
+            return;
+        }
+        throw err;
+    }
     logger.info(`Task ${taskId}: accepted, starting work...`);
     // Get task context from task detail first, then messages as supplement
     const detail = await getTaskDetail(session, taskId);
@@ -302,9 +360,20 @@ async function handleTask(session, taskId, config, logger) {
     const messages = await getTaskMessages(session, taskId);
     const messageContext = messages.map((m) => m.content).join('\n');
     const context = taskContext || messageContext || 'Task assigned. No additional context provided.';
+    // Compose the system prompt with the BOUND CONTRACT + REFUSAL PROTOCOL
+    // derived from the hire's frozen deliverables snapshot. Seller persona is
+    // subordinate; the contract and refusal blocks cannot be overridden by the
+    // seller or by anything the buyer says mid-task.
+    const scopedSystemPrompt = composeSystemPrompt(config.systemPrompt, detail?.deliverablesSnapshot);
+    if (detail?.deliverablesSnapshot === undefined) {
+        logger.info(`Task ${taskId}: no deliverables snapshot on task (legacy hire or scope guard disabled), running with seller persona only.`);
+    }
+    else {
+        logger.info(`Task ${taskId}: bound contract applied — ${detail.deliverablesSnapshot.items.length} item(s), ${detail.deliverablesSnapshot.inScope.length} in-scope, ${detail.deliverablesSnapshot.outOfScope.length} out-of-scope.`);
+    }
     const result = config.provider === 'claude-code'
-        ? await runClaudeCodeTask(context, config, logger)
-        : await runAgentLoop(createProvider(config.provider, config.model, config.providerApiKey), loadTools(config.allowedTools, config.workingDirectory), context, { systemPrompt: config.systemPrompt, taskId });
+        ? await runClaudeCodeTask(context, { ...config, systemPrompt: scopedSystemPrompt }, logger)
+        : await runAgentLoop(createProvider(config.provider, config.model, config.providerApiKey), loadTools(config.allowedTools, config.workingDirectory), context, { systemPrompt: scopedSystemPrompt, taskId });
     if (result.timedOut === true) {
         logger.error(`Task ${taskId}: agent timed out or errored, notifying buyer.`);
         await sendTaskMessage(session, taskId, 'info', 'The seller agent encountered a timeout processing this task. Please allow more time or simplify the request. The task remains assigned.');
@@ -317,15 +386,29 @@ async function handleTask(session, taskId, config, logger) {
         await sendTaskMessage(session, taskId, 'question', result.pendingQuestion ?? 'Could you clarify?');
         return;
     }
-    logger.info(`Task ${taskId}: delivering result (${result.output.length} chars)`);
-    await deliverTask(session, taskId, result.output);
+    // Output-side truncation: count produced units, clamp to contract, log a
+    // scope.truncated info message back to the buyer so the seller is not
+    // silently abused via prompt injection mid-conversation.
+    const truncated = truncateToContract(result.output, detail?.deliverablesSnapshot);
+    const finalOutput = truncated.output;
+    if (truncated.events.length > 0) {
+        for (const ev of truncated.events) {
+            logger.info(`Task ${taskId}: scope truncation — item="${ev.itemName}" produced=${ev.producedQuantity} allowed=${ev.allowedQuantity}`);
+            await sendTaskMessage(session, taskId, 'info', `[scope-guard] Your brief requested more "${ev.itemName}" than the listing delivers. The seller agent produced ${ev.producedQuantity} but the contract allows only ${ev.allowedQuantity}. The delivery has been trimmed to the contracted quantity. To get more, hire again with a listing that covers the extra volume.`);
+        }
+    }
+    logger.info(`Task ${taskId}: delivering result (${finalOutput.length} chars)`);
+    const signature = identityPrivateKey !== undefined
+        ? signDelivery({ taskId, content: finalOutput, privateKey: identityPrivateKey })
+        : undefined;
+    await deliverTask(session, taskId, finalOutput, signature);
     // Preserve state for potential revision — only deleted on terminal events
-    saveState({ taskId, messages: [], claudeCodeContext: context, originalContext: context, lastDelivery: result.output });
+    saveState({ taskId, messages: [], claudeCodeContext: context, originalContext: context, lastDelivery: finalOutput });
 }
 // ---------------------------------------------------------------------------
 // Revision handler
 // ---------------------------------------------------------------------------
-async function handleRevision(session, taskId, feedback, config, logger) {
+async function handleRevision(session, taskId, feedback, config, logger, identityPrivateKey) {
     const savedState = loadState(taskId);
     // Use original task context (not compounded revision context) to avoid quadratic growth
     const originalContext = savedState?.originalContext ?? savedState?.claudeCodeContext ?? '';
@@ -344,9 +427,12 @@ async function handleRevision(session, taskId, feedback, config, logger) {
         '',
         'Revise your work based on the buyer feedback above. Output the complete updated deliverable.'
     ].join('\n');
+    // Re-fetch the frozen snapshot so revisions stay bound to the contract.
+    const revisionDetail = await getTaskDetail(session, taskId);
+    const revisionSystemPrompt = composeSystemPrompt(config.systemPrompt, revisionDetail?.deliverablesSnapshot);
     const result = config.provider === 'claude-code'
-        ? await runClaudeCodeTask(revisionContext, config, logger)
-        : await runAgentLoop(createProvider(config.provider, config.model, config.providerApiKey), loadTools(config.allowedTools, config.workingDirectory), revisionContext, { systemPrompt: config.systemPrompt, taskId });
+        ? await runClaudeCodeTask(revisionContext, { ...config, systemPrompt: revisionSystemPrompt }, logger)
+        : await runAgentLoop(createProvider(config.provider, config.model, config.providerApiKey), loadTools(config.allowedTools, config.workingDirectory), revisionContext, { systemPrompt: revisionSystemPrompt, taskId });
     if (result.timedOut === true) {
         logger.error(`Task ${taskId}: revision timed out, notifying buyer.`);
         await sendTaskMessage(session, taskId, 'info', 'The seller agent timed out while working on the revision. Please allow more time or simplify the request.');
@@ -359,9 +445,20 @@ async function handleRevision(session, taskId, feedback, config, logger) {
         await sendTaskMessage(session, taskId, 'question', result.pendingQuestion ?? 'Could you clarify?');
         return;
     }
-    logger.info(`Task ${taskId}: delivering revision (${result.output.length} chars)`);
-    await deliverTask(session, taskId, result.output);
-    saveState({ taskId, messages: [], claudeCodeContext: revisionContext, originalContext, lastDelivery: result.output });
+    const truncatedRevision = truncateToContract(result.output, revisionDetail?.deliverablesSnapshot);
+    const finalRevisionOutput = truncatedRevision.output;
+    if (truncatedRevision.events.length > 0) {
+        for (const ev of truncatedRevision.events) {
+            logger.info(`Task ${taskId}: revision scope truncation — item="${ev.itemName}" produced=${ev.producedQuantity} allowed=${ev.allowedQuantity}`);
+            await sendTaskMessage(session, taskId, 'info', `[scope-guard] Revision trimmed: "${ev.itemName}" produced ${ev.producedQuantity}, contract allows ${ev.allowedQuantity}.`);
+        }
+    }
+    logger.info(`Task ${taskId}: delivering revision (${finalRevisionOutput.length} chars)`);
+    const revisionSignature = identityPrivateKey !== undefined
+        ? signDelivery({ taskId, content: finalRevisionOutput, privateKey: identityPrivateKey })
+        : undefined;
+    await deliverTask(session, taskId, finalRevisionOutput, revisionSignature);
+    saveState({ taskId, messages: [], claudeCodeContext: revisionContext, originalContext, lastDelivery: finalRevisionOutput });
 }
 // ---------------------------------------------------------------------------
 // Buyer message handler (resume paused loop)
@@ -376,7 +473,7 @@ function buildResumedContext(priorContext, priorQuestion, buyerAnswer) {
         'Continue the task with this new information.'
     ].join('\n');
 }
-async function handleBuyerMessage(session, taskId, config, logger) {
+async function handleBuyerMessage(session, taskId, config, logger, identityPrivateKey) {
     const savedState = loadState(taskId);
     if (savedState === undefined) {
         logger.info(`Task ${taskId}: no saved state found, ignoring message.`);
@@ -421,7 +518,10 @@ async function handleBuyerMessage(session, taskId, config, logger) {
         return;
     }
     logger.info(`Task ${taskId}: delivering result (${result.output.length} chars)`);
-    await deliverTask(session, taskId, result.output);
+    const resumedSignature = identityPrivateKey !== undefined
+        ? signDelivery({ taskId, content: result.output, privateKey: identityPrivateKey })
+        : undefined;
+    await deliverTask(session, taskId, result.output, resumedSignature);
     const resumedContext = config.provider === 'claude-code'
         ? buildResumedContext(savedState.claudeCodeContext ?? '', savedState.pendingQuestion, lastMessage.content)
         : savedState.claudeCodeContext ?? '';

package/dist/state.d.ts

@@ -11,6 +11,8 @@ export type ConversationState = Readonly<{
 export declare function saveState(state: ConversationState): void;
 export declare function loadState(taskId: string): ConversationState | undefined;
 export declare function deleteState(taskId: string): void;
+export declare function saveLastEventId(lastEventId: number): void;
+export declare function loadLastEventId(): number;
 export type PersistedSession = Readonly<{
     agentId: string;
     reconnectToken: string;

package/dist/state.js

@@ -36,6 +36,29 @@ export function deleteState(taskId) {
         unlinkSync(path);
     }
 }
+// ---------------------------------------------------------------------------
+// Event cursor persistence — resume from last processed event on restart
+// ---------------------------------------------------------------------------
+function getEventCursorFile() {
+    return resolve(getBaseDir(), 'event-cursor.json');
+}
+export function saveLastEventId(lastEventId) {
+    const baseDir = getBaseDir();
+    mkdirSync(baseDir, { recursive: true });
+    writeFileSync(getEventCursorFile(), JSON.stringify({ lastEventId, savedAt: new Date().toISOString() }), 'utf-8');
+}
+export function loadLastEventId() {
+    if (!existsSync(getEventCursorFile()))
+        return 0;
+    try {
+        const raw = readFileSync(getEventCursorFile(), 'utf-8');
+        const parsed = JSON.parse(raw);
+        return typeof parsed.lastEventId === 'number' ? parsed.lastEventId : 0;
+    }
+    catch {
+        return 0;
+    }
+}
 function getSessionFile() {
     return resolve(getBaseDir(), 'session.json');
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "zyndo",
-  "version": "0.2.1",
+  "version": "0.3.0",
   "description": "The agent-to-agent CLI tool for sellers in the Zyndo Marketplace",
   "type": "module",
   "license": "MIT",