methodproof 0.6.0__tar.gz → 0.7.1__tar.gz

{methodproof-0.6.0 → methodproof-0.7.1}/CHANGELOG.md

@@ -1,5 +1,27 @@
 # Changelog
 
+## [0.7.1] — 2026-04-07
+
+### Fixed
+- **7 GB database bloat** — `artifacts` table lacked a UNIQUE constraint on `path`, causing `_ensure_artifact` to insert a duplicate row per `file_edit`. The `_link_action_artifacts` JOIN then produced a cartesian explosion (39.9M rows from 16K events). Added UNIQUE constraint + migration that deduplicates existing data on upgrade.
+- **Stale PID after reboot** — `_is_daemon_alive()` only checked `os.kill(pid, 0)`, which succeeds if the OS reused the PID for an unrelated process. Now verifies the process name contains "methodproof" via `ps`. Prevents killing random processes and unblocks `mp stop`/`mp start` after a system restart.
+- **SQLite hang on locked database** — `sqlite3.connect()` had no timeout, so a crashed daemon holding a WAL lock caused `mp stop` to hang forever. Added `timeout=10`.
+
+### Added
+- **Research consent sync** — `mp init`, `mp consent`, `mp login`, and `mp push` now sync research opt-in state between CLI and platform. Local changes are flagged with `_pending_research_sync` and pushed on next authenticated call; canonical state is always pulled from the platform.
+
+## [0.7.0] — 2026-04-07
+
+### Fixed
+- **Runaway event logging** — watcher ignored only 7 patterns, tracking 35K+ files including `.venv/` (20K), `dist/build/` (23K). Expanded to 30+ ignore patterns covering Python, JS/TS, Rust, Go, Java, Ruby, PHP, .NET, Swift, and build artifacts. **138K → 1,442 files (99% reduction)**
+- **Claude Code hook errors** — hook script pointed to deleted pyenv site-packages path; added pidfile guard (`exit 0` when no session active) to prevent bridge connection failures
+
+### Added
+- **Configurable local AI ports** — `mp init` now asks about local LLM servers (Ollama, LM Studio, vLLM, etc.) and adds user-specified ports to the proxy allowlist. Previously only 3 hardcoded ports (11434, 18789, 1234) were captured; custom ports were invisible to the proxy decoder.
+- `mp start --streaming` — blocking foreground mode, streams every captured event to stdout in real-time with human-readable formatting
+- `mp start --verbose` / `-v` — structured debug logging at each step (config, auth, session, anchor, daemon spawn); daemon log includes agent init and buffer/flush stats
+- Step-by-step progress output on default `mp start` (`→ Loading config`, `→ Checking hooks`, etc.) so failures are immediately locatable
+
 ## [0.5.1] — 2026-04-06
 
 ### Fixed

{methodproof-0.6.0 → methodproof-0.7.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: methodproof
-Version: 0.6.0
+Version: 0.7.1
 Summary: See how you code. Capture and visualize your engineering process.
 License-Expression: Apache-2.0
 License-File: LICENSE

{methodproof-0.6.0 → methodproof-0.7.1}/methodproof/__init__.py

@@ -1,3 +1,3 @@
 """MethodProof — see how you code."""
 
-__version__ = "0.6.0"
+__version__ = "0.7.1"

{methodproof-0.6.0 → methodproof-0.7.1}/methodproof/_daemon.py

@@ -18,6 +18,7 @@ PIDFILE = config.DIR / "methodproof.pid"
 def main() -> None:
     sid = sys.argv[1]
     watch_dir = sys.argv[2]
+    verbose = "--verbose" in sys.argv
 
     cfg = config.load()
     capture = cfg.get("capture", {})
@@ -28,10 +29,15 @@ def main() -> None:
         del cfg["_live_url"]
         config.save(cfg)
 
-    base.init(sid, live=bool(live_url))
+    base.init(sid, live=bool(live_url), verbose=verbose)
+
+    if verbose:
+        active = [k for k, v in capture.items() if v]
+        base.log("info", "daemon.config", capture=active, live=bool(live_url),
+                 journal=cfg.get("journal_mode", False))
 
-    # Environment profile (was done pre-fork in old code, now done in daemon)
     if capture.get("environment_analysis", True):
+        base.log("info", "daemon.agent.environment_scan") if verbose else None
         try:
             from methodproof.analysis import scan_environment
             env_profile = scan_environment(watch_dir)
@@ -52,12 +58,16 @@ def main() -> None:
         threads.append(threading.Thread(
             target=watcher.start, args=(watch_dir, stop_event), daemon=True,
         ))
+        if verbose:
+            base.log("info", "daemon.agent.watcher", dir=watch_dir)
 
     if capture.get("terminal_commands", True) or capture.get("test_results", True):
         from methodproof.agents import terminal
         threads.append(threading.Thread(
             target=terminal.start, args=(stop_event,), daemon=True,
         ))
+        if verbose:
+            base.log("info", "daemon.agent.terminal", log=str(config.CMD_LOG))
 
     if capture.get("browser", True):
         from methodproof import bridge
@@ -68,12 +78,16 @@ def main() -> None:
                   cfg.get("journal_mode", False)),
             daemon=True,
         ))
+        if verbose:
+            base.log("info", "daemon.agent.bridge", port=9877)
 
     if capture.get("music", True):
         from methodproof.agents import music
         threads.append(threading.Thread(
             target=music.start, args=(stop_event,), daemon=True,
         ))
+        if verbose:
+            base.log("info", "daemon.agent.music")
 
     def _shutdown(sig_num: int, frame: object) -> None:
         stop_event.set()

{methodproof-0.6.0 → methodproof-0.7.1}/methodproof/agents/base.py

@@ -21,6 +21,8 @@ _MAX_RETRIES = 3
 _prev_hash = "genesis"
 _account_id = ""
 _journal_mode = False
+_verbose = False
+_streaming = False
 
 # Maps event types to the capture category that gates them
 _EVENT_GATES: dict[str, str] = {
@@ -78,8 +80,15 @@ _FIELD_GATES: dict[str, list[tuple[str, str]]] = {
 
 
 def _load_encryption_key(cfg: dict) -> bytes | None:
-    """Load db_key from keychain (preferred) or legacy e2e_key config."""
+    """Load encryption key: individual E2E > db_key from keychain > legacy e2e_key."""
     account_id = cfg.get("account_id", "")
+    # Individual E2E key — highest priority when session is E2E
+    if account_id and cfg.get("e2e_fingerprint") and cfg.get("_session_e2e"):
+        from methodproof.keychain import load_secret
+        e2e_key = load_secret(f"e2e:{account_id}")
+        if e2e_key:
+            return e2e_key
+    # Local db_key (for SQLite encryption)
     if account_id and cfg.get("master_key_fingerprint"):
         from methodproof.keychain import load_secret
         from methodproof.kdf import derive_master, derive_db_key
@@ -91,11 +100,13 @@ def _load_encryption_key(cfg: dict) -> bytes | None:
     return bytes.fromhex(raw) if raw else None
 
 
-def init(session_id: str, live: bool = False) -> None:
-    global _session_id, _initialized, _e2e_key, _capture, _live_mode, _prev_hash, _journal_mode, _account_id
+def init(session_id: str, live: bool = False, verbose: bool = False, streaming: bool = False) -> None:
+    global _session_id, _initialized, _e2e_key, _capture, _live_mode, _prev_hash, _journal_mode, _account_id, _verbose, _streaming
     _session_id = session_id
     _initialized = True
     _live_mode = live
+    _verbose = verbose
+    _streaming = streaming
     _prev_hash = "genesis"
     from methodproof import config
     cfg = config.load()
@@ -103,6 +114,10 @@ def init(session_id: str, live: bool = False) -> None:
     _capture = cfg.get("capture", {})
     _journal_mode = cfg.get("journal_mode", False)
     _account_id = cfg.get("account_id", "")
+    if _verbose or _streaming:
+        active = [k for k, v in _capture.items() if v]
+        log("info", "base.init", encryption=bool(_e2e_key), journal=_journal_mode,
+            live=_live_mode, capture=active)
 
 
 def log(level: str, event: str, **kw: object) -> None:
@@ -153,6 +168,10 @@ def emit(event_type: str, metadata: dict[str, Any]) -> None:
         _buffer.append(entry)
         if len(_buffer) >= _FLUSH_SIZE:
             _flush_locked()
+    if _verbose:
+        log("debug", "emit.buffered", type=event_type, buffer=len(_buffer))
+    if _streaming:
+        _stream_event(entry)
     if _live_mode:
         from methodproof import live as live_mod
         live_mod.send(entry)
@@ -168,15 +187,55 @@ def _flush_locked() -> None:
         return
     batch = list(_buffer)
     hashes = [(e["id"], e.pop("_chain_hash")) for e in batch if "_chain_hash" in e]
+    if _verbose or _streaming:
+        types = [e["type"] for e in batch]
+        log("info", "flush.start", count=len(batch), types=types)
     for attempt in range(_MAX_RETRIES):
         try:
             store.insert_events(_session_id, batch)
             if hashes:
                 store.insert_event_hashes(hashes)
+            if _verbose or _streaming:
+                log("info", "flush.ok", count=len(batch))
             _buffer.clear()
             return
         except Exception as exc:
             log("warning", "flush.retry", attempt=attempt + 1, error=str(exc))
             time.sleep(0.1 * (attempt + 1))
-    # Final attempt failed — keep events in buffer for next flush cycle
     log("error", "flush.failed", count=len(batch), retries=_MAX_RETRIES)
+
+
+def _stream_event(entry: dict[str, Any]) -> None:
+    """Print a human-readable event line to stdout for --streaming mode."""
+    ts = time.strftime("%H:%M:%S", time.localtime(entry["timestamp"]))
+    etype = entry["type"]
+    meta = entry.get("metadata", {})
+    # Build a compact summary per event type
+    detail = ""
+    if etype == "file_edit":
+        detail = f'{meta.get("path", "?")} +{meta.get("lines_added", 0)}-{meta.get("lines_removed", 0)}'
+    elif etype == "file_create":
+        detail = f'{meta.get("path", "?")} ({meta.get("size", 0)}B)'
+    elif etype == "file_delete":
+        detail = meta.get("path", "?")
+    elif etype == "terminal_cmd":
+        detail = f'{meta.get("command", "?")[:60]} → exit {meta.get("exit_code", "?")}'
+    elif etype == "test_run":
+        detail = f'{meta.get("framework", "?")} {meta.get("passed", 0)}✓ {meta.get("failed", 0)}✗'
+    elif etype == "git_commit":
+        detail = f'{meta.get("hash", "?")} {meta.get("message", "")[:50]}'
+    elif etype in ("llm_prompt", "agent_prompt", "user_prompt"):
+        detail = f'len={meta.get("prompt_length", meta.get("message_length", "?"))}'
+    elif etype in ("llm_completion", "agent_completion"):
+        detail = f'len={meta.get("response_length", "?")}'
+    elif etype == "music_playing":
+        detail = f'{meta.get("artist", "?")} — {meta.get("track", "?")}'
+    elif etype.startswith("browser_"):
+        detail = meta.get("url", meta.get("query", ""))[:60]
+    elif etype == "environment_profile":
+        detail = f'{meta.get("tool_count", "?")} tools'
+    else:
+        keys = list(meta.keys())[:4]
+        detail = ", ".join(f"{k}={meta[k]}" for k in keys) if keys else ""
+    sys.stdout.write(f"  [{ts}] {etype:30s} {detail}\n")
+    sys.stdout.flush()

{methodproof-0.6.0 → methodproof-0.7.1}/methodproof/agents/watcher.py

@@ -13,7 +13,35 @@ from watchdog.observers import Observer
 from methodproof.agents import base
 
 IGNORE_PATTERNS = re.compile(
-    r"(__pycache__|\.pyc|\.git/|node_modules|\.DS_Store|\.swp|~$)"
+    # Version control
+    r"(\.git/|\.hg/|\.svn/"
+    # OS / editor artifacts
+    r"|\.DS_Store|Thumbs\.db|\.swp|\.swo|~$|\.idea/|\.vscode/"
+    # Python
+    r"|__pycache__|\.pyc|\.pyo|\.egg-info/|\.eggs/|\.tox/"
+    r"|\.venv/|venv/|\.env/|env/|\.mypy_cache/|\.pytest_cache/|\.ruff_cache/"
+    r"|\.coverage|htmlcov/|\.nox/"
+    # JavaScript / TypeScript
+    r"|node_modules/|\.next/|\.nuxt/|\.expo/|\.turbo/|\.parcel-cache/"
+    r"|\.svelte-kit/|\.angular/|\.cache/"
+    # Rust
+    r"|/target/|\.cargo/"
+    # Go
+    r"|vendor/"
+    # Java / Kotlin / JVM
+    r"|\.gradle/|\.m2/|/out/"
+    # Ruby
+    r"|\.bundle/|\.gem/"
+    # PHP
+    r"|/vendor/|\.phpunit/"
+    # .NET / C#
+    r"|/bin/|/obj/|\.nuget/"
+    # Swift / Xcode
+    r"|\.build/|DerivedData/|Pods/"
+    # Build output / artifacts
+    r"|dist/|build/|\.output/"
+    # Logs and locks
+    r"|\.lock$|\.log$)"
 )
 
 

{methodproof-0.6.0 → methodproof-0.7.1}/methodproof/cli.py

@@ -337,6 +337,11 @@ def cmd_init(args: argparse.Namespace) -> None:
     if not cfg.get("consent_acknowledged"):
         cfg = _run_consent(cfg)
         config.save(cfg)
+        if cfg.get("token"):
+            cfg["_pending_research_sync"] = True
+            config.save(cfg)
+            from methodproof.sync import sync_research_consent
+            sync_research_consent(cfg["token"], cfg["api_url"])
         print()
 
     capture = cfg.get("capture", {})
@@ -408,6 +413,23 @@ def cmd_init(args: argparse.Namespace) -> None:
     else:
         print("AI hooks: skipped (ai_prompts and ai_responses disabled)")
 
+    # Local AI ports — capture traffic from local LLM servers
+    if ai_enabled and not cfg.get("local_ai_ports_offered"):
+        answer = input("Run any local AI models (Ollama, LM Studio, vLLM, etc.)? [y/N]: ").strip().lower()
+        cfg["local_ai_ports_offered"] = True
+        if answer == "y":
+            raw = input("Enter ports (comma-separated, e.g. 8080,5000,7860): ").strip()
+            ports = [int(p.strip()) for p in raw.split(",") if p.strip().isdigit()]
+            cfg["local_ai_ports"] = ports
+            if ports:
+                print(f"Local AI ports: {', '.join(str(p) for p in ports)} (proxy will decode these)")
+            else:
+                print("Local AI ports: none added")
+        else:
+            cfg["local_ai_ports"] = []
+            print("Local AI ports: skipped (built-in: Ollama 11434, Jan 1234)")
+        config.save(cfg)
+
     # Signing keypair for attestation
     from methodproof.integrity import has_keypair
     if not has_keypair():
@@ -661,6 +683,11 @@ def cmd_consent(args: argparse.Namespace) -> None:
     print(f"\n{_banner()}\n")
     cfg = _run_consent_detailed(cfg)
     config.save(cfg)
+    if cfg.get("token"):
+        cfg["_pending_research_sync"] = True
+        config.save(cfg)
+        from methodproof.sync import sync_research_consent
+        sync_research_consent(cfg["token"], cfg["api_url"])
     print(f"\n{_banner()} settings saved.\n")
     _print_commands()
 
@@ -834,39 +861,71 @@ def _recover_master_key(cfg: dict, account_id: str) -> None:
 
 
 def _is_daemon_alive() -> bool:
-    """Check if the recording daemon is still running."""
+    """Check if the recording daemon is still running (not a reused PID)."""
     if not PIDFILE.exists():
         return False
     try:
         pid = int(PIDFILE.read_text().strip())
-        os.kill(pid, 0)  # signal 0 = check existence without killing
-        return True
+        os.kill(pid, 0)
     except (ProcessLookupError, ValueError, OSError):
         return False
+    # Verify the PID is actually a methodproof process (PIDs get reused after reboot)
+    try:
+        import subprocess
+        out = subprocess.check_output(["ps", "-p", str(pid), "-o", "args="], text=True).strip()
+        return "methodproof" in out
+    except Exception:
+        return False
+
+
+def _log_step(msg: str, verbose: bool = False) -> None:
+    """Print a step-by-step progress line. Always shown."""
+    print(f"  → {msg}")
+
+
+def _log_debug(msg: str, **kw: object) -> None:
+    """Print structured debug line (--verbose only). Writes to stderr."""
+    import json as _json
+    entry = {"ts": time.time(), "level": "debug", "event": msg, **kw}
+    sys.stderr.write(_json.dumps(entry, default=str) + "\n")
 
 
 def cmd_start(args: argparse.Namespace) -> None:
+    verbose = getattr(args, "verbose", False)
+    streaming = getattr(args, "streaming", False)
+
+    _log_step("Loading config")
     cfg = config.load()
+    if verbose:
+        _log_debug("config.loaded", api_url=cfg.get("api_url"), account_id=cfg.get("account_id", "")[:8],
+                    active_session=cfg.get("active_session"), journal=cfg.get("journal_mode"))
+
     if cfg.get("auto_update"):
+        _log_step("Checking for updates")
         _auto_update()
+
     if cfg.get("active_session"):
         if _is_daemon_alive():
             print(f"Session active: {cfg['active_session'][:8]}")
             print("Run `methodproof stop` first.")
             sys.exit(1)
-        # Daemon is dead — clean up the stale session
         stale_sid = cfg["active_session"]
+        _log_step(f"Cleaning stale session {stale_sid[:8]}")
         store.complete_session(stale_sid)
         graph.build(stale_sid)
         PIDFILE.unlink(missing_ok=True)
         cfg["active_session"] = None
         config.save(cfg)
-        print(f"Cleaned up stale session {stale_sid[:8]} (daemon was not running).")
+
+    _log_step("Checking hooks")
     if not hook.is_installed():
-        print("Run `methodproof init` first.")
+        print("ERROR: Run `methodproof init` first.")
         sys.exit(1)
 
+    _log_step("Authenticating")
     account_id = _require_auth(cfg)
+    if verbose:
+        _log_debug("auth.ok", account_id=account_id[:8] if account_id else "none")
 
     # Check for new consent categories before recording
     capture = cfg.get("capture", {})
@@ -878,6 +937,7 @@ def cmd_start(args: argparse.Namespace) -> None:
         config.save(cfg)
         print()
 
+    _log_step("Creating session")
     sid = uuid.uuid4().hex
     watch_dir = os.path.abspath(args.dir or ".")
     repo_url = args.repo or repos.detect_repo(watch_dir)
@@ -885,7 +945,6 @@ def cmd_start(args: argparse.Namespace) -> None:
     visibility = "public" if args.public else "private"
     from methodproof.binding import compute_binding, compute_device_id
     device_id = compute_device_id()
-    # Compute session binding if master key is available
     binding = ""
     if cfg.get("master_key_fingerprint") and account_id:
         from methodproof.keychain import load_secret
@@ -895,38 +954,49 @@ def cmd_start(args: argparse.Namespace) -> None:
             master = derive_master(entropy)
             bind_key = derive_bind_key(master, account_id)
             binding = compute_binding(bind_key, sid, account_id, device_id, time.time())
+            if verbose:
+                _log_debug("binding.computed", device_id=device_id[:8])
     store.create_session(sid, watch_dir, repo_url, json.dumps(tags), visibility,
                          account_id, binding, device_id)
     cfg["active_session"] = sid
     config.save(cfg)
     PIDFILE.write_text(str(os.getpid()))
+    if verbose:
+        _log_debug("session.created", sid=sid[:8], watch_dir=watch_dir, visibility=visibility,
+                    device_id=device_id[:8], bound=bool(binding))
 
-    # Temporal anchor — server-signed timestamp (best-effort, skip if offline)
+    # Temporal anchor
     if cfg.get("token"):
+        _log_step("Requesting temporal anchor")
         try:
             from methodproof.sync import _request
             anchor = _request("POST", f"/sessions/{sid}/anchor", cfg["api_url"], cfg["token"])
             store.update_anchor(sid, anchor["anchor_ts"], anchor["signature"])
+            if verbose:
+                _log_debug("anchor.ok", anchor_ts=anchor["anchor_ts"])
         except Exception as exc:
-            print(f"Anchor: skipped ({exc})")
+            _log_step(f"Anchor: skipped ({exc})")
 
     from methodproof.agents import base
-    live_ok = False
     capture = cfg.get("capture", {})
 
+    # Live streaming
     live_url = ""
     want_live = args.live or getattr(args, "live_public", False)
     live_visibility = "public" if getattr(args, "live_public", False) else "private"
     if want_live:
+        _log_step("Connecting live stream")
         if not cfg.get("token"):
             print("Live mode requires login. Run `methodproof login` first.")
             sys.exit(1)
-        # Create remote session first
         from methodproof.sync import _request
-        result = _request("POST", "/personal/sessions", cfg["api_url"], cfg["token"])
+        session_body: dict = {}
+        if cfg.get("e2e_fingerprint") and (getattr(args, "e2e", False) or cfg.get("e2e_mode")):
+            session_body["e2e_key_fingerprint"] = cfg["e2e_fingerprint"]
+        result = _request("POST", "/personal/sessions", cfg["api_url"], cfg["token"],
+                          session_body or None)
         remote_id = result["session_id"]
         store.mark_synced(sid, remote_id)
-        # Connect live WebSocket
         from methodproof import live as live_mod
         live_url = live_mod.start(cfg["api_url"], cfg["token"], remote_id, capture, live_visibility) or ""
         if not live_url:
@@ -939,7 +1009,7 @@ def cmd_start(args: argparse.Namespace) -> None:
             print(f"Live (public): {live_url}")
             print("  Anyone with this link can watch your session build in real time.")
 
-    # Journal mode — per-session override or persistent config
+    # Journal mode
     if getattr(args, "journal", False):
         cfg["journal_mode"] = True
         credits = cfg.get("journal_credits", 0)
@@ -950,6 +1020,18 @@ def cmd_start(args: argparse.Namespace) -> None:
             print("Journal mode ON for this session (full content capture).")
         config.save(cfg)
 
+    # E2E mode
+    want_e2e = getattr(args, "e2e", False) or (cfg.get("e2e_mode") and not getattr(args, "no_e2e", False))
+    if want_e2e:
+        fp = cfg.get("e2e_fingerprint")
+        if not fp:
+            print("E2E requires key setup. Run `methodproof e2e on` first.")
+            sys.exit(1)
+        cfg["_session_e2e"] = True
+        config.save(cfg)
+        print("E2E mode ON for this session (content encrypted with your key).")
+        print("  Narration unavailable. Release later with: mp e2e release <session-id>")
+
     # Save live_url for daemon subprocess to pick up
     if live_url:
         cfg["_live_url"] = live_url
@@ -966,25 +1048,35 @@ def cmd_start(args: argparse.Namespace) -> None:
         print(f"Bridge:    http://localhost:9877")
     if live_url:
         print(f"Live:      {live_url}")
+    if verbose:
+        print(f"Mode:      verbose (debug → daemon.log)")
+    if streaming:
+        print(f"Mode:      streaming (blocking, events → stdout)")
+
+    # --streaming: blocking foreground mode with real-time event output
+    if streaming:
+        _run_foreground(sid, watch_dir, cfg, capture, live_url, verbose=True, streaming=True)
+        return
 
-    # Daemonize: spawn a subprocess (safe on macOS — avoids CoreFoundation segfault from os.fork)
+    # Daemonize (macOS/Linux) — pass --verbose to daemon if set
     if sys.platform != "win32":
         import subprocess as _sp
         daemon_log = config.DIR / "daemon.log"
         log_fh = open(daemon_log, "a")
-        proc = _sp.Popen(
-            [sys.executable, "-m", "methodproof._daemon", sid, watch_dir],
-            start_new_session=True,
-            stdout=log_fh, stderr=log_fh, stdin=_sp.DEVNULL,
-        )
+        cmd = [sys.executable, "-m", "methodproof._daemon", sid, watch_dir]
+        if verbose:
+            cmd.append("--verbose")
+        _log_step(f"Spawning daemon (log: {daemon_log})")
+        proc = _sp.Popen(cmd, start_new_session=True, stdout=log_fh, stderr=log_fh, stdin=_sp.DEVNULL)
         PIDFILE.write_text(str(proc.pid))
-        # Verify daemon is alive after brief startup
+        if verbose:
+            _log_debug("daemon.spawned", pid=proc.pid, cmd=cmd)
         time.sleep(1)
         if proc.poll() is not None:
             print(f"ERROR: Daemon exited immediately (code {proc.returncode}). Check {daemon_log}")
             PIDFILE.unlink(missing_ok=True)
             sys.exit(1)
-        # Check extension auto-discovery (extension polls every ~6s)
+        _log_step(f"Daemon alive (pid {proc.pid})")
         if capture.get("browser", True):
             import urllib.request as _ur
             time.sleep(7)
@@ -1001,9 +1093,16 @@ def cmd_start(args: argparse.Namespace) -> None:
         return
 
     # Windows: foreground mode (no subprocess daemonization)
+    _run_foreground(sid, watch_dir, cfg, capture, live_url, verbose=verbose, streaming=False)
+
+
+def _run_foreground(sid: str, watch_dir: str, cfg: dict, capture: dict,
+                    live_url: str, verbose: bool, streaming: bool) -> None:
+    """Run capture agents in the foreground (blocking). Used by --streaming and Windows."""
     from methodproof.agents import base as _base
-    _base.init(sid, live=bool(live_url))
+    _base.init(sid, live=bool(live_url), verbose=verbose, streaming=streaming)
     if capture.get("environment_analysis", True):
+        _log_step("Scanning environment")
         try:
             from methodproof.analysis import scan_environment
             env_profile = scan_environment(watch_dir)
@@ -1020,19 +1119,31 @@ def cmd_start(args: argparse.Namespace) -> None:
     if files_enabled:
         from methodproof.agents import watcher
         threads.append(threading.Thread(target=watcher.start, args=(watch_dir, stop_event), daemon=True))
+        _log_step("Agent: watcher")
     if capture.get("terminal_commands", True) or capture.get("test_results", True):
         from methodproof.agents import terminal
         threads.append(threading.Thread(target=terminal.start, args=(stop_event,), daemon=True))
+        _log_step("Agent: terminal")
     if capture.get("browser", True):
         from methodproof import bridge
+        e2e_key_hex = ""
+        if cfg.get("_session_e2e") and cfg.get("account_id"):
+            from methodproof.keychain import load_secret
+            _raw = load_secret(f"e2e:{cfg['account_id']}")
+            if _raw:
+                e2e_key_hex = _raw.hex()
+        else:
+            e2e_key_hex = cfg.get("e2e_key", "")
         threads.append(threading.Thread(target=bridge.start, args=(
             sid, stop_event, 9877,
-            cfg.get("token", ""), cfg.get("api_url", ""), cfg.get("e2e_key", ""),
+            cfg.get("token", ""), cfg.get("api_url", ""), e2e_key_hex,
             cfg.get("journal_mode", False),
         ), daemon=True))
+        _log_step("Agent: bridge")
     if capture.get("music", True):
         from methodproof.agents import music
         threads.append(threading.Thread(target=music.start, args=(stop_event,), daemon=True))
+        _log_step("Agent: music")
 
     def _shutdown(sig: int, frame: object) -> None:
         stop_event.set()
@@ -1054,10 +1165,14 @@ def cmd_start(args: argparse.Namespace) -> None:
         PIDFILE.unlink(missing_ok=True)
         sys.exit(0)
 
+    _log_step(f"Starting {len(threads)} agent(s)")
     for t in threads:
         t.start()
     signal.signal(signal.SIGINT, _shutdown)
-    print("Press Ctrl+C or run `mp stop` to finish.")
+    if streaming:
+        print("\n  Streaming events (Ctrl+C to stop):\n")
+    else:
+        print("Press Ctrl+C or run `mp stop` to finish.")
     stopfile = config.DIR / "methodproof.stop"
     while not stop_event.is_set():
         if stopfile.exists():
@@ -1176,6 +1291,8 @@ def cmd_login(args: argparse.Namespace) -> None:
                 config.save(cfg)
                 print(" done.\n")
                 _setup_master_key(cfg)
+                from methodproof.sync import sync_research_consent
+                sync_research_consent(cfg["token"], cfg["api_url"])
                 print("Logged in. Run `methodproof push` to upload sessions.")
                 return
         except Exception:
@@ -1190,6 +1307,9 @@ def cmd_push(args: argparse.Namespace) -> None:
     if not cfg.get("token"):
         print("Run `methodproof login` first.")
         sys.exit(1)
+    from methodproof.sync import sync_research_consent
+    sync_research_consent(cfg["token"], cfg["api_url"])
+    cfg = config.load()
     sid = args.session_id or _latest()
     if not sid:
         print("No sessions to push.")
@@ -1583,6 +1703,10 @@ def main() -> None:
     s.add_argument("--live", action="store_true", help="Stream graph live to your private profile")
     s.add_argument("--live-public", action="store_true", help="Stream graph live — visible to anyone with the link")
     s.add_argument("--journal", action="store_true", help="Journal mode — full content capture (2 free credits, then Pro)")
+    s.add_argument("--e2e", action="store_true", help="E2E encryption — content encrypted with your personal key")
+    s.add_argument("--no-e2e", action="store_true", help="Disable E2E for this session (overrides config)")
+    s.add_argument("--verbose", "-v", action="store_true", help="Debug logging at each step (still daemonizes)")
+    s.add_argument("--streaming", action="store_true", help="Blocking foreground — stream every captured event to stdout")
     sub.add_parser("stop", help="Stop recording")
     v = sub.add_parser("view", help="Inspect captured session data")
     v.add_argument("session_id", nargs="?")
@@ -1626,6 +1750,14 @@ def main() -> None:
     jr_sub.add_parser("on", help="Enable journal mode (persists full content)")
     jr_sub.add_parser("off", help="Disable journal mode (structural only)")
     jr_sub.add_parser("status", help="Show journal mode status")
+    e2e_p = sub.add_parser("e2e", help="E2E encryption — personal key management")
+    e2e_sub = e2e_p.add_subparsers(dest="e2e_cmd")
+    e2e_sub.add_parser("on", help="Enable E2E mode (generates key on first use)")
+    e2e_sub.add_parser("off", help="Disable E2E mode (key stays in keychain)")
+    e2e_sub.add_parser("status", help="Show E2E mode status")
+    e2e_sub.add_parser("recover", help="Recover key from passphrase")
+    e2e_rel = e2e_sub.add_parser("release", help="Release a session from E2E encryption")
+    e2e_rel.add_argument("session_id", help="Session ID to release")
     sub.add_parser("intro", help="Show the MethodProof intro")
     sub.add_parser("help", help="Show command reference")
     sub.add_parser("mcp-serve", help="Run MCP server (used by Claude Code)")
@@ -1645,6 +1777,7 @@ def main() -> None:
         "update": cmd_update, "lock": cmd_lock, "reset": cmd_reset, "uninstall": cmd_uninstall,
         "extension": cmd_extension,
         "journal": cmd_journal,
+        "e2e": lambda a: __import__("methodproof.e2e", fromlist=["cmd_e2e"]).cmd_e2e(a),
         "intro": lambda _: _print_intro(),
         "help": lambda _: _print_commands(),
         "mcp-serve": cmd_mcp_serve,

{methodproof-0.6.0 → methodproof-0.7.1}/methodproof/config.py

@@ -34,11 +34,16 @@ _DEFAULTS: dict[str, Any] = {
         "code_capture": False,
     },
     "research_consent": False,
+    "contribution_level": None,
+    "_pending_research_sync": False,
     "journal_mode": False,
     "journal_credits": 2,
+    "e2e_mode": False,
+    "e2e_fingerprint": "",
     "auto_update": False,
     "account_id": "",
     "last_auth_at": 0,
+    "local_ai_ports": [],  # user-configured localhost ports for local LLM capture
     "publish_redact": {
         "command_output": True,
         "ai_prompts": True,