methodproof 0.7.0__tar.gz → 0.7.2__tar.gz

{methodproof-0.7.0 → methodproof-0.7.2}/CHANGELOG.md

@@ -1,5 +1,15 @@
 # Changelog
 
+## [0.7.1] — 2026-04-07
+
+### Fixed
+- **7 GB database bloat** — `artifacts` table lacked a UNIQUE constraint on `path`, causing `_ensure_artifact` to insert a duplicate row per `file_edit`. The `_link_action_artifacts` JOIN then produced a cartesian explosion (39.9M rows from 16K events). Added UNIQUE constraint + migration that deduplicates existing data on upgrade.
+- **Stale PID after reboot** — `_is_daemon_alive()` only checked `os.kill(pid, 0)`, which succeeds if the OS reused the PID for an unrelated process. Now verifies the process name contains "methodproof" via `ps`. Prevents killing random processes and unblocks `mp stop`/`mp start` after a system restart.
+- **SQLite hang on locked database** — `sqlite3.connect()` had no timeout, so a crashed daemon holding a WAL lock caused `mp stop` to hang forever. Added `timeout=10`.
+
+### Added
+- **Research consent sync** — `mp init`, `mp consent`, `mp login`, and `mp push` now sync research opt-in state between CLI and platform. Local changes are flagged with `_pending_research_sync` and pushed on next authenticated call; canonical state is always pulled from the platform.
+
 ## [0.7.0] — 2026-04-07
 
 ### Fixed
@@ -7,6 +17,7 @@
 - **Claude Code hook errors** — hook script pointed to deleted pyenv site-packages path; added pidfile guard (`exit 0` when no session active) to prevent bridge connection failures
 
 ### Added
+- **Configurable local AI ports** — `mp init` now asks about local LLM servers (Ollama, LM Studio, vLLM, etc.) and adds user-specified ports to the proxy allowlist. Previously only 3 hardcoded ports (11434, 18789, 1234) were captured; custom ports were invisible to the proxy decoder.
 - `mp start --streaming` — blocking foreground mode, streams every captured event to stdout in real-time with human-readable formatting
 - `mp start --verbose` / `-v` — structured debug logging at each step (config, auth, session, anchor, daemon spawn); daemon log includes agent init and buffer/flush stats
 - Step-by-step progress output on default `mp start` (`→ Loading config`, `→ Checking hooks`, etc.) so failures are immediately locatable

{methodproof-0.7.0 → methodproof-0.7.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: methodproof
-Version: 0.7.0
+Version: 0.7.2
 Summary: See how you code. Capture and visualize your engineering process.
 License-Expression: Apache-2.0
 License-File: LICENSE

{methodproof-0.7.0 → methodproof-0.7.2}/methodproof/__init__.py

@@ -1,3 +1,3 @@
 """MethodProof — see how you code."""
 
-__version__ = "0.6.0"
+__version__ = "0.7.2"

{methodproof-0.7.0 → methodproof-0.7.2}/methodproof/agents/base.py

@@ -80,8 +80,15 @@ _FIELD_GATES: dict[str, list[tuple[str, str]]] = {
 
 
 def _load_encryption_key(cfg: dict) -> bytes | None:
-    """Load db_key from keychain (preferred) or legacy e2e_key config."""
+    """Load encryption key: individual E2E > db_key from keychain > legacy e2e_key."""
     account_id = cfg.get("account_id", "")
+    # Individual E2E key — highest priority when session is E2E
+    if account_id and cfg.get("e2e_fingerprint") and cfg.get("_session_e2e"):
+        from methodproof.keychain import load_secret
+        e2e_key = load_secret(f"e2e:{account_id}")
+        if e2e_key:
+            return e2e_key
+    # Local db_key (for SQLite encryption)
     if account_id and cfg.get("master_key_fingerprint"):
         from methodproof.keychain import load_secret
         from methodproof.kdf import derive_master, derive_db_key

{methodproof-0.7.0 → methodproof-0.7.2}/methodproof/cli.py

@@ -337,6 +337,11 @@ def cmd_init(args: argparse.Namespace) -> None:
     if not cfg.get("consent_acknowledged"):
         cfg = _run_consent(cfg)
         config.save(cfg)
+        if cfg.get("token"):
+            cfg["_pending_research_sync"] = True
+            config.save(cfg)
+            from methodproof.sync import sync_research_consent
+            sync_research_consent(cfg["token"], cfg["api_url"])
         print()
 
     capture = cfg.get("capture", {})
@@ -408,6 +413,23 @@ def cmd_init(args: argparse.Namespace) -> None:
     else:
         print("AI hooks: skipped (ai_prompts and ai_responses disabled)")
 
+    # Local AI ports — capture traffic from local LLM servers
+    if ai_enabled and not cfg.get("local_ai_ports_offered"):
+        answer = input("Run any local AI models (Ollama, LM Studio, vLLM, etc.)? [y/N]: ").strip().lower()
+        cfg["local_ai_ports_offered"] = True
+        if answer == "y":
+            raw = input("Enter ports (comma-separated, e.g. 8080,5000,7860): ").strip()
+            ports = [int(p.strip()) for p in raw.split(",") if p.strip().isdigit()]
+            cfg["local_ai_ports"] = ports
+            if ports:
+                print(f"Local AI ports: {', '.join(str(p) for p in ports)} (proxy will decode these)")
+            else:
+                print("Local AI ports: none added")
+        else:
+            cfg["local_ai_ports"] = []
+            print("Local AI ports: skipped (built-in: Ollama 11434, Jan 1234)")
+        config.save(cfg)
+
     # Signing keypair for attestation
     from methodproof.integrity import has_keypair
     if not has_keypair():
@@ -661,6 +683,11 @@ def cmd_consent(args: argparse.Namespace) -> None:
     print(f"\n{_banner()}\n")
     cfg = _run_consent_detailed(cfg)
     config.save(cfg)
+    if cfg.get("token"):
+        cfg["_pending_research_sync"] = True
+        config.save(cfg)
+        from methodproof.sync import sync_research_consent
+        sync_research_consent(cfg["token"], cfg["api_url"])
     print(f"\n{_banner()} settings saved.\n")
     _print_commands()
 
@@ -834,15 +861,21 @@ def _recover_master_key(cfg: dict, account_id: str) -> None:
 
 
 def _is_daemon_alive() -> bool:
-    """Check if the recording daemon is still running."""
+    """Check if the recording daemon is still running (not a reused PID)."""
     if not PIDFILE.exists():
         return False
     try:
         pid = int(PIDFILE.read_text().strip())
-        os.kill(pid, 0)  # signal 0 = check existence without killing
-        return True
+        os.kill(pid, 0)
     except (ProcessLookupError, ValueError, OSError):
         return False
+    # Verify the PID is actually a methodproof process (PIDs get reused after reboot)
+    try:
+        import subprocess
+        out = subprocess.check_output(["ps", "-p", str(pid), "-o", "args="], text=True).strip()
+        return "methodproof" in out
+    except Exception:
+        return False
 
 
 def _log_step(msg: str, verbose: bool = False) -> None:
@@ -957,7 +990,11 @@ def cmd_start(args: argparse.Namespace) -> None:
             print("Live mode requires login. Run `methodproof login` first.")
             sys.exit(1)
         from methodproof.sync import _request
-        result = _request("POST", "/personal/sessions", cfg["api_url"], cfg["token"])
+        session_body: dict = {}
+        if cfg.get("e2e_fingerprint") and (getattr(args, "e2e", False) or cfg.get("e2e_mode")):
+            session_body["e2e_key_fingerprint"] = cfg["e2e_fingerprint"]
+        result = _request("POST", "/personal/sessions", cfg["api_url"], cfg["token"],
+                          session_body or None)
         remote_id = result["session_id"]
         store.mark_synced(sid, remote_id)
         from methodproof import live as live_mod
@@ -983,6 +1020,18 @@ def cmd_start(args: argparse.Namespace) -> None:
             print("Journal mode ON for this session (full content capture).")
         config.save(cfg)
 
+    # E2E mode
+    want_e2e = getattr(args, "e2e", False) or (cfg.get("e2e_mode") and not getattr(args, "no_e2e", False))
+    if want_e2e:
+        fp = cfg.get("e2e_fingerprint")
+        if not fp:
+            print("E2E requires key setup. Run `methodproof e2e on` first.")
+            sys.exit(1)
+        cfg["_session_e2e"] = True
+        config.save(cfg)
+        print("E2E mode ON for this session (content encrypted with your key).")
+        print("  Narration unavailable. Release later with: mp e2e release <session-id>")
+
     # Save live_url for daemon subprocess to pick up
     if live_url:
         cfg["_live_url"] = live_url
@@ -1077,9 +1126,17 @@ def _run_foreground(sid: str, watch_dir: str, cfg: dict, capture: dict,
         _log_step("Agent: terminal")
     if capture.get("browser", True):
         from methodproof import bridge
+        e2e_key_hex = ""
+        if cfg.get("_session_e2e") and cfg.get("account_id"):
+            from methodproof.keychain import load_secret
+            _raw = load_secret(f"e2e:{cfg['account_id']}")
+            if _raw:
+                e2e_key_hex = _raw.hex()
+        else:
+            e2e_key_hex = cfg.get("e2e_key", "")
         threads.append(threading.Thread(target=bridge.start, args=(
             sid, stop_event, 9877,
-            cfg.get("token", ""), cfg.get("api_url", ""), cfg.get("e2e_key", ""),
+            cfg.get("token", ""), cfg.get("api_url", ""), e2e_key_hex,
             cfg.get("journal_mode", False),
         ), daemon=True))
         _log_step("Agent: bridge")
@@ -1194,6 +1251,21 @@ def cmd_log(args: argparse.Namespace) -> None:
         print(f"  {s['id'][:8]}  {dt}  {dur}  {s['total_events']} events{suffix}")
 
 
+def cmd_logout(args: argparse.Namespace) -> None:
+    """Clear login credentials only. Keeps consent, sessions, and hooks."""
+    cfg = config.load()
+    if not cfg.get("token"):
+        print("Not logged in.")
+        return
+    old_email = cfg.get("email", "")
+    old_account = cfg.get("account_id", "")[:8]
+    for key in ("token", "refresh_token", "email", "account_id", "last_auth_at"):
+        cfg[key] = config._DEFAULTS.get(key, "")
+    config.save(cfg)
+    label = old_email or old_account or "account"
+    print(f"Logged out ({label}). Run `mp login` to sign in again.")
+
+
 def cmd_login(args: argparse.Namespace) -> None:
     import webbrowser
     from methodproof.sync import _request
@@ -1201,6 +1273,13 @@ def cmd_login(args: argparse.Namespace) -> None:
     cfg = config.load()
     api = args.api_url or cfg["api_url"]
 
+    if cfg.get("token") and not getattr(args, "force", False):
+        current = cfg.get("email") or cfg.get("account_id", "")[:8] or "an account"
+        print(f"Already logged in as {current}.")
+        answer = input("  Switch accounts? [y/N]: ").strip().lower()
+        if answer not in ("y", "yes"):
+            return
+
     # Start device auth flow
     result = _request("POST", "/auth/cli/start", api, "")
     code = result["code"]
@@ -1234,6 +1313,8 @@ def cmd_login(args: argparse.Namespace) -> None:
                 config.save(cfg)
                 print(" done.\n")
                 _setup_master_key(cfg)
+                from methodproof.sync import sync_research_consent
+                sync_research_consent(cfg["token"], cfg["api_url"])
                 print("Logged in. Run `methodproof push` to upload sessions.")
                 return
         except Exception:
@@ -1248,6 +1329,9 @@ def cmd_push(args: argparse.Namespace) -> None:
     if not cfg.get("token"):
         print("Run `methodproof login` first.")
         sys.exit(1)
+    from methodproof.sync import sync_research_consent
+    sync_research_consent(cfg["token"], cfg["api_url"])
+    cfg = config.load()
     sid = args.session_id or _latest()
     if not sid:
         print("No sessions to push.")
@@ -1641,6 +1725,8 @@ def main() -> None:
     s.add_argument("--live", action="store_true", help="Stream graph live to your private profile")
     s.add_argument("--live-public", action="store_true", help="Stream graph live — visible to anyone with the link")
     s.add_argument("--journal", action="store_true", help="Journal mode — full content capture (2 free credits, then Pro)")
+    s.add_argument("--e2e", action="store_true", help="E2E encryption — content encrypted with your personal key")
+    s.add_argument("--no-e2e", action="store_true", help="Disable E2E for this session (overrides config)")
     s.add_argument("--verbose", "-v", action="store_true", help="Debug logging at each step (still daemonizes)")
     s.add_argument("--streaming", action="store_true", help="Blocking foreground — stream every captured event to stdout")
     sub.add_parser("stop", help="Stop recording")
@@ -1649,6 +1735,8 @@ def main() -> None:
     sub.add_parser("log", help="List sessions")
     l = sub.add_parser("login", help="Connect to platform")
     l.add_argument("--api-url")
+    l.add_argument("--force", "-f", action="store_true", help="Skip switch-account prompt")
+    sub.add_parser("logout", help="Clear login credentials (keeps consent and sessions)")
     pu = sub.add_parser("push", help="Upload privately to your account")
     pu.add_argument("session_id", nargs="?")
     tg = sub.add_parser("tag", help="Tag a session")
@@ -1686,6 +1774,14 @@ def main() -> None:
     jr_sub.add_parser("on", help="Enable journal mode (persists full content)")
     jr_sub.add_parser("off", help="Disable journal mode (structural only)")
     jr_sub.add_parser("status", help="Show journal mode status")
+    e2e_p = sub.add_parser("e2e", help="E2E encryption — personal key management")
+    e2e_sub = e2e_p.add_subparsers(dest="e2e_cmd")
+    e2e_sub.add_parser("on", help="Enable E2E mode (generates key on first use)")
+    e2e_sub.add_parser("off", help="Disable E2E mode (key stays in keychain)")
+    e2e_sub.add_parser("status", help="Show E2E mode status")
+    e2e_sub.add_parser("recover", help="Recover key from passphrase")
+    e2e_rel = e2e_sub.add_parser("release", help="Release a session from E2E encryption")
+    e2e_rel.add_argument("session_id", help="Session ID to release")
     sub.add_parser("intro", help="Show the MethodProof intro")
     sub.add_parser("help", help="Show command reference")
     sub.add_parser("mcp-serve", help="Run MCP server (used by Claude Code)")
@@ -1699,12 +1795,13 @@ def main() -> None:
     args = p.parse_args()
     cmds = {
         "init": cmd_init, "start": cmd_start, "stop": cmd_stop,
-        "view": cmd_view, "log": cmd_log, "login": cmd_login,
+        "view": cmd_view, "log": cmd_log, "login": cmd_login, "logout": cmd_logout,
         "push": cmd_push, "tag": cmd_tag, "publish": cmd_publish,
         "delete": cmd_delete, "review": cmd_review, "consent": cmd_consent,
         "update": cmd_update, "lock": cmd_lock, "reset": cmd_reset, "uninstall": cmd_uninstall,
         "extension": cmd_extension,
         "journal": cmd_journal,
+        "e2e": lambda a: __import__("methodproof.e2e", fromlist=["cmd_e2e"]).cmd_e2e(a),
         "intro": lambda _: _print_intro(),
         "help": lambda _: _print_commands(),
         "mcp-serve": cmd_mcp_serve,

{methodproof-0.7.0 → methodproof-0.7.2}/methodproof/config.py

@@ -34,11 +34,16 @@ _DEFAULTS: dict[str, Any] = {
         "code_capture": False,
     },
     "research_consent": False,
+    "contribution_level": None,
+    "_pending_research_sync": False,
     "journal_mode": False,
     "journal_credits": 2,
+    "e2e_mode": False,
+    "e2e_fingerprint": "",
     "auto_update": False,
     "account_id": "",
     "last_auth_at": 0,
+    "local_ai_ports": [],  # user-configured localhost ports for local LLM capture
     "publish_redact": {
         "command_output": True,
         "ai_prompts": True,

methodproof-0.7.2/methodproof/e2e.py

@@ -0,0 +1,304 @@
+"""E2E encryption mode — personal key management and session release."""
+
+import argparse
+import getpass
+import hashlib
+import json
+import os
+import sys
+from base64 import b64decode, b64encode
+
+from methodproof import config, store
+
+
+_RESET = "\033[0m"
+
+
+def print_e2e_intro() -> None:
+    """Show E2E mode introduction."""
+    print("  ┌─────────────────────────────────────────────────────┐")
+    print("  │  E2E Mode — personal encryption                     │")
+    print("  └─────────────────────────────────────────────────────┘")
+    print("  When enabled, session content (prompts, responses, diffs,")
+    print("  terminal output) is encrypted with a key only you hold.")
+    print("  The MethodProof platform cannot read encrypted fields.")
+    print()
+    print("  Tradeoff: narration and AI features are unavailable for")
+    print("  encrypted sessions. You can release individual sessions")
+    print("  from E2E later to enable narration.")
+    print()
+    print("  Structural data (graph, timing, threads, scoring) is")
+    print("  always available regardless of E2E status.")
+    print()
+    print("  Try it:  mp start --e2e")
+    print("  Toggle:  mp e2e on / off / status")
+    print()
+
+
+def _prompt_passphrase() -> str:
+    """Prompt for a passphrase (12+ chars, confirmed)."""
+    while True:
+        pp = getpass.getpass("Passphrase (12+ characters): ")
+        if len(pp) < 12:
+            print("Passphrase must be at least 12 characters.")
+            continue
+        confirm = getpass.getpass("Confirm passphrase: ")
+        if pp != confirm:
+            print("Passphrases do not match.")
+            continue
+        return pp
+
+
+def _wrap_key(raw_key: bytes, passphrase: str) -> tuple[bytes, bytes]:
+    """Derive wrapping key from passphrase, encrypt raw_key. Returns (salt, blob)."""
+    from cryptography.hazmat.primitives.ciphers.aead import AESGCM
+    salt = os.urandom(16)
+    wrapping_key = hashlib.pbkdf2_hmac("sha256", passphrase.encode(), salt, 600_000, dklen=32)
+    nonce = os.urandom(12)
+    ciphertext = AESGCM(wrapping_key).encrypt(nonce, raw_key, None)
+    blob = nonce + ciphertext
+    return salt, blob
+
+
+def _unwrap_key(blob_b64: str, salt_hex: str, passphrase: str, iterations: int = 600_000) -> bytes:
+    """Decrypt recovery blob to recover raw key."""
+    from cryptography.hazmat.primitives.ciphers.aead import AESGCM
+    salt = bytes.fromhex(salt_hex)
+    wrapping_key = hashlib.pbkdf2_hmac("sha256", passphrase.encode(), salt, iterations, dklen=32)
+    raw = b64decode(blob_b64)
+    nonce, ct = raw[:12], raw[12:]
+    return AESGCM(wrapping_key).decrypt(nonce, ct, None)
+
+
+def _setup_key(cfg: dict) -> None:
+    """First-time key generation and registration."""
+    from methodproof import keychain
+    from methodproof.crypto import fingerprint
+    from methodproof.sync import _request
+
+    account_id = cfg.get("account_id", "")
+    token = cfg.get("token", "")
+    api_url = cfg.get("api_url", "")
+    if not token or not account_id:
+        print("E2E requires login. Run `methodproof login` first.")
+        sys.exit(1)
+
+    print("E2E Mode — Personal Encryption\n")
+    print("A 256-bit key will be generated and stored in your OS keychain.")
+    print("You will set a recovery passphrase in case you lose keychain access.\n")
+
+    answer = input("Enable E2E mode? [y/N] ").strip().lower()
+    if answer != "y":
+        print("E2E mode not enabled.")
+        return
+
+    raw_key = os.urandom(32)
+    fp = fingerprint(raw_key)
+    passphrase = _prompt_passphrase()
+    salt, blob = _wrap_key(raw_key, passphrase)
+
+    # Store raw key in keychain
+    keychain.store_secret(f"e2e:{account_id}", raw_key)
+
+    # Register with platform
+    _request("POST", "/personal/e2e-keys", api_url, token, {
+        "key_fingerprint": fp,
+        "recovery_blob": b64encode(blob).decode(),
+        "recovery_salt": salt.hex(),
+        "recovery_params": {"alg": "pbkdf2-sha256", "iterations": 600_000},
+    })
+
+    cfg["e2e_mode"] = True
+    cfg["e2e_fingerprint"] = fp
+    config.save(cfg)
+
+    # Passphrase warning box
+    W = "\033[1;97m"
+    Y = "\033[93m"
+    D = "\033[90m"
+    R = _RESET
+    print(f"\n  ┌──────────────────────────────────────────────────┐")
+    print(f"  │  {W}RECOVERY PASSPHRASE — REMEMBER THIS{R}             │")
+    print(f"  │                                                  │")
+    print(f"  │  {D}Your key is stored in the OS keychain.{R}          │")
+    print(f"  │  {D}If you lose keychain access, recover with:{R}      │")
+    print(f"  │  {Y}  mp e2e recover{R}                                │")
+    print(f"  │                                                  │")
+    print(f"  │  {D}Without the passphrase, encrypted sessions{R}      │")
+    print(f"  │  {D}cannot be recovered.{R}                            │")
+    print(f"  └──────────────────────────────────────────────────┘\n")
+    print("E2E mode ON. Content will be encrypted with your personal key.")
+    print("Run `methodproof start --e2e` to begin an encrypted session.\n")
+
+
+def _cmd_on(cfg: dict) -> None:
+    """Enable E2E mode."""
+    if cfg.get("e2e_fingerprint"):
+        cfg["e2e_mode"] = True
+        config.save(cfg)
+        print("E2E mode ON.")
+    else:
+        _setup_key(cfg)
+
+
+def _cmd_off(cfg: dict) -> None:
+    """Disable E2E mode."""
+    cfg["e2e_mode"] = False
+    config.save(cfg)
+    print("E2E mode OFF. Sessions will use standard encryption.")
+
+
+def _cmd_status(cfg: dict) -> None:
+    """Show E2E mode status."""
+    enabled = cfg.get("e2e_mode", False)
+    fp = cfg.get("e2e_fingerprint", "")
+    if enabled:
+        print(f"E2E mode: ON (fingerprint: {fp})")
+    else:
+        print("E2E mode: OFF")
+        if fp:
+            print(f"  Key registered (fingerprint: {fp}) but mode is disabled.")
+            print("  Enable with: methodproof e2e on")
+            return
+        print("  No key registered. Enable with: methodproof e2e on")
+        return
+
+    # Check keychain
+    account_id = cfg.get("account_id", "")
+    if account_id:
+        from methodproof.keychain import has_secret
+        if has_secret(f"e2e:{account_id}"):
+            print("  Key: present in OS keychain")
+        else:
+            print("  Key: NOT in keychain (run `mp e2e recover` to restore)")
+
+
+def _cmd_recover(cfg: dict) -> None:
+    """Recover E2E key from platform-stored recovery blob."""
+    from methodproof import keychain
+    from methodproof.crypto import fingerprint
+    from methodproof.sync import _request
+
+    token = cfg.get("token", "")
+    api_url = cfg.get("api_url", "")
+    account_id = cfg.get("account_id", "")
+    if not token:
+        print("Recovery requires login. Run `methodproof login` first.")
+        sys.exit(1)
+
+    # List keys to find the active fingerprint, then fetch recovery data
+    keys = _request("GET", "/personal/e2e-keys", api_url, token)
+    if not isinstance(keys, list) or not keys:
+        print("No E2E keys registered on your account.")
+        return
+
+    active = [k for k in keys if not k.get("revoked_at")]
+    if not active:
+        print("No active E2E keys found.")
+        return
+
+    fp = active[0]["fingerprint"]
+    recovery = _request("GET", f"/personal/e2e-keys/{fp}/recovery", api_url, token)
+    blob_b64 = recovery["recovery_blob"]
+    salt_hex = recovery["recovery_salt"]
+    params = recovery.get("recovery_params", {})
+    iterations = params.get("iterations", 600_000)
+
+    print(f"Recovering key (fingerprint: {fp})\n")
+    passphrase = getpass.getpass("Recovery passphrase: ")
+
+    try:
+        raw_key = _unwrap_key(blob_b64, salt_hex, passphrase, iterations)
+    except Exception:
+        print("Decryption failed. Wrong passphrase or corrupted recovery data.")
+        sys.exit(1)
+
+    if fingerprint(raw_key) != fp:
+        print("Key fingerprint mismatch. Recovery data may be corrupted.")
+        sys.exit(1)
+
+    keychain.store_secret(f"e2e:{account_id}", raw_key)
+    cfg["e2e_fingerprint"] = fp
+    config.save(cfg)
+    print(f"Key recovered and stored in OS keychain (fingerprint: {fp}).")
+
+
+def _cmd_release(cfg: dict, session_id: str) -> None:
+    """Release a session from E2E encryption."""
+    from methodproof import keychain
+    from methodproof.crypto import decrypt_field, SENSITIVE_FIELDS
+    from methodproof.sync import _request
+
+    token = cfg.get("token", "")
+    api_url = cfg.get("api_url", "")
+    account_id = cfg.get("account_id", "")
+    if not token:
+        print("Release requires login. Run `methodproof login` first.")
+        sys.exit(1)
+
+    e2e_key = keychain.load_secret(f"e2e:{account_id}")
+    if not e2e_key:
+        print("E2E key not found in keychain. Run `mp e2e recover` first.")
+        sys.exit(1)
+
+    events = store.get_events(session_id)
+    if not events:
+        print(f"No events found for session {session_id}.")
+        sys.exit(1)
+
+    decrypted_events = []
+    for ev in events:
+        meta = json.loads(ev.get("metadata", "{}"))
+        has_encrypted = False
+        for field in SENSITIVE_FIELDS:
+            val = meta.get(field, "")
+            if isinstance(val, str) and val.startswith("e2e:v1:"):
+                meta[field] = decrypt_field(val, e2e_key)
+                has_encrypted = True
+        if has_encrypted:
+            decrypted_events.append({"event_id": ev["id"], "metadata": meta})
+
+    if not decrypted_events:
+        print("No encrypted fields found in this session.")
+        return
+
+    # Resolve remote_id
+    sessions = store.list_sessions()
+    remote_id = None
+    for s in sessions:
+        if s["id"] == session_id or (s.get("remote_id") and s["id"].startswith(session_id)):
+            remote_id = s.get("remote_id")
+            session_id = s["id"]
+            break
+
+    if not remote_id:
+        print("Session not synced to platform. Push first with `mp push`.")
+        sys.exit(1)
+
+    _request("POST", f"/personal/sessions/{remote_id}/release-e2e", api_url, token,
+             {"events": decrypted_events})
+    print(f"Session released ({len(decrypted_events)} events decrypted).")
+    print("Narration will be generated shortly.")
+
+
+def cmd_e2e(args: argparse.Namespace) -> None:
+    """E2E encryption mode — personal key management."""
+    subcmd = getattr(args, "e2e_cmd", None)
+    cfg = config.load()
+
+    if subcmd == "on":
+        _cmd_on(cfg)
+    elif subcmd == "off":
+        _cmd_off(cfg)
+    elif subcmd == "status":
+        _cmd_status(cfg)
+    elif subcmd == "recover":
+        _cmd_recover(cfg)
+    elif subcmd == "release":
+        session_id = getattr(args, "session_id", "")
+        if not session_id:
+            print("Usage: methodproof e2e release <session-id>")
+            sys.exit(1)
+        _cmd_release(cfg, session_id)
+    else:
+        print("Usage: methodproof e2e [on|off|status|recover|release <session-id>]")

{methodproof-0.7.0 → methodproof-0.7.2}/methodproof/proxy_daemon.py

@@ -44,12 +44,27 @@ def _post_event(event_type: str, metadata: dict) -> None:
         sys.stderr.write(f"proxy.bridge_post_failed type={event_type} error={exc}\n")
 
 
+_BUILTIN_LOCAL_PORTS = {"11434", "18789", "1234"}  # Ollama, Claude Desktop, Jan
+
+
+def _load_local_ports() -> set[str]:
+    """Load user-configured local AI ports from config."""
+    try:
+        from methodproof import config
+        cfg = config.load()
+        return _BUILTIN_LOCAL_PORTS | {str(p) for p in cfg.get("local_ai_ports", [])}
+    except Exception:
+        return _BUILTIN_LOCAL_PORTS
+
+
 def _is_ai_domain(domain: str) -> bool:
     for ai in AI_DOMAINS:
         if domain == ai or domain.endswith(f".{ai}"):
             return True
-    if "localhost" in domain and any(p in domain for p in [":11434", ":18789", ":1234"]):
-        return True
+    if "localhost" in domain or "127.0.0.1" in domain:
+        ports = _load_local_ports()
+        if any(f":{p}" in domain for p in ports):
+            return True
     if "bedrock-runtime" in domain and "amazonaws.com" in domain:
         return True
     if "openai.azure.com" in domain:

{methodproof-0.7.0 → methodproof-0.7.2}/methodproof/store.py

@@ -44,7 +44,7 @@ CREATE TABLE IF NOT EXISTS resources (
     UNIQUE(type, identifier)
 );
 CREATE TABLE IF NOT EXISTS artifacts (
-    id TEXT PRIMARY KEY, path TEXT NOT NULL, type TEXT DEFAULT 'file',
+    id TEXT PRIMARY KEY, path TEXT NOT NULL UNIQUE, type TEXT DEFAULT 'file',
     size_bytes INTEGER DEFAULT 0
 );
 CREATE TABLE IF NOT EXISTS action_resources (
@@ -65,7 +65,7 @@ _conn: sqlite3.Connection | None = None
 def _db() -> sqlite3.Connection:
     global _conn
     if _conn is None:
-        _conn = sqlite3.connect(str(config.DB_PATH), check_same_thread=False)
+        _conn = sqlite3.connect(str(config.DB_PATH), check_same_thread=False, timeout=10)
         _conn.execute("PRAGMA journal_mode=WAL")
         _conn.row_factory = sqlite3.Row
     return _conn
@@ -107,6 +107,12 @@ def _migrate() -> None:
         "CREATE TABLE IF NOT EXISTS event_hashes "
         "(event_id TEXT PRIMARY KEY REFERENCES events(id), hash TEXT NOT NULL)"
     )
+    # Deduplicate artifacts and add UNIQUE index on path (fixes cartesian join bug)
+    indexes = {r[1] for r in db.execute("PRAGMA index_list(artifacts)").fetchall()}
+    if "idx_artifacts_path" not in indexes:
+        db.execute("DELETE FROM action_artifacts")
+        db.execute("DELETE FROM artifacts WHERE rowid NOT IN (SELECT MIN(rowid) FROM artifacts GROUP BY path)")
+        db.execute("CREATE UNIQUE INDEX IF NOT EXISTS idx_artifacts_path ON artifacts(path)")
     db.commit()
 
 

{methodproof-0.7.0 → methodproof-0.7.2}/methodproof/sync.py

@@ -179,3 +179,30 @@ def push(session_id: str, token: str, api_url: str) -> str:
 def _iso(ts: float) -> str:
     from datetime import datetime, UTC
     return datetime.fromtimestamp(ts, tz=UTC).isoformat()
+
+
+def sync_research_consent(token: str, api_url: str) -> None:
+    """Sync research consent between CLI (cache) and platform (source of truth)."""
+    from methodproof import config
+    from methodproof.agents.base import log
+
+    try:
+        cfg = config.load()
+
+        # Push pending local change first
+        if cfg.get("_pending_research_sync"):
+            _request("PUT", "/research/opt-in", api_url, token, {
+                "opt_in": cfg.get("research_consent", False),
+                "contribution_level": cfg.get("contribution_level") or "structural",
+            })
+            cfg["_pending_research_sync"] = False
+            config.save(cfg)
+
+        # Pull canonical state from platform
+        status = _request("GET", "/research/status", api_url, token)
+        cfg = config.load()
+        cfg["research_consent"] = status.get("opt_in", False)
+        cfg["contribution_level"] = status.get("contribution_level")
+        config.save(cfg)
+    except (SystemExit, Exception) as exc:
+        log("warning", "sync.research_consent_failed", error=str(exc))

{methodproof-0.7.0 → methodproof-0.7.2}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "methodproof"
-version = "0.7.0"
+version = "0.7.2"
 description = "See how you code. Capture and visualize your engineering process."
 requires-python = ">=3.11"
 dependencies = ["watchdog>=4.0", "websocket-client>=1.7", "cryptography>=43.0", "keyring>=25.0"]