feat(cli): invite-link parsing + join flow + keypair generation

End-to-end join: user runs `claudemesh join ic://join/<base64>` and
walks away with a signed member record + persistent keypair.

new modules:
- src/crypto/keypair.ts: libsodium ed25519 keypair generation. Format
  is crypto_sign_keypair raw bytes, hex-encoded (32-byte pub, 64-byte
  secret = seed || pub). Same format libsodium will need in Step 18
  for sign/verify.
- src/invite/parse.ts: ic://join/<base64url(JSON)> parser with Zod
  shape validation + expiry check. encodeInviteLink helper for tests.
- src/invite/enroll.ts: POST /join to broker, converts ws:// to http://
  transparently.

rewritten join command wires them together:
  1. parse invite → 2. generate keypair → 3. POST /join → 4. persist
  config → 5. print success.

state/config.ts: saveConfig now chmods the file to 0600 after write,
since it holds ed25519 secret keys. No-op on Windows.

signature verification (step 18) + invite-token one-time-use tracking
are deferred. For now the invite link is a plain bearer token; any
client with the link can join.

verified end-to-end via apps/cli/scripts/join-roundtrip.ts:
  build invite → run join subprocess → load new config → connect as
  new member → send A→B → receive push. Flow passes.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

apps/cli/scripts/join-roundtrip.ts

@@ -0,0 +1,115 @@
+#!/usr/bin/env bun
+/**
+ * Full join → connect → send round-trip.
+ *
+ * Uses a mesh already seeded in the DB (reads /tmp/cli-seed.json).
+ * Creates a fresh invite link, runs the join command, connects with
+ * the newly-generated member identity, sends a message to peer B,
+ * asserts receipt.
+ */
+
+// Run this script with CLAUDEMESH_CONFIG_DIR=/tmp/... set in env —
+// ESM imports hoist above statements, so we can't set process.env
+// after the `import { env }` side effect has already run.
+import { readFileSync } from "node:fs";
+import { execSync } from "node:child_process";
+import { BrokerClient } from "../src/ws/client";
+import type { JoinedMesh } from "../src/state/config";
+import { loadConfig, getConfigPath } from "../src/state/config";
+
+if (!process.env.CLAUDEMESH_CONFIG_DIR) {
+  console.error(
+    "Run with: CLAUDEMESH_CONFIG_DIR=/tmp/claudemesh-join-test-rt bun scripts/join-roundtrip.ts",
+  );
+  process.exit(1);
+}
+execSync(`rm -rf "${process.env.CLAUDEMESH_CONFIG_DIR}"`, {
+  stdio: "ignore",
+});
+
+const seed = JSON.parse(readFileSync("/tmp/cli-seed.json", "utf-8")) as {
+  meshId: string;
+  peerB: { memberId: string; pubkey: string };
+};
+
+async function main(): Promise<void> {
+  // 1. Build invite.
+  const link = execSync("bun scripts/make-invite.ts").toString().trim();
+  console.log("[rt] invite:", link.slice(0, 60) + "…");
+
+  // 2. Run `claudemesh join` with the same CONFIG_DIR.
+  const joinOut = execSync(`bun src/index.ts join "${link}"`, {
+    env: {
+      ...process.env,
+      CLAUDEMESH_CONFIG_DIR: "/tmp/claudemesh-join-test-rt",
+    },
+  }).toString();
+  console.log("[rt] join output (tail):");
+  console.log(
+    joinOut
+      .split("\n")
+      .slice(-7)
+      .map((l) => "    " + l)
+      .join("\n"),
+  );
+
+  // 3. Load the fresh config and connect as the new peer.
+  console.log(`[rt] loading config from: ${getConfigPath()}`);
+  const config = loadConfig();
+  console.log(`[rt] loaded ${config.meshes.length} mesh(es)`);
+  const joined = config.meshes.find((m) => m.slug === "rt-join");
+  if (!joined) throw new Error("rt-join mesh not found in config");
+  const joinedMesh: JoinedMesh = joined;
+  console.log(
+    `[rt] joined member_id=${joinedMesh.memberId} pubkey=${joinedMesh.pubkey.slice(0, 16)}…`,
+  );
+
+  // 4. Connect also as peer-B (the target) so we can observe receipt.
+  const targetMesh: JoinedMesh = {
+    ...joinedMesh,
+    memberId: seed.peerB.memberId,
+    slug: "rt-join-b",
+    pubkey: seed.peerB.pubkey,
+  };
+  const joiner = new BrokerClient(joinedMesh);
+  const target = new BrokerClient(targetMesh);
+
+  let received = "";
+  target.onPush((m) => {
+    received = Buffer.from(m.ciphertext, "base64").toString("utf-8");
+    console.log(`[rt] target got: "${received}"`);
+  });
+
+  await Promise.all([joiner.connect(), target.connect()]);
+  console.log(`[rt] joiner=${joiner.status} target=${target.status}`);
+
+  const res = await joiner.send(
+    seed.peerB.pubkey,
+    "sent-by-newly-joined-peer",
+    "now",
+  );
+  console.log("[rt] send result:", res);
+
+  for (let i = 0; i < 30 && !received; i++) {
+    await new Promise((r) => setTimeout(r, 100));
+  }
+
+  joiner.close();
+  target.close();
+
+  if (!res.ok) {
+    console.error("✗ FAIL: send did not ack");
+    process.exit(1);
+  }
+  if (received !== "sent-by-newly-joined-peer") {
+    console.error(`✗ FAIL: receive mismatch: "${received}"`);
+    process.exit(1);
+  }
+  console.log("✓ join → connect → send → receive FLOW PASSED");
+  process.exit(0);
+}
+
+main().catch((e) => {
+  console.error("✗ FAIL:", e instanceof Error ? e.message : e);
+  process.exit(1);
+});

apps/cli/scripts/make-invite.ts

@@ -0,0 +1,24 @@
+#!/usr/bin/env bun
+/**
+ * Build a test invite link from a seeded mesh (reads /tmp/cli-seed.json).
+ * Writes the link to stdout.
+ */
+
+import { readFileSync } from "node:fs";
+import { encodeInviteLink } from "../src/invite/parse";
+
+const seed = JSON.parse(readFileSync("/tmp/cli-seed.json", "utf-8")) as {
+  meshId: string;
+};
+
+const link = encodeInviteLink({
+  v: 1,
+  mesh_id: seed.meshId,
+  mesh_slug: "rt-join",
+  broker_url: process.env.BROKER_WS_URL ?? "ws://localhost:7900/ws",
+  expires_at: Math.floor(Date.now() / 1000) + 3600,
+  mesh_root_key: "Y2xhdWRlbWVzaC10ZXN0LW1lc2gta2V5LWRldm9ubHk",
+  role: "member",
+});
+
+console.log(link);