feat: v0.1.10 — per-session ephemeral keypairs

Each WS connection generates its own ed25519 keypair (sessionPubkey)
sent in the hello handshake. The broker stores it on the presence
row and uses it for message routing + list_peers. This gives every
`claudemesh launch` a unique crypto identity without burning invite
uses — member auth stays permanent, session identity is ephemeral.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

apps/broker/src/broker.ts

@@ -307,6 +307,7 @@ export async function refreshStatusFromJsonl(
 export interface ConnectParams {
   memberId: string;
   sessionId: string;
+  sessionPubkey?: string;
   displayName?: string;
   pid: number;
   cwd: string;
@@ -322,6 +323,7 @@ export async function connectPresence(
     .values({
       memberId: params.memberId,
       sessionId: params.sessionId,
+      sessionPubkey: params.sessionPubkey ?? null,
       displayName: params.displayName ?? null,
       pid: params.pid,
       cwd: params.cwd,
@@ -371,7 +373,8 @@ export async function listPeersInMesh(
 > {
   const rows = await db
     .select({
-      pubkey: memberTable.peerPubkey,
+      memberPubkey: memberTable.peerPubkey,
+      sessionPubkey: presence.sessionPubkey,
       memberDisplayName: memberTable.displayName,
       presenceDisplayName: presence.displayName,
       status: presence.status,
@@ -388,9 +391,9 @@ export async function listPeersInMesh(
       ),
     )
     .orderBy(asc(presence.connectedAt));
-  // Prefer per-session displayName over member-level displayName.
+  // Prefer session pubkey for routing, session displayName for display.
   return rows.map((r) => ({
-    pubkey: r.pubkey,
+    pubkey: r.sessionPubkey || r.memberPubkey,
     displayName: r.presenceDisplayName || r.memberDisplayName,
     status: r.status,
     summary: r.summary,
@@ -469,6 +472,7 @@ export async function drainForMember(
   _memberId: string,
   memberPubkey: string,
   status: PeerStatus,
+  sessionPubkey?: string,
 ): Promise<
   Array<{
     id: string;
@@ -509,7 +513,7 @@ export async function drainForMember(
         WHERE mesh_id = ${meshId}
           AND delivered_at IS NULL
           AND priority::text IN (${priorityList})
-          AND (target_spec = ${memberPubkey} OR target_spec = '*')
+          AND (target_spec = ${memberPubkey} OR target_spec = '*'${sessionPubkey ? sql` OR target_spec = ${sessionPubkey}` : sql``})
         ORDER BY created_at ASC, id ASC
         FOR UPDATE SKIP LOCKED
       )

apps/broker/src/index.ts

@@ -56,6 +56,7 @@ interface PeerConn {
   meshId: string;
   memberId: string;
   memberPubkey: string;
+  sessionPubkey: string | null;
   cwd: string;
 }
 
@@ -93,6 +94,7 @@ async function maybePushQueuedMessages(presenceId: string): Promise<void> {
     conn.memberId,
     conn.memberPubkey,
     status,
+    conn.sessionPubkey ?? undefined,
   );
   for (const m of messages) {
     const push: WSPushMessage = {
@@ -400,6 +402,7 @@ async function handleHello(
   const presenceId = await connectPresence({
     memberId: member.id,
     sessionId: hello.sessionId,
+    sessionPubkey: hello.sessionPubkey,
     displayName: hello.displayName,
     pid: hello.pid,
     cwd: hello.cwd,
@@ -409,6 +412,7 @@ async function handleHello(
     meshId: hello.meshId,
     memberId: member.id,
     memberPubkey: hello.pubkey,
+    sessionPubkey: hello.sessionPubkey ?? null,
     cwd: hello.cwd,
   });
   incMeshCount(hello.meshId);
@@ -450,7 +454,9 @@ async function handleSend(
   // Fan-out over connected peers in the same mesh.
   for (const [pid, peer] of connections) {
     if (peer.meshId !== conn.meshId) continue;
-    if (msg.targetSpec !== "*" && peer.memberPubkey !== msg.targetSpec)
+    if (msg.targetSpec !== "*"
+        && peer.memberPubkey !== msg.targetSpec
+        && peer.sessionPubkey !== msg.targetSpec)
       continue;
     void maybePushQueuedMessages(pid);
   }

apps/broker/src/types.ts

@@ -52,6 +52,7 @@ export interface WSHelloMessage {
   meshId: string;
   memberId: string;
   pubkey: string; // must match mesh.member.peerPubkey
+  sessionPubkey?: string; // ephemeral per-launch pubkey for message routing
   displayName?: string; // optional override for this session
   sessionId: string;
   pid: number;