claudemesh

alezmad/claudemesh

Fork 0

Commit Graph

Author	SHA1	Message	Date
Alejandro Gutiérrez	f119226b98	fix(cli): host fingerprint v2 — survive Mac restarts (1.34.17) Some checks are pending CI / Lint (push) Waiting to run Details CI / Typecheck (push) Waiting to run Details CI / Broker tests (Postgres) (push) Waiting to run Details CI / Docker build (linux/amd64) (push) Waiting to run Details v1's sha256(host_id \|\| mac) used the lex-first non-virtual interface's MAC — usually en0 on Wi-Fi Macs, whose MAC Apple's privacy feature re-randomizes across reboots. After a restart the recomputed hash no longer matched the stored one and the daemon entered a launchd respawn loop until manual `claudemesh daemon accept-host`. v2 reads IOPlatformUUID via ioreg on macOS (burned into EFI, stable), rejects locally-administered MACs in the picker, extends the ignored- interface list with anpi/bridge/ap[N], and prepends "v2\0" to the hash so v1 and v2 hashes can never collide on the same inputs. Migration is silent: a stored v1 fingerprint that still matches under the v1 algorithm is transparently rewritten as v2 with no error; v1 stores that fail v1 are reported as genuine mismatches as before; unknown future schema_versions return `unavailable` without overwriting. Drive-by fixes for two pre-existing test-infra papercuts found while validating: turbo's `test` task now depends on `build`, and a new vitest globalSetup rebuilds the CLI on demand with ~/.bun/bin and Homebrew layered into PATH — golden tests (whoami, --version) no longer fail opaquely after a clean checkout. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-20 00:13:40 +01:00
Alejandro Gutiérrez	abaa4bcf87	feat(cli): claudemesh daemon — peer mesh runtime (v0.9.0) Long-lived process that holds a persistent WS to the broker and exposes a local IPC surface (UDS + bearer-auth TCP loopback). Implements the v0.9.0 spec under .artifacts/specs/. Core: - daemon up \| status \| version \| down \| accept-host - daemon outbox list [--failed\|--pending\|--inflight\|--done\|--aborted] - daemon outbox requeue <id> [--new-client-id <id>] - daemon install-service / uninstall-service (macOS launchd, Linux systemd) IPC routes: - /v1/version, /v1/health - /v1/send (POST) — full §4.5.1 idempotency lookup table - /v1/inbox (GET) — paged history - /v1/events — SSE stream of message/peer_join/peer_leave/broker_status - /v1/peers — broker passthrough - /v1/profile — summary/status/visible/avatar/title/bio/capabilities - /v1/outbox + /v1/outbox/requeue — operator recovery Storage (SQLite via node:sqlite / bun:sqlite): - outbox.db: pending/inflight/done/dead/aborted with audit columns - inbox.db: dedupe by client_message_id, decrypts DMs via existing crypto - BEGIN IMMEDIATE serialization for daemon-local accept races Identity: - host_fingerprint.json (machine-id \|\| first-stable-mac) - refuse-on-mismatch policy with `daemon accept-host` recovery CLI integration: - claudemesh send detects the daemon and routes through /v1/send when present, falling back to bridge socket / cold path otherwise Tests: 15-case coverage of the §4.5.1 IPC duplicate lookup table. Spec arc preserved at .artifacts/specs/2026-05-03-daemon-{v1..v10}.md; v0.9.0 implementation target locked at 2026-05-03-daemon-spec-v0.9.0.md; deferred items at 2026-05-03-daemon-spec-broker-hardening-followups.md. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-03 20:03:05 +01:00

Author

SHA1

Message

Date

Alejandro Gutiérrez

f119226b98

fix(cli): host fingerprint v2 — survive Mac restarts (1.34.17)

CI / Lint (push) Waiting to run

Details

CI / Typecheck (push) Waiting to run

Details

CI / Broker tests (Postgres) (push) Waiting to run

Details

CI / Docker build (linux/amd64) (push) Waiting to run

Details

v1's sha256(host_id || mac) used the lex-first non-virtual interface's
MAC — usually en0 on Wi-Fi Macs, whose MAC Apple's privacy feature
re-randomizes across reboots. After a restart the recomputed hash no
longer matched the stored one and the daemon entered a launchd
respawn loop until manual `claudemesh daemon accept-host`.

v2 reads IOPlatformUUID via ioreg on macOS (burned into EFI, stable),
rejects locally-administered MACs in the picker, extends the ignored-
interface list with anpi/bridge/ap[N], and prepends "v2\0" to the
hash so v1 and v2 hashes can never collide on the same inputs.

Migration is silent: a stored v1 fingerprint that still matches under
the v1 algorithm is transparently rewritten as v2 with no error; v1
stores that fail v1 are reported as genuine mismatches as before;
unknown future schema_versions return `unavailable` without
overwriting.

Drive-by fixes for two pre-existing test-infra papercuts found while
validating: turbo's `test` task now depends on `build`, and a new
vitest globalSetup rebuilds the CLI on demand with ~/.bun/bin and
Homebrew layered into PATH — golden tests (whoami, --version) no
longer fail opaquely after a clean checkout.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-20 00:13:40 +01:00

Alejandro Gutiérrez

abaa4bcf87

feat(cli): claudemesh daemon — peer mesh runtime (v0.9.0)

Long-lived process that holds a persistent WS to the broker and exposes
a local IPC surface (UDS + bearer-auth TCP loopback). Implements the
v0.9.0 spec under .artifacts/specs/.

Core:
- daemon up | status | version | down | accept-host
- daemon outbox list [--failed|--pending|--inflight|--done|--aborted]
- daemon outbox requeue <id> [--new-client-id <id>]
- daemon install-service / uninstall-service (macOS launchd, Linux systemd)

IPC routes:
- /v1/version, /v1/health
- /v1/send  (POST)  — full §4.5.1 idempotency lookup table
- /v1/inbox (GET)   — paged history
- /v1/events        — SSE stream of message/peer_join/peer_leave/broker_status
- /v1/peers         — broker passthrough
- /v1/profile       — summary/status/visible/avatar/title/bio/capabilities
- /v1/outbox + /v1/outbox/requeue — operator recovery

Storage (SQLite via node:sqlite / bun:sqlite):
- outbox.db: pending/inflight/done/dead/aborted with audit columns
- inbox.db: dedupe by client_message_id, decrypts DMs via existing crypto
- BEGIN IMMEDIATE serialization for daemon-local accept races

Identity:
- host_fingerprint.json (machine-id || first-stable-mac)
- refuse-on-mismatch policy with `daemon accept-host` recovery

CLI integration:
- claudemesh send detects the daemon and routes through /v1/send when
  present, falling back to bridge socket / cold path otherwise

Tests: 15-case coverage of the §4.5.1 IPC duplicate lookup table.

Spec arc preserved at .artifacts/specs/2026-05-03-daemon-{v1..v10}.md;
v0.9.0 implementation target locked at 2026-05-03-daemon-spec-v0.9.0.md;
deferred items at 2026-05-03-daemon-spec-broker-hardening-followups.md.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-03 20:03:05 +01:00

2 Commits