alezmad/claudemesh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6794aa8512c4b134226ee8f42222087bfb254596
claudemesh/apps/cli/src/daemon/inbound.ts
Alejandro Gutiérrez 6794aa8512
Some checks failed
CI / Lint (push) Has been cancelled
Details
CI / Typecheck (push) Has been cancelled
Details
CI / Broker tests (Postgres) (push) Has been cancelled
Details
CI / Docker build (linux/amd64) (push) Has been cancelled
Details
feat(daemon+mcp): daemon required for in-Claude-Code use; thin MCP shim 
The architectural convergence v0.9.0 was building toward. CLI keeps
working without a daemon (claudemesh send/peer/inbox/...), but the MCP
push-pipe — which Claude Code uses for mid-turn channel emits, slash
commands, and resources — now requires the daemon. There is no fallback.

Daemon (additive):
- /v1/skills (list) and /v1/skills/:name (get) IPC endpoints, so the
  MCP shim can surface mesh skills without holding its own broker WS.
- listSkills() / getSkill() on DaemonBrokerClient.
- SSE 'message' event now carries plaintext body, sender_member_pubkey,
  priority, and subtype — full payload the MCP shim needs to render a
  channel notification.

MCP server: 979 → 469 LoC (470 of the remaining 469 is the unrelated
mesh-service proxy mode; the push-pipe path is ~200 LoC including
boilerplate).
- Probes ~/.claudemesh/daemon/daemon.sock at boot. Bails loudly with
  actionable instructions if missing.
- Subscribes to /v1/events SSE and translates each event into a
  notifications/claude/channel emit.
- Fetches mesh skills from the daemon for ListPrompts/GetPrompt and
  ListResources/ReadResource. ListTools returns []; the CLI is the API.
- No broker WS, no decryption, no reconnect logic. Daemon owns all of it.

claudemesh install: auto-installs and starts the daemon service for the
user's primary mesh (launchd / systemd-user). Pass --no-service to skip.

claudemesh launch: probes the daemon socket; if absent, spawns
'claudemesh daemon up --mesh <slug>' detached and waits up to 10s for
the socket. Surfaces a clear warning on timeout but doesn't block —
Claude Code's MCP shim will print the same error if the daemon really
isn't there.

Bundle: dist/entrypoints/mcp.js drops from 154KB → 104KB (gzipped 34KB
→ 19KB). Test: MCP boots cleanly via stdio, declares correct
capabilities, talks JSON-RPC; daemon /v1/skills returns the empty list
as expected on a mesh with no skills.

Released as 1.24.0 on npm.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-03 23:43:02 +01:00

135 lines
4.9 KiB
TypeScript
Raw Blame History

// Decode incoming broker pushes and dedupe-insert them into the daemon
// inbox. Publishes a `message` event to the daemon's event bus on every
// new row (idempotent receives suppress the event).
import { randomUUID } from "node:crypto";
import type { SqliteDb } from "./db/sqlite.js";
import { insertIfNew } from "./db/inbox.js";
import type { EventBus } from "./events.js";
import { decryptDirect } from "~/services/crypto/facade.js";
export interface InboundContext {
db: SqliteDb;
bus: EventBus;
meshSlug: string;
/** Daemon's mesh secret key hex, used to decrypt sealed DMs. */
recipientSecretKeyHex?: string;
/** Daemon's session secret key hex (rotates per connect). When the
* sender encrypted to our session pubkey, decrypt with this instead. */
sessionSecretKeyHex?: string;
log?: (level: "info" | "warn" | "error", msg: string, meta?: Record<string, unknown>) => void;
}
/**
* Spec §4.5: dedupe by `client_message_id` (broker echoes it from the
* sender's daemon). When the broker doesn't yet propagate the field
* (Sprint 7 prereq), fall back to the broker's `messageId` as the
* dedupe key — at-least-once still holds; we just lose the
* sender-attested form.
*/
export async function handleBrokerPush(msg: Record<string, unknown>, ctx: InboundContext): Promise<void> {
// System/topology pushes (peer_join, tick, …) — emit verbatim.
if (msg.subtype === "system" && typeof msg.event === "string") {
ctx.bus.publish(mapSystemEventKind(msg.event), {
mesh: ctx.meshSlug,
event: msg.event,
...(msg.eventData as Record<string, unknown> | undefined ?? {}),
});
return;
}
if (msg.type !== "push") return;
const brokerMessageId = stringOrNull(msg.messageId);
const senderPubkey = stringOrNull(msg.senderPubkey) ?? "";
const senderName = stringOrNull(msg.senderName) ?? senderPubkey.slice(0, 8);
const senderMemberPk = stringOrNull(msg.senderMemberPubkey);
const topic = stringOrNull(msg.topic);
const replyToId = stringOrNull(msg.replyToId);
const ciphertext = stringOrNull(msg.ciphertext) ?? "";
const nonce = stringOrNull(msg.nonce) ?? "";
const createdAt = stringOrNull(msg.createdAt);
const priority = stringOrNull(msg.priority) ?? "next";
const subtype = stringOrNull(msg.subtype);
// Forward-compat: Sprint 7 brokers will send client_message_id alongside.
const clientMessageId = stringOrNull(msg.client_message_id) ?? brokerMessageId ?? randomUUID();
const body = await decryptOrFallback({
ciphertext, nonce, senderPubkey, ctx,
});
const id = randomUUID();
const inserted = insertIfNew(ctx.db, {
id,
client_message_id: clientMessageId,
broker_message_id: brokerMessageId,
mesh: ctx.meshSlug,
topic,
sender_pubkey: senderPubkey,
sender_name: senderName,
body,
meta: createdAt ? JSON.stringify({ created_at: createdAt }) : null,
received_at: Date.now(),
reply_to_id: replyToId,
});
if (!inserted) return; // already had this id; no event
ctx.bus.publish("message", {
id,
mesh: ctx.meshSlug,
client_message_id: clientMessageId,
broker_message_id: brokerMessageId,
sender_pubkey: senderPubkey,
sender_member_pubkey: senderMemberPk,
sender_name: senderName,
topic,
reply_to_id: replyToId,
priority,
...(subtype ? { subtype } : {}),
body,
created_at: createdAt,
});
}
async function decryptOrFallback(args: {
ciphertext: string;
nonce: string;
senderPubkey: string;
ctx: InboundContext;
}): Promise<string | null> {
const { ciphertext, nonce, senderPubkey, ctx } = args;
if (!ciphertext) return null;
// Try DM decrypt first (sender used crypto_box against our session/member key).
if (nonce && senderPubkey) {
const envelope = { nonce, ciphertext };
// Try session key (sender encrypted to our session pubkey, the common case).
if (ctx.sessionSecretKeyHex) {
const pt = await decryptDirect(envelope, senderPubkey, ctx.sessionSecretKeyHex);
if (pt !== null) return pt;
}
// Fall back to member key (sender encrypted to our stable mesh pubkey).
if (ctx.recipientSecretKeyHex) {
const pt = await decryptDirect(envelope, senderPubkey, ctx.recipientSecretKeyHex);
if (pt !== null) return pt;
}
}
// Fallback: broadcast/topic posts are base64 plaintext (existing CLI
// pre-encryption convention for `*` and `@topic`). Sprint 7+ adds per-
// topic symmetric keys.
try { return Buffer.from(ciphertext, "base64").toString("utf8"); }
catch (e) { ctx.log?.("warn", "inbound_b64_decode_failed", { err: String(e) }); return null; }
}
function stringOrNull(v: unknown): string | null {
return typeof v === "string" && v.length > 0 ? v : null;
}
function mapSystemEventKind(event: string): "peer_join" | "peer_leave" | "system" {
if (event === "peer_joined") return "peer_join";
if (event === "peer_left") return "peer_leave";
return "system";
}
Reference in New Issue View Git Blame Copy Permalink