Closed
Conversation
Contributor
grypez
commented
Feb 18, 2026
grypez
commented
…tils Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…patch The system console vat manages a REPL loop over an IO channel, dispatching CLI commands (help, status, launch, terminate, subclusters, listRefs, revoke) and managing refs in persistent baggage. Refs use a monotonic counter (d-1, d-2, ...) since crypto.randomUUID() is unavailable under SES lockdown. Cross-vat errors are serialized via JSON.stringify fallback for reliable error reporting. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add startDaemon() which boots a kernel with a system console vat listening on a UNIX domain socket IO channel. The kernel process IS the daemon — no separate HTTP server. Includes socket channel fix to block reads when no client is connected, flush-daemon utility, and e2e tests for the full daemon stack protocol. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add the 'ok' CLI that communicates with the kernel daemon over a UNIX domain socket using newline-delimited JSON. Uses yargs for command definitions with --help support on all commands. Supports three input modes: file arg (ok file.ocap method), stdin redirect (ok launch < config.json), and pipe (cat config.json | ok launch). Relative bundleSpec paths in launch configs are resolved to file:// URLs against CWD. Ref results are output as .ocap files when stdout is not a TTY. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implement a two-tier access model: unauthenticated daemon-tier commands (help, status) and privileged ref-based dispatch via .ocap capability files. Self-ref dispatch bypasses kernel round-trip for the console root object. Fix kref leaks, improve socket channel reliability with stale connection detection and client-side retry.
github-merge-queue bot
pushed a commit
that referenced
this pull request
Feb 20, 2026
Adds a long-running daemon process to the OCAP kernel, managed via new `ocap daemon` CLI subcommands. The daemon spawns as a detached child process, exposes the kernel's RPC service over a Unix domain socket (`~/.ocap/daemon.sock`), and auto-starts on first `exec` invocation. The kernel database is persisted at `~/.ocap/kernel.sqlite`. Supersedes #842, and defers the introduction of its notion of a "console vat" and repl / IO functionality to a later date. ### New CLI commands - `ocap daemon start` — start the daemon (or confirm it is already running) - `ocap daemon stop` — gracefully shut down the daemon - `ocap daemon purge --force` — stop the daemon and delete all persisted state - `ocap daemon exec [method] [params-json]` — send a JSON-RPC call to the daemon (defaults to `getStatus`) ### Kernel changes - `makeKernel()` now returns `{ kernel, kernelDatabase }` and accepts optional `systemSubclusters` - `ifDefined` utility moved from `kernel-agents` to `kernel-utils` - `startRelay` moved from `cli` to `kernel-utils/libp2p` ### New modules - `@ocap/nodejs/daemon` — daemon orchestration (`startDaemon`, `deleteDaemonState`, `startRpcSocketServer`, socket line protocol) - `@ocap/cli/commands/daemon*` — CLI-side daemon client, spawner, and command handlers <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **High Risk** > Adds a new local RPC control plane (daemon + socket server) and changes kernel construction/IO-channel semantics, which can impact process lifecycle, persistence, and local security posture (e.g., arbitrary SQL via `executeDBQuery`). > > **Overview** > Adds a detached, long-running OCAP daemon that hosts kernel JSON-RPC over a Unix domain socket and persists state under `~/.ocap`, with new `ocap daemon start|stop|purge|exec` commands (including auto-spawn on `exec`) and prototype safeguards/behavior documented. > > Introduces `@ocap/nodejs/daemon` (RPC socket server, line protocol helpers, daemon start/stop + state deletion) and updates `makeKernel` to return `{ kernel, kernelDatabase }` (plus optional `systemSubclusters`) to support the daemon lifecycle. > > Refactors shared utilities by moving `startRelay` to `@metamask/kernel-utils/libp2p` (and shifting libp2p deps accordingly) and moving `ifDefined` into `@metamask/kernel-utils`; updates tests/scripts and fixes `makeSocketIOChannel` reads to block until a client connects (instead of returning `null`). > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit c0adc26. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: grypez <143971198+grypez@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Member
|
Superseded by #843. Exactly how we hook up the CLI to IO vats is tbd. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.