Sterister
594992a183
Adds the bridge-connection-lifecycle signal that closes Prism's
~45s revoke window down to one server→client round-trip (~50ms).
Server (`@shade/inbox-server`):
- `inbox.peer_connected` / `inbox.peer_disconnected` events on the
0↔1 boundary across WS + SSE bridges. Long-poll deliberately not
tracked (every poll boundary would flap; push transports are also
the only ones where instant revoke matters).
- `PresenceTracker` collapses two parallel bridges (e.g. WS + SSE
during fallback handover) into one connect/disconnect pair.
- `GET /v1/bridge/presence` SSE endpoint: signed query with
`kind: 'presence'`, `watched: string[]`; on open streams a
per-address snapshot, then change frames filtered server-side.
MAX_WATCHED_ADDRESSES = 64. Subscribing does not itself count as
a peer-bridge connection.
- `createBridgeRoutes` now returns `{ app, websocket, presence }`.
Client (`@shade/transport-bridge`):
- `PresenceBridge.subscribe({ watch, onPresenceChange })` →
`{ addPeer, removePeer, watching, unsubscribe }`. addPeer/removePeer
mutate via reconnect with a fresh signed query.
- `signPresenceQuery` helper for non-PresenceBridge consumers.
Tests cover all four acceptance criteria from the Prism request:
server-event smoke, online→offline subscription, address scoping
(carol invisible to a [alice]-only sub), reconnect, plus an
addPeer/removePeer regression.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@shade/observer
Live observability backend for Shade — exposes a snapshot endpoint, an SSE event stream, and serves the bundled dashboard SPA.
Install
bun add @shade/observer @shade/server @shade/core
Usage
import { createObserver } from '@shade/observer';
import { ShadeEventEmitter, ShadeSessionManager } from '@shade/core';
import { PrekeyServerEvents, createPrekeyServer } from '@shade/server';
// 1. Create event emitters
const clientEvents = new ShadeEventEmitter();
const serverEvents = new PrekeyServerEvents();
// 2. Wire them into your session manager and prekey server
const manager = new ShadeSessionManager(crypto, storage, { events: clientEvents });
const prekeyServer = createPrekeyServer({ crypto, events: serverEvents });
// 3. Create the observer
const observer = createObserver({
token: process.env.SHADE_OBSERVER_TOKEN!,
clientEvents,
serverEvents,
});
// 4. Mount or serve standalone
import { Hono } from 'hono';
const app = new Hono();
app.route('/shade-observer', observer);
Bun.serve({ port: 3900, fetch: app.fetch });
After this, visit http://localhost:3900/shade-observer/dashboard/ and enter your bearer token to see the dashboard.
Endpoints
| Method | Path | Auth | Description |
|---|---|---|---|
| GET | /api/state |
Bearer | Current snapshot (identity, sessions, prekeys, server stats) |
| GET | /api/events |
Bearer (or ?token=) |
SSE stream of live events |
| GET | /dashboard/ |
None | Bundled web UI |
| GET | /health |
None | Liveness check |
Configuration
| Env var | Required | Description |
|---|---|---|
SHADE_OBSERVER_TOKEN |
Yes | Bearer token (min 16 chars). Refuses to start if shorter. |
The token is checked with constant-time comparison.
Security notes
- Event payloads contain NO key material, plaintext, or signatures — only structural facts (counters, addresses, short hashes for display).
- The observer is intended for internal/debugging use. Put it behind a reverse proxy and authenticate access.
- The dashboard stores the bearer token in
localStoragefor convenience. Don't load the dashboard on shared computers.