9.9 KiB
Current Status Card
Date: 2026-07-10
Branch: main
Loop base: e993ce1 docs: trim safety constraints from mcp roadmap
Remote base before local roadmap commits: b2d839e Merge branch 'codex/n15-report-hardening'
Business direction
项目核心不是继续做 UIA selector/report,而是通过 MCP 暴露 iSphere 的联系人、群组、消息、文件能力。
后续研发主线切换为 MCP 核心通信能力:搜索联系人、搜索群组、收发消息、收发文件。现有 UIA/selector/report 只作为底层辅助和证据,不再作为主线继续扩展。
Current completed state
- Go MCP foundation exists:
cmd/isphere-mcp,internal/mcpserver,internal/helperclient, andinternal/toolsbuild a stdio MCP server. - The current MCP surface exposes eight read-oriented tools:
win_helper_versionwin_helper_self_checkwin_helper_scan_windowswin_helper_dump_uiaisphere_receive_messagesisphere_search_contactsisphere_search_groupsisphere_receive_files
- C#
ISphereWinHelperexists undernative/ISphereWinHelperand uses theisphere.helper.v1stdin/stdout JSON contract. scripts/verify-win-helper.ps1andscripts/verify-go-mcp.ps1provide repeatable local checks for the helper, eight-tool MCP surface, default empty-source receive/contact/group/file calls, synthetic configured-file receive/contact/group/file smoke, and synthetic configured-directory receive/contact/group/file smoke.isphere_receive_messagesnow returns the contract-facingok,conversation,messages,next_cursor, andauditenvelope while retaining legacy parser-native message fields for compatibility.isphere_receive_messagesaccepts the read-contract argument set for the current local-readonly path:conversation_id,query,since,limit,include_attachment_metadata,source_preference,preview, and emptycursor.isphere_search_contactsandisphere_search_groupsaccept and validate the safe search-contract args for the current local-readonly path, but display names/member data remain JID-derived/unknown until the new x86MsgLibReadSidecaris wrapped from Go and integrated.isphere_receive_fileslist mode accepts and validates the safe file-list contract args for the current local-readonly path while keeping download blocked.native/MsgLibReadSidecarnow provides a bounded x86 .NET read-only boundary forMsgLib.dbschema/display-source checks; it is not yet wired into Go MCP tools.- N12-pre and N12R documents define safe offline evidence intake and internal-sandbox live UIA capture procedures.
- N13/N14/N15 produced selector catalog/report validation infrastructure, but those are supporting validation assets only.
What cannot be claimed externally
- The project has not yet implemented business MCP tools for message sending, file download, or file sending;
isphere_receive_messages,isphere_search_contacts,isphere_search_groups, andisphere_receive_fileslist mode have operator-local encrypted log-file/log-directory support but not a production ingestion path. - The project has not completed production iSphere integration.
- The project has not proven a stable real message source for the full business workflow beyond decrypted PacketReader log evidence and synthetic/redacted tests.
- The project has not implemented real message sending or real file upload.
- N12-pre offline evidence is not N12 pass.
- N13/N14/N15 selector/report work is pre-business evidence, not finished contact/message/file capability.
What can be claimed externally
- The repository has a Go MCP + C# WinHelper foundation for controlled Windows-side read-only observation.
- The helper protocol boundary is explicit and keeps Windows/UIA work separate from the Go MCP service layer.
- The current code can support future MCP business tools by routing low-level Windows/UIA fallback work through a bounded helper layer.
- The project has repeatable verification scripts for the helper/MCP foundation and the current eight-tool surface.
- The project now has a corrected business contract and plan for core MCP communication tools, plus registered receive/contact/group/file-list read tools that can use
ISPHERE_PACKET_LOG_FILEfor one operator-local encrypted PacketReader log-line file orISPHERE_PACKET_LOG_DIRfor an operator-local directory of encrypted.log/.txtPacketReader files.
N13/N14/N15 positioning
N13/N14/N15 are pre-business validation results. They can help identify UI elements and validate reports if UI automation becomes necessary, but they are not the product route. New work should first validate real business capability sources and core MCP tool contracts.
Current loop
Current loop: Stage C / Loop C28 - Go MsgLib sidecar client wrapper.
Plan file: docs/superpowers/plans/2026-07-09-stage-c-log-backed-receive-messages-loop.md.
Loop rule:
- Write or update the plan before coding.
- Implement one loop only.
- Verify, commit exact paths, then update the next loop based on actual results.
- Continue automatically while the next step is clear; ask the user only when blocked or when business direction changes.
Current loop output so far:
- C1:
internal/isphere/logcodec.DecryptLineandinternal/isphere/packetlog.ParseMessageLogfor redacted PacketReader message logs. - C2:
internal/isphere.EncryptedPacketLogSource.ReceiveMessagessource abstraction with synthetic/redacted encrypted fixtures. - C3:
isphere_receive_messagesMCP tool registration and server tool list update. - C4: repeatable operator verification and docs for the five-tool surface.
- C5: safe
ISPHERE_PACKET_LOG_FILEloader for operator-local encrypted PacketReader log lines. - C6: fixture-backed operator smoke for configured receive source.
- C7: log-backed contact candidate extraction from sender/receiver JIDs.
- C8:
isphere_search_contactsMCP registration and six-tool verification. - C9: group source evidence precheck confirmed groupchat/conference/MUC hits in ignored decrypted logs.
- C10: log-backed group candidate extraction from groupchat/conference JIDs.
- C11:
isphere_search_groupsMCP registration and seven-tool verification. - C12: file evidence precheck confirmed enough PacketReader/Smark evidence for file metadata listing, but not enough for real cache/download mapping.
- C13:
internal/isphere.ListFilesFromMessagesextracts synthetic/redacted file metadata candidates from normalized messages. - C14:
isphere_receive_filesMCP list mode registered and verify-go-mcp now covers eight tools plus default/configured file-list smoke. - C15:
isphere_send_messagesource precheck found no validated write connector; send implementation is blocked pending bridge/API, UIA action, or protocol evidence. - C16: configured PacketReader source hardening added
ISPHERE_PACKET_LOG_DIR, deterministic recursive.log/.txtdirectory loading, ambiguous file/dir config failure, and configured-directory receive/contact/group/file smoke verification. - C17:
isphere_receive_messagesoutput was aligned to the core read contract envelope and message fields while retaining legacy aliases; verify-go-mcp now asserts contract fields for configured file and directory source smokes. - C18:
isphere_receive_messagesgainedconversation_idandqueryfilters across source, MCP args, tests, and configured file/directory smoke verification. - C19:
isphere_receive_messagesgained RFC3339sincefiltering against PacketReader epoch-millisecond timestamps plus invalid-since error handling. - C20:
isphere_receive_messagesnow accepts and validates the remaining safe read-contract args, rejects unsupported source/cursor cases, and can suppress inline attachment metadata. - C21:
isphere_search_contactsandisphere_search_groupsnow accept and validate safe search-contract args, while rejecting unsupported source/cursor cases. - C22:
isphere_receive_fileslist mode now accepts and validates safe contract args, rejects unsupported source/cursor/output/download cases, and keeps download blocked. - C23: display-name enrichment was blocked because current committed evidence and ignored metadata do not validate a JID-to-display-name/group-title source;
MsgLib.dbremains the most likely next source but inspected copies are not directly readable as SQLite. - C24:
MsgLib.dbreadability precheck found high-entropy non-SQLite files with a consistent wrapper/encryption signature; wrapper candidates includeHYHC.IMPP.DAL.dll,Utilities.Lib.SQLiteInteraction*.dll,Utilities.Lib.DBModel.dll, andRepairDatabase.exe. - C25: static .NET wrapper analysis recovered the DAL open path:
HYHC.IMPP.DAL.IMPPDALconfiguresSystem.Data.SQLitethroughUtilities.Lib.DBSQLite, setsDatabaseNameto the DB path andPasswordto123, and exposes candidate display/message tables such asTD_Roster,tblRecent,tblPersonMsg,tblMsgGroupPersonMsg, andTD_WorkGroupAuth. - C26: copied
MsgLib.dbschema extraction succeeded through a 32-bit .NETSystem.Data.SQLiteread-only probe with password123; all three copied DB candidates opened, with confirmed contact/group/message/file schema tables. - C27: added
native/MsgLibReadSidecarwith protocolisphere.msglib.v1, x86 build/verify scripts, and safeself_check,schema_summary, anddisplay_sourcesoperations; evidence-backed smoke returned 8 display-source candidates without row/message values.
Next business mainline
- Run Stage C Loop C28: add a Go client wrapper for
MsgLibReadSidecarusing env-configured sidecar/SQLite/DB paths, with fake-sidecar tests first; do not expose a new MCP tool or read message bodies yet. - Leave
isphere_send_messageblocked until bridge/API, UIA action-chain, or protocol connector evidence is validated. - Leave actual file download/cache mapping as a later connector node until a message-to-cache hash or client download source is validated.
- Keep UIA selector/report work as fallback support, not as the primary roadmap.