daemon+menubar: bundle claude binary, auth via keychain OAuth (drop system-claude resolution)

Switch from resolving the user's system claude to spawning the SDK's own
bundled per-platform binary (Desktop-style), validated end-to-end by spike
(env-token auth + re-signed SEA runs + notarized, dmg 178MB):

- run-query: omit pathToClaudeCodeExecutable (SDK require.resolve's its
  platform package); inject CLAUDE_CODE_OAUTH_TOKEN + remote_mobile
  entrypoint via spawn env. Token is one-shot per spawn — the binary treats
  env tokens as inference-only and never self-refreshes; a loop alive past
  token expiry 401s until respawn (known limitation, self-heal signposted).
- router: sendPrompt mints a fresh token (OAuthRefreshManager.ensureFresh —
  the CCR bridge's keeper, shared) before ensureSessionLoop; missing/expired
  login surfaces as turn_failed with actionable "claude /login" copy.
- index: drop claude-binary resolution + claudeStatus/recheckClaudeBinary
  daemon API; thread ensureFreshToken into router deps + bridge inbound.
- menubar: drop the claude engine-health menu row and the shell-env
  inheritance (PATH probing is moot — we ship the binary).
- electron-builder: bundle @anthropic-ai/claude-agent-sdk-* (asarUnpack;
  executables can't spawn from asar).
- protocol: minClaudeVersion is now informational (bundled binary version
  is pinned by the app release).

Prerequisite: a Claude Code login on the Mac (keychain credentials written
by `claude /login` or Claude Desktop) — sidecode reads and refreshes that
entry (rotation-safe writeback) but never initiates a login itself.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

Author: yyq1025

packages/daemon/src/claude-binary.ts

@@ -10,12 +10,6 @@ import {
   reattachBridgedSessions,
   summarizeReattach,
 } from "./bridge/startup-reattach.js";
-import {
-  type ClaudeStatus,
-  getClaudeStatus,
-  recheckClaudeBinary,
-  resolveClaudeBinary,
-} from "./claude-binary.js";
 import { deleteDaemonLock, writeDaemonLock } from "./daemon-lock.js";
 import { GitWatcherRegistry } from "./git-watch.js";
 import { resolveSidecodeHome } from "./home.js";
@@ -50,18 +44,6 @@ export interface Daemon {
   pairedClientCount(): number;
   /** Number of currently authenticated WebRTC peers. */
   authenticatedPeerCount(): number;
-  /**
-   * Status of the Claude Code executable the SDK spawns (SIDECODE_CLAUDE_PATH
-   * → PATH). The menubar reads this to show a version / "not found" prompt;
-   * queries fail fast with the reason when not ok. Cached — see
-   * recheckClaudeBinary() to force a re-resolve after the user installs claude.
-   */
-  claudeStatus(): ClaudeStatus;
-  /**
-   * Force a fresh resolve of the Claude Code executable (the menubar's
-   * "Recheck", e.g. after the user installs it). Updates the cache + returns it.
-   */
-  recheckClaudeBinary(): ClaudeStatus;
   /**
    * Mint a fresh pair offer pointing at this daemon. Pure: derived from the
    * daemon's identity + the given serviceName — no per-offer state, no
@@ -101,20 +83,14 @@ export async function start(options: DaemonOptions = {}): Promise<Daemon> {
   const identity = loadOrCreateIdentity(home);
   const knownClients = KnownClients.load(home);
 
-  // Resolve the Claude Code executable the SDK will spawn (SIDECODE_CLAUDE_PATH
-  // → PATH). Non-fatal: if unresolved the daemon still starts and surfaces it
-  // via claudeStatus() so the menubar can prompt; queries fail fast with the
-  // reason. Relies on process.env reflecting the user's shell env — the menubar
-  // inherits it before start() (Finder-launched GUI apps get launchd's minimal
-  // PATH; terminal-launched `sidecode up` already has it).
-  const claude = resolveClaudeBinary();
-  if (claude.ok) {
-    console.log(
-      `claude: ${claude.path}${claude.version ? ` (${claude.version})` : ""} [${claude.source}]`,
-    );
-  } else {
-    console.warn(`claude: UNRESOLVED — ${claude.error}`);
-  }
+  // sidecode spawns the SDK's OWN bundled claude binary (shipped in the .app)
+  // and authenticates it by passing the user's keychain OAuth token via env at
+  // spawn time (run-query + OAuthRefreshManager). No system-claude resolution,
+  // no PATH probing — we ship the version. The one prerequisite is that the
+  // user has logged in to Claude Code once (keychain `Claude Code-credentials`,
+  // via `claude /login` or Claude Desktop); a missing login surfaces per-turn
+  // as a `turn_failed` with a "run claude /login" message.
+  //
   // Mark sidecode-driven sessions with a remote-mobile entrypoint (not the SDK
   // default `sdk-ts`) so they stay visible in the user's `claude --resume`
   // picker, which hides sessions whose entrypoint is in the SDK set. Respect a
@@ -191,7 +167,7 @@ export async function start(options: DaemonOptions = {}): Promise<Daemon> {
     // against claude.ai's own copy (dedup-by-uuid verified — no double
     // bubble, no origin tracking). Wiring this also flips every attached
     // transport to bidirectional.
-    onInboundPrompt: (sessionId, prompt) => {
+    onInboundPrompt: async (sessionId, prompt) => {
       const runtime = runtimeManager.get(sessionId);
       if (runtime === undefined) {
         // No local runtime for this bridged session. Linking a cse_ to a
@@ -210,9 +186,17 @@ export async function start(options: DaemonOptions = {}): Promise<Daemon> {
       // refinement is M3. pushPrompt is UNCHANGED from the local/iOS path —
       // bridge / local / iOS prompts share one code path.
       try {
-        ensureSessionLoop(runtime, { mode: "resume" });
+        // Same per-spawn token as the iOS/local path — the bundled binary
+        // gets it via env. A creds failure surfaces as turn_failed (forwarded
+        // to claude.ai by the bridge mirror) rather than a silent drop.
+        const oauthToken = await oauth.ensureFresh();
+        ensureSessionLoop(runtime, { mode: "resume", oauthToken });
         pushPrompt(runtime, prompt.text, prompt.images, prompt.uuid);
       } catch (err) {
+        runtime.addEvent({
+          kind: "turn_failed",
+          error: err instanceof Error ? err.message : String(err),
+        });
         console.log(
           `[sidecode] bridge inbound prompt failed for ${sessionId}: ${
             err instanceof Error ? err.message : String(err)
@@ -342,6 +326,9 @@ export async function start(options: DaemonOptions = {}): Promise<Daemon> {
     },
     listSidecodeSessions: (opts) => listSidecodeSessions(home, opts),
     isShuttingDown: () => shuttingDown,
+    // Per-spawn OAuth token for the bundled binary — same shared keychain
+    // manager the CCR bridge uses (one keeper per process).
+    ensureFreshToken: () => oauth.ensureFresh(),
     gitWatchers,
     epoch,
   });
@@ -417,8 +404,6 @@ export async function start(options: DaemonOptions = {}): Promise<Daemon> {
     fingerprint: identity.fingerprint,
     pairedClientCount: () => knownClients.list().length,
     authenticatedPeerCount: () => webrtc.authenticatedCount(),
-    claudeStatus: () => getClaudeStatus(),
-    recheckClaudeBinary: () => recheckClaudeBinary(),
     createPairOffer: (serviceName) => {
       const { encoded } = createPairOffer(identity, serviceName);
       return { encoded };

packages/daemon/src/index.ts

@@ -13,6 +13,7 @@ import {
   SLASH_COMMANDS,
 } from "@sidecodeapp/protocol";
 import type { BridgeService } from "./bridge/bridge-service.js";
+import { OAuthRefreshError } from "./bridge/oauth-refresh.js";
 import type { CommandHandler } from "./command.js";
 import type { GitWatcherRegistry } from "./git-watch.js";
 import {
@@ -105,6 +106,16 @@ export interface RouterDeps {
    * used.
    */
   queryFactory?: SessionLoopOptions["queryFactory"];
+  /**
+   * Mint a fresh OAuth access token for a claude spawn (OAuthRefreshManager
+   * .ensureFresh in production: reads keychain, refreshes if near expiry,
+   * writes back). The sendPrompt handler calls this right before
+   * `ensureSessionLoop` and hands the result in as `oauthToken`. Rejects
+   * (OAuthRefreshError) when there are no credentials / re-login is needed —
+   * the handler turns that into a `turn_failed`. Omitted on the test path
+   * (`queryFactory` set), which spawns no real binary.
+   */
+  ensureFreshToken?: () => Promise<string>;
   /**
    * Per-daemon registry of `GitWatcher`s keyed by `cwd`. Shared across
    * connections so two iOS clients on the same project re-use one watch
@@ -176,6 +187,23 @@ function getOrCreateGitSubs(ctx: { state: Map<string, unknown> }): GitSubsMap {
   return created;
 }
 
+/** User-facing message for an `ensureFreshToken` failure before a spawn. The
+ *  bundled binary needs a Claude login (keychain `Claude Code-credentials`,
+ *  written by `claude /login` or Claude Desktop); sidecode never logs in
+ *  itself. Maps OAuthRefreshError kinds to actionable copy. */
+function authErrorMessage(err: unknown): string {
+  if (err instanceof OAuthRefreshError) {
+    if (err.kind === "no_credentials") {
+      return "Not signed in to Claude. Run `claude /login` (or sign in with Claude Desktop), then try again.";
+    }
+    if (err.kind === "needs_relogin") {
+      return "Your Claude login has expired. Run `claude /login` again, then retry.";
+    }
+    return "Couldn't reach Claude to refresh your login. Check your connection and try again.";
+  }
+  return err instanceof Error ? err.message : String(err);
+}
+
 /**
  * Wire up the authenticated-command dispatcher.
  *
@@ -723,6 +751,27 @@ export function createCommandHandler(deps: RouterDeps): CommandHandler {
             }
           }
 
+          // Mint a fresh OAuth token for the spawn (the bundled binary gets
+          // it via env). Failure (no creds / re-login) surfaces in-band as a
+          // `turn_failed` so iOS renders it in the transcript, then we ACK the
+          // RPC and stop — no spawn. Skipped on the test path (queryFactory).
+          let oauthToken: string | undefined;
+          if (deps.queryFactory === undefined && deps.ensureFreshToken) {
+            try {
+              oauthToken = await deps.ensureFreshToken();
+            } catch (err) {
+              runtime.addEvent({
+                kind: "turn_failed",
+                error: authErrorMessage(err),
+              });
+              ctx.send({
+                type: "sendPrompt.response",
+                requestId: cmd.requestId,
+              });
+              return;
+            }
+          }
+
           // Idempotent — second sendPrompt for same session reuses the
           // existing loop. mode/cwd/model are only consulted on the
           // FIRST call (when ensureSessionLoop actually spawns the SDK
@@ -735,6 +784,7 @@ export function createCommandHandler(deps: RouterDeps): CommandHandler {
             mode,
             cwd: cmd.cwd,
             model: cmd.model,
+            oauthToken,
             queryFactory: deps.queryFactory,
           });
           // pushPrompt emits turn_started synchronously before the SDK