bridge: remove direct slack fallback in broker mode

Author: benvinegar

CONFIGURATION.md

@@ -37,8 +37,8 @@ The agent also uses an SSH key (`~/.ssh/id_ed25519`) for git push. Setup generat
 
 | Variable | Description | How to get it |
 |----------|-------------|---------------|
-| `SLACK_BOT_TOKEN` | Slack bot OAuth token (required for direct Socket Mode, optional in broker mode) | Create a Slack app at [api.slack.com/apps](https://api.slack.com/apps). Under **OAuth & Permissions**, add bot scopes: `app_mentions:read`, `chat:write`, `channels:history`, `channels:read`, `reactions:write`, `im:history`, `im:read`, `im:write`. Install the app to your workspace and copy the **Bot User OAuth Token**. |
-| `SLACK_APP_TOKEN` | Slack app-level token (required for Socket Mode, optional in broker mode) | In your Slack app settings → **Basic Information** → **App-Level Tokens**, create a token with `connections:write` scope. |
+| `SLACK_BOT_TOKEN` | Slack bot OAuth token (required for direct Socket Mode; ignored by broker pull mode) | Create a Slack app at [api.slack.com/apps](https://api.slack.com/apps). Under **OAuth & Permissions**, add bot scopes: `app_mentions:read`, `chat:write`, `channels:history`, `channels:read`, `reactions:write`, `im:history`, `im:read`, `im:write`. Install the app to your workspace and copy the **Bot User OAuth Token**. |
+| `SLACK_APP_TOKEN` | Slack app-level token (required for Socket Mode; not used by broker pull mode) | In your Slack app settings → **Basic Information** → **App-Level Tokens**, create a token with `connections:write` scope. |
 | `SLACK_ALLOWED_USERS` | Comma-separated Slack user IDs | **Optional** — if not set, all workspace members can interact. Find your Slack user ID: click your profile → "..." → "Copy member ID". Example: `U01ABCDEF,U02GHIJKL` |
 
 If you're using Slack broker mode (`SLACK_BROKER_*` vars), the runtime uses broker pull delivery and does not require Socket Mode callbacks.
@@ -104,9 +104,9 @@ Set by `sudo baudbot broker register` when using brokered Slack OAuth flow.
 | `SLACK_BROKER_SERVER_SIGNING_PUBLIC_KEY` | Server Ed25519 public signing key (base64) |
 | `SLACK_BROKER_PUBLIC_KEY` | Broker X25519 public key (base64) |
 | `SLACK_BROKER_SIGNING_PUBLIC_KEY` | Broker Ed25519 public signing key (base64) |
-| `SLACK_BROKER_ACCESS_TOKEN` | Optional broker-issued bearer token for broker API auth (used when broker enforces agent tokens) |
-| `SLACK_BROKER_ACCESS_TOKEN_EXPIRES_AT` | Optional ISO timestamp for broker token expiry |
-| `SLACK_BROKER_ACCESS_TOKEN_SCOPES` | Optional comma-separated broker token scopes |
+| `SLACK_BROKER_ACCESS_TOKEN` | Broker-issued bearer token for broker API auth (required for broker pull mode runtime) |
+| `SLACK_BROKER_ACCESS_TOKEN_EXPIRES_AT` | ISO timestamp for broker token expiry (recommended; runtime exits if expired) |
+| `SLACK_BROKER_ACCESS_TOKEN_SCOPES` | Comma-separated broker token scopes |
 | `SLACK_BROKER_POLL_INTERVAL_MS` | Inbox poll interval in milliseconds (default: `3000`) |
 | `SLACK_BROKER_MAX_MESSAGES` | Max leased messages per poll request (default: `10`) |
 | `SLACK_BROKER_WAIT_SECONDS` | Long-poll wait window for `/api/inbox/pull` (default: `20`, set `0` for immediate short-poll, max `25`) |

README.md

@@ -99,7 +99,8 @@ sudo baudbot broker register \
 ```
 
 Broker pull mode uses long-polling by default (`SLACK_BROKER_WAIT_SECONDS=20`, max `25`; set `0` for immediate short-poll behavior).
-When broker agent-token auth is enabled server-side, `baudbot broker register` stores broker token fields in env and broker-mode outbound requests include `Authorization: Bearer ...` automatically.
+`baudbot broker register` stores broker token fields in env and broker-mode requests include `Authorization: Bearer ...` automatically.
+Broker pull mode no longer uses direct Slack Web API fallback and does not require storing `SLACK_BOT_TOKEN`.
 
 Need to rotate/update a key later?
 

bin/broker-register.mjs

@@ -225,48 +225,6 @@ export function mapRegisterError(status, errorText) {
   return `registration failed (${status}) — ${text}`;
 }
 
-let cachedSodium = null;
-
-async function getSodium() {
-  if (cachedSodium) return cachedSodium;
-
-  try {
-    const mod = await import("libsodium-wrappers-sumo");
-    cachedSodium = mod.default ?? mod;
-    await cachedSodium.ready;
-    return cachedSodium;
-  } catch {
-    return null;
-  }
-}
-
-/**
- * Decrypt a sealed box encrypted with the server's public key.
- * Returns null if libsodium is unavailable.
- */
-async function decryptSealedBox(encryptedBase64, serverPrivateKeyBase64, serverPublicKeyBase64) {
-  const sodium = await getSodium();
-  if (!sodium) {
-    return null;
-  }
-
-  const ciphertext = Buffer.from(encryptedBase64, "base64");
-  const serverPrivateKey = Buffer.from(serverPrivateKeyBase64, "base64");
-  const serverPublicKey = Buffer.from(serverPublicKeyBase64, "base64");
-
-  const plaintext = sodium.crypto_box_seal_open(
-    ciphertext,
-    serverPublicKey,
-    serverPrivateKey,
-  );
-
-  if (!plaintext) {
-    throw new Error("Failed to decrypt sealed box - invalid keys or corrupted data");
-  }
-
-  return new TextDecoder().decode(plaintext);
-}
-
 export async function registerWithBroker({
   brokerUrl,
   workspaceId,
@@ -327,24 +285,8 @@ export async function registerWithBroker({
     throw new Error("broker signing pubkey mismatch between /api/broker-pubkey and /api/register");
   }
 
-  let decryptedBotToken = null;
   if (registerResponseBody?.encrypted_bot_token) {
-    logger("Decrypting bot token from broker response...");
-    try {
-      decryptedBotToken = await decryptSealedBox(
-        registerResponseBody.encrypted_bot_token,
-        serverKeys.server_private_key,
-        serverKeys.server_pubkey,
-      );
-
-      if (decryptedBotToken) {
-        logger("✅ Bot token decrypted successfully");
-      } else {
-        logger("⚠️ libsodium-wrappers-sumo unavailable; skipping bot token decryption");
-      }
-    } catch (err) {
-      logger(`⚠️ Failed to decrypt bot token, continuing with broker mode only: ${err instanceof Error ? err.message : String(err)}`);
-    }
+    logger("ℹ️ broker returned encrypted_bot_token, but runtime no longer stores direct Slack bot tokens in broker mode");
   }
 
   return {
@@ -355,7 +297,6 @@ export async function registerWithBroker({
     broker_access_token_scopes: Array.isArray(registerResponseBody?.broker_access_token_scopes)
       ? registerResponseBody.broker_access_token_scopes.filter((scope) => typeof scope === "string")
       : undefined,
-    decrypted_bot_token: decryptedBotToken,
     request_payload: registerRequestBody,
   };
 }
@@ -588,11 +529,6 @@ export async function runRegistration({
     updates.SLACK_BROKER_ACCESS_TOKEN_SCOPES = registration.broker_access_token_scopes.join(",");
   }
 
-  // Add the decrypted bot token if available
-  if (registration.decrypted_bot_token) {
-    updates.SLACK_BOT_TOKEN = registration.decrypted_bot_token;
-  }
-
   return {
     updates,
   };
@@ -657,11 +593,7 @@ export async function main(argv = process.argv.slice(2)) {
   for (const target of input.configTargets) {
     console.log(`  - ${target.path}`);
   }
-  
-  if (updates.SLACK_BOT_TOKEN) {
-    console.log("🎯 Bot token received and configured for direct API mode.");
-  }
-  
+
   console.log("Next step: sudo baudbot restart");
 
   return 0;

bin/broker-register.test.mjs

@@ -249,6 +249,38 @@ test("runRegistration integration path succeeds against live local HTTP server",
   }
 });
 
+test("runRegistration does not write SLACK_BOT_TOKEN even when broker returns encrypted_bot_token", async () => {
+  const fetchImpl = async (url) => {
+    if (String(url).endsWith("/api/broker-pubkey")) {
+      return jsonResponse({
+        ok: true,
+        broker_pubkey: Buffer.alloc(32, 9).toString("base64"),
+        broker_signing_pubkey: Buffer.alloc(32, 8).toString("base64"),
+      });
+    }
+
+    if (String(url).endsWith("/api/register")) {
+      return jsonResponse({
+        ok: true,
+        broker_pubkey: Buffer.alloc(32, 9).toString("base64"),
+        broker_signing_pubkey: Buffer.alloc(32, 8).toString("base64"),
+        encrypted_bot_token: "base64-encrypted-token",
+      });
+    }
+
+    return jsonResponse({ ok: false, error: "unexpected endpoint" }, 404);
+  };
+
+  const result = await runRegistration({
+    brokerUrl: "https://broker.example.com",
+    workspaceId: "TABC12345",
+    registrationToken: "token-from-dashboard",
+    fetchImpl,
+  });
+
+  assert.equal(result.updates.SLACK_BOT_TOKEN, undefined);
+});
+
 test("runRegistration requires registration token", async () => {
   await assert.rejects(
     runRegistration({

pi/skills/control-agent/SKILL.md

@@ -255,13 +255,7 @@ curl -s -X POST http://127.0.0.1:7890/react \
   -d '{"channel":"CHANNEL_ID","timestamp":"msg_ts","emoji":"white_check_mark"}'
 ```
 
-**Fallback — direct Slack Web API** (only if bridge is down and `SLACK_BOT_TOKEN` is available; won't work in broker mode since the bot token lives on the broker):
-```bash
-source ~/.config/.env && curl -s -X POST https://slack.com/api/chat.postMessage \
-  -H "Authorization: Bearer $SLACK_BOT_TOKEN" \
-  -H 'Content-Type: application/json' \
-  -d '{"channel":"CHANNEL_ID","text":"your message","thread_ts":"optional"}'
-```
+Broker pull mode does not support direct Slack Web API fallback. If the local bridge is down, restart the runtime/bridge first, then retry via local API.
 
 ### Message Context