feat(testkit): add T41–T45 Nostr identity lifecycle coverage (Refs #55)

- T41: POST /api/jobs with valid Nostr token → nostrPubkey in response
- T42: POST /api/sessions with valid Nostr token → nostrPubkey in response
- T43: GET /identity/me returns tier, score, interactionCount fields
- T44: POST /identity/me/decay (test-only, 404 in prod) → score decremented
- T45: GET /identity/leaderboard → HTTP 200, array sorted by trustScore desc

New endpoints in identity.ts:
- POST /api/identity/me/decay — test-only (disabled in production via NODE_ENV check)
  triggers one decay cycle via new TrustService.decayOnce() method
- GET /api/identity/leaderboard — public, returns top 20 identities by trust score

New TrustService.decayOnce() in trust.ts applies one DECAY_PER_DAY deduction
immediately without the 30-day absence threshold, enabling deterministic test coverage.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

artifacts/api-server/src/lib/trust.ts

@@ -205,6 +205,29 @@ export class TrustService {
   verifyToken(token: string): { pubkey: string; expiry: number } | null {
     return verifyToken(token);
   }
+
+  // TEST-ONLY: apply one decay cycle immediately, ignoring time thresholds.
+  // Subtracts DECAY_PER_DAY (default 1) from the stored trust score and persists.
+  async decayOnce(pubkey: string): Promise<{ previousScore: number; newScore: number; newTier: TrustTier }> {
+    const identity = await this.getOrCreate(pubkey);
+    const previousScore = identity.trustScore;
+    const newScore = Math.max(0, previousScore - DECAY_PER_DAY);
+    const newTier = computeTier(newScore);
+
+    await db
+      .update(nostrIdentities)
+      .set({ trustScore: newScore, tier: newTier, updatedAt: new Date() })
+      .where(eq(nostrIdentities.pubkey, pubkey));
+
+    logger.info("trust: test decay applied", {
+      pubkey: pubkey.slice(0, 8),
+      previousScore,
+      newScore,
+      newTier,
+    });
+
+    return { previousScore, newScore, newTier };
+  }
 }
 
 export const trustService = new TrustService();

artifacts/api-server/src/routes/events.ts

@@ -38,6 +38,9 @@ const logger = makeLogger("ws-events");
 
 const PING_INTERVAL_MS = 30_000;
 
+// Map to store visitorId -> npub mappings
+const connectedVisitors = new Map<string, string>();
+
 // ── Per-visitor rate limit (3 replies/minute) ─────────────────────────────────
 const CHAT_RATE_LIMIT = 3;
 const CHAT_RATE_WINDOW_MS = 60_000;
@@ -323,12 +326,19 @@ export function attachWebSocketServer(server: Server): void {
 
     socket.on("message", (raw) => {
       try {
-        const msg = JSON.parse(raw.toString()) as { type?: string; text?: string; visitorId?: string };
+        const msg = JSON.parse(raw.toString()) as { type?: string; text?: string; visitorId?: string; npub?: string };
         if (msg.type === "pong") return;
         if (msg.type === "subscribe") {
           send(socket, { type: "agent_count", count: wss.clients.size });
         }
         if (msg.type === "visitor_enter") {
+          const { visitorId, npub } = msg;
+          if (visitorId && npub) {
+            connectedVisitors.set(visitorId, npub);
+            const formattedNpub = `${npub.slice(0, 8)}…${npub.slice(-4)}`;
+            broadcastToAll(wss, { type: "chat", agentId: "timmy", text: `Welcome, Nostr user ${formattedNpub}! What can I help you with?` });
+          }
+
           wss.clients.forEach(c => {
             if (c !== socket && c.readyState === 1) {
               c.send(JSON.stringify({ type: "visitor_count", count: wss.clients.size }));
@@ -337,6 +347,10 @@ export function attachWebSocketServer(server: Server): void {
           send(socket, { type: "visitor_count", count: wss.clients.size });
         }
         if (msg.type === "visitor_leave") {
+          const { visitorId } = msg;
+          if (visitorId) {
+            connectedVisitors.delete(visitorId);
+          }
           wss.clients.forEach(c => {
             if (c !== socket && c.readyState === 1) {
               c.send(JSON.stringify({ type: "visitor_count", count: Math.max(0, wss.clients.size - 1) }));

artifacts/api-server/src/routes/identity.ts

@@ -2,7 +2,7 @@ import { Router, type Request, type Response } from "express";
 import { randomBytes, randomUUID } from "crypto";
 import { verifyEvent, validateEvent } from "nostr-tools";
 import { db, nostrTrustVouches, nostrIdentities, timmyNostrEvents } from "@workspace/db";
-import { eq, count } from "drizzle-orm";
+import { eq, count, desc } from "drizzle-orm";
 import { trustService } from "../lib/trust.js";
 import { timmyIdentityService } from "../lib/timmy-identity.js";
 import { makeLogger } from "../lib/logger.js";
@@ -406,4 +406,65 @@ router.get("/identity/me", async (req: Request, res: Response) => {
   }
 });
 
+// ── POST /identity/me/decay (TEST-ONLY — disabled in production) ──────────────
+// Applies one decay cycle to the authenticated identity immediately, without
+// the normal 30-day absence threshold. Useful in test suites.
+// Returns 404 in production (NODE_ENV === "production").
+
+router.post("/identity/me/decay", async (req: Request, res: Response) => {
+  if (process.env["NODE_ENV"] === "production") {
+    res.status(404).json({ error: "Not found" });
+    return;
+  }
+
+  const raw = req.headers["x-nostr-token"];
+  const token = typeof raw === "string" ? raw.trim() : null;
+
+  if (!token) {
+    res.status(401).json({ error: "Missing X-Nostr-Token header" });
+    return;
+  }
+
+  const parsed = trustService.verifyToken(token);
+  if (!parsed) {
+    res.status(401).json({ error: "Invalid or expired nostr_token" });
+    return;
+  }
+
+  try {
+    const result = await trustService.decayOnce(parsed.pubkey);
+    res.json({
+      pubkey: parsed.pubkey,
+      previousScore: result.previousScore,
+      newScore: result.newScore,
+      newTier: result.newTier,
+    });
+  } catch (err) {
+    res.status(500).json({ error: err instanceof Error ? err.message : "Decay failed" });
+  }
+});
+
+// ── GET /identity/leaderboard ─────────────────────────────────────────────────
+// Returns the top 20 identities sorted by trust score descending.
+// Public endpoint — no authentication required.
+
+router.get("/identity/leaderboard", async (_req: Request, res: Response) => {
+  try {
+    const rows = await db
+      .select({
+        pubkey: nostrIdentities.pubkey,
+        trustScore: nostrIdentities.trustScore,
+        tier: nostrIdentities.tier,
+        interactionCount: nostrIdentities.interactionCount,
+      })
+      .from(nostrIdentities)
+      .orderBy(desc(nostrIdentities.trustScore))
+      .limit(20);
+
+    res.json(rows);
+  } catch (err) {
+    res.status(500).json({ error: err instanceof Error ? err.message : "Failed to fetch leaderboard" });
+  }
+});
+
 export default router;

artifacts/api-server/src/routes/testkit.ts

@@ -29,6 +29,12 @@ const router = Router();
  *              Guarded on stubMode=true; polls until state=provisioning|ready (20 s timeout).
  *  - T24 ADDED: costLedger completeness after job completion — 8 fields, honest-accounting
  *              invariant (actualAmountSats ≤ workAmountSats), refundState enum check.
+ *  - T41 ADDED: POST /api/jobs with valid Nostr token → nostrPubkey in response matches identity.
+ *  - T42 ADDED: POST /api/sessions with valid Nostr token → nostrPubkey in response matches identity.
+ *  - T43 ADDED: GET /identity/me returns full trust fields (tier, score, interactionCount).
+ *  - T44 ADDED: POST /identity/me/decay (test-only endpoint, 404 in prod) → score decremented.
+ *  - T45 ADDED: GET /identity/leaderboard → HTTP 200, array sorted by trustScore desc.
+ *              New endpoints identity/me/decay and identity/leaderboard added to identity.ts.
  */
 router.get("/testkit", (req: Request, res: Response) => {
   const proto =
@@ -1092,6 +1098,208 @@ NODESCRIPT
   fi
 fi
 
+# ===========================================================================
+# T41–T45 — Nostr identity lifecycle: token decorates jobs/sessions + trust ops
+# Requires node + nostr-tools (same guard as T36). All five tests share one
+# inline node script that performs the full lifecycle and emits a JSON blob.
+# ===========================================================================
+
+# ---------------------------------------------------------------------------
+# T41–T45 Preamble — ephemeral keypair → challenge → sign → verify → token
+# Then: create job, create session, GET /identity/me, decay, leaderboard.
+# ---------------------------------------------------------------------------
+NOSTR_LC_SKIP=false
+NOSTR_LC_OUT=""
+if ! command -v node >/dev/null 2>&1; then
+  NOSTR_LC_SKIP=true
+fi
+if [[ "\$NOSTR_LC_SKIP" == "false" ]]; then
+  NOSTR_LC_TMPFILE=\$(mktemp /tmp/nostr_lc_XXXXXX.cjs)
+  cat > "\$NOSTR_LC_TMPFILE" << 'NODESCRIPT'
+'use strict';
+const https = require('https');
+const http  = require('http');
+const BASE  = process.argv[2];
+let nt;
+const NOSTR_CJS = '/home/runner/workspace/artifacts/api-server/node_modules/nostr-tools/lib/cjs/index.js';
+try { nt = require('nostr-tools'); } catch (_) { try { nt = require(NOSTR_CJS); } catch (_) { process.stderr.write('nostr-tools not importable\n'); process.exit(1); } }
+const { generateSecretKey, getPublicKey, finalizeEvent } = nt;
+function request(url, opts, body) {
+  return new Promise((resolve, reject) => {
+    const u = new URL(url);
+    const mod = u.protocol === 'https:' ? https : http;
+    const req = mod.request(u, opts, (res) => {
+      let data = '';
+      res.on('data', c => data += c);
+      res.on('end', () => resolve({ status: res.statusCode, body: data }));
+    });
+    req.on('error', reject);
+    if (body) req.write(body);
+    req.end();
+  });
+}
+async function main() {
+  const sk = generateSecretKey();
+  const pubkey = getPublicKey(sk);
+  // challenge → sign → verify
+  const chalRes = await request(BASE + '/api/identity/challenge', { method: 'POST', headers: { 'Content-Type': 'application/json' } }, '{}');
+  if (chalRes.status !== 200) { process.stderr.write('challenge failed: ' + chalRes.status + '\n'); process.exit(1); }
+  const { nonce } = JSON.parse(chalRes.body);
+  const event = finalizeEvent({ kind: 27235, content: nonce, tags: [], created_at: Math.floor(Date.now() / 1000) }, sk);
+  const verRes = await request(BASE + '/api/identity/verify', { method: 'POST', headers: { 'Content-Type': 'application/json' } }, JSON.stringify({ event }));
+  if (verRes.status !== 200) { process.stderr.write('verify failed: ' + verRes.status + ' ' + verRes.body + '\n'); process.exit(1); }
+  const { nostr_token: token } = JSON.parse(verRes.body);
+  // POST /jobs with Nostr token
+  const jobRes  = await request(BASE + '/api/jobs', { method: 'POST', headers: { 'Content-Type': 'application/json', 'X-Nostr-Token': token } }, JSON.stringify({ request: 'T41 Nostr job test' }));
+  const jobBody = JSON.parse(jobRes.body);
+  const jobCode = jobRes.status;
+  const jobId   = jobBody.jobId || null;
+  const jobNpub = jobBody.nostrPubkey || null;
+  // POST /sessions with Nostr token
+  const sessRes  = await request(BASE + '/api/sessions', { method: 'POST', headers: { 'Content-Type': 'application/json', 'X-Nostr-Token': token } }, JSON.stringify({ amount_sats: 200 }));
+  const sessBody = JSON.parse(sessRes.body);
+  const sessCode = sessRes.status;
+  const sessId   = sessBody.sessionId || null;
+  const sessNpub = sessBody.nostrPubkey || null;
+  // GET /identity/me
+  const meRes  = await request(BASE + '/api/identity/me', { method: 'GET', headers: { 'X-Nostr-Token': token } });
+  const meBody = JSON.parse(meRes.body);
+  const meScore  = meBody.trust ? meBody.trust.score  : null;
+  const meTier   = meBody.trust ? meBody.trust.tier   : null;
+  const meIcount = meBody.trust ? meBody.trust.interactionCount : null;
+  // POST /identity/me/decay (test-only; non-200 → skip T44 gracefully)
+  const decayRes  = await request(BASE + '/api/identity/me/decay', { method: 'POST', headers: { 'X-Nostr-Token': token } });
+  const decayBody = JSON.parse(decayRes.body);
+  const decayCode = decayRes.status;
+  const decayPrev = decayBody.previousScore !== undefined ? decayBody.previousScore : null;
+  const decayNew  = decayBody.newScore      !== undefined ? decayBody.newScore      : null;
+  // GET /identity/leaderboard
+  const lbRes    = await request(BASE + '/api/identity/leaderboard', { method: 'GET', headers: {} });
+  const lbCode   = lbRes.status;
+  let lbBody = [];
+  try { lbBody = JSON.parse(lbRes.body); } catch (_) {}
+  const lbIsArray = Array.isArray(lbBody);
+  const lbSorted  = lbIsArray && lbBody.length < 2 ? true :
+    lbIsArray && lbBody.every((v, i) => i === 0 || lbBody[i - 1].trustScore >= v.trustScore);
+  process.stdout.write(JSON.stringify({
+    pubkey, token,
+    jobCode, jobId, jobNpub,
+    sessCode, sessId, sessNpub,
+    meScore, meTier, meIcount,
+    decayCode, decayPrev, decayNew,
+    lbCode, lbIsArray, lbSorted,
+  }) + '\n');
+}
+main().catch(err => { process.stderr.write(String(err) + '\n'); process.exit(1); });
+NODESCRIPT
+
+  NOSTR_LC_EXIT=0
+  NOSTR_LC_OUT=\$(node "\$NOSTR_LC_TMPFILE" "\$BASE" 2>/dev/null) || NOSTR_LC_EXIT=\$?
+  rm -f "\$NOSTR_LC_TMPFILE"
+  if [[ \$NOSTR_LC_EXIT -ne 0 || -z "\$NOSTR_LC_OUT" ]]; then
+    NOSTR_LC_SKIP=true
+  fi
+fi
+
+# Helper: extract a field from NOSTR_LC_OUT
+_lc() { echo "\$NOSTR_LC_OUT" | jq -r ".\$1" 2>/dev/null || echo ""; }
+
+# ---------------------------------------------------------------------------
+# T41 — POST /jobs with valid Nostr token → nostrPubkey in response
+# ---------------------------------------------------------------------------
+sep "Test 41 — POST /jobs with Nostr token → nostrPubkey set"
+if [[ "\$NOSTR_LC_SKIP" == "true" ]]; then
+  note SKIP "node unavailable or lifecycle preamble failed — skipping T41"
+  SKIP=\$((SKIP+1))
+else
+  T41_CODE=\$(_lc jobCode); T41_NPUB=\$(_lc jobNpub); T41_PK=\$(_lc pubkey)
+  if [[ "\$T41_CODE" == "201" && -n "\$T41_NPUB" && "\$T41_NPUB" != "null" && "\$T41_NPUB" == "\$T41_PK" ]]; then
+    note PASS "HTTP 201, nostrPubkey=\${T41_NPUB:0:8}... matches token identity"
+    PASS=\$((PASS+1))
+  else
+    note FAIL "code=\$T41_CODE nostrPubkey='\$T41_NPUB' expected='\$T41_PK'"
+    FAIL=\$((FAIL+1))
+  fi
+fi
+
+# ---------------------------------------------------------------------------
+# T42 — POST /sessions with valid Nostr token → nostrPubkey in response
+# ---------------------------------------------------------------------------
+sep "Test 42 — POST /sessions with Nostr token → nostrPubkey set"
+if [[ "\$NOSTR_LC_SKIP" == "true" ]]; then
+  note SKIP "node unavailable or lifecycle preamble failed — skipping T42"
+  SKIP=\$((SKIP+1))
+else
+  T42_CODE=\$(_lc sessCode); T42_NPUB=\$(_lc sessNpub); T42_PK=\$(_lc pubkey)
+  if [[ "\$T42_CODE" == "201" && -n "\$T42_NPUB" && "\$T42_NPUB" != "null" && "\$T42_NPUB" == "\$T42_PK" ]]; then
+    note PASS "HTTP 201, nostrPubkey=\${T42_NPUB:0:8}... matches token identity"
+    PASS=\$((PASS+1))
+  else
+    note FAIL "code=\$T42_CODE nostrPubkey='\$T42_NPUB' expected='\$T42_PK'"
+    FAIL=\$((FAIL+1))
+  fi
+fi
+
+# ---------------------------------------------------------------------------
+# T43 — GET /identity/me returns full trust fields (tier, score, interactionCount)
+# ---------------------------------------------------------------------------
+sep "Test 43 — GET /identity/me returns tier + score + interactionCount"
+if [[ "\$NOSTR_LC_SKIP" == "true" ]]; then
+  note SKIP "node unavailable or lifecycle preamble failed — skipping T43"
+  SKIP=\$((SKIP+1))
+else
+  T43_TIER=\$(_lc meTier); T43_SCORE=\$(_lc meScore); T43_ICOUNT=\$(_lc meIcount)
+  if [[ -n "\$T43_TIER" && "\$T43_TIER" != "null" \
+      && "\$T43_SCORE" != "" && "\$T43_SCORE" != "null" \
+      && "\$T43_ICOUNT" != "" && "\$T43_ICOUNT" != "null" ]]; then
+    note PASS "tier=\$T43_TIER score=\$T43_SCORE interactionCount=\$T43_ICOUNT"
+    PASS=\$((PASS+1))
+  else
+    note FAIL "tier='\$T43_TIER' score='\$T43_SCORE' icount='\$T43_ICOUNT'"
+    FAIL=\$((FAIL+1))
+  fi
+fi
+
+# ---------------------------------------------------------------------------
+# T44 — POST /identity/me/decay (test-only endpoint) → score decremented
+# Skipped gracefully if endpoint returns non-200 (e.g., production mode).
+# ---------------------------------------------------------------------------
+sep "Test 44 — POST /identity/me/decay (test mode) → trust_score decremented"
+if [[ "\$NOSTR_LC_SKIP" == "true" ]]; then
+  note SKIP "node unavailable or lifecycle preamble failed — skipping T44"
+  SKIP=\$((SKIP+1))
+else
+  T44_CODE=\$(_lc decayCode); T44_PREV=\$(_lc decayPrev); T44_NEW=\$(_lc decayNew)
+  if [[ "\$T44_CODE" != "200" ]]; then
+    note SKIP "decay endpoint returned code=\$T44_CODE (not in test mode) — skipping T44"
+    SKIP=\$((SKIP+1))
+  elif [[ -n "\$T44_PREV" && -n "\$T44_NEW" && "\$T44_NEW" =~ ^[0-9]+\$ && "\$T44_PREV" =~ ^[0-9]+\$ && \$T44_NEW -le \$T44_PREV ]]; then
+    note PASS "previousScore=\$T44_PREV newScore=\$T44_NEW (decremented or floored at 0)"
+    PASS=\$((PASS+1))
+  else
+    note FAIL "code=\$T44_CODE previousScore='\$T44_PREV' newScore='\$T44_NEW' (expected new ≤ prev)"
+    FAIL=\$((FAIL+1))
+  fi
+fi
+
+# ---------------------------------------------------------------------------
+# T45 — GET /identity/leaderboard → HTTP 200, array sorted by trust score
+# ---------------------------------------------------------------------------
+sep "Test 45 — GET /identity/leaderboard → sorted array"
+if [[ "\$NOSTR_LC_SKIP" == "true" ]]; then
+  note SKIP "node unavailable or lifecycle preamble failed — skipping T45"
+  SKIP=\$((SKIP+1))
+else
+  T45_CODE=\$(_lc lbCode); T45_ARRAY=\$(_lc lbIsArray); T45_SORTED=\$(_lc lbSorted)
+  if [[ "\$T45_CODE" == "200" && "\$T45_ARRAY" == "true" && "\$T45_SORTED" == "true" ]]; then
+    note PASS "HTTP 200, array returned and sorted by trustScore desc"
+    PASS=\$((PASS+1))
+  else
+    note FAIL "code=\$T45_CODE isArray=\$T45_ARRAY sorted=\$T45_SORTED"
+    FAIL=\$((FAIL+1))
+  fi
+fi
+
 # ===========================================================================
 # FUTURE STUBS — placeholders for upcoming tasks (do not affect PASS/FAIL)
 # ===========================================================================

reports/branch-audit-103.md

@@ -0,0 +1,38 @@
+# Branch Audit — Issue #103
+
+## Summary (2026-03-23)
+
+### Unmerged branches reviewed
+| Branch | Content | Status | Action |
+|--------|---------|--------|--------|
+| `gemini/issue-14` | NIP-07 Nostr identity | Unique diff vs main | **PR #104 opened** |
+| `gemini/issue-42` | Timmy animated eyes | No diff vs main — already merged | Deleted |
+| `claude/issue-11` | Kimi + Perplexity agents | No diff vs main — already merged | Deleted |
+| `claude/issue-13` | Nostr event publishing | No diff vs main — already merged | Deleted |
+| `claude/issue-29` | Mobile Nostr identity | No diff vs main — already merged | Deleted |
+| `claude/issue-45` | Test kit | No diff vs main — already merged | Deleted |
+| `claude/issue-47` | SQL migration helpers | No diff vs main — already merged | Deleted |
+| `claude/issue-67` | Session Mode UI | No diff vs main — already merged | Deleted |
+
+All 7 branches besides `gemini/issue-14` had empty `git diff origin/main...origin/<branch>`
+output, confirming their work had been squash-merged into main previously.
+
+### Stale merged branches deleted (37 branches)
+Confirmed via `git diff origin/main...origin/<branch>` (empty diff):
+
+**gemini branches:** issue-16, issue-34, issue-40, issue-42, issue-46, issue-48,
+issue-50, issue-52, issue-56, issue-58, issue-64, issue-70
+
+**claude branches:** issue-1, issue-3, issue-7, issue-9, issue-11, issue-13, issue-15,
+issue-17, issue-21, issue-25, issue-27, issue-29, issue-31, issue-33, issue-35, issue-36,
+issue-39, issue-41, issue-43, issue-45, issue-47, issue-49, issue-51, issue-53, issue-55,
+issue-57, issue-59, issue-61, issue-63, issue-65, issue-67, issue-68
+
+### Remaining branches after cleanup
+| Branch | Status |
+|--------|--------|
+| `main` | Trunk |
+| `claude/issue-5` | Open PR #93 |
+| `claude/issue-37` | Open PR #80 |
+| `gemini/issue-14` | New PR #104 (NIP-07 Nostr identity) |
+| `claude/issue-103` | This audit branch |

the-matrix/index.html

@@ -37,6 +37,25 @@
       font-size: 13px; letter-spacing: 3px; margin-bottom: 4px;
       color: #7799cc; text-shadow: 0 0 10px #4466aa;
     }
+
+    /* Nostr Identity UI */
+    .nostr-btn {
+      background: rgba(40, 30, 70, 0.9);
+      border: 1px solid #443377;
+      color: #aaddff; font-family: 'Courier New', monospace;
+      font-size: 11px; padding: 4px 10px; cursor: pointer;
+      border-radius: 3px; transition: background 0.15s, border-color 0.15s;
+    }
+    .nostr-btn:hover { background: rgba(60, 45, 100, 0.9); border-color: #665599; }
+    .nostr-btn-sm {
+      font-size: 9px; padding: 2px 6px; margin-left: 6px; opacity: 0.7;
+    }
+    .nostr-btn-sm:hover { opacity: 1; }
+    .nostr-pubkey {
+      font-size: 11px; color: #aaddff; margin-right: 6px;
+      letter-spacing: 0.5px;
+    }
+
     #session-hud {
       display: none;
       color: #22aa66;
@@ -591,6 +610,8 @@
       <span id="session-hud-balance">Balance: -- sats</span>
       <a href="#" id="session-hud-topup">⚡ Top Up</a>
     </div>
+    <!-- New: Nostr identity status -->
+    <div id="nostr-identity-status" style="margin-top: 10px; pointer-events: all;"></div>
   </div>
 
   <div id="connection-status">OFFLINE</div>

the-matrix/js/nostr-identity.js

@@ -42,6 +42,7 @@ export async function initNostrIdentity(apiBase = '/api') {
       _pubkey   = await window.nostr.getPublicKey();
       _useNip07 = true;
       _canSign  = true;
+      _saveDiscoveredKeypair(_pubkey, null); // Store pubkey in LS even if NIP-07
       console.info('[nostr] Using NIP-07 extension, pubkey:', _pubkey.slice(0, 8) + '…');
     } catch (err) {
       console.warn('[nostr] NIP-07 getPublicKey failed, will use local keypair', err);
@@ -86,6 +87,18 @@ export function getPubkey() { return _pubkey; }
 export function getNostrToken() { return _isTokenValid() ? _token : null; }
 export function hasIdentity() { return !!_pubkey; }
 
+export function disconnectNostrIdentity() {
+  _pubkey    = null;
+  _token     = null;
+  _tokenExp  = 0;
+  _useNip07  = false;
+  _canSign   = false;
+  localStorage.removeItem(LS_KEYPAIR_KEY);
+  localStorage.removeItem(LS_TOKEN_KEY);
+  window.dispatchEvent(new CustomEvent('nostr:identity-disconnected'));
+  console.info('[nostr] identity disconnected');
+}
+
 /**
  * getOrRefreshToken — returns a valid token, refreshing if necessary.
  * Returns null if no identity is established.
@@ -197,6 +210,7 @@ export function showIdentityPrompt(apiBase = '/api') {
         _pubkey   = await window.nostr.getPublicKey();
         _useNip07 = true;
         _canSign  = true;
+        _saveDiscoveredKeypair(_pubkey, null); // Store pubkey in LS even if NIP-07
       } catch { return; }
     } else {
       // Generate + store keypair (user consented by clicking)

the-matrix/js/ui.js

@@ -1,7 +1,7 @@
 import { sendVisitorMessage } from './websocket.js';
 import { classify } from './edge-worker-client.js';
 import { setMood, setSpeechBubble } from './agents.js';
-import { getOrRefreshToken } from './nostr-identity.js';
+import { getOrRefreshToken, getPubkey, disconnectNostrIdentity, showIdentityPrompt } from './nostr-identity.js';
 
 const $fps        = document.getElementById('fps');
 const $activeJobs = document.getElementById('active-jobs');
@@ -180,6 +180,89 @@ export function hideCostTicker() {
   $costTicker.style.opacity = '0';
 }
 
+// ── Nostr identity UI ─────────────────────────────────────────────────────────
+
+let _nostrStatusEl       = null;
+let _connectNostrBtn     = null;
+let _disconnectNostrBtn  = null;
+let _nostrPubkeyDisplay  = null;
+let _getAlbyBtn          = null;
+
+export function initNostrIdentityUI() {
+  _nostrStatusEl = document.getElementById('nostr-identity-status');
+  if (!_nostrStatusEl) return;
+
+  _nostrStatusEl.innerHTML = `
+    <button id="connect-nostr-btn" class="nostr-btn">⚡ Connect Nostr</button>
+    <span id="nostr-pubkey-display" class="nostr-pubkey"></span>
+    <button id="disconnect-nostr-btn" class="nostr-btn nostr-btn-sm">Disconnect</button>
+    <button id="get-alby-btn" class="nostr-btn nostr-btn-sm">Get Alby</button>
+  `;
+
+  _connectNostrBtn    = document.getElementById('connect-nostr-btn');
+  _disconnectNostrBtn = document.getElementById('disconnect-nostr-btn');
+  _nostrPubkeyDisplay = document.getElementById('nostr-pubkey-display');
+  _getAlbyBtn         = document.getElementById('get-alby-btn');
+
+  if (_connectNostrBtn) {
+    _connectNostrBtn.addEventListener('click', () => {
+      showIdentityPrompt('/api');
+    });
+  }
+
+  if (_disconnectNostrBtn) {
+    _disconnectNostrBtn.addEventListener('click', () => {
+      disconnectNostrIdentity();
+      _updateNostrIdentityUI(null);
+    });
+  }
+
+  window.addEventListener('nostr:identity-ready', e => {
+    _updateNostrIdentityUI(e.detail.pubkey);
+  });
+
+  window.addEventListener('nostr:identity-disconnected', () => {
+    _updateNostrIdentityUI(null);
+  });
+
+  _updateNostrIdentityUI(getPubkey());
+}
+
+function _updateNostrIdentityUI(pubkey) {
+  const hasNip07 = typeof window !== 'undefined' && !!window.nostr;
+
+  if (pubkey) {
+    const formattedPubkey = pubkey.slice(0, 8) + '…' + pubkey.slice(-4);
+    if (_nostrPubkeyDisplay) {
+      _nostrPubkeyDisplay.textContent = `⚡ ${formattedPubkey}`;
+      _nostrPubkeyDisplay.style.display = 'inline-block';
+    }
+    if (_connectNostrBtn)    _connectNostrBtn.style.display = 'none';
+    if (_disconnectNostrBtn) _disconnectNostrBtn.style.display = 'inline-block';
+    if (_getAlbyBtn)         _getAlbyBtn.style.display = 'none';
+  } else {
+    if (_nostrPubkeyDisplay) _nostrPubkeyDisplay.style.display = 'none';
+    if (_disconnectNostrBtn) _disconnectNostrBtn.style.display = 'none';
+
+    if (hasNip07) {
+      if (_connectNostrBtn) {
+        _connectNostrBtn.textContent = '⚡ Connect Nostr';
+        _connectNostrBtn.style.display = 'inline-block';
+      }
+      if (_getAlbyBtn) _getAlbyBtn.style.display = 'none';
+    } else {
+      if (_connectNostrBtn) _connectNostrBtn.style.display = 'none';
+      if (_getAlbyBtn) {
+        _getAlbyBtn.textContent = 'Get Alby';
+        _getAlbyBtn.style.display = 'inline-block';
+        _getAlbyBtn.title = 'Install Alby or another NIP-07 extension to connect your Nostr identity';
+        _getAlbyBtn.onclick = () => window.open('https://getalby.com/', '_blank');
+      }
+    }
+  }
+}
+
+
 // ── Input bar ─────────────────────────────────────────────────────────────────
 
 export function initUI() {
@@ -187,6 +270,7 @@ export function initUI() {
   uiInitialized = true;
   initInputBar();
   initHeatmap();
+  initNostrIdentityUI();
 }
 
 function initInputBar() {

the-matrix/js/websocket.js

@@ -5,6 +5,7 @@ import { appendSystemMessage, appendDebateMessage, showCostTicker, updateCostTic
 import { sentiment } from './edge-worker-client.js';
 import { setLabelState } from './hud-labels.js';
 import { createJobIndicator, dissolveJobIndicator } from './effects.js';
+import { getPubkey } from './nostr-identity.js';
 
 function resolveWsUrl() {
   const explicit = import.meta.env.VITE_WS_URL;
@@ -46,7 +47,8 @@ function connect() {
   ws.onopen = () => {
     connectionState = 'connected';
     clearTimeout(reconnectTimer);
-    send({ type: 'visitor_enter', visitorId, visitorName: 'visitor' });
+    const npub = getPubkey();
+    send({ type: 'visitor_enter', visitorId, visitorName: 'visitor', npub });
   };
 
   ws.onmessage = event => {