From 1821e9f46f224a4bfe28989941e5820d29c106ca Mon Sep 17 00:00:00 2001
From: Hanwen Cheng <heawen.cheng@gmail.com>
Date: Sat, 13 Jun 2026 01:06:10 +0800
Subject: [PATCH 1/3] =?UTF-8?q?refactor:=20#275=20B1=20re-land=20=E2=80=94?=
 =?UTF-8?q?=20agentkeys-protocol=20wire=20crate=20(wasm-safe),=20web-core?=
 =?UTF-8?q?=20shares=20the=20cap-mint=20body?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Re-lands #215's B1 against current main (the original branch rotted 56 commits
behind; protocol.rs had grown +256 lines that the move had to re-port).

Extract the broker/worker wire types (backend-client's protocol module) into a
standalone pure-serde agentkeys-protocol crate (no reqwest/tokio/aws — compiles
to wasm32). agentkeys-backend-client re-exports it as ::protocol, so every
existing agentkeys_backend_client::protocol::* path still resolves.

agentkeys-web-core (browser/wasm) now aliases the SHARED BrokerCapRequest as
CapRequest instead of carrying its own copy. That kills TWO live drifts:
ttl_seconds (required u64 native vs Option<u64> browser — the shared type is
Option + skip, faithful to the broker's serde default; native callers always
send Some, wire byte-identical) and the #76 K10 cap-PoP fields
(client_sig/client_nonce/client_ts), which web-core's copy was missing
entirely (browser sends None — verified-when-present).

web-core must NOT depend on backend-client directly (pulls aws-sdk-sts + tokio
+ native reqwest via the provisioner; breaks the wasm build): new harness-ci
rust-checks gate cargo-checks web-core for wasm32 (default + --features wasm).
The wasm32 target itself is pinned in rust-toolchain.toml (single SoT; rustup
toolchain install picks it up — no dtolnay action, per the #276 pin rule).

Verified: cargo build/test --workspace, clippy -D warnings, fmt, wasm32 checks
(default + wasm), dump-protocol-fixtures --check (cap_mint_request.json
byte-unchanged), check-backend-fixture-drift.sh, check-web-api-drift.sh.
---
 .github/workflows/harness-ci.yml              | 14 ++++
 AGENTS.md                                     |  4 +-
 Cargo.lock                                    | 10 +++
 Cargo.toml                                    |  2 +
 crates/agentkeys-backend-client/Cargo.toml    |  6 ++
 crates/agentkeys-backend-client/src/client.rs |  9 ++-
 .../agentkeys-backend-client/src/fixtures.rs  |  2 +-
 crates/agentkeys-backend-client/src/lib.rs    |  2 +-
 crates/agentkeys-daemon/src/proxy.rs          |  4 +-
 crates/agentkeys-protocol/Cargo.toml          |  9 +++
 .../src/lib.rs}                               | 75 ++++++++++++++++---
 crates/agentkeys-web-core/Cargo.toml          |  6 ++
 crates/agentkeys-web-core/src/broker.rs       | 36 ++++-----
 rust-toolchain.toml                           |  5 ++
 14 files changed, 150 insertions(+), 34 deletions(-)
 create mode 100644 crates/agentkeys-protocol/Cargo.toml
 rename crates/{agentkeys-backend-client/src/protocol.rs => agentkeys-protocol/src/lib.rs} (86%)

diff --git a/.github/workflows/harness-ci.yml b/.github/workflows/harness-ci.yml
index ab7670a2..a8ea037a 100644
--- a/.github/workflows/harness-ci.yml
+++ b/.github/workflows/harness-ci.yml
@@ -230,6 +230,20 @@ jobs:
       - name: Frontend↔harness plant contract has not drifted (issue #203 / #206)
         run: bash scripts/check-web-api-drift.sh
 
+      # B1 (#215 re-land / #275): the browser host (agentkeys-web-core — a
+      # cdylib+rlib that compiles to wasm32) shares the cap-mint wire shape with
+      # the native client through the pure-serde `agentkeys-protocol` crate.
+      # This gate fails if that shared crate (or web-core) ever pulls a
+      # native-only dep (tokio / native reqwest / aws-sdk-sts, the last via the
+      # provisioner) that breaks the browser build — exactly the regression that
+      # would occur if web-core depended on the native backend-client directly.
+      # Default + `wasm` bindings. The wasm32 target itself is pinned in
+      # rust-toolchain.toml (installed by the `rustup toolchain install` above).
+      - name: web-core compiles to wasm32 (no native transport leaked into the browser)
+        run: |
+          cargo check --target wasm32-unknown-unknown -p agentkeys-web-core
+          cargo check --target wasm32-unknown-unknown -p agentkeys-web-core --features wasm
+
   detect-changes:
     # Issue #101: path-conditional triggers for auto-deploy of the test broker.
     # Computes `broker_changed` so deploy-test-broker can skip when a PR only
diff --git a/AGENTS.md b/AGENTS.md
index f5f1b3ab..5a27ca1b 100644
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -219,10 +219,10 @@ Cap-tokens are **data-class-explicit**: six storage endpoints (`/v1/cap/{cred,me
 
 ## Broker/worker request shapes have ONE owner (issue #203)
 
-The broker/worker client protocol — the six `/v1/cap/*` mint endpoints, the STS relay, worker put/get body types, audit append, the `memory:<ns>` service builder, the `0x`-omni normalizer — is owned by [`agentkeys-backend-client`](crates/agentkeys-backend-client/) (field types co-owned with [`agentkeys-types`](crates/agentkeys-types/)). **Never re-type a cap/worker body in a second Rust path or in bash** (the #200 drift-bug class). All Rust callers (MCP `HttpBackend`, daemon `ui_bridge`) delegate to `BackendClient`, so a drifted shape is a compile error; bash and the web app are fixture-gated in CI.
+The broker/worker client protocol — the six `/v1/cap/*` mint endpoints, the STS relay, worker put/get body types, audit append, the `memory:<ns>` service builder, the `0x`-omni normalizer — has ONE definition, split across two crates by transport-safety: the wire **types** live in [`agentkeys-protocol`](crates/agentkeys-protocol/) — pure serde, transport-free, compiles to `wasm32` — and the native **client** (cap-mint → STS → worker) in [`agentkeys-backend-client`](crates/agentkeys-backend-client/), which re-exports the types as `agentkeys_backend_client::protocol` (field types co-owned with [`agentkeys-types`](crates/agentkeys-types/)). The browser host [`agentkeys-web-core`](crates/agentkeys-web-core/) (wasm) depends on the SAME `agentkeys-protocol`, so the cap-mint body cannot drift across native vs browser — it used to (`ttl_seconds` required-`u64` vs `Option<u64>`, and web-core's copy was missing the #76 K10 PoP fields). web-core must NOT depend on `agentkeys-backend-client` directly: that crate pulls `aws-sdk-sts` + `tokio` + native `reqwest` (via the provisioner) and breaks the wasm build — the `wasm32` CI gate in `harness-ci.yml` enforces this. **Never re-type a cap/worker body in a second Rust path or in bash** (the #200 drift-bug class). All Rust callers (the MCP server's `BackendClient`, daemon `ui_bridge`, web-core) compile against the shared types, so a drifted shape is a compile error; bash and the web app are fixture-gated in CI.
 
 **Rules when you touch this surface:**
-- Wire-field change → edit the serde type in `agentkeys-backend-client::protocol`, regenerate the committed fixtures (`cargo run -p agentkeys-backend-client --bin dump-protocol-fixtures`), update the frozen key-set test in `fixtures.rs`.
+- Wire-field change → edit the serde type in [`agentkeys-protocol`](crates/agentkeys-protocol/) (the single definition; re-exported as `agentkeys_backend_client::protocol`), regenerate the committed fixtures (`cargo run -p agentkeys-backend-client --bin dump-protocol-fixtures`), update the frozen key-set test in `fixtures.rs`. The native callers AND the browser host recompile against the new shape automatically; the `wasm32` gate proves the browser still builds.
 - Harness steps drive the `agentkeys` CLI, not hand-rolled curls. Raw curls only for negative / HTTP-status tests; a body that mirrors a canonical shape carries `# @backend-fixture: <shape>` ([`scripts/check-backend-fixture-drift.sh`](scripts/check-backend-fixture-drift.sh) diffs it against [`harness/fixtures/backend-protocol/`](harness/fixtures/backend-protocol/) in CI); deliberately-malformed negative payloads are NOT annotated.
 - The daemon's web-API plant contract is pinned the same way: route + `ApiMemoryEntry` body SoT in [`ui_bridge.rs`](crates/agentkeys-daemon/src/ui_bridge.rs), fixture [`harness/fixtures/web-api/master_memory_plant.json`](harness/fixtures/web-api/master_memory_plant.json), both non-Rust consumers annotated `@web-fixture: master_memory_plant` and gated by [`scripts/check-web-api-drift.sh`](scripts/check-web-api-drift.sh).
 - Field names are the arch.md canonical spellings — never invent a synonym in a new body.
diff --git a/Cargo.lock b/Cargo.lock
index bfd3dbe9..d4f20e44 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -42,6 +42,7 @@ name = "agentkeys-backend-client"
 version = "0.1.0"
 dependencies = [
  "agentkeys-core",
+ "agentkeys-protocol",
  "agentkeys-provisioner",
  "async-trait",
  "reqwest",
@@ -340,6 +341,14 @@ dependencies = [
  "tracing-subscriber",
 ]
 
+[[package]]
+name = "agentkeys-protocol"
+version = "0.1.0"
+dependencies = [
+ "serde",
+ "serde_json",
+]
+
 [[package]]
 name = "agentkeys-provisioner"
 version = "0.1.0"
@@ -373,6 +382,7 @@ dependencies = [
 name = "agentkeys-web-core"
 version = "0.1.0"
 dependencies = [
+ "agentkeys-protocol",
  "axum",
  "reqwest",
  "serde",
diff --git a/Cargo.toml b/Cargo.toml
index 4da756b7..50d2ed53 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -13,6 +13,7 @@ members = [
     "crates/agentkeys-mcp-server",
     "crates/agentkeys-provisioner",
     "crates/agentkeys-backend-client",
+    "crates/agentkeys-protocol",
     "crates/agentkeys-broker-server",
     "crates/agentkeys-worker-creds",
     "crates/agentkeys-worker-memory",
@@ -31,6 +32,7 @@ agentkeys-memory-engine = { path = "crates/agentkeys-memory-engine" }
 agentkeys-memory-openviking = { path = "crates/agentkeys-memory-openviking" }
 agentkeys-web-core = { path = "crates/agentkeys-web-core" }
 agentkeys-backend-client = { path = "crates/agentkeys-backend-client" }
+agentkeys-protocol = { path = "crates/agentkeys-protocol" }
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 tokio = { version = "1", features = ["full"] }
diff --git a/crates/agentkeys-backend-client/Cargo.toml b/crates/agentkeys-backend-client/Cargo.toml
index b558e98b..4464abf7 100644
--- a/crates/agentkeys-backend-client/Cargo.toml
+++ b/crates/agentkeys-backend-client/Cargo.toml
@@ -23,6 +23,12 @@ path = "src/bin/dump_protocol_fixtures.rs"
 agentkeys-provisioner = { path = "../agentkeys-provisioner" }
 # K10 cap-mint proof-of-possession (issue #76): DeviceKey + cap_pop_now signing.
 agentkeys-core = { workspace = true }
+# The transport-agnostic wire shapes (cap-mint + worker bodies). Moved out of
+# this crate's `protocol` module into a standalone, wasm-safe crate so the
+# browser host (agentkeys-web-core) can share them without pulling in this
+# crate's native transport (reqwest/tokio + the provisioner's aws-sdk-sts).
+# Re-exported below as `agentkeys_backend_client::protocol` for back-compat.
+agentkeys-protocol = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
 tokio = { workspace = true }
diff --git a/crates/agentkeys-backend-client/src/client.rs b/crates/agentkeys-backend-client/src/client.rs
index 9626f7b6..6ed51684 100644
--- a/crates/agentkeys-backend-client/src/client.rs
+++ b/crates/agentkeys-backend-client/src/client.rs
@@ -216,7 +216,12 @@ impl BackendClient {
                     actor_omni: req.actor_omni,
                     service: req.service,
                     device_key_hash,
-                    ttl_seconds: req.ttl_seconds,
+                    // Caller-side `CapMintRequest` always carries an explicit ttl,
+                    // so the wire body always sends it (`Some`) — byte-identical
+                    // to before the on-wire field became `Option`. Only a direct
+                    // on-wire caller (the browser) may send `None` to take the
+                    // broker default.
+                    ttl_seconds: Some(req.ttl_seconds),
                     client_sig: Some(pop.client_sig),
                     client_nonce: Some(pop.client_nonce),
                     client_ts: Some(pop.client_ts),
@@ -227,7 +232,7 @@ impl BackendClient {
                 actor_omni: req.actor_omni,
                 service: req.service,
                 device_key_hash: req.device_key_hash,
-                ttl_seconds: req.ttl_seconds,
+                ttl_seconds: Some(req.ttl_seconds),
                 client_sig: None,
                 client_nonce: None,
                 client_ts: None,
diff --git a/crates/agentkeys-backend-client/src/fixtures.rs b/crates/agentkeys-backend-client/src/fixtures.rs
index 6c58bbaa..9d924100 100644
--- a/crates/agentkeys-backend-client/src/fixtures.rs
+++ b/crates/agentkeys-backend-client/src/fixtures.rs
@@ -42,7 +42,7 @@ pub fn canonical_fixtures() -> Vec<Fixture> {
         actor_omni: "0x<actor_omni>".into(),
         service: "memory:<namespace>".into(),
         device_key_hash: "0x<device_key_hash>".into(),
-        ttl_seconds: 300,
+        ttl_seconds: Some(300),
         client_sig: None,
         client_nonce: None,
         client_ts: None,
diff --git a/crates/agentkeys-backend-client/src/lib.rs b/crates/agentkeys-backend-client/src/lib.rs
index 2929719d..143fec8b 100644
--- a/crates/agentkeys-backend-client/src/lib.rs
+++ b/crates/agentkeys-backend-client/src/lib.rs
@@ -13,7 +13,7 @@
 
 pub mod client;
 pub mod fixtures;
-pub mod protocol;
+pub use agentkeys_protocol as protocol;
 
 pub use client::{BackendClient, BackendError};
 pub use protocol::{
diff --git a/crates/agentkeys-daemon/src/proxy.rs b/crates/agentkeys-daemon/src/proxy.rs
index 9cad84ec..2ca44bac 100644
--- a/crates/agentkeys-daemon/src/proxy.rs
+++ b/crates/agentkeys-daemon/src/proxy.rs
@@ -227,7 +227,7 @@ async fn handle_cap(
                 actor_omni: req.actor_omni.clone(),
                 service: req.service.clone(),
                 device_key_hash: device_key.device_key_hash().unwrap_or_default(),
-                ttl_seconds: req.ttl_seconds.unwrap_or(300),
+                ttl_seconds: Some(req.ttl_seconds.unwrap_or(300)),
                 client_sig: Some(pop.client_sig),
                 client_nonce: Some(pop.client_nonce),
                 client_ts: Some(pop.client_ts),
@@ -238,7 +238,7 @@ async fn handle_cap(
             actor_omni: req.actor_omni.clone(),
             service: req.service.clone(),
             device_key_hash: req.device_key_hash.clone(),
-            ttl_seconds: req.ttl_seconds.unwrap_or(300),
+            ttl_seconds: Some(req.ttl_seconds.unwrap_or(300)),
             client_sig: None,
             client_nonce: None,
             client_ts: None,
diff --git a/crates/agentkeys-protocol/Cargo.toml b/crates/agentkeys-protocol/Cargo.toml
new file mode 100644
index 00000000..45350e40
--- /dev/null
+++ b/crates/agentkeys-protocol/Cargo.toml
@@ -0,0 +1,9 @@
+[package]
+name = "agentkeys-protocol"
+version = "0.1.0"
+edition = "2021"
+description = "Broker/worker wire protocol — the transport-agnostic, wasm-safe serde shapes shared by agentkeys-backend-client (native client + STS) and agentkeys-web-core (browser fetch client). Pure serde (no reqwest/tokio/aws), so it compiles to wasm32. The single owner of the cap-mint + worker request/response shapes (#203); the parity-ladder rung-3 split that lets the browser share the wire types without dragging native transport into the wasm build."
+
+[dependencies]
+serde = { workspace = true }
+serde_json = { workspace = true }
diff --git a/crates/agentkeys-backend-client/src/protocol.rs b/crates/agentkeys-protocol/src/lib.rs
similarity index 86%
rename from crates/agentkeys-backend-client/src/protocol.rs
rename to crates/agentkeys-protocol/src/lib.rs
index eea54b8b..2bc9c4b2 100644
--- a/crates/agentkeys-backend-client/src/protocol.rs
+++ b/crates/agentkeys-protocol/src/lib.rs
@@ -1,20 +1,33 @@
 //! The broker/worker wire protocol — the **single owner** of every request
 //! and response shape the cap-mint + worker chain serializes (issue #203).
 //!
-//! Before this crate the same JSON was hand-typed in three places (the MCP
-//! `HttpBackend`, the daemon `ui_bridge`, and bash `jq -n` bodies in the
-//! harness), which is the structural cause of the drift bugs #200 fixed
+//! Pure serde, **no transport** (no reqwest/tokio/aws), so it compiles to
+//! `wasm32`: the native client `agentkeys-backend-client` re-exports it as
+//! `::protocol`, and the browser host `agentkeys-web-core` (wasm) depends on
+//! it directly. That split is the parity-ladder rung-3 move for the wire
+//! shapes — the browser and the native client share ONE definition and cannot
+//! drift (they used to: `ttl_seconds` was a required `u64` in backend-client
+//! but `Option<u64>` in web-core's own copy, and web-core's copy was missing
+//! the #76 K10 cap-PoP fields entirely). web-core must NOT depend on
+//! `agentkeys-backend-client` instead: that crate pulls `aws-sdk-sts` +
+//! `tokio` + native `reqwest` via the provisioner and breaks the wasm build
+//! (the `wasm32` CI gate in `harness-ci.yml` enforces this).
+//!
+//! Before the one-owner discipline the same JSON was hand-typed in three
+//! places (the MCP backend, the daemon `ui_bridge`, and bash `jq -n` bodies in
+//! the harness), which is the structural cause of the drift bugs #200 fixed
 //! (`evm_address` vs `{address,chain_id}`, bare-vs-`0x` omni, per-namespace
 //! field shapes). Re-typing one of these in a second place is now either a
 //! compile error (Rust callers share these types) or a fixture mismatch (the
-//! harness gate diffs bash bodies against [`crate::fixtures`]).
+//! harness gate diffs bash bodies against `agentkeys-backend-client`'s
+//! `fixtures` module).
 //!
 //! Naming follows arch.md's canonical-names rule: the field names here MUST
 //! match what `agentkeys_broker_server::handlers::cap` and the
 //! `agentkeys_worker_*` handlers deserialize. We mirror by hand (not a shared
 //! struct dep) because the broker/worker are heavy binaries — but the mirror
 //! is now in ONE place, exercised end-to-end in the MCP server's
-//! `tests/three_acts.rs` and pinned by [`crate::fixtures`].
+//! `tests/three_acts.rs` and pinned by the backend-client fixtures.
 
 use serde::{Deserialize, Serialize};
 use serde_json::Value;
@@ -98,20 +111,35 @@ pub struct CapMintRequest {
 
 /// Broker cap-mint request body — the exact JSON
 /// `agentkeys_broker_server::handlers::cap` deserializes for all `/v1/cap/*`
-/// endpoints. Carries the K10 cap-mint **proof-of-possession** (issue #76):
+/// endpoints, AND the on-the-wire shape the browser host
+/// (`agentkeys-web-core`) serializes directly (it has no separate caller-side
+/// type — it aliases this as `CapRequest`).
+///
+/// Carries the K10 cap-mint **proof-of-possession** (issue #76):
 /// `client_sig` is an EIP-191 signature by the caller's K10 device key over
 /// `device_crypto::cap_pop_payload(operator, actor, service, op, data_class,
 /// client_nonce, client_ts)`. The broker validates it and the WORKER re-verifies
 /// it independently — so a compromised broker (which lacks the K10 private key)
-/// cannot mint a usable cap. Built by [`BackendClient::cap_mint`] from an
-/// injected `DeviceKey`, NOT hand-set by callers.
+/// cannot mint a usable cap. Built by `BackendClient::cap_mint` (in
+/// `agentkeys-backend-client`) from an injected `DeviceKey`, NOT hand-set by
+/// callers.
+///
+/// `ttl_seconds` is `Option` + `skip_serializing_if` to mirror the broker's
+/// `#[serde(default = "default_ttl_seconds")]`: `None` omits the field so the
+/// broker applies its default (300s, clamped 60..1800); native callers coming
+/// from [`CapMintRequest`] always send `Some(..)` (wire-identical to before).
+/// This is the SINGLE on-wire definition, so the browser and the native client
+/// can no longer drift on it — previously each crate had its own copy and they
+/// diverged on this very field (the bug class #203 closed for the chain, now
+/// extended to the browser).
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct BrokerCapRequest {
     pub operator_omni: String,
     pub actor_omni: String,
     pub service: String,
     pub device_key_hash: String,
-    pub ttl_seconds: u64,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub ttl_seconds: Option<u64>,
     // The K10 cap-PoP is OPTIONAL on the wire (issue #76 staged rollout): a caller
     // that holds the actor's K10 signs (the broker validates + the worker
     // re-verifies); a caller without one (e.g. a master before its K10 is
@@ -559,4 +587,33 @@ mod tests {
         assert_eq!(normalize_omni_0x("0xabcd"), "0xabcd");
         assert_eq!(normalize_omni_0x("0Xabcd"), "0Xabcd");
     }
+
+    #[test]
+    fn broker_cap_request_ttl_is_optional_on_the_wire() {
+        // Mirrors the broker's `#[serde(default)]`: `None` omits ttl_seconds (the
+        // broker then applies its default), `Some` emits a bare number. This is
+        // why the single on-wire type uses `Option` + skip rather than a required
+        // `u64` — the divergence web-core and backend-client used to carry.
+        let base = BrokerCapRequest {
+            operator_omni: "0xop".into(),
+            actor_omni: "0xactor".into(),
+            service: "memory:travel".into(),
+            device_key_hash: "0xdkh".into(),
+            ttl_seconds: None,
+            client_sig: None,
+            client_nonce: None,
+            client_ts: None,
+        };
+        let omitted = serde_json::to_value(&base).unwrap();
+        assert!(
+            omitted.get("ttl_seconds").is_none(),
+            "None must omit ttl_seconds so the broker applies its default"
+        );
+        let present = serde_json::to_value(BrokerCapRequest {
+            ttl_seconds: Some(900),
+            ..base
+        })
+        .unwrap();
+        assert_eq!(present["ttl_seconds"], 900);
+    }
 }
diff --git a/crates/agentkeys-web-core/Cargo.toml b/crates/agentkeys-web-core/Cargo.toml
index 75fff083..ce69bac9 100644
--- a/crates/agentkeys-web-core/Cargo.toml
+++ b/crates/agentkeys-web-core/Cargo.toml
@@ -10,6 +10,12 @@ description = "Host-agnostic master-plane core (broker client + ceremony logic)
 crate-type = ["cdylib", "rlib"]
 
 [dependencies]
+# The shared, wasm-safe broker/worker wire shapes (the cap-mint body). Pure
+# serde, no transport — so the browser shares the cap-mint request type with the
+# native client (agentkeys-backend-client) instead of re-declaring it, which is
+# how the two used to drift on `ttl_seconds` (and the #76 K10 PoP fields).
+# #203 / parity-ladder rung 3.
+agentkeys-protocol = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
 thiserror = { workspace = true }
diff --git a/crates/agentkeys-web-core/src/broker.rs b/crates/agentkeys-web-core/src/broker.rs
index 219df51a..8c03c722 100644
--- a/crates/agentkeys-web-core/src/broker.rs
+++ b/crates/agentkeys-web-core/src/broker.rs
@@ -184,23 +184,22 @@ impl BrokerClient {
     }
 }
 
-// ─── Cap-mint types (mirror crates/agentkeys-broker-server handlers/cap.rs) ──
-
-#[derive(Debug, Clone, Serialize, Deserialize)]
-pub struct CapRequest {
-    pub operator_omni: String,
-    pub actor_omni: String,
-    /// Signed capability service. For memory it is **namespace-qualified** —
-    /// `memory:<ns>` (e.g. `memory:travel`), arch.md §896 — because the broker
-    /// hashes it (`keccak(service)`) for `isServiceInScope` and the worker keys
-    /// storage off it (`bots/<actor>/memory/memory:<ns>.enc`). A bare `memory`
-    /// never matches a `memory:<ns>` grant → `service_not_in_scope`; the web
-    /// client builds it with `memoryService(ns)`, never a bare `memory`.
-    pub service: String,
-    pub device_key_hash: String,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub ttl_seconds: Option<u64>,
-}
+// ─── Cap-mint types ──────────────────────────────────────────────────────────
+//
+// The cap-mint request body is the SHARED on-wire type owned by
+// `agentkeys-protocol`, aliased here as `CapRequest` so this crate's call sites
+// and the `wasm.rs` bindings stay unchanged. Sharing it means the browser host
+// and the native client (agentkeys-backend-client) can no longer drift on this
+// body — previously each had its own copy and they diverged on `ttl_seconds`
+// (`Option<u64>` here vs a required `u64` there) AND this copy was missing the
+// #76 K10 cap-PoP fields (`client_sig`/`client_nonce`/`client_ts`; browser
+// callers send `None` — verified-when-present until the worker enforce flag
+// flips). `service` is still the namespace-qualified signed service
+// `memory:<ns>` (arch.md §896) — build it with `memoryService(ns)`, never a
+// bare `memory` (→ `service_not_in_scope`). The cap-token *response* shape
+// stays local: a typed convenience view over the same wire bytes the native
+// client keeps opaque (the deliberate B3 non-unification).
+pub use agentkeys_protocol::BrokerCapRequest as CapRequest;
 
 /// Broker-signed cap token. `payload` is the signed `CapPayload` (op, data_class,
 /// k3_epoch, expiry, …) — kept as opaque JSON here; the worker re-parses + the
@@ -339,6 +338,9 @@ mod tests {
             service: "memory".into(),
             device_key_hash: "0xdkh".into(),
             ttl_seconds: Some(900),
+            client_sig: None,
+            client_nonce: None,
+            client_ts: None,
         }
     }
 
diff --git a/rust-toolchain.toml b/rust-toolchain.toml
index 9d071ae0..b45bcb78 100644
--- a/rust-toolchain.toml
+++ b/rust-toolchain.toml
@@ -11,3 +11,8 @@
 [toolchain]
 channel = "1.96.0"
 components = ["clippy", "rustfmt"]
+# wasm32: agentkeys-web-core is the browser host (wasm-pack / the harness-ci
+# "web-core compiles to wasm32" gate). Pinning the target here keeps the pin
+# file the single source of truth — local dev, CI, and the broker host all get
+# it from `rustup toolchain install` instead of a per-machine `rustup target add`.
+targets = ["wasm32-unknown-unknown"]

From 3eeea857938be2161f284bc58c8cea58eed9ad83 Mon Sep 17 00:00:00 2001
From: Hanwen Cheng <heawen.cheng@gmail.com>
Date: Sat, 13 Jun 2026 01:28:16 +0800
Subject: [PATCH 2/3] =?UTF-8?q?feat:=20#275=20B2=20re-land=20extended=20?=
 =?UTF-8?q?=E2=80=94=20ts-rs=20generates=20the=20frontend=20wire=20types;?=
 =?UTF-8?q?=20CI=20typechecks=20against=20them?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Re-lands #215's B2 against current main, extended to everything that grew
while that branch rotted.

ts-rs derives on the daemon's 12 ui_bridge Api* structs + MemoryCategory now
generate apps/parent-control/lib/generated/*.ts; daemon.ts imports them and
all 8 hand-declared wire interfaces are deleted. A Rust-side field rename is a
frontend compile error (rung 2 → rung 3). u64 fields pin #[ts(type=number)];
skip-serialize Options pin #[ts(optional)].

Extended past #215's scope (its own flagged follow-up):
- ProposedScope + the catalog Sensitivity generate too; gating becomes a real
  ScopeGating enum (TS union "auto" | "k11" instead of a bare &'static str).
- The protocol crate's WireUserOp / BuildAcceptUserOpResponse /
  SubmitAcceptUserOpResponse generate too — daemon.ts's three inline UserOp
  build-response types and ApiSubmitResult are replaced by the shared shapes.

Two latent drifts the codegen forced into the open, fixed here:
- SubmitAcceptUserOpResponse had drifted from what the broker actually returns
  (#97 user_op_hash + audit_envelope_hashes, #230 pending) — realigned to the
  broker's real serialization; the daemon proxies relay it verbatim.
- ApiActor's account_address/account_type were ad-hoc serde_json inserts in
  enrich_actor_account, invisible to any type contract — folded into the
  struct as proper optional fields.

CI (harness-ci rust-checks): git diff --exit-code on the generated dir after
cargo test regenerates, plus a NEW frontend gate — wasm-pack build + npm ci +
tsc --noEmit — so the bindings AND their consumer typecheck on every PR
(apps/parent-control/** added to the PR path filter; npm run typecheck is now
fully green in CI for the first time, the core.ts wasm-artifact failures are
gone because CI builds the wasm). ts-rs rides the no-serde-warnings feature.

Verified: cargo fmt/test/clippy -D warnings (workspace), generated dir
diff-clean after regeneration, check-web-api-drift.sh, fixture --check,
npm run typecheck green.
---
 .github/workflows/harness-ci.yml              |  28 +++
 AGENTS.md                                     |   1 +
 Cargo.lock                                    |  44 +++++
 apps/parent-control/lib/client/daemon.ts      | 133 +++-----------
 apps/parent-control/lib/generated/ApiActor.ts |  32 ++++
 .../lib/generated/ApiAnchorBatch.ts           |   3 +
 .../lib/generated/ApiAnchorStatus.ts          |   4 +
 .../lib/generated/ApiAuditEvent.ts            |  14 ++
 .../lib/generated/ApiCapToken.ts              |   3 +
 .../lib/generated/ApiMemoryEntry.ts           |   8 +
 .../lib/generated/ApiPaymentCap.ts            |   3 +
 .../lib/generated/ApiScopeBits.ts             |   3 +
 .../lib/generated/ApiTimeWindow.ts            |   3 +
 .../parent-control/lib/generated/ApiWorker.ts |   4 +
 .../lib/generated/ApiWorkerActorShare.ts      |   3 +
 .../generated/BuildAcceptUserOpResponse.ts    |   8 +
 .../lib/generated/MemoryCategory.ts           |   3 +
 .../lib/generated/ProposedScope.ts            |  10 ++
 .../lib/generated/ScopeGating.ts              |   8 +
 .../lib/generated/Sensitivity.ts              |   8 +
 .../generated/SubmitAcceptUserOpResponse.ts   |  25 +++
 .../lib/generated/WireUserOp.ts               |   9 +
 crates/agentkeys-catalog/Cargo.toml           |   5 +
 crates/agentkeys-catalog/src/lib.rs           |   3 +-
 crates/agentkeys-daemon/Cargo.toml            |   6 +
 crates/agentkeys-daemon/src/ui_bridge.rs      | 165 +++++++++++++-----
 crates/agentkeys-protocol/Cargo.toml          |   5 +
 crates/agentkeys-protocol/src/lib.rs          |  29 ++-
 .../frontend-testability-cli-web-parity.md    |  37 ++++
 29 files changed, 453 insertions(+), 154 deletions(-)
 create mode 100644 apps/parent-control/lib/generated/ApiActor.ts
 create mode 100644 apps/parent-control/lib/generated/ApiAnchorBatch.ts
 create mode 100644 apps/parent-control/lib/generated/ApiAnchorStatus.ts
 create mode 100644 apps/parent-control/lib/generated/ApiAuditEvent.ts
 create mode 100644 apps/parent-control/lib/generated/ApiCapToken.ts
 create mode 100644 apps/parent-control/lib/generated/ApiMemoryEntry.ts
 create mode 100644 apps/parent-control/lib/generated/ApiPaymentCap.ts
 create mode 100644 apps/parent-control/lib/generated/ApiScopeBits.ts
 create mode 100644 apps/parent-control/lib/generated/ApiTimeWindow.ts
 create mode 100644 apps/parent-control/lib/generated/ApiWorker.ts
 create mode 100644 apps/parent-control/lib/generated/ApiWorkerActorShare.ts
 create mode 100644 apps/parent-control/lib/generated/BuildAcceptUserOpResponse.ts
 create mode 100644 apps/parent-control/lib/generated/MemoryCategory.ts
 create mode 100644 apps/parent-control/lib/generated/ProposedScope.ts
 create mode 100644 apps/parent-control/lib/generated/ScopeGating.ts
 create mode 100644 apps/parent-control/lib/generated/Sensitivity.ts
 create mode 100644 apps/parent-control/lib/generated/SubmitAcceptUserOpResponse.ts
 create mode 100644 apps/parent-control/lib/generated/WireUserOp.ts
 create mode 100644 docs/plan/frontend-testability-cli-web-parity.md

diff --git a/.github/workflows/harness-ci.yml b/.github/workflows/harness-ci.yml
index a8ea037a..2d2cbc8e 100644
--- a/.github/workflows/harness-ci.yml
+++ b/.github/workflows/harness-ci.yml
@@ -124,6 +124,10 @@ on:
       - ".github/workflows/harness-ci.yml"
       - "Cargo.toml"
       - "Cargo.lock"
+      # B2 (#215 re-land): the frontend imports ts-rs-generated wire types and
+      # is typechecked in rust-checks — a frontend-only PR must run that gate
+      # too, or a drifted daemon.ts import goes green by skipping the job.
+      - "apps/parent-control/**"
   workflow_dispatch:
     inputs:
       stage:
@@ -244,6 +248,30 @@ jobs:
           cargo check --target wasm32-unknown-unknown -p agentkeys-web-core
           cargo check --target wasm32-unknown-unknown -p agentkeys-web-core --features wasm
 
+      # B2 (#215 re-land, #203 parity ladder rung 3): the frontend's Api* wire
+      # types are GENERATED from the Rust structs via ts-rs into
+      # apps/parent-control/lib/generated/. `cargo test --workspace` above
+      # re-ran the #[ts(export)] tests, rewriting those .ts in place; if a
+      # Rust-side struct changed without committing the regenerated bindings,
+      # the working tree now differs from HEAD → fail (same discipline as the
+      # backend-protocol fixtures).
+      - name: ts-rs frontend bindings are up to date (#215 re-land B2)
+        run: git diff --exit-code -- apps/parent-control/lib/generated/
+
+      # The enforcement half of B2: the React frontend actually COMPILES against
+      # the generated bindings (a daemon-side rename is a tsc error here, not a
+      # silent runtime break). Builds the web-core wasm pkg first — core.ts (and
+      # from #275, daemon.ts's plant path) import its .d.ts, so typecheck needs
+      # it; this also makes `npm run typecheck` fully green in CI for the first
+      # time (it used to fail on the missing wasm artifacts in fresh checkouts).
+      - name: Frontend typechecks against the generated bindings (B2 enforcement)
+        run: |
+          curl -sSf https://rustwasm.github.io/wasm-pack/installer/init.sh | sh
+          wasm-pack build crates/agentkeys-web-core --dev --target web \
+            --out-dir "$PWD/apps/parent-control/lib/wasm/agentkeys-web-core" -- --features wasm
+          npm ci --prefix apps/parent-control --no-audit --no-fund
+          npm run typecheck --prefix apps/parent-control
+
   detect-changes:
     # Issue #101: path-conditional triggers for auto-deploy of the test broker.
     # Computes `broker_changed` so deploy-test-broker can skip when a PR only
diff --git a/AGENTS.md b/AGENTS.md
index 5a27ca1b..3c0518f8 100644
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -224,6 +224,7 @@ The broker/worker client protocol — the six `/v1/cap/*` mint endpoints, the ST
 **Rules when you touch this surface:**
 - Wire-field change → edit the serde type in [`agentkeys-protocol`](crates/agentkeys-protocol/) (the single definition; re-exported as `agentkeys_backend_client::protocol`), regenerate the committed fixtures (`cargo run -p agentkeys-backend-client --bin dump-protocol-fixtures`), update the frozen key-set test in `fixtures.rs`. The native callers AND the browser host recompile against the new shape automatically; the `wasm32` gate proves the browser still builds.
 - Harness steps drive the `agentkeys` CLI, not hand-rolled curls. Raw curls only for negative / HTTP-status tests; a body that mirrors a canonical shape carries `# @backend-fixture: <shape>` ([`scripts/check-backend-fixture-drift.sh`](scripts/check-backend-fixture-drift.sh) diffs it against [`harness/fixtures/backend-protocol/`](harness/fixtures/backend-protocol/) in CI); deliberately-malformed negative payloads are NOT annotated.
+- **The frontend's wire types are GENERATED, never hand-mirrored (#215 re-land B2, rung 3).** `ts-rs` derives on the `ui_bridge.rs` `Api*` structs, the catalog `Sensitivity`, and the protocol UserOp build/submit responses emit [`apps/parent-control/lib/generated/*.ts`](apps/parent-control/lib/generated/); [`daemon.ts`](apps/parent-control/lib/client/daemon.ts) imports them instead of re-declaring interfaces, so a Rust-side rename is a frontend **compile error**. After changing one of those structs: `cargo test export_bindings` (any `cargo test` triggers it), commit the regenerated `.ts`. CI (`harness-ci.yml` rust-checks) `git diff --exit-code`s the generated dir AND runs `npm run typecheck` against a fresh wasm-pack build, so both the bindings and their consumers are gated. `u64` fields carry `#[ts(type = "number")]`; skip-serialize `Option`s carry `#[ts(optional)]`. Never edit `lib/generated/` by hand, and never add a hand-declared wire interface next to a generated one.
 - The daemon's web-API plant contract is pinned the same way: route + `ApiMemoryEntry` body SoT in [`ui_bridge.rs`](crates/agentkeys-daemon/src/ui_bridge.rs), fixture [`harness/fixtures/web-api/master_memory_plant.json`](harness/fixtures/web-api/master_memory_plant.json), both non-Rust consumers annotated `@web-fixture: master_memory_plant` and gated by [`scripts/check-web-api-drift.sh`](scripts/check-web-api-drift.sh).
 - Field names are the arch.md canonical spellings — never invent a synonym in a new body.
 
diff --git a/Cargo.lock b/Cargo.lock
index d4f20e44..96c12f11 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -125,6 +125,7 @@ dependencies = [
  "serde_json",
  "sha2 0.10.9",
  "thiserror 2.0.18",
+ "ts-rs",
 ]
 
 [[package]]
@@ -239,6 +240,7 @@ dependencies = [
  "tower-service",
  "tracing",
  "tracing-subscriber",
+ "ts-rs",
  "url",
  "webauthn-rs",
 ]
@@ -347,6 +349,7 @@ version = "0.1.0"
 dependencies = [
  "serde",
  "serde_json",
+ "ts-rs",
 ]
 
 [[package]]
@@ -4606,6 +4609,15 @@ dependencies = [
  "windows-sys 0.61.2",
 ]
 
+[[package]]
+name = "termcolor"
+version = "1.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "06794f8f6c5c898b3275aebefa6b8a1cb24cd2c6c79397ab15774837a0bc5755"
+dependencies = [
+ "winapi-util",
+]
+
 [[package]]
 name = "termtree"
 version = "0.5.1"
@@ -4991,6 +5003,29 @@ version = "0.2.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b"
 
+[[package]]
+name = "ts-rs"
+version = "10.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e640d9b0964e9d39df633548591090ab92f7a4567bc31d3891af23471a3365c6"
+dependencies = [
+ "lazy_static",
+ "thiserror 2.0.18",
+ "ts-rs-macros",
+]
+
+[[package]]
+name = "ts-rs-macros"
+version = "10.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0e9d8656589772eeec2cf7a8264d9cda40fb28b9bc53118ceb9e8c07f8f38730"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+ "termcolor",
+]
+
 [[package]]
 name = "tungstenite"
 version = "0.23.0"
@@ -5388,6 +5423,15 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
 
+[[package]]
+name = "winapi-util"
+version = "0.1.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c2a7b1c03c876122aa43f3020e6c3c3ee5c05081c9a00739faf7503aeba10d22"
+dependencies = [
+ "windows-sys 0.61.2",
+]
+
 [[package]]
 name = "winapi-x86_64-pc-windows-gnu"
 version = "0.4.0"
diff --git a/apps/parent-control/lib/client/daemon.ts b/apps/parent-control/lib/client/daemon.ts
index 63b5cb7c..8488cf04 100644
--- a/apps/parent-control/lib/client/daemon.ts
+++ b/apps/parent-control/lib/client/daemon.ts
@@ -41,6 +41,21 @@ import type {
   StatusKind,
   Worker,
 } from '@/app/_components/types';
+// Wire types GENERATED from the Rust structs via ts-rs (#203 B2 / #215 re-land):
+// the daemon's ui_bridge Api* structs, the catalog Sensitivity union, and the
+// broker UserOp build/submit response shapes (agentkeys-protocol). Do not
+// hand-edit @/lib/generated or re-declare these here — a Rust-side field rename
+// regenerates the .ts and the mappers below stop compiling (rung-3 drift gate;
+// CI also git-diffs the generated dir after `cargo test` regenerates it).
+import type { ApiActor } from '@/lib/generated/ApiActor';
+import type { ApiAnchorStatus } from '@/lib/generated/ApiAnchorStatus';
+import type { ApiAuditEvent } from '@/lib/generated/ApiAuditEvent';
+import type { ApiMemoryEntry } from '@/lib/generated/ApiMemoryEntry';
+import type { ApiWorker } from '@/lib/generated/ApiWorker';
+import type { BuildAcceptUserOpResponse } from '@/lib/generated/BuildAcceptUserOpResponse';
+import type { MemoryCategory as ApiMemoryCategory } from '@/lib/generated/MemoryCategory';
+import type { ProposedScope as ApiProposedScope } from '@/lib/generated/ProposedScope';
+import type { SubmitAcceptUserOpResponse as ApiSubmitResult } from '@/lib/generated/SubmitAcceptUserOpResponse';
 
 /**
  * DaemonBackend — talks to a running agentkeys-daemon over HTTP.
@@ -198,11 +213,7 @@ export class DaemonBackend implements AgentKeysClient {
   }
 
   async getAnchorStatus(): Promise<Result<AnchorStatus>> {
-    const r = await this.getJson<{
-      last_anchor_at: number;
-      next_anchor_in: number;
-      recent: { ts: string; root: string; count: number; txn: string; conf: number }[];
-    }>('/v1/anchor/status');
+    const r = await this.getJson<ApiAnchorStatus>('/v1/anchor/status');
     if (!r.ok) return r;
     return {
       ok: true,
@@ -256,9 +267,7 @@ export class DaemonBackend implements AgentKeysClient {
   // the per-agent unpair; every paired agent = the pre-reset fleet teardown
   // (ONE Touch ID). The broker skips already-revoked hashes; all-skipped
   // returns 409 "nothing to revoke".
-  async revokeBuild(input: { deviceKeyHashes: string[] }): Promise<
-    Result<{ user_op: Record<string, string>; user_op_hash: string; entry_point: string; chain_id: number }>
-  > {
+  async revokeBuild(input: { deviceKeyHashes: string[] }): Promise<Result<BuildAcceptUserOpResponse>> {
     return this.postJson('/v1/revoke/build', { device_key_hashes: input.deviceKeyHashes });
   }
 
@@ -430,7 +439,7 @@ export class DaemonBackend implements AgentKeysClient {
       {
         // @web-fixture: master_memory_plant — entry shape gated by scripts/check-web-api-drift.sh
         // (must match the daemon's ApiMemoryEntry + web-parity-demo.sh; issue #203 / the #206 parity ladder).
-        entries: entries.map((m) => ({
+        entries: entries.map((m): ApiMemoryEntry => ({
           ns: m.ns, key: m.key, title: m.title, bytes: m.bytes,
           version: m.version, updated: m.updated, preview: m.preview, body: m.body,
           content_hash: m.contentHash ?? '',
@@ -587,9 +596,7 @@ export class DaemonBackend implements AgentKeysClient {
     maxPerPeriod: string;
     maxTotal: string;
     periodSeconds: number;
-  }): Promise<
-    Result<{ user_op: Record<string, string>; user_op_hash: string; entry_point: string; chain_id: number }>
-  > {
+  }): Promise<Result<BuildAcceptUserOpResponse>> {
     return this.postJson('/v1/accept/build', {
       request_id: input.requestId,
       services: input.services,
@@ -614,9 +621,7 @@ export class DaemonBackend implements AgentKeysClient {
     services: string[];
     preserveServiceIds?: string[];
     readOnly: boolean;
-  }): Promise<
-    Result<{ user_op: Record<string, string>; user_op_hash: string; entry_point: string; chain_id: number }>
-  > {
+  }): Promise<Result<BuildAcceptUserOpResponse>> {
     return this.postJson('/v1/scope/build', {
       actor_omni: input.actorOmni,
       services: input.services,
@@ -655,71 +660,10 @@ export class DaemonBackend implements AgentKeysClient {
   }
 }
 
-interface ApiProposedScope {
-  data_class: string;
-  entity: string;
-  service: string;
-  category: string;
-  sensitivity: 'safe' | 'sensitive';
-  gating: 'auto' | 'k11';
-  confidence: number;
-}
-
-// ─── API wire types (snake_case, mirror ui_bridge.rs ApiActor etc.) ────
-
-interface ApiActor {
-  id: string;
-  omni: string;
-  omni_hex: string;
-  label: string;
-  role: string;
-  parent: string | null;
-  derivation: string;
-  device: string;
-  device_pubkey: string;
-  last_active: string;
-  status: string;
-  vendor: string;
-  k11: boolean;
-  scope?: Record<string, { read: boolean; write: boolean }>;
-  // #248: on-chain scope service ids (keccak hex) that aren't a known memory:<ns>
-  // (e.g. cred:<service>); echoed back on commit so set-replace can't wipe them.
-  scope_unknown_service_ids?: string[];
-  // On-chain SidecarRegistry device key hash — the Touch-ID unpair's target.
-  device_key_hash?: string;
-  payment_cap?: { per_tx: number; daily: number; currency: string };
-  time_window?: { start: string; end: string; tz: string };
-  services?: string[];
-  // #225 E7: on-chain account (master → P256Account address; agent → device omni).
-  account_address?: string | null;
-  account_type?: string; // "p256account" | "device" | "none"
-}
-
-interface ApiAuditEvent {
-  id: string;
-  ts: string;
-  actor_id: string;
-  actor: string;
-  kind: string;
-  detail: string;
-  chip: string;
-  sev: string;
-  tx_hash?: string;
-  audit_envelope_hashes?: string[];
-}
-
-interface ApiWorker {
-  id: string;
-  title: string;
-  host: string;
-  desc: string;
-  calls_today: number;
-  calls_hour: number;
-  p50: number;
-  p95: number;
-  cap: string;
-  by_actor: { actor: string; count: number; share: number }[];
-}
+// ─── Wire types are imported from @/lib/generated (ts-rs, generated from the
+//     Rust structs — #203 B2). The mappers below convert the snake_case wire
+//     types to the camelCase UI domain types; a Rust-side field rename
+//     regenerates the .ts and breaks these mappers (the drift gate). ─────────
 
 function apiToActor(a: ApiActor): Actor {
   return {
@@ -749,19 +693,9 @@ function apiToActor(a: ApiActor): Actor {
   };
 }
 
-/** #97: broker submit response shape (relayed verbatim by the daemon proxies). */
-interface ApiSubmitResult {
-  ok?: boolean;
-  tx_hash?: string;
-  block_number?: string;
-  user_op_hash?: string;
-  pending?: boolean;
-  audit_envelope_hashes?: string[];
-}
-
 function apiToSubmitResult(r: ApiSubmitResult): SubmitResult {
   return {
-    ok: r.ok ?? true,
+    ok: r.ok,
     txHash: r.tx_hash || undefined,
     blockNumber: r.block_number || undefined,
     userOpHash: r.user_op_hash || undefined,
@@ -825,23 +759,6 @@ function normalizeChip(c: string): ChipKind {
   return (allowed as string[]).includes(c) ? (c as ChipKind) : 'default';
 }
 
-interface ApiMemoryEntry {
-  ns: string;
-  key: string;
-  title: string;
-  bytes: number;
-  version: string;
-  updated: string;
-  preview: string;
-  body: string;
-  content_hash?: string;
-}
-
-interface ApiMemoryCategory {
-  ns: string;
-  label: string;
-}
-
 function apiToMemoryEntry(m: ApiMemoryEntry): MasterMemoryEntry {
   return {
     ns: m.ns, key: m.key, title: m.title, bytes: m.bytes,
diff --git a/apps/parent-control/lib/generated/ApiActor.ts b/apps/parent-control/lib/generated/ApiActor.ts
new file mode 100644
index 00000000..c76631b3
--- /dev/null
+++ b/apps/parent-control/lib/generated/ApiActor.ts
@@ -0,0 +1,32 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { ApiPaymentCap } from "./ApiPaymentCap";
+import type { ApiScopeBits } from "./ApiScopeBits";
+import type { ApiTimeWindow } from "./ApiTimeWindow";
+
+export type ApiActor = { id: string, omni: string, omni_hex: string, label: string, role: string, parent: string | null, derivation: string, device: string, device_pubkey: string, last_active: string, status: string, vendor: string, k11: boolean, 
+/**
+ * #233/#243: the on-chain `SidecarRegistry` device key hash (`0x` + 64 hex)
+ * when known — set for chain-reconstructed actors and fresh pairings. Lets
+ * the master-reset fleet teardown revoke by hash even when the per-label
+ * `~/.agentkeys/agents/<label>.json` record never existed on this machine.
+ */
+device_key_hash?: string, scope?: { [key in string]?: ApiScopeBits }, 
+/**
+ * #248: on-chain scope service ids (0x-hex keccak) that aren't a known
+ * `memory:<ns>` — e.g. `cred:<service>` granted at accept. The panel's
+ * set-replace commit echoes these back so a memory toggle can't wipe them.
+ */
+scope_unknown_service_ids?: Array<string>, payment_cap?: ApiPaymentCap, time_window?: ApiTimeWindow, services?: Array<string>, 
+/**
+ * #225 E7 actor page: the actor's on-chain account. master → its passkey
+ * P256Account when bound (absent when unbound); agent → its K10 device
+ * omni. Set by `enrich_actor_account` on the actors read path — struct
+ * fields (not ad-hoc JSON inserts) so the generated TS contract carries
+ * them (B2 rung 3).
+ */
+account_address?: string, 
+/**
+ * "p256account" (bound master) | "none" (unbound master → register CTA) |
+ * "device" (agent).
+ */
+account_type?: string, };
diff --git a/apps/parent-control/lib/generated/ApiAnchorBatch.ts b/apps/parent-control/lib/generated/ApiAnchorBatch.ts
new file mode 100644
index 00000000..e7480d35
--- /dev/null
+++ b/apps/parent-control/lib/generated/ApiAnchorBatch.ts
@@ -0,0 +1,3 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type ApiAnchorBatch = { ts: string, root: string, count: number, txn: string, conf: number, };
diff --git a/apps/parent-control/lib/generated/ApiAnchorStatus.ts b/apps/parent-control/lib/generated/ApiAnchorStatus.ts
new file mode 100644
index 00000000..c8623132
--- /dev/null
+++ b/apps/parent-control/lib/generated/ApiAnchorStatus.ts
@@ -0,0 +1,4 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { ApiAnchorBatch } from "./ApiAnchorBatch";
+
+export type ApiAnchorStatus = { last_anchor_at: number, next_anchor_in: number, recent: Array<ApiAnchorBatch>, };
diff --git a/apps/parent-control/lib/generated/ApiAuditEvent.ts b/apps/parent-control/lib/generated/ApiAuditEvent.ts
new file mode 100644
index 00000000..acbd0635
--- /dev/null
+++ b/apps/parent-control/lib/generated/ApiAuditEvent.ts
@@ -0,0 +1,14 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type ApiAuditEvent = { id: string, ts: string, actor_id: string, actor: string, kind: string, detail: string, chip: string, sev: string, 
+/**
+ * #97: the confirmed on-chain tx for control-plane ops (accept / scope /
+ * revoke submits). `None` for synthesized / local events.
+ */
+tx_hash?: string, 
+/**
+ * #97: the `AuditEnvelope v1` receipt hashes the broker emitted for this
+ * op — the decode view fetches the REAL envelopes by these instead of
+ * synthesizing a preview.
+ */
+audit_envelope_hashes?: Array<string>, };
diff --git a/apps/parent-control/lib/generated/ApiCapToken.ts b/apps/parent-control/lib/generated/ApiCapToken.ts
new file mode 100644
index 00000000..f4025cf7
--- /dev/null
+++ b/apps/parent-control/lib/generated/ApiCapToken.ts
@@ -0,0 +1,3 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type ApiCapToken = { id: string, cap: string, scope: string, ttl: string, minted: string, danger?: boolean, };
diff --git a/apps/parent-control/lib/generated/ApiMemoryEntry.ts b/apps/parent-control/lib/generated/ApiMemoryEntry.ts
new file mode 100644
index 00000000..19df2671
--- /dev/null
+++ b/apps/parent-control/lib/generated/ApiMemoryEntry.ts
@@ -0,0 +1,8 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+/**
+ * A master-actor memory entry. `content_hash` is the dedup key —
+ * keccak-free sha256 over (ns || key || body) so a re-plant of the same
+ * content is detected and skipped (the "prevent duplicate plant" gate).
+ */
+export type ApiMemoryEntry = { ns: string, key: string, title: string, bytes: number, version: string, updated: string, preview: string, body: string, content_hash: string, };
diff --git a/apps/parent-control/lib/generated/ApiPaymentCap.ts b/apps/parent-control/lib/generated/ApiPaymentCap.ts
new file mode 100644
index 00000000..1ce8ccac
--- /dev/null
+++ b/apps/parent-control/lib/generated/ApiPaymentCap.ts
@@ -0,0 +1,3 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type ApiPaymentCap = { per_tx: number, daily: number, currency: string, };
diff --git a/apps/parent-control/lib/generated/ApiScopeBits.ts b/apps/parent-control/lib/generated/ApiScopeBits.ts
new file mode 100644
index 00000000..df61148d
--- /dev/null
+++ b/apps/parent-control/lib/generated/ApiScopeBits.ts
@@ -0,0 +1,3 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type ApiScopeBits = { read: boolean, write: boolean, };
diff --git a/apps/parent-control/lib/generated/ApiTimeWindow.ts b/apps/parent-control/lib/generated/ApiTimeWindow.ts
new file mode 100644
index 00000000..de803975
--- /dev/null
+++ b/apps/parent-control/lib/generated/ApiTimeWindow.ts
@@ -0,0 +1,3 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type ApiTimeWindow = { start: string, end: string, tz: string, };
diff --git a/apps/parent-control/lib/generated/ApiWorker.ts b/apps/parent-control/lib/generated/ApiWorker.ts
new file mode 100644
index 00000000..7dfe2c1f
--- /dev/null
+++ b/apps/parent-control/lib/generated/ApiWorker.ts
@@ -0,0 +1,4 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { ApiWorkerActorShare } from "./ApiWorkerActorShare";
+
+export type ApiWorker = { id: string, title: string, host: string, desc: string, calls_today: number, calls_hour: number, p50: number, p95: number, cap: string, by_actor: Array<ApiWorkerActorShare>, };
diff --git a/apps/parent-control/lib/generated/ApiWorkerActorShare.ts b/apps/parent-control/lib/generated/ApiWorkerActorShare.ts
new file mode 100644
index 00000000..afc3f615
--- /dev/null
+++ b/apps/parent-control/lib/generated/ApiWorkerActorShare.ts
@@ -0,0 +1,3 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type ApiWorkerActorShare = { actor: string, count: number, share: number, };
diff --git a/apps/parent-control/lib/generated/BuildAcceptUserOpResponse.ts b/apps/parent-control/lib/generated/BuildAcceptUserOpResponse.ts
new file mode 100644
index 00000000..706f31a5
--- /dev/null
+++ b/apps/parent-control/lib/generated/BuildAcceptUserOpResponse.ts
@@ -0,0 +1,8 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { WireUserOp } from "./WireUserOp";
+
+/**
+ * Broker → daemon response to `/v1/accept/build`. The master signs
+ * `user_op_hash` (the `EntryPoint.getUserOpHash` of `user_op`) with K11.
+ */
+export type BuildAcceptUserOpResponse = { user_op: WireUserOp, user_op_hash: string, entry_point: string, chain_id: number, };
diff --git a/apps/parent-control/lib/generated/MemoryCategory.ts b/apps/parent-control/lib/generated/MemoryCategory.ts
new file mode 100644
index 00000000..ba7c57dc
--- /dev/null
+++ b/apps/parent-control/lib/generated/MemoryCategory.ts
@@ -0,0 +1,3 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type MemoryCategory = { ns: string, label: string, };
diff --git a/apps/parent-control/lib/generated/ProposedScope.ts b/apps/parent-control/lib/generated/ProposedScope.ts
new file mode 100644
index 00000000..4efb03b0
--- /dev/null
+++ b/apps/parent-control/lib/generated/ProposedScope.ts
@@ -0,0 +1,10 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { ScopeGating } from "./ScopeGating";
+import type { Sensitivity } from "./Sensitivity";
+
+/**
+ * One proposed scope grant. `gating` is the sensitivity tier from the CATALOG:
+ * `auto` (Safe → auto-confirm + surface in the daily review) | `k11` (Sensitive →
+ * explicit per-grant K11 confirm). NEVER granted here — `propose` only proposes.
+ */
+export type ProposedScope = { data_class: string, entity: string, service: string, category: string, sensitivity: Sensitivity, gating: ScopeGating, confidence: number, };
diff --git a/apps/parent-control/lib/generated/ScopeGating.ts b/apps/parent-control/lib/generated/ScopeGating.ts
new file mode 100644
index 00000000..2d0d3257
--- /dev/null
+++ b/apps/parent-control/lib/generated/ScopeGating.ts
@@ -0,0 +1,8 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+/**
+ * The #207 §3 grant-gating tier for a proposed scope: `auto` (Safe →
+ * auto-confirm + daily review) | `k11` (Sensitive → explicit per-grant K11
+ * confirm). An enum (not a bare str) so the generated TS carries the union.
+ */
+export type ScopeGating = "auto" | "k11";
diff --git a/apps/parent-control/lib/generated/Sensitivity.ts b/apps/parent-control/lib/generated/Sensitivity.ts
new file mode 100644
index 00000000..86572b72
--- /dev/null
+++ b/apps/parent-control/lib/generated/Sensitivity.ts
@@ -0,0 +1,8 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+/**
+ * Sensitivity tier of a category. Drives the auto-distribute gate (#207 item 5):
+ * `Safe` → auto-confirm + daily review; `Sensitive` → explicit per-grant K11.
+ * Ordered `Safe < Sensitive` so the floor is a simple `max`.
+ */
+export type Sensitivity = "safe" | "sensitive";
diff --git a/apps/parent-control/lib/generated/SubmitAcceptUserOpResponse.ts b/apps/parent-control/lib/generated/SubmitAcceptUserOpResponse.ts
new file mode 100644
index 00000000..7c1902d6
--- /dev/null
+++ b/apps/parent-control/lib/generated/SubmitAcceptUserOpResponse.ts
@@ -0,0 +1,25 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+/**
+ * Broker → daemon response to `/v1/accept/submit` (and its `/v1/scope/submit`
+ * and `/v1/revoke/submit` siblings — the daemon proxies relay it verbatim to
+ * the web frontend, which consumes the generated TS type). Two variants share the
+ * shape: confirmed (`tx_hash`/`block_number` set, #97 `audit_envelope_hashes`
+ * carrying the control-plane AuditEnvelope receipts) and receipt-timeout
+ * (`pending: true`, empty `tx_hash`/`block_number`, no envelopes — the op may
+ * still mine; the UI confirms on chain by `user_op_hash`).
+ */
+export type SubmitAcceptUserOpResponse = { ok: boolean, tx_hash: string, block_number: string, 
+/**
+ * The ERC-4337 userOpHash the bundler accepted (#97).
+ */
+user_op_hash: string, 
+/**
+ * #97: control-plane audit receipts decoded from the confirmed
+ * executeBatch. Absent on the pending variant / pre-#97 brokers.
+ */
+audit_envelope_hashes?: Array<string>, 
+/**
+ * #230: broadcast but receipt-poll timed out — NOT an error.
+ */
+pending?: boolean, };
diff --git a/apps/parent-control/lib/generated/WireUserOp.ts b/apps/parent-control/lib/generated/WireUserOp.ts
new file mode 100644
index 00000000..90054e2e
--- /dev/null
+++ b/apps/parent-control/lib/generated/WireUserOp.ts
@@ -0,0 +1,9 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+/**
+ * ERC-4337 v0.7 `PackedUserOperation`, hex-encoded for the wire. Mirrors
+ * `agentkeys_broker_server::sponsor::PackedUserOp`; the daemon fills `signature`
+ * with the master's K11 assertion over `user_op_hash`, then returns the whole op
+ * to `/v1/accept/submit`.
+ */
+export type WireUserOp = { sender: string, nonce: string, init_code: string, call_data: string, account_gas_limits: string, pre_verification_gas: string, gas_fees: string, paymaster_and_data: string, signature: string, };
diff --git a/crates/agentkeys-catalog/Cargo.toml b/crates/agentkeys-catalog/Cargo.toml
index bd22183e..fbae535d 100644
--- a/crates/agentkeys-catalog/Cargo.toml
+++ b/crates/agentkeys-catalog/Cargo.toml
@@ -12,6 +12,11 @@ path = "src/lib.rs"
 serde = { workspace = true }
 serde_json = { workspace = true }
 thiserror = { workspace = true }
+# B2 (#203 rung 3): `Sensitivity` rides inside the daemon's ProposedScope wire
+# type, so its TS union ("safe" | "sensitive") is generated from this enum (the
+# frontend used to hand-declare it). Export test writes
+# apps/parent-control/lib/generated/ under `cargo test`.
+ts-rs = { version = "10", features = ["no-serde-warnings"] }
 p256 = { version = "0.13", features = ["ecdsa", "pem"] }
 base64 = "0.22"
 sha2 = "0.10"
diff --git a/crates/agentkeys-catalog/src/lib.rs b/crates/agentkeys-catalog/src/lib.rs
index 78d19471..caf1f3c6 100644
--- a/crates/agentkeys-catalog/src/lib.rs
+++ b/crates/agentkeys-catalog/src/lib.rs
@@ -23,8 +23,9 @@ use std::collections::BTreeMap;
 /// Sensitivity tier of a category. Drives the auto-distribute gate (#207 item 5):
 /// `Safe` → auto-confirm + daily review; `Sensitive` → explicit per-grant K11.
 /// Ordered `Safe < Sensitive` so the floor is a simple `max`.
-#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Serialize, Deserialize)]
+#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Serialize, Deserialize, ts_rs::TS)]
 #[serde(rename_all = "snake_case")]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub enum Sensitivity {
     Safe,
     Sensitive,
diff --git a/crates/agentkeys-daemon/Cargo.toml b/crates/agentkeys-daemon/Cargo.toml
index df852c3e..f0aca3f4 100644
--- a/crates/agentkeys-daemon/Cargo.toml
+++ b/crates/agentkeys-daemon/Cargo.toml
@@ -29,6 +29,12 @@ ciborium = "0.2" # build AuditEnvelope op_body (ciborium::Value) for #153 decode
 tokio = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
+# B2 (#203 parity ladder, rung 3 / #215 re-land): generate the Api* wire types as
+# TypeScript so the parent-control frontend imports them instead of hand-mirroring
+# (a drift then becomes a compile error, not a silent runtime break). The
+# `#[ts(export)]` tests write apps/parent-control/lib/generated/ under
+# `cargo test`; a CI git-diff gate fails on drift.
+ts-rs = { version = "10", features = ["no-serde-warnings"] }
 anyhow = { workspace = true }
 clap = { version = "4", features = ["derive", "env"] }
 tracing = "0.1"
diff --git a/crates/agentkeys-daemon/src/ui_bridge.rs b/crates/agentkeys-daemon/src/ui_bridge.rs
index 33d6ece6..ff5008f0 100644
--- a/crates/agentkeys-daemon/src/ui_bridge.rs
+++ b/crates/agentkeys-daemon/src/ui_bridge.rs
@@ -223,11 +223,13 @@ pub struct RegisteredMaster {
 /// A master-actor memory entry. `content_hash` is the dedup key —
 /// keccak-free sha256 over (ns || key || body) so a re-plant of the same
 /// content is detected and skipped (the "prevent duplicate plant" gate).
-#[derive(Clone, Debug, Serialize, Deserialize)]
+#[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct ApiMemoryEntry {
     pub ns: String,
     pub key: String,
     pub title: String,
+    #[ts(type = "number")]
     pub bytes: u64,
     pub version: String,
     pub updated: String,
@@ -311,7 +313,8 @@ pub struct MemoryTaxonomy {
     categories: Vec<MemoryCategory>,
 }
 
-#[derive(Clone, Debug, Serialize, Deserialize)]
+#[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct MemoryCategory {
     pub ns: String,
     pub label: String,
@@ -417,27 +420,31 @@ pub type SharedUiBridgeState = Arc<UiBridgeState>;
 
 const AUDIT_BUFFER_CAP: usize = 200;
 
-#[derive(Clone, Debug, Serialize, Deserialize)]
+#[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct ApiScopeBits {
     pub read: bool,
     pub write: bool,
 }
 
-#[derive(Clone, Debug, Serialize, Deserialize)]
+#[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct ApiPaymentCap {
     pub per_tx: f64,
     pub daily: f64,
     pub currency: String,
 }
 
-#[derive(Clone, Debug, Serialize, Deserialize)]
+#[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct ApiTimeWindow {
     pub start: String,
     pub end: String,
     pub tz: String,
 }
 
-#[derive(Clone, Debug, Serialize, Deserialize)]
+#[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct ApiActor {
     pub id: String,
     pub omni: String,
@@ -457,23 +464,43 @@ pub struct ApiActor {
     /// the master-reset fleet teardown revoke by hash even when the per-label
     /// `~/.agentkeys/agents/<label>.json` record never existed on this machine.
     #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
     pub device_key_hash: Option<String>,
     #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
     pub scope: Option<HashMap<String, ApiScopeBits>>,
     /// #248: on-chain scope service ids (0x-hex keccak) that aren't a known
     /// `memory:<ns>` — e.g. `cred:<service>` granted at accept. The panel's
     /// set-replace commit echoes these back so a memory toggle can't wipe them.
     #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
     pub scope_unknown_service_ids: Option<Vec<String>>,
     #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
     pub payment_cap: Option<ApiPaymentCap>,
     #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
     pub time_window: Option<ApiTimeWindow>,
     #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
     pub services: Option<Vec<String>>,
+    /// #225 E7 actor page: the actor's on-chain account. master → its passkey
+    /// P256Account when bound (absent when unbound); agent → its K10 device
+    /// omni. Set by `enrich_actor_account` on the actors read path — struct
+    /// fields (not ad-hoc JSON inserts) so the generated TS contract carries
+    /// them (B2 rung 3).
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
+    pub account_address: Option<String>,
+    /// "p256account" (bound master) | "none" (unbound master → register CTA) |
+    /// "device" (agent).
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
+    pub account_type: Option<String>,
 }
 
-#[derive(Clone, Debug, Serialize, Deserialize)]
+#[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct ApiCapToken {
     pub id: String,
     pub cap: String,
@@ -481,10 +508,12 @@ pub struct ApiCapToken {
     pub ttl: String,
     pub minted: String,
     #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
     pub danger: Option<bool>,
 }
 
-#[derive(Clone, Debug, Serialize, Deserialize)]
+#[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct ApiAuditEvent {
     pub id: String,
     pub ts: String,
@@ -497,47 +526,62 @@ pub struct ApiAuditEvent {
     /// #97: the confirmed on-chain tx for control-plane ops (accept / scope /
     /// revoke submits). `None` for synthesized / local events.
     #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
     pub tx_hash: Option<String>,
     /// #97: the `AuditEnvelope v1` receipt hashes the broker emitted for this
     /// op — the decode view fetches the REAL envelopes by these instead of
     /// synthesizing a preview.
     #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
     pub audit_envelope_hashes: Option<Vec<String>>,
 }
 
-#[derive(Clone, Debug, Serialize, Deserialize)]
+#[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct ApiWorkerActorShare {
     pub actor: String,
+    #[ts(type = "number")]
     pub count: u64,
     pub share: f64,
 }
 
-#[derive(Clone, Debug, Serialize, Deserialize)]
+#[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct ApiWorker {
     pub id: String,
     pub title: String,
     pub host: String,
     pub desc: String,
+    #[ts(type = "number")]
     pub calls_today: u64,
+    #[ts(type = "number")]
     pub calls_hour: u64,
+    #[ts(type = "number")]
     pub p50: u64,
+    #[ts(type = "number")]
     pub p95: u64,
     pub cap: String,
     pub by_actor: Vec<ApiWorkerActorShare>,
 }
 
-#[derive(Clone, Debug, Default, Serialize, Deserialize)]
+#[derive(Clone, Debug, Default, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct ApiAnchorBatch {
     pub ts: String,
     pub root: String,
+    #[ts(type = "number")]
     pub count: u64,
     pub txn: String,
+    #[ts(type = "number")]
     pub conf: u64,
 }
 
-#[derive(Clone, Debug, Default, Serialize, Deserialize)]
+#[derive(Clone, Debug, Default, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct ApiAnchorStatus {
+    #[ts(type = "number")]
     pub last_anchor_at: u64,
+    #[ts(type = "number")]
     pub next_anchor_in: u64,
     pub recent: Vec<ApiAnchorBatch>,
 }
@@ -2712,6 +2756,8 @@ async fn reconcile_actors_from_chain(state: &SharedUiBridgeState) -> Result<usiz
                         payment_cap: None,
                         time_window: None,
                         services: None,
+                        account_address: None,
+                        account_type: None,
                     },
                 );
                 added += 1;
@@ -2746,6 +2792,8 @@ async fn reconcile_actors_from_chain(state: &SharedUiBridgeState) -> Result<usiz
                 payment_cap: None,
                 time_window: None,
                 services: None,
+                account_address: None,
+                account_type: None,
             },
         );
         added += 1;
@@ -2831,7 +2879,7 @@ async fn list_actors(State(state): State<SharedUiBridgeState>) -> impl IntoRespo
         a_master.cmp(&b_master).then_with(|| a.id.cmp(&b.id))
     });
     let master_account = master_account_address(&state).await;
-    let actors: Vec<serde_json::Value> = actors
+    let actors: Vec<ApiActor> = actors
         .iter()
         .map(|a| enrich_actor_account(a, master_account.as_deref()))
         .collect();
@@ -2848,10 +2896,10 @@ async fn get_actor(
     }
     .ok_or_else(|| err(StatusCode::NOT_FOUND, "no such actor", "actor-not-found"))?;
     let master_account = master_account_address(&state).await;
-    Ok(Json(enrich_actor_account(
-        &actor,
-        master_account.as_deref(),
-    )))
+    let enriched = enrich_actor_account(&actor, master_account.as_deref());
+    Ok(Json(
+        serde_json::to_value(&enriched).unwrap_or_else(|_| serde_json::json!({})),
+    ))
 }
 
 /// The master's on-chain P256Account (`operatorMasterWallet[omni]`). Prefers
@@ -2902,8 +2950,7 @@ async fn fetch_operator_master_wallet(rpc: &str, registry: &str, omni_0x: &str)
 /// that holds master authority); agents → their K10 **device** identity. The
 /// `account_type` lets the UI distinguish a bound smart-account master (`p256account`)
 /// from an unbound one (`none` → "register on chain" CTA).
-fn enrich_actor_account(a: &ApiActor, master_account: Option<&str>) -> serde_json::Value {
-    let mut v = serde_json::to_value(a).unwrap_or_else(|_| serde_json::json!({}));
+fn enrich_actor_account(a: &ApiActor, master_account: Option<&str>) -> ApiActor {
     let (addr, ty): (Option<String>, &str) = if a.role == "master" {
         match master_account {
             Some(acc) => (Some(acc.to_string()), "p256account"),
@@ -2913,15 +2960,10 @@ fn enrich_actor_account(a: &ApiActor, master_account: Option<&str>) -> serde_jso
         // Agents are K10 devices (not ERC-4337 accounts) — surface the omni identity.
         (Some(a.omni_hex.clone()), "device")
     };
-    if let Some(obj) = v.as_object_mut() {
-        obj.insert(
-            "account_address".into(),
-            addr.map(serde_json::Value::from)
-                .unwrap_or(serde_json::Value::Null),
-        );
-        obj.insert("account_type".into(), serde_json::Value::from(ty));
-    }
-    v
+    let mut out = a.clone();
+    out.account_address = addr;
+    out.account_type = Some(ty.to_string());
+    out
 }
 
 async fn list_caps(
@@ -3850,6 +3892,8 @@ async fn ack_pairing(
                     payment_cap: None,
                     time_window: None,
                     services: None,
+                    account_address: None,
+                    account_type: None,
                 };
                 state
                     .actors
@@ -4495,6 +4539,8 @@ async fn register_pairing(
         payment_cap: None,
         time_window: None,
         services: None,
+        account_address: None,
+        account_type: None,
     };
     state
         .actors
@@ -5668,10 +5714,10 @@ fn normalize_data_class(s: &str) -> Result<&'static str, String> {
 /// The auto-distribute gating tier for a category's sensitivity (#207 §3 inv. 2):
 /// Safe → `auto` (auto-confirm + daily review); Sensitive → `k11` (explicit confirm).
 /// The tier comes from the CATALOG floor, so a vendor/telemetry prior can't downgrade it.
-fn gating_for(s: agentkeys_catalog::Sensitivity) -> &'static str {
+fn gating_for(s: agentkeys_catalog::Sensitivity) -> ScopeGating {
     match s {
-        agentkeys_catalog::Sensitivity::Safe => "auto",
-        agentkeys_catalog::Sensitivity::Sensitive => "k11",
+        agentkeys_catalog::Sensitivity::Safe => ScopeGating::Auto,
+        agentkeys_catalog::Sensitivity::Sensitive => ScopeGating::K11,
     }
 }
 
@@ -5848,17 +5894,29 @@ pub struct ProposeRequest {
 /// One proposed scope grant. `gating` is the sensitivity tier from the CATALOG:
 /// `auto` (Safe → auto-confirm + surface in the daily review) | `k11` (Sensitive →
 /// explicit per-grant K11 confirm). NEVER granted here — `propose` only proposes.
-#[derive(Debug, Serialize)]
+#[derive(Debug, Serialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct ProposedScope {
     pub data_class: String,
     pub entity: String,
     pub service: String,
     pub category: String,
     pub sensitivity: agentkeys_catalog::Sensitivity,
-    pub gating: &'static str,
+    pub gating: ScopeGating,
     pub confidence: f32,
 }
 
+/// The #207 §3 grant-gating tier for a proposed scope: `auto` (Safe →
+/// auto-confirm + daily review) | `k11` (Sensitive → explicit per-grant K11
+/// confirm). An enum (not a bare str) so the generated TS carries the union.
+#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, ts_rs::TS)]
+#[serde(rename_all = "snake_case")]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
+pub enum ScopeGating {
+    Auto,
+    K11,
+}
+
 /// `POST /v1/master/classify/propose` (#207 item 5 — connect-time auto-distribute).
 /// Classify an agent's surface (the memory namespaces it reads + the cred services
 /// it uses) and PROPOSE scopes, sensitivity-tiered. This writes NOTHING: safe
@@ -6912,8 +6970,23 @@ mod tests {
     fn gating_tiers_safe_auto_sensitive_k11() {
         // #207 §3 invariant 2: Safe → auto (auto-confirm + daily review),
         // Sensitive → k11 (explicit per-grant confirm). The tier is the CATALOG's.
-        assert_eq!(gating_for(agentkeys_catalog::Sensitivity::Safe), "auto");
-        assert_eq!(gating_for(agentkeys_catalog::Sensitivity::Sensitive), "k11");
+        assert_eq!(
+            gating_for(agentkeys_catalog::Sensitivity::Safe),
+            ScopeGating::Auto
+        );
+        assert_eq!(
+            gating_for(agentkeys_catalog::Sensitivity::Sensitive),
+            ScopeGating::K11
+        );
+        // The wire spellings are pinned: a rename breaks the generated TS union.
+        assert_eq!(
+            serde_json::to_value(ScopeGating::Auto).unwrap(),
+            serde_json::json!("auto")
+        );
+        assert_eq!(
+            serde_json::to_value(ScopeGating::K11).unwrap(),
+            serde_json::json!("k11")
+        );
     }
 
     #[tokio::test]
@@ -6923,9 +6996,9 @@ mod tests {
         // explicit K11 confirm path writes scope. A safe one (notion) is auto.
         let state = make_state();
         let stripe = classify_entity(&state, "credentials", "stripe").await;
-        assert_eq!(gating_for(stripe.sensitivity), "k11");
+        assert_eq!(gating_for(stripe.sensitivity), ScopeGating::K11);
         let notion = classify_entity(&state, "credentials", "notion").await;
-        assert_eq!(gating_for(notion.sensitivity), "auto");
+        assert_eq!(gating_for(notion.sensitivity), ScopeGating::Auto);
     }
 
     #[test]
@@ -6942,14 +7015,14 @@ mod tests {
         let state = make_state();
         let travel = classify_entity(&state, "memory", "travel").await;
         assert_eq!(travel.category, "travel");
-        assert_eq!(gating_for(travel.sensitivity), "auto");
+        assert_eq!(gating_for(travel.sensitivity), ScopeGating::Auto);
         let health = classify_entity(&state, "memory", "health").await;
-        assert_eq!(gating_for(health.sensitivity), "k11");
+        assert_eq!(gating_for(health.sensitivity), ScopeGating::K11);
         let finance = classify_entity(&state, "memory", "finance").await;
-        assert_eq!(gating_for(finance.sensitivity), "k11");
+        assert_eq!(gating_for(finance.sensitivity), ScopeGating::K11);
         // unknown namespace → conservative Sensitive (explicit pick).
         let kids = classify_entity(&state, "memory", "kids").await;
-        assert_eq!(gating_for(kids.sensitivity), "k11");
+        assert_eq!(gating_for(kids.sensitivity), ScopeGating::K11);
     }
 
     #[tokio::test]
@@ -7303,6 +7376,8 @@ mod tests {
             payment_cap: None,
             time_window: None,
             services: None,
+            account_address: None,
+            account_type: None,
         };
         let cloned = actor.clone();
         let st = state.clone();
@@ -7334,6 +7409,8 @@ mod tests {
             payment_cap: None,
             time_window: None,
             services: None,
+            account_address: None,
+            account_type: None,
         };
         state
             .actors
@@ -7376,6 +7453,8 @@ mod tests {
                 payment_cap: None,
                 time_window: None,
                 services: None,
+                account_address: None,
+                account_type: None,
             },
         );
         actors.insert(
@@ -7400,6 +7479,8 @@ mod tests {
                 payment_cap: None,
                 time_window: None,
                 services: None,
+                account_address: None,
+                account_type: None,
             },
         );
         drop(actors);
@@ -8435,6 +8516,8 @@ mod tests {
                     payment_cap: None,
                     time_window: None,
                     services: None,
+                    account_address: None,
+                    account_type: None,
                 }],
                 caps: HashMap::new(),
                 workers: vec![ApiWorker {
diff --git a/crates/agentkeys-protocol/Cargo.toml b/crates/agentkeys-protocol/Cargo.toml
index 45350e40..b8190f6c 100644
--- a/crates/agentkeys-protocol/Cargo.toml
+++ b/crates/agentkeys-protocol/Cargo.toml
@@ -7,3 +7,8 @@ description = "Broker/worker wire protocol — the transport-agnostic, wasm-safe
 [dependencies]
 serde = { workspace = true }
 serde_json = { workspace = true }
+# B2 (#203 rung 3): the UserOp build/submit response shapes are consumed by the
+# React frontend too (daemon proxies relay them verbatim), so their TS types are
+# generated from these structs. ts-rs is wasm-safe (no native deps — the wasm32
+# CI gate proves the browser build still compiles).
+ts-rs = { version = "10", features = ["no-serde-warnings"] }
diff --git a/crates/agentkeys-protocol/src/lib.rs b/crates/agentkeys-protocol/src/lib.rs
index 2bc9c4b2..f4cf4fea 100644
--- a/crates/agentkeys-protocol/src/lib.rs
+++ b/crates/agentkeys-protocol/src/lib.rs
@@ -422,7 +422,8 @@ pub struct BuildAcceptUserOpRequest {
 /// `agentkeys_broker_server::sponsor::PackedUserOp`; the daemon fills `signature`
 /// with the master's K11 assertion over `user_op_hash`, then returns the whole op
 /// to `/v1/accept/submit`.
-#[derive(Debug, Clone, Serialize, Deserialize)]
+#[derive(Debug, Clone, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct WireUserOp {
     pub sender: String,
     pub nonce: String,
@@ -437,11 +438,13 @@ pub struct WireUserOp {
 
 /// Broker → daemon response to `/v1/accept/build`. The master signs
 /// `user_op_hash` (the `EntryPoint.getUserOpHash` of `user_op`) with K11.
-#[derive(Debug, Clone, Serialize, Deserialize)]
+#[derive(Debug, Clone, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct BuildAcceptUserOpResponse {
     pub user_op: WireUserOp,
     pub user_op_hash: String,
     pub entry_point: String,
+    #[ts(type = "number")]
     pub chain_id: u64,
 }
 
@@ -469,12 +472,30 @@ pub struct SubmitAcceptUserOpRequest {
     pub assertion: AcceptAssertion,
 }
 
-/// Broker → daemon response to `/v1/accept/submit`.
-#[derive(Debug, Clone, Serialize, Deserialize)]
+/// Broker → daemon response to `/v1/accept/submit` (and its `/v1/scope/submit`
+/// and `/v1/revoke/submit` siblings — the daemon proxies relay it verbatim to
+/// the web frontend, which consumes the generated TS type). Two variants share the
+/// shape: confirmed (`tx_hash`/`block_number` set, #97 `audit_envelope_hashes`
+/// carrying the control-plane AuditEnvelope receipts) and receipt-timeout
+/// (`pending: true`, empty `tx_hash`/`block_number`, no envelopes — the op may
+/// still mine; the UI confirms on chain by `user_op_hash`).
+#[derive(Debug, Clone, Serialize, Deserialize, ts_rs::TS)]
+#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
 pub struct SubmitAcceptUserOpResponse {
     pub ok: bool,
     pub tx_hash: String,
     pub block_number: String,
+    /// The ERC-4337 userOpHash the bundler accepted (#97).
+    pub user_op_hash: String,
+    /// #97: control-plane audit receipts decoded from the confirmed
+    /// executeBatch. Absent on the pending variant / pre-#97 brokers.
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
+    pub audit_envelope_hashes: Option<Vec<String>>,
+    /// #230: broadcast but receipt-poll timed out — NOT an error.
+    #[serde(default, skip_serializing_if = "Option::is_none")]
+    #[ts(optional)]
+    pub pending: Option<bool>,
 }
 
 // ── #248 — on-chain K11-gated scope re-grant for an ALREADY-bound agent ──────
diff --git a/docs/plan/frontend-testability-cli-web-parity.md b/docs/plan/frontend-testability-cli-web-parity.md
new file mode 100644
index 00000000..625953e9
--- /dev/null
+++ b/docs/plan/frontend-testability-cli-web-parity.md
@@ -0,0 +1,37 @@
+# Plan — frontend testability + CLI↔web parity
+
+**Status:** B0 ✅ (landed via #213) · B1 + B2 ✅ (re-landed from the rotted PR #215 on the #275 branch, 2026-06-13, extended to the post-#215 `Api*` structs + a CI frontend-typecheck gate) · B3/B5 ✅ assessed no-code · B4 ⛔ blocked on Part A · Part A not started. The #275 tier-3 move (wasm plant builder; `daemon.ts` stops hand-building the plant body) ships with the same branch — see the ladder section in [`harness/AGENTS.md`](../../harness/AGENTS.md).
+
+> History: B1+B2 first shipped as PR #215 (2026-06-06, after a Codex adversarial
+> review) but that branch rotted unmergeable — 56 commits behind, `protocol.rs`
+> +256 lines (#281 SSE types, #282 Base, #286 single-vault) under the file move,
+> `ui_bridge.rs` +5403/−873. Re-implemented fresh; the design decisions below
+> survived unchanged.
+
+## Goal
+Two asks, argued to share one root cause: make the parent-control web app testable, and shrink the parity gap between the CLI and the web app. Both are won at the **data-layer boundary** (the `AgentKeysClient` TS interface, the Rust↔TS type seam, the WASM `agentkeys-web-core`), which is framework-agnostic.
+
+## Parity ladder (project's own framing, harness/AGENTS.md)
+1. Runtime behavioral assertion (run both, compare) — rots silently.
+2. Shared fixture/golden contract — CI reddens on shape drift.
+3. Shared implementation — one code path; drift is a compile error.
+Operating rule: push every parity check *down* the ladder.
+
+## Part B — parity (push down the ladder)
+- **B0 — ✅ DONE (#213, merged):** delete the runtime `InMemoryBackend`; remove the `HttpBackend` wrapper by making `BackendClient` `impl Backend`; **keep the trait** as the `MockBackend` test seam.
+- **B1 — ✅ DONE (re-landed):** extract the wire types into the standalone pure-serde **`agentkeys-protocol`** crate; `agentkeys-backend-client` re-exports as `::protocol` (zero-ripple back-compat); `agentkeys-web-core` (wasm) aliases the shared `BrokerCapRequest` as `CapRequest`. Kills the `ttl_seconds` drift (`Option<u64>` + skip, faithful to the broker's serde default) AND the second drift that accumulated while #215 rotted: web-core's copy was missing the #76 K10 cap-PoP fields entirely. **Do NOT make web-core depend on backend-client** — it drags in `aws-sdk-sts` + `tokio` + native `reqwest` and breaks the wasm build; CI gate: `cargo check --target wasm32-unknown-unknown -p agentkeys-web-core` (default + `--features wasm`), wasm32 target pinned in `rust-toolchain.toml`.
+- **B2 — ✅ DONE (re-landed, extended).** `ts-rs` derives generate `apps/parent-control/lib/generated/*.ts` from the `ui_bridge.rs` `Api*` structs **plus** the types #215 left as follow-up: `ProposedScope` (with a new `ScopeGating` enum replacing the bare `&'static str`, so TS gets the `"auto" | "k11"` union), the catalog `Sensitivity`, and the protocol `WireUserOp`/`BuildAcceptUserOpResponse`/`SubmitAcceptUserOpResponse`. `daemon.ts` imports the generated types; all 8 hand-declared wire interfaces deleted. Riding along, two latent drifts the codegen forced into the open: `SubmitAcceptUserOpResponse` had drifted from what the broker actually returns (#97 `user_op_hash` + `audit_envelope_hashes`, #230 `pending`) — realigned; and `ApiActor`'s `account_address`/`account_type` were ad-hoc `serde_json` inserts invisible to any type contract — folded into the struct. CI gates: `git diff --exit-code` on the generated dir after `cargo test` regenerates, AND a frontend `tsc --noEmit` against a fresh wasm-pack build (`npm run typecheck` is now fully green in CI — the historical core.ts wasm-artifact failures are gone because CI builds the wasm).
+- **B3 — ✅ assessed, no code needed.** `CapToken` stays opaque-by-design in backend-client (`type CapToken = Value`) vs a typed convenience view in web-core over **identical** wire bytes; pairing is single-owned (web-core = master-side, daemon = agent-side); a full client-impl merge is unwarranted (native does STS + reqwest, browser fetch-only).
+- **B4 — ⛔ blocked on Part A.** Fixture-sharing for frontend tests needs the Vitest harness.
+- **B5 — ✅ audited, no code needed.** The CLI doesn't re-type the cap/worker wire protocol (its `json!` bodies are MCP tool-call args + the SIWE/device-session auth surface).
+
+## Part A — testability (not started)
+1. Vitest. 2. Fixture-driven mapper tests (real `DaemonBackend`, mocked `fetch`, `harness/fixtures/web-api/*.json`). 3. `FakeBackend implements AgentKeysClient` + RTL. 4. Playwright happy-path on `dev:stack`.
+
+## Principle
+**Fake the transport, not the behavior.** Orchestration/UI → fake the interface; wire contract → fake only the transport and run the real client against the shared golden fixture.
+
+## Framework verdict
+Keep Next.js (unchanged from the #215 assessment). The one condition that would flip to Vite: the "fold the UI into the daemon's `agentkeys web` subcommand as a static bundle" endgame becoming firm.
+
+End state: one shared wire-protocol crate behind every consumer (MCP tools, daemon, web-core browser host), TS types generated never mirrored, and every test faking transport or interface — never re-implementing behavior.

From c26183c76ea07dc78c711efcac55db9d77d26301 Mon Sep 17 00:00:00 2001
From: Hanwen Cheng <heawen.cheng@gmail.com>
Date: Sat, 13 Jun 2026 01:37:35 +0800
Subject: [PATCH 3/3] =?UTF-8?q?feat:=20#275=20=E2=80=94=20dissolve=20the?=
 =?UTF-8?q?=20plant=20parity=20check=20into=20the=20type=20system=20(wasm?=
 =?UTF-8?q?=20tier-3)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The plant contract (MASTER_MEMORY_PLANT_ROUTE + ApiMemoryEntry +
request/response bodies) moves to the wasm-safe agentkeys-protocol::web_api;
ui_bridge re-exports it (daemon-internal code + the fixture-pinning test keep
their names; the entry helpers ride an extension trait since inherent impls
stay in the defining crate; PlantRequest/PlantResponse take their canonical
MasterMemoryPlant* names).

agentkeys-web-core exports masterMemoryPlantRoute() +
buildMasterMemoryPlantBody() under --features wasm: the body bytes come from
serde_json over the daemon's own types compiled into the browser. daemon.ts
stops hand-building the plant route/body entirely — it feeds ts-rs-typed
entries to the wasm builder and posts the returned JSON verbatim
(postJsonBody; re-stringifying would launder the bytes through JS). One code
path; violating parity is a compile error. A shared memoized wasm-module
loader (lib/client/wasm-module.ts) backs both CoreBackend and the plant path.

The daemon.ts half of scripts/check-web-api-drift.sh retires (compile-checked
now); the harness half (web-parity-demo.sh's hand-curled body) stays
fixture-gated, and the fixture stays pinned to the shared types by the
ui_bridge unit test. Phase 6 is at its terminal thinness: the irreducible
'daemon -> cap-mint -> STS -> worker -> S3 reachable on real infra' smoke.

Docs: harness/AGENTS.md ladder (rung 3 done), operator-runbook phase 6, root
AGENTS.md plant-contract bullet, arch.md crate tree (+agentkeys-protocol).

Verified: cargo fmt/test/clippy -D warnings (workspace), wasm32 checks,
wasm-pack build of the new exports, check-web-api-drift.sh (harness consumer),
check-backend-fixture-drift.sh, fixture --check, npm run typecheck green,
generated bindings committed (MasterMemoryPlantRequest/Response.ts).
---
 AGENTS.md                                     |   2 +-
 apps/parent-control/lib/client/core.ts        |  20 ++-
 apps/parent-control/lib/client/daemon.ts      |  56 ++++++--
 apps/parent-control/lib/client/wasm-module.ts |  26 ++++
 .../lib/generated/MasterMemoryPlantRequest.ts |   7 +
 .../generated/MasterMemoryPlantResponse.ts    |  11 ++
 crates/agentkeys-daemon/src/ui_bridge.rs      | 124 ++++++++----------
 crates/agentkeys-protocol/src/lib.rs          |  66 ++++++++++
 crates/agentkeys-web-core/src/wasm.rs         |  26 ++++
 docs/arch.md                                  |  22 ++--
 docs/operator-runbook-harness.md              |   4 +-
 harness/AGENTS.md                             |  38 ++++--
 scripts/check-web-api-drift.sh                |  41 +++---
 13 files changed, 305 insertions(+), 138 deletions(-)
 create mode 100644 apps/parent-control/lib/client/wasm-module.ts
 create mode 100644 apps/parent-control/lib/generated/MasterMemoryPlantRequest.ts
 create mode 100644 apps/parent-control/lib/generated/MasterMemoryPlantResponse.ts

diff --git a/AGENTS.md b/AGENTS.md
index 3c0518f8..e8ee1556 100644
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -225,7 +225,7 @@ The broker/worker client protocol — the six `/v1/cap/*` mint endpoints, the ST
 - Wire-field change → edit the serde type in [`agentkeys-protocol`](crates/agentkeys-protocol/) (the single definition; re-exported as `agentkeys_backend_client::protocol`), regenerate the committed fixtures (`cargo run -p agentkeys-backend-client --bin dump-protocol-fixtures`), update the frozen key-set test in `fixtures.rs`. The native callers AND the browser host recompile against the new shape automatically; the `wasm32` gate proves the browser still builds.
 - Harness steps drive the `agentkeys` CLI, not hand-rolled curls. Raw curls only for negative / HTTP-status tests; a body that mirrors a canonical shape carries `# @backend-fixture: <shape>` ([`scripts/check-backend-fixture-drift.sh`](scripts/check-backend-fixture-drift.sh) diffs it against [`harness/fixtures/backend-protocol/`](harness/fixtures/backend-protocol/) in CI); deliberately-malformed negative payloads are NOT annotated.
 - **The frontend's wire types are GENERATED, never hand-mirrored (#215 re-land B2, rung 3).** `ts-rs` derives on the `ui_bridge.rs` `Api*` structs, the catalog `Sensitivity`, and the protocol UserOp build/submit responses emit [`apps/parent-control/lib/generated/*.ts`](apps/parent-control/lib/generated/); [`daemon.ts`](apps/parent-control/lib/client/daemon.ts) imports them instead of re-declaring interfaces, so a Rust-side rename is a frontend **compile error**. After changing one of those structs: `cargo test export_bindings` (any `cargo test` triggers it), commit the regenerated `.ts`. CI (`harness-ci.yml` rust-checks) `git diff --exit-code`s the generated dir AND runs `npm run typecheck` against a fresh wasm-pack build, so both the bindings and their consumers are gated. `u64` fields carry `#[ts(type = "number")]`; skip-serialize `Option`s carry `#[ts(optional)]`. Never edit `lib/generated/` by hand, and never add a hand-declared wire interface next to a generated one.
-- The daemon's web-API plant contract is pinned the same way: route + `ApiMemoryEntry` body SoT in [`ui_bridge.rs`](crates/agentkeys-daemon/src/ui_bridge.rs), fixture [`harness/fixtures/web-api/master_memory_plant.json`](harness/fixtures/web-api/master_memory_plant.json), both non-Rust consumers annotated `@web-fixture: master_memory_plant` and gated by [`scripts/check-web-api-drift.sh`](scripts/check-web-api-drift.sh).
+- The daemon's web-API plant contract lives one rung lower still (#275 tier-3): route + `ApiMemoryEntry` + plant request/response bodies are owned by [`agentkeys-protocol::web_api`](crates/agentkeys-protocol/) (re-exported by `ui_bridge.rs`); the React frontend consumes them via the `agentkeys-web-core` **wasm builder** (`masterMemoryPlantRoute()` + `buildMasterMemoryPlantBody()` — one code path, drift is a compile error), and the one remaining hand-built consumer (`harness/web-parity-demo.sh`) stays `@web-fixture`-annotated against [`harness/fixtures/web-api/master_memory_plant.json`](harness/fixtures/web-api/master_memory_plant.json), gated by [`scripts/check-web-api-drift.sh`](scripts/check-web-api-drift.sh) (the fixture itself is pinned to the shared types by a `ui_bridge` unit test).
 - Field names are the arch.md canonical spellings — never invent a synonym in a new body.
 
 ## Harness rules → [`harness/AGENTS.md`](harness/AGENTS.md)
diff --git a/apps/parent-control/lib/client/core.ts b/apps/parent-control/lib/client/core.ts
index 830890e7..cb398909 100644
--- a/apps/parent-control/lib/client/core.ts
+++ b/apps/parent-control/lib/client/core.ts
@@ -3,22 +3,20 @@
 import { EmptyBackend } from './empty';
 import type { ConnectionStatus } from './types';
 
-// Lazy, client-only load of the WASM master-plane core (agentkeys-web-core),
-// memoized per broker URL. The dynamic import keeps the wasm glue out of the
-// server bundle; init() fetches the .wasm from /wasm/ (served from public/,
-// written by dev.sh's build_wasm). Keying by URL means a second CoreBackend with
-// a different broker gets its own instance; on failure the entry is evicted so
-// the next call retries (a transient load/broker failure must not poison it).
+// Lazy, client-only WebCore instances, memoized per broker URL on top of the
+// shared module loader (lib/client/wasm-module.ts — also used by the
+// DaemonBackend plant path, #275). Keying by URL means a second CoreBackend
+// with a different broker gets its own instance; on failure the entry is
+// evicted so the next call retries (a transient load/broker failure must not
+// poison it).
+import { loadWasmModule } from './wasm-module';
+
 type LoadedCore = import('@/lib/wasm/agentkeys-web-core/agentkeys_web_core').WebCore;
 const coreByUrl = new Map<string, Promise<LoadedCore>>();
 function loadCore(brokerUrl: string): Promise<LoadedCore> {
   let p = coreByUrl.get(brokerUrl);
   if (!p) {
-    p = (async () => {
-      const wasm = await import('@/lib/wasm/agentkeys-web-core/agentkeys_web_core.js');
-      await wasm.default('/wasm/agentkeys_web_core_bg.wasm');
-      return new wasm.WebCore(brokerUrl);
-    })();
+    p = loadWasmModule().then((wasm) => new wasm.WebCore(brokerUrl));
     coreByUrl.set(brokerUrl, p);
     void p.catch(() => coreByUrl.delete(brokerUrl));
   }
diff --git a/apps/parent-control/lib/client/daemon.ts b/apps/parent-control/lib/client/daemon.ts
index 8488cf04..9a15618d 100644
--- a/apps/parent-control/lib/client/daemon.ts
+++ b/apps/parent-control/lib/client/daemon.ts
@@ -53,9 +53,11 @@ import type { ApiAuditEvent } from '@/lib/generated/ApiAuditEvent';
 import type { ApiMemoryEntry } from '@/lib/generated/ApiMemoryEntry';
 import type { ApiWorker } from '@/lib/generated/ApiWorker';
 import type { BuildAcceptUserOpResponse } from '@/lib/generated/BuildAcceptUserOpResponse';
+import type { MasterMemoryPlantResponse } from '@/lib/generated/MasterMemoryPlantResponse';
 import type { MemoryCategory as ApiMemoryCategory } from '@/lib/generated/MemoryCategory';
 import type { ProposedScope as ApiProposedScope } from '@/lib/generated/ProposedScope';
 import type { SubmitAcceptUserOpResponse as ApiSubmitResult } from '@/lib/generated/SubmitAcceptUserOpResponse';
+import { loadWasmModule } from './wasm-module';
 
 /**
  * DaemonBackend — talks to a running agentkeys-daemon over HTTP.
@@ -105,6 +107,26 @@ export class DaemonBackend implements AgentKeysClient {
     }
   }
 
+  // Like postJson, but the body is ALREADY serialized JSON (the wasm plant
+  // builder returns serde_json's exact bytes — re-stringifying would launder
+  // them through JS). #275 tier-3.
+  private async postJsonBody<T>(path: string, jsonBody: string): Promise<Result<T>> {
+    try {
+      const resp = await fetch(`${this.baseUrl}${path}`, {
+        method: 'POST',
+        headers: { 'content-type': 'application/json' },
+        body: jsonBody,
+      });
+      if (!resp.ok) {
+        const text = await resp.text();
+        return { ok: false, status: unreachable(`POST ${path} → ${resp.status}: ${text}`) };
+      }
+      return { ok: true, data: (await resp.json()) as T };
+    } catch (e) {
+      return { ok: false, status: unreachable(`POST ${path}: ${(e as Error).message}`) };
+    }
+  }
+
   private async postJson<T>(path: string, body: unknown): Promise<Result<T>> {
     try {
       const resp = await fetch(`${this.baseUrl}${path}`, {
@@ -434,18 +456,26 @@ export class DaemonBackend implements AgentKeysClient {
   }
 
   async plantMemory(entries: MasterMemoryEntry[]): Promise<Result<PlantResult>> {
-    const r = await this.postJson<{ planted: number; skipped: number; total: number; taxonomy_status?: string }>(
-      '/v1/master/memory/plant',
-      {
-        // @web-fixture: master_memory_plant — entry shape gated by scripts/check-web-api-drift.sh
-        // (must match the daemon's ApiMemoryEntry + web-parity-demo.sh; issue #203 / the #206 parity ladder).
-        entries: entries.map((m): ApiMemoryEntry => ({
-          ns: m.ns, key: m.key, title: m.title, bytes: m.bytes,
-          version: m.version, updated: m.updated, preview: m.preview, body: m.body,
-          content_hash: m.contentHash ?? '',
-        })),
-      },
-    );
+    // #275 tier-3: the plant route + body come from the daemon's OWN wire types
+    // (agentkeys-protocol::web_api) compiled to wasm — one code path, so this
+    // client cannot hand-build a drifted body (the old @web-fixture diff gate
+    // for this file is retired; the ts-rs ApiMemoryEntry type checks the entry
+    // shape at compile time and the wasm builder validates + serializes it).
+    let route: string;
+    let body: string;
+    try {
+      const wasm = await loadWasmModule();
+      const wireEntries = entries.map((m): ApiMemoryEntry => ({
+        ns: m.ns, key: m.key, title: m.title, bytes: m.bytes,
+        version: m.version, updated: m.updated, preview: m.preview, body: m.body,
+        content_hash: m.contentHash ?? '',
+      }));
+      route = wasm.masterMemoryPlantRoute();
+      body = wasm.buildMasterMemoryPlantBody(wireEntries);
+    } catch (e) {
+      return { ok: false, status: unreachable(`wasm plant builder failed: ${String(e)}`) };
+    }
+    const r = await this.postJsonBody<MasterMemoryPlantResponse>(route, body);
     if (!r.ok) return r;
     return {
       ok: true,
@@ -453,7 +483,7 @@ export class DaemonBackend implements AgentKeysClient {
         planted: r.data.planted,
         skipped: r.data.skipped,
         total: r.data.total,
-        taxonomyStatus: r.data.taxonomy_status ?? 'ok',
+        taxonomyStatus: r.data.taxonomy_status,
       },
     };
   }
diff --git a/apps/parent-control/lib/client/wasm-module.ts b/apps/parent-control/lib/client/wasm-module.ts
new file mode 100644
index 00000000..c2bc5db3
--- /dev/null
+++ b/apps/parent-control/lib/client/wasm-module.ts
@@ -0,0 +1,26 @@
+'use client';
+
+// Lazy, client-only, memoized load of the agentkeys-web-core wasm MODULE —
+// shared by CoreBackend (which wraps it in a per-broker-URL WebCore) and
+// DaemonBackend's plant path (#275 tier-3: module-level route/body builders).
+// The dynamic import keeps the wasm glue out of the server bundle; init()
+// fetches the .wasm from /wasm/ (served from public/, written by dev.sh's
+// build_wasm). On failure the memo is evicted so the next call retries (a
+// transient load failure must not poison the page).
+type WasmModule = typeof import('@/lib/wasm/agentkeys-web-core/agentkeys_web_core.js');
+
+let modulePromise: Promise<WasmModule> | null = null;
+
+export function loadWasmModule(): Promise<WasmModule> {
+  if (!modulePromise) {
+    modulePromise = (async () => {
+      const wasm = await import('@/lib/wasm/agentkeys-web-core/agentkeys_web_core.js');
+      await wasm.default('/wasm/agentkeys_web_core_bg.wasm');
+      return wasm;
+    })();
+    void modulePromise.catch(() => {
+      modulePromise = null;
+    });
+  }
+  return modulePromise;
+}
diff --git a/apps/parent-control/lib/generated/MasterMemoryPlantRequest.ts b/apps/parent-control/lib/generated/MasterMemoryPlantRequest.ts
new file mode 100644
index 00000000..453adc8b
--- /dev/null
+++ b/apps/parent-control/lib/generated/MasterMemoryPlantRequest.ts
@@ -0,0 +1,7 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { ApiMemoryEntry } from "./ApiMemoryEntry";
+
+/**
+ * `POST` body for [`MASTER_MEMORY_PLANT_ROUTE`].
+ */
+export type MasterMemoryPlantRequest = { entries: Array<ApiMemoryEntry>, };
diff --git a/apps/parent-control/lib/generated/MasterMemoryPlantResponse.ts b/apps/parent-control/lib/generated/MasterMemoryPlantResponse.ts
new file mode 100644
index 00000000..6f12c6a5
--- /dev/null
+++ b/apps/parent-control/lib/generated/MasterMemoryPlantResponse.ts
@@ -0,0 +1,11 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+/**
+ * Plant outcome. `taxonomy_status` surfaces the durable category-index
+ * write so a configured-Config store failure is NOT hidden behind an
+ * otherwise-successful memory plant: `"ok"` (written), `"unconfigured"`
+ * (Config not set up, cache-only), `"failed: <reason>"` (memory IS
+ * durable but the category index is stale → retry), or
+ * `"skipped: <reason>"` (config-context unavailable).
+ */
+export type MasterMemoryPlantResponse = { planted: number, skipped: number, total: number, taxonomy_status: string, };
diff --git a/crates/agentkeys-daemon/src/ui_bridge.rs b/crates/agentkeys-daemon/src/ui_bridge.rs
index ff5008f0..9539360c 100644
--- a/crates/agentkeys-daemon/src/ui_bridge.rs
+++ b/crates/agentkeys-daemon/src/ui_bridge.rs
@@ -220,24 +220,14 @@ pub struct RegisteredMaster {
     pub account: Option<String>,
 }
 
-/// A master-actor memory entry. `content_hash` is the dedup key —
-/// keccak-free sha256 over (ns || key || body) so a re-plant of the same
-/// content is detected and skipped (the "prevent duplicate plant" gate).
-#[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
-#[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
-pub struct ApiMemoryEntry {
-    pub ns: String,
-    pub key: String,
-    pub title: String,
-    #[ts(type = "number")]
-    pub bytes: u64,
-    pub version: String,
-    pub updated: String,
-    pub preview: String,
-    pub body: String,
-    #[serde(default)]
-    pub content_hash: String,
-}
+// The plant wire contract (route + `ApiMemoryEntry` + request/response bodies)
+// is OWNED by the wasm-safe `agentkeys-protocol::web_api` (#275 tier-3): the
+// browser host compiles the same types via `agentkeys-web-core`, so the
+// frontend can no longer hand-build a drifted body. Re-exported here so the
+// daemon-internal paths (and the fixture-pinning test below) keep their names.
+pub use agentkeys_backend_client::protocol::web_api::{
+    ApiMemoryEntry, MasterMemoryPlantRequest, MasterMemoryPlantResponse, MASTER_MEMORY_PLANT_ROUTE,
+};
 
 /// Content hash over (ns ‖ key ‖ body) — the dedup key for plant idempotency
 /// AND the durable-merge identity (codex finding 1). A free function so the
@@ -254,12 +244,26 @@ fn content_hash_for(ns: &str, key: &str, body: &str) -> String {
     hex::encode(h.finalize())
 }
 
-impl ApiMemoryEntry {
+/// Daemon-side helpers on the SHARED wire type: inherent impls are only legal
+/// in the defining crate (`agentkeys-protocol`), and these touch daemon-local
+/// concerns (the sha256 dedup scheme + the private on-disk
+/// [`StoredMemoryEntry`] form), so they ride an extension trait here — call
+/// sites read exactly as before.
+trait ApiMemoryEntryExt: Sized {
+    fn compute_hash(&self) -> String;
+    /// The on-disk form stored inside the per-namespace JSON array (#201 Phase 4).
+    fn to_stored(&self) -> StoredMemoryEntry;
+    /// Rehydrate a UI entry from a stored array element decrypted out of
+    /// `memory:<ns>.enc`. `version`/`preview` are derived (not stored) and
+    /// `content_hash` is left empty (the read path doesn't dedup).
+    fn from_stored(ns: &str, s: StoredMemoryEntry) -> Self;
+}
+
+impl ApiMemoryEntryExt for ApiMemoryEntry {
     fn compute_hash(&self) -> String {
         content_hash_for(&self.ns, &self.key, &self.body)
     }
 
-    /// The on-disk form stored inside the per-namespace JSON array (#201 Phase 4).
     fn to_stored(&self) -> StoredMemoryEntry {
         StoredMemoryEntry {
             key: self.key.clone(),
@@ -270,9 +274,6 @@ impl ApiMemoryEntry {
         }
     }
 
-    /// Rehydrate a UI entry from a stored array element decrypted out of
-    /// `memory:<ns>.enc`. `version`/`preview` are derived (not stored) and
-    /// `content_hash` is left empty (the read path doesn't dedup).
     fn from_stored(ns: &str, s: StoredMemoryEntry) -> Self {
         let preview = s.body.chars().take(80).collect();
         ApiMemoryEntry {
@@ -740,16 +741,14 @@ fn err(
     )
 }
 
-/// Canonical master-memory web-API routes — the SINGLE source of truth for the
-/// path the React frontend (`apps/parent-control/lib/client/daemon.ts`) and the
-/// harness web-parity demo (`harness/web-parity-demo.sh`) both hit. They used to
-/// hardcode `/v1/master/memory/plant` independently → a rename here left phase 6
-/// green on the old path (false-green, issue #203 / the #206 parity ladder). The
-/// route + the `ApiMemoryEntry` body shape are now pinned to
-/// `harness/fixtures/web-api/master_memory_plant.json` (see the test below) and
-/// the two consumers are gated against it by `scripts/check-web-api-drift.sh`.
+/// Master-memory LIST route (daemon-local). The PLANT route — the contract the
+/// frontend + harness both POST — is `MASTER_MEMORY_PLANT_ROUTE`, owned by
+/// `agentkeys-protocol::web_api` (re-exported above, #275 tier-3): the React
+/// frontend gets it from the `agentkeys-web-core` wasm export (one code path),
+/// the harness demo is fixture-gated by `scripts/check-web-api-drift.sh`, and
+/// the fixture (`harness/fixtures/web-api/master_memory_plant.json`) is pinned
+/// to the shared const + `ApiMemoryEntry` shape by the unit test below.
 pub const MASTER_MEMORY_ROUTE: &str = "/v1/master/memory";
-pub const MASTER_MEMORY_PLANT_ROUTE: &str = "/v1/master/memory/plant";
 
 /// Build the ui-bridge router with CORS open to the configured web-UI origin.
 pub fn build_router(state: SharedUiBridgeState, allowed_origin: &str) -> Router {
@@ -5315,31 +5314,13 @@ async fn reconcile_taxonomy(
     Ok(merged)
 }
 
-#[derive(Debug, Deserialize)]
-pub struct PlantRequest {
-    pub entries: Vec<ApiMemoryEntry>,
-}
-
-#[derive(Debug, Serialize)]
-pub struct PlantResponse {
-    pub planted: usize,
-    pub skipped: usize,
-    pub total: usize,
-    /// Durable category-index (taxonomy) outcome, surfaced so a configured-Config
-    /// store failure is NOT hidden behind an otherwise-successful memory plant
-    /// (codex finding 2): `"ok"` (written), `"unconfigured"` (Config not set up,
-    /// cache-only), `"failed: <reason>"` (memory IS durable but the category index
-    /// is stale → retry), or `"skipped: <reason>"` (config-context unavailable).
-    pub taxonomy_status: String,
-}
-
 /// Idempotent plant: each entry's content_hash is the dedup key. Re-planting
 /// the same content is a no-op (skipped++), so "prevent duplicate plant" is
 /// enforced server-side, not just in the UI. Returns planted/skipped counts +
 /// the resulting total. An audit row records the plant.
 async fn plant_master_memory(
     State(state): State<SharedUiBridgeState>,
-    Json(req): Json<PlantRequest>,
+    Json(req): Json<MasterMemoryPlantRequest>,
 ) -> axum::response::Response {
     match plant_master_memory_inner(&state, req).await {
         Ok(resp) => (axum::http::StatusCode::OK, Json(resp)).into_response(),
@@ -5349,14 +5330,14 @@ async fn plant_master_memory(
     }
 }
 
-/// Core plant logic. Returns the typed `PlantResponse` (real chain or in-memory
+/// Core plant logic. Returns the typed `MasterMemoryPlantResponse` (real chain or in-memory
 /// fallback) or an `(HTTP status, reason)` for partial-config / not-logged-in
 /// (409) and real-worker-failure (502). The handler maps it to a response; tests
 /// call this directly to assert the typed counts.
 async fn plant_master_memory_inner(
     state: &SharedUiBridgeState,
-    req: PlantRequest,
-) -> Result<PlantResponse, (axum::http::StatusCode, String)> {
+    req: MasterMemoryPlantRequest,
+) -> Result<MasterMemoryPlantResponse, (axum::http::StatusCode, String)> {
     let ctx = real_memory_ctx(state).await.map_err(|reason| {
         tracing::warn!("plant_master_memory: {reason}");
         (axum::http::StatusCode::CONFLICT, reason)
@@ -5502,7 +5483,7 @@ async fn plant_master_memory_inner(
         };
         push_audit(state, evt).await;
     }
-    Ok(PlantResponse {
+    Ok(MasterMemoryPlantResponse {
         planted,
         skipped,
         total,
@@ -6327,14 +6308,17 @@ mod tests {
         );
     }
 
-    /// Pin the master-memory plant CONTRACT (the daemon's web API) to the
-    /// committed fixture that `daemon.ts` + `web-parity-demo.sh` are gated
-    /// against (issue #203 / the #206 parity ladder, rung 2). The Rust struct +
-    /// route const are the source of truth; this test fails the moment they
-    /// drift from the fixture, so a field rename or route change can't silently
-    /// leave phase 6 green on the old path. If you change `ApiMemoryEntry` or the
-    /// route on purpose, update `harness/fixtures/web-api/master_memory_plant.json`
-    /// to match (and the two consumers will be re-gated by the bash check).
+    /// Pin the master-memory plant CONTRACT (the daemon's web API, owned by
+    /// `agentkeys-protocol::web_api` and re-exported above) to the committed
+    /// fixture that `web-parity-demo.sh` is gated against (issue #203 / the
+    /// #206 parity ladder). The shared struct + route const are the source of
+    /// truth; this test fails the moment they drift from the fixture, so a
+    /// field rename or route change can't silently leave phase 6 green on the
+    /// old path. The React frontend is NOT fixture-gated anymore (#275): it
+    /// consumes the wasm-exported builder, so its half is compile-checked. If
+    /// you change `ApiMemoryEntry` or the route on purpose, update
+    /// `harness/fixtures/web-api/master_memory_plant.json` to match (and the
+    /// harness consumer is re-gated by the bash check).
     #[test]
     fn master_memory_plant_contract_matches_fixture() {
         let path = std::path::Path::new(env!("CARGO_MANIFEST_DIR"))
@@ -8581,7 +8565,7 @@ mod tests {
         // First plant: both land.
         let r1 = plant_master_memory_inner(
             &state,
-            PlantRequest {
+            MasterMemoryPlantRequest {
                 entries: entries.clone(),
             },
         )
@@ -8593,7 +8577,7 @@ mod tests {
         assert_eq!(state.master_memory.read().await.len(), 2);
 
         // Re-plant the SAME content: 0 planted, 2 skipped (dedup by content_hash).
-        let r2 = plant_master_memory_inner(&state, PlantRequest { entries })
+        let r2 = plant_master_memory_inner(&state, MasterMemoryPlantRequest { entries })
             .await
             .unwrap();
         assert_eq!(r2.planted, 0);
@@ -8619,7 +8603,7 @@ mod tests {
         let state = make_state();
         let _ = plant_master_memory_inner(
             &state,
-            PlantRequest {
+            MasterMemoryPlantRequest {
                 entries: vec![mem_entry("personal", "profile", "v1 body")],
             },
         )
@@ -8628,7 +8612,7 @@ mod tests {
         // Same ns/key but DIFFERENT body → different content_hash → a new entry.
         let r = plant_master_memory_inner(
             &state,
-            PlantRequest {
+            MasterMemoryPlantRequest {
                 entries: vec![mem_entry("personal", "profile", "v2 body")],
             },
         )
@@ -8685,7 +8669,7 @@ mod tests {
         let state = make_state();
         plant_master_memory_inner(
             &state,
-            PlantRequest {
+            MasterMemoryPlantRequest {
                 entries: vec![
                     mem_entry("travel", "chengdu", "trip"),
                     mem_entry("personal", "profile", "name: Kevin"),
@@ -8710,7 +8694,7 @@ mod tests {
         let state = make_state();
         plant_master_memory_inner(
             &state,
-            PlantRequest {
+            MasterMemoryPlantRequest {
                 entries: vec![
                     mem_entry("travel", "chengdu", "trip body"),
                     mem_entry("travel", "customs", "customs body"),
@@ -8844,7 +8828,7 @@ mod tests {
         let state = make_state();
         let r = plant_master_memory_inner(
             &state,
-            PlantRequest {
+            MasterMemoryPlantRequest {
                 entries: vec![mem_entry("travel", "chengdu", "trip")],
             },
         )
diff --git a/crates/agentkeys-protocol/src/lib.rs b/crates/agentkeys-protocol/src/lib.rs
index f4cf4fea..611f5fe4 100644
--- a/crates/agentkeys-protocol/src/lib.rs
+++ b/crates/agentkeys-protocol/src/lib.rs
@@ -548,6 +548,72 @@ pub struct BuildRevokeUserOpRequest {
     pub device_key_hashes: Vec<String>,
 }
 
+// ── the daemon's web-API plant contract (#275 tier-3) ───────────────────────
+
+/// The daemon's **web-API plant contract** — the frontend↔daemon surface, as
+/// opposed to the broker/worker chain above. It lives in this wasm-safe crate
+/// so the browser host (`agentkeys-web-core`) compiles the SAME types the
+/// daemon's `ui_bridge` serves: `daemon.ts` gets the route + body from a
+/// wasm-exported builder instead of hand-building them, which dissolves the
+/// old runtime parity check into the type system (#275, parity-ladder rung 3 —
+/// "one code path; violating parity is a compile error"). The contract is
+/// still pinned to `harness/fixtures/web-api/master_memory_plant.json` by a
+/// `ui_bridge` unit test, and the REMAINING non-Rust consumer
+/// (`harness/web-parity-demo.sh`) is gated against that fixture by
+/// `scripts/check-web-api-drift.sh`.
+pub mod web_api {
+    use serde::{Deserialize, Serialize};
+
+    /// Canonical master-memory plant route — the single source of truth for
+    /// the path the React frontend (via the `agentkeys-web-core` wasm export)
+    /// and the harness web-parity demo both POST to.
+    pub const MASTER_MEMORY_PLANT_ROUTE: &str = "/v1/master/memory/plant";
+
+    /// A master-actor memory entry. `content_hash` is the dedup key —
+    /// keccak-free sha256 over (ns || key || body) so a re-plant of the same
+    /// content is detected and skipped (the "prevent duplicate plant" gate).
+    #[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+    #[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
+    pub struct ApiMemoryEntry {
+        pub ns: String,
+        pub key: String,
+        pub title: String,
+        #[ts(type = "number")]
+        pub bytes: u64,
+        pub version: String,
+        pub updated: String,
+        pub preview: String,
+        pub body: String,
+        #[serde(default)]
+        pub content_hash: String,
+    }
+
+    /// `POST` body for [`MASTER_MEMORY_PLANT_ROUTE`].
+    #[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+    #[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
+    pub struct MasterMemoryPlantRequest {
+        pub entries: Vec<ApiMemoryEntry>,
+    }
+
+    /// Plant outcome. `taxonomy_status` surfaces the durable category-index
+    /// write so a configured-Config store failure is NOT hidden behind an
+    /// otherwise-successful memory plant: `"ok"` (written), `"unconfigured"`
+    /// (Config not set up, cache-only), `"failed: <reason>"` (memory IS
+    /// durable but the category index is stale → retry), or
+    /// `"skipped: <reason>"` (config-context unavailable).
+    #[derive(Clone, Debug, Serialize, Deserialize, ts_rs::TS)]
+    #[ts(export, export_to = "../../../apps/parent-control/lib/generated/")]
+    pub struct MasterMemoryPlantResponse {
+        #[ts(type = "number")]
+        pub planted: usize,
+        #[ts(type = "number")]
+        pub skipped: usize,
+        #[ts(type = "number")]
+        pub total: usize,
+        pub taxonomy_status: String,
+    }
+}
+
 // ── shared protocol helpers (the omni-normalization bug site, centralized) ───
 
 /// Build the signed cap **service** string for a memory namespace —
diff --git a/crates/agentkeys-web-core/src/wasm.rs b/crates/agentkeys-web-core/src/wasm.rs
index 86217feb..649849eb 100644
--- a/crates/agentkeys-web-core/src/wasm.rs
+++ b/crates/agentkeys-web-core/src/wasm.rs
@@ -12,11 +12,37 @@
 use wasm_bindgen::prelude::*;
 
 use crate::broker::{BrokerClient, CapRequest, PairingClaimRequest};
+use agentkeys_protocol::web_api::{ApiMemoryEntry, MasterMemoryPlantRequest};
 
 fn to_js<E: std::fmt::Display>(e: E) -> JsValue {
     JsValue::from_str(&e.to_string())
 }
 
+// ── the daemon's web-API plant contract (#275 tier-3) ────────────────────────
+//
+// The browser used to hand-build the plant route + body in `daemon.ts` (gated
+// only by a fixture diff). These exports give it the daemon's OWN types,
+// compiled to wasm: the route is the shared `MASTER_MEMORY_PLANT_ROUTE` const
+// and the body bytes come from serde_json over the shared structs — the exact
+// serializer family the daemon deserializes with. A daemon-side field/route
+// change is now a frontend compile error (via the ts-rs `ApiMemoryEntry`
+// type) + a wasm rebuild, never a silently-drifted hand-rolled body.
+
+/// The canonical plant route (`agentkeys_protocol::web_api::MASTER_MEMORY_PLANT_ROUTE`).
+#[wasm_bindgen(js_name = masterMemoryPlantRoute)]
+pub fn master_memory_plant_route() -> String {
+    agentkeys_protocol::web_api::MASTER_MEMORY_PLANT_ROUTE.to_string()
+}
+
+/// Build the plant POST body from an `ApiMemoryEntry[]` (ts-rs-typed on the JS
+/// side). Validates through the real serde types and returns the serialized
+/// JSON string — post it verbatim (`content-type: application/json`).
+#[wasm_bindgen(js_name = buildMasterMemoryPlantBody)]
+pub fn build_master_memory_plant_body(entries: JsValue) -> Result<String, JsValue> {
+    let entries: Vec<ApiMemoryEntry> = serde_wasm_bindgen::from_value(entries).map_err(to_js)?;
+    serde_json::to_string(&MasterMemoryPlantRequest { entries }).map_err(to_js)
+}
+
 /// The host-agnostic master-plane core, exposed to the browser. One per broker
 /// base URL; holds no secret.
 #[wasm_bindgen]
diff --git a/docs/arch.md b/docs/arch.md
index 75bba407..f06355da 100644
--- a/docs/arch.md
+++ b/docs/arch.md
@@ -2370,14 +2370,20 @@ agentkeys/                                  # repo root
 │   │                                       #   LLM hosts over stdio / HTTP / xiaozhi
 │   │                                       #   mcp-endpoint WS relay (issue #107)
 │   ├── agentkeys-provisioner/              # Rust orchestrator that spawns TS scrapers
-│   ├── agentkeys-backend-client/           # ONE owner of the broker/worker client
-│   │                                       #   protocol (issue #203): cap-mint (6
-│   │                                       #   data-class endpoints: cred/memory/config
-│   │                                       #   store+fetch), STS relay, worker put/get +
-│   │                                       #   config put/get body types, memory:<ns>
-│   │                                       #   builder, 0x-omni normalize. MCP
-│   │                                       #   HttpBackend delegates to it; daemon
-│   │                                       #   ui_bridge cap-mint + worker bodies use it
+│   ├── agentkeys-protocol/                 # The wire TYPES half of the #203 one-owner
+│   │                                       #   split (#215 re-land): pure serde, wasm-safe
+│   │                                       #   — cap-mint + worker bodies, UserOp build/
+│   │                                       #   submit shapes, the web_api plant contract
+│   │                                       #   (#275). Shared by backend-client (native)
+│   │                                       #   AND web-core (browser); ts-rs generates
+│   │                                       #   the frontend's lib/generated/*.ts from it
+│   ├── agentkeys-backend-client/           # The native CLIENT half (issue #203):
+│   │                                       #   cap-mint (6 data-class endpoints:
+│   │                                       #   cred/memory/config store+fetch), STS
+│   │                                       #   relay, worker calls, memory:<ns>
+│   │                                       #   builder, 0x-omni normalize. Re-exports
+│   │                                       #   agentkeys-protocol as ::protocol; the MCP
+│   │                                       #   server + daemon ui_bridge call it
 │   └── agentkeys-chain/                    # Solidity contracts + Rust ABI bindings
 │       ├── contracts/
 │       │   ├── AgentKeysScope.sol
diff --git a/docs/operator-runbook-harness.md b/docs/operator-runbook-harness.md
index e8f9c40d..fe35a669 100644
--- a/docs/operator-runbook-harness.md
+++ b/docs/operator-runbook-harness.md
@@ -158,7 +158,9 @@ remains the only proof that the key never leaves the sandbox.
   matches the agent/harness path, so the web flow can't silently drift from the harness. **Step 4
   (#214)** then polls `GET /v1/agent/pairing/pending` and asserts a well-formed `{requests:[…]}` — the
   master-side web-pairing route reaches the real broker rendezvous. A **thin 4-step wiring smoke** — the
-  body shape is gated at compile/fixture time (`scripts/check-web-api-drift.sh`), so the runtime check
+  plant contract is owned by `agentkeys-protocol::web_api` (#275): the React frontend consumes it via
+  the `agentkeys-web-core` wasm builder (compile-checked), and this demo's hand-built body is the one
+  remaining fixture-gated consumer (`scripts/check-web-api-drift.sh`), so the runtime check
   stays minimal. The probe ns is **deleted on
   exit** (success or failure), so it never leaks into real memory. **Reuses** the build/chain/broker/
   master from phases 1–2 — one daemon boot, no re-bootstrap. Real-only; skips cleanly without a broker.
diff --git a/harness/AGENTS.md b/harness/AGENTS.md
index 53c25fa6..0829a937 100644
--- a/harness/AGENTS.md
+++ b/harness/AGENTS.md
@@ -323,27 +323,34 @@ crate) lands.
 endpoint directly (`POST /v1/master/memory/plant`) with a hand-built body; the real
 frontend (`apps/parent-control/lib/client/daemon.ts`) builds its OWN body at the same
 URL. They used to agree by manual coincidence — a `daemon.ts` endpoint/shape change
-left phase 6 **green on the old path** (false-green). That gap is now gated: the route
-+ the `ApiMemoryEntry` body shape have ONE source of truth (the daemon's
-`MASTER_MEMORY_{,PLANT_}ROUTE` const + the struct), pinned to
+left phase 6 **green on the old path** (false-green). That gap is now CLOSED twice
+over. The route + the `ApiMemoryEntry` body shape have ONE source of truth — the
+wasm-safe [`agentkeys-protocol::web_api`](../crates/agentkeys-protocol/) (#275; re-exported
+by `ui_bridge.rs`) — pinned to
 [`fixtures/web-api/master_memory_plant.json`](fixtures/web-api/master_memory_plant.json)
-by a `ui_bridge` unit test, and BOTH consumers (`daemon.ts` + `web-parity-demo.sh`)
-are diffed against it by [`../scripts/check-web-api-drift.sh`](../scripts/check-web-api-drift.sh)
-in CI. A rename/added/dropped field or a route change on either side is now CI-red.
+by a `ui_bridge` unit test. The React frontend (`daemon.ts`) doesn't hand-build the
+route or body AT ALL anymore: it calls the `agentkeys-web-core` wasm builder
+(`masterMemoryPlantRoute()` + `buildMasterMemoryPlantBody()` — the daemon's own serde
+types compiled into the browser, rung 3), so its half of the contract is a compile
+error when it drifts. The remaining hand-built consumer (`web-parity-demo.sh`) is
+diffed against the fixture by
+[`../scripts/check-web-api-drift.sh`](../scripts/check-web-api-drift.sh) in CI (rung 2).
 What phase 6 still uniquely proves (and can't be compile-checked) is the **runtime
 wiring**: "daemon → cap-mint → STS → worker → S3 is reachable on real infra."
 
 **The ladder (weakest → strongest) — push a check DOWN it whenever it catches real drift:**
 1. **Runtime behavioral assertion** (run both, compare) — rots silently.
 2. **Shared contract / golden fixture** — both sides derive from one serde schema;
-   CI reddens loudly on shape drift, survives cosmetic refactors. ← the daemon
-   web-API plant contract sits here now (the `master_memory_plant` fixture + the
-   `daemon.ts`/`web-parity-demo.sh` gate).
+   CI reddens loudly on shape drift, survives cosmetic refactors. ← the harness's
+   hand-curled plant body sits here (the `master_memory_plant` fixture + the
+   `web-parity-demo.sh` gate).
 3. **Shared implementation** — one code path; violating parity is a compile error.
    The runtime check shrinks to a thin "is the one client wired to real infra?" smoke.
    ← the broker/worker chain is here (#203/#204: daemon + MCP share
-   `agentkeys-backend-client`). Phase 6's body shape is rung 2; its remaining job is
-   the rung-3-residual runtime-wiring smoke.
+   `agentkeys-backend-client`; #215 re-land: web-core shares `agentkeys-protocol`),
+   AND — since #275 — the frontend plant path too (ts-rs `ApiMemoryEntry` types +
+   the wasm route/body builder). Phase 6's remaining job is the rung-3-residual
+   runtime-wiring smoke.
 
 **Operating rule:** every time phase 6 (or any parity/wiring check) catches a real
 drift, ask "could this have been a compile error or a fixture diff instead?" If yes,
@@ -351,9 +358,12 @@ move the assertion down the ladder — the runtime check is *supposed* to get th
 A parity check growing in scope is a smell; one shrinking toward a wiring smoke is
 healthy. **Done (#203/#204):** the false-green is plugged — the plant route + body
 shape are a single serde source of truth gated by `scripts/check-web-api-drift.sh`
-(fold-systemic-fixes-into-enforcement). The next rung-down for phase 6 is tier-3 for
-the frontend: compile the daemon ui-bridge plant types into the browser host via
-`agentkeys-web-core` (wasm) so `daemon.ts` stops hand-building the body at all.
+(fold-systemic-fixes-into-enforcement). **Done (#275):** the tier-3 move landed —
+the plant types moved to the wasm-safe `agentkeys-protocol::web_api`, compiled into
+the browser via `agentkeys-web-core`, and `daemon.ts` consumes the wasm-exported
+route + body builder instead of hand-building anything; its half of the drift gate
+retired (compile-checked now), the harness half stays fixture-gated. Phase 6 is at
+its terminal thinness: the irreducible runtime-wiring smoke.
 
 ---
 
diff --git a/scripts/check-web-api-drift.sh b/scripts/check-web-api-drift.sh
index 5c531f68..0daec0ba 100755
--- a/scripts/check-web-api-drift.sh
+++ b/scripts/check-web-api-drift.sh
@@ -1,23 +1,26 @@
 #!/usr/bin/env bash
-# scripts/check-web-api-drift.sh — the frontend↔daemon↔harness drift gate for
-# the master-memory plant contract (issue #203 / the #206 parity ladder, rung 2).
+# scripts/check-web-api-drift.sh — the harness drift gate for the master-memory
+# plant contract (issue #203 / the #206 parity ladder).
 #
 # Phase 6 (web-parity-demo.sh) used to false-green: it `curl`s the daemon's
-# `POST /v1/master/memory/plant` with a hand-built body, while the real frontend
-# (apps/parent-control/lib/client/daemon.ts) builds its OWN body at the same URL.
-# They agreed by manual coincidence — a daemon.ts route/shape change left phase 6
-# green on the old path.
+# plant endpoint with a hand-built body that agreed with the daemon only by
+# manual coincidence. This gate ties it to ONE serde schema (the
+# `ApiMemoryEntry` + `MASTER_MEMORY_PLANT_ROUTE` owned by
+# `agentkeys-protocol::web_api`), captured in
+# harness/fixtures/web-api/master_memory_plant.json. The Rust side is pinned by
+# a unit test (ui_bridge.rs `master_memory_plant_contract_matches_fixture`);
+# this script pins the ONE remaining non-Rust consumer:
+#   - the route literal must appear verbatim at web-parity-demo.sh's call site
+#   - its `# @web-fixture: master_memory_plant`-annotated entry object literal
+#     must have exactly the fixture's `entry_keys`.
 #
-# This gate ties both consumers to ONE serde schema (the daemon's `ApiMemoryEntry`
-# + the `MASTER_MEMORY_PLANT_ROUTE` const), captured in
-# harness/fixtures/web-api/master_memory_plant.json. The Rust side is pinned by a
-# unit test (ui_bridge.rs `master_memory_plant_contract_matches_fixture`); this
-# script pins the two NON-Rust consumers:
-#   - the route literal must appear verbatim in daemon.ts AND web-parity-demo.sh
-#   - the `# @web-fixture: master_memory_plant` / `// @web-fixture: …`-annotated
-#     entry object literal in each must have exactly the fixture's `entry_keys`.
+# The React frontend (apps/parent-control/lib/client/daemon.ts) is NO LONGER
+# gated here (#275 tier-3): it stopped hand-building the route/body entirely —
+# it consumes the wasm-exported builder from agentkeys-web-core, so its half of
+# this contract is compile-checked (ts-rs `ApiMemoryEntry` + the wasm builder),
+# which sits a rung BELOW this fixture diff on the parity ladder.
 #
-# A drifted route or entry shape (rename/add/drop) on either side is now CI-red
+# A drifted route or entry shape (rename/add/drop) in the harness demo is CI-red
 # instead of a stale green. Exit 0 = clean; 1 = drift; 2 = setup error.
 #
 #   bash scripts/check-web-api-drift.sh
@@ -26,7 +29,6 @@ set -uo pipefail
 REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
 FIXTURE="$REPO_ROOT/harness/fixtures/web-api/master_memory_plant.json"
 HARNESS="$REPO_ROOT/harness/web-parity-demo.sh"
-FRONTEND="$REPO_ROOT/apps/parent-control/lib/client/daemon.ts"
 
 c() { [ -t 1 ] && printf '\033[%sm%s\033[0m' "$1" "$2" || printf '%s' "$2"; }
 ok()   { printf '  %s %s\n' "$(c '1;32' ok)"   "$1"; }
@@ -135,13 +137,12 @@ check_consumer() {
 }
 
 echo
-info "gating the two non-Rust consumers (the Rust source is pinned by the ui_bridge unit test)..."
+info "gating the remaining non-Rust consumer (the Rust source is pinned by the ui_bridge unit test; daemon.ts is compile-gated via the wasm builder, #275)..."
 check_consumer "harness web-parity-demo" "$HARNESS" 'curl|-X[[:space:]]+POST'
-check_consumer "frontend daemon.ts" "$FRONTEND" 'postJson|fetch|getJson'
 
 echo
 if [ "$fails" -gt 0 ]; then
-  bad "$fails plant-contract drift(s) — align the consumer, or if the contract changed update ApiMemoryEntry + harness/fixtures/web-api/master_memory_plant.json (the ui_bridge test enforces the Rust half)"
+  bad "$fails plant-contract drift(s) — align the consumer, or if the contract changed update agentkeys-protocol::web_api::ApiMemoryEntry + harness/fixtures/web-api/master_memory_plant.json (the ui_bridge test enforces the Rust half)"
   exit 1
 fi
-ok "no drift — daemon.ts + web-parity-demo.sh agree with the canonical plant contract"
+ok "no drift — web-parity-demo.sh agrees with the canonical plant contract"