add skills and CLAUDE.md to enable better llm context management

.claude/settings.local.json

@@ -0,0 +1,166 @@
+{
+  "permissions": {
+    "allow": [
+      "Skill(skill-creator)",
+      "Bash(cat:*)",
+      "Bash(python3:*)",
+      "Bash(find:*)",
+      "Skill(nostr-websocket)",
+      "Bash(go build:*)",
+      "Bash(chmod:*)",
+      "Bash(journalctl:*)",
+      "Bash(timeout 5 bash -c 'echo [\"\"REQ\"\",\"\"test123\"\",{\"\"kinds\"\":[1],\"\"limit\"\":1}] | websocat ws://localhost:3334':*)",
+      "Bash(pkill:*)",
+      "Bash(timeout 5 bash:*)",
+      "Bash(md5sum:*)",
+      "Bash(timeout 3 bash -c 'echo [\\\"\"REQ\\\"\",\\\"\"test456\\\"\",{\\\"\"kinds\\\"\":[1],\\\"\"limit\\\"\":10}] | websocat ws://localhost:3334')",
+      "Bash(printf:*)",
+      "Bash(websocat:*)",
+      "Bash(go test:*)",
+      "Bash(timeout 180 go test:*)",
+      "WebFetch(domain:github.com)",
+      "WebFetch(domain:raw.githubusercontent.com)",
+      "Bash(/tmp/find help)",
+      "Bash(/tmp/find verify-name example.com)",
+      "Skill(golang)",
+      "Bash(/tmp/find verify-name Bitcoin.Nostr)",
+      "Bash(/tmp/find generate-key)",
+      "Bash(git ls-tree:*)",
+      "Bash(CGO_ENABLED=0 go build:*)",
+      "Bash(CGO_ENABLED=0 go test:*)",
+      "Bash(app/web/dist/index.html)",
+      "Bash(export CGO_ENABLED=0)",
+      "Bash(bash:*)",
+      "Bash(CGO_ENABLED=0 ORLY_LOG_LEVEL=debug go test:*)",
+      "Bash(/tmp/test-policy-script.sh)",
+      "Bash(docker --version:*)",
+      "Bash(mkdir:*)",
+      "Bash(./test-docker-policy/test-policy.sh:*)",
+      "Bash(docker-compose:*)",
+      "Bash(tee:*)",
+      "Bash(docker logs:*)",
+      "Bash(timeout 5 websocat:*)",
+      "Bash(docker exec:*)",
+      "Bash(TESTSIG=\"bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb\":*)",
+      "Bash(echo:*)",
+      "Bash(git rm:*)",
+      "Bash(git add:*)",
+      "Bash(./test-policy.sh:*)",
+      "Bash(docker rm:*)",
+      "Bash(./scripts/docker-policy/test-policy.sh:*)",
+      "Bash(./policytest:*)",
+      "WebSearch",
+      "WebFetch(domain:blog.scottlogic.com)",
+      "WebFetch(domain:eli.thegreenplace.net)",
+      "WebFetch(domain:learn-wasm.dev)",
+      "Bash(curl:*)",
+      "Bash(./build.sh)",
+      "Bash(./pkg/wasm/shell/run.sh:*)",
+      "Bash(./run.sh echo.wasm)",
+      "Bash(./test.sh)",
+      "Bash(ORLY_PPROF=cpu ORLY_LOG_LEVEL=info ORLY_LISTEN=0.0.0.0 ORLY_PORT=3334 ORLY_ADMINS=npub1fjqqy4a93z5zsjwsfxqhc2764kvykfdyttvldkkkdera8dr78vhsmmleku ORLY_OWNERS=npub1fjqqy4a93z5zsjwsfxqhc2764kvykfdyttvldkkkdera8dr78vhsmmleku ORLY_ACL_MODE=follows ORLY_SPIDER_MODE=follows timeout 120 go run:*)",
+      "Bash(go tool pprof:*)",
+      "Bash(go get:*)",
+      "Bash(go mod tidy:*)",
+      "Bash(go list:*)",
+      "Bash(timeout 180 go build:*)",
+      "Bash(timeout 240 go build:*)",
+      "Bash(timeout 300 go build:*)",
+      "Bash(/tmp/orly:*)",
+      "Bash(./orly version:*)",
+      "Bash(git checkout:*)",
+      "Bash(docker ps:*)",
+      "Bash(./run-profile.sh:*)",
+      "Bash(sudo rm:*)",
+      "Bash(docker compose:*)",
+      "Bash(./run-benchmark.sh:*)",
+      "Bash(docker run:*)",
+      "Bash(docker inspect:*)",
+      "Bash(./run-benchmark-clean.sh:*)",
+      "Bash(cd:*)",
+      "Bash(CGO_ENABLED=0 timeout 180 go build:*)",
+      "Bash(/home/mleku/src/next.orly.dev/pkg/dgraph/dgraph.go)",
+      "Bash(ORLY_LOG_LEVEL=debug timeout 60 ./orly:*)",
+      "Bash(ORLY_LOG_LEVEL=debug timeout 30 ./orly:*)",
+      "Bash(killall:*)",
+      "Bash(kill:*)",
+      "Bash(gh repo list:*)",
+      "Bash(gh auth:*)",
+      "Bash(/tmp/backup-github-repos.sh)",
+      "Bash(./benchmark:*)",
+      "Bash(env)",
+      "Bash(./run-badger-benchmark.sh:*)",
+      "Bash(./update-github-vpn.sh:*)",
+      "Bash(dmesg:*)",
+      "Bash(export:*)",
+      "Bash(timeout 60 /tmp/benchmark-fixed:*)",
+      "Bash(/tmp/test-auth-event.sh)",
+      "Bash(CGO_ENABLED=0 timeout 180 go test:*)",
+      "Bash(/tmp/benchmark-real-events:*)",
+      "Bash(CGO_ENABLED=0 timeout 240 go build:*)",
+      "Bash(/tmp/benchmark-final --events 500 --workers 2 --datadir /tmp/test-real-final)",
+      "Bash(timeout 60 /tmp/benchmark-final:*)",
+      "Bash(timeout 120 ./benchmark:*)",
+      "Bash(timeout 60 ./benchmark:*)",
+      "Bash(timeout 30 ./benchmark:*)",
+      "Bash(timeout 15 ./benchmark:*)",
+      "Bash(docker build:*)",
+      "Bash(xargs:*)",
+      "Bash(timeout 30 sh:*)",
+      "Bash(timeout 60 go test:*)",
+      "Bash(timeout 120 go test:*)",
+      "Bash(timeout 180 ./scripts/test.sh:*)",
+      "Bash(CGO_ENABLED=0 timeout 60 go test:*)",
+      "Bash(CGO_ENABLED=1 go build:*)",
+      "Bash(lynx:*)",
+      "Bash(sed:*)",
+      "Bash(docker stop:*)",
+      "Bash(grep:*)",
+      "Bash(timeout 30 go test:*)",
+      "Bash(tree:*)",
+      "Bash(timeout 180 ./migrate-imports.sh:*)",
+      "Bash(./migrate-fast.sh:*)",
+      "Bash(git restore:*)",
+      "Bash(go mod download:*)",
+      "Bash(go clean:*)",
+      "Bash(GOSUMDB=off CGO_ENABLED=0 timeout 240 go build:*)",
+      "Bash(CGO_ENABLED=0 GOFLAGS=-mod=mod timeout 240 go build:*)",
+      "Bash(CGO_ENABLED=0 timeout 120 go test:*)",
+      "Bash(./cmd/blossomtest/blossomtest:*)",
+      "Bash(sudo journalctl:*)",
+      "Bash(systemctl:*)",
+      "Bash(systemctl show:*)",
+      "Bash(ssh relay1:*)",
+      "Bash(done)",
+      "Bash(go run:*)",
+      "Bash(go doc:*)",
+      "Bash(/tmp/orly-test help:*)",
+      "Bash(go version:*)",
+      "Bash(ss:*)",
+      "Bash(CGO_ENABLED=0 go clean:*)",
+      "Bash(CGO_ENABLED=0 timeout 30 go test:*)",
+      "Bash(~/.local/bin/tea issue 6 --repo mleku/next.orly.dev --remote https://git.nostrdev.com)",
+      "Bash(tea issue:*)",
+      "Bash(tea issues view:*)",
+      "Bash(tea issue view:*)",
+      "Bash(tea issues:*)",
+      "Bash(bun run build:*)",
+      "Bash(git tag:*)",
+      "Bash(/tmp/orly-test version:*)",
+      "Bash(git log:*)",
+      "Bash(git show:*)",
+      "Bash(git config:*)",
+      "Bash(git check-ignore:*)",
+      "Bash(git commit:*)",
+      "WebFetch(domain:www.npmjs.com)",
+      "Bash(git stash:*)",
+      "WebFetch(domain:arxiv.org)",
+      "WebFetch(domain:hal.science)",
+      "WebFetch(domain:pkg.go.dev)",
+      "WebFetch(domain:paulmillr.com)"
+    ],
+    "deny": [],
+    "ask": []
+  },
+  "outputStyle": "Explanatory"
+}

.claude/skills/distributed-systems/references/consensus-protocols.md

@@ -0,0 +1,610 @@
+# Consensus Protocols - Detailed Reference
+
+Complete specifications and implementation details for major consensus protocols.
+
+## Paxos Complete Specification
+
+### Proposal Numbers
+
+Proposal numbers must be:
+- **Unique**: No two proposers use the same number
+- **Totally ordered**: Any two can be compared
+
+**Implementation**: `(round_number, proposer_id)` where proposer_id breaks ties.
+
+### Single-Decree Paxos State
+
+**Proposer state**:
+```
+proposal_number: int
+value: any
+```
+
+**Acceptor state (persistent)**:
+```
+highest_promised: int    # Highest proposal number promised
+accepted_proposal: int   # Number of accepted proposal (0 if none)
+accepted_value: any      # Value of accepted proposal (null if none)
+```
+
+### Message Format
+
+**Prepare** (Phase 1a):
+```
+{
+  type: "PREPARE",
+  proposal_number: n
+}
+```
+
+**Promise** (Phase 1b):
+```
+{
+  type: "PROMISE",
+  proposal_number: n,
+  accepted_proposal: m,    # null if nothing accepted
+  accepted_value: v        # null if nothing accepted
+}
+```
+
+**Accept** (Phase 2a):
+```
+{
+  type: "ACCEPT",
+  proposal_number: n,
+  value: v
+}
+```
+
+**Accepted** (Phase 2b):
+```
+{
+  type: "ACCEPTED",
+  proposal_number: n,
+  value: v
+}
+```
+
+### Proposer Algorithm
+
+```
+function propose(value):
+    n = generate_proposal_number()
+
+    # Phase 1: Prepare
+    promises = []
+    for acceptor in acceptors:
+        send PREPARE(n) to acceptor
+
+    wait until |promises| > |acceptors|/2 or timeout
+
+    if timeout:
+        return FAILED
+
+    # Choose value
+    highest = max(promises, key=p.accepted_proposal)
+    if highest.accepted_value is not null:
+        value = highest.accepted_value
+
+    # Phase 2: Accept
+    accepts = []
+    for acceptor in acceptors:
+        send ACCEPT(n, value) to acceptor
+
+    wait until |accepts| > |acceptors|/2 or timeout
+
+    if timeout:
+        return FAILED
+
+    return SUCCESS(value)
+```
+
+### Acceptor Algorithm
+
+```
+on receive PREPARE(n):
+    if n > highest_promised:
+        highest_promised = n
+        persist(highest_promised)
+        reply PROMISE(n, accepted_proposal, accepted_value)
+    else:
+        # Optionally reply NACK(highest_promised)
+        ignore or reject
+
+on receive ACCEPT(n, v):
+    if n >= highest_promised:
+        highest_promised = n
+        accepted_proposal = n
+        accepted_value = v
+        persist(highest_promised, accepted_proposal, accepted_value)
+        reply ACCEPTED(n, v)
+    else:
+        ignore or reject
+```
+
+### Multi-Paxos Optimization
+
+**Stable leader**:
+```
+# Leader election (using Paxos or other method)
+leader = elect_leader()
+
+# Leader's Phase 1 for all future instances
+leader sends PREPARE(n) for instance range [i, ∞)
+
+# For each command:
+function propose_as_leader(value, instance):
+    # Skip Phase 1 if already leader
+    for acceptor in acceptors:
+        send ACCEPT(n, value, instance) to acceptor
+    wait for majority ACCEPTED
+    return SUCCESS
+```
+
+### Paxos Safety Proof Sketch
+
+**Invariant**: If a value v is chosen for instance i, no other value can be chosen.
+
+**Proof**:
+1. Value chosen → accepted by majority with proposal n
+2. Any higher proposal n' must contact majority
+3. Majorities intersect → at least one acceptor has accepted v
+4. New proposer adopts v (or higher already-accepted value)
+5. By induction, all future proposals use v
+
+## Raft Complete Specification
+
+### State
+
+**All servers (persistent)**:
+```
+currentTerm: int      # Latest term seen
+votedFor: ServerId    # Candidate voted for in current term (null if none)
+log[]: LogEntry       # Log entries
+```
+
+**All servers (volatile)**:
+```
+commitIndex: int      # Highest log index known to be committed
+lastApplied: int      # Highest log index applied to state machine
+```
+
+**Leader (volatile, reinitialized after election)**:
+```
+nextIndex[]: int      # For each server, next log index to send
+matchIndex[]: int     # For each server, highest log index replicated
+```
+
+**LogEntry**:
+```
+{
+  term: int,
+  command: any
+}
+```
+
+### RequestVote RPC
+
+**Request**:
+```
+{
+  term: int,              # Candidate's term
+  candidateId: ServerId,  # Candidate requesting vote
+  lastLogIndex: int,      # Index of candidate's last log entry
+  lastLogTerm: int        # Term of candidate's last log entry
+}
+```
+
+**Response**:
+```
+{
+  term: int,              # currentTerm, for candidate to update itself
+  voteGranted: bool       # True if candidate received vote
+}
+```
+
+**Receiver implementation**:
+```
+on receive RequestVote(term, candidateId, lastLogIndex, lastLogTerm):
+    if term < currentTerm:
+        return {term: currentTerm, voteGranted: false}
+
+    if term > currentTerm:
+        currentTerm = term
+        votedFor = null
+        convert to follower
+
+    # Check if candidate's log is at least as up-to-date as ours
+    ourLastTerm = log[len(log)-1].term if log else 0
+    ourLastIndex = len(log) - 1
+
+    logOK = (lastLogTerm > ourLastTerm) or
+            (lastLogTerm == ourLastTerm and lastLogIndex >= ourLastIndex)
+
+    if (votedFor is null or votedFor == candidateId) and logOK:
+        votedFor = candidateId
+        persist(currentTerm, votedFor)
+        reset election timer
+        return {term: currentTerm, voteGranted: true}
+
+    return {term: currentTerm, voteGranted: false}
+```
+
+### AppendEntries RPC
+
+**Request**:
+```
+{
+  term: int,              # Leader's term
+  leaderId: ServerId,     # For follower to redirect clients
+  prevLogIndex: int,      # Index of log entry preceding new ones
+  prevLogTerm: int,       # Term of prevLogIndex entry
+  entries[]: LogEntry,    # Log entries to store (empty for heartbeat)
+  leaderCommit: int       # Leader's commitIndex
+}
+```
+
+**Response**:
+```
+{
+  term: int,              # currentTerm, for leader to update itself
+  success: bool           # True if follower had matching prevLog entry
+}
+```
+
+**Receiver implementation**:
+```
+on receive AppendEntries(term, leaderId, prevLogIndex, prevLogTerm, entries, leaderCommit):
+    if term < currentTerm:
+        return {term: currentTerm, success: false}
+
+    reset election timer
+
+    if term > currentTerm:
+        currentTerm = term
+        votedFor = null
+
+    convert to follower
+
+    # Check log consistency
+    if prevLogIndex >= len(log) or
+       (prevLogIndex >= 0 and log[prevLogIndex].term != prevLogTerm):
+        return {term: currentTerm, success: false}
+
+    # Append new entries (handling conflicts)
+    for i, entry in enumerate(entries):
+        index = prevLogIndex + 1 + i
+        if index < len(log):
+            if log[index].term != entry.term:
+                # Delete conflicting entry and all following
+                log = log[:index]
+                log.append(entry)
+        else:
+            log.append(entry)
+
+    persist(currentTerm, votedFor, log)
+
+    # Update commit index
+    if leaderCommit > commitIndex:
+        commitIndex = min(leaderCommit, len(log) - 1)
+
+    return {term: currentTerm, success: true}
+```
+
+### Leader Behavior
+
+```
+on becoming leader:
+    for each server:
+        nextIndex[server] = len(log)
+        matchIndex[server] = 0
+
+    start sending heartbeats
+
+on receiving client command:
+    append entry to local log
+    persist log
+    send AppendEntries to all followers
+
+on receiving AppendEntries response from server:
+    if response.success:
+        matchIndex[server] = prevLogIndex + len(entries)
+        nextIndex[server] = matchIndex[server] + 1
+
+        # Update commit index
+        for N from commitIndex+1 to len(log)-1:
+            if log[N].term == currentTerm and
+               |{s : matchIndex[s] >= N}| > |servers|/2:
+                commitIndex = N
+    else:
+        nextIndex[server] = max(1, nextIndex[server] - 1)
+        retry AppendEntries with lower prevLogIndex
+
+on commitIndex update:
+    while lastApplied < commitIndex:
+        lastApplied++
+        apply log[lastApplied].command to state machine
+```
+
+### Election Timeout
+
+```
+on election timeout (follower or candidate):
+    currentTerm++
+    convert to candidate
+    votedFor = self
+    persist(currentTerm, votedFor)
+    reset election timer
+    votes = 1  # Vote for self
+
+    for each server except self:
+        send RequestVote(currentTerm, self, lastLogIndex, lastLogTerm)
+
+    wait for responses or timeout:
+        if received votes > |servers|/2:
+            become leader
+        if received AppendEntries from valid leader:
+            become follower
+        if timeout:
+            start new election
+```
+
+## PBFT Complete Specification
+
+### Message Types
+
+**REQUEST**:
+```
+{
+  type: "REQUEST",
+  operation: o,           # Operation to execute
+  timestamp: t,           # Client timestamp (for reply matching)
+  client: c               # Client identifier
+}
+```
+
+**PRE-PREPARE**:
+```
+{
+  type: "PRE-PREPARE",
+  view: v,                # Current view number
+  sequence: n,            # Sequence number
+  digest: d,              # Hash of request
+  request: m              # The request message
+}
+signature(primary)
+```
+
+**PREPARE**:
+```
+{
+  type: "PREPARE",
+  view: v,
+  sequence: n,
+  digest: d,
+  replica: i              # Sending replica
+}
+signature(replica_i)
+```
+
+**COMMIT**:
+```
+{
+  type: "COMMIT",
+  view: v,
+  sequence: n,
+  digest: d,
+  replica: i
+}
+signature(replica_i)
+```
+
+**REPLY**:
+```
+{
+  type: "REPLY",
+  view: v,
+  timestamp: t,
+  client: c,
+  replica: i,
+  result: r               # Execution result
+}
+signature(replica_i)
+```
+
+### Replica State
+
+```
+view: int                       # Current view
+sequence: int                   # Last assigned sequence number (primary)
+log[]: {request, prepares, commits, state}  # Log of requests
+prepared_certificates: {}       # Prepared certificates (2f+1 prepares)
+committed_certificates: {}      # Committed certificates (2f+1 commits)
+h: int                          # Low water mark
+H: int                          # High water mark (h + L)
+```
+
+### Normal Operation Protocol
+
+**Primary (replica p = v mod n)**:
+```
+on receive REQUEST(m) from client:
+    if not primary for current view:
+        forward to primary
+        return
+
+    n = assign_sequence_number()
+    d = hash(m)
+
+    broadcast PRE-PREPARE(v, n, d, m) to all replicas
+    add to log
+```
+
+**All replicas**:
+```
+on receive PRE-PREPARE(v, n, d, m) from primary:
+    if v != current_view:
+        ignore
+    if already accepted pre-prepare for (v, n) with different digest:
+        ignore
+    if not in_view_as_backup(v):
+        ignore
+    if not h < n <= H:
+        ignore  # Outside sequence window
+
+    # Valid pre-prepare
+    add to log
+    broadcast PREPARE(v, n, d, i) to all replicas
+
+on receive PREPARE(v, n, d, j) from replica j:
+    if v != current_view:
+        ignore
+
+    add to log[n].prepares
+
+    if |log[n].prepares| >= 2f and not already_prepared(v, n, d):
+        # Prepared certificate complete
+        mark as prepared
+        broadcast COMMIT(v, n, d, i) to all replicas
+
+on receive COMMIT(v, n, d, j) from replica j:
+    if v != current_view:
+        ignore
+
+    add to log[n].commits
+
+    if |log[n].commits| >= 2f + 1 and prepared(v, n, d):
+        # Committed certificate complete
+        if all entries < n are committed:
+            execute(m)
+            send REPLY(v, t, c, i, result) to client
+```
+
+### View Change Protocol
+
+**Timeout trigger**:
+```
+on request timeout (no progress):
+    view_change_timeout++
+    broadcast VIEW-CHANGE(v+1, n, C, P, i)
+
+    where:
+      n = last stable checkpoint sequence number
+      C = checkpoint certificate (2f+1 checkpoint messages)
+      P = set of prepared certificates for messages after n
+```
+
+**VIEW-CHANGE**:
+```
+{
+  type: "VIEW-CHANGE",
+  view: v,                      # New view number
+  sequence: n,                  # Checkpoint sequence
+  checkpoints: C,               # Checkpoint certificate
+  prepared: P,                  # Set of prepared certificates
+  replica: i
+}
+signature(replica_i)
+```
+
+**New primary (p' = v mod n)**:
+```
+on receive 2f VIEW-CHANGE for view v:
+    V = set of valid view-change messages
+
+    # Compute O: set of requests to re-propose
+    O = {}
+    for seq in max_checkpoint_seq(V) to max_seq(V):
+        if exists prepared certificate for seq in V:
+            O[seq] = request from certificate
+        else:
+            O[seq] = null-request  # No-op
+
+    broadcast NEW-VIEW(v, V, O)
+
+    # Re-run protocol for requests in O
+    for seq, request in O:
+        if request != null:
+            send PRE-PREPARE(v, seq, hash(request), request)
+```
+
+**NEW-VIEW**:
+```
+{
+  type: "NEW-VIEW",
+  view: v,
+  view_changes: V,              # 2f+1 view-change messages
+  pre_prepares: O               # Set of pre-prepare messages
+}
+signature(primary)
+```
+
+### Checkpointing
+
+Periodic stable checkpoints to garbage collect logs:
+
+```
+every K requests:
+    state_hash = hash(state_machine_state)
+    broadcast CHECKPOINT(n, state_hash, i)
+
+on receive 2f+1 CHECKPOINT for (n, d):
+    if all digests match:
+        create stable checkpoint
+        h = n  # Move low water mark
+        garbage_collect(entries < n)
+```
+
+## HotStuff Protocol
+
+Linear complexity BFT using threshold signatures.
+
+### Key Innovation
+
+- **Three-phase**: prepare → pre-commit → commit → decide
+- **Pipelining**: Next proposal starts before current finishes
+- **Threshold signatures**: O(n) total messages instead of O(n²)
+
+### Message Flow
+
+```
+Phase 1 (Prepare):
+  Leader: broadcast PREPARE(v, node)
+  Replicas: sign and send partial signature to leader
+  Leader: aggregate into prepare certificate QC
+
+Phase 2 (Pre-commit):
+  Leader: broadcast PRE-COMMIT(v, QC_prepare)
+  Replicas: sign and send partial signature
+  Leader: aggregate into pre-commit certificate
+
+Phase 3 (Commit):
+  Leader: broadcast COMMIT(v, QC_precommit)
+  Replicas: sign and send partial signature
+  Leader: aggregate into commit certificate
+
+Phase 4 (Decide):
+  Leader: broadcast DECIDE(v, QC_commit)
+  Replicas: execute and commit
+```
+
+### Pipelining
+
+```
+Block k:   [prepare] [pre-commit] [commit] [decide]
+Block k+1:          [prepare] [pre-commit] [commit] [decide]
+Block k+2:                   [prepare] [pre-commit] [commit] [decide]
+```
+
+Each phase of block k+1 piggybacks on messages for block k.
+
+## Protocol Comparison Matrix
+
+| Feature | Paxos | Raft | PBFT | HotStuff |
+|---------|-------|------|------|----------|
+| Fault model | Crash | Crash | Byzantine | Byzantine |
+| Fault tolerance | f with 2f+1 | f with 2f+1 | f with 3f+1 | f with 3f+1 |
+| Message complexity | O(n) | O(n) | O(n²) | O(n) |
+| Leader required | No (helps) | Yes | Yes | Yes |
+| Phases | 2 | 2 | 3 | 3 |
+| View change | Complex | Simple | Complex | Simple |

.claude/skills/distributed-systems/references/logical-clocks.md

@@ -0,0 +1,610 @@
+# Logical Clocks - Implementation Reference
+
+Detailed implementations and algorithms for causality tracking.
+
+## Lamport Clock Implementation
+
+### Data Structure
+
+```go
+type LamportClock struct {
+    counter uint64
+    mu      sync.Mutex
+}
+
+func NewLamportClock() *LamportClock {
+    return &LamportClock{counter: 0}
+}
+```
+
+### Operations
+
+```go
+// Tick increments clock for local event
+func (c *LamportClock) Tick() uint64 {
+    c.mu.Lock()
+    defer c.mu.Unlock()
+    c.counter++
+    return c.counter
+}
+
+// Send returns timestamp for outgoing message
+func (c *LamportClock) Send() uint64 {
+    return c.Tick()
+}
+
+// Receive updates clock based on incoming message timestamp
+func (c *LamportClock) Receive(msgTime uint64) uint64 {
+    c.mu.Lock()
+    defer c.mu.Unlock()
+
+    if msgTime > c.counter {
+        c.counter = msgTime
+    }
+    c.counter++
+    return c.counter
+}
+
+// Time returns current clock value without incrementing
+func (c *LamportClock) Time() uint64 {
+    c.mu.Lock()
+    defer c.mu.Unlock()
+    return c.counter
+}
+```
+
+### Usage Example
+
+```go
+// Process A
+clockA := NewLamportClock()
+e1 := clockA.Tick()      // Event 1: time=1
+msgTime := clockA.Send() // Send: time=2
+
+// Process B
+clockB := NewLamportClock()
+e2 := clockB.Tick()           // Event 2: time=1
+e3 := clockB.Receive(msgTime) // Receive: time=3 (max(1,2)+1)
+```
+
+## Vector Clock Implementation
+
+### Data Structure
+
+```go
+type VectorClock struct {
+    clocks map[string]uint64  // processID -> logical time
+    self   string             // this process's ID
+    mu     sync.RWMutex
+}
+
+func NewVectorClock(processID string, allProcesses []string) *VectorClock {
+    clocks := make(map[string]uint64)
+    for _, p := range allProcesses {
+        clocks[p] = 0
+    }
+    return &VectorClock{
+        clocks: clocks,
+        self:   processID,
+    }
+}
+```
+
+### Operations
+
+```go
+// Tick increments own clock
+func (vc *VectorClock) Tick() map[string]uint64 {
+    vc.mu.Lock()
+    defer vc.mu.Unlock()
+
+    vc.clocks[vc.self]++
+    return vc.copy()
+}
+
+// Send returns copy of vector for message
+func (vc *VectorClock) Send() map[string]uint64 {
+    return vc.Tick()
+}
+
+// Receive merges incoming vector and increments
+func (vc *VectorClock) Receive(incoming map[string]uint64) map[string]uint64 {
+    vc.mu.Lock()
+    defer vc.mu.Unlock()
+
+    // Merge: take max of each component
+    for pid, time := range incoming {
+        if time > vc.clocks[pid] {
+            vc.clocks[pid] = time
+        }
+    }
+
+    // Increment own clock
+    vc.clocks[vc.self]++
+    return vc.copy()
+}
+
+// copy returns a copy of the vector
+func (vc *VectorClock) copy() map[string]uint64 {
+    result := make(map[string]uint64)
+    for k, v := range vc.clocks {
+        result[k] = v
+    }
+    return result
+}
+```
+
+### Comparison Functions
+
+```go
+// Compare returns ordering relationship between two vectors
+type Ordering int
+
+const (
+    Equal      Ordering = iota // V1 == V2
+    HappenedBefore            // V1 < V2
+    HappenedAfter             // V1 > V2
+    Concurrent                // V1 || V2
+)
+
+func Compare(v1, v2 map[string]uint64) Ordering {
+    less := false
+    greater := false
+
+    // Get all keys
+    allKeys := make(map[string]bool)
+    for k := range v1 {
+        allKeys[k] = true
+    }
+    for k := range v2 {
+        allKeys[k] = true
+    }
+
+    for k := range allKeys {
+        t1 := v1[k] // 0 if not present
+        t2 := v2[k]
+
+        if t1 < t2 {
+            less = true
+        }
+        if t1 > t2 {
+            greater = true
+        }
+    }
+
+    if !less && !greater {
+        return Equal
+    }
+    if less && !greater {
+        return HappenedBefore
+    }
+    if greater && !less {
+        return HappenedAfter
+    }
+    return Concurrent
+}
+
+// IsConcurrent checks if two events are concurrent
+func IsConcurrent(v1, v2 map[string]uint64) bool {
+    return Compare(v1, v2) == Concurrent
+}
+
+// HappenedBefore checks if v1 -> v2 (v1 causally precedes v2)
+func HappenedBefore(v1, v2 map[string]uint64) bool {
+    return Compare(v1, v2) == HappenedBefore
+}
+```
+
+## Interval Tree Clock Implementation
+
+### Data Structures
+
+```go
+// ID represents the identity tree
+type ID struct {
+    IsLeaf bool
+    Value  int   // 0 or 1 for leaves
+    Left   *ID   // nil for leaves
+    Right  *ID
+}
+
+// Stamp represents the event tree
+type Stamp struct {
+    Base  int
+    Left  *Stamp // nil for leaf stamps
+    Right *Stamp
+}
+
+// ITC combines ID and Stamp
+type ITC struct {
+    ID    *ID
+    Stamp *Stamp
+}
+```
+
+### ID Operations
+
+```go
+// NewSeedID creates initial full ID (1)
+func NewSeedID() *ID {
+    return &ID{IsLeaf: true, Value: 1}
+}
+
+// Fork splits an ID into two
+func (id *ID) Fork() (*ID, *ID) {
+    if id.IsLeaf {
+        if id.Value == 0 {
+            // Cannot fork zero ID
+            return &ID{IsLeaf: true, Value: 0},
+                   &ID{IsLeaf: true, Value: 0}
+        }
+        // Split full ID into left and right halves
+        return &ID{
+                IsLeaf: false,
+                Left:   &ID{IsLeaf: true, Value: 1},
+                Right:  &ID{IsLeaf: true, Value: 0},
+            },
+            &ID{
+                IsLeaf: false,
+                Left:   &ID{IsLeaf: true, Value: 0},
+                Right:  &ID{IsLeaf: true, Value: 1},
+            }
+    }
+
+    // Fork from non-leaf: give half to each
+    if id.Left.IsLeaf && id.Left.Value == 0 {
+        // Left is zero, fork right
+        newRight1, newRight2 := id.Right.Fork()
+        return &ID{IsLeaf: false, Left: id.Left, Right: newRight1},
+               &ID{IsLeaf: false, Left: &ID{IsLeaf: true, Value: 0}, Right: newRight2}
+    }
+    if id.Right.IsLeaf && id.Right.Value == 0 {
+        // Right is zero, fork left
+        newLeft1, newLeft2 := id.Left.Fork()
+        return &ID{IsLeaf: false, Left: newLeft1, Right: id.Right},
+               &ID{IsLeaf: false, Left: newLeft2, Right: &ID{IsLeaf: true, Value: 0}}
+    }
+
+    // Both have IDs, split
+    return &ID{IsLeaf: false, Left: id.Left, Right: &ID{IsLeaf: true, Value: 0}},
+           &ID{IsLeaf: false, Left: &ID{IsLeaf: true, Value: 0}, Right: id.Right}
+}
+
+// Join merges two IDs
+func Join(id1, id2 *ID) *ID {
+    if id1.IsLeaf && id1.Value == 0 {
+        return id2
+    }
+    if id2.IsLeaf && id2.Value == 0 {
+        return id1
+    }
+    if id1.IsLeaf && id2.IsLeaf && id1.Value == 1 && id2.Value == 1 {
+        return &ID{IsLeaf: true, Value: 1}
+    }
+
+    // Normalize to non-leaf
+    left1 := id1.Left
+    right1 := id1.Right
+    left2 := id2.Left
+    right2 := id2.Right
+
+    if id1.IsLeaf {
+        left1 = id1
+        right1 = id1
+    }
+    if id2.IsLeaf {
+        left2 = id2
+        right2 = id2
+    }
+
+    newLeft := Join(left1, left2)
+    newRight := Join(right1, right2)
+
+    return normalize(&ID{IsLeaf: false, Left: newLeft, Right: newRight})
+}
+
+func normalize(id *ID) *ID {
+    if !id.IsLeaf {
+        if id.Left.IsLeaf && id.Right.IsLeaf &&
+           id.Left.Value == id.Right.Value {
+            return &ID{IsLeaf: true, Value: id.Left.Value}
+        }
+    }
+    return id
+}
+```
+
+### Stamp Operations
+
+```go
+// NewStamp creates initial stamp (0)
+func NewStamp() *Stamp {
+    return &Stamp{Base: 0}
+}
+
+// Event increments the stamp for the given ID
+func Event(id *ID, stamp *Stamp) *Stamp {
+    if id.IsLeaf {
+        if id.Value == 1 {
+            return &Stamp{Base: stamp.Base + 1}
+        }
+        return stamp // Cannot increment with zero ID
+    }
+
+    // Non-leaf ID: fill where we have ID
+    if id.Left.IsLeaf && id.Left.Value == 1 {
+        // Have left ID, increment left
+        newLeft := Event(&ID{IsLeaf: true, Value: 1}, getLeft(stamp))
+        return normalizeStamp(&Stamp{
+            Base:  stamp.Base,
+            Left:  newLeft,
+            Right: getRight(stamp),
+        })
+    }
+    if id.Right.IsLeaf && id.Right.Value == 1 {
+        newRight := Event(&ID{IsLeaf: true, Value: 1}, getRight(stamp))
+        return normalizeStamp(&Stamp{
+            Base:  stamp.Base,
+            Left:  getLeft(stamp),
+            Right: newRight,
+        })
+    }
+
+    // Both non-zero, choose lower side
+    leftMax := maxStamp(getLeft(stamp))
+    rightMax := maxStamp(getRight(stamp))
+
+    if leftMax <= rightMax {
+        return normalizeStamp(&Stamp{
+            Base:  stamp.Base,
+            Left:  Event(id.Left, getLeft(stamp)),
+            Right: getRight(stamp),
+        })
+    }
+    return normalizeStamp(&Stamp{
+        Base:  stamp.Base,
+        Left:  getLeft(stamp),
+        Right: Event(id.Right, getRight(stamp)),
+    })
+}
+
+func getLeft(s *Stamp) *Stamp {
+    if s.Left == nil {
+        return &Stamp{Base: 0}
+    }
+    return s.Left
+}
+
+func getRight(s *Stamp) *Stamp {
+    if s.Right == nil {
+        return &Stamp{Base: 0}
+    }
+    return s.Right
+}
+
+func maxStamp(s *Stamp) int {
+    if s.Left == nil && s.Right == nil {
+        return s.Base
+    }
+    left := 0
+    right := 0
+    if s.Left != nil {
+        left = maxStamp(s.Left)
+    }
+    if s.Right != nil {
+        right = maxStamp(s.Right)
+    }
+    max := left
+    if right > max {
+        max = right
+    }
+    return s.Base + max
+}
+
+// JoinStamps merges two stamps
+func JoinStamps(s1, s2 *Stamp) *Stamp {
+    // Take max at each level
+    base := s1.Base
+    if s2.Base > base {
+        base = s2.Base
+    }
+
+    // Adjust for base difference
+    adj1 := s1.Base
+    adj2 := s2.Base
+
+    return normalizeStamp(&Stamp{
+        Base:  base,
+        Left:  joinStampsRecursive(s1.Left, s2.Left, adj1-base, adj2-base),
+        Right: joinStampsRecursive(s1.Right, s2.Right, adj1-base, adj2-base),
+    })
+}
+
+func normalizeStamp(s *Stamp) *Stamp {
+    if s.Left == nil && s.Right == nil {
+        return s
+    }
+    if s.Left != nil && s.Right != nil {
+        if s.Left.Base > 0 && s.Right.Base > 0 {
+            min := s.Left.Base
+            if s.Right.Base < min {
+                min = s.Right.Base
+            }
+            return &Stamp{
+                Base:  s.Base + min,
+                Left:  &Stamp{Base: s.Left.Base - min, Left: s.Left.Left, Right: s.Left.Right},
+                Right: &Stamp{Base: s.Right.Base - min, Left: s.Right.Left, Right: s.Right.Right},
+            }
+        }
+    }
+    return s
+}
+```
+
+## Hybrid Logical Clock Implementation
+
+```go
+type HLC struct {
+    l  int64      // logical component (physical time)
+    c  int64      // counter
+    mu sync.Mutex
+}
+
+func NewHLC() *HLC {
+    return &HLC{l: 0, c: 0}
+}
+
+type HLCTimestamp struct {
+    L int64
+    C int64
+}
+
+func (hlc *HLC) physicalTime() int64 {
+    return time.Now().UnixNano()
+}
+
+// Now returns current HLC timestamp for local/send event
+func (hlc *HLC) Now() HLCTimestamp {
+    hlc.mu.Lock()
+    defer hlc.mu.Unlock()
+
+    pt := hlc.physicalTime()
+
+    if pt > hlc.l {
+        hlc.l = pt
+        hlc.c = 0
+    } else {
+        hlc.c++
+    }
+
+    return HLCTimestamp{L: hlc.l, C: hlc.c}
+}
+
+// Update updates HLC based on received timestamp
+func (hlc *HLC) Update(received HLCTimestamp) HLCTimestamp {
+    hlc.mu.Lock()
+    defer hlc.mu.Unlock()
+
+    pt := hlc.physicalTime()
+
+    if pt > hlc.l && pt > received.L {
+        hlc.l = pt
+        hlc.c = 0
+    } else if received.L > hlc.l {
+        hlc.l = received.L
+        hlc.c = received.C + 1
+    } else if hlc.l > received.L {
+        hlc.c++
+    } else { // hlc.l == received.L
+        if received.C > hlc.c {
+            hlc.c = received.C + 1
+        } else {
+            hlc.c++
+        }
+    }
+
+    return HLCTimestamp{L: hlc.l, C: hlc.c}
+}
+
+// Compare compares two HLC timestamps
+func (t1 HLCTimestamp) Compare(t2 HLCTimestamp) int {
+    if t1.L < t2.L {
+        return -1
+    }
+    if t1.L > t2.L {
+        return 1
+    }
+    if t1.C < t2.C {
+        return -1
+    }
+    if t1.C > t2.C {
+        return 1
+    }
+    return 0
+}
+```
+
+## Causal Broadcast Implementation
+
+```go
+type CausalBroadcast struct {
+    vc       *VectorClock
+    pending  []PendingMessage
+    deliver  func(Message)
+    mu       sync.Mutex
+}
+
+type PendingMessage struct {
+    Msg       Message
+    Timestamp map[string]uint64
+}
+
+func NewCausalBroadcast(processID string, processes []string, deliver func(Message)) *CausalBroadcast {
+    return &CausalBroadcast{
+        vc:      NewVectorClock(processID, processes),
+        pending: make([]PendingMessage, 0),
+        deliver: deliver,
+    }
+}
+
+// Broadcast sends a message to all processes
+func (cb *CausalBroadcast) Broadcast(msg Message) map[string]uint64 {
+    cb.mu.Lock()
+    defer cb.mu.Unlock()
+
+    timestamp := cb.vc.Send()
+    // Actual network broadcast would happen here
+    return timestamp
+}
+
+// Receive handles an incoming message
+func (cb *CausalBroadcast) Receive(msg Message, sender string, timestamp map[string]uint64) {
+    cb.mu.Lock()
+    defer cb.mu.Unlock()
+
+    // Add to pending
+    cb.pending = append(cb.pending, PendingMessage{Msg: msg, Timestamp: timestamp})
+
+    // Try to deliver pending messages
+    cb.tryDeliver()
+}
+
+func (cb *CausalBroadcast) tryDeliver() {
+    changed := true
+    for changed {
+        changed = false
+
+        for i, pending := range cb.pending {
+            if cb.canDeliver(pending.Timestamp) {
+                // Deliver message
+                cb.vc.Receive(pending.Timestamp)
+                cb.deliver(pending.Msg)
+
+                // Remove from pending
+                cb.pending = append(cb.pending[:i], cb.pending[i+1:]...)
+                changed = true
+                break
+            }
+        }
+    }
+}
+
+func (cb *CausalBroadcast) canDeliver(msgVC map[string]uint64) bool {
+    currentVC := cb.vc.clocks
+
+    for pid, msgTime := range msgVC {
+        if pid == cb.vc.self {
+            // Must be next expected from sender
+            if msgTime != currentVC[pid]+1 {
+                return false
+            }
+        } else {
+            // All other dependencies must be satisfied
+            if msgTime > currentVC[pid] {
+                return false
+            }
+        }
+    }
+    return true
+}
+```

.claude/skills/elliptic-curves/SKILL.md

@@ -0,0 +1,369 @@
+---
+name: elliptic-curves
+description: This skill should be used when working with elliptic curve cryptography, implementing or debugging secp256k1 operations, understanding modular arithmetic and finite fields, or implementing signature schemes like ECDSA and Schnorr. Provides comprehensive knowledge of group theory foundations, curve mathematics, point multiplication algorithms, and cryptographic optimizations.
+---
+
+# Elliptic Curve Cryptography
+
+This skill provides deep knowledge of elliptic curve cryptography (ECC), with particular focus on the secp256k1 curve used in Bitcoin and Nostr, including the mathematical foundations and implementation considerations.
+
+## When to Use This Skill
+
+- Implementing or debugging elliptic curve operations
+- Working with secp256k1, ECDSA, or Schnorr signatures
+- Understanding modular arithmetic and finite field operations
+- Optimizing cryptographic code for performance
+- Analyzing security properties of curve-based cryptography
+
+## Mathematical Foundations
+
+### Groups in Cryptography
+
+A **group** is a set G with a binary operation (often denoted · or +) satisfying:
+
+1. **Closure**: For all a, b ∈ G, the result a · b is also in G
+2. **Associativity**: (a · b) · c = a · (b · c)
+3. **Identity**: There exists e ∈ G such that e · a = a · e = a
+4. **Inverse**: For each a ∈ G, there exists a⁻¹ such that a · a⁻¹ = e
+
+A **cyclic group** is generated by repeatedly applying the operation to a single element (the generator). The **order** of a group is the number of elements.
+
+**Why groups matter in cryptography**: The discrete logarithm problem—given g and gⁿ, find n—is computationally hard in certain groups, forming the security basis for ECC.
+
+### Modular Arithmetic
+
+Modular arithmetic constrains calculations to a finite range [0, p-1] for some modulus p:
+
+```
+a ≡ b (mod p)  means  p divides (a - b)
+
+Operations:
+- Addition:       (a + b) mod p
+- Subtraction:    (a - b + p) mod p
+- Multiplication: (a × b) mod p
+- Inverse:        a⁻¹ where (a × a⁻¹) ≡ 1 (mod p)
+```
+
+**Computing modular inverse**:
+- **Fermat's Little Theorem**: If p is prime, a⁻¹ ≡ a^(p-2) (mod p)
+- **Extended Euclidean Algorithm**: More efficient for general cases
+- **SafeGCD Algorithm**: Constant-time, used in libsecp256k1
+
+### Finite Fields (Galois Fields)
+
+A **finite field** GF(p) or 𝔽ₚ is a field with a finite number of elements where:
+- p must be prime (or a prime power for extension fields)
+- All arithmetic operations are defined and produce elements within the field
+- Every non-zero element has a multiplicative inverse
+
+For cryptographic curves like secp256k1, the field is 𝔽ₚ where p is a 256-bit prime.
+
+**Key property**: The non-zero elements of a finite field form a cyclic group under multiplication.
+
+## Elliptic Curves
+
+### The Curve Equation
+
+An elliptic curve over a finite field 𝔽ₚ is defined by the Weierstrass equation:
+
+```
+y² = x³ + ax + b  (mod p)
+```
+
+The curve must satisfy the non-singularity condition: 4a³ + 27b² ≠ 0
+
+### Points on the Curve
+
+A point P = (x, y) is on the curve if it satisfies the equation. The set of all points, plus a special "point at infinity" O (the identity element), forms an abelian group.
+
+### Point Operations
+
+**Point Addition (P + Q where P ≠ Q)**:
+```
+λ = (y₂ - y₁) / (x₂ - x₁)  (mod p)
+x₃ = λ² - x₁ - x₂          (mod p)
+y₃ = λ(x₁ - x₃) - y₁       (mod p)
+```
+
+**Point Doubling (P + P = 2P)**:
+```
+λ = (3x₁² + a) / (2y₁)     (mod p)
+x₃ = λ² - 2x₁              (mod p)
+y₃ = λ(x₁ - x₃) - y₁       (mod p)
+```
+
+**Point at Infinity**: Acts as the identity element; P + O = P for all P.
+
+**Point Negation**: -P = (x, -y) = (x, p - y)
+
+## The secp256k1 Curve
+
+### Parameters
+
+secp256k1 is defined by SECG (Standards for Efficient Cryptography Group):
+
+```
+Curve equation: y² = x³ + 7  (a = 0, b = 7)
+
+Prime modulus p:
+  0xFFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F
+  = 2²⁵⁶ - 2³² - 977
+
+Group order n:
+  0xFFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141
+
+Generator point G:
+  Gx = 0x79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798
+  Gy = 0x483ADA77 26A3C465 5DA4FBFC 0E1108A8 FD17B448 A6855419 9C47D08F FB10D4B8
+
+Cofactor h = 1
+```
+
+### Why secp256k1?
+
+1. **Koblitz curve**: a = 0 enables faster computation (no ax term)
+2. **Special prime**: p = 2²⁵⁶ - 2³² - 977 allows efficient modular reduction
+3. **Deterministic construction**: Not randomly generated, reducing backdoor concerns
+4. **~30% faster** than random curves when fully optimized
+
+### Efficient Modular Reduction
+
+The special form of p enables fast reduction without general division:
+
+```
+For p = 2²⁵⁶ - 2³² - 977:
+To reduce a 512-bit number c = c_high × 2²⁵⁶ + c_low:
+  c ≡ c_low + c_high × 2³² + c_high × 977 (mod p)
+```
+
+## Point Multiplication Algorithms
+
+Scalar multiplication kP (computing P + P + ... + P, k times) is the core operation.
+
+### Double-and-Add (Binary Method)
+
+```
+Input: k (scalar), P (point)
+Output: kP
+
+R = O (point at infinity)
+for i from bit_length(k)-1 down to 0:
+    R = 2R           # Point doubling
+    if bit i of k is 1:
+        R = R + P    # Point addition
+return R
+```
+
+**Complexity**: O(log k) point operations
+**Vulnerability**: Timing side-channels (different branches for 0/1 bits)
+
+### Montgomery Ladder
+
+Constant-time algorithm that performs the same operations regardless of bit values:
+
+```
+Input: k (scalar), P (point)
+Output: kP
+
+R0 = O
+R1 = P
+for i from bit_length(k)-1 down to 0:
+    if bit i of k is 0:
+        R1 = R0 + R1
+        R0 = 2R0
+    else:
+        R0 = R0 + R1
+        R1 = 2R1
+return R0
+```
+
+**Advantage**: Resistant to simple power analysis and timing attacks.
+
+### Window Methods (w-NAF)
+
+Precompute small multiples of P, then process w bits at a time:
+
+```
+w-NAF representation reduces additions by ~1/3 compared to binary
+Precomputation table: [P, 3P, 5P, 7P, ...] for w=4
+```
+
+### Endomorphism Optimization (GLV Method)
+
+secp256k1 has an efficiently computable endomorphism φ where:
+```
+φ(x, y) = (βx, y)  where β³ ≡ 1 (mod p)
+φ(P) = λP          where λ³ ≡ 1 (mod n)
+```
+
+This allows splitting scalar k into k₁ + k₂λ with smaller k₁, k₂, reducing operations by ~33-50%.
+
+### Multi-Scalar Multiplication (Strauss-Shamir)
+
+For computing k₁P₁ + k₂P₂ (common in signature verification):
+
+```
+Process both scalars simultaneously, combining operations
+Reduces work compared to separate multiplications
+```
+
+## Coordinate Systems
+
+### Affine Coordinates
+
+Standard (x, y) representation. Requires modular inversion for each operation.
+
+### Projective Coordinates
+
+Represent (X:Y:Z) where x = X/Z, y = Y/Z:
+- Avoids inversions during intermediate computations
+- Only one inversion at the end to convert back to affine
+
+### Jacobian Coordinates
+
+Represent (X:Y:Z) where x = X/Z², y = Y/Z³:
+- Fastest for point doubling
+- Used extensively in libsecp256k1
+
+### López-Dahab Coordinates
+
+For curves over GF(2ⁿ), optimized for binary field arithmetic.
+
+## Signature Schemes
+
+### ECDSA (Elliptic Curve Digital Signature Algorithm)
+
+**Key Generation**:
+```
+Private key: d (random integer in [1, n-1])
+Public key: Q = dG
+```
+
+**Signing message m**:
+```
+1. Hash: e = H(m) truncated to curve order bit length
+2. Random: k ∈ [1, n-1]
+3. Compute: (x, y) = kG
+4. Calculate: r = x mod n  (if r = 0, restart with new k)
+5. Calculate: s = k⁻¹(e + rd) mod n  (if s = 0, restart)
+6. Signature: (r, s)
+```
+
+**Verification of signature (r, s) on message m**:
+```
+1. Check: r, s ∈ [1, n-1]
+2. Hash: e = H(m)
+3. Compute: w = s⁻¹ mod n
+4. Compute: u₁ = ew mod n, u₂ = rw mod n
+5. Compute: (x, y) = u₁G + u₂Q
+6. Valid if: r ≡ x (mod n)
+```
+
+**Security considerations**:
+- k MUST be unique per signature (reuse leaks private key)
+- Use RFC 6979 for deterministic k derivation
+
+### Schnorr Signatures (BIP-340)
+
+Simpler, more efficient, with provable security.
+
+**Signing message m**:
+```
+1. Random: k ∈ [1, n-1]
+2. Compute: R = kG
+3. Challenge: e = H(R || Q || m)
+4. Response: s = k + ed mod n
+5. Signature: (R, s) or (r_x, s) where r_x is x-coordinate of R
+```
+
+**Verification**:
+```
+1. Compute: e = H(R || Q || m)
+2. Check: sG = R + eQ
+```
+
+**Advantages over ECDSA**:
+- Linear: enables signature aggregation (MuSig)
+- Simpler verification (no modular inverse)
+- Batch verification support
+- Provably secure in Random Oracle Model
+
+## Implementation Considerations
+
+### Constant-Time Operations
+
+To prevent timing attacks:
+- Avoid branches dependent on secret data
+- Use constant-time comparison functions
+- Mask operations to hide data-dependent timing
+
+```go
+// BAD: Timing leak
+if secretBit == 1 {
+    doOperation()
+}
+
+// GOOD: Constant-time conditional
+result = conditionalSelect(secretBit, value1, value0)
+```
+
+### Memory Safety
+
+- Zeroize sensitive data after use
+- Avoid leaving secrets in registers or cache
+- Use secure memory allocation when available
+
+### Side-Channel Protections
+
+- **Timing attacks**: Use constant-time algorithms
+- **Power analysis**: Montgomery ladder, point blinding
+- **Cache attacks**: Avoid table lookups indexed by secrets
+
+### Random Number Generation
+
+- Use cryptographically secure RNG for k in ECDSA
+- Consider deterministic k (RFC 6979) for reproducibility
+- Validate output is in valid range [1, n-1]
+
+## libsecp256k1 Optimizations
+
+The Bitcoin Core library includes:
+
+1. **Field arithmetic**: 5×52-bit limbs for 64-bit platforms
+2. **Scalar arithmetic**: 4×64-bit representation
+3. **Endomorphism**: GLV decomposition enabled by default
+4. **Batch inversion**: Amortizes expensive inversions
+5. **SafeGCD**: Constant-time modular inverse
+6. **Precomputed tables**: For generator point multiplications
+
+## Security Properties
+
+### Discrete Logarithm Problem (DLP)
+
+Given P and Q = kP, finding k is computationally infeasible.
+
+**Best known attacks**:
+- Generic: Baby-step Giant-step, Pollard's rho: O(√n) operations
+- For secp256k1: ~2¹²⁸ operations (128-bit security)
+
+### Curve Security Criteria
+
+- Large prime order subgroup
+- Cofactor 1 (no small subgroup attacks)
+- Resistant to MOV attack (embedding degree)
+- Not anomalous (n ≠ p)
+
+## Common Pitfalls
+
+1. **k reuse in ECDSA**: Immediately leaks private key
+2. **Weak random k**: Partially leaks key over multiple signatures
+3. **Invalid curve points**: Validate points are on curve
+4. **Small subgroup attacks**: Check point order (cofactor = 1 helps)
+5. **Timing leaks**: Non-constant-time scalar multiplication
+
+## References
+
+For detailed implementations, see:
+- `references/secp256k1-parameters.md` - Full curve parameters
+- `references/algorithms.md` - Detailed algorithm pseudocode
+- `references/security.md` - Security analysis and attack vectors

.claude/skills/elliptic-curves/references/algorithms.md

@@ -0,0 +1,513 @@
+# Elliptic Curve Algorithms
+
+Detailed pseudocode for core elliptic curve operations.
+
+## Field Arithmetic
+
+### Modular Addition
+
+```
+function mod_add(a, b, p):
+    result = a + b
+    if result >= p:
+        result = result - p
+    return result
+```
+
+### Modular Subtraction
+
+```
+function mod_sub(a, b, p):
+    if a >= b:
+        return a - b
+    else:
+        return p - b + a
+```
+
+### Modular Multiplication
+
+For general case:
+```
+function mod_mul(a, b, p):
+    return (a * b) mod p
+```
+
+For secp256k1 optimized (Barrett reduction):
+```
+function mod_mul_secp256k1(a, b):
+    # Compute full 512-bit product
+    product = a * b
+
+    # Split into high and low 256-bit parts
+    low = product & ((1 << 256) - 1)
+    high = product >> 256
+
+    # Reduce: result ≡ low + high * (2³² + 977) (mod p)
+    result = low + high * (1 << 32) + high * 977
+
+    # May need additional reduction
+    while result >= p:
+        result = result - p
+
+    return result
+```
+
+### Modular Inverse
+
+**Extended Euclidean Algorithm**:
+```
+function mod_inverse(a, p):
+    if a == 0:
+        error "No inverse exists for 0"
+
+    old_r, r = p, a
+    old_s, s = 0, 1
+
+    while r != 0:
+        quotient = old_r / r
+        old_r, r = r, old_r - quotient * r
+        old_s, s = s, old_s - quotient * s
+
+    if old_r != 1:
+        error "No inverse exists"
+
+    if old_s < 0:
+        old_s = old_s + p
+
+    return old_s
+```
+
+**Fermat's Little Theorem** (for prime p):
+```
+function mod_inverse_fermat(a, p):
+    return mod_exp(a, p - 2, p)
+```
+
+### Modular Exponentiation (Square-and-Multiply)
+
+```
+function mod_exp(base, exp, p):
+    result = 1
+    base = base mod p
+
+    while exp > 0:
+        if exp & 1:  # exp is odd
+            result = (result * base) mod p
+        exp = exp >> 1
+        base = (base * base) mod p
+
+    return result
+```
+
+### Modular Square Root (Tonelli-Shanks)
+
+For secp256k1 where p ≡ 3 (mod 4):
+```
+function mod_sqrt(a, p):
+    # For p ≡ 3 (mod 4), sqrt(a) = a^((p+1)/4)
+    return mod_exp(a, (p + 1) / 4, p)
+```
+
+## Point Operations
+
+### Point Validation
+
+```
+function is_on_curve(P, a, b, p):
+    if P is infinity:
+        return true
+
+    x, y = P
+    left = (y * y) mod p
+    right = (x * x * x + a * x + b) mod p
+
+    return left == right
+```
+
+### Point Addition (Affine Coordinates)
+
+```
+function point_add(P, Q, a, p):
+    if P is infinity:
+        return Q
+    if Q is infinity:
+        return P
+
+    x1, y1 = P
+    x2, y2 = Q
+
+    if x1 == x2:
+        if y1 == mod_neg(y2, p):  # P = -Q
+            return infinity
+        else:  # P == Q
+            return point_double(P, a, p)
+
+    # λ = (y2 - y1) / (x2 - x1)
+    numerator = mod_sub(y2, y1, p)
+    denominator = mod_sub(x2, x1, p)
+    λ = mod_mul(numerator, mod_inverse(denominator, p), p)
+
+    # x3 = λ² - x1 - x2
+    x3 = mod_sub(mod_sub(mod_mul(λ, λ, p), x1, p), x2, p)
+
+    # y3 = λ(x1 - x3) - y1
+    y3 = mod_sub(mod_mul(λ, mod_sub(x1, x3, p), p), y1, p)
+
+    return (x3, y3)
+```
+
+### Point Doubling (Affine Coordinates)
+
+```
+function point_double(P, a, p):
+    if P is infinity:
+        return infinity
+
+    x, y = P
+
+    if y == 0:
+        return infinity
+
+    # λ = (3x² + a) / (2y)
+    numerator = mod_add(mod_mul(3, mod_mul(x, x, p), p), a, p)
+    denominator = mod_mul(2, y, p)
+    λ = mod_mul(numerator, mod_inverse(denominator, p), p)
+
+    # x3 = λ² - 2x
+    x3 = mod_sub(mod_mul(λ, λ, p), mod_mul(2, x, p), p)
+
+    # y3 = λ(x - x3) - y
+    y3 = mod_sub(mod_mul(λ, mod_sub(x, x3, p), p), y, p)
+
+    return (x3, y3)
+```
+
+### Point Negation
+
+```
+function point_negate(P, p):
+    if P is infinity:
+        return infinity
+
+    x, y = P
+    return (x, p - y)
+```
+
+## Scalar Multiplication
+
+### Double-and-Add (Left-to-Right)
+
+```
+function scalar_mult_double_add(k, P, a, p):
+    if k == 0 or P is infinity:
+        return infinity
+
+    if k < 0:
+        k = -k
+        P = point_negate(P, p)
+
+    R = infinity
+    bits = binary_representation(k)  # MSB first
+
+    for bit in bits:
+        R = point_double(R, a, p)
+        if bit == 1:
+            R = point_add(R, P, a, p)
+
+    return R
+```
+
+### Montgomery Ladder (Constant-Time)
+
+```
+function scalar_mult_montgomery(k, P, a, p):
+    R0 = infinity
+    R1 = P
+
+    bits = binary_representation(k)  # MSB first
+
+    for bit in bits:
+        if bit == 0:
+            R1 = point_add(R0, R1, a, p)
+            R0 = point_double(R0, a, p)
+        else:
+            R0 = point_add(R0, R1, a, p)
+            R1 = point_double(R1, a, p)
+
+    return R0
+```
+
+### w-NAF Scalar Multiplication
+
+```
+function compute_wNAF(k, w):
+    # Convert scalar to width-w Non-Adjacent Form
+    naf = []
+
+    while k > 0:
+        if k & 1:  # k is odd
+            # Get w-bit window
+            digit = k mod (1 << w)
+            if digit >= (1 << (w-1)):
+                digit = digit - (1 << w)
+            naf.append(digit)
+            k = k - digit
+        else:
+            naf.append(0)
+        k = k >> 1
+
+    return naf
+
+function scalar_mult_wNAF(k, P, w, a, p):
+    # Precompute odd multiples: [P, 3P, 5P, ..., (2^(w-1)-1)P]
+    precomp = [P]
+    P2 = point_double(P, a, p)
+    for i in range(1, 1 << (w-1)):
+        precomp.append(point_add(precomp[-1], P2, a, p))
+
+    # Convert k to w-NAF
+    naf = compute_wNAF(k, w)
+
+    # Compute scalar multiplication
+    R = infinity
+    for i in range(len(naf) - 1, -1, -1):
+        R = point_double(R, a, p)
+        digit = naf[i]
+        if digit > 0:
+            R = point_add(R, precomp[(digit - 1) / 2], a, p)
+        elif digit < 0:
+            R = point_add(R, point_negate(precomp[(-digit - 1) / 2], p), a, p)
+
+    return R
+```
+
+### Shamir's Trick (Multi-Scalar)
+
+For computing k₁P + k₂Q efficiently:
+
+```
+function multi_scalar_mult(k1, P, k2, Q, a, p):
+    # Precompute P + Q
+    PQ = point_add(P, Q, a, p)
+
+    # Get binary representations (same length, padded)
+    bits1 = binary_representation(k1)
+    bits2 = binary_representation(k2)
+    max_len = max(len(bits1), len(bits2))
+    bits1 = pad_left(bits1, max_len)
+    bits2 = pad_left(bits2, max_len)
+
+    R = infinity
+
+    for i in range(max_len):
+        R = point_double(R, a, p)
+
+        b1, b2 = bits1[i], bits2[i]
+
+        if b1 == 1 and b2 == 1:
+            R = point_add(R, PQ, a, p)
+        elif b1 == 1:
+            R = point_add(R, P, a, p)
+        elif b2 == 1:
+            R = point_add(R, Q, a, p)
+
+    return R
+```
+
+## Jacobian Coordinates
+
+More efficient for repeated operations.
+
+### Conversion
+
+```
+# Affine to Jacobian
+function affine_to_jacobian(P):
+    if P is infinity:
+        return (1, 1, 0)  # Jacobian infinity
+    x, y = P
+    return (x, y, 1)
+
+# Jacobian to Affine
+function jacobian_to_affine(P, p):
+    X, Y, Z = P
+    if Z == 0:
+        return infinity
+
+    Z_inv = mod_inverse(Z, p)
+    Z_inv2 = mod_mul(Z_inv, Z_inv, p)
+    Z_inv3 = mod_mul(Z_inv2, Z_inv, p)
+
+    x = mod_mul(X, Z_inv2, p)
+    y = mod_mul(Y, Z_inv3, p)
+
+    return (x, y)
+```
+
+### Point Doubling (Jacobian)
+
+For curve y² = x³ + 7 (a = 0):
+
+```
+function jacobian_double(P, p):
+    X, Y, Z = P
+
+    if Y == 0:
+        return (1, 1, 0)  # infinity
+
+    # For a = 0: M = 3*X²
+    S = mod_mul(4, mod_mul(X, mod_mul(Y, Y, p), p), p)
+    M = mod_mul(3, mod_mul(X, X, p), p)
+
+    X3 = mod_sub(mod_mul(M, M, p), mod_mul(2, S, p), p)
+    Y3 = mod_sub(mod_mul(M, mod_sub(S, X3, p), p),
+                  mod_mul(8, mod_mul(Y, Y, mod_mul(Y, Y, p), p), p), p)
+    Z3 = mod_mul(2, mod_mul(Y, Z, p), p)
+
+    return (X3, Y3, Z3)
+```
+
+### Point Addition (Jacobian + Affine)
+
+Mixed addition is faster when one point is in affine:
+
+```
+function jacobian_add_affine(P, Q, p):
+    # P in Jacobian (X1, Y1, Z1), Q in affine (x2, y2)
+    X1, Y1, Z1 = P
+    x2, y2 = Q
+
+    if Z1 == 0:
+        return affine_to_jacobian(Q)
+
+    Z1Z1 = mod_mul(Z1, Z1, p)
+    U2 = mod_mul(x2, Z1Z1, p)
+    S2 = mod_mul(y2, mod_mul(Z1, Z1Z1, p), p)
+
+    H = mod_sub(U2, X1, p)
+    HH = mod_mul(H, H, p)
+    I = mod_mul(4, HH, p)
+    J = mod_mul(H, I, p)
+    r = mod_mul(2, mod_sub(S2, Y1, p), p)
+    V = mod_mul(X1, I, p)
+
+    X3 = mod_sub(mod_sub(mod_mul(r, r, p), J, p), mod_mul(2, V, p), p)
+    Y3 = mod_sub(mod_mul(r, mod_sub(V, X3, p), p), mod_mul(2, mod_mul(Y1, J, p), p), p)
+    Z3 = mod_mul(mod_sub(mod_mul(mod_add(Z1, H, p), mod_add(Z1, H, p), p),
+                          mod_add(Z1Z1, HH, p), p), 1, p)
+
+    return (X3, Y3, Z3)
+```
+
+## GLV Endomorphism (secp256k1)
+
+### Scalar Decomposition
+
+```
+# Constants for secp256k1
+LAMBDA = 0x5363AD4CC05C30E0A5261C028812645A122E22EA20816678DF02967C1B23BD72
+BETA = 0x7AE96A2B657C07106E64479EAC3434E99CF0497512F58995C1396C28719501EE
+
+# Decomposition coefficients
+A1 = 0x3086D221A7D46BCDE86C90E49284EB15
+B1 = 0x114CA50F7A8E2F3F657C1108D9D44CFD8
+A2 = 0xE4437ED6010E88286F547FA90ABFE4C3
+B2 = A1
+
+function glv_decompose(k, n):
+    # Compute c1 = round(b2 * k / n)
+    # Compute c2 = round(-b1 * k / n)
+    c1 = (B2 * k + n // 2) // n
+    c2 = (-B1 * k + n // 2) // n
+
+    # k1 = k - c1*A1 - c2*A2
+    # k2 = -c1*B1 - c2*B2
+    k1 = k - c1 * A1 - c2 * A2
+    k2 = -c1 * B1 - c2 * B2
+
+    return (k1, k2)
+
+function glv_scalar_mult(k, P, p, n):
+    k1, k2 = glv_decompose(k, n)
+
+    # Compute endomorphism: φ(P) = (β*x, y)
+    x, y = P
+    phi_P = (mod_mul(BETA, x, p), y)
+
+    # Use Shamir's trick: k1*P + k2*φ(P)
+    return multi_scalar_mult(k1, P, k2, phi_P, 0, p)
+```
+
+## Batch Inversion
+
+Amortize expensive inversions over multiple points:
+
+```
+function batch_invert(values, p):
+    n = len(values)
+    if n == 0:
+        return []
+
+    # Compute cumulative products
+    products = [values[0]]
+    for i in range(1, n):
+        products.append(mod_mul(products[-1], values[i], p))
+
+    # Invert the final product
+    inv = mod_inverse(products[-1], p)
+
+    # Compute individual inverses
+    inverses = [0] * n
+    for i in range(n - 1, 0, -1):
+        inverses[i] = mod_mul(inv, products[i - 1], p)
+        inv = mod_mul(inv, values[i], p)
+    inverses[0] = inv
+
+    return inverses
+```
+
+## Key Generation
+
+```
+function generate_keypair(G, n, p):
+    # Generate random private key
+    d = random_integer(1, n - 1)
+
+    # Compute public key
+    Q = scalar_mult(d, G)
+
+    return (d, Q)
+```
+
+## Point Compression/Decompression
+
+```
+function compress_point(P, p):
+    if P is infinity:
+        return bytes([0x00])
+
+    x, y = P
+    prefix = 0x02 if (y % 2 == 0) else 0x03
+    return bytes([prefix]) + x.to_bytes(32, 'big')
+
+function decompress_point(compressed, a, b, p):
+    prefix = compressed[0]
+
+    if prefix == 0x00:
+        return infinity
+
+    x = int.from_bytes(compressed[1:], 'big')
+
+    # Compute y² = x³ + ax + b
+    y_squared = mod_add(mod_add(mod_mul(x, mod_mul(x, x, p), p),
+                                  mod_mul(a, x, p), p), b, p)
+
+    # Compute y = sqrt(y²)
+    y = mod_sqrt(y_squared, p)
+
+    # Select correct y based on prefix
+    if (prefix == 0x02) != (y % 2 == 0):
+        y = p - y
+
+    return (x, y)
+```

.claude/skills/elliptic-curves/references/secp256k1-parameters.md

@@ -0,0 +1,194 @@
+# secp256k1 Complete Parameters
+
+## Curve Definition
+
+**Name**: secp256k1 (Standards for Efficient Cryptography, prime field, 256-bit, Koblitz curve #1)
+
+**Equation**: y² = x³ + 7 (mod p)
+
+This is the short Weierstrass form with coefficients a = 0, b = 7.
+
+## Field Parameters
+
+### Prime Modulus p
+
+```
+Decimal:
+115792089237316195423570985008687907853269984665640564039457584007908834671663
+
+Hexadecimal:
+0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F
+
+Binary representation:
+2²⁵⁶ - 2³² - 2⁹ - 2⁸ - 2⁷ - 2⁶ - 2⁴ - 1
+= 2²⁵⁶ - 2³² - 977
+```
+
+**Special form benefits**:
+- Efficient modular reduction using: c mod p = c_low + c_high × (2³² + 977)
+- Near-Mersenne prime enables fast arithmetic
+
+### Group Order n
+
+```
+Decimal:
+115792089237316195423570985008687907852837564279074904382605163141518161494337
+
+Hexadecimal:
+0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
+```
+
+The number of points on the curve, including the point at infinity.
+
+### Cofactor h
+
+```
+h = 1
+```
+
+Cofactor 1 means the group order n equals the curve order, simplifying security analysis and eliminating small subgroup attacks.
+
+## Generator Point G
+
+### Compressed Form
+
+```
+02 79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798
+```
+
+The 02 prefix indicates the y-coordinate is even.
+
+### Uncompressed Form
+
+```
+04 79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798
+   483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8
+```
+
+### Individual Coordinates
+
+**Gx**:
+```
+Decimal:
+55066263022277343669578718895168534326250603453777594175500187360389116729240
+
+Hexadecimal:
+0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798
+```
+
+**Gy**:
+```
+Decimal:
+32670510020758816978083085130507043184471273380659243275938904335757337482424
+
+Hexadecimal:
+0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8
+```
+
+## Endomorphism Parameters
+
+secp256k1 has an efficiently computable endomorphism φ: (x, y) → (βx, y).
+
+### β (Beta)
+
+```
+Hexadecimal:
+0x7AE96A2B657C07106E64479EAC3434E99CF0497512F58995C1396C28719501EE
+
+Property: β³ ≡ 1 (mod p)
+```
+
+### λ (Lambda)
+
+```
+Hexadecimal:
+0x5363AD4CC05C30E0A5261C028812645A122E22EA20816678DF02967C1B23BD72
+
+Property: λ³ ≡ 1 (mod n)
+Relationship: φ(P) = λP for all points P
+```
+
+### GLV Decomposition Constants
+
+For splitting scalar k into k₁ + k₂λ:
+
+```
+a₁ = 0x3086D221A7D46BCDE86C90E49284EB15
+b₁ = -0xE4437ED6010E88286F547FA90ABFE4C3
+a₂ = 0x114CA50F7A8E2F3F657C1108D9D44CFD8
+b₂ = a₁
+```
+
+## Derived Constants
+
+### Field Characteristics
+
+```
+(p + 1) / 4 = 0x3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBFFFFF0C
+Used for computing modular square roots via Tonelli-Shanks shortcut
+```
+
+### Order Characteristics
+
+```
+(n - 1) / 2 = 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0
+Used in low-S normalization for ECDSA signatures
+```
+
+## Validation Formulas
+
+### Point on Curve Check
+
+For point (x, y), verify:
+```
+y² ≡ x³ + 7 (mod p)
+```
+
+### Generator Verification
+
+Verify G is on curve:
+```
+Gy² mod p = 0x9C47D08FFB10D4B8 ... (truncated for display)
+Gx³ + 7 mod p = same value
+```
+
+### Order Verification
+
+Verify nG = O (point at infinity):
+```
+Computing n × G should yield the identity element
+```
+
+## Bit Lengths
+
+| Parameter | Bits | Bytes |
+|-----------|------|-------|
+| p (prime) | 256  | 32    |
+| n (order) | 256  | 32    |
+| Private key | 256 | 32   |
+| Public key (compressed) | 257 | 33 |
+| Public key (uncompressed) | 513 | 65 |
+| ECDSA signature | 512 | 64 |
+| Schnorr signature | 512 | 64 |
+
+## Security Level
+
+- **Equivalent symmetric key strength**: 128 bits
+- **Best known attack complexity**: ~2¹²⁸ operations (Pollard's rho)
+- **Safe until**: Quantum computers with ~1500+ logical qubits
+
+## ASN.1 OID
+
+```
+1.3.132.0.10
+iso(1) identified-organization(3) certicom(132) curve(0) secp256k1(10)
+```
+
+## Comparison with Other Curves
+
+| Curve | Field Size | Security | Speed | Use Case |
+|-------|------------|----------|-------|----------|
+| secp256k1 | 256-bit | 128-bit | Fast (Koblitz) | Bitcoin, Nostr |
+| secp256r1 (P-256) | 256-bit | 128-bit | Moderate | TLS, general |
+| Curve25519 | 255-bit | ~128-bit | Very fast | Modern crypto |
+| secp384r1 (P-384) | 384-bit | 192-bit | Slower | High security |

.claude/skills/elliptic-curves/references/security.md

@@ -0,0 +1,291 @@
+# Elliptic Curve Security Analysis
+
+Security properties, attack vectors, and mitigations for elliptic curve cryptography.
+
+## The Discrete Logarithm Problem (ECDLP)
+
+### Definition
+
+Given points P and Q = kP on an elliptic curve, find the scalar k.
+
+**Security assumption**: For properly chosen curves, this problem is computationally infeasible.
+
+### Best Known Attacks
+
+#### Generic Attacks (Work on Any Group)
+
+| Attack | Complexity | Notes |
+|--------|------------|-------|
+| Baby-step Giant-step | O(√n) space and time | Requires √n storage |
+| Pollard's rho | O(√n) time, O(1) space | Practical for large groups |
+| Pollard's lambda | O(√n) | When k is in known range |
+| Pohlig-Hellman | O(√p) where p is largest prime factor | Exploits factorization of n |
+
+For secp256k1 (n ≈ 2²⁵⁶):
+- Generic attack complexity: ~2¹²⁸ operations
+- Equivalent to 128-bit symmetric security
+
+#### Curve-Specific Attacks
+
+| Attack | Applicable When | Mitigation |
+|--------|-----------------|------------|
+| MOV/FR reduction | Low embedding degree | Use curves with high embedding degree |
+| Anomalous curve attack | n = p | Ensure n ≠ p |
+| GHS attack | Extension field curves | Use prime field curves |
+
+**secp256k1 is immune to all known curve-specific attacks**.
+
+## Side-Channel Attacks
+
+### Timing Attacks
+
+**Vulnerability**: Execution time varies based on secret data.
+
+**Examples**:
+- Conditional branches on secret bits
+- Early exit conditions
+- Variable-time modular operations
+
+**Mitigations**:
+- Constant-time algorithms (Montgomery ladder)
+- Fixed execution paths
+- Dummy operations to equalize timing
+
+### Power Analysis
+
+**Simple Power Analysis (SPA)**: Single trace reveals operations.
+- Double-and-add visible as different power signatures
+- Mitigation: Montgomery ladder (uniform operations)
+
+**Differential Power Analysis (DPA)**: Statistical analysis of many traces.
+- Mitigation: Point blinding, scalar blinding
+
+### Cache Attacks
+
+**FLUSH+RELOAD Attack**:
+```
+1. Attacker flushes cache line containing lookup table
+2. Victim performs table lookup based on secret
+3. Attacker measures reload time to determine which entry was accessed
+```
+
+**Mitigations**:
+- Avoid secret-dependent table lookups
+- Use constant-time table access patterns
+- Scatter tables to prevent cache line sharing
+
+### Electromagnetic (EM) Attacks
+
+Similar to power analysis but captures electromagnetic emissions.
+
+**Mitigations**:
+- Shielding
+- Same algorithmic protections as power analysis
+
+## Implementation Vulnerabilities
+
+### k-Reuse in ECDSA
+
+**The Sony PS3 Hack (2010)**:
+
+If the same k is used for two signatures (r₁, s₁) and (r₂, s₂) on messages m₁ and m₂:
+
+```
+s₁ = k⁻¹(e₁ + rd) mod n
+s₂ = k⁻¹(e₂ + rd) mod n
+
+Since k is the same:
+s₁ - s₂ = k⁻¹(e₁ - e₂) mod n
+k = (e₁ - e₂)(s₁ - s₂)⁻¹ mod n
+
+Once k is known:
+d = (s₁k - e₁)r⁻¹ mod n
+```
+
+**Mitigation**: Use deterministic k (RFC 6979).
+
+### Weak Random k
+
+Even with unique k values, if the RNG is biased:
+- Lattice-based attacks can recover private key
+- Only ~1% bias in k can be exploitable with enough signatures
+
+**Mitigations**:
+- Use cryptographically secure RNG
+- Use deterministic k (RFC 6979)
+- Verify k is in valid range [1, n-1]
+
+### Invalid Curve Attacks
+
+**Attack**: Attacker provides point not on the curve.
+- Point may be on a weaker curve
+- Operations may leak information
+
+**Mitigation**: Always validate points are on curve:
+```
+Verify: y² ≡ x³ + ax + b (mod p)
+```
+
+### Small Subgroup Attacks
+
+**Attack**: If cofactor h > 1, points of small order exist.
+- Attacker sends point of small order
+- Response reveals private key mod (small order)
+
+**Mitigation**:
+- Use curves with cofactor 1 (secp256k1 has h = 1)
+- Multiply received points by cofactor
+- Validate point order
+
+### Fault Attacks
+
+**Attack**: Induce computational errors (voltage glitches, radiation).
+- Corrupted intermediate values may leak information
+- Differential fault analysis can recover keys
+
+**Mitigations**:
+- Redundant computations with comparison
+- Verify final results
+- Hardware protections
+
+## Signature Malleability
+
+### ECDSA Malleability
+
+Given valid signature (r, s), signature (r, n - s) is also valid for the same message.
+
+**Impact**: Transaction ID malleability (historical Bitcoin issue)
+
+**Mitigation**: Enforce low-S normalization:
+```
+if s > n/2:
+    s = n - s
+```
+
+### Schnorr Non-Malleability
+
+BIP-340 Schnorr signatures are non-malleable by design:
+- Use x-only public keys
+- Deterministic nonce derivation
+
+## Quantum Threats
+
+### Shor's Algorithm
+
+**Threat**: Polynomial-time discrete log on quantum computers.
+- Requires ~1500-2000 logical qubits for secp256k1
+- Current quantum computers: <100 noisy qubits
+
+**Timeline**: Estimated 10-20+ years for cryptographically relevant quantum computers.
+
+### Migration Strategy
+
+1. **Monitor**: Track quantum computing progress
+2. **Prepare**: Develop post-quantum alternatives
+3. **Hybrid**: Use classical + post-quantum in transition
+4. **Migrate**: Full transition when necessary
+
+### Post-Quantum Alternatives
+
+- Lattice-based signatures (CRYSTALS-Dilithium)
+- Hash-based signatures (SPHINCS+)
+- Code-based cryptography
+
+## Best Practices
+
+### Key Generation
+
+```
+DO:
+- Use cryptographically secure RNG
+- Validate private key is in [1, n-1]
+- Verify public key is on curve
+- Verify public key is not point at infinity
+
+DON'T:
+- Use predictable seeds
+- Use truncated random values
+- Skip validation
+```
+
+### Signature Generation
+
+```
+DO:
+- Use RFC 6979 for deterministic k
+- Validate all inputs
+- Use constant-time operations
+- Clear sensitive memory after use
+
+DON'T:
+- Reuse k values
+- Use weak/biased RNG
+- Skip low-S normalization (ECDSA)
+```
+
+### Signature Verification
+
+```
+DO:
+- Validate r, s are in [1, n-1]
+- Validate public key is on curve
+- Validate public key is not infinity
+- Use batch verification when possible
+
+DON'T:
+- Skip any validation steps
+- Accept malformed signatures
+```
+
+### Public Key Handling
+
+```
+DO:
+- Validate received points are on curve
+- Check point is not infinity
+- Prefer compressed format for storage
+
+DON'T:
+- Accept unvalidated points
+- Skip curve membership check
+```
+
+## Security Checklist
+
+### Implementation Review
+
+- [ ] All scalar multiplications are constant-time
+- [ ] No secret-dependent branches
+- [ ] No secret-indexed table lookups
+- [ ] Memory is zeroized after use
+- [ ] Random k uses CSPRNG or RFC 6979
+- [ ] All received points are validated
+- [ ] Private keys are in valid range
+- [ ] Signatures use low-S normalization
+
+### Operational Security
+
+- [ ] Private keys stored securely (HSM, secure enclave)
+- [ ] Key derivation uses proper KDF
+- [ ] Backups are encrypted
+- [ ] Key rotation policy exists
+- [ ] Audit logging enabled
+- [ ] Incident response plan exists
+
+## Security Levels Comparison
+
+| Curve | Bits | Symmetric Equivalent | RSA Equivalent |
+|-------|------|---------------------|----------------|
+| secp192r1 | 192 | 96 | 1536 |
+| secp224r1 | 224 | 112 | 2048 |
+| secp256k1 | 256 | 128 | 3072 |
+| secp384r1 | 384 | 192 | 7680 |
+| secp521r1 | 521 | 256 | 15360 |
+
+## References
+
+- NIST SP 800-57: Recommendation for Key Management
+- SEC 1: Elliptic Curve Cryptography
+- RFC 6979: Deterministic Usage of DSA and ECDSA
+- BIP-340: Schnorr Signatures for secp256k1
+- SafeCurves: Choosing Safe Curves for Elliptic-Curve Cryptography

.claude/skills/golang/SKILL.md

@@ -0,0 +1,268 @@
+---
+name: golang
+description: This skill should be used when writing, debugging, reviewing, or discussing Go (Golang) code. Provides comprehensive Go programming expertise including idiomatic patterns, standard library, concurrency, error handling, testing, and best practices based on official go.dev documentation.
+---
+
+# Go Programming Expert
+
+## Purpose
+
+This skill provides expert-level assistance with Go programming language development, covering language fundamentals, idiomatic patterns, concurrency, error handling, standard library usage, testing, and best practices.
+
+## When to Use
+
+Activate this skill when:
+- Writing Go code
+- Debugging Go programs
+- Reviewing Go code for best practices
+- Answering questions about Go language features
+- Implementing Go-specific patterns (goroutines, channels, interfaces)
+- Setting up Go projects and modules
+- Writing Go tests
+
+## Core Principles
+
+When writing Go code, always follow these principles:
+
+1. **Named Return Variables**: ALWAYS use named return variables and prefer naked returns for cleaner code
+2. **Error Handling**: Use `lol.mleku.dev/log` and the `chk/errorf` for error checking and creating new errors
+3. **Idiomatic Code**: Write clear, idiomatic Go code following Effective Go guidelines
+4. **Simplicity**: Favor simplicity and clarity over cleverness
+5. **Composition**: Prefer composition over inheritance
+6. **Explicit**: Be explicit rather than implicit
+
+## Key Go Concepts
+
+### Functions with Named Returns
+
+Always use named return values:
+```go
+func divide(a, b float64) (result float64, err error) {
+    if b == 0 {
+        err = errorf.New("division by zero")
+        return
+    }
+    result = a / b
+    return
+}
+```
+
+### Error Handling
+
+Use the specified error handling packages:
+```go
+import "lol.mleku.dev/log"
+
+// Error checking with chk
+if err := doSomething(); chk.E(err) {
+    return
+}
+
+// Creating errors with errorf
+err := errorf.New("something went wrong")
+err := errorf.Errorf("failed to process: %v", value)
+```
+
+### Interfaces and Composition
+
+Go uses implicit interface implementation:
+```go
+type Reader interface {
+    Read(p []byte) (n int, err error)
+}
+
+// Any type with a Read method implements Reader
+type File struct {
+    name string
+}
+
+func (f *File) Read(p []byte) (n int, err error) {
+    // Implementation
+    return
+}
+```
+
+### Interface Design - CRITICAL RULES
+
+**Rule 1: Define interfaces in a dedicated package (e.g., `pkg/interfaces/<name>/`)**
+- Interfaces provide isolation between packages and enable dependency inversion
+- Keeping interfaces in a dedicated package prevents circular dependencies
+- Each interface package should be minimal (just the interface, no implementations)
+
+**Rule 2: NEVER use type assertions with interface literals**
+- **NEVER** write `.(interface{ Method() Type })` - this is non-idiomatic and unmaintainable
+- Interface literals cannot be documented, tested for satisfaction, or reused
+
+```go
+// BAD - interface literal in type assertion (NEVER DO THIS)
+if checker, ok := obj.(interface{ Check() bool }); ok {
+    checker.Check()
+}
+
+// GOOD - use defined interface from dedicated package
+import "myproject/pkg/interfaces/checker"
+
+if c, ok := obj.(checker.Checker); ok {
+    c.Check()
+}
+```
+
+**Rule 3: Resolving Circular Dependencies**
+- If a circular dependency occurs, move the interface to `pkg/interfaces/`
+- The implementing type stays in its original package
+- The consuming code imports only the interface package
+- Pattern:
+  ```
+  pkg/interfaces/foo/   <- interface definition (no dependencies)
+       ↑           ↑
+  pkg/bar/         pkg/baz/
+  (implements)     (consumes via interface)
+  ```
+
+**Rule 4: Verify interface satisfaction at compile time**
+```go
+// Add this line to ensure *MyType implements MyInterface
+var _ MyInterface = (*MyType)(nil)
+```
+
+### Concurrency
+
+Use goroutines and channels for concurrent programming:
+```go
+// Launch goroutine
+go doWork()
+
+// Channels
+ch := make(chan int, 10)
+ch <- 42
+value := <-ch
+
+// Select statement
+select {
+case msg := <-ch1:
+    // Handle
+case <-time.After(time.Second):
+    // Timeout
+}
+
+// Sync primitives
+var mu sync.Mutex
+mu.Lock()
+defer mu.Unlock()
+```
+
+### Testing
+
+Use table-driven tests as the default pattern:
+```go
+func TestAdd(t *testing.T) {
+    tests := []struct {
+        name     string
+        a, b     int
+        expected int
+    }{
+        {"positive", 2, 3, 5},
+        {"negative", -1, -1, -2},
+        {"zero", 0, 5, 5},
+    }
+    
+    for _, tt := range tests {
+        t.Run(tt.name, func(t *testing.T) {
+            result := Add(tt.a, tt.b)
+            if result != tt.expected {
+                t.Errorf("got %d, want %d", result, tt.expected)
+            }
+        })
+    }
+}
+```
+
+## Reference Materials
+
+For detailed information, consult the reference files:
+
+- **references/effective-go-summary.md** - Key points from Effective Go including formatting, naming, control structures, functions, data allocation, methods, interfaces, concurrency principles, and error handling philosophy
+
+- **references/common-patterns.md** - Practical Go patterns including:
+  - Design patterns (Functional Options, Builder, Singleton, Factory, Strategy)
+  - Concurrency patterns (Worker Pool, Pipeline, Fan-Out/Fan-In, Timeout, Rate Limiting, Circuit Breaker)
+  - Error handling patterns (Error Wrapping, Sentinel Errors, Custom Error Types)
+  - Resource management patterns
+  - Testing patterns
+
+- **references/quick-reference.md** - Quick syntax cheatsheet with common commands, format verbs, standard library snippets, and best practices checklist
+
+## Best Practices Summary
+
+1. **Naming Conventions**
+   - Use camelCase for variables and functions
+   - Use PascalCase for exported names
+   - Keep names short but descriptive
+   - Interface names often end in -er (Reader, Writer, Handler)
+
+2. **Error Handling**
+   - Always check errors
+   - Use named return values
+   - Use lol.mleku.dev/log and chk/errorf
+
+3. **Code Organization**
+   - One package per directory
+   - Use internal/ for non-exported packages
+   - Use cmd/ for applications
+   - Use pkg/ for reusable libraries
+
+4. **Concurrency**
+   - Don't communicate by sharing memory; share memory by communicating
+   - Always close channels from sender
+   - Use defer for cleanup
+
+5. **Documentation**
+   - Comment all exported names
+   - Start comments with the name being described
+   - Use godoc format
+
+6. **Configuration - CRITICAL**
+   - **NEVER** use `os.Getenv()` scattered throughout packages
+   - **ALWAYS** centralize environment variable parsing in a single config package (e.g., `app/config/`)
+   - Pass configuration via structs, not by reading environment directly
+   - This ensures discoverability, documentation, and testability of all config options
+
+7. **Constants - CRITICAL**
+   - **ALWAYS** define named constants for values used more than a few times
+   - **ALWAYS** define named constants if multiple packages depend on the same value
+   - Constants shared across packages belong in a dedicated package (e.g., `pkg/constants/`)
+   - Magic numbers and strings are forbidden
+   ```go
+   // BAD - magic number
+   if size > 1024 {
+
+   // GOOD - named constant
+   const MaxBufferSize = 1024
+   if size > MaxBufferSize {
+   ```
+
+## Common Commands
+
+```bash
+go run main.go          # Run program
+go build                # Compile
+go test                 # Run tests
+go test -v              # Verbose tests
+go test -cover          # Test coverage
+go test -race           # Race detection
+go fmt                  # Format code
+go vet                  # Lint code
+go mod tidy             # Clean dependencies
+go get package          # Add dependency
+```
+
+## Official Resources
+
+All guidance is based on official Go documentation:
+- Go Website: https://go.dev
+- Documentation: https://go.dev/doc/
+- Effective Go: https://go.dev/doc/effective_go
+- Language Specification: https://go.dev/ref/spec
+- Standard Library: https://pkg.go.dev/std
+- Go Tour: https://go.dev/tour/
+

.claude/skills/golang/references/common-patterns.md

@@ -0,0 +1,649 @@
+# Go Common Patterns and Idioms
+
+## Design Patterns
+
+### Functional Options Pattern
+
+Used for configuring objects with many optional parameters:
+
+```go
+type Server struct {
+    host    string
+    port    int
+    timeout time.Duration
+    maxConn int
+}
+
+type Option func(*Server)
+
+func WithHost(host string) Option {
+    return func(s *Server) {
+        s.host = host
+    }
+}
+
+func WithPort(port int) Option {
+    return func(s *Server) {
+        s.port = port
+    }
+}
+
+func WithTimeout(timeout time.Duration) Option {
+    return func(s *Server) {
+        s.timeout = timeout
+    }
+}
+
+func NewServer(opts ...Option) *Server {
+    // Set defaults
+    s := &Server{
+        host:    "localhost",
+        port:    8080,
+        timeout: 30 * time.Second,
+        maxConn: 100,
+    }
+    
+    // Apply options
+    for _, opt := range opts {
+        opt(s)
+    }
+    
+    return s
+}
+
+// Usage
+srv := NewServer(
+    WithHost("example.com"),
+    WithPort(443),
+    WithTimeout(60 * time.Second),
+)
+```
+
+### Builder Pattern
+
+For complex object construction:
+
+```go
+type HTTPRequest struct {
+    method  string
+    url     string
+    headers map[string]string
+    body    []byte
+}
+
+type RequestBuilder struct {
+    request *HTTPRequest
+}
+
+func NewRequestBuilder() *RequestBuilder {
+    return &RequestBuilder{
+        request: &HTTPRequest{
+            headers: make(map[string]string),
+        },
+    }
+}
+
+func (b *RequestBuilder) Method(method string) *RequestBuilder {
+    b.request.method = method
+    return b
+}
+
+func (b *RequestBuilder) URL(url string) *RequestBuilder {
+    b.request.url = url
+    return b
+}
+
+func (b *RequestBuilder) Header(key, value string) *RequestBuilder {
+    b.request.headers[key] = value
+    return b
+}
+
+func (b *RequestBuilder) Body(body []byte) *RequestBuilder {
+    b.request.body = body
+    return b
+}
+
+func (b *RequestBuilder) Build() *HTTPRequest {
+    return b.request
+}
+
+// Usage
+req := NewRequestBuilder().
+    Method("POST").
+    URL("https://api.example.com").
+    Header("Content-Type", "application/json").
+    Body([]byte(`{"key":"value"}`)).
+    Build()
+```
+
+### Singleton Pattern
+
+Thread-safe singleton using sync.Once:
+
+```go
+type Database struct {
+    conn *sql.DB
+}
+
+var (
+    instance *Database
+    once     sync.Once
+)
+
+func GetDatabase() *Database {
+    once.Do(func() {
+        conn, err := sql.Open("postgres", "connection-string")
+        if err != nil {
+            log.Fatal(err)
+        }
+        instance = &Database{conn: conn}
+    })
+    return instance
+}
+```
+
+### Factory Pattern
+
+```go
+type Animal interface {
+    Speak() string
+}
+
+type Dog struct{}
+func (d Dog) Speak() string { return "Woof!" }
+
+type Cat struct{}
+func (c Cat) Speak() string { return "Meow!" }
+
+type AnimalFactory struct{}
+
+func (f *AnimalFactory) CreateAnimal(animalType string) Animal {
+    switch animalType {
+    case "dog":
+        return &Dog{}
+    case "cat":
+        return &Cat{}
+    default:
+        return nil
+    }
+}
+```
+
+### Strategy Pattern
+
+```go
+type PaymentStrategy interface {
+    Pay(amount float64) error
+}
+
+type CreditCard struct {
+    number string
+}
+
+func (c *CreditCard) Pay(amount float64) error {
+    fmt.Printf("Paying %.2f using credit card %s\n", amount, c.number)
+    return nil
+}
+
+type PayPal struct {
+    email string
+}
+
+func (p *PayPal) Pay(amount float64) error {
+    fmt.Printf("Paying %.2f using PayPal account %s\n", amount, p.email)
+    return nil
+}
+
+type PaymentContext struct {
+    strategy PaymentStrategy
+}
+
+func (pc *PaymentContext) SetStrategy(strategy PaymentStrategy) {
+    pc.strategy = strategy
+}
+
+func (pc *PaymentContext) ExecutePayment(amount float64) error {
+    return pc.strategy.Pay(amount)
+}
+```
+
+## Concurrency Patterns
+
+### Worker Pool
+
+```go
+func worker(id int, jobs <-chan Job, results chan<- Result) {
+    for job := range jobs {
+        result := processJob(job)
+        results <- result
+    }
+}
+
+func WorkerPool(numWorkers int, jobs []Job) []Result {
+    jobsChan := make(chan Job, len(jobs))
+    results := make(chan Result, len(jobs))
+    
+    // Start workers
+    for w := 1; w <= numWorkers; w++ {
+        go worker(w, jobsChan, results)
+    }
+    
+    // Send jobs
+    for _, job := range jobs {
+        jobsChan <- job
+    }
+    close(jobsChan)
+    
+    // Collect results
+    var output []Result
+    for range jobs {
+        output = append(output, <-results)
+    }
+    
+    return output
+}
+```
+
+### Pipeline Pattern
+
+```go
+func generator(nums ...int) <-chan int {
+    out := make(chan int)
+    go func() {
+        for _, n := range nums {
+            out <- n
+        }
+        close(out)
+    }()
+    return out
+}
+
+func square(in <-chan int) <-chan int {
+    out := make(chan int)
+    go func() {
+        for n := range in {
+            out <- n * n
+        }
+        close(out)
+    }()
+    return out
+}
+
+func main() {
+    // Create pipeline
+    c := generator(2, 3, 4)
+    out := square(c)
+    
+    // Consume output
+    for result := range out {
+        fmt.Println(result)
+    }
+}
+```
+
+### Fan-Out, Fan-In
+
+```go
+func fanOut(in <-chan int, n int) []<-chan int {
+    channels := make([]<-chan int, n)
+    for i := 0; i < n; i++ {
+        channels[i] = worker(in)
+    }
+    return channels
+}
+
+func worker(in <-chan int) <-chan int {
+    out := make(chan int)
+    go func() {
+        for n := range in {
+            out <- expensiveOperation(n)
+        }
+        close(out)
+    }()
+    return out
+}
+
+func fanIn(channels ...<-chan int) <-chan int {
+    out := make(chan int)
+    var wg sync.WaitGroup
+    
+    wg.Add(len(channels))
+    for _, c := range channels {
+        go func(ch <-chan int) {
+            defer wg.Done()
+            for n := range ch {
+                out <- n
+            }
+        }(c)
+    }
+    
+    go func() {
+        wg.Wait()
+        close(out)
+    }()
+    
+    return out
+}
+```
+
+### Timeout Pattern
+
+```go
+func DoWithTimeout(timeout time.Duration) (result string, err error) {
+    done := make(chan struct{})
+    
+    go func() {
+        result = expensiveOperation()
+        close(done)
+    }()
+    
+    select {
+    case <-done:
+        return result, nil
+    case <-time.After(timeout):
+        return "", fmt.Errorf("operation timed out after %v", timeout)
+    }
+}
+```
+
+### Graceful Shutdown
+
+```go
+func main() {
+    server := &http.Server{Addr: ":8080"}
+    
+    // Start server in goroutine
+    go func() {
+        if err := server.ListenAndServe(); err != nil && err != http.ErrServerClosed {
+            log.Fatalf("listen: %s\n", err)
+        }
+    }()
+    
+    // Wait for interrupt signal
+    quit := make(chan os.Signal, 1)
+    signal.Notify(quit, syscall.SIGINT, syscall.SIGTERM)
+    <-quit
+    log.Println("Shutting down server...")
+    
+    // Graceful shutdown with timeout
+    ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+    defer cancel()
+    
+    if err := server.Shutdown(ctx); err != nil {
+        log.Fatal("Server forced to shutdown:", err)
+    }
+    
+    log.Println("Server exiting")
+}
+```
+
+### Rate Limiting
+
+```go
+func rateLimiter(rate time.Duration) <-chan time.Time {
+    return time.Tick(rate)
+}
+
+func main() {
+    limiter := rateLimiter(200 * time.Millisecond)
+    
+    for req := range requests {
+        <-limiter  // Wait for rate limiter
+        go handleRequest(req)
+    }
+}
+```
+
+### Circuit Breaker
+
+```go
+type CircuitBreaker struct {
+    maxFailures int
+    timeout     time.Duration
+    failures    int
+    lastFail    time.Time
+    state       string
+    mu          sync.Mutex
+}
+
+func (cb *CircuitBreaker) Call(fn func() error) error {
+    cb.mu.Lock()
+    defer cb.mu.Unlock()
+    
+    if cb.state == "open" {
+        if time.Since(cb.lastFail) > cb.timeout {
+            cb.state = "half-open"
+        } else {
+            return fmt.Errorf("circuit breaker is open")
+        }
+    }
+    
+    err := fn()
+    if err != nil {
+        cb.failures++
+        cb.lastFail = time.Now()
+        if cb.failures >= cb.maxFailures {
+            cb.state = "open"
+        }
+        return err
+    }
+    
+    cb.failures = 0
+    cb.state = "closed"
+    return nil
+}
+```
+
+## Error Handling Patterns
+
+### Error Wrapping
+
+```go
+func processFile(filename string) (err error) {
+    data, err := readFile(filename)
+    if err != nil {
+        return fmt.Errorf("failed to process file %s: %w", filename, err)
+    }
+    
+    if err := validate(data); err != nil {
+        return fmt.Errorf("validation failed for %s: %w", filename, err)
+    }
+    
+    return nil
+}
+```
+
+### Sentinel Errors
+
+```go
+var (
+    ErrNotFound     = errors.New("not found")
+    ErrUnauthorized = errors.New("unauthorized")
+    ErrInvalidInput = errors.New("invalid input")
+)
+
+func FindUser(id int) (*User, error) {
+    user, exists := users[id]
+    if !exists {
+        return nil, ErrNotFound
+    }
+    return user, nil
+}
+
+// Check error
+user, err := FindUser(123)
+if errors.Is(err, ErrNotFound) {
+    // Handle not found
+}
+```
+
+### Custom Error Types
+
+```go
+type ValidationError struct {
+    Field string
+    Value interface{}
+    Err   error
+}
+
+func (e *ValidationError) Error() string {
+    return fmt.Sprintf("validation failed for field %s with value %v: %v", 
+        e.Field, e.Value, e.Err)
+}
+
+func (e *ValidationError) Unwrap() error {
+    return e.Err
+}
+
+// Usage
+var validErr *ValidationError
+if errors.As(err, &validErr) {
+    fmt.Printf("Field: %s\n", validErr.Field)
+}
+```
+
+## Resource Management Patterns
+
+### Defer for Cleanup
+
+```go
+func processFile(filename string) error {
+    file, err := os.Open(filename)
+    if err != nil {
+        return err
+    }
+    defer file.Close()
+    
+    // Process file
+    return nil
+}
+```
+
+### Context for Cancellation
+
+```go
+func fetchData(ctx context.Context, url string) ([]byte, error) {
+    req, err := http.NewRequestWithContext(ctx, "GET", url, nil)
+    if err != nil {
+        return nil, err
+    }
+    
+    resp, err := http.DefaultClient.Do(req)
+    if err != nil {
+        return nil, err
+    }
+    defer resp.Body.Close()
+    
+    return io.ReadAll(resp.Body)
+}
+```
+
+### Sync.Pool for Object Reuse
+
+```go
+var bufferPool = sync.Pool{
+    New: func() interface{} {
+        return new(bytes.Buffer)
+    },
+}
+
+func process() {
+    buf := bufferPool.Get().(*bytes.Buffer)
+    defer bufferPool.Put(buf)
+    
+    buf.Reset()
+    // Use buffer
+}
+```
+
+## Testing Patterns
+
+### Table-Driven Tests
+
+```go
+func TestAdd(t *testing.T) {
+    tests := []struct {
+        name     string
+        a, b     int
+        expected int
+    }{
+        {"positive numbers", 2, 3, 5},
+        {"negative numbers", -1, -1, -2},
+        {"mixed signs", -5, 10, 5},
+        {"zeros", 0, 0, 0},
+    }
+    
+    for _, tt := range tests {
+        t.Run(tt.name, func(t *testing.T) {
+            result := Add(tt.a, tt.b)
+            if result != tt.expected {
+                t.Errorf("Add(%d, %d) = %d; want %d", 
+                    tt.a, tt.b, result, tt.expected)
+            }
+        })
+    }
+}
+```
+
+### Mock Interfaces
+
+```go
+type Database interface {
+    Get(key string) (string, error)
+    Set(key, value string) error
+}
+
+type MockDB struct {
+    data map[string]string
+}
+
+func (m *MockDB) Get(key string) (string, error) {
+    val, ok := m.data[key]
+    if !ok {
+        return "", errors.New("not found")
+    }
+    return val, nil
+}
+
+func (m *MockDB) Set(key, value string) error {
+    m.data[key] = value
+    return nil
+}
+
+func TestUserService(t *testing.T) {
+    mockDB := &MockDB{data: make(map[string]string)}
+    service := NewUserService(mockDB)
+    // Test service
+}
+```
+
+### Test Fixtures
+
+```go
+func setupTestDB(t *testing.T) (*sql.DB, func()) {
+    db, err := sql.Open("sqlite3", ":memory:")
+    if err != nil {
+        t.Fatal(err)
+    }
+    
+    // Setup schema
+    _, err = db.Exec(schema)
+    if err != nil {
+        t.Fatal(err)
+    }
+    
+    cleanup := func() {
+        db.Close()
+    }
+    
+    return db, cleanup
+}
+
+func TestDatabase(t *testing.T) {
+    db, cleanup := setupTestDB(t)
+    defer cleanup()
+    
+    // Run tests
+}
+```
+

.claude/skills/golang/references/effective-go-summary.md

@@ -0,0 +1,423 @@
+# Effective Go - Key Points Summary
+
+Source: https://go.dev/doc/effective_go
+
+## Formatting
+
+- Use `gofmt` to automatically format your code
+- Indentation: use tabs
+- Line length: no strict limit, but keep reasonable
+- Parentheses: Go uses fewer parentheses than C/Java
+
+## Commentary
+
+- Every package should have a package comment
+- Every exported name should have a doc comment
+- Comments should be complete sentences
+- Start comments with the name of the element being described
+
+Example:
+```go
+// Package regexp implements regular expression search.
+package regexp
+
+// Compile parses a regular expression and returns, if successful,
+// a Regexp object that can be used to match against text.
+func Compile(str string) (*Regexp, error) {
+```
+
+## Names
+
+### Package Names
+- Short, concise, evocative
+- Lowercase, single-word
+- No underscores or mixedCaps
+- Avoid stuttering (e.g., `bytes.Buffer` not `bytes.ByteBuffer`)
+
+### Getters/Setters
+- Getter: `Owner()` not `GetOwner()`
+- Setter: `SetOwner()`
+
+### Interface Names
+- One-method interfaces use method name + -er suffix
+- Examples: `Reader`, `Writer`, `Formatter`, `CloseNotifier`
+
+### MixedCaps
+- Use `MixedCaps` or `mixedCaps` rather than underscores
+
+## Semicolons
+
+- Lexer automatically inserts semicolons
+- Never put opening brace on its own line
+
+## Control Structures
+
+### If
+```go
+if err := file.Chmod(0664); err != nil {
+    log.Print(err)
+    return err
+}
+```
+
+### Redeclaration
+```go
+f, err := os.Open(name)
+// err is declared here
+
+d, err := f.Stat()
+// err is redeclared here (same scope)
+```
+
+### For
+```go
+// Like a C for
+for init; condition; post { }
+
+// Like a C while
+for condition { }
+
+// Like a C for(;;)
+for { }
+
+// Range over array/slice/map/channel
+for key, value := range oldMap {
+    newMap[key] = value
+}
+
+// If you only need the key
+for key := range m {
+    // ...
+}
+
+// If you only need the value
+for _, value := range array {
+    // ...
+}
+```
+
+### Switch
+- No automatic fall through
+- Cases can be expressions
+- Can switch on no value (acts like if-else chain)
+
+```go
+switch {
+case '0' <= c && c <= '9':
+    return c - '0'
+case 'a' <= c && c <= 'f':
+    return c - 'a' + 10
+case 'A' <= c && c <= 'F':
+    return c - 'A' + 10
+}
+```
+
+### Type Switch
+```go
+switch t := value.(type) {
+case int:
+    fmt.Printf("int: %d\n", t)
+case string:
+    fmt.Printf("string: %s\n", t)
+default:
+    fmt.Printf("unexpected type %T\n", t)
+}
+```
+
+## Functions
+
+### Multiple Return Values
+```go
+func (file *File) Write(b []byte) (n int, err error) {
+    // ...
+}
+```
+
+### Named Result Parameters
+- Named results are initialized to zero values
+- Can be used for documentation
+- Enable naked returns
+
+```go
+func ReadFull(r Reader, buf []byte) (n int, err error) {
+    for len(buf) > 0 && err == nil {
+        var nr int
+        nr, err = r.Read(buf)
+        n += nr
+        buf = buf[nr:]
+    }
+    return
+}
+```
+
+### Defer
+- Schedules function call to run after surrounding function returns
+- LIFO order
+- Arguments evaluated when defer executes
+
+```go
+func trace(s string) string {
+    fmt.Println("entering:", s)
+    return s
+}
+
+func un(s string) {
+    fmt.Println("leaving:", s)
+}
+
+func a() {
+    defer un(trace("a"))
+    fmt.Println("in a")
+}
+```
+
+## Data
+
+### Allocation with new
+- `new(T)` allocates zeroed storage for new item of type T
+- Returns `*T`
+- Returns memory address of newly allocated zero value
+
+```go
+p := new(int)   // p is *int, points to zeroed int
+```
+
+### Constructors and Composite Literals
+```go
+func NewFile(fd int, name string) *File {
+    if fd < 0 {
+        return nil
+    }
+    return &File{fd: fd, name: name}
+}
+```
+
+### Allocation with make
+- `make(T, args)` creates slices, maps, and channels only
+- Returns initialized (not zeroed) value of type T (not *T)
+
+```go
+make([]int, 10, 100)   // slice: len=10, cap=100
+make(map[string]int)   // map
+make(chan int, 10)     // buffered channel
+```
+
+### Arrays
+- Arrays are values, not pointers
+- Passing array to function copies the entire array
+- Array size is part of its type
+
+### Slices
+- Hold references to underlying array
+- Can grow dynamically with `append`
+- Passing slice passes reference
+
+### Maps
+- Hold references to underlying data structure
+- Passing map passes reference
+- Zero value is `nil`
+
+### Printing
+- `%v` - default format
+- `%+v` - struct with field names
+- `%#v` - Go syntax representation
+- `%T` - type
+- `%q` - quoted string
+
+## Initialization
+
+### Constants
+- Created at compile time
+- Can only be numbers, characters, strings, or booleans
+
+### init Function
+- Each source file can have `init()` function
+- Called after package-level variables initialized
+- Used for setup that can't be expressed as declarations
+
+```go
+func init() {
+    // initialization code
+}
+```
+
+## Methods
+
+### Pointers vs. Values
+- Value methods can be invoked on pointers and values
+- Pointer methods can only be invoked on pointers
+
+Rule: Value methods can be called on both values and pointers, but pointer methods should only be called on pointers (though Go allows calling on addressable values).
+
+```go
+type ByteSlice []byte
+
+func (slice ByteSlice) Append(data []byte) []byte {
+    // ...
+}
+
+func (p *ByteSlice) Append(data []byte) {
+    slice := *p
+    // ...
+    *p = slice
+}
+```
+
+## Interfaces and Other Types
+
+### Interfaces
+- A type implements an interface by implementing its methods
+- No explicit declaration of intent
+
+### Type Assertions
+```go
+value, ok := str.(string)
+```
+
+### Type Switches
+```go
+switch v := value.(type) {
+case string:
+    // v is string
+case int:
+    // v is int
+}
+```
+
+### Generality
+- If a type exists only to implement an interface and will never have exported methods beyond that interface, there's no need to export the type itself
+
+## The Blank Identifier
+
+### Unused Imports and Variables
+```go
+import _ "net/http/pprof"  // Import for side effects
+```
+
+### Interface Checks
+```go
+var _ json.Marshaler = (*RawMessage)(nil)
+```
+
+## Embedding
+
+### Composition, not Inheritance
+```go
+type ReadWriter struct {
+    *Reader  // *bufio.Reader
+    *Writer  // *bufio.Writer
+}
+```
+
+## Concurrency
+
+### Share by Communicating
+- Don't communicate by sharing memory; share memory by communicating
+- Use channels to pass ownership
+
+### Goroutines
+- Cheap: small initial stack
+- Multiplexed onto OS threads
+- Prefix function call with `go` keyword
+
+### Channels
+- Allocate with `make`
+- Unbuffered: synchronous
+- Buffered: asynchronous up to buffer size
+
+```go
+ci := make(chan int)            // unbuffered
+cj := make(chan int, 0)         // unbuffered
+cs := make(chan *os.File, 100)  // buffered
+```
+
+### Channels of Channels
+```go
+type Request struct {
+    args        []int
+    f           func([]int) int
+    resultChan  chan int
+}
+```
+
+### Parallelization
+```go
+const numCPU = runtime.NumCPU()
+runtime.GOMAXPROCS(numCPU)
+```
+
+## Errors
+
+### Error Type
+```go
+type error interface {
+    Error() string
+}
+```
+
+### Custom Errors
+```go
+type PathError struct {
+    Op   string
+    Path string
+    Err  error
+}
+
+func (e *PathError) Error() string {
+    return e.Op + " " + e.Path + ": " + e.Err.Error()
+}
+```
+
+### Panic
+- Use for unrecoverable errors
+- Generally avoid in library code
+
+### Recover
+- Called inside deferred function
+- Stops panic sequence
+- Returns value passed to panic
+
+```go
+func server(workChan <-chan *Work) {
+    for work := range workChan {
+        go safelyDo(work)
+    }
+}
+
+func safelyDo(work *Work) {
+    defer func() {
+        if err := recover(); err != nil {
+            log.Println("work failed:", err)
+        }
+    }()
+    do(work)
+}
+```
+
+## A Web Server Example
+
+```go
+package main
+
+import (
+    "fmt"
+    "log"
+    "net/http"
+)
+
+type Counter struct {
+    n int
+}
+
+func (ctr *Counter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
+    ctr.n++
+    fmt.Fprintf(w, "counter = %d\n", ctr.n)
+}
+
+func main() {
+    ctr := new(Counter)
+    http.Handle("/counter", ctr)
+    log.Fatal(http.ListenAndServe(":8080", nil))
+}
+```
+

.claude/skills/golang/references/quick-reference.md

@@ -0,0 +1,528 @@
+# Go Quick Reference Cheat Sheet
+
+## Basic Syntax
+
+### Hello World
+```go
+package main
+
+import "fmt"
+
+func main() {
+    fmt.Println("Hello, World!")
+}
+```
+
+### Variables
+```go
+var name string = "John"
+var age int = 30
+var height = 5.9  // type inference
+
+// Short declaration (inside functions only)
+count := 42
+```
+
+### Constants
+```go
+const Pi = 3.14159
+const (
+    Sunday = iota  // 0
+    Monday         // 1
+    Tuesday        // 2
+)
+```
+
+## Data Types
+
+### Basic Types
+```go
+bool                        // true, false
+string                      // "hello"
+int  int8  int16  int32  int64
+uint uint8 uint16 uint32 uint64
+byte                        // alias for uint8
+rune                        // alias for int32 (Unicode)
+float32 float64
+complex64 complex128
+```
+
+### Composite Types
+```go
+// Array (fixed size)
+var arr [5]int
+
+// Slice (dynamic)
+slice := []int{1, 2, 3}
+slice = append(slice, 4)
+
+// Map
+m := make(map[string]int)
+m["key"] = 42
+
+// Struct
+type Person struct {
+    Name string
+    Age  int
+}
+p := Person{Name: "Alice", Age: 30}
+
+// Pointer
+ptr := &p
+```
+
+## Functions
+
+```go
+// Basic function
+func add(a, b int) int {
+    return a + b
+}
+
+// Named returns (preferred)
+func divide(a, b float64) (result float64, err error) {
+    if b == 0 {
+        err = errors.New("division by zero")
+        return
+    }
+    result = a / b
+    return
+}
+
+// Variadic
+func sum(nums ...int) int {
+    total := 0
+    for _, n := range nums {
+        total += n
+    }
+    return total
+}
+
+// Multiple returns
+func swap(a, b int) (int, int) {
+    return b, a
+}
+```
+
+## Control Flow
+
+### If/Else
+```go
+if x > 0 {
+    // positive
+} else if x < 0 {
+    // negative
+} else {
+    // zero
+}
+
+// With initialization
+if err := doSomething(); err != nil {
+    return err
+}
+```
+
+### For Loops
+```go
+// Traditional for
+for i := 0; i < 10; i++ {
+    fmt.Println(i)
+}
+
+// While-style
+for condition {
+}
+
+// Infinite
+for {
+}
+
+// Range
+for i, v := range slice {
+    fmt.Printf("%d: %v\n", i, v)
+}
+
+for key, value := range myMap {
+    fmt.Printf("%s: %v\n", key, value)
+}
+```
+
+### Switch
+```go
+switch x {
+case 1:
+    fmt.Println("one")
+case 2, 3:
+    fmt.Println("two or three")
+default:
+    fmt.Println("other")
+}
+
+// Type switch
+switch v := i.(type) {
+case int:
+    fmt.Printf("int: %d\n", v)
+case string:
+    fmt.Printf("string: %s\n", v)
+}
+```
+
+## Methods & Interfaces
+
+### Methods
+```go
+type Rectangle struct {
+    Width, Height float64
+}
+
+// Value receiver
+func (r Rectangle) Area() float64 {
+    return r.Width * r.Height
+}
+
+// Pointer receiver
+func (r *Rectangle) Scale(factor float64) {
+    r.Width *= factor
+    r.Height *= factor
+}
+```
+
+### Interfaces
+```go
+type Shape interface {
+    Area() float64
+    Perimeter() float64
+}
+
+// Empty interface (any type)
+var x interface{}  // or: var x any
+```
+
+## Concurrency
+
+### Goroutines
+```go
+go doSomething()
+
+go func() {
+    fmt.Println("In goroutine")
+}()
+```
+
+### Channels
+```go
+// Create
+ch := make(chan int)        // unbuffered
+ch := make(chan int, 10)    // buffered
+
+// Send & Receive
+ch <- 42        // send
+value := <-ch   // receive
+
+// Close
+close(ch)
+
+// Check if closed
+value, ok := <-ch
+```
+
+### Select
+```go
+select {
+case msg := <-ch1:
+    fmt.Println("ch1:", msg)
+case msg := <-ch2:
+    fmt.Println("ch2:", msg)
+case <-time.After(1 * time.Second):
+    fmt.Println("timeout")
+default:
+    fmt.Println("no channel ready")
+}
+```
+
+### Sync Package
+```go
+// Mutex
+var mu sync.Mutex
+mu.Lock()
+defer mu.Unlock()
+
+// RWMutex
+var mu sync.RWMutex
+mu.RLock()
+defer mu.RUnlock()
+
+// WaitGroup
+var wg sync.WaitGroup
+wg.Add(1)
+go func() {
+    defer wg.Done()
+    // work
+}()
+wg.Wait()
+```
+
+## Error Handling
+
+```go
+// Create errors
+err := errors.New("error message")
+err := fmt.Errorf("failed: %w", originalErr)
+
+// Check errors
+if err != nil {
+    return err
+}
+
+// Custom error type
+type MyError struct {
+    Msg string
+}
+
+func (e *MyError) Error() string {
+    return e.Msg
+}
+
+// Error checking (Go 1.13+)
+if errors.Is(err, os.ErrNotExist) {
+    // handle
+}
+
+var pathErr *os.PathError
+if errors.As(err, &pathErr) {
+    // handle
+}
+```
+
+## Standard Library Snippets
+
+### fmt - Formatting
+```go
+fmt.Print("text")
+fmt.Println("text with newline")
+fmt.Printf("Name: %s, Age: %d\n", name, age)
+s := fmt.Sprintf("formatted %v", value)
+```
+
+### strings
+```go
+strings.Contains(s, substr)
+strings.HasPrefix(s, prefix)
+strings.Join([]string{"a", "b"}, ",")
+strings.Split(s, ",")
+strings.ToLower(s)
+strings.TrimSpace(s)
+```
+
+### strconv
+```go
+i, _ := strconv.Atoi("42")
+s := strconv.Itoa(42)
+f, _ := strconv.ParseFloat("3.14", 64)
+```
+
+### io
+```go
+io.Copy(dst, src)
+data, _ := io.ReadAll(r)
+io.WriteString(w, "data")
+```
+
+### os
+```go
+file, _ := os.Open("file.txt")
+defer file.Close()
+os.Getenv("PATH")
+os.Exit(1)
+```
+
+### net/http
+```go
+// Server
+http.HandleFunc("/", handler)
+http.ListenAndServe(":8080", nil)
+
+// Client
+resp, _ := http.Get("https://example.com")
+defer resp.Body.Close()
+```
+
+### encoding/json
+```go
+// Encode
+data, _ := json.Marshal(obj)
+
+// Decode
+json.Unmarshal(data, &obj)
+```
+
+### time
+```go
+now := time.Now()
+time.Sleep(5 * time.Second)
+t.Format("2006-01-02 15:04:05")
+time.Parse("2006-01-02", "2024-01-01")
+```
+
+## Testing
+
+### Basic Test
+```go
+// mycode_test.go
+package mypackage
+
+import "testing"
+
+func TestAdd(t *testing.T) {
+    result := Add(2, 3)
+    if result != 5 {
+        t.Errorf("got %d, want 5", result)
+    }
+}
+```
+
+### Table-Driven Test
+```go
+func TestAdd(t *testing.T) {
+    tests := []struct {
+        name     string
+        a, b     int
+        expected int
+    }{
+        {"positive", 2, 3, 5},
+        {"negative", -1, -1, -2},
+    }
+    
+    for _, tt := range tests {
+        t.Run(tt.name, func(t *testing.T) {
+            result := Add(tt.a, tt.b)
+            if result != tt.expected {
+                t.Errorf("got %d, want %d", result, tt.expected)
+            }
+        })
+    }
+}
+```
+
+### Benchmark
+```go
+func BenchmarkAdd(b *testing.B) {
+    for i := 0; i < b.N; i++ {
+        Add(2, 3)
+    }
+}
+```
+
+## Go Commands
+
+```bash
+# Run
+go run main.go
+
+# Build
+go build
+go build -o myapp
+
+# Test
+go test
+go test -v
+go test -cover
+go test -race
+
+# Format
+go fmt ./...
+gofmt -s -w .
+
+# Lint
+go vet ./...
+
+# Modules
+go mod init module-name
+go mod tidy
+go get package@version
+go get -u ./...
+
+# Install
+go install
+
+# Documentation
+go doc package.Function
+```
+
+## Common Patterns
+
+### Defer
+```go
+file, err := os.Open("file.txt")
+if err != nil {
+    return err
+}
+defer file.Close()
+```
+
+### Error Wrapping
+```go
+if err != nil {
+    return fmt.Errorf("failed to process: %w", err)
+}
+```
+
+### Context
+```go
+ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+defer cancel()
+```
+
+### Options Pattern
+```go
+type Option func(*Config)
+
+func WithPort(port int) Option {
+    return func(c *Config) {
+        c.port = port
+    }
+}
+
+func New(opts ...Option) *Server {
+    cfg := &Config{port: 8080}
+    for _, opt := range opts {
+        opt(cfg)
+    }
+    return &Server{cfg: cfg}
+}
+```
+
+## Format Verbs
+
+```go
+%v   // default format
+%+v  // struct with field names
+%#v  // Go-syntax representation
+%T   // type
+%t   // bool
+%d   // decimal integer
+%b   // binary
+%o   // octal
+%x   // hex (lowercase)
+%X   // hex (uppercase)
+%f   // float
+%e   // scientific notation
+%s   // string
+%q   // quoted string
+%p   // pointer address
+%w   // error wrapping
+```
+
+## Best Practices
+
+1. Use `gofmt` to format code
+2. Always check errors
+3. Use named return values
+4. Prefer composition over inheritance
+5. Use defer for cleanup
+6. Keep functions small and focused
+7. Write table-driven tests
+8. Document exported names
+9. Use interfaces for flexibility
+10. Follow Effective Go guidelines
+

.claude/skills/ndk/INDEX.md

@@ -0,0 +1,286 @@
+# NDK (Nostr Development Kit) Claude Skill
+
+> **Comprehensive knowledge base for working with NDK in production applications**
+
+This Claude skill provides deep expertise in the Nostr Development Kit based on real-world usage patterns from the Plebeian Market application.
+
+## 📚 Documentation Structure
+
+```
+.claude/skills/ndk/
+├── README.md                    # This file - Overview and getting started
+├── ndk-skill.md                 # Complete reference guide (18KB)
+├── quick-reference.md           # Fast lookup for common tasks (7KB)
+├── troubleshooting.md           # Common problems and solutions
+└── examples/                    # Production code examples
+    ├── README.md
+    ├── 01-initialization.ts     # NDK setup and connection
+    ├── 02-authentication.ts     # NIP-07, NIP-46, private keys
+    ├── 03-publishing-events.ts  # Creating and publishing events
+    ├── 04-querying-subscribing.ts # Fetching and real-time subs
+    └── 05-users-profiles.ts     # User and profile management
+```
+
+## 🚀 Quick Start
+
+### For Quick Lookups
+Start with **`quick-reference.md`** for:
+- Common code snippets
+- Quick syntax reminders
+- Frequently used patterns
+
+### For Deep Learning
+Read **`ndk-skill.md`** for:
+- Complete API documentation
+- Best practices
+- Integration patterns
+- Performance optimization
+
+### For Problem Solving
+Check **`troubleshooting.md`** for:
+- Common error solutions
+- Performance tips
+- Testing strategies
+- Debug techniques
+
+### For Code Examples
+Browse **`examples/`** directory for:
+- Real production code
+- Full implementations
+- React integration patterns
+- Error handling examples
+
+## 📖 Core Topics Covered
+
+### 1. Initialization & Setup
+- Basic NDK initialization
+- Multiple instance patterns (main + zap relays)
+- Connection management with timeouts
+- Relay pool configuration
+- Connection status monitoring
+
+### 2. Authentication
+- **NIP-07**: Browser extension signers (Alby, nos2x)
+- **NIP-46**: Remote signers (Bunker)
+- **Private Keys**: Direct key management
+- Auto-login with localStorage
+- Multi-account session management
+
+### 3. Event Publishing
+- Basic text notes
+- Parameterized replaceable events (products, profiles)
+- Order and payment events
+- Batch publishing
+- Error handling patterns
+
+### 4. Querying & Subscriptions
+- One-time fetches with `fetchEvents()`
+- Real-time subscriptions
+- Tag filtering patterns
+- Time-range queries
+- Event monitoring
+- React Query integration
+
+### 5. User & Profile Management
+- Fetch profiles (npub, hex, NIP-05)
+- Update user profiles
+- Follow/unfollow operations
+- Batch profile loading
+- Profile caching strategies
+
+### 6. Advanced Patterns
+- Store-based NDK management
+- Query + subscription combination
+- Event parsing utilities
+- Memory leak prevention
+- Performance optimization
+
+## 🎯 Use Cases
+
+### Building a Nostr Client
+```typescript
+// Initialize
+const { ndk, isConnected } = await initializeNDK({
+  relays: ['wss://relay.damus.io', 'wss://nos.lol'],
+  timeoutMs: 10000
+})
+
+// Authenticate
+const { user } = await loginWithExtension(ndk)
+
+// Publish
+await publishBasicNote(ndk, 'Hello Nostr!')
+
+// Subscribe
+const sub = subscribeToNotes(ndk, user.pubkey, (event) => {
+  console.log('New note:', event.content)
+})
+```
+
+### Building a Marketplace
+```typescript
+// Publish product
+await publishProduct(ndk, {
+  slug: 'bitcoin-shirt',
+  title: 'Bitcoin T-Shirt',
+  price: 25,
+  currency: 'USD',
+  images: ['https://...']
+})
+
+// Create order
+await createOrder(ndk, {
+  orderId: uuidv4(),
+  sellerPubkey: merchant.pubkey,
+  productRef: '30402:pubkey:bitcoin-shirt',
+  quantity: 1,
+  totalAmount: '25.00'
+})
+
+// Monitor payment
+monitorPaymentReceipt(ndk, orderId, invoiceId, (preimage) => {
+  console.log('Payment confirmed!')
+})
+```
+
+### React Integration
+```typescript
+function Feed() {
+  const ndk = useNDK()
+  const { user } = useAuth()
+  
+  // Query with real-time updates
+  const { data: notes } = useNotesWithSubscription(
+    ndk,
+    user.pubkey
+  )
+  
+  return (
+    <div>
+      {notes?.map(note => (
+        <NoteCard key={note.id} note={note} />
+      ))}
+    </div>
+  )
+}
+```
+
+## 🔍 Common Patterns Quick Reference
+
+### Safe NDK Access
+```typescript
+const ndk = ndkActions.getNDK()
+if (!ndk) throw new Error('NDK not initialized')
+```
+
+### Subscription Cleanup
+```typescript
+useEffect(() => {
+  const sub = ndk.subscribe(filter, { closeOnEose: false })
+  sub.on('event', handleEvent)
+  return () => sub.stop()  // Critical!
+}, [ndk])
+```
+
+### Error Handling
+```typescript
+try {
+  await event.sign()
+  await event.publish()
+} catch (error) {
+  console.error('Publishing failed:', error)
+  throw new Error('Failed to publish. Check connection.')
+}
+```
+
+### Tag Filtering
+```typescript
+// ✅ Correct (note the # prefix for tag filters)
+{ kinds: [16], '#order': [orderId] }
+
+// ❌ Wrong
+{ kinds: [16], 'order': [orderId] }
+```
+
+## 🛠 Development Tools
+
+### VS Code Integration
+These skill files work with:
+- Cursor AI for code completion
+- Claude for code assistance
+- GitHub Copilot with context
+
+### Debugging Tips
+```typescript
+// Check connection
+console.log('Connected relays:', 
+  Array.from(ndk.pool?.relays.values() || [])
+    .filter(r => r.status === 1)
+    .map(r => r.url)
+)
+
+// Verify signer
+console.log('Signer:', ndk.signer)
+console.log('Active user:', ndk.activeUser)
+
+// Event inspection
+console.log('Event:', {
+  id: event.id,
+  kind: event.kind,
+  tags: event.tags,
+  sig: event.sig
+})
+```
+
+## 📊 Statistics
+
+- **Total Documentation**: ~50KB
+- **Code Examples**: 5 complete modules
+- **Patterns Documented**: 50+
+- **Common Issues Covered**: 15+
+- **Based On**: Real production code
+
+## 🔗 Additional Resources
+
+### Official NDK Resources
+- **GitHub**: https://github.com/nostr-dev-kit/ndk
+- **Documentation**: https://ndk.fyi
+- **NPM**: `@nostr-dev-kit/ndk`
+
+### Nostr Protocol
+- **NIPs**: https://github.com/nostr-protocol/nips
+- **Nostr**: https://nostr.com
+
+### Related Tools
+- **TanStack Query**: React state management
+- **TanStack Router**: Type-safe routing
+- **Radix UI**: Accessible components
+
+## 💡 Tips for Using This Skill
+
+1. **Start Small**: Begin with quick-reference.md for syntax
+2. **Go Deep**: Read ndk-skill.md section by section
+3. **Copy Examples**: Use examples/ as templates
+4. **Debug Issues**: Check troubleshooting.md first
+5. **Stay Updated**: Patterns based on production usage
+
+## 🤝 Contributing
+
+This skill is maintained based on the Plebeian Market codebase. To improve it:
+
+1. Document new patterns you discover
+2. Add solutions to common problems
+3. Update examples with better approaches
+4. Keep synchronized with NDK updates
+
+## 📝 Version Info
+
+- **Skill Version**: 1.0.0
+- **NDK Version**: Latest (based on production usage)
+- **Last Updated**: November 2025
+- **Codebase**: Plebeian Market
+
+---
+
+**Ready to build with NDK?** Start with `quick-reference.md` or dive into `examples/01-initialization.ts`!
+

.claude/skills/ndk/README.md

@@ -0,0 +1,38 @@
+# NDK (Nostr Development Kit) Claude Skill
+
+This skill provides comprehensive knowledge about working with the Nostr Development Kit (NDK) library.
+
+## Files
+
+- **ndk-skill.md** - Complete reference documentation with patterns from production usage
+- **quick-reference.md** - Quick lookup guide for common NDK tasks
+- **examples/** - Code examples extracted from the Plebeian Market codebase
+
+## Usage
+
+When working with NDK-related code, reference these documents to:
+- Understand initialization patterns
+- Learn authentication flows (NIP-07, NIP-46, private keys)
+- Implement event creation and publishing
+- Set up subscriptions for real-time updates
+- Query events with filters
+- Handle users and profiles
+- Integrate with TanStack Query
+
+## Key Topics Covered
+
+1. NDK Initialization & Configuration
+2. Authentication & Signers
+3. Event Creation & Publishing
+4. Querying Events
+5. Real-time Subscriptions
+6. User & Profile Management
+7. Tag Handling
+8. Replaceable Events
+9. Relay Management
+10. Integration with React/TanStack Query
+11. Error Handling & Best Practices
+12. Performance Optimization
+
+All examples are based on real production code from the Plebeian Market application.
+

.claude/skills/ndk/examples/01-initialization.ts

@@ -0,0 +1,162 @@
+/**
+ * NDK Initialization Patterns
+ * 
+ * Examples from: src/lib/stores/ndk.ts
+ */
+
+import NDK from '@nostr-dev-kit/ndk'
+
+// ============================================================
+// BASIC INITIALIZATION
+// ============================================================
+
+const basicInit = () => {
+  const ndk = new NDK({
+    explicitRelayUrls: ['wss://relay.damus.io', 'wss://relay.nostr.band']
+  })
+  
+  return ndk
+}
+
+// ============================================================
+// PRODUCTION PATTERN - WITH MULTIPLE NDK INSTANCES
+// ============================================================
+
+const productionInit = (relays: string[], zapRelays: string[]) => {
+  // Main NDK instance for general operations
+  const ndk = new NDK({
+    explicitRelayUrls: relays
+  })
+  
+  // Separate NDK for zap operations (performance optimization)
+  const zapNdk = new NDK({
+    explicitRelayUrls: zapRelays
+  })
+  
+  return { ndk, zapNdk }
+}
+
+// ============================================================
+// CONNECTION WITH TIMEOUT
+// ============================================================
+
+const connectWithTimeout = async (
+  ndk: NDK, 
+  timeoutMs: number = 10000
+): Promise<void> => {
+  // Create connection promise
+  const connectPromise = ndk.connect()
+  
+  // Create timeout promise
+  const timeoutPromise = new Promise<never>((_, reject) =>
+    setTimeout(() => reject(new Error('Connection timeout')), timeoutMs)
+  )
+  
+  try {
+    // Race between connection and timeout
+    await Promise.race([connectPromise, timeoutPromise])
+    console.log('✅ NDK connected successfully')
+  } catch (error) {
+    if (error instanceof Error && error.message === 'Connection timeout') {
+      console.error('❌ Connection timed out after', timeoutMs, 'ms')
+    } else {
+      console.error('❌ Connection failed:', error)
+    }
+    throw error
+  }
+}
+
+// ============================================================
+// FULL INITIALIZATION FLOW
+// ============================================================
+
+interface InitConfig {
+  relays?: string[]
+  zapRelays?: string[]
+  timeoutMs?: number
+}
+
+const defaultRelays = [
+  'wss://relay.damus.io',
+  'wss://relay.nostr.band',
+  'wss://nos.lol'
+]
+
+const defaultZapRelays = [
+  'wss://relay.damus.io',
+  'wss://nostr.wine'
+]
+
+const initializeNDK = async (config: InitConfig = {}) => {
+  const {
+    relays = defaultRelays,
+    zapRelays = defaultZapRelays,
+    timeoutMs = 10000
+  } = config
+  
+  // Initialize instances
+  const ndk = new NDK({ explicitRelayUrls: relays })
+  const zapNdk = new NDK({ explicitRelayUrls: zapRelays })
+  
+  // Connect with timeout protection
+  try {
+    await connectWithTimeout(ndk, timeoutMs)
+    await connectWithTimeout(zapNdk, timeoutMs)
+    
+    return { ndk, zapNdk, isConnected: true }
+  } catch (error) {
+    return { ndk, zapNdk, isConnected: false, error }
+  }
+}
+
+// ============================================================
+// CHECKING CONNECTION STATUS
+// ============================================================
+
+const getConnectionStatus = (ndk: NDK) => {
+  const connectedRelays = Array.from(ndk.pool?.relays.values() || [])
+    .filter(relay => relay.status === 1)
+    .map(relay => relay.url)
+  
+  const isConnected = connectedRelays.length > 0
+  
+  return {
+    isConnected,
+    connectedRelays,
+    totalRelays: ndk.pool?.relays.size || 0
+  }
+}
+
+// ============================================================
+// USAGE EXAMPLE
+// ============================================================
+
+async function main() {
+  // Initialize
+  const { ndk, zapNdk, isConnected } = await initializeNDK({
+    relays: defaultRelays,
+    zapRelays: defaultZapRelays,
+    timeoutMs: 10000
+  })
+  
+  if (!isConnected) {
+    console.error('Failed to connect to relays')
+    return
+  }
+  
+  // Check status
+  const status = getConnectionStatus(ndk)
+  console.log('Connection status:', status)
+  
+  // Ready to use
+  console.log('NDK ready for operations')
+}
+
+export {
+  basicInit,
+  productionInit,
+  connectWithTimeout,
+  initializeNDK,
+  getConnectionStatus
+}
+

.claude/skills/ndk/examples/02-authentication.ts

@@ -0,0 +1,255 @@
+/**
+ * NDK Authentication Patterns
+ * 
+ * Examples from: src/lib/stores/auth.ts
+ */
+
+import NDK from '@nostr-dev-kit/ndk'
+import { NDKNip07Signer, NDKPrivateKeySigner, NDKNip46Signer } from '@nostr-dev-kit/ndk'
+
+// ============================================================
+// NIP-07 - BROWSER EXTENSION SIGNER
+// ============================================================
+
+const loginWithExtension = async (ndk: NDK) => {
+  try {
+    // Create NIP-07 signer (browser extension like Alby, nos2x)
+    const signer = new NDKNip07Signer()
+    
+    // Wait for signer to be ready
+    await signer.blockUntilReady()
+    
+    // Set signer on NDK instance
+    ndk.signer = signer
+    
+    // Get authenticated user
+    const user = await signer.user()
+    
+    console.log('✅ Logged in via extension:', user.npub)
+    return { user, signer }
+  } catch (error) {
+    console.error('❌ Extension login failed:', error)
+    throw new Error('Failed to login with browser extension. Is it installed?')
+  }
+}
+
+// ============================================================
+// PRIVATE KEY SIGNER
+// ============================================================
+
+const loginWithPrivateKey = async (ndk: NDK, privateKeyHex: string) => {
+  try {
+    // Validate private key format (64 hex characters)
+    if (!/^[0-9a-f]{64}$/.test(privateKeyHex)) {
+      throw new Error('Invalid private key format')
+    }
+    
+    // Create private key signer
+    const signer = new NDKPrivateKeySigner(privateKeyHex)
+    
+    // Wait for signer to be ready
+    await signer.blockUntilReady()
+    
+    // Set signer on NDK instance
+    ndk.signer = signer
+    
+    // Get authenticated user
+    const user = await signer.user()
+    
+    console.log('✅ Logged in with private key:', user.npub)
+    return { user, signer }
+  } catch (error) {
+    console.error('❌ Private key login failed:', error)
+    throw error
+  }
+}
+
+// ============================================================
+// NIP-46 - REMOTE SIGNER (BUNKER)
+// ============================================================
+
+const loginWithNip46 = async (
+  ndk: NDK,
+  bunkerUrl: string,
+  localPrivateKey?: string
+) => {
+  try {
+    // Create or use existing local signer
+    const localSigner = localPrivateKey
+      ? new NDKPrivateKeySigner(localPrivateKey)
+      : NDKPrivateKeySigner.generate()
+    
+    // Create NIP-46 remote signer
+    const remoteSigner = new NDKNip46Signer(ndk, bunkerUrl, localSigner)
+    
+    // Wait for signer to be ready (may require user approval)
+    await remoteSigner.blockUntilReady()
+    
+    // Set signer on NDK instance
+    ndk.signer = remoteSigner
+    
+    // Get authenticated user
+    const user = await remoteSigner.user()
+    
+    console.log('✅ Logged in via NIP-46:', user.npub)
+    
+    // Store local signer key for reconnection
+    return {
+      user,
+      signer: remoteSigner,
+      localSignerKey: localSigner.privateKey
+    }
+  } catch (error) {
+    console.error('❌ NIP-46 login failed:', error)
+    throw error
+  }
+}
+
+// ============================================================
+// AUTO-LOGIN FROM LOCAL STORAGE
+// ============================================================
+
+const STORAGE_KEYS = {
+  AUTO_LOGIN: 'nostr:auto-login',
+  LOCAL_SIGNER: 'nostr:local-signer',
+  BUNKER_URL: 'nostr:bunker-url',
+  ENCRYPTED_KEY: 'nostr:encrypted-key'
+}
+
+const getAuthFromStorage = async (ndk: NDK) => {
+  try {
+    // Check if auto-login is enabled
+    const autoLogin = localStorage.getItem(STORAGE_KEYS.AUTO_LOGIN)
+    if (autoLogin !== 'true') {
+      return null
+    }
+    
+    // Try NIP-46 bunker connection
+    const privateKey = localStorage.getItem(STORAGE_KEYS.LOCAL_SIGNER)
+    const bunkerUrl = localStorage.getItem(STORAGE_KEYS.BUNKER_URL)
+    
+    if (privateKey && bunkerUrl) {
+      return await loginWithNip46(ndk, bunkerUrl, privateKey)
+    }
+    
+    // Try encrypted private key
+    const encryptedKey = localStorage.getItem(STORAGE_KEYS.ENCRYPTED_KEY)
+    if (encryptedKey) {
+      // Would need decryption password from user
+      return { needsPassword: true, encryptedKey }
+    }
+    
+    // Fallback to extension
+    return await loginWithExtension(ndk)
+  } catch (error) {
+    console.error('Auto-login failed:', error)
+    return null
+  }
+}
+
+// ============================================================
+// SAVE AUTH TO STORAGE
+// ============================================================
+
+const saveAuthToStorage = (
+  method: 'extension' | 'private-key' | 'nip46',
+  data?: {
+    privateKey?: string
+    bunkerUrl?: string
+    encryptedKey?: string
+  }
+) => {
+  // Enable auto-login
+  localStorage.setItem(STORAGE_KEYS.AUTO_LOGIN, 'true')
+  
+  if (method === 'nip46' && data?.privateKey && data?.bunkerUrl) {
+    localStorage.setItem(STORAGE_KEYS.LOCAL_SIGNER, data.privateKey)
+    localStorage.setItem(STORAGE_KEYS.BUNKER_URL, data.bunkerUrl)
+  } else if (method === 'private-key' && data?.encryptedKey) {
+    localStorage.setItem(STORAGE_KEYS.ENCRYPTED_KEY, data.encryptedKey)
+  }
+  // Extension doesn't need storage
+}
+
+// ============================================================
+// LOGOUT
+// ============================================================
+
+const logout = (ndk: NDK) => {
+  // Remove signer from NDK
+  ndk.signer = undefined
+  
+  // Clear all auth storage
+  Object.values(STORAGE_KEYS).forEach(key => {
+    localStorage.removeItem(key)
+  })
+  
+  console.log('✅ Logged out successfully')
+}
+
+// ============================================================
+// GET CURRENT USER
+// ============================================================
+
+const getCurrentUser = async (ndk: NDK) => {
+  if (!ndk.signer) {
+    return null
+  }
+  
+  try {
+    const user = await ndk.signer.user()
+    return {
+      pubkey: user.pubkey,
+      npub: user.npub,
+      profile: await user.fetchProfile()
+    }
+  } catch (error) {
+    console.error('Failed to get current user:', error)
+    return null
+  }
+}
+
+// ============================================================
+// USAGE EXAMPLE
+// ============================================================
+
+async function authExample(ndk: NDK) {
+  // Try auto-login first
+  let auth = await getAuthFromStorage(ndk)
+  
+  if (!auth) {
+    // Manual login options
+    console.log('Choose login method:')
+    console.log('1. Browser Extension (NIP-07)')
+    console.log('2. Private Key')
+    console.log('3. Remote Signer (NIP-46)')
+    
+    // Example: login with extension
+    auth = await loginWithExtension(ndk)
+    saveAuthToStorage('extension')
+  }
+  
+  if (auth && 'needsPassword' in auth) {
+    // Handle encrypted key case
+    console.log('Password required for encrypted key')
+    return
+  }
+  
+  // Get current user info
+  const currentUser = await getCurrentUser(ndk)
+  console.log('Current user:', currentUser)
+  
+  // Logout when done
+  // logout(ndk)
+}
+
+export {
+  loginWithExtension,
+  loginWithPrivateKey,
+  loginWithNip46,
+  getAuthFromStorage,
+  saveAuthToStorage,
+  logout,
+  getCurrentUser
+}
+

.claude/skills/ndk/examples/03-publishing-events.ts

@@ -0,0 +1,376 @@
+/**
+ * NDK Event Publishing Patterns
+ * 
+ * Examples from: src/publish/orders.tsx, scripts/gen_products.ts
+ */
+
+import NDK, { NDKEvent, NDKTag } from '@nostr-dev-kit/ndk'
+
+// ============================================================
+// BASIC EVENT PUBLISHING
+// ============================================================
+
+const publishBasicNote = async (ndk: NDK, content: string) => {
+  // Create event
+  const event = new NDKEvent(ndk)
+  event.kind = 1  // Text note
+  event.content = content
+  event.tags = []
+  
+  // Sign and publish
+  await event.sign()
+  await event.publish()
+  
+  console.log('✅ Published note:', event.id)
+  return event.id
+}
+
+// ============================================================
+// EVENT WITH TAGS
+// ============================================================
+
+const publishNoteWithTags = async (
+  ndk: NDK,
+  content: string,
+  options: {
+    mentions?: string[]  // pubkeys to mention
+    hashtags?: string[]
+    replyTo?: string     // event ID
+  }
+) => {
+  const event = new NDKEvent(ndk)
+  event.kind = 1
+  event.content = content
+  event.tags = []
+  
+  // Add mentions
+  if (options.mentions) {
+    options.mentions.forEach(pubkey => {
+      event.tags.push(['p', pubkey])
+    })
+  }
+  
+  // Add hashtags
+  if (options.hashtags) {
+    options.hashtags.forEach(tag => {
+      event.tags.push(['t', tag])
+    })
+  }
+  
+  // Add reply
+  if (options.replyTo) {
+    event.tags.push(['e', options.replyTo, '', 'reply'])
+  }
+  
+  await event.sign()
+  await event.publish()
+  
+  return event.id
+}
+
+// ============================================================
+// PRODUCT LISTING (PARAMETERIZED REPLACEABLE EVENT)
+// ============================================================
+
+interface ProductData {
+  slug: string           // Unique identifier
+  title: string
+  description: string
+  price: number
+  currency: string
+  images: string[]
+  shippingRefs?: string[]
+  category?: string
+}
+
+const publishProduct = async (ndk: NDK, product: ProductData) => {
+  const event = new NDKEvent(ndk)
+  event.kind = 30402  // Product listing kind
+  event.content = product.description
+  
+  // Build tags
+  event.tags = [
+    ['d', product.slug],                    // Unique identifier (required for replaceable)
+    ['title', product.title],
+    ['price', product.price.toString(), product.currency],
+  ]
+  
+  // Add images
+  product.images.forEach(image => {
+    event.tags.push(['image', image])
+  })
+  
+  // Add shipping options
+  if (product.shippingRefs) {
+    product.shippingRefs.forEach(ref => {
+      event.tags.push(['shipping', ref])
+    })
+  }
+  
+  // Add category
+  if (product.category) {
+    event.tags.push(['t', product.category])
+  }
+  
+  // Optional: set custom timestamp
+  event.created_at = Math.floor(Date.now() / 1000)
+  
+  await event.sign()
+  await event.publish()
+  
+  console.log('✅ Published product:', product.title)
+  return event.id
+}
+
+// ============================================================
+// ORDER CREATION EVENT
+// ============================================================
+
+interface OrderData {
+  orderId: string
+  sellerPubkey: string
+  productRef: string
+  quantity: number
+  totalAmount: string
+  currency: string
+  shippingRef?: string
+  shippingAddress?: string
+  email?: string
+  phone?: string
+  notes?: string
+}
+
+const createOrder = async (ndk: NDK, order: OrderData) => {
+  const event = new NDKEvent(ndk)
+  event.kind = 16  // Order processing kind
+  event.content = order.notes || ''
+  
+  // Required tags per spec
+  event.tags = [
+    ['p', order.sellerPubkey],
+    ['subject', `Order ${order.orderId.substring(0, 8)}`],
+    ['type', 'order-creation'],
+    ['order', order.orderId],
+    ['amount', order.totalAmount],
+    ['item', order.productRef, order.quantity.toString()],
+  ]
+  
+  // Optional tags
+  if (order.shippingRef) {
+    event.tags.push(['shipping', order.shippingRef])
+  }
+  
+  if (order.shippingAddress) {
+    event.tags.push(['address', order.shippingAddress])
+  }
+  
+  if (order.email) {
+    event.tags.push(['email', order.email])
+  }
+  
+  if (order.phone) {
+    event.tags.push(['phone', order.phone])
+  }
+  
+  try {
+    await event.sign()
+    await event.publish()
+    
+    console.log('✅ Order created:', order.orderId)
+    return { success: true, eventId: event.id }
+  } catch (error) {
+    console.error('❌ Failed to create order:', error)
+    return { success: false, error }
+  }
+}
+
+// ============================================================
+// STATUS UPDATE EVENT
+// ============================================================
+
+const publishStatusUpdate = async (
+  ndk: NDK,
+  orderId: string,
+  recipientPubkey: string,
+  status: 'pending' | 'paid' | 'shipped' | 'delivered' | 'cancelled',
+  notes?: string
+) => {
+  const event = new NDKEvent(ndk)
+  event.kind = 16
+  event.content = notes || `Order status updated to ${status}`
+  event.tags = [
+    ['p', recipientPubkey],
+    ['subject', 'order-info'],
+    ['type', 'status-update'],
+    ['order', orderId],
+    ['status', status],
+  ]
+  
+  await event.sign()
+  await event.publish()
+  
+  return event.id
+}
+
+// ============================================================
+// BATCH PUBLISHING
+// ============================================================
+
+const publishMultipleEvents = async (
+  ndk: NDK,
+  events: Array<{ kind: number; content: string; tags: NDKTag[] }>
+) => {
+  const results = []
+  
+  for (const eventData of events) {
+    try {
+      const event = new NDKEvent(ndk)
+      event.kind = eventData.kind
+      event.content = eventData.content
+      event.tags = eventData.tags
+      
+      await event.sign()
+      await event.publish()
+      
+      results.push({ success: true, eventId: event.id })
+    } catch (error) {
+      results.push({ success: false, error })
+    }
+  }
+  
+  return results
+}
+
+// ============================================================
+// PUBLISH WITH CUSTOM SIGNER
+// ============================================================
+
+import { NDKSigner } from '@nostr-dev-kit/ndk'
+
+const publishWithCustomSigner = async (
+  ndk: NDK,
+  signer: NDKSigner,
+  eventData: { kind: number; content: string; tags: NDKTag[] }
+) => {
+  const event = new NDKEvent(ndk)
+  event.kind = eventData.kind
+  event.content = eventData.content
+  event.tags = eventData.tags
+  
+  // Sign with specific signer (not ndk.signer)
+  await event.sign(signer)
+  await event.publish()
+  
+  return event.id
+}
+
+// ============================================================
+// ERROR HANDLING PATTERN
+// ============================================================
+
+const publishWithErrorHandling = async (
+  ndk: NDK,
+  eventData: { kind: number; content: string; tags: NDKTag[] }
+) => {
+  // Validate NDK
+  if (!ndk) {
+    throw new Error('NDK not initialized')
+  }
+  
+  // Validate signer
+  if (!ndk.signer) {
+    throw new Error('No active signer. Please login first.')
+  }
+  
+  try {
+    const event = new NDKEvent(ndk)
+    event.kind = eventData.kind
+    event.content = eventData.content
+    event.tags = eventData.tags
+    
+    // Sign
+    await event.sign()
+    
+    // Verify signature
+    if (!event.sig) {
+      throw new Error('Event signing failed')
+    }
+    
+    // Publish
+    await event.publish()
+    
+    // Verify event ID
+    if (!event.id) {
+      throw new Error('Event ID not generated')
+    }
+    
+    return {
+      success: true,
+      eventId: event.id,
+      pubkey: event.pubkey
+    }
+  } catch (error) {
+    console.error('Publishing failed:', error)
+    
+    if (error instanceof Error) {
+      // Handle specific error types
+      if (error.message.includes('relay')) {
+        throw new Error('Failed to publish to relays. Check connection.')
+      }
+      if (error.message.includes('sign')) {
+        throw new Error('Failed to sign event. Check signer.')
+      }
+    }
+    
+    throw error
+  }
+}
+
+// ============================================================
+// USAGE EXAMPLE
+// ============================================================
+
+async function publishingExample(ndk: NDK) {
+  // Simple note
+  await publishBasicNote(ndk, 'Hello Nostr!')
+  
+  // Note with tags
+  await publishNoteWithTags(ndk, 'Check out this product!', {
+    hashtags: ['marketplace', 'nostr'],
+    mentions: ['pubkey123...']
+  })
+  
+  // Product listing
+  await publishProduct(ndk, {
+    slug: 'bitcoin-tshirt',
+    title: 'Bitcoin T-Shirt',
+    description: 'High quality Bitcoin t-shirt',
+    price: 25,
+    currency: 'USD',
+    images: ['https://example.com/image.jpg'],
+    category: 'clothing'
+  })
+  
+  // Order
+  await createOrder(ndk, {
+    orderId: 'order-123',
+    sellerPubkey: 'seller-pubkey',
+    productRef: '30402:pubkey:bitcoin-tshirt',
+    quantity: 1,
+    totalAmount: '25.00',
+    currency: 'USD',
+    email: 'customer@example.com'
+  })
+}
+
+export {
+  publishBasicNote,
+  publishNoteWithTags,
+  publishProduct,
+  createOrder,
+  publishStatusUpdate,
+  publishMultipleEvents,
+  publishWithCustomSigner,
+  publishWithErrorHandling
+}
+

.claude/skills/ndk/examples/04-querying-subscribing.ts

@@ -0,0 +1,404 @@
+/**
+ * NDK Query and Subscription Patterns
+ * 
+ * Examples from: src/queries/orders.tsx, src/queries/payment.tsx
+ */
+
+import NDK, { NDKEvent, NDKFilter, NDKSubscription } from '@nostr-dev-kit/ndk'
+
+// ============================================================
+// BASIC FETCH (ONE-TIME QUERY)
+// ============================================================
+
+const fetchNotes = async (ndk: NDK, authorPubkey: string, limit: number = 50) => {
+  const filter: NDKFilter = {
+    kinds: [1],  // Text notes
+    authors: [authorPubkey],
+    limit
+  }
+  
+  // Fetch returns a Set
+  const events = await ndk.fetchEvents(filter)
+  
+  // Convert to array and sort by timestamp
+  const eventArray = Array.from(events).sort((a, b) =>
+    (b.created_at || 0) - (a.created_at || 0)
+  )
+  
+  return eventArray
+}
+
+// ============================================================
+// FETCH WITH MULTIPLE FILTERS
+// ============================================================
+
+const fetchProductsByMultipleAuthors = async (
+  ndk: NDK,
+  pubkeys: string[]
+) => {
+  const filter: NDKFilter = {
+    kinds: [30402],  // Product listings
+    authors: pubkeys,
+    limit: 100
+  }
+  
+  const events = await ndk.fetchEvents(filter)
+  return Array.from(events)
+}
+
+// ============================================================
+// FETCH WITH TAG FILTERS
+// ============================================================
+
+const fetchOrderEvents = async (ndk: NDK, orderId: string) => {
+  const filter: NDKFilter = {
+    kinds: [16, 17],  // Order and payment receipt
+    '#order': [orderId],  // Tag filter (note the # prefix)
+  }
+  
+  const events = await ndk.fetchEvents(filter)
+  return Array.from(events)
+}
+
+// ============================================================
+// FETCH WITH TIME RANGE
+// ============================================================
+
+const fetchRecentEvents = async (
+  ndk: NDK,
+  kind: number,
+  hoursAgo: number = 24
+) => {
+  const now = Math.floor(Date.now() / 1000)
+  const since = now - (hoursAgo * 3600)
+  
+  const filter: NDKFilter = {
+    kinds: [kind],
+    since,
+    until: now,
+    limit: 100
+  }
+  
+  const events = await ndk.fetchEvents(filter)
+  return Array.from(events)
+}
+
+// ============================================================
+// FETCH BY EVENT ID
+// ============================================================
+
+const fetchEventById = async (ndk: NDK, eventId: string) => {
+  const filter: NDKFilter = {
+    ids: [eventId]
+  }
+  
+  const events = await ndk.fetchEvents(filter)
+  
+  if (events.size === 0) {
+    return null
+  }
+  
+  return Array.from(events)[0]
+}
+
+// ============================================================
+// BASIC SUBSCRIPTION (REAL-TIME)
+// ============================================================
+
+const subscribeToNotes = (
+  ndk: NDK,
+  authorPubkey: string,
+  onEvent: (event: NDKEvent) => void
+): NDKSubscription => {
+  const filter: NDKFilter = {
+    kinds: [1],
+    authors: [authorPubkey]
+  }
+  
+  const subscription = ndk.subscribe(filter, {
+    closeOnEose: false  // Keep open for real-time updates
+  })
+  
+  // Event handler
+  subscription.on('event', (event: NDKEvent) => {
+    onEvent(event)
+  })
+  
+  // EOSE (End of Stored Events) handler
+  subscription.on('eose', () => {
+    console.log('✅ Received all stored events')
+  })
+  
+  return subscription
+}
+
+// ============================================================
+// SUBSCRIPTION WITH CLEANUP
+// ============================================================
+
+const createManagedSubscription = (
+  ndk: NDK,
+  filter: NDKFilter,
+  handlers: {
+    onEvent: (event: NDKEvent) => void
+    onEose?: () => void
+    onClose?: () => void
+  }
+) => {
+  const subscription = ndk.subscribe(filter, { closeOnEose: false })
+  
+  subscription.on('event', handlers.onEvent)
+  
+  if (handlers.onEose) {
+    subscription.on('eose', handlers.onEose)
+  }
+  
+  if (handlers.onClose) {
+    subscription.on('close', handlers.onClose)
+  }
+  
+  // Return cleanup function
+  return () => {
+    subscription.stop()
+    console.log('✅ Subscription stopped')
+  }
+}
+
+// ============================================================
+// MONITORING SPECIFIC EVENT
+// ============================================================
+
+const monitorPaymentReceipt = (
+  ndk: NDK,
+  orderId: string,
+  invoiceId: string,
+  onPaymentReceived: (preimage: string) => void
+): NDKSubscription => {
+  const sessionStart = Math.floor(Date.now() / 1000)
+  
+  const filter: NDKFilter = {
+    kinds: [17],  // Payment receipt
+    '#order': [orderId],
+    '#payment-request': [invoiceId],
+    since: sessionStart - 30  // 30 second buffer for clock skew
+  }
+  
+  const subscription = ndk.subscribe(filter, { closeOnEose: false })
+  
+  subscription.on('event', (event: NDKEvent) => {
+    // Verify event is recent
+    if (event.created_at && event.created_at < sessionStart - 30) {
+      console.log('⏰ Ignoring old receipt')
+      return
+    }
+    
+    // Verify it's the correct invoice
+    const paymentRequestTag = event.tags.find(tag => tag[0] === 'payment-request')
+    if (paymentRequestTag?.[1] !== invoiceId) {
+      return
+    }
+    
+    // Extract preimage
+    const paymentTag = event.tags.find(tag => tag[0] === 'payment')
+    const preimage = paymentTag?.[3] || 'external-payment'
+    
+    console.log('✅ Payment received!')
+    subscription.stop()
+    onPaymentReceived(preimage)
+  })
+  
+  return subscription
+}
+
+// ============================================================
+// REACT INTEGRATION PATTERN
+// ============================================================
+
+import { useEffect, useState } from 'react'
+
+function useOrderSubscription(ndk: NDK | null, orderId: string) {
+  const [events, setEvents] = useState<NDKEvent[]>([])
+  const [eosed, setEosed] = useState(false)
+  
+  useEffect(() => {
+    if (!ndk || !orderId) return
+    
+    const filter: NDKFilter = {
+      kinds: [16, 17],
+      '#order': [orderId]
+    }
+    
+    const subscription = ndk.subscribe(filter, { closeOnEose: false })
+    
+    subscription.on('event', (event: NDKEvent) => {
+      setEvents(prev => {
+        // Avoid duplicates
+        if (prev.some(e => e.id === event.id)) {
+          return prev
+        }
+        return [...prev, event].sort((a, b) =>
+          (a.created_at || 0) - (b.created_at || 0)
+        )
+      })
+    })
+    
+    subscription.on('eose', () => {
+      setEosed(true)
+    })
+    
+    // Cleanup on unmount
+    return () => {
+      subscription.stop()
+    }
+  }, [ndk, orderId])
+  
+  return { events, eosed }
+}
+
+// ============================================================
+// REACT QUERY INTEGRATION
+// ============================================================
+
+import { useQuery, useQueryClient } from '@tanstack/react-query'
+
+// Query function
+const fetchProducts = async (ndk: NDK, pubkey: string) => {
+  if (!ndk) throw new Error('NDK not initialized')
+  
+  const filter: NDKFilter = {
+    kinds: [30402],
+    authors: [pubkey]
+  }
+  
+  const events = await ndk.fetchEvents(filter)
+  return Array.from(events)
+}
+
+// Hook with subscription for real-time updates
+function useProductsWithSubscription(ndk: NDK | null, pubkey: string) {
+  const queryClient = useQueryClient()
+  
+  // Initial query
+  const query = useQuery({
+    queryKey: ['products', pubkey],
+    queryFn: () => fetchProducts(ndk!, pubkey),
+    enabled: !!ndk && !!pubkey,
+    staleTime: 30000
+  })
+  
+  // Real-time subscription
+  useEffect(() => {
+    if (!ndk || !pubkey) return
+    
+    const filter: NDKFilter = {
+      kinds: [30402],
+      authors: [pubkey]
+    }
+    
+    const subscription = ndk.subscribe(filter, { closeOnEose: false })
+    
+    subscription.on('event', () => {
+      // Invalidate query to trigger refetch
+      queryClient.invalidateQueries({ queryKey: ['products', pubkey] })
+    })
+    
+    return () => {
+      subscription.stop()
+    }
+  }, [ndk, pubkey, queryClient])
+  
+  return query
+}
+
+// ============================================================
+// ADVANCED: WAITING FOR SPECIFIC EVENT
+// ============================================================
+
+const waitForEvent = (
+  ndk: NDK,
+  filter: NDKFilter,
+  condition: (event: NDKEvent) => boolean,
+  timeoutMs: number = 30000
+): Promise<NDKEvent | null> => {
+  return new Promise((resolve) => {
+    const subscription = ndk.subscribe(filter, { closeOnEose: false })
+    
+    // Timeout
+    const timeout = setTimeout(() => {
+      subscription.stop()
+      resolve(null)
+    }, timeoutMs)
+    
+    // Event handler
+    subscription.on('event', (event: NDKEvent) => {
+      if (condition(event)) {
+        clearTimeout(timeout)
+        subscription.stop()
+        resolve(event)
+      }
+    })
+  })
+}
+
+// Usage example
+async function waitForPayment(ndk: NDK, orderId: string, invoiceId: string) {
+  const paymentEvent = await waitForEvent(
+    ndk,
+    {
+      kinds: [17],
+      '#order': [orderId],
+      since: Math.floor(Date.now() / 1000)
+    },
+    (event) => {
+      const tag = event.tags.find(t => t[0] === 'payment-request')
+      return tag?.[1] === invoiceId
+    },
+    60000  // 60 second timeout
+  )
+  
+  if (paymentEvent) {
+    console.log('✅ Payment confirmed!')
+    return paymentEvent
+  } else {
+    console.log('⏰ Payment timeout')
+    return null
+  }
+}
+
+// ============================================================
+// USAGE EXAMPLES
+// ============================================================
+
+async function queryExample(ndk: NDK) {
+  // Fetch notes
+  const notes = await fetchNotes(ndk, 'pubkey123', 50)
+  console.log(`Found ${notes.length} notes`)
+  
+  // Subscribe to new notes
+  const cleanup = subscribeToNotes(ndk, 'pubkey123', (event) => {
+    console.log('New note:', event.content)
+  })
+  
+  // Clean up after 60 seconds
+  setTimeout(cleanup, 60000)
+  
+  // Monitor payment
+  monitorPaymentReceipt(ndk, 'order-123', 'invoice-456', (preimage) => {
+    console.log('Payment received:', preimage)
+  })
+}
+
+export {
+  fetchNotes,
+  fetchProductsByMultipleAuthors,
+  fetchOrderEvents,
+  fetchRecentEvents,
+  fetchEventById,
+  subscribeToNotes,
+  createManagedSubscription,
+  monitorPaymentReceipt,
+  useOrderSubscription,
+  useProductsWithSubscription,
+  waitForEvent
+}
+

.claude/skills/ndk/examples/05-users-profiles.ts

@@ -0,0 +1,423 @@
+/**
+ * NDK User and Profile Handling
+ * 
+ * Examples from: src/queries/profiles.tsx, src/components/Profile.tsx
+ */
+
+import NDK, { NDKUser, NDKUserProfile } from '@nostr-dev-kit/ndk'
+import { nip19 } from 'nostr-tools'
+
+// ============================================================
+// FETCH PROFILE BY NPUB
+// ============================================================
+
+const fetchProfileByNpub = async (ndk: NDK, npub: string): Promise<NDKUserProfile | null> => {
+  try {
+    // Get user object from npub
+    const user = ndk.getUser({ npub })
+    
+    // Fetch profile from relays
+    const profile = await user.fetchProfile()
+    
+    return profile
+  } catch (error) {
+    console.error('Failed to fetch profile:', error)
+    return null
+  }
+}
+
+// ============================================================
+// FETCH PROFILE BY HEX PUBKEY
+// ============================================================
+
+const fetchProfileByPubkey = async (ndk: NDK, pubkey: string): Promise<NDKUserProfile | null> => {
+  try {
+    const user = ndk.getUser({ hexpubkey: pubkey })
+    const profile = await user.fetchProfile()
+    
+    return profile
+  } catch (error) {
+    console.error('Failed to fetch profile:', error)
+    return null
+  }
+}
+
+// ============================================================
+// FETCH PROFILE BY NIP-05
+// ============================================================
+
+const fetchProfileByNip05 = async (ndk: NDK, nip05: string): Promise<NDKUserProfile | null> => {
+  try {
+    // Resolve NIP-05 identifier to user
+    const user = await ndk.getUserFromNip05(nip05)
+    
+    if (!user) {
+      console.log('User not found for NIP-05:', nip05)
+      return null
+    }
+    
+    // Fetch profile
+    const profile = await user.fetchProfile()
+    
+    return profile
+  } catch (error) {
+    console.error('Failed to fetch profile by NIP-05:', error)
+    return null
+  }
+}
+
+// ============================================================
+// FETCH PROFILE BY ANY IDENTIFIER
+// ============================================================
+
+const fetchProfileByIdentifier = async (
+  ndk: NDK,
+  identifier: string
+): Promise<{ profile: NDKUserProfile | null; user: NDKUser | null }> => {
+  try {
+    // Check if it's a NIP-05 (contains @)
+    if (identifier.includes('@')) {
+      const user = await ndk.getUserFromNip05(identifier)
+      if (!user) return { profile: null, user: null }
+      
+      const profile = await user.fetchProfile()
+      return { profile, user }
+    }
+    
+    // Check if it's an npub
+    if (identifier.startsWith('npub')) {
+      const user = ndk.getUser({ npub: identifier })
+      const profile = await user.fetchProfile()
+      return { profile, user }
+    }
+    
+    // Assume it's a hex pubkey
+    const user = ndk.getUser({ hexpubkey: identifier })
+    const profile = await user.fetchProfile()
+    return { profile, user }
+  } catch (error) {
+    console.error('Failed to fetch profile:', error)
+    return { profile: null, user: null }
+  }
+}
+
+// ============================================================
+// GET CURRENT USER
+// ============================================================
+
+const getCurrentUser = async (ndk: NDK): Promise<NDKUser | null> => {
+  if (!ndk.signer) {
+    console.log('No signer set')
+    return null
+  }
+  
+  try {
+    const user = await ndk.signer.user()
+    return user
+  } catch (error) {
+    console.error('Failed to get current user:', error)
+    return null
+  }
+}
+
+// ============================================================
+// PROFILE DATA STRUCTURE
+// ============================================================
+
+interface ProfileData {
+  // Standard fields
+  name?: string
+  displayName?: string
+  display_name?: string
+  picture?: string
+  image?: string
+  banner?: string
+  about?: string
+  
+  // Contact
+  nip05?: string
+  lud06?: string  // LNURL
+  lud16?: string  // Lightning address
+  
+  // Social
+  website?: string
+  
+  // Raw data
+  [key: string]: any
+}
+
+// ============================================================
+// EXTRACT PROFILE INFO
+// ============================================================
+
+const extractProfileInfo = (profile: NDKUserProfile | null) => {
+  if (!profile) {
+    return {
+      displayName: 'Anonymous',
+      avatar: null,
+      bio: null,
+      lightningAddress: null,
+      nip05: null
+    }
+  }
+  
+  return {
+    displayName: profile.displayName || profile.display_name || profile.name || 'Anonymous',
+    avatar: profile.picture || profile.image || null,
+    banner: profile.banner || null,
+    bio: profile.about || null,
+    lightningAddress: profile.lud16 || profile.lud06 || null,
+    nip05: profile.nip05 || null,
+    website: profile.website || null
+  }
+}
+
+// ============================================================
+// UPDATE PROFILE
+// ============================================================
+
+import { NDKEvent } from '@nostr-dev-kit/ndk'
+
+const updateProfile = async (ndk: NDK, profileData: Partial<ProfileData>) => {
+  if (!ndk.signer) {
+    throw new Error('No signer available')
+  }
+  
+  // Get current profile
+  const currentUser = await ndk.signer.user()
+  const currentProfile = await currentUser.fetchProfile()
+  
+  // Merge with new data
+  const updatedProfile = {
+    ...currentProfile,
+    ...profileData
+  }
+  
+  // Create kind 0 (metadata) event
+  const event = new NDKEvent(ndk)
+  event.kind = 0
+  event.content = JSON.stringify(updatedProfile)
+  event.tags = []
+  
+  await event.sign()
+  await event.publish()
+  
+  console.log('✅ Profile updated')
+  return event.id
+}
+
+// ============================================================
+// BATCH FETCH PROFILES
+// ============================================================
+
+const fetchMultipleProfiles = async (
+  ndk: NDK,
+  pubkeys: string[]
+): Promise<Map<string, NDKUserProfile | null>> => {
+  const profiles = new Map<string, NDKUserProfile | null>()
+  
+  // Fetch all profiles in parallel
+  await Promise.all(
+    pubkeys.map(async (pubkey) => {
+      try {
+        const user = ndk.getUser({ hexpubkey: pubkey })
+        const profile = await user.fetchProfile()
+        profiles.set(pubkey, profile)
+      } catch (error) {
+        console.error(`Failed to fetch profile for ${pubkey}:`, error)
+        profiles.set(pubkey, null)
+      }
+    })
+  )
+  
+  return profiles
+}
+
+// ============================================================
+// CONVERT BETWEEN FORMATS
+// ============================================================
+
+const convertPubkeyFormats = (identifier: string) => {
+  try {
+    // If it's npub, convert to hex
+    if (identifier.startsWith('npub')) {
+      const decoded = nip19.decode(identifier)
+      if (decoded.type === 'npub') {
+        return {
+          hex: decoded.data as string,
+          npub: identifier
+        }
+      }
+    }
+    
+    // If it's hex, convert to npub
+    if (/^[0-9a-f]{64}$/.test(identifier)) {
+      return {
+        hex: identifier,
+        npub: nip19.npubEncode(identifier)
+      }
+    }
+    
+    throw new Error('Invalid pubkey format')
+  } catch (error) {
+    console.error('Format conversion failed:', error)
+    return null
+  }
+}
+
+// ============================================================
+// REACT HOOK FOR PROFILE
+// ============================================================
+
+import { useQuery } from '@tanstack/react-query'
+import { useEffect, useState } from 'react'
+
+function useProfile(ndk: NDK | null, npub: string | undefined) {
+  return useQuery({
+    queryKey: ['profile', npub],
+    queryFn: async () => {
+      if (!ndk || !npub) throw new Error('NDK or npub missing')
+      return await fetchProfileByNpub(ndk, npub)
+    },
+    enabled: !!ndk && !!npub,
+    staleTime: 5 * 60 * 1000,  // 5 minutes
+    cacheTime: 30 * 60 * 1000  // 30 minutes
+  })
+}
+
+// ============================================================
+// REACT COMPONENT EXAMPLE
+// ============================================================
+
+interface ProfileDisplayProps {
+  ndk: NDK
+  pubkey: string
+}
+
+function ProfileDisplay({ ndk, pubkey }: ProfileDisplayProps) {
+  const [profile, setProfile] = useState<NDKUserProfile | null>(null)
+  const [loading, setLoading] = useState(true)
+  
+  useEffect(() => {
+    const loadProfile = async () => {
+      setLoading(true)
+      try {
+        const user = ndk.getUser({ hexpubkey: pubkey })
+        const fetchedProfile = await user.fetchProfile()
+        setProfile(fetchedProfile)
+      } catch (error) {
+        console.error('Failed to load profile:', error)
+      } finally {
+        setLoading(false)
+      }
+    }
+    
+    loadProfile()
+  }, [ndk, pubkey])
+  
+  if (loading) {
+    return <div>Loading profile...</div>
+  }
+  
+  const info = extractProfileInfo(profile)
+  
+  return (
+    <div className="profile">
+      {info.avatar && <img src={info.avatar} alt={info.displayName} />}
+      <h2>{info.displayName}</h2>
+      {info.bio && <p>{info.bio}</p>}
+      {info.nip05 && <span>✓ {info.nip05}</span>}
+      {info.lightningAddress && <span>⚡ {info.lightningAddress}</span>}
+    </div>
+  )
+}
+
+// ============================================================
+// FOLLOW/UNFOLLOW USER
+// ============================================================
+
+const followUser = async (ndk: NDK, pubkeyToFollow: string) => {
+  if (!ndk.signer) {
+    throw new Error('No signer available')
+  }
+  
+  // Fetch current contact list (kind 3)
+  const currentUser = await ndk.signer.user()
+  const contactListFilter = {
+    kinds: [3],
+    authors: [currentUser.pubkey]
+  }
+  
+  const existingEvents = await ndk.fetchEvents(contactListFilter)
+  const existingContactList = existingEvents.size > 0
+    ? Array.from(existingEvents)[0]
+    : null
+  
+  // Get existing p tags
+  const existingPTags = existingContactList
+    ? existingContactList.tags.filter(tag => tag[0] === 'p')
+    : []
+  
+  // Check if already following
+  const alreadyFollowing = existingPTags.some(tag => tag[1] === pubkeyToFollow)
+  if (alreadyFollowing) {
+    console.log('Already following this user')
+    return
+  }
+  
+  // Create new contact list with added user
+  const event = new NDKEvent(ndk)
+  event.kind = 3
+  event.content = existingContactList?.content || ''
+  event.tags = [
+    ...existingPTags,
+    ['p', pubkeyToFollow]
+  ]
+  
+  await event.sign()
+  await event.publish()
+  
+  console.log('✅ Now following user')
+}
+
+// ============================================================
+// USAGE EXAMPLE
+// ============================================================
+
+async function profileExample(ndk: NDK) {
+  // Fetch by different identifiers
+  const profile1 = await fetchProfileByNpub(ndk, 'npub1...')
+  const profile2 = await fetchProfileByNip05(ndk, 'user@domain.com')
+  const profile3 = await fetchProfileByPubkey(ndk, 'hex pubkey...')
+  
+  // Extract display info
+  const info = extractProfileInfo(profile1)
+  console.log('Display name:', info.displayName)
+  console.log('Avatar:', info.avatar)
+  
+  // Update own profile
+  await updateProfile(ndk, {
+    name: 'My Name',
+    about: 'My bio',
+    picture: 'https://example.com/avatar.jpg',
+    lud16: 'me@getalby.com'
+  })
+  
+  // Follow someone
+  await followUser(ndk, 'pubkey to follow')
+}
+
+export {
+  fetchProfileByNpub,
+  fetchProfileByPubkey,
+  fetchProfileByNip05,
+  fetchProfileByIdentifier,
+  getCurrentUser,
+  extractProfileInfo,
+  updateProfile,
+  fetchMultipleProfiles,
+  convertPubkeyFormats,
+  useProfile,
+  followUser
+}
+

.claude/skills/ndk/examples/README.md

@@ -0,0 +1,94 @@
+# NDK Examples Index
+
+Complete code examples extracted from the Plebeian Market production codebase.
+
+## Available Examples
+
+### 01-initialization.ts
+- Basic NDK initialization
+- Multiple NDK instances (main + zap relays)
+- Connection with timeout protection
+- Connection status checking
+- Full initialization flow with error handling
+
+### 02-authentication.ts
+- NIP-07 browser extension login
+- Private key signer
+- NIP-46 remote signer (Bunker)
+- Auto-login from localStorage
+- Saving auth credentials
+- Logout functionality
+- Getting current user
+
+### 03-publishing-events.ts
+- Basic note publishing
+- Events with tags (mentions, hashtags, replies)
+- Product listings (parameterized replaceable events)
+- Order creation events
+- Status update events
+- Batch publishing
+- Custom signer usage
+- Comprehensive error handling
+
+### 04-querying-subscribing.ts
+- Basic fetch queries
+- Multiple author queries
+- Tag filtering
+- Time range filtering
+- Event ID lookup
+- Real-time subscriptions
+- Subscription cleanup patterns
+- React integration hooks
+- React Query integration
+- Waiting for specific events
+- Payment monitoring
+
+### 05-users-profiles.ts
+- Fetch profile by npub
+- Fetch profile by hex pubkey
+- Fetch profile by NIP-05
+- Universal identifier lookup
+- Get current user
+- Extract profile information
+- Update user profile
+- Batch fetch multiple profiles
+- Convert between pubkey formats (hex/npub)
+- React hooks for profiles
+- Follow/unfollow users
+
+## Usage
+
+Each file contains:
+- Fully typed TypeScript code
+- JSDoc comments explaining the pattern
+- Error handling examples
+- Integration patterns with React/TanStack Query
+- Real-world usage examples
+
+All examples are based on actual production code from the Plebeian Market application.
+
+## Running Examples
+
+```typescript
+import { initializeNDK } from './01-initialization'
+import { loginWithExtension } from './02-authentication'
+import { publishBasicNote } from './03-publishing-events'
+
+// Initialize NDK
+const { ndk, isConnected } = await initializeNDK()
+
+if (isConnected) {
+  // Authenticate
+  const { user } = await loginWithExtension(ndk)
+  
+  // Publish
+  await publishBasicNote(ndk, 'Hello Nostr!')
+}
+```
+
+## Additional Resources
+
+- See `../ndk-skill.md` for detailed documentation
+- See `../quick-reference.md` for quick lookup
+- Check the main codebase for more complex patterns
+

.claude/skills/ndk/ndk-skill.md

@@ -0,0 +1,701 @@
+# NDK (Nostr Development Kit) - Claude Skill Reference
+
+## Overview
+
+NDK is the primary Nostr development kit with outbox-model support, designed for building Nostr applications with TypeScript/JavaScript. This reference is based on analyzing production usage in the Plebeian Market codebase.
+
+## Core Concepts
+
+### 1. NDK Initialization
+
+**Basic Pattern:**
+```typescript
+import NDK from '@nostr-dev-kit/ndk'
+
+// Simple initialization
+const ndk = new NDK({
+  explicitRelayUrls: ['wss://relay.damus.io', 'wss://relay.nostr.band']
+})
+
+await ndk.connect()
+```
+
+**Store-based Pattern (Production):**
+```typescript
+// From src/lib/stores/ndk.ts
+const ndk = new NDK({
+  explicitRelayUrls: relays || defaultRelaysUrls,
+})
+
+// Separate NDK for zaps on specialized relays
+const zapNdk = new NDK({
+  explicitRelayUrls: ZAP_RELAYS,
+})
+
+// Connect with timeout protection
+const connectPromise = ndk.connect()
+const timeoutPromise = new Promise((_, reject) => 
+  setTimeout(() => reject(new Error('Connection timeout')), timeoutMs)
+)
+await Promise.race([connectPromise, timeoutPromise])
+```
+
+### 2. Authentication & Signers
+
+NDK supports multiple signer types for different authentication methods:
+
+#### NIP-07 (Browser Extension)
+```typescript
+import { NDKNip07Signer } from '@nostr-dev-kit/ndk'
+
+const signer = new NDKNip07Signer()
+await signer.blockUntilReady()
+ndk.signer = signer
+
+const user = await signer.user()
+```
+
+#### Private Key Signer
+```typescript
+import { NDKPrivateKeySigner } from '@nostr-dev-kit/ndk'
+
+const signer = new NDKPrivateKeySigner(privateKeyHex)
+await signer.blockUntilReady()
+ndk.signer = signer
+
+const user = await signer.user()
+```
+
+#### NIP-46 (Remote Signer / Bunker)
+```typescript
+import { NDKNip46Signer } from '@nostr-dev-kit/ndk'
+
+const localSigner = new NDKPrivateKeySigner(localPrivateKey)
+const remoteSigner = new NDKNip46Signer(ndk, bunkerUrl, localSigner)
+await remoteSigner.blockUntilReady()
+ndk.signer = remoteSigner
+
+const user = await remoteSigner.user()
+```
+
+**Key Points:**
+- Always call `blockUntilReady()` before using a signer
+- Store signer reference in your state management
+- Set `ndk.signer` to enable signing operations
+- Use `await signer.user()` to get the authenticated user
+
+### 3. Event Creation & Publishing
+
+#### Basic Event Pattern
+```typescript
+import { NDKEvent } from '@nostr-dev-kit/ndk'
+
+// Create event
+const event = new NDKEvent(ndk)
+event.kind = 1  // Kind 1 = text note
+event.content = "Hello Nostr!"
+event.tags = [
+  ['t', 'nostr'],
+  ['p', recipientPubkey]
+]
+
+// Sign and publish
+await event.sign()  // Uses ndk.signer automatically
+await event.publish()
+
+// Get event ID after signing
+console.log(event.id)
+```
+
+#### Production Pattern with Error Handling
+```typescript
+// From src/publish/orders.tsx
+const event = new NDKEvent(ndk)
+event.kind = ORDER_PROCESS_KIND
+event.content = orderNotes || ''
+event.tags = [
+  ['p', sellerPubkey],
+  ['subject', `Order for ${productName}`],
+  ['type', 'order-creation'],
+  ['order', orderId],
+  ['amount', totalAmount],
+  ['item', productRef, quantity.toString()],
+]
+
+// Optional tags
+if (shippingRef) {
+  event.tags.push(['shipping', shippingRef])
+}
+
+try {
+  await event.sign(signer)  // Can pass explicit signer
+  await event.publish()
+  return event.id
+} catch (error) {
+  console.error('Failed to publish event:', error)
+  throw error
+}
+```
+
+**Key Points:**
+- Create event with `new NDKEvent(ndk)`
+- Set `kind`, `content`, and `tags` properties
+- Optional: Set `created_at` timestamp (defaults to now)
+- Call `await event.sign()` before publishing
+- Call `await event.publish()` to broadcast to relays
+- Access `event.id` after signing for the event hash
+
+### 4. Querying Events with Filters
+
+#### fetchEvents() - One-time Fetch
+```typescript
+import { NDKFilter } from '@nostr-dev-kit/ndk'
+
+// Simple filter
+const filter: NDKFilter = {
+  kinds: [30402],  // Product listings
+  authors: [merchantPubkey],
+  limit: 50
+}
+
+const events = await ndk.fetchEvents(filter)
+// Returns Set<NDKEvent>
+
+// Convert to array and process
+const eventArray = Array.from(events)
+const sortedEvents = eventArray.sort((a, b) => 
+  (b.created_at || 0) - (a.created_at || 0)
+)
+```
+
+#### Advanced Filters
+```typescript
+// Multiple kinds
+const filter: NDKFilter = {
+  kinds: [16, 17],  // Orders and payment receipts
+  '#order': [orderId],  // Tag filter (# prefix)
+  since: Math.floor(Date.now() / 1000) - 86400,  // Last 24 hours
+  limit: 100
+}
+
+// Event ID lookup
+const filter: NDKFilter = {
+  ids: [eventIdHex],
+}
+
+// Tag filtering
+const filter: NDKFilter = {
+  kinds: [1],
+  '#p': [pubkey],  // Events mentioning pubkey
+  '#t': ['nostr'],  // Events with hashtag 'nostr'
+}
+```
+
+### 5. Subscriptions (Real-time)
+
+#### Basic Subscription
+```typescript
+// From src/queries/blacklist.tsx
+const filter = {
+  kinds: [10000],
+  authors: [appPubkey],
+}
+
+const subscription = ndk.subscribe(filter, {
+  closeOnEose: false,  // Keep open for real-time updates
+})
+
+subscription.on('event', (event: NDKEvent) => {
+  console.log('New event received:', event)
+  // Process event
+})
+
+subscription.on('eose', () => {
+  console.log('End of stored events')
+})
+
+// Cleanup
+subscription.stop()
+```
+
+#### Production Pattern with React Query
+```typescript
+// From src/queries/orders.tsx
+useEffect(() => {
+  if (!orderId || !ndk) return
+
+  const filter = {
+    kinds: [ORDER_PROCESS_KIND, PAYMENT_RECEIPT_KIND],
+    '#order': [orderId],
+  }
+
+  const subscription = ndk.subscribe(filter, {
+    closeOnEose: false,
+  })
+
+  subscription.on('event', (newEvent) => {
+    // Invalidate React Query cache to trigger refetch
+    queryClient.invalidateQueries({ 
+      queryKey: orderKeys.details(orderId) 
+    })
+  })
+
+  // Cleanup on unmount
+  return () => {
+    subscription.stop()
+  }
+}, [orderId, ndk, queryClient])
+```
+
+#### Monitoring Specific Events
+```typescript
+// From src/queries/payment.tsx - Payment receipt monitoring
+const receiptFilter = {
+  kinds: [17],  // Payment receipts
+  '#order': [orderId],
+  '#payment-request': [invoiceId],
+  since: sessionStartTime - 30,  // Clock skew buffer
+}
+
+const subscription = ndk.subscribe(receiptFilter, {
+  closeOnEose: false,
+})
+
+subscription.on('event', (receiptEvent: NDKEvent) => {
+  // Verify this is the correct invoice
+  const paymentRequestTag = receiptEvent.tags.find(
+    tag => tag[0] === 'payment-request'
+  )
+  
+  if (paymentRequestTag?.[1] === invoiceId) {
+    const paymentTag = receiptEvent.tags.find(tag => tag[0] === 'payment')
+    const preimage = paymentTag?.[3] || 'external-payment'
+    
+    // Stop subscription after finding payment
+    subscription.stop()
+    handlePaymentReceived(preimage)
+  }
+})
+```
+
+**Key Subscription Patterns:**
+- Use `closeOnEose: false` for real-time monitoring
+- Use `closeOnEose: true` for one-time historical fetch
+- Always call `subscription.stop()` in cleanup
+- Listen to both `'event'` and `'eose'` events
+- Filter events in the handler for specific conditions
+- Integrate with React Query for reactive UI updates
+
+### 6. User & Profile Handling
+
+#### Fetching User Profiles
+```typescript
+// From src/queries/profiles.tsx
+
+// By npub
+const user = ndk.getUser({ npub })
+const profile = await user.fetchProfile()
+// Returns NDKUserProfile with name, picture, about, etc.
+
+// By hex pubkey
+const user = ndk.getUser({ hexpubkey: pubkey })
+const profile = await user.fetchProfile()
+
+// By NIP-05 identifier
+const user = await ndk.getUserFromNip05('user@domain.com')
+if (user) {
+  const profile = await user.fetchProfile()
+}
+
+// Profile fields
+const name = profile?.name || profile?.displayName
+const avatar = profile?.picture || profile?.image
+const bio = profile?.about
+const nip05 = profile?.nip05
+const lud16 = profile?.lud16  // Lightning address
+```
+
+#### Getting Current User
+```typescript
+// Active user (authenticated)
+const user = ndk.activeUser
+
+// From signer
+const user = await ndk.signer?.user()
+
+// User properties
+const pubkey = user.pubkey  // Hex format
+const npub = user.npub      // NIP-19 encoded
+```
+
+### 7. NDK Event Object
+
+#### Essential Properties
+```typescript
+interface NDKEvent {
+  id: string                 // Event hash (after signing)
+  kind: number              // Event kind
+  content: string           // Event content
+  tags: NDKTag[]           // Array of tag arrays
+  created_at?: number      // Unix timestamp
+  pubkey?: string          // Author pubkey (after signing)
+  sig?: string             // Signature (after signing)
+  
+  // Methods
+  sign(signer?: NDKSigner): Promise<void>
+  publish(): Promise<void>
+  tagValue(tagName: string): string | undefined
+}
+
+type NDKTag = string[]  // e.g., ['p', pubkey, relay, petname]
+```
+
+#### Tag Helpers
+```typescript
+// Get first value of a tag
+const orderId = event.tagValue('order')
+const recipientPubkey = event.tagValue('p')
+
+// Find specific tag
+const paymentTag = event.tags.find(tag => tag[0] === 'payment')
+const preimage = paymentTag?.[3]
+
+// Get all tags of a type
+const pTags = event.tags.filter(tag => tag[0] === 'p')
+const allPubkeys = pTags.map(tag => tag[1])
+
+// Common tag patterns
+event.tags.push(['p', pubkey])                    // Mention
+event.tags.push(['e', eventId])                   // Reference event
+event.tags.push(['t', 'nostr'])                   // Hashtag
+event.tags.push(['d', identifier])                // Replaceable event ID
+event.tags.push(['a', '30402:pubkey:d-tag'])     // Addressable event reference
+```
+
+### 8. Parameterized Replaceable Events (NIP-33)
+
+Used for products, collections, profiles that need updates:
+
+```typescript
+// Product listing (kind 30402)
+const event = new NDKEvent(ndk)
+event.kind = 30402
+event.content = JSON.stringify(productDetails)
+event.tags = [
+  ['d', productSlug],          // Unique identifier
+  ['title', productName],
+  ['price', price, currency],
+  ['image', imageUrl],
+  ['shipping', shippingRef],
+]
+
+await event.sign()
+await event.publish()
+
+// Querying replaceable events
+const filter = {
+  kinds: [30402],
+  authors: [merchantPubkey],
+  '#d': [productSlug],  // Specific product
+}
+
+const events = await ndk.fetchEvents(filter)
+// Returns only the latest version due to replaceable nature
+```
+
+### 9. Relay Management
+
+#### Getting Relay Status
+```typescript
+// From src/lib/stores/ndk.ts
+const connectedRelays = Array.from(ndk.pool?.relays.values() || [])
+  .filter(relay => relay.status === 1)  // 1 = connected
+  .map(relay => relay.url)
+
+const outboxRelays = Array.from(ndk.outboxPool?.relays.values() || [])
+```
+
+#### Adding Relays
+```typescript
+// Add explicit relays
+ndk.addExplicitRelay('wss://relay.example.com')
+
+// Multiple relays
+const relays = ['wss://relay1.com', 'wss://relay2.com']
+relays.forEach(url => ndk.addExplicitRelay(url))
+```
+
+### 10. Common Patterns & Best Practices
+
+#### Null Safety
+```typescript
+// Always check NDK initialization
+const ndk = ndkActions.getNDK()
+if (!ndk) throw new Error('NDK not initialized')
+
+// Check signer before operations requiring auth
+const signer = ndk.signer
+if (!signer) throw new Error('No active signer')
+
+// Check user authentication
+const user = ndk.activeUser
+if (!user) throw new Error('Not authenticated')
+```
+
+#### Error Handling
+```typescript
+try {
+  const events = await ndk.fetchEvents(filter)
+  if (events.size === 0) {
+    return null  // No results found
+  }
+  return Array.from(events)
+} catch (error) {
+  console.error('Failed to fetch events:', error)
+  throw new Error('Could not fetch data from relays')
+}
+```
+
+#### Connection Lifecycle
+```typescript
+// Initialize once at app startup
+const ndk = new NDK({ explicitRelayUrls: relays })
+
+// Connect with timeout
+await Promise.race([
+  ndk.connect(),
+  new Promise((_, reject) => 
+    setTimeout(() => reject(new Error('Timeout')), 10000)
+  )
+])
+
+// Check connection status
+const isConnected = ndk.pool?.connectedRelays().length > 0
+
+// Reconnect if needed
+if (!isConnected) {
+  await ndk.connect()
+}
+```
+
+#### Subscription Cleanup
+```typescript
+// In React components
+useEffect(() => {
+  if (!ndk) return
+  
+  const sub = ndk.subscribe(filter, { closeOnEose: false })
+  
+  sub.on('event', handleEvent)
+  sub.on('eose', handleEose)
+  
+  // Critical: cleanup on unmount
+  return () => {
+    sub.stop()
+  }
+}, [dependencies])
+```
+
+#### Event Validation
+```typescript
+// Check required fields before processing
+if (!event.pubkey) {
+  console.error('Event missing pubkey')
+  return
+}
+
+if (!event.created_at) {
+  console.error('Event missing timestamp')
+  return
+}
+
+// Verify event age
+const now = Math.floor(Date.now() / 1000)
+const eventAge = now - (event.created_at || 0)
+if (eventAge > 86400) {  // Older than 24 hours
+  console.log('Event is old, skipping')
+  return
+}
+
+// Validate specific tags exist
+const orderId = event.tagValue('order')
+if (!orderId) {
+  console.error('Order event missing order ID')
+  return
+}
+```
+
+### 11. Common Event Kinds
+
+```typescript
+// NIP-01: Basic Events
+const KIND_METADATA = 0         // User profile
+const KIND_TEXT_NOTE = 1        // Short text note
+const KIND_RECOMMEND_RELAY = 2  // Relay recommendation
+
+// NIP-04: Encrypted Direct Messages
+const KIND_ENCRYPTED_DM = 4
+
+// NIP-25: Reactions
+const KIND_REACTION = 7
+
+// NIP-51: Lists
+const KIND_MUTE_LIST = 10000
+const KIND_PIN_LIST = 10001
+const KIND_RELAY_LIST = 10002
+
+// NIP-57: Lightning Zaps
+const KIND_ZAP_REQUEST = 9734
+const KIND_ZAP_RECEIPT = 9735
+
+// Marketplace (Plebeian/Gamma spec)
+const ORDER_PROCESS_KIND = 16      // Order processing
+const PAYMENT_RECEIPT_KIND = 17    // Payment receipts
+const DIRECT_MESSAGE_KIND = 14     // Direct messages
+const ORDER_GENERAL_KIND = 27      // General order events
+const SHIPPING_KIND = 30405        // Shipping options
+const PRODUCT_KIND = 30402         // Product listings
+const COLLECTION_KIND = 30401      // Product collections
+const REVIEW_KIND = 30407          // Product reviews
+
+// Application Handlers
+const APP_HANDLER_KIND = 31990     // NIP-89 app handlers
+```
+
+## Integration with TanStack Query
+
+NDK works excellently with TanStack Query for reactive data fetching:
+
+### Query Functions
+```typescript
+// From src/queries/products.tsx
+export const fetchProductsByPubkey = async (pubkey: string) => {
+  const ndk = ndkActions.getNDK()
+  if (!ndk) throw new Error('NDK not initialized')
+
+  const filter: NDKFilter = {
+    kinds: [30402],
+    authors: [pubkey],
+  }
+
+  const events = await ndk.fetchEvents(filter)
+  return Array.from(events).map(parseProductEvent)
+}
+
+export const useProductsByPubkey = (pubkey: string) => {
+  return useQuery({
+    queryKey: productKeys.byAuthor(pubkey),
+    queryFn: () => fetchProductsByPubkey(pubkey),
+    enabled: !!pubkey,
+    staleTime: 30000,
+  })
+}
+```
+
+### Combining Queries with Subscriptions
+```typescript
+// Query for initial data
+const { data: order, refetch } = useQuery({
+  queryKey: orderKeys.details(orderId),
+  queryFn: () => fetchOrderById(orderId),
+  enabled: !!orderId,
+})
+
+// Subscription for real-time updates
+useEffect(() => {
+  if (!orderId || !ndk) return
+
+  const sub = ndk.subscribe(
+    { kinds: [16, 17], '#order': [orderId] },
+    { closeOnEose: false }
+  )
+
+  sub.on('event', () => {
+    // Invalidate query to trigger refetch
+    queryClient.invalidateQueries({ 
+      queryKey: orderKeys.details(orderId) 
+    })
+  })
+
+  return () => sub.stop()
+}, [orderId, ndk, queryClient])
+```
+
+## Troubleshooting
+
+### Events Not Received
+- Check relay connections: `ndk.pool?.connectedRelays()`
+- Verify filter syntax (especially tag filters with `#` prefix)
+- Check event timestamps match filter's `since`/`until`
+- Ensure `closeOnEose: false` for real-time subscriptions
+
+### Signing Errors
+- Verify signer is initialized: `await signer.blockUntilReady()`
+- Check signer is set: `ndk.signer !== undefined`
+- For NIP-07, ensure browser extension is installed and enabled
+- For NIP-46, verify bunker URL and local signer are correct
+
+### Connection Timeouts
+- Implement connection timeout pattern shown above
+- Try connecting to fewer, more reliable relays initially
+- Use fallback relays in production
+
+### Duplicate Events
+- NDK deduplicates by event ID automatically
+- For subscriptions, track processed event IDs if needed
+- Use replaceable events (kinds 10000-19999, 30000-39999) when appropriate
+
+## Performance Optimization
+
+### Batching Queries
+```typescript
+// Instead of multiple fetchEvents calls
+const [products, orders, profiles] = await Promise.all([
+  ndk.fetchEvents(productFilter),
+  ndk.fetchEvents(orderFilter),
+  ndk.fetchEvents(profileFilter),
+])
+```
+
+### Limiting Results
+```typescript
+const filter = {
+  kinds: [1],
+  authors: [pubkey],
+  limit: 50,  // Limit results
+  since: recentTimestamp,  // Only recent events
+}
+```
+
+### Caching with React Query
+```typescript
+export const useProfile = (npub: string) => {
+  return useQuery({
+    queryKey: profileKeys.byNpub(npub),
+    queryFn: () => fetchProfileByNpub(npub),
+    staleTime: 5 * 60 * 1000,  // 5 minutes
+    cacheTime: 30 * 60 * 1000,  // 30 minutes
+    enabled: !!npub,
+  })
+}
+```
+
+## References
+
+- **NDK GitHub**: https://github.com/nostr-dev-kit/ndk
+- **NDK Documentation**: https://ndk.fyi
+- **Nostr NIPs**: https://github.com/nostr-protocol/nips
+- **Production Example**: Plebeian Market codebase
+
+## Key Files in This Codebase
+
+- `src/lib/stores/ndk.ts` - NDK store and initialization
+- `src/lib/stores/auth.ts` - Authentication with NDK signers
+- `src/queries/*.tsx` - Query patterns with NDK
+- `src/publish/*.tsx` - Event publishing patterns
+- `scripts/gen_*.ts` - Event creation examples
+
+---
+
+*This reference is based on NDK version used in production and real-world patterns from the Plebeian Market application.*
+

.claude/skills/ndk/quick-reference.md

@@ -0,0 +1,351 @@
+# NDK Quick Reference
+
+Fast lookup guide for common NDK tasks.
+
+## Quick Start
+
+```typescript
+import NDK from '@nostr-dev-kit/ndk'
+
+const ndk = new NDK({ explicitRelayUrls: ['wss://relay.damus.io'] })
+await ndk.connect()
+```
+
+## Authentication
+
+### Browser Extension (NIP-07)
+```typescript
+import { NDKNip07Signer } from '@nostr-dev-kit/ndk'
+const signer = new NDKNip07Signer()
+await signer.blockUntilReady()
+ndk.signer = signer
+```
+
+### Private Key
+```typescript
+import { NDKPrivateKeySigner } from '@nostr-dev-kit/ndk'
+const signer = new NDKPrivateKeySigner(privateKeyHex)
+await signer.blockUntilReady()
+ndk.signer = signer
+```
+
+### Remote Signer (NIP-46)
+```typescript
+import { NDKNip46Signer, NDKPrivateKeySigner } from '@nostr-dev-kit/ndk'
+const localSigner = new NDKPrivateKeySigner()
+const remoteSigner = new NDKNip46Signer(ndk, bunkerUrl, localSigner)
+await remoteSigner.blockUntilReady()
+ndk.signer = remoteSigner
+```
+
+## Publish Event
+
+```typescript
+import { NDKEvent } from '@nostr-dev-kit/ndk'
+
+const event = new NDKEvent(ndk)
+event.kind = 1
+event.content = "Hello Nostr!"
+event.tags = [['t', 'nostr']]
+
+await event.sign()
+await event.publish()
+```
+
+## Query Events (One-time)
+
+```typescript
+const events = await ndk.fetchEvents({
+  kinds: [1],
+  authors: [pubkey],
+  limit: 50
+})
+
+// Convert Set to Array
+const eventArray = Array.from(events)
+```
+
+## Subscribe (Real-time)
+
+```typescript
+const sub = ndk.subscribe(
+  { kinds: [1], authors: [pubkey] },
+  { closeOnEose: false }
+)
+
+sub.on('event', (event) => {
+  console.log('New event:', event.content)
+})
+
+// Cleanup
+sub.stop()
+```
+
+## Get User Profile
+
+```typescript
+// By npub
+const user = ndk.getUser({ npub })
+const profile = await user.fetchProfile()
+
+// By hex pubkey
+const user = ndk.getUser({ hexpubkey: pubkey })
+const profile = await user.fetchProfile()
+
+// By NIP-05
+const user = await ndk.getUserFromNip05('user@domain.com')
+const profile = await user?.fetchProfile()
+```
+
+## Common Filters
+
+```typescript
+// By author
+{ kinds: [1], authors: [pubkey] }
+
+// By tag
+{ kinds: [1], '#p': [pubkey] }
+{ kinds: [30402], '#d': [productSlug] }
+
+// By time
+{ 
+  kinds: [1], 
+  since: Math.floor(Date.now() / 1000) - 86400,  // Last 24h
+  until: Math.floor(Date.now() / 1000)
+}
+
+// By event ID
+{ ids: [eventId] }
+
+// Multiple conditions
+{
+  kinds: [16, 17],
+  '#order': [orderId],
+  since: timestamp,
+  limit: 100
+}
+```
+
+## Tag Helpers
+
+```typescript
+// Get first tag value
+const orderId = event.tagValue('order')
+
+// Find specific tag
+const tag = event.tags.find(t => t[0] === 'payment')
+const value = tag?.[1]
+
+// Get all of one type
+const pTags = event.tags.filter(t => t[0] === 'p')
+
+// Common tag formats
+['p', pubkey]                          // Mention
+['e', eventId]                         // Event reference
+['t', 'nostr']                         // Hashtag
+['d', identifier]                      // Replaceable ID
+['a', '30402:pubkey:d-tag']           // Addressable reference
+```
+
+## Error Handling Pattern
+
+```typescript
+const ndk = ndkActions.getNDK()
+if (!ndk) throw new Error('NDK not initialized')
+
+const signer = ndk.signer
+if (!signer) throw new Error('No active signer')
+
+try {
+  await event.publish()
+} catch (error) {
+  console.error('Publish failed:', error)
+  throw error
+}
+```
+
+## React Integration
+
+```typescript
+// Query function
+export const fetchProducts = async (pubkey: string) => {
+  const ndk = ndkActions.getNDK()
+  if (!ndk) throw new Error('NDK not initialized')
+  
+  const events = await ndk.fetchEvents({
+    kinds: [30402],
+    authors: [pubkey]
+  })
+  
+  return Array.from(events)
+}
+
+// React Query hook
+export const useProducts = (pubkey: string) => {
+  return useQuery({
+    queryKey: ['products', pubkey],
+    queryFn: () => fetchProducts(pubkey),
+    enabled: !!pubkey,
+  })
+}
+
+// Subscription in useEffect
+useEffect(() => {
+  if (!ndk || !orderId) return
+  
+  const sub = ndk.subscribe(
+    { kinds: [16], '#order': [orderId] },
+    { closeOnEose: false }
+  )
+  
+  sub.on('event', () => {
+    queryClient.invalidateQueries(['order', orderId])
+  })
+  
+  return () => sub.stop()
+}, [ndk, orderId, queryClient])
+```
+
+## Common Event Kinds
+
+```typescript
+0     // Metadata (profile)
+1     // Text note
+4     // Encrypted DM (NIP-04)
+7     // Reaction
+9735  // Zap receipt
+10000 // Mute list
+10002 // Relay list
+30402 // Product listing (Marketplace)
+31990 // App handler (NIP-89)
+```
+
+## Relay Management
+
+```typescript
+// Check connection
+const connected = ndk.pool?.connectedRelays().length > 0
+
+// Get connected relays
+const relays = Array.from(ndk.pool?.relays.values() || [])
+  .filter(r => r.status === 1)
+
+// Add relay
+ndk.addExplicitRelay('wss://relay.example.com')
+```
+
+## Connection with Timeout
+
+```typescript
+const connectWithTimeout = async (timeoutMs = 10000) => {
+  const connectPromise = ndk.connect()
+  const timeoutPromise = new Promise((_, reject) =>
+    setTimeout(() => reject(new Error('Timeout')), timeoutMs)
+  )
+  
+  await Promise.race([connectPromise, timeoutPromise])
+}
+```
+
+## Current User
+
+```typescript
+// Active user
+const user = ndk.activeUser
+
+// From signer
+const user = await ndk.signer?.user()
+
+// User info
+const pubkey = user.pubkey  // hex
+const npub = user.npub      // NIP-19
+```
+
+## Parameterized Replaceable Events
+
+```typescript
+// Create
+const event = new NDKEvent(ndk)
+event.kind = 30402
+event.content = JSON.stringify(data)
+event.tags = [
+  ['d', uniqueIdentifier],  // Required for replaceable
+  ['title', 'Product Name'],
+]
+
+await event.sign()
+await event.publish()
+
+// Query (returns latest only)
+const events = await ndk.fetchEvents({
+  kinds: [30402],
+  authors: [pubkey],
+  '#d': [identifier]
+})
+```
+
+## Validation Checks
+
+```typescript
+// Event age check
+const now = Math.floor(Date.now() / 1000)
+const age = now - (event.created_at || 0)
+if (age > 86400) console.log('Event older than 24h')
+
+// Required fields
+if (!event.pubkey || !event.created_at || !event.sig) {
+  throw new Error('Invalid event')
+}
+
+// Tag existence
+const orderId = event.tagValue('order')
+if (!orderId) throw new Error('Missing order tag')
+```
+
+## Performance Tips
+
+```typescript
+// Batch queries
+const [products, orders] = await Promise.all([
+  ndk.fetchEvents(productFilter),
+  ndk.fetchEvents(orderFilter)
+])
+
+// Limit results
+const filter = {
+  kinds: [1],
+  limit: 50,
+  since: recentTimestamp
+}
+
+// Cache with React Query
+const { data } = useQuery({
+  queryKey: ['profile', npub],
+  queryFn: () => fetchProfile(npub),
+  staleTime: 5 * 60 * 1000,  // 5 min
+})
+```
+
+## Debugging
+
+```typescript
+// Check NDK state
+console.log('Connected:', ndk.pool?.connectedRelays())
+console.log('Signer:', ndk.signer)
+console.log('Active user:', ndk.activeUser)
+
+// Event inspection
+console.log('Event ID:', event.id)
+console.log('Tags:', event.tags)
+console.log('Content:', event.content)
+console.log('Author:', event.pubkey)
+
+// Subscription events
+sub.on('event', e => console.log('Event:', e))
+sub.on('eose', () => console.log('End of stored events'))
+```
+
+---
+
+For detailed explanations and advanced patterns, see `ndk-skill.md`.
+

.claude/skills/ndk/troubleshooting.md

@@ -0,0 +1,530 @@
+# NDK Common Patterns & Troubleshooting
+
+Quick reference for common patterns and solutions to frequent NDK issues.
+
+## Common Patterns
+
+### Store-Based NDK Management
+
+```typescript
+// Store pattern (recommended for React apps)
+import { Store } from '@tanstack/store'
+
+interface NDKState {
+  ndk: NDK | null
+  isConnected: boolean
+  signer?: NDKSigner
+}
+
+const ndkStore = new Store<NDKState>({
+  ndk: null,
+  isConnected: false
+})
+
+export const ndkActions = {
+  initialize: () => {
+    const ndk = new NDK({ explicitRelayUrls: relays })
+    ndkStore.setState({ ndk })
+    return ndk
+  },
+  
+  getNDK: () => ndkStore.state.ndk,
+  
+  setSigner: (signer: NDKSigner) => {
+    const ndk = ndkStore.state.ndk
+    if (ndk) {
+      ndk.signer = signer
+      ndkStore.setState({ signer })
+    }
+  }
+}
+```
+
+### Query + Subscription Pattern
+
+```typescript
+// Initial data load + real-time updates
+function useOrdersWithRealtime(orderId: string) {
+  const queryClient = useQueryClient()
+  const ndk = ndkActions.getNDK()
+  
+  // Fetch initial data
+  const query = useQuery({
+    queryKey: ['orders', orderId],
+    queryFn: () => fetchOrders(orderId),
+  })
+  
+  // Subscribe to updates
+  useEffect(() => {
+    if (!ndk || !orderId) return
+    
+    const sub = ndk.subscribe(
+      { kinds: [16], '#order': [orderId] },
+      { closeOnEose: false }
+    )
+    
+    sub.on('event', () => {
+      queryClient.invalidateQueries(['orders', orderId])
+    })
+    
+    return () => sub.stop()
+  }, [ndk, orderId])
+  
+  return query
+}
+```
+
+### Event Parsing Pattern
+
+```typescript
+// Parse event tags into structured data
+function parseProductEvent(event: NDKEvent) {
+  const getTag = (name: string) => 
+    event.tags.find(t => t[0] === name)?.[1]
+  
+  const getAllTags = (name: string) =>
+    event.tags.filter(t => t[0] === name).map(t => t[1])
+  
+  return {
+    id: event.id,
+    slug: getTag('d'),
+    title: getTag('title'),
+    price: parseFloat(getTag('price') || '0'),
+    currency: event.tags.find(t => t[0] === 'price')?.[2] || 'USD',
+    images: getAllTags('image'),
+    shipping: getAllTags('shipping'),
+    description: event.content,
+    createdAt: event.created_at,
+    author: event.pubkey
+  }
+}
+```
+
+### Relay Pool Pattern
+
+```typescript
+// Separate NDK instances for different purposes
+const mainNdk = new NDK({
+  explicitRelayUrls: ['wss://relay.damus.io', 'wss://nos.lol']
+})
+
+const zapNdk = new NDK({
+  explicitRelayUrls: ['wss://relay.damus.io']  // Zap-optimized relays
+})
+
+const blossomNdk = new NDK({
+  explicitRelayUrls: ['wss://blossom.server.com']  // Media server
+})
+
+await Promise.all([
+  mainNdk.connect(),
+  zapNdk.connect(),
+  blossomNdk.connect()
+])
+```
+
+## Troubleshooting
+
+### Problem: Events Not Received
+
+**Symptoms:** Subscription doesn't receive events, fetchEvents returns empty Set
+
+**Solutions:**
+
+1. Check relay connection:
+```typescript
+const status = ndk.pool?.connectedRelays()
+console.log('Connected relays:', status?.length)
+if (status?.length === 0) {
+  await ndk.connect()
+}
+```
+
+2. Verify filter syntax (especially tags):
+```typescript
+// ❌ Wrong
+{ kinds: [16], 'order': [orderId] }
+
+// ✅ Correct (note the # prefix for tags)
+{ kinds: [16], '#order': [orderId] }
+```
+
+3. Check timestamps:
+```typescript
+// Events might be too old/new
+const now = Math.floor(Date.now() / 1000)
+const filter = {
+  kinds: [1],
+  since: now - 86400,  // Last 24 hours
+  until: now
+}
+```
+
+4. Ensure closeOnEose is correct:
+```typescript
+// For real-time updates
+ndk.subscribe(filter, { closeOnEose: false })
+
+// For one-time historical fetch
+ndk.subscribe(filter, { closeOnEose: true })
+```
+
+### Problem: "NDK not initialized"
+
+**Symptoms:** `ndk` is null/undefined
+
+**Solutions:**
+
+1. Initialize before use:
+```typescript
+// In app entry point
+const ndk = new NDK({ explicitRelayUrls: relays })
+await ndk.connect()
+```
+
+2. Add null checks:
+```typescript
+const ndk = ndkActions.getNDK()
+if (!ndk) throw new Error('NDK not initialized')
+```
+
+3. Use initialization guard:
+```typescript
+const ensureNDK = () => {
+  let ndk = ndkActions.getNDK()
+  if (!ndk) {
+    ndk = ndkActions.initialize()
+  }
+  return ndk
+}
+```
+
+### Problem: "No active signer" / Cannot Sign Events
+
+**Symptoms:** Event signing fails, publishing throws error
+
+**Solutions:**
+
+1. Check signer is set:
+```typescript
+if (!ndk.signer) {
+  throw new Error('Please login first')
+}
+```
+
+2. Ensure blockUntilReady called:
+```typescript
+const signer = new NDKNip07Signer()
+await signer.blockUntilReady()  // ← Critical!
+ndk.signer = signer
+```
+
+3. Handle NIP-07 unavailable:
+```typescript
+try {
+  const signer = new NDKNip07Signer()
+  await signer.blockUntilReady()
+  ndk.signer = signer
+} catch (error) {
+  console.error('Browser extension not available')
+  // Fallback to other auth method
+}
+```
+
+### Problem: Duplicate Events in Subscriptions
+
+**Symptoms:** Same event received multiple times
+
+**Solutions:**
+
+1. Track processed event IDs:
+```typescript
+const processedIds = new Set<string>()
+
+sub.on('event', (event) => {
+  if (processedIds.has(event.id)) return
+  processedIds.add(event.id)
+  handleEvent(event)
+})
+```
+
+2. Use Map for event storage:
+```typescript
+const [events, setEvents] = useState<Map<string, NDKEvent>>(new Map())
+
+sub.on('event', (event) => {
+  setEvents(prev => new Map(prev).set(event.id, event))
+})
+```
+
+### Problem: Connection Timeout
+
+**Symptoms:** connect() hangs, never resolves
+
+**Solutions:**
+
+1. Use timeout wrapper:
+```typescript
+const connectWithTimeout = async (ndk: NDK, ms = 10000) => {
+  await Promise.race([
+    ndk.connect(),
+    new Promise((_, reject) =>
+      setTimeout(() => reject(new Error('Timeout')), ms)
+    )
+  ])
+}
+```
+
+2. Try fewer relays:
+```typescript
+// Start with reliable relays only
+const reliableRelays = ['wss://relay.damus.io']
+const ndk = new NDK({ explicitRelayUrls: reliableRelays })
+```
+
+3. Add connection retry:
+```typescript
+const connectWithRetry = async (ndk: NDK, maxRetries = 3) => {
+  for (let i = 0; i < maxRetries; i++) {
+    try {
+      await connectWithTimeout(ndk, 10000)
+      return
+    } catch (error) {
+      console.log(`Retry ${i + 1}/${maxRetries}`)
+      if (i === maxRetries - 1) throw error
+    }
+  }
+}
+```
+
+### Problem: Subscription Memory Leak
+
+**Symptoms:** App gets slower, memory usage increases
+
+**Solutions:**
+
+1. Always stop subscriptions:
+```typescript
+useEffect(() => {
+  const sub = ndk.subscribe(filter, { closeOnEose: false })
+  
+  // ← CRITICAL: cleanup
+  return () => {
+    sub.stop()
+  }
+}, [dependencies])
+```
+
+2. Track active subscriptions:
+```typescript
+const activeSubscriptions = new Set<NDKSubscription>()
+
+const createSub = (filter: NDKFilter) => {
+  const sub = ndk.subscribe(filter, { closeOnEose: false })
+  activeSubscriptions.add(sub)
+  return sub
+}
+
+const stopAllSubs = () => {
+  activeSubscriptions.forEach(sub => sub.stop())
+  activeSubscriptions.clear()
+}
+```
+
+### Problem: Profile Not Found
+
+**Symptoms:** fetchProfile() returns null/undefined
+
+**Solutions:**
+
+1. Check different relays:
+```typescript
+// Add more relay URLs
+const ndk = new NDK({
+  explicitRelayUrls: [
+    'wss://relay.damus.io',
+    'wss://relay.nostr.band',
+    'wss://nos.lol'
+  ]
+})
+```
+
+2. Verify pubkey format:
+```typescript
+// Ensure correct format
+if (pubkey.startsWith('npub')) {
+  const user = ndk.getUser({ npub: pubkey })
+} else if (/^[0-9a-f]{64}$/.test(pubkey)) {
+  const user = ndk.getUser({ hexpubkey: pubkey })
+}
+```
+
+3. Handle missing profiles gracefully:
+```typescript
+const profile = await user.fetchProfile()
+const displayName = profile?.name || profile?.displayName || 'Anonymous'
+const avatar = profile?.picture || '/default-avatar.png'
+```
+
+### Problem: Events Published But Not Visible
+
+**Symptoms:** publish() succeeds but event not found in queries
+
+**Solutions:**
+
+1. Verify event was signed:
+```typescript
+await event.sign()
+console.log('Event ID:', event.id)  // Should be set
+console.log('Signature:', event.sig)  // Should exist
+```
+
+2. Check relay acceptance:
+```typescript
+const relays = await event.publish()
+console.log('Published to relays:', relays)
+```
+
+3. Query immediately after publish:
+```typescript
+await event.publish()
+
+// Wait a moment for relay propagation
+await new Promise(resolve => setTimeout(resolve, 1000))
+
+const found = await ndk.fetchEvents({ ids: [event.id] })
+console.log('Event found:', found.size > 0)
+```
+
+### Problem: NIP-46 Connection Fails
+
+**Symptoms:** Remote signer connection times out or fails
+
+**Solutions:**
+
+1. Verify bunker URL format:
+```typescript
+// Correct format: bunker://<remote-pubkey>?relay=wss://...
+const isValidBunkerUrl = (url: string) => {
+  return url.startsWith('bunker://') && url.includes('?relay=')
+}
+```
+
+2. Ensure local signer is ready:
+```typescript
+const localSigner = new NDKPrivateKeySigner(privateKey)
+await localSigner.blockUntilReady()
+
+const remoteSigner = new NDKNip46Signer(ndk, bunkerUrl, localSigner)
+await remoteSigner.blockUntilReady()
+```
+
+3. Store credentials for reconnection:
+```typescript
+// Save for future sessions
+localStorage.setItem('local-signer-key', localSigner.privateKey)
+localStorage.setItem('bunker-url', bunkerUrl)
+```
+
+## Performance Tips
+
+### Optimize Queries
+
+```typescript
+// ❌ Slow: Multiple sequential queries
+const products = await ndk.fetchEvents({ kinds: [30402], authors: [pk1] })
+const orders = await ndk.fetchEvents({ kinds: [16], authors: [pk1] })
+const profiles = await ndk.fetchEvents({ kinds: [0], authors: [pk1] })
+
+// ✅ Fast: Parallel queries
+const [products, orders, profiles] = await Promise.all([
+  ndk.fetchEvents({ kinds: [30402], authors: [pk1] }),
+  ndk.fetchEvents({ kinds: [16], authors: [pk1] }),
+  ndk.fetchEvents({ kinds: [0], authors: [pk1] })
+])
+```
+
+### Cache Profile Lookups
+
+```typescript
+const profileCache = new Map<string, NDKUserProfile>()
+
+const getCachedProfile = async (ndk: NDK, pubkey: string) => {
+  if (profileCache.has(pubkey)) {
+    return profileCache.get(pubkey)!
+  }
+  
+  const user = ndk.getUser({ hexpubkey: pubkey })
+  const profile = await user.fetchProfile()
+  if (profile) {
+    profileCache.set(pubkey, profile)
+  }
+  
+  return profile
+}
+```
+
+### Limit Result Sets
+
+```typescript
+// Always use limit to prevent over-fetching
+const filter: NDKFilter = {
+  kinds: [1],
+  authors: [pubkey],
+  limit: 50  // ← Important!
+}
+```
+
+### Debounce Subscription Updates
+
+```typescript
+import { debounce } from 'lodash'
+
+const debouncedUpdate = debounce((event: NDKEvent) => {
+  handleEvent(event)
+}, 300)
+
+sub.on('event', debouncedUpdate)
+```
+
+## Testing Tips
+
+### Mock NDK in Tests
+
+```typescript
+const mockNDK = {
+  fetchEvents: vi.fn().mockResolvedValue(new Set()),
+  subscribe: vi.fn().mockReturnValue({
+    on: vi.fn(),
+    stop: vi.fn()
+  }),
+  signer: {
+    user: vi.fn().mockResolvedValue({ pubkey: 'test-pubkey' })
+  }
+} as unknown as NDK
+```
+
+### Test Event Creation
+
+```typescript
+const createTestEvent = (overrides?: Partial<NDKEvent>): NDKEvent => {
+  return {
+    id: 'test-id',
+    kind: 1,
+    content: 'test content',
+    tags: [],
+    created_at: Math.floor(Date.now() / 1000),
+    pubkey: 'test-pubkey',
+    sig: 'test-sig',
+    ...overrides
+  } as NDKEvent
+}
+```
+
+---
+
+For more detailed information, see:
+- `ndk-skill.md` - Complete reference
+- `quick-reference.md` - Quick lookup
+- `examples/` - Code examples
+

.claude/skills/nostr-websocket/SKILL.md

@@ -0,0 +1,978 @@
+---
+name: nostr-websocket
+description: This skill should be used when implementing, debugging, or discussing WebSocket connections for Nostr relays. Provides comprehensive knowledge of RFC 6455 WebSocket protocol, production-ready implementation patterns in Go (khatru), C++ (strfry), and Rust (nostr-rs-relay), including connection lifecycle, message framing, subscription management, and performance optimization techniques specific to Nostr relay operations.
+---
+
+# Nostr WebSocket Programming
+
+## Overview
+
+Implement robust, high-performance WebSocket connections for Nostr relays following RFC 6455 specifications and battle-tested production patterns. This skill provides comprehensive guidance on WebSocket protocol fundamentals, connection management, message handling, and language-specific implementation strategies using proven codebases.
+
+## Core WebSocket Protocol (RFC 6455)
+
+### Connection Upgrade Handshake
+
+The WebSocket connection begins with an HTTP upgrade request:
+
+**Client Request Headers:**
+- `Upgrade: websocket` - Required
+- `Connection: Upgrade` - Required
+- `Sec-WebSocket-Key` - 16-byte random value, base64-encoded
+- `Sec-WebSocket-Version: 13` - Required
+- `Origin` - Required for browser clients (security)
+
+**Server Response (HTTP 101):**
+- `HTTP/1.1 101 Switching Protocols`
+- `Upgrade: websocket`
+- `Connection: Upgrade`
+- `Sec-WebSocket-Accept` - SHA-1(client_key + "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"), base64-encoded
+
+**Security validation:** Always verify the `Sec-WebSocket-Accept` value matches expected computation. Reject connections with missing or incorrect values.
+
+### Frame Structure
+
+WebSocket frames use binary encoding with variable-length fields:
+
+**Header (minimum 2 bytes):**
+- **FIN bit** (1 bit) - Final fragment indicator
+- **RSV1-3** (3 bits) - Reserved for extensions (must be 0)
+- **Opcode** (4 bits) - Frame type identifier
+- **MASK bit** (1 bit) - Payload masking indicator
+- **Payload length** (7, 7+16, or 7+64 bits) - Variable encoding
+
+**Payload length encoding:**
+- 0-125: Direct 7-bit value
+- 126: Next 16 bits contain length
+- 127: Next 64 bits contain length
+
+### Frame Opcodes
+
+**Data Frames:**
+- `0x0` - Continuation frame
+- `0x1` - Text frame (UTF-8)
+- `0x2` - Binary frame
+
+**Control Frames:**
+- `0x8` - Connection close
+- `0x9` - Ping
+- `0xA` - Pong
+
+**Control frame constraints:**
+- Maximum 125-byte payload
+- Cannot be fragmented
+- Must be processed immediately
+
+### Masking Requirements
+
+**Critical security requirement:**
+- Client-to-server frames MUST be masked
+- Server-to-client frames MUST NOT be masked
+- Masking uses XOR with 4-byte random key
+- Prevents cache poisoning and intermediary attacks
+
+**Masking algorithm:**
+```
+transformed[i] = original[i] XOR masking_key[i MOD 4]
+```
+
+### Ping/Pong Keep-Alive
+
+**Purpose:** Detect broken connections and maintain NAT traversal
+
+**Pattern:**
+1. Either endpoint sends Ping (0x9) with optional payload
+2. Recipient responds with Pong (0xA) containing identical payload
+3. Implement timeouts to detect unresponsive connections
+
+**Nostr relay recommendations:**
+- Send pings every 30-60 seconds
+- Timeout after 60-120 seconds without pong response
+- Close connections exceeding timeout threshold
+
+### Close Handshake
+
+**Initiation:** Either peer sends Close frame (0x8)
+
+**Close frame structure:**
+- Optional 2-byte status code
+- Optional UTF-8 reason string
+
+**Common status codes:**
+- `1000` - Normal closure
+- `1001` - Going away (server shutdown/navigation)
+- `1002` - Protocol error
+- `1003` - Unsupported data type
+- `1006` - Abnormal closure (no close frame)
+- `1011` - Server error
+
+**Proper shutdown sequence:**
+1. Initiator sends Close frame
+2. Recipient responds with Close frame
+3. Both close TCP connection
+
+## Nostr Relay WebSocket Architecture
+
+### Message Flow Overview
+
+```
+Client                    Relay
+  |                         |
+  |--- HTTP Upgrade ------->|
+  |<-- 101 Switching -------|
+  |                         |
+  |--- ["EVENT", {...}] --->|  (Validate, store, broadcast)
+  |<-- ["OK", id, ...] -----|
+  |                         |
+  |--- ["REQ", id, {...}]-->|  (Query + subscribe)
+  |<-- ["EVENT", id, {...}]-|  (Stored events)
+  |<-- ["EOSE", id] --------|  (End of stored)
+  |<-- ["EVENT", id, {...}]-|  (Real-time events)
+  |                         |
+  |--- ["CLOSE", id] ------>|  (Unsubscribe)
+  |                         |
+  |--- Close Frame -------->|
+  |<-- Close Frame ---------|
+```
+
+### Critical Concurrency Considerations
+
+**Write concurrency:** WebSocket libraries panic/error on concurrent writes. Always protect writes with:
+- Mutex locks (Go, C++)
+- Single-writer goroutine/thread pattern
+- Message queue with dedicated sender
+
+**Read concurrency:** Concurrent reads generally allowed but not useful - implement single reader loop per connection.
+
+**Subscription management:** Concurrent access to subscription maps requires synchronization or lock-free data structures.
+
+## Language-Specific Implementation Patterns
+
+### Go Implementation (khatru-style)
+
+**Recommended library:** `github.com/fasthttp/websocket`
+
+**Connection structure:**
+```go
+type WebSocket struct {
+    conn   *websocket.Conn
+    mutex  sync.Mutex          // Protects writes
+
+    Request *http.Request      // Original HTTP request
+    Context context.Context    // Cancellation context
+    cancel  context.CancelFunc
+
+    // NIP-42 authentication
+    Challenge       string
+    AuthedPublicKey string
+
+    // Concurrent session management
+    negentropySessions *xsync.MapOf[string, *NegentropySession]
+}
+
+// Thread-safe write
+func (ws *WebSocket) WriteJSON(v any) error {
+    ws.mutex.Lock()
+    defer ws.mutex.Unlock()
+    return ws.conn.WriteJSON(v)
+}
+```
+
+**Lifecycle pattern (dual goroutines):**
+```go
+// Read goroutine
+go func() {
+    defer cleanup()
+
+    ws.conn.SetReadLimit(maxMessageSize)
+    ws.conn.SetReadDeadline(time.Now().Add(pongWait))
+    ws.conn.SetPongHandler(func(string) error {
+        ws.conn.SetReadDeadline(time.Now().Add(pongWait))
+        return nil
+    })
+
+    for {
+        typ, msg, err := ws.conn.ReadMessage()
+        if err != nil {
+            return  // Connection closed
+        }
+
+        if typ == websocket.PingMessage {
+            ws.WriteMessage(websocket.PongMessage, nil)
+            continue
+        }
+
+        // Parse and handle message in separate goroutine
+        go handleMessage(msg)
+    }
+}()
+
+// Write/ping goroutine
+go func() {
+    defer cleanup()
+    ticker := time.NewTicker(pingPeriod)
+    defer ticker.Stop()
+
+    for {
+        select {
+        case <-ctx.Done():
+            return
+        case <-ticker.C:
+            if err := ws.WriteMessage(websocket.PingMessage, nil); err != nil {
+                return
+            }
+        }
+    }
+}()
+```
+
+**Key patterns:**
+- **Mutex-protected writes** - Prevent concurrent write panics
+- **Context-based lifecycle** - Clean cancellation hierarchy
+- **Swap-delete for subscriptions** - O(1) removal from listener arrays
+- **Zero-copy string conversion** - `unsafe.String()` for message parsing
+- **Goroutine-per-message** - Sequential parsing, concurrent handling
+- **Hook-based extensibility** - Plugin architecture without core modifications
+
+**Configuration constants:**
+```go
+WriteWait:      10 * time.Second   // Write timeout
+PongWait:       60 * time.Second   // Pong timeout
+PingPeriod:     30 * time.Second   // Ping interval (< PongWait)
+MaxMessageSize: 512000             // 512 KB limit
+```
+
+**Subscription management:**
+```go
+type listenerSpec struct {
+    id       string
+    cancel   context.CancelCauseFunc
+    index    int
+    subrelay *Relay
+}
+
+// Efficient removal with swap-delete
+func (rl *Relay) removeListenerId(ws *WebSocket, id string) {
+    rl.clientsMutex.Lock()
+    defer rl.clientsMutex.Unlock()
+
+    if specs, ok := rl.clients[ws]; ok {
+        for i := len(specs) - 1; i >= 0; i-- {
+            if specs[i].id == id {
+                specs[i].cancel(ErrSubscriptionClosedByClient)
+                specs[i] = specs[len(specs)-1]
+                specs = specs[:len(specs)-1]
+                rl.clients[ws] = specs
+                break
+            }
+        }
+    }
+}
+```
+
+For detailed khatru implementation examples, see [references/khatru_implementation.md](references/khatru_implementation.md).
+
+### C++ Implementation (strfry-style)
+
+**Recommended library:** Custom fork of `uWebSockets` with epoll
+
+**Architecture highlights:**
+- Single-threaded I/O using epoll for connection multiplexing
+- Thread pool architecture: 6 specialized pools (WebSocket, Ingester, Writer, ReqWorker, ReqMonitor, Negentropy)
+- "Shared nothing" message-passing design eliminates lock contention
+- Deterministic thread assignment: `connId % numThreads`
+
+**Connection structure:**
+```cpp
+struct ConnectionState {
+    uint64_t connId;
+    std::string remoteAddr;
+    flat_str subId;              // Subscription ID
+    std::shared_ptr<Subscription> sub;
+    PerMessageDeflate pmd;       // Compression state
+    uint64_t latestEventSent = 0;
+
+    // Message parsing state
+    secp256k1_context *secpCtx;
+    std::string parseBuffer;
+};
+```
+
+**Message handling pattern:**
+```cpp
+// WebSocket message callback
+ws->onMessage([=](std::string_view msg, uWS::OpCode opCode) {
+    // Reuse buffer to avoid allocations
+    state->parseBuffer.assign(msg.data(), msg.size());
+
+    try {
+        auto json = nlohmann::json::parse(state->parseBuffer);
+        auto cmdStr = json[0].get<std::string>();
+
+        if (cmdStr == "EVENT") {
+            // Send to Ingester thread pool
+            auto packed = MsgIngester::Message(connId, std::move(json));
+            tpIngester->dispatchToThread(connId, std::move(packed));
+        }
+        else if (cmdStr == "REQ") {
+            // Send to ReqWorker thread pool
+            auto packed = MsgReq::Message(connId, std::move(json));
+            tpReqWorker->dispatchToThread(connId, std::move(packed));
+        }
+    } catch (std::exception &e) {
+        sendNotice("Error: " + std::string(e.what()));
+    }
+});
+```
+
+**Critical performance optimizations:**
+
+1. **Event batching** - Serialize event JSON once, reuse for thousands of subscribers:
+```cpp
+// Single serialization
+std::string eventJson = event.toJson();
+
+// Broadcast to all matching subscriptions
+for (auto &[connId, sub] : activeSubscriptions) {
+    if (sub->matches(event)) {
+        sendToConnection(connId, eventJson);  // Reuse serialized JSON
+    }
+}
+```
+
+2. **Move semantics** - Zero-copy message passing:
+```cpp
+tpIngester->dispatchToThread(connId, std::move(message));
+```
+
+3. **Pre-allocated buffers** - Single reusable buffer per connection:
+```cpp
+state->parseBuffer.assign(msg.data(), msg.size());
+```
+
+4. **std::variant dispatch** - Type-safe without virtual function overhead:
+```cpp
+std::variant<MsgReq, MsgIngester, MsgWriter> message;
+std::visit([](auto&& msg) { msg.handle(); }, message);
+```
+
+For detailed strfry implementation examples, see [references/strfry_implementation.md](references/strfry_implementation.md).
+
+### Rust Implementation (nostr-rs-relay-style)
+
+**Recommended libraries:**
+- `tokio-tungstenite 0.17` - Async WebSocket support
+- `tokio 1.x` - Async runtime
+- `serde_json` - Message parsing
+
+**WebSocket configuration:**
+```rust
+let config = WebSocketConfig {
+    max_send_queue: Some(1024),
+    max_message_size: settings.limits.max_ws_message_bytes,
+    max_frame_size: settings.limits.max_ws_frame_bytes,
+    ..Default::default()
+};
+
+let ws_stream = WebSocketStream::from_raw_socket(
+    upgraded,
+    Role::Server,
+    Some(config),
+).await;
+```
+
+**Connection state:**
+```rust
+pub struct ClientConn {
+    client_ip_addr: String,
+    client_id: Uuid,
+    subscriptions: HashMap<String, Subscription>,
+    max_subs: usize,
+    auth: Nip42AuthState,
+}
+
+pub enum Nip42AuthState {
+    NoAuth,
+    Challenge(String),
+    AuthPubkey(String),
+}
+```
+
+**Async message loop with tokio::select!:**
+```rust
+async fn nostr_server(
+    repo: Arc<dyn NostrRepo>,
+    mut ws_stream: WebSocketStream<Upgraded>,
+    broadcast: Sender<Event>,
+    mut shutdown: Receiver<()>,
+) {
+    let mut conn = ClientConn::new(client_ip);
+    let mut bcast_rx = broadcast.subscribe();
+    let mut ping_interval = tokio::time::interval(Duration::from_secs(300));
+
+    loop {
+        tokio::select! {
+            // Handle shutdown
+            _ = shutdown.recv() => { break; }
+
+            // Send periodic pings
+            _ = ping_interval.tick() => {
+                ws_stream.send(Message::Ping(Vec::new())).await.ok();
+            }
+
+            // Handle broadcast events (real-time)
+            Ok(event) = bcast_rx.recv() => {
+                for (id, sub) in conn.subscriptions() {
+                    if sub.interested_in_event(&event) {
+                        let msg = format!("[\"EVENT\",\"{}\",{}]", id,
+                                         serde_json::to_string(&event)?);
+                        ws_stream.send(Message::Text(msg)).await.ok();
+                    }
+                }
+            }
+
+            // Handle incoming client messages
+            Some(result) = ws_stream.next() => {
+                match result {
+                    Ok(Message::Text(msg)) => {
+                        handle_nostr_message(&msg, &mut conn).await;
+                    }
+                    Ok(Message::Binary(_)) => {
+                        send_notice("binary messages not accepted").await;
+                    }
+                    Ok(Message::Ping(_) | Message::Pong(_)) => {
+                        continue;  // Auto-handled by tungstenite
+                    }
+                    Ok(Message::Close(_)) | Err(_) => {
+                        break;
+                    }
+                    _ => {}
+                }
+            }
+        }
+    }
+}
+```
+
+**Subscription filtering:**
+```rust
+pub struct ReqFilter {
+    pub ids: Option<Vec<String>>,
+    pub kinds: Option<Vec<u64>>,
+    pub since: Option<u64>,
+    pub until: Option<u64>,
+    pub authors: Option<Vec<String>>,
+    pub limit: Option<u64>,
+    pub tags: Option<HashMap<char, HashSet<String>>>,
+}
+
+impl ReqFilter {
+    pub fn interested_in_event(&self, event: &Event) -> bool {
+        self.ids_match(event)
+            && self.since.map_or(true, |t| event.created_at >= t)
+            && self.until.map_or(true, |t| event.created_at <= t)
+            && self.kind_match(event.kind)
+            && self.authors_match(event)
+            && self.tag_match(event)
+    }
+
+    fn ids_match(&self, event: &Event) -> bool {
+        self.ids.as_ref()
+            .map_or(true, |ids| ids.iter().any(|id| event.id.starts_with(id)))
+    }
+}
+```
+
+**Error handling:**
+```rust
+match ws_stream.next().await {
+    Some(Ok(Message::Text(msg))) => { /* handle */ }
+
+    Some(Err(WsError::Capacity(MessageTooLong{size, max_size}))) => {
+        send_notice(&format!("message too large ({} > {})", size, max_size)).await;
+        continue;
+    }
+
+    None | Some(Ok(Message::Close(_))) => {
+        info!("client closed connection");
+        break;
+    }
+
+    Some(Err(WsError::Io(e))) => {
+        warn!("IO error: {:?}", e);
+        break;
+    }
+
+    _ => { break; }
+}
+```
+
+For detailed Rust implementation examples, see [references/rust_implementation.md](references/rust_implementation.md).
+
+## Common Implementation Patterns
+
+### Pattern 1: Dual Goroutine/Task Architecture
+
+**Purpose:** Separate read and write concerns, enable ping/pong management
+
+**Structure:**
+- **Reader goroutine/task:** Blocks on `ReadMessage()`, handles incoming frames
+- **Writer goroutine/task:** Sends periodic pings, processes outgoing message queue
+
+**Benefits:**
+- Natural separation of concerns
+- Ping timer doesn't block message processing
+- Clean shutdown coordination via context/channels
+
+### Pattern 2: Subscription Lifecycle
+
+**Create subscription (REQ):**
+1. Parse filter from client message
+2. Query database for matching stored events
+3. Send stored events to client
+4. Send EOSE (End of Stored Events)
+5. Add subscription to active listeners for real-time events
+
+**Handle real-time event:**
+1. Check all active subscriptions
+2. For each matching subscription:
+   - Apply filter matching logic
+   - Send EVENT message to client
+3. Track broadcast count for monitoring
+
+**Close subscription (CLOSE):**
+1. Find subscription by ID
+2. Cancel subscription context
+3. Remove from active listeners
+4. Clean up resources
+
+### Pattern 3: Write Serialization
+
+**Problem:** Concurrent writes cause panics/errors in WebSocket libraries
+
+**Solutions:**
+
+**Mutex approach (Go, C++):**
+```go
+func (ws *WebSocket) WriteJSON(v any) error {
+    ws.mutex.Lock()
+    defer ws.mutex.Unlock()
+    return ws.conn.WriteJSON(v)
+}
+```
+
+**Single-writer goroutine (Alternative):**
+```go
+type writeMsg struct {
+    data []byte
+    done chan error
+}
+
+go func() {
+    for msg := range writeChan {
+        msg.done <- ws.conn.WriteMessage(websocket.TextMessage, msg.data)
+    }
+}()
+```
+
+### Pattern 4: Connection Cleanup
+
+**Essential cleanup steps:**
+1. Cancel all subscription contexts
+2. Stop ping ticker/interval
+3. Remove connection from active clients map
+4. Close WebSocket connection
+5. Close TCP connection
+6. Log connection statistics
+
+**Go cleanup function:**
+```go
+kill := func() {
+    // Cancel contexts
+    cancel()
+    ws.cancel()
+
+    // Stop timers
+    ticker.Stop()
+
+    // Remove from tracking
+    rl.removeClientAndListeners(ws)
+
+    // Close connection
+    ws.conn.Close()
+
+    // Trigger hooks
+    for _, ondisconnect := range rl.OnDisconnect {
+        ondisconnect(ctx)
+    }
+}
+defer kill()
+```
+
+### Pattern 5: Event Broadcasting Optimization
+
+**Naive approach (inefficient):**
+```go
+// DON'T: Serialize for each subscriber
+for _, listener := range listeners {
+    if listener.filter.Matches(event) {
+        json := serializeEvent(event)  // Repeated work!
+        listener.ws.WriteJSON(json)
+    }
+}
+```
+
+**Optimized approach:**
+```go
+// DO: Serialize once, reuse for all subscribers
+eventJSON, err := json.Marshal(event)
+if err != nil {
+    return
+}
+
+for _, listener := range listeners {
+    if listener.filter.Matches(event) {
+        listener.ws.WriteMessage(websocket.TextMessage, eventJSON)
+    }
+}
+```
+
+**Savings:** For 1000 subscribers, reduces 1000 JSON serializations to 1.
+
+## Security Considerations
+
+### Origin Validation
+
+Always validate the `Origin` header for browser-based clients:
+
+```go
+upgrader := websocket.Upgrader{
+    CheckOrigin: func(r *http.Request) bool {
+        origin := r.Header.Get("Origin")
+        return isAllowedOrigin(origin)  // Implement allowlist
+    },
+}
+```
+
+**Default behavior:** Most libraries reject all cross-origin connections. Override with caution.
+
+### Rate Limiting
+
+Implement rate limits for:
+- Connection establishment (per IP)
+- Message throughput (per connection)
+- Subscription creation (per connection)
+- Event publication (per connection, per pubkey)
+
+```go
+// Example: Connection rate limiting
+type rateLimiter struct {
+    connections map[string]*rate.Limiter
+    mu          sync.Mutex
+}
+
+func (rl *Relay) checkRateLimit(ip string) bool {
+    limiter := rl.rateLimiter.getLimiter(ip)
+    return limiter.Allow()
+}
+```
+
+### Message Size Limits
+
+Configure limits to prevent memory exhaustion:
+
+```go
+ws.conn.SetReadLimit(maxMessageSize)  // e.g., 512 KB
+```
+
+```rust
+max_message_size: Some(512_000),
+max_frame_size: Some(16_384),
+```
+
+### Subscription Limits
+
+Prevent resource exhaustion:
+- Max subscriptions per connection (typically 10-20)
+- Max subscription ID length (prevent hash collision attacks)
+- Require specific filters (prevent full database scans)
+
+```rust
+const MAX_SUBSCRIPTION_ID_LEN: usize = 256;
+const MAX_SUBS_PER_CLIENT: usize = 20;
+
+if subscriptions.len() >= MAX_SUBS_PER_CLIENT {
+    return Err(Error::SubMaxExceededError);
+}
+```
+
+### Authentication (NIP-42)
+
+Implement challenge-response authentication:
+
+1. **Generate challenge on connect:**
+```go
+challenge := make([]byte, 8)
+rand.Read(challenge)
+ws.Challenge = hex.EncodeToString(challenge)
+```
+
+2. **Send AUTH challenge when required:**
+```json
+["AUTH", "<challenge>"]
+```
+
+3. **Validate AUTH event:**
+```go
+func validateAuthEvent(event *Event, challenge, relayURL string) bool {
+    // Check kind 22242
+    if event.Kind != 22242 { return false }
+
+    // Check challenge in tags
+    if !hasTag(event, "challenge", challenge) { return false }
+
+    // Check relay URL
+    if !hasTag(event, "relay", relayURL) { return false }
+
+    // Check timestamp (within 10 minutes)
+    if abs(time.Now().Unix() - event.CreatedAt) > 600 { return false }
+
+    // Verify signature
+    return event.CheckSignature()
+}
+```
+
+## Performance Optimization Techniques
+
+### 1. Connection Pooling
+
+Reuse connections for database queries:
+```go
+db, _ := sql.Open("postgres", dsn)
+db.SetMaxOpenConns(25)
+db.SetMaxIdleConns(5)
+db.SetConnMaxLifetime(5 * time.Minute)
+```
+
+### 2. Event Caching
+
+Cache frequently accessed events:
+```go
+type EventCache struct {
+    cache *lru.Cache
+    mu    sync.RWMutex
+}
+
+func (ec *EventCache) Get(id string) (*Event, bool) {
+    ec.mu.RLock()
+    defer ec.mu.RUnlock()
+    if val, ok := ec.cache.Get(id); ok {
+        return val.(*Event), true
+    }
+    return nil, false
+}
+```
+
+### 3. Batch Database Queries
+
+Execute queries concurrently for multi-filter subscriptions:
+```go
+var wg sync.WaitGroup
+for _, filter := range filters {
+    wg.Add(1)
+    go func(f Filter) {
+        defer wg.Done()
+        events := queryDatabase(f)
+        sendEvents(events)
+    }(filter)
+}
+wg.Wait()
+sendEOSE()
+```
+
+### 4. Compression (permessage-deflate)
+
+Enable WebSocket compression for text frames:
+```go
+upgrader := websocket.Upgrader{
+    EnableCompression: true,
+}
+```
+
+**Typical savings:** 60-80% bandwidth reduction for JSON messages
+
+**Trade-off:** Increased CPU usage (usually worthwhile)
+
+### 5. Monitoring and Metrics
+
+Track key performance indicators:
+- Connections (active, total, per IP)
+- Messages (received, sent, per type)
+- Events (stored, broadcast, per second)
+- Subscriptions (active, per connection)
+- Query latency (p50, p95, p99)
+- Database pool utilization
+
+```go
+// Prometheus-style metrics
+type Metrics struct {
+    Connections    prometheus.Gauge
+    MessagesRecv   prometheus.Counter
+    MessagesSent   prometheus.Counter
+    EventsStored   prometheus.Counter
+    QueryDuration  prometheus.Histogram
+}
+```
+
+## Testing WebSocket Implementations
+
+### Unit Testing
+
+Test individual components in isolation:
+
+```go
+func TestFilterMatching(t *testing.T) {
+    filter := Filter{
+        Kinds: []int{1, 3},
+        Authors: []string{"abc123"},
+    }
+
+    event := &Event{
+        Kind: 1,
+        PubKey: "abc123",
+    }
+
+    if !filter.Matches(event) {
+        t.Error("Expected filter to match event")
+    }
+}
+```
+
+### Integration Testing
+
+Test WebSocket connection handling:
+
+```go
+func TestWebSocketConnection(t *testing.T) {
+    // Start test server
+    server := startTestRelay(t)
+    defer server.Close()
+
+    // Connect client
+    ws, _, err := websocket.DefaultDialer.Dial(server.URL, nil)
+    if err != nil {
+        t.Fatalf("Failed to connect: %v", err)
+    }
+    defer ws.Close()
+
+    // Send REQ
+    req := `["REQ","test",{"kinds":[1]}]`
+    if err := ws.WriteMessage(websocket.TextMessage, []byte(req)); err != nil {
+        t.Fatalf("Failed to send REQ: %v", err)
+    }
+
+    // Read EOSE
+    _, msg, err := ws.ReadMessage()
+    if err != nil {
+        t.Fatalf("Failed to read message: %v", err)
+    }
+
+    if !strings.Contains(string(msg), "EOSE") {
+        t.Errorf("Expected EOSE, got: %s", msg)
+    }
+}
+```
+
+### Load Testing
+
+Use tools like `websocat` or custom scripts:
+
+```bash
+# Connect 1000 concurrent clients
+for i in {1..1000}; do
+    (websocat "ws://localhost:8080" <<< '["REQ","test",{"kinds":[1]}]' &)
+done
+```
+
+Monitor server metrics during load testing:
+- CPU usage
+- Memory consumption
+- Connection count
+- Message throughput
+- Database query rate
+
+## Debugging and Troubleshooting
+
+### Common Issues
+
+**1. Concurrent write panic/error**
+
+**Symptom:** `concurrent write to websocket connection` error
+
+**Solution:** Ensure all writes protected by mutex or use single-writer pattern
+
+**2. Connection timeouts**
+
+**Symptom:** Connections close after 60 seconds
+
+**Solution:** Implement ping/pong mechanism properly:
+```go
+ws.SetPongHandler(func(string) error {
+    ws.SetReadDeadline(time.Now().Add(pongWait))
+    return nil
+})
+```
+
+**3. Memory leaks**
+
+**Symptom:** Memory usage grows over time
+
+**Common causes:**
+- Subscriptions not removed on disconnect
+- Event channels not closed
+- Goroutines not terminated
+
+**Solution:** Ensure cleanup function called on disconnect
+
+**4. Slow subscription queries**
+
+**Symptom:** EOSE delayed by seconds
+
+**Solution:**
+- Add database indexes on filtered columns
+- Implement query timeouts
+- Consider caching frequently accessed events
+
+### Logging Best Practices
+
+Log critical events with context:
+
+```go
+log.Printf(
+    "connection closed: cid=%s ip=%s duration=%v sent=%d recv=%d",
+    conn.ID,
+    conn.IP,
+    time.Since(conn.ConnectedAt),
+    conn.EventsSent,
+    conn.EventsRecv,
+)
+```
+
+Use log levels appropriately:
+- **DEBUG:** Message parsing, filter matching
+- **INFO:** Connection lifecycle, subscription changes
+- **WARN:** Rate limit violations, invalid messages
+- **ERROR:** Database errors, unexpected panics
+
+## Resources
+
+This skill includes comprehensive reference documentation with production code examples:
+
+### references/
+
+- **websocket_protocol.md** - Complete RFC 6455 specification details including frame structure, opcodes, masking algorithm, and security considerations
+- **khatru_implementation.md** - Go WebSocket patterns from khatru including connection lifecycle, subscription management, and performance optimizations (3000+ lines)
+- **strfry_implementation.md** - C++ high-performance patterns from strfry including thread pool architecture, message batching, and zero-copy techniques (2000+ lines)
+- **rust_implementation.md** - Rust async patterns from nostr-rs-relay including tokio::select! usage, error handling, and subscription filtering (2000+ lines)
+
+Load these references when implementing specific language solutions or troubleshooting complex WebSocket issues.

.claude/skills/nostr-websocket/references/strfry_implementation.md

@@ -0,0 +1,921 @@
+# C++ WebSocket Implementation for Nostr Relays (strfry patterns)
+
+This reference documents high-performance WebSocket patterns from the strfry Nostr relay implementation in C++.
+
+## Repository Information
+
+- **Project:** strfry - High-performance Nostr relay
+- **Repository:** https://github.com/hoytech/strfry
+- **Language:** C++ (C++20)
+- **WebSocket Library:** Custom fork of uWebSockets with epoll
+- **Architecture:** Single-threaded I/O with specialized thread pools
+
+## Core Architecture
+
+### Thread Pool Design
+
+strfry uses 6 specialized thread pools for different operations:
+
+```
+┌─────────────────────────────────────────────────────────────┐
+│                    Main Thread (I/O)                        │
+│  - epoll event loop                                         │
+│  - WebSocket message reception                              │
+│  - Connection management                                    │
+└─────────────────────────────────────────────────────────────┘
+                            │
+        ┌───────────────────┼───────────────────┐
+        │                   │                   │
+   ┌────▼────┐         ┌───▼────┐         ┌───▼────┐
+   │Ingester │         │ReqWorker│        │Negentropy│
+   │ (3)     │         │ (3)     │        │ (2)     │
+   └─────────┘         └─────────┘        └─────────┘
+        │                   │                   │
+   ┌────▼────┐         ┌───▼────┐
+   │ Writer  │         │ReqMonitor│
+   │ (1)     │         │ (3)     │
+   └─────────┘         └─────────┘
+```
+
+**Thread Pool Responsibilities:**
+
+1. **WebSocket (1 thread):** Main I/O loop, epoll event handling
+2. **Ingester (3 threads):** Event validation, signature verification, deduplication
+3. **Writer (1 thread):** Database writes, event storage
+4. **ReqWorker (3 threads):** Process REQ subscriptions, query database
+5. **ReqMonitor (3 threads):** Monitor active subscriptions, send real-time events
+6. **Negentropy (2 threads):** NIP-77 set reconciliation
+
+**Deterministic thread assignment:**
+```cpp
+int threadId = connId % numThreads;
+```
+
+**Benefits:**
+- **No lock contention:** Shared-nothing architecture
+- **Predictable performance:** Same connection always same thread
+- **CPU cache efficiency:** Thread-local data stays hot
+
+### Connection State
+
+```cpp
+struct ConnectionState {
+    uint64_t connId;                  // Unique connection identifier
+    std::string remoteAddr;           // Client IP address
+
+    // Subscription state
+    flat_str subId;                   // Current subscription ID
+    std::shared_ptr<Subscription> sub; // Subscription filter
+    uint64_t latestEventSent = 0;     // Latest event ID sent
+
+    // Compression state (per-message deflate)
+    PerMessageDeflate pmd;
+
+    // Parsing state (reused buffer)
+    std::string parseBuffer;
+
+    // Signature verification context (reused)
+    secp256k1_context *secpCtx;
+};
+```
+
+**Key design decisions:**
+
+1. **Reusable parseBuffer:** Single allocation per connection
+2. **Persistent secp256k1_context:** Expensive to create, reused for all signatures
+3. **Connection ID:** Enables deterministic thread assignment
+4. **Flat string (flat_str):** Value-semantic string-like type for zero-copy
+
+## WebSocket Message Reception
+
+### Main Event Loop (epoll)
+
+```cpp
+// Pseudocode representation of strfry's I/O loop
+uWS::App app;
+
+app.ws<ConnectionState>("/*", {
+    .compression = uWS::SHARED_COMPRESSOR,
+    .maxPayloadLength = 16 * 1024 * 1024,
+    .idleTimeout = 120,
+    .maxBackpressure = 1 * 1024 * 1024,
+
+    .upgrade = nullptr,
+
+    .open = [](auto *ws) {
+        auto *state = ws->getUserData();
+        state->connId = nextConnId++;
+        state->remoteAddr = getRemoteAddress(ws);
+        state->secpCtx = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY);
+
+        LI << "New connection: " << state->connId << " from " << state->remoteAddr;
+    },
+
+    .message = [](auto *ws, std::string_view message, uWS::OpCode opCode) {
+        auto *state = ws->getUserData();
+
+        // Reuse parseBuffer to avoid allocation
+        state->parseBuffer.assign(message.data(), message.size());
+
+        try {
+            // Parse JSON (nlohmann::json)
+            auto json = nlohmann::json::parse(state->parseBuffer);
+
+            // Extract command type
+            auto cmdStr = json[0].get<std::string>();
+
+            if (cmdStr == "EVENT") {
+                handleEventMessage(ws, std::move(json));
+            }
+            else if (cmdStr == "REQ") {
+                handleReqMessage(ws, std::move(json));
+            }
+            else if (cmdStr == "CLOSE") {
+                handleCloseMessage(ws, std::move(json));
+            }
+            else if (cmdStr == "NEG-OPEN") {
+                handleNegentropyOpen(ws, std::move(json));
+            }
+            else {
+                sendNotice(ws, "unknown command: " + cmdStr);
+            }
+        }
+        catch (std::exception &e) {
+            sendNotice(ws, "Error: " + std::string(e.what()));
+        }
+    },
+
+    .close = [](auto *ws, int code, std::string_view message) {
+        auto *state = ws->getUserData();
+
+        LI << "Connection closed: " << state->connId
+           << " code=" << code
+           << " msg=" << std::string(message);
+
+        // Cleanup
+        secp256k1_context_destroy(state->secpCtx);
+        cleanupSubscription(state->connId);
+    },
+});
+
+app.listen(8080, [](auto *token) {
+    if (token) {
+        LI << "Listening on port 8080";
+    }
+});
+
+app.run();
+```
+
+**Key patterns:**
+
+1. **epoll-based I/O:** Single thread handles thousands of connections
+2. **Buffer reuse:** `state->parseBuffer` avoids allocation per message
+3. **Move semantics:** `std::move(json)` transfers ownership to handler
+4. **Exception handling:** Catches parsing errors, sends NOTICE
+
+### Message Dispatch to Thread Pools
+
+```cpp
+void handleEventMessage(auto *ws, nlohmann::json &&json) {
+    auto *state = ws->getUserData();
+
+    // Pack message with connection ID
+    auto msg = MsgIngester{
+        .connId = state->connId,
+        .payload = std::move(json),
+    };
+
+    // Dispatch to Ingester thread pool (deterministic assignment)
+    tpIngester->dispatchToThread(state->connId, std::move(msg));
+}
+
+void handleReqMessage(auto *ws, nlohmann::json &&json) {
+    auto *state = ws->getUserData();
+
+    // Pack message
+    auto msg = MsgReq{
+        .connId = state->connId,
+        .payload = std::move(json),
+    };
+
+    // Dispatch to ReqWorker thread pool
+    tpReqWorker->dispatchToThread(state->connId, std::move(msg));
+}
+```
+
+**Message passing pattern:**
+
+```cpp
+// ThreadPool::dispatchToThread
+void dispatchToThread(uint64_t connId, Message &&msg) {
+    size_t threadId = connId % threads.size();
+    threads[threadId]->queue.push(std::move(msg));
+}
+```
+
+**Benefits:**
+- **Zero-copy:** `std::move` transfers ownership without copying
+- **Deterministic:** Same connection always processed by same thread
+- **Lock-free:** Each thread has own queue
+
+## Event Ingestion Pipeline
+
+### Ingester Thread Pool
+
+```cpp
+void IngesterThread::run() {
+    while (running) {
+        Message msg;
+        if (!queue.pop(msg, 100ms)) continue;
+
+        // Extract event from JSON
+        auto event = parseEvent(msg.payload);
+
+        // Validate event ID
+        if (!validateEventId(event)) {
+            sendOK(msg.connId, event.id, false, "invalid: id mismatch");
+            continue;
+        }
+
+        // Verify signature (using thread-local secp256k1 context)
+        if (!verifySignature(event, secpCtx)) {
+            sendOK(msg.connId, event.id, false, "invalid: signature verification failed");
+            continue;
+        }
+
+        // Check for duplicate (bloom filter + database)
+        if (isDuplicate(event.id)) {
+            sendOK(msg.connId, event.id, true, "duplicate: already have this event");
+            continue;
+        }
+
+        // Send to Writer thread
+        auto writerMsg = MsgWriter{
+            .connId = msg.connId,
+            .event = std::move(event),
+        };
+        tpWriter->dispatch(std::move(writerMsg));
+    }
+}
+```
+
+**Validation sequence:**
+1. Parse JSON into Event struct
+2. Validate event ID matches content hash
+3. Verify secp256k1 signature
+4. Check duplicate (bloom filter for speed)
+5. Forward to Writer thread for storage
+
+### Writer Thread
+
+```cpp
+void WriterThread::run() {
+    // Single thread for all database writes
+    while (running) {
+        Message msg;
+        if (!queue.pop(msg, 100ms)) continue;
+
+        // Write to database
+        bool success = db.insertEvent(msg.event);
+
+        // Send OK to client
+        sendOK(msg.connId, msg.event.id, success,
+               success ? "" : "error: failed to store");
+
+        if (success) {
+            // Broadcast to subscribers
+            broadcastEvent(msg.event);
+        }
+    }
+}
+```
+
+**Single-writer pattern:**
+- Only one thread writes to database
+- Eliminates write conflicts
+- Simplified transaction management
+
+### Event Broadcasting
+
+```cpp
+void broadcastEvent(const Event &event) {
+    // Serialize event JSON once
+    std::string eventJson = serializeEvent(event);
+
+    // Iterate all active subscriptions
+    for (auto &[connId, sub] : activeSubscriptions) {
+        // Check if filter matches
+        if (!sub->filter.matches(event)) continue;
+
+        // Check if event newer than last sent
+        if (event.id <= sub->latestEventSent) continue;
+
+        // Send to connection
+        auto msg = MsgWebSocket{
+            .connId = connId,
+            .payload = eventJson,  // Reuse serialized JSON
+        };
+
+        tpWebSocket->dispatch(std::move(msg));
+
+        // Update latest sent
+        sub->latestEventSent = event.id;
+    }
+}
+```
+
+**Critical optimization:** Serialize event JSON once, send to N subscribers
+
+**Performance impact:** For 1000 subscribers, reduces:
+- JSON serialization: 1000× → 1×
+- Memory allocations: 1000× → 1×
+- CPU time: ~100ms → ~1ms
+
+## Subscription Management
+
+### REQ Processing
+
+```cpp
+void ReqWorkerThread::run() {
+    while (running) {
+        MsgReq msg;
+        if (!queue.pop(msg, 100ms)) continue;
+
+        // Parse REQ message: ["REQ", subId, filter1, filter2, ...]
+        std::string subId = msg.payload[1];
+
+        // Create subscription object
+        auto sub = std::make_shared<Subscription>();
+        sub->subId = subId;
+
+        // Parse filters
+        for (size_t i = 2; i < msg.payload.size(); i++) {
+            Filter filter = parseFilter(msg.payload[i]);
+            sub->filters.push_back(filter);
+        }
+
+        // Store subscription
+        activeSubscriptions[msg.connId] = sub;
+
+        // Query stored events
+        std::vector<Event> events = db.queryEvents(sub->filters);
+
+        // Send matching events
+        for (const auto &event : events) {
+            sendEvent(msg.connId, subId, event);
+        }
+
+        // Send EOSE
+        sendEOSE(msg.connId, subId);
+
+        // Notify ReqMonitor to watch for real-time events
+        auto monitorMsg = MsgReqMonitor{
+            .connId = msg.connId,
+            .subId = subId,
+        };
+        tpReqMonitor->dispatchToThread(msg.connId, std::move(monitorMsg));
+    }
+}
+```
+
+**Query optimization:**
+
+```cpp
+std::vector<Event> Database::queryEvents(const std::vector<Filter> &filters) {
+    // Combine filters with OR logic
+    std::string sql = "SELECT * FROM events WHERE ";
+
+    for (size_t i = 0; i < filters.size(); i++) {
+        if (i > 0) sql += " OR ";
+        sql += buildFilterSQL(filters[i]);
+    }
+
+    sql += " ORDER BY created_at DESC LIMIT 1000";
+
+    return executeQuery(sql);
+}
+```
+
+**Filter SQL generation:**
+
+```cpp
+std::string buildFilterSQL(const Filter &filter) {
+    std::vector<std::string> conditions;
+
+    // Event IDs
+    if (!filter.ids.empty()) {
+        conditions.push_back("id IN (" + joinQuoted(filter.ids) + ")");
+    }
+
+    // Authors
+    if (!filter.authors.empty()) {
+        conditions.push_back("pubkey IN (" + joinQuoted(filter.authors) + ")");
+    }
+
+    // Kinds
+    if (!filter.kinds.empty()) {
+        conditions.push_back("kind IN (" + join(filter.kinds) + ")");
+    }
+
+    // Time range
+    if (filter.since) {
+        conditions.push_back("created_at >= " + std::to_string(*filter.since));
+    }
+    if (filter.until) {
+        conditions.push_back("created_at <= " + std::to_string(*filter.until));
+    }
+
+    // Tags (requires JOIN with tags table)
+    if (!filter.tags.empty()) {
+        for (const auto &[tagName, tagValues] : filter.tags) {
+            conditions.push_back(
+                "EXISTS (SELECT 1 FROM tags WHERE tags.event_id = events.id "
+                "AND tags.name = '" + tagName + "' "
+                "AND tags.value IN (" + joinQuoted(tagValues) + "))"
+            );
+        }
+    }
+
+    return "(" + join(conditions, " AND ") + ")";
+}
+```
+
+### ReqMonitor for Real-Time Events
+
+```cpp
+void ReqMonitorThread::run() {
+    // Subscribe to event broadcast channel
+    auto eventSubscription = subscribeToEvents();
+
+    while (running) {
+        Event event;
+        if (!eventSubscription.receive(event, 100ms)) continue;
+
+        // Check all subscriptions assigned to this thread
+        for (auto &[connId, sub] : mySubscriptions) {
+            // Only process subscriptions for this thread
+            if (connId % numThreads != threadId) continue;
+
+            // Check if filter matches
+            bool matches = false;
+            for (const auto &filter : sub->filters) {
+                if (filter.matches(event)) {
+                    matches = true;
+                    break;
+                }
+            }
+
+            if (matches) {
+                sendEvent(connId, sub->subId, event);
+            }
+        }
+    }
+}
+```
+
+**Pattern:** Monitor thread watches event stream, sends to matching subscriptions
+
+### CLOSE Handling
+
+```cpp
+void handleCloseMessage(auto *ws, nlohmann::json &&json) {
+    auto *state = ws->getUserData();
+
+    // Parse CLOSE message: ["CLOSE", subId]
+    std::string subId = json[1];
+
+    // Remove subscription
+    activeSubscriptions.erase(state->connId);
+
+    LI << "Subscription closed: connId=" << state->connId
+       << " subId=" << subId;
+}
+```
+
+## Performance Optimizations
+
+### 1. Event Batching
+
+**Problem:** Serializing same event 1000× for 1000 subscribers is wasteful
+
+**Solution:** Serialize once, send to all
+
+```cpp
+// BAD: Serialize for each subscriber
+for (auto &sub : subscriptions) {
+    std::string json = serializeEvent(event);  // Repeated!
+    send(sub.connId, json);
+}
+
+// GOOD: Serialize once
+std::string json = serializeEvent(event);
+for (auto &sub : subscriptions) {
+    send(sub.connId, json);  // Reuse!
+}
+```
+
+**Measurement:** For 1000 subscribers, reduces broadcast time from 100ms to 1ms
+
+### 2. Move Semantics
+
+**Problem:** Copying large JSON objects is expensive
+
+**Solution:** Transfer ownership with `std::move`
+
+```cpp
+// BAD: Copies JSON object
+void dispatch(Message msg) {
+    queue.push(msg);  // Copy
+}
+
+// GOOD: Moves JSON object
+void dispatch(Message &&msg) {
+    queue.push(std::move(msg));  // Move
+}
+```
+
+**Benefit:** Zero-copy message passing between threads
+
+### 3. Pre-allocated Buffers
+
+**Problem:** Allocating buffer for each message
+
+**Solution:** Reuse buffer per connection
+
+```cpp
+struct ConnectionState {
+    std::string parseBuffer;  // Reused for all messages
+};
+
+void handleMessage(std::string_view msg) {
+    state->parseBuffer.assign(msg.data(), msg.size());
+    auto json = nlohmann::json::parse(state->parseBuffer);
+    // ...
+}
+```
+
+**Benefit:** Eliminates 10,000+ allocations/second per connection
+
+### 4. std::variant for Message Types
+
+**Problem:** Virtual function calls for polymorphic messages
+
+**Solution:** `std::variant` with `std::visit`
+
+```cpp
+// BAD: Virtual function (pointer indirection, vtable lookup)
+struct Message {
+    virtual void handle() = 0;
+};
+
+// GOOD: std::variant (no indirection, inlined)
+using Message = std::variant<
+    MsgIngester,
+    MsgReq,
+    MsgWriter,
+    MsgWebSocket
+>;
+
+void handle(Message &&msg) {
+    std::visit([](auto &&m) { m.handle(); }, msg);
+}
+```
+
+**Benefit:** Compiler inlines visit, eliminates virtual call overhead
+
+### 5. Bloom Filter for Duplicate Detection
+
+**Problem:** Database query for every event to check duplicate
+
+**Solution:** In-memory bloom filter for fast negative
+
+```cpp
+class DuplicateDetector {
+    BloomFilter bloom;  // Fast probabilistic check
+
+    bool isDuplicate(const std::string &eventId) {
+        // Fast negative (definitely not seen)
+        if (!bloom.contains(eventId)) {
+            bloom.insert(eventId);
+            return false;
+        }
+
+        // Possible positive (maybe seen, check database)
+        if (db.eventExists(eventId)) {
+            return true;
+        }
+
+        // False positive
+        bloom.insert(eventId);
+        return false;
+    }
+};
+```
+
+**Benefit:** 99% of duplicate checks avoid database query
+
+### 6. Batch Queue Operations
+
+**Problem:** Lock contention on message queue
+
+**Solution:** Batch multiple pushes with single lock
+
+```cpp
+class MessageQueue {
+    std::mutex mutex;
+    std::deque<Message> queue;
+
+    void pushBatch(std::vector<Message> &messages) {
+        std::lock_guard lock(mutex);
+        for (auto &msg : messages) {
+            queue.push_back(std::move(msg));
+        }
+    }
+};
+```
+
+**Benefit:** Reduces lock acquisitions by 10-100×
+
+### 7. ZSTD Dictionary Compression
+
+**Problem:** WebSocket compression slower than desired
+
+**Solution:** Train ZSTD dictionary on typical Nostr messages
+
+```cpp
+// Train dictionary on corpus of Nostr events
+std::string corpus = collectTypicalEvents();
+ZSTD_CDict *dict = ZSTD_createCDict(
+    corpus.data(), corpus.size(),
+    compressionLevel
+);
+
+// Use dictionary for compression
+size_t compressedSize = ZSTD_compress_usingCDict(
+    cctx, dst, dstSize,
+    src, srcSize, dict
+);
+```
+
+**Benefit:** 10-20% better compression ratio, 2× faster decompression
+
+### 8. String Views
+
+**Problem:** Unnecessary string copies when parsing
+
+**Solution:** Use `std::string_view` for zero-copy
+
+```cpp
+// BAD: Copies substring
+std::string extractCommand(const std::string &msg) {
+    return msg.substr(0, 5);  // Copy
+}
+
+// GOOD: View into original string
+std::string_view extractCommand(std::string_view msg) {
+    return msg.substr(0, 5);  // No copy
+}
+```
+
+**Benefit:** Eliminates allocations during parsing
+
+## Compression (permessage-deflate)
+
+### WebSocket Compression Configuration
+
+```cpp
+struct PerMessageDeflate {
+    z_stream deflate_stream;
+    z_stream inflate_stream;
+
+    // Sliding window for compression history
+    static constexpr int WINDOW_BITS = 15;
+    static constexpr int MEM_LEVEL = 8;
+
+    void init() {
+        // Initialize deflate (compression)
+        deflate_stream.zalloc = Z_NULL;
+        deflate_stream.zfree = Z_NULL;
+        deflate_stream.opaque = Z_NULL;
+        deflateInit2(&deflate_stream,
+                     Z_DEFAULT_COMPRESSION,
+                     Z_DEFLATED,
+                     -WINDOW_BITS,  // Negative = no zlib header
+                     MEM_LEVEL,
+                     Z_DEFAULT_STRATEGY);
+
+        // Initialize inflate (decompression)
+        inflate_stream.zalloc = Z_NULL;
+        inflate_stream.zfree = Z_NULL;
+        inflate_stream.opaque = Z_NULL;
+        inflateInit2(&inflate_stream, -WINDOW_BITS);
+    }
+
+    std::string compress(std::string_view data) {
+        // Compress with sliding window
+        deflate_stream.next_in = (Bytef*)data.data();
+        deflate_stream.avail_in = data.size();
+
+        std::string compressed;
+        compressed.resize(deflateBound(&deflate_stream, data.size()));
+
+        deflate_stream.next_out = (Bytef*)compressed.data();
+        deflate_stream.avail_out = compressed.size();
+
+        deflate(&deflate_stream, Z_SYNC_FLUSH);
+
+        compressed.resize(compressed.size() - deflate_stream.avail_out);
+        return compressed;
+    }
+};
+```
+
+**Typical compression ratios:**
+- JSON events: 60-80% reduction
+- Subscription filters: 40-60% reduction
+- Binary events: 10-30% reduction
+
+## Database Schema (LMDB)
+
+strfry uses LMDB (Lightning Memory-Mapped Database) for event storage:
+
+```cpp
+// Key-value stores
+struct EventDB {
+    // Primary event storage (key: event ID, value: event data)
+    lmdb::dbi eventsDB;
+
+    // Index by pubkey (key: pubkey + created_at, value: event ID)
+    lmdb::dbi pubkeyDB;
+
+    // Index by kind (key: kind + created_at, value: event ID)
+    lmdb::dbi kindDB;
+
+    // Index by tags (key: tag_name + tag_value + created_at, value: event ID)
+    lmdb::dbi tagsDB;
+
+    // Deletion index (key: event ID, value: deletion event ID)
+    lmdb::dbi deletionsDB;
+};
+```
+
+**Why LMDB?**
+- Memory-mapped I/O (kernel manages caching)
+- Copy-on-write (MVCC without locks)
+- Ordered keys (enables range queries)
+- Crash-proof (no corruption on power loss)
+
+## Monitoring and Metrics
+
+### Connection Statistics
+
+```cpp
+struct RelayStats {
+    std::atomic<uint64_t> totalConnections{0};
+    std::atomic<uint64_t> activeConnections{0};
+    std::atomic<uint64_t> eventsReceived{0};
+    std::atomic<uint64_t> eventsSent{0};
+    std::atomic<uint64_t> bytesReceived{0};
+    std::atomic<uint64_t> bytesSent{0};
+
+    void recordConnection() {
+        totalConnections.fetch_add(1, std::memory_order_relaxed);
+        activeConnections.fetch_add(1, std::memory_order_relaxed);
+    }
+
+    void recordDisconnection() {
+        activeConnections.fetch_sub(1, std::memory_order_relaxed);
+    }
+
+    void recordEventReceived(size_t bytes) {
+        eventsReceived.fetch_add(1, std::memory_order_relaxed);
+        bytesReceived.fetch_add(bytes, std::memory_order_relaxed);
+    }
+};
+```
+
+**Atomic operations:** Lock-free updates from multiple threads
+
+### Performance Metrics
+
+```cpp
+struct PerformanceMetrics {
+    // Latency histograms
+    Histogram eventIngestionLatency;
+    Histogram subscriptionQueryLatency;
+    Histogram eventBroadcastLatency;
+
+    // Thread pool queue depths
+    std::atomic<size_t> ingesterQueueDepth{0};
+    std::atomic<size_t> writerQueueDepth{0};
+    std::atomic<size_t> reqWorkerQueueDepth{0};
+
+    void recordIngestion(std::chrono::microseconds duration) {
+        eventIngestionLatency.record(duration.count());
+    }
+};
+```
+
+## Configuration
+
+### relay.conf Example
+
+```ini
+[relay]
+bind = 0.0.0.0
+port = 8080
+maxConnections = 10000
+maxMessageSize = 16777216  # 16 MB
+
+[ingester]
+threads = 3
+queueSize = 10000
+
+[writer]
+threads = 1
+queueSize = 1000
+batchSize = 100
+
+[reqWorker]
+threads = 3
+queueSize = 10000
+
+[db]
+path = /var/lib/strfry/events.lmdb
+maxSizeGB = 100
+```
+
+## Deployment Considerations
+
+### System Limits
+
+```bash
+# Increase file descriptor limit
+ulimit -n 65536
+
+# Increase maximum socket connections
+sysctl -w net.core.somaxconn=4096
+
+# TCP tuning
+sysctl -w net.ipv4.tcp_fin_timeout=15
+sysctl -w net.ipv4.tcp_tw_reuse=1
+```
+
+### Memory Requirements
+
+**Per connection:**
+- ConnectionState: ~1 KB
+- WebSocket buffers: ~32 KB (16 KB send + 16 KB receive)
+- Compression state: ~400 KB (200 KB deflate + 200 KB inflate)
+
+**Total:** ~433 KB per connection
+
+**For 10,000 connections:** ~4.3 GB
+
+### CPU Requirements
+
+**Single-core can handle:**
+- 1000 concurrent connections
+- 10,000 events/sec ingestion
+- 100,000 events/sec broadcast (cached)
+
+**Recommended:**
+- 8+ cores for 10,000 connections
+- 16+ cores for 50,000 connections
+
+## Summary
+
+**Key architectural patterns:**
+1. **Single-threaded I/O:** epoll handles all connections in one thread
+2. **Specialized thread pools:** Different operations use dedicated threads
+3. **Deterministic assignment:** Connection ID determines thread assignment
+4. **Move semantics:** Zero-copy message passing
+5. **Event batching:** Serialize once, send to many
+6. **Pre-allocated buffers:** Reuse memory per connection
+7. **Bloom filters:** Fast duplicate detection
+8. **LMDB:** Memory-mapped database for zero-copy reads
+
+**Performance characteristics:**
+- **50,000+ concurrent connections** per server
+- **100,000+ events/sec** throughput
+- **Sub-millisecond** latency for broadcasts
+- **10 GB+ event database** with fast queries
+
+**When to use strfry patterns:**
+- Need maximum performance (trading complexity)
+- Have C++ expertise on team
+- Running large public relay (thousands of users)
+- Want minimal memory footprint
+- Need to scale to 50K+ connections
+
+**Trade-offs:**
+- **Complexity:** More complex than Go/Rust implementations
+- **Portability:** Linux-specific (epoll, LMDB)
+- **Development speed:** Slower iteration than higher-level languages
+
+**Further reading:**
+- strfry repository: https://github.com/hoytech/strfry
+- uWebSockets: https://github.com/uNetworking/uWebSockets
+- LMDB: http://www.lmdb.tech/doc/
+- epoll: https://man7.org/linux/man-pages/man7/epoll.7.html

.claude/skills/nostr-websocket/references/websocket_protocol.md

@@ -0,0 +1,881 @@
+# WebSocket Protocol (RFC 6455) - Complete Reference
+
+## Connection Establishment
+
+### HTTP Upgrade Handshake
+
+The WebSocket protocol begins as an HTTP request that upgrades to WebSocket:
+
+**Client Request:**
+```http
+GET /chat HTTP/1.1
+Host: server.example.com
+Upgrade: websocket
+Connection: Upgrade
+Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
+Origin: http://example.com
+Sec-WebSocket-Protocol: chat, superchat
+Sec-WebSocket-Version: 13
+```
+
+**Server Response:**
+```http
+HTTP/1.1 101 Switching Protocols
+Upgrade: websocket
+Connection: Upgrade
+Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
+Sec-WebSocket-Protocol: chat
+```
+
+### Handshake Details
+
+**Sec-WebSocket-Key Generation (Client):**
+1. Generate 16 random bytes
+2. Base64-encode the result
+3. Send in `Sec-WebSocket-Key` header
+
+**Sec-WebSocket-Accept Computation (Server):**
+1. Concatenate client key with GUID: `258EAFA5-E914-47DA-95CA-C5AB0DC85B11`
+2. Compute SHA-1 hash of concatenated string
+3. Base64-encode the hash
+4. Send in `Sec-WebSocket-Accept` header
+
+**Example computation:**
+```
+Client Key: dGhlIHNhbXBsZSBub25jZQ==
+Concatenated: dGhlIHNhbXBsZSBub25jZQ==258EAFA5-E914-47DA-95CA-C5AB0DC85B11
+SHA-1 Hash: b37a4f2cc0cb4e7e8cf769a5f3f8f2e8e4c9f7a3
+Base64: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
+```
+
+**Validation (Client):**
+- Verify HTTP status is 101
+- Verify `Sec-WebSocket-Accept` matches expected value
+- If validation fails, do not establish connection
+
+### Origin Header
+
+The `Origin` header provides protection against cross-site WebSocket hijacking:
+
+**Server-side validation:**
+```go
+func checkOrigin(r *http.Request) bool {
+    origin := r.Header.Get("Origin")
+    allowedOrigins := []string{
+        "https://example.com",
+        "https://app.example.com",
+    }
+    for _, allowed := range allowedOrigins {
+        if origin == allowed {
+            return true
+        }
+    }
+    return false
+}
+```
+
+**Security consideration:** Browser-based clients MUST send Origin header. Non-browser clients MAY omit it. Servers SHOULD validate Origin for browser clients to prevent CSRF attacks.
+
+## Frame Format
+
+### Base Framing Protocol
+
+WebSocket frames use a binary format with variable-length fields:
+
+```
+      0                   1                   2                   3
+      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+     +-+-+-+-+-------+-+-------------+-------------------------------+
+     |F|R|R|R| opcode|M| Payload len |    Extended payload length    |
+     |I|S|S|S|  (4)  |A|     (7)     |             (16/64)           |
+     |N|V|V|V|       |S|             |   (if payload len==126/127)   |
+     | |1|2|3|       |K|             |                               |
+     +-+-+-+-+-------+-+-------------+ - - - - - - - - - - - - - - - +
+     |     Extended payload length continued, if payload len == 127  |
+     + - - - - - - - - - - - - - - - +-------------------------------+
+     |                               |Masking-key, if MASK set to 1  |
+     +-------------------------------+-------------------------------+
+     | Masking-key (continued)       |          Payload Data         |
+     +-------------------------------- - - - - - - - - - - - - - - - +
+     :                     Payload Data continued ...                :
+     + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +
+     |                     Payload Data continued ...                |
+     +---------------------------------------------------------------+
+```
+
+### Frame Header Fields
+
+**FIN (1 bit):**
+- `1` = Final fragment in message
+- `0` = More fragments follow
+- Used for message fragmentation
+
+**RSV1, RSV2, RSV3 (1 bit each):**
+- Reserved for extensions
+- MUST be 0 unless extension negotiated
+- Server MUST fail connection if non-zero with no extension
+
+**Opcode (4 bits):**
+- Defines interpretation of payload data
+- See "Frame Opcodes" section below
+
+**MASK (1 bit):**
+- `1` = Payload is masked (required for client-to-server)
+- `0` = Payload is not masked (required for server-to-client)
+- Client MUST mask all frames sent to server
+- Server MUST NOT mask frames sent to client
+
+**Payload Length (7 bits, 7+16 bits, or 7+64 bits):**
+- If 0-125: Actual payload length
+- If 126: Next 2 bytes are 16-bit unsigned payload length
+- If 127: Next 8 bytes are 64-bit unsigned payload length
+
+**Masking-key (0 or 4 bytes):**
+- Present if MASK bit is set
+- 32-bit value used to mask payload
+- MUST be unpredictable (strong entropy source)
+
+### Frame Opcodes
+
+**Data Frame Opcodes:**
+- `0x0` - Continuation Frame
+  - Used for fragmented messages
+  - Must follow initial data frame (text/binary)
+  - Carries same data type as initial frame
+
+- `0x1` - Text Frame
+  - Payload is UTF-8 encoded text
+  - MUST be valid UTF-8
+  - Endpoint MUST fail connection if invalid UTF-8
+
+- `0x2` - Binary Frame
+  - Payload is arbitrary binary data
+  - Application interprets data
+
+- `0x3-0x7` - Reserved for future non-control frames
+
+**Control Frame Opcodes:**
+- `0x8` - Connection Close
+  - Initiates or acknowledges connection closure
+  - MAY contain status code and reason
+  - See "Close Handshake" section
+
+- `0x9` - Ping
+  - Heartbeat mechanism
+  - MAY contain application data
+  - Recipient MUST respond with Pong
+
+- `0xA` - Pong
+  - Response to Ping
+  - MUST contain identical payload as Ping
+  - MAY be sent unsolicited (unidirectional heartbeat)
+
+- `0xB-0xF` - Reserved for future control frames
+
+### Control Frame Constraints
+
+**Control frames are subject to strict rules:**
+
+1. **Maximum payload:** 125 bytes
+   - Allows control frames to fit in single IP packet
+   - Reduces fragmentation
+
+2. **No fragmentation:** Control frames MUST NOT be fragmented
+   - FIN bit MUST be 1
+   - Ensures immediate processing
+
+3. **Interleaving:** Control frames MAY be injected in middle of fragmented message
+   - Enables ping/pong during long transfers
+   - Close frames can interrupt any operation
+
+4. **All control frames MUST be handled immediately**
+
+### Masking
+
+**Purpose of masking:**
+- Prevents cache poisoning attacks
+- Protects against misinterpretation by intermediaries
+- Makes WebSocket traffic unpredictable to proxies
+
+**Masking algorithm:**
+```
+j = i MOD 4
+transformed-octet-i = original-octet-i XOR masking-key-octet-j
+```
+
+**Implementation:**
+```go
+func maskBytes(data []byte, mask [4]byte) {
+    for i := range data {
+        data[i] ^= mask[i%4]
+    }
+}
+```
+
+**Example:**
+```
+Original:     [0x48, 0x65, 0x6C, 0x6C, 0x6F]  // "Hello"
+Masking Key:  [0x37, 0xFA, 0x21, 0x3D]
+Masked:       [0x7F, 0x9F, 0x4D, 0x51, 0x58]
+
+Calculation:
+0x48 XOR 0x37 = 0x7F
+0x65 XOR 0xFA = 0x9F
+0x6C XOR 0x21 = 0x4D
+0x6C XOR 0x3D = 0x51
+0x6F XOR 0x37 = 0x58  (wraps around to mask[0])
+```
+
+**Security requirement:** Masking key MUST be derived from strong source of entropy. Predictable masking keys defeat the security purpose.
+
+## Message Fragmentation
+
+### Why Fragment?
+
+- Send message without knowing total size upfront
+- Multiplex logical channels (interleave messages)
+- Keep control frames responsive during large transfers
+
+### Fragmentation Rules
+
+**Sender rules:**
+1. First fragment has opcode (text/binary)
+2. Subsequent fragments have opcode 0x0 (continuation)
+3. Last fragment has FIN bit set to 1
+4. Control frames MAY be interleaved
+
+**Receiver rules:**
+1. Reassemble fragments in order
+2. Final message type determined by first fragment opcode
+3. Validate UTF-8 across all text fragments
+4. Process control frames immediately (don't wait for FIN)
+
+### Fragmentation Example
+
+**Sending "Hello World" in 3 fragments:**
+
+```
+Frame 1 (Text, More Fragments):
+  FIN=0, Opcode=0x1, Payload="Hello"
+
+Frame 2 (Continuation, More Fragments):
+  FIN=0, Opcode=0x0, Payload=" Wor"
+
+Frame 3 (Continuation, Final):
+  FIN=1, Opcode=0x0, Payload="ld"
+```
+
+**With interleaved Ping:**
+
+```
+Frame 1: FIN=0, Opcode=0x1, Payload="Hello"
+Frame 2: FIN=1, Opcode=0x9, Payload=""        <- Ping (complete)
+Frame 3: FIN=0, Opcode=0x0, Payload=" Wor"
+Frame 4: FIN=1, Opcode=0x0, Payload="ld"
+```
+
+### Implementation Pattern
+
+```go
+type fragmentState struct {
+    messageType int
+    fragments   [][]byte
+}
+
+func (ws *WebSocket) handleFrame(fin bool, opcode int, payload []byte) {
+    switch opcode {
+    case 0x1, 0x2: // Text or Binary (first fragment)
+        if fin {
+            ws.handleCompleteMessage(opcode, payload)
+        } else {
+            ws.fragmentState = &fragmentState{
+                messageType: opcode,
+                fragments:   [][]byte{payload},
+            }
+        }
+
+    case 0x0: // Continuation
+        if ws.fragmentState == nil {
+            ws.fail("Unexpected continuation frame")
+            return
+        }
+        ws.fragmentState.fragments = append(ws.fragmentState.fragments, payload)
+        if fin {
+            complete := bytes.Join(ws.fragmentState.fragments, nil)
+            ws.handleCompleteMessage(ws.fragmentState.messageType, complete)
+            ws.fragmentState = nil
+        }
+
+    case 0x8, 0x9, 0xA: // Control frames
+        ws.handleControlFrame(opcode, payload)
+    }
+}
+```
+
+## Ping and Pong Frames
+
+### Purpose
+
+1. **Keep-alive:** Detect broken connections
+2. **Latency measurement:** Time round-trip
+3. **NAT traversal:** Maintain mapping in stateful firewalls
+
+### Protocol Rules
+
+**Ping (0x9):**
+- MAY be sent by either endpoint at any time
+- MAY contain application data (≤125 bytes)
+- Application data arbitrary (often empty or timestamp)
+
+**Pong (0xA):**
+- MUST be sent in response to Ping
+- MUST contain identical payload as Ping
+- MUST be sent "as soon as practical"
+- MAY be sent unsolicited (one-way heartbeat)
+
+**No Response:**
+- If Pong not received within timeout, connection assumed dead
+- Application should close connection
+
+### Implementation Patterns
+
+**Pattern 1: Automatic Pong (most WebSocket libraries)**
+```go
+// Library handles pong automatically
+ws.SetPingHandler(func(appData string) error {
+    // Custom handler if needed
+    return nil  // Library sends pong automatically
+})
+```
+
+**Pattern 2: Manual Pong**
+```go
+func (ws *WebSocket) handlePing(payload []byte) {
+    pongFrame := Frame{
+        FIN:     true,
+        Opcode:  0xA,
+        Payload: payload,  // Echo same payload
+    }
+    ws.writeFrame(pongFrame)
+}
+```
+
+**Pattern 3: Periodic Client Ping**
+```go
+func (ws *WebSocket) pingLoop() {
+    ticker := time.NewTicker(30 * time.Second)
+    defer ticker.Stop()
+
+    for {
+        select {
+        case <-ticker.C:
+            if err := ws.writePing([]byte{}); err != nil {
+                return  // Connection dead
+            }
+        case <-ws.done:
+            return
+        }
+    }
+}
+```
+
+**Pattern 4: Timeout Detection**
+```go
+const pongWait = 60 * time.Second
+
+ws.SetReadDeadline(time.Now().Add(pongWait))
+ws.SetPongHandler(func(string) error {
+    ws.SetReadDeadline(time.Now().Add(pongWait))
+    return nil
+})
+
+// If no frame received in pongWait, ReadMessage returns timeout error
+```
+
+### Nostr Relay Recommendations
+
+**Server-side:**
+- Send ping every 30-60 seconds
+- Close connection if no pong within 60-120 seconds
+- Log timeout closures for monitoring
+
+**Client-side:**
+- Respond to pings automatically (use library handler)
+- Consider sending unsolicited pongs every 30 seconds (some proxies)
+- Reconnect if no frames received for 120 seconds
+
+## Close Handshake
+
+### Close Frame Structure
+
+**Close frame (Opcode 0x8) payload:**
+```
+     0                   1                   2                   3
+     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    |         Status Code (16)      |  Reason (variable length)...  |
+    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+```
+
+**Status Code (2 bytes, optional):**
+- 16-bit unsigned integer
+- Network byte order (big-endian)
+- See "Status Codes" section below
+
+**Reason (variable length, optional):**
+- UTF-8 encoded text
+- MUST be valid UTF-8
+- Typically human-readable explanation
+
+### Close Handshake Sequence
+
+**Initiator (either endpoint):**
+1. Send Close frame with optional status/reason
+2. Stop sending data frames
+3. Continue processing received frames until Close frame received
+4. Close underlying TCP connection
+
+**Recipient:**
+1. Receive Close frame
+2. Send Close frame in response (if not already sent)
+3. Close underlying TCP connection
+
+### Status Codes
+
+**Normal Closure Codes:**
+- `1000` - Normal Closure
+  - Successful operation complete
+  - Default if no code specified
+
+- `1001` - Going Away
+  - Endpoint going away (server shutdown, browser navigation)
+  - Client navigating to new page
+
+**Error Closure Codes:**
+- `1002` - Protocol Error
+  - Endpoint terminating due to protocol error
+  - Invalid frame format, unexpected opcode, etc.
+
+- `1003` - Unsupported Data
+  - Endpoint cannot accept data type
+  - Server received binary when expecting text
+
+- `1007` - Invalid Frame Payload Data
+  - Inconsistent data (e.g., non-UTF-8 in text frame)
+
+- `1008` - Policy Violation
+  - Message violates endpoint policy
+  - Generic code when specific code doesn't fit
+
+- `1009` - Message Too Big
+  - Message too large to process
+
+- `1010` - Mandatory Extension
+  - Client expected server to negotiate extension
+  - Server didn't respond with extension
+
+- `1011` - Internal Server Error
+  - Server encountered unexpected condition
+  - Prevents fulfilling request
+
+**Reserved Codes:**
+- `1004` - Reserved
+- `1005` - No Status Rcvd (internal use only, never sent)
+- `1006` - Abnormal Closure (internal use only, never sent)
+- `1015` - TLS Handshake (internal use only, never sent)
+
+**Custom Application Codes:**
+- `3000-3999` - Library/framework use
+- `4000-4999` - Application use (e.g., Nostr-specific)
+
+### Implementation Patterns
+
+**Graceful close (initiator):**
+```go
+func (ws *WebSocket) Close() error {
+    // Send close frame
+    closeFrame := Frame{
+        FIN:     true,
+        Opcode:  0x8,
+        Payload: encodeCloseStatus(1000, "goodbye"),
+    }
+    ws.writeFrame(closeFrame)
+
+    // Wait for close frame response (with timeout)
+    ws.SetReadDeadline(time.Now().Add(5 * time.Second))
+    for {
+        frame, err := ws.readFrame()
+        if err != nil || frame.Opcode == 0x8 {
+            break
+        }
+        // Process other frames
+    }
+
+    // Close TCP connection
+    return ws.conn.Close()
+}
+```
+
+**Handling received close:**
+```go
+func (ws *WebSocket) handleCloseFrame(payload []byte) {
+    status, reason := decodeClosePayload(payload)
+    log.Printf("Close received: %d %s", status, reason)
+
+    // Send close response
+    closeFrame := Frame{
+        FIN:     true,
+        Opcode:  0x8,
+        Payload: payload,  // Echo same status/reason
+    }
+    ws.writeFrame(closeFrame)
+
+    // Close connection
+    ws.conn.Close()
+}
+```
+
+**Nostr relay close examples:**
+```go
+// Client subscription limit exceeded
+ws.SendClose(4000, "subscription limit exceeded")
+
+// Invalid message format
+ws.SendClose(1002, "protocol error: invalid JSON")
+
+// Relay shutting down
+ws.SendClose(1001, "relay shutting down")
+
+// Client rate limit exceeded
+ws.SendClose(4001, "rate limit exceeded")
+```
+
+## Security Considerations
+
+### Origin-Based Security Model
+
+**Threat:** Malicious web page opens WebSocket to victim server using user's credentials
+
+**Mitigation:**
+1. Server checks `Origin` header
+2. Reject connections from untrusted origins
+3. Implement same-origin or allowlist policy
+
+**Example:**
+```go
+func validateOrigin(r *http.Request) bool {
+    origin := r.Header.Get("Origin")
+
+    // Allow same-origin
+    if origin == "https://"+r.Host {
+        return true
+    }
+
+    // Allowlist trusted origins
+    trusted := []string{
+        "https://app.example.com",
+        "https://mobile.example.com",
+    }
+    for _, t := range trusted {
+        if origin == t {
+            return true
+        }
+    }
+
+    return false
+}
+```
+
+### Masking Attacks
+
+**Why masking is required:**
+- Without masking, attacker can craft WebSocket frames that look like HTTP requests
+- Proxies might misinterpret frame data as HTTP
+- Could lead to cache poisoning or request smuggling
+
+**Example attack (without masking):**
+```
+WebSocket payload: "GET /admin HTTP/1.1\r\nHost: victim.com\r\n\r\n"
+Proxy might interpret as separate HTTP request
+```
+
+**Defense:** Client MUST mask all frames. Server MUST reject unmasked frames from client.
+
+### Connection Limits
+
+**Prevent resource exhaustion:**
+
+```go
+type ConnectionLimiter struct {
+    connections map[string]int
+    maxPerIP    int
+    mu          sync.Mutex
+}
+
+func (cl *ConnectionLimiter) Allow(ip string) bool {
+    cl.mu.Lock()
+    defer cl.mu.Unlock()
+
+    if cl.connections[ip] >= cl.maxPerIP {
+        return false
+    }
+    cl.connections[ip]++
+    return true
+}
+
+func (cl *ConnectionLimiter) Release(ip string) {
+    cl.mu.Lock()
+    defer cl.mu.Unlock()
+    cl.connections[ip]--
+}
+```
+
+### TLS (WSS)
+
+**Use WSS (WebSocket Secure) for:**
+- Authentication credentials
+- Private user data
+- Financial transactions
+- Any sensitive information
+
+**WSS connection flow:**
+1. Establish TLS connection
+2. Perform TLS handshake
+3. Verify server certificate
+4. Perform WebSocket handshake over TLS
+
+**URL schemes:**
+- `ws://` - Unencrypted WebSocket (default port 80)
+- `wss://` - Encrypted WebSocket over TLS (default port 443)
+
+### Message Size Limits
+
+**Prevent memory exhaustion:**
+
+```go
+const maxMessageSize = 512 * 1024  // 512 KB
+
+ws.SetReadLimit(maxMessageSize)
+
+// Or during frame reading:
+if payloadLength > maxMessageSize {
+    ws.SendClose(1009, "message too large")
+    ws.Close()
+}
+```
+
+### Rate Limiting
+
+**Prevent abuse:**
+
+```go
+type RateLimiter struct {
+    limiter *rate.Limiter
+}
+
+func (rl *RateLimiter) Allow() bool {
+    return rl.limiter.Allow()
+}
+
+// Per-connection limiter
+limiter := rate.NewLimiter(10, 20)  // 10 msgs/sec, burst 20
+
+if !limiter.Allow() {
+    ws.SendClose(4001, "rate limit exceeded")
+}
+```
+
+## Error Handling
+
+### Connection Errors
+
+**Types of errors:**
+1. **Network errors:** TCP connection failure, timeout
+2. **Protocol errors:** Invalid frame format, wrong opcode
+3. **Application errors:** Invalid message content
+
+**Handling strategy:**
+```go
+for {
+    frame, err := ws.ReadFrame()
+    if err != nil {
+        // Check error type
+        if netErr, ok := err.(net.Error); ok && netErr.Timeout() {
+            // Timeout - connection likely dead
+            log.Println("Connection timeout")
+            ws.Close()
+            return
+        }
+
+        if err == io.EOF || err == io.ErrUnexpectedEOF {
+            // Connection closed
+            log.Println("Connection closed")
+            return
+        }
+
+        if protocolErr, ok := err.(*ProtocolError); ok {
+            // Protocol violation
+            log.Printf("Protocol error: %v", protocolErr)
+            ws.SendClose(1002, protocolErr.Error())
+            ws.Close()
+            return
+        }
+
+        // Unknown error
+        log.Printf("Unknown error: %v", err)
+        ws.Close()
+        return
+    }
+
+    // Process frame
+}
+```
+
+### UTF-8 Validation
+
+**Text frames MUST contain valid UTF-8:**
+
+```go
+func validateUTF8(data []byte) bool {
+    return utf8.Valid(data)
+}
+
+func handleTextFrame(payload []byte) error {
+    if !validateUTF8(payload) {
+        return fmt.Errorf("invalid UTF-8 in text frame")
+    }
+    // Process valid text
+    return nil
+}
+```
+
+**For fragmented messages:** Validate UTF-8 across all fragments when reassembled.
+
+## Implementation Checklist
+
+### Client Implementation
+
+- [ ] Generate random Sec-WebSocket-Key
+- [ ] Compute and validate Sec-WebSocket-Accept
+- [ ] MUST mask all frames sent to server
+- [ ] Handle unmasked frames from server
+- [ ] Respond to Ping with Pong
+- [ ] Implement close handshake (both initiating and responding)
+- [ ] Validate UTF-8 in text frames
+- [ ] Handle fragmented messages
+- [ ] Set reasonable timeouts
+- [ ] Implement reconnection logic
+
+### Server Implementation
+
+- [ ] Validate Sec-WebSocket-Key format
+- [ ] Compute correct Sec-WebSocket-Accept
+- [ ] Validate Origin header
+- [ ] MUST NOT mask frames sent to client
+- [ ] Reject masked frames from server (protocol error)
+- [ ] Respond to Ping with Pong
+- [ ] Implement close handshake (both initiating and responding)
+- [ ] Validate UTF-8 in text frames
+- [ ] Handle fragmented messages
+- [ ] Implement connection limits (per IP, total)
+- [ ] Implement message size limits
+- [ ] Implement rate limiting
+- [ ] Log connection statistics
+- [ ] Graceful shutdown (close all connections)
+
+### Both Client and Server
+
+- [ ] Handle concurrent read/write safely
+- [ ] Process control frames immediately (even during fragmentation)
+- [ ] Implement proper timeout mechanisms
+- [ ] Log errors with appropriate detail
+- [ ] Handle unexpected close gracefully
+- [ ] Validate frame structure
+- [ ] Check RSV bits (must be 0 unless extension)
+- [ ] Support standard close status codes
+- [ ] Implement proper error handling for all operations
+
+## Common Implementation Mistakes
+
+### 1. Concurrent Writes
+
+**Mistake:** Writing to WebSocket from multiple goroutines without synchronization
+
+**Fix:** Use mutex or single-writer goroutine
+```go
+type WebSocket struct {
+    conn  *websocket.Conn
+    mutex sync.Mutex
+}
+
+func (ws *WebSocket) WriteMessage(data []byte) error {
+    ws.mutex.Lock()
+    defer ws.mutex.Unlock()
+    return ws.conn.WriteMessage(websocket.TextMessage, data)
+}
+```
+
+### 2. Not Handling Pong
+
+**Mistake:** Sending Ping but not updating read deadline on Pong
+
+**Fix:**
+```go
+ws.SetPongHandler(func(string) error {
+    ws.SetReadDeadline(time.Now().Add(pongWait))
+    return nil
+})
+```
+
+### 3. Forgetting Close Handshake
+
+**Mistake:** Just calling `conn.Close()` without sending Close frame
+
+**Fix:** Send Close frame first, wait for response, then close TCP
+
+### 4. Not Validating UTF-8
+
+**Mistake:** Accepting any bytes in text frames
+
+**Fix:** Validate UTF-8 and fail connection on invalid text
+
+### 5. No Message Size Limit
+
+**Mistake:** Allowing unlimited message sizes
+
+**Fix:** Set `SetReadLimit()` to reasonable value (e.g., 512 KB)
+
+### 6. Blocking on Write
+
+**Mistake:** Blocking indefinitely on slow clients
+
+**Fix:** Set write deadline before each write
+```go
+ws.SetWriteDeadline(time.Now().Add(10 * time.Second))
+```
+
+### 7. Memory Leaks
+
+**Mistake:** Not cleaning up resources on disconnect
+
+**Fix:** Use defer for cleanup, ensure all goroutines terminate
+
+### 8. Race Conditions in Close
+
+**Mistake:** Multiple goroutines trying to close connection
+
+**Fix:** Use `sync.Once` for close operation
+```go
+type WebSocket struct {
+    conn      *websocket.Conn
+    closeOnce sync.Once
+}
+
+func (ws *WebSocket) Close() error {
+    var err error
+    ws.closeOnce.Do(func() {
+        err = ws.conn.Close()
+    })
+    return err
+}
+```

.claude/skills/nostr/README.md

@@ -0,0 +1,162 @@
+# Nostr Protocol Skill
+
+A comprehensive Claude skill for working with the Nostr protocol and implementing Nostr clients and relays.
+
+## Overview
+
+This skill provides expert-level knowledge of the Nostr protocol, including:
+- Complete NIP (Nostr Implementation Possibilities) reference
+- Event structure and cryptographic operations
+- Client-relay WebSocket communication
+- Event kinds and their behaviors
+- Best practices and common pitfalls
+
+## Contents
+
+### SKILL.md
+The main skill file containing:
+- Core protocol concepts
+- Event structure and signing
+- WebSocket communication patterns
+- Cryptographic operations
+- Common implementation patterns
+- Quick reference guides
+
+### Reference Files
+
+#### references/nips-overview.md
+Comprehensive documentation of all standard NIPs including:
+- Core protocol NIPs (NIP-01, NIP-02, etc.)
+- Social features (reactions, reposts, channels)
+- Identity and discovery (NIP-05, NIP-65)
+- Security and privacy (NIP-44, NIP-42)
+- Lightning integration (NIP-47, NIP-57)
+- Advanced features
+
+#### references/event-kinds.md
+Complete reference for all Nostr event kinds:
+- Core events (0-999)
+- Regular events (1000-9999)
+- Replaceable events (10000-19999)
+- Ephemeral events (20000-29999)
+- Parameterized replaceable events (30000-39999)
+- Event lifecycle behaviors
+- Common patterns and examples
+
+#### references/common-mistakes.md
+Detailed guide on implementation pitfalls:
+- Event creation and signing errors
+- WebSocket communication issues
+- Filter query problems
+- Threading mistakes
+- Relay management errors
+- Security vulnerabilities
+- UX considerations
+- Testing strategies
+
+## When to Use
+
+Use this skill when:
+- Implementing Nostr clients or relays
+- Working with Nostr events and messages
+- Handling cryptographic signatures and keys
+- Implementing any NIP
+- Building social features on Nostr
+- Debugging Nostr applications
+- Discussing Nostr protocol architecture
+
+## Key Features
+
+### Complete NIP Coverage
+All standard NIPs documented with:
+- Purpose and status
+- Implementation details
+- Code examples
+- Usage patterns
+- Interoperability notes
+
+### Cryptographic Operations
+Detailed guidance on:
+- Event signing with Schnorr signatures
+- Event ID calculation
+- Signature verification
+- Key management (BIP-39, NIP-06)
+- Encryption (NIP-04, NIP-44)
+
+### WebSocket Protocol
+Complete reference for:
+- Message types (EVENT, REQ, CLOSE, OK, EOSE, etc.)
+- Filter queries and optimization
+- Subscription management
+- Connection handling
+- Error handling
+
+### Event Lifecycle
+Understanding of:
+- Regular events (immutable)
+- Replaceable events (latest only)
+- Ephemeral events (real-time only)
+- Parameterized replaceable events (by identifier)
+
+### Best Practices
+Comprehensive guidance on:
+- Multi-relay architecture
+- NIP-65 relay lists
+- Event caching
+- Optimistic UI
+- Security considerations
+- Performance optimization
+
+## Quick Start Examples
+
+### Publishing a Note
+```javascript
+const event = {
+  pubkey: userPublicKey,
+  created_at: Math.floor(Date.now() / 1000),
+  kind: 1,
+  tags: [],
+  content: "Hello Nostr!"
+}
+event.id = calculateId(event)
+event.sig = signEvent(event, privateKey)
+ws.send(JSON.stringify(["EVENT", event]))
+```
+
+### Subscribing to Events
+```javascript
+const filter = {
+  kinds: [1],
+  authors: [followedPubkey],
+  limit: 50
+}
+ws.send(JSON.stringify(["REQ", "sub-id", filter]))
+```
+
+### Replying to a Note
+```javascript
+const reply = {
+  kind: 1,
+  tags: [
+    ["e", originalEventId, "", "root"],
+    ["p", originalAuthorPubkey]
+  ],
+  content: "Great post!"
+}
+```
+
+## Official Resources
+
+- **NIPs Repository**: https://github.com/nostr-protocol/nips
+- **Nostr Website**: https://nostr.com
+- **Nostr Documentation**: https://nostr.how
+- **NIP Status**: https://nostr-nips.com
+
+## Skill Maintenance
+
+This skill is based on the official Nostr NIPs repository. As new NIPs are proposed and implemented, this skill should be updated to reflect the latest standards and best practices.
+
+## License
+
+Based on public Nostr protocol specifications (MIT License).
+

.claude/skills/nostr/SKILL.md

@@ -0,0 +1,449 @@
+---
+name: nostr
+description: This skill should be used when working with the Nostr protocol, implementing Nostr clients or relays, handling Nostr events, or discussing Nostr Implementation Possibilities (NIPs). Provides comprehensive knowledge of Nostr's decentralized protocol, event structure, cryptographic operations, and all standard NIPs.
+---
+
+# Nostr Protocol Expert
+
+## Purpose
+
+This skill provides expert-level assistance with the Nostr protocol, a simple, open protocol for global, decentralized, and censorship-resistant social networks. The protocol is built on relays and cryptographic keys, enabling direct peer-to-peer communication without central servers.
+
+## When to Use
+
+Activate this skill when:
+- Implementing Nostr clients or relays
+- Working with Nostr events and messages
+- Handling cryptographic signatures and keys (schnorr signatures on secp256k1)
+- Implementing any Nostr Implementation Possibility (NIP)
+- Building social networking features on Nostr
+- Querying or filtering Nostr events
+- Discussing Nostr protocol architecture
+- Implementing WebSocket communication with relays
+
+## Core Concepts
+
+### The Protocol Foundation
+
+Nostr operates on two main components:
+1. **Clients** - Applications users run to read/write data
+2. **Relays** - Servers that store and forward messages
+
+Key principles:
+- Everyone runs a client
+- Anyone can run a relay
+- Users identified by public keys
+- Messages signed with private keys
+- No central authority or trusted servers
+
+### Events Structure
+
+All data in Nostr is represented as events. An event is a JSON object with this structure:
+
+```json
+{
+  "id": "<32-bytes lowercase hex-encoded sha256 of the serialized event data>",
+  "pubkey": "<32-bytes lowercase hex-encoded public key of the event creator>",
+  "created_at": "<unix timestamp in seconds>",
+  "kind": "<integer identifying event type>",
+  "tags": [
+    ["<tag name>", "<tag value>", "<optional third param>", "..."]
+  ],
+  "content": "<arbitrary string>",
+  "sig": "<64-bytes lowercase hex of the schnorr signature of the sha256 hash of the serialized event data>"
+}
+```
+
+### Event Kinds
+
+Standard event kinds (from various NIPs):
+- `0` - Metadata (user profile)
+- `1` - Text note (short post)
+- `2` - Recommend relay
+- `3` - Contacts (following list)
+- `4` - Encrypted direct messages
+- `5` - Event deletion
+- `6` - Repost
+- `7` - Reaction (like, emoji reaction)
+- `40` - Channel creation
+- `41` - Channel metadata
+- `42` - Channel message
+- `43` - Channel hide message
+- `44` - Channel mute user
+- `1000-9999` - Regular events
+- `10000-19999` - Replaceable events
+- `20000-29999` - Ephemeral events
+- `30000-39999` - Parameterized replaceable events
+
+### Tags
+
+Common tag types:
+- `["e", "<event-id>", "<relay-url>", "<marker>"]` - Reference to an event
+- `["p", "<pubkey>", "<relay-url>"]` - Reference to a user
+- `["a", "<kind>:<pubkey>:<d-tag>", "<relay-url>"]` - Reference to a replaceable event
+- `["d", "<identifier>"]` - Identifier for parameterized replaceable events
+- `["r", "<url>"]` - Reference/link to a web resource
+- `["t", "<hashtag>"]` - Hashtag
+- `["g", "<geohash>"]` - Geolocation
+- `["nonce", "<number>", "<difficulty>"]` - Proof of work
+- `["subject", "<subject>"]` - Subject/title
+- `["client", "<client-name>"]` - Client application used
+
+## Key NIPs Reference
+
+For detailed specifications, refer to **references/nips-overview.md**.
+
+### Core Protocol NIPs
+
+#### NIP-01: Basic Protocol Flow
+The foundation of Nostr. Defines:
+- Event structure and validation
+- Event ID calculation (SHA256 of serialized event)
+- Signature verification (schnorr signatures)
+- Client-relay communication via WebSocket
+- Message types: EVENT, REQ, CLOSE, EOSE, OK, NOTICE
+
+#### NIP-02: Contact List and Petnames
+Event kind `3` for following lists:
+- Each `p` tag represents a followed user
+- Optional relay URL and petname in tag
+- Replaceable event (latest overwrites)
+
+#### NIP-04: Encrypted Direct Messages
+Event kind `4` for private messages:
+- Content encrypted with shared secret (ECDH)
+- `p` tag for recipient pubkey
+- Deprecated in favor of NIP-44
+
+#### NIP-05: Mapping Nostr Keys to DNS
+Internet identifier format: `name@domain.com`
+- `.well-known/nostr.json` endpoint
+- Maps names to pubkeys
+- Optional relay list
+
+#### NIP-09: Event Deletion
+Event kind `5` to request deletion:
+- Contains `e` tags for events to delete
+- Relays should delete referenced events
+- Only works for own events
+
+#### NIP-10: Text Note References (Threads)
+Conventions for `e` and `p` tags in replies:
+- Root event reference
+- Reply event reference
+- Mentions
+- Marker types: "root", "reply", "mention"
+
+#### NIP-11: Relay Information Document
+HTTP endpoint for relay metadata:
+- GET request to relay URL
+- Returns JSON with relay information
+- Supported NIPs, software, limitations
+
+### Social Features NIPs
+
+#### NIP-25: Reactions
+Event kind `7` for reactions:
+- Content usually "+" (like) or emoji
+- `e` tag for reacted event
+- `p` tag for event author
+
+#### NIP-42: Authentication
+Client authentication to relays:
+- AUTH message from relay
+- Client responds with event kind `22242`
+- Proves key ownership
+
+#### NIP-50: Search
+Query filter extension for full-text search:
+- `search` field in REQ filters
+- Implementation-defined behavior
+
+### Advanced NIPs
+
+#### NIP-19: bech32-encoded Entities
+Human-readable identifiers:
+- `npub`: public key
+- `nsec`: private key (sensitive!)
+- `note`: note/event ID
+- `nprofile`: profile with relay hints
+- `nevent`: event with relay hints
+- `naddr`: replaceable event coordinate
+
+#### NIP-44: Encrypted Payloads
+Improved encryption for direct messages:
+- Versioned encryption scheme
+- Better security than NIP-04
+- ChaCha20-Poly1305 AEAD
+
+#### NIP-65: Relay List Metadata
+Event kind `10002` for relay lists:
+- Read/write relay preferences
+- Optimizes relay discovery
+- Replaceable event
+
+## Client-Relay Communication
+
+### WebSocket Messages
+
+#### From Client to Relay
+
+**EVENT** - Publish an event:
+```json
+["EVENT", <event JSON>]
+```
+
+**REQ** - Request events (subscription):
+```json
+["REQ", <subscription_id>, <filters JSON>, <filters JSON>, ...]
+```
+
+**CLOSE** - Stop a subscription:
+```json
+["CLOSE", <subscription_id>]
+```
+
+**AUTH** - Respond to auth challenge:
+```json
+["AUTH", <signed event kind 22242>]
+```
+
+#### From Relay to Client
+
+**EVENT** - Send event to client:
+```json
+["EVENT", <subscription_id>, <event JSON>]
+```
+
+**OK** - Acceptance/rejection notice:
+```json
+["OK", <event_id>, <true|false>, <message>]
+```
+
+**EOSE** - End of stored events:
+```json
+["EOSE", <subscription_id>]
+```
+
+**CLOSED** - Subscription closed:
+```json
+["CLOSED", <subscription_id>, <message>]
+```
+
+**NOTICE** - Human-readable message:
+```json
+["NOTICE", <message>]
+```
+
+**AUTH** - Authentication challenge:
+```json
+["AUTH", <challenge>]
+```
+
+### Filter Objects
+
+Filters select events in REQ messages:
+
+```json
+{
+  "ids": ["<event-id>", ...],
+  "authors": ["<pubkey>", ...],
+  "kinds": [<kind number>, ...],
+  "#e": ["<event-id>", ...],
+  "#p": ["<pubkey>", ...],
+  "#a": ["<coordinate>", ...],
+  "#t": ["<hashtag>", ...],
+  "since": <unix timestamp>,
+  "until": <unix timestamp>,
+  "limit": <max number of events>
+}
+```
+
+Filtering rules:
+- Arrays are ORed together
+- Different fields are ANDed
+- Tag filters: `#<single-letter>` matches tag values
+- Prefix matching allowed for `ids` and `authors`
+
+## Cryptographic Operations
+
+### Key Management
+
+- **Private Key**: 32-byte random value, keep secure
+- **Public Key**: Derived via secp256k1
+- **Encoding**: Hex (lowercase) or bech32
+
+### Event Signing (schnorr)
+
+Steps to create a signed event:
+1. Set all fields except `id` and `sig`
+2. Serialize event data to JSON (specific order)
+3. Calculate SHA256 hash → `id`
+4. Sign `id` with schnorr signature → `sig`
+
+Serialization format for ID calculation:
+```json
+[
+  0,
+  <pubkey>,
+  <created_at>,
+  <kind>,
+  <tags>,
+  <content>
+]
+```
+
+### Event Verification
+
+Steps to verify an event:
+1. Verify ID matches SHA256 of serialized data
+2. Verify signature is valid schnorr signature
+3. Check created_at is reasonable (not far future)
+4. Validate event structure and required fields
+
+## Implementation Best Practices
+
+### For Clients
+
+1. **Connect to Multiple Relays**: Don't rely on single relay
+2. **Cache Events**: Reduce redundant relay queries
+3. **Verify Signatures**: Always verify event signatures
+4. **Handle Replaceable Events**: Keep only latest version
+5. **Respect User Privacy**: Careful with sensitive data
+6. **Implement NIP-65**: Use user's preferred relays
+7. **Proper Error Handling**: Handle relay disconnections
+8. **Pagination**: Use `limit`, `since`, `until` for queries
+
+### For Relays
+
+1. **Validate Events**: Check signatures, IDs, structure
+2. **Rate Limiting**: Prevent spam and abuse
+3. **Storage Management**: Ephemeral events, retention policies
+4. **Implement NIP-11**: Provide relay information
+5. **WebSocket Optimization**: Handle many connections
+6. **Filter Optimization**: Efficient event querying
+7. **Consider NIP-42**: Authentication for write access
+8. **Performance**: Index by pubkey, kind, tags, timestamp
+
+### Security Considerations
+
+1. **Never Expose Private Keys**: Handle nsec carefully
+2. **Validate All Input**: Prevent injection attacks
+3. **Use NIP-44**: For encrypted messages (not NIP-04)
+4. **Check Event Timestamps**: Reject far-future events
+5. **Implement Proof of Work**: NIP-13 for spam prevention
+6. **Sanitize Content**: XSS prevention in displayed content
+7. **Relay Trust**: Don't trust single relay for critical data
+
+## Common Patterns
+
+### Publishing a Note
+
+```javascript
+const event = {
+  pubkey: userPublicKey,
+  created_at: Math.floor(Date.now() / 1000),
+  kind: 1,
+  tags: [],
+  content: "Hello Nostr!",
+}
+// Calculate ID and sign
+event.id = calculateId(event)
+event.sig = signEvent(event, privateKey)
+// Publish to relay
+ws.send(JSON.stringify(["EVENT", event]))
+```
+
+### Subscribing to Notes
+
+```javascript
+const filter = {
+  kinds: [1],
+  authors: [followedPubkey1, followedPubkey2],
+  limit: 50
+}
+ws.send(JSON.stringify(["REQ", "my-sub", filter]))
+```
+
+### Replying to a Note
+
+```javascript
+const reply = {
+  kind: 1,
+  tags: [
+    ["e", originalEventId, relayUrl, "root"],
+    ["p", originalAuthorPubkey]
+  ],
+  content: "Great post!",
+  // ... other fields
+}
+```
+
+### Reacting to a Note
+
+```javascript
+const reaction = {
+  kind: 7,
+  tags: [
+    ["e", eventId],
+    ["p", eventAuthorPubkey]
+  ],
+  content: "+", // or emoji
+  // ... other fields
+}
+```
+
+## Development Resources
+
+### Essential NIPs for Beginners
+
+Start with these NIPs in order:
+1. **NIP-01** - Basic protocol (MUST read)
+2. **NIP-19** - Bech32 identifiers
+3. **NIP-02** - Following lists
+4. **NIP-10** - Threaded conversations
+5. **NIP-25** - Reactions
+6. **NIP-65** - Relay lists
+
+### Testing and Development
+
+- **Relay Implementations**: nostream, strfry, relay.py
+- **Test Relays**: wss://relay.damus.io, wss://nos.lol
+- **Libraries**: nostr-tools (JS), rust-nostr (Rust), python-nostr (Python)
+- **Development Tools**: NostrDebug, Nostr Army Knife, nostril
+- **Reference Clients**: Damus (iOS), Amethyst (Android), Snort (Web)
+
+### Key Repositories
+
+- **NIPs Repository**: https://github.com/nostr-protocol/nips
+- **Awesome Nostr**: https://github.com/aljazceru/awesome-nostr
+- **Nostr Resources**: https://nostr.how
+
+## Reference Files
+
+For comprehensive NIP details, see:
+- **references/nips-overview.md** - Detailed descriptions of all standard NIPs
+- **references/event-kinds.md** - Complete event kinds reference
+- **references/common-mistakes.md** - Pitfalls and how to avoid them
+
+## Quick Checklist
+
+When implementing Nostr:
+- [ ] Events have all required fields (id, pubkey, created_at, kind, tags, content, sig)
+- [ ] Event IDs calculated correctly (SHA256 of serialization)
+- [ ] Signatures verified (schnorr on secp256k1)
+- [ ] WebSocket messages properly formatted
+- [ ] Filter queries optimized with appropriate limits
+- [ ] Handling replaceable events correctly
+- [ ] Connected to multiple relays for redundancy
+- [ ] Following relevant NIPs for features implemented
+- [ ] Private keys never exposed or transmitted
+- [ ] Event timestamps validated
+
+## Official Resources
+
+- **NIPs Repository**: https://github.com/nostr-protocol/nips
+- **Nostr Website**: https://nostr.com
+- **Nostr Documentation**: https://nostr.how
+- **NIP Status**: https://nostr-nips.com
+

.claude/skills/nostr/references/common-mistakes.md

@@ -0,0 +1,657 @@
+# Common Nostr Implementation Mistakes and How to Avoid Them
+
+This document highlights frequent errors made when implementing Nostr clients and relays, along with solutions.
+
+## Event Creation and Signing
+
+### Mistake 1: Incorrect Event ID Calculation
+
+**Problem**: Wrong serialization order or missing fields when calculating SHA256.
+
+**Correct Serialization**:
+```json
+[
+  0,                    // Must be integer 0
+  <pubkey>,            // Lowercase hex string
+  <created_at>,        // Unix timestamp integer
+  <kind>,              // Integer
+  <tags>,              // Array of arrays
+  <content>            // String
+]
+```
+
+**Common errors**:
+- Using string "0" instead of integer 0
+- Including `id` or `sig` fields in serialization
+- Wrong field order
+- Not using compact JSON (no spaces)
+- Using uppercase hex
+
+**Fix**: Serialize exactly as shown, compact JSON, SHA256 the UTF-8 bytes.
+
+### Mistake 2: Wrong Signature Algorithm
+
+**Problem**: Using ECDSA instead of Schnorr signatures.
+
+**Correct**: 
+- Use Schnorr signatures (BIP-340)
+- Curve: secp256k1
+- Sign the 32-byte event ID
+
+**Libraries**:
+- JavaScript: noble-secp256k1
+- Rust: secp256k1
+- Go: btcsuite/btcd/btcec/v2/schnorr
+- Python: secp256k1-py
+
+### Mistake 3: Invalid created_at Timestamps
+
+**Problem**: Events with far-future timestamps or very old timestamps.
+
+**Best practices**:
+- Use current Unix time: `Math.floor(Date.now() / 1000)`
+- Relays often reject if `created_at > now + 15 minutes`
+- Don't backdate events to manipulate ordering
+
+**Fix**: Always use current time when creating events.
+
+### Mistake 4: Malformed Tags
+
+**Problem**: Tags that aren't arrays or have wrong structure.
+
+**Correct format**:
+```json
+{
+  "tags": [
+    ["e", "event-id", "relay-url", "marker"],
+    ["p", "pubkey", "relay-url"],
+    ["t", "hashtag"]
+  ]
+}
+```
+
+**Common errors**:
+- Using objects instead of arrays: `{"e": "..."}` ❌
+- Missing inner arrays: `["e", "event-id"]` when nested in tags is wrong
+- Wrong nesting depth
+- Non-string values (except for specific NIPs)
+
+### Mistake 5: Not Handling Replaceable Events
+
+**Problem**: Showing multiple versions of replaceable events.
+
+**Event types**:
+- **Replaceable (10000-19999)**: Same author + kind → replace
+- **Parameterized Replaceable (30000-39999)**: Same author + kind + d-tag → replace
+
+**Fix**: 
+```javascript
+// For replaceable events
+const key = `${event.pubkey}:${event.kind}`
+if (latestEvents[key]?.created_at < event.created_at) {
+  latestEvents[key] = event
+}
+
+// For parameterized replaceable events
+const dTag = event.tags.find(t => t[0] === 'd')?.[1] || ''
+const key = `${event.pubkey}:${event.kind}:${dTag}`
+if (latestEvents[key]?.created_at < event.created_at) {
+  latestEvents[key] = event
+}
+```
+
+## WebSocket Communication
+
+### Mistake 6: Not Handling EOSE
+
+**Problem**: Loading indicators never finish or show wrong state.
+
+**Solution**:
+```javascript
+const receivedEvents = new Set()
+let eoseReceived = false
+
+ws.onmessage = (msg) => {
+  const [type, ...rest] = JSON.parse(msg.data)
+  
+  if (type === 'EVENT') {
+    const [subId, event] = rest
+    receivedEvents.add(event.id)
+    displayEvent(event)
+  }
+  
+  if (type === 'EOSE') {
+    eoseReceived = true
+    hideLoadingSpinner()
+  }
+}
+```
+
+### Mistake 7: Not Closing Subscriptions
+
+**Problem**: Memory leaks and wasted bandwidth from unclosed subscriptions.
+
+**Fix**: Always send CLOSE when done:
+```javascript
+ws.send(JSON.stringify(['CLOSE', subId]))
+```
+
+**Best practices**:
+- Close when component unmounts
+- Close before opening new subscription with same ID
+- Use unique subscription IDs
+- Track active subscriptions
+
+### Mistake 8: Ignoring OK Messages
+
+**Problem**: Not knowing if events were accepted or rejected.
+
+**Solution**:
+```javascript
+ws.onmessage = (msg) => {
+  const [type, eventId, accepted, message] = JSON.parse(msg.data)
+  
+  if (type === 'OK') {
+    if (!accepted) {
+      console.error(`Event ${eventId} rejected: ${message}`)
+      handleRejection(eventId, message)
+    }
+  }
+}
+```
+
+**Common rejection reasons**:
+- `pow:` - Insufficient proof of work
+- `blocked:` - Pubkey or content blocked
+- `rate-limited:` - Too many requests
+- `invalid:` - Failed validation
+
+### Mistake 9: Sending Events Before WebSocket Ready
+
+**Problem**: Events lost because WebSocket not connected.
+
+**Fix**:
+```javascript
+const sendWhenReady = (ws, message) => {
+  if (ws.readyState === WebSocket.OPEN) {
+    ws.send(message)
+  } else {
+    ws.addEventListener('open', () => ws.send(message), { once: true })
+  }
+}
+```
+
+### Mistake 10: Not Handling WebSocket Disconnections
+
+**Problem**: App breaks when relay goes offline.
+
+**Solution**: Implement reconnection with exponential backoff:
+```javascript
+let reconnectDelay = 1000
+const maxDelay = 30000
+
+const connect = () => {
+  const ws = new WebSocket(relayUrl)
+  
+  ws.onclose = () => {
+    setTimeout(() => {
+      reconnectDelay = Math.min(reconnectDelay * 2, maxDelay)
+      connect()
+    }, reconnectDelay)
+  }
+  
+  ws.onopen = () => {
+    reconnectDelay = 1000 // Reset on successful connection
+    resubscribe() // Re-establish subscriptions
+  }
+}
+```
+
+## Filter Queries
+
+### Mistake 11: Overly Broad Filters
+
+**Problem**: Requesting too many events, overwhelming relay and client.
+
+**Bad**:
+```json
+{
+  "kinds": [1],
+  "limit": 10000
+}
+```
+
+**Good**:
+```json
+{
+  "kinds": [1],
+  "authors": ["<followed-users>"],
+  "limit": 50,
+  "since": 1234567890
+}
+```
+
+**Best practices**:
+- Always set reasonable `limit` (50-500)
+- Filter by `authors` when possible
+- Use `since`/`until` for time ranges
+- Be specific with `kinds`
+- Multiple smaller queries > one huge query
+
+### Mistake 12: Not Using Prefix Matching
+
+**Problem**: Full hex strings in filters unnecessarily.
+
+**Optimization**:
+```json
+{
+  "ids": ["abc12345"],  // 8 chars enough for uniqueness
+  "authors": ["def67890"]
+}
+```
+
+Relays support prefix matching for `ids` and `authors`.
+
+### Mistake 13: Duplicate Filter Fields
+
+**Problem**: Redundant filter conditions.
+
+**Bad**:
+```json
+{
+  "authors": ["pubkey1", "pubkey1"],
+  "kinds": [1, 1]
+}
+```
+
+**Good**:
+```json
+{
+  "authors": ["pubkey1"],
+  "kinds": [1]
+}
+```
+
+Deduplicate filter arrays.
+
+## Threading and References
+
+### Mistake 14: Incorrect Thread Structure
+
+**Problem**: Missing root/reply markers or wrong tag order.
+
+**Correct reply structure** (NIP-10):
+```json
+{
+  "kind": 1,
+  "tags": [
+    ["e", "<root-event-id>", "<relay>", "root"],
+    ["e", "<parent-event-id>", "<relay>", "reply"],
+    ["p", "<author1-pubkey>"],
+    ["p", "<author2-pubkey>"]
+  ]
+}
+```
+
+**Key points**:
+- Root event should have "root" marker
+- Direct parent should have "reply" marker
+- Include `p` tags for all mentioned users
+- Relay hints are optional but helpful
+
+### Mistake 15: Missing p Tags in Replies
+
+**Problem**: Authors not notified of replies.
+
+**Fix**: Always add `p` tag for:
+- Original author
+- Authors mentioned in content
+- Authors in the thread chain
+
+```json
+{
+  "tags": [
+    ["e", "event-id", "", "reply"],
+    ["p", "original-author"],
+    ["p", "mentioned-user1"],
+    ["p", "mentioned-user2"]
+  ]
+}
+```
+
+### Mistake 16: Not Using Markers
+
+**Problem**: Ambiguous thread structure.
+
+**Solution**: Always use markers in `e` tags:
+- `root` - Root of thread
+- `reply` - Direct parent
+- `mention` - Referenced but not replied to
+
+Without markers, clients must guess thread structure.
+
+## Relay Management
+
+### Mistake 17: Relying on Single Relay
+
+**Problem**: Single point of failure, censorship vulnerability.
+
+**Solution**: Connect to multiple relays (5-15 common):
+```javascript
+const relays = [
+  'wss://relay1.com',
+  'wss://relay2.com',
+  'wss://relay3.com'
+]
+
+const connections = relays.map(url => connect(url))
+```
+
+**Best practices**:
+- Publish to 3-5 write relays
+- Read from 5-10 read relays
+- Use NIP-65 for user's preferred relays
+- Fall back to NIP-05 relays
+- Implement relay rotation on failure
+
+### Mistake 18: Not Implementing NIP-65
+
+**Problem**: Querying wrong relays, missing user's events.
+
+**Correct flow**:
+1. Fetch user's kind `10002` event (relay list)
+2. Connect to their read relays to fetch their content
+3. Connect to their write relays to send them messages
+
+```javascript
+async function getUserRelays(pubkey) {
+  // Fetch kind 10002
+  const relayList = await fetchEvent({
+    kinds: [10002],
+    authors: [pubkey]
+  })
+  
+  const readRelays = []
+  const writeRelays = []
+  
+  relayList.tags.forEach(([tag, url, mode]) => {
+    if (tag === 'r') {
+      if (!mode || mode === 'read') readRelays.push(url)
+      if (!mode || mode === 'write') writeRelays.push(url)
+    }
+  })
+  
+  return { readRelays, writeRelays }
+}
+```
+
+### Mistake 19: Not Respecting Relay Limitations
+
+**Problem**: Violating relay policies, getting rate limited or banned.
+
+**Solution**: Fetch and respect NIP-11 relay info:
+```javascript
+const getRelayInfo = async (relayUrl) => {
+  const url = relayUrl.replace('wss://', 'https://').replace('ws://', 'http://')
+  const response = await fetch(url, {
+    headers: { 'Accept': 'application/nostr+json' }
+  })
+  return response.json()
+}
+
+// Respect limitations
+const info = await getRelayInfo(relayUrl)
+const maxLimit = info.limitation?.max_limit || 500
+const maxFilters = info.limitation?.max_filters || 10
+```
+
+## Security
+
+### Mistake 20: Exposing Private Keys
+
+**Problem**: Including nsec in client code, logs, or network requests.
+
+**Never**:
+- Store nsec in localStorage without encryption
+- Log private keys
+- Send nsec over network
+- Display nsec to user unless explicitly requested
+- Hard-code private keys
+
+**Best practices**:
+- Use NIP-07 (browser extension) when possible
+- Encrypt keys at rest
+- Use NIP-46 (remote signing) for web apps
+- Warn users when showing nsec
+
+### Mistake 21: Not Verifying Signatures
+
+**Problem**: Accepting invalid events, vulnerability to attacks.
+
+**Always verify**:
+```javascript
+const verifyEvent = (event) => {
+  // 1. Verify ID
+  const calculatedId = sha256(serializeEvent(event))
+  if (calculatedId !== event.id) return false
+  
+  // 2. Verify signature
+  const signatureValid = schnorr.verify(
+    event.sig,
+    event.id,
+    event.pubkey
+  )
+  if (!signatureValid) return false
+  
+  // 3. Check timestamp
+  const now = Math.floor(Date.now() / 1000)
+  if (event.created_at > now + 900) return false // 15 min future
+  
+  return true
+}
+```
+
+**Verify before**:
+- Displaying to user
+- Storing in database
+- Using event data for logic
+
+### Mistake 22: Using NIP-04 Encryption
+
+**Problem**: Weak encryption, vulnerable to attacks.
+
+**Solution**: Use NIP-44 instead:
+- Modern authenticated encryption
+- ChaCha20-Poly1305 AEAD
+- Proper key derivation
+- Version byte for upgradability
+
+**Migration**: Update to NIP-44 for all new encrypted messages.
+
+### Mistake 23: Not Sanitizing Content
+
+**Problem**: XSS vulnerabilities in displayed content.
+
+**Solution**: Sanitize before rendering:
+```javascript
+import DOMPurify from 'dompurify'
+
+const safeContent = DOMPurify.sanitize(event.content, {
+  ALLOWED_TAGS: ['b', 'i', 'u', 'a', 'code', 'pre'],
+  ALLOWED_ATTR: ['href', 'target', 'rel']
+})
+```
+
+**Especially critical for**:
+- Markdown rendering
+- Link parsing
+- Image URLs
+- User-provided HTML
+
+## User Experience
+
+### Mistake 24: Not Caching Events
+
+**Problem**: Re-fetching same events repeatedly, poor performance.
+
+**Solution**: Implement event cache:
+```javascript
+const eventCache = new Map()
+
+const cacheEvent = (event) => {
+  eventCache.set(event.id, event)
+}
+
+const getCachedEvent = (eventId) => {
+  return eventCache.get(eventId)
+}
+```
+
+**Cache strategies**:
+- LRU eviction for memory management
+- IndexedDB for persistence
+- Invalidate replaceable events on update
+- Cache metadata (kind 0) aggressively
+
+### Mistake 25: Not Implementing Optimistic UI
+
+**Problem**: Slow feeling app, waiting for relay confirmation.
+
+**Solution**: Show user's events immediately:
+```javascript
+const publishEvent = async (event) => {
+  // Immediately show to user
+  displayEvent(event, { pending: true })
+  
+  // Publish to relays
+  const results = await Promise.all(
+    relays.map(relay => relay.publish(event))
+  )
+  
+  // Update status based on results
+  const success = results.some(r => r.accepted)
+  displayEvent(event, { pending: false, success })
+}
+```
+
+### Mistake 26: Poor Loading States
+
+**Problem**: User doesn't know if app is working.
+
+**Solution**: Clear loading indicators:
+- Show spinner until EOSE
+- Display "Loading..." placeholder
+- Show how many relays responded
+- Indicate connection status per relay
+
+### Mistake 27: Not Handling Large Threads
+
+**Problem**: Loading entire thread at once, performance issues.
+
+**Solution**: Implement pagination:
+```javascript
+const loadThread = async (eventId, cursor = null) => {
+  const filter = {
+    "#e": [eventId],
+    kinds: [1],
+    limit: 20,
+    until: cursor
+  }
+  
+  const replies = await fetchEvents(filter)
+  return { replies, nextCursor: replies[replies.length - 1]?.created_at }
+}
+```
+
+## Testing
+
+### Mistake 28: Not Testing with Multiple Relays
+
+**Problem**: App works with one relay but fails with others.
+
+**Solution**: Test with:
+- Fast relays
+- Slow relays
+- Unreliable relays
+- Paid relays (auth required)
+- Relays with different NIP support
+
+### Mistake 29: Not Testing Edge Cases
+
+**Critical tests**:
+- Empty filter results
+- WebSocket disconnections
+- Malformed events
+- Very long content
+- Invalid signatures
+- Relay errors
+- Rate limiting
+- Concurrent operations
+
+### Mistake 30: Not Monitoring Performance
+
+**Metrics to track**:
+- Event verification time
+- WebSocket latency per relay
+- Events per second processed
+- Memory usage (event cache)
+- Subscription count
+- Failed publishes
+
+## Best Practices Checklist
+
+**Event Creation**:
+- [ ] Correct serialization for ID
+- [ ] Schnorr signatures
+- [ ] Current timestamp
+- [ ] Valid tag structure
+- [ ] Handle replaceable events
+
+**WebSocket**:
+- [ ] Handle EOSE
+- [ ] Close subscriptions
+- [ ] Process OK messages
+- [ ] Check WebSocket state
+- [ ] Reconnection logic
+
+**Filters**:
+- [ ] Set reasonable limits
+- [ ] Specific queries
+- [ ] Deduplicate arrays
+- [ ] Use prefix matching
+
+**Threading**:
+- [ ] Use root/reply markers
+- [ ] Include all p tags
+- [ ] Proper thread structure
+
+**Relays**:
+- [ ] Multiple relays
+- [ ] Implement NIP-65
+- [ ] Respect limitations
+- [ ] Handle failures
+
+**Security**:
+- [ ] Never expose nsec
+- [ ] Verify all signatures
+- [ ] Use NIP-44 encryption
+- [ ] Sanitize content
+
+**UX**:
+- [ ] Cache events
+- [ ] Optimistic UI
+- [ ] Loading states
+- [ ] Pagination
+
+**Testing**:
+- [ ] Multiple relays
+- [ ] Edge cases
+- [ ] Monitor performance
+
+## Resources
+
+- **nostr-tools**: JavaScript library with best practices
+- **rust-nostr**: Rust implementation with strong typing
+- **NIPs Repository**: Official specifications
+- **Nostr Dev**: Community resources and help
+

.claude/skills/nostr/references/event-kinds.md

@@ -0,0 +1,361 @@
+# Nostr Event Kinds - Complete Reference
+
+This document provides a comprehensive list of all standard and commonly-used Nostr event kinds.
+
+## Standard Event Kinds
+
+### Core Events (0-999)
+
+#### Metadata and Profile
+- **0**: `Metadata` - User profile information (name, about, picture, etc.)
+  - Replaceable
+  - Content: JSON with profile fields
+
+#### Text Content
+- **1**: `Text Note` - Short-form post (like a tweet)
+  - Regular event (not replaceable)
+  - Most common event type
+
+#### Relay Recommendations
+- **2**: `Recommend Relay` - Deprecated, use NIP-65 instead
+
+#### Contact Lists
+- **3**: `Contacts` - Following list with optional relay hints
+  - Replaceable
+  - Tags: `p` tags for each followed user
+
+#### Encrypted Messages
+- **4**: `Encrypted Direct Message` - Private message (NIP-04, deprecated)
+  - Regular event
+  - Use NIP-44 instead for better security
+
+#### Content Management
+- **5**: `Event Deletion` - Request to delete events
+  - Tags: `e` tags for events to delete
+  - Only works for own events
+
+#### Sharing
+- **6**: `Repost` - Share another event
+  - Tags: `e` for reposted event, `p` for original author
+  - May include original event in content
+
+#### Reactions
+- **7**: `Reaction` - Like, emoji reaction to event
+  - Content: "+" or emoji
+  - Tags: `e` for reacted event, `p` for author
+
+### Channel Events (40-49)
+
+- **40**: `Channel Creation` - Create a public chat channel
+- **41**: `Channel Metadata` - Set channel name, about, picture
+- **42**: `Channel Message` - Post message in channel
+- **43**: `Channel Hide Message` - Hide a message in channel
+- **44**: `Channel Mute User` - Mute a user in channel
+
+### Regular Events (1000-9999)
+
+Regular events are never deleted or replaced. All versions are kept.
+
+- **1000**: `Example regular event`
+- **1063**: `File Metadata` (NIP-94) - Metadata for shared files
+  - Tags: url, MIME type, hash, size, dimensions
+
+### Replaceable Events (10000-19999)
+
+Only the latest event of each kind is kept per pubkey.
+
+- **10000**: `Mute List` - List of muted users/content
+- **10001**: `Pin List` - Pinned events
+- **10002**: `Relay List Metadata` (NIP-65) - User's preferred relays
+  - Critical for routing
+  - Tags: `r` with relay URLs and read/write markers
+
+### Ephemeral Events (20000-29999)
+
+Not stored by relays, only forwarded once.
+
+- **20000**: `Example ephemeral event`
+- **21000**: `Typing Indicator` - User is typing
+- **22242**: `Client Authentication` (NIP-42) - Auth response to relay
+
+### Parameterized Replaceable Events (30000-39999)
+
+Replaced based on `d` tag value.
+
+#### Lists (30000-30009)
+- **30000**: `Categorized People List` - Custom people lists
+  - `d` tag: list identifier
+  - `p` tags: people in list
+
+- **30001**: `Categorized Bookmark List` - Bookmark collections
+  - `d` tag: list identifier
+  - `e` or `a` tags: bookmarked items
+
+- **30008**: `Badge Definition` (NIP-58) - Define a badge/achievement
+  - `d` tag: badge ID
+  - Tags: name, description, image
+
+- **30009**: `Profile Badges` (NIP-58) - Badges displayed on profile
+  - `d` tag: badge ID
+  - `e` or `a` tags: badge awards
+
+#### Long-form Content (30023)
+- **30023**: `Long-form Article` (NIP-23) - Blog post, article
+  - `d` tag: article identifier (slug)
+  - Tags: title, summary, published_at, image
+  - Content: Markdown
+
+#### Application Data (30078)
+- **30078**: `Application-specific Data` (NIP-78)
+  - `d` tag: app-name:data-key
+  - Content: app-specific data (may be encrypted)
+
+#### Other Parameterized Replaceables
+- **31989**: `Application Handler Information` (NIP-89)
+  - Declares app can handle certain event kinds
+
+- **31990**: `Handler Recommendation` (NIP-89)
+  - User's preferred apps for event kinds
+
+## Special Event Kinds
+
+### Authentication & Signing
+- **22242**: `Client Authentication` - Prove key ownership to relay
+- **24133**: `Nostr Connect` - Remote signer protocol (NIP-46)
+
+### Lightning & Payments
+- **9734**: `Zap Request` (NIP-57) - Request Lightning payment
+  - Not published to regular relays
+  - Sent to LNURL provider
+
+- **9735**: `Zap Receipt` (NIP-57) - Proof of Lightning payment
+  - Published by LNURL provider
+  - Proves zap was paid
+
+- **23194**: `Wallet Request` (NIP-47) - Request wallet operation
+- **23195**: `Wallet Response` (NIP-47) - Response to wallet request
+
+### Content & Annotations
+- **1984**: `Reporting` (NIP-56) - Report content/users
+  - Tags: reason (spam, illegal, etc.)
+
+- **9802**: `Highlights` (NIP-84) - Highlight text
+  - Content: highlighted text
+  - Tags: context, source event
+
+### Badges & Reputation
+- **8**: `Badge Award` (NIP-58) - Award a badge to someone
+  - Tags: `a` for badge definition, `p` for recipient
+
+### Generic Events
+- **16**: `Generic Repost` (NIP-18) - Repost any event kind
+  - More flexible than kind 6
+
+- **27235**: `HTTP Auth` (NIP-98) - Authenticate HTTP requests
+  - Tags: URL, method
+
+## Event Kind Ranges Summary
+
+| Range | Type | Behavior | Examples |
+|-------|------|----------|----------|
+| 0-999 | Core | Varies | Metadata, notes, reactions |
+| 1000-9999 | Regular | Immutable, all kept | File metadata |
+| 10000-19999 | Replaceable | Only latest kept | Mute list, relay list |
+| 20000-29999 | Ephemeral | Not stored | Typing, presence |
+| 30000-39999 | Parameterized Replaceable | Replaced by `d` tag | Articles, lists, badges |
+
+## Event Lifecycle
+
+### Regular Events (1000-9999)
+```
+Event A published → Stored
+Event A' published → Both A and A' stored
+```
+
+### Replaceable Events (10000-19999)
+```
+Event A published → Stored
+Event A' published (same kind, same pubkey) → A deleted, A' stored
+```
+
+### Parameterized Replaceable Events (30000-39999)
+```
+Event A (d="foo") published → Stored
+Event B (d="bar") published → Both stored (different d)
+Event A' (d="foo") published → A deleted, A' stored (same d)
+```
+
+### Ephemeral Events (20000-29999)
+```
+Event A published → Forwarded to subscribers, NOT stored
+```
+
+## Common Patterns
+
+### Metadata (Kind 0)
+```json
+{
+  "kind": 0,
+  "content": "{\"name\":\"Alice\",\"about\":\"Nostr user\",\"picture\":\"https://...\",\"nip05\":\"alice@example.com\"}",
+  "tags": []
+}
+```
+
+### Text Note (Kind 1)
+```json
+{
+  "kind": 1,
+  "content": "Hello Nostr!",
+  "tags": [
+    ["t", "nostr"],
+    ["t", "hello"]
+  ]
+}
+```
+
+### Reply (Kind 1 with thread tags)
+```json
+{
+  "kind": 1,
+  "content": "Great post!",
+  "tags": [
+    ["e", "<root-event-id>", "<relay>", "root"],
+    ["e", "<parent-event-id>", "<relay>", "reply"],
+    ["p", "<author-pubkey>"]
+  ]
+}
+```
+
+### Reaction (Kind 7)
+```json
+{
+  "kind": 7,
+  "content": "+",
+  "tags": [
+    ["e", "<reacted-event-id>"],
+    ["p", "<event-author-pubkey>"],
+    ["k", "1"]
+  ]
+}
+```
+
+### Long-form Article (Kind 30023)
+```json
+{
+  "kind": 30023,
+  "content": "# My Article\n\nContent here...",
+  "tags": [
+    ["d", "my-article-slug"],
+    ["title", "My Article"],
+    ["summary", "This is about..."],
+    ["published_at", "1234567890"],
+    ["t", "nostr"],
+    ["image", "https://..."]
+  ]
+}
+```
+
+### Relay List (Kind 10002)
+```json
+{
+  "kind": 10002,
+  "content": "",
+  "tags": [
+    ["r", "wss://relay1.com"],
+    ["r", "wss://relay2.com", "write"],
+    ["r", "wss://relay3.com", "read"]
+  ]
+}
+```
+
+### Zap Request (Kind 9734)
+```json
+{
+  "kind": 9734,
+  "content": "",
+  "tags": [
+    ["relays", "wss://relay1.com", "wss://relay2.com"],
+    ["amount", "21000"],
+    ["lnurl", "lnurl..."],
+    ["p", "<recipient-pubkey>"],
+    ["e", "<event-id>"]
+  ]
+}
+```
+
+### File Metadata (Kind 1063)
+```json
+{
+  "kind": 1063,
+  "content": "My photo from the trip",
+  "tags": [
+    ["url", "https://cdn.example.com/image.jpg"],
+    ["m", "image/jpeg"],
+    ["x", "abc123..."],
+    ["size", "524288"],
+    ["dim", "1920x1080"],
+    ["blurhash", "LEHV6n..."]
+  ]
+}
+```
+
+### Report (Kind 1984)
+```json
+{
+  "kind": 1984,
+  "content": "This is spam",
+  "tags": [
+    ["e", "<reported-event-id>", "<relay>"],
+    ["p", "<reported-pubkey>"],
+    ["report", "spam"]
+  ]
+}
+```
+
+## Future Event Kinds
+
+The event kind space is open-ended. New NIPs may define new event kinds.
+
+**Guidelines for new event kinds**:
+1. Use appropriate range for desired behavior
+2. Document in a NIP
+3. Implement in at least 2 clients and 1 relay
+4. Ensure backwards compatibility
+5. Don't overlap with existing kinds
+
+**Custom event kinds**:
+- Applications can use undefined event kinds
+- Document behavior for interoperability
+- Consider proposing as a NIP if useful broadly
+
+## Event Kind Selection Guide
+
+**Choose based on lifecycle needs**:
+
+- **Regular (1000-9999)**: When you need history
+  - User posts, comments, reactions
+  - Payment records, receipts
+  - Immutable records
+
+- **Replaceable (10000-19999)**: When you need latest state
+  - User settings, preferences
+  - Mute/block lists
+  - Current status
+
+- **Ephemeral (20000-29999)**: When you need real-time only
+  - Typing indicators
+  - Online presence
+  - Temporary notifications
+
+- **Parameterized Replaceable (30000-39999)**: When you need multiple latest states
+  - Articles (one per slug)
+  - Product listings (one per product ID)
+  - Configuration sets (one per setting name)
+
+## References
+
+- NIPs Repository: https://github.com/nostr-protocol/nips
+- NIP-16: Event Treatment
+- NIP-01: Event structure
+- Various feature NIPs for specific kinds
+

.claude/skills/react/README.md

@@ -0,0 +1,119 @@
+# React 19 Skill
+
+A comprehensive Claude skill for working with React 19, including hooks, components, server components, and modern React architecture.
+
+## Contents
+
+### Main Skill File
+- **SKILL.md** - Main skill document with React 19 fundamentals, hooks, components, and best practices
+
+### References
+- **hooks-quick-reference.md** - Quick reference for all React hooks with examples
+- **server-components.md** - Complete guide to React Server Components and Server Functions
+- **performance.md** - Performance optimization strategies and techniques
+
+### Examples
+- **practical-patterns.tsx** - Real-world React patterns and solutions
+
+## What This Skill Covers
+
+### Core Topics
+- React 19 features and improvements
+- All built-in hooks (useState, useEffect, useTransition, useOptimistic, etc.)
+- Component patterns and composition
+- Server Components and Server Functions
+- React Compiler and automatic optimization
+- Performance optimization techniques
+- Form handling and validation
+- Error boundaries and error handling
+- Context and global state management
+- Code splitting and lazy loading
+
+### Best Practices
+- Component design principles
+- State management strategies
+- Performance optimization
+- Error handling patterns
+- TypeScript integration
+- Testing considerations
+- Accessibility guidelines
+
+## When to Use This Skill
+
+Use this skill when:
+- Building React 19 applications
+- Working with React hooks
+- Implementing server components
+- Optimizing React performance
+- Troubleshooting React-specific issues
+- Understanding concurrent features
+- Working with forms and user input
+- Implementing complex UI patterns
+
+## Quick Start Examples
+
+### Basic Component
+```typescript
+interface ButtonProps {
+  label: string
+  onClick: () => void
+}
+
+const Button = ({ label, onClick }: ButtonProps) => {
+  return <button onClick={onClick}>{label}</button>
+}
+```
+
+### Using Hooks
+```typescript
+const Counter = () => {
+  const [count, setCount] = useState(0)
+  
+  useEffect(() => {
+    console.log(`Count is: ${count}`)
+  }, [count])
+  
+  return (
+    <button onClick={() => setCount(c => c + 1)}>
+      Count: {count}
+    </button>
+  )
+}
+```
+
+### Server Component
+```typescript
+const Page = async () => {
+  const data = await fetchData()
+  return <div>{data}</div>
+}
+```
+
+### Server Function
+```typescript
+'use server'
+
+export async function createUser(formData: FormData) {
+  const name = formData.get('name')
+  return await db.user.create({ data: { name } })
+}
+```
+
+## Related Skills
+
+- **typescript** - TypeScript patterns for React
+- **ndk** - Nostr integration with React
+- **skill-creator** - Creating reusable component libraries
+
+## Resources
+
+- [React Documentation](https://react.dev)
+- [React API Reference](https://react.dev/reference/react)
+- [React Hooks Reference](https://react.dev/reference/react/hooks)
+- [React Server Components](https://react.dev/reference/rsc)
+- [React Compiler](https://react.dev/reference/react-compiler)
+
+## Version
+
+This skill is based on React 19.2 and includes the latest features and APIs.
+

.claude/skills/react/examples/practical-patterns.tsx

@@ -0,0 +1,878 @@
+# React Practical Examples
+
+This file contains real-world examples of React patterns and solutions.
+
+## Example 1: Custom Hook for Data Fetching
+
+```typescript
+import { useState, useEffect } from 'react'
+
+interface FetchState<T> {
+  data: T | null
+  loading: boolean
+  error: Error | null
+}
+
+const useFetch = <T,>(url: string) => {
+  const [state, setState] = useState<FetchState<T>>({
+    data: null,
+    loading: true,
+    error: null
+  })
+  
+  useEffect(() => {
+    let cancelled = false
+    const controller = new AbortController()
+    
+    const fetchData = async () => {
+      try {
+        setState(prev => ({ ...prev, loading: true, error: null }))
+        
+        const response = await fetch(url, { 
+          signal: controller.signal 
+        })
+        
+        if (!response.ok) {
+          throw new Error(`HTTP error! status: ${response.status}`)
+        }
+        
+        const data = await response.json()
+        
+        if (!cancelled) {
+          setState({ data, loading: false, error: null })
+        }
+      } catch (error) {
+        if (!cancelled && error.name !== 'AbortError') {
+          setState({ 
+            data: null, 
+            loading: false, 
+            error: error as Error 
+          })
+        }
+      }
+    }
+    
+    fetchData()
+    
+    return () => {
+      cancelled = true
+      controller.abort()
+    }
+  }, [url])
+  
+  return state
+}
+
+// Usage
+const UserProfile = ({ userId }: { userId: string }) => {
+  const { data, loading, error } = useFetch<User>(`/api/users/${userId}`)
+  
+  if (loading) return <Spinner />
+  if (error) return <ErrorMessage error={error} />
+  if (!data) return null
+  
+  return <UserCard user={data} />
+}
+```
+
+## Example 2: Form with Validation
+
+```typescript
+import { useState, useCallback } from 'react'
+import { z } from 'zod'
+
+const userSchema = z.object({
+  name: z.string().min(2, 'Name must be at least 2 characters'),
+  email: z.string().email('Invalid email address'),
+  age: z.number().min(18, 'Must be 18 or older')
+})
+
+type UserForm = z.infer<typeof userSchema>
+type FormErrors = Partial<Record<keyof UserForm, string>>
+
+const UserForm = () => {
+  const [formData, setFormData] = useState<UserForm>({
+    name: '',
+    email: '',
+    age: 0
+  })
+  const [errors, setErrors] = useState<FormErrors>({})
+  const [isSubmitting, setIsSubmitting] = useState(false)
+  
+  const handleChange = useCallback((
+    field: keyof UserForm,
+    value: string | number
+  ) => {
+    setFormData(prev => ({ ...prev, [field]: value }))
+    // Clear error when user starts typing
+    setErrors(prev => ({ ...prev, [field]: undefined }))
+  }, [])
+  
+  const handleSubmit = async (e: React.FormEvent) => {
+    e.preventDefault()
+    
+    // Validate
+    const result = userSchema.safeParse(formData)
+    if (!result.success) {
+      const fieldErrors: FormErrors = {}
+      result.error.errors.forEach(err => {
+        const field = err.path[0] as keyof UserForm
+        fieldErrors[field] = err.message
+      })
+      setErrors(fieldErrors)
+      return
+    }
+    
+    // Submit
+    setIsSubmitting(true)
+    try {
+      await submitUser(result.data)
+      // Success handling
+    } catch (error) {
+      console.error(error)
+    } finally {
+      setIsSubmitting(false)
+    }
+  }
+  
+  return (
+    <form onSubmit={handleSubmit}>
+      <div>
+        <label htmlFor="name">Name</label>
+        <input
+          id="name"
+          value={formData.name}
+          onChange={e => handleChange('name', e.target.value)}
+        />
+        {errors.name && <span className="error">{errors.name}</span>}
+      </div>
+      
+      <div>
+        <label htmlFor="email">Email</label>
+        <input
+          id="email"
+          type="email"
+          value={formData.email}
+          onChange={e => handleChange('email', e.target.value)}
+        />
+        {errors.email && <span className="error">{errors.email}</span>}
+      </div>
+      
+      <div>
+        <label htmlFor="age">Age</label>
+        <input
+          id="age"
+          type="number"
+          value={formData.age || ''}
+          onChange={e => handleChange('age', Number(e.target.value))}
+        />
+        {errors.age && <span className="error">{errors.age}</span>}
+      </div>
+      
+      <button type="submit" disabled={isSubmitting}>
+        {isSubmitting ? 'Submitting...' : 'Submit'}
+      </button>
+    </form>
+  )
+}
+```
+
+## Example 3: Modal with Portal
+
+```typescript
+import { createPortal } from 'react-dom'
+import { useEffect, useRef, useState } from 'react'
+
+interface ModalProps {
+  isOpen: boolean
+  onClose: () => void
+  children: React.ReactNode
+  title?: string
+}
+
+const Modal = ({ isOpen, onClose, children, title }: ModalProps) => {
+  const modalRef = useRef<HTMLDivElement>(null)
+  
+  // Close on Escape key
+  useEffect(() => {
+    const handleEscape = (e: KeyboardEvent) => {
+      if (e.key === 'Escape') onClose()
+    }
+    
+    if (isOpen) {
+      document.addEventListener('keydown', handleEscape)
+      // Prevent body scroll
+      document.body.style.overflow = 'hidden'
+    }
+    
+    return () => {
+      document.removeEventListener('keydown', handleEscape)
+      document.body.style.overflow = 'unset'
+    }
+  }, [isOpen, onClose])
+  
+  // Close on backdrop click
+  const handleBackdropClick = (e: React.MouseEvent) => {
+    if (e.target === modalRef.current) {
+      onClose()
+    }
+  }
+  
+  if (!isOpen) return null
+  
+  return createPortal(
+    <div
+      ref={modalRef}
+      className="fixed inset-0 bg-black/50 flex items-center justify-center z-50"
+      onClick={handleBackdropClick}
+    >
+      <div className="bg-white rounded-lg p-6 max-w-md w-full mx-4">
+        <div className="flex justify-between items-center mb-4">
+          {title && <h2 className="text-xl font-bold">{title}</h2>}
+          <button
+            onClick={onClose}
+            className="text-gray-500 hover:text-gray-700"
+            aria-label="Close modal"
+          >
+            ✕
+          </button>
+        </div>
+        {children}
+      </div>
+    </div>,
+    document.body
+  )
+}
+
+// Usage
+const App = () => {
+  const [isOpen, setIsOpen] = useState(false)
+  
+  return (
+    <>
+      <button onClick={() => setIsOpen(true)}>Open Modal</button>
+      <Modal isOpen={isOpen} onClose={() => setIsOpen(false)} title="My Modal">
+        <p>Modal content goes here</p>
+        <button onClick={() => setIsOpen(false)}>Close</button>
+      </Modal>
+    </>
+  )
+}
+```
+
+## Example 4: Infinite Scroll
+
+```typescript
+import { useState, useEffect, useRef, useCallback } from 'react'
+
+interface InfiniteScrollProps<T> {
+  fetchData: (page: number) => Promise<T[]>
+  renderItem: (item: T, index: number) => React.ReactNode
+  loader?: React.ReactNode
+  endMessage?: React.ReactNode
+}
+
+const InfiniteScroll = <T extends { id: string | number },>({
+  fetchData,
+  renderItem,
+  loader = <div>Loading...</div>,
+  endMessage = <div>No more items</div>
+}: InfiniteScrollProps<T>) => {
+  const [items, setItems] = useState<T[]>([])
+  const [page, setPage] = useState(1)
+  const [loading, setLoading] = useState(false)
+  const [hasMore, setHasMore] = useState(true)
+  const observerRef = useRef<IntersectionObserver | null>(null)
+  const loadMoreRef = useRef<HTMLDivElement>(null)
+  
+  const loadMore = useCallback(async () => {
+    if (loading || !hasMore) return
+    
+    setLoading(true)
+    try {
+      const newItems = await fetchData(page)
+      
+      if (newItems.length === 0) {
+        setHasMore(false)
+      } else {
+        setItems(prev => [...prev, ...newItems])
+        setPage(prev => prev + 1)
+      }
+    } catch (error) {
+      console.error('Failed to load items:', error)
+    } finally {
+      setLoading(false)
+    }
+  }, [page, loading, hasMore, fetchData])
+  
+  // Set up intersection observer
+  useEffect(() => {
+    observerRef.current = new IntersectionObserver(
+      entries => {
+        if (entries[0].isIntersecting) {
+          loadMore()
+        }
+      },
+      { threshold: 0.1 }
+    )
+    
+    const currentRef = loadMoreRef.current
+    if (currentRef) {
+      observerRef.current.observe(currentRef)
+    }
+    
+    return () => {
+      if (observerRef.current && currentRef) {
+        observerRef.current.unobserve(currentRef)
+      }
+    }
+  }, [loadMore])
+  
+  // Initial load
+  useEffect(() => {
+    loadMore()
+  }, [])
+  
+  return (
+    <div>
+      {items.map((item, index) => (
+        <div key={item.id}>
+          {renderItem(item, index)}
+        </div>
+      ))}
+      
+      <div ref={loadMoreRef}>
+        {loading && loader}
+        {!loading && !hasMore && endMessage}
+      </div>
+    </div>
+  )
+}
+
+// Usage
+const PostsList = () => {
+  const fetchPosts = async (page: number) => {
+    const response = await fetch(`/api/posts?page=${page}`)
+    return response.json()
+  }
+  
+  return (
+    <InfiniteScroll<Post>
+      fetchData={fetchPosts}
+      renderItem={(post) => <PostCard post={post} />}
+    />
+  )
+}
+```
+
+## Example 5: Dark Mode Toggle
+
+```typescript
+import { createContext, useContext, useState, useEffect } from 'react'
+
+type Theme = 'light' | 'dark'
+
+interface ThemeContextType {
+  theme: Theme
+  toggleTheme: () => void
+}
+
+const ThemeContext = createContext<ThemeContextType | null>(null)
+
+export const useTheme = () => {
+  const context = useContext(ThemeContext)
+  if (!context) {
+    throw new Error('useTheme must be used within ThemeProvider')
+  }
+  return context
+}
+
+export const ThemeProvider = ({ children }: { children: React.ReactNode }) => {
+  const [theme, setTheme] = useState<Theme>(() => {
+    // Check localStorage and system preference
+    const saved = localStorage.getItem('theme') as Theme | null
+    if (saved) return saved
+    
+    if (window.matchMedia('(prefers-color-scheme: dark)').matches) {
+      return 'dark'
+    }
+    
+    return 'light'
+  })
+  
+  useEffect(() => {
+    // Update DOM and localStorage
+    const root = document.documentElement
+    root.classList.remove('light', 'dark')
+    root.classList.add(theme)
+    localStorage.setItem('theme', theme)
+  }, [theme])
+  
+  const toggleTheme = () => {
+    setTheme(prev => prev === 'light' ? 'dark' : 'light')
+  }
+  
+  return (
+    <ThemeContext.Provider value={{ theme, toggleTheme }}>
+      {children}
+    </ThemeContext.Provider>
+  )
+}
+
+// Usage
+const ThemeToggle = () => {
+  const { theme, toggleTheme } = useTheme()
+  
+  return (
+    <button onClick={toggleTheme} aria-label="Toggle theme">
+      {theme === 'light' ? '🌙' : '☀️'}
+    </button>
+  )
+}
+```
+
+## Example 6: Debounced Search
+
+```typescript
+import { useState, useEffect, useMemo } from 'react'
+
+const useDebounce = <T,>(value: T, delay: number): T => {
+  const [debouncedValue, setDebouncedValue] = useState(value)
+  
+  useEffect(() => {
+    const timer = setTimeout(() => {
+      setDebouncedValue(value)
+    }, delay)
+    
+    return () => {
+      clearTimeout(timer)
+    }
+  }, [value, delay])
+  
+  return debouncedValue
+}
+
+const SearchPage = () => {
+  const [query, setQuery] = useState('')
+  const [results, setResults] = useState<Product[]>([])
+  const [loading, setLoading] = useState(false)
+  
+  const debouncedQuery = useDebounce(query, 500)
+  
+  useEffect(() => {
+    if (!debouncedQuery) {
+      setResults([])
+      return
+    }
+    
+    const searchProducts = async () => {
+      setLoading(true)
+      try {
+        const response = await fetch(`/api/search?q=${debouncedQuery}`)
+        const data = await response.json()
+        setResults(data)
+      } catch (error) {
+        console.error('Search failed:', error)
+      } finally {
+        setLoading(false)
+      }
+    }
+    
+    searchProducts()
+  }, [debouncedQuery])
+  
+  return (
+    <div>
+      <input
+        type="search"
+        value={query}
+        onChange={e => setQuery(e.target.value)}
+        placeholder="Search products..."
+      />
+      
+      {loading && <Spinner />}
+      
+      {!loading && results.length > 0 && (
+        <div>
+          {results.map(product => (
+            <ProductCard key={product.id} product={product} />
+          ))}
+        </div>
+      )}
+      
+      {!loading && query && results.length === 0 && (
+        <p>No results found for "{query}"</p>
+      )}
+    </div>
+  )
+}
+```
+
+## Example 7: Tabs Component
+
+```typescript
+import { createContext, useContext, useState, useId } from 'react'
+
+interface TabsContextType {
+  activeTab: string
+  setActiveTab: (id: string) => void
+  tabsId: string
+}
+
+const TabsContext = createContext<TabsContextType | null>(null)
+
+const useTabs = () => {
+  const context = useContext(TabsContext)
+  if (!context) throw new Error('Tabs compound components must be used within Tabs')
+  return context
+}
+
+interface TabsProps {
+  children: React.ReactNode
+  defaultValue: string
+  className?: string
+}
+
+const Tabs = ({ children, defaultValue, className }: TabsProps) => {
+  const [activeTab, setActiveTab] = useState(defaultValue)
+  const tabsId = useId()
+  
+  return (
+    <TabsContext.Provider value={{ activeTab, setActiveTab, tabsId }}>
+      <div className={className}>
+        {children}
+      </div>
+    </TabsContext.Provider>
+  )
+}
+
+const TabsList = ({ children, className }: { 
+  children: React.ReactNode
+  className?: string 
+}) => (
+  <div role="tablist" className={className}>
+    {children}
+  </div>
+)
+
+interface TabsTriggerProps {
+  value: string
+  children: React.ReactNode
+  className?: string
+}
+
+const TabsTrigger = ({ value, children, className }: TabsTriggerProps) => {
+  const { activeTab, setActiveTab, tabsId } = useTabs()
+  const isActive = activeTab === value
+  
+  return (
+    <button
+      role="tab"
+      id={`${tabsId}-tab-${value}`}
+      aria-controls={`${tabsId}-panel-${value}`}
+      aria-selected={isActive}
+      onClick={() => setActiveTab(value)}
+      className={`${className} ${isActive ? 'active' : ''}`}
+    >
+      {children}
+    </button>
+  )
+}
+
+interface TabsContentProps {
+  value: string
+  children: React.ReactNode
+  className?: string
+}
+
+const TabsContent = ({ value, children, className }: TabsContentProps) => {
+  const { activeTab, tabsId } = useTabs()
+  
+  if (activeTab !== value) return null
+  
+  return (
+    <div
+      role="tabpanel"
+      id={`${tabsId}-panel-${value}`}
+      aria-labelledby={`${tabsId}-tab-${value}`}
+      className={className}
+    >
+      {children}
+    </div>
+  )
+}
+
+// Export compound component
+export { Tabs, TabsList, TabsTrigger, TabsContent }
+
+// Usage
+const App = () => (
+  <Tabs defaultValue="profile">
+    <TabsList>
+      <TabsTrigger value="profile">Profile</TabsTrigger>
+      <TabsTrigger value="settings">Settings</TabsTrigger>
+      <TabsTrigger value="notifications">Notifications</TabsTrigger>
+    </TabsList>
+    
+    <TabsContent value="profile">
+      <h2>Profile Content</h2>
+    </TabsContent>
+    
+    <TabsContent value="settings">
+      <h2>Settings Content</h2>
+    </TabsContent>
+    
+    <TabsContent value="notifications">
+      <h2>Notifications Content</h2>
+    </TabsContent>
+  </Tabs>
+)
+```
+
+## Example 8: Error Boundary
+
+```typescript
+import { Component, ErrorInfo, ReactNode } from 'react'
+
+interface Props {
+  children: ReactNode
+  fallback?: (error: Error, reset: () => void) => ReactNode
+  onError?: (error: Error, errorInfo: ErrorInfo) => void
+}
+
+interface State {
+  hasError: boolean
+  error: Error | null
+}
+
+class ErrorBoundary extends Component<Props, State> {
+  constructor(props: Props) {
+    super(props)
+    this.state = { hasError: false, error: null }
+  }
+  
+  static getDerivedStateFromError(error: Error): State {
+    return { hasError: true, error }
+  }
+  
+  componentDidCatch(error: Error, errorInfo: ErrorInfo) {
+    console.error('ErrorBoundary caught:', error, errorInfo)
+    this.props.onError?.(error, errorInfo)
+  }
+  
+  reset = () => {
+    this.setState({ hasError: false, error: null })
+  }
+  
+  render() {
+    if (this.state.hasError && this.state.error) {
+      if (this.props.fallback) {
+        return this.props.fallback(this.state.error, this.reset)
+      }
+      
+      return (
+        <div className="error-boundary">
+          <h2>Something went wrong</h2>
+          <details>
+            <summary>Error details</summary>
+            <pre>{this.state.error.message}</pre>
+          </details>
+          <button onClick={this.reset}>Try again</button>
+        </div>
+      )
+    }
+    
+    return this.props.children
+  }
+}
+
+// Usage
+const App = () => (
+  <ErrorBoundary
+    fallback={(error, reset) => (
+      <div>
+        <h1>Oops! Something went wrong</h1>
+        <p>{error.message}</p>
+        <button onClick={reset}>Retry</button>
+      </div>
+    )}
+    onError={(error, errorInfo) => {
+      // Send to error tracking service
+      console.error('Error logged:', error, errorInfo)
+    }}
+  >
+    <YourApp />
+  </ErrorBoundary>
+)
+```
+
+## Example 9: Custom Hook for Local Storage
+
+```typescript
+import { useState, useEffect, useCallback } from 'react'
+
+const useLocalStorage = <T,>(
+  key: string,
+  initialValue: T
+): [T, (value: T | ((val: T) => T)) => void, () => void] => {
+  // Get initial value from localStorage
+  const [storedValue, setStoredValue] = useState<T>(() => {
+    try {
+      const item = window.localStorage.getItem(key)
+      return item ? JSON.parse(item) : initialValue
+    } catch (error) {
+      console.error(`Error loading ${key} from localStorage:`, error)
+      return initialValue
+    }
+  })
+  
+  // Update localStorage when value changes
+  const setValue = useCallback((value: T | ((val: T) => T)) => {
+    try {
+      const valueToStore = value instanceof Function ? value(storedValue) : value
+      setStoredValue(valueToStore)
+      window.localStorage.setItem(key, JSON.stringify(valueToStore))
+      
+      // Dispatch storage event for other tabs
+      window.dispatchEvent(new Event('storage'))
+    } catch (error) {
+      console.error(`Error saving ${key} to localStorage:`, error)
+    }
+  }, [key, storedValue])
+  
+  // Remove from localStorage
+  const removeValue = useCallback(() => {
+    try {
+      window.localStorage.removeItem(key)
+      setStoredValue(initialValue)
+    } catch (error) {
+      console.error(`Error removing ${key} from localStorage:`, error)
+    }
+  }, [key, initialValue])
+  
+  // Listen for changes in other tabs
+  useEffect(() => {
+    const handleStorageChange = (e: StorageEvent) => {
+      if (e.key === key && e.newValue) {
+        setStoredValue(JSON.parse(e.newValue))
+      }
+    }
+    
+    window.addEventListener('storage', handleStorageChange)
+    return () => window.removeEventListener('storage', handleStorageChange)
+  }, [key])
+  
+  return [storedValue, setValue, removeValue]
+}
+
+// Usage
+const UserPreferences = () => {
+  const [preferences, setPreferences, clearPreferences] = useLocalStorage('user-prefs', {
+    theme: 'light',
+    language: 'en',
+    notifications: true
+  })
+  
+  return (
+    <div>
+      <label>
+        <input
+          type="checkbox"
+          checked={preferences.notifications}
+          onChange={e => setPreferences({
+            ...preferences,
+            notifications: e.target.checked
+          })}
+        />
+        Enable notifications
+      </label>
+      
+      <button onClick={clearPreferences}>
+        Reset to defaults
+      </button>
+    </div>
+  )
+}
+```
+
+## Example 10: Optimistic Updates with useOptimistic
+
+```typescript
+'use client'
+
+import { useOptimistic } from 'react'
+import { likePost, unlikePost } from './actions'
+
+interface Post {
+  id: string
+  content: string
+  likes: number
+  isLiked: boolean
+}
+
+const PostCard = ({ post }: { post: Post }) => {
+  const [optimisticPost, addOptimistic] = useOptimistic(
+    post,
+    (currentPost, update: Partial<Post>) => ({
+      ...currentPost,
+      ...update
+    })
+  )
+  
+  const handleLike = async () => {
+    // Optimistically update UI
+    addOptimistic({ 
+      likes: optimisticPost.likes + 1,
+      isLiked: true 
+    })
+    
+    try {
+      // Send server request
+      await likePost(post.id)
+    } catch (error) {
+      // Server will send correct state via revalidation
+      console.error('Failed to like post:', error)
+    }
+  }
+  
+  const handleUnlike = async () => {
+    addOptimistic({ 
+      likes: optimisticPost.likes - 1,
+      isLiked: false 
+    })
+    
+    try {
+      await unlikePost(post.id)
+    } catch (error) {
+      console.error('Failed to unlike post:', error)
+    }
+  }
+  
+  return (
+    <div className="post-card">
+      <p>{optimisticPost.content}</p>
+      <button 
+        onClick={optimisticPost.isLiked ? handleUnlike : handleLike}
+        className={optimisticPost.isLiked ? 'liked' : ''}
+      >
+        ❤️ {optimisticPost.likes}
+      </button>
+    </div>
+  )
+}
+```
+
+## References
+
+These examples demonstrate:
+- Custom hooks for reusable logic
+- Form handling with validation
+- Portal usage for modals
+- Infinite scroll with Intersection Observer
+- Context for global state
+- Debouncing for performance
+- Compound components pattern
+- Error boundaries
+- LocalStorage integration
+- Optimistic updates (React 19)
+

.claude/skills/react/references/hooks-quick-reference.md

@@ -0,0 +1,291 @@
+# React Hooks Quick Reference
+
+## State Hooks
+
+### useState
+```typescript
+const [state, setState] = useState<Type>(initialValue)
+const [count, setCount] = useState(0)
+
+// Functional update
+setCount(prev => prev + 1)
+
+// Lazy initialization
+const [state, setState] = useState(() => expensiveComputation())
+```
+
+### useReducer
+```typescript
+type State = { count: number }
+type Action = { type: 'increment' } | { type: 'decrement' }
+
+const reducer = (state: State, action: Action): State => {
+  switch (action.type) {
+    case 'increment': return { count: state.count + 1 }
+    case 'decrement': return { count: state.count - 1 }
+  }
+}
+
+const [state, dispatch] = useReducer(reducer, { count: 0 })
+dispatch({ type: 'increment' })
+```
+
+### useActionState (React 19)
+```typescript
+const [state, formAction, isPending] = useActionState(
+  async (previousState, formData: FormData) => {
+    // Server action
+    return await processForm(formData)
+  },
+  initialState
+)
+
+<form action={formAction}>
+  <button disabled={isPending}>Submit</button>
+</form>
+```
+
+## Effect Hooks
+
+### useEffect
+```typescript
+useEffect(() => {
+  // Side effect
+  const subscription = api.subscribe()
+  
+  // Cleanup
+  return () => subscription.unsubscribe()
+}, [dependencies])
+```
+
+**Timing**: After render & paint
+**Use for**: Data fetching, subscriptions, DOM mutations
+
+### useLayoutEffect
+```typescript
+useLayoutEffect(() => {
+  // Runs before paint
+  const height = ref.current.offsetHeight
+  setHeight(height)
+}, [])
+```
+
+**Timing**: After render, before paint
+**Use for**: DOM measurements, preventing flicker
+
+### useInsertionEffect
+```typescript
+useInsertionEffect(() => {
+  // Insert styles before any DOM reads
+  const style = document.createElement('style')
+  style.textContent = css
+  document.head.appendChild(style)
+  return () => document.head.removeChild(style)
+}, [css])
+```
+
+**Timing**: Before any DOM mutations
+**Use for**: CSS-in-JS libraries
+
+## Performance Hooks
+
+### useMemo
+```typescript
+const memoizedValue = useMemo(() => {
+  return expensiveComputation(a, b)
+}, [a, b])
+```
+
+**Use for**: Expensive calculations, stable object references
+
+### useCallback
+```typescript
+const memoizedCallback = useCallback(() => {
+  doSomething(a, b)
+}, [a, b])
+```
+
+**Use for**: Passing callbacks to optimized components
+
+## Ref Hooks
+
+### useRef
+```typescript
+// DOM reference
+const ref = useRef<HTMLDivElement>(null)
+ref.current?.focus()
+
+// Mutable value (doesn't trigger re-render)
+const countRef = useRef(0)
+countRef.current += 1
+```
+
+### useImperativeHandle
+```typescript
+useImperativeHandle(ref, () => ({
+  focus: () => inputRef.current?.focus(),
+  clear: () => inputRef.current && (inputRef.current.value = '')
+}), [])
+```
+
+## Context Hook
+
+### useContext
+```typescript
+const value = useContext(MyContext)
+```
+
+Must be used within a Provider.
+
+## Transition Hooks
+
+### useTransition
+```typescript
+const [isPending, startTransition] = useTransition()
+
+startTransition(() => {
+  setState(newValue)  // Non-urgent update
+})
+```
+
+### useDeferredValue
+```typescript
+const [input, setInput] = useState('')
+const deferredInput = useDeferredValue(input)
+
+// Use deferredInput for expensive operations
+const results = useMemo(() => search(deferredInput), [deferredInput])
+```
+
+## Optimistic Updates (React 19)
+
+### useOptimistic
+```typescript
+const [optimisticState, addOptimistic] = useOptimistic(
+  actualState,
+  (currentState, optimisticValue) => {
+    return [...currentState, optimisticValue]
+  }
+)
+```
+
+## Other Hooks
+
+### useId
+```typescript
+const id = useId()
+<label htmlFor={id}>Name</label>
+<input id={id} />
+```
+
+### useSyncExternalStore
+```typescript
+const state = useSyncExternalStore(
+  subscribe,
+  getSnapshot,
+  getServerSnapshot
+)
+```
+
+### useDebugValue
+```typescript
+useDebugValue(isOnline ? 'Online' : 'Offline')
+```
+
+### use (React 19)
+```typescript
+// Read context or promise
+const value = use(MyContext)
+const data = use(fetchPromise)  // Must be in Suspense
+```
+
+## Form Hooks (React DOM)
+
+### useFormStatus
+```typescript
+import { useFormStatus } from 'react-dom'
+
+const { pending, data, method, action } = useFormStatus()
+```
+
+## Hook Rules
+
+1. **Only call at top level** - Not in loops, conditions, or nested functions
+2. **Only call from React functions** - Components or custom hooks
+3. **Custom hooks start with "use"** - Naming convention
+4. **Same hooks in same order** - Every render must call same hooks
+
+## Dependencies Best Practices
+
+1. **Include all used values** - Variables, props, state from component scope
+2. **Use ESLint plugin** - `eslint-plugin-react-hooks` enforces rules
+3. **Functions as dependencies** - Wrap with useCallback or define outside component
+4. **Object/array dependencies** - Use useMemo for stable references
+
+## Common Patterns
+
+### Fetching Data
+```typescript
+const [data, setData] = useState(null)
+const [loading, setLoading] = useState(true)
+const [error, setError] = useState(null)
+
+useEffect(() => {
+  const controller = new AbortController()
+  
+  fetch('/api/data', { signal: controller.signal })
+    .then(res => res.json())
+    .then(setData)
+    .catch(setError)
+    .finally(() => setLoading(false))
+  
+  return () => controller.abort()
+}, [])
+```
+
+### Debouncing
+```typescript
+const [value, setValue] = useState('')
+const [debouncedValue, setDebouncedValue] = useState(value)
+
+useEffect(() => {
+  const timer = setTimeout(() => {
+    setDebouncedValue(value)
+  }, 500)
+  
+  return () => clearTimeout(timer)
+}, [value])
+```
+
+### Previous Value
+```typescript
+const usePrevious = <T,>(value: T): T | undefined => {
+  const ref = useRef<T>()
+  useEffect(() => {
+    ref.current = value
+  })
+  return ref.current
+}
+```
+
+### Interval
+```typescript
+useEffect(() => {
+  const id = setInterval(() => {
+    setCount(c => c + 1)
+  }, 1000)
+  
+  return () => clearInterval(id)
+}, [])
+```
+
+### Event Listeners
+```typescript
+useEffect(() => {
+  const handleResize = () => setWidth(window.innerWidth)
+  
+  window.addEventListener('resize', handleResize)
+  return () => window.removeEventListener('resize', handleResize)
+}, [])
+```
+

.claude/skills/react/references/performance.md

@@ -0,0 +1,658 @@
+# React Performance Optimization Guide
+
+## Overview
+
+This guide covers performance optimization strategies for React 19 applications.
+
+## Measurement & Profiling
+
+### React DevTools Profiler
+
+Record performance data:
+1. Open React DevTools
+2. Go to Profiler tab
+3. Click record button
+4. Interact with app
+5. Stop recording
+6. Analyze flame graph and ranked chart
+
+### Profiler Component
+
+```typescript
+import { Profiler } from 'react'
+
+const App = () => {
+  const onRender = (
+    id: string,
+    phase: 'mount' | 'update',
+    actualDuration: number,
+    baseDuration: number,
+    startTime: number,
+    commitTime: number
+  ) => {
+    console.log({
+      component: id,
+      phase,
+      actualDuration,  // Time spent rendering this update
+      baseDuration     // Estimated time without memoization
+    })
+  }
+  
+  return (
+    <Profiler id="App" onRender={onRender}>
+      <YourApp />
+    </Profiler>
+  )
+}
+```
+
+### Performance Metrics
+
+```typescript
+// Custom performance tracking
+const startTime = performance.now()
+// ... do work
+const endTime = performance.now()
+console.log(`Operation took ${endTime - startTime}ms`)
+
+// React rendering metrics
+import { unstable_trace as trace } from 'react'
+
+trace('expensive-operation', async () => {
+  await performExpensiveOperation()
+})
+```
+
+## Memoization Strategies
+
+### React.memo
+
+Prevent unnecessary re-renders:
+
+```typescript
+// Basic memoization
+const ExpensiveComponent = memo(({ data }: Props) => {
+  return <div>{processData(data)}</div>
+})
+
+// Custom comparison
+const MemoizedComponent = memo(
+  ({ user }: Props) => <UserCard user={user} />,
+  (prevProps, nextProps) => {
+    // Return true if props are equal (skip render)
+    return prevProps.user.id === nextProps.user.id
+  }
+)
+```
+
+**When to use:**
+- Component renders often with same props
+- Rendering is expensive
+- Component receives complex prop objects
+
+**When NOT to use:**
+- Props change frequently
+- Component is already fast
+- Premature optimization
+
+### useMemo
+
+Memoize computed values:
+
+```typescript
+const SortedList = ({ items, filter }: Props) => {
+  // Without memoization - runs every render
+  const filteredItems = items.filter(item => item.type === filter)
+  const sortedItems = filteredItems.sort((a, b) => a.name.localeCompare(b.name))
+  
+  // With memoization - only runs when dependencies change
+  const sortedFilteredItems = useMemo(() => {
+    const filtered = items.filter(item => item.type === filter)
+    return filtered.sort((a, b) => a.name.localeCompare(b.name))
+  }, [items, filter])
+  
+  return (
+    <ul>
+      {sortedFilteredItems.map(item => (
+        <li key={item.id}>{item.name}</li>
+      ))}
+    </ul>
+  )
+}
+```
+
+**When to use:**
+- Expensive calculations (sorting, filtering large arrays)
+- Creating stable object references
+- Computed values used as dependencies
+
+### useCallback
+
+Memoize callback functions:
+
+```typescript
+const Parent = () => {
+  const [count, setCount] = useState(0)
+  
+  // Without useCallback - new function every render
+  const handleClick = () => {
+    setCount(c => c + 1)
+  }
+  
+  // With useCallback - stable function reference
+  const handleClickMemo = useCallback(() => {
+    setCount(c => c + 1)
+  }, [])
+  
+  return <MemoizedChild onClick={handleClickMemo} />
+}
+
+const MemoizedChild = memo(({ onClick }: Props) => {
+  return <button onClick={onClick}>Click</button>
+})
+```
+
+**When to use:**
+- Passing callbacks to memoized components
+- Callback is used in dependency array
+- Callback is expensive to create
+
+## React Compiler (Automatic Optimization)
+
+### Enable React Compiler
+
+React 19 can automatically optimize without manual memoization:
+
+```javascript
+// babel.config.js
+module.exports = {
+  plugins: [
+    ['react-compiler', {
+      compilationMode: 'all',  // Optimize all components
+    }]
+  ]
+}
+```
+
+### Compilation Modes
+
+```javascript
+{
+  compilationMode: 'annotation',  // Only components with "use memo"
+  compilationMode: 'all',         // All components (recommended)
+  compilationMode: 'infer'        // Based on component complexity
+}
+```
+
+### Directives
+
+```typescript
+// Force memoization
+'use memo'
+const Component = ({ data }: Props) => {
+  return <div>{data}</div>
+}
+
+// Prevent memoization
+'use no memo'
+const SimpleComponent = ({ text }: Props) => {
+  return <span>{text}</span>
+}
+```
+
+## State Management Optimization
+
+### State Colocation
+
+Keep state as close as possible to where it's used:
+
+```typescript
+// Bad - state too high
+const App = () => {
+  const [showModal, setShowModal] = useState(false)
+  
+  return (
+    <>
+      <Header />
+      <Content />
+      <Modal show={showModal} onClose={() => setShowModal(false)} />
+    </>
+  )
+}
+
+// Good - state colocated
+const App = () => {
+  return (
+    <>
+      <Header />
+      <Content />
+      <ModalContainer />
+    </>
+  )
+}
+
+const ModalContainer = () => {
+  const [showModal, setShowModal] = useState(false)
+  
+  return <Modal show={showModal} onClose={() => setShowModal(false)} />
+}
+```
+
+### Split Context
+
+Avoid unnecessary re-renders by splitting context:
+
+```typescript
+// Bad - single context causes all consumers to re-render
+const AppContext = createContext({ user, theme, settings })
+
+// Good - split into separate contexts
+const UserContext = createContext(user)
+const ThemeContext = createContext(theme)
+const SettingsContext = createContext(settings)
+```
+
+### Context with useMemo
+
+```typescript
+const ThemeProvider = ({ children }: Props) => {
+  const [theme, setTheme] = useState('light')
+  
+  // Memoize context value to prevent unnecessary re-renders
+  const value = useMemo(() => ({
+    theme,
+    setTheme
+  }), [theme])
+  
+  return (
+    <ThemeContext.Provider value={value}>
+      {children}
+    </ThemeContext.Provider>
+  )
+}
+```
+
+## Code Splitting & Lazy Loading
+
+### React.lazy
+
+Split components into separate bundles:
+
+```typescript
+import { lazy, Suspense } from 'react'
+
+// Lazy load components
+const Dashboard = lazy(() => import('./Dashboard'))
+const Settings = lazy(() => import('./Settings'))
+const Profile = lazy(() => import('./Profile'))
+
+const App = () => {
+  return (
+    <Suspense fallback={<Loading />}>
+      <Routes>
+        <Route path="/dashboard" element={<Dashboard />} />
+        <Route path="/settings" element={<Settings />} />
+        <Route path="/profile" element={<Profile />} />
+      </Routes>
+    </Suspense>
+  )
+}
+```
+
+### Route-based Splitting
+
+```typescript
+// App.tsx
+const routes = [
+  { path: '/', component: lazy(() => import('./pages/Home')) },
+  { path: '/about', component: lazy(() => import('./pages/About')) },
+  { path: '/products', component: lazy(() => import('./pages/Products')) },
+]
+
+const App = () => (
+  <Suspense fallback={<PageLoader />}>
+    <Routes>
+      {routes.map(({ path, component: Component }) => (
+        <Route key={path} path={path} element={<Component />} />
+      ))}
+    </Routes>
+  </Suspense>
+)
+```
+
+### Component-based Splitting
+
+```typescript
+// Split expensive components
+const HeavyChart = lazy(() => import('./HeavyChart'))
+
+const Dashboard = () => {
+  const [showChart, setShowChart] = useState(false)
+  
+  return (
+    <>
+      <button onClick={() => setShowChart(true)}>
+        Load Chart
+      </button>
+      {showChart && (
+        <Suspense fallback={<ChartSkeleton />}>
+          <HeavyChart />
+        </Suspense>
+      )}
+    </>
+  )
+}
+```
+
+## List Rendering Optimization
+
+### Keys
+
+Always use stable, unique keys:
+
+```typescript
+// Bad - index as key (causes issues on reorder/insert)
+{items.map((item, index) => (
+  <Item key={index} data={item} />
+))}
+
+// Good - unique ID as key
+{items.map(item => (
+  <Item key={item.id} data={item} />
+))}
+
+// For static lists without IDs
+{items.map(item => (
+  <Item key={`${item.name}-${item.category}`} data={item} />
+))}
+```
+
+### Virtualization
+
+For long lists, render only visible items:
+
+```typescript
+import { useVirtualizer } from '@tanstack/react-virtual'
+
+const VirtualList = ({ items }: { items: Item[] }) => {
+  const parentRef = useRef<HTMLDivElement>(null)
+  
+  const virtualizer = useVirtualizer({
+    count: items.length,
+    getScrollElement: () => parentRef.current,
+    estimateSize: () => 50,  // Estimated item height
+    overscan: 5  // Render 5 extra items above/below viewport
+  })
+  
+  return (
+    <div ref={parentRef} style={{ height: '400px', overflow: 'auto' }}>
+      <div
+        style={{
+          height: `${virtualizer.getTotalSize()}px`,
+          position: 'relative'
+        }}
+      >
+        {virtualizer.getVirtualItems().map(virtualItem => (
+          <div
+            key={virtualItem.key}
+            style={{
+              position: 'absolute',
+              top: 0,
+              left: 0,
+              width: '100%',
+              height: `${virtualItem.size}px`,
+              transform: `translateY(${virtualItem.start}px)`
+            }}
+          >
+            <Item data={items[virtualItem.index]} />
+          </div>
+        ))}
+      </div>
+    </div>
+  )
+}
+```
+
+### Pagination
+
+```typescript
+const PaginatedList = ({ items }: Props) => {
+  const [page, setPage] = useState(1)
+  const itemsPerPage = 20
+  
+  const paginatedItems = useMemo(() => {
+    const start = (page - 1) * itemsPerPage
+    const end = start + itemsPerPage
+    return items.slice(start, end)
+  }, [items, page, itemsPerPage])
+  
+  return (
+    <>
+      {paginatedItems.map(item => (
+        <Item key={item.id} data={item} />
+      ))}
+      <Pagination 
+        page={page} 
+        total={Math.ceil(items.length / itemsPerPage)}
+        onChange={setPage}
+      />
+    </>
+  )
+}
+```
+
+## Transitions & Concurrent Features
+
+### useTransition
+
+Keep UI responsive during expensive updates:
+
+```typescript
+const SearchPage = () => {
+  const [query, setQuery] = useState('')
+  const [results, setResults] = useState([])
+  const [isPending, startTransition] = useTransition()
+  
+  const handleSearch = (value: string) => {
+    setQuery(value)  // Urgent - update input immediately
+    
+    // Non-urgent - can be interrupted
+    startTransition(() => {
+      const filtered = expensiveFilter(items, value)
+      setResults(filtered)
+    })
+  }
+  
+  return (
+    <>
+      <input value={query} onChange={e => handleSearch(e.target.value)} />
+      {isPending && <Spinner />}
+      <ResultsList results={results} />
+    </>
+  )
+}
+```
+
+### useDeferredValue
+
+Defer non-urgent renders:
+
+```typescript
+const SearchPage = () => {
+  const [query, setQuery] = useState('')
+  const deferredQuery = useDeferredValue(query)
+  
+  // Input updates immediately
+  // Results update with deferred value (can be interrupted)
+  const results = useMemo(() => {
+    return expensiveFilter(items, deferredQuery)
+  }, [deferredQuery])
+  
+  return (
+    <>
+      <input value={query} onChange={e => setQuery(e.target.value)} />
+      <ResultsList results={results} />
+    </>
+  )
+}
+```
+
+## Image & Asset Optimization
+
+### Lazy Load Images
+
+```typescript
+const LazyImage = ({ src, alt }: Props) => {
+  const [isLoaded, setIsLoaded] = useState(false)
+  
+  return (
+    <div className="relative">
+      {!isLoaded && <ImageSkeleton />}
+      <img
+        src={src}
+        alt={alt}
+        loading="lazy"  // Native lazy loading
+        onLoad={() => setIsLoaded(true)}
+        className={isLoaded ? 'opacity-100' : 'opacity-0'}
+      />
+    </div>
+  )
+}
+```
+
+### Next.js Image Component
+
+```typescript
+import Image from 'next/image'
+
+const OptimizedImage = () => (
+  <Image
+    src="/hero.jpg"
+    alt="Hero"
+    width={800}
+    height={600}
+    priority  // Load immediately for above-fold images
+    placeholder="blur"
+    blurDataURL="data:image/jpeg;base64,..."
+  />
+)
+```
+
+## Bundle Size Optimization
+
+### Tree Shaking
+
+Import only what you need:
+
+```typescript
+// Bad - imports entire library
+import _ from 'lodash'
+
+// Good - import only needed functions
+import debounce from 'lodash/debounce'
+import throttle from 'lodash/throttle'
+
+// Even better - use native methods when possible
+const debounce = (fn, delay) => {
+  let timeoutId
+  return (...args) => {
+    clearTimeout(timeoutId)
+    timeoutId = setTimeout(() => fn(...args), delay)
+  }
+}
+```
+
+### Analyze Bundle
+
+```bash
+# Next.js
+ANALYZE=true npm run build
+
+# Create React App
+npm install --save-dev webpack-bundle-analyzer
+```
+
+### Dynamic Imports
+
+```typescript
+// Load library only when needed
+const handleExport = async () => {
+  const { jsPDF } = await import('jspdf')
+  const doc = new jsPDF()
+  doc.save('report.pdf')
+}
+```
+
+## Common Performance Pitfalls
+
+### 1. Inline Object Creation
+
+```typescript
+// Bad - new object every render
+<Component style={{ margin: 10 }} />
+
+// Good - stable reference
+const style = { margin: 10 }
+<Component style={style} />
+
+// Or use useMemo
+const style = useMemo(() => ({ margin: 10 }), [])
+```
+
+### 2. Inline Functions
+
+```typescript
+// Bad - new function every render (if child is memoized)
+<MemoizedChild onClick={() => handleClick(id)} />
+
+// Good
+const handleClickMemo = useCallback(() => handleClick(id), [id])
+<MemoizedChild onClick={handleClickMemo} />
+```
+
+### 3. Spreading Props
+
+```typescript
+// Bad - causes re-renders even when props unchanged
+<Component {...props} />
+
+// Good - pass only needed props
+<Component value={props.value} onChange={props.onChange} />
+```
+
+### 4. Large Context
+
+```typescript
+// Bad - everything re-renders on any state change
+const AppContext = createContext({ user, theme, cart, settings, ... })
+
+// Good - split into focused contexts
+const UserContext = createContext(user)
+const ThemeContext = createContext(theme)
+const CartContext = createContext(cart)
+```
+
+## Performance Checklist
+
+- [ ] Measure before optimizing (use Profiler)
+- [ ] Use React DevTools to identify slow components
+- [ ] Implement code splitting for large routes
+- [ ] Lazy load below-the-fold content
+- [ ] Virtualize long lists
+- [ ] Memoize expensive calculations
+- [ ] Split large contexts
+- [ ] Colocate state close to usage
+- [ ] Use transitions for non-urgent updates
+- [ ] Optimize images and assets
+- [ ] Analyze and minimize bundle size
+- [ ] Remove console.logs in production
+- [ ] Use production build for testing
+- [ ] Monitor real-world performance metrics
+
+## References
+
+- React Performance: https://react.dev/learn/render-and-commit
+- React Profiler: https://react.dev/reference/react/Profiler
+- React Compiler: https://react.dev/reference/react-compiler
+- Web Vitals: https://web.dev/vitals/
+

.claude/skills/react/references/server-components.md

@@ -0,0 +1,656 @@
+# React Server Components & Server Functions
+
+## Overview
+
+React Server Components (RSC) allow components to render on the server, improving performance and enabling direct data access. Server Functions allow client components to call server-side functions.
+
+## Server Components
+
+### What are Server Components?
+
+Components that run **only on the server**:
+- Can access databases directly
+- Zero bundle size (code stays on server)
+- Better performance (less JavaScript to client)
+- Automatic code splitting
+
+### Creating Server Components
+
+```typescript
+// app/products/page.tsx
+// Server Component by default in App Router
+
+import { db } from '@/lib/db'
+
+const ProductsPage = async () => {
+  // Direct database access
+  const products = await db.product.findMany({
+    where: { active: true },
+    include: { category: true }
+  })
+  
+  return (
+    <div>
+      <h1>Products</h1>
+      {products.map(product => (
+        <ProductCard key={product.id} product={product} />
+      ))}
+    </div>
+  )
+}
+
+export default ProductsPage
+```
+
+### Server Component Rules
+
+**Can do:**
+- Access databases and APIs directly
+- Use server-only modules (fs, path, etc.)
+- Keep secrets secure (API keys, tokens)
+- Reduce client bundle size
+- Use async/await at top level
+
+**Cannot do:**
+- Use hooks (useState, useEffect, etc.)
+- Use browser APIs (window, document)
+- Attach event handlers (onClick, etc.)
+- Use Context
+
+### Mixing Server and Client Components
+
+```typescript
+// Server Component (default)
+const Page = async () => {
+  const data = await fetchData()
+  
+  return (
+    <div>
+      <ServerComponent data={data} />
+      {/* Client component for interactivity */}
+      <ClientComponent initialData={data} />
+    </div>
+  )
+}
+
+// Client Component
+'use client'
+
+import { useState } from 'react'
+
+const ClientComponent = ({ initialData }) => {
+  const [count, setCount] = useState(0)
+  
+  return (
+    <button onClick={() => setCount(c => c + 1)}>
+      {count}
+    </button>
+  )
+}
+```
+
+### Server Component Patterns
+
+#### Data Fetching
+```typescript
+// app/user/[id]/page.tsx
+interface PageProps {
+  params: { id: string }
+}
+
+const UserPage = async ({ params }: PageProps) => {
+  const user = await db.user.findUnique({
+    where: { id: params.id }
+  })
+  
+  if (!user) {
+    notFound()  // Next.js 404
+  }
+  
+  return <UserProfile user={user} />
+}
+```
+
+#### Parallel Data Fetching
+```typescript
+const DashboardPage = async () => {
+  // Fetch in parallel
+  const [user, orders, stats] = await Promise.all([
+    fetchUser(),
+    fetchOrders(),
+    fetchStats()
+  ])
+  
+  return (
+    <>
+      <UserHeader user={user} />
+      <OrdersList orders={orders} />
+      <StatsWidget stats={stats} />
+    </>
+  )
+}
+```
+
+#### Streaming with Suspense
+```typescript
+const Page = () => {
+  return (
+    <>
+      <Header />
+      <Suspense fallback={<ProductsSkeleton />}>
+        <Products />
+      </Suspense>
+      <Suspense fallback={<ReviewsSkeleton />}>
+        <Reviews />
+      </Suspense>
+    </>
+  )
+}
+
+const Products = async () => {
+  const products = await fetchProducts()  // Slow query
+  return <ProductsList products={products} />
+}
+```
+
+## Server Functions (Server Actions)
+
+### What are Server Functions?
+
+Functions that run on the server but can be called from client components:
+- Marked with `'use server'` directive
+- Can mutate data
+- Integrated with forms
+- Type-safe with TypeScript
+
+### Creating Server Functions
+
+#### File-level directive
+```typescript
+// app/actions.ts
+'use server'
+
+import { db } from '@/lib/db'
+import { revalidatePath } from 'next/cache'
+
+export async function createProduct(formData: FormData) {
+  const name = formData.get('name') as string
+  const price = Number(formData.get('price'))
+  
+  const product = await db.product.create({
+    data: { name, price }
+  })
+  
+  revalidatePath('/products')
+  return product
+}
+
+export async function deleteProduct(id: string) {
+  await db.product.delete({ where: { id } })
+  revalidatePath('/products')
+}
+```
+
+#### Function-level directive
+```typescript
+// Inside a Server Component
+const MyComponent = async () => {
+  async function handleSubmit(formData: FormData) {
+    'use server'
+    const email = formData.get('email') as string
+    await saveEmail(email)
+  }
+  
+  return <form action={handleSubmit}>...</form>
+}
+```
+
+### Using Server Functions
+
+#### With Forms
+```typescript
+'use client'
+
+import { createProduct } from './actions'
+
+const ProductForm = () => {
+  return (
+    <form action={createProduct}>
+      <input name="name" required />
+      <input name="price" type="number" required />
+      <button type="submit">Create</button>
+    </form>
+  )
+}
+```
+
+#### With useActionState
+```typescript
+'use client'
+
+import { useActionState } from 'react'
+import { createProduct } from './actions'
+
+type FormState = {
+  message: string
+  success: boolean
+} | null
+
+const ProductForm = () => {
+  const [state, formAction, isPending] = useActionState<FormState>(
+    async (previousState, formData: FormData) => {
+      try {
+        await createProduct(formData)
+        return { message: 'Product created!', success: true }
+      } catch (error) {
+        return { message: 'Failed to create product', success: false }
+      }
+    },
+    null
+  )
+  
+  return (
+    <form action={formAction}>
+      <input name="name" required />
+      <input name="price" type="number" required />
+      <button disabled={isPending}>
+        {isPending ? 'Creating...' : 'Create'}
+      </button>
+      {state?.message && (
+        <p className={state.success ? 'text-green-600' : 'text-red-600'}>
+          {state.message}
+        </p>
+      )}
+    </form>
+  )
+}
+```
+
+#### Programmatic Invocation
+```typescript
+'use client'
+
+import { deleteProduct } from './actions'
+
+const DeleteButton = ({ productId }: { productId: string }) => {
+  const [isPending, setIsPending] = useState(false)
+  
+  const handleDelete = async () => {
+    setIsPending(true)
+    try {
+      await deleteProduct(productId)
+    } catch (error) {
+      console.error(error)
+    } finally {
+      setIsPending(false)
+    }
+  }
+  
+  return (
+    <button onClick={handleDelete} disabled={isPending}>
+      {isPending ? 'Deleting...' : 'Delete'}
+    </button>
+  )
+}
+```
+
+### Server Function Patterns
+
+#### Validation with Zod
+```typescript
+'use server'
+
+import { z } from 'zod'
+
+const ProductSchema = z.object({
+  name: z.string().min(3),
+  price: z.number().positive(),
+  description: z.string().optional()
+})
+
+export async function createProduct(formData: FormData) {
+  const rawData = {
+    name: formData.get('name'),
+    price: Number(formData.get('price')),
+    description: formData.get('description')
+  }
+  
+  // Validate
+  const result = ProductSchema.safeParse(rawData)
+  if (!result.success) {
+    return { 
+      success: false, 
+      errors: result.error.flatten().fieldErrors 
+    }
+  }
+  
+  // Create product
+  const product = await db.product.create({
+    data: result.data
+  })
+  
+  revalidatePath('/products')
+  return { success: true, product }
+}
+```
+
+#### Authentication Check
+```typescript
+'use server'
+
+import { auth } from '@/lib/auth'
+import { redirect } from 'next/navigation'
+
+export async function createOrder(formData: FormData) {
+  const session = await auth()
+  
+  if (!session?.user) {
+    redirect('/login')
+  }
+  
+  const order = await db.order.create({
+    data: {
+      userId: session.user.id,
+      // ... other fields
+    }
+  })
+  
+  return order
+}
+```
+
+#### Error Handling
+```typescript
+'use server'
+
+export async function updateProfile(formData: FormData) {
+  try {
+    const userId = await getCurrentUserId()
+    
+    const profile = await db.user.update({
+      where: { id: userId },
+      data: {
+        name: formData.get('name') as string,
+        bio: formData.get('bio') as string
+      }
+    })
+    
+    revalidatePath('/profile')
+    return { success: true, profile }
+  } catch (error) {
+    console.error('Failed to update profile:', error)
+    return { 
+      success: false, 
+      error: 'Failed to update profile. Please try again.' 
+    }
+  }
+}
+```
+
+#### Optimistic Updates
+```typescript
+'use client'
+
+import { useOptimistic } from 'react'
+import { likePost } from './actions'
+
+const Post = ({ post }: { post: Post }) => {
+  const [optimisticLikes, addOptimisticLike] = useOptimistic(
+    post.likes,
+    (currentLikes) => currentLikes + 1
+  )
+  
+  const handleLike = async () => {
+    addOptimisticLike(null)
+    await likePost(post.id)
+  }
+  
+  return (
+    <div>
+      <p>{post.content}</p>
+      <button onClick={handleLike}>
+        ❤️ {optimisticLikes}
+      </button>
+    </div>
+  )
+}
+```
+
+## Data Mutations & Revalidation
+
+### revalidatePath
+Invalidate cached data for a path:
+
+```typescript
+'use server'
+
+import { revalidatePath } from 'next/cache'
+
+export async function createPost(formData: FormData) {
+  await db.post.create({ data: {...} })
+  
+  // Revalidate the posts page
+  revalidatePath('/posts')
+  
+  // Revalidate with layout
+  revalidatePath('/posts', 'layout')
+}
+```
+
+### revalidateTag
+Invalidate cached data by tag:
+
+```typescript
+'use server'
+
+import { revalidateTag } from 'next/cache'
+
+export async function updateProduct(id: string, data: ProductData) {
+  await db.product.update({ where: { id }, data })
+  
+  // Revalidate all queries tagged with 'products'
+  revalidateTag('products')
+}
+```
+
+### redirect
+Redirect after mutation:
+
+```typescript
+'use server'
+
+import { redirect } from 'next/navigation'
+
+export async function createPost(formData: FormData) {
+  const post = await db.post.create({ data: {...} })
+  
+  // Redirect to the new post
+  redirect(`/posts/${post.id}`)
+}
+```
+
+## Caching with Server Components
+
+### cache Function
+Deduplicate requests within a render:
+
+```typescript
+import { cache } from 'react'
+
+export const getUser = cache(async (id: string) => {
+  return await db.user.findUnique({ where: { id } })
+})
+
+// Called multiple times but only fetches once per render
+const Page = async () => {
+  const user1 = await getUser('123')
+  const user2 = await getUser('123')  // Uses cached result
+  
+  return <div>...</div>
+}
+```
+
+### Next.js fetch Caching
+```typescript
+// Cached by default
+const data = await fetch('https://api.example.com/data')
+
+// Revalidate every 60 seconds
+const data = await fetch('https://api.example.com/data', {
+  next: { revalidate: 60 }
+})
+
+// Never cache
+const data = await fetch('https://api.example.com/data', {
+  cache: 'no-store'
+})
+
+// Tag for revalidation
+const data = await fetch('https://api.example.com/data', {
+  next: { tags: ['products'] }
+})
+```
+
+## Best Practices
+
+### 1. Component Placement
+- Keep interactive components client-side
+- Use server components for data fetching
+- Place 'use client' as deep as possible in tree
+
+### 2. Data Fetching
+- Fetch in parallel when possible
+- Use Suspense for streaming
+- Cache expensive operations
+
+### 3. Server Functions
+- Validate all inputs
+- Check authentication/authorization
+- Handle errors gracefully
+- Return serializable data only
+
+### 4. Performance
+- Minimize client JavaScript
+- Use streaming for slow queries
+- Implement proper caching
+- Optimize database queries
+
+### 5. Security
+- Never expose secrets to client
+- Validate server function inputs
+- Use environment variables
+- Implement rate limiting
+
+## Common Patterns
+
+### Layout with Dynamic Data
+```typescript
+// app/layout.tsx
+const RootLayout = async ({ children }: { children: React.ReactNode }) => {
+  const user = await getCurrentUser()
+  
+  return (
+    <html>
+      <body>
+        <Header user={user} />
+        {children}
+        <Footer />
+      </body>
+    </html>
+  )
+}
+```
+
+### Loading States
+```typescript
+// app/products/loading.tsx
+export default function Loading() {
+  return <ProductsSkeleton />
+}
+
+// app/products/page.tsx
+const ProductsPage = async () => {
+  const products = await fetchProducts()
+  return <ProductsList products={products} />
+}
+```
+
+### Error Boundaries
+```typescript
+// app/products/error.tsx
+'use client'
+
+export default function Error({
+  error,
+  reset
+}: {
+  error: Error
+  reset: () => void
+}) {
+  return (
+    <div>
+      <h2>Something went wrong!</h2>
+      <p>{error.message}</p>
+      <button onClick={reset}>Try again</button>
+    </div>
+  )
+}
+```
+
+### Search with Server Functions
+```typescript
+'use client'
+
+import { searchProducts } from './actions'
+import { useDeferredValue, useState, useEffect } from 'react'
+
+const SearchPage = () => {
+  const [query, setQuery] = useState('')
+  const [results, setResults] = useState([])
+  const deferredQuery = useDeferredValue(query)
+  
+  useEffect(() => {
+    if (deferredQuery) {
+      searchProducts(deferredQuery).then(setResults)
+    }
+  }, [deferredQuery])
+  
+  return (
+    <>
+      <input 
+        value={query} 
+        onChange={e => setQuery(e.target.value)}
+      />
+      <ResultsList results={results} />
+    </>
+  )
+}
+```
+
+## Troubleshooting
+
+### Common Issues
+
+1. **"Cannot use hooks in Server Component"**
+   - Add 'use client' directive
+   - Move state logic to client component
+
+2. **"Functions cannot be passed to Client Components"**
+   - Use Server Functions instead
+   - Pass data, not functions
+
+3. **Hydration mismatches**
+   - Ensure server and client render same HTML
+   - Use useEffect for browser-only code
+
+4. **Slow initial load**
+   - Implement Suspense boundaries
+   - Use streaming rendering
+   - Optimize database queries
+
+## References
+
+- React Server Components: https://react.dev/reference/rsc/server-components
+- Server Functions: https://react.dev/reference/rsc/server-functions
+- Next.js App Router: https://nextjs.org/docs/app
+

.claude/skills/secp256k1.md

@@ -0,0 +1,388 @@
+# secp256k1 High-Performance Scalar Multiplication
+
+This skill provides detailed documentation of libsecp256k1's optimization techniques for elliptic curve scalar multiplication, enabling accurate replication in other languages.
+
+## Overview
+
+libsecp256k1 achieves exceptional performance through several combined techniques:
+1. **GLV Endomorphism** - Halves scalar size from 256-bit to 128-bit
+2. **wNAF Representation** - Sparse signed-digit encoding reducing additions
+3. **Strauss-Shamir Trick** - Simultaneous multi-scalar multiplication
+4. **Precomputed Tables** - Trading memory for computation
+5. **Jacobian Coordinates with Z-ratio tracking** - Minimizing field inversions
+
+## GLV Endomorphism (The Key Speedup)
+
+### Mathematical Foundation
+
+secp256k1 has a special property: `y² = x³ + 7` with `p ≡ 1 mod 3`, meaning cube roots of unity exist.
+
+**Beta (β)** is a cube root of unity in the field: `β³ = 1 mod p`
+```
+β = 0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee
+```
+
+**Lambda (λ)** is a cube root of unity in the scalar field: `λ³ = 1 mod n`
+```
+λ = 0x5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72
+```
+
+### The Endomorphism
+
+For any point `P = (x, y)` on secp256k1:
+```
+λ·P = (β·x, y)
+```
+
+This works because if `(x, y)` is on the curve:
+- `y² = x³ + 7`
+- Then for `(β·x, y)`: `y² = (β·x)³ + 7 = β³·x³ + 7 = x³ + 7` ✓
+
+**The multiplication by λ costs only ONE field multiplication** (multiply x by β), not ~256 point additions.
+
+### Scalar Decomposition
+
+Any scalar `k` can be decomposed as: `k = k₁ + k₂·λ mod n`
+
+Where `k₁` and `k₂` are both ~128 bits (half the original size).
+
+**Algorithm from `scalar_impl.h:142-180`:**
+
+```
+// Precomputed constants derived from Extended Euclidean Algorithm
+minus_b1 = 0xe4437ed6010e88286f547fa90abfe4c3  // ~128 bits
+minus_b2 = 0xfffffffffffffffe8a280ac50774346dd765cda83db1562c
+g1 = 0x3086d221a7d46bcde86c90e49284eb153daa8a1471e8ca7fe893209a45dbb031
+g2 = 0xe4437ed6010e88286f547fa90abfe4c4221208ac9df506c61571b4ae8ac47f71
+
+function split_lambda(k):
+    // Compute c1 = round(k * g1 / 2^384)
+    c1 = mul_shift_var(k, g1, 384)
+
+    // Compute c2 = round(k * g2 / 2^384)
+    c2 = mul_shift_var(k, g2, 384)
+
+    // k2 = c1*(-b1) + c2*(-b2)
+    c1 = c1 * minus_b1
+    c2 = c2 * minus_b2
+    k2 = c1 + c2
+
+    // k1 = k - k2*λ
+    k1 = k - k2 * λ
+
+    return (k1, k2)
+```
+
+**Result:** `k·P = k₁·P + k₂·(λ·P) = k₁·P + k₂·(β·P.x, P.y)`
+
+Two 128-bit multiplications instead of one 256-bit multiplication = ~42% fewer operations.
+
+## wNAF (Windowed Non-Adjacent Form)
+
+### Why wNAF?
+
+Standard binary: `k = 1011 = 1·2³ + 0·2² + 1·2¹ + 1·2⁰` → 3 additions
+
+wNAF allows negative digits, creating sparse representation with gaps:
+`k = 11 = 16 - 4 - 1 = 2⁴ - 2² - 1` → only 2 additions (but adding negatives)
+
+Point negation is cheap: `-(x, y) = (x, -y)` (one field negation)
+
+### wNAF Encoding Algorithm
+
+From `ecmult_impl.h:162-221`:
+
+```
+function ecmult_wnaf(scalar, window_size):
+    wnaf = array of zeros
+    w = window_size  // typically 5
+
+    s = scalar
+    if s is negative:
+        s = -s
+        sign = -1
+    else:
+        sign = 1
+
+    carry = 0
+    bit = 0
+
+    while bit < 256:
+        if bit_at(s, bit) == carry:
+            bit++
+            continue
+
+        // Extract w bits starting at 'bit'
+        word = get_bits(s, bit, w) + carry
+
+        // Determine if we need to carry
+        carry = (word >> (w-1)) & 1
+        word = word - (carry << w)
+
+        wnaf[bit] = sign * word
+        bit += w
+
+    return wnaf
+```
+
+**Properties of wNAF output:**
+- Each non-zero entry is odd and in range `[-(2^(w-1)-1), 2^(w-1)-1]`
+- At least `w-1` zeros between non-zero entries
+- Density of ~1/(w+1) non-zero entries
+
+**Example with w=5:**
+- Possible values: -15, -13, -11, -9, -7, -5, -3, -1, 1, 3, 5, 7, 9, 11, 13, 15
+- Precompute: `[1·P, 3·P, 5·P, 7·P, 9·P, 11·P, 13·P, 15·P]` (8 points)
+- Negative lookups use negation
+
+## Strauss-Shamir Simultaneous Multiplication
+
+### The Core Insight
+
+Computing `k₁·P₁ + k₂·P₂` naively: do each multiplication separately, then add.
+
+Strauss-Shamir: process both scalars bit-by-bit simultaneously:
+
+```
+function strauss_shamir(k1, k2, P1, P2):
+    // Precompute: P1, P2, P1+P2
+    P12 = P1 + P2
+
+    R = infinity
+    for i = max_bits-1 down to 0:
+        R = 2·R  // double
+
+        b1 = bit_at(k1, i)
+        b2 = bit_at(k2, i)
+
+        if b1 and b2:
+            R = R + P12
+        else if b1:
+            R = R + P1
+        else if b2:
+            R = R + P2
+
+    return R
+```
+
+**Improvement:** ~1.75n additions instead of ~3n additions for n-bit scalars (42% reduction).
+
+### Combined with wNAF and GLV
+
+libsecp256k1 combines all three:
+
+From `ecmult_impl.h:252-362`:
+
+```
+function ecmult_strauss_wnaf(points[], scalars[], ng):
+    // For generator G multiplication:
+    // Split ng into ng_1 (low 128 bits) and ng_128 (high 128 bits)
+    split_128(ng, &ng_1, &ng_128)
+
+    // Use precomputed tables for G and 2^128·G
+    wnaf_ng_1 = wnaf(ng_1, WINDOW_G)    // WINDOW_G = 15
+    wnaf_ng_128 = wnaf(ng_128, WINDOW_G)
+
+    // For each point P:
+    for each (P, na) in (points, scalars):
+        // GLV decomposition
+        split_lambda(na, &na_1, &na_lam)
+
+        // wNAF encode both halves
+        wnaf_na_1 = wnaf(na_1, WINDOW_A)    // WINDOW_A = 5
+        wnaf_na_lam = wnaf(na_lam, WINDOW_A)
+
+        // Precompute odd multiples: [1·P, 3·P, ..., 15·P]
+        precompute_odd_multiples(P, table)
+
+        // Also store lambda-transformed x-coordinates
+        for each entry in table:
+            aux[i] = table[i].x * β
+
+    // Main loop: process all wnaf arrays simultaneously
+    R = infinity
+    for i = max_bits-1 down to 0:
+        R = 2·R
+
+        // Add contributions from each point's wnaf_na_1
+        for each point:
+            if wnaf_na_1[i] != 0:
+                R += lookup_table(wnaf_na_1[i])
+
+        // Add contributions from each point's wnaf_na_lam (using β-scaled x)
+        for each point:
+            if wnaf_na_lam[i] != 0:
+                R += lookup_table_lambda(wnaf_na_lam[i])
+
+        // Add contributions from G tables
+        if wnaf_ng_1[i] != 0:
+            R += lookup_precomputed_G(wnaf_ng_1[i])
+        if wnaf_ng_128[i] != 0:
+            R += lookup_precomputed_G_128(wnaf_ng_128[i])
+
+    return R
+```
+
+## Precomputed Tables
+
+### For Generator G (Verification)
+
+Two tables of 2^(WINDOW_G-2) = 2^13 = 8192 points each:
+- `secp256k1_pre_g`: odd multiples of G
+- `secp256k1_pre_g_128`: odd multiples of 2^128·G
+
+**Memory:** 2 × 8192 × 64 bytes = 1 MB
+
+The generator scalar is split at bit 128 (not using GLV), then each half uses the massive precomputed tables.
+
+### For Signing (ecmult_gen)
+
+Uses **signed-digit multi-comb** algorithm instead:
+
+```
+Configuration (default):
+- COMB_BLOCKS = 11
+- COMB_TEETH = 6
+- COMB_SPACING = ceil(256 / (11*6)) = 4
+
+Table size: 11 * 2^(6-1) = 11 * 32 = 352 entries = 22 KB
+```
+
+The comb algorithm:
+1. Represents scalar using bits at spacing intervals
+2. Each "block" covers TEETH bits spaced SPACING apart
+3. Look up combined contribution from table
+4. Total: BLOCKS × SPACING additions, SPACING-1 doublings
+
+## Jacobian Coordinates with Z-Ratio Optimization
+
+### Why Jacobian?
+
+Affine: `(x, y)` where `y² = x³ + 7`
+Jacobian: `(X, Y, Z)` represents `(X/Z², Y/Z³)`
+
+Point addition in affine requires field inversion (~100× slower than multiplication).
+Jacobian postpones inversions until final result.
+
+### Z-Ratio Tracking
+
+When building precomputation tables, libsecp256k1 tracks ratios between Z coordinates instead of computing each Z independently.
+
+From `ecmult_impl.h:73-115`:
+
+```
+function build_odd_multiples_table(P):
+    D = 2·P
+
+    // Work in isomorphic curve Y² = X³ + 7·C⁶ where C = D.z
+    // This lets us use faster mixed addition (affine + jacobian)
+
+    table[0] = P (scaled)
+    zr[0] = D.z  // ratio: table[0].z_actual = P.z * zr[0]
+
+    for i = 1 to n-1:
+        // Add D (in affine form on isomorphic curve)
+        table[i], zr[i] = table[i-1] + D_affine
+
+    // At end: one multiplication undoes the isomorphism
+    final_z = last.z * D.z
+```
+
+Then `secp256k1_ge_table_set_globalz` applies all ratios to convert to common Z.
+
+## Point Addition Formulas
+
+### Mixed Addition (Jacobian + Affine) - `secp256k1_gej_add_ge_var`
+
+8 mul, 3 sqr when adding affine point to Jacobian point. Used when one operand comes from precomputed table.
+
+### Unified Addition/Doubling - `secp256k1_gej_add_ge`
+
+7 mul, 5 sqr - handles both addition and doubling without branching, critical for constant-time signing.
+
+Uses Brier-Joye formula that avoids special-case for y₁ = -y₂.
+
+### Point Doubling - `secp256k1_gej_double`
+
+3 mul, 4 sqr - exploits secp256k1's a=0 coefficient.
+
+```
+Formula (from group_impl.h:460-492):
+L = (3/2) * X₁²
+S = Y₁²
+T = -X₁*S
+X₃ = L² + 2*T
+Y₃ = -(L*(X₃ + T) + S²)
+Z₃ = Y₁*Z₁
+```
+
+## Constant-Time Considerations
+
+Critical for signing to prevent timing attacks:
+
+1. **Table lookups use conditional moves** - scan entire table, cmov on match
+2. **No branching on secret data** - use arithmetic instead of if/else
+3. **Projective blinding** - random Z coordinate masks intermediate values
+4. **Scalar blinding** - add random offset, compensate with point offset
+
+## Key Implementation Details for Porting
+
+### Table Lookup Without Branches
+
+```
+function table_get_ge(table, n, window):
+    // n is odd, signed: -15, -13, ..., -1, 1, ..., 15
+    if n > 0:
+        result = table[(n-1)/2]
+    else:
+        result = table[(-n-1)/2]
+        result.y = -result.y  // negate
+```
+
+### Lambda Application for GLV
+
+```
+function ge_mul_lambda(P):
+    // Returns λ·P = (β·x, y)
+    return (P.x * β, P.y)
+```
+
+No point arithmetic needed - just one field multiplication!
+
+### Scalar Split for G Multiplication
+
+The generator uses bit-128 splitting (not GLV):
+
+```
+function split_128(k):
+    k_lo = k & ((1 << 128) - 1)
+    k_hi = k >> 128
+    return (k_lo, k_hi)
+```
+
+This pairs with precomputed tables for G and 2^128·G.
+
+## Algorithm Selection
+
+From `ecmult_impl.h:822-866`:
+
+- **< 88 points:** Strauss algorithm (interleaved wNAF)
+- **≥ 88 points:** Pippenger algorithm (bucket method)
+- **Single point + G:** Basic Strauss with GLV
+- **Generator only:** Comb algorithm (constant-time)
+
+## Performance Summary
+
+For signature verification (`na·P + ng·G`):
+- GLV: 256-bit → two 128-bit multiplications
+- wNAF: ~20% of bits are non-zero (density 1/6 with w=5)
+- Strauss: processes 4 scalars simultaneously (na_1, na_lam, ng_1, ng_128)
+- Precomputation: ~1 MB for G eliminates most additions
+- Result: ~42% speedup from GLV, ~40% from Strauss, ~50% from large window = ~80% total improvement over naive
+
+## References
+
+- [Guide to Elliptic Curve Cryptography](https://www.springer.com/gp/book/9780387952734) - Hankerson, Menezes, Vanstone
+- [GLV Paper](https://www.iacr.org/cryptodb/archive/2001/CRYPTO/21390001.pdf) - Gallant, Lambert, Vanstone
+- [Fast ECC by Hamburg](https://eprint.iacr.org/2012/309) - Signed-digit multi-comb
+- [Paul Miller's noble-secp256k1](https://paulmillr.com/posts/noble-secp256k1-fast-ecc/) - JavaScript implementation

.claude/skills/skill-creator/LICENSE.txt

@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

.claude/skills/skill-creator/SKILL.md

@@ -0,0 +1,209 @@
+---
+name: skill-creator
+description: Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends Claude's capabilities with specialized knowledge, workflows, or tool integrations.
+license: Complete terms in LICENSE.txt
+---
+
+# Skill Creator
+
+This skill provides guidance for creating effective skills.
+
+## About Skills
+
+Skills are modular, self-contained packages that extend Claude's capabilities by providing
+specialized knowledge, workflows, and tools. Think of them as "onboarding guides" for specific
+domains or tasks—they transform Claude from a general-purpose agent into a specialized agent
+equipped with procedural knowledge that no model can fully possess.
+
+### What Skills Provide
+
+1. Specialized workflows - Multi-step procedures for specific domains
+2. Tool integrations - Instructions for working with specific file formats or APIs
+3. Domain expertise - Company-specific knowledge, schemas, business logic
+4. Bundled resources - Scripts, references, and assets for complex and repetitive tasks
+
+### Anatomy of a Skill
+
+Every skill consists of a required SKILL.md file and optional bundled resources:
+
+```
+skill-name/
+├── SKILL.md (required)
+│   ├── YAML frontmatter metadata (required)
+│   │   ├── name: (required)
+│   │   └── description: (required)
+│   └── Markdown instructions (required)
+└── Bundled Resources (optional)
+    ├── scripts/          - Executable code (Python/Bash/etc.)
+    ├── references/       - Documentation intended to be loaded into context as needed
+    └── assets/           - Files used in output (templates, icons, fonts, etc.)
+```
+
+#### SKILL.md (required)
+
+**Metadata Quality:** The `name` and `description` in YAML frontmatter determine when Claude will use the skill. Be specific about what the skill does and when to use it. Use the third-person (e.g. "This skill should be used when..." instead of "Use this skill when...").
+
+#### Bundled Resources (optional)
+
+##### Scripts (`scripts/`)
+
+Executable code (Python/Bash/etc.) for tasks that require deterministic reliability or are repeatedly rewritten.
+
+- **When to include**: When the same code is being rewritten repeatedly or deterministic reliability is needed
+- **Example**: `scripts/rotate_pdf.py` for PDF rotation tasks
+- **Benefits**: Token efficient, deterministic, may be executed without loading into context
+- **Note**: Scripts may still need to be read by Claude for patching or environment-specific adjustments
+
+##### References (`references/`)
+
+Documentation and reference material intended to be loaded as needed into context to inform Claude's process and thinking.
+
+- **When to include**: For documentation that Claude should reference while working
+- **Examples**: `references/finance.md` for financial schemas, `references/mnda.md` for company NDA template, `references/policies.md` for company policies, `references/api_docs.md` for API specifications
+- **Use cases**: Database schemas, API documentation, domain knowledge, company policies, detailed workflow guides
+- **Benefits**: Keeps SKILL.md lean, loaded only when Claude determines it's needed
+- **Best practice**: If files are large (>10k words), include grep search patterns in SKILL.md
+- **Avoid duplication**: Information should live in either SKILL.md or references files, not both. Prefer references files for detailed information unless it's truly core to the skill—this keeps SKILL.md lean while making information discoverable without hogging the context window. Keep only essential procedural instructions and workflow guidance in SKILL.md; move detailed reference material, schemas, and examples to references files.
+
+##### Assets (`assets/`)
+
+Files not intended to be loaded into context, but rather used within the output Claude produces.
+
+- **When to include**: When the skill needs files that will be used in the final output
+- **Examples**: `assets/logo.png` for brand assets, `assets/slides.pptx` for PowerPoint templates, `assets/frontend-template/` for HTML/React boilerplate, `assets/font.ttf` for typography
+- **Use cases**: Templates, images, icons, boilerplate code, fonts, sample documents that get copied or modified
+- **Benefits**: Separates output resources from documentation, enables Claude to use files without loading them into context
+
+### Progressive Disclosure Design Principle
+
+Skills use a three-level loading system to manage context efficiently:
+
+1. **Metadata (name + description)** - Always in context (~100 words)
+2. **SKILL.md body** - When skill triggers (<5k words)
+3. **Bundled resources** - As needed by Claude (Unlimited*)
+
+*Unlimited because scripts can be executed without reading into context window.
+
+## Skill Creation Process
+
+To create a skill, follow the "Skill Creation Process" in order, skipping steps only if there is a clear reason why they are not applicable.
+
+### Step 1: Understanding the Skill with Concrete Examples
+
+Skip this step only when the skill's usage patterns are already clearly understood. It remains valuable even when working with an existing skill.
+
+To create an effective skill, clearly understand concrete examples of how the skill will be used. This understanding can come from either direct user examples or generated examples that are validated with user feedback.
+
+For example, when building an image-editor skill, relevant questions include:
+
+- "What functionality should the image-editor skill support? Editing, rotating, anything else?"
+- "Can you give some examples of how this skill would be used?"
+- "I can imagine users asking for things like 'Remove the red-eye from this image' or 'Rotate this image'. Are there other ways you imagine this skill being used?"
+- "What would a user say that should trigger this skill?"
+
+To avoid overwhelming users, avoid asking too many questions in a single message. Start with the most important questions and follow up as needed for better effectiveness.
+
+Conclude this step when there is a clear sense of the functionality the skill should support.
+
+### Step 2: Planning the Reusable Skill Contents
+
+To turn concrete examples into an effective skill, analyze each example by:
+
+1. Considering how to execute on the example from scratch
+2. Identifying what scripts, references, and assets would be helpful when executing these workflows repeatedly
+
+Example: When building a `pdf-editor` skill to handle queries like "Help me rotate this PDF," the analysis shows:
+
+1. Rotating a PDF requires re-writing the same code each time
+2. A `scripts/rotate_pdf.py` script would be helpful to store in the skill
+
+Example: When designing a `frontend-webapp-builder` skill for queries like "Build me a todo app" or "Build me a dashboard to track my steps," the analysis shows:
+
+1. Writing a frontend webapp requires the same boilerplate HTML/React each time
+2. An `assets/hello-world/` template containing the boilerplate HTML/React project files would be helpful to store in the skill
+
+Example: When building a `big-query` skill to handle queries like "How many users have logged in today?" the analysis shows:
+
+1. Querying BigQuery requires re-discovering the table schemas and relationships each time
+2. A `references/schema.md` file documenting the table schemas would be helpful to store in the skill
+
+To establish the skill's contents, analyze each concrete example to create a list of the reusable resources to include: scripts, references, and assets.
+
+### Step 3: Initializing the Skill
+
+At this point, it is time to actually create the skill.
+
+Skip this step only if the skill being developed already exists, and iteration or packaging is needed. In this case, continue to the next step.
+
+When creating a new skill from scratch, always run the `init_skill.py` script. The script conveniently generates a new template skill directory that automatically includes everything a skill requires, making the skill creation process much more efficient and reliable.
+
+Usage:
+
+```bash
+scripts/init_skill.py <skill-name> --path <output-directory>
+```
+
+The script:
+
+- Creates the skill directory at the specified path
+- Generates a SKILL.md template with proper frontmatter and TODO placeholders
+- Creates example resource directories: `scripts/`, `references/`, and `assets/`
+- Adds example files in each directory that can be customized or deleted
+
+After initialization, customize or remove the generated SKILL.md and example files as needed.
+
+### Step 4: Edit the Skill
+
+When editing the (newly-generated or existing) skill, remember that the skill is being created for another instance of Claude to use. Focus on including information that would be beneficial and non-obvious to Claude. Consider what procedural knowledge, domain-specific details, or reusable assets would help another Claude instance execute these tasks more effectively.
+
+#### Start with Reusable Skill Contents
+
+To begin implementation, start with the reusable resources identified above: `scripts/`, `references/`, and `assets/` files. Note that this step may require user input. For example, when implementing a `brand-guidelines` skill, the user may need to provide brand assets or templates to store in `assets/`, or documentation to store in `references/`.
+
+Also, delete any example files and directories not needed for the skill. The initialization script creates example files in `scripts/`, `references/`, and `assets/` to demonstrate structure, but most skills won't need all of them.
+
+#### Update SKILL.md
+
+**Writing Style:** Write the entire skill using **imperative/infinitive form** (verb-first instructions), not second person. Use objective, instructional language (e.g., "To accomplish X, do Y" rather than "You should do X" or "If you need to do X"). This maintains consistency and clarity for AI consumption.
+
+To complete SKILL.md, answer the following questions:
+
+1. What is the purpose of the skill, in a few sentences?
+2. When should the skill be used?
+3. In practice, how should Claude use the skill? All reusable skill contents developed above should be referenced so that Claude knows how to use them.
+
+### Step 5: Packaging a Skill
+
+Once the skill is ready, it should be packaged into a distributable zip file that gets shared with the user. The packaging process automatically validates the skill first to ensure it meets all requirements:
+
+```bash
+scripts/package_skill.py <path/to/skill-folder>
+```
+
+Optional output directory specification:
+
+```bash
+scripts/package_skill.py <path/to/skill-folder> ./dist
+```
+
+The packaging script will:
+
+1. **Validate** the skill automatically, checking:
+   - YAML frontmatter format and required fields
+   - Skill naming conventions and directory structure
+   - Description completeness and quality
+   - File organization and resource references
+
+2. **Package** the skill if validation passes, creating a zip file named after the skill (e.g., `my-skill.zip`) that includes all files and maintains the proper directory structure for distribution.
+
+If validation fails, the script will report the errors and exit without creating a package. Fix any validation errors and run the packaging command again.
+
+### Step 6: Iterate
+
+After testing the skill, users may request improvements. Often this happens right after using the skill, with fresh context of how the skill performed.
+
+**Iteration workflow:**
+1. Use the skill on real tasks
+2. Notice struggles or inefficiencies
+3. Identify how SKILL.md or bundled resources should be updated
+4. Implement changes and test again

.claude/skills/skill-creator/scripts/init_skill.py

@@ -0,0 +1,303 @@
+#!/usr/bin/env python3
+"""
+Skill Initializer - Creates a new skill from template
+
+Usage:
+    init_skill.py <skill-name> --path <path>
+
+Examples:
+    init_skill.py my-new-skill --path skills/public
+    init_skill.py my-api-helper --path skills/private
+    init_skill.py custom-skill --path /custom/location
+"""
+
+import sys
+from pathlib import Path
+
+
+SKILL_TEMPLATE = """---
+name: {skill_name}
+description: [TODO: Complete and informative explanation of what the skill does and when to use it. Include WHEN to use this skill - specific scenarios, file types, or tasks that trigger it.]
+---
+
+# {skill_title}
+
+## Overview
+
+[TODO: 1-2 sentences explaining what this skill enables]
+
+## Structuring This Skill
+
+[TODO: Choose the structure that best fits this skill's purpose. Common patterns:
+
+**1. Workflow-Based** (best for sequential processes)
+- Works well when there are clear step-by-step procedures
+- Example: DOCX skill with "Workflow Decision Tree" → "Reading" → "Creating" → "Editing"
+- Structure: ## Overview → ## Workflow Decision Tree → ## Step 1 → ## Step 2...
+
+**2. Task-Based** (best for tool collections)
+- Works well when the skill offers different operations/capabilities
+- Example: PDF skill with "Quick Start" → "Merge PDFs" → "Split PDFs" → "Extract Text"
+- Structure: ## Overview → ## Quick Start → ## Task Category 1 → ## Task Category 2...
+
+**3. Reference/Guidelines** (best for standards or specifications)
+- Works well for brand guidelines, coding standards, or requirements
+- Example: Brand styling with "Brand Guidelines" → "Colors" → "Typography" → "Features"
+- Structure: ## Overview → ## Guidelines → ## Specifications → ## Usage...
+
+**4. Capabilities-Based** (best for integrated systems)
+- Works well when the skill provides multiple interrelated features
+- Example: Product Management with "Core Capabilities" → numbered capability list
+- Structure: ## Overview → ## Core Capabilities → ### 1. Feature → ### 2. Feature...
+
+Patterns can be mixed and matched as needed. Most skills combine patterns (e.g., start with task-based, add workflow for complex operations).
+
+Delete this entire "Structuring This Skill" section when done - it's just guidance.]
+
+## [TODO: Replace with the first main section based on chosen structure]
+
+[TODO: Add content here. See examples in existing skills:
+- Code samples for technical skills
+- Decision trees for complex workflows
+- Concrete examples with realistic user requests
+- References to scripts/templates/references as needed]
+
+## Resources
+
+This skill includes example resource directories that demonstrate how to organize different types of bundled resources:
+
+### scripts/
+Executable code (Python/Bash/etc.) that can be run directly to perform specific operations.
+
+**Examples from other skills:**
+- PDF skill: `fill_fillable_fields.py`, `extract_form_field_info.py` - utilities for PDF manipulation
+- DOCX skill: `document.py`, `utilities.py` - Python modules for document processing
+
+**Appropriate for:** Python scripts, shell scripts, or any executable code that performs automation, data processing, or specific operations.
+
+**Note:** Scripts may be executed without loading into context, but can still be read by Claude for patching or environment adjustments.
+
+### references/
+Documentation and reference material intended to be loaded into context to inform Claude's process and thinking.
+
+**Examples from other skills:**
+- Product management: `communication.md`, `context_building.md` - detailed workflow guides
+- BigQuery: API reference documentation and query examples
+- Finance: Schema documentation, company policies
+
+**Appropriate for:** In-depth documentation, API references, database schemas, comprehensive guides, or any detailed information that Claude should reference while working.
+
+### assets/
+Files not intended to be loaded into context, but rather used within the output Claude produces.
+
+**Examples from other skills:**
+- Brand styling: PowerPoint template files (.pptx), logo files
+- Frontend builder: HTML/React boilerplate project directories
+- Typography: Font files (.ttf, .woff2)
+
+**Appropriate for:** Templates, boilerplate code, document templates, images, icons, fonts, or any files meant to be copied or used in the final output.
+
+---
+
+**Any unneeded directories can be deleted.** Not every skill requires all three types of resources.
+"""
+
+EXAMPLE_SCRIPT = '''#!/usr/bin/env python3
+"""
+Example helper script for {skill_name}
+
+This is a placeholder script that can be executed directly.
+Replace with actual implementation or delete if not needed.
+
+Example real scripts from other skills:
+- pdf/scripts/fill_fillable_fields.py - Fills PDF form fields
+- pdf/scripts/convert_pdf_to_images.py - Converts PDF pages to images
+"""
+
+def main():
+    print("This is an example script for {skill_name}")
+    # TODO: Add actual script logic here
+    # This could be data processing, file conversion, API calls, etc.
+
+if __name__ == "__main__":
+    main()
+'''
+
+EXAMPLE_REFERENCE = """# Reference Documentation for {skill_title}
+
+This is a placeholder for detailed reference documentation.
+Replace with actual reference content or delete if not needed.
+
+Example real reference docs from other skills:
+- product-management/references/communication.md - Comprehensive guide for status updates
+- product-management/references/context_building.md - Deep-dive on gathering context
+- bigquery/references/ - API references and query examples
+
+## When Reference Docs Are Useful
+
+Reference docs are ideal for:
+- Comprehensive API documentation
+- Detailed workflow guides
+- Complex multi-step processes
+- Information too lengthy for main SKILL.md
+- Content that's only needed for specific use cases
+
+## Structure Suggestions
+
+### API Reference Example
+- Overview
+- Authentication
+- Endpoints with examples
+- Error codes
+- Rate limits
+
+### Workflow Guide Example
+- Prerequisites
+- Step-by-step instructions
+- Common patterns
+- Troubleshooting
+- Best practices
+"""
+
+EXAMPLE_ASSET = """# Example Asset File
+
+This placeholder represents where asset files would be stored.
+Replace with actual asset files (templates, images, fonts, etc.) or delete if not needed.
+
+Asset files are NOT intended to be loaded into context, but rather used within
+the output Claude produces.
+
+Example asset files from other skills:
+- Brand guidelines: logo.png, slides_template.pptx
+- Frontend builder: hello-world/ directory with HTML/React boilerplate
+- Typography: custom-font.ttf, font-family.woff2
+- Data: sample_data.csv, test_dataset.json
+
+## Common Asset Types
+
+- Templates: .pptx, .docx, boilerplate directories
+- Images: .png, .jpg, .svg, .gif
+- Fonts: .ttf, .otf, .woff, .woff2
+- Boilerplate code: Project directories, starter files
+- Icons: .ico, .svg
+- Data files: .csv, .json, .xml, .yaml
+
+Note: This is a text placeholder. Actual assets can be any file type.
+"""
+
+
+def title_case_skill_name(skill_name):
+    """Convert hyphenated skill name to Title Case for display."""
+    return ' '.join(word.capitalize() for word in skill_name.split('-'))
+
+
+def init_skill(skill_name, path):
+    """
+    Initialize a new skill directory with template SKILL.md.
+
+    Args:
+        skill_name: Name of the skill
+        path: Path where the skill directory should be created
+
+    Returns:
+        Path to created skill directory, or None if error
+    """
+    # Determine skill directory path
+    skill_dir = Path(path).resolve() / skill_name
+
+    # Check if directory already exists
+    if skill_dir.exists():
+        print(f"❌ Error: Skill directory already exists: {skill_dir}")
+        return None
+
+    # Create skill directory
+    try:
+        skill_dir.mkdir(parents=True, exist_ok=False)
+        print(f"✅ Created skill directory: {skill_dir}")
+    except Exception as e:
+        print(f"❌ Error creating directory: {e}")
+        return None
+
+    # Create SKILL.md from template
+    skill_title = title_case_skill_name(skill_name)
+    skill_content = SKILL_TEMPLATE.format(
+        skill_name=skill_name,
+        skill_title=skill_title
+    )
+
+    skill_md_path = skill_dir / 'SKILL.md'
+    try:
+        skill_md_path.write_text(skill_content)
+        print("✅ Created SKILL.md")
+    except Exception as e:
+        print(f"❌ Error creating SKILL.md: {e}")
+        return None
+
+    # Create resource directories with example files
+    try:
+        # Create scripts/ directory with example script
+        scripts_dir = skill_dir / 'scripts'
+        scripts_dir.mkdir(exist_ok=True)
+        example_script = scripts_dir / 'example.py'
+        example_script.write_text(EXAMPLE_SCRIPT.format(skill_name=skill_name))
+        example_script.chmod(0o755)
+        print("✅ Created scripts/example.py")
+
+        # Create references/ directory with example reference doc
+        references_dir = skill_dir / 'references'
+        references_dir.mkdir(exist_ok=True)
+        example_reference = references_dir / 'api_reference.md'
+        example_reference.write_text(EXAMPLE_REFERENCE.format(skill_title=skill_title))
+        print("✅ Created references/api_reference.md")
+
+        # Create assets/ directory with example asset placeholder
+        assets_dir = skill_dir / 'assets'
+        assets_dir.mkdir(exist_ok=True)
+        example_asset = assets_dir / 'example_asset.txt'
+        example_asset.write_text(EXAMPLE_ASSET)
+        print("✅ Created assets/example_asset.txt")
+    except Exception as e:
+        print(f"❌ Error creating resource directories: {e}")
+        return None
+
+    # Print next steps
+    print(f"\n✅ Skill '{skill_name}' initialized successfully at {skill_dir}")
+    print("\nNext steps:")
+    print("1. Edit SKILL.md to complete the TODO items and update the description")
+    print("2. Customize or delete the example files in scripts/, references/, and assets/")
+    print("3. Run the validator when ready to check the skill structure")
+
+    return skill_dir
+
+
+def main():
+    if len(sys.argv) < 4 or sys.argv[2] != '--path':
+        print("Usage: init_skill.py <skill-name> --path <path>")
+        print("\nSkill name requirements:")
+        print("  - Hyphen-case identifier (e.g., 'data-analyzer')")
+        print("  - Lowercase letters, digits, and hyphens only")
+        print("  - Max 40 characters")
+        print("  - Must match directory name exactly")
+        print("\nExamples:")
+        print("  init_skill.py my-new-skill --path skills/public")
+        print("  init_skill.py my-api-helper --path skills/private")
+        print("  init_skill.py custom-skill --path /custom/location")
+        sys.exit(1)
+
+    skill_name = sys.argv[1]
+    path = sys.argv[3]
+
+    print(f"🚀 Initializing skill: {skill_name}")
+    print(f"   Location: {path}")
+    print()
+
+    result = init_skill(skill_name, path)
+
+    if result:
+        sys.exit(0)
+    else:
+        sys.exit(1)
+
+
+if __name__ == "__main__":
+    main()

.claude/skills/skill-creator/scripts/package_skill.py

@@ -0,0 +1,110 @@
+#!/usr/bin/env python3
+"""
+Skill Packager - Creates a distributable zip file of a skill folder
+
+Usage:
+    python utils/package_skill.py <path/to/skill-folder> [output-directory]
+
+Example:
+    python utils/package_skill.py skills/public/my-skill
+    python utils/package_skill.py skills/public/my-skill ./dist
+"""
+
+import sys
+import zipfile
+from pathlib import Path
+from quick_validate import validate_skill
+
+
+def package_skill(skill_path, output_dir=None):
+    """
+    Package a skill folder into a zip file.
+
+    Args:
+        skill_path: Path to the skill folder
+        output_dir: Optional output directory for the zip file (defaults to current directory)
+
+    Returns:
+        Path to the created zip file, or None if error
+    """
+    skill_path = Path(skill_path).resolve()
+
+    # Validate skill folder exists
+    if not skill_path.exists():
+        print(f"❌ Error: Skill folder not found: {skill_path}")
+        return None
+
+    if not skill_path.is_dir():
+        print(f"❌ Error: Path is not a directory: {skill_path}")
+        return None
+
+    # Validate SKILL.md exists
+    skill_md = skill_path / "SKILL.md"
+    if not skill_md.exists():
+        print(f"❌ Error: SKILL.md not found in {skill_path}")
+        return None
+
+    # Run validation before packaging
+    print("🔍 Validating skill...")
+    valid, message = validate_skill(skill_path)
+    if not valid:
+        print(f"❌ Validation failed: {message}")
+        print("   Please fix the validation errors before packaging.")
+        return None
+    print(f"✅ {message}\n")
+
+    # Determine output location
+    skill_name = skill_path.name
+    if output_dir:
+        output_path = Path(output_dir).resolve()
+        output_path.mkdir(parents=True, exist_ok=True)
+    else:
+        output_path = Path.cwd()
+
+    zip_filename = output_path / f"{skill_name}.zip"
+
+    # Create the zip file
+    try:
+        with zipfile.ZipFile(zip_filename, 'w', zipfile.ZIP_DEFLATED) as zipf:
+            # Walk through the skill directory
+            for file_path in skill_path.rglob('*'):
+                if file_path.is_file():
+                    # Calculate the relative path within the zip
+                    arcname = file_path.relative_to(skill_path.parent)
+                    zipf.write(file_path, arcname)
+                    print(f"  Added: {arcname}")
+
+        print(f"\n✅ Successfully packaged skill to: {zip_filename}")
+        return zip_filename
+
+    except Exception as e:
+        print(f"❌ Error creating zip file: {e}")
+        return None
+
+
+def main():
+    if len(sys.argv) < 2:
+        print("Usage: python utils/package_skill.py <path/to/skill-folder> [output-directory]")
+        print("\nExample:")
+        print("  python utils/package_skill.py skills/public/my-skill")
+        print("  python utils/package_skill.py skills/public/my-skill ./dist")
+        sys.exit(1)
+
+    skill_path = sys.argv[1]
+    output_dir = sys.argv[2] if len(sys.argv) > 2 else None
+
+    print(f"📦 Packaging skill: {skill_path}")
+    if output_dir:
+        print(f"   Output directory: {output_dir}")
+    print()
+
+    result = package_skill(skill_path, output_dir)
+
+    if result:
+        sys.exit(0)
+    else:
+        sys.exit(1)
+
+
+if __name__ == "__main__":
+    main()

.claude/skills/skill-creator/scripts/quick_validate.py

@@ -0,0 +1,65 @@
+#!/usr/bin/env python3
+"""
+Quick validation script for skills - minimal version
+"""
+
+import sys
+import os
+import re
+from pathlib import Path
+
+def validate_skill(skill_path):
+    """Basic validation of a skill"""
+    skill_path = Path(skill_path)
+    
+    # Check SKILL.md exists
+    skill_md = skill_path / 'SKILL.md'
+    if not skill_md.exists():
+        return False, "SKILL.md not found"
+    
+    # Read and validate frontmatter
+    content = skill_md.read_text()
+    if not content.startswith('---'):
+        return False, "No YAML frontmatter found"
+    
+    # Extract frontmatter
+    match = re.match(r'^---\n(.*?)\n---', content, re.DOTALL)
+    if not match:
+        return False, "Invalid frontmatter format"
+    
+    frontmatter = match.group(1)
+    
+    # Check required fields
+    if 'name:' not in frontmatter:
+        return False, "Missing 'name' in frontmatter"
+    if 'description:' not in frontmatter:
+        return False, "Missing 'description' in frontmatter"
+    
+    # Extract name for validation
+    name_match = re.search(r'name:\s*(.+)', frontmatter)
+    if name_match:
+        name = name_match.group(1).strip()
+        # Check naming convention (hyphen-case: lowercase with hyphens)
+        if not re.match(r'^[a-z0-9-]+$', name):
+            return False, f"Name '{name}' should be hyphen-case (lowercase letters, digits, and hyphens only)"
+        if name.startswith('-') or name.endswith('-') or '--' in name:
+            return False, f"Name '{name}' cannot start/end with hyphen or contain consecutive hyphens"
+
+    # Extract and validate description
+    desc_match = re.search(r'description:\s*(.+)', frontmatter)
+    if desc_match:
+        description = desc_match.group(1).strip()
+        # Check for angle brackets
+        if '<' in description or '>' in description:
+            return False, "Description cannot contain angle brackets (< or >)"
+
+    return True, "Skill is valid!"
+
+if __name__ == "__main__":
+    if len(sys.argv) != 2:
+        print("Usage: python quick_validate.py <skill_directory>")
+        sys.exit(1)
+    
+    valid, message = validate_skill(sys.argv[1])
+    print(message)
+    sys.exit(0 if valid else 1)

.claude/skills/typescript/README.md

@@ -0,0 +1,133 @@
+# TypeScript Claude Skill
+
+Comprehensive TypeScript skill for type-safe development with modern JavaScript/TypeScript applications.
+
+## Overview
+
+This skill provides in-depth knowledge about TypeScript's type system, patterns, best practices, and integration with popular frameworks like React. It covers everything from basic types to advanced type manipulation techniques.
+
+## Files
+
+### Core Documentation
+- **SKILL.md** - Main skill file with workflows and when to use this skill
+- **quick-reference.md** - Quick lookup guide for common TypeScript syntax and patterns
+
+### Reference Materials
+- **references/type-system.md** - Comprehensive guide to TypeScript's type system
+- **references/utility-types.md** - Complete reference for built-in and custom utility types
+- **references/common-patterns.md** - Real-world TypeScript patterns and idioms
+
+### Examples
+- **examples/type-system-basics.ts** - Fundamental TypeScript concepts
+- **examples/advanced-types.ts** - Generics, conditional types, mapped types
+- **examples/react-patterns.ts** - Type-safe React components and hooks
+- **examples/README.md** - Guide to using the examples
+
+## Usage
+
+### When to Use This Skill
+
+Reference this skill when:
+- Writing or refactoring TypeScript code
+- Designing type-safe APIs and interfaces
+- Working with advanced type system features
+- Configuring TypeScript projects
+- Troubleshooting type errors
+- Implementing type-safe patterns with libraries
+- Converting JavaScript to TypeScript
+
+### Quick Start
+
+For quick lookups, start with `quick-reference.md` which provides concise syntax and patterns.
+
+For learning or deep dives:
+1. **Fundamentals**: Start with `references/type-system.md`
+2. **Utilities**: Learn about transformations in `references/utility-types.md`
+3. **Patterns**: Study real-world patterns in `references/common-patterns.md`
+4. **Practice**: Explore code examples in `examples/`
+
+## Key Topics Covered
+
+### Type System
+- Primitive types and special types
+- Object types (interfaces, type aliases)
+- Union and intersection types
+- Literal types and template literal types
+- Type inference and narrowing
+- Generic types with constraints
+- Conditional types and mapped types
+- Recursive types
+
+### Advanced Features
+- Type guards and type predicates
+- Assertion functions
+- Branded types for nominal typing
+- Key remapping and filtering
+- Distributive conditional types
+- Type-level programming
+
+### Utility Types
+- Built-in utilities (Partial, Pick, Omit, etc.)
+- Custom utility type patterns
+- Deep transformations
+- Type composition
+
+### React Integration
+- Component props typing
+- Generic components
+- Hooks with TypeScript
+- Context with type safety
+- Event handlers
+- Ref typing
+
+### Best Practices
+- Type safety patterns
+- Error handling
+- Code organization
+- Integration with Zod for runtime validation
+- Named return variables (Go-style)
+- Discriminated unions for state management
+
+## Integration with Project Stack
+
+This skill is designed to work seamlessly with:
+- **React 19**: Type-safe component development
+- **TanStack Ecosystem**: Typed queries, routing, forms, and stores
+- **Zod**: Runtime validation with type inference
+- **Radix UI**: Component prop typing
+- **Tailwind CSS**: Type-safe className composition
+
+## Examples
+
+All examples are self-contained and demonstrate practical patterns:
+- Based on real-world usage
+- Follow project best practices
+- Include comprehensive comments
+- Can be run with `ts-node`
+- Ready to adapt to your needs
+
+## Configuration
+
+The skill includes guidance on TypeScript configuration with recommended settings for:
+- Strict type checking
+- Module resolution
+- JSX support
+- Path aliases
+- Declaration files
+
+## Contributing
+
+When adding new patterns or examples:
+1. Follow existing file structure
+2. Include comprehensive comments
+3. Demonstrate real-world usage
+4. Add to appropriate reference file
+5. Update this README if needed
+
+## Resources
+
+- [TypeScript Handbook](https://www.typescriptlang.org/docs/handbook/)
+- [TypeScript Deep Dive](https://basarat.gitbook.io/typescript/)
+- [Type Challenges](https://github.com/type-challenges/type-challenges)
+- [TSConfig Reference](https://www.typescriptlang.org/tsconfig)
+

.claude/skills/typescript/SKILL.md

@@ -0,0 +1,359 @@
+---
+name: typescript
+description: This skill should be used when working with TypeScript code, including type definitions, type inference, generics, utility types, and TypeScript configuration. Provides comprehensive knowledge of TypeScript patterns, best practices, and advanced type system features.
+---
+
+# TypeScript Skill
+
+This skill provides comprehensive knowledge and patterns for working with TypeScript effectively in modern applications.
+
+## When to Use This Skill
+
+Use this skill when:
+- Writing or refactoring TypeScript code
+- Designing type-safe APIs and interfaces
+- Working with advanced type system features (generics, conditional types, mapped types)
+- Configuring TypeScript projects (tsconfig.json)
+- Troubleshooting type errors
+- Implementing type-safe patterns with libraries (React, TanStack, etc.)
+- Converting JavaScript code to TypeScript
+
+## Core Concepts
+
+### Type System Fundamentals
+
+TypeScript provides static typing for JavaScript with a powerful type system that includes:
+- Primitive types (string, number, boolean, null, undefined, symbol, bigint)
+- Object types (interfaces, type aliases, classes)
+- Array and tuple types
+- Union and intersection types
+- Literal types and template literal types
+- Type inference and type narrowing
+- Generic types with constraints
+- Conditional types and mapped types
+
+### Type Inference
+
+Leverage TypeScript's type inference to write less verbose code:
+- Let TypeScript infer return types when obvious
+- Use type inference for variable declarations
+- Rely on generic type inference in function calls
+- Use `as const` for immutable literal types
+
+### Type Safety Patterns
+
+Implement type-safe patterns:
+- Use discriminated unions for state management
+- Implement type guards for runtime type checking
+- Use branded types for nominal typing
+- Leverage conditional types for API design
+- Use template literal types for string manipulation
+
+## Key Workflows
+
+### 1. Designing Type-Safe APIs
+
+When designing APIs, follow these patterns:
+
+**Interface vs Type Alias:**
+- Use `interface` for object shapes that may be extended
+- Use `type` for unions, intersections, and complex type operations
+- Use `type` with mapped types and conditional types
+
+**Generic Constraints:**
+```typescript
+// Use extends for generic constraints
+function getValue<T extends { id: string }>(item: T): string {
+  return item.id
+}
+```
+
+**Discriminated Unions:**
+```typescript
+// Use for type-safe state machines
+type State =
+  | { status: 'idle' }
+  | { status: 'loading' }
+  | { status: 'success'; data: Data }
+  | { status: 'error'; error: Error }
+```
+
+### 2. Working with Utility Types
+
+Use built-in utility types for common transformations:
+- `Partial<T>` - Make all properties optional
+- `Required<T>` - Make all properties required
+- `Readonly<T>` - Make all properties readonly
+- `Pick<T, K>` - Select specific properties
+- `Omit<T, K>` - Exclude specific properties
+- `Record<K, T>` - Create object type with specific keys
+- `Exclude<T, U>` - Exclude types from union
+- `Extract<T, U>` - Extract types from union
+- `NonNullable<T>` - Remove null/undefined
+- `ReturnType<T>` - Get function return type
+- `Parameters<T>` - Get function parameter types
+- `Awaited<T>` - Unwrap Promise type
+
+### 3. Advanced Type Patterns
+
+**Mapped Types:**
+```typescript
+// Transform object types
+type Nullable<T> = {
+  [K in keyof T]: T[K] | null
+}
+
+type ReadonlyDeep<T> = {
+  readonly [K in keyof T]: T[K] extends object
+    ? ReadonlyDeep<T[K]>
+    : T[K]
+}
+```
+
+**Conditional Types:**
+```typescript
+// Type-level logic
+type IsArray<T> = T extends Array<any> ? true : false
+
+type Flatten<T> = T extends Array<infer U> ? U : T
+```
+
+**Template Literal Types:**
+```typescript
+// String manipulation at type level
+type EventName<T extends string> = `on${Capitalize<T>}`
+type Route = `/api/${'users' | 'posts'}/${string}`
+```
+
+### 4. Type Narrowing
+
+Use type guards and narrowing techniques:
+
+**typeof guards:**
+```typescript
+if (typeof value === 'string') {
+  // value is string here
+}
+```
+
+**instanceof guards:**
+```typescript
+if (error instanceof Error) {
+  // error is Error here
+}
+```
+
+**Custom type guards:**
+```typescript
+function isUser(value: unknown): value is User {
+  return typeof value === 'object' && value !== null && 'id' in value
+}
+```
+
+**Discriminated unions:**
+```typescript
+function handle(state: State) {
+  switch (state.status) {
+    case 'idle':
+      // state is { status: 'idle' }
+      break
+    case 'success':
+      // state is { status: 'success'; data: Data }
+      console.log(state.data)
+      break
+  }
+}
+```
+
+### 5. Working with External Libraries
+
+**Typing Third-Party Libraries:**
+- Install type definitions: `npm install --save-dev @types/package-name`
+- Create custom declarations in `.d.ts` files when types unavailable
+- Use module augmentation to extend existing type definitions
+
+**Declaration Files:**
+```typescript
+// globals.d.ts
+declare global {
+  interface Window {
+    myCustomProperty: string
+  }
+}
+
+export {}
+```
+
+### 6. TypeScript Configuration
+
+Configure `tsconfig.json` for strict type checking:
+
+**Essential Strict Options:**
+```json
+{
+  "compilerOptions": {
+    "strict": true,
+    "noImplicitAny": true,
+    "strictNullChecks": true,
+    "strictFunctionTypes": true,
+    "strictBindCallApply": true,
+    "strictPropertyInitialization": true,
+    "noImplicitThis": true,
+    "alwaysStrict": true,
+    "noUnusedLocals": true,
+    "noUnusedParameters": true,
+    "noImplicitReturns": true,
+    "noFallthroughCasesInSwitch": true,
+    "skipLibCheck": true
+  }
+}
+```
+
+## Best Practices
+
+### 1. Prefer Type Inference Over Explicit Types
+Let TypeScript infer types when they're obvious from context.
+
+### 2. Use Strict Mode
+Enable strict type checking to catch more errors at compile time.
+
+### 3. Avoid `any` Type
+Use `unknown` for truly unknown types, then narrow with type guards.
+
+### 4. Use Const Assertions
+Use `as const` for immutable values and narrow literal types.
+
+### 5. Leverage Discriminated Unions
+Use for state machines and variant types for better type safety.
+
+### 6. Create Reusable Generic Types
+Extract common type patterns into reusable generics.
+
+### 7. Use Branded Types for Nominal Typing
+Create distinct types for values with same structure but different meaning.
+
+### 8. Document Complex Types
+Add JSDoc comments to explain non-obvious type decisions.
+
+### 9. Use Type-Only Imports
+Use `import type` for type-only imports to aid tree-shaking.
+
+### 10. Handle Errors with Type Guards
+Use type guards to safely work with error objects.
+
+## Common Patterns
+
+### React Component Props
+```typescript
+// Use interface for component props
+interface ButtonProps {
+  variant?: 'primary' | 'secondary'
+  size?: 'sm' | 'md' | 'lg'
+  onClick?: () => void
+  children: React.ReactNode
+}
+
+export function Button({ variant = 'primary', size = 'md', onClick, children }: ButtonProps) {
+  // implementation
+}
+```
+
+### API Response Types
+```typescript
+// Use discriminated unions for API responses
+type ApiResponse<T> =
+  | { success: true; data: T }
+  | { success: false; error: string }
+
+// Helper for safe API calls
+async function fetchData<T>(url: string): Promise<ApiResponse<T>> {
+  try {
+    const response = await fetch(url)
+    const data = await response.json()
+    return { success: true, data }
+  } catch (error) {
+    return { success: false, error: String(error) }
+  }
+}
+```
+
+### Store/State Types
+```typescript
+// Use interfaces for state objects
+interface AppState {
+  user: User | null
+  isAuthenticated: boolean
+  theme: 'light' | 'dark'
+}
+
+// Use type for actions (discriminated union)
+type AppAction =
+  | { type: 'LOGIN'; payload: User }
+  | { type: 'LOGOUT' }
+  | { type: 'SET_THEME'; payload: 'light' | 'dark' }
+```
+
+## References
+
+For detailed information on specific topics, refer to:
+- `references/type-system.md` - Deep dive into TypeScript's type system
+- `references/utility-types.md` - Complete guide to built-in utility types
+- `references/advanced-types.md` - Advanced type patterns and techniques
+- `references/tsconfig-reference.md` - Comprehensive tsconfig.json reference
+- `references/common-patterns.md` - Common TypeScript patterns and idioms
+- `examples/` - Practical code examples
+
+## Troubleshooting
+
+### Common Type Errors
+
+**Type 'X' is not assignable to type 'Y':**
+- Check if types are compatible
+- Use type assertions when you know better than the compiler
+- Consider using union types or widening the target type
+
+**Object is possibly 'null' or 'undefined':**
+- Use optional chaining: `object?.property`
+- Use nullish coalescing: `value ?? defaultValue`
+- Add type guards or null checks
+
+**Type 'any' implicitly has...**
+- Enable strict mode and fix type definitions
+- Add explicit type annotations
+- Use `unknown` instead of `any` when appropriate
+
+**Cannot find module or its type declarations:**
+- Install type definitions: `@types/package-name`
+- Create custom `.d.ts` declaration file
+- Add to `types` array in tsconfig.json
+
+## Integration with Project Stack
+
+### React 19
+Use TypeScript with React 19 features:
+- Type component props with interfaces
+- Use generic types for hooks
+- Type context providers properly
+- Use `React.FC` sparingly (prefer explicit typing)
+
+### TanStack Ecosystem
+Type TanStack libraries properly:
+- TanStack Query: Type query keys and data
+- TanStack Router: Use typed route definitions
+- TanStack Form: Type form values and validation
+- TanStack Store: Type state and actions
+
+### Zod Integration
+Combine Zod with TypeScript:
+- Use `z.infer<typeof schema>` to extract types from schemas
+- Let Zod handle runtime validation
+- Use TypeScript for compile-time type checking
+
+## Resources
+
+The TypeScript documentation provides comprehensive information:
+- Handbook: https://www.typescriptlang.org/docs/handbook/
+- Type manipulation: https://www.typescriptlang.org/docs/handbook/2/types-from-types.html
+- Utility types: https://www.typescriptlang.org/docs/handbook/utility-types.html
+- TSConfig reference: https://www.typescriptlang.org/tsconfig
+

.claude/skills/typescript/examples/README.md

@@ -0,0 +1,45 @@
+# TypeScript Examples
+
+This directory contains practical TypeScript examples demonstrating various patterns and features.
+
+## Examples
+
+1. **type-system-basics.ts** - Fundamental TypeScript types and features
+2. **advanced-types.ts** - Generics, conditional types, and mapped types
+3. **react-patterns.ts** - Type-safe React components and hooks
+4. **api-patterns.ts** - API response handling with type safety
+5. **validation.ts** - Runtime validation with Zod and TypeScript
+
+## How to Use
+
+Each example file is self-contained and demonstrates specific TypeScript concepts. They're based on real-world patterns used in the Plebeian Market application and follow best practices for:
+
+- Type safety
+- Error handling
+- Code organization
+- Reusability
+- Maintainability
+
+## Running Examples
+
+These examples are TypeScript files that can be:
+- Copied into your project
+- Used as reference for patterns
+- Modified for your specific needs
+- Run with `ts-node` for testing
+
+```bash
+# Run an example
+npx ts-node examples/type-system-basics.ts
+```
+
+## Learning Path
+
+1. Start with `type-system-basics.ts` to understand fundamentals
+2. Move to `advanced-types.ts` for complex type patterns
+3. Explore `react-patterns.ts` for component typing
+4. Study `api-patterns.ts` for type-safe API handling
+5. Review `validation.ts` for runtime safety
+
+Each example builds on previous concepts, so following this order is recommended for learners.
+

.claude/skills/typescript/examples/advanced-types.ts

@@ -0,0 +1,478 @@
+/**
+ * Advanced TypeScript Types
+ *
+ * This file demonstrates advanced TypeScript features including:
+ * - Generics with constraints
+ * - Conditional types
+ * - Mapped types
+ * - Template literal types
+ * - Recursive types
+ * - Utility type implementations
+ */
+
+// ============================================================================
+// Generics Basics
+// ============================================================================
+
+// Generic function
+function identity<T>(value: T): T {
+  return value
+}
+
+const stringValue = identity('hello') // Type: string
+const numberValue = identity(42) // Type: number
+
+// Generic interface
+interface Box<T> {
+  value: T
+}
+
+const stringBox: Box<string> = { value: 'hello' }
+const numberBox: Box<number> = { value: 42 }
+
+// Generic class
+class Stack<T> {
+  private items: T[] = []
+
+  push(item: T): void {
+    this.items.push(item)
+  }
+
+  pop(): T | undefined {
+    return this.items.pop()
+  }
+
+  peek(): T | undefined {
+    return this.items[this.items.length - 1]
+  }
+
+  isEmpty(): boolean {
+    return this.items.length === 0
+  }
+}
+
+const numberStack = new Stack<number>()
+numberStack.push(1)
+numberStack.push(2)
+numberStack.pop() // Type: number | undefined
+
+// ============================================================================
+// Generic Constraints
+// ============================================================================
+
+// Constrain to specific type
+interface HasLength {
+  length: number
+}
+
+function logLength<T extends HasLength>(item: T): void {
+  console.log(item.length)
+}
+
+logLength('string') // OK
+logLength([1, 2, 3]) // OK
+logLength({ length: 10 }) // OK
+// logLength(42) // Error: number doesn't have length
+
+// Constrain to object keys
+function getProperty<T, K extends keyof T>(obj: T, key: K): T[K] {
+  return obj[key]
+}
+
+interface User {
+  id: string
+  name: string
+  age: number
+}
+
+const user: User = { id: '1', name: 'Alice', age: 30 }
+const userName = getProperty(user, 'name') // Type: string
+// const invalid = getProperty(user, 'invalid') // Error
+
+// Multiple type parameters with constraints
+function merge<T extends object, U extends object>(obj1: T, obj2: U): T & U {
+  return { ...obj1, ...obj2 }
+}
+
+const merged = merge({ a: 1 }, { b: 2 }) // Type: { a: number } & { b: number }
+
+// ============================================================================
+// Conditional Types
+// ============================================================================
+
+// Basic conditional type
+type IsString<T> = T extends string ? true : false
+
+type A = IsString<string> // true
+type B = IsString<number> // false
+
+// Nested conditional types
+type TypeName<T> = T extends string
+  ? 'string'
+  : T extends number
+    ? 'number'
+    : T extends boolean
+      ? 'boolean'
+      : T extends undefined
+        ? 'undefined'
+        : T extends Function
+          ? 'function'
+          : 'object'
+
+type T1 = TypeName<string> // "string"
+type T2 = TypeName<number> // "number"
+type T3 = TypeName<() => void> // "function"
+
+// Distributive conditional types
+type ToArray<T> = T extends any ? T[] : never
+
+type StrArrOrNumArr = ToArray<string | number> // string[] | number[]
+
+// infer keyword
+type Flatten<T> = T extends Array<infer U> ? U : T
+
+type Str = Flatten<string[]> // string
+type Num = Flatten<number> // number
+
+// Return type extraction
+type MyReturnType<T> = T extends (...args: any[]) => infer R ? R : never
+
+function exampleFn(): string {
+  return 'hello'
+}
+
+type ExampleReturn = MyReturnType<typeof exampleFn> // string
+
+// Parameters extraction
+type MyParameters<T> = T extends (...args: infer P) => any ? P : never
+
+function createUser(name: string, age: number): User {
+  return { id: '1', name, age }
+}
+
+type CreateUserParams = MyParameters<typeof createUser> // [string, number]
+
+// ============================================================================
+// Mapped Types
+// ============================================================================
+
+// Make all properties optional
+type MyPartial<T> = {
+  [K in keyof T]?: T[K]
+}
+
+interface Person {
+  name: string
+  age: number
+  email: string
+}
+
+type PartialPerson = MyPartial<Person>
+// {
+//   name?: string
+//   age?: number
+//   email?: string
+// }
+
+// Make all properties required
+type MyRequired<T> = {
+  [K in keyof T]-?: T[K]
+}
+
+// Make all properties readonly
+type MyReadonly<T> = {
+  readonly [K in keyof T]: T[K]
+}
+
+// Pick specific properties
+type MyPick<T, K extends keyof T> = {
+  [P in K]: T[P]
+}
+
+type UserProfile = MyPick<User, 'id' | 'name'>
+// { id: string; name: string }
+
+// Omit specific properties
+type MyOmit<T, K extends keyof T> = {
+  [P in keyof T as P extends K ? never : P]: T[P]
+}
+
+type UserWithoutAge = MyOmit<User, 'age'>
+// { id: string; name: string }
+
+// Transform property types
+type Nullable<T> = {
+  [K in keyof T]: T[K] | null
+}
+
+type NullablePerson = Nullable<Person>
+// {
+//   name: string | null
+//   age: number | null
+//   email: string | null
+// }
+
+// ============================================================================
+// Key Remapping
+// ============================================================================
+
+// Add prefix to keys
+type Getters<T> = {
+  [K in keyof T as `get${Capitalize<string & K>}`]: () => T[K]
+}
+
+type PersonGetters = Getters<Person>
+// {
+//   getName: () => string
+//   getAge: () => number
+//   getEmail: () => string
+// }
+
+// Filter keys by type
+type PickByType<T, U> = {
+  [K in keyof T as T[K] extends U ? K : never]: T[K]
+}
+
+interface Model {
+  id: number
+  name: string
+  description: string
+  price: number
+}
+
+type StringFields = PickByType<Model, string>
+// { name: string; description: string }
+
+// Remove specific key
+type RemoveKindField<T> = {
+  [K in keyof T as Exclude<K, 'kind'>]: T[K]
+}
+
+// ============================================================================
+// Template Literal Types
+// ============================================================================
+
+// Event name generation
+type EventName<T extends string> = `on${Capitalize<T>}`
+
+type ClickEvent = EventName<'click'> // "onClick"
+type SubmitEvent = EventName<'submit'> // "onSubmit"
+
+// Combining literals
+type Color = 'red' | 'green' | 'blue'
+type Shade = 'light' | 'dark'
+type ColorShade = `${Shade}-${Color}`
+// "light-red" | "light-green" | "light-blue" | "dark-red" | "dark-green" | "dark-blue"
+
+// CSS properties
+type CSSProperty = 'margin' | 'padding'
+type Side = 'top' | 'right' | 'bottom' | 'left'
+type CSSPropertyWithSide = `${CSSProperty}-${Side}`
+// "margin-top" | "margin-right" | ... | "padding-left"
+
+// Route generation
+type HttpMethod = 'GET' | 'POST' | 'PUT' | 'DELETE'
+type Endpoint = '/users' | '/products' | '/orders'
+type ApiRoute = `${HttpMethod} ${Endpoint}`
+// "GET /users" | "POST /users" | ... | "DELETE /orders"
+
+// ============================================================================
+// Recursive Types
+// ============================================================================
+
+// JSON value type
+type JSONValue = string | number | boolean | null | JSONObject | JSONArray
+
+interface JSONObject {
+  [key: string]: JSONValue
+}
+
+interface JSONArray extends Array<JSONValue> {}
+
+// Tree structure
+interface TreeNode<T> {
+  value: T
+  children?: TreeNode<T>[]
+}
+
+const tree: TreeNode<number> = {
+  value: 1,
+  children: [
+    { value: 2, children: [{ value: 4 }, { value: 5 }] },
+    { value: 3, children: [{ value: 6 }] },
+  ],
+}
+
+// Deep readonly
+type DeepReadonly<T> = {
+  readonly [K in keyof T]: T[K] extends object ? DeepReadonly<T[K]> : T[K]
+}
+
+interface NestedConfig {
+  api: {
+    url: string
+    timeout: number
+  }
+  features: {
+    darkMode: boolean
+  }
+}
+
+type ImmutableConfig = DeepReadonly<NestedConfig>
+// All properties at all levels are readonly
+
+// Deep partial
+type DeepPartial<T> = {
+  [K in keyof T]?: T[K] extends object ? DeepPartial<T[K]> : T[K]
+}
+
+// ============================================================================
+// Advanced Utility Types
+// ============================================================================
+
+// Exclude types from union
+type MyExclude<T, U> = T extends U ? never : T
+
+type T4 = MyExclude<'a' | 'b' | 'c', 'a'> // "b" | "c"
+
+// Extract types from union
+type MyExtract<T, U> = T extends U ? T : never
+
+type T5 = MyExtract<'a' | 'b' | 'c', 'a' | 'f'> // "a"
+
+// NonNullable
+type MyNonNullable<T> = T extends null | undefined ? never : T
+
+type T6 = MyNonNullable<string | null | undefined> // string
+
+// Record
+type MyRecord<K extends keyof any, T> = {
+  [P in K]: T
+}
+
+type PageInfo = MyRecord<string, number>
+
+// Awaited
+type MyAwaited<T> = T extends Promise<infer U> ? MyAwaited<U> : T
+
+type T7 = MyAwaited<Promise<string>> // string
+type T8 = MyAwaited<Promise<Promise<number>>> // number
+
+// ============================================================================
+// Branded Types
+// ============================================================================
+
+type Brand<K, T> = K & { __brand: T }
+
+type USD = Brand<number, 'USD'>
+type EUR = Brand<number, 'EUR'>
+type UserId = Brand<string, 'UserId'>
+type ProductId = Brand<string, 'ProductId'>
+
+function makeUSD(amount: number): USD {
+  return amount as USD
+}
+
+function makeUserId(id: string): UserId {
+  return id as UserId
+}
+
+const usd = makeUSD(100)
+const userId = makeUserId('user-123')
+
+// Type-safe operations
+function addMoney(a: USD, b: USD): USD {
+  return (a + b) as USD
+}
+
+// Prevents mixing different branded types
+// const total = addMoney(usd, eur) // Error
+
+// ============================================================================
+// Union to Intersection
+// ============================================================================
+
+type UnionToIntersection<U> = (U extends any ? (k: U) => void : never) extends (
+  k: infer I,
+) => void
+  ? I
+  : never
+
+type Union = { a: string } | { b: number }
+type Intersection = UnionToIntersection<Union>
+// { a: string } & { b: number }
+
+// ============================================================================
+// Advanced Generic Patterns
+// ============================================================================
+
+// Constraining multiple related types
+function merge<
+  T extends Record<string, any>,
+  U extends Record<string, any>,
+  K extends keyof T & keyof U,
+>(obj1: T, obj2: U, conflictKeys: K[]): T & U {
+  const result = { ...obj1, ...obj2 }
+  conflictKeys.forEach((key) => {
+    // Handle conflicts
+  })
+  return result as T & U
+}
+
+// Builder pattern with fluent API
+class QueryBuilder<T, Selected extends keyof T = never> {
+  private selectFields: Set<keyof T> = new Set()
+
+  select<K extends keyof T>(
+    ...fields: K[]
+  ): QueryBuilder<T, Selected | K> {
+    fields.forEach((field) => this.selectFields.add(field))
+    return this as any
+  }
+
+  execute(): Pick<T, Selected> {
+    // Execute query
+    return {} as Pick<T, Selected>
+  }
+}
+
+// Usage
+interface Product {
+  id: string
+  name: string
+  price: number
+  description: string
+}
+
+const result = new QueryBuilder<Product>()
+  .select('id', 'name')
+  .select('price')
+  .execute()
+// Type: { id: string; name: string; price: number }
+
+// ============================================================================
+// Exports
+// ============================================================================
+
+export type {
+  Box,
+  HasLength,
+  IsString,
+  Flatten,
+  MyPartial,
+  MyRequired,
+  MyReadonly,
+  Nullable,
+  DeepReadonly,
+  DeepPartial,
+  Brand,
+  USD,
+  EUR,
+  UserId,
+  ProductId,
+  JSONValue,
+  TreeNode,
+}
+
+export { Stack, identity, getProperty, merge, makeUSD, makeUserId }
+

.claude/skills/typescript/examples/react-patterns.ts

@@ -0,0 +1,555 @@
+/**
+ * TypeScript React Patterns
+ *
+ * This file demonstrates type-safe React patterns including:
+ * - Component props typing
+ * - Hooks with TypeScript
+ * - Context with type safety
+ * - Generic components
+ * - Event handlers
+ * - Ref types
+ */
+
+import { createContext, useContext, useEffect, useReducer, useRef, useState } from 'react'
+import type { ReactNode, InputHTMLAttributes, FormEvent, ChangeEvent } from 'react'
+
+// ============================================================================
+// Component Props Patterns
+// ============================================================================
+
+// Basic component with props
+interface ButtonProps {
+  variant?: 'primary' | 'secondary' | 'tertiary'
+  size?: 'sm' | 'md' | 'lg'
+  disabled?: boolean
+  onClick?: () => void
+  children: ReactNode
+}
+
+export function Button({
+  variant = 'primary',
+  size = 'md',
+  disabled = false,
+  onClick,
+  children,
+}: ButtonProps) {
+  return (
+    <button
+      className={`btn-${variant} btn-${size}`}
+      disabled={disabled}
+      onClick={onClick}
+    >
+      {children}
+    </button>
+  )
+}
+
+// Props extending HTML attributes
+interface InputProps extends InputHTMLAttributes<HTMLInputElement> {
+  label?: string
+  error?: string
+  helperText?: string
+}
+
+export function Input({ label, error, helperText, ...inputProps }: InputProps) {
+  return (
+    <div className="input-wrapper">
+      {label && <label>{label}</label>}
+      <input className={error ? 'input-error' : ''} {...inputProps} />
+      {error && <span className="error">{error}</span>}
+      {helperText && <span className="helper">{helperText}</span>}
+    </div>
+  )
+}
+
+// Generic component
+interface ListProps<T> {
+  items: T[]
+  renderItem: (item: T, index: number) => ReactNode
+  keyExtractor: (item: T, index: number) => string
+  emptyMessage?: string
+}
+
+export function List<T>({
+  items,
+  renderItem,
+  keyExtractor,
+  emptyMessage = 'No items',
+}: ListProps<T>) {
+  if (items.length === 0) {
+    return <div>{emptyMessage}</div>
+  }
+
+  return (
+    <ul>
+      {items.map((item, index) => (
+        <li key={keyExtractor(item, index)}>{renderItem(item, index)}</li>
+      ))}
+    </ul>
+  )
+}
+
+// Component with children render prop
+interface ContainerProps {
+  isLoading: boolean
+  error: Error | null
+  children: (props: { retry: () => void }) => ReactNode
+}
+
+export function Container({ isLoading, error, children }: ContainerProps) {
+  const retry = () => {
+    // Retry logic
+  }
+
+  if (isLoading) return <div>Loading...</div>
+  if (error) return <div>Error: {error.message}</div>
+
+  return <>{children({ retry })}</>
+}
+
+// ============================================================================
+// Hooks Patterns
+// ============================================================================
+
+// useState with explicit type
+function useCounter(initialValue: number = 0) {
+  const [count, setCount] = useState<number>(initialValue)
+
+  const increment = () => setCount((c) => c + 1)
+  const decrement = () => setCount((c) => c - 1)
+  const reset = () => setCount(initialValue)
+
+  return { count, increment, decrement, reset }
+}
+
+// useState with union type
+type LoadingState = 'idle' | 'loading' | 'success' | 'error'
+
+function useLoadingState() {
+  const [state, setState] = useState<LoadingState>('idle')
+
+  const startLoading = () => setState('loading')
+  const setSuccess = () => setState('success')
+  const setError = () => setState('error')
+  const reset = () => setState('idle')
+
+  return { state, startLoading, setSuccess, setError, reset }
+}
+
+// Custom hook with options
+interface UseFetchOptions<T> {
+  initialData?: T
+  onSuccess?: (data: T) => void
+  onError?: (error: Error) => void
+}
+
+interface UseFetchReturn<T> {
+  data: T | undefined
+  loading: boolean
+  error: Error | null
+  refetch: () => Promise<void>
+}
+
+function useFetch<T>(url: string, options?: UseFetchOptions<T>): UseFetchReturn<T> {
+  const [data, setData] = useState<T | undefined>(options?.initialData)
+  const [loading, setLoading] = useState(false)
+  const [error, setError] = useState<Error | null>(null)
+
+  const fetchData = async () => {
+    setLoading(true)
+    setError(null)
+
+    try {
+      const response = await fetch(url)
+      if (!response.ok) {
+        throw new Error(`HTTP ${response.status}`)
+      }
+      const json = await response.json()
+      setData(json)
+      options?.onSuccess?.(json)
+    } catch (err) {
+      const error = err instanceof Error ? err : new Error(String(err))
+      setError(error)
+      options?.onError?.(error)
+    } finally {
+      setLoading(false)
+    }
+  }
+
+  useEffect(() => {
+    fetchData()
+  }, [url])
+
+  return { data, loading, error, refetch: fetchData }
+}
+
+// useReducer with discriminated unions
+interface User {
+  id: string
+  name: string
+  email: string
+}
+
+type FetchState<T> =
+  | { status: 'idle' }
+  | { status: 'loading' }
+  | { status: 'success'; data: T }
+  | { status: 'error'; error: Error }
+
+type FetchAction<T> =
+  | { type: 'FETCH_START' }
+  | { type: 'FETCH_SUCCESS'; payload: T }
+  | { type: 'FETCH_ERROR'; error: Error }
+  | { type: 'RESET' }
+
+function fetchReducer<T>(state: FetchState<T>, action: FetchAction<T>): FetchState<T> {
+  switch (action.type) {
+    case 'FETCH_START':
+      return { status: 'loading' }
+    case 'FETCH_SUCCESS':
+      return { status: 'success', data: action.payload }
+    case 'FETCH_ERROR':
+      return { status: 'error', error: action.error }
+    case 'RESET':
+      return { status: 'idle' }
+  }
+}
+
+function useFetchWithReducer<T>(url: string) {
+  const [state, dispatch] = useReducer(fetchReducer<T>, { status: 'idle' })
+
+  useEffect(() => {
+    let isCancelled = false
+
+    const fetchData = async () => {
+      dispatch({ type: 'FETCH_START' })
+
+      try {
+        const response = await fetch(url)
+        const data = await response.json()
+
+        if (!isCancelled) {
+          dispatch({ type: 'FETCH_SUCCESS', payload: data })
+        }
+      } catch (error) {
+        if (!isCancelled) {
+          dispatch({
+            type: 'FETCH_ERROR',
+            error: error instanceof Error ? error : new Error(String(error)),
+          })
+        }
+      }
+    }
+
+    fetchData()
+
+    return () => {
+      isCancelled = true
+    }
+  }, [url])
+
+  return state
+}
+
+// ============================================================================
+// Context Patterns
+// ============================================================================
+
+// Type-safe context
+interface AuthContextType {
+  user: User | null
+  isAuthenticated: boolean
+  login: (email: string, password: string) => Promise<void>
+  logout: () => void
+}
+
+const AuthContext = createContext<AuthContextType | undefined>(undefined)
+
+export function AuthProvider({ children }: { children: ReactNode }) {
+  const [user, setUser] = useState<User | null>(null)
+
+  const login = async (email: string, password: string) => {
+    // Login logic
+    const userData = await fetch('/api/login', {
+      method: 'POST',
+      body: JSON.stringify({ email, password }),
+    }).then((r) => r.json())
+
+    setUser(userData)
+  }
+
+  const logout = () => {
+    setUser(null)
+  }
+
+  const value: AuthContextType = {
+    user,
+    isAuthenticated: user !== null,
+    login,
+    logout,
+  }
+
+  return <AuthContext.Provider value={value}>{children}</AuthContext.Provider>
+}
+
+// Custom hook with error handling
+export function useAuth(): AuthContextType {
+  const context = useContext(AuthContext)
+
+  if (context === undefined) {
+    throw new Error('useAuth must be used within AuthProvider')
+  }
+
+  return context
+}
+
+// ============================================================================
+// Event Handler Patterns
+// ============================================================================
+
+interface FormData {
+  name: string
+  email: string
+  message: string
+}
+
+function ContactForm() {
+  const [formData, setFormData] = useState<FormData>({
+    name: '',
+    email: '',
+    message: '',
+  })
+
+  // Type-safe change handler
+  const handleChange = (e: ChangeEvent<HTMLInputElement | HTMLTextAreaElement>) => {
+    const { name, value } = e.target
+    setFormData((prev) => ({
+      ...prev,
+      [name]: value,
+    }))
+  }
+
+  // Type-safe submit handler
+  const handleSubmit = (e: FormEvent<HTMLFormElement>) => {
+    e.preventDefault()
+    console.log('Submitting:', formData)
+  }
+
+  // Specific field handler
+  const handleNameChange = (e: ChangeEvent<HTMLInputElement>) => {
+    setFormData((prev) => ({ ...prev, name: e.target.value }))
+  }
+
+  return (
+    <form onSubmit={handleSubmit}>
+      <input
+        name="name"
+        value={formData.name}
+        onChange={handleChange}
+        placeholder="Name"
+      />
+      <input
+        name="email"
+        value={formData.email}
+        onChange={handleChange}
+        placeholder="Email"
+      />
+      <textarea
+        name="message"
+        value={formData.message}
+        onChange={handleChange}
+        placeholder="Message"
+      />
+      <button type="submit">Submit</button>
+    </form>
+  )
+}
+
+// ============================================================================
+// Ref Patterns
+// ============================================================================
+
+function FocusInput() {
+  // useRef with DOM element
+  const inputRef = useRef<HTMLInputElement>(null)
+
+  const focusInput = () => {
+    inputRef.current?.focus()
+  }
+
+  return (
+    <div>
+      <input ref={inputRef} />
+      <button onClick={focusInput}>Focus Input</button>
+    </div>
+  )
+}
+
+function Timer() {
+  // useRef for mutable value
+  const countRef = useRef<number>(0)
+  const intervalRef = useRef<NodeJS.Timeout | null>(null)
+
+  const startTimer = () => {
+    intervalRef.current = setInterval(() => {
+      countRef.current += 1
+      console.log(countRef.current)
+    }, 1000)
+  }
+
+  const stopTimer = () => {
+    if (intervalRef.current) {
+      clearInterval(intervalRef.current)
+      intervalRef.current = null
+    }
+  }
+
+  return (
+    <div>
+      <button onClick={startTimer}>Start</button>
+      <button onClick={stopTimer}>Stop</button>
+    </div>
+  )
+}
+
+// ============================================================================
+// Generic Component Patterns
+// ============================================================================
+
+// Select component with generic options
+interface SelectProps<T> {
+  options: T[]
+  value: T
+  onChange: (value: T) => void
+  getLabel: (option: T) => string
+  getValue: (option: T) => string
+}
+
+export function Select<T>({
+  options,
+  value,
+  onChange,
+  getLabel,
+  getValue,
+}: SelectProps<T>) {
+  return (
+    <select
+      value={getValue(value)}
+      onChange={(e) => {
+        const selectedValue = e.target.value
+        const option = options.find((opt) => getValue(opt) === selectedValue)
+        if (option) {
+          onChange(option)
+        }
+      }}
+    >
+      {options.map((option) => (
+        <option key={getValue(option)} value={getValue(option)}>
+          {getLabel(option)}
+        </option>
+      ))}
+    </select>
+  )
+}
+
+// Data table component
+interface Column<T> {
+  key: keyof T
+  header: string
+  render?: (value: T[keyof T], row: T) => ReactNode
+}
+
+interface TableProps<T> {
+  data: T[]
+  columns: Column<T>[]
+  keyExtractor: (row: T) => string
+}
+
+export function Table<T>({ data, columns, keyExtractor }: TableProps<T>) {
+  return (
+    <table>
+      <thead>
+        <tr>
+          {columns.map((col) => (
+            <th key={String(col.key)}>{col.header}</th>
+          ))}
+        </tr>
+      </thead>
+      <tbody>
+        {data.map((row) => (
+          <tr key={keyExtractor(row)}>
+            {columns.map((col) => (
+              <td key={String(col.key)}>
+                {col.render ? col.render(row[col.key], row) : String(row[col.key])}
+              </td>
+            ))}
+          </tr>
+        ))}
+      </tbody>
+    </table>
+  )
+}
+
+// ============================================================================
+// Higher-Order Component Pattern
+// ============================================================================
+
+interface WithLoadingProps {
+  isLoading: boolean
+}
+
+function withLoading<P extends object>(
+  Component: React.ComponentType<P>,
+): React.FC<P & WithLoadingProps> {
+  return ({ isLoading, ...props }: WithLoadingProps & P) => {
+    if (isLoading) {
+      return <div>Loading...</div>
+    }
+
+    return <Component {...(props as P)} />
+  }
+}
+
+// Usage
+interface UserListProps {
+  users: User[]
+}
+
+const UserList: React.FC<UserListProps> = ({ users }) => (
+  <ul>
+    {users.map((user) => (
+      <li key={user.id}>{user.name}</li>
+    ))}
+  </ul>
+)
+
+const UserListWithLoading = withLoading(UserList)
+
+// ============================================================================
+// Exports
+// ============================================================================
+
+export {
+  useCounter,
+  useLoadingState,
+  useFetch,
+  useFetchWithReducer,
+  ContactForm,
+  FocusInput,
+  Timer,
+}
+
+export type {
+  ButtonProps,
+  InputProps,
+  ListProps,
+  UseFetchOptions,
+  UseFetchReturn,
+  FetchState,
+  FetchAction,
+  AuthContextType,
+  SelectProps,
+  Column,
+  TableProps,
+}
+

.claude/skills/typescript/examples/type-system-basics.ts

@@ -0,0 +1,361 @@
+/**
+ * TypeScript Type System Basics
+ *
+ * This file demonstrates fundamental TypeScript concepts including:
+ * - Primitive types
+ * - Object types (interfaces, type aliases)
+ * - Union and intersection types
+ * - Type inference and narrowing
+ * - Function types
+ */
+
+// ============================================================================
+// Primitive Types
+// ============================================================================
+
+const message: string = 'Hello, TypeScript!'
+const count: number = 42
+const isActive: boolean = true
+const nothing: null = null
+const notDefined: undefined = undefined
+
+// ============================================================================
+// Object Types
+// ============================================================================
+
+// Interface definition
+interface User {
+  id: string
+  name: string
+  email: string
+  age?: number // Optional property
+  readonly createdAt: Date // Readonly property
+}
+
+// Type alias definition
+type Product = {
+  id: string
+  name: string
+  price: number
+  category: string
+}
+
+// Creating objects
+const user: User = {
+  id: '1',
+  name: 'Alice',
+  email: 'alice@example.com',
+  createdAt: new Date(),
+}
+
+const product: Product = {
+  id: 'p1',
+  name: 'Laptop',
+  price: 999,
+  category: 'electronics',
+}
+
+// ============================================================================
+// Union Types
+// ============================================================================
+
+type Status = 'idle' | 'loading' | 'success' | 'error'
+type ID = string | number
+
+function formatId(id: ID): string {
+  if (typeof id === 'string') {
+    return id.toUpperCase()
+  }
+  return id.toString()
+}
+
+// Discriminated unions
+type ApiResponse =
+  | { success: true; data: User }
+  | { success: false; error: string }
+
+function handleResponse(response: ApiResponse) {
+  if (response.success) {
+    // TypeScript knows response.data exists here
+    console.log(response.data.name)
+  } else {
+    // TypeScript knows response.error exists here
+    console.error(response.error)
+  }
+}
+
+// ============================================================================
+// Intersection Types
+// ============================================================================
+
+type Timestamped = {
+  createdAt: Date
+  updatedAt: Date
+}
+
+type TimestampedUser = User & Timestamped
+
+const timestampedUser: TimestampedUser = {
+  id: '1',
+  name: 'Bob',
+  email: 'bob@example.com',
+  createdAt: new Date(),
+  updatedAt: new Date(),
+}
+
+// ============================================================================
+// Array Types
+// ============================================================================
+
+const numbers: number[] = [1, 2, 3, 4, 5]
+const strings: Array<string> = ['a', 'b', 'c']
+const users: User[] = [user, timestampedUser]
+
+// Readonly arrays
+const immutableNumbers: readonly number[] = [1, 2, 3]
+// immutableNumbers.push(4) // Error: push does not exist on readonly array
+
+// ============================================================================
+// Tuple Types
+// ============================================================================
+
+type Point = [number, number]
+type NamedPoint = [x: number, y: number, z?: number]
+
+const point: Point = [10, 20]
+const namedPoint: NamedPoint = [10, 20, 30]
+
+// ============================================================================
+// Function Types
+// ============================================================================
+
+// Function declaration
+function add(a: number, b: number): number {
+  return a + b
+}
+
+// Arrow function
+const subtract = (a: number, b: number): number => a - b
+
+// Function type alias
+type MathOperation = (a: number, b: number) => number
+
+const multiply: MathOperation = (a, b) => a * b
+
+// Optional parameters
+function greet(name: string, greeting?: string): string {
+  return `${greeting ?? 'Hello'}, ${name}!`
+}
+
+// Default parameters
+function createUser(name: string, role: string = 'user'): User {
+  return {
+    id: Math.random().toString(),
+    name,
+    email: `${name.toLowerCase()}@example.com`,
+    createdAt: new Date(),
+  }
+}
+
+// Rest parameters
+function sum(...numbers: number[]): number {
+  return numbers.reduce((acc, n) => acc + n, 0)
+}
+
+// ============================================================================
+// Type Inference
+// ============================================================================
+
+// Type is inferred as string
+let inferredString = 'hello'
+
+// Type is inferred as number
+let inferredNumber = 42
+
+// Type is inferred as { name: string; age: number }
+let inferredObject = {
+  name: 'Alice',
+  age: 30,
+}
+
+// Return type is inferred as number
+function inferredReturn(a: number, b: number) {
+  return a + b
+}
+
+// ============================================================================
+// Type Narrowing
+// ============================================================================
+
+// typeof guard
+function processValue(value: string | number) {
+  if (typeof value === 'string') {
+    // value is string here
+    return value.toUpperCase()
+  }
+  // value is number here
+  return value.toFixed(2)
+}
+
+// Truthiness narrowing
+function printName(name: string | null | undefined) {
+  if (name) {
+    // name is string here
+    console.log(name.toUpperCase())
+  }
+}
+
+// Equality narrowing
+function example(x: string | number, y: string | boolean) {
+  if (x === y) {
+    // x and y are both string here
+    console.log(x.toUpperCase(), y.toLowerCase())
+  }
+}
+
+// in operator narrowing
+type Fish = { swim: () => void }
+type Bird = { fly: () => void }
+
+function move(animal: Fish | Bird) {
+  if ('swim' in animal) {
+    // animal is Fish here
+    animal.swim()
+  } else {
+    // animal is Bird here
+    animal.fly()
+  }
+}
+
+// instanceof narrowing
+function processError(error: Error | string) {
+  if (error instanceof Error) {
+    // error is Error here
+    console.error(error.message)
+  } else {
+    // error is string here
+    console.error(error)
+  }
+}
+
+// ============================================================================
+// Type Predicates (Custom Type Guards)
+// ============================================================================
+
+function isUser(value: unknown): value is User {
+  return (
+    typeof value === 'object' &&
+    value !== null &&
+    'id' in value &&
+    'name' in value &&
+    'email' in value
+  )
+}
+
+function processData(data: unknown) {
+  if (isUser(data)) {
+    // data is User here
+    console.log(data.name)
+  }
+}
+
+// ============================================================================
+// Const Assertions
+// ============================================================================
+
+// Without const assertion
+const mutableConfig = {
+  host: 'localhost',
+  port: 8080,
+}
+// mutableConfig.host = 'example.com' // OK
+
+// With const assertion
+const immutableConfig = {
+  host: 'localhost',
+  port: 8080,
+} as const
+// immutableConfig.host = 'example.com' // Error: cannot assign to readonly property
+
+// Array with const assertion
+const directions = ['north', 'south', 'east', 'west'] as const
+// Type: readonly ["north", "south", "east", "west"]
+
+// ============================================================================
+// Literal Types
+// ============================================================================
+
+type Direction = 'north' | 'south' | 'east' | 'west'
+type HttpMethod = 'GET' | 'POST' | 'PUT' | 'DELETE'
+type DiceValue = 1 | 2 | 3 | 4 | 5 | 6
+
+function move(direction: Direction, steps: number) {
+  console.log(`Moving ${direction} by ${steps} steps`)
+}
+
+move('north', 10) // OK
+// move('up', 10) // Error: "up" is not assignable to Direction
+
+// ============================================================================
+// Index Signatures
+// ============================================================================
+
+interface StringMap {
+  [key: string]: string
+}
+
+const translations: StringMap = {
+  hello: 'Hola',
+  goodbye: 'Adiós',
+  thanks: 'Gracias',
+}
+
+// ============================================================================
+// Utility Functions
+// ============================================================================
+
+// Type-safe object keys
+function getObjectKeys<T extends object>(obj: T): Array<keyof T> {
+  return Object.keys(obj) as Array<keyof T>
+}
+
+// Type-safe property access
+function getProperty<T, K extends keyof T>(obj: T, key: K): T[K] {
+  return obj[key]
+}
+
+const userName = getProperty(user, 'name') // Type: string
+const userAge = getProperty(user, 'age') // Type: number | undefined
+
+// ============================================================================
+// Named Return Values (Go-style)
+// ============================================================================
+
+function parseJSON(json: string): { data: unknown | null; err: Error | null } {
+  let data: unknown | null = null
+  let err: Error | null = null
+
+  try {
+    data = JSON.parse(json)
+  } catch (error) {
+    err = error instanceof Error ? error : new Error(String(error))
+  }
+
+  return { data, err }
+}
+
+// Usage
+const { data, err } = parseJSON('{"name": "Alice"}')
+if (err) {
+  console.error('Failed to parse JSON:', err.message)
+} else {
+  console.log('Parsed data:', data)
+}
+
+// ============================================================================
+// Exports
+// ============================================================================
+
+export type { User, Product, Status, ID, ApiResponse, TimestampedUser }
+export { formatId, handleResponse, processValue, isUser, getProperty, parseJSON }
+

.claude/skills/typescript/quick-reference.md

@@ -0,0 +1,395 @@
+# TypeScript Quick Reference
+
+Quick lookup guide for common TypeScript patterns and syntax.
+
+## Basic Types
+
+```typescript
+// Primitives
+string, number, boolean, null, undefined, symbol, bigint
+
+// Special types
+any         // Avoid - disables type checking
+unknown     // Type-safe alternative to any
+void        // No return value
+never       // Never returns
+
+// Arrays
+number[]
+Array<string>
+readonly number[]
+
+// Tuples
+[string, number]
+[x: number, y: number]
+
+// Objects
+{ name: string; age: number }
+Record<string, number>
+```
+
+## Type Declarations
+
+```typescript
+// Interface
+interface User {
+  id: string
+  name: string
+  age?: number          // Optional
+  readonly createdAt: Date  // Readonly
+}
+
+// Type alias
+type Status = 'idle' | 'loading' | 'success' | 'error'
+type ID = string | number
+type Point = { x: number; y: number }
+
+// Function type
+type Callback = (data: string) => void
+type MathOp = (a: number, b: number) => number
+```
+
+## Union & Intersection
+
+```typescript
+// Union (OR)
+string | number
+type Result = Success | Error
+
+// Intersection (AND)
+A & B
+type Combined = User & Timestamped
+
+// Discriminated union
+type State =
+  | { status: 'idle' }
+  | { status: 'loading' }
+  | { status: 'success'; data: Data }
+  | { status: 'error'; error: Error }
+```
+
+## Generics
+
+```typescript
+// Generic function
+function identity<T>(value: T): T
+
+// Generic interface
+interface Box<T> { value: T }
+
+// Generic with constraint
+function getProperty<T, K extends keyof T>(obj: T, key: K): T[K]
+
+// Multiple type parameters
+function merge<T, U>(a: T, b: U): T & U
+
+// Default type parameter
+interface Response<T = unknown> { data: T }
+```
+
+## Utility Types
+
+```typescript
+Partial<T>              // Make all optional
+Required<T>             // Make all required
+Readonly<T>             // Make all readonly
+Pick<T, K>              // Select properties
+Omit<T, K>              // Exclude properties
+Record<K, T>            // Object with specific keys
+Exclude<T, U>           // Remove from union
+Extract<T, U>           // Extract from union
+NonNullable<T>          // Remove null/undefined
+ReturnType<T>           // Get function return type
+Parameters<T>           // Get function parameters
+Awaited<T>              // Unwrap Promise
+```
+
+## Type Guards
+
+```typescript
+// typeof
+if (typeof value === 'string') { }
+
+// instanceof
+if (error instanceof Error) { }
+
+// in operator
+if ('property' in object) { }
+
+// Custom type guard
+function isUser(value: unknown): value is User {
+  return typeof value === 'object' && value !== null && 'id' in value
+}
+
+// Assertion function
+function assertIsString(value: unknown): asserts value is string {
+  if (typeof value !== 'string') throw new Error()
+}
+```
+
+## Advanced Types
+
+```typescript
+// Conditional types
+type IsString<T> = T extends string ? true : false
+
+// Mapped types
+type Nullable<T> = { [K in keyof T]: T[K] | null }
+
+// Template literal types
+type EventName<T extends string> = `on${Capitalize<T>}`
+
+// Key remapping
+type Getters<T> = {
+  [K in keyof T as `get${Capitalize<string & K>}`]: () => T[K]
+}
+
+// infer keyword
+type Flatten<T> = T extends Array<infer U> ? U : T
+```
+
+## Functions
+
+```typescript
+// Function declaration
+function add(a: number, b: number): number { return a + b }
+
+// Arrow function
+const subtract = (a: number, b: number): number => a - b
+
+// Optional parameters
+function greet(name: string, greeting?: string): string { }
+
+// Default parameters
+function create(name: string, role = 'user'): User { }
+
+// Rest parameters
+function sum(...numbers: number[]): number { }
+
+// Overloads
+function format(value: string): string
+function format(value: number): string
+function format(value: string | number): string { }
+```
+
+## Classes
+
+```typescript
+class User {
+  // Properties
+  private id: string
+  public name: string
+  protected age: number
+  readonly createdAt: Date
+
+  // Constructor
+  constructor(name: string) {
+    this.name = name
+    this.createdAt = new Date()
+  }
+
+  // Methods
+  greet(): string {
+    return `Hello, ${this.name}`
+  }
+
+  // Static
+  static create(name: string): User {
+    return new User(name)
+  }
+
+  // Getters/Setters
+  get displayName(): string {
+    return this.name.toUpperCase()
+  }
+}
+
+// Inheritance
+class Admin extends User {
+  constructor(name: string, public permissions: string[]) {
+    super(name)
+  }
+}
+
+// Abstract class
+abstract class Animal {
+  abstract makeSound(): void
+}
+```
+
+## React Patterns
+
+```typescript
+// Component props
+interface ButtonProps {
+  variant?: 'primary' | 'secondary'
+  onClick?: () => void
+  children: React.ReactNode
+}
+
+export function Button({ variant = 'primary', onClick, children }: ButtonProps) { }
+
+// Generic component
+interface ListProps<T> {
+  items: T[]
+  renderItem: (item: T) => React.ReactNode
+}
+
+export function List<T>({ items, renderItem }: ListProps<T>) { }
+
+// Hooks
+const [state, setState] = useState<string>('')
+const [data, setData] = useState<User | null>(null)
+
+// Context
+interface AuthContextType {
+  user: User | null
+  login: () => Promise<void>
+}
+
+const AuthContext = createContext<AuthContextType | undefined>(undefined)
+
+export function useAuth(): AuthContextType {
+  const context = useContext(AuthContext)
+  if (!context) throw new Error('useAuth must be used within AuthProvider')
+  return context
+}
+```
+
+## Common Patterns
+
+### Result Type
+```typescript
+type Result<T, E = Error> =
+  | { success: true; data: T }
+  | { success: false; error: E }
+```
+
+### Option Type
+```typescript
+type Option<T> = Some<T> | None
+interface Some<T> { _tag: 'Some'; value: T }
+interface None { _tag: 'None' }
+```
+
+### Branded Types
+```typescript
+type Brand<K, T> = K & { __brand: T }
+type UserId = Brand<string, 'UserId'>
+```
+
+### Named Returns (Go-style)
+```typescript
+function parseJSON(json: string): { data: unknown | null; err: Error | null } {
+  let data: unknown | null = null
+  let err: Error | null = null
+  
+  try {
+    data = JSON.parse(json)
+  } catch (error) {
+    err = error instanceof Error ? error : new Error(String(error))
+  }
+  
+  return { data, err }
+}
+```
+
+## Type Assertions
+
+```typescript
+// as syntax (preferred)
+const value = input as string
+
+// Angle bracket syntax (not in JSX)
+const value = <string>input
+
+// as const
+const config = { host: 'localhost' } as const
+
+// Non-null assertion (use sparingly)
+const element = document.getElementById('app')!
+```
+
+## Type Narrowing
+
+```typescript
+// Control flow
+if (value !== null) {
+  // value is non-null here
+}
+
+// Switch with discriminated unions
+switch (state.status) {
+  case 'success':
+    console.log(state.data) // TypeScript knows data exists
+    break
+  case 'error':
+    console.log(state.error) // TypeScript knows error exists
+    break
+}
+
+// Optional chaining
+user?.profile?.name
+
+// Nullish coalescing
+const name = user?.name ?? 'Anonymous'
+```
+
+## Module Syntax
+
+```typescript
+// Named exports
+export function helper() { }
+export const CONFIG = { }
+
+// Default export
+export default class App { }
+
+// Type-only imports/exports
+import type { User } from './types'
+export type { User }
+
+// Namespace imports
+import * as utils from './utils'
+```
+
+## TSConfig Essentials
+
+```json
+{
+  "compilerOptions": {
+    "strict": true,
+    "target": "ES2022",
+    "module": "ESNext",
+    "moduleResolution": "bundler",
+    "jsx": "react-jsx",
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "resolveJsonModule": true
+  }
+}
+```
+
+## Common Errors & Fixes
+
+| Error | Fix |
+|-------|-----|
+| Type 'X' is not assignable to type 'Y' | Check type compatibility, use type assertion if needed |
+| Object is possibly 'null' | Use optional chaining `?.` or null check |
+| Cannot find module | Install `@types/package-name` |
+| Implicit any | Add type annotation or enable strict mode |
+| Property does not exist | Check object shape, use type guard |
+
+## Best Practices
+
+1. Enable `strict` mode in tsconfig.json
+2. Avoid `any`, use `unknown` instead
+3. Use discriminated unions for state
+4. Leverage type inference
+5. Use `const` assertions for immutable data
+6. Create custom type guards for runtime safety
+7. Use utility types instead of recreating
+8. Document complex types with JSDoc
+9. Prefer interfaces for objects, types for unions
+10. Use branded types for domain-specific primitives
+

.claude/skills/typescript/references/common-patterns.md

@@ -0,0 +1,756 @@
+# TypeScript Common Patterns Reference
+
+This document contains commonly used TypeScript patterns and idioms from real-world applications.
+
+## React Patterns
+
+### Component Props
+
+```typescript
+// Basic props with children
+interface ButtonProps {
+  variant?: 'primary' | 'secondary' | 'tertiary'
+  size?: 'sm' | 'md' | 'lg'
+  disabled?: boolean
+  onClick?: () => void
+  children: React.ReactNode
+}
+
+export function Button({
+  variant = 'primary',
+  size = 'md',
+  disabled = false,
+  onClick,
+  children,
+}: ButtonProps) {
+  return (
+    <button className={`btn-${variant} btn-${size}`} disabled={disabled} onClick={onClick}>
+      {children}
+    </button>
+  )
+}
+
+// Props extending HTML attributes
+interface InputProps extends React.InputHTMLAttributes<HTMLInputElement> {
+  label?: string
+  error?: string
+}
+
+export function Input({ label, error, ...inputProps }: InputProps) {
+  return (
+    <div>
+      {label && <label>{label}</label>}
+      <input {...inputProps} />
+      {error && <span>{error}</span>}
+    </div>
+  )
+}
+
+// Generic component props
+interface ListProps<T> {
+  items: T[]
+  renderItem: (item: T) => React.ReactNode
+  keyExtractor: (item: T) => string
+}
+
+export function List<T>({ items, renderItem, keyExtractor }: ListProps<T>) {
+  return (
+    <ul>
+      {items.map((item) => (
+        <li key={keyExtractor(item)}>{renderItem(item)}</li>
+      ))}
+    </ul>
+  )
+}
+```
+
+### Hooks
+
+```typescript
+// Custom hook with return type
+function useLocalStorage<T>(key: string, initialValue: T): [T, (value: T) => void] {
+  const [storedValue, setStoredValue] = useState<T>(() => {
+    try {
+      const item = window.localStorage.getItem(key)
+      return item ? JSON.parse(item) : initialValue
+    } catch (error) {
+      return initialValue
+    }
+  })
+
+  const setValue = (value: T) => {
+    setStoredValue(value)
+    window.localStorage.setItem(key, JSON.stringify(value))
+  }
+
+  return [storedValue, setValue]
+}
+
+// Hook with options object
+interface UseFetchOptions<T> {
+  initialData?: T
+  onSuccess?: (data: T) => void
+  onError?: (error: Error) => void
+}
+
+function useFetch<T>(url: string, options?: UseFetchOptions<T>) {
+  const [data, setData] = useState<T | undefined>(options?.initialData)
+  const [loading, setLoading] = useState(false)
+  const [error, setError] = useState<Error | null>(null)
+
+  useEffect(() => {
+    let isCancelled = false
+
+    const fetchData = async () => {
+      setLoading(true)
+      try {
+        const response = await fetch(url)
+        const json = await response.json()
+        if (!isCancelled) {
+          setData(json)
+          options?.onSuccess?.(json)
+        }
+      } catch (err) {
+        if (!isCancelled) {
+          const error = err instanceof Error ? err : new Error(String(err))
+          setError(error)
+          options?.onError?.(error)
+        }
+      } finally {
+        if (!isCancelled) {
+          setLoading(false)
+        }
+      }
+    }
+
+    fetchData()
+
+    return () => {
+      isCancelled = true
+    }
+  }, [url])
+
+  return { data, loading, error }
+}
+```
+
+### Context
+
+```typescript
+// Type-safe context
+interface AuthContextType {
+  user: User | null
+  login: (email: string, password: string) => Promise<void>
+  logout: () => void
+  isAuthenticated: boolean
+}
+
+const AuthContext = createContext<AuthContextType | undefined>(undefined)
+
+export function AuthProvider({ children }: { children: React.ReactNode }) {
+  const [user, setUser] = useState<User | null>(null)
+
+  const login = async (email: string, password: string) => {
+    // Login logic
+    const user = await api.login(email, password)
+    setUser(user)
+  }
+
+  const logout = () => {
+    setUser(null)
+  }
+
+  const value: AuthContextType = {
+    user,
+    login,
+    logout,
+    isAuthenticated: user !== null,
+  }
+
+  return <AuthContext.Provider value={value}>{children}</AuthContext.Provider>
+}
+
+// Custom hook with proper error handling
+export function useAuth(): AuthContextType {
+  const context = useContext(AuthContext)
+  if (context === undefined) {
+    throw new Error('useAuth must be used within AuthProvider')
+  }
+  return context
+}
+```
+
+## API Response Patterns
+
+### Result Type Pattern
+
+```typescript
+// Discriminated union for API responses
+type Result<T, E = Error> =
+  | { success: true; data: T }
+  | { success: false; error: E }
+
+// Helper functions
+function success<T>(data: T): Result<T> {
+  return { success: true, data }
+}
+
+function failure<E = Error>(error: E): Result<never, E> {
+  return { success: false, error }
+}
+
+// Usage
+async function fetchUser(id: string): Promise<Result<User>> {
+  try {
+    const response = await fetch(`/api/users/${id}`)
+    if (!response.ok) {
+      return failure(new Error(`HTTP ${response.status}`))
+    }
+    const data = await response.json()
+    return success(data)
+  } catch (error) {
+    return failure(error instanceof Error ? error : new Error(String(error)))
+  }
+}
+
+// Consuming the result
+const result = await fetchUser('123')
+if (result.success) {
+  console.log(result.data.name) // Type-safe access
+} else {
+  console.error(result.error.message) // Type-safe error handling
+}
+```
+
+### Option Type Pattern
+
+```typescript
+// Option/Maybe type for nullable values
+type Option<T> = Some<T> | None
+
+interface Some<T> {
+  readonly _tag: 'Some'
+  readonly value: T
+}
+
+interface None {
+  readonly _tag: 'None'
+}
+
+// Constructors
+function some<T>(value: T): Option<T> {
+  return { _tag: 'Some', value }
+}
+
+function none(): Option<never> {
+  return { _tag: 'None' }
+}
+
+// Helper functions
+function isSome<T>(option: Option<T>): option is Some<T> {
+  return option._tag === 'Some'
+}
+
+function isNone<T>(option: Option<T>): option is None {
+  return option._tag === 'None'
+}
+
+function map<T, U>(option: Option<T>, fn: (value: T) => U): Option<U> {
+  return isSome(option) ? some(fn(option.value)) : none()
+}
+
+function getOrElse<T>(option: Option<T>, defaultValue: T): T {
+  return isSome(option) ? option.value : defaultValue
+}
+
+// Usage
+function findUser(id: string): Option<User> {
+  const user = users.find((u) => u.id === id)
+  return user ? some(user) : none()
+}
+
+const user = findUser('123')
+const userName = getOrElse(map(user, (u) => u.name), 'Unknown')
+```
+
+## State Management Patterns
+
+### Discriminated Union for State
+
+```typescript
+// State machine using discriminated unions
+type FetchState<T> =
+  | { status: 'idle' }
+  | { status: 'loading' }
+  | { status: 'success'; data: T }
+  | { status: 'error'; error: Error }
+
+// Reducer pattern
+type FetchAction<T> =
+  | { type: 'FETCH_START' }
+  | { type: 'FETCH_SUCCESS'; payload: T }
+  | { type: 'FETCH_ERROR'; error: Error }
+  | { type: 'RESET' }
+
+function fetchReducer<T>(state: FetchState<T>, action: FetchAction<T>): FetchState<T> {
+  switch (action.type) {
+    case 'FETCH_START':
+      return { status: 'loading' }
+    case 'FETCH_SUCCESS':
+      return { status: 'success', data: action.payload }
+    case 'FETCH_ERROR':
+      return { status: 'error', error: action.error }
+    case 'RESET':
+      return { status: 'idle' }
+  }
+}
+
+// Usage in component
+function UserProfile({ userId }: { userId: string }) {
+  const [state, dispatch] = useReducer(fetchReducer<User>, { status: 'idle' })
+
+  useEffect(() => {
+    dispatch({ type: 'FETCH_START' })
+    fetchUser(userId)
+      .then((user) => dispatch({ type: 'FETCH_SUCCESS', payload: user }))
+      .catch((error) => dispatch({ type: 'FETCH_ERROR', error }))
+  }, [userId])
+
+  switch (state.status) {
+    case 'idle':
+      return <div>Ready to load</div>
+    case 'loading':
+      return <div>Loading...</div>
+    case 'success':
+      return <div>{state.data.name}</div>
+    case 'error':
+      return <div>Error: {state.error.message}</div>
+  }
+}
+```
+
+### Store Pattern
+
+```typescript
+// Type-safe store implementation
+interface Store<T> {
+  getState: () => T
+  setState: (partial: Partial<T>) => void
+  subscribe: (listener: (state: T) => void) => () => void
+}
+
+function createStore<T>(initialState: T): Store<T> {
+  let state = initialState
+  const listeners = new Set<(state: T) => void>()
+
+  return {
+    getState: () => state,
+    setState: (partial) => {
+      state = { ...state, ...partial }
+      listeners.forEach((listener) => listener(state))
+    },
+    subscribe: (listener) => {
+      listeners.add(listener)
+      return () => listeners.delete(listener)
+    },
+  }
+}
+
+// Usage
+interface AppState {
+  user: User | null
+  theme: 'light' | 'dark'
+}
+
+const store = createStore<AppState>({
+  user: null,
+  theme: 'light',
+})
+
+// React hook integration
+function useStore<T, U>(store: Store<T>, selector: (state: T) => U): U {
+  const [value, setValue] = useState(() => selector(store.getState()))
+
+  useEffect(() => {
+    const unsubscribe = store.subscribe((state) => {
+      setValue(selector(state))
+    })
+    return unsubscribe
+  }, [store, selector])
+
+  return value
+}
+
+// Usage in component
+function ThemeToggle() {
+  const theme = useStore(store, (state) => state.theme)
+
+  return (
+    <button
+      onClick={() => store.setState({ theme: theme === 'light' ? 'dark' : 'light' })}
+    >
+      Toggle Theme
+    </button>
+  )
+}
+```
+
+## Form Patterns
+
+### Form State Management
+
+```typescript
+// Generic form state
+interface FormState<T> {
+  values: T
+  errors: Partial<Record<keyof T, string>>
+  touched: Partial<Record<keyof T, boolean>>
+  isSubmitting: boolean
+}
+
+// Form hook
+function useForm<T extends Record<string, any>>(
+  initialValues: T,
+  validate: (values: T) => Partial<Record<keyof T, string>>,
+) {
+  const [state, setState] = useState<FormState<T>>({
+    values: initialValues,
+    errors: {},
+    touched: {},
+    isSubmitting: false,
+  })
+
+  const handleChange = <K extends keyof T>(field: K, value: T[K]) => {
+    setState((prev) => ({
+      ...prev,
+      values: { ...prev.values, [field]: value },
+      errors: { ...prev.errors, [field]: undefined },
+    }))
+  }
+
+  const handleBlur = <K extends keyof T>(field: K) => {
+    setState((prev) => ({
+      ...prev,
+      touched: { ...prev.touched, [field]: true },
+    }))
+  }
+
+  const handleSubmit = async (onSubmit: (values: T) => Promise<void>) => {
+    const errors = validate(state.values)
+
+    if (Object.keys(errors).length > 0) {
+      setState((prev) => ({
+        ...prev,
+        errors,
+        touched: Object.keys(state.values).reduce(
+          (acc, key) => ({ ...acc, [key]: true }),
+          {},
+        ),
+      }))
+      return
+    }
+
+    setState((prev) => ({ ...prev, isSubmitting: true }))
+    try {
+      await onSubmit(state.values)
+    } finally {
+      setState((prev) => ({ ...prev, isSubmitting: false }))
+    }
+  }
+
+  return {
+    values: state.values,
+    errors: state.errors,
+    touched: state.touched,
+    isSubmitting: state.isSubmitting,
+    handleChange,
+    handleBlur,
+    handleSubmit,
+  }
+}
+
+// Usage
+interface LoginFormValues {
+  email: string
+  password: string
+}
+
+function LoginForm() {
+  const form = useForm<LoginFormValues>(
+    { email: '', password: '' },
+    (values) => {
+      const errors: Partial<Record<keyof LoginFormValues, string>> = {}
+      if (!values.email) {
+        errors.email = 'Email is required'
+      }
+      if (!values.password) {
+        errors.password = 'Password is required'
+      }
+      return errors
+    },
+  )
+
+  return (
+    <form
+      onSubmit={(e) => {
+        e.preventDefault()
+        form.handleSubmit(async (values) => {
+          await login(values.email, values.password)
+        })
+      }}
+    >
+      <input
+        value={form.values.email}
+        onChange={(e) => form.handleChange('email', e.target.value)}
+        onBlur={() => form.handleBlur('email')}
+      />
+      {form.touched.email && form.errors.email && <span>{form.errors.email}</span>}
+
+      <input
+        type="password"
+        value={form.values.password}
+        onChange={(e) => form.handleChange('password', e.target.value)}
+        onBlur={() => form.handleBlur('password')}
+      />
+      {form.touched.password && form.errors.password && (
+        <span>{form.errors.password}</span>
+      )}
+
+      <button type="submit" disabled={form.isSubmitting}>
+        Login
+      </button>
+    </form>
+  )
+}
+```
+
+## Validation Patterns
+
+### Zod Integration
+
+```typescript
+import { z } from 'zod'
+
+// Schema definition
+const userSchema = z.object({
+  id: z.string().uuid(),
+  name: z.string().min(1).max(100),
+  email: z.string().email(),
+  age: z.number().int().min(0).max(120),
+  role: z.enum(['admin', 'user', 'guest']),
+})
+
+// Extract type from schema
+type User = z.infer<typeof userSchema>
+
+// Validation function
+function validateUser(data: unknown): Result<User> {
+  const result = userSchema.safeParse(data)
+  if (result.success) {
+    return { success: true, data: result.data }
+  }
+  return {
+    success: false,
+    error: new Error(result.error.errors.map((e) => e.message).join(', ')),
+  }
+}
+
+// API integration
+async function createUser(data: unknown): Promise<Result<User>> {
+  const validation = validateUser(data)
+  if (!validation.success) {
+    return validation
+  }
+
+  try {
+    const response = await fetch('/api/users', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify(validation.data),
+    })
+
+    if (!response.ok) {
+      return failure(new Error(`HTTP ${response.status}`))
+    }
+
+    const user = await response.json()
+    return success(user)
+  } catch (error) {
+    return failure(error instanceof Error ? error : new Error(String(error)))
+  }
+}
+```
+
+## Builder Pattern
+
+```typescript
+// Fluent builder pattern
+class QueryBuilder<T> {
+  private filters: Array<(item: T) => boolean> = []
+  private sortFn?: (a: T, b: T) => number
+  private limitValue?: number
+
+  where(predicate: (item: T) => boolean): this {
+    this.filters.push(predicate)
+    return this
+  }
+
+  sortBy(compareFn: (a: T, b: T) => number): this {
+    this.sortFn = compareFn
+    return this
+  }
+
+  limit(count: number): this {
+    this.limitValue = count
+    return this
+  }
+
+  execute(data: T[]): T[] {
+    let result = data
+
+    // Apply filters
+    this.filters.forEach((filter) => {
+      result = result.filter(filter)
+    })
+
+    // Apply sorting
+    if (this.sortFn) {
+      result = result.sort(this.sortFn)
+    }
+
+    // Apply limit
+    if (this.limitValue !== undefined) {
+      result = result.slice(0, this.limitValue)
+    }
+
+    return result
+  }
+}
+
+// Usage
+interface Product {
+  id: string
+  name: string
+  price: number
+  category: string
+}
+
+const products: Product[] = [
+  /* ... */
+]
+
+const query = new QueryBuilder<Product>()
+  .where((p) => p.category === 'electronics')
+  .where((p) => p.price < 1000)
+  .sortBy((a, b) => a.price - b.price)
+  .limit(10)
+  .execute(products)
+```
+
+## Factory Pattern
+
+```typescript
+// Abstract factory pattern with TypeScript
+interface Button {
+  render: () => string
+  onClick: () => void
+}
+
+interface ButtonFactory {
+  createButton: (label: string, onClick: () => void) => Button
+}
+
+class PrimaryButton implements Button {
+  constructor(private label: string, private clickHandler: () => void) {}
+
+  render() {
+    return `<button class="primary">${this.label}</button>`
+  }
+
+  onClick() {
+    this.clickHandler()
+  }
+}
+
+class SecondaryButton implements Button {
+  constructor(private label: string, private clickHandler: () => void) {}
+
+  render() {
+    return `<button class="secondary">${this.label}</button>`
+  }
+
+  onClick() {
+    this.clickHandler()
+  }
+}
+
+class PrimaryButtonFactory implements ButtonFactory {
+  createButton(label: string, onClick: () => void): Button {
+    return new PrimaryButton(label, onClick)
+  }
+}
+
+class SecondaryButtonFactory implements ButtonFactory {
+  createButton(label: string, onClick: () => void): Button {
+    return new SecondaryButton(label, onClick)
+  }
+}
+
+// Usage
+function createUI(factory: ButtonFactory) {
+  const button = factory.createButton('Click me', () => console.log('Clicked!'))
+  return button.render()
+}
+```
+
+## Named Return Variables Pattern
+
+```typescript
+// Following Go-style named returns
+function parseUser(data: unknown): { user: User | null; err: Error | null } {
+  let user: User | null = null
+  let err: Error | null = null
+
+  try {
+    user = userSchema.parse(data)
+  } catch (error) {
+    err = error instanceof Error ? error : new Error(String(error))
+  }
+
+  return { user, err }
+}
+
+// With explicit naming
+function fetchData(url: string): {
+  data: unknown | null
+  status: number
+  err: Error | null
+} {
+  let data: unknown | null = null
+  let status = 0
+  let err: Error | null = null
+
+  try {
+    const response = fetch(url)
+    // Process response
+  } catch (error) {
+    err = error instanceof Error ? error : new Error(String(error))
+  }
+
+  return { data, status, err }
+}
+```
+
+## Best Practices
+
+1. **Use discriminated unions** for type-safe state management
+2. **Leverage generic types** for reusable components and hooks
+3. **Extract types from Zod schemas** for runtime + compile-time safety
+4. **Use Result/Option types** for explicit error handling
+5. **Create builder patterns** for complex object construction
+6. **Use factory patterns** for flexible object creation
+7. **Type context properly** to catch usage errors at compile time
+8. **Prefer const assertions** for immutable configurations
+9. **Use branded types** for domain-specific primitives
+10. **Document patterns** with JSDoc for team knowledge sharing
+

.claude/skills/typescript/references/type-system.md

@@ -0,0 +1,804 @@
+# TypeScript Type System Reference
+
+## Overview
+
+TypeScript's type system is structural (duck-typed) rather than nominal. Two types are compatible if their structure matches, regardless of their names.
+
+## Primitive Types
+
+### Basic Primitives
+
+```typescript
+let str: string = 'hello'
+let num: number = 42
+let bool: boolean = true
+let nul: null = null
+let undef: undefined = undefined
+let sym: symbol = Symbol('key')
+let big: bigint = 100n
+```
+
+### Special Types
+
+**any** - Disables type checking (avoid when possible):
+```typescript
+let anything: any = 'string'
+anything = 42 // OK
+anything.nonExistent() // OK at compile time, error at runtime
+```
+
+**unknown** - Type-safe alternative to any (requires type checking):
+```typescript
+let value: unknown = 'string'
+// value.toUpperCase() // Error: must narrow type first
+
+if (typeof value === 'string') {
+  value.toUpperCase() // OK after narrowing
+}
+```
+
+**void** - Absence of a value (function return type):
+```typescript
+function log(message: string): void {
+  console.log(message)
+}
+```
+
+**never** - Value that never occurs (exhaustive checks, infinite loops):
+```typescript
+function throwError(message: string): never {
+  throw new Error(message)
+}
+
+function exhaustiveCheck(value: never): never {
+  throw new Error(`Unhandled case: ${value}`)
+}
+```
+
+## Object Types
+
+### Interfaces
+
+```typescript
+// Basic interface
+interface User {
+  id: string
+  name: string
+  email: string
+}
+
+// Optional properties
+interface Product {
+  id: string
+  name: string
+  description?: string // Optional
+}
+
+// Readonly properties
+interface Config {
+  readonly apiUrl: string
+  readonly timeout: number
+}
+
+// Index signatures
+interface Dictionary {
+  [key: string]: string
+}
+
+// Method signatures
+interface Calculator {
+  add(a: number, b: number): number
+  subtract(a: number, b: number): number
+}
+
+// Extending interfaces
+interface Employee extends User {
+  role: string
+  department: string
+}
+
+// Multiple inheritance
+interface Admin extends User, Employee {
+  permissions: string[]
+}
+```
+
+### Type Aliases
+
+```typescript
+// Basic type alias
+type ID = string | number
+
+// Object type
+type Point = {
+  x: number
+  y: number
+}
+
+// Union type
+type Status = 'idle' | 'loading' | 'success' | 'error'
+
+// Intersection type
+type Timestamped = {
+  createdAt: Date
+  updatedAt: Date
+}
+
+type TimestampedUser = User & Timestamped
+
+// Function type
+type Callback = (data: string) => void
+
+// Generic type alias
+type Result<T> = { success: true; data: T } | { success: false; error: string }
+```
+
+### Interface vs Type Alias
+
+**Use interface when:**
+- Defining object shapes
+- Need declaration merging
+- Building public API types that others might extend
+
+**Use type when:**
+- Creating unions or intersections
+- Working with mapped types
+- Need conditional types
+- Defining primitive aliases
+
+## Array and Tuple Types
+
+### Arrays
+
+```typescript
+// Array syntax
+let numbers: number[] = [1, 2, 3]
+let strings: Array<string> = ['a', 'b', 'c']
+
+// Readonly arrays
+let immutable: readonly number[] = [1, 2, 3]
+let alsoImmutable: ReadonlyArray<string> = ['a', 'b']
+```
+
+### Tuples
+
+```typescript
+// Fixed-length, mixed-type arrays
+type Point = [number, number]
+type NamedPoint = [x: number, y: number]
+
+// Optional elements
+type OptionalTuple = [string, number?]
+
+// Rest elements
+type StringNumberBooleans = [string, number, ...boolean[]]
+
+// Readonly tuples
+type ReadonlyPair = readonly [string, number]
+```
+
+## Union and Intersection Types
+
+### Union Types
+
+```typescript
+// Value can be one of several types
+type StringOrNumber = string | number
+
+function format(value: StringOrNumber): string {
+  if (typeof value === 'string') {
+    return value
+  }
+  return value.toString()
+}
+
+// Discriminated unions
+type Shape =
+  | { kind: 'circle'; radius: number }
+  | { kind: 'square'; size: number }
+  | { kind: 'rectangle'; width: number; height: number }
+
+function area(shape: Shape): number {
+  switch (shape.kind) {
+    case 'circle':
+      return Math.PI * shape.radius ** 2
+    case 'square':
+      return shape.size ** 2
+    case 'rectangle':
+      return shape.width * shape.height
+  }
+}
+```
+
+### Intersection Types
+
+```typescript
+// Combine multiple types
+type Draggable = {
+  drag: () => void
+}
+
+type Resizable = {
+  resize: () => void
+}
+
+type UIWidget = Draggable & Resizable
+
+const widget: UIWidget = {
+  drag: () => console.log('dragging'),
+  resize: () => console.log('resizing'),
+}
+```
+
+## Literal Types
+
+### String Literal Types
+
+```typescript
+type Direction = 'north' | 'south' | 'east' | 'west'
+type HttpMethod = 'GET' | 'POST' | 'PUT' | 'DELETE'
+
+function move(direction: Direction) {
+  // direction can only be one of the four values
+}
+```
+
+### Number Literal Types
+
+```typescript
+type DiceValue = 1 | 2 | 3 | 4 | 5 | 6
+type PowerOfTwo = 1 | 2 | 4 | 8 | 16 | 32
+```
+
+### Boolean Literal Types
+
+```typescript
+type Yes = true
+type No = false
+```
+
+### Template Literal Types
+
+```typescript
+// String manipulation at type level
+type EventName<T extends string> = `on${Capitalize<T>}`
+type ClickEvent = EventName<'click'> // "onClick"
+
+// Combining literals
+type Color = 'red' | 'blue' | 'green'
+type Shade = 'light' | 'dark'
+type ColorShade = `${Shade}-${Color}` // "light-red" | "light-blue" | ...
+
+// Extract patterns
+type EmailLocaleIDs = 'welcome_email' | 'email_heading'
+type FooterLocaleIDs = 'footer_title' | 'footer_sendoff'
+type AllLocaleIDs = `${EmailLocaleIDs | FooterLocaleIDs}_id`
+```
+
+## Type Inference
+
+### Automatic Inference
+
+```typescript
+// Type inferred as string
+let message = 'hello'
+
+// Type inferred as number[]
+let numbers = [1, 2, 3]
+
+// Type inferred as { name: string; age: number }
+let person = {
+  name: 'Alice',
+  age: 30,
+}
+
+// Return type inferred
+function add(a: number, b: number) {
+  return a + b // Returns number
+}
+```
+
+### Const Assertions
+
+```typescript
+// Without const assertion
+let colors1 = ['red', 'green', 'blue'] // Type: string[]
+
+// With const assertion
+let colors2 = ['red', 'green', 'blue'] as const // Type: readonly ["red", "green", "blue"]
+
+// Object with const assertion
+const config = {
+  host: 'localhost',
+  port: 8080,
+} as const // All properties become readonly with literal types
+```
+
+### Type Inference in Generics
+
+```typescript
+// Generic type inference from usage
+function identity<T>(value: T): T {
+  return value
+}
+
+let str = identity('hello') // T inferred as string
+let num = identity(42) // T inferred as number
+
+// Multiple type parameters
+function pair<T, U>(first: T, second: U): [T, U] {
+  return [first, second]
+}
+
+let p = pair('hello', 42) // [string, number]
+```
+
+## Type Narrowing
+
+### typeof Guards
+
+```typescript
+function padLeft(value: string, padding: string | number) {
+  if (typeof padding === 'number') {
+    // padding is number here
+    return ' '.repeat(padding) + value
+  }
+  // padding is string here
+  return padding + value
+}
+```
+
+### instanceof Guards
+
+```typescript
+class Dog {
+  bark() {
+    console.log('Woof!')
+  }
+}
+
+class Cat {
+  meow() {
+    console.log('Meow!')
+  }
+}
+
+function makeSound(animal: Dog | Cat) {
+  if (animal instanceof Dog) {
+    animal.bark()
+  } else {
+    animal.meow()
+  }
+}
+```
+
+### in Operator
+
+```typescript
+type Fish = { swim: () => void }
+type Bird = { fly: () => void }
+
+function move(animal: Fish | Bird) {
+  if ('swim' in animal) {
+    animal.swim()
+  } else {
+    animal.fly()
+  }
+}
+```
+
+### Equality Narrowing
+
+```typescript
+function example(x: string | number, y: string | boolean) {
+  if (x === y) {
+    // x and y are both string here
+    x.toUpperCase()
+    y.toLowerCase()
+  }
+}
+```
+
+### Control Flow Analysis
+
+```typescript
+function example(value: string | null) {
+  if (value === null) {
+    return
+  }
+  // value is string here (null eliminated)
+  console.log(value.toUpperCase())
+}
+```
+
+### Type Predicates (Custom Type Guards)
+
+```typescript
+function isString(value: unknown): value is string {
+  return typeof value === 'string'
+}
+
+function example(value: unknown) {
+  if (isString(value)) {
+    // value is string here
+    console.log(value.toUpperCase())
+  }
+}
+
+// More complex example
+interface User {
+  id: string
+  name: string
+}
+
+function isUser(value: unknown): value is User {
+  return (
+    typeof value === 'object' &&
+    value !== null &&
+    'id' in value &&
+    'name' in value &&
+    typeof (value as User).id === 'string' &&
+    typeof (value as User).name === 'string'
+  )
+}
+```
+
+### Assertion Functions
+
+```typescript
+function assert(condition: unknown, message?: string): asserts condition {
+  if (!condition) {
+    throw new Error(message || 'Assertion failed')
+  }
+}
+
+function assertIsString(value: unknown): asserts value is string {
+  if (typeof value !== 'string') {
+    throw new Error('Value must be a string')
+  }
+}
+
+function example(value: unknown) {
+  assertIsString(value)
+  // value is string here
+  console.log(value.toUpperCase())
+}
+```
+
+## Generic Types
+
+### Basic Generics
+
+```typescript
+// Generic function
+function first<T>(items: T[]): T | undefined {
+  return items[0]
+}
+
+// Generic interface
+interface Box<T> {
+  value: T
+}
+
+// Generic type alias
+type Result<T> = { success: true; data: T } | { success: false; error: string }
+
+// Generic class
+class Stack<T> {
+  private items: T[] = []
+
+  push(item: T) {
+    this.items.push(item)
+  }
+
+  pop(): T | undefined {
+    return this.items.pop()
+  }
+}
+```
+
+### Generic Constraints
+
+```typescript
+// Constrain to specific type
+function getProperty<T, K extends keyof T>(obj: T, key: K): T[K] {
+  return obj[key]
+}
+
+// Constrain to interface
+interface HasLength {
+  length: number
+}
+
+function logLength<T extends HasLength>(item: T): void {
+  console.log(item.length)
+}
+
+logLength('string') // OK
+logLength([1, 2, 3]) // OK
+logLength({ length: 10 }) // OK
+// logLength(42) // Error: number doesn't have length
+```
+
+### Default Generic Parameters
+
+```typescript
+interface Response<T = unknown> {
+  data: T
+  status: number
+}
+
+// Uses default
+let response1: Response = { data: 'anything', status: 200 }
+
+// Explicitly typed
+let response2: Response<User> = { data: user, status: 200 }
+```
+
+### Generic Utility Functions
+
+```typescript
+// Pick specific properties
+function pick<T, K extends keyof T>(obj: T, keys: K[]): Pick<T, K> {
+  const result = {} as Pick<T, K>
+  keys.forEach((key) => {
+    result[key] = obj[key]
+  })
+  return result
+}
+
+// Map array
+function map<T, U>(items: T[], fn: (item: T) => U): U[] {
+  return items.map(fn)
+}
+```
+
+## Advanced Type Features
+
+### Conditional Types
+
+```typescript
+// Basic conditional type
+type IsString<T> = T extends string ? true : false
+
+type A = IsString<string> // true
+type B = IsString<number> // false
+
+// Distributive conditional types
+type ToArray<T> = T extends any ? T[] : never
+
+type StrArrOrNumArr = ToArray<string | number> // string[] | number[]
+
+// Infer keyword
+type Flatten<T> = T extends Array<infer U> ? U : T
+
+type Str = Flatten<string[]> // string
+type Num = Flatten<number> // number
+
+// ReturnType implementation
+type MyReturnType<T> = T extends (...args: any[]) => infer R ? R : never
+```
+
+### Mapped Types
+
+```typescript
+// Make all properties optional
+type Partial<T> = {
+  [K in keyof T]?: T[K]
+}
+
+// Make all properties required
+type Required<T> = {
+  [K in keyof T]-?: T[K]
+}
+
+// Make all properties readonly
+type Readonly<T> = {
+  readonly [K in keyof T]: T[K]
+}
+
+// Transform keys
+type Getters<T> = {
+  [K in keyof T as `get${Capitalize<string & K>}`]: () => T[K]
+}
+
+interface Person {
+  name: string
+  age: number
+}
+
+type PersonGetters = Getters<Person>
+// {
+//   getName: () => string
+//   getAge: () => number
+// }
+```
+
+### Key Remapping
+
+```typescript
+// Filter keys
+type RemoveKindField<T> = {
+  [K in keyof T as Exclude<K, 'kind'>]: T[K]
+}
+
+// Conditional key inclusion
+type PickByType<T, U> = {
+  [K in keyof T as T[K] extends U ? K : never]: T[K]
+}
+
+interface Model {
+  id: number
+  name: string
+  age: number
+  email: string
+}
+
+type StringFields = PickByType<Model, string> // { name: string, email: string }
+```
+
+### Recursive Types
+
+```typescript
+// JSON value type
+type JSONValue = string | number | boolean | null | JSONObject | JSONArray
+
+interface JSONObject {
+  [key: string]: JSONValue
+}
+
+interface JSONArray extends Array<JSONValue> {}
+
+// Tree structure
+interface TreeNode<T> {
+  value: T
+  children?: TreeNode<T>[]
+}
+
+// Deep readonly
+type DeepReadonly<T> = {
+  readonly [K in keyof T]: T[K] extends object ? DeepReadonly<T[K]> : T[K]
+}
+```
+
+## Type Compatibility
+
+### Structural Typing
+
+```typescript
+interface Point {
+  x: number
+  y: number
+}
+
+interface Named {
+  name: string
+}
+
+// Compatible if structure matches
+let point: Point = { x: 0, y: 0 }
+let namedPoint = { x: 0, y: 0, name: 'origin' }
+
+point = namedPoint // OK: namedPoint has x and y
+```
+
+### Variance
+
+**Covariance** (return types):
+```typescript
+interface Animal {
+  name: string
+}
+
+interface Dog extends Animal {
+  breed: string
+}
+
+let getDog: () => Dog
+let getAnimal: () => Animal
+
+getAnimal = getDog // OK: Dog is assignable to Animal
+```
+
+**Contravariance** (parameter types):
+```typescript
+let handleAnimal: (animal: Animal) => void
+let handleDog: (dog: Dog) => void
+
+handleDog = handleAnimal // OK: can pass Dog to function expecting Animal
+```
+
+## Index Types
+
+### Index Signatures
+
+```typescript
+// String index
+interface StringMap {
+  [key: string]: string
+}
+
+// Number index
+interface NumberArray {
+  [index: number]: number
+}
+
+// Combine with named properties
+interface MixedInterface {
+  length: number
+  [index: number]: string
+}
+```
+
+### keyof Operator
+
+```typescript
+interface Person {
+  name: string
+  age: number
+}
+
+type PersonKeys = keyof Person // "name" | "age"
+
+function getProperty<T, K extends keyof T>(obj: T, key: K): T[K] {
+  return obj[key]
+}
+```
+
+### Indexed Access Types
+
+```typescript
+interface Person {
+  name: string
+  age: number
+  address: {
+    street: string
+    city: string
+  }
+}
+
+type Name = Person['name'] // string
+type Age = Person['age'] // number
+type Address = Person['address'] // { street: string; city: string }
+type AddressCity = Person['address']['city'] // string
+
+// Access multiple keys
+type NameOrAge = Person['name' | 'age'] // string | number
+```
+
+## Branded Types
+
+```typescript
+// Create nominal types from structural types
+type Brand<K, T> = K & { __brand: T }
+
+type USD = Brand<number, 'USD'>
+type EUR = Brand<number, 'EUR'>
+
+function makeUSD(amount: number): USD {
+  return amount as USD
+}
+
+function makeEUR(amount: number): EUR {
+  return amount as EUR
+}
+
+let usd = makeUSD(100)
+let eur = makeEUR(100)
+
+// usd = eur // Error: different brands
+```
+
+## Best Practices
+
+1. **Prefer type inference** - Let TypeScript infer types when obvious
+2. **Use strict null checks** - Enable strictNullChecks for better safety
+3. **Avoid `any`** - Use `unknown` and narrow with type guards
+4. **Use discriminated unions** - Better than loose unions for state
+5. **Leverage const assertions** - Get narrow literal types
+6. **Use branded types** - When structural typing isn't enough
+7. **Document complex types** - Add JSDoc comments
+8. **Extract reusable types** - DRY principle applies to types too
+9. **Use utility types** - Leverage built-in transformation types
+10. **Test your types** - Use type assertions to verify type correctness
+

.claude/skills/typescript/references/utility-types.md

@@ -0,0 +1,666 @@
+# TypeScript Utility Types Reference
+
+TypeScript provides several built-in utility types that help transform and manipulate types. These are implemented using advanced type features like mapped types and conditional types.
+
+## Property Modifiers
+
+### Partial\<T\>
+
+Makes all properties in `T` optional.
+
+```typescript
+interface User {
+  id: string
+  name: string
+  email: string
+  age: number
+}
+
+type PartialUser = Partial<User>
+// {
+//   id?: string
+//   name?: string
+//   email?: string
+//   age?: number
+// }
+
+// Useful for update operations
+function updateUser(id: string, updates: Partial<User>) {
+  // Only update provided fields
+}
+
+updateUser('123', { name: 'Alice' }) // OK
+updateUser('123', { name: 'Alice', age: 30 }) // OK
+```
+
+### Required\<T\>
+
+Makes all properties in `T` required (removes optionality).
+
+```typescript
+interface Config {
+  host?: string
+  port?: number
+  timeout?: number
+}
+
+type RequiredConfig = Required<Config>
+// {
+//   host: string
+//   port: number
+//   timeout: number
+// }
+
+function initServer(config: RequiredConfig) {
+  // All properties are guaranteed to exist
+  console.log(config.host, config.port, config.timeout)
+}
+```
+
+### Readonly\<T\>
+
+Makes all properties in `T` readonly.
+
+```typescript
+interface MutablePoint {
+  x: number
+  y: number
+}
+
+type ImmutablePoint = Readonly<MutablePoint>
+// {
+//   readonly x: number
+//   readonly y: number
+// }
+
+const point: ImmutablePoint = { x: 0, y: 0 }
+// point.x = 10 // Error: Cannot assign to 'x' because it is a read-only property
+```
+
+### Mutable\<T\> (Custom)
+
+Removes readonly modifiers (not built-in, but useful pattern).
+
+```typescript
+type Mutable<T> = {
+  -readonly [K in keyof T]: T[K]
+}
+
+interface ReadonlyPerson {
+  readonly name: string
+  readonly age: number
+}
+
+type MutablePerson = Mutable<ReadonlyPerson>
+// {
+//   name: string
+//   age: number
+// }
+```
+
+## Property Selection
+
+### Pick\<T, K\>
+
+Creates a type by picking specific properties from `T`.
+
+```typescript
+interface User {
+  id: string
+  name: string
+  email: string
+  password: string
+  createdAt: Date
+}
+
+type UserProfile = Pick<User, 'id' | 'name' | 'email'>
+// {
+//   id: string
+//   name: string
+//   email: string
+// }
+
+// Useful for API responses
+function getUserProfile(id: string): UserProfile {
+  // Return only safe properties
+}
+```
+
+### Omit\<T, K\>
+
+Creates a type by omitting specific properties from `T`.
+
+```typescript
+interface User {
+  id: string
+  name: string
+  email: string
+  password: string
+}
+
+type UserWithoutPassword = Omit<User, 'password'>
+// {
+//   id: string
+//   name: string
+//   email: string
+// }
+
+// Useful for public user data
+function publishUser(user: User): UserWithoutPassword {
+  const { password, ...publicData } = user
+  return publicData
+}
+```
+
+## Union Type Utilities
+
+### Exclude\<T, U\>
+
+Excludes types from `T` that are assignable to `U`.
+
+```typescript
+type T1 = Exclude<'a' | 'b' | 'c', 'a'> // "b" | "c"
+type T2 = Exclude<string | number | boolean, boolean> // string | number
+
+type EventType = 'click' | 'scroll' | 'mousemove' | 'keypress'
+type UIEvent = Exclude<EventType, 'scroll'> // "click" | "mousemove" | "keypress"
+```
+
+### Extract\<T, U\>
+
+Extracts types from `T` that are assignable to `U`.
+
+```typescript
+type T1 = Extract<'a' | 'b' | 'c', 'a' | 'f'> // "a"
+type T2 = Extract<string | number | boolean, boolean> // boolean
+
+type Shape = 'circle' | 'square' | 'triangle' | 'rectangle'
+type RoundedShape = Extract<Shape, 'circle'> // "circle"
+```
+
+### NonNullable\<T\>
+
+Excludes `null` and `undefined` from `T`.
+
+```typescript
+type T1 = NonNullable<string | null | undefined> // string
+type T2 = NonNullable<string | number | null> // string | number
+
+function processValue(value: string | null | undefined) {
+  if (value !== null && value !== undefined) {
+    const nonNull: NonNullable<typeof value> = value
+    // nonNull is guaranteed to be string
+  }
+}
+```
+
+## Object Construction
+
+### Record\<K, T\>
+
+Constructs an object type with keys of type `K` and values of type `T`.
+
+```typescript
+type PageInfo = Record<string, number>
+// { [key: string]: number }
+
+const pages: PageInfo = {
+  home: 1,
+  about: 2,
+  contact: 3,
+}
+
+// Useful for mapped objects
+type UserRole = 'admin' | 'user' | 'guest'
+type RolePermissions = Record<UserRole, string[]>
+
+const permissions: RolePermissions = {
+  admin: ['read', 'write', 'delete'],
+  user: ['read', 'write'],
+  guest: ['read'],
+}
+
+// With specific keys
+type ThemeColors = Record<'primary' | 'secondary' | 'accent', string>
+
+const colors: ThemeColors = {
+  primary: '#007bff',
+  secondary: '#6c757d',
+  accent: '#28a745',
+}
+```
+
+## Function Utilities
+
+### Parameters\<T\>
+
+Extracts the parameter types of a function type as a tuple.
+
+```typescript
+function createUser(name: string, age: number, email: string) {
+  // ...
+}
+
+type CreateUserParams = Parameters<typeof createUser>
+// [name: string, age: number, email: string]
+
+// Useful for higher-order functions
+function withLogging<T extends (...args: any[]) => any>(
+  fn: T,
+  ...args: Parameters<T>
+): ReturnType<T> {
+  console.log('Calling with:', args)
+  return fn(...args)
+}
+```
+
+### ConstructorParameters\<T\>
+
+Extracts the parameter types of a constructor function type.
+
+```typescript
+class User {
+  constructor(public name: string, public age: number) {}
+}
+
+type UserConstructorParams = ConstructorParameters<typeof User>
+// [name: string, age: number]
+
+function createUser(...args: UserConstructorParams): User {
+  return new User(...args)
+}
+```
+
+### ReturnType\<T\>
+
+Extracts the return type of a function type.
+
+```typescript
+function createUser() {
+  return {
+    id: '123',
+    name: 'Alice',
+    email: 'alice@example.com',
+  }
+}
+
+type User = ReturnType<typeof createUser>
+// {
+//   id: string
+//   name: string
+//   email: string
+// }
+
+// Useful with async functions
+async function fetchData() {
+  return { success: true, data: [1, 2, 3] }
+}
+
+type FetchResult = ReturnType<typeof fetchData>
+// Promise<{ success: boolean; data: number[] }>
+
+type UnwrappedResult = Awaited<FetchResult>
+// { success: boolean; data: number[] }
+```
+
+### InstanceType\<T\>
+
+Extracts the instance type of a constructor function type.
+
+```typescript
+class User {
+  name: string
+  constructor(name: string) {
+    this.name = name
+  }
+}
+
+type UserInstance = InstanceType<typeof User>
+// User
+
+function processUser(user: UserInstance) {
+  console.log(user.name)
+}
+```
+
+### ThisParameterType\<T\>
+
+Extracts the type of the `this` parameter for a function type.
+
+```typescript
+function toHex(this: Number) {
+  return this.toString(16)
+}
+
+type ThisType = ThisParameterType<typeof toHex> // Number
+```
+
+### OmitThisParameter\<T\>
+
+Removes the `this` parameter from a function type.
+
+```typescript
+function toHex(this: Number) {
+  return this.toString(16)
+}
+
+type PlainFunction = OmitThisParameter<typeof toHex>
+// () => string
+```
+
+## String Manipulation
+
+### Uppercase\<S\>
+
+Converts string literal type to uppercase.
+
+```typescript
+type Greeting = 'hello'
+type LoudGreeting = Uppercase<Greeting> // "HELLO"
+
+// Useful for constants
+type HttpMethod = 'get' | 'post' | 'put' | 'delete'
+type HttpMethodUppercase = Uppercase<HttpMethod>
+// "GET" | "POST" | "PUT" | "DELETE"
+```
+
+### Lowercase\<S\>
+
+Converts string literal type to lowercase.
+
+```typescript
+type Greeting = 'HELLO'
+type QuietGreeting = Lowercase<Greeting> // "hello"
+```
+
+### Capitalize\<S\>
+
+Capitalizes the first letter of a string literal type.
+
+```typescript
+type Event = 'click' | 'scroll' | 'mousemove'
+type EventHandler = `on${Capitalize<Event>}`
+// "onClick" | "onScroll" | "onMousemove"
+```
+
+### Uncapitalize\<S\>
+
+Uncapitalizes the first letter of a string literal type.
+
+```typescript
+type Greeting = 'Hello'
+type LowerGreeting = Uncapitalize<Greeting> // "hello"
+```
+
+## Async Utilities
+
+### Awaited\<T\>
+
+Unwraps the type of a Promise (recursively).
+
+```typescript
+type T1 = Awaited<Promise<string>> // string
+type T2 = Awaited<Promise<Promise<number>>> // number
+type T3 = Awaited<boolean | Promise<string>> // boolean | string
+
+// Useful with async functions
+async function fetchUser() {
+  return { id: '123', name: 'Alice' }
+}
+
+type User = Awaited<ReturnType<typeof fetchUser>>
+// { id: string; name: string }
+```
+
+## Custom Utility Types
+
+### DeepPartial\<T\>
+
+Makes all properties and nested properties optional.
+
+```typescript
+type DeepPartial<T> = {
+  [K in keyof T]?: T[K] extends object ? DeepPartial<T[K]> : T[K]
+}
+
+interface User {
+  id: string
+  profile: {
+    name: string
+    address: {
+      street: string
+      city: string
+    }
+  }
+}
+
+type PartialUser = DeepPartial<User>
+// All properties at all levels are optional
+```
+
+### DeepReadonly\<T\>
+
+Makes all properties and nested properties readonly.
+
+```typescript
+type DeepReadonly<T> = {
+  readonly [K in keyof T]: T[K] extends object ? DeepReadonly<T[K]> : T[K]
+}
+
+interface User {
+  id: string
+  profile: {
+    name: string
+    address: {
+      street: string
+      city: string
+    }
+  }
+}
+
+type ImmutableUser = DeepReadonly<User>
+// All properties at all levels are readonly
+```
+
+### PartialBy\<T, K\>
+
+Makes specific properties optional.
+
+```typescript
+type PartialBy<T, K extends keyof T> = Omit<T, K> & Partial<Pick<T, K>>
+
+interface User {
+  id: string
+  name: string
+  email: string
+  age: number
+}
+
+type UserWithOptionalEmail = PartialBy<User, 'email' | 'age'>
+// {
+//   id: string
+//   name: string
+//   email?: string
+//   age?: number
+// }
+```
+
+### RequiredBy\<T, K\>
+
+Makes specific properties required.
+
+```typescript
+type RequiredBy<T, K extends keyof T> = Omit<T, K> & Required<Pick<T, K>>
+
+interface User {
+  id?: string
+  name?: string
+  email?: string
+}
+
+type UserWithRequiredId = RequiredBy<User, 'id'>
+// {
+//   id: string
+//   name?: string
+//   email?: string
+// }
+```
+
+### PickByType\<T, U\>
+
+Picks properties by their value type.
+
+```typescript
+type PickByType<T, U> = {
+  [K in keyof T as T[K] extends U ? K : never]: T[K]
+}
+
+interface User {
+  id: string
+  name: string
+  age: number
+  active: boolean
+}
+
+type StringProperties = PickByType<User, string>
+// { id: string; name: string }
+
+type NumberProperties = PickByType<User, number>
+// { age: number }
+```
+
+### OmitByType\<T, U\>
+
+Omits properties by their value type.
+
+```typescript
+type OmitByType<T, U> = {
+  [K in keyof T as T[K] extends U ? never : K]: T[K]
+}
+
+interface User {
+  id: string
+  name: string
+  age: number
+  active: boolean
+}
+
+type NonStringProperties = OmitByType<User, string>
+// { age: number; active: boolean }
+```
+
+### Prettify\<T\>
+
+Flattens intersections for better IDE tooltips.
+
+```typescript
+type Prettify<T> = {
+  [K in keyof T]: T[K]
+} & {}
+
+type A = { a: string }
+type B = { b: number }
+type C = A & B
+
+type PrettyC = Prettify<C>
+// Displays as: { a: string; b: number }
+// Instead of: A & B
+```
+
+### ValueOf\<T\>
+
+Gets the union of all value types.
+
+```typescript
+type ValueOf<T> = T[keyof T]
+
+interface Colors {
+  red: '#ff0000'
+  green: '#00ff00'
+  blue: '#0000ff'
+}
+
+type ColorValue = ValueOf<Colors>
+// "#ff0000" | "#00ff00" | "#0000ff"
+```
+
+### Nullable\<T\>
+
+Makes type nullable.
+
+```typescript
+type Nullable<T> = T | null
+
+type NullableString = Nullable<string> // string | null
+```
+
+### Maybe\<T\>
+
+Makes type nullable or undefined.
+
+```typescript
+type Maybe<T> = T | null | undefined
+
+type MaybeString = Maybe<string> // string | null | undefined
+```
+
+### UnionToIntersection\<U\>
+
+Converts union to intersection (advanced).
+
+```typescript
+type UnionToIntersection<U> = (U extends any ? (k: U) => void : never) extends (
+  k: infer I,
+) => void
+  ? I
+  : never
+
+type Union = { a: string } | { b: number }
+type Intersection = UnionToIntersection<Union>
+// { a: string } & { b: number }
+```
+
+## Combining Utility Types
+
+Utility types can be composed for powerful transformations:
+
+```typescript
+// Make specific properties optional and readonly
+type PartialReadonly<T, K extends keyof T> = Readonly<Pick<T, K>> &
+  Partial<Omit<T, K>>
+
+interface User {
+  id: string
+  name: string
+  email: string
+  password: string
+}
+
+type SafeUser = PartialReadonly<User, 'id' | 'name'>
+// {
+//   readonly id: string
+//   readonly name: string
+//   email?: string
+//   password?: string
+// }
+
+// Pick and make readonly
+type ReadonlyPick<T, K extends keyof T> = Readonly<Pick<T, K>>
+
+// Omit and make required
+type RequiredOmit<T, K extends keyof T> = Required<Omit<T, K>>
+```
+
+## Best Practices
+
+1. **Use built-in utilities first** - They're well-tested and optimized
+2. **Compose utilities** - Combine utilities for complex transformations
+3. **Create custom utilities** - For patterns you use frequently
+4. **Name utilities clearly** - Make intent obvious from the name
+5. **Document complex utilities** - Add JSDoc for non-obvious transformations
+6. **Test utility types** - Use type assertions to verify behavior
+7. **Avoid over-engineering** - Don't create utilities for one-off uses
+8. **Consider readability** - Sometimes explicit types are clearer
+9. **Use Prettify** - For better IDE tooltips with intersections
+10. **Leverage keyof** - For type-safe property selection
+

CLAUDE.md

@@ -0,0 +1,93 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Overview
+
+libsecp256k1 is a high-performance C library for cryptographic operations on the secp256k1 elliptic curve, primarily developed for Bitcoin. It provides ECDSA signing/verification, Schnorr signatures (BIP-340), ECDH, ElligatorSwift (BIP-324), and MuSig2 (BIP-327).
+
+## Build Commands
+
+### Autotools (primary)
+```bash
+./autogen.sh           # Generate configure script
+./configure            # Configure build (add --enable-module-* flags for optional modules)
+make                   # Build
+make check             # Run tests
+```
+
+### CMake
+```bash
+cmake -B build                # Configure
+cmake --build build           # Build
+ctest --test-dir build        # Run tests
+```
+
+### Common configure flags
+- `--enable-module-recovery` - ECDSA pubkey recovery (off by default)
+- `--enable-module-schnorrsig` - Schnorr signatures
+- `--enable-module-musig` - MuSig2 multi-signatures
+- `--enable-module-ellswift` - ElligatorSwift
+- `--enable-module-ecdh` - ECDH key exchange
+- `--enable-examples` - Build example programs
+- `--enable-coverage` - Enable coverage analysis (requires GCC)
+
+### Test coverage
+```bash
+./configure --enable-coverage
+make check
+gcovr --exclude 'src/bench*' --exclude 'src/modules/.*/bench_impl.h' --print-summary
+```
+
+## Architecture
+
+### Core structure
+- `src/secp256k1.c` - Main library implementation, includes all other source files
+- `include/secp256k1.h` - Primary public API header with argument ordering rules
+- `include/secp256k1_*.h` - Module-specific public headers
+
+### Implementation pattern
+The library uses a header-only internal architecture:
+- `src/*.h` - Internal declarations
+- `src/*_impl.h` - Corresponding implementations (included by secp256k1.c)
+
+### Key components
+- **Field operations**: `field_5x52*.h` (64-bit) or `field_10x26*.h` (32-bit) - arithmetic mod p
+- **Scalar operations**: `scalar_4x64*.h` (64-bit) or `scalar_8x32*.h` (32-bit) - arithmetic mod n
+- **Group operations**: `group*.h` - elliptic curve point operations
+- **Modular inverse**: `modinv64*.h` / `modinv32*.h` - safegcd-based inversion
+- **ecmult**: `ecmult*.h` - point multiplication (signing and verification)
+
+### Optional modules (src/modules/)
+- `ecdh/` - Elliptic curve Diffie-Hellman
+- `recovery/` - ECDSA public key recovery
+- `extrakeys/` - x-only pubkeys (required by schnorrsig)
+- `schnorrsig/` - BIP-340 Schnorr signatures (requires extrakeys)
+- `musig/` - BIP-327 MuSig2 (requires schnorrsig)
+- `ellswift/` - BIP-324 ElligatorSwift encoding
+
+## Code Conventions
+
+- **Language**: C89 with `/* */` comments only (no `//`)
+- **Declarations**: Must appear at beginning of blocks before statements
+- **Memory**: No runtime heap allocation unless explicitly requested by caller
+- **Identifiers**: File-scope identifiers must start with `secp256k1_`
+- **Pointers**: Use `void *ptr` not `void* ptr`; use `unsigned int` not `unsigned`
+- **Comparison**: Use `secp256k1_memcmp_var` instead of `memcmp`
+- **Secret data**: Must be constant-time, cleared after use, tested with ctime_tests
+
+## Testing
+
+- `src/tests.c` - Main test suite
+- `src/tests_exhaustive.c` - Exhaustive tests on small groups
+- `src/ctime_tests.c` - Constant-time verification (requires valgrind)
+- `src/unit_test.c` - Unit tests
+
+## API Design
+
+Arguments follow a specific order (from include/secp256k1.h):
+1. Context pointers first
+2. Output arguments
+3. Combined output/input arguments
+4. Input-only arguments
+5. Array lengths immediately follow their arrays