Problem Statement
FAVA Trails currently runs MCP servers as agent-owned stdio processes. That works for Claude/Codex/Hermes, but ChatGPT needs durable access to the FAVA data repo outside any one agent session. The goal is not to expose every agent's FAVA process, nor to build a per-machine registry. Operators need one long-lived, repo-owned FAVA MCP runtime per fava-trails-data repo, connected to ChatGPT through OpenAI Secure MCP Tunnel.
Solution
Add a documented long-lived "ChatGPT gateway" runtime for a single FAVA Trails data repo. The runtime is not owned by an agent, does not infer scope from a product working directory, and is started with explicit FAVA_TRAILS_DATA_REPO plus Trust Gate configuration. tunnel-client connects ChatGPT to this private MCP runtime over stdio or HTTP, using OpenAI's outbound tunnel path. Existing per-agent stdio registration remains unchanged.
User Stories
- As a FAVA operator, I want one long-lived MCP runtime per data repo, so that ChatGPT can access durable FAVA memory.
- As a ChatGPT user, I want to recall promoted thoughts, so that ChatGPT has the same memory as other agents.
- As a ChatGPT user, I want to save draft thoughts, so that useful chat findings persist.
- As a ChatGPT user, I want to propose truth through Trust Gate, so that shared memory remains governed.
- As an operator, I want no public FAVA endpoint, so that private memory stays inside my environment.
- As an operator, I want the runtime to be data-repo-owned, so that it is not tied to any agent process or working directory.
- As a developer, I want existing stdio clients unchanged, so that Claude/Codex/Hermes do not regress.
- As a maintainer, I want one shared MCP tool surface, so that schemas and behavior do not drift.
- As an operator, I want startup checks, so that missing JJ, data repo, Trust Gate auth, or tunnel config is diagnosable.
- As an operator, I want clear docs for OpenAI tunnel setup, so that ChatGPT connector validation is repeatable.
- As a security reviewer, I want destructive/admin tools handled deliberately, so that ChatGPT write access does not imply unrestricted repo administration.
- As an open-source user, I want no MachineWisdom host assumptions, so that the same pattern works for any private FAVA data repo.
Implementation Decisions
- Replace the native-public-HTTPS framing with OpenAI Secure MCP Tunnel as the primary transport.
- Add a long-lived gateway run mode or documented command profile for a single
FAVA_TRAILS_DATA_REPO.
- Keep current per-agent stdio MCP behavior as the default path.
- Do not build a per-machine registry, dynamic agent registration, Aperture aggregation, or Cloudflare Tunnel path for v1.
- ChatGPT gateway scope resolution must not depend on a caller working directory. ChatGPT must use explicit
trail_name, with list_scopes and optional FAVA_TRAILS_SCOPE_HINT for discovery.
- The gateway supports read and write workflows:
recall, get_thought, save_thought, propose_truth, and sync.
- Admin/destructive tools such as rollback-style operations should be excluded or separately enabled by explicit configuration.
- Machine Wisdom's deployment is one long-lived gateway for the single Machine Wisdom
fava-trails-data repo.
Testing Decisions
- Primary seam: end-to-end MCP behavior through the dedicated gateway runtime, covering list-tools, recall, save draft, and propose truth.
- Preserve existing handler and TrailManager tests for storage, Trust Gate, scope, conflict, and VCS behavior.
- Add startup/config tests for missing data repo, missing JJ, missing Trust Gate provider config, and clear runtime output.
- Add documented manual validation with
tunnel-client doctor, tunnel-client run, and ChatGPT connector discovery.
Out of Scope
- Exposing every per-agent FAVA MCP process.
- Building a per-machine MCP registry.
- Tailscale Aperture integration.
- Cloudflare Tunnel as a mainline path.
- Public HTTPS hosting of private FAVA data.
- Redesigning thought lifecycle, Trust Gate semantics, or retrieval ranking.
Implementation Issues
Further Notes
OpenAI Secure MCP Tunnel supports private MCP servers reachable over stdio or HTTP from the tunnel-client host, does not require inbound internet access, and is the right fit for this per-data-repo gateway design: https://developers.openai.com/api/docs/guides/secure-mcp-tunnels
Problem Statement
FAVA Trails currently runs MCP servers as agent-owned stdio processes. That works for Claude/Codex/Hermes, but ChatGPT needs durable access to the FAVA data repo outside any one agent session. The goal is not to expose every agent's FAVA process, nor to build a per-machine registry. Operators need one long-lived, repo-owned FAVA MCP runtime per
fava-trails-datarepo, connected to ChatGPT through OpenAI Secure MCP Tunnel.Solution
Add a documented long-lived "ChatGPT gateway" runtime for a single FAVA Trails data repo. The runtime is not owned by an agent, does not infer scope from a product working directory, and is started with explicit
FAVA_TRAILS_DATA_REPOplus Trust Gate configuration.tunnel-clientconnects ChatGPT to this private MCP runtime over stdio or HTTP, using OpenAI's outbound tunnel path. Existing per-agent stdio registration remains unchanged.User Stories
Implementation Decisions
FAVA_TRAILS_DATA_REPO.trail_name, withlist_scopesand optionalFAVA_TRAILS_SCOPE_HINTfor discovery.recall,get_thought,save_thought,propose_truth, andsync.fava-trails-datarepo.Testing Decisions
tunnel-client doctor,tunnel-client run, and ChatGPT connector discovery.Out of Scope
Implementation Issues
Further Notes
OpenAI Secure MCP Tunnel supports private MCP servers reachable over stdio or HTTP from the
tunnel-clienthost, does not require inbound internet access, and is the right fit for this per-data-repo gateway design: https://developers.openai.com/api/docs/guides/secure-mcp-tunnels