# iOS Node Foundation Checklist

**Date:** 2026-02-16  
**Scope:** Close OpenClaw "iOS node" gap with push-token capable companion foundation.

## Goal

Extend node RPC so iOS companions can register APNs push tokens and operators can inspect iOS node readiness safely.

## Implemented

- Added protocol parser:
  - `parseNodePushTokenSetParams()`
- Added node RPC:
  - `node.push_token.set`
- Added node connection state support for push registration:
  - provider, topic, environment, token, registeredAt
- Added node policy config gate:
  - `server.nodes.push.enabled` (default `false`)
- Added push summary visibility in:
  - `system.nodes` (masked `tokenPreview`, never full token)
- Updated node capability snapshot:
  - `system.capabilities.nodes.pushEnabled`
- Updated role scopes:
  - companion role allowed to call `node.push_token.set`

## Safety Notes

- Push tokens are stored in-memory for active node sessions.
- Operator API responses expose only masked token previews.

## Tests

- `src/gateway/protocol.test.ts`
  - push token parser valid/invalid cases.
- `src/gateway/handlers/node.test.ts`
  - push token registration path and masked preview response.
- `src/gateway/server.test.ts`
  - end-to-end `node.push_token.set` + `system.nodes` masked summary.
- `src/gateway/auth.test.ts`
  - role-scope coverage for `node.push_token.set`.
- `src/gateway/handlers/handlers.test.ts`
  - runtime config patch coverage for `server.nodes.push.enabled`.
- `src/config/schema.test.ts`
  - node push config defaults + custom parsing.

## Validation Run

```bash
pnpm test:run src/gateway/protocol.test.ts src/gateway/auth.test.ts src/gateway/handlers/node.test.ts src/gateway/handlers/handlers.test.ts src/gateway/server.test.ts src/config/schema.test.ts
pnpm typecheck
pnpm build
```