# How Do You Remotely "Drive" Your Terminal AI from a Browser? You're running Claude Code on your company laptop, but you're browsing claude.ai on your phone. Can you issue commands to your terminal directly from the web? The Remote Control feature makes this a reality. It's not a simple terminal relay, but a full-fledged distributed session management platform involving environment registration, JWT authentication, git worktree isolation, and reconnection after disconnection. This chapter dives deep into the architectural design behind the Bridge system's 30+ source files. > 💡 **Plain English**: Think of it like remote desktop/Sunlogin—you control your dev environment from another device. > 🌍 **Industry Context**: Remotely controlling a terminal AI is not unique to Claude Code—it's a shared direction for AI coding tools in 2024-2025. **Cursor**'s Remote SSH mode allows users to run AI-assisted coding on remote servers via VS Code Remote SSH, but it essentially reuses VS Code's remote architecture without an independent session management layer. **GitHub Copilot** achieves cloud-based coding environments through Codespaces in VS Code, but it's IDE-centric rather than terminal-centric. **Windsurf** (Codeium) similarly relies on the VS Code remote extension ecosystem. **Codex (OpenAI)** v0.118.0 newly released a dedicated macOS standalone client, but it's primarily oriented toward local terminal execution. **OpenClaw** (formerly Clawdbot) represents another remote control paradigm—with messaging apps like WhatsApp/Telegram as the primary interaction entry point, supporting cross-region device wake-up and remote execution. Developers can trigger complex local build tasks from a simple phone message. The unique aspect of Claude Code's Bridge system is that it doesn't depend on an IDE remote framework, but instead builds a distributed session scheduling layer from scratch—including environment registration, work dispatching, JWT authentication refresh, and git worktree isolation. It's closer to Kubernetes' orchestration philosophy than a simple SSH tunnel. --- ## The Problem You're running Claude Code on your company laptop, but you're browsing claude.ai on your phone. Suddenly, you want Claude to help fix a bug—without going back to the terminal, just typing instructions directly on the web. What kind of distributed session system lies behind this "Remote Control" feature? --- > **[Chart placeholder 2.16-A]**: Sequence diagram — Bridge's complete lifecycle from registration to session execution (register environment → poll work → spawn session → WebSocket bidirectional communication → session ends → cleanup) ## You Might Think... "Probably just opens an SSH tunnel or WebSocket and forwards terminal input/output to the web, right?" You might think that. Something like VS Code Remote—a simple I/O proxy. --- ## Here's How It Actually Works Remote Control is a complete **distributed session management platform**, with environment registration, work dispatching, JWT authentication refresh, multi-session worktree isolation, reconnection after disconnection, and permission bridging—far more complex than a simple terminal proxy. Its code lives in the `bridge/` directory with 30+ TypeScript files, and the main logic file `replBridge.ts` alone exceeds 2400 lines. ### Section 1: Bridge Is a "Work Environment Registration Center" Analogous to a food delivery platform: the rider (bridge) first "goes online" on the platform (registers environment), then constantly refreshes to see if there are new orders (polls for work), picks up an order and goes to deliver (spawns a session), then comes back to wait. ```typescript // src/bridge/bridgeMain.ts, lines 141-152 export async function runBridgeLoop( config: BridgeConfig, environmentId: string, environmentSecret: string, api: BridgeApiClient, spawner: SessionSpawner, logger: BridgeLogger, signal: AbortSignal, backoffConfig: BackoffConfig = DEFAULT_BACKOFF, // ... ): Promise { ``` When registering, the Bridge carries complete "identity information": working directory, machine name, Git branch, maximum concurrent sessions (default 32), and spawn mode. ### Section 2: Three Spawn Modes—How Multiple Sessions Coexist > 📚 **Course Connection**: The three isolation strategies of spawn modes directly correspond to **operating systems** course models of process isolation—`single-session` is like a single process monopolizing resources, `worktree` is like container-level isolation (namespace + cgroup), and `same-dir` is like a thread model with shared memory. Understanding the trade-offs among these three modes is understanding the classic OS tradeoff of "isolation vs. performance." This is one of the most architecturally critical decisions: ```typescript // src/bridge/types.ts, lines 64-69 export type SpawnMode = 'single-session' | 'worktree' | 'same-dir' ``` - **single-session**: Only one session runs at a time; the bridge automatically exits when it ends. The simplest mode. - **worktree**: Each new session gets an **isolated git worktree**—independent working directory, independent branch, no interference. Imagine a "parallel universe" of the git repository. - **same-dir**: All sessions share the same directory. Fast but dangerous—two sessions might edit the same file simultaneously. In worktree mode, the core layer calls `createAgentWorktree()` to create a temporary branch, and `removeAgentWorktree()` is called for cleanup after the session ends. This means every session initiated from claude.ai runs in its own sandbox—breaking things won't affect the main branch. ### Section 3: Dual-Version Transport Protocol—v1 Legacy and v2 Direct Connect > 📚 **Course Connection**: The coexistence of v1/v2 protocols is a textbook case of **computer networking**'s "protocol evolution and backward compatibility." Just as the migration from HTTP/1.1 to HTTP/2 requires ALPN negotiation, Bridge uses GrowthBook feature flags to switch protocol versions, making the client transparent to the transport layer—this is exactly the practice of the "interface abstraction" principle in network layered architecture. Two connection protocols run simultaneously inside the system, switched by a GrowthBook feature flag: **v1 (Environments API, legacy path)**: 1. Register environment → get environment_id + secret 2. Poll for work → get WorkSecret (base64url-encoded JSON containing JWT token) 3. Confirm work → start WebSocket (HybridTransport: WS read + HTTP POST write) **v2 (Env-less direct connect, new path)**: 1. POST `/v1/code/sessions` → create session 2. POST `/v1/code/sessions/{id}/bridge` → directly get worker_jwt + epoch 3. SSE read + CCRClient write Comments in v2 (`remoteBridgeCore.ts`) explain the evolution: > "The Environments API historically existed because CCR's /worker/* endpoints required a session_id+role=worker JWT that only the work-dispatch layer could mint. Server PR #292605 adds the /bridge endpoint as a direct OAuth→worker_jwt exchange, making the env layer optional." In short: v1 needed a "middleman" layer to mint JWTs, while v2 goes directly in one step. The transport layer is abstracted as the `ReplBridgeTransport` interface, making upper-layer code agnostic to protocol version. ### Section 4: Permission Bridging—the Safety Rope for Remote Operations When the remote Claude wants to execute sensitive operations (edit files, run commands), the permission request must traverse the entire chain to reach the web user: ``` Claude subprocess → control_request → bridge captures → bridge forwards to claude.ai backend → web user sees permission popup → allow/deny → control_response → bridge forwards to subprocess → continue or stop execution ``` Permission request format (`sessionRunner.ts:33-43`): ```typescript export type PermissionRequest = { type: 'control_request' request_id: string request: { subtype: 'can_use_tool' tool_name: string input: Record tool_use_id: string } } ``` ### Section 5: Don't Panic When Disconnected—Sleep Detection and Exponential Backoff The Bridge runs on the user's laptop, and laptops go to sleep when closed. The system has a practical **system sleep detector** (a similar approach is common in Electron apps and mobile long-connection services): ```typescript // src/bridge/bridgeMain.ts, lines 107-109 function pollSleepDetectionThresholdMs(backoff: BackoffConfig): number { return backoff.connCapMs * 2 // default 4 minutes } ``` If the interval between two polls exceeds 4 minutes (twice the maximum backoff interval), the system determines it "just woke up from sleep" and resets all error counts—preventing timeouts accumulated during sleep from being misjudged as connection failures. The backoff strategy itself is standard exponential backoff: initial 2 seconds, cap at 2 minutes, give up completely after 10 minutes. ### Section 6: The Identity Crisis of Session IDs There's a somewhat comical compatibility issue in the system: the same session has different ID prefixes at different API layers. ```typescript // src/bridge/workSecret.ts, lines 62-73 export function sameSessionId(a: string, b: string): boolean { if (a === b) return true const aBody = a.slice(a.lastIndexOf('_') + 1) const bBody = b.slice(b.lastIndexOf('_') + 1) return aBody.length >= 4 && aBody === bBody } ``` v2 infrastructure returns `cse_abc123`, while the v1 compatibility layer returns `session_abc123`—the underlying UUID is the same, but the prefix differs. Without this comparison, the bridge would misidentify its own initiated sessions as "foreign sessions" and reject them. Comments honestly document the source of this historical debt. ### Section 7: Codename Tengu and the Five-Layer Gate All GrowthBook feature gates use the `tengu_` prefix (Tengu, a creature from Japanese mythology). To successfully use Remote Control, you must pass five checks: 1. `feature('BRIDGE_MODE')` — compile-time flag 2. `isClaudeAISubscriber()` — must be a claude.ai paid subscriber (excludes Bedrock/Vertex/API key) 3. `hasProfileScope()` — OAuth token needs `user:profile` scope 4. `getOauthAccountInfo()?.organizationUuid` — must be able to resolve organization UUID 5. `checkGate('tengu_ccr_bridge')` — server-side GrowthBook switch Each layer of failure has an independent diagnostic message (`bridgeEnabled.ts:70-87`), telling the user how to fix it. For example, when the scope is insufficient, it says: "Long-lived tokens from setup-token are limited to inference-only for security reasons. Run `claude auth login` to use Remote Control." --- ## The Philosophy Behind It The Remote Control system borrows design paradigms from **cloud-native orchestration systems** (like Kubernetes): 1. **Environment registration ≈ Node registration**. The Bridge registers with the control panel what it can do and how many sessions it can run. 2. **Work dispatching ≈ Pod scheduling**. The backend dispatches session requests to bridges with available capacity. 3. **Worktree isolation ≈ Container isolation**. Each session runs in its own git worktree without affecting other sessions. 4. **Heartbeat ≈ Health check**. The bridge periodically sends heartbeats to the backend; if the lease expires without renewal, it's considered lost. 5. **Graceful shutdown ≈ Graceful shutdown**. After SIGTERM, there's a 30-second grace period before forced termination. But unlike K8s, the "node" here is the user's laptop—it can sleep, disconnect, or shut down—so additional sleep detection, OAuth refresh, and reconnection mechanisms are needed. --- ## Code Landmarks - `src/bridge/types.ts`, line 1: `DEFAULT_SESSION_TIMEOUT_MS = 24h` - `src/bridge/types.ts`, lines 64-69: `SpawnMode` three mode definitions - `src/bridge/types.ts`, lines 33-51: `WorkSecret` complete structure - `src/bridge/types.ts`, line 79: `BridgeWorkerType` two worker types - `src/bridge/types.ts`, lines 133-176: `BridgeApiClient` complete API interface - `src/bridge/types.ts`, lines 178-190: `SessionHandle` session handle - `src/bridge/bridgeMain.ts`, lines 72-79: `DEFAULT_BACKOFF` backoff parameters - `src/bridge/bridgeMain.ts`, line 83: `SPAWN_SESSIONS_DEFAULT = 32` - `src/bridge/bridgeMain.ts`, lines 107-109: `pollSleepDetectionThresholdMs` sleep detection - `src/bridge/bridgeMain.ts`, line 141: `runBridgeLoop` main loop entry - `src/bridge/bridgeEnabled.ts`, lines 28-36: `isBridgeEnabled` runtime gate - `src/bridge/bridgeEnabled.ts`, lines 70-87: `getBridgeDisabledReason` diagnostic messages - `src/bridge/bridgeEnabled.ts`, lines 126-130: `isEnvLessBridgeEnabled` v2 gate - `src/bridge/bridgeEnabled.ts`, lines 185-189: `getCcrAutoConnectDefault` auto-connect - `src/bridge/bridgeEnabled.ts`, lines 197-202: `isCcrMirrorEnabled` mirror mode - `src/bridge/bridgeConfig.ts`, lines 18-48: OAuth token and base URL parsing - `src/bridge/remoteBridgeCore.ts`, lines 1-29: v2 env-less architecture comments - `src/bridge/replBridgeTransport.ts`, lines 14-21: v1/v2 transport difference comments - `src/bridge/workSecret.ts`, lines 6-32: `decodeWorkSecret` base64url decoding - `src/bridge/workSecret.ts`, lines 41-48: `buildSdkUrl` WebSocket URL construction - `src/bridge/workSecret.ts`, lines 62-73: `sameSessionId` cross-prefix ID comparison - `src/bridge/sessionRunner.ts`, lines 69-89: `TOOL_VERBS` tool name→verb mapping - `src/bridge/sessionRunner.ts`, lines 33-43: `PermissionRequest` permission request structure - `src/bridge/bridgeMessaging.ts`, lines 77-88: `isEligibleBridgeMessage` message filtering - `src/bridge/initReplBridge.ts`, line 110: `initReplBridge` REPL bridge entry - `src/remote/RemoteSessionManager.ts`, line 95: `RemoteSessionManager` remote session manager --- ## Limitations and Critique - **v1/v2 protocol coexistence increases complexity**: Two transport protocols running simultaneously, switched by GrowthBook flag, means the code maintains two complete connection paths. Any change requires double testing. - **Session ID cross-prefix issue is technical debt**: The `sameSessionId()` hack shows that the v1/v2 infrastructure ID systems were not unified, posing high long-term maintenance risk. - **Laptop sleep scenarios are fragile**: Although sleep detection and exponential backoff exist, reconnection after long periods of sleep (like overnight with the lid closed) may fail, requiring the user to manually restart the bridge. --- ## Directions for Further Inquiry 1. **Direct Connect** (`server/` directory): Another connection mode, possibly oriented toward IDE integration. How does it differ from Bridge? 2. **QR Code feature**: BridgeLogger has a `toggleQr()` method. Can you scan a QR code to connect while the bridge is running? 3. **CCR Mirror mode**: What's the specific application scenario for pure outbound event forwarding (no inbound control accepted)? 4. **Multi-Bridge coordination**: If multiple bridge instances are registered on the same machine, how does the backend dispatch? 5. **Session lifecycle management**: What's the cleanup flow after the 24-hour timeout? What's the reclamation mechanism for leftover worktrees? --- *Quality self-check:* - [x] Coverage: 12 core files out of 30+ analyzed, with a clear architectural panorama - [x] Fidelity: All constants, line numbers, and GrowthBook gate names come from source code - [x] Readability: Uses the food delivery platform analogy to build "register → take order → deliver" intuition - [x] Consistency: Follows the standard Q&A chapter structure - [x] Critical: Points out v1/v2 coexistence complexity and session ID historical debt - [x] Reusable: SpawnMode design and sleep detection mechanisms can be applied to any long-running client service