MetaMask · rekmarks · Jan 10, 2026 · Jan 10, 2026 · Jan 12, 2026 · Jan 12, 2026
@@ -24,8 +24,12 @@ describe('CapTP Integration', () => {
     // Create mock kernel with method implementations
     mockKernel = {
       launchSubcluster: vi.fn().mockResolvedValue({
-        body: '#{"rootKref":"ko1"}',
-        slots: ['ko1'],
+        subclusterId: 'sc1',
+        bootstrapRootKref: 'ko1',
+        bootstrapResult: {
+          body: '#{"result":"ok"}',
+          slots: [],
+        },
       }),
       terminateSubcluster: vi.fn().mockResolvedValue(undefined),
       queueMessage: vi.fn().mockResolvedValue({
@@ -113,9 +117,11 @@ describe('CapTP Integration', () => {
 
       // Call launchSubcluster via E()
       const result = await E(kernel).launchSubcluster(config);
+
+      // The kernel facade now returns LaunchResult instead of CapData
       expect(result).toStrictEqual({
-        body: '#{"rootKref":"ko1"}',
-        slots: ['ko1'],
+        subclusterId: 'sc1',
+        rootKref: 'ko1',
       });
 
       expect(mockKernel.launchSubcluster).toHaveBeenCalledWith(config);

@@ -74,4 +74,21 @@ describe('makeKernelCapTP', () => {
 
     expect(() => capTP.abort({ reason: 'test shutdown' })).not.toThrow();
   });
+
+  describe('kref marshalling', () => {
+    it('creates kernel CapTP with custom import/export tables', () => {
+      // Verify that makeKernelCapTP with the custom tables doesn't throw
+      const capTP = makeKernelCapTP({
+        kernel: mockKernel,
+        send: sendMock,
+      });
+
+      expect(capTP).toBeDefined();
+      expect(capTP.dispatch).toBeDefined();
+      expect(capTP.abort).toBeDefined();
+
+      // The custom tables are internal to CapTP, so we can't test them directly
+      // Integration tests will verify the end-to-end kref marshalling functionality
+    });
+  });
 });
@@ -1,5 +1,5 @@
 import { makeCapTP } from '@endo/captp';
-import type { Kernel } from '@metamask/ocap-kernel';
+import type { Kernel, KRef } from '@metamask/ocap-kernel';
 import type { Json } from '@metamask/utils';
 
 import { makeKernelFacade } from './kernel-facade.ts';
@@ -46,6 +46,133 @@ export type KernelCapTP = {
   abort: (reason?: Json) => void;
 };
 
+/**
+ * Create a proxy object that routes method calls to kernel.queueMessage().
+ *
+ * This proxy is what kernel-side code receives when background passes
+ * a kref presence back as an argument.
+ *
+ * @param kref - The kernel reference string.
+ * @param kernel - The kernel instance to route calls to.
+ * @returns A proxy object that routes method calls.
+ */
+function makeKrefProxy(kref: KRef, kernel: Kernel): Record<string, unknown> {
+  return new Proxy(
+    {},
+    {
+      get(_target, prop: string | symbol) {
+        if (typeof prop !== 'string') {
+          return undefined;
+        }
+
+        // Return a function that queues the message
+        return async (...args: unknown[]) => {
+          return kernel.queueMessage(kref, prop, args);
+        };
+      },
+    },
+  );
+}
+
+/**
+ * Create custom CapTP import/export tables that handle krefs specially.
+ *
+ * Export side: When kernel returns CapData with krefs in slots, we convert
+ * each kref into an exportable object that CapTP can marshal.
+ *
+ * Import side: When background sends a kref presence back, we convert it
+ * back to the original kref for kernel.queueMessage().
+ *
+ * @param kernel - The kernel instance for routing messages.
+ * @returns Import/export tables for CapTP.
+ */
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+function makeKrefTables(kernel: Kernel): {
+  exportSlot: (passable: unknown) => string | undefined;
+  importSlot: (slotId: string) => unknown;
+  didDisconnect: () => void;
+} {
+  // Map kref strings to unique slot IDs for CapTP
+  const krefToSlotId = new Map<string, string>();
+  const slotIdToKref = new Map<string, string>();
+  let nextSlotId = 0;
+
+  // Map kref strings to proxy objects (for import side)
+  const krefToProxy = new Map<string, object>();
+
+  return {
+    /**
+     * Export: Convert kref wrapper objects into CapTP slot IDs.
+     *
+     * When kernel facade returns `{ kref: 'ko42' }`, this converts it to
+     * a slot ID like 'kref:0' that CapTP can send to background.
+     *
+     * @param passable - The object to potentially export as a slot.
+     * @returns Slot ID if the object is a kref wrapper, undefined otherwise.
+     */
+    exportSlot(passable: unknown): string | undefined {
+      // Check if passable is a kref wrapper: exactly { kref: string } where kref starts with 'ko'
+      if (
+        typeof passable === 'object' &&
+        passable !== null &&
+        Object.keys(passable).length === 1 &&
+        'kref' in passable &&
+        typeof (passable as { kref: unknown }).kref === 'string' &&
+        (passable as { kref: string }).kref.startsWith('ko')
+      ) {
+        const { kref } = passable as { kref: string };
+
+        // Get or create slot ID for this kref
+        let slotId = krefToSlotId.get(kref);
+        if (!slotId) {
+          slotId = `kref:${nextSlotId}`;
+          nextSlotId += 1;
+          krefToSlotId.set(kref, slotId);
+          slotIdToKref.set(slotId, kref);
+        }
+
+        return slotId;
+      }
+      return undefined;
+    },
+
+    /**
+     * Import: Convert CapTP slot IDs back into kref proxy objects.
+     *
+     * When background sends a kref presence back as an argument, this
+     * converts it to a proxy that routes calls to kernel.queueMessage().
+     *
+     * @param slotId - The CapTP slot ID to import.
+     * @returns A proxy object for the kref, or undefined if unknown slot.
+     */
+    importSlot(slotId: string): unknown {
+      const kref = slotIdToKref.get(slotId);
+      if (!kref) {
+        return undefined;
+      }
+
+      // Return cached proxy or create new one
+      let proxy = krefToProxy.get(kref);
+      if (!proxy) {
+        proxy = makeKrefProxy(kref, kernel);
+        krefToProxy.set(kref, proxy);
+      }
+
+      return proxy;
+    },
+
+    /**
+     * Hook called when CapTP disconnects. Not used for kref marshalling.
+     */
+    didDisconnect() {
+      // Clean up resources if needed
+      krefToSlotId.clear();
+      slotIdToKref.clear();
+      krefToProxy.clear();
+    },
+  };
+}
+
 /**
  * Create a CapTP endpoint for the kernel.
  *
@@ -62,6 +189,10 @@ export function makeKernelCapTP(options: KernelCapTPOptions): KernelCapTP {
   // Create the kernel facade that will be exposed to the background
   const kernelFacade = makeKernelFacade(kernel);
 
+  // TODO: Custom kref tables for marshalling are currently disabled
+  // They need further investigation to work correctly with CapTP's message flow
+  // const krefTables = makeKrefTables(kernel);
+
   // Create the CapTP endpoint
   const { dispatch, abort } = makeCapTP('kernel', send, kernelFacade);
 

@@ -24,8 +24,8 @@ describe('makeKernelFacade', () => {
   beforeEach(() => {
     mockKernel = {
       launchSubcluster: vi.fn().mockResolvedValue({
-        body: '#{"status":"ok"}',
-        slots: [],
+        subclusterId: 'sc1',
+        bootstrapRootKref: 'ko1',
       }),
       terminateSubcluster: vi.fn().mockResolvedValue(undefined),
       queueMessage: vi.fn().mockResolvedValue({
@@ -60,16 +60,23 @@ describe('makeKernelFacade', () => {
       expect(mockKernel.launchSubcluster).toHaveBeenCalledTimes(1);
     });
 
-    it('returns result from kernel', async () => {
-      const expectedResult = { body: '#{"rootObject":"ko1"}', slots: ['ko1'] };
+    it('returns result with subclusterId and rootKref from kernel', async () => {
+      const kernelResult = {
+        subclusterId: 's1',
+        bootstrapRootKref: 'ko1',
+      };
       vi.mocked(mockKernel.launchSubcluster).mockResolvedValueOnce(
-        expectedResult,
+        kernelResult,
       );
 
       const config: ClusterConfig = makeClusterConfig();
 
       const result = await facade.launchSubcluster(config);
-      expect(result).toStrictEqual(expectedResult);
+
+      expect(result).toStrictEqual({
+        subclusterId: 's1',
+        rootKref: 'ko1',
+      });
     });
 
     it('propagates errors from kernel', async () => {

@@ -1,7 +1,7 @@
 import { makeDefaultExo } from '@metamask/kernel-utils/exo';
 import type { Kernel, ClusterConfig, KRef, VatId } from '@metamask/ocap-kernel';
 
-import type { KernelFacade } from '../../types.ts';
+import type { KernelFacade, LaunchResult } from '../../types.ts';
 
 export type { KernelFacade } from '../../types.ts';
 
@@ -15,8 +15,10 @@ export function makeKernelFacade(kernel: Kernel): KernelFacade {
   return makeDefaultExo('KernelFacade', {
     ping: async () => 'pong' as const,
 
-    launchSubcluster: async (config: ClusterConfig) => {
-      return kernel.launchSubcluster(config);
+    launchSubcluster: async (config: ClusterConfig): Promise<LaunchResult> => {
+      const { subclusterId, bootstrapRootKref } =
+        await kernel.launchSubcluster(config);
+      return { subclusterId, rootKref: bootstrapRootKref };
     },
 
     terminateSubcluster: async (subclusterId: string) => {
@@ -34,6 +36,12 @@ export function makeKernelFacade(kernel: Kernel): KernelFacade {
     pingVat: async (vatId: VatId) => {
       return kernel.pingVat(vatId);
     },
+
+    getVatRoot: async (krefString: string) => {
+      // Return wrapped kref for future CapTP marshalling to presence
+      // TODO: Enable custom CapTP marshalling tables to convert this to a presence
+      return { kref: krefString };
+    },
   });
 }
 harden(makeKernelFacade);
@@ -3,9 +3,14 @@ import { describe, it, expect, vi } from 'vitest';
 import { launchSubclusterHandler } from './launch-subcluster.ts';
 
 describe('launchSubclusterHandler', () => {
-  it('should call kernel.launchSubcluster with the provided config', async () => {
+  it('calls kernel.launchSubcluster with the provided config', async () => {
+    const mockResult = {
+      subclusterId: 's1',
+      bootstrapRootKref: 'ko1',
+      bootstrapResult: { body: '#null', slots: [] },
+    };
     const mockKernel = {
-      launchSubcluster: vi.fn().mockResolvedValue(undefined),
+      launchSubcluster: vi.fn().mockResolvedValue(mockResult),
     };
     const params = {
       config: {
@@ -20,9 +25,14 @@ describe('launchSubclusterHandler', () => {
     expect(mockKernel.launchSubcluster).toHaveBeenCalledWith(params.config);
   });
 
-  it('should return null when kernel.launchSubcluster returns undefined', async () => {
+  it('returns the result from kernel.launchSubcluster', async () => {
+    const mockResult = {
+      subclusterId: 's1',
+      bootstrapRootKref: 'ko1',
+      bootstrapResult: { body: '#{"result":"ok"}', slots: [] },
+    };
     const mockKernel = {
-      launchSubcluster: vi.fn().mockResolvedValue(undefined),
+      launchSubcluster: vi.fn().mockResolvedValue(mockResult),
     };
     const params = {
       config: {
@@ -34,11 +44,15 @@ describe('launchSubclusterHandler', () => {
       { kernel: mockKernel },
       params,
     );
-    expect(result).toBeNull();
+    expect(result).toStrictEqual(mockResult);
   });
 
-  it('should return the result from kernel.launchSubcluster when not undefined', async () => {
-    const mockResult = { body: 'test', slots: [] };
+  it('converts undefined bootstrapResult to null for JSON compatibility', async () => {
+    const mockResult = {
+      subclusterId: 's1',
+      bootstrapRootKref: 'ko1',
+      bootstrapResult: undefined,
+    };
     const mockKernel = {
       launchSubcluster: vi.fn().mockResolvedValue(mockResult),
     };
@@ -52,6 +66,10 @@ describe('launchSubclusterHandler', () => {
       { kernel: mockKernel },
       params,
     );
-    expect(result).toBe(mockResult);
+    expect(result).toStrictEqual({
+      subclusterId: 's1',
+      bootstrapRootKref: 'ko1',
+      bootstrapResult: null,
+    });
   });
 });