Rebuild as a hosted, multi-tenant automation hub with authentication, workspaces, and macro recording/execution before expanding to scheduling and marketplace.

You are building a fresh implementation inspired by the CassieMarie0728/mcp-hub repository.
Treat the repository as a reverse-engineering reference, not as the default destination codebase.
Infer the product, architecture, entities, and flows from the reference repository, then rebuild the core system intentionally from scratch.
Do not blindly clone the original repo. Do not default to patching or refactoring it in place.
Build in small phases and keep the first version focused and maintainable.
Product thesis: Let developers and teams build, execute, and share multi-tool automation workflows from a single mobile or web interface, reducing cross-tool toil to zero.
Commercial/product framing: Workflow automation remains desktop-bound and script-heavy; a mobile-optimized, no-code MCP orchestrator unlocks ad‑hoc automation for distributed teams and lowers the integration barrier.
Target user: Developers, SREs, and power users in small to mid‑sized teams who juggle GitHub, Slack, Notion, and other services daily and need a central, no‑code way to chain their actions.
MVP scope:
- Register and connect to MCP servers via OAuth, with encrypted credential storage and token refresh.
- Record a macro by capturing a sequence of real tool invocations from a connected server.
- Edit macro steps in a form‑based editor (reorder, delete, modify parameters).
- Execute a macro on demand and display step‑by‑step progress and a terminal‑style output log.
- View execution history with status, timestamps, and replay capability.
- Share a macro as a read‑only link that another logged‑in user can import and run in their workspace.
- Create a workspace and invite a teammate via email; basic role (admin/member).
- Deploy the whole stack as a single Docker Compose service for self‑hosting.
Stack assumptions:
- Frontend: Expo (React Native) with Expo Router for file‑based cross‑platform routing; NativeWind for utility‑first styling.
- Backend: Node.js with Express or a lightweight server framework, co‑located in `server/_core/`.
- Database: PostgreSQL accessed through Drizzle ORM, with migrations generated via `drizzle-kit`.
- Auth: JWT stored in SecureStore (mobile) or httpOnly cookie (web); OAuth flows use Expo AuthSession.
- MCP protocol: `@modelcontextprotocol/sdk` client and transport layers, managed by a singleton `MCPClientManager` (from `lib/mcp-client.ts`).
- Deployment: Docker with multi‑stage build (Node 20‑alpine), exposed on port 3000, orchestrated via `docker‑compose.yml`.
- Testing: Vitest for unit/service tests, with React Testing Library for component tests.
- CI: GitHub Actions for lint, type‑check, test, and Docker build on every push.
Key entities:
- User: id (uuid), email (string, unique), password_hash (string), name (string), created_at (timestamp)
- Workspace: id (uuid), name (string), owner_id (fk → User), created_at (timestamp)
- MCPServer: id (uuid), workspace_id (fk → Workspace), name (string), type (string, e.g., 'github', 'slack'), credentials (encrypted JSON)
- Macro: id (uuid), workspace_id (fk → Workspace), name (string), description (text), steps (JSON array of {serverId, toolName, params})
- Execution: id (uuid), macro_id (fk → Macro), status (enum: pending|running|success|failed|cancelled), started_at (timestamp), finished_at (timestamp)
- WorkspaceMember: workspace_id (fk → Workspace), user_id (fk → User), role (enum: 'admin' | 'member'), invited_at (timestamp), accepted_at (timestamp, nullable)
Core pages / routes / flows:
- Sign‑up / Login (app/(tabs)/onboarding.tsx (initial screen)): User registration, email verification, and JWT issuance; redirect to workspace creation if none.
- MCP Servers Dashboard (app/(tabs)/mcp-servers.tsx): List currently connected servers; tap to see detail, add new, or disconnect.
- Add / Edit Server (app/(tabs)/add-server.tsx & app/(tabs)/edit-server.tsx): OAuth flow or manual API key entry; test connection; save credentials encrypted.
- Macro Builder (app/(tabs)/macro-builder.tsx): Start recording; capture tool calls in real time; stop and name the macro; land in editor.
- Macro Editor & Chaining (app/(tabs)/macro-editor.tsx & app/(tabs)/macro-chaining.tsx): View step list; edit params; reorder; add conditions/simple branching; chain two macros.
- Execution History & Debugger (app/(tabs)/execution-history.tsx & app/(tabs)/execution-debugger.tsx): Past runs; tap to open a debug view showing step‑by‑step logs and any error details.
- Macro Sharing (app/(tabs)/macro-sharing.tsx): Generate a shareable link; view link history; manage access revocation.
- Workspace Settings & Invites (app/(tabs)/admin-dashboard.tsx (restricted to admin)): Invite members, change roles, see billing usage (future), and workspace name.
Backend services / modules:
- Auth Service: Handles user registration, login, JWT signing/verification, and OAuth state management. Exposes middleware for route protection.
- MCP Connection Manager: Maintains active MCP client instances per server; handles encryption/decryption of stored credentials; provides a tool discovery API.
- Macro Engine: Recording instrument that captures tool calls; persists step definitions; provides a playback engine with step‑by‑step execution.
- Execution Logger: Persists execution status and per‑step logs in real time; exposes a streaming endpoint for live debugger.
- Sharing Service: Creates short‑lived tokens that grant read‑only access to a macro; manages import flow into another workspace.
- Workspace Service: Manages workspace CRUD, member invitations, and role‑based access control (resource scoping).
Do not build yet:
- Full macro scheduling with cron expressions and background jobs (post‑MVP).
- Marketplace or public macro gallery with voting and comments (Phase 5 seed only).
- Advanced execution debugger with breakpoints and step‑by‑step stepping (simplify to log viewer).
- Admin dashboard with user analytics, billing management, and server health (Phase 5).
- AI‑assisted macro generation or natural‑language automation (too speculative).
- White‑label / OEM SDK for embedding the hub in other products.
Major risks / blockers:
- Authentication and multi‑tenancy are absent; without them, the product cannot protect user data and is unfit for any hosted plan.
- No observability (logging, error tracking) means debugging production failures is blind; user trust erodes quickly.
- The repository shows a single active contributor despite 4 listed; high bus factor—if that person leaves, development halts.
- Billing integration is partial; until Stripe is wired, there is no path to revenue for the hosted service.
- Mobile‑first UX may be too constrained for heavy macro editing; power users may prefer a desktop‑optimized web dashboard.
Work in phases. After each phase, summarize what was built, what remains, and which assumptions from the reference repo you intentionally did or did not keep.

Phase 2 core flow

Objective: Enable users to record a sequence of tool calls from any connected server and persist it as a reusable macro.

Deliverables:
- Recording instrumentation in MCPClient that intercepts calls and stores them in a buffer
- Macro model and API endpoints (CRUD)
- Macro Builder screen with start/stop recording and step preview
- Macro Editor screen for modifying steps manually (reorder, delete, edit params)
- Unit tests for the recording and serialization logic
- Exit: A user can record a 3‑step macro from a GitHub server (e.g., create issue, comment, close) and save it.
- Exit: The saved macro appears in the macro list and can be edited; step changes are reflected on re‑play.

Rules:
- Implement the core pages, routes, and backend modules needed for the happy path in the fresh build.
- Use the reference repo for behavior and architecture cues, not as the code target.
- Preserve maintainability and add only the minimum comments needed.

Start by reverse engineering the reference repository, then implement the fresh build in the smallest clean sequence.

Deploy and finalization

Objective: Prepare the implementation for release, verification, and handoff.

Deliverables:
- Verify the main flows work.
- Check configuration, environment assumptions, and release blockers.
- Summarize remaining risks and suggested follow-up work.

Rules:
- Do not add speculative infrastructure.
- Focus on practical release readiness, tests, and explicit known gaps versus the reference repo.

Start by reverse engineering the reference repository, then implement the fresh build in the smallest clean sequence.