Summary
On Windows, the keytar native module shipped in the VSIX
(dist/node_modules/keytar/build/Release/keytar.node) is a Linux ELF binary,
not a Windows PE. Neither VS Code (Electron) nor the daemon can load it, so the
vault can never be sealed/unsealed and every login stays Anonymous.
Environment
- OS: Windows 11 x64
- Extension:
nskha.perplexity-vscode 0.8.53
- Runtimes affected: VS Code Electron (
ELECTRON_RUN_AS_NODE) and standalone Node v22
- Bundled keytar version: 7.9.0
Symptoms
Code.exe - Bad Image dialog:
...\dist\node_modules\keytar\build\Release\keytar.node is either not designed to run on Windows or it contains an error ... Error status 0xc000012f.
daemon.log: [vault] getSavedCookies failed ... Vault locked: no keychain, no env var, no TTY
daemon-status.json: authenticated: false, tier: Anonymous
Perplexity: Login runs but the vault is never persisted (or cannot be unsealed),
so perplexity_reason / perplexity_research etc. return "requires an
authenticated Pro account".
Root cause (verified by binary header inspection)
keytar.node starts with 7F 45 4C 46 (\x7FELF, Linux). A Windows binary
must start with 4D 5A (MZ, PE). 0xc000012f = STATUS_IMAGE_CHECKSUM_MISMATCH,
i.e. the OS loader rejects the wrong-platform image.
- For contrast, the bundled ngrok native module IS packaged per-platform
correctly (a valid ngrok.win32-x64-msvc.node with an MZ header exists in the
same VSIX). Only keytar is Linux-only.
Workaround that fully resolves it
Swapping in the official Windows prebuild of the same keytar version fixes everything:
- Download
keytar-v7.9.0-napi-v3-win32-x64.tar.gz from the atom/node-keytar
releases and extract build/Release/keytar.node (valid Windows PE, N-API v3).
- Replace the ELF
keytar.node in the extension with it.
- Restart the daemon and run
Perplexity: Login.
After this, keytar loads under both standalone Node v22 and VS Code's Electron
runtime, the vault seals via Windows Credential Manager, and the daemon reports
tier: Pro. All tools work.
(The PERPLEXITY_DISABLE_KEYCHAIN + PERPLEXITY_VAULT_PASSPHRASE fallback is also a
valid workaround, but the packaging fix is the clean solution.)
Suggested fix
Bundle the correct per-platform keytar prebuild(s) in the VSIX (win32-x64 at
minimum; ideally win32-arm64 + darwin + linux), the same way ngrok is already
bundled. The current Windows package appears to contain only the Linux keytar build.
Summary
On Windows, the
keytarnative module shipped in the VSIX(
dist/node_modules/keytar/build/Release/keytar.node) is a Linux ELF binary,not a Windows PE. Neither VS Code (Electron) nor the daemon can load it, so the
vault can never be sealed/unsealed and every login stays Anonymous.
Environment
nskha.perplexity-vscode0.8.53ELECTRON_RUN_AS_NODE) and standalone Node v22Symptoms
Code.exe - Bad Imagedialog:...\dist\node_modules\keytar\build\Release\keytar.node is either not designed to run on Windows or it contains an error ... Error status 0xc000012f.daemon.log:[vault] getSavedCookies failed ... Vault locked: no keychain, no env var, no TTYdaemon-status.json:authenticated: false, tier: AnonymousPerplexity: Loginruns but the vault is never persisted (or cannot be unsealed),so
perplexity_reason/perplexity_researchetc. return "requires anauthenticated Pro account".
Root cause (verified by binary header inspection)
keytar.nodestarts with7F 45 4C 46(\x7FELF, Linux). A Windows binarymust start with
4D 5A(MZ, PE).0xc000012f= STATUS_IMAGE_CHECKSUM_MISMATCH,i.e. the OS loader rejects the wrong-platform image.
correctly (a valid
ngrok.win32-x64-msvc.nodewith anMZheader exists in thesame VSIX). Only
keytaris Linux-only.Workaround that fully resolves it
Swapping in the official Windows prebuild of the same keytar version fixes everything:
keytar-v7.9.0-napi-v3-win32-x64.tar.gzfrom the atom/node-keytarreleases and extract
build/Release/keytar.node(valid Windows PE, N-API v3).keytar.nodein the extension with it.Perplexity: Login.After this, keytar loads under both standalone Node v22 and VS Code's Electron
runtime, the vault seals via Windows Credential Manager, and the daemon reports
tier: Pro. All tools work.(The
PERPLEXITY_DISABLE_KEYCHAIN+PERPLEXITY_VAULT_PASSPHRASEfallback is also avalid workaround, but the packaging fix is the clean solution.)
Suggested fix
Bundle the correct per-platform keytar prebuild(s) in the VSIX (win32-x64 at
minimum; ideally win32-arm64 + darwin + linux), the same way ngrok is already
bundled. The current Windows package appears to contain only the Linux keytar build.