On March 31, 2026, Anthropic accidentally shipped Claude Code v2.1.88 with a 59.8 MB JavaScript source map file that reconstructs 512,000 lines of TypeScript. The leak is real, verified by VentureBeat, ArsTechnica, and dev.to.
How a $2.5B Product Leaked by Accident: Chaofan Shou noticed a .map file in the Claude Code npm package. These debug files shouldn't ship to production. He decompiled it and reconstructed the entire codebase within hours. Within hours, it was mirrored on GitHub thousands of times.
The Three Biggest Discoveries:
1. Strict Write Discipline Memory Architecture - The leaked source reveals how Claude Code avoids hallucinating in long sessions. It uses three layers: MEMORY.md (lightweight index file), Topic files (actual knowledge fetched on-demand), and Transcripts (grep-only). Key insight: The agent treats its own memory as hints, not gospel. For competitors, this is the blueprint they needed.
2. KAIROS: The Always-On Daemon - KAIROS is mentioned 150+ times in the source. It represents a fundamental shift in how Claude Code works. KAIROS lets Claude Code run as a background daemon. When idle, it performs autoDream - memory consolidation that merges observations, removes contradictions, and converts insights into facts. Status: Unreleased but clearly ready.
3. Undercover Mode - Stealth AI Contributions - A system prompt tells Claude Code to operate UNDERCOVER in public repositories: You are operating UNDERCOVER... Do not blow your cover. This means Anthropic has been using Claude Code to contribute to open-source without disclosing AI involvement.
Why This Matters: The playing field just leveled. Competitors have a blueprint. Bad actors know the defenses. The race just got more interesting.