M3 probe: non-streamed write transaction reachable over 2023 R2 gRPC (Begin/End live-verified)

The D2 storage-engine-pipe wall is WCF-transport-specific. On the 2023 R2 gRPC
front door, TransactionService is a first-class service AND the gateway to the
storage engine, so the Open2 storage-session GUID (uppercase) is accepted
directly as strHandle with no legacy pipe.

Live-verified against the real 2023 R2 server over a write-enabled (0x401) gRPC
session: AddNonStreamValuesBegin returns a real strTransactionId, and
AddNonStreamValuesEnd(bCommit=false) discards it cleanly (no data written). On
2020 WCF the same op returns UnknownClient(51) for every handle + priming chain.

- HistorianGrpcRevisionProbe + grpc-revision-probe CLI command + gated test
  NonStreamedWriteTransaction_OverGrpc_BeginsAndDiscards (live pass).
- HistorianGrpcHandshake.OpenSession gains an optional connectionMode param
  (default read-only 0x402; pass 0x401 for write-enabled) — non-breaking.
- Docs: revision-write-path.md "the wall is gone" section; roadmap M3 section,
  R3.1-R3.3 rows, one-glance table, and status note updated honestly.

Not yet shipped: the AddNonStreamValues btInput VTQ buffer is uncaptured (never
guess wire bytes), so no value-commit is implemented. Scope is non-streamed
ORIGINAL backfill; revision EDITS (R4.2) remain pipe-only even on gRPC.

272 unit tests pass; sanitization scan clean.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01B6mcaT2PjRFKcogzp9UkfC

tools/AVEVA.Historian.ReverseEngineering/Program.cs

@@ -13,6 +13,8 @@ using System.Runtime.Versioning;
 using System.Text;
 using System.Text.Json;
 using AVEVA.Historian.Client;
+using AVEVA.Historian.Client.Grpc;
+using AVEVA.Historian.Client.Models;
 using AVEVA.Historian.Client.Wcf;
 using AVEVA.Historian.Client.Wcf.Contracts;
 using AVEVA.Historian.ReverseEngineering.Capture;
@@ -72,6 +74,7 @@ try
         "wcf-register-event-tag" => RegisterEventTagAndStartQuery(args),
         "wcf-add-event-tag" => AddEventTagAndStartQuery(args),
         "capture-tag-info" => CaptureTagInfo(args),
+        "grpc-revision-probe" => ProbeGrpcRevision(args),
         _ => UnknownCommand(args[0])
     };
 }
@@ -3209,6 +3212,41 @@ static int WriteMarker(string[] args)
     return 0;
 }
 
+static int ProbeGrpcRevision(string[] args)
+{
+    // Usage: grpc-revision-probe <host> [port] [--tls] [--dnsid <name>] [--insecure-cert]
+    // Reads HISTORIAN_USER / HISTORIAN_PASSWORD from the environment for explicit creds;
+    // falls back to IntegratedSecurity when unset.
+    string host = args.Length > 1 ? args[1] : "localhost";
+    int port = args.Length > 2 && int.TryParse(args[2], out int parsedPort)
+        ? parsedPort
+        : HistorianClientOptions.DefaultGrpcPort;
+    bool tls = HasOption(args, "--tls");
+    string? dnsId = GetOption(args, "--dnsid");
+
+    string? user = Environment.GetEnvironmentVariable("HISTORIAN_USER");
+    string? password = Environment.GetEnvironmentVariable("HISTORIAN_PASSWORD");
+    bool explicitCreds = !string.IsNullOrEmpty(user);
+
+    var options = new HistorianClientOptions
+    {
+        Host = host,
+        Port = port,
+        Transport = HistorianTransport.RemoteGrpc,
+        GrpcUseTls = tls,
+        AllowUntrustedServerCertificate = tls,
+        ServerDnsIdentity = dnsId,
+        IntegratedSecurity = !explicitCreds,
+        UserName = user ?? string.Empty,
+        Password = password ?? string.Empty,
+    };
+
+    var probe = new HistorianGrpcRevisionProbe(options);
+    HistorianGrpcRevisionProbeResult result = probe.ProbeBeginAsync(CancellationToken.None).GetAwaiter().GetResult();
+    Console.WriteLine(JsonSerializer.Serialize(result, CreateJsonOptions()));
+    return result.BeginSucceeded ? 0 : 2;
+}
+
 static int ProbeWcf(string[] args)
 {
     string host = args.Length > 1 ? args[1] : "localhost";