0nmcp 1.7.0 → 2.0.0

package/vault/crypto-container.js

@@ -0,0 +1,278 @@
+// ============================================================
+// 0nMCP — Vault: Container Crypto Primitives
+// ============================================================
+// AES-256-GCM encryption, Argon2id key derivation, X25519 ECDH,
+// Ed25519 signing, SHA3-256 hashing for the 0nVault container.
+//
+// Patent Pending: US Provisional Patent Application #63/990,046
+// "System and Method for Semantically-Layered Encrypted Digital
+//  Business Asset Transfer with Multi-Party Escrow Key Distribution
+//  and Public-Verifiable State Certification"
+// ============================================================
+
+import { randomBytes, createCipheriv, createDecipheriv, randomUUID, pbkdf2Sync } from "crypto";
+import { createRequire } from "module";
+
+const require = createRequire(import.meta.url);
+
+// ── Load optional dependencies ───────────────────────────────
+let naclModule = null;
+let sha3Module = null;
+
+try { naclModule = require("tweetnacl"); } catch {}
+try { sha3Module = require("js-sha3"); } catch {}
+
+function requireNacl() {
+  if (naclModule) return naclModule;
+  throw new Error("tweetnacl package required. Install: npm i tweetnacl");
+}
+
+function requireSha3() {
+  if (sha3Module) return sha3Module;
+  throw new Error("js-sha3 package required. Install: npm i js-sha3");
+}
+
+// ── Constants ────────────────────────────────────────────────
+const ALGORITHM = "aes-256-gcm";
+const KEY_LENGTH = 32;  // 256 bits
+const IV_LENGTH = 12;   // 96 bits (GCM recommended)
+const SALT_LENGTH = 32; // 256 bits
+const TAG_LENGTH = 16;  // 128 bits (GCM auth tag)
+
+// Argon2id parameters for credentials double-encryption
+const ARGON2_MEMORY = 65536;     // 64MB
+const ARGON2_ITERATIONS = 4;
+const ARGON2_PARALLELISM = 2;
+const ARGON2_HASH_LENGTH = 32;   // 256 bits
+
+// ── Key Derivation ───────────────────────────────────────────
+
+/**
+ * Derive key from passphrase using PBKDF2-SHA512.
+ */
+function deriveKeyPBKDF2(passphrase, salt) {
+  return pbkdf2Sync(passphrase, salt, 100000, KEY_LENGTH, "sha512");
+}
+
+/**
+ * Derive key using Argon2id for credentials double-encryption.
+ *
+ * @param {string} passphrase
+ * @param {Buffer} salt
+ * @returns {Promise<Buffer>} 32-byte key
+ */
+export async function deriveKeyArgon2(passphrase, salt) {
+  let argon2;
+  try { argon2 = await import("argon2"); } catch {
+    throw new Error("argon2 package required for credentials layer. Install: npm i argon2");
+  }
+  const mod = argon2.default || argon2;
+  const hash = await mod.hash(passphrase, {
+    type: 2, // argon2id
+    memoryCost: ARGON2_MEMORY,
+    timeCost: ARGON2_ITERATIONS,
+    parallelism: ARGON2_PARALLELISM,
+    hashLength: ARGON2_HASH_LENGTH,
+    salt,
+    raw: true,
+  });
+  return hash;
+}
+
+// ── AES-256-GCM ──────────────────────────────────────────────
+
+/**
+ * Encrypt data with AES-256-GCM using a passphrase-derived key.
+ * Each call generates a unique IV and salt.
+ *
+ * @param {Buffer|string} plaintext - Data to encrypt
+ * @param {string} passphrase - Encryption passphrase
+ * @returns {{ ciphertext: Buffer, iv: Buffer, salt: Buffer, tag: Buffer }}
+ */
+export function encryptAES(plaintext, passphrase) {
+  const salt = randomBytes(SALT_LENGTH);
+  const iv = randomBytes(IV_LENGTH);
+  const key = deriveKeyPBKDF2(passphrase, salt);
+
+  const cipher = createCipheriv(ALGORITHM, key, iv);
+  const data = typeof plaintext === "string" ? Buffer.from(plaintext, "utf8") : plaintext;
+  const encrypted = Buffer.concat([cipher.update(data), cipher.final()]);
+  const tag = cipher.getAuthTag();
+
+  return { ciphertext: encrypted, iv, salt, tag };
+}
+
+/**
+ * Decrypt AES-256-GCM encrypted data.
+ *
+ * @param {Buffer} ciphertext - Encrypted data
+ * @param {string} passphrase - Decryption passphrase
+ * @param {Buffer} iv - Initialization vector
+ * @param {Buffer} salt - PBKDF2 salt
+ * @param {Buffer} tag - GCM auth tag
+ * @returns {Buffer} Decrypted data
+ */
+export function decryptAES(ciphertext, passphrase, iv, salt, tag) {
+  const key = deriveKeyPBKDF2(passphrase, salt);
+  const decipher = createDecipheriv(ALGORITHM, key, iv);
+  decipher.setAuthTag(tag);
+
+  try {
+    return Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+  } catch {
+    throw new Error("Decryption failed — wrong passphrase or corrupted data");
+  }
+}
+
+/**
+ * Encrypt data with a raw 256-bit key (for escrow layer keys).
+ *
+ * @param {Buffer} plaintext - Data to encrypt
+ * @param {Buffer} key - 32-byte AES key
+ * @returns {{ ciphertext: Buffer, iv: Buffer, tag: Buffer }}
+ */
+export function encryptAESRaw(plaintext, key) {
+  const iv = randomBytes(IV_LENGTH);
+  const cipher = createCipheriv(ALGORITHM, key, iv);
+  const encrypted = Buffer.concat([cipher.update(plaintext), cipher.final()]);
+  const tag = cipher.getAuthTag();
+  return { ciphertext: encrypted, iv, tag };
+}
+
+/**
+ * Decrypt with a raw 256-bit key.
+ *
+ * @param {Buffer} ciphertext
+ * @param {Buffer} key - 32-byte AES key
+ * @param {Buffer} iv
+ * @param {Buffer} tag
+ * @returns {Buffer}
+ */
+export function decryptAESRaw(ciphertext, key, iv, tag) {
+  const decipher = createDecipheriv(ALGORITHM, key, iv);
+  decipher.setAuthTag(tag);
+  try {
+    return Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+  } catch {
+    throw new Error("Decryption failed — wrong key or corrupted data");
+  }
+}
+
+// ── Ed25519 Signing ──────────────────────────────────────────
+
+/**
+ * Generate Ed25519 signing keypair.
+ * @returns {{ publicKey: Buffer, secretKey: Buffer }}
+ */
+export function generateSigningKeyPair() {
+  const nacl = requireNacl();
+  const pair = nacl.sign.keyPair();
+  return {
+    publicKey: Buffer.from(pair.publicKey),
+    secretKey: Buffer.from(pair.secretKey),
+  };
+}
+
+/**
+ * Sign data with Ed25519.
+ * @param {Buffer} data - Data to sign
+ * @param {Buffer} secretKey - 64-byte Ed25519 secret key
+ * @returns {Buffer} 64-byte signature
+ */
+export function sign(data, secretKey) {
+  const nacl = requireNacl();
+  const sig = nacl.sign.detached(new Uint8Array(data), new Uint8Array(secretKey));
+  return Buffer.from(sig);
+}
+
+/**
+ * Verify Ed25519 signature.
+ * @param {Buffer} data
+ * @param {Buffer} signature - 64-byte signature
+ * @param {Buffer} publicKey - 32-byte public key
+ * @returns {boolean}
+ */
+export function verifySignature(data, signature, publicKey) {
+  const nacl = requireNacl();
+  return nacl.sign.detached.verify(
+    new Uint8Array(data),
+    new Uint8Array(signature),
+    new Uint8Array(publicKey)
+  );
+}
+
+// ── X25519 ECDH ──────────────────────────────────────────────
+
+/**
+ * Generate X25519 keypair for escrow key exchange.
+ * @returns {{ publicKey: Buffer, secretKey: Buffer }}
+ */
+export function generateEscrowKeyPair() {
+  const nacl = requireNacl();
+  const pair = nacl.box.keyPair();
+  return {
+    publicKey: Buffer.from(pair.publicKey),
+    secretKey: Buffer.from(pair.secretKey),
+  };
+}
+
+/**
+ * Compute shared secret via X25519 ECDH.
+ * @param {Buffer} mySecretKey - 32-byte secret key
+ * @param {Buffer} theirPublicKey - 32-byte public key
+ * @returns {Buffer} 32-byte shared secret
+ */
+export function computeSharedSecret(mySecretKey, theirPublicKey) {
+  const nacl = requireNacl();
+  const shared = nacl.box.before(
+    new Uint8Array(theirPublicKey),
+    new Uint8Array(mySecretKey)
+  );
+  return Buffer.from(shared);
+}
+
+// ── SHA3-256 ─────────────────────────────────────────────────
+
+/**
+ * Compute SHA3-256 hash.
+ * @param {Buffer|string} data
+ * @returns {Buffer} 32-byte hash
+ */
+export function sha3(data) {
+  const sha3Lib = requireSha3();
+  const input = typeof data === "string" ? data : new Uint8Array(data);
+  const hash = sha3Lib.sha3_256.create().update(input).digest();
+  return Buffer.from(hash);
+}
+
+/**
+ * Compute SHA3-256 hash and return hex string.
+ * @param {Buffer|string} data
+ * @returns {string} 64-char hex hash
+ */
+export function sha3Hex(data) {
+  return sha3(data).toString("hex");
+}
+
+// ── UUID ─────────────────────────────────────────────────────
+
+/**
+ * Generate a UUID v4 transfer ID.
+ * @returns {string}
+ */
+export function generateTransferId() {
+  return randomUUID();
+}
+
+// ── Exports ──────────────────────────────────────────────────
+export {
+  ALGORITHM,
+  KEY_LENGTH,
+  IV_LENGTH,
+  SALT_LENGTH,
+  TAG_LENGTH,
+  ARGON2_MEMORY,
+  ARGON2_ITERATIONS,
+  ARGON2_PARALLELISM,
+  ARGON2_HASH_LENGTH,
+};

package/vault/escrow.js

@@ -0,0 +1,227 @@
+// ============================================================
+// 0nMCP — Vault: Multi-Party Escrow System
+// ============================================================
+// X25519 ECDH key agreement for up to 8 escrow parties.
+// Each party receives encrypted shares for only the layers
+// they're authorized to access via the access matrix.
+//
+// Patent Pending: US Provisional Patent Application #63/990,046
+// ============================================================
+
+import { randomBytes } from "crypto";
+import {
+  generateEscrowKeyPair,
+  computeSharedSecret,
+  encryptAESRaw,
+  decryptAESRaw,
+  KEY_LENGTH,
+} from "./crypto-container.js";
+import { LAYER_NAMES, isValidLayer } from "./layers.js";
+
+const MAX_PARTIES = 8;
+
+/**
+ * Generate escrow keypair for a party.
+ *
+ * @returns {{ publicKey: Buffer, secretKey: Buffer, partyId: string }}
+ */
+export function generatePartyKeys() {
+  const pair = generateEscrowKeyPair();
+  const partyId = randomBytes(8).toString("hex");
+  return { ...pair, partyId };
+}
+
+/**
+ * Create per-layer encryption keys (one random 256-bit key per layer).
+ *
+ * @returns {Map<string, Buffer>} layerName → 32-byte AES key
+ */
+export function generateLayerKeys() {
+  const keys = new Map();
+  for (const name of LAYER_NAMES) {
+    keys.set(name, randomBytes(KEY_LENGTH));
+  }
+  return keys;
+}
+
+/**
+ * Create escrow shares for each party based on access matrix.
+ * Each party's share is encrypted with a shared secret derived via X25519.
+ *
+ * @param {Map<string, Buffer>} layerKeys - Per-layer encryption keys
+ * @param {Buffer} creatorSecretKey - Creator's X25519 secret key
+ * @param {Array<{ partyId: string, publicKey: Buffer }>} parties - Escrow parties
+ * @param {Object<string, Object<string, boolean>>} accessMatrix - Per-party, per-layer access
+ * @returns {Array<{ partyId: string, encryptedShare: Buffer, iv: Buffer, tag: Buffer, authorizedLayers: string[] }>}
+ */
+export function createEscrowShares(layerKeys, creatorSecretKey, parties, accessMatrix) {
+  if (parties.length > MAX_PARTIES) {
+    throw new Error(`Maximum ${MAX_PARTIES} escrow parties allowed`);
+  }
+
+  const shares = [];
+
+  for (const party of parties) {
+    const partyAccess = accessMatrix[party.partyId];
+    if (!partyAccess) {
+      throw new Error(`No access matrix entry for party: ${party.partyId}`);
+    }
+
+    // Collect only the layer keys this party is authorized for
+    const authorizedLayers = [];
+    const shareData = {};
+
+    for (const [layerName, hasAccess] of Object.entries(partyAccess)) {
+      if (hasAccess && layerKeys.has(layerName)) {
+        authorizedLayers.push(layerName);
+        shareData[layerName] = layerKeys.get(layerName).toString("base64");
+      }
+    }
+
+    if (authorizedLayers.length === 0) {
+      continue; // Skip parties with no access
+    }
+
+    // Compute shared secret via X25519
+    const sharedSecret = computeSharedSecret(creatorSecretKey, party.publicKey);
+
+    // Encrypt the share data with the shared secret
+    const plaintext = Buffer.from(JSON.stringify(shareData), "utf8");
+    const { ciphertext, iv, tag } = encryptAESRaw(plaintext, sharedSecret);
+
+    shares.push({
+      partyId: party.partyId,
+      encryptedShare: ciphertext,
+      iv,
+      tag,
+      authorizedLayers,
+    });
+  }
+
+  return shares;
+}
+
+/**
+ * Unwrap an escrow share using a party's secret key.
+ *
+ * @param {{ encryptedShare: Buffer, iv: Buffer, tag: Buffer }} share - Encrypted share
+ * @param {Buffer} partySecretKey - Party's X25519 secret key
+ * @param {Buffer} creatorPublicKey - Creator's X25519 public key
+ * @returns {Object<string, Buffer>} layerName → decrypted AES key
+ */
+export function unwrapEscrowShare(share, partySecretKey, creatorPublicKey) {
+  // Compute shared secret via X25519 (reverse direction)
+  const sharedSecret = computeSharedSecret(partySecretKey, creatorPublicKey);
+
+  // Decrypt the share
+  const decrypted = decryptAESRaw(share.encryptedShare, sharedSecret, share.iv, share.tag);
+  const shareData = JSON.parse(decrypted.toString("utf8"));
+
+  // Convert base64 keys back to Buffers
+  const layerKeys = {};
+  for (const [layerName, keyB64] of Object.entries(shareData)) {
+    layerKeys[layerName] = Buffer.from(keyB64, "base64");
+  }
+
+  return layerKeys;
+}
+
+/**
+ * Serialize escrow block for binary container format.
+ *
+ * @param {Array} shares - Escrow shares from createEscrowShares
+ * @param {Buffer} creatorPublicKey - Creator's X25519 public key (for unwrap)
+ * @returns {Buffer} Serialized escrow block
+ */
+export function serializeEscrowBlock(shares, creatorPublicKey) {
+  const parts = [];
+
+  // Party count (1 byte)
+  const countBuf = Buffer.alloc(1);
+  countBuf.writeUInt8(shares.length);
+  parts.push(countBuf);
+
+  // Creator escrow public key (32 bytes)
+  parts.push(creatorPublicKey);
+
+  for (const share of shares) {
+    // Party ID length (1 byte) + Party ID
+    const partyIdBuf = Buffer.from(share.partyId, "utf8");
+    const partyIdLen = Buffer.alloc(1);
+    partyIdLen.writeUInt8(partyIdBuf.length);
+    parts.push(partyIdLen, partyIdBuf);
+
+    // Authorized layer count (1 byte) + layer indices
+    const layerCount = Buffer.alloc(1);
+    layerCount.writeUInt8(share.authorizedLayers.length);
+    parts.push(layerCount);
+
+    for (const layerName of share.authorizedLayers) {
+      const idx = Buffer.alloc(1);
+      idx.writeUInt8(LAYER_NAMES.indexOf(layerName));
+      parts.push(idx);
+    }
+
+    // IV (12 bytes) + Tag (16 bytes) + Share length (4 bytes) + Share ciphertext
+    parts.push(share.iv);
+    parts.push(share.tag);
+
+    const shareLen = Buffer.alloc(4);
+    shareLen.writeUInt32BE(share.encryptedShare.length);
+    parts.push(shareLen, share.encryptedShare);
+  }
+
+  return Buffer.concat(parts);
+}
+
+/**
+ * Deserialize escrow block from binary.
+ *
+ * @param {Buffer} data - Serialized escrow block
+ * @returns {{ creatorPublicKey: Buffer, shares: Array }}
+ */
+export function deserializeEscrowBlock(data) {
+  let offset = 0;
+
+  const partyCount = data.readUInt8(offset);
+  offset += 1;
+
+  const creatorPublicKey = data.subarray(offset, offset + 32);
+  offset += 32;
+
+  const shares = [];
+
+  for (let i = 0; i < partyCount; i++) {
+    // Party ID
+    const partyIdLen = data.readUInt8(offset);
+    offset += 1;
+    const partyId = data.subarray(offset, offset + partyIdLen).toString("utf8");
+    offset += partyIdLen;
+
+    // Authorized layers
+    const layerCount = data.readUInt8(offset);
+    offset += 1;
+    const authorizedLayers = [];
+    for (let j = 0; j < layerCount; j++) {
+      const idx = data.readUInt8(offset);
+      offset += 1;
+      authorizedLayers.push(LAYER_NAMES[idx]);
+    }
+
+    // IV (12) + Tag (16) + Share
+    const iv = data.subarray(offset, offset + 12);
+    offset += 12;
+    const tag = data.subarray(offset, offset + 16);
+    offset += 16;
+    const shareLen = data.readUInt32BE(offset);
+    offset += 4;
+    const encryptedShare = data.subarray(offset, offset + shareLen);
+    offset += shareLen;
+
+    shares.push({ partyId, authorizedLayers, encryptedShare, iv, tag });
+  }
+
+  return { creatorPublicKey, shares };
+}
+
+export { MAX_PARTIES };