@a0n/aeon 5.0.1

package/dist/distributed/index.js

@@ -0,0 +1,2580 @@
+import { EventEmitter } from 'eventemitter3';
+
+// src/distributed/SyncCoordinator.ts
+
+// src/utils/logger.ts
+var consoleLogger = {
+  debug: (...args) => {
+    console.debug("[AEON:DEBUG]", ...args);
+  },
+  info: (...args) => {
+    console.info("[AEON:INFO]", ...args);
+  },
+  warn: (...args) => {
+    console.warn("[AEON:WARN]", ...args);
+  },
+  error: (...args) => {
+    console.error("[AEON:ERROR]", ...args);
+  }
+};
+var currentLogger = consoleLogger;
+function getLogger() {
+  return currentLogger;
+}
+var logger = {
+  debug: (...args) => getLogger().debug(...args),
+  info: (...args) => getLogger().info(...args),
+  warn: (...args) => getLogger().warn(...args),
+  error: (...args) => getLogger().error(...args)
+};
+
+// src/distributed/SyncCoordinator.ts
+var SyncCoordinator = class _SyncCoordinator extends EventEmitter {
+  static MAX_SYNC_EVENTS = 1e4;
+  nodes = /* @__PURE__ */ new Map();
+  sessions = /* @__PURE__ */ new Map();
+  syncEvents = [];
+  nodeHeartbeats = /* @__PURE__ */ new Map();
+  heartbeatInterval = null;
+  // Crypto support
+  cryptoProvider = null;
+  nodesByDID = /* @__PURE__ */ new Map();
+  // DID -> nodeId
+  constructor() {
+    super();
+  }
+  addSyncEvent(event) {
+    this.syncEvents.push(event);
+    if (this.syncEvents.length > _SyncCoordinator.MAX_SYNC_EVENTS) {
+      this.syncEvents = this.syncEvents.slice(-_SyncCoordinator.MAX_SYNC_EVENTS);
+    }
+  }
+  /**
+   * Configure cryptographic provider for authenticated sync
+   */
+  configureCrypto(provider) {
+    this.cryptoProvider = provider;
+    logger.debug("[SyncCoordinator] Crypto configured", {
+      initialized: provider.isInitialized()
+    });
+  }
+  /**
+   * Check if crypto is configured
+   */
+  isCryptoEnabled() {
+    return this.cryptoProvider !== null && this.cryptoProvider.isInitialized();
+  }
+  /**
+   * Register a node with DID-based identity
+   */
+  async registerAuthenticatedNode(nodeInfo) {
+    const node = {
+      ...nodeInfo
+    };
+    this.nodes.set(node.id, node);
+    this.nodeHeartbeats.set(node.id, Date.now());
+    this.nodesByDID.set(nodeInfo.did, node.id);
+    if (this.cryptoProvider) {
+      await this.cryptoProvider.registerRemoteNode({
+        id: node.id,
+        did: nodeInfo.did,
+        publicSigningKey: nodeInfo.publicSigningKey,
+        publicEncryptionKey: nodeInfo.publicEncryptionKey
+      });
+    }
+    const event = {
+      type: "node-joined",
+      nodeId: node.id,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      data: { did: nodeInfo.did, authenticated: true }
+    };
+    this.addSyncEvent(event);
+    this.emit("node-joined", node);
+    logger.debug("[SyncCoordinator] Authenticated node registered", {
+      nodeId: node.id,
+      did: nodeInfo.did,
+      version: node.version
+    });
+    return node;
+  }
+  /**
+   * Get node by DID
+   */
+  getNodeByDID(did) {
+    const nodeId = this.nodesByDID.get(did);
+    if (!nodeId) return void 0;
+    return this.nodes.get(nodeId);
+  }
+  /**
+   * Get all authenticated nodes (nodes with DIDs)
+   */
+  getAuthenticatedNodes() {
+    return Array.from(this.nodes.values()).filter((n) => n.did);
+  }
+  /**
+   * Create an authenticated sync session with UCAN-based authorization
+   */
+  async createAuthenticatedSyncSession(initiatorDID, participantDIDs, options) {
+    const initiatorNodeId = this.nodesByDID.get(initiatorDID);
+    if (!initiatorNodeId) {
+      throw new Error(`Initiator node with DID ${initiatorDID} not found`);
+    }
+    const participantIds = [];
+    for (const did of participantDIDs) {
+      const nodeId = this.nodesByDID.get(did);
+      if (nodeId) {
+        participantIds.push(nodeId);
+      }
+    }
+    let sessionToken;
+    if (this.cryptoProvider && this.cryptoProvider.isInitialized()) {
+      const capabilities = (options?.requiredCapabilities || ["aeon:sync:read", "aeon:sync:write"]).map((cap) => ({ can: cap, with: "*" }));
+      if (participantDIDs.length > 0) {
+        sessionToken = await this.cryptoProvider.createUCAN(
+          participantDIDs[0],
+          capabilities,
+          { expirationSeconds: 3600 }
+          // 1 hour
+        );
+      }
+    }
+    const session = {
+      id: `sync-${Date.now()}-${Math.random().toString(36).slice(2)}`,
+      initiatorId: initiatorNodeId,
+      participantIds,
+      status: "pending",
+      startTime: (/* @__PURE__ */ new Date()).toISOString(),
+      itemsSynced: 0,
+      itemsFailed: 0,
+      conflictsDetected: 0,
+      initiatorDID,
+      participantDIDs,
+      encryptionMode: options?.encryptionMode || "none",
+      requiredCapabilities: options?.requiredCapabilities,
+      sessionToken
+    };
+    this.sessions.set(session.id, session);
+    const event = {
+      type: "sync-started",
+      sessionId: session.id,
+      nodeId: initiatorNodeId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      data: {
+        authenticated: true,
+        initiatorDID,
+        participantCount: participantDIDs.length,
+        encryptionMode: session.encryptionMode
+      }
+    };
+    this.addSyncEvent(event);
+    this.emit("sync-started", session);
+    logger.debug("[SyncCoordinator] Authenticated sync session created", {
+      sessionId: session.id,
+      initiatorDID,
+      participants: participantDIDs.length,
+      encryptionMode: session.encryptionMode
+    });
+    return session;
+  }
+  /**
+   * Verify a node's UCAN capabilities for a session
+   */
+  async verifyNodeCapabilities(sessionId, nodeDID, token) {
+    if (!this.cryptoProvider) {
+      return { authorized: true };
+    }
+    const session = this.sessions.get(sessionId);
+    if (!session) {
+      return { authorized: false, error: `Session ${sessionId} not found` };
+    }
+    const result = await this.cryptoProvider.verifyUCAN(token, {
+      requiredCapabilities: session.requiredCapabilities?.map((cap) => ({
+        can: cap,
+        with: "*"
+      }))
+    });
+    if (!result.authorized) {
+      logger.warn("[SyncCoordinator] Node capability verification failed", {
+        sessionId,
+        nodeDID,
+        error: result.error
+      });
+    }
+    return result;
+  }
+  /**
+   * Register a node in the cluster
+   */
+  registerNode(node) {
+    this.nodes.set(node.id, node);
+    this.nodeHeartbeats.set(node.id, Date.now());
+    const event = {
+      type: "node-joined",
+      nodeId: node.id,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.addSyncEvent(event);
+    this.emit("node-joined", node);
+    logger.debug("[SyncCoordinator] Node registered", {
+      nodeId: node.id,
+      address: node.address,
+      version: node.version
+    });
+  }
+  /**
+   * Deregister a node from the cluster
+   */
+  deregisterNode(nodeId) {
+    const node = this.nodes.get(nodeId);
+    if (!node) {
+      throw new Error(`Node ${nodeId} not found`);
+    }
+    this.nodes.delete(nodeId);
+    this.nodeHeartbeats.delete(nodeId);
+    const event = {
+      type: "node-left",
+      nodeId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.addSyncEvent(event);
+    this.emit("node-left", node);
+    logger.debug("[SyncCoordinator] Node deregistered", { nodeId });
+  }
+  /**
+   * Create a new sync session
+   */
+  createSyncSession(initiatorId, participantIds) {
+    const node = this.nodes.get(initiatorId);
+    if (!node) {
+      throw new Error(`Initiator node ${initiatorId} not found`);
+    }
+    const session = {
+      id: `sync-${Date.now()}-${Math.random().toString(36).slice(2)}`,
+      initiatorId,
+      participantIds,
+      status: "pending",
+      startTime: (/* @__PURE__ */ new Date()).toISOString(),
+      itemsSynced: 0,
+      itemsFailed: 0,
+      conflictsDetected: 0
+    };
+    this.sessions.set(session.id, session);
+    const event = {
+      type: "sync-started",
+      sessionId: session.id,
+      nodeId: initiatorId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.addSyncEvent(event);
+    this.emit("sync-started", session);
+    logger.debug("[SyncCoordinator] Sync session created", {
+      sessionId: session.id,
+      initiator: initiatorId,
+      participants: participantIds.length
+    });
+    return session;
+  }
+  /**
+   * Update sync session
+   */
+  updateSyncSession(sessionId, updates) {
+    const session = this.sessions.get(sessionId);
+    if (!session) {
+      throw new Error(`Session ${sessionId} not found`);
+    }
+    Object.assign(session, updates);
+    if (updates.status === "completed" || updates.status === "failed") {
+      session.endTime = (/* @__PURE__ */ new Date()).toISOString();
+      const event = {
+        type: "sync-completed",
+        sessionId,
+        nodeId: session.initiatorId,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        data: { status: updates.status, itemsSynced: session.itemsSynced }
+      };
+      this.addSyncEvent(event);
+      this.emit("sync-completed", session);
+    }
+    logger.debug("[SyncCoordinator] Sync session updated", {
+      sessionId,
+      status: session.status,
+      itemsSynced: session.itemsSynced
+    });
+  }
+  /**
+   * Record a conflict during sync
+   */
+  recordConflict(sessionId, nodeId, conflictData) {
+    const session = this.sessions.get(sessionId);
+    if (session) {
+      session.conflictsDetected++;
+      const event = {
+        type: "conflict-detected",
+        sessionId,
+        nodeId,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        data: conflictData
+      };
+      this.addSyncEvent(event);
+      this.emit("conflict-detected", { session, nodeId, conflictData });
+      logger.debug("[SyncCoordinator] Conflict recorded", {
+        sessionId,
+        nodeId,
+        totalConflicts: session.conflictsDetected
+      });
+    }
+  }
+  /**
+   * Update node status
+   */
+  updateNodeStatus(nodeId, status) {
+    const node = this.nodes.get(nodeId);
+    if (!node) {
+      throw new Error(`Node ${nodeId} not found`);
+    }
+    node.status = status;
+    this.nodeHeartbeats.set(nodeId, Date.now());
+    logger.debug("[SyncCoordinator] Node status updated", {
+      nodeId,
+      status
+    });
+  }
+  /**
+   * Record heartbeat from node
+   */
+  recordHeartbeat(nodeId) {
+    const node = this.nodes.get(nodeId);
+    if (!node) {
+      return;
+    }
+    node.lastHeartbeat = (/* @__PURE__ */ new Date()).toISOString();
+    this.nodeHeartbeats.set(nodeId, Date.now());
+  }
+  /**
+   * Get all nodes
+   */
+  getNodes() {
+    return Array.from(this.nodes.values());
+  }
+  /**
+   * Get node by ID
+   */
+  getNode(nodeId) {
+    return this.nodes.get(nodeId);
+  }
+  /**
+   * Get online nodes
+   */
+  getOnlineNodes() {
+    return Array.from(this.nodes.values()).filter((n) => n.status === "online");
+  }
+  /**
+   * Get nodes by capability
+   */
+  getNodesByCapability(capability) {
+    return Array.from(this.nodes.values()).filter(
+      (n) => n.capabilities.includes(capability)
+    );
+  }
+  /**
+   * Get sync session
+   */
+  getSyncSession(sessionId) {
+    return this.sessions.get(sessionId);
+  }
+  /**
+   * Get all sync sessions
+   */
+  getAllSyncSessions() {
+    return Array.from(this.sessions.values());
+  }
+  /**
+   * Get active sync sessions
+   */
+  getActiveSyncSessions() {
+    return Array.from(this.sessions.values()).filter(
+      (s) => s.status === "active"
+    );
+  }
+  /**
+   * Get sessions for a node
+   */
+  getSessionsForNode(nodeId) {
+    return Array.from(this.sessions.values()).filter(
+      (s) => s.initiatorId === nodeId || s.participantIds.includes(nodeId)
+    );
+  }
+  /**
+   * Get sync statistics
+   */
+  getStatistics() {
+    const sessions = Array.from(this.sessions.values());
+    const completed = sessions.filter((s) => s.status === "completed").length;
+    const failed = sessions.filter((s) => s.status === "failed").length;
+    const active = sessions.filter((s) => s.status === "active").length;
+    const totalItemsSynced = sessions.reduce(
+      (sum, s) => sum + s.itemsSynced,
+      0
+    );
+    const totalConflicts = sessions.reduce(
+      (sum, s) => sum + s.conflictsDetected,
+      0
+    );
+    return {
+      totalNodes: this.nodes.size,
+      onlineNodes: this.getOnlineNodes().length,
+      offlineNodes: this.nodes.size - this.getOnlineNodes().length,
+      totalSessions: sessions.length,
+      activeSessions: active,
+      completedSessions: completed,
+      failedSessions: failed,
+      successRate: sessions.length > 0 ? completed / sessions.length * 100 : 0,
+      totalItemsSynced,
+      totalConflicts,
+      averageConflictsPerSession: sessions.length > 0 ? totalConflicts / sessions.length : 0
+    };
+  }
+  /**
+   * Get sync events
+   */
+  getSyncEvents(limit) {
+    const events = [...this.syncEvents];
+    if (limit) {
+      return events.slice(-limit);
+    }
+    return events;
+  }
+  /**
+   * Get sync events for session
+   */
+  getSessionEvents(sessionId) {
+    return this.syncEvents.filter((e) => e.sessionId === sessionId);
+  }
+  /**
+   * Check node health
+   */
+  getNodeHealth() {
+    const health = {};
+    for (const [nodeId, lastHeartbeat] of this.nodeHeartbeats) {
+      const now = Date.now();
+      const downtime = now - lastHeartbeat;
+      const isHealthy = downtime < 3e4;
+      health[nodeId] = {
+        isHealthy,
+        downtime
+      };
+    }
+    return health;
+  }
+  /**
+   * Start heartbeat monitoring
+   */
+  startHeartbeatMonitoring(interval = 5e3) {
+    if (this.heartbeatInterval) {
+      return;
+    }
+    this.heartbeatInterval = setInterval(() => {
+      const health = this.getNodeHealth();
+      for (const [nodeId, { isHealthy }] of Object.entries(health)) {
+        const node = this.nodes.get(nodeId);
+        if (!node) {
+          continue;
+        }
+        const newStatus = isHealthy ? "online" : "offline";
+        if (node.status !== newStatus) {
+          this.updateNodeStatus(nodeId, newStatus);
+        }
+      }
+    }, interval);
+    logger.debug("[SyncCoordinator] Heartbeat monitoring started", {
+      interval
+    });
+  }
+  /**
+   * Stop heartbeat monitoring
+   */
+  stopHeartbeatMonitoring() {
+    if (this.heartbeatInterval) {
+      clearInterval(this.heartbeatInterval);
+      this.heartbeatInterval = null;
+      logger.debug("[SyncCoordinator] Heartbeat monitoring stopped");
+    }
+  }
+  /**
+   * Clear all state (for testing)
+   */
+  clear() {
+    this.nodes.clear();
+    this.sessions.clear();
+    this.syncEvents = [];
+    this.nodeHeartbeats.clear();
+    this.nodesByDID.clear();
+    this.cryptoProvider = null;
+    this.stopHeartbeatMonitoring();
+  }
+  /**
+   * Get the crypto provider (for advanced usage)
+   */
+  getCryptoProvider() {
+    return this.cryptoProvider;
+  }
+};
+
+// src/distributed/ReplicationManager.ts
+var ReplicationManager = class _ReplicationManager {
+  static DEFAULT_PERSIST_KEY = "aeon:replication-state:v1";
+  replicas = /* @__PURE__ */ new Map();
+  policies = /* @__PURE__ */ new Map();
+  replicationEvents = [];
+  syncStatus = /* @__PURE__ */ new Map();
+  // Crypto support
+  cryptoProvider = null;
+  replicasByDID = /* @__PURE__ */ new Map();
+  // DID -> replicaId
+  persistence = null;
+  persistTimer = null;
+  persistInFlight = false;
+  persistPending = false;
+  constructor(options) {
+    if (options?.persistence) {
+      this.persistence = {
+        ...options.persistence,
+        key: options.persistence.key ?? _ReplicationManager.DEFAULT_PERSIST_KEY,
+        autoPersist: options.persistence.autoPersist ?? true,
+        autoLoad: options.persistence.autoLoad ?? false,
+        persistDebounceMs: options.persistence.persistDebounceMs ?? 25
+      };
+    }
+    if (this.persistence?.autoLoad) {
+      void this.loadFromPersistence().catch((error) => {
+        logger.error("[ReplicationManager] Failed to load persistence", {
+          key: this.persistence?.key,
+          error: error instanceof Error ? error.message : String(error)
+        });
+      });
+    }
+  }
+  /**
+   * Configure cryptographic provider for encrypted replication
+   */
+  configureCrypto(provider) {
+    this.cryptoProvider = provider;
+    logger.debug("[ReplicationManager] Crypto configured", {
+      initialized: provider.isInitialized()
+    });
+  }
+  /**
+   * Check if crypto is configured
+   */
+  isCryptoEnabled() {
+    return this.cryptoProvider !== null && this.cryptoProvider.isInitialized();
+  }
+  /**
+   * Register an authenticated replica with DID
+   */
+  async registerAuthenticatedReplica(replica, encrypted = false) {
+    const authenticatedReplica = {
+      ...replica,
+      encrypted
+    };
+    this.replicas.set(replica.id, authenticatedReplica);
+    this.replicasByDID.set(replica.did, replica.id);
+    if (!this.syncStatus.has(replica.nodeId)) {
+      this.syncStatus.set(replica.nodeId, { synced: 0, failed: 0 });
+    }
+    if (this.cryptoProvider && replica.publicSigningKey) {
+      await this.cryptoProvider.registerRemoteNode({
+        id: replica.nodeId,
+        did: replica.did,
+        publicSigningKey: replica.publicSigningKey,
+        publicEncryptionKey: replica.publicEncryptionKey
+      });
+    }
+    const event = {
+      type: "replica-added",
+      replicaId: replica.id,
+      nodeId: replica.nodeId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      details: { did: replica.did, encrypted, authenticated: true }
+    };
+    this.replicationEvents.push(event);
+    this.schedulePersist();
+    logger.debug("[ReplicationManager] Authenticated replica registered", {
+      replicaId: replica.id,
+      did: replica.did,
+      encrypted
+    });
+    return authenticatedReplica;
+  }
+  /**
+   * Get replica by DID
+   */
+  getReplicaByDID(did) {
+    const replicaId = this.replicasByDID.get(did);
+    if (!replicaId) return void 0;
+    return this.replicas.get(replicaId);
+  }
+  /**
+   * Get all encrypted replicas
+   */
+  getEncryptedReplicas() {
+    return Array.from(this.replicas.values()).filter((r) => r.encrypted);
+  }
+  /**
+   * Encrypt data for replication to a specific replica
+   */
+  async encryptForReplica(data, targetReplicaDID) {
+    if (!this.cryptoProvider || !this.cryptoProvider.isInitialized()) {
+      throw new Error("Crypto provider not initialized");
+    }
+    const dataBytes = new TextEncoder().encode(JSON.stringify(data));
+    const encrypted = await this.cryptoProvider.encrypt(
+      dataBytes,
+      targetReplicaDID
+    );
+    const localDID = this.cryptoProvider.getLocalDID();
+    return {
+      ct: encrypted.ct,
+      iv: encrypted.iv,
+      tag: encrypted.tag,
+      epk: encrypted.epk,
+      senderDID: localDID || void 0,
+      targetDID: targetReplicaDID,
+      encryptedAt: encrypted.encryptedAt
+    };
+  }
+  /**
+   * Decrypt data received from replication
+   */
+  async decryptReplicationData(encrypted) {
+    if (!this.cryptoProvider || !this.cryptoProvider.isInitialized()) {
+      throw new Error("Crypto provider not initialized");
+    }
+    const decrypted = await this.cryptoProvider.decrypt(
+      {
+        alg: "ECIES-P256",
+        ct: encrypted.ct,
+        iv: encrypted.iv,
+        tag: encrypted.tag,
+        epk: encrypted.epk
+      },
+      encrypted.senderDID
+    );
+    return JSON.parse(new TextDecoder().decode(decrypted));
+  }
+  /**
+   * Create an encrypted replication policy
+   */
+  createEncryptedPolicy(name, replicationFactor, consistencyLevel, encryptionMode, options) {
+    const policy = {
+      id: `policy-${Date.now()}-${Math.random().toString(36).slice(2)}`,
+      name,
+      replicationFactor,
+      consistencyLevel,
+      syncInterval: options?.syncInterval || 1e3,
+      maxReplicationLag: options?.maxReplicationLag || 1e4,
+      encryptionMode,
+      requiredCapabilities: options?.requiredCapabilities
+    };
+    this.policies.set(policy.id, policy);
+    logger.debug("[ReplicationManager] Encrypted policy created", {
+      policyId: policy.id,
+      name,
+      replicationFactor,
+      encryptionMode
+    });
+    return policy;
+  }
+  /**
+   * Verify a replica's capabilities via UCAN
+   */
+  async verifyReplicaCapabilities(replicaDID, token, policyId) {
+    if (!this.cryptoProvider) {
+      return { authorized: true };
+    }
+    const policy = policyId ? this.policies.get(policyId) : void 0;
+    const result = await this.cryptoProvider.verifyUCAN(token, {
+      requiredCapabilities: policy?.requiredCapabilities?.map((cap) => ({
+        can: cap,
+        with: "*"
+      }))
+    });
+    if (!result.authorized) {
+      logger.warn(
+        "[ReplicationManager] Replica capability verification failed",
+        {
+          replicaDID,
+          error: result.error
+        }
+      );
+    }
+    return result;
+  }
+  /**
+   * Register a replica
+   */
+  registerReplica(replica) {
+    this.replicas.set(replica.id, replica);
+    if (!this.syncStatus.has(replica.nodeId)) {
+      this.syncStatus.set(replica.nodeId, { synced: 0, failed: 0 });
+    }
+    const event = {
+      type: "replica-added",
+      replicaId: replica.id,
+      nodeId: replica.nodeId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.replicationEvents.push(event);
+    this.schedulePersist();
+    logger.debug("[ReplicationManager] Replica registered", {
+      replicaId: replica.id,
+      nodeId: replica.nodeId,
+      status: replica.status
+    });
+  }
+  /**
+   * Remove a replica
+   */
+  removeReplica(replicaId) {
+    const replica = this.replicas.get(replicaId);
+    if (!replica) {
+      throw new Error(`Replica ${replicaId} not found`);
+    }
+    this.replicas.delete(replicaId);
+    const event = {
+      type: "replica-removed",
+      replicaId,
+      nodeId: replica.nodeId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.replicationEvents.push(event);
+    this.schedulePersist();
+    logger.debug("[ReplicationManager] Replica removed", { replicaId });
+  }
+  /**
+   * Create a replication policy
+   */
+  createPolicy(name, replicationFactor, consistencyLevel, syncInterval = 1e3, maxReplicationLag = 1e4) {
+    const policy = {
+      id: `policy-${Date.now()}-${Math.random().toString(36).slice(2)}`,
+      name,
+      replicationFactor,
+      consistencyLevel,
+      syncInterval,
+      maxReplicationLag
+    };
+    this.policies.set(policy.id, policy);
+    this.schedulePersist();
+    logger.debug("[ReplicationManager] Policy created", {
+      policyId: policy.id,
+      name,
+      replicationFactor,
+      consistencyLevel
+    });
+    return policy;
+  }
+  /**
+   * Update replica status
+   */
+  updateReplicaStatus(replicaId, status, lagBytes = 0, lagMillis = 0) {
+    const replica = this.replicas.get(replicaId);
+    if (!replica) {
+      throw new Error(`Replica ${replicaId} not found`);
+    }
+    replica.status = status;
+    replica.lagBytes = lagBytes;
+    replica.lagMillis = lagMillis;
+    replica.lastSyncTime = (/* @__PURE__ */ new Date()).toISOString();
+    const event = {
+      type: status === "syncing" ? "replica-synced" : "sync-failed",
+      replicaId,
+      nodeId: replica.nodeId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      details: { status, lagBytes, lagMillis }
+    };
+    this.replicationEvents.push(event);
+    const syncStatus = this.syncStatus.get(replica.nodeId);
+    if (syncStatus) {
+      if (status === "syncing" || status === "secondary") {
+        syncStatus.synced++;
+      } else if (status === "failed") {
+        syncStatus.failed++;
+      }
+    }
+    logger.debug("[ReplicationManager] Replica status updated", {
+      replicaId,
+      status,
+      lagBytes,
+      lagMillis
+    });
+    this.schedulePersist();
+  }
+  /**
+   * Get replicas for node
+   */
+  getReplicasForNode(nodeId) {
+    return Array.from(this.replicas.values()).filter(
+      (r) => r.nodeId === nodeId
+    );
+  }
+  /**
+   * Get healthy replicas
+   */
+  getHealthyReplicas() {
+    return Array.from(this.replicas.values()).filter(
+      (r) => r.status === "secondary" || r.status === "primary"
+    );
+  }
+  /**
+   * Get syncing replicas
+   */
+  getSyncingReplicas() {
+    return Array.from(this.replicas.values()).filter(
+      (r) => r.status === "syncing"
+    );
+  }
+  /**
+   * Get failed replicas
+   */
+  getFailedReplicas() {
+    return Array.from(this.replicas.values()).filter(
+      (r) => r.status === "failed"
+    );
+  }
+  /**
+   * Check replication health for policy
+   */
+  checkReplicationHealth(policyId) {
+    const policy = this.policies.get(policyId);
+    if (!policy) {
+      throw new Error(`Policy ${policyId} not found`);
+    }
+    const healthy = this.getHealthyReplicas();
+    const maxLag = Math.max(0, ...healthy.map((r) => r.lagMillis));
+    return {
+      healthy: healthy.length >= policy.replicationFactor && maxLag <= policy.maxReplicationLag,
+      replicasInPolicy: policy.replicationFactor,
+      healthyReplicas: healthy.length,
+      replicationLag: maxLag
+    };
+  }
+  /**
+   * Get consistency level
+   */
+  getConsistencyLevel(policyId) {
+    const policy = this.policies.get(policyId);
+    if (!policy) {
+      return "eventual";
+    }
+    return policy.consistencyLevel;
+  }
+  /**
+   * Get replica
+   */
+  getReplica(replicaId) {
+    return this.replicas.get(replicaId);
+  }
+  /**
+   * Get all replicas
+   */
+  getAllReplicas() {
+    return Array.from(this.replicas.values());
+  }
+  /**
+   * Get policy
+   */
+  getPolicy(policyId) {
+    return this.policies.get(policyId);
+  }
+  /**
+   * Get all policies
+   */
+  getAllPolicies() {
+    return Array.from(this.policies.values());
+  }
+  /**
+   * Get replication statistics
+   */
+  getStatistics() {
+    const healthy = this.getHealthyReplicas().length;
+    const syncing = this.getSyncingReplicas().length;
+    const failed = this.getFailedReplicas().length;
+    const total = this.replicas.size;
+    const replicationLags = Array.from(this.replicas.values()).map(
+      (r) => r.lagMillis
+    );
+    const avgLag = replicationLags.length > 0 ? replicationLags.reduce((a, b) => a + b) / replicationLags.length : 0;
+    const maxLag = replicationLags.length > 0 ? Math.max(...replicationLags) : 0;
+    return {
+      totalReplicas: total,
+      healthyReplicas: healthy,
+      syncingReplicas: syncing,
+      failedReplicas: failed,
+      healthiness: total > 0 ? healthy / total * 100 : 0,
+      averageReplicationLagMs: avgLag,
+      maxReplicationLagMs: maxLag,
+      totalPolicies: this.policies.size
+    };
+  }
+  /**
+   * Get replication events
+   */
+  getReplicationEvents(limit) {
+    const events = [...this.replicationEvents];
+    if (limit) {
+      return events.slice(-limit);
+    }
+    return events;
+  }
+  /**
+   * Get sync status for node
+   */
+  getSyncStatus(nodeId) {
+    return this.syncStatus.get(nodeId) || { synced: 0, failed: 0 };
+  }
+  /**
+   * Get replication lag distribution
+   */
+  getReplicationLagDistribution() {
+    const distribution = {
+      "0-100ms": 0,
+      "100-500ms": 0,
+      "500-1000ms": 0,
+      "1000+ms": 0
+    };
+    for (const replica of this.replicas.values()) {
+      if (replica.lagMillis <= 100) {
+        distribution["0-100ms"]++;
+      } else if (replica.lagMillis <= 500) {
+        distribution["100-500ms"]++;
+      } else if (replica.lagMillis <= 1e3) {
+        distribution["500-1000ms"]++;
+      } else {
+        distribution["1000+ms"]++;
+      }
+    }
+    return distribution;
+  }
+  /**
+   * Check if can satisfy consistency level
+   */
+  canSatisfyConsistency(policyId, _requiredAcks) {
+    const policy = this.policies.get(policyId);
+    if (!policy) {
+      return false;
+    }
+    const healthyCount = this.getHealthyReplicas().length;
+    switch (policy.consistencyLevel) {
+      case "eventual":
+        return true;
+      // Always achievable
+      case "read-after-write":
+        return healthyCount >= 1;
+      case "strong":
+        return healthyCount >= policy.replicationFactor;
+      default:
+        return false;
+    }
+  }
+  /**
+   * Persist current replication state snapshot.
+   */
+  async saveToPersistence() {
+    if (!this.persistence) {
+      return;
+    }
+    const data = {
+      replicas: this.getAllReplicas(),
+      policies: this.getAllPolicies(),
+      syncStatus: Array.from(this.syncStatus.entries()).map(
+        ([nodeId, state]) => ({
+          nodeId,
+          synced: state.synced,
+          failed: state.failed
+        })
+      )
+    };
+    const envelope = {
+      version: 1,
+      updatedAt: Date.now(),
+      data
+    };
+    const serialize = this.persistence.serializer ?? ((value) => JSON.stringify(value));
+    await this.persistence.adapter.setItem(
+      this.persistence.key,
+      serialize(envelope)
+    );
+  }
+  /**
+   * Load replication snapshot from persistence.
+   */
+  async loadFromPersistence() {
+    if (!this.persistence) {
+      return { replicas: 0, policies: 0, syncStatus: 0 };
+    }
+    const raw = await this.persistence.adapter.getItem(this.persistence.key);
+    if (!raw) {
+      return { replicas: 0, policies: 0, syncStatus: 0 };
+    }
+    const deserialize = this.persistence.deserializer ?? ((value) => JSON.parse(value));
+    const envelope = deserialize(raw);
+    if (envelope.version !== 1 || !envelope.data) {
+      throw new Error("Invalid replication persistence payload");
+    }
+    if (!Array.isArray(envelope.data.replicas) || !Array.isArray(envelope.data.policies) || !Array.isArray(envelope.data.syncStatus)) {
+      throw new Error("Invalid replication persistence structure");
+    }
+    this.replicas.clear();
+    this.policies.clear();
+    this.syncStatus.clear();
+    this.replicasByDID.clear();
+    let importedReplicas = 0;
+    for (const replica of envelope.data.replicas) {
+      if (this.isValidReplica(replica)) {
+        this.replicas.set(replica.id, replica);
+        if (replica.did) {
+          this.replicasByDID.set(replica.did, replica.id);
+        }
+        importedReplicas++;
+      }
+    }
+    let importedPolicies = 0;
+    for (const policy of envelope.data.policies) {
+      if (this.isValidPolicy(policy)) {
+        this.policies.set(policy.id, policy);
+        importedPolicies++;
+      }
+    }
+    let importedSyncStatus = 0;
+    for (const status of envelope.data.syncStatus) {
+      if (typeof status.nodeId === "string" && typeof status.synced === "number" && typeof status.failed === "number") {
+        this.syncStatus.set(status.nodeId, {
+          synced: status.synced,
+          failed: status.failed
+        });
+        importedSyncStatus++;
+      }
+    }
+    logger.debug("[ReplicationManager] Loaded from persistence", {
+      key: this.persistence.key,
+      replicas: importedReplicas,
+      policies: importedPolicies,
+      syncStatus: importedSyncStatus
+    });
+    return {
+      replicas: importedReplicas,
+      policies: importedPolicies,
+      syncStatus: importedSyncStatus
+    };
+  }
+  /**
+   * Remove persisted replication snapshot.
+   */
+  async clearPersistence() {
+    if (!this.persistence) {
+      return;
+    }
+    await this.persistence.adapter.removeItem(this.persistence.key);
+  }
+  schedulePersist() {
+    if (!this.persistence || this.persistence.autoPersist === false) {
+      return;
+    }
+    if (this.persistTimer) {
+      clearTimeout(this.persistTimer);
+    }
+    this.persistTimer = setTimeout(() => {
+      void this.persistSafely();
+    }, this.persistence.persistDebounceMs ?? 25);
+  }
+  async persistSafely() {
+    if (!this.persistence) {
+      return;
+    }
+    if (this.persistInFlight) {
+      this.persistPending = true;
+      return;
+    }
+    this.persistInFlight = true;
+    try {
+      await this.saveToPersistence();
+    } catch (error) {
+      logger.error("[ReplicationManager] Persistence write failed", {
+        key: this.persistence.key,
+        error: error instanceof Error ? error.message : String(error)
+      });
+    } finally {
+      this.persistInFlight = false;
+      const shouldRunAgain = this.persistPending;
+      this.persistPending = false;
+      if (shouldRunAgain) {
+        void this.persistSafely();
+      }
+    }
+  }
+  isValidReplica(value) {
+    if (typeof value !== "object" || value === null) {
+      return false;
+    }
+    const candidate = value;
+    const validStatus = candidate.status === "primary" || candidate.status === "secondary" || candidate.status === "syncing" || candidate.status === "failed";
+    return typeof candidate.id === "string" && typeof candidate.nodeId === "string" && validStatus && typeof candidate.lastSyncTime === "string" && typeof candidate.lagBytes === "number" && typeof candidate.lagMillis === "number";
+  }
+  isValidPolicy(value) {
+    if (typeof value !== "object" || value === null) {
+      return false;
+    }
+    const candidate = value;
+    const validConsistency = candidate.consistencyLevel === "eventual" || candidate.consistencyLevel === "read-after-write" || candidate.consistencyLevel === "strong";
+    return typeof candidate.id === "string" && typeof candidate.name === "string" && typeof candidate.replicationFactor === "number" && validConsistency && typeof candidate.syncInterval === "number" && typeof candidate.maxReplicationLag === "number";
+  }
+  /**
+   * Clear all state (for testing)
+   */
+  clear() {
+    this.replicas.clear();
+    this.policies.clear();
+    this.replicationEvents = [];
+    this.syncStatus.clear();
+    this.replicasByDID.clear();
+    this.cryptoProvider = null;
+    this.schedulePersist();
+  }
+  /**
+   * Get the crypto provider (for advanced usage)
+   */
+  getCryptoProvider() {
+    return this.cryptoProvider;
+  }
+};
+
+// src/distributed/SyncProtocol.ts
+var SyncProtocol = class _SyncProtocol {
+  static DEFAULT_PERSIST_KEY = "aeon:sync-protocol:v1";
+  version = "1.0.0";
+  messageQueue = [];
+  messageMap = /* @__PURE__ */ new Map();
+  handshakes = /* @__PURE__ */ new Map();
+  protocolErrors = [];
+  messageCounter = 0;
+  // Crypto support
+  cryptoProvider = null;
+  cryptoConfig = null;
+  persistence = null;
+  persistTimer = null;
+  persistInFlight = false;
+  persistPending = false;
+  constructor(options) {
+    if (options?.persistence) {
+      this.persistence = {
+        ...options.persistence,
+        key: options.persistence.key ?? _SyncProtocol.DEFAULT_PERSIST_KEY,
+        autoPersist: options.persistence.autoPersist ?? true,
+        autoLoad: options.persistence.autoLoad ?? false,
+        persistDebounceMs: options.persistence.persistDebounceMs ?? 25
+      };
+    }
+    if (this.persistence?.autoLoad) {
+      void this.loadFromPersistence().catch((error) => {
+        logger.error("[SyncProtocol] Failed to load persistence", {
+          key: this.persistence?.key,
+          error: error instanceof Error ? error.message : String(error)
+        });
+      });
+    }
+  }
+  /**
+   * Configure cryptographic provider for authenticated/encrypted messages
+   */
+  configureCrypto(provider, config) {
+    this.cryptoProvider = provider;
+    this.cryptoConfig = {
+      encryptionMode: config?.encryptionMode ?? "none",
+      requireSignatures: config?.requireSignatures ?? false,
+      requireCapabilities: config?.requireCapabilities ?? false,
+      requiredCapabilities: config?.requiredCapabilities
+    };
+    logger.debug("[SyncProtocol] Crypto configured", {
+      encryptionMode: this.cryptoConfig.encryptionMode,
+      requireSignatures: this.cryptoConfig.requireSignatures,
+      requireCapabilities: this.cryptoConfig.requireCapabilities
+    });
+  }
+  /**
+   * Check if crypto is configured
+   */
+  isCryptoEnabled() {
+    return this.cryptoProvider !== null && this.cryptoProvider.isInitialized();
+  }
+  /**
+   * Get crypto configuration
+   */
+  getCryptoConfig() {
+    return this.cryptoConfig ? { ...this.cryptoConfig } : null;
+  }
+  /**
+   * Get protocol version
+   */
+  getVersion() {
+    return this.version;
+  }
+  /**
+   * Create authenticated handshake message with DID and keys
+   */
+  async createAuthenticatedHandshake(capabilities, targetDID) {
+    if (!this.cryptoProvider || !this.cryptoProvider.isInitialized()) {
+      throw new Error("Crypto provider not initialized");
+    }
+    const localDID = this.cryptoProvider.getLocalDID();
+    if (!localDID) {
+      throw new Error("Local DID not available");
+    }
+    const publicInfo = await this.cryptoProvider.exportPublicIdentity();
+    if (!publicInfo) {
+      throw new Error("Cannot export public identity");
+    }
+    let ucan;
+    if (targetDID && this.cryptoConfig?.requireCapabilities) {
+      const caps = this.cryptoConfig.requiredCapabilities || [
+        { can: "aeon:sync:read", with: "*" },
+        { can: "aeon:sync:write", with: "*" }
+      ];
+      ucan = await this.cryptoProvider.createUCAN(targetDID, caps);
+    }
+    const handshakePayload = {
+      protocolVersion: this.version,
+      nodeId: localDID,
+      capabilities,
+      state: "initiating",
+      did: localDID,
+      publicSigningKey: publicInfo.publicSigningKey,
+      publicEncryptionKey: publicInfo.publicEncryptionKey,
+      ucan
+    };
+    const message = {
+      type: "handshake",
+      version: this.version,
+      sender: localDID,
+      receiver: targetDID || "",
+      messageId: this.generateMessageId(),
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: handshakePayload
+    };
+    if (this.cryptoConfig?.requireSignatures) {
+      const signed = await this.cryptoProvider.signData(handshakePayload);
+      message.auth = {
+        senderDID: localDID,
+        receiverDID: targetDID,
+        signature: signed.signature
+      };
+    }
+    this.messageMap.set(message.messageId, message);
+    this.messageQueue.push(message);
+    this.schedulePersist();
+    logger.debug("[SyncProtocol] Authenticated handshake created", {
+      messageId: message.messageId,
+      did: localDID,
+      capabilities: capabilities.length,
+      hasUCAN: !!ucan
+    });
+    return message;
+  }
+  /**
+   * Verify and process an authenticated handshake
+   */
+  async verifyAuthenticatedHandshake(message) {
+    if (message.type !== "handshake") {
+      return { valid: false, error: "Message is not a handshake" };
+    }
+    const handshake = message.payload;
+    if (!this.cryptoProvider || !this.cryptoConfig) {
+      this.handshakes.set(message.sender, handshake);
+      this.schedulePersist();
+      return { valid: true, handshake };
+    }
+    if (handshake.did && handshake.publicSigningKey) {
+      await this.cryptoProvider.registerRemoteNode({
+        id: handshake.nodeId,
+        did: handshake.did,
+        publicSigningKey: handshake.publicSigningKey,
+        publicEncryptionKey: handshake.publicEncryptionKey
+      });
+    }
+    if (this.cryptoConfig.requireSignatures && message.auth?.signature) {
+      const signed = {
+        payload: handshake,
+        signature: message.auth.signature,
+        signer: message.auth.senderDID || message.sender,
+        algorithm: "ES256",
+        signedAt: Date.now()
+      };
+      const isValid = await this.cryptoProvider.verifySignedData(signed);
+      if (!isValid) {
+        logger.warn("[SyncProtocol] Handshake signature verification failed", {
+          messageId: message.messageId,
+          sender: message.sender
+        });
+        return { valid: false, error: "Invalid signature" };
+      }
+    }
+    if (this.cryptoConfig.requireCapabilities && handshake.ucan) {
+      const localDID = this.cryptoProvider.getLocalDID();
+      const result = await this.cryptoProvider.verifyUCAN(handshake.ucan, {
+        expectedAudience: localDID || void 0,
+        requiredCapabilities: this.cryptoConfig.requiredCapabilities
+      });
+      if (!result.authorized) {
+        logger.warn("[SyncProtocol] Handshake UCAN verification failed", {
+          messageId: message.messageId,
+          error: result.error
+        });
+        return { valid: false, error: result.error || "Unauthorized" };
+      }
+    }
+    this.handshakes.set(message.sender, handshake);
+    this.schedulePersist();
+    logger.debug("[SyncProtocol] Authenticated handshake verified", {
+      messageId: message.messageId,
+      did: handshake.did
+    });
+    return { valid: true, handshake };
+  }
+  /**
+   * Sign and optionally encrypt a message payload
+   */
+  async signMessage(message, payload, encrypt = false) {
+    if (!this.cryptoProvider || !this.cryptoProvider.isInitialized()) {
+      throw new Error("Crypto provider not initialized");
+    }
+    const localDID = this.cryptoProvider.getLocalDID();
+    const signed = await this.cryptoProvider.signData(payload);
+    message.auth = {
+      senderDID: localDID || void 0,
+      receiverDID: message.receiver || void 0,
+      signature: signed.signature,
+      encrypted: false
+    };
+    if (encrypt && message.receiver && this.cryptoConfig?.encryptionMode !== "none") {
+      const payloadBytes = new TextEncoder().encode(JSON.stringify(payload));
+      const encrypted = await this.cryptoProvider.encrypt(
+        payloadBytes,
+        message.receiver
+      );
+      message.payload = encrypted;
+      message.auth.encrypted = true;
+      logger.debug("[SyncProtocol] Message encrypted", {
+        messageId: message.messageId,
+        recipient: message.receiver
+      });
+    } else {
+      message.payload = payload;
+    }
+    return message;
+  }
+  /**
+   * Verify signature and optionally decrypt a message
+   */
+  async verifyMessage(message) {
+    if (!this.cryptoProvider || !message.auth) {
+      return { valid: true, payload: message.payload };
+    }
+    let payload = message.payload;
+    if (message.auth.encrypted && message.payload) {
+      try {
+        const encrypted = message.payload;
+        const decrypted = await this.cryptoProvider.decrypt(
+          encrypted,
+          message.auth.senderDID
+        );
+        payload = JSON.parse(new TextDecoder().decode(decrypted));
+        logger.debug("[SyncProtocol] Message decrypted", {
+          messageId: message.messageId
+        });
+      } catch (error) {
+        return {
+          valid: false,
+          error: `Decryption failed: ${error instanceof Error ? error.message : String(error)}`
+        };
+      }
+    }
+    if (message.auth.signature && message.auth.senderDID) {
+      const signed = {
+        payload,
+        signature: message.auth.signature,
+        signer: message.auth.senderDID,
+        algorithm: "ES256",
+        signedAt: Date.now()
+      };
+      const isValid = await this.cryptoProvider.verifySignedData(signed);
+      if (!isValid) {
+        return { valid: false, error: "Invalid signature" };
+      }
+    }
+    return { valid: true, payload };
+  }
+  /**
+   * Create handshake message
+   */
+  createHandshakeMessage(nodeId, capabilities) {
+    const message = {
+      type: "handshake",
+      version: this.version,
+      sender: nodeId,
+      receiver: "",
+      messageId: this.generateMessageId(),
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: {
+        protocolVersion: this.version,
+        nodeId,
+        capabilities,
+        state: "initiating"
+      }
+    };
+    this.messageMap.set(message.messageId, message);
+    this.messageQueue.push(message);
+    this.schedulePersist();
+    logger.debug("[SyncProtocol] Handshake message created", {
+      messageId: message.messageId,
+      nodeId,
+      capabilities: capabilities.length
+    });
+    return message;
+  }
+  /**
+   * Create sync request message
+   */
+  createSyncRequestMessage(sender, receiver, sessionId, fromVersion, toVersion, filter) {
+    const message = {
+      type: "sync-request",
+      version: this.version,
+      sender,
+      receiver,
+      messageId: this.generateMessageId(),
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: {
+        sessionId,
+        fromVersion,
+        toVersion,
+        filter
+      }
+    };
+    this.messageMap.set(message.messageId, message);
+    this.messageQueue.push(message);
+    this.schedulePersist();
+    logger.debug("[SyncProtocol] Sync request created", {
+      messageId: message.messageId,
+      sessionId,
+      fromVersion,
+      toVersion
+    });
+    return message;
+  }
+  /**
+   * Create sync response message
+   */
+  createSyncResponseMessage(sender, receiver, sessionId, fromVersion, toVersion, data, hasMore = false, offset = 0) {
+    const message = {
+      type: "sync-response",
+      version: this.version,
+      sender,
+      receiver,
+      messageId: this.generateMessageId(),
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: {
+        sessionId,
+        fromVersion,
+        toVersion,
+        data,
+        hasMore,
+        offset
+      }
+    };
+    this.messageMap.set(message.messageId, message);
+    this.messageQueue.push(message);
+    this.schedulePersist();
+    logger.debug("[SyncProtocol] Sync response created", {
+      messageId: message.messageId,
+      sessionId,
+      itemCount: data.length,
+      hasMore
+    });
+    return message;
+  }
+  /**
+   * Create acknowledgement message
+   */
+  createAckMessage(sender, receiver, messageId) {
+    const message = {
+      type: "ack",
+      version: this.version,
+      sender,
+      receiver,
+      messageId: this.generateMessageId(),
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: { acknowledgedMessageId: messageId }
+    };
+    this.messageMap.set(message.messageId, message);
+    this.messageQueue.push(message);
+    this.schedulePersist();
+    return message;
+  }
+  /**
+   * Create error message
+   */
+  createErrorMessage(sender, receiver, error, relatedMessageId) {
+    const message = {
+      type: "error",
+      version: this.version,
+      sender,
+      receiver,
+      messageId: this.generateMessageId(),
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: {
+        error,
+        relatedMessageId
+      }
+    };
+    this.messageMap.set(message.messageId, message);
+    this.messageQueue.push(message);
+    this.protocolErrors.push({
+      error,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    this.schedulePersist();
+    logger.error("[SyncProtocol] Error message created", {
+      messageId: message.messageId,
+      errorCode: error.code,
+      recoverable: error.recoverable
+    });
+    return message;
+  }
+  /**
+   * Validate message
+   */
+  validateMessage(message) {
+    const errors = [];
+    if (!message.type) {
+      errors.push("Message type is required");
+    }
+    if (!message.sender) {
+      errors.push("Sender is required");
+    }
+    if (!message.messageId) {
+      errors.push("Message ID is required");
+    }
+    if (!message.timestamp) {
+      errors.push("Timestamp is required");
+    }
+    const timestampValue = new Date(message.timestamp);
+    if (Number.isNaN(timestampValue.getTime())) {
+      errors.push("Invalid timestamp format");
+    }
+    return {
+      valid: errors.length === 0,
+      errors
+    };
+  }
+  /**
+   * Serialize message
+   */
+  serializeMessage(message) {
+    try {
+      return JSON.stringify(message);
+    } catch (error) {
+      logger.error("[SyncProtocol] Message serialization failed", {
+        messageId: message.messageId,
+        error: error instanceof Error ? error.message : String(error)
+      });
+      throw new Error(
+        `Failed to serialize message: ${error instanceof Error ? error.message : String(error)}`
+      );
+    }
+  }
+  /**
+   * Deserialize message
+   */
+  deserializeMessage(data) {
+    try {
+      const message = JSON.parse(data);
+      const validation = this.validateMessage(message);
+      if (!validation.valid) {
+        throw new Error(`Invalid message: ${validation.errors.join(", ")}`);
+      }
+      return message;
+    } catch (error) {
+      logger.error("[SyncProtocol] Message deserialization failed", {
+        error: error instanceof Error ? error.message : String(error)
+      });
+      throw new Error(
+        `Failed to deserialize message: ${error instanceof Error ? error.message : String(error)}`
+      );
+    }
+  }
+  /**
+   * Process handshake
+   */
+  processHandshake(message) {
+    if (message.type !== "handshake") {
+      throw new Error("Message is not a handshake");
+    }
+    const handshake = message.payload;
+    const nodeId = message.sender;
+    this.handshakes.set(nodeId, handshake);
+    this.schedulePersist();
+    logger.debug("[SyncProtocol] Handshake processed", {
+      nodeId,
+      protocolVersion: handshake.protocolVersion,
+      capabilities: handshake.capabilities.length
+    });
+    return handshake;
+  }
+  /**
+   * Get message
+   */
+  getMessage(messageId) {
+    return this.messageMap.get(messageId);
+  }
+  /**
+   * Get all messages
+   */
+  getAllMessages() {
+    return [...this.messageQueue];
+  }
+  /**
+   * Get messages by type
+   */
+  getMessagesByType(type) {
+    return this.messageQueue.filter((m) => m.type === type);
+  }
+  /**
+   * Get messages from sender
+   */
+  getMessagesFromSender(sender) {
+    return this.messageQueue.filter((m) => m.sender === sender);
+  }
+  /**
+   * Get pending messages
+   */
+  getPendingMessages(receiver) {
+    return this.messageQueue.filter((m) => m.receiver === receiver);
+  }
+  /**
+   * Get handshakes
+   */
+  getHandshakes() {
+    return new Map(this.handshakes);
+  }
+  /**
+   * Get protocol statistics
+   */
+  getStatistics() {
+    const messagesByType = {};
+    for (const message of this.messageQueue) {
+      messagesByType[message.type] = (messagesByType[message.type] || 0) + 1;
+    }
+    const errorCount = this.protocolErrors.length;
+    const recoverableErrors = this.protocolErrors.filter(
+      (e) => e.error.recoverable
+    ).length;
+    return {
+      totalMessages: this.messageQueue.length,
+      messagesByType,
+      totalHandshakes: this.handshakes.size,
+      totalErrors: errorCount,
+      recoverableErrors,
+      unrecoverableErrors: errorCount - recoverableErrors
+    };
+  }
+  /**
+   * Get protocol errors
+   */
+  getErrors() {
+    return [...this.protocolErrors];
+  }
+  /**
+   * Persist protocol state for reconnect/replay.
+   */
+  async saveToPersistence() {
+    if (!this.persistence) {
+      return;
+    }
+    const data = {
+      protocolVersion: this.version,
+      messageCounter: this.messageCounter,
+      messageQueue: this.getAllMessages(),
+      handshakes: Array.from(this.handshakes.entries()).map(
+        ([nodeId, handshake]) => ({
+          nodeId,
+          handshake
+        })
+      ),
+      protocolErrors: this.getErrors()
+    };
+    const envelope = {
+      version: 1,
+      updatedAt: Date.now(),
+      data
+    };
+    const serialize = this.persistence.serializer ?? ((value) => JSON.stringify(value));
+    await this.persistence.adapter.setItem(
+      this.persistence.key,
+      serialize(envelope)
+    );
+  }
+  /**
+   * Load protocol state from persistence.
+   */
+  async loadFromPersistence() {
+    if (!this.persistence) {
+      return { messages: 0, handshakes: 0, errors: 0 };
+    }
+    const raw = await this.persistence.adapter.getItem(this.persistence.key);
+    if (!raw) {
+      return { messages: 0, handshakes: 0, errors: 0 };
+    }
+    const deserialize = this.persistence.deserializer ?? ((value) => JSON.parse(value));
+    const envelope = deserialize(raw);
+    if (envelope.version !== 1 || !envelope.data) {
+      throw new Error("Invalid sync protocol persistence payload");
+    }
+    if (!Array.isArray(envelope.data.messageQueue) || !Array.isArray(envelope.data.handshakes) || !Array.isArray(envelope.data.protocolErrors)) {
+      throw new Error("Invalid sync protocol persistence structure");
+    }
+    const nextMessages = [];
+    for (const message of envelope.data.messageQueue) {
+      const validation = this.validateMessage(message);
+      if (!validation.valid) {
+        throw new Error(
+          `Invalid persisted message ${message?.messageId ?? "unknown"}: ${validation.errors.join(", ")}`
+        );
+      }
+      nextMessages.push(message);
+    }
+    const nextHandshakes = /* @__PURE__ */ new Map();
+    for (const entry of envelope.data.handshakes) {
+      if (typeof entry.nodeId !== "string" || !this.isValidHandshake(entry.handshake)) {
+        throw new Error("Invalid persisted handshake payload");
+      }
+      nextHandshakes.set(entry.nodeId, entry.handshake);
+    }
+    const nextErrors = [];
+    for (const entry of envelope.data.protocolErrors) {
+      if (!this.isValidProtocolErrorEntry(entry)) {
+        throw new Error("Invalid persisted protocol error payload");
+      }
+      nextErrors.push(entry);
+    }
+    this.messageQueue = nextMessages;
+    this.messageMap = new Map(nextMessages.map((m) => [m.messageId, m]));
+    this.handshakes = nextHandshakes;
+    this.protocolErrors = nextErrors;
+    this.messageCounter = Math.max(
+      envelope.data.messageCounter || 0,
+      this.messageQueue.length
+    );
+    logger.debug("[SyncProtocol] Loaded from persistence", {
+      key: this.persistence.key,
+      messages: this.messageQueue.length,
+      handshakes: this.handshakes.size,
+      errors: this.protocolErrors.length
+    });
+    return {
+      messages: this.messageQueue.length,
+      handshakes: this.handshakes.size,
+      errors: this.protocolErrors.length
+    };
+  }
+  /**
+   * Clear persisted protocol checkpoint.
+   */
+  async clearPersistence() {
+    if (!this.persistence) {
+      return;
+    }
+    await this.persistence.adapter.removeItem(this.persistence.key);
+  }
+  schedulePersist() {
+    if (!this.persistence || this.persistence.autoPersist === false) {
+      return;
+    }
+    if (this.persistTimer) {
+      clearTimeout(this.persistTimer);
+    }
+    this.persistTimer = setTimeout(() => {
+      void this.persistSafely();
+    }, this.persistence.persistDebounceMs ?? 25);
+  }
+  async persistSafely() {
+    if (!this.persistence) {
+      return;
+    }
+    if (this.persistInFlight) {
+      this.persistPending = true;
+      return;
+    }
+    this.persistInFlight = true;
+    try {
+      await this.saveToPersistence();
+    } catch (error) {
+      logger.error("[SyncProtocol] Persistence write failed", {
+        key: this.persistence.key,
+        error: error instanceof Error ? error.message : String(error)
+      });
+    } finally {
+      this.persistInFlight = false;
+      const shouldRunAgain = this.persistPending;
+      this.persistPending = false;
+      if (shouldRunAgain) {
+        void this.persistSafely();
+      }
+    }
+  }
+  isValidHandshake(value) {
+    if (typeof value !== "object" || value === null) {
+      return false;
+    }
+    const handshake = value;
+    const validState = handshake.state === "initiating" || handshake.state === "responding" || handshake.state === "completed";
+    return typeof handshake.protocolVersion === "string" && typeof handshake.nodeId === "string" && Array.isArray(handshake.capabilities) && handshake.capabilities.every((cap) => typeof cap === "string") && validState;
+  }
+  isValidProtocolErrorEntry(entry) {
+    if (typeof entry !== "object" || entry === null) {
+      return false;
+    }
+    const candidate = entry;
+    return typeof candidate.timestamp === "string" && typeof candidate.error?.code === "string" && typeof candidate.error.message === "string" && typeof candidate.error.recoverable === "boolean";
+  }
+  /**
+   * Generate message ID
+   */
+  generateMessageId() {
+    this.messageCounter++;
+    return `msg-${Date.now()}-${this.messageCounter}`;
+  }
+  /**
+   * Clear all state (for testing)
+   */
+  clear() {
+    this.messageQueue = [];
+    this.messageMap.clear();
+    this.handshakes.clear();
+    this.protocolErrors = [];
+    this.messageCounter = 0;
+    this.cryptoProvider = null;
+    this.cryptoConfig = null;
+    this.schedulePersist();
+  }
+  /**
+   * Get the crypto provider (for advanced usage)
+   */
+  getCryptoProvider() {
+    return this.cryptoProvider;
+  }
+};
+
+// src/distributed/StateReconciler.ts
+var StateReconciler = class {
+  stateVersions = /* @__PURE__ */ new Map();
+  reconciliationHistory = [];
+  cryptoProvider = null;
+  requireSignedVersions = false;
+  /**
+   * Configure cryptographic provider for signed state versions
+   */
+  configureCrypto(provider, requireSigned = false) {
+    this.cryptoProvider = provider;
+    this.requireSignedVersions = requireSigned;
+    logger.debug("[StateReconciler] Crypto configured", {
+      initialized: provider.isInitialized(),
+      requireSigned
+    });
+  }
+  /**
+   * Check if crypto is configured
+   */
+  isCryptoEnabled() {
+    return this.cryptoProvider !== null && this.cryptoProvider.isInitialized();
+  }
+  /**
+   * Record a signed state version with cryptographic verification
+   */
+  async recordSignedStateVersion(key, version, data) {
+    if (!this.cryptoProvider || !this.cryptoProvider.isInitialized()) {
+      throw new Error("Crypto provider not initialized");
+    }
+    const localDID = this.cryptoProvider.getLocalDID();
+    if (!localDID) {
+      throw new Error("Local DID not available");
+    }
+    const dataBytes = new TextEncoder().encode(JSON.stringify(data));
+    const hashBytes = await this.cryptoProvider.hash(dataBytes);
+    const hash = Array.from(hashBytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+    const versionData = { version, data, hash };
+    const signed = await this.cryptoProvider.signData(versionData);
+    const stateVersion = {
+      version,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      nodeId: localDID,
+      hash,
+      data,
+      signerDID: localDID,
+      signature: signed.signature,
+      signedAt: signed.signedAt
+    };
+    if (!this.stateVersions.has(key)) {
+      this.stateVersions.set(key, []);
+    }
+    this.stateVersions.get(key).push(stateVersion);
+    logger.debug("[StateReconciler] Signed state version recorded", {
+      key,
+      version,
+      signerDID: localDID,
+      hash: hash.slice(0, 16) + "..."
+    });
+    return stateVersion;
+  }
+  /**
+   * Verify a state version's signature
+   */
+  async verifyStateVersion(version) {
+    if (!version.signature || !version.signerDID) {
+      if (this.requireSignedVersions) {
+        return { valid: false, error: "Signature required but not present" };
+      }
+      const dataBytes = new TextEncoder().encode(JSON.stringify(version.data));
+      if (this.cryptoProvider) {
+        const hashBytes = await this.cryptoProvider.hash(dataBytes);
+        const computedHash = Array.from(hashBytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+        if (computedHash !== version.hash) {
+          return { valid: false, error: "Hash mismatch" };
+        }
+      }
+      return { valid: true };
+    }
+    if (!this.cryptoProvider) {
+      return { valid: false, error: "Crypto provider not configured" };
+    }
+    const versionData = {
+      version: version.version,
+      data: version.data,
+      hash: version.hash
+    };
+    const signed = {
+      payload: versionData,
+      signature: version.signature,
+      signer: version.signerDID,
+      algorithm: "ES256",
+      signedAt: version.signedAt || Date.now()
+    };
+    const isValid = await this.cryptoProvider.verifySignedData(signed);
+    if (!isValid) {
+      return { valid: false, error: "Invalid signature" };
+    }
+    return { valid: true };
+  }
+  /**
+   * Reconcile with verification - only accept verified versions
+   */
+  async reconcileWithVerification(key, strategy = "last-write-wins") {
+    const versions = this.stateVersions.get(key) || [];
+    const verifiedVersions = [];
+    const verificationErrors = [];
+    for (const version of versions) {
+      const result2 = await this.verifyStateVersion(version);
+      if (result2.valid) {
+        verifiedVersions.push(version);
+      } else {
+        verificationErrors.push(
+          `Version ${version.version} from ${version.nodeId}: ${result2.error}`
+        );
+        logger.warn("[StateReconciler] Version verification failed", {
+          version: version.version,
+          nodeId: version.nodeId,
+          error: result2.error
+        });
+      }
+    }
+    if (verifiedVersions.length === 0) {
+      return {
+        success: false,
+        mergedState: null,
+        conflictsResolved: 0,
+        strategy,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        verificationErrors
+      };
+    }
+    let result;
+    switch (strategy) {
+      case "last-write-wins":
+        result = this.reconcileLastWriteWins(verifiedVersions);
+        break;
+      case "vector-clock":
+        result = this.reconcileVectorClock(verifiedVersions);
+        break;
+      case "majority-vote":
+        result = this.reconcileMajorityVote(verifiedVersions);
+        break;
+      default:
+        result = this.reconcileLastWriteWins(verifiedVersions);
+    }
+    return { ...result, verificationErrors };
+  }
+  /**
+   * Record a state version
+   */
+  recordStateVersion(key, version, timestamp, nodeId, hash, data) {
+    if (!this.stateVersions.has(key)) {
+      this.stateVersions.set(key, []);
+    }
+    const versions = this.stateVersions.get(key);
+    versions.push({
+      version,
+      timestamp,
+      nodeId,
+      hash,
+      data
+    });
+    logger.debug("[StateReconciler] State version recorded", {
+      key,
+      version,
+      nodeId,
+      hash
+    });
+  }
+  /**
+   * Detect conflicts in state versions
+   */
+  detectConflicts(key) {
+    const versions = this.stateVersions.get(key);
+    if (!versions || versions.length <= 1) {
+      return false;
+    }
+    const hashes = new Set(versions.map((v) => v.hash));
+    return hashes.size > 1;
+  }
+  /**
+   * Compare two states and generate diff
+   */
+  compareStates(state1, state2) {
+    const diff = {
+      added: {},
+      modified: {},
+      removed: [],
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    for (const [key, value] of Object.entries(state2)) {
+      if (!(key in state1)) {
+        diff.added[key] = value;
+      } else if (JSON.stringify(state1[key]) !== JSON.stringify(value)) {
+        diff.modified[key] = { old: state1[key], new: value };
+      }
+    }
+    for (const key of Object.keys(state1)) {
+      if (!(key in state2)) {
+        diff.removed.push(key);
+      }
+    }
+    return diff;
+  }
+  /**
+   * Reconcile states using last-write-wins strategy
+   */
+  reconcileLastWriteWins(versions) {
+    if (versions.length === 0) {
+      throw new Error("No versions to reconcile");
+    }
+    const sorted = [...versions].sort(
+      (a, b) => new Date(b.timestamp).getTime() - new Date(a.timestamp).getTime()
+    );
+    const latest = sorted[0];
+    const conflictsResolved = versions.length - 1;
+    const result = {
+      success: true,
+      mergedState: latest.data,
+      conflictsResolved,
+      strategy: "last-write-wins",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.reconciliationHistory.push(result);
+    logger.debug("[StateReconciler] State reconciled (last-write-wins)", {
+      winnerNode: latest.nodeId,
+      conflictsResolved
+    });
+    return result;
+  }
+  /**
+   * Reconcile states using vector clock strategy
+   */
+  reconcileVectorClock(versions) {
+    if (versions.length === 0) {
+      throw new Error("No versions to reconcile");
+    }
+    const sorted = [...versions].sort(
+      (a, b) => new Date(b.timestamp).getTime() - new Date(a.timestamp).getTime()
+    );
+    const latest = sorted[0];
+    let conflictsResolved = 0;
+    for (const v of versions) {
+      const timeDiff = Math.abs(
+        new Date(v.timestamp).getTime() - new Date(latest.timestamp).getTime()
+      );
+      if (timeDiff > 100) {
+        conflictsResolved++;
+      }
+    }
+    const result = {
+      success: true,
+      mergedState: latest.data,
+      conflictsResolved,
+      strategy: "vector-clock",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.reconciliationHistory.push(result);
+    logger.debug("[StateReconciler] State reconciled (vector-clock)", {
+      winnerVersion: latest.version,
+      conflictsResolved
+    });
+    return result;
+  }
+  /**
+   * Reconcile states using majority vote strategy
+   */
+  reconcileMajorityVote(versions) {
+    if (versions.length === 0) {
+      throw new Error("No versions to reconcile");
+    }
+    const hashGroups = /* @__PURE__ */ new Map();
+    for (const version of versions) {
+      if (!hashGroups.has(version.hash)) {
+        hashGroups.set(version.hash, []);
+      }
+      hashGroups.get(version.hash).push(version);
+    }
+    let majorityVersion = null;
+    let maxCount = 0;
+    for (const [, versionGroup] of hashGroups) {
+      if (versionGroup.length > maxCount) {
+        maxCount = versionGroup.length;
+        majorityVersion = versionGroup[0];
+      }
+    }
+    if (!majorityVersion) {
+      majorityVersion = versions[0];
+    }
+    const conflictsResolved = versions.length - maxCount;
+    const result = {
+      success: true,
+      mergedState: majorityVersion.data,
+      conflictsResolved,
+      strategy: "majority-vote",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.reconciliationHistory.push(result);
+    logger.debug("[StateReconciler] State reconciled (majority-vote)", {
+      majorityCount: maxCount,
+      conflictsResolved
+    });
+    return result;
+  }
+  /**
+   * Merge multiple states
+   */
+  mergeStates(states) {
+    if (states.length === 0) {
+      return {};
+    }
+    if (states.length === 1) {
+      return states[0];
+    }
+    const merged = {};
+    for (const state of states) {
+      if (typeof state === "object" && state !== null) {
+        Object.assign(merged, state);
+      }
+    }
+    return merged;
+  }
+  /**
+   * Validate state after reconciliation
+   */
+  validateState(state) {
+    const errors = [];
+    if (state === null) {
+      errors.push("State is null");
+    } else if (state === void 0) {
+      errors.push("State is undefined");
+    } else if (typeof state !== "object") {
+      errors.push("State is not an object");
+    }
+    return {
+      valid: errors.length === 0,
+      errors
+    };
+  }
+  /**
+   * Get state versions for a key
+   */
+  getStateVersions(key) {
+    return this.stateVersions.get(key) || [];
+  }
+  /**
+   * Get all state versions
+   */
+  getAllStateVersions() {
+    const result = {};
+    for (const [key, versions] of this.stateVersions) {
+      result[key] = [...versions];
+    }
+    return result;
+  }
+  /**
+   * Get reconciliation history
+   */
+  getReconciliationHistory() {
+    return [...this.reconciliationHistory];
+  }
+  /**
+   * Get reconciliation statistics
+   */
+  getStatistics() {
+    const resolvedConflicts = this.reconciliationHistory.reduce(
+      (sum, r) => sum + r.conflictsResolved,
+      0
+    );
+    const strategyUsage = {};
+    for (const result of this.reconciliationHistory) {
+      strategyUsage[result.strategy] = (strategyUsage[result.strategy] || 0) + 1;
+    }
+    return {
+      totalReconciliations: this.reconciliationHistory.length,
+      successfulReconciliations: this.reconciliationHistory.filter(
+        (r) => r.success
+      ).length,
+      totalConflictsResolved: resolvedConflicts,
+      averageConflictsPerReconciliation: this.reconciliationHistory.length > 0 ? resolvedConflicts / this.reconciliationHistory.length : 0,
+      strategyUsage,
+      trackedKeys: this.stateVersions.size
+    };
+  }
+  /**
+   * Clear all state (for testing)
+   */
+  clear() {
+    this.stateVersions.clear();
+    this.reconciliationHistory = [];
+    this.cryptoProvider = null;
+    this.requireSignedVersions = false;
+  }
+  /**
+   * Get the crypto provider (for advanced usage)
+   */
+  getCryptoProvider() {
+    return this.cryptoProvider;
+  }
+};
+
+// src/distributed/RecoveryLedger.ts
+function createShardKey(shardRole, shardIndex) {
+  return `${shardRole}:${shardIndex}`;
+}
+function sortStrings(values) {
+  return [...values].sort();
+}
+function clampObservedAt(observedAt) {
+  return Number.isFinite(observedAt) ? observedAt : Date.now();
+}
+var RecoveryLedger = class _RecoveryLedger {
+  objectId;
+  dataShardCount;
+  parityShardCount;
+  recoveryThreshold;
+  requestIds = /* @__PURE__ */ new Set();
+  shards = /* @__PURE__ */ new Map();
+  paths = /* @__PURE__ */ new Map();
+  constructor(config) {
+    this.objectId = config.objectId;
+    this.dataShardCount = config.dataShardCount;
+    this.parityShardCount = config.parityShardCount ?? 0;
+    this.recoveryThreshold = config.recoveryThreshold ?? config.dataShardCount;
+    if (this.dataShardCount <= 0) {
+      throw new Error("dataShardCount must be greater than 0");
+    }
+    const maximumShardUnits = this.dataShardCount + this.parityShardCount;
+    if (this.recoveryThreshold <= 0 || this.recoveryThreshold > maximumShardUnits) {
+      throw new Error("recoveryThreshold must be between 1 and the total number of shard units");
+    }
+    if ("shards" in config) {
+      this.merge(config);
+    }
+  }
+  static fromSnapshot(snapshot) {
+    return new _RecoveryLedger(snapshot);
+  }
+  getObjectId() {
+    return this.objectId;
+  }
+  registerRequest(requestId) {
+    if (requestId) {
+      this.requestIds.add(requestId);
+    }
+    return this;
+  }
+  recordShardObservation(input) {
+    this.assertShardIndex(input.shardRole, input.shardIndex);
+    const shardKey = createShardKey(input.shardRole, input.shardIndex);
+    const observedAt = clampObservedAt(input.observedAt);
+    let shard = this.shards.get(shardKey);
+    if (!shard) {
+      shard = {
+        shardRole: input.shardRole,
+        shardIndex: input.shardIndex,
+        digests: /* @__PURE__ */ new Set(),
+        requestIds: /* @__PURE__ */ new Set(),
+        observedBy: /* @__PURE__ */ new Set(),
+        sources: /* @__PURE__ */ new Set(),
+        firstObservedAt: observedAt,
+        lastObservedAt: observedAt
+      };
+      this.shards.set(shardKey, shard);
+    }
+    shard.digests.add(input.digest);
+    if (input.requestId) {
+      shard.requestIds.add(input.requestId);
+      this.requestIds.add(input.requestId);
+    }
+    if (input.observedBy) {
+      shard.observedBy.add(input.observedBy);
+    }
+    if (input.source) {
+      shard.sources.add(input.source);
+    }
+    shard.firstObservedAt = Math.min(shard.firstObservedAt, observedAt);
+    shard.lastObservedAt = Math.max(shard.lastObservedAt, observedAt);
+    return this;
+  }
+  recordPathObservation(input) {
+    const observedAt = clampObservedAt(input.observedAt);
+    let path = this.paths.get(input.pathId);
+    if (!path) {
+      path = {
+        pathId: input.pathId,
+        status: input.status,
+        requestIds: /* @__PURE__ */ new Set(),
+        observedBy: /* @__PURE__ */ new Set(),
+        reasons: /* @__PURE__ */ new Set(),
+        firstObservedAt: observedAt,
+        lastObservedAt: observedAt
+      };
+      this.paths.set(input.pathId, path);
+    }
+    if (path.status !== input.status) {
+      path.status = path.status === "succeeded" || input.status === "succeeded" ? "succeeded" : "failed";
+    }
+    if (input.requestId) {
+      path.requestIds.add(input.requestId);
+      this.requestIds.add(input.requestId);
+    }
+    if (input.observedBy) {
+      path.observedBy.add(input.observedBy);
+    }
+    if (input.reason) {
+      path.reasons.add(input.reason);
+    }
+    path.firstObservedAt = Math.min(path.firstObservedAt, observedAt);
+    path.lastObservedAt = Math.max(path.lastObservedAt, observedAt);
+    return this;
+  }
+  merge(other) {
+    const snapshot = other instanceof _RecoveryLedger ? other.snapshot() : other;
+    this.assertCompatibleSnapshot(snapshot);
+    for (const requestId of snapshot.requestIds) {
+      this.requestIds.add(requestId);
+    }
+    for (const shard of snapshot.shards) {
+      this.mergeShard(shard);
+    }
+    for (const path of snapshot.paths) {
+      this.mergePath(path);
+    }
+    return this;
+  }
+  getStatus() {
+    const availableDataShards = this.getAvailableShardIndices("data");
+    const availableParityShards = this.getAvailableShardIndices("parity");
+    const missingDataShards = this.getMissingDataShardIndices();
+    const conflictingShards = this.getConflicts();
+    const uniqueShardUnits = availableDataShards.length + availableParityShards.length;
+    const directDataComplete = availableDataShards.length === this.dataShardCount;
+    const canReconstruct = conflictingShards.length === 0 && (directDataComplete || uniqueShardUnits >= this.recoveryThreshold);
+    const needsParityDecode = canReconstruct && !directDataComplete;
+    return {
+      objectId: this.objectId,
+      requestIds: sortStrings(this.requestIds),
+      dataShardCount: this.dataShardCount,
+      parityShardCount: this.parityShardCount,
+      recoveryThreshold: this.recoveryThreshold,
+      availableDataShards,
+      availableParityShards,
+      missingDataShards,
+      uniqueShardUnits,
+      directDataComplete,
+      canReconstruct,
+      needsParityDecode,
+      conflictingShards,
+      failedPaths: this.getPathsByStatus("failed"),
+      succeededPaths: this.getPathsByStatus("succeeded")
+    };
+  }
+  snapshot() {
+    const shards = [...this.shards.values()].sort((left, right) => {
+      if (left.shardRole !== right.shardRole) {
+        return left.shardRole.localeCompare(right.shardRole);
+      }
+      return left.shardIndex - right.shardIndex;
+    }).map((shard) => ({
+      shardRole: shard.shardRole,
+      shardIndex: shard.shardIndex,
+      digests: sortStrings(shard.digests),
+      requestIds: sortStrings(shard.requestIds),
+      observedBy: sortStrings(shard.observedBy),
+      sources: sortStrings(shard.sources),
+      firstObservedAt: shard.firstObservedAt,
+      lastObservedAt: shard.lastObservedAt
+    }));
+    const paths = [...this.paths.values()].sort((left, right) => left.pathId.localeCompare(right.pathId)).map((path) => ({
+      pathId: path.pathId,
+      status: path.status,
+      requestIds: sortStrings(path.requestIds),
+      observedBy: sortStrings(path.observedBy),
+      reasons: sortStrings(path.reasons),
+      firstObservedAt: path.firstObservedAt,
+      lastObservedAt: path.lastObservedAt
+    }));
+    return {
+      objectId: this.objectId,
+      dataShardCount: this.dataShardCount,
+      parityShardCount: this.parityShardCount,
+      recoveryThreshold: this.recoveryThreshold,
+      requestIds: sortStrings(this.requestIds),
+      shards,
+      paths
+    };
+  }
+  mergeShard(shard) {
+    this.assertShardIndex(shard.shardRole, shard.shardIndex);
+    const key = createShardKey(shard.shardRole, shard.shardIndex);
+    const existing = this.shards.get(key);
+    if (!existing) {
+      this.shards.set(key, {
+        shardRole: shard.shardRole,
+        shardIndex: shard.shardIndex,
+        digests: new Set(shard.digests),
+        requestIds: new Set(shard.requestIds),
+        observedBy: new Set(shard.observedBy),
+        sources: new Set(shard.sources),
+        firstObservedAt: shard.firstObservedAt,
+        lastObservedAt: shard.lastObservedAt
+      });
+      return;
+    }
+    for (const digest of shard.digests) {
+      existing.digests.add(digest);
+    }
+    for (const requestId of shard.requestIds) {
+      existing.requestIds.add(requestId);
+      this.requestIds.add(requestId);
+    }
+    for (const observer of shard.observedBy) {
+      existing.observedBy.add(observer);
+    }
+    for (const source of shard.sources) {
+      existing.sources.add(source);
+    }
+    existing.firstObservedAt = Math.min(existing.firstObservedAt, shard.firstObservedAt);
+    existing.lastObservedAt = Math.max(existing.lastObservedAt, shard.lastObservedAt);
+  }
+  mergePath(path) {
+    const existing = this.paths.get(path.pathId);
+    if (!existing) {
+      this.paths.set(path.pathId, {
+        pathId: path.pathId,
+        status: path.status,
+        requestIds: new Set(path.requestIds),
+        observedBy: new Set(path.observedBy),
+        reasons: new Set(path.reasons),
+        firstObservedAt: path.firstObservedAt,
+        lastObservedAt: path.lastObservedAt
+      });
+      for (const requestId of path.requestIds) {
+        this.requestIds.add(requestId);
+      }
+      return;
+    }
+    existing.status = existing.status === "succeeded" || path.status === "succeeded" ? "succeeded" : "failed";
+    for (const requestId of path.requestIds) {
+      existing.requestIds.add(requestId);
+      this.requestIds.add(requestId);
+    }
+    for (const observer of path.observedBy) {
+      existing.observedBy.add(observer);
+    }
+    for (const reason of path.reasons) {
+      existing.reasons.add(reason);
+    }
+    existing.firstObservedAt = Math.min(existing.firstObservedAt, path.firstObservedAt);
+    existing.lastObservedAt = Math.max(existing.lastObservedAt, path.lastObservedAt);
+  }
+  getAvailableShardIndices(role) {
+    return [...this.shards.values()].filter((shard) => shard.shardRole === role).map((shard) => shard.shardIndex).sort((left, right) => left - right);
+  }
+  getMissingDataShardIndices() {
+    const available = new Set(this.getAvailableShardIndices("data"));
+    const missing = [];
+    for (let shardIndex = 0; shardIndex < this.dataShardCount; shardIndex++) {
+      if (!available.has(shardIndex)) {
+        missing.push(shardIndex);
+      }
+    }
+    return missing;
+  }
+  getPathsByStatus(status) {
+    return [...this.paths.values()].filter((path) => path.status === status).map((path) => path.pathId).sort();
+  }
+  getConflicts() {
+    return [...this.shards.values()].filter((shard) => shard.digests.size > 1).map((shard) => ({
+      shardRole: shard.shardRole,
+      shardIndex: shard.shardIndex,
+      digests: sortStrings(shard.digests)
+    })).sort((left, right) => {
+      if (left.shardRole !== right.shardRole) {
+        return left.shardRole.localeCompare(right.shardRole);
+      }
+      return left.shardIndex - right.shardIndex;
+    });
+  }
+  assertCompatibleSnapshot(snapshot) {
+    if (snapshot.objectId !== this.objectId) {
+      throw new Error(`RecoveryLedger object mismatch: expected ${this.objectId}, received ${snapshot.objectId}`);
+    }
+    if (snapshot.dataShardCount !== this.dataShardCount) {
+      throw new Error("RecoveryLedger dataShardCount mismatch");
+    }
+    if (snapshot.parityShardCount !== this.parityShardCount) {
+      throw new Error("RecoveryLedger parityShardCount mismatch");
+    }
+    if (snapshot.recoveryThreshold !== this.recoveryThreshold) {
+      throw new Error("RecoveryLedger recoveryThreshold mismatch");
+    }
+  }
+  assertShardIndex(role, shardIndex) {
+    const upperBound = role === "data" ? this.dataShardCount : this.parityShardCount;
+    if (!Number.isInteger(shardIndex) || shardIndex < 0 || shardIndex >= upperBound) {
+      throw new Error(`Invalid ${role} shard index ${shardIndex}`);
+    }
+  }
+};
+
+export { RecoveryLedger, ReplicationManager, StateReconciler, SyncCoordinator, SyncProtocol };
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map