npm - @abraca/dabra - Versions diffs - 1.0.23 → 1.0.25 - Mend

@abraca/dabra 1.0.23 → 1.0.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/abracadabra-provider.cjs +280 -12
package/dist/abracadabra-provider.cjs.map +1 -1
package/dist/abracadabra-provider.esm.js +280 -13
package/dist/abracadabra-provider.esm.js.map +1 -1
package/dist/index.d.ts +87 -2
package/package.json +1 -1
package/src/DeviceRegistrationService.ts +243 -0
package/src/IdentityDoc.ts +143 -1
package/src/index.ts +4 -0
package/src/webrtc/AbracadabraWebRTC.ts +32 -15
package/src/webrtc/DevicePairingChannel.ts +12 -0

package/dist/abracadabra-provider.cjs CHANGED Viewed

@@ -9987,17 +9987,20 @@ var AbracadabraWebRTC = class AbracadabraWebRTC extends EventEmitter {
 		const pc = this.peerConnections.get(peerId);
 		if (!pc) return;
 		const channelName = "custom";
-		let channel = pc.router.getChannel(channelName);
-		if (!channel || channel.readyState !== "open") {
-			channel = pc.router.createChannel(channelName, { ordered: true });
-			channel.onopen = () => {
-				const data = new TextEncoder().encode(payload);
-				pc.router.send(channelName, data);
-			};
+		const channel = pc.router.getChannel(channelName);
+		if (channel && channel.readyState === "open") {
+			const data = new TextEncoder().encode(payload);
+			pc.router.send(channelName, data).catch(() => {});
 			return;
 		}
-		const data = new TextEncoder().encode(payload);
-		pc.router.send(channelName, data);
+		const onOpen = ({ name }) => {
+			if (name === channelName) {
+				pc.router.off("channelOpen", onOpen);
+				const data = new TextEncoder().encode(payload);
+				pc.router.send(channelName, data).catch(() => {});
+			}
+		};
+		pc.router.on("channelOpen", onOpen);
 	}
 	/**
 	* Send a custom string message to all connected peers.
@@ -10078,9 +10081,14 @@ var AbracadabraWebRTC = class AbracadabraWebRTC extends EventEmitter {
 			this.e2eeChannels.set(peerId, e2ee);
 			pc.router.setEncryptor(e2ee);
 			pc.router.on("channelMessage", async ({ name, data }) => {
-				if (name === KEY_EXCHANGE_CHANNEL) {
+				if (name === KEY_EXCHANGE_CHANNEL) try {
 					const buf = data instanceof ArrayBuffer ? new Uint8Array(data) : data;
 					await e2ee.handleKeyExchange(buf);
+				} catch (err) {
+					this.emit("e2eeFailed", {
+						peerId,
+						error: err
+					});
 				}
 			});
 			pc.router.on("channelOpen", ({ name, channel }) => {
@@ -10148,10 +10156,16 @@ var AbracadabraWebRTC = class AbracadabraWebRTC extends EventEmitter {
 			enableAwareness: this.config.enableAwarenessSync,
 			enableFileTransfer: this.config.enableFileTransfer
 		});
+		pc.router.createChannel("custom", { ordered: true });
 		try {
 			const sdp = await pc.createOffer();
 			this.signaling?.sendOffer(peerId, sdp);
-		} catch {
+		} catch (err) {
+			this.emit("error", {
+				type: "offer-failed",
+				peerId,
+				error: err
+			});
 			this.removePeer(peerId);
 		}
 	}
@@ -10169,7 +10183,12 @@ var AbracadabraWebRTC = class AbracadabraWebRTC extends EventEmitter {
 		try {
 			const answerSdp = await pc.setRemoteOffer(sdp);
 			this.signaling?.sendAnswer(from, answerSdp);
-		} catch {
+		} catch (err) {
+			this.emit("error", {
+				type: "answer-failed",
+				peerId: from,
+				error: err
+			});
 			this.removePeer(from);
 		}
 	}
@@ -10587,6 +10606,12 @@ var DevicePairingChannel = class DevicePairingChannel extends EventEmitter {
 		this.webrtc.on("customMessage", ({ peerId, payload }) => {
 			this.handleMessage(peerId, payload);
 		});
+		this.webrtc.on("e2eeFailed", ({ peerId, error }) => {
+			if (!this._destroyed) this.emit("error", /* @__PURE__ */ new Error(`E2EE failed: ${error?.message ?? error}`));
+		});
+		this.webrtc.on("error", (err) => {
+			if (!this._destroyed) this.emit("error", /* @__PURE__ */ new Error(`WebRTC: ${err?.type ?? err?.message ?? "unknown"}`));
+		});
 		this.webrtc.on("peerLeft", () => {
 			if (!this._destroyed) this.emit("error", /* @__PURE__ */ new Error("Peer disconnected"));
 		});
@@ -10928,6 +10953,9 @@ var IdentityDocProvider = class extends EventEmitter {
 	get pluginsMap() {
 		return this.document.getMap("plugins");
 	}
+	get devicesMap() {
+		return this.document.getMap("devices");
+	}
 	get preferencesMap() {
 		return this.document.getMap("preferences");
 	}
@@ -11055,6 +11083,97 @@ var IdentityDocProvider = class extends EventEmitter {
 	setPreference(key, value) {
 		this.preferencesMap.set(key, value);
 	}
+	getDevice(publicKey) {
+		const entry = this.devicesMap.get(publicKey);
+		if (!entry) return void 0;
+		const servers = /* @__PURE__ */ new Map();
+		const serversYMap = entry.get("servers");
+		if (serversYMap) serversYMap.forEach((sEntry, url) => {
+			servers.set(url, {
+				registered: sEntry.get("registered") ?? false,
+				registeredAt: sEntry.get("registeredAt") ?? null,
+				keyId: sEntry.get("keyId") ?? null,
+				lastVerifiedAt: sEntry.get("lastVerifiedAt") ?? null,
+				error: sEntry.get("error") ?? null
+			});
+		});
+		return {
+			deviceName: entry.get("deviceName") ?? "Unknown",
+			tier: entry.get("tier") ?? "paired",
+			x25519Key: entry.get("x25519Key") ?? null,
+			addedAt: entry.get("addedAt") ?? 0,
+			revokedAt: entry.get("revokedAt") ?? null,
+			revokedBy: entry.get("revokedBy") ?? null,
+			servers
+		};
+	}
+	getDevices() {
+		const result = /* @__PURE__ */ new Map();
+		this.devicesMap.forEach((_entry, pubKey) => {
+			const device = this.getDevice(pubKey);
+			if (device) result.set(pubKey, device);
+		});
+		return result;
+	}
+	addDevice(publicKey, opts) {
+		this.document.transact(() => {
+			let entry = this.devicesMap.get(publicKey);
+			if (!entry) {
+				entry = new yjs.Map();
+				this.devicesMap.set(publicKey, entry);
+			}
+			entry.set("deviceName", opts.deviceName);
+			entry.set("tier", opts.tier);
+			if (opts.x25519Key) entry.set("x25519Key", opts.x25519Key);
+			entry.set("addedAt", Date.now());
+			entry.set("revokedAt", null);
+			entry.set("revokedBy", null);
+			if (opts.serverUrl) {
+				let servers = entry.get("servers");
+				if (!servers) {
+					servers = new yjs.Map();
+					entry.set("servers", servers);
+				}
+				const sEntry = new yjs.Map();
+				sEntry.set("registered", true);
+				sEntry.set("registeredAt", Date.now());
+				sEntry.set("keyId", opts.keyId ?? null);
+				sEntry.set("lastVerifiedAt", Date.now());
+				sEntry.set("error", null);
+				servers.set(opts.serverUrl, sEntry);
+			}
+		});
+	}
+	revokeDevice(publicKey, revokedBy) {
+		const entry = this.devicesMap.get(publicKey);
+		if (!entry) return;
+		this.document.transact(() => {
+			entry.set("revokedAt", Date.now());
+			entry.set("revokedBy", revokedBy);
+		});
+	}
+	setDeviceServerStatus(devicePubKey, serverUrl, status) {
+		const entry = this.devicesMap.get(devicePubKey);
+		if (!entry) return;
+		this.document.transact(() => {
+			let servers = entry.get("servers");
+			if (!servers) {
+				servers = new yjs.Map();
+				entry.set("servers", servers);
+			}
+			let sEntry = servers.get(serverUrl);
+			if (!sEntry) {
+				sEntry = new yjs.Map();
+				sEntry.set("registered", false);
+				sEntry.set("registeredAt", null);
+				sEntry.set("keyId", null);
+				sEntry.set("lastVerifiedAt", null);
+				sEntry.set("error", null);
+				servers.set(serverUrl, sEntry);
+			}
+			for (const [key, value] of Object.entries(status)) if (value !== void 0) sEntry.set(key, value);
+		});
+	}
 	/**
 	* Observe deep changes on a specific top-level map.
 	* Returns an unsubscribe function.
@@ -11119,6 +11238,154 @@ var IdentityDocProvider = class extends EventEmitter {
 	}
 };
+//#endregion
+//#region packages/provider/src/DeviceRegistrationService.ts
+/**
+* Handles cross-server device key registration and revocation propagation.
+*
+* All methods operate on the identity Y.Doc's `devicesMap` and authenticate
+* independently on each server using the master key's `signChallenge`.
+*/
+var DeviceRegistrationService = class {
+	/**
+	* Fan out a device key to all servers in `serversMap` where it isn't registered.
+	*
+	* Must be called from a master device that can sign challenges with the
+	* account-level private key.
+	*/
+	static async fanOutDeviceKey(opts) {
+		const { devicePubKey, x25519Key, deviceName, identityDoc, masterPubKey, signChallenge, skipServerUrl } = opts;
+		const servers = identityDoc.getServers();
+		const results = [];
+		if (!identityDoc.getDevice(devicePubKey)) identityDoc.addDevice(devicePubKey, {
+			deviceName: deviceName ?? "Unknown",
+			tier: "paired",
+			x25519Key
+		});
+		for (const [serverUrl] of servers) {
+			if (skipServerUrl && serverUrl === skipServerUrl) continue;
+			if ((identityDoc.getDevice(devicePubKey)?.servers.get(serverUrl))?.registered) continue;
+			try {
+				const client = new AbracadabraClient({ url: serverUrl });
+				await client.loginWithKey(masterPubKey, signChallenge);
+				await client.addKey({
+					publicKey: devicePubKey,
+					x25519Key,
+					deviceName
+				});
+				const match = (await client.listKeys()).find((k) => k.publicKey === devicePubKey && !k.revoked);
+				identityDoc.setDeviceServerStatus(devicePubKey, serverUrl, {
+					registered: true,
+					registeredAt: Date.now(),
+					keyId: match?.id ?? null,
+					lastVerifiedAt: Date.now(),
+					error: null
+				});
+				results.push({
+					serverUrl,
+					success: true
+				});
+			} catch (e) {
+				identityDoc.setDeviceServerStatus(devicePubKey, serverUrl, { error: e?.message ?? "Registration failed" });
+				results.push({
+					serverUrl,
+					success: false,
+					error: e?.message ?? "Registration failed"
+				});
+			}
+		}
+		return results;
+	}
+	/**
+	* Propagate pending revocations from the identity Y.Doc to all servers.
+	*
+	* Scans `devicesMap` for entries with `revokedAt` set and revokes them
+	* on every server where they're still registered. Must be called from
+	* a master device.
+	*/
+	static async propagateRevocations(opts) {
+		const { identityDoc, masterPubKey, signChallenge } = opts;
+		const devices = identityDoc.getDevices();
+		const results = [];
+		for (const [devicePubKey, device] of devices) {
+			if (!device.revokedAt) continue;
+			for (const [serverUrl, serverStatus] of device.servers) {
+				if (!serverStatus.registered || !serverStatus.keyId) continue;
+				try {
+					const client = new AbracadabraClient({ url: serverUrl });
+					await client.loginWithKey(masterPubKey, signChallenge);
+					await client.revokeKey(serverStatus.keyId);
+					identityDoc.setDeviceServerStatus(devicePubKey, serverUrl, {
+						registered: false,
+						error: null
+					});
+					results.push({
+						serverUrl,
+						success: true
+					});
+				} catch (e) {
+					results.push({
+						serverUrl,
+						success: false,
+						error: e?.message ?? "Revocation failed"
+					});
+				}
+			}
+		}
+		return results;
+	}
+	/**
+	* Reconcile the identity Y.Doc's `devicesMap` with a server's actual
+	* device key list. Call this on every server connection.
+	*
+	* - Updates registration status in Y.Doc to match server reality
+	* - Imports unknown server keys as legacy entries
+	* - Executes pending revocations if the caller is a master device
+	*/
+	static async reconcile(opts) {
+		const { identityDoc, serverUrl, client, isMaster } = opts;
+		let serverKeys;
+		try {
+			serverKeys = await client.listKeys();
+		} catch {
+			return;
+		}
+		const devicesMap = identityDoc.devicesMap;
+		devicesMap.forEach((yEntry, devicePub) => {
+			const serverEntry = yEntry.get("servers")?.get(serverUrl);
+			const serverKey = serverKeys.find((k) => k.publicKey === devicePub);
+			const revokedAt = yEntry.get("revokedAt");
+			if (serverEntry?.get("registered") && !serverKey) identityDoc.setDeviceServerStatus(devicePub, serverUrl, {
+				registered: false,
+				keyId: null
+			});
+			if (serverKey && !serverKey.revoked) {
+				if (!serverEntry?.get("registered")) identityDoc.setDeviceServerStatus(devicePub, serverUrl, {
+					registered: true,
+					keyId: serverKey.id,
+					lastVerifiedAt: Date.now()
+				});
+				else identityDoc.setDeviceServerStatus(devicePub, serverUrl, {
+					lastVerifiedAt: Date.now(),
+					keyId: serverKey.id
+				});
+				if (revokedAt && isMaster) client.revokeKey(serverKey.id).then(() => {
+					identityDoc.setDeviceServerStatus(devicePub, serverUrl, { registered: false });
+				}).catch(() => {});
+			}
+		});
+		for (const key of serverKeys) {
+			if (key.revoked) continue;
+			if (!devicesMap.has(key.publicKey)) identityDoc.addDevice(key.publicKey, {
+				deviceName: key.deviceName ?? "Unknown",
+				tier: "paired",
+				serverUrl,
+				keyId: key.id
+			});
+		}
+	}
+};
 //#endregion
 exports.AbracadabraBaseProvider = AbracadabraBaseProvider;
 exports.AbracadabraClient = AbracadabraClient;
@@ -11137,6 +11404,7 @@ exports.DEFAULT_FILE_CHUNK_SIZE = DEFAULT_FILE_CHUNK_SIZE;
 exports.DEFAULT_ICE_SERVERS = DEFAULT_ICE_SERVERS;
 exports.DataChannelRouter = DataChannelRouter;
 exports.DevicePairingChannel = DevicePairingChannel;
+exports.DeviceRegistrationService = DeviceRegistrationService;
 exports.DocKeyManager = DocKeyManager;
 exports.DocumentCache = DocumentCache;
 exports.E2EAbracadabraProvider = E2EAbracadabraProvider;