@abraca/dabra 1.0.4 → 1.0.6

package/src/webrtc/DataChannelRouter.ts

@@ -1,8 +1,15 @@
 import EventEmitter from "../EventEmitter.ts";
+import type { E2EEChannel } from "./E2EEChannel.ts";
 import { CHANNEL_NAMES } from "./types.ts";
 
+/** Name of the data channel used for E2EE key exchange. */
+export const KEY_EXCHANGE_CHANNEL = "key-exchange";
+
 export class DataChannelRouter extends EventEmitter {
 	private channels = new Map<string, RTCDataChannel>();
+	private encryptor: E2EEChannel | null = null;
+	/** Channels excluded from encryption (key-exchange itself, awareness). */
+	private plaintextChannels = new Set<string>([KEY_EXCHANGE_CHANNEL]);
 
 	constructor(private connection: RTCPeerConnection) {
 		super();
@@ -13,6 +20,11 @@ export class DataChannelRouter extends EventEmitter {
 		};
 	}
 
+	/** Attach an E2EE encryptor. All channels (except key-exchange) will be encrypted. */
+	setEncryptor(encryptor: E2EEChannel): void {
+		this.encryptor = encryptor;
+	}
+
 	/** Create a named data channel (initiator side). */
 	createChannel(
 		name: string,
@@ -49,6 +61,27 @@ export class DataChannelRouter extends EventEmitter {
 		}
 	}
 
+	/**
+	 * Create namespaced channels for a child/subdocument.
+	 * Channel names are prefixed with `{childId}:` to avoid collisions.
+	 */
+	createSubdocChannels(childId: string, opts: {
+		enableDocSync: boolean;
+		enableAwareness: boolean;
+	}): void {
+		if (opts.enableDocSync) {
+			this.createChannel(`${childId}:${CHANNEL_NAMES.YJS_SYNC}`, {
+				ordered: true,
+			});
+		}
+		if (opts.enableAwareness) {
+			this.createChannel(`${childId}:${CHANNEL_NAMES.AWARENESS}`, {
+				ordered: false,
+				maxRetransmits: 0,
+			});
+		}
+	}
+
 	getChannel(name: string): RTCDataChannel | null {
 		return this.channels.get(name) ?? null;
 	}
@@ -57,6 +90,22 @@ export class DataChannelRouter extends EventEmitter {
 		return this.channels.get(name)?.readyState === "open";
 	}
 
+	/**
+	 * Send data on a named channel, encrypting if E2EE is active.
+	 * Falls back to plaintext if no encryptor is set or for exempt channels.
+	 */
+	async send(name: string, data: Uint8Array): Promise<void> {
+		const channel = this.channels.get(name);
+		if (!channel || channel.readyState !== "open") return;
+
+		if (this.encryptor?.isEstablished && !this.plaintextChannels.has(name)) {
+			const encrypted = await this.encryptor.encrypt(data);
+			channel.send(encrypted);
+		} else {
+			channel.send(data);
+		}
+	}
+
 	private registerChannel(channel: RTCDataChannel): void {
 		channel.binaryType = "arraybuffer";
 		this.channels.set(channel.label, channel);
@@ -70,11 +119,30 @@ export class DataChannelRouter extends EventEmitter {
 			this.channels.delete(channel.label);
 		};
 
-		channel.onmessage = (event) => {
-			this.emit("channelMessage", {
-				name: channel.label,
-				data: event.data,
-			});
+		channel.onmessage = async (event) => {
+			const name = channel.label;
+			let data = event.data;
+
+			// Decrypt incoming data if E2EE is active (skip plaintext channels).
+			if (
+				this.encryptor?.isEstablished &&
+				!this.plaintextChannels.has(name) &&
+				(data instanceof ArrayBuffer || data instanceof Uint8Array)
+			) {
+				try {
+					const buf =
+						data instanceof ArrayBuffer ? new Uint8Array(data) : data;
+					data = await this.encryptor.decrypt(buf);
+				} catch (err) {
+					this.emit("channelError", {
+						name,
+						error: err,
+					});
+					return;
+				}
+			}
+
+			this.emit("channelMessage", { name, data });
 		};
 
 		channel.onerror = (event) => {

package/src/webrtc/E2EEChannel.ts

@@ -0,0 +1,195 @@
+/**
+ * E2EEChannel
+ *
+ * Per-peer end-to-end encryption for WebRTC data channels using
+ * X25519 ECDH key agreement + HKDF-SHA256 + AES-256-GCM.
+ *
+ * Leverages the same cryptographic primitives as `DocKeyManager` and
+ * `CryptoIdentityKeystore` but applied to data channel messages rather
+ * than stored document keys.
+ *
+ * Key agreement flow:
+ *   1. Both peers exchange Ed25519 public keys via the `key-exchange` data channel
+ *   2. Convert Ed25519 → X25519 (Montgomery form)
+ *   3. Run X25519 ECDH to derive a shared secret
+ *   4. HKDF-SHA256(sharedSecret, salt, info) → 32-byte AES-256-GCM session key
+ *   5. All subsequent data channel messages are encrypted with this key
+ *
+ * Message wire format: [12-byte nonce || AES-256-GCM ciphertext]
+ *
+ * Dependencies: @noble/curves (already in the project for CryptoIdentityKeystore)
+ */
+
+import { x25519, ed25519 as nobleEd25519 } from "@noble/curves/ed25519.js";
+import { hkdf } from "@noble/hashes/hkdf";
+import { sha256 } from "@noble/hashes/sha256";
+import EventEmitter from "../EventEmitter.ts";
+
+const HKDF_INFO = new TextEncoder().encode("abracadabra-webrtc-e2ee-v1");
+const NONCE_BYTES = 12;
+
+export interface E2EEIdentity {
+	/** Raw 32-byte Ed25519 public key. */
+	publicKey: Uint8Array;
+	/** Raw 32-byte X25519 private key. Caller must wipe after E2EEChannel.destroy(). */
+	x25519PrivateKey: Uint8Array;
+}
+
+export class E2EEChannel extends EventEmitter {
+	private sessionKey: CryptoKey | null = null;
+	private remotePublicKey: Uint8Array | null = null;
+	private _isEstablished = false;
+
+	constructor(
+		private readonly identity: E2EEIdentity,
+		private readonly docId: string,
+	) {
+		super();
+	}
+
+	get isEstablished(): boolean {
+		return this._isEstablished;
+	}
+
+	/**
+	 * Process a key-exchange message from the remote peer.
+	 * Called when the `key-exchange` data channel receives a message.
+	 *
+	 * The message is the remote peer's raw 32-byte Ed25519 public key.
+	 * After receiving it, ECDH is computed and the session key derived.
+	 */
+	async handleKeyExchange(remoteEdPubKey: Uint8Array): Promise<void> {
+		if (remoteEdPubKey.length !== 32) {
+			this.emit("error", new Error("Invalid remote public key length"));
+			return;
+		}
+
+		this.remotePublicKey = remoteEdPubKey;
+
+		// Convert remote Ed25519 public key to X25519 (Montgomery form).
+		const remoteX25519Pub = nobleEd25519.utils.toMontgomery(remoteEdPubKey);
+
+		// X25519 ECDH: compute shared secret.
+		const sharedSecret = x25519.getSharedSecret(
+			this.identity.x25519PrivateKey,
+			remoteX25519Pub,
+		);
+
+		// Deterministic salt: docId + sorted public keys (ensures both peers derive the same key).
+		const localPub = this.identity.publicKey;
+		const remotePub = remoteEdPubKey;
+		const [first, second] = this.sortKeys(localPub, remotePub);
+		const saltParts = [
+			new TextEncoder().encode(this.docId),
+			first,
+			second,
+		];
+		const salt = new Uint8Array(
+			saltParts.reduce((acc, p) => acc + p.length, 0),
+		);
+		let offset = 0;
+		for (const part of saltParts) {
+			salt.set(part, offset);
+			offset += part.length;
+		}
+
+		// HKDF-SHA256 → 32-byte AES key.
+		const keyBytes = hkdf(sha256, sharedSecret, salt, HKDF_INFO, 32);
+
+		this.sessionKey = await crypto.subtle.importKey(
+			"raw",
+			keyBytes,
+			{ name: "AES-GCM" },
+			false,
+			["encrypt", "decrypt"],
+		);
+
+		this._isEstablished = true;
+		this.emit("established", { remotePublicKey: remoteEdPubKey });
+	}
+
+	/**
+	 * Returns the local Ed25519 public key to send to the remote peer
+	 * via the `key-exchange` data channel.
+	 */
+	getKeyExchangeMessage(): Uint8Array {
+		return this.identity.publicKey;
+	}
+
+	/**
+	 * Encrypt a message for sending over a data channel.
+	 * Returns `[12-byte nonce || AES-256-GCM ciphertext]`.
+	 *
+	 * @throws if the session key has not been established yet.
+	 */
+	async encrypt(plaintext: Uint8Array): Promise<Uint8Array> {
+		if (!this.sessionKey) {
+			throw new Error("E2EE session key not established");
+		}
+
+		const nonce = crypto.getRandomValues(new Uint8Array(NONCE_BYTES));
+		const ciphertext = new Uint8Array(
+			await crypto.subtle.encrypt(
+				{ name: "AES-GCM", iv: nonce },
+				this.sessionKey,
+				plaintext,
+			),
+		);
+
+		// Wire format: [nonce(12) || ciphertext].
+		const result = new Uint8Array(NONCE_BYTES + ciphertext.length);
+		result.set(nonce, 0);
+		result.set(ciphertext, NONCE_BYTES);
+		return result;
+	}
+
+	/**
+	 * Decrypt a message received from a data channel.
+	 * Expects `[12-byte nonce || AES-256-GCM ciphertext]`.
+	 *
+	 * @throws if the session key has not been established or decryption fails.
+	 */
+	async decrypt(data: Uint8Array): Promise<Uint8Array> {
+		if (!this.sessionKey) {
+			throw new Error("E2EE session key not established");
+		}
+
+		if (data.length < NONCE_BYTES + 16) {
+			// Minimum: nonce + AES-GCM tag (16 bytes).
+			throw new Error("E2EE ciphertext too short");
+		}
+
+		const nonce = data.slice(0, NONCE_BYTES);
+		const ciphertext = data.slice(NONCE_BYTES);
+
+		const plaintext = await crypto.subtle.decrypt(
+			{ name: "AES-GCM", iv: nonce },
+			this.sessionKey,
+			ciphertext,
+		);
+
+		return new Uint8Array(plaintext);
+	}
+
+	/** Destroy the session key and wipe sensitive material. */
+	destroy(): void {
+		this.sessionKey = null;
+		this.remotePublicKey = null;
+		this._isEstablished = false;
+		this.removeAllListeners();
+	}
+
+	// ── Private ──────────────────────────────────────────────────────────────
+
+	/** Sort two keys lexicographically so both peers produce the same order. */
+	private sortKeys(
+		a: Uint8Array,
+		b: Uint8Array,
+	): [Uint8Array, Uint8Array] {
+		for (let i = 0; i < Math.min(a.length, b.length); i++) {
+			if (a[i] < b[i]) return [a, b];
+			if (a[i] > b[i]) return [b, a];
+		}
+		return a.length <= b.length ? [a, b] : [b, a];
+	}
+}

package/src/webrtc/ManualSignaling.ts

@@ -0,0 +1,197 @@
+/**
+ * ManualSignaling
+ *
+ * Serverless signaling adapter for WebRTC peer-to-peer connections.
+ * Instead of a WebSocket server relaying SDP/ICE, peers exchange
+ * offer and answer "blobs" out-of-band (QR code, copy-paste, NFC, etc.).
+ *
+ * Designed as a drop-in replacement for `SignalingSocket` — emits the
+ * same events (`welcome`, `joined`, `offer`, `answer`, `ice`) so
+ * `AbracadabraWebRTC` can use it transparently.
+ *
+ * Flow:
+ *   Device A (initiator):
+ *     1. `createOffer()` → gathers ICE candidates → returns offer blob
+ *     2. Share blob via QR/paste
+ *     3. Receive answer blob → `acceptAnswer(blob)`
+ *
+ *   Device B (responder):
+ *     1. Receive offer blob → `acceptOffer(blob)` → returns answer blob
+ *     2. Share answer blob via QR/paste
+ */
+
+import EventEmitter from "../EventEmitter.ts";
+
+export interface ManualSignalingBlob {
+	/** SDP offer or answer. */
+	sdp: string;
+	/** Gathered ICE candidates. */
+	candidates: string[];
+	/** Peer ID of the sender. */
+	peerId: string;
+}
+
+export class ManualSignaling extends EventEmitter {
+	public localPeerId: string;
+	public isConnected = false;
+
+	private pc: RTCPeerConnection | null = null;
+	private iceServers: RTCIceServer[];
+
+	constructor(iceServers?: RTCIceServer[]) {
+		super();
+		this.localPeerId = crypto.randomUUID();
+		this.iceServers = iceServers ?? [{ urls: "stun:stun.l.google.com:19302" }];
+	}
+
+	/**
+	 * Initiator: create an offer blob with gathered ICE candidates.
+	 * Returns a blob to share with the remote peer.
+	 */
+	async createOfferBlob(): Promise<ManualSignalingBlob> {
+		this.pc = new RTCPeerConnection({ iceServers: this.iceServers });
+
+		const candidates: string[] = [];
+		const gatheringComplete = new Promise<void>((resolve) => {
+			this.pc!.onicecandidate = (event) => {
+				if (event.candidate) {
+					candidates.push(JSON.stringify(event.candidate.toJSON()));
+				} else {
+					// Null candidate = gathering complete.
+					resolve();
+				}
+			};
+		});
+
+		const offer = await this.pc.createOffer();
+		await this.pc.setLocalDescription(offer);
+		await gatheringComplete;
+
+		// Emit welcome (as if we connected to signaling).
+		this.isConnected = true;
+		this.emit("welcome", { peerId: this.localPeerId, peers: [] });
+
+		return {
+			sdp: this.pc.localDescription!.sdp,
+			candidates,
+			peerId: this.localPeerId,
+		};
+	}
+
+	/**
+	 * Responder: accept an offer blob and create an answer blob.
+	 * The answer blob should be shared back to the initiator.
+	 */
+	async acceptOffer(offerBlob: ManualSignalingBlob): Promise<ManualSignalingBlob> {
+		this.pc = new RTCPeerConnection({ iceServers: this.iceServers });
+
+		const candidates: string[] = [];
+		const gatheringComplete = new Promise<void>((resolve) => {
+			this.pc!.onicecandidate = (event) => {
+				if (event.candidate) {
+					candidates.push(JSON.stringify(event.candidate.toJSON()));
+				} else {
+					resolve();
+				}
+			};
+		});
+
+		// Set remote offer.
+		await this.pc.setRemoteDescription(
+			new RTCSessionDescription({ type: "offer", sdp: offerBlob.sdp }),
+		);
+
+		// Add remote ICE candidates.
+		for (const c of offerBlob.candidates) {
+			await this.pc.addIceCandidate(new RTCIceCandidate(JSON.parse(c)));
+		}
+
+		// Create answer.
+		const answer = await this.pc.createAnswer();
+		await this.pc.setLocalDescription(answer);
+		await gatheringComplete;
+
+		// Emit welcome + joined (remote peer from the offer).
+		this.isConnected = true;
+		this.emit("welcome", { peerId: this.localPeerId, peers: [] });
+		this.emit("joined", {
+			peer_id: offerBlob.peerId,
+			user_id: offerBlob.peerId,
+			muted: false,
+			video: false,
+			screen: false,
+			name: null,
+			color: null,
+		});
+
+		// Emit the offer so AbracadabraWebRTC handles it.
+		this.emit("offer", { from: offerBlob.peerId, sdp: offerBlob.sdp });
+
+		// Feed ICE candidates.
+		for (const c of offerBlob.candidates) {
+			this.emit("ice", { from: offerBlob.peerId, candidate: c });
+		}
+
+		return {
+			sdp: this.pc.localDescription!.sdp,
+			candidates,
+			peerId: this.localPeerId,
+		};
+	}
+
+	/**
+	 * Initiator: accept the answer blob from the responder.
+	 * Completes the connection.
+	 */
+	async acceptAnswer(answerBlob: ManualSignalingBlob): Promise<void> {
+		if (!this.pc) throw new Error("Call createOfferBlob() first");
+
+		// Emit joined for the remote peer.
+		this.emit("joined", {
+			peer_id: answerBlob.peerId,
+			user_id: answerBlob.peerId,
+			muted: false,
+			video: false,
+			screen: false,
+			name: null,
+			color: null,
+		});
+
+		// Emit the answer so AbracadabraWebRTC handles it.
+		this.emit("answer", { from: answerBlob.peerId, sdp: answerBlob.sdp });
+
+		// Feed ICE candidates.
+		for (const c of answerBlob.candidates) {
+			this.emit("ice", { from: answerBlob.peerId, candidate: c });
+		}
+	}
+
+	// ── SignalingSocket-compatible stubs ─────────────────────────────────────
+	// These are no-ops since manual signaling doesn't relay through a server.
+
+	sendOffer(_to: string, _sdp: string): void {}
+	sendAnswer(_to: string, _sdp: string): void {}
+	sendIce(_to: string, _candidate: string): void {}
+	sendMute(_muted: boolean): void {}
+	sendMediaState(_video: boolean, _screen: boolean): void {}
+	sendProfile(_name: string, _color: string): void {}
+	sendLeave(): void {}
+
+	async connect(): Promise<void> {
+		// No-op — connection is initiated via createOfferBlob() or acceptOffer().
+	}
+
+	disconnect(): void {
+		this.isConnected = false;
+		if (this.pc) {
+			this.pc.close();
+			this.pc = null;
+		}
+		this.emit("disconnected");
+	}
+
+	destroy(): void {
+		this.disconnect();
+		this.removeAllListeners();
+	}
+}

package/src/webrtc/YjsDataChannel.ts

@@ -23,11 +23,26 @@ export class YjsDataChannel {
 	private channelOpenHandler: ((data: { name: string; channel: RTCDataChannel }) => void) | null = null;
 	private channelMessageHandler: ((data: { name: string; data: any }) => void) | null = null;
 
+	/** Channel names used for sync and awareness (supports namespaced subdoc channels). */
+	private readonly syncChannelName: string;
+	private readonly awarenessChannelName: string;
+
+	/**
+	 * @param document - The Y.Doc to sync
+	 * @param awareness - Optional Awareness instance
+	 * @param router - DataChannelRouter for the peer connection
+	 * @param channelPrefix - Optional prefix for subdocument channels (e.g. `"{childId}:"`)
+	 */
 	constructor(
 		private readonly document: Y.Doc,
 		private readonly awareness: Awareness | null,
 		private readonly router: DataChannelRouter,
-	) {}
+		channelPrefix?: string,
+	) {
+		const prefix = channelPrefix ?? "";
+		this.syncChannelName = `${prefix}${CHANNEL_NAMES.YJS_SYNC}`;
+		this.awarenessChannelName = `${prefix}${CHANNEL_NAMES.AWARENESS}`;
+	}
 
 	/** Start listening for Y.js updates and data channel messages. */
 	attach(): void {
@@ -36,13 +51,12 @@ export class YjsDataChannel {
 			// Don't echo updates we received from this data channel.
 			if (origin === this) return;
 
-			const channel = this.router.getChannel(CHANNEL_NAMES.YJS_SYNC);
-			if (!channel || channel.readyState !== "open") return;
+			if (!this.router.isOpen(this.syncChannelName)) return;
 
 			const encoder = encoding.createEncoder();
 			encoding.writeVarUint(encoder, YJS_MSG.UPDATE);
 			encoding.writeVarUint8Array(encoder, update);
-			channel.send(encoding.toUint8Array(encoder));
+			this.router.send(this.syncChannelName, encoding.toUint8Array(encoder));
 		};
 		this.document.on("update", this.docUpdateHandler);
 
@@ -52,21 +66,20 @@ export class YjsDataChannel {
 				{ added, updated, removed }: { added: number[]; updated: number[]; removed: number[] },
 				_origin: any,
 			) => {
-				const channel = this.router.getChannel(CHANNEL_NAMES.AWARENESS);
-				if (!channel || channel.readyState !== "open") return;
+				if (!this.router.isOpen(this.awarenessChannelName)) return;
 
 				const changedClients = added.concat(updated).concat(removed);
 				const update = encodeAwarenessUpdate(this.awareness!, changedClients);
-				channel.send(update);
+				this.router.send(this.awarenessChannelName, update);
 			};
 			this.awareness.on("update", this.awarenessUpdateHandler);
 		}
 
 		// Handle incoming data channel messages.
 		this.channelMessageHandler = ({ name, data }: { name: string; data: any }) => {
-			if (name === CHANNEL_NAMES.YJS_SYNC) {
+			if (name === this.syncChannelName) {
 				this.handleSyncMessage(data);
-			} else if (name === CHANNEL_NAMES.AWARENESS) {
+			} else if (name === this.awarenessChannelName) {
 				this.handleAwarenessMessage(data);
 			}
 		};
@@ -74,37 +87,33 @@ export class YjsDataChannel {
 
 		// When sync channel opens, initiate sync handshake.
 		this.channelOpenHandler = ({ name }: { name: string; channel: RTCDataChannel }) => {
-			if (name === CHANNEL_NAMES.YJS_SYNC) {
+			if (name === this.syncChannelName) {
 				this.sendSyncStep1();
-			} else if (name === CHANNEL_NAMES.AWARENESS && this.awareness) {
+			} else if (name === this.awarenessChannelName && this.awareness) {
 				// Send full awareness state on channel open.
-				const channel = this.router.getChannel(CHANNEL_NAMES.AWARENESS);
-				if (channel?.readyState === "open") {
+				if (this.router.isOpen(this.awarenessChannelName)) {
 					const update = encodeAwarenessUpdate(
 						this.awareness,
 						Array.from(this.awareness.getStates().keys()),
 					);
-					channel.send(update);
+					this.router.send(this.awarenessChannelName, update);
 				}
 			}
 		};
 		this.router.on("channelOpen", this.channelOpenHandler);
 
 		// If sync channel is already open, start sync immediately.
-		if (this.router.isOpen(CHANNEL_NAMES.YJS_SYNC)) {
+		if (this.router.isOpen(this.syncChannelName)) {
 			this.sendSyncStep1();
 		}
 
 		// If awareness channel is already open, send state immediately.
-		if (this.awareness && this.router.isOpen(CHANNEL_NAMES.AWARENESS)) {
-			const channel = this.router.getChannel(CHANNEL_NAMES.AWARENESS);
-			if (channel?.readyState === "open") {
-				const update = encodeAwarenessUpdate(
-					this.awareness,
-					Array.from(this.awareness.getStates().keys()),
-				);
-				channel.send(update);
-			}
+		if (this.awareness && this.router.isOpen(this.awarenessChannelName)) {
+			const update = encodeAwarenessUpdate(
+				this.awareness,
+				Array.from(this.awareness.getStates().keys()),
+			);
+			this.router.send(this.awarenessChannelName, update);
 		}
 	}
 
@@ -138,13 +147,12 @@ export class YjsDataChannel {
 	}
 
 	private sendSyncStep1(): void {
-		const channel = this.router.getChannel(CHANNEL_NAMES.YJS_SYNC);
-		if (!channel || channel.readyState !== "open") return;
+		if (!this.router.isOpen(this.syncChannelName)) return;
 
 		const encoder = encoding.createEncoder();
 		encoding.writeVarUint(encoder, YJS_MSG.SYNC);
 		syncProtocol.writeSyncStep1(encoder, this.document);
-		channel.send(encoding.toUint8Array(encoder));
+		this.router.send(this.syncChannelName, encoding.toUint8Array(encoder));
 	}
 
 	private handleSyncMessage(data: ArrayBuffer | Uint8Array): void {
@@ -170,9 +178,8 @@ export class YjsDataChannel {
 					responseEncoder,
 					encoding.toUint8Array(encoder),
 				);
-				const channel = this.router.getChannel(CHANNEL_NAMES.YJS_SYNC);
-				if (channel?.readyState === "open") {
-					channel.send(encoding.toUint8Array(responseEncoder));
+				if (this.router.isOpen(this.syncChannelName)) {
+					this.router.send(this.syncChannelName, encoding.toUint8Array(responseEncoder));
 				}
 			}
 

package/src/webrtc/index.ts

@@ -1,9 +1,13 @@
 export { AbracadabraWebRTC } from "./AbracadabraWebRTC.ts";
 export { SignalingSocket } from "./SignalingSocket.ts";
 export { PeerConnection } from "./PeerConnection.ts";
-export { DataChannelRouter } from "./DataChannelRouter.ts";
+export { DataChannelRouter, KEY_EXCHANGE_CHANNEL } from "./DataChannelRouter.ts";
 export { YjsDataChannel } from "./YjsDataChannel.ts";
 export { FileTransferChannel, FileTransferHandle } from "./FileTransferChannel.ts";
+export { E2EEChannel } from "./E2EEChannel.ts";
+export type { E2EEIdentity } from "./E2EEChannel.ts";
+export { ManualSignaling } from "./ManualSignaling.ts";
+export type { ManualSignalingBlob } from "./ManualSignaling.ts";
 export type {
 	AbracadabraWebRTCConfiguration,
 	PeerInfo,