@abraca/dabra 1.1.2 → 1.3.0

package/src/IdentityDoc.ts

@@ -132,8 +132,8 @@ export interface IdentityDocConfiguration {
 		signalingServerUrl: string;
 		/** Token for the signaling server. */
 		token: string | (() => string) | (() => Promise<string>);
-		/** E2EE identity for the data channel. */
-		e2ee?: E2EEIdentity;
+		/** E2EE identity for the data channel. Accepts a factory for lazy derivation. */
+		e2ee?: E2EEIdentity | (() => Promise<E2EEIdentity>);
 		/** ICE servers. */
 		iceServers?: RTCIceServer[];
 	};

package/src/webrtc/AbracadabraWebRTC.ts

@@ -49,10 +49,14 @@ export class AbracadabraWebRTC extends EventEmitter {
 		enableAwarenessSync: boolean;
 		enableFileTransfer: boolean;
 		fileChunkSize: number;
-		e2ee: E2EEIdentity | null;
+		e2ee: E2EEIdentity | (() => Promise<E2EEIdentity>) | null;
 		WebSocketPolyfill: any;
 	};
 
+	/** Cached resolved E2EE identity (lazily resolved from factory on first peer connect). */
+	private _resolvedE2ee: E2EEIdentity | null = null;
+	private _resolveE2eePromise: Promise<E2EEIdentity> | null = null;
+
 	public readonly peers = new Map<string, PeerState>();
 	public localPeerId: string | null = null;
 	public isConnected = false;
@@ -471,40 +475,68 @@ export class AbracadabraWebRTC extends EventEmitter {
 		return pc;
 	}
 
+	/** Resolve the E2EE identity, supporting both pre-resolved objects and lazy factories. */
+	private async resolveE2ee(): Promise<E2EEIdentity | null> {
+		if (this._resolvedE2ee) return this._resolvedE2ee;
+		if (!this.config.e2ee) return null;
+		if (typeof this.config.e2ee === "function") {
+			if (!this._resolveE2eePromise) {
+				this._resolveE2eePromise = this.config.e2ee().then((id) => {
+					this._resolvedE2ee = id;
+					return id;
+				});
+			}
+			return this._resolveE2eePromise;
+		}
+		this._resolvedE2ee = this.config.e2ee;
+		return this._resolvedE2ee;
+	}
+
 	private attachDataHandlers(peerId: string, pc: PeerConnection): void {
 		// Set up E2EE if configured.
 		if (this.config.e2ee) {
-			const e2ee = new E2EEChannel(this.config.e2ee, this.config.docId);
-			this.e2eeChannels.set(peerId, e2ee);
-			pc.router.setEncryptor(e2ee);
-
-			// Listen for key-exchange messages on the router.
-			pc.router.on("channelMessage", async ({ name, data }: { name: string; data: any }) => {
-				if (name === KEY_EXCHANGE_CHANNEL) {
-					try {
-						const buf = data instanceof ArrayBuffer ? new Uint8Array(data) : data;
-						await e2ee.handleKeyExchange(buf);
-					} catch (err) {
-						this.emit("e2eeFailed", { peerId, error: err });
-					}
-				}
-			});
-
-			// When key-exchange channel opens, send our public key.
-			pc.router.on("channelOpen", ({ name, channel }: { name: string; channel: RTCDataChannel }) => {
-				if (name === KEY_EXCHANGE_CHANNEL) {
-					channel.send(e2ee.getKeyExchangeMessage());
+			// Resolve E2EE identity (may be lazy — e.g. passkey-derived X25519 key).
+			this.resolveE2ee().then((identity) => {
+				if (!identity) {
+					this.startDataSync(peerId, pc);
+					return;
 				}
-			});
-
-			e2ee.on("established", () => {
-				this.emit("e2eeEstablished", { peerId });
-				// Now that E2EE is ready, start Y.js sync (deferred).
-				this.startDataSync(peerId, pc);
-			});
+				const e2ee = new E2EEChannel(identity, this.config.docId);
+				this.e2eeChannels.set(peerId, e2ee);
+				pc.router.setEncryptor(e2ee);
+
+				// Listen for key-exchange messages on the router.
+				pc.router.on("channelMessage", async ({ name, data }: { name: string; data: any }) => {
+					if (name === KEY_EXCHANGE_CHANNEL) {
+						try {
+							const buf = data instanceof ArrayBuffer ? new Uint8Array(data) : data;
+							await e2ee.handleKeyExchange(buf);
+						} catch (err) {
+							this.emit("e2eeFailed", { peerId, error: err });
+						}
+					}
+				});
 
-			e2ee.on("error", (err: Error) => {
+				// When key-exchange channel opens, send our public key.
+				pc.router.on("channelOpen", ({ name, channel }: { name: string; channel: RTCDataChannel }) => {
+					if (name === KEY_EXCHANGE_CHANNEL) {
+						channel.send(e2ee.getKeyExchangeMessage());
+					}
+				});
+
+				e2ee.on("established", () => {
+					this.emit("e2eeEstablished", { peerId });
+					// Now that E2EE is ready, start Y.js sync (deferred).
+					this.startDataSync(peerId, pc);
+				});
+
+				e2ee.on("error", (err: Error) => {
+					this.emit("e2eeFailed", { peerId, error: err });
+				});
+			}).catch((err) => {
 				this.emit("e2eeFailed", { peerId, error: err });
+				// Fall back to unencrypted sync on E2EE resolution failure.
+				this.startDataSync(peerId, pc);
 			});
 		} else {
 			// No E2EE — start data sync immediately.

package/src/webrtc/types.ts

@@ -158,7 +158,7 @@ export interface AbracadabraWebRTCConfiguration {
 	 * When provided, all data channel messages (except key-exchange) are
 	 * encrypted with AES-256-GCM using X25519 ECDH-derived session keys.
 	 */
-	e2ee?: import("./E2EEChannel.ts").E2EEIdentity;
+	e2ee?: import("./E2EEChannel.ts").E2EEIdentity | (() => Promise<import("./E2EEChannel.ts").E2EEIdentity>);
 
 	/** WebSocket polyfill for signaling (e.g. for Node.js). */
 	WebSocketPolyfill?: any;