@affectively/aeon 1.0.0

package/dist/distributed/index.cjs

@@ -0,0 +1,1874 @@
+'use strict';
+
+var eventemitter3 = require('eventemitter3');
+
+// src/distributed/SyncCoordinator.ts
+
+// src/utils/logger.ts
+var consoleLogger = {
+  debug: (...args) => {
+    console.debug("[AEON:DEBUG]", ...args);
+  },
+  info: (...args) => {
+    console.info("[AEON:INFO]", ...args);
+  },
+  warn: (...args) => {
+    console.warn("[AEON:WARN]", ...args);
+  },
+  error: (...args) => {
+    console.error("[AEON:ERROR]", ...args);
+  }
+};
+var currentLogger = consoleLogger;
+function getLogger() {
+  return currentLogger;
+}
+var logger = {
+  debug: (...args) => getLogger().debug(...args),
+  info: (...args) => getLogger().info(...args),
+  warn: (...args) => getLogger().warn(...args),
+  error: (...args) => getLogger().error(...args)
+};
+
+// src/distributed/SyncCoordinator.ts
+var SyncCoordinator = class extends eventemitter3.EventEmitter {
+  nodes = /* @__PURE__ */ new Map();
+  sessions = /* @__PURE__ */ new Map();
+  syncEvents = [];
+  nodeHeartbeats = /* @__PURE__ */ new Map();
+  heartbeatInterval = null;
+  // Crypto support
+  cryptoProvider = null;
+  nodesByDID = /* @__PURE__ */ new Map();
+  // DID -> nodeId
+  constructor() {
+    super();
+  }
+  /**
+   * Configure cryptographic provider for authenticated sync
+   */
+  configureCrypto(provider) {
+    this.cryptoProvider = provider;
+    logger.debug("[SyncCoordinator] Crypto configured", {
+      initialized: provider.isInitialized()
+    });
+  }
+  /**
+   * Check if crypto is configured
+   */
+  isCryptoEnabled() {
+    return this.cryptoProvider !== null && this.cryptoProvider.isInitialized();
+  }
+  /**
+   * Register a node with DID-based identity
+   */
+  async registerAuthenticatedNode(nodeInfo) {
+    const node = {
+      ...nodeInfo
+    };
+    this.nodes.set(node.id, node);
+    this.nodeHeartbeats.set(node.id, Date.now());
+    this.nodesByDID.set(nodeInfo.did, node.id);
+    if (this.cryptoProvider) {
+      await this.cryptoProvider.registerRemoteNode({
+        id: node.id,
+        did: nodeInfo.did,
+        publicSigningKey: nodeInfo.publicSigningKey,
+        publicEncryptionKey: nodeInfo.publicEncryptionKey
+      });
+    }
+    const event = {
+      type: "node-joined",
+      nodeId: node.id,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      data: { did: nodeInfo.did, authenticated: true }
+    };
+    this.syncEvents.push(event);
+    this.emit("node-joined", node);
+    logger.debug("[SyncCoordinator] Authenticated node registered", {
+      nodeId: node.id,
+      did: nodeInfo.did,
+      version: node.version
+    });
+    return node;
+  }
+  /**
+   * Get node by DID
+   */
+  getNodeByDID(did) {
+    const nodeId = this.nodesByDID.get(did);
+    if (!nodeId) return void 0;
+    return this.nodes.get(nodeId);
+  }
+  /**
+   * Get all authenticated nodes (nodes with DIDs)
+   */
+  getAuthenticatedNodes() {
+    return Array.from(this.nodes.values()).filter((n) => n.did);
+  }
+  /**
+   * Create an authenticated sync session with UCAN-based authorization
+   */
+  async createAuthenticatedSyncSession(initiatorDID, participantDIDs, options) {
+    const initiatorNodeId = this.nodesByDID.get(initiatorDID);
+    if (!initiatorNodeId) {
+      throw new Error(`Initiator node with DID ${initiatorDID} not found`);
+    }
+    const participantIds = [];
+    for (const did of participantDIDs) {
+      const nodeId = this.nodesByDID.get(did);
+      if (nodeId) {
+        participantIds.push(nodeId);
+      }
+    }
+    let sessionToken;
+    if (this.cryptoProvider && this.cryptoProvider.isInitialized()) {
+      const capabilities = (options?.requiredCapabilities || ["aeon:sync:read", "aeon:sync:write"]).map((cap) => ({ can: cap, with: "*" }));
+      if (participantDIDs.length > 0) {
+        sessionToken = await this.cryptoProvider.createUCAN(
+          participantDIDs[0],
+          capabilities,
+          { expirationSeconds: 3600 }
+          // 1 hour
+        );
+      }
+    }
+    const session = {
+      id: `sync-${Date.now()}-${Math.random().toString(36).slice(2)}`,
+      initiatorId: initiatorNodeId,
+      participantIds,
+      status: "pending",
+      startTime: (/* @__PURE__ */ new Date()).toISOString(),
+      itemsSynced: 0,
+      itemsFailed: 0,
+      conflictsDetected: 0,
+      initiatorDID,
+      participantDIDs,
+      encryptionMode: options?.encryptionMode || "none",
+      requiredCapabilities: options?.requiredCapabilities,
+      sessionToken
+    };
+    this.sessions.set(session.id, session);
+    const event = {
+      type: "sync-started",
+      sessionId: session.id,
+      nodeId: initiatorNodeId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      data: {
+        authenticated: true,
+        initiatorDID,
+        participantCount: participantDIDs.length,
+        encryptionMode: session.encryptionMode
+      }
+    };
+    this.syncEvents.push(event);
+    this.emit("sync-started", session);
+    logger.debug("[SyncCoordinator] Authenticated sync session created", {
+      sessionId: session.id,
+      initiatorDID,
+      participants: participantDIDs.length,
+      encryptionMode: session.encryptionMode
+    });
+    return session;
+  }
+  /**
+   * Verify a node's UCAN capabilities for a session
+   */
+  async verifyNodeCapabilities(sessionId, nodeDID, token) {
+    if (!this.cryptoProvider) {
+      return { authorized: true };
+    }
+    const session = this.sessions.get(sessionId);
+    if (!session) {
+      return { authorized: false, error: `Session ${sessionId} not found` };
+    }
+    const result = await this.cryptoProvider.verifyUCAN(token, {
+      requiredCapabilities: session.requiredCapabilities?.map((cap) => ({
+        can: cap,
+        with: "*"
+      }))
+    });
+    if (!result.authorized) {
+      logger.warn("[SyncCoordinator] Node capability verification failed", {
+        sessionId,
+        nodeDID,
+        error: result.error
+      });
+    }
+    return result;
+  }
+  /**
+   * Register a node in the cluster
+   */
+  registerNode(node) {
+    this.nodes.set(node.id, node);
+    this.nodeHeartbeats.set(node.id, Date.now());
+    const event = {
+      type: "node-joined",
+      nodeId: node.id,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.syncEvents.push(event);
+    this.emit("node-joined", node);
+    logger.debug("[SyncCoordinator] Node registered", {
+      nodeId: node.id,
+      address: node.address,
+      version: node.version
+    });
+  }
+  /**
+   * Deregister a node from the cluster
+   */
+  deregisterNode(nodeId) {
+    const node = this.nodes.get(nodeId);
+    if (!node) {
+      throw new Error(`Node ${nodeId} not found`);
+    }
+    this.nodes.delete(nodeId);
+    this.nodeHeartbeats.delete(nodeId);
+    const event = {
+      type: "node-left",
+      nodeId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.syncEvents.push(event);
+    this.emit("node-left", node);
+    logger.debug("[SyncCoordinator] Node deregistered", { nodeId });
+  }
+  /**
+   * Create a new sync session
+   */
+  createSyncSession(initiatorId, participantIds) {
+    const node = this.nodes.get(initiatorId);
+    if (!node) {
+      throw new Error(`Initiator node ${initiatorId} not found`);
+    }
+    const session = {
+      id: `sync-${Date.now()}-${Math.random().toString(36).slice(2)}`,
+      initiatorId,
+      participantIds,
+      status: "pending",
+      startTime: (/* @__PURE__ */ new Date()).toISOString(),
+      itemsSynced: 0,
+      itemsFailed: 0,
+      conflictsDetected: 0
+    };
+    this.sessions.set(session.id, session);
+    const event = {
+      type: "sync-started",
+      sessionId: session.id,
+      nodeId: initiatorId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.syncEvents.push(event);
+    this.emit("sync-started", session);
+    logger.debug("[SyncCoordinator] Sync session created", {
+      sessionId: session.id,
+      initiator: initiatorId,
+      participants: participantIds.length
+    });
+    return session;
+  }
+  /**
+   * Update sync session
+   */
+  updateSyncSession(sessionId, updates) {
+    const session = this.sessions.get(sessionId);
+    if (!session) {
+      throw new Error(`Session ${sessionId} not found`);
+    }
+    Object.assign(session, updates);
+    if (updates.status === "completed" || updates.status === "failed") {
+      session.endTime = (/* @__PURE__ */ new Date()).toISOString();
+      const event = {
+        type: "sync-completed",
+        sessionId,
+        nodeId: session.initiatorId,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        data: { status: updates.status, itemsSynced: session.itemsSynced }
+      };
+      this.syncEvents.push(event);
+      this.emit("sync-completed", session);
+    }
+    logger.debug("[SyncCoordinator] Sync session updated", {
+      sessionId,
+      status: session.status,
+      itemsSynced: session.itemsSynced
+    });
+  }
+  /**
+   * Record a conflict during sync
+   */
+  recordConflict(sessionId, nodeId, conflictData) {
+    const session = this.sessions.get(sessionId);
+    if (session) {
+      session.conflictsDetected++;
+      const event = {
+        type: "conflict-detected",
+        sessionId,
+        nodeId,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        data: conflictData
+      };
+      this.syncEvents.push(event);
+      this.emit("conflict-detected", { session, nodeId, conflictData });
+      logger.debug("[SyncCoordinator] Conflict recorded", {
+        sessionId,
+        nodeId,
+        totalConflicts: session.conflictsDetected
+      });
+    }
+  }
+  /**
+   * Update node status
+   */
+  updateNodeStatus(nodeId, status) {
+    const node = this.nodes.get(nodeId);
+    if (!node) {
+      throw new Error(`Node ${nodeId} not found`);
+    }
+    node.status = status;
+    this.nodeHeartbeats.set(nodeId, Date.now());
+    logger.debug("[SyncCoordinator] Node status updated", {
+      nodeId,
+      status
+    });
+  }
+  /**
+   * Record heartbeat from node
+   */
+  recordHeartbeat(nodeId) {
+    const node = this.nodes.get(nodeId);
+    if (!node) {
+      return;
+    }
+    node.lastHeartbeat = (/* @__PURE__ */ new Date()).toISOString();
+    this.nodeHeartbeats.set(nodeId, Date.now());
+  }
+  /**
+   * Get all nodes
+   */
+  getNodes() {
+    return Array.from(this.nodes.values());
+  }
+  /**
+   * Get node by ID
+   */
+  getNode(nodeId) {
+    return this.nodes.get(nodeId);
+  }
+  /**
+   * Get online nodes
+   */
+  getOnlineNodes() {
+    return Array.from(this.nodes.values()).filter((n) => n.status === "online");
+  }
+  /**
+   * Get nodes by capability
+   */
+  getNodesByCapability(capability) {
+    return Array.from(this.nodes.values()).filter(
+      (n) => n.capabilities.includes(capability)
+    );
+  }
+  /**
+   * Get sync session
+   */
+  getSyncSession(sessionId) {
+    return this.sessions.get(sessionId);
+  }
+  /**
+   * Get all sync sessions
+   */
+  getAllSyncSessions() {
+    return Array.from(this.sessions.values());
+  }
+  /**
+   * Get active sync sessions
+   */
+  getActiveSyncSessions() {
+    return Array.from(this.sessions.values()).filter((s) => s.status === "active");
+  }
+  /**
+   * Get sessions for a node
+   */
+  getSessionsForNode(nodeId) {
+    return Array.from(this.sessions.values()).filter(
+      (s) => s.initiatorId === nodeId || s.participantIds.includes(nodeId)
+    );
+  }
+  /**
+   * Get sync statistics
+   */
+  getStatistics() {
+    const sessions = Array.from(this.sessions.values());
+    const completed = sessions.filter((s) => s.status === "completed").length;
+    const failed = sessions.filter((s) => s.status === "failed").length;
+    const active = sessions.filter((s) => s.status === "active").length;
+    const totalItemsSynced = sessions.reduce((sum, s) => sum + s.itemsSynced, 0);
+    const totalConflicts = sessions.reduce((sum, s) => sum + s.conflictsDetected, 0);
+    return {
+      totalNodes: this.nodes.size,
+      onlineNodes: this.getOnlineNodes().length,
+      offlineNodes: this.nodes.size - this.getOnlineNodes().length,
+      totalSessions: sessions.length,
+      activeSessions: active,
+      completedSessions: completed,
+      failedSessions: failed,
+      successRate: sessions.length > 0 ? completed / sessions.length * 100 : 0,
+      totalItemsSynced,
+      totalConflicts,
+      averageConflictsPerSession: sessions.length > 0 ? totalConflicts / sessions.length : 0
+    };
+  }
+  /**
+   * Get sync events
+   */
+  getSyncEvents(limit) {
+    const events = [...this.syncEvents];
+    if (limit) {
+      return events.slice(-limit);
+    }
+    return events;
+  }
+  /**
+   * Get sync events for session
+   */
+  getSessionEvents(sessionId) {
+    return this.syncEvents.filter((e) => e.sessionId === sessionId);
+  }
+  /**
+   * Check node health
+   */
+  getNodeHealth() {
+    const health = {};
+    for (const [nodeId, lastHeartbeat] of this.nodeHeartbeats) {
+      const now = Date.now();
+      const downtime = now - lastHeartbeat;
+      const isHealthy = downtime < 3e4;
+      health[nodeId] = {
+        isHealthy,
+        downtime
+      };
+    }
+    return health;
+  }
+  /**
+   * Start heartbeat monitoring
+   */
+  startHeartbeatMonitoring(interval = 5e3) {
+    if (this.heartbeatInterval) {
+      return;
+    }
+    this.heartbeatInterval = setInterval(() => {
+      const health = this.getNodeHealth();
+      for (const [nodeId, { isHealthy }] of Object.entries(health)) {
+        const node = this.nodes.get(nodeId);
+        if (!node) {
+          continue;
+        }
+        const newStatus = isHealthy ? "online" : "offline";
+        if (node.status !== newStatus) {
+          this.updateNodeStatus(nodeId, newStatus);
+        }
+      }
+    }, interval);
+    logger.debug("[SyncCoordinator] Heartbeat monitoring started", { interval });
+  }
+  /**
+   * Stop heartbeat monitoring
+   */
+  stopHeartbeatMonitoring() {
+    if (this.heartbeatInterval) {
+      clearInterval(this.heartbeatInterval);
+      this.heartbeatInterval = null;
+      logger.debug("[SyncCoordinator] Heartbeat monitoring stopped");
+    }
+  }
+  /**
+   * Clear all state (for testing)
+   */
+  clear() {
+    this.nodes.clear();
+    this.sessions.clear();
+    this.syncEvents = [];
+    this.nodeHeartbeats.clear();
+    this.nodesByDID.clear();
+    this.cryptoProvider = null;
+    this.stopHeartbeatMonitoring();
+  }
+  /**
+   * Get the crypto provider (for advanced usage)
+   */
+  getCryptoProvider() {
+    return this.cryptoProvider;
+  }
+};
+
+// src/distributed/ReplicationManager.ts
+var ReplicationManager = class {
+  replicas = /* @__PURE__ */ new Map();
+  policies = /* @__PURE__ */ new Map();
+  replicationEvents = [];
+  syncStatus = /* @__PURE__ */ new Map();
+  // Crypto support
+  cryptoProvider = null;
+  replicasByDID = /* @__PURE__ */ new Map();
+  // DID -> replicaId
+  /**
+   * Configure cryptographic provider for encrypted replication
+   */
+  configureCrypto(provider) {
+    this.cryptoProvider = provider;
+    logger.debug("[ReplicationManager] Crypto configured", {
+      initialized: provider.isInitialized()
+    });
+  }
+  /**
+   * Check if crypto is configured
+   */
+  isCryptoEnabled() {
+    return this.cryptoProvider !== null && this.cryptoProvider.isInitialized();
+  }
+  /**
+   * Register an authenticated replica with DID
+   */
+  async registerAuthenticatedReplica(replica, encrypted = false) {
+    const authenticatedReplica = {
+      ...replica,
+      encrypted
+    };
+    this.replicas.set(replica.id, authenticatedReplica);
+    this.replicasByDID.set(replica.did, replica.id);
+    if (!this.syncStatus.has(replica.nodeId)) {
+      this.syncStatus.set(replica.nodeId, { synced: 0, failed: 0 });
+    }
+    if (this.cryptoProvider && replica.publicSigningKey) {
+      await this.cryptoProvider.registerRemoteNode({
+        id: replica.nodeId,
+        did: replica.did,
+        publicSigningKey: replica.publicSigningKey,
+        publicEncryptionKey: replica.publicEncryptionKey
+      });
+    }
+    const event = {
+      type: "replica-added",
+      replicaId: replica.id,
+      nodeId: replica.nodeId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      details: { did: replica.did, encrypted, authenticated: true }
+    };
+    this.replicationEvents.push(event);
+    logger.debug("[ReplicationManager] Authenticated replica registered", {
+      replicaId: replica.id,
+      did: replica.did,
+      encrypted
+    });
+    return authenticatedReplica;
+  }
+  /**
+   * Get replica by DID
+   */
+  getReplicaByDID(did) {
+    const replicaId = this.replicasByDID.get(did);
+    if (!replicaId) return void 0;
+    return this.replicas.get(replicaId);
+  }
+  /**
+   * Get all encrypted replicas
+   */
+  getEncryptedReplicas() {
+    return Array.from(this.replicas.values()).filter((r) => r.encrypted);
+  }
+  /**
+   * Encrypt data for replication to a specific replica
+   */
+  async encryptForReplica(data, targetReplicaDID) {
+    if (!this.cryptoProvider || !this.cryptoProvider.isInitialized()) {
+      throw new Error("Crypto provider not initialized");
+    }
+    const dataBytes = new TextEncoder().encode(JSON.stringify(data));
+    const encrypted = await this.cryptoProvider.encrypt(dataBytes, targetReplicaDID);
+    const localDID = this.cryptoProvider.getLocalDID();
+    return {
+      ct: encrypted.ct,
+      iv: encrypted.iv,
+      tag: encrypted.tag,
+      epk: encrypted.epk,
+      senderDID: localDID || void 0,
+      targetDID: targetReplicaDID,
+      encryptedAt: encrypted.encryptedAt
+    };
+  }
+  /**
+   * Decrypt data received from replication
+   */
+  async decryptReplicationData(encrypted) {
+    if (!this.cryptoProvider || !this.cryptoProvider.isInitialized()) {
+      throw new Error("Crypto provider not initialized");
+    }
+    const decrypted = await this.cryptoProvider.decrypt(
+      {
+        alg: "ECIES-P256",
+        ct: encrypted.ct,
+        iv: encrypted.iv,
+        tag: encrypted.tag,
+        epk: encrypted.epk
+      },
+      encrypted.senderDID
+    );
+    return JSON.parse(new TextDecoder().decode(decrypted));
+  }
+  /**
+   * Create an encrypted replication policy
+   */
+  createEncryptedPolicy(name, replicationFactor, consistencyLevel, encryptionMode, options) {
+    const policy = {
+      id: `policy-${Date.now()}-${Math.random().toString(36).slice(2)}`,
+      name,
+      replicationFactor,
+      consistencyLevel,
+      syncInterval: options?.syncInterval || 1e3,
+      maxReplicationLag: options?.maxReplicationLag || 1e4,
+      encryptionMode,
+      requiredCapabilities: options?.requiredCapabilities
+    };
+    this.policies.set(policy.id, policy);
+    logger.debug("[ReplicationManager] Encrypted policy created", {
+      policyId: policy.id,
+      name,
+      replicationFactor,
+      encryptionMode
+    });
+    return policy;
+  }
+  /**
+   * Verify a replica's capabilities via UCAN
+   */
+  async verifyReplicaCapabilities(replicaDID, token, policyId) {
+    if (!this.cryptoProvider) {
+      return { authorized: true };
+    }
+    const policy = policyId ? this.policies.get(policyId) : void 0;
+    const result = await this.cryptoProvider.verifyUCAN(token, {
+      requiredCapabilities: policy?.requiredCapabilities?.map((cap) => ({
+        can: cap,
+        with: "*"
+      }))
+    });
+    if (!result.authorized) {
+      logger.warn("[ReplicationManager] Replica capability verification failed", {
+        replicaDID,
+        error: result.error
+      });
+    }
+    return result;
+  }
+  /**
+   * Register a replica
+   */
+  registerReplica(replica) {
+    this.replicas.set(replica.id, replica);
+    if (!this.syncStatus.has(replica.nodeId)) {
+      this.syncStatus.set(replica.nodeId, { synced: 0, failed: 0 });
+    }
+    const event = {
+      type: "replica-added",
+      replicaId: replica.id,
+      nodeId: replica.nodeId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.replicationEvents.push(event);
+    logger.debug("[ReplicationManager] Replica registered", {
+      replicaId: replica.id,
+      nodeId: replica.nodeId,
+      status: replica.status
+    });
+  }
+  /**
+   * Remove a replica
+   */
+  removeReplica(replicaId) {
+    const replica = this.replicas.get(replicaId);
+    if (!replica) {
+      throw new Error(`Replica ${replicaId} not found`);
+    }
+    this.replicas.delete(replicaId);
+    const event = {
+      type: "replica-removed",
+      replicaId,
+      nodeId: replica.nodeId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.replicationEvents.push(event);
+    logger.debug("[ReplicationManager] Replica removed", { replicaId });
+  }
+  /**
+   * Create a replication policy
+   */
+  createPolicy(name, replicationFactor, consistencyLevel, syncInterval = 1e3, maxReplicationLag = 1e4) {
+    const policy = {
+      id: `policy-${Date.now()}-${Math.random().toString(36).slice(2)}`,
+      name,
+      replicationFactor,
+      consistencyLevel,
+      syncInterval,
+      maxReplicationLag
+    };
+    this.policies.set(policy.id, policy);
+    logger.debug("[ReplicationManager] Policy created", {
+      policyId: policy.id,
+      name,
+      replicationFactor,
+      consistencyLevel
+    });
+    return policy;
+  }
+  /**
+   * Update replica status
+   */
+  updateReplicaStatus(replicaId, status, lagBytes = 0, lagMillis = 0) {
+    const replica = this.replicas.get(replicaId);
+    if (!replica) {
+      throw new Error(`Replica ${replicaId} not found`);
+    }
+    replica.status = status;
+    replica.lagBytes = lagBytes;
+    replica.lagMillis = lagMillis;
+    replica.lastSyncTime = (/* @__PURE__ */ new Date()).toISOString();
+    const event = {
+      type: status === "syncing" ? "replica-synced" : "sync-failed",
+      replicaId,
+      nodeId: replica.nodeId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      details: { status, lagBytes, lagMillis }
+    };
+    this.replicationEvents.push(event);
+    const syncStatus = this.syncStatus.get(replica.nodeId);
+    if (syncStatus) {
+      if (status === "syncing" || status === "secondary") {
+        syncStatus.synced++;
+      } else if (status === "failed") {
+        syncStatus.failed++;
+      }
+    }
+    logger.debug("[ReplicationManager] Replica status updated", {
+      replicaId,
+      status,
+      lagBytes,
+      lagMillis
+    });
+  }
+  /**
+   * Get replicas for node
+   */
+  getReplicasForNode(nodeId) {
+    return Array.from(this.replicas.values()).filter((r) => r.nodeId === nodeId);
+  }
+  /**
+   * Get healthy replicas
+   */
+  getHealthyReplicas() {
+    return Array.from(this.replicas.values()).filter(
+      (r) => r.status === "secondary" || r.status === "primary"
+    );
+  }
+  /**
+   * Get syncing replicas
+   */
+  getSyncingReplicas() {
+    return Array.from(this.replicas.values()).filter((r) => r.status === "syncing");
+  }
+  /**
+   * Get failed replicas
+   */
+  getFailedReplicas() {
+    return Array.from(this.replicas.values()).filter((r) => r.status === "failed");
+  }
+  /**
+   * Check replication health for policy
+   */
+  checkReplicationHealth(policyId) {
+    const policy = this.policies.get(policyId);
+    if (!policy) {
+      throw new Error(`Policy ${policyId} not found`);
+    }
+    const healthy = this.getHealthyReplicas();
+    const maxLag = Math.max(0, ...healthy.map((r) => r.lagMillis));
+    return {
+      healthy: healthy.length >= policy.replicationFactor && maxLag <= policy.maxReplicationLag,
+      replicasInPolicy: policy.replicationFactor,
+      healthyReplicas: healthy.length,
+      replicationLag: maxLag
+    };
+  }
+  /**
+   * Get consistency level
+   */
+  getConsistencyLevel(policyId) {
+    const policy = this.policies.get(policyId);
+    if (!policy) {
+      return "eventual";
+    }
+    return policy.consistencyLevel;
+  }
+  /**
+   * Get replica
+   */
+  getReplica(replicaId) {
+    return this.replicas.get(replicaId);
+  }
+  /**
+   * Get all replicas
+   */
+  getAllReplicas() {
+    return Array.from(this.replicas.values());
+  }
+  /**
+   * Get policy
+   */
+  getPolicy(policyId) {
+    return this.policies.get(policyId);
+  }
+  /**
+   * Get all policies
+   */
+  getAllPolicies() {
+    return Array.from(this.policies.values());
+  }
+  /**
+   * Get replication statistics
+   */
+  getStatistics() {
+    const healthy = this.getHealthyReplicas().length;
+    const syncing = this.getSyncingReplicas().length;
+    const failed = this.getFailedReplicas().length;
+    const total = this.replicas.size;
+    const replicationLags = Array.from(this.replicas.values()).map((r) => r.lagMillis);
+    const avgLag = replicationLags.length > 0 ? replicationLags.reduce((a, b) => a + b) / replicationLags.length : 0;
+    const maxLag = replicationLags.length > 0 ? Math.max(...replicationLags) : 0;
+    return {
+      totalReplicas: total,
+      healthyReplicas: healthy,
+      syncingReplicas: syncing,
+      failedReplicas: failed,
+      healthiness: total > 0 ? healthy / total * 100 : 0,
+      averageReplicationLagMs: avgLag,
+      maxReplicationLagMs: maxLag,
+      totalPolicies: this.policies.size
+    };
+  }
+  /**
+   * Get replication events
+   */
+  getReplicationEvents(limit) {
+    const events = [...this.replicationEvents];
+    if (limit) {
+      return events.slice(-limit);
+    }
+    return events;
+  }
+  /**
+   * Get sync status for node
+   */
+  getSyncStatus(nodeId) {
+    return this.syncStatus.get(nodeId) || { synced: 0, failed: 0 };
+  }
+  /**
+   * Get replication lag distribution
+   */
+  getReplicationLagDistribution() {
+    const distribution = {
+      "0-100ms": 0,
+      "100-500ms": 0,
+      "500-1000ms": 0,
+      "1000+ms": 0
+    };
+    for (const replica of this.replicas.values()) {
+      if (replica.lagMillis <= 100) {
+        distribution["0-100ms"]++;
+      } else if (replica.lagMillis <= 500) {
+        distribution["100-500ms"]++;
+      } else if (replica.lagMillis <= 1e3) {
+        distribution["500-1000ms"]++;
+      } else {
+        distribution["1000+ms"]++;
+      }
+    }
+    return distribution;
+  }
+  /**
+   * Check if can satisfy consistency level
+   */
+  canSatisfyConsistency(policyId, _requiredAcks) {
+    const policy = this.policies.get(policyId);
+    if (!policy) {
+      return false;
+    }
+    const healthyCount = this.getHealthyReplicas().length;
+    switch (policy.consistencyLevel) {
+      case "eventual":
+        return true;
+      // Always achievable
+      case "read-after-write":
+        return healthyCount >= 1;
+      case "strong":
+        return healthyCount >= policy.replicationFactor;
+      default:
+        return false;
+    }
+  }
+  /**
+   * Clear all state (for testing)
+   */
+  clear() {
+    this.replicas.clear();
+    this.policies.clear();
+    this.replicationEvents = [];
+    this.syncStatus.clear();
+    this.replicasByDID.clear();
+    this.cryptoProvider = null;
+  }
+  /**
+   * Get the crypto provider (for advanced usage)
+   */
+  getCryptoProvider() {
+    return this.cryptoProvider;
+  }
+};
+
+// src/distributed/SyncProtocol.ts
+var SyncProtocol = class {
+  version = "1.0.0";
+  messageQueue = [];
+  messageMap = /* @__PURE__ */ new Map();
+  handshakes = /* @__PURE__ */ new Map();
+  protocolErrors = [];
+  messageCounter = 0;
+  // Crypto support
+  cryptoProvider = null;
+  cryptoConfig = null;
+  /**
+   * Configure cryptographic provider for authenticated/encrypted messages
+   */
+  configureCrypto(provider, config) {
+    this.cryptoProvider = provider;
+    this.cryptoConfig = {
+      encryptionMode: config?.encryptionMode ?? "none",
+      requireSignatures: config?.requireSignatures ?? false,
+      requireCapabilities: config?.requireCapabilities ?? false,
+      requiredCapabilities: config?.requiredCapabilities
+    };
+    logger.debug("[SyncProtocol] Crypto configured", {
+      encryptionMode: this.cryptoConfig.encryptionMode,
+      requireSignatures: this.cryptoConfig.requireSignatures,
+      requireCapabilities: this.cryptoConfig.requireCapabilities
+    });
+  }
+  /**
+   * Check if crypto is configured
+   */
+  isCryptoEnabled() {
+    return this.cryptoProvider !== null && this.cryptoProvider.isInitialized();
+  }
+  /**
+   * Get crypto configuration
+   */
+  getCryptoConfig() {
+    return this.cryptoConfig ? { ...this.cryptoConfig } : null;
+  }
+  /**
+   * Get protocol version
+   */
+  getVersion() {
+    return this.version;
+  }
+  /**
+   * Create authenticated handshake message with DID and keys
+   */
+  async createAuthenticatedHandshake(capabilities, targetDID) {
+    if (!this.cryptoProvider || !this.cryptoProvider.isInitialized()) {
+      throw new Error("Crypto provider not initialized");
+    }
+    const localDID = this.cryptoProvider.getLocalDID();
+    if (!localDID) {
+      throw new Error("Local DID not available");
+    }
+    const publicInfo = await this.cryptoProvider.exportPublicIdentity();
+    if (!publicInfo) {
+      throw new Error("Cannot export public identity");
+    }
+    let ucan;
+    if (targetDID && this.cryptoConfig?.requireCapabilities) {
+      const caps = this.cryptoConfig.requiredCapabilities || [
+        { can: "aeon:sync:read", with: "*" },
+        { can: "aeon:sync:write", with: "*" }
+      ];
+      ucan = await this.cryptoProvider.createUCAN(targetDID, caps);
+    }
+    const handshakePayload = {
+      protocolVersion: this.version,
+      nodeId: localDID,
+      capabilities,
+      state: "initiating",
+      did: localDID,
+      publicSigningKey: publicInfo.publicSigningKey,
+      publicEncryptionKey: publicInfo.publicEncryptionKey,
+      ucan
+    };
+    const message = {
+      type: "handshake",
+      version: this.version,
+      sender: localDID,
+      receiver: targetDID || "",
+      messageId: this.generateMessageId(),
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: handshakePayload
+    };
+    if (this.cryptoConfig?.requireSignatures) {
+      const signed = await this.cryptoProvider.signData(handshakePayload);
+      message.auth = {
+        senderDID: localDID,
+        receiverDID: targetDID,
+        signature: signed.signature
+      };
+    }
+    this.messageMap.set(message.messageId, message);
+    this.messageQueue.push(message);
+    logger.debug("[SyncProtocol] Authenticated handshake created", {
+      messageId: message.messageId,
+      did: localDID,
+      capabilities: capabilities.length,
+      hasUCAN: !!ucan
+    });
+    return message;
+  }
+  /**
+   * Verify and process an authenticated handshake
+   */
+  async verifyAuthenticatedHandshake(message) {
+    if (message.type !== "handshake") {
+      return { valid: false, error: "Message is not a handshake" };
+    }
+    const handshake = message.payload;
+    if (!this.cryptoProvider || !this.cryptoConfig) {
+      this.handshakes.set(message.sender, handshake);
+      return { valid: true, handshake };
+    }
+    if (handshake.did && handshake.publicSigningKey) {
+      await this.cryptoProvider.registerRemoteNode({
+        id: handshake.nodeId,
+        did: handshake.did,
+        publicSigningKey: handshake.publicSigningKey,
+        publicEncryptionKey: handshake.publicEncryptionKey
+      });
+    }
+    if (this.cryptoConfig.requireSignatures && message.auth?.signature) {
+      const signed = {
+        payload: handshake,
+        signature: message.auth.signature,
+        signer: message.auth.senderDID || message.sender,
+        algorithm: "ES256",
+        signedAt: Date.now()
+      };
+      const isValid = await this.cryptoProvider.verifySignedData(signed);
+      if (!isValid) {
+        logger.warn("[SyncProtocol] Handshake signature verification failed", {
+          messageId: message.messageId,
+          sender: message.sender
+        });
+        return { valid: false, error: "Invalid signature" };
+      }
+    }
+    if (this.cryptoConfig.requireCapabilities && handshake.ucan) {
+      const localDID = this.cryptoProvider.getLocalDID();
+      const result = await this.cryptoProvider.verifyUCAN(handshake.ucan, {
+        expectedAudience: localDID || void 0,
+        requiredCapabilities: this.cryptoConfig.requiredCapabilities
+      });
+      if (!result.authorized) {
+        logger.warn("[SyncProtocol] Handshake UCAN verification failed", {
+          messageId: message.messageId,
+          error: result.error
+        });
+        return { valid: false, error: result.error || "Unauthorized" };
+      }
+    }
+    this.handshakes.set(message.sender, handshake);
+    logger.debug("[SyncProtocol] Authenticated handshake verified", {
+      messageId: message.messageId,
+      did: handshake.did
+    });
+    return { valid: true, handshake };
+  }
+  /**
+   * Sign and optionally encrypt a message payload
+   */
+  async signMessage(message, payload, encrypt = false) {
+    if (!this.cryptoProvider || !this.cryptoProvider.isInitialized()) {
+      throw new Error("Crypto provider not initialized");
+    }
+    const localDID = this.cryptoProvider.getLocalDID();
+    const signed = await this.cryptoProvider.signData(payload);
+    message.auth = {
+      senderDID: localDID || void 0,
+      receiverDID: message.receiver || void 0,
+      signature: signed.signature,
+      encrypted: false
+    };
+    if (encrypt && message.receiver && this.cryptoConfig?.encryptionMode !== "none") {
+      const payloadBytes = new TextEncoder().encode(JSON.stringify(payload));
+      const encrypted = await this.cryptoProvider.encrypt(payloadBytes, message.receiver);
+      message.payload = encrypted;
+      message.auth.encrypted = true;
+      logger.debug("[SyncProtocol] Message encrypted", {
+        messageId: message.messageId,
+        recipient: message.receiver
+      });
+    } else {
+      message.payload = payload;
+    }
+    return message;
+  }
+  /**
+   * Verify signature and optionally decrypt a message
+   */
+  async verifyMessage(message) {
+    if (!this.cryptoProvider || !message.auth) {
+      return { valid: true, payload: message.payload };
+    }
+    let payload = message.payload;
+    if (message.auth.encrypted && message.payload) {
+      try {
+        const encrypted = message.payload;
+        const decrypted = await this.cryptoProvider.decrypt(
+          encrypted,
+          message.auth.senderDID
+        );
+        payload = JSON.parse(new TextDecoder().decode(decrypted));
+        logger.debug("[SyncProtocol] Message decrypted", {
+          messageId: message.messageId
+        });
+      } catch (error) {
+        return {
+          valid: false,
+          error: `Decryption failed: ${error instanceof Error ? error.message : String(error)}`
+        };
+      }
+    }
+    if (message.auth.signature && message.auth.senderDID) {
+      const signed = {
+        payload,
+        signature: message.auth.signature,
+        signer: message.auth.senderDID,
+        algorithm: "ES256",
+        signedAt: Date.now()
+      };
+      const isValid = await this.cryptoProvider.verifySignedData(signed);
+      if (!isValid) {
+        return { valid: false, error: "Invalid signature" };
+      }
+    }
+    return { valid: true, payload };
+  }
+  /**
+   * Create handshake message
+   */
+  createHandshakeMessage(nodeId, capabilities) {
+    const message = {
+      type: "handshake",
+      version: this.version,
+      sender: nodeId,
+      receiver: "",
+      messageId: this.generateMessageId(),
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: {
+        protocolVersion: this.version,
+        nodeId,
+        capabilities,
+        state: "initiating"
+      }
+    };
+    this.messageMap.set(message.messageId, message);
+    this.messageQueue.push(message);
+    logger.debug("[SyncProtocol] Handshake message created", {
+      messageId: message.messageId,
+      nodeId,
+      capabilities: capabilities.length
+    });
+    return message;
+  }
+  /**
+   * Create sync request message
+   */
+  createSyncRequestMessage(sender, receiver, sessionId, fromVersion, toVersion, filter) {
+    const message = {
+      type: "sync-request",
+      version: this.version,
+      sender,
+      receiver,
+      messageId: this.generateMessageId(),
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: {
+        sessionId,
+        fromVersion,
+        toVersion,
+        filter
+      }
+    };
+    this.messageMap.set(message.messageId, message);
+    this.messageQueue.push(message);
+    logger.debug("[SyncProtocol] Sync request created", {
+      messageId: message.messageId,
+      sessionId,
+      fromVersion,
+      toVersion
+    });
+    return message;
+  }
+  /**
+   * Create sync response message
+   */
+  createSyncResponseMessage(sender, receiver, sessionId, fromVersion, toVersion, data, hasMore = false, offset = 0) {
+    const message = {
+      type: "sync-response",
+      version: this.version,
+      sender,
+      receiver,
+      messageId: this.generateMessageId(),
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: {
+        sessionId,
+        fromVersion,
+        toVersion,
+        data,
+        hasMore,
+        offset
+      }
+    };
+    this.messageMap.set(message.messageId, message);
+    this.messageQueue.push(message);
+    logger.debug("[SyncProtocol] Sync response created", {
+      messageId: message.messageId,
+      sessionId,
+      itemCount: data.length,
+      hasMore
+    });
+    return message;
+  }
+  /**
+   * Create acknowledgement message
+   */
+  createAckMessage(sender, receiver, messageId) {
+    const message = {
+      type: "ack",
+      version: this.version,
+      sender,
+      receiver,
+      messageId: this.generateMessageId(),
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: { acknowledgedMessageId: messageId }
+    };
+    this.messageMap.set(message.messageId, message);
+    this.messageQueue.push(message);
+    return message;
+  }
+  /**
+   * Create error message
+   */
+  createErrorMessage(sender, receiver, error, relatedMessageId) {
+    const message = {
+      type: "error",
+      version: this.version,
+      sender,
+      receiver,
+      messageId: this.generateMessageId(),
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      payload: {
+        error,
+        relatedMessageId
+      }
+    };
+    this.messageMap.set(message.messageId, message);
+    this.messageQueue.push(message);
+    this.protocolErrors.push({
+      error,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    logger.error("[SyncProtocol] Error message created", {
+      messageId: message.messageId,
+      errorCode: error.code,
+      recoverable: error.recoverable
+    });
+    return message;
+  }
+  /**
+   * Validate message
+   */
+  validateMessage(message) {
+    const errors = [];
+    if (!message.type) {
+      errors.push("Message type is required");
+    }
+    if (!message.sender) {
+      errors.push("Sender is required");
+    }
+    if (!message.messageId) {
+      errors.push("Message ID is required");
+    }
+    if (!message.timestamp) {
+      errors.push("Timestamp is required");
+    }
+    try {
+      new Date(message.timestamp);
+    } catch {
+      errors.push("Invalid timestamp format");
+    }
+    return {
+      valid: errors.length === 0,
+      errors
+    };
+  }
+  /**
+   * Serialize message
+   */
+  serializeMessage(message) {
+    try {
+      return JSON.stringify(message);
+    } catch (error) {
+      logger.error("[SyncProtocol] Message serialization failed", {
+        messageId: message.messageId,
+        error: error instanceof Error ? error.message : String(error)
+      });
+      throw new Error(`Failed to serialize message: ${error instanceof Error ? error.message : String(error)}`);
+    }
+  }
+  /**
+   * Deserialize message
+   */
+  deserializeMessage(data) {
+    try {
+      const message = JSON.parse(data);
+      const validation = this.validateMessage(message);
+      if (!validation.valid) {
+        throw new Error(`Invalid message: ${validation.errors.join(", ")}`);
+      }
+      return message;
+    } catch (error) {
+      logger.error("[SyncProtocol] Message deserialization failed", {
+        error: error instanceof Error ? error.message : String(error)
+      });
+      throw new Error(`Failed to deserialize message: ${error instanceof Error ? error.message : String(error)}`);
+    }
+  }
+  /**
+   * Process handshake
+   */
+  processHandshake(message) {
+    if (message.type !== "handshake") {
+      throw new Error("Message is not a handshake");
+    }
+    const handshake = message.payload;
+    const nodeId = message.sender;
+    this.handshakes.set(nodeId, handshake);
+    logger.debug("[SyncProtocol] Handshake processed", {
+      nodeId,
+      protocolVersion: handshake.protocolVersion,
+      capabilities: handshake.capabilities.length
+    });
+    return handshake;
+  }
+  /**
+   * Get message
+   */
+  getMessage(messageId) {
+    return this.messageMap.get(messageId);
+  }
+  /**
+   * Get all messages
+   */
+  getAllMessages() {
+    return [...this.messageQueue];
+  }
+  /**
+   * Get messages by type
+   */
+  getMessagesByType(type) {
+    return this.messageQueue.filter((m) => m.type === type);
+  }
+  /**
+   * Get messages from sender
+   */
+  getMessagesFromSender(sender) {
+    return this.messageQueue.filter((m) => m.sender === sender);
+  }
+  /**
+   * Get pending messages
+   */
+  getPendingMessages(receiver) {
+    return this.messageQueue.filter((m) => m.receiver === receiver);
+  }
+  /**
+   * Get handshakes
+   */
+  getHandshakes() {
+    return new Map(this.handshakes);
+  }
+  /**
+   * Get protocol statistics
+   */
+  getStatistics() {
+    const messagesByType = {};
+    for (const message of this.messageQueue) {
+      messagesByType[message.type] = (messagesByType[message.type] || 0) + 1;
+    }
+    const errorCount = this.protocolErrors.length;
+    const recoverableErrors = this.protocolErrors.filter((e) => e.error.recoverable).length;
+    return {
+      totalMessages: this.messageQueue.length,
+      messagesByType,
+      totalHandshakes: this.handshakes.size,
+      totalErrors: errorCount,
+      recoverableErrors,
+      unrecoverableErrors: errorCount - recoverableErrors
+    };
+  }
+  /**
+   * Get protocol errors
+   */
+  getErrors() {
+    return [...this.protocolErrors];
+  }
+  /**
+   * Generate message ID
+   */
+  generateMessageId() {
+    this.messageCounter++;
+    return `msg-${Date.now()}-${this.messageCounter}`;
+  }
+  /**
+   * Clear all state (for testing)
+   */
+  clear() {
+    this.messageQueue = [];
+    this.messageMap.clear();
+    this.handshakes.clear();
+    this.protocolErrors = [];
+    this.messageCounter = 0;
+    this.cryptoProvider = null;
+    this.cryptoConfig = null;
+  }
+  /**
+   * Get the crypto provider (for advanced usage)
+   */
+  getCryptoProvider() {
+    return this.cryptoProvider;
+  }
+};
+
+// src/distributed/StateReconciler.ts
+var StateReconciler = class {
+  stateVersions = /* @__PURE__ */ new Map();
+  reconciliationHistory = [];
+  cryptoProvider = null;
+  requireSignedVersions = false;
+  /**
+   * Configure cryptographic provider for signed state versions
+   */
+  configureCrypto(provider, requireSigned = false) {
+    this.cryptoProvider = provider;
+    this.requireSignedVersions = requireSigned;
+    logger.debug("[StateReconciler] Crypto configured", {
+      initialized: provider.isInitialized(),
+      requireSigned
+    });
+  }
+  /**
+   * Check if crypto is configured
+   */
+  isCryptoEnabled() {
+    return this.cryptoProvider !== null && this.cryptoProvider.isInitialized();
+  }
+  /**
+   * Record a signed state version with cryptographic verification
+   */
+  async recordSignedStateVersion(key, version, data) {
+    if (!this.cryptoProvider || !this.cryptoProvider.isInitialized()) {
+      throw new Error("Crypto provider not initialized");
+    }
+    const localDID = this.cryptoProvider.getLocalDID();
+    if (!localDID) {
+      throw new Error("Local DID not available");
+    }
+    const dataBytes = new TextEncoder().encode(JSON.stringify(data));
+    const hashBytes = await this.cryptoProvider.hash(dataBytes);
+    const hash = Array.from(hashBytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+    const versionData = { version, data, hash };
+    const signed = await this.cryptoProvider.signData(versionData);
+    const stateVersion = {
+      version,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      nodeId: localDID,
+      hash,
+      data,
+      signerDID: localDID,
+      signature: signed.signature,
+      signedAt: signed.signedAt
+    };
+    if (!this.stateVersions.has(key)) {
+      this.stateVersions.set(key, []);
+    }
+    this.stateVersions.get(key).push(stateVersion);
+    logger.debug("[StateReconciler] Signed state version recorded", {
+      key,
+      version,
+      signerDID: localDID,
+      hash: hash.slice(0, 16) + "..."
+    });
+    return stateVersion;
+  }
+  /**
+   * Verify a state version's signature
+   */
+  async verifyStateVersion(version) {
+    if (!version.signature || !version.signerDID) {
+      if (this.requireSignedVersions) {
+        return { valid: false, error: "Signature required but not present" };
+      }
+      const dataBytes = new TextEncoder().encode(JSON.stringify(version.data));
+      if (this.cryptoProvider) {
+        const hashBytes = await this.cryptoProvider.hash(dataBytes);
+        const computedHash = Array.from(hashBytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+        if (computedHash !== version.hash) {
+          return { valid: false, error: "Hash mismatch" };
+        }
+      }
+      return { valid: true };
+    }
+    if (!this.cryptoProvider) {
+      return { valid: false, error: "Crypto provider not configured" };
+    }
+    const versionData = {
+      version: version.version,
+      data: version.data,
+      hash: version.hash
+    };
+    const signed = {
+      payload: versionData,
+      signature: version.signature,
+      signer: version.signerDID,
+      algorithm: "ES256",
+      signedAt: version.signedAt || Date.now()
+    };
+    const isValid = await this.cryptoProvider.verifySignedData(signed);
+    if (!isValid) {
+      return { valid: false, error: "Invalid signature" };
+    }
+    return { valid: true };
+  }
+  /**
+   * Reconcile with verification - only accept verified versions
+   */
+  async reconcileWithVerification(key, strategy = "last-write-wins") {
+    const versions = this.stateVersions.get(key) || [];
+    const verifiedVersions = [];
+    const verificationErrors = [];
+    for (const version of versions) {
+      const result2 = await this.verifyStateVersion(version);
+      if (result2.valid) {
+        verifiedVersions.push(version);
+      } else {
+        verificationErrors.push(
+          `Version ${version.version} from ${version.nodeId}: ${result2.error}`
+        );
+        logger.warn("[StateReconciler] Version verification failed", {
+          version: version.version,
+          nodeId: version.nodeId,
+          error: result2.error
+        });
+      }
+    }
+    if (verifiedVersions.length === 0) {
+      return {
+        success: false,
+        mergedState: null,
+        conflictsResolved: 0,
+        strategy,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+        verificationErrors
+      };
+    }
+    let result;
+    switch (strategy) {
+      case "last-write-wins":
+        result = this.reconcileLastWriteWins(verifiedVersions);
+        break;
+      case "vector-clock":
+        result = this.reconcileVectorClock(verifiedVersions);
+        break;
+      case "majority-vote":
+        result = this.reconcileMajorityVote(verifiedVersions);
+        break;
+      default:
+        result = this.reconcileLastWriteWins(verifiedVersions);
+    }
+    return { ...result, verificationErrors };
+  }
+  /**
+   * Record a state version
+   */
+  recordStateVersion(key, version, timestamp, nodeId, hash, data) {
+    if (!this.stateVersions.has(key)) {
+      this.stateVersions.set(key, []);
+    }
+    const versions = this.stateVersions.get(key);
+    versions.push({
+      version,
+      timestamp,
+      nodeId,
+      hash,
+      data
+    });
+    logger.debug("[StateReconciler] State version recorded", {
+      key,
+      version,
+      nodeId,
+      hash
+    });
+  }
+  /**
+   * Detect conflicts in state versions
+   */
+  detectConflicts(key) {
+    const versions = this.stateVersions.get(key);
+    if (!versions || versions.length <= 1) {
+      return false;
+    }
+    const hashes = new Set(versions.map((v) => v.hash));
+    return hashes.size > 1;
+  }
+  /**
+   * Compare two states and generate diff
+   */
+  compareStates(state1, state2) {
+    const diff = {
+      added: {},
+      modified: {},
+      removed: [],
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    for (const [key, value] of Object.entries(state2)) {
+      if (!(key in state1)) {
+        diff.added[key] = value;
+      } else if (JSON.stringify(state1[key]) !== JSON.stringify(value)) {
+        diff.modified[key] = { old: state1[key], new: value };
+      }
+    }
+    for (const key of Object.keys(state1)) {
+      if (!(key in state2)) {
+        diff.removed.push(key);
+      }
+    }
+    return diff;
+  }
+  /**
+   * Reconcile states using last-write-wins strategy
+   */
+  reconcileLastWriteWins(versions) {
+    if (versions.length === 0) {
+      throw new Error("No versions to reconcile");
+    }
+    const sorted = [...versions].sort(
+      (a, b) => new Date(b.timestamp).getTime() - new Date(a.timestamp).getTime()
+    );
+    const latest = sorted[0];
+    const conflictsResolved = versions.length - 1;
+    const result = {
+      success: true,
+      mergedState: latest.data,
+      conflictsResolved,
+      strategy: "last-write-wins",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.reconciliationHistory.push(result);
+    logger.debug("[StateReconciler] State reconciled (last-write-wins)", {
+      winnerNode: latest.nodeId,
+      conflictsResolved
+    });
+    return result;
+  }
+  /**
+   * Reconcile states using vector clock strategy
+   */
+  reconcileVectorClock(versions) {
+    if (versions.length === 0) {
+      throw new Error("No versions to reconcile");
+    }
+    const sorted = [...versions].sort(
+      (a, b) => new Date(b.timestamp).getTime() - new Date(a.timestamp).getTime()
+    );
+    const latest = sorted[0];
+    let conflictsResolved = 0;
+    for (const v of versions) {
+      const timeDiff = Math.abs(
+        new Date(v.timestamp).getTime() - new Date(latest.timestamp).getTime()
+      );
+      if (timeDiff > 100) {
+        conflictsResolved++;
+      }
+    }
+    const result = {
+      success: true,
+      mergedState: latest.data,
+      conflictsResolved,
+      strategy: "vector-clock",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.reconciliationHistory.push(result);
+    logger.debug("[StateReconciler] State reconciled (vector-clock)", {
+      winnerVersion: latest.version,
+      conflictsResolved
+    });
+    return result;
+  }
+  /**
+   * Reconcile states using majority vote strategy
+   */
+  reconcileMajorityVote(versions) {
+    if (versions.length === 0) {
+      throw new Error("No versions to reconcile");
+    }
+    const hashGroups = /* @__PURE__ */ new Map();
+    for (const version of versions) {
+      if (!hashGroups.has(version.hash)) {
+        hashGroups.set(version.hash, []);
+      }
+      hashGroups.get(version.hash).push(version);
+    }
+    let majorityVersion = null;
+    let maxCount = 0;
+    for (const [, versionGroup] of hashGroups) {
+      if (versionGroup.length > maxCount) {
+        maxCount = versionGroup.length;
+        majorityVersion = versionGroup[0];
+      }
+    }
+    if (!majorityVersion) {
+      majorityVersion = versions[0];
+    }
+    const conflictsResolved = versions.length - maxCount;
+    const result = {
+      success: true,
+      mergedState: majorityVersion.data,
+      conflictsResolved,
+      strategy: "majority-vote",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    this.reconciliationHistory.push(result);
+    logger.debug("[StateReconciler] State reconciled (majority-vote)", {
+      majorityCount: maxCount,
+      conflictsResolved
+    });
+    return result;
+  }
+  /**
+   * Merge multiple states
+   */
+  mergeStates(states) {
+    if (states.length === 0) {
+      return {};
+    }
+    if (states.length === 1) {
+      return states[0];
+    }
+    const merged = {};
+    for (const state of states) {
+      if (typeof state === "object" && state !== null) {
+        Object.assign(merged, state);
+      }
+    }
+    return merged;
+  }
+  /**
+   * Validate state after reconciliation
+   */
+  validateState(state) {
+    const errors = [];
+    if (state === null) {
+      errors.push("State is null");
+    } else if (state === void 0) {
+      errors.push("State is undefined");
+    } else if (typeof state !== "object") {
+      errors.push("State is not an object");
+    }
+    return {
+      valid: errors.length === 0,
+      errors
+    };
+  }
+  /**
+   * Get state versions for a key
+   */
+  getStateVersions(key) {
+    return this.stateVersions.get(key) || [];
+  }
+  /**
+   * Get all state versions
+   */
+  getAllStateVersions() {
+    const result = {};
+    for (const [key, versions] of this.stateVersions) {
+      result[key] = [...versions];
+    }
+    return result;
+  }
+  /**
+   * Get reconciliation history
+   */
+  getReconciliationHistory() {
+    return [...this.reconciliationHistory];
+  }
+  /**
+   * Get reconciliation statistics
+   */
+  getStatistics() {
+    const resolvedConflicts = this.reconciliationHistory.reduce(
+      (sum, r) => sum + r.conflictsResolved,
+      0
+    );
+    const strategyUsage = {};
+    for (const result of this.reconciliationHistory) {
+      strategyUsage[result.strategy] = (strategyUsage[result.strategy] || 0) + 1;
+    }
+    return {
+      totalReconciliations: this.reconciliationHistory.length,
+      successfulReconciliations: this.reconciliationHistory.filter((r) => r.success).length,
+      totalConflictsResolved: resolvedConflicts,
+      averageConflictsPerReconciliation: this.reconciliationHistory.length > 0 ? resolvedConflicts / this.reconciliationHistory.length : 0,
+      strategyUsage,
+      trackedKeys: this.stateVersions.size
+    };
+  }
+  /**
+   * Clear all state (for testing)
+   */
+  clear() {
+    this.stateVersions.clear();
+    this.reconciliationHistory = [];
+    this.cryptoProvider = null;
+    this.requireSignedVersions = false;
+  }
+  /**
+   * Get the crypto provider (for advanced usage)
+   */
+  getCryptoProvider() {
+    return this.cryptoProvider;
+  }
+};
+
+exports.ReplicationManager = ReplicationManager;
+exports.StateReconciler = StateReconciler;
+exports.SyncCoordinator = SyncCoordinator;
+exports.SyncProtocol = SyncProtocol;
+//# sourceMappingURL=index.cjs.map
+//# sourceMappingURL=index.cjs.map