@agentunion/fastaun 0.2.20 → 0.3.1

package/dist/keystore/aid-db.js

@@ -1,10 +1,8 @@
 /**
  * Per-AID SQLite 数据库。
  *
- * SQLite SDK 统一规则：
- * - schema 与 Python / Go 完全一致
- * - 敏感字段写入时一律字段级加密
- * - 读取时兼容密文 JSON 与历史明文
+ * E2EE V2 ONLY：这里不再提供旧版 E2EE 密钥材料存储。
+ * V2 设备密钥由 `v2/session/keystore.ts` 通过同一个 SQLite 句柄维护。
  */
 import { mkdirSync } from 'node:fs';
 import { createRequire } from 'node:module';
@@ -20,95 +18,44 @@ function configureDatabase(db, busyTimeoutMs) {
     }
     db.exec('PRAGMA synchronous = NORMAL');
 }
-function runImmediateTransaction(db, fn) {
-    db.exec('BEGIN IMMEDIATE');
-    try {
-        const result = fn();
-        db.exec('COMMIT');
-        return result;
-    }
-    catch (err) {
-        try {
-            if (db.isTransaction)
-                db.exec('ROLLBACK');
-        }
-        catch {
-            /* ignore rollback failure */
-        }
-        throw err;
-    }
-}
 const DDL_STATEMENTS = [
-    `CREATE TABLE IF NOT EXISTS _schema_version (
-    id INTEGER PRIMARY KEY CHECK (id = 1),
-    version INTEGER NOT NULL
-  )`,
-    `CREATE TABLE IF NOT EXISTS tokens (
-    key TEXT PRIMARY KEY,
-    value TEXT NOT NULL,
-    updated_at INTEGER NOT NULL
-  )`,
-    `CREATE TABLE IF NOT EXISTS prekeys (
-    prekey_id TEXT NOT NULL,
-    device_id TEXT NOT NULL DEFAULT '',
-    private_key_enc TEXT NOT NULL DEFAULT '',
-    data TEXT NOT NULL DEFAULT '{}',
-    created_at INTEGER,
-    updated_at INTEGER NOT NULL,
-    expires_at INTEGER,
-    PRIMARY KEY (prekey_id, device_id)
+    `CREATE TABLE IF NOT EXISTS _schema_version (
+    id INTEGER PRIMARY KEY CHECK (id = 1),
+    version INTEGER NOT NULL
   )`,
-    `CREATE INDEX IF NOT EXISTS idx_prekeys_device ON prekeys (device_id, created_at)`,
-    `CREATE TABLE IF NOT EXISTS group_current (
-    group_id TEXT PRIMARY KEY,
-    epoch INTEGER NOT NULL,
-    secret_enc TEXT NOT NULL DEFAULT '',
-    data TEXT NOT NULL DEFAULT '{}',
-    updated_at INTEGER NOT NULL
+    `CREATE TABLE IF NOT EXISTS tokens (
+    key TEXT PRIMARY KEY,
+    value TEXT NOT NULL,
+    updated_at INTEGER NOT NULL
   )`,
-    `CREATE TABLE IF NOT EXISTS group_old_epochs (
-    group_id TEXT NOT NULL,
-    epoch INTEGER NOT NULL,
-    secret_enc TEXT NOT NULL DEFAULT '',
-    data TEXT NOT NULL DEFAULT '{}',
-    updated_at INTEGER NOT NULL,
-    expires_at INTEGER,
-    PRIMARY KEY (group_id, epoch)
+    `CREATE TABLE IF NOT EXISTS instance_state (
+    device_id TEXT NOT NULL,
+    slot_id TEXT NOT NULL DEFAULT '_singleton',
+    data TEXT NOT NULL DEFAULT '{}',
+    updated_at INTEGER NOT NULL,
+    PRIMARY KEY (device_id, slot_id)
   )`,
-    `CREATE INDEX IF NOT EXISTS idx_group_old_expires ON group_old_epochs (group_id, expires_at)`,
-    `CREATE TABLE IF NOT EXISTS e2ee_sessions (
-    session_id TEXT PRIMARY KEY,
-    data_enc TEXT NOT NULL DEFAULT '{}',
-    updated_at INTEGER NOT NULL
+    `CREATE TABLE IF NOT EXISTS seq_tracker (
+    device_id TEXT NOT NULL,
+    slot_id TEXT NOT NULL DEFAULT '_singleton',
+    namespace TEXT NOT NULL,
+    contiguous_seq INTEGER NOT NULL DEFAULT 0,
+    updated_at INTEGER NOT NULL,
+    PRIMARY KEY (device_id, slot_id, namespace)
   )`,
-    `CREATE TABLE IF NOT EXISTS instance_state (
-    device_id TEXT NOT NULL,
-    slot_id TEXT NOT NULL DEFAULT '_singleton',
-    data TEXT NOT NULL DEFAULT '{}',
-    updated_at INTEGER NOT NULL,
-    PRIMARY KEY (device_id, slot_id)
+    `CREATE TABLE IF NOT EXISTS metadata_kv (
+    key TEXT PRIMARY KEY,
+    value TEXT NOT NULL,
+    updated_at INTEGER NOT NULL
   )`,
-    `CREATE TABLE IF NOT EXISTS seq_tracker (
-    device_id TEXT NOT NULL,
-    slot_id TEXT NOT NULL DEFAULT '_singleton',
-    namespace TEXT NOT NULL,
-    contiguous_seq INTEGER NOT NULL DEFAULT 0,
-    updated_at INTEGER NOT NULL,
-    PRIMARY KEY (device_id, slot_id, namespace)
-  )`,
-    `CREATE TABLE IF NOT EXISTS metadata_kv (
-    key TEXT PRIMARY KEY,
-    value TEXT NOT NULL,
-    updated_at INTEGER NOT NULL
-  )`,
-    `CREATE TABLE IF NOT EXISTS group_state (
-    group_id TEXT PRIMARY KEY,
-    state_version INTEGER NOT NULL DEFAULT 0,
-    state_hash TEXT NOT NULL DEFAULT '',
-    key_epoch INTEGER NOT NULL DEFAULT 0,
-    membership_json TEXT NOT NULL DEFAULT '',
-    policy_json TEXT NOT NULL DEFAULT '',
-    updated_at INTEGER NOT NULL DEFAULT 0
+    `CREATE TABLE IF NOT EXISTS group_state (
+    group_id TEXT PRIMARY KEY,
+    state_version INTEGER NOT NULL DEFAULT 0,
+    state_hash TEXT NOT NULL DEFAULT '',
+    key_epoch INTEGER NOT NULL DEFAULT 0,
+    membership_json TEXT NOT NULL DEFAULT '',
+    policy_json TEXT NOT NULL DEFAULT '',
+    updated_at INTEGER NOT NULL DEFAULT 0
   )`,
 ];
 function jsonParseObject(value) {
@@ -123,14 +70,12 @@ function jsonParseObject(value) {
 export class AIDDatabase {
     _db;
     _dbPath;
-    _secretStore;
     _scope;
     _log;
-    constructor(dbPath, secretStore, scope, logger) {
+    constructor(dbPath, _secretStore, scope, logger) {
         mkdirSync(dirname(dbPath), { recursive: true });
         const absPath = resolve(dbPath);
         this._dbPath = absPath;
-        this._secretStore = secretStore ?? null;
         this._scope = scope ?? dirname(absPath).split(/[\\/]/).pop() ?? '';
         this._log = logger ?? { error: () => { }, warn: () => { }, info: () => { }, debug: () => { } };
         const cached = _dbPool.get(absPath);
@@ -146,6 +91,10 @@ export class AIDDatabase {
         this._initSchema();
         this._log.debug(`AIDDatabase ready: path=${this._dbPath} scope=${this._scope}`);
     }
+    /** 暴露底层 SQLite 句柄，供 V2KeyStore 共享同一 DB 连接。 */
+    getSqliteHandle() {
+        return this._db;
+    }
     close() {
         const cached = _dbPool.get(this._dbPath);
         if (cached) {
@@ -166,50 +115,10 @@ export class AIDDatabase {
     _initSchema() {
         for (const ddl of DDL_STATEMENTS)
             this._db.exec(ddl);
-        this._migrateLegacyColumns();
         const row = this._db.prepare('SELECT version FROM _schema_version WHERE id = 1').get();
         if (!row)
             this._db.prepare('INSERT INTO _schema_version (id, version) VALUES (1, ?)').run(SCHEMA_VERSION);
     }
-    _migrateLegacyColumns() {
-        this._renameColumnIfExists('prekeys', 'private_key_pem', 'private_key_enc');
-        this._renameColumnIfExists('group_current', 'secret', 'secret_enc');
-        this._renameColumnIfExists('group_old_epochs', 'secret', 'secret_enc');
-        this._renameColumnIfExists('e2ee_sessions', 'data', 'data_enc');
-    }
-    _renameColumnIfExists(table, oldName, newName) {
-        const rows = this._db.prepare(`PRAGMA table_info(${table})`).all();
-        const names = new Set(rows.map((row) => row.name));
-        if (names.has(oldName) && !names.has(newName)) {
-            this._db.exec(`ALTER TABLE ${table} RENAME COLUMN ${oldName} TO ${newName}`);
-        }
-    }
-    _protectText(name, plaintext) {
-        if (!this._secretStore || !plaintext)
-            return plaintext;
-        try {
-            return JSON.stringify(this._secretStore.protect(this._scope, name, Buffer.from(plaintext, 'utf-8')));
-        }
-        catch (exc) {
-            this._log.error(`field encryption failed (scope=${this._scope}, name=${name}), degrading to plaintext: ${exc instanceof Error ? exc.message : String(exc)}`, exc instanceof Error ? exc : undefined);
-            return plaintext;
-        }
-    }
-    _revealText(name, stored) {
-        if (!this._secretStore || !stored)
-            return stored;
-        try {
-            const record = JSON.parse(stored);
-            if (record?.scheme !== 'file_aes')
-                return stored;
-            const plain = this._secretStore.reveal(this._scope, name, record);
-            return plain ? plain.toString('utf-8') : stored;
-        }
-        catch (exc) {
-            this._log.error(`field decryption failed (scope=${this._scope}, name=${name}): ${exc instanceof Error ? exc.message : String(exc)}`, exc instanceof Error ? exc : undefined);
-            return stored;
-        }
-    }
     getToken(key) {
         const row = this._db.prepare('SELECT value FROM tokens WHERE key = ?').get(key);
         return row?.value ?? null;
@@ -227,412 +136,6 @@ export class AIDDatabase {
             result[row.key] = row.value;
         return result;
     }
-    savePrekey(prekeyId, privateKeyPem, deviceId = '', createdAt, expiresAt, extraData) {
-        const now = Date.now();
-        this._db.prepare(`INSERT INTO prekeys (prekey_id, device_id, private_key_enc, data, created_at, updated_at, expires_at)
-       VALUES (?, ?, ?, ?, ?, ?, ?)
-       ON CONFLICT(prekey_id, device_id) DO UPDATE SET
-         private_key_enc=excluded.private_key_enc, data=excluded.data,
-         updated_at=excluded.updated_at, expires_at=excluded.expires_at`).run(prekeyId, deviceId, this._protectText(`prekey/${prekeyId}`, privateKeyPem), JSON.stringify(extraData ?? {}), createdAt ?? now, now, expiresAt ?? null);
-    }
-    loadPrekeys(deviceId = '') {
-        const rows = this._db.prepare('SELECT prekey_id, private_key_enc, data, created_at, updated_at, expires_at FROM prekeys WHERE device_id = ?').all(deviceId);
-        const result = {};
-        for (const row of rows) {
-            const entry = {
-                private_key_pem: this._revealText(`prekey/${row.prekey_id}`, row.private_key_enc),
-            };
-            if (row.created_at != null)
-                entry.created_at = row.created_at;
-            if (row.updated_at != null)
-                entry.updated_at = row.updated_at;
-            if (row.expires_at != null)
-                entry.expires_at = row.expires_at;
-            Object.assign(entry, jsonParseObject(row.data));
-            result[row.prekey_id] = entry;
-        }
-        return result;
-    }
-    /**
-     * 按 prekey_id 单点查询（WHERE prekey_id = ? LIMIT 1）。
-     * 相比 loadPrekeys 的全量加载（O(N)），单条查询是 O(1)。
-     * 解密入站消息时信封里有 prekey_id，应优先走这条路径。
-     */
-    loadPrekeyById(prekeyId) {
-        const row = this._db.prepare('SELECT prekey_id, private_key_enc, data, created_at, updated_at, expires_at FROM prekeys WHERE prekey_id = ? LIMIT 1').get(prekeyId);
-        if (!row)
-            return null;
-        const entry = {
-            private_key_pem: this._revealText(`prekey/${row.prekey_id}`, row.private_key_enc),
-        };
-        if (row.created_at != null)
-            entry.created_at = row.created_at;
-        if (row.updated_at != null)
-            entry.updated_at = row.updated_at;
-        if (row.expires_at != null)
-            entry.expires_at = row.expires_at;
-        Object.assign(entry, jsonParseObject(row.data));
-        return entry;
-    }
-    deletePrekey(prekeyId, deviceId = '') {
-        this._db.prepare('DELETE FROM prekeys WHERE prekey_id = ? AND device_id = ?').run(prekeyId, deviceId);
-    }
-    cleanupPrekeys(deviceId, cutoffMs, keepLatest) {
-        const rows = this._db.prepare('SELECT prekey_id, created_at FROM prekeys WHERE device_id = ? ORDER BY created_at DESC').all(deviceId);
-        const latestIds = new Set(rows.slice(0, keepLatest).map((row) => row.prekey_id));
-        const toDelete = rows
-            .filter((row) => !latestIds.has(row.prekey_id) && row.created_at != null && row.created_at < cutoffMs)
-            .map((row) => row.prekey_id);
-        if (toDelete.length > 0) {
-            const del = this._db.prepare('DELETE FROM prekeys WHERE device_id = ? AND prekey_id = ?');
-            runImmediateTransaction(this._db, () => {
-                for (const id of toDelete)
-                    del.run(deviceId, id);
-            });
-        }
-        return toDelete;
-    }
-    saveGroupCurrent(groupId, epoch, secret, data) {
-        this._db.prepare(`INSERT INTO group_current (group_id, epoch, secret_enc, data, updated_at)
-       VALUES (?, ?, ?, ?, ?)
-       ON CONFLICT(group_id) DO UPDATE SET epoch=excluded.epoch, secret_enc=excluded.secret_enc, data=excluded.data, updated_at=excluded.updated_at`).run(groupId, epoch, this._protectText(`group/${groupId}/current`, secret), JSON.stringify(data), Date.now());
-    }
-    loadGroupCurrent(groupId) {
-        const row = this._db.prepare('SELECT epoch, secret_enc, data, updated_at FROM group_current WHERE group_id = ?').get(groupId);
-        if (!row)
-            return null;
-        return {
-            group_id: groupId,
-            epoch: row.epoch,
-            secret: this._revealText(`group/${groupId}/current`, row.secret_enc),
-            ...jsonParseObject(row.data),
-            updated_at: row.updated_at,
-        };
-    }
-    loadGroupSecretEpoch(groupId, epoch) {
-        const current = this.loadGroupCurrent(groupId);
-        if (epoch === undefined || epoch === null)
-            return current;
-        if (current && Number(current.epoch ?? 0) === Number(epoch))
-            return current;
-        const row = this._db.prepare('SELECT epoch, secret_enc, data, updated_at, expires_at FROM group_old_epochs WHERE group_id = ? AND epoch = ?').get(groupId, epoch);
-        if (!row)
-            return null;
-        const entry = {
-            epoch: row.epoch,
-            secret: this._revealText(`group/${groupId}/epoch/${row.epoch}`, row.secret_enc),
-            ...jsonParseObject(row.data),
-            updated_at: row.updated_at,
-        };
-        if (row.expires_at != null)
-            entry.expires_at = row.expires_at;
-        return entry;
-    }
-    loadGroupSecretEpochs(groupId) {
-        const result = [];
-        const current = this.loadGroupCurrent(groupId);
-        if (current)
-            result.push(current);
-        const rows = this._db.prepare('SELECT epoch, secret_enc, data, updated_at, expires_at FROM group_old_epochs WHERE group_id = ? ORDER BY epoch ASC').all(groupId);
-        for (const row of rows) {
-            const entry = {
-                epoch: row.epoch,
-                secret: this._revealText(`group/${groupId}/epoch/${row.epoch}`, row.secret_enc),
-                ...jsonParseObject(row.data),
-                updated_at: row.updated_at,
-            };
-            if (row.expires_at != null)
-                entry.expires_at = row.expires_at;
-            result.push(entry);
-        }
-        return result;
-    }
-    loadAllGroupCurrent() {
-        const rows = this._db.prepare('SELECT group_id, epoch, secret_enc, data, updated_at FROM group_current').all();
-        const result = {};
-        for (const row of rows) {
-            result[row.group_id] = {
-                group_id: row.group_id,
-                epoch: row.epoch,
-                secret: this._revealText(`group/${row.group_id}/current`, row.secret_enc),
-                ...jsonParseObject(row.data),
-                updated_at: row.updated_at,
-            };
-        }
-        return result;
-    }
-    deleteGroupCurrent(groupId) {
-        this._db.prepare('DELETE FROM group_current WHERE group_id = ?').run(groupId);
-    }
-    saveGroupOldEpoch(groupId, epoch, secret, data, updatedAt, expiresAt) {
-        this._db.prepare(`INSERT INTO group_old_epochs (group_id, epoch, secret_enc, data, updated_at, expires_at)
-       VALUES (?, ?, ?, ?, ?, ?)
-       ON CONFLICT(group_id, epoch) DO UPDATE SET secret_enc=excluded.secret_enc, data=excluded.data, updated_at=excluded.updated_at, expires_at=excluded.expires_at`).run(groupId, epoch, this._protectText(`group/${groupId}/epoch/${epoch}`, secret), JSON.stringify(data), updatedAt ?? Date.now(), expiresAt ?? null);
-    }
-    loadGroupOldEpochs(groupId) {
-        const rows = this._db.prepare('SELECT epoch, secret_enc, data, updated_at, expires_at FROM group_old_epochs WHERE group_id = ? ORDER BY epoch ASC').all(groupId);
-        return rows.map((row) => {
-            const entry = {
-                epoch: row.epoch,
-                secret: this._revealText(`group/${groupId}/epoch/${row.epoch}`, row.secret_enc),
-                ...jsonParseObject(row.data),
-                updated_at: row.updated_at,
-            };
-            if (row.expires_at != null)
-                entry.expires_at = row.expires_at;
-            return entry;
-        });
-    }
-    deleteAllGroupOldEpochs(groupId) {
-        this._db.prepare('DELETE FROM group_old_epochs WHERE group_id = ?').run(groupId);
-    }
-    loadAllGroupIdsWithOldEpochs() {
-        const rows = this._db.prepare('SELECT DISTINCT group_id FROM group_old_epochs').all();
-        return rows.map((row) => row.group_id);
-    }
-    cleanupGroupOldEpochs(groupId, cutoffMs) {
-        const result = this._db.prepare('DELETE FROM group_old_epochs WHERE group_id = ? AND updated_at <= ?').run(groupId, cutoffMs);
-        return Number(result.changes);
-    }
-    storeGroupSecretTransition(groupId, opts) {
-        return Boolean(runImmediateTransaction(this._db, () => {
-            const now = Date.now();
-            const epoch = Number(opts.epoch);
-            const members = [...(opts.memberAids ?? [])].map((item) => String(item)).sort();
-            const pendingRotationId = String(opts.pendingRotationId ?? '').trim();
-            const current = this._db.prepare('SELECT epoch, secret_enc, data, updated_at FROM group_current WHERE group_id = ?').get(groupId);
-            if (current) {
-                const localEpoch = Number(current.epoch);
-                const currentSecret = this._revealText(`group/${groupId}/current`, current.secret_enc);
-                const currentData = jsonParseObject(current.data);
-                if (epoch < localEpoch)
-                    return false;
-                if (epoch === localEpoch && currentSecret) {
-                    if (currentSecret !== opts.secret) {
-                        if (String(currentData.pending_rotation_id ?? '').trim()) {
-                            this._upsertGroupCurrent(groupId, epoch, opts.secret, this._buildGroupCurrentData(opts, members, now), now);
-                            return true;
-                        }
-                        return false;
-                    }
-                    const updated = { ...currentData };
-                    let changed = false;
-                    const oldMembers = Array.isArray(updated.member_aids) ? updated.member_aids.map(String).sort() : [];
-                    if (members.length > 0 && JSON.stringify(oldMembers) !== JSON.stringify(members)) {
-                        updated.member_aids = members;
-                        updated.commitment = opts.commitment;
-                        changed = true;
-                    }
-                    if (opts.epochChain !== undefined && updated.epoch_chain !== opts.epochChain) {
-                        updated.epoch_chain = opts.epochChain;
-                        changed = true;
-                    }
-                    if (opts.epochChainUnverified === true) {
-                        if (updated.epoch_chain_unverified !== true) {
-                            updated.epoch_chain_unverified = true;
-                            changed = true;
-                        }
-                        if (opts.epochChainUnverifiedReason && updated.epoch_chain_unverified_reason !== opts.epochChainUnverifiedReason) {
-                            updated.epoch_chain_unverified_reason = opts.epochChainUnverifiedReason;
-                            changed = true;
-                        }
-                    }
-                    else if (opts.epochChainUnverified === false) {
-                        if ('epoch_chain_unverified' in updated || 'epoch_chain_unverified_reason' in updated) {
-                            delete updated.epoch_chain_unverified;
-                            delete updated.epoch_chain_unverified_reason;
-                            changed = true;
-                        }
-                    }
-                    if (pendingRotationId && updated.pending_rotation_id !== pendingRotationId) {
-                        updated.pending_rotation_id = pendingRotationId;
-                        updated.pending_created_at = now;
-                        changed = true;
-                    }
-                    if (!pendingRotationId && updated.pending_rotation_id) {
-                        delete updated.pending_rotation_id;
-                        delete updated.pending_created_at;
-                        changed = true;
-                    }
-                    if (changed)
-                        this._upsertGroupCurrent(groupId, epoch, currentSecret, updated, now);
-                    return true;
-                }
-                if (localEpoch !== epoch) {
-                    const expiresAt = Number(current.updated_at || now) + opts.oldEpochRetentionMs;
-                    this._upsertGroupOldEpoch(groupId, localEpoch, currentSecret, currentData, Number(current.updated_at || now), expiresAt);
-                }
-                else {
-                    // epoch === localEpoch 但 currentSecret 为空：合并 data，不覆盖已有字段
-                    const merged = { ...currentData, ...this._buildGroupCurrentData(opts, members, now) };
-                    // 保留已有的 epoch_chain（如果新值为空）
-                    if (!opts.epochChain && currentData.epoch_chain) {
-                        merged.epoch_chain = currentData.epoch_chain;
-                    }
-                    if (currentData.pending_rotation_id && !opts.pendingRotationId) {
-                        merged.pending_rotation_id = currentData.pending_rotation_id;
-                        if (currentData.pending_created_at)
-                            merged.pending_created_at = currentData.pending_created_at;
-                    }
-                    this._upsertGroupCurrent(groupId, epoch, opts.secret, merged, now);
-                    return true;
-                }
-            }
-            this._upsertGroupCurrent(groupId, epoch, opts.secret, this._buildGroupCurrentData(opts, members, now), now);
-            return true;
-        }));
-    }
-    storeGroupSecretEpoch(groupId, opts) {
-        return Boolean(runImmediateTransaction(this._db, () => {
-            const now = Date.now();
-            const epoch = Number(opts.epoch);
-            const members = [...(opts.memberAids ?? [])].map((item) => String(item)).sort();
-            const pendingRotationId = String(opts.pendingRotationId ?? '').trim();
-            const data = this._buildGroupCurrentData(opts, members, now);
-            const current = this._db.prepare('SELECT epoch, secret_enc, data, updated_at FROM group_current WHERE group_id = ?').get(groupId);
-            if (!current) {
-                this._upsertGroupCurrent(groupId, epoch, opts.secret, data, now);
-                return true;
-            }
-            const localEpoch = Number(current.epoch);
-            if (epoch > localEpoch) {
-                // 归档旧 epoch 到 old_epochs，然后用新 epoch 更新 current
-                const oldSecret = this._revealText(`group/${groupId}/current`, current.secret_enc);
-                const oldData = jsonParseObject(current.data);
-                const expiresAt = now + (opts.oldEpochRetentionMs ?? 604800_000);
-                this._upsertGroupOldEpoch(groupId, localEpoch, oldSecret, oldData, current.updated_at, expiresAt);
-                this._upsertGroupCurrent(groupId, epoch, opts.secret, data, now);
-                return true;
-            }
-            if (epoch === localEpoch) {
-                const currentSecret = this._revealText(`group/${groupId}/current`, current.secret_enc);
-                const currentData = jsonParseObject(current.data);
-                if (currentSecret && currentSecret !== opts.secret) {
-                    if (!String(currentData.pending_rotation_id ?? '').trim())
-                        return false;
-                    this._upsertGroupCurrent(groupId, epoch, opts.secret, data, now);
-                    return true;
-                }
-                const updated = { ...currentData };
-                let changed = false;
-                const oldMembers = Array.isArray(updated.member_aids) ? updated.member_aids.map(String).sort() : [];
-                if (members.length > 0 && JSON.stringify(oldMembers) !== JSON.stringify(members)) {
-                    updated.member_aids = members;
-                    updated.commitment = opts.commitment;
-                    changed = true;
-                }
-                if (opts.epochChain !== undefined && updated.epoch_chain !== opts.epochChain) {
-                    updated.epoch_chain = opts.epochChain;
-                    changed = true;
-                }
-                if (opts.epochChainUnverified === true) {
-                    if (updated.epoch_chain_unverified !== true) {
-                        updated.epoch_chain_unverified = true;
-                        changed = true;
-                    }
-                    if (opts.epochChainUnverifiedReason && updated.epoch_chain_unverified_reason !== opts.epochChainUnverifiedReason) {
-                        updated.epoch_chain_unverified_reason = opts.epochChainUnverifiedReason;
-                        changed = true;
-                    }
-                }
-                else if (opts.epochChainUnverified === false) {
-                    if ('epoch_chain_unverified' in updated || 'epoch_chain_unverified_reason' in updated) {
-                        delete updated.epoch_chain_unverified;
-                        delete updated.epoch_chain_unverified_reason;
-                        changed = true;
-                    }
-                }
-                if (pendingRotationId && updated.pending_rotation_id !== pendingRotationId) {
-                    updated.pending_rotation_id = pendingRotationId;
-                    updated.pending_created_at = now;
-                    changed = true;
-                }
-                if (!pendingRotationId && updated.pending_rotation_id) {
-                    delete updated.pending_rotation_id;
-                    delete updated.pending_created_at;
-                    changed = true;
-                }
-                if (changed)
-                    this._upsertGroupCurrent(groupId, epoch, currentSecret, updated, now);
-                return true;
-            }
-            const old = this._db.prepare('SELECT secret_enc FROM group_old_epochs WHERE group_id = ? AND epoch = ?').get(groupId, epoch);
-            if (old) {
-                const oldSecret = this._revealText(`group/${groupId}/epoch/${epoch}`, old.secret_enc);
-                if (oldSecret && oldSecret !== opts.secret)
-                    return false;
-            }
-            this._upsertGroupOldEpoch(groupId, epoch, opts.secret, data, now, now + opts.oldEpochRetentionMs);
-            return true;
-        }));
-    }
-    discardPendingGroupSecretState(groupId, epoch, rotationId) {
-        return Boolean(runImmediateTransaction(this._db, () => {
-            const rid = String(rotationId ?? '').trim();
-            if (!rid)
-                return false;
-            const current = this._db.prepare('SELECT epoch, data FROM group_current WHERE group_id = ?').get(groupId);
-            if (!current || Number(current.epoch) !== Number(epoch))
-                return false;
-            const data = jsonParseObject(current.data);
-            if (String(data.pending_rotation_id ?? '').trim() !== rid)
-                return false;
-            const old = this._db.prepare('SELECT epoch, secret_enc, data, updated_at, expires_at FROM group_old_epochs WHERE group_id = ? AND epoch < ? ORDER BY epoch DESC LIMIT 1').get(groupId, epoch);
-            if (!old) {
-                this._db.prepare('DELETE FROM group_current WHERE group_id = ?').run(groupId);
-                this._db.prepare('DELETE FROM group_old_epochs WHERE group_id = ?').run(groupId);
-                return true;
-            }
-            const secret = this._revealText(`group/${groupId}/epoch/${old.epoch}`, old.secret_enc);
-            this._upsertGroupCurrent(groupId, Number(old.epoch), secret, jsonParseObject(old.data), Date.now());
-            this._db.prepare('DELETE FROM group_old_epochs WHERE group_id = ? AND epoch = ?').run(groupId, old.epoch);
-            return true;
-        }));
-    }
-    _buildGroupCurrentData(opts, memberAids, now) {
-        const data = {
-            commitment: opts.commitment,
-            member_aids: memberAids,
-        };
-        if (opts.epochChain !== undefined)
-            data.epoch_chain = opts.epochChain;
-        const pendingRotationId = String(opts.pendingRotationId ?? '').trim();
-        if (pendingRotationId) {
-            data.pending_rotation_id = pendingRotationId;
-            data.pending_created_at = now;
-        }
-        if (opts.epochChainUnverified === true) {
-            data.epoch_chain_unverified = true;
-            if (opts.epochChainUnverifiedReason)
-                data.epoch_chain_unverified_reason = opts.epochChainUnverifiedReason;
-        }
-        return data;
-    }
-    _upsertGroupCurrent(groupId, epoch, secret, data, updatedAt) {
-        this._db.prepare(`INSERT INTO group_current (group_id, epoch, secret_enc, data, updated_at)
-       VALUES (?, ?, ?, ?, ?)
-       ON CONFLICT(group_id) DO UPDATE SET epoch=excluded.epoch, secret_enc=excluded.secret_enc, data=excluded.data, updated_at=excluded.updated_at`).run(groupId, epoch, this._protectText(`group/${groupId}/current`, secret), JSON.stringify(data), updatedAt);
-    }
-    _upsertGroupOldEpoch(groupId, epoch, secret, data, updatedAt, expiresAt) {
-        this._db.prepare(`INSERT INTO group_old_epochs (group_id, epoch, secret_enc, data, updated_at, expires_at)
-       VALUES (?, ?, ?, ?, ?, ?)
-       ON CONFLICT(group_id, epoch) DO UPDATE SET secret_enc=excluded.secret_enc, data=excluded.data, updated_at=excluded.updated_at, expires_at=excluded.expires_at`).run(groupId, epoch, this._protectText(`group/${groupId}/epoch/${epoch}`, secret), JSON.stringify(data), updatedAt, expiresAt ?? null);
-    }
-    saveSession(sessionId, data) {
-        const dataJson = JSON.stringify(data);
-        this._db.prepare('INSERT INTO e2ee_sessions (session_id, data_enc, updated_at) VALUES (?, ?, ?) ON CONFLICT(session_id) DO UPDATE SET data_enc=excluded.data_enc, updated_at=excluded.updated_at').run(sessionId, this._protectText(`session/${sessionId}`, dataJson), Date.now());
-    }
-    loadAllSessions() {
-        const rows = this._db.prepare('SELECT session_id, data_enc, updated_at FROM e2ee_sessions').all();
-        return rows.map((row) => ({
-            ...jsonParseObject(this._revealText(`session/${row.session_id}`, row.data_enc)),
-            session_id: row.session_id,
-            updated_at: row.updated_at,
-        }));
-    }
-    deleteSession(sessionId) {
-        this._db.prepare('DELETE FROM e2ee_sessions WHERE session_id = ?').run(sessionId);
-    }
     saveInstanceState(deviceId, slotId, state) {
         const slot = slotId || '_singleton';
         this._db.prepare('INSERT INTO instance_state (device_id, slot_id, data, updated_at) VALUES (?, ?, ?, ?) ON CONFLICT(device_id, slot_id) DO UPDATE SET data=excluded.data, updated_at=excluded.updated_at').run(deviceId, slot, JSON.stringify(state), Date.now());
@@ -680,10 +183,9 @@ export class AIDDatabase {
             result[row.key] = row.value;
         return result;
     }
-    // ── Group State ─────────────────────────────────────────────
     saveGroupState(groupId, stateVersion, stateHash, keyEpoch, membershipJson, policyJson) {
-        this._db.prepare(`INSERT INTO group_state (group_id, state_version, state_hash, key_epoch, membership_json, policy_json, updated_at)
-       VALUES (?, ?, ?, ?, ?, ?, ?)
+        this._db.prepare(`INSERT INTO group_state (group_id, state_version, state_hash, key_epoch, membership_json, policy_json, updated_at)
+       VALUES (?, ?, ?, ?, ?, ?, ?)
        ON CONFLICT(group_id) DO UPDATE SET state_version=excluded.state_version, state_hash=excluded.state_hash, key_epoch=excluded.key_epoch, membership_json=excluded.membership_json, policy_json=excluded.policy_json, updated_at=excluded.updated_at`).run(groupId, stateVersion, stateHash, keyEpoch, membershipJson, policyJson, Date.now());
     }
     loadGroupState(groupId) {