@agentvault/agentvault 0.13.9 → 0.13.11

package/dist/index.js

@@ -44880,6 +44880,7 @@ var DoubleRatchet = class _DoubleRatchet {
   serialize() {
     const s2 = this.state;
     return JSON.stringify({
+      version: 1,
       rootKey: libsodium_wrappers_default.to_hex(s2.rootKey),
       sendingChain: s2.sendingChain ? {
         chainKey: libsodium_wrappers_default.to_hex(s2.sendingChain.chainKey),
@@ -44907,33 +44908,59 @@ var DoubleRatchet = class _DoubleRatchet {
     });
   }
   static deserialize(json) {
-    const d2 = JSON.parse(json);
-    return new _DoubleRatchet({
-      rootKey: libsodium_wrappers_default.from_hex(d2.rootKey),
-      sendingChain: d2.sendingChain ? {
-        chainKey: libsodium_wrappers_default.from_hex(d2.sendingChain.chainKey),
-        messageNumber: d2.sendingChain.messageNumber
-      } : null,
-      receivingChain: d2.receivingChain ? {
-        chainKey: libsodium_wrappers_default.from_hex(d2.receivingChain.chainKey),
-        messageNumber: d2.receivingChain.messageNumber
-      } : null,
-      dhSendingKeypair: {
-        publicKey: libsodium_wrappers_default.from_hex(d2.dhSendingKeypair.publicKey),
-        privateKey: libsodium_wrappers_default.from_hex(d2.dhSendingKeypair.privateKey)
-      },
-      dhReceivingPublicKey: d2.dhReceivingPublicKey ? libsodium_wrappers_default.from_hex(d2.dhReceivingPublicKey) : null,
-      identityKeypair: {
-        publicKey: libsodium_wrappers_default.from_hex(d2.identityKeypair.publicKey),
-        privateKey: libsodium_wrappers_default.from_hex(d2.identityKeypair.privateKey)
-      },
-      previousSendingChainLength: d2.previousSendingChainLength,
-      skippedKeys: d2.skippedKeys.map((sk) => ({
-        dhPub: sk.dhPub,
-        n: sk.n,
-        messageKey: libsodium_wrappers_default.from_hex(sk.messageKey)
-      }))
-    });
+    let d2;
+    try {
+      d2 = JSON.parse(json);
+    } catch {
+      throw new Error("Ratchet state: corrupt JSON");
+    }
+    if (d2.version !== void 0 && d2.version !== 1) {
+      throw new Error(`Ratchet state version ${d2.version} not supported`);
+    }
+    if (typeof d2.rootKey !== "string") {
+      throw new Error("Ratchet state: missing required field rootKey");
+    }
+    const dhSend = d2.dhSendingKeypair;
+    if (!dhSend || typeof dhSend.publicKey !== "string" || typeof dhSend.privateKey !== "string") {
+      throw new Error("Ratchet state: missing required field dhSendingKeypair");
+    }
+    const idKp = d2.identityKeypair;
+    if (!idKp || typeof idKp.publicKey !== "string" || typeof idKp.privateKey !== "string") {
+      throw new Error("Ratchet state: missing required field identityKeypair");
+    }
+    try {
+      return new _DoubleRatchet({
+        rootKey: libsodium_wrappers_default.from_hex(d2.rootKey),
+        sendingChain: d2.sendingChain ? {
+          chainKey: libsodium_wrappers_default.from_hex(d2.sendingChain.chainKey),
+          messageNumber: d2.sendingChain.messageNumber
+        } : null,
+        receivingChain: d2.receivingChain ? {
+          chainKey: libsodium_wrappers_default.from_hex(d2.receivingChain.chainKey),
+          messageNumber: d2.receivingChain.messageNumber
+        } : null,
+        dhSendingKeypair: {
+          publicKey: libsodium_wrappers_default.from_hex(dhSend.publicKey),
+          privateKey: libsodium_wrappers_default.from_hex(dhSend.privateKey)
+        },
+        dhReceivingPublicKey: d2.dhReceivingPublicKey ? libsodium_wrappers_default.from_hex(d2.dhReceivingPublicKey) : null,
+        identityKeypair: {
+          publicKey: libsodium_wrappers_default.from_hex(idKp.publicKey),
+          privateKey: libsodium_wrappers_default.from_hex(idKp.privateKey)
+        },
+        previousSendingChainLength: d2.previousSendingChainLength,
+        skippedKeys: d2.skippedKeys.map((sk) => ({
+          dhPub: sk.dhPub,
+          n: sk.n,
+          messageKey: libsodium_wrappers_default.from_hex(sk.messageKey)
+        }))
+      });
+    } catch (err) {
+      if (err instanceof Error && err.message.startsWith("Ratchet state")) {
+        throw err;
+      }
+      throw new Error(`Ratchet state: corrupt hex data \u2014 ${err instanceof Error ? err.message : String(err)}`);
+    }
   }
 };
 
@@ -45632,6 +45659,8 @@ var SecureChannel = class _SecureChannel extends EventEmitter {
   _telemetryReporter = null;
   /** Topic ID from the most recent inbound message — used as fallback for replies. */
   _lastIncomingTopicId;
+  /** Rate-limit: last resync_request timestamp per conversation (5-min cooldown). */
+  _lastResyncRequest = /* @__PURE__ */ new Map();
   // Liveness detection: server sends app-level {"event":"ping"} every 30s.
   // We check every 30s; if no data received in 90s (3 missed pings), connection is dead.
   static PING_INTERVAL_MS = 3e4;
@@ -46890,6 +46919,13 @@ var SecureChannel = class _SecureChannel extends EventEmitter {
           await this._handleDeviceLinked(data.data);
           return;
         }
+        if (data.event === "resync_request") {
+          await this._handleResyncRequest(data.data);
+          return;
+        }
+        if (data.event === "resync_ack") {
+          return;
+        }
         if (data.event === "message") {
           try {
             await this._handleIncomingMessage(data.data);
@@ -47276,8 +47312,28 @@ var SecureChannel = class _SecureChannel extends EventEmitter {
     const session = this._sessions.get(convId);
     if (!session) {
       console.warn(
-        `[SecureChannel] No session for conversation ${convId}, skipping`
+        `[SecureChannel] No session for conversation ${convId}, requesting resync`
       );
+      const RESYNC_COOLDOWN_MS = 5 * 60 * 1e3;
+      const lastResync = this._lastResyncRequest.get(convId) ?? 0;
+      if (Date.now() - lastResync > RESYNC_COOLDOWN_MS && this._ws && this._persisted) {
+        this._lastResyncRequest.set(convId, Date.now());
+        this._ws.send(
+          JSON.stringify({
+            event: "resync_request",
+            data: {
+              conversation_id: convId,
+              reason: "no_session",
+              identity_public_key: this._persisted.identityKeypair.publicKey,
+              ephemeral_public_key: this._persisted.ephemeralKeypair.publicKey
+            }
+          })
+        );
+        this.emit("resync_requested", {
+          conversationId: convId,
+          reason: "no_session"
+        });
+      }
       return;
     }
     const encrypted = transportToEncryptedMessage({
@@ -47295,6 +47351,26 @@ var SecureChannel = class _SecureChannel extends EventEmitter {
       } catch (restoreErr) {
         console.error("[SecureChannel] Ratchet restore failed:", restoreErr);
       }
+      const RESYNC_COOLDOWN_MS = 5 * 60 * 1e3;
+      const lastResync = this._lastResyncRequest.get(convId) ?? 0;
+      if (Date.now() - lastResync > RESYNC_COOLDOWN_MS && this._ws && this._persisted) {
+        this._lastResyncRequest.set(convId, Date.now());
+        const idPubHex = this._persisted.identityKeypair.publicKey;
+        const ephPubHex = this._persisted.ephemeralKeypair.publicKey;
+        this._ws.send(
+          JSON.stringify({
+            event: "resync_request",
+            data: {
+              conversation_id: convId,
+              reason: "decrypt_failure",
+              identity_public_key: idPubHex,
+              ephemeral_public_key: ephPubHex
+            }
+          })
+        );
+        console.log(`[SecureChannel] Sent resync_request for conv ${convId.slice(0, 8)}...`);
+        this.emit("resync_requested", { conversationId: convId, reason: "decrypt_failure" });
+      }
       return;
     }
     this._sendAck(msgData.message_id);
@@ -47619,6 +47695,70 @@ ${messageText}`;
       this.emit("error", err);
     }
   }
+  /**
+   * Handle a resync_request from the owner (owner-initiated ratchet re-establishment).
+   * Re-derives shared secret via X3DH as responder, initializes fresh receiver ratchet,
+   * and sends resync_ack back with agent's public keys.
+   */
+  async _handleResyncRequest(data) {
+    const convId = data.conversation_id;
+    console.log(
+      `[SecureChannel] Received resync_request for conv ${convId.slice(0, 8)}... (reason: ${data.reason ?? "unknown"})`
+    );
+    try {
+      if (!this._persisted) {
+        console.error("[SecureChannel] Cannot handle resync \u2014 no persisted state");
+        return;
+      }
+      const identity = this._persisted.identityKeypair;
+      const ephemeral = this._persisted.ephemeralKeypair;
+      const sharedSecret = performX3DH({
+        myIdentityPrivate: hexToBytes(identity.privateKey),
+        myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
+        theirIdentityPublic: hexToBytes(data.identity_public_key),
+        theirEphemeralPublic: hexToBytes(data.ephemeral_public_key),
+        isInitiator: false
+      });
+      const ratchet = DoubleRatchet.initReceiver(sharedSecret, {
+        publicKey: hexToBytes(identity.publicKey),
+        privateKey: hexToBytes(identity.privateKey),
+        keyType: "ed25519"
+      });
+      const existingSession = this._sessions.get(convId);
+      const ownerDeviceId = data.sender_device_id ?? existingSession?.ownerDeviceId ?? "";
+      this._sessions.set(convId, {
+        ownerDeviceId,
+        ratchet,
+        activated: false
+        // Wait for owner's encrypted session_init
+      });
+      this._persisted.sessions[convId] = {
+        ownerDeviceId,
+        ratchetState: ratchet.serialize(),
+        activated: false
+      };
+      await this._persistState();
+      if (this._ws) {
+        this._ws.send(
+          JSON.stringify({
+            event: "resync_ack",
+            data: {
+              conversation_id: convId,
+              identity_public_key: identity.publicKey,
+              ephemeral_public_key: ephemeral.publicKey
+            }
+          })
+        );
+      }
+      console.log(
+        `[SecureChannel] Resync complete for conv ${convId.slice(0, 8)}... \u2014 waiting for owner session_init`
+      );
+      this.emit("resync_completed", { conversationId: convId });
+    } catch (err) {
+      console.error(`[SecureChannel] Resync failed for conv ${convId.slice(0, 8)}...:`, err);
+      this.emit("error", err);
+    }
+  }
   /**
    * Handle an incoming room message. Finds the pairwise conversation
    * for the sender, decrypts, and emits a room_message event.
@@ -47828,8 +47968,28 @@ ${messageText}`;
           const session = this._sessions.get(msg.conversation_id);
           if (!session) {
             console.warn(
-              `[SecureChannel] No session for conversation ${msg.conversation_id} during sync, skipping`
+              `[SecureChannel] No session for conversation ${msg.conversation_id} during sync, requesting resync`
             );
+            const RESYNC_COOLDOWN_MS = 5 * 60 * 1e3;
+            const lastResync = this._lastResyncRequest.get(msg.conversation_id) ?? 0;
+            if (Date.now() - lastResync > RESYNC_COOLDOWN_MS && this._ws && this._persisted) {
+              this._lastResyncRequest.set(msg.conversation_id, Date.now());
+              this._ws.send(
+                JSON.stringify({
+                  event: "resync_request",
+                  data: {
+                    conversation_id: msg.conversation_id,
+                    reason: "no_session",
+                    identity_public_key: this._persisted.identityKeypair.publicKey,
+                    ephemeral_public_key: this._persisted.ephemeralKeypair.publicKey
+                  }
+                })
+              );
+              this.emit("resync_requested", {
+                conversationId: msg.conversation_id,
+                reason: "no_session"
+              });
+            }
             continue;
           }
           try {