@agentvault/agentvault 0.14.3 → 0.14.5

package/dist/index.js

@@ -1,5 +1,11 @@
 var __defProp = Object.defineProperty;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __require = /* @__PURE__ */ ((x2) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x2, {
+  get: (a2, b2) => (typeof require !== "undefined" ? require : a2)[b2]
+}) : x2)(function(x2) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x2 + '" is not supported');
+});
 var __esm = (fn, res) => function __init() {
   return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
 };
@@ -45022,9 +45028,53 @@ var init_file_crypto = __esm({
 });
 
 // ../crypto/dist/did.js
+function canonicalize(obj) {
+  const json = jsonCanonical(obj) ?? "";
+  return libsodium_wrappers_default.from_string(json);
+}
+function jsonCanonical(value) {
+  if (value === void 0)
+    return void 0;
+  if (value === null)
+    return "null";
+  if (typeof value === "boolean" || typeof value === "number")
+    return JSON.stringify(value);
+  if (typeof value === "string")
+    return JSON.stringify(value);
+  if (Array.isArray(value)) {
+    return "[" + value.map(jsonCanonical).join(",") + "]";
+  }
+  if (typeof value === "object") {
+    const keys = Object.keys(value).sort();
+    const entries = keys.map((k2) => {
+      const v2 = jsonCanonical(value[k2]);
+      if (v2 === void 0)
+        return void 0;
+      return JSON.stringify(k2) + ":" + v2;
+    }).filter((entry) => entry !== void 0);
+    return "{" + entries.join(",") + "}";
+  }
+  return JSON.stringify(value);
+}
+async function verifyDocumentSignature(document, signature, publicKey) {
+  await libsodium_wrappers_default.ready;
+  const canonical = canonicalize(document);
+  const domainPrefix = libsodium_wrappers_default.from_string(DOMAIN_DID_DOCUMENT);
+  const message = new Uint8Array(domainPrefix.length + canonical.length);
+  message.set(domainPrefix);
+  message.set(canonical, domainPrefix.length);
+  try {
+    return libsodium_wrappers_default.crypto_sign_verify_detached(signature, message, publicKey);
+  } catch {
+    return false;
+  }
+}
+var DOMAIN_DID_DOCUMENT;
 var init_did = __esm({
   async "../crypto/dist/did.js"() {
     "use strict";
+    await init_libsodium_wrappers();
+    DOMAIN_DID_DOCUMENT = "DID-DOCUMENT:";
   }
 });
 
@@ -45979,13 +46029,152 @@ var init_http_handlers = __esm({
   }
 });
 
+// src/workspace-handlers.ts
+var workspace_handlers_exports = {};
+__export(workspace_handlers_exports, {
+  handleWorkspaceList: () => handleWorkspaceList,
+  handleWorkspaceRead: () => handleWorkspaceRead,
+  handleWorkspaceUpload: () => handleWorkspaceUpload,
+  validateWorkspaceFilename: () => validateWorkspaceFilename
+});
+import { readdir, readFile as readFile2, writeFile as writeFile2, rename as rename2, stat, unlink } from "node:fs/promises";
+import { join as join2 } from "node:path";
+import { randomUUID } from "node:crypto";
+function validateWorkspaceFilename(filename) {
+  if (!filename || typeof filename !== "string") {
+    return "Filename is required";
+  }
+  if (filename.includes("\0")) {
+    return "Filename contains null bytes";
+  }
+  if (filename.includes("..")) {
+    return "Path traversal not allowed";
+  }
+  if (filename.includes("/") || filename.includes("\\")) {
+    return "Path separators not allowed in filename";
+  }
+  if (!filename.endsWith(".md")) {
+    return "Only .md files are allowed";
+  }
+  if (!/^[a-zA-Z0-9._-]+$/.test(filename)) {
+    return "Filename may only contain letters, numbers, hyphens, underscores, and dots";
+  }
+  return null;
+}
+async function handleWorkspaceUpload(data, workspaceDir) {
+  const filenameError = validateWorkspaceFilename(data.filename);
+  if (filenameError) {
+    return { status: "error", error: filenameError };
+  }
+  if (!data.content || typeof data.content !== "string") {
+    return { status: "error", error: "File content is required" };
+  }
+  const contentBytes = Buffer.byteLength(data.content, "utf-8");
+  if (contentBytes > MAX_FILE_SIZE) {
+    return {
+      status: "error",
+      error: `File exceeds 100KB limit (${Math.round(contentBytes / 1024)}KB)`
+    };
+  }
+  let verified = false;
+  try {
+    const signatureBytes = base64ToBytes(data.signature);
+    const publicKeyBytes = base64ToBytes(data.signer_public_key);
+    const signedPayload = {
+      filename: data.filename,
+      content: data.content,
+      timestamp: data.timestamp
+    };
+    verified = await verifyDocumentSignature(signedPayload, signatureBytes, publicKeyBytes);
+  } catch (err) {
+    return { status: "error", error: "Signature verification failed: invalid format" };
+  }
+  if (!verified) {
+    return { status: "error", error: "Invalid signature \u2014 file may have been tampered with" };
+  }
+  const targetPath = join2(workspaceDir, data.filename);
+  const tempPath = join2(workspaceDir, `.tmp_${randomUUID()}_${data.filename}`);
+  try {
+    await writeFile2(tempPath, data.content, "utf-8");
+    await rename2(tempPath, targetPath);
+  } catch (err) {
+    try {
+      await unlink(tempPath);
+    } catch {
+    }
+    return { status: "error", error: `Failed to write file: ${err.message}` };
+  }
+  console.log(`[Workspace] Wrote ${data.filename} (${contentBytes} bytes, sig verified) \u2192 ${targetPath}`);
+  return {
+    status: "success",
+    written_path: targetPath,
+    verified_signature: true
+  };
+}
+async function handleWorkspaceList(workspaceDir) {
+  try {
+    const entries = await readdir(workspaceDir);
+    const files = [];
+    for (const entry of entries) {
+      if (!entry.endsWith(".md")) continue;
+      try {
+        const filePath = join2(workspaceDir, entry);
+        const fileStat = await stat(filePath);
+        if (!fileStat.isFile()) continue;
+        files.push({
+          filename: entry,
+          size: fileStat.size,
+          modified: fileStat.mtime.toISOString()
+        });
+      } catch {
+      }
+    }
+    files.sort((a2, b2) => a2.filename.localeCompare(b2.filename));
+    return { files };
+  } catch (err) {
+    if (err.code === "ENOENT") {
+      return { files: [] };
+    }
+    throw err;
+  }
+}
+async function handleWorkspaceRead(data, workspaceDir) {
+  const filenameError = validateWorkspaceFilename(data.filename);
+  if (filenameError) {
+    return { error: filenameError };
+  }
+  const filePath = join2(workspaceDir, data.filename);
+  try {
+    const content = await readFile2(filePath, "utf-8");
+    const fileStat = await stat(filePath);
+    return {
+      filename: data.filename,
+      content,
+      size: fileStat.size
+    };
+  } catch (err) {
+    if (err.code === "ENOENT") {
+      return { error: `File not found: ${data.filename}` };
+    }
+    return { error: `Failed to read file: ${err.message}` };
+  }
+}
+var MAX_FILE_SIZE;
+var init_workspace_handlers = __esm({
+  async "src/workspace-handlers.ts"() {
+    "use strict";
+    await init_dist();
+    MAX_FILE_SIZE = 100 * 1024;
+  }
+});
+
 // src/channel.ts
 import { EventEmitter } from "node:events";
 import { createServer } from "node:http";
-import { randomUUID } from "node:crypto";
-import { writeFile as writeFile2, mkdir as mkdir2 } from "node:fs/promises";
-import { join as join2 } from "node:path";
-import { readFile as readFile2 } from "node:fs/promises";
+import { randomUUID as randomUUID2 } from "node:crypto";
+import { writeFile as writeFile3, mkdir as mkdir2 } from "node:fs/promises";
+import { join as join3 } from "node:path";
+import { readFile as readFile3 } from "node:fs/promises";
 import WebSocket from "ws";
 function migratePersistedState(raw) {
   if (raw.sessions && raw.primaryConversationId) {
@@ -46038,6 +46227,8 @@ var init_channel = __esm({
       _pollTimer = null;
       _reconnectAttempt = 0;
       _reconnectTimer = null;
+      _rapidDisconnects = 0;
+      _lastWsOpenTime = 0;
       _pingTimer = null;
       _lastServerMessage = 0;
       _pendingAcks = [];
@@ -46227,7 +46418,7 @@ var init_channel = __esm({
             }
           }
         }
-        const messageGroupId = randomUUID();
+        const messageGroupId = randomUUID2();
         let sentCount = 0;
         for (const [convId, session] of this._sessions) {
           if (!session.activated) continue;
@@ -46322,7 +46513,7 @@ var init_channel = __esm({
        * as a high-priority message. Returns the generated decision_id.
        */
       async sendDecisionRequest(request) {
-        const decision_id = `dec_${randomUUID().replace(/-/g, "").slice(0, 16)}`;
+        const decision_id = `dec_${randomUUID2().replace(/-/g, "").slice(0, 16)}`;
         const payload = JSON.stringify({
           type: "message",
           text: `\u{1F4CB} ${request.title}`,
@@ -46627,7 +46818,7 @@ var init_channel = __esm({
           description: artifact.description,
           attachment: attachMeta
         });
-        const messageGroupId = randomUUID();
+        const messageGroupId = randomUUID2();
         for (const [convId, session] of this._sessions) {
           if (!session.activated) continue;
           const encrypted = session.ratchet.encrypt(envelope);
@@ -47264,6 +47455,7 @@ var init_channel = __esm({
         ws.on("open", async () => {
           try {
             this._reconnectAttempt = 0;
+            this._lastWsOpenTime = Date.now();
             this._startPing(ws);
             this._startWakeDetector();
             this._startPendingPoll();
@@ -47789,6 +47981,41 @@ var init_channel = __esm({
           await this._persistState();
           return;
         }
+        if (messageType === "workspace_file_upload") {
+          try {
+            const parsed = JSON.parse(plaintext);
+            const workspaceDir = this._resolveWorkspaceDir();
+            const { handleWorkspaceUpload: handleWorkspaceUpload2 } = await init_workspace_handlers().then(() => workspace_handlers_exports);
+            const result = await handleWorkspaceUpload2(parsed, workspaceDir);
+            await this._sendStructuredReply(convId, { type: "workspace_file_ack", filename: parsed.filename, ...result });
+          } catch (err) {
+            await this._sendStructuredReply(convId, { type: "workspace_file_ack", status: "error", error: err.message });
+          }
+          return;
+        }
+        if (messageType === "workspace_file_list") {
+          try {
+            const workspaceDir = this._resolveWorkspaceDir();
+            const { handleWorkspaceList: handleWorkspaceList2 } = await init_workspace_handlers().then(() => workspace_handlers_exports);
+            const result = await handleWorkspaceList2(workspaceDir);
+            await this._sendStructuredReply(convId, { type: "workspace_file_list_response", ...result });
+          } catch (err) {
+            await this._sendStructuredReply(convId, { type: "workspace_file_list_response", files: [], error: err.message });
+          }
+          return;
+        }
+        if (messageType === "workspace_file_read") {
+          try {
+            const parsed = JSON.parse(plaintext);
+            const workspaceDir = this._resolveWorkspaceDir();
+            const { handleWorkspaceRead: handleWorkspaceRead2 } = await init_workspace_handlers().then(() => workspace_handlers_exports);
+            const result = await handleWorkspaceRead2(parsed, workspaceDir);
+            await this._sendStructuredReply(convId, { type: "workspace_file_read_response", ...result });
+          } catch (err) {
+            await this._sendStructuredReply(convId, { type: "workspace_file_read_response", error: err.message });
+          }
+          return;
+        }
         if (this._scanEngine) {
           const scanResult = this._scanEngine.scanInbound(messageText);
           if (scanResult.status === "blocked") {
@@ -47869,7 +48096,7 @@ ${messageText}`;
        * and save the plaintext file to disk.
        */
       async _downloadAndDecryptAttachment(info) {
-        const attachDir = join2(this.config.dataDir, "attachments");
+        const attachDir = join3(this.config.dataDir, "attachments");
         await mkdir2(attachDir, { recursive: true });
         const url = `${this.config.apiUrl}${info.blobUrl}`;
         const res = await fetch(url, {
@@ -47887,8 +48114,8 @@ ${messageText}`;
         const fileKey = base64ToBytes(info.fileKey);
         const fileNonce = base64ToBytes(info.fileNonce);
         const decrypted = decryptFile(encryptedData, fileKey, fileNonce);
-        const filePath = join2(attachDir, info.filename);
-        await writeFile2(filePath, decrypted);
+        const filePath = join3(attachDir, info.filename);
+        await writeFile3(filePath, decrypted);
         console.log(`[SecureChannel] Attachment saved: ${filePath} (${decrypted.length} bytes)`);
         return { filePath, decrypted };
       }
@@ -47897,7 +48124,7 @@ ${messageText}`;
        * for inclusion in the message envelope.
        */
       async _uploadAttachment(filePath, conversationId) {
-        const data = await readFile2(filePath);
+        const data = await readFile3(filePath);
         const plainData = new Uint8Array(data);
         const result = encryptFile(plainData);
         const { Blob: NodeBlob, FormData: NodeFormData } = await import("node:buffer").then(
@@ -47949,7 +48176,7 @@ ${messageText}`;
           attachment: attachMeta
         });
         this._appendHistory("agent", plaintext, topicId);
-        const messageGroupId = randomUUID();
+        const messageGroupId = randomUUID2();
         for (const [convId, session] of this._sessions) {
           if (!session.activated) continue;
           const encrypted = session.ratchet.encrypt(envelope);
@@ -47999,6 +48226,56 @@ ${messageText}`;
           );
         }
       }
+      /**
+       * Resolve the agent's workspace directory.
+       * Looks for OpenClaw workspace config, falls back to default path.
+       */
+      _resolveWorkspaceDir() {
+        const homedir = process.env.HOME ?? process.env.USERPROFILE ?? "/tmp";
+        try {
+          const configPath = join3(homedir, ".openclaw", "openclaw.json");
+          const raw = __require("node:fs").readFileSync(configPath, "utf-8");
+          const config = JSON.parse(raw);
+          const agents = config?.agents?.list;
+          if (Array.isArray(agents)) {
+            for (const agent of agents) {
+              if (agent.workspace && typeof agent.workspace === "string") {
+                return agent.workspace;
+              }
+            }
+          }
+        } catch {
+        }
+        if (this.config.dataDir) {
+          return join3(this.config.dataDir, "..", "workspace");
+        }
+        return join3(homedir, ".openclaw", "workspace");
+      }
+      /**
+       * Send a structured JSON reply to a specific conversation.
+       * Encrypts the payload via the conversation's ratchet and sends via WebSocket.
+       */
+      async _sendStructuredReply(convId, payload) {
+        const session = this._sessions.get(convId);
+        if (!session || !this._ws) {
+          console.warn(`[SecureChannel] Cannot send structured reply \u2014 no session for ${convId.slice(0, 8)}...`);
+          return;
+        }
+        const plaintext = JSON.stringify(payload);
+        const encrypted = session.ratchet.encrypt(plaintext);
+        const transport = encryptedMessageToTransport(encrypted);
+        this._ws.send(
+          JSON.stringify({
+            event: "message",
+            data: {
+              conversation_id: convId,
+              header_blob: transport.header_blob,
+              ciphertext: transport.ciphertext
+            }
+          })
+        );
+        await this._persistState();
+      }
       /**
        * Send stored message history to a newly-activated session.
        * Batches all history into a single encrypted message.
@@ -48559,6 +48836,26 @@ ${messageText}`;
       _scheduleReconnect() {
         if (this._stopped) return;
         if (this._reconnectTimer) return;
+        const sinceOpen = Date.now() - this._lastWsOpenTime;
+        if (this._lastWsOpenTime > 0 && sinceOpen < 1e4) {
+          this._rapidDisconnects++;
+        } else {
+          this._rapidDisconnects = 0;
+        }
+        if (this._rapidDisconnects >= 5) {
+          console.error(
+            `[SecureChannel] Detected rapid connect/disconnect loop (${this._rapidDisconnects} times in <10s each).`
+          );
+          console.error(
+            `[SecureChannel] This usually means another process is already connected as this device.`
+          );
+          console.error(
+            `[SecureChannel] Stopping reconnection. Check for duplicate gateway processes or stale CLI sessions.`
+          );
+          this._setState("error");
+          this.emit("error", new Error("Reconnect loop detected \u2014 another process may be connected as this device"));
+          return;
+        }
         const delay = Math.min(
           RECONNECT_BASE_MS * Math.pow(2, this._reconnectAttempt),
           RECONNECT_MAX_MS