@agentvault/agentvault 0.17.5 → 0.18.0

package/dist/cli.js

@@ -46204,6 +46204,123 @@ var init_dist = __esm({
   }
 });
 
+// src/credential-store.ts
+var CredentialStore;
+var init_credential_store = __esm({
+  "src/credential-store.ts"() {
+    "use strict";
+    CredentialStore = class _CredentialStore {
+      /** Map<roomId, Map<credentialKey, RenterCredential>> */
+      _store = /* @__PURE__ */ new Map();
+      /** Seen nonces for replay prevention — bounded per room */
+      _seenNonces = /* @__PURE__ */ new Map();
+      static MAX_NONCES_PER_ROOM = 1e3;
+      constructor() {
+        const purge = () => this.purgeAll();
+        process.on("exit", purge);
+        process.on("SIGINT", () => {
+          purge();
+          process.exit(0);
+        });
+        process.on("SIGTERM", () => {
+          purge();
+          process.exit(0);
+        });
+      }
+      /**
+       * Check if a nonce has been seen (replay prevention).
+       * Returns true if the nonce is new (not a replay), false if seen before.
+       */
+      checkNonce(roomId, nonce) {
+        if (!nonce) return true;
+        let nonces = this._seenNonces.get(roomId);
+        if (!nonces) {
+          nonces = /* @__PURE__ */ new Set();
+          this._seenNonces.set(roomId, nonces);
+        }
+        if (nonces.has(nonce)) return false;
+        nonces.add(nonce);
+        if (nonces.size > _CredentialStore.MAX_NONCES_PER_ROOM) {
+          const iter = nonces.values();
+          for (let i2 = 0; i2 < 100; i2++) {
+            const val = iter.next().value;
+            if (val !== void 0) nonces.delete(val);
+          }
+        }
+        return true;
+      }
+      /** Store a credential for a room. */
+      grant(roomId, credential) {
+        let room = this._store.get(roomId);
+        if (!room) {
+          room = /* @__PURE__ */ new Map();
+          this._store.set(roomId, room);
+        }
+        room.set(credential.key, credential);
+      }
+      /** Revoke a specific credential. */
+      revoke(roomId, key) {
+        const room = this._store.get(roomId);
+        if (!room) return false;
+        return room.delete(key);
+      }
+      /** Revoke all credentials for a room. */
+      revokeAll(roomId) {
+        this._store.delete(roomId);
+      }
+      /** Get a credential value. */
+      get(roomId, key) {
+        return this._store.get(roomId)?.get(key);
+      }
+      /** Get all credentials for a room (values included — only for agent context injection). */
+      getAll(roomId) {
+        const room = this._store.get(roomId);
+        if (!room) return [];
+        return Array.from(room.values());
+      }
+      /** Get credential info without values (safe for logging). */
+      getInfo(roomId) {
+        const room = this._store.get(roomId);
+        if (!room) return [];
+        return Array.from(room.values()).map((c2) => ({
+          key: c2.key,
+          type: c2.type,
+          scope: c2.scope,
+          grantedAt: c2.grantedAt
+        }));
+      }
+      /** Check if a specific credential exists. */
+      has(roomId, key) {
+        return this._store.get(roomId)?.has(key) ?? false;
+      }
+      /** Get credential count for a room. */
+      count(roomId) {
+        return this._store.get(roomId)?.size ?? 0;
+      }
+      /** Purge all credentials for a room (rental end). */
+      purgeForRoom(roomId) {
+        this._store.delete(roomId);
+        this._seenNonces.delete(roomId);
+      }
+      /** Purge everything (process exit). */
+      purgeAll() {
+        this._store.clear();
+        this._seenNonces.clear();
+      }
+      /** Get a map of credential key → value for context injection. */
+      getCredentialMap(roomId) {
+        const room = this._store.get(roomId);
+        if (!room) return {};
+        const result = {};
+        for (const [key, cred] of room) {
+          result[key] = cred.value;
+        }
+        return result;
+      }
+    };
+  }
+});
+
 // src/crypto-helpers.ts
 var init_crypto_helpers = __esm({
   async "src/crypto-helpers.ts"() {
@@ -46873,12 +46990,13 @@ function migratePersistedState(raw) {
     messageHistory: []
   };
 }
-var ROOM_AGENT_TYPES, POLL_INTERVAL_MS, RECONNECT_BASE_MS, RECONNECT_MAX_MS, PENDING_POLL_INTERVAL_MS, SecureChannel;
+var ROOM_AGENT_TYPES, CREDENTIAL_MESSAGE_TYPES, POLL_INTERVAL_MS, RECONNECT_BASE_MS, RECONNECT_MAX_MS, PENDING_POLL_INTERVAL_MS, SecureChannel;
 var init_channel = __esm({
   async "src/channel.ts"() {
     "use strict";
     await init_libsodium_wrappers();
     await init_dist();
+    init_credential_store();
     await init_crypto_helpers();
     await init_state();
     init_transport2();
@@ -46889,6 +47007,11 @@ var init_channel = __esm({
       "decision_response",
       "artifact_share"
     ]);
+    CREDENTIAL_MESSAGE_TYPES = /* @__PURE__ */ new Set([
+      "credential_grant",
+      "credential_revoke",
+      "credential_request"
+    ]);
     POLL_INTERVAL_MS = 6e3;
     RECONNECT_BASE_MS = 1e3;
     RECONNECT_MAX_MS = 3e4;
@@ -46931,6 +47054,8 @@ var init_channel = __esm({
       _senderKeyChains = /* @__PURE__ */ new Map();
       /** Sender Key peer state — peer chains per room for decryption */
       _senderKeyStates = /* @__PURE__ */ new Map();
+      /** In-memory credential store for renter-provided credentials (never persisted). */
+      _credentialStore = new CredentialStore();
       /** Queued A2A messages for responder channels not yet activated (no first initiator message received). */
       _a2aPendingQueue = {};
       /** Dedup buffer for A2A message IDs (prevents double-delivery via direct + Redis) */
@@ -49717,6 +49842,14 @@ ${messageText}`;
           messageType = "message";
           messageText = plaintext;
         }
+        if (CREDENTIAL_MESSAGE_TYPES.has(messageType)) {
+          this._handleCredentialMessage(msgData.room_id, messageType, messageText, msgData.message_id);
+          if (msgData.created_at && this._persisted) {
+            this._persisted.lastMessageTimestamp = msgData.created_at;
+          }
+          await this._persistState();
+          return;
+        }
         if (!ROOM_AGENT_TYPES.has(messageType)) {
           return;
         }
@@ -49753,6 +49886,94 @@ ${messageText}`;
           console.error("[SecureChannel] onMessage callback error:", err);
         });
       }
+      /**
+       * Handle credential protocol messages (grant, revoke, request).
+       * These are intercepted before reaching the agent's onMessage callback.
+       */
+      _handleCredentialMessage(roomId, messageType, plaintext, messageId) {
+        try {
+          const payload = JSON.parse(plaintext);
+          if (messageType === "credential_grant") {
+            const grant = payload;
+            if (grant.nonce && !this._credentialStore.checkNonce(roomId, grant.nonce)) {
+              console.warn(`[SecureChannel] Credential grant replay detected for room ${roomId.slice(0, 8)}..., ignoring`);
+              return;
+            }
+            const keys = [];
+            for (const cred of grant.credentials || []) {
+              this._credentialStore.grant(roomId, {
+                key: cred.key,
+                value: cred.value,
+                type: cred.type,
+                scope: cred.scope,
+                grantedAt: grant.timestamp || (/* @__PURE__ */ new Date()).toISOString(),
+                agreementId: grant.agreement_id,
+                roomId
+              });
+              keys.push(cred.key);
+            }
+            console.log(
+              `[SecureChannel] Credentials granted for room ${roomId.slice(0, 8)}...: ${keys.join(", ")} (${keys.length} keys)`
+            );
+            this._sendCredentialAck(roomId, grant.agreement_id, keys, "stored");
+            this.emit("credentials_granted", { roomId, keys, agreementId: grant.agreement_id });
+          } else if (messageType === "credential_revoke") {
+            const revoke = payload;
+            const revoked = [];
+            for (const key of revoke.credential_keys || []) {
+              if (this._credentialStore.revoke(roomId, key)) {
+                revoked.push(key);
+              }
+            }
+            console.log(
+              `[SecureChannel] Credentials revoked for room ${roomId.slice(0, 8)}...: ${revoked.join(", ")} (reason: ${revoke.reason || "none"})`
+            );
+            this._sendCredentialAck(roomId, revoke.agreement_id, revoked, "revoked");
+            this.emit("credentials_revoked", { roomId, keys: revoked, agreementId: revoke.agreement_id });
+          }
+        } catch (err) {
+          console.error("[SecureChannel] Error handling credential message:", err);
+        }
+        if (messageId) {
+          this._sendAck(messageId);
+        }
+      }
+      /**
+       * Send a credential_ack back to a room.
+       */
+      _sendCredentialAck(roomId, agreementId, keys, ackStatus) {
+        const ack = JSON.stringify({
+          type: "credential_ack",
+          agreement_id: agreementId,
+          acknowledged_keys: keys,
+          status: ackStatus,
+          timestamp: (/* @__PURE__ */ new Date()).toISOString()
+        });
+        this.sendToRoom(roomId, ack, { messageType: "credential_ack" }).catch((err) => {
+          console.warn("[SecureChannel] Failed to send credential ACK:", err);
+        });
+      }
+      // --- Public credential accessors ---
+      /** Get a specific renter credential for a room. */
+      getCredential(roomId, key) {
+        return this._credentialStore.get(roomId, key);
+      }
+      /** Get all renter credentials for a room (includes values — for agent context). */
+      getCredentials(roomId) {
+        return this._credentialStore.getAll(roomId);
+      }
+      /** Get credential key→value map for a room (for context injection). */
+      getCredentialMap(roomId) {
+        return this._credentialStore.getCredentialMap(roomId);
+      }
+      /** Check if a specific credential exists for a room. */
+      hasCredential(roomId, key) {
+        return this._credentialStore.has(roomId, key);
+      }
+      /** Purge all credentials for a room (call on rental end). */
+      purgeRoomCredentials(roomId) {
+        this._credentialStore.purgeForRoom(roomId);
+      }
       /**
        * Find the pairwise conversation ID for a given sender in a room.
        */
@@ -49915,6 +50136,14 @@ ${messageText}`;
           messageType = "message";
           messageText = plaintext;
         }
+        if (CREDENTIAL_MESSAGE_TYPES.has(messageType)) {
+          this._handleCredentialMessage(msgData.room_id, messageType, messageText, msgData.message_id);
+          if (msgData.created_at && this._persisted) {
+            this._persisted.lastMessageTimestamp = msgData.created_at;
+          }
+          await this._persistState();
+          return;
+        }
         if (!ROOM_AGENT_TYPES.has(messageType)) {
           return;
         }
@@ -71149,6 +71378,7 @@ var init_index = __esm({
     "use strict";
     await init_channel();
     init_types();
+    init_credential_store();
     init_account_config();
     await init_openclaw_plugin();
     init_gateway_send();