@agentvault/agentvault 0.19.58 → 0.19.59

package/dist/cli.js

@@ -62647,6 +62647,24 @@ var init_channel = __esm({
           if (this._persisted.seenA2AMessageIds) {
             this._a2aSeenMessageIds = new Set(this._persisted.seenA2AMessageIds.slice(-_SecureChannel.A2A_SEEN_MAX));
           }
+          if (this._persisted?.rooms) {
+            const roomConvIds = /* @__PURE__ */ new Set();
+            for (const room of Object.values(this._persisted.rooms)) {
+              for (const cid of room.conversationIds || []) {
+                roomConvIds.add(cid);
+              }
+            }
+            let cleanedCount = 0;
+            for (const cid of roomConvIds) {
+              if (this._persisted.sessions[cid]) {
+                delete this._persisted.sessions[cid];
+                cleanedCount++;
+              }
+            }
+            if (cleanedCount > 0) {
+              console.log(`[SecureChannel] Cleaned ${cleanedCount} stale DR room sessions`);
+            }
+          }
           for (const [convId, sessionData] of Object.entries(
             this._persisted.sessions
           )) {
@@ -63019,89 +63037,21 @@ var init_channel = __esm({
       }
       // --- Multi-agent room methods ---
       /**
-       * Join a room by performing X3DH key exchange with each member
-       * for the pairwise conversations involving this device.
+       * Join a room by collecting pairwise conversation IDs involving this device.
+       * Encryption is handled by MLS group operations, not per-member DR sessions.
        */
       async joinRoom(roomData) {
         if (!this._persisted) {
           throw new Error("Channel not initialized");
         }
         await libsodium_wrappers_default.ready;
-        if (roomData.forceRekey) {
-          let cleared = 0;
-          const existingRoom = this._persisted.rooms?.[roomData.roomId];
-          if (existingRoom) {
-            for (const convId of existingRoom.conversationIds) {
-              if (this._sessions.has(convId)) {
-                this._sessions.delete(convId);
-                cleared++;
-              }
-              delete this._persisted.sessions[convId];
-            }
-          }
-          if (this._persisted) {
-            this._persisted.lastMessageTimestamp = (/* @__PURE__ */ new Date()).toISOString();
-          }
-          console.log(
-            `[SecureChannel] Force rekey: cleared ${cleared} sessions for room ${roomData.roomId.slice(0, 8)}...`
-          );
-        }
-        const identity = this._persisted.identityKeypair;
-        const ephemeral = this._persisted.ephemeralKeypair;
         const myDeviceId = this._deviceId;
         const conversationIds = [];
         for (const conv of roomData.conversations) {
           if (conv.participantA !== myDeviceId && conv.participantB !== myDeviceId) {
             continue;
           }
-          if (this._sessions.has(conv.id)) {
-            conversationIds.push(conv.id);
-            continue;
-          }
-          const otherDeviceId = conv.participantA === myDeviceId ? conv.participantB : conv.participantA;
-          const otherMember = roomData.members.find((m2) => m2.deviceId === otherDeviceId);
-          if (!otherMember?.identityPublicKey) {
-            console.warn(
-              `[SecureChannel] No public key for member ${otherDeviceId.slice(0, 8)}..., skipping`
-            );
-            continue;
-          }
-          const isInitiator = myDeviceId < otherDeviceId;
-          const theirEphKey = otherMember.ephemeralPublicKey ?? otherMember.identityPublicKey;
-          const sharedSecret = performX3DH({
-            myIdentityPrivate: hexToBytes(identity.privateKey),
-            myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
-            theirIdentityPublic: hexToBytes(otherMember.identityPublicKey),
-            theirEphemeralPublic: hexToBytes(theirEphKey),
-            isInitiator
-          });
-          const peerIdentityPub = hexToBytes(otherMember.identityPublicKey);
-          const ratchet = isInitiator ? DoubleRatchet.initSender(sharedSecret, {
-            publicKey: hexToBytes(identity.publicKey),
-            privateKey: hexToBytes(identity.privateKey),
-            keyType: "ed25519"
-          }, peerIdentityPub) : DoubleRatchet.initReceiver(sharedSecret, {
-            publicKey: hexToBytes(identity.publicKey),
-            privateKey: hexToBytes(identity.privateKey),
-            keyType: "ed25519"
-          }, peerIdentityPub);
-          this._sessions.set(conv.id, {
-            ownerDeviceId: otherDeviceId,
-            ratchet,
-            activated: isInitiator,
-            // initiator can send immediately
-            epoch: 1
-          });
-          this._persisted.sessions[conv.id] = {
-            ownerDeviceId: otherDeviceId,
-            ratchetState: ratchet.serialize(),
-            activated: isInitiator,
-            epoch: 1
-          };
           conversationIds.push(conv.id);
-          console.log(
-            `[SecureChannel] Room session initialized: conv ${conv.id.slice(0, 8)}... with ${otherDeviceId.slice(0, 8)}... (initiator=${isInitiator})`
-          );
         }
         if (!this._persisted.rooms) {
           this._persisted.rooms = {};
@@ -63197,68 +63147,15 @@ var init_channel = __esm({
               }
               return;
             } catch (mlsErr) {
-              console.warn(`[SecureChannel] MLS encrypt failed for room ${roomId.slice(0, 8)}, falling through to legacy:`, mlsErr);
-            }
-          }
-        }
-        const recipients = [];
-        for (const convId of room.conversationIds) {
-          const session = this._sessions.get(convId);
-          if (!session) {
-            console.warn(`[SecureChannel] No session for room conv ${convId.slice(0, 8)}..., skipping`);
-            continue;
-          }
-          const encrypted = session.ratchet.encrypt(plaintext);
-          const transport = encryptedMessageToTransport(encrypted);
-          recipients.push({
-            device_id: session.ownerDeviceId,
-            header_blob: transport.header_blob,
-            ciphertext: transport.ciphertext
-          });
-        }
-        if (recipients.length === 0) {
-          throw new Error("No active sessions in room");
-        }
-        await this._persistState();
-        if (this._state === "ready" && this._ws) {
-          this._ws.send(
-            JSON.stringify({
-              event: "room_message",
-              data: {
-                room_id: roomId,
-                recipients,
-                message_type: messageType,
-                priority: opts?.priority ?? "normal",
-                metadata: opts?.metadata
-              }
-            })
-          );
-        } else {
-          try {
-            const res = await fetch(
-              `${this.config.apiUrl}/api/v1/rooms/${roomId}/messages`,
-              {
-                method: "POST",
-                headers: {
-                  "Content-Type": "application/json",
-                  Authorization: `Bearer ${this._deviceJwt}`
-                },
-                body: JSON.stringify({
-                  recipients,
-                  message_type: messageType,
-                  priority: opts?.priority ?? "normal",
-                  metadata: opts?.metadata
-                })
-              }
-            );
-            if (!res.ok) {
-              const detail = await res.text();
-              throw new Error(`Room message failed (${res.status}): ${detail}`);
+              throw new Error(
+                `MLS encrypt failed for room ${roomId.slice(0, 8)}... \u2014 MLS group must be initialized before sending. Error: ${mlsErr}`
+              );
             }
-          } catch (err) {
-            throw new Error(`Failed to send room message: ${err}`);
           }
         }
+        throw new Error(
+          `Room ${roomId.slice(0, 8)}... has no initialized MLS group. MLS initialization must complete before messages can be sent.`
+        );
       }
       /**
        * Leave a room: remove sessions and persisted room state.
@@ -65418,250 +65315,8 @@ ${messageText}`;
           this.emit("error", err);
         }
       }
-      /**
-       * Send a resync_request for a room conversation if the cooldown has elapsed.
-       * Shared by all room ratchet failure paths to avoid code duplication.
-       */
-      _sendRoomResyncIfCooled(convId, reason, session) {
-        const RESYNC_COOLDOWN_MS = 5 * 60 * 1e3;
-        const lastResync = this._lastResyncRequest.get(convId) ?? 0;
-        if (Date.now() - lastResync > RESYNC_COOLDOWN_MS && this._ws && this._persisted) {
-          this._lastResyncRequest.set(convId, Date.now());
-          this._ws.send(
-            JSON.stringify({
-              event: "resync_request",
-              data: {
-                conversation_id: convId,
-                reason,
-                identity_public_key: this._persisted.identityKeypair.publicKey,
-                ephemeral_public_key: this._persisted.ephemeralKeypair.publicKey,
-                epoch: session?.epoch
-              }
-            })
-          );
-          console.log(
-            `[SecureChannel] Room resync requested for conv ${convId.slice(0, 8)} (${reason})`
-          );
-        }
-      }
-      /**
-       * Handle an incoming room message (pairwise path — used by sync replay and pairwise room fallback).
-       * Finds the pairwise conversation for the sender, decrypts, and emits a room_message event.
-       */
-      async _handleRoomMessage(msgData) {
-        if (msgData.sender_device_id === this._deviceId) return;
-        this._lastInboundRoomId = msgData.room_id;
-        const convId = msgData.conversation_id ?? this._findConversationForSender(msgData.sender_device_id, msgData.room_id);
-        if (!convId) {
-          console.warn(
-            `[SecureChannel] No conversation found for sender ${msgData.sender_device_id.slice(0, 8)}... in room ${msgData.room_id}`
-          );
-          return;
-        }
-        let session = this._sessions.get(convId);
-        if (!session) {
-          console.warn(
-            `[SecureChannel] No session for room conv ${convId.slice(0, 8)}..., fetching room data`
-          );
-          try {
-            const roomRes = await fetch(
-              `${this.config.apiUrl}/api/v1/rooms/${msgData.room_id}`,
-              {
-                headers: {
-                  Authorization: `Bearer ${this._persisted.deviceJwt}`
-                }
-              }
-            );
-            if (roomRes.ok) {
-              const roomData = await roomRes.json();
-              await this.joinRoom({
-                roomId: roomData.id,
-                name: roomData.name,
-                members: (roomData.members || []).map((m2) => ({
-                  deviceId: m2.device_id,
-                  entityType: m2.entity_type,
-                  displayName: m2.display_name,
-                  identityPublicKey: m2.identity_public_key,
-                  ephemeralPublicKey: m2.ephemeral_public_key
-                })),
-                conversations: (roomData.conversations || []).map((c2) => ({
-                  id: c2.id,
-                  participantA: c2.participant_a,
-                  participantB: c2.participant_b
-                }))
-              });
-              session = this._sessions.get(convId);
-            }
-          } catch (fetchErr) {
-            console.error(
-              `[SecureChannel] Failed to fetch room data for ${msgData.room_id}:`,
-              fetchErr
-            );
-          }
-          if (!session) {
-            console.warn(
-              `[SecureChannel] Still no session for room conv ${convId.slice(0, 8)}... after refresh, skipping`
-            );
-            return;
-          }
-        }
-        const encrypted = transportToEncryptedMessage({
-          header_blob: msgData.header_blob,
-          ciphertext: msgData.ciphertext
-        });
-        let plaintext;
-        const ratchetSnapshot = session.ratchet.serialize();
-        try {
-          plaintext = session.ratchet.decrypt(encrypted);
-        } catch (decryptErr) {
-          try {
-            session.ratchet = DoubleRatchet.deserialize(ratchetSnapshot);
-          } catch {
-          }
-          console.warn(
-            `[SecureChannel] Room decrypt failed for conv ${convId.slice(0, 8)}...: ${String(decryptErr)}, re-initializing ratchet`
-          );
-          try {
-            const roomEntry = this._persisted?.rooms ? Object.values(this._persisted.rooms).find(
-              (r2) => r2.conversationIds.includes(convId)
-            ) : null;
-            if (!roomEntry) throw new Error("Room not found for conversation");
-            const otherMember = roomEntry.members.find(
-              (m2) => m2.deviceId === msgData.sender_device_id
-            );
-            if (!otherMember?.identityPublicKey) throw new Error("No key for sender");
-            const isInitiator = this._deviceId < msgData.sender_device_id;
-            const identity = this._persisted.identityKeypair;
-            const ephemeral = this._persisted.ephemeralKeypair;
-            const sharedSecret = performX3DH({
-              myIdentityPrivate: hexToBytes(identity.privateKey),
-              myEphemeralPrivate: hexToBytes(ephemeral.privateKey),
-              theirIdentityPublic: hexToBytes(otherMember.identityPublicKey),
-              theirEphemeralPublic: hexToBytes(
-                otherMember.ephemeralPublicKey ?? otherMember.identityPublicKey
-              ),
-              isInitiator
-            });
-            const peerIdPub = hexToBytes(otherMember.identityPublicKey);
-            const newRatchet = isInitiator ? DoubleRatchet.initSender(sharedSecret, {
-              publicKey: hexToBytes(identity.publicKey),
-              privateKey: hexToBytes(identity.privateKey),
-              keyType: "ed25519"
-            }, peerIdPub) : DoubleRatchet.initReceiver(sharedSecret, {
-              publicKey: hexToBytes(identity.publicKey),
-              privateKey: hexToBytes(identity.privateKey),
-              keyType: "ed25519"
-            }, peerIdPub);
-            session.ratchet = newRatchet;
-            session.activated = false;
-            this._persisted.sessions[convId] = {
-              ownerDeviceId: session.ownerDeviceId,
-              ratchetState: newRatchet.serialize(),
-              activated: false
-            };
-            await this._persistState();
-            console.log(
-              `[SecureChannel] Room ratchet re-initialized for conv ${convId.slice(0, 8)}...`
-            );
-            const incomingMsgNum = encrypted.header.messageNumber;
-            if (incomingMsgNum <= 5) {
-              try {
-                plaintext = session.ratchet.decrypt(encrypted);
-                session.activated = true;
-                if (this._persisted.sessions[convId]) {
-                  this._persisted.sessions[convId].activated = true;
-                }
-                await this._persistState();
-                console.log(
-                  `[SecureChannel] Room session ${convId.slice(0, 8)}... re-activated after ratchet re-init`
-                );
-              } catch (retryErr) {
-                console.warn(
-                  `[SecureChannel] Room re-init retry failed for conv ${convId.slice(0, 8)} (msgNum=${incomingMsgNum}):`,
-                  retryErr
-                );
-                this._sendRoomResyncIfCooled(convId, "room_reinit_retry_failed", session);
-                return;
-              }
-            } else {
-              console.log(
-                `[SecureChannel] Room re-init: skipping message with msgNum=${incomingMsgNum} for conv ${convId.slice(0, 8)} (too far ahead for fresh ratchet)`
-              );
-              this._sendRoomResyncIfCooled(convId, "room_message_skip");
-              return;
-            }
-          } catch (reinitErr) {
-            console.error(
-              `[SecureChannel] Room ratchet re-init failed for conv ${convId.slice(0, 8)}...:`,
-              reinitErr
-            );
-            this._sendRoomResyncIfCooled(convId, "room_reinit_failed");
-            return;
-          }
-        }
-        let messageText;
-        let messageType;
-        try {
-          const parsed = JSON.parse(plaintext);
-          messageType = parsed.type || "message";
-          messageText = parsed.text || plaintext;
-        } catch {
-          messageType = "message";
-          messageText = plaintext;
-        }
-        if (CREDENTIAL_MESSAGE_TYPES.has(messageType)) {
-          this._handleCredentialMessage(msgData.room_id, messageType, messageText, msgData.message_id);
-          if (msgData.created_at && this._persisted) {
-            this._persisted.lastMessageTimestamp = msgData.created_at;
-          }
-          await this._persistState();
-          return;
-        }
-        if (!ROOM_AGENT_TYPES.has(messageType)) {
-          return;
-        }
-        if (!session.activated) {
-          session.activated = true;
-          console.log(
-            `[SecureChannel] Room session ${convId.slice(0, 8)}... activated by first message`
-          );
-        }
-        if (msgData.message_id) {
-          this._sendAck(msgData.message_id);
-        }
-        if (msgData.created_at && this._persisted) {
-          this._persisted.lastMessageTimestamp = msgData.created_at;
-        }
-        await this._persistState();
-        const legacyRoomMembers = this._persisted?.rooms?.[msgData.room_id]?.members ?? [];
-        const legacySenderMember = legacyRoomMembers.find((m2) => m2.deviceId === msgData.sender_device_id);
-        const legacySenderIsAgent = legacySenderMember?.entityType === "agent";
-        const legacySenderLabel = legacySenderMember?.displayName || "someone";
-        const metadata = {
-          messageId: msgData.message_id ?? "",
-          conversationId: convId,
-          timestamp: msgData.created_at ?? (/* @__PURE__ */ new Date()).toISOString(),
-          messageType,
-          roomId: msgData.room_id,
-          senderDeviceId: msgData.sender_device_id,
-          senderIsAgent: legacySenderIsAgent,
-          senderName: legacySenderLabel,
-          roomName: this._persisted?.rooms?.[msgData.room_id]?.name
-        };
-        this._appendHistory("owner", messageText, `room:${msgData.room_id}`);
-        this.emit("room_message", {
-          roomId: msgData.room_id,
-          senderDeviceId: msgData.sender_device_id,
-          senderName: legacySenderLabel,
-          plaintext: messageText,
-          messageType,
-          timestamp: msgData.created_at ?? (/* @__PURE__ */ new Date()).toISOString()
-        });
-        const legacyContextualMessage = legacySenderIsAgent ? messageText : `[${legacySenderLabel}]: ${messageText}`;
-        Promise.resolve(this.config.onMessage?.(legacyContextualMessage, metadata)).catch((err) => {
-          console.error("[SecureChannel] onMessage callback error:", err);
-        });
-      }
+      // _sendRoomResyncIfCooled removed — rooms are MLS-only now
+      // _handleRoomMessage removed — rooms are MLS-only now
       /**
        * Handle credential protocol messages (grant, revoke, request).
        * These are intercepted before reaching the agent's onMessage callback.
@@ -65750,20 +65405,7 @@ ${messageText}`;
       purgeRoomCredentials(roomId) {
         this._credentialStore.purgeForRoom(roomId);
       }
-      /**
-       * Find the pairwise conversation ID for a given sender in a room.
-       */
-      _findConversationForSender(senderDeviceId, roomId) {
-        const room = this._persisted?.rooms?.[roomId];
-        if (!room) return null;
-        for (const convId of room.conversationIds) {
-          const session = this._sessions.get(convId);
-          if (session && session.ownerDeviceId === senderDeviceId) {
-            return convId;
-          }
-        }
-        return null;
-      }
+      // _findConversationForSender removed — rooms are MLS-only now
       // ---------------------------------------------------------------------------
       // MLS room message handlers
       // ---------------------------------------------------------------------------
@@ -65787,11 +65429,12 @@ ${messageText}`;
             return;
           }
         }
-        this._lastInboundRoomId = roomId;
-        const mlsGroup = this._mlsGroups.get(roomId);
-        console.log(`[SecureChannel] MLS decrypt attempt room=${roomId.slice(0, 8)} group=${groupId?.slice(0, 8)} loaded=${!!mlsGroup} init=${mlsGroup?.isInitialized} mlsGroupsKeys=[${Array.from(this._mlsGroups.keys()).join(",")}]`);
+        const resolvedRoomId = roomId;
+        this._lastInboundRoomId = resolvedRoomId;
+        const mlsGroup = this._mlsGroups.get(resolvedRoomId);
+        console.log(`[SecureChannel] MLS decrypt attempt room=${resolvedRoomId.slice(0, 8)} group=${groupId?.slice(0, 8)} loaded=${!!mlsGroup} init=${mlsGroup?.isInitialized} mlsGroupsKeys=[${Array.from(this._mlsGroups.keys()).join(",")}]`);
         if (!mlsGroup?.isInitialized) {
-          console.warn(`[SecureChannel] MLS group not loaded for room ${roomId.slice(0, 8)}`);
+          console.warn(`[SecureChannel] MLS group not loaded for room ${resolvedRoomId.slice(0, 8)}`);
           return;
         }
         try {
@@ -65813,7 +65456,7 @@ ${messageText}`;
             messageText = rawPlaintext;
           }
           if (CREDENTIAL_MESSAGE_TYPES.has(messageType)) {
-            this._handleCredentialMessage(roomId, messageType, messageText, data.message_id);
+            this._handleCredentialMessage(resolvedRoomId, messageType, messageText, data.message_id);
             if (data.created_at && this._persisted) {
               this._persisted.lastMessageTimestamp = data.created_at;
             }
@@ -65828,13 +65471,13 @@ ${messageText}`;
           }
           if (data.created_at && this._persisted) {
             this._persisted.lastMessageTimestamp = data.created_at;
-            const roomState = this._persisted.rooms?.[roomId];
+            const roomState = this._persisted.rooms?.[resolvedRoomId];
             if (roomState) {
               roomState.lastMlsMessageTs = data.created_at;
             }
           }
           await this._persistState();
-          const roomMembers = this._persisted?.rooms?.[roomId]?.members ?? [];
+          const roomMembers = this._persisted?.rooms?.[resolvedRoomId]?.members ?? [];
           const senderMember = roomMembers.find((m2) => m2.deviceId === senderDeviceId);
           const senderIsAgent = senderMember?.entityType === "agent";
           const metadata = {
@@ -65842,16 +65485,16 @@ ${messageText}`;
             conversationId: "",
             timestamp: data.created_at ?? (/* @__PURE__ */ new Date()).toISOString(),
             messageType,
-            roomId,
+            roomId: resolvedRoomId,
             senderDeviceId,
             senderIsAgent,
             senderName: senderMember?.displayName || "unknown",
-            roomName: this._persisted?.rooms?.[roomId]?.name
+            roomName: this._persisted?.rooms?.[resolvedRoomId]?.name
           };
           const senderLabel = senderMember?.displayName || "someone";
-          this._appendHistory("owner", messageText, `room:${roomId}`);
+          this._appendHistory("owner", messageText, `room:${resolvedRoomId}`);
           this.emit("room_message", {
-            roomId,
+            roomId: resolvedRoomId,
             senderDeviceId,
             senderName: senderLabel,
             plaintext: messageText,
@@ -65863,7 +65506,7 @@ ${messageText}`;
             console.error("[SecureChannel] onMessage callback error (MLS):", err);
           });
         } catch (err) {
-          console.error(`[SecureChannel] MLS room decrypt failed for ${roomId.slice(0, 8)}:`, err);
+          console.error(`[SecureChannel] MLS room decrypt failed for ${resolvedRoomId.slice(0, 8)}:`, err);
         }
       }
       async _handleMlsCommit(data) {
@@ -66190,22 +65833,6 @@ ${messageText}`;
                 }
               }
               if (roomId) {
-                try {
-                  await this._handleRoomMessage({
-                    room_id: roomId,
-                    sender_device_id: msg.sender_device_id,
-                    conversation_id: msg.conversation_id,
-                    header_blob: msg.header_blob,
-                    ciphertext: msg.ciphertext,
-                    message_id: msg.id,
-                    created_at: msg.created_at
-                  });
-                } catch (roomErr) {
-                  console.warn(
-                    `[SecureChannel] Sync room message failed for ${msg.conversation_id.slice(0, 8)}...:`,
-                    roomErr
-                  );
-                }
                 this._persisted.lastMessageTimestamp = msg.created_at;
                 since = msg.created_at;
                 continue;