npm - @agora-sdk/secure-chat-core - Versions diffs - 0.1.0 → 0.2.0 - Mend

@agora-sdk/secure-chat-core 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (58) hide show

package/dist/cjs/context/secure-chat-context.d.ts +24 -18
package/dist/cjs/context/secure-chat-context.js +42 -23
package/dist/cjs/context/secure-chat-context.js.map +1 -1
package/dist/cjs/contract/index.js +2 -2
package/dist/cjs/contract/index.js.map +1 -1
package/dist/cjs/hooks/useSecureConversations.d.ts +1 -1
package/dist/cjs/hooks/useSecureConversations.js +9 -7
package/dist/cjs/hooks/useSecureConversations.js.map +1 -1
package/dist/cjs/hooks/useSecureDevice.d.ts +14 -13
package/dist/cjs/hooks/useSecureDevice.js +58 -25
package/dist/cjs/hooks/useSecureDevice.js.map +1 -1
package/dist/cjs/hooks/useSecureMessages.d.ts +10 -11
package/dist/cjs/hooks/useSecureMessages.js +89 -21
package/dist/cjs/hooks/useSecureMessages.js.map +1 -1
package/dist/cjs/index.d.ts +18 -14
package/dist/cjs/index.js +23 -19
package/dist/cjs/index.js.map +1 -1
package/dist/cjs/package.json +1 -0
package/dist/cjs/persistence/memory-store.d.ts +9 -0
package/dist/cjs/persistence/memory-store.js +27 -0
package/dist/cjs/persistence/memory-store.js.map +1 -0
package/dist/cjs/persistence/repository.d.ts +36 -0
package/dist/cjs/persistence/repository.js +72 -0
package/dist/cjs/persistence/repository.js.map +1 -0
package/dist/cjs/persistence/store.d.ts +11 -0
package/dist/cjs/persistence/store.js +8 -0
package/dist/cjs/persistence/store.js.map +1 -0
package/dist/cjs/transport/rest.d.ts +1 -1
package/dist/cjs/transport/socket.d.ts +1 -1
package/dist/esm/context/secure-chat-context.d.ts +24 -18
package/dist/esm/context/secure-chat-context.js +41 -22
package/dist/esm/context/secure-chat-context.js.map +1 -1
package/dist/esm/contract/index.js +2 -2
package/dist/esm/contract/index.js.map +1 -1
package/dist/esm/hooks/useSecureConversations.d.ts +1 -1
package/dist/esm/hooks/useSecureConversations.js +6 -4
package/dist/esm/hooks/useSecureConversations.js.map +1 -1
package/dist/esm/hooks/useSecureDevice.d.ts +14 -13
package/dist/esm/hooks/useSecureDevice.js +55 -22
package/dist/esm/hooks/useSecureDevice.js.map +1 -1
package/dist/esm/hooks/useSecureMessages.d.ts +10 -11
package/dist/esm/hooks/useSecureMessages.js +86 -18
package/dist/esm/hooks/useSecureMessages.js.map +1 -1
package/dist/esm/index.d.ts +18 -14
package/dist/esm/index.js +9 -7
package/dist/esm/index.js.map +1 -1
package/dist/esm/persistence/memory-store.d.ts +9 -0
package/dist/esm/persistence/memory-store.js +23 -0
package/dist/esm/persistence/memory-store.js.map +1 -0
package/dist/esm/persistence/repository.d.ts +36 -0
package/dist/esm/persistence/repository.js +68 -0
package/dist/esm/persistence/repository.js.map +1 -0
package/dist/esm/persistence/store.d.ts +11 -0
package/dist/esm/persistence/store.js +7 -0
package/dist/esm/persistence/store.js.map +1 -0
package/dist/esm/transport/rest.d.ts +1 -1
package/dist/esm/transport/socket.d.ts +1 -1
package/package.json +3 -3

package/dist/esm/context/secure-chat-context.js CHANGED Viewed

@@ -1,36 +1,33 @@
 import { jsx as _jsx } from "react/jsx-runtime";
-// SecureChatProvider — wires the transport + crypto for the secure-chat hooks.
+// SecureChatProvider — wires transport + crypto + persistence for the secure-chat hooks.
 //
 // Sits INSIDE a ReplykeProvider: by default it resolves the API base URL and socket origin from
-// @agora-sdk/core's runtime singletons (getApiBaseUrl / getSocketUrl), so whatever `baseUrl` the
-// app set on ReplykeProvider is honored here too. Crypto is injected (a `SecureChatCrypto`), keeping
-// core platform- and library-agnostic — the web/native packages supply the concrete MLS impl.
-import { createContext, useContext, useEffect, useMemo, useRef } from "react";
+// @agora-sdk/core's runtime singletons (getApiBaseUrl / getSocketUrl). Crypto AND the persistence
+// store are injected, keeping core platform- and library-agnostic. The provider builds a typed
+// SecureChatRepository over the store plus a cached resolveGroup/rememberGroup so the hooks become
+// self-sufficient (no need to thread a GroupHandle in by hand).
+import { createContext, useCallback, useContext, useEffect, useMemo, useRef } from "react";
 import { getApiBaseUrl, getSocketUrl } from "@agora-sdk/core";
-import { SecureChatRestClient } from "../transport/rest";
-import { SecureChatSocketClient } from "../transport/socket";
+import { SecureChatRestClient } from "../transport/rest.js";
+import { SecureChatSocketClient } from "../transport/socket.js";
+import { MemoryStore } from "../persistence/memory-store.js";
+import { SecureChatRepository } from "../persistence/repository.js";
 const SecureChatContext = createContext(null);
 /**
- * Provides the secure-chat transport + crypto to the `useSecure*` hooks. Render it inside a
- * `ReplykeProvider`: by default it inherits the API base URL and socket origin from
- * `@agora-sdk/core`'s runtime, and disconnects the socket on unmount.
+ * Provides secure-chat transport, crypto, and persistence to the `useSecure*` hooks. Render inside a
+ * `ReplykeProvider`; disconnects the socket on unmount.
  *
- * @param props - {@link SecureChatProviderProps} — the injected crypto, project id, token, and
- *   optional base/socket URL overrides.
+ * @param props - {@link SecureChatProviderProps}.
  * @returns A context provider wrapping `children`.
  *
  * @example
  * ```tsx
- * <ReplykeProvider projectId={projectId} baseUrl={baseUrl}>
- *   <SecureChatProvider crypto={crypto} projectId={projectId} accessToken={token}>
- *     <Chat />
- *   </SecureChatProvider>
- * </ReplykeProvider>
+ * <SecureChatProvider crypto={crypto} projectId={projectId} store={createIndexedDBStore()} accessToken={token}>
+ *   <Chat />
+ * </SecureChatProvider>
  * ```
  */
-export function SecureChatProvider({ crypto, projectId, accessToken, getAccessToken, baseUrl, socketUrl, children, }) {
-    // Keep the latest token in a ref so the per-request resolver always returns the current value
-    // without rebuilding the transport clients on every token change.
+export function SecureChatProvider({ crypto, projectId, store, accessToken, getAccessToken, baseUrl, socketUrl, children, }) {
     const tokenRef = useRef(accessToken);
     tokenRef.current = accessToken;
     const resolveToken = useMemo(() => getAccessToken ?? (() => tokenRef.current), [getAccessToken]);
@@ -44,16 +41,38 @@ export function SecureChatProvider({ crypto, projectId, accessToken, getAccessTo
         getAccessToken: resolveToken,
         getSocketUrl: () => socketUrl ?? getSocketUrl(),
     }), [projectId, resolveToken, socketUrl]);
+    const resolvedStore = useMemo(() => store ?? new MemoryStore(), [store]);
+    const repo = useMemo(() => new SecureChatRepository(resolvedStore), [resolvedStore]);
+    // In-memory GroupHandle cache, keyed by conversationId. Survives re-renders via the ref.
+    // NOTE: not cleared on a `store` prop swap — a store change in practice means a new provider
+    // instance (fresh cache), not a live prop change on the same mounted provider.
+    const groupCache = useRef(new Map());
+    const resolveGroup = useCallback(async (conversationId) => {
+        const cached = groupCache.current.get(conversationId);
+        if (cached)
+            return cached;
+        const bytes = await repo.loadGroupState(conversationId);
+        if (!bytes)
+            return null;
+        const handle = await crypto.importGroupState(bytes);
+        groupCache.current.set(conversationId, handle);
+        return handle;
+    }, [repo, crypto]);
+    const rememberGroup = useCallback(async (conversationId, handle) => {
+        groupCache.current.set(conversationId, handle);
+        const bytes = await crypto.exportGroupState(handle);
+        await repo.saveGroupState(conversationId, bytes);
+    }, [repo, crypto]);
     useEffect(() => {
         return () => socket.disconnect();
     }, [socket]);
-    const value = useMemo(() => ({ rest, socket, crypto, projectId }), [rest, socket, crypto, projectId]);
+    const value = useMemo(() => ({ rest, socket, crypto, repo, resolveGroup, rememberGroup, projectId }), [rest, socket, crypto, repo, resolveGroup, rememberGroup, projectId]);
     return _jsx(SecureChatContext.Provider, { value: value, children: children });
 }
 /**
  * Access the nearest {@link SecureChatContextValue}.
  *
- * @returns The shared rest/socket/crypto/projectId for this provider subtree.
+ * @returns The shared rest/socket/crypto/repo/resolveGroup/projectId for this provider subtree.
  * @throws {Error} When called outside a `<SecureChatProvider>`.
  */
 export function useSecureChat() {

package/dist/esm/context/secure-chat-context.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"secure-chat-context.js","sourceRoot":"","sources":["../../../src/context/secure-chat-context.tsx"],"names":[],"mappings":";AAAA~~,+EAA+E~~;~~AAC/E~~,EAAE;AACF,gGAAgG;AAChG,~~iGAAiG~~;~~AACjG~~,~~qGAAqG~~;~~AACrG~~,~~8FAA8F~~;~~AAE9F~~,OAAc,EAAE,aAAa,EAAE,UAAU,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,OAAO,CAAC;~~AACrF~~,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAG9D,OAAO,EAAE,oBAAoB,EAAE,MAAM,~~mBAAmB~~,CAAC;~~AACzD~~,OAAO,EAAE,sBAAsB,EAAE,MAAM,~~qBAAqB~~,CAAC;~~AAiB7D~~,MAAM,iBAAiB,GAAG,aAAa,CAAgC,IAAI,CAAC,CAAC;~~AAmB7E;;;;;;;;;;;;;;;;;GAiBG~~;AACH,MAAM,UAAU,kBAAkB,CAAC,EACjC,MAAM,EACN,SAAS,EACT,WAAW,EACX,cAAc,EACd,OAAO,EACP,SAAS,EACT,QAAQ,GACgB;IACxB,~~8FAA8F;IAC9F,kEAAkE;IAClE,~~MAAM,QAAQ,GAAG,MAAM,CAAqB,WAAW,CAAC,CAAC;IACzD,QAAQ,CAAC,OAAO,GAAG,WAAW,CAAC;IAE/B,MAAM,YAAY,GAAG,OAAO,CAC1B,GAAG,EAAE,CAAC,cAAc,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,EAChD,CAAC,cAAc,CAAC,CACjB,CAAC;IAEF,MAAM,IAAI,GAAG,OAAO,CAClB,GAAG,EAAE,CACH,IAAI,oBAAoB,CAAC;QACvB,SAAS;QACT,cAAc,EAAE,YAAY;QAC5B,UAAU,EAAE,GAAG,EAAE,CAAC,OAAO,IAAI,aAAa,EAAE;KAC7C,CAAC,EACJ,CAAC,SAAS,EAAE,YAAY,EAAE,OAAO,CAAC,CACnC,CAAC;IAEF,MAAM,MAAM,GAAG,OAAO,CACpB,GAAG,EAAE,CACH,IAAI,sBAAsB,CAAC;QACzB,SAAS;QACT,cAAc,EAAE,YAAY;QAC5B,YAAY,EAAE,GAAG,EAAE,CAAC,SAAS,IAAI,YAAY,EAAE;KAChD,CAAC,EACJ,CAAC,SAAS,EAAE,YAAY,EAAE,SAAS,CAAC,CACrC,CAAC;IAEF,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;IACnC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAEb,MAAM,KAAK,GAAG,OAAO,CACnB,GAAG,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,~~EAC3C~~,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,~~CAClC~~,CAAC;IAEF,OAAO,KAAC,iBAAiB,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,YAAG,QAAQ,GAA8B,CAAC;AAC3F,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,aAAa;IAC3B,MAAM,GAAG,GAAG,UAAU,CAAC,iBAAiB,CAAC,CAAC;IAC1C,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;IAC/E,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}
1	+ {"version":3,"file":"secure-chat-context.js","sourceRoot":"","sources":["../../../src/context/secure-chat-context.tsx"],"names":[],"mappings":";AAAA,yFAAyF;AACzF,EAAE;AACF,gGAAgG;AAChG,kGAAkG;AAClG,+FAA+F;AAC/F,mGAAmG;AACnG,gEAAgE;AAEhE,OAAc,EAAE,aAAa,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,OAAO,CAAC;AAClG,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAG9D,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC5D,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAEhE,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAC7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AAuBpE,MAAM,iBAAiB,GAAG,aAAa,CAAgC,IAAI,CAAC,CAAC;AAqB7E;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,kBAAkB,CAAC,EACjC,MAAM,EACN,SAAS,EACT,KAAK,EACL,WAAW,EACX,cAAc,EACd,OAAO,EACP,SAAS,EACT,QAAQ,GACgB;IACxB,MAAM,QAAQ,GAAG,MAAM,CAAqB,WAAW,CAAC,CAAC;IACzD,QAAQ,CAAC,OAAO,GAAG,WAAW,CAAC;IAE/B,MAAM,YAAY,GAAG,OAAO,CAC1B,GAAG,EAAE,CAAC,cAAc,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,EAChD,CAAC,cAAc,CAAC,CACjB,CAAC;IAEF,MAAM,IAAI,GAAG,OAAO,CAClB,GAAG,EAAE,CACH,IAAI,oBAAoB,CAAC;QACvB,SAAS;QACT,cAAc,EAAE,YAAY;QAC5B,UAAU,EAAE,GAAG,EAAE,CAAC,OAAO,IAAI,aAAa,EAAE;KAC7C,CAAC,EACJ,CAAC,SAAS,EAAE,YAAY,EAAE,OAAO,CAAC,CACnC,CAAC;IAEF,MAAM,MAAM,GAAG,OAAO,CACpB,GAAG,EAAE,CACH,IAAI,sBAAsB,CAAC;QACzB,SAAS;QACT,cAAc,EAAE,YAAY;QAC5B,YAAY,EAAE,GAAG,EAAE,CAAC,SAAS,IAAI,YAAY,EAAE;KAChD,CAAC,EACJ,CAAC,SAAS,EAAE,YAAY,EAAE,SAAS,CAAC,CACrC,CAAC;IAEF,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC,KAAK,IAAI,IAAI,WAAW,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;IACzE,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC,IAAI,oBAAoB,CAAC,aAAa,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAErF,yFAAyF;IACzF,6FAA6F;IAC7F,+EAA+E;IAC/E,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,GAAG,EAAuB,CAAC,CAAC;IAE1D,MAAM,YAAY,GAAG,WAAW,CAC9B,KAAK,EAAE,cAAsB,EAA+B,EAAE;QAC5D,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACtD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC;QACxD,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QACxB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;QACpD,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAC/C,OAAO,MAAM,CAAC;IAChB,CAAC,EACD,CAAC,IAAI,EAAE,MAAM,CAAC,CACf,CAAC;IAEF,MAAM,aAAa,GAAG,WAAW,CAC/B,KAAK,EAAE,cAAsB,EAAE,MAAmB,EAAiB,EAAE;QACnE,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAC/C,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;QACpD,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IACnD,CAAC,EACD,CAAC,IAAI,EAAE,MAAM,CAAC,CACf,CAAC;IAEF,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;IACnC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAEb,MAAM,KAAK,GAAG,OAAO,CACnB,GAAG,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,CAAC,EAC9E,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,CAAC,CACrE,CAAC;IAEF,OAAO,KAAC,iBAAiB,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,YAAG,QAAQ,GAA8B,CAAC;AAC3F,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,aAAa;IAC3B,MAAM,GAAG,GAAG,UAAU,CAAC,iBAAiB,CAAC,CAAC;IAC1C,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;IAC/E,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/esm/contract/index.js CHANGED Viewed

@@ -1,11 +1,11 @@
-// Secure-chat wire contract — stand-in for @agora/contract (the Apache-2.0 server contract).
+// Secure-chat wire contract — stand-in for @agora-server/contract (the Apache-2.0 server contract).
 //
 // Mirrors the response models + request bodies of agora-server's
 // `packages/contract/src/secure-chat.ts`. That package is the source of truth (zod + TS); the
 // client only needs the TypeScript shapes, so this copy is types-only.
 //
 // ⚠️ Keep this byte-faithful to the server contract. The arrow is SDK → contract: once
-// `@agora/contract` is published, DELETE this file and `import type { ... } from "@agora/contract"`.
+// `@agora-server/contract` is published, DELETE this file and `import type { ... } from "@agora-server/contract"`.
 // Do NOT publish a separate `@agora-sdk/secure-chat-contract` (that would invert the dependency —
 // see STATUS.md). Do not let this copy drift in the meantime.
 //

package/dist/esm/contract/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/contract/index.ts"],"names":[],"mappings":"AAAA,~~6FAA6F~~;~~AAC7F~~,EAAE;AACF,iEAAiE;AACjE,8FAA8F;AAC9F,uEAAuE;AACvE,EAAE;AACF,uFAAuF;AACvF,~~qGAAqG~~;~~AACrG~~,kGAAkG;AAClG,8DAA8D;AAC9D,EAAE;AACF,gGAAgG;AAChG,0FAA0F"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/contract/index.ts"],"names":[],"mappings":"AAAA,oGAAoG;AACpG,EAAE;AACF,iEAAiE;AACjE,8FAA8F;AAC9F,uEAAuE;AACvE,EAAE;AACF,uFAAuF;AACvF,mHAAmH;AACnH,kGAAkG;AAClG,8DAA8D;AAC9D,EAAE;AACF,gGAAgG;AAChG,0FAA0F"}

package/dist/esm/hooks/useSecureConversations.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { SecureConversationModel } from "../contract";
+import { SecureConversationModel } from "../contract/index.js";
 /** The state and actions returned by {@link useSecureConversations}. */
 export interface UseSecureConversationsValues {
     /** The loaded conversations, newest activity first. */

package/dist/esm/hooks/useSecureConversations.js CHANGED Viewed

@@ -4,8 +4,8 @@
 // POST /conversations with the Welcomes targeted to each peer device. The MLS group secrets stay on
 // the client; the server only stores ciphertext metadata.
 import { useCallback, useEffect, useState } from "react";
-import { toBase64, fromBase64 } from "../util/base64";
-import { useSecureChat } from "../context/secure-chat-context";
+import { toBase64, fromBase64 } from "../util/base64.js";
+import { useSecureChat } from "../context/secure-chat-context.js";
 /**
  * List the caller's secure conversations and start new direct messages.
  *
@@ -23,7 +23,7 @@ import { useSecureChat } from "../context/secure-chat-context";
  * ```
  */
 export function useSecureConversations() {
-    const { rest, crypto, socket } = useSecureChat();
+    const { rest, crypto, socket, rememberGroup } = useSecureChat();
     const [conversations, setConversations] = useState([]);
     const [cursor, setCursor] = useState(undefined);
     const [hasMore, setHasMore] = useState(true);
@@ -81,9 +81,11 @@ export function useSecureConversations() {
                 epoch: group.epoch.toString(),
             })),
         });
+        // Persist + cache the creator's MLS group handle so messages resolve after a reload.
+        await rememberGroup(conversation.id, group);
         setConversations((prev) => [conversation, ...prev.filter((c) => c.id !== conversation.id)]);
         return conversation;
-    }, [rest, crypto]);
+    }, [rest, crypto, rememberGroup]);
     useEffect(() => {
         refresh();
         // eslint-disable-next-line react-hooks/exhaustive-deps

package/dist/esm/hooks/useSecureConversations.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"useSecureConversations.js","sourceRoot":"","sources":["../../../src/hooks/useSecureConversations.tsx"],"names":[],"mappings":"AAAA,qFAAqF;AACrF,EAAE;AACF,iGAAiG;AACjG,oGAAoG;AACpG,0DAA0D;AAE1D,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAEzD,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,~~gBAAgB~~,CAAC;~~AACtD~~,OAAO,EAAE,aAAa,EAAE,MAAM,~~gCAAgC~~,CAAC;~~AAoB/D~~;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,sBAAsB;IACpC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,aAAa,EAAE,CAAC;~~IAEjD~~,MAAM,CAAC,aAAa,EAAE,gBAAgB,CAAC,GAAG,QAAQ,CAA4B,EAAE,CAAC,CAAC;IAClF,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,GAAG,QAAQ,CAAqB,SAAS,CAAC,CAAC;IACpE,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC9C,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAU,IAAI,CAAC,CAAC;IAElD,MAAM,IAAI,GAAG,WAAW,CACtB,KAAK,EAAE,KAAc,EAAE,EAAE;QACvB,UAAU,CAAC,IAAI,CAAC,CAAC;QACjB,QAAQ,CAAC,IAAI,CAAC,CAAC;QACf,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC;gBACxC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM;gBAClC,KAAK,EAAE,EAAE;aACV,CAAC,CAAC;YACH,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC/D,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;YAChE,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACzB,gBAAgB,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;QAC9F,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,QAAQ,CAAC,GAAG,CAAC,CAAC;QAChB,CAAC;gBAAS,CAAC;YACT,UAAU,CAAC,KAAK,CAAC,CAAC;QACpB,CAAC;IACH,CAAC,EACD,CAAC,IAAI,EAAE,MAAM,CAAC,CACf,CAAC;IAEF,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACrC,SAAS,CAAC,SAAS,CAAC,CAAC;QACrB,MAAM,IAAI,CAAC,IAAI,CAAC,CAAC;IACnB,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;IAEX,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACtC,IAAI,CAAC,OAAO,IAAI,OAAO;YAAE,OAAO;QAChC,MAAM,IAAI,CAAC,KAAK,CAAC,CAAC;IACpB,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;IAE7B,MAAM,wBAAwB,GAAG,WAAW,CAC1C,KAAK,EAAE,UAAkB,EAAoC,EAAE;QAC7D,6EAA6E;QAC7E,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QACvD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;QACjE,CAAC;QACD,MAAM,cAAc,GAAG,MAAM,OAAO,CAAC,GAAG,CACtC,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;YAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC/C,OAAO,EAAE,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,UAAU,EAAE,UAAU,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;QACtE,CAAC,CAAC,CACH,CAAC;QAEF,uEAAuE;QACvE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC;QAEzE,gFAAgF;QAChF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC;YACjD,IAAI,EAAE,IAAI;YACV,UAAU,EAAE,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC;YACtC,aAAa,EAAE,CAAC,UAAU,CAAC;YAC3B,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC7B,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC;gBAC5B,KAAK,EAAE,KAAK,CAAC,KAAK,CAAC,QAAQ,EAAE;aAC9B,CAAC,CAAC;SACJ,CAAC,CAAC;QAEH,gBAAgB,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC5F,OAAO,YAAY,CAAC;IACtB,CAAC,EACD,CAAC,IAAI,EAAE,MAAM,CAAC,~~CACf~~,CAAC;IAEF,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,EAAE,CAAC;QACV,uDAAuD;IACzD,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,wEAAwE;IACxE,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,SAAS,GAAG,MAAM,CAAC,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;YACvD,OAAO,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,EAAE,CAAC,oBAAoB,EAAE,GAAG,EAAE;YACnD,OAAO,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC;QACH,OAAO,GAAG,EAAE;YACV,SAAS,EAAE,CAAC;YACZ,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAEtB,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;AACjG,CAAC"}
1	+ {"version":3,"file":"useSecureConversations.js","sourceRoot":"","sources":["../../../src/hooks/useSecureConversations.tsx"],"names":[],"mappings":"AAAA,qFAAqF;AACrF,EAAE;AACF,iGAAiG;AACjG,oGAAoG;AACpG,0DAA0D;AAE1D,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAEzD,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,mCAAmC,CAAC;AAoBlE;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,sBAAsB;IACpC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,aAAa,EAAE,CAAC;IAEhE,MAAM,CAAC,aAAa,EAAE,gBAAgB,CAAC,GAAG,QAAQ,CAA4B,EAAE,CAAC,CAAC;IAClF,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,GAAG,QAAQ,CAAqB,SAAS,CAAC,CAAC;IACpE,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC9C,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAU,IAAI,CAAC,CAAC;IAElD,MAAM,IAAI,GAAG,WAAW,CACtB,KAAK,EAAE,KAAc,EAAE,EAAE;QACvB,UAAU,CAAC,IAAI,CAAC,CAAC;QACjB,QAAQ,CAAC,IAAI,CAAC,CAAC;QACf,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC;gBACxC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM;gBAClC,KAAK,EAAE,EAAE;aACV,CAAC,CAAC;YACH,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC/D,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;YAChE,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACzB,gBAAgB,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;QAC9F,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,QAAQ,CAAC,GAAG,CAAC,CAAC;QAChB,CAAC;gBAAS,CAAC;YACT,UAAU,CAAC,KAAK,CAAC,CAAC;QACpB,CAAC;IACH,CAAC,EACD,CAAC,IAAI,EAAE,MAAM,CAAC,CACf,CAAC;IAEF,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACrC,SAAS,CAAC,SAAS,CAAC,CAAC;QACrB,MAAM,IAAI,CAAC,IAAI,CAAC,CAAC;IACnB,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;IAEX,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACtC,IAAI,CAAC,OAAO,IAAI,OAAO;YAAE,OAAO;QAChC,MAAM,IAAI,CAAC,KAAK,CAAC,CAAC;IACpB,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;IAE7B,MAAM,wBAAwB,GAAG,WAAW,CAC1C,KAAK,EAAE,UAAkB,EAAoC,EAAE;QAC7D,6EAA6E;QAC7E,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QACvD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;QACjE,CAAC;QACD,MAAM,cAAc,GAAG,MAAM,OAAO,CAAC,GAAG,CACtC,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;YAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC/C,OAAO,EAAE,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,UAAU,EAAE,UAAU,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;QACtE,CAAC,CAAC,CACH,CAAC;QAEF,uEAAuE;QACvE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC;QAEzE,gFAAgF;QAChF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC;YACjD,IAAI,EAAE,IAAI;YACV,UAAU,EAAE,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC;YACtC,aAAa,EAAE,CAAC,UAAU,CAAC;YAC3B,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC7B,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC;gBAC5B,KAAK,EAAE,KAAK,CAAC,KAAK,CAAC,QAAQ,EAAE;aAC9B,CAAC,CAAC;SACJ,CAAC,CAAC;QAEH,qFAAqF;QACrF,MAAM,aAAa,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QAE5C,gBAAgB,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC5F,OAAO,YAAY,CAAC;IACtB,CAAC,EACD,CAAC,IAAI,EAAE,MAAM,EAAE,aAAa,CAAC,CAC9B,CAAC;IAEF,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,EAAE,CAAC;QACV,uDAAuD;IACzD,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,wEAAwE;IACxE,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,SAAS,GAAG,MAAM,CAAC,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;YACvD,OAAO,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,EAAE,CAAC,oBAAoB,EAAE,GAAG,EAAE;YACnD,OAAO,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC;QACH,OAAO,GAAG,EAAE;YACV,SAAS,EAAE,CAAC;YACZ,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAEtB,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;AACjG,CAAC"}

package/dist/esm/hooks/useSecureDevice.d.ts CHANGED Viewed

@@ -1,7 +1,8 @@
-import { SecureDeviceModel } from "../contract";
+import { SecureDeviceModel } from "../contract/index.js";
 /** Options for {@link useSecureDevice}. */
 export interface UseSecureDeviceOptions {
-    /** Stable, persisted client device id. Generated if omitted (persist it in the platform layer). */
+    /** Stable, persisted client device id. Generated (and persisted) if omitted. A previously
+     *  persisted device's id takes precedence over this value when one exists on mount. */
     deviceId?: string;
     /** MLS ciphersuite to register under. Defaults to the crypto implementation's preferred suite. */
     ciphersuite?: number;
@@ -14,13 +15,15 @@ export interface UseSecureDeviceOptions {
 export interface UseSecureDeviceValues {
     /** The registered device row (its `.id` is the uuid used as targetDeviceId everywhere). */
     device: SecureDeviceModel | null;
+    /** True until the initial persisted-device load settles. */
+    loading: boolean;
     /** True while {@link UseSecureDeviceValues.register} is in flight. */
     registering: boolean;
-    /** The last error thrown by registration or replenishment, or `null`. */
+    /** The last error thrown by load, registration, or replenishment, or `null`. */
     error: unknown;
     /** Last known count of unconsumed KeyPackages, or `null` until refreshed. */
     keyPackagesAvailable: number | null;
-    /** Generate identity + register (idempotent server-side on (userId, deviceId)). */
+    /** Generate identity + register (idempotent server-side on (userId, deviceId)) and persist it. */
     register: () => Promise<SecureDeviceModel>;
     /** Generate + publish `count` fresh KeyPackages (default = keyPackageTarget). */
     publishKeyPackages: (count?: number) => Promise<number>;
@@ -28,20 +31,18 @@ export interface UseSecureDeviceValues {
     refreshKeyPackageCount: () => Promise<number>;
 }
 /**
- * Register this client as an MLS device (one device = one leaf) and keep its KeyPackages stocked.
+ * Register this client as an MLS device, persist its identity, and keep KeyPackages stocked.
  *
- * On {@link UseSecureDeviceValues.register} it generates a device identity, POSTs it to `/devices`,
- * and (when `autoReplenish` is on) republishes KeyPackages whenever the server emits
- * `secure:key-packages-low` for this device. The device's private key material must be persisted by
- * the platform layer — this hook only handles registration and relay.
+ * On mount it loads any persisted device and re-hydrates the crypto identity (stable id, no
+ * re-register). When none exists, await {@link UseSecureDeviceValues.register}.
  *
- * @param options - {@link UseSecureDeviceOptions} — device id, ciphersuite, and replenishment tuning.
- * @returns {@link UseSecureDeviceValues} — the device row, status flags, and register/publish actions.
+ * @param options - {@link UseSecureDeviceOptions}.
+ * @returns {@link UseSecureDeviceValues}.
  *
  * @example
  * ```tsx
- * const { device, register } = useSecureDevice({ keyPackageTarget: 20 });
- * useEffect(() => { register(); }, []);
+ * const { device, loading, register } = useSecureDevice();
+ * useEffect(() => { if (!loading && !device) register(); }, [loading, device, register]);
  * ```
  */
 export declare function useSecureDevice(options?: UseSecureDeviceOptions): UseSecureDeviceValues;

package/dist/esm/hooks/useSecureDevice.js CHANGED Viewed

@@ -1,17 +1,15 @@
-// useSecureDevice — register this client as an MLS device (leaf) and keep its KeyPackages topped up.
+// useSecureDevice — register this client as an MLS device (leaf), persist its identity, and keep its
+// KeyPackages topped up.
 //
-// Flow (server spec §14): generateDeviceIdentity → POST /devices → publish a batch of KeyPackages;
-// replenish on the `secure:key-packages-low` realtime signal or via the count endpoint.
-//
-// NOTE: the device's PRIVATE state (`privateState` from generateDeviceIdentity, and MLS group
-// state) must be persisted by the platform layer (IndexedDB on web, keystore on native — Phase 2/3).
-// Core only performs registration + relay; it does not persist secrets.
+// On mount it re-hydrates a persisted device (stable deviceId + private state via
+// crypto.importDeviceState) so a reload does NOT mint a new identity. register() generates, registers
+// on the server, and persists. Replenishes on the `secure:key-packages-low` realtime signal.
 import { useCallback, useEffect, useRef, useState } from "react";
-import { toBase64 } from "../util/base64";
-import { useSecureChat } from "../context/secure-chat-context";
+import { toBase64 } from "../util/base64.js";
+import { useSecureChat } from "../context/secure-chat-context.js";
 /**
  * Mint a device id when the caller doesn't supply one — `crypto.randomUUID()` when available, else a
- * non-cryptographic timestamp+random fallback. The platform layer should supply a persisted id.
+ * non-cryptographic timestamp+random fallback.
  *
  * @returns A fresh device id string.
  */
@@ -19,34 +17,64 @@ function newDeviceId() {
     const g = globalThis.crypto;
     if (g?.randomUUID)
         return g.randomUUID();
-    // Platform layer should supply a persisted, stable device id; this is a non-crypto fallback.
     return `dev-${Date.now().toString(36)}-${Math.floor(Math.random() * 1e9).toString(36)}`;
 }
 /**
- * Register this client as an MLS device (one device = one leaf) and keep its KeyPackages stocked.
+ * Register this client as an MLS device, persist its identity, and keep KeyPackages stocked.
  *
- * On {@link UseSecureDeviceValues.register} it generates a device identity, POSTs it to `/devices`,
- * and (when `autoReplenish` is on) republishes KeyPackages whenever the server emits
- * `secure:key-packages-low` for this device. The device's private key material must be persisted by
- * the platform layer — this hook only handles registration and relay.
+ * On mount it loads any persisted device and re-hydrates the crypto identity (stable id, no
+ * re-register). When none exists, await {@link UseSecureDeviceValues.register}.
  *
- * @param options - {@link UseSecureDeviceOptions} — device id, ciphersuite, and replenishment tuning.
- * @returns {@link UseSecureDeviceValues} — the device row, status flags, and register/publish actions.
+ * @param options - {@link UseSecureDeviceOptions}.
+ * @returns {@link UseSecureDeviceValues}.
  *
  * @example
  * ```tsx
- * const { device, register } = useSecureDevice({ keyPackageTarget: 20 });
- * useEffect(() => { register(); }, []);
+ * const { device, loading, register } = useSecureDevice();
+ * useEffect(() => { if (!loading && !device) register(); }, [loading, device, register]);
  * ```
  */
 export function useSecureDevice(options = {}) {
-    const { crypto, rest, socket } = useSecureChat();
+    const { crypto, rest, socket, repo } = useSecureChat();
     const { ciphersuite, keyPackageTarget = 20, autoReplenish = true } = options;
     const [device, setDevice] = useState(null);
+    const [loading, setLoading] = useState(true);
     const [registering, setRegistering] = useState(false);
     const [error, setError] = useState(null);
     const [keyPackagesAvailable, setKeyPackagesAvailable] = useState(null);
     const deviceIdRef = useRef(options.deviceId ?? newDeviceId());
+    const registerStartedRef = useRef(false);
+    // On mount: re-hydrate a persisted device (stable id + private state). No persisted device ⇒
+    // first-run; the app calls register().
+    useEffect(() => {
+        let alive = true;
+        (async () => {
+            const persisted = await repo.loadDevice();
+            if (!alive || registerStartedRef.current) {
+                setLoading(false);
+                return;
+            }
+            if (persisted) {
+                await crypto.importDeviceState(persisted.deviceState);
+                // register() may have started during the await — don't overwrite its identity.
+                if (!alive || registerStartedRef.current) {
+                    setLoading(false);
+                    return;
+                }
+                deviceIdRef.current = persisted.deviceId;
+                setDevice(persisted.device);
+            }
+            setLoading(false);
+        })().catch((err) => {
+            if (!alive)
+                return;
+            setError(err);
+            setLoading(false);
+        });
+        return () => {
+            alive = false;
+        };
+    }, [repo, crypto]);
     const publishKeyPackages = useCallback(async (count = keyPackageTarget) => {
         if (!device)
             throw new Error("Register the device before publishing KeyPackages.");
@@ -69,6 +97,7 @@ export function useSecureDevice(options = {}) {
         return available;
     }, [rest, device]);
     const register = useCallback(async () => {
+        registerStartedRef.current = true;
         setRegistering(true);
         setError(null);
         try {
@@ -82,6 +111,9 @@ export function useSecureDevice(options = {}) {
                 credential: toBase64(identity.credential),
                 ciphersuite: identity.ciphersuite,
             });
+            const deviceState = await crypto.exportDeviceState();
+            await repo.saveDevice({ deviceId: identity.deviceId, deviceState, device: registered });
+            deviceIdRef.current = identity.deviceId;
             setDevice(registered);
             return registered;
         }
@@ -92,7 +124,7 @@ export function useSecureDevice(options = {}) {
         finally {
             setRegistering(false);
         }
-    }, [crypto, rest, ciphersuite]);
+    }, [crypto, rest, repo, ciphersuite]);
     // Auto-replenish on the server's low-water signal for this device.
     useEffect(() => {
         if (!autoReplenish || !device)
@@ -106,6 +138,7 @@ export function useSecureDevice(options = {}) {
     }, [autoReplenish, device, socket, publishKeyPackages]);
     return {
         device,
+        loading,
         registering,
         error,
         keyPackagesAvailable,

package/dist/esm/hooks/useSecureDevice.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"useSecureDevice.js","sourceRoot":"","sources":["../../../src/hooks/useSecureDevice.tsx"],"names":[],"mappings":"AAAA,qGAAqG;AACrG,~~EAAE~~;~~AACF~~,~~mGAAmG;AACnG,wFAAwF;AACxF,~~EAAE;AACF,~~8FAA8F~~;~~AAC9F~~,~~qGAAqG~~;~~AACrG~~,~~wEAAwE~~;~~AAExE~~,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAEjE,OAAO,EAAE,QAAQ,EAAE,MAAM,~~gBAAgB~~,CAAC;~~AAC1C~~,OAAO,EAAE,aAAa,EAAE,MAAM,~~gCAAgC~~,CAAC;~~AAE/D~~;;;;;GAKG;AACH,SAAS,WAAW;IAClB,MAAM,CAAC,GAAI,UAAyD,CAAC,MAAM,CAAC;IAC5E,IAAI,CAAC,EAAE,UAAU;QAAE,OAAO,CAAC,CAAC,UAAU,EAAE,CAAC;IACzC,~~6FAA6F;IAC7F,~~OAAO,OAAO,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;AAC1F,CAAC;~~AAgCD;;;;;;;;;;;;;;;;GAgBG~~;AACH,MAAM,UAAU,eAAe,CAAC,UAAkC,EAAE;IAClE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,aAAa,EAAE,CAAC;~~IACjD~~,MAAM,EAAE,WAAW,EAAE,gBAAgB,GAAG,EAAE,EAAE,aAAa,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IAE7E,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,GAAG,QAAQ,CAA2B,IAAI,CAAC,CAAC;IACrE,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IACtD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAU,IAAI,CAAC,CAAC;IAClD,MAAM,CAAC,oBAAoB,EAAE,uBAAuB,CAAC,GAAG,QAAQ,CAAgB,IAAI,CAAC,CAAC;IAEtF,MAAM,WAAW,GAAG,MAAM,CAAS,OAAO,CAAC,QAAQ,IAAI,WAAW,EAAE,CAAC,CAAC;~~IAEtE~~,MAAM,kBAAkB,GAAG,WAAW,CACpC,KAAK,EAAE,QAAgB,gBAAgB,EAAmB,EAAE;QAC1D,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACnF,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;QACxD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,EAAE,EAAE;YACzD,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC/B,aAAa,EAAE,CAAC,CAAC,aAAa;gBAC9B,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC;gBAClC,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,SAAS,EAAE,CAAC,CAAC,SAAS;aACvB,CAAC,CAAC;SACJ,CAAC,CAAC;QACH,OAAO,SAAS,CAAC;IACnB,CAAC,EACD,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,gBAAgB,CAAC,CACzC,CAAC;IAEF,MAAM,sBAAsB,GAAG,WAAW,CAAC,KAAK,IAAqB,EAAE;QACrE,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;QACtF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACxD,uBAAuB,CAAC,SAAS,CAAC,CAAC;QACnC,OAAO,SAAS,CAAC;IACnB,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAEnB,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,IAAgC,EAAE;QAClE,cAAc,CAAC,IAAI,CAAC,CAAC;QACrB,QAAQ,CAAC,IAAI,CAAC,CAAC;QACf,IAAI,CAAC;YACH,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,sBAAsB,CAAC;gBACvD,QAAQ,EAAE,WAAW,CAAC,OAAO;gBAC7B,WAAW;aACZ,CAAC,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC;gBAC3C,QAAQ,EAAE,QAAQ,CAAC,QAAQ;gBAC3B,kBAAkB,EAAE,QAAQ,CAAC,QAAQ,CAAC,kBAAkB,CAAC;gBACzD,UAAU,EAAE,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;gBACzC,WAAW,EAAE,QAAQ,CAAC,WAAW;aAClC,CAAC,CAAC;YACH,SAAS,CAAC,UAAU,CAAC,CAAC;YACtB,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,QAAQ,CAAC,GAAG,CAAC,CAAC;YACd,MAAM,GAAG,CAAC;QACZ,CAAC;gBAAS,CAAC;YACT,cAAc,CAAC,KAAK,CAAC,CAAC;QACxB,CAAC;IACH,CAAC,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC;~~IAEhC~~,mEAAmE;IACnE,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,aAAa,IAAI,CAAC,MAAM;YAAE,OAAO;QACtC,MAAM,GAAG,GAAG,MAAM,CAAC,EAAE,CAAC,yBAAyB,EAAE,CAAC,MAAM,EAAE,EAAE;YAC1D,IAAI,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,EAAE;gBAAE,OAAO;YAC1C,kBAAkB,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC,EAAE,CAAC,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAExD,OAAO;QACL,MAAM;QACN,WAAW;QACX,KAAK;QACL,oBAAoB;QACpB,QAAQ;QACR,kBAAkB;QAClB,sBAAsB;KACvB,CAAC;AACJ,CAAC"}
1	+ {"version":3,"file":"useSecureDevice.js","sourceRoot":"","sources":["../../../src/hooks/useSecureDevice.tsx"],"names":[],"mappings":"AAAA,qGAAqG;AACrG,yBAAyB;AACzB,EAAE;AACF,kFAAkF;AAClF,sGAAsG;AACtG,6FAA6F;AAE7F,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAEjE,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,mCAAmC,CAAC;AAElE;;;;;GAKG;AACH,SAAS,WAAW;IAClB,MAAM,CAAC,GAAI,UAAyD,CAAC,MAAM,CAAC;IAC5E,IAAI,CAAC,EAAE,UAAU;QAAE,OAAO,CAAC,CAAC,UAAU,EAAE,CAAC;IACzC,OAAO,OAAO,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;AAC1F,CAAC;AAmCD;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,eAAe,CAAC,UAAkC,EAAE;IAClE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,aAAa,EAAE,CAAC;IACvD,MAAM,EAAE,WAAW,EAAE,gBAAgB,GAAG,EAAE,EAAE,aAAa,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IAE7E,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,GAAG,QAAQ,CAA2B,IAAI,CAAC,CAAC;IACrE,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IACtD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAU,IAAI,CAAC,CAAC;IAClD,MAAM,CAAC,oBAAoB,EAAE,uBAAuB,CAAC,GAAG,QAAQ,CAAgB,IAAI,CAAC,CAAC;IAEtF,MAAM,WAAW,GAAG,MAAM,CAAS,OAAO,CAAC,QAAQ,IAAI,WAAW,EAAE,CAAC,CAAC;IACtE,MAAM,kBAAkB,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAEzC,6FAA6F;IAC7F,uCAAuC;IACvC,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,KAAK,GAAG,IAAI,CAAC;QACjB,CAAC,KAAK,IAAI,EAAE;YACV,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;YAC1C,IAAI,CAAC,KAAK,IAAI,kBAAkB,CAAC,OAAO,EAAE,CAAC;gBACzC,UAAU,CAAC,KAAK,CAAC,CAAC;gBAClB,OAAO;YACT,CAAC;YACD,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,MAAM,CAAC,iBAAiB,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;gBACtD,+EAA+E;gBAC/E,IAAI,CAAC,KAAK,IAAI,kBAAkB,CAAC,OAAO,EAAE,CAAC;oBACzC,UAAU,CAAC,KAAK,CAAC,CAAC;oBAClB,OAAO;gBACT,CAAC;gBACD,WAAW,CAAC,OAAO,GAAG,SAAS,CAAC,QAAQ,CAAC;gBACzC,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAC9B,CAAC;YACD,UAAU,CAAC,KAAK,CAAC,CAAC;QACpB,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACjB,IAAI,CAAC,KAAK;gBAAE,OAAO;YACnB,QAAQ,CAAC,GAAG,CAAC,CAAC;YACd,UAAU,CAAC,KAAK,CAAC,CAAC;QACpB,CAAC,CAAC,CAAC;QACH,OAAO,GAAG,EAAE;YACV,KAAK,GAAG,KAAK,CAAC;QAChB,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAEnB,MAAM,kBAAkB,GAAG,WAAW,CACpC,KAAK,EAAE,QAAgB,gBAAgB,EAAmB,EAAE;QAC1D,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACnF,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;QACxD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,EAAE,EAAE;YACzD,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC/B,aAAa,EAAE,CAAC,CAAC,aAAa;gBAC9B,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC;gBAClC,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,SAAS,EAAE,CAAC,CAAC,SAAS;aACvB,CAAC,CAAC;SACJ,CAAC,CAAC;QACH,OAAO,SAAS,CAAC;IACnB,CAAC,EACD,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,gBAAgB,CAAC,CACzC,CAAC;IAEF,MAAM,sBAAsB,GAAG,WAAW,CAAC,KAAK,IAAqB,EAAE;QACrE,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;QACtF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACxD,uBAAuB,CAAC,SAAS,CAAC,CAAC;QACnC,OAAO,SAAS,CAAC;IACnB,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAEnB,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,IAAgC,EAAE;QAClE,kBAAkB,CAAC,OAAO,GAAG,IAAI,CAAC;QAClC,cAAc,CAAC,IAAI,CAAC,CAAC;QACrB,QAAQ,CAAC,IAAI,CAAC,CAAC;QACf,IAAI,CAAC;YACH,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,sBAAsB,CAAC;gBACvD,QAAQ,EAAE,WAAW,CAAC,OAAO;gBAC7B,WAAW;aACZ,CAAC,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC;gBAC3C,QAAQ,EAAE,QAAQ,CAAC,QAAQ;gBAC3B,kBAAkB,EAAE,QAAQ,CAAC,QAAQ,CAAC,kBAAkB,CAAC;gBACzD,UAAU,EAAE,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;gBACzC,WAAW,EAAE,QAAQ,CAAC,WAAW;aAClC,CAAC,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,iBAAiB,EAAE,CAAC;YACrD,MAAM,IAAI,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,QAAQ,CAAC,QAAQ,EAAE,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC;YACxF,WAAW,CAAC,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC;YACxC,SAAS,CAAC,UAAU,CAAC,CAAC;YACtB,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,QAAQ,CAAC,GAAG,CAAC,CAAC;YACd,MAAM,GAAG,CAAC;QACZ,CAAC;gBAAS,CAAC;YACT,cAAc,CAAC,KAAK,CAAC,CAAC;QACxB,CAAC;IACH,CAAC,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC;IAEtC,mEAAmE;IACnE,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,aAAa,IAAI,CAAC,MAAM;YAAE,OAAO;QACtC,MAAM,GAAG,GAAG,MAAM,CAAC,EAAE,CAAC,yBAAyB,EAAE,CAAC,MAAM,EAAE,EAAE;YAC1D,IAAI,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,EAAE;gBAAE,OAAO;YAC1C,kBAAkB,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC,EAAE,CAAC,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAExD,OAAO;QACL,MAAM;QACN,OAAO;QACP,WAAW;QACX,KAAK;QACL,oBAAoB;QACpB,QAAQ;QACR,kBAAkB;QAClB,sBAAsB;KACvB,CAAC;AACJ,CAAC"}

package/dist/esm/hooks/useSecureMessages.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { SecureMessageModel } from "../contract";
+import { SecureMessageModel } from "../contract/index.js";
 import { GroupHandle } from "@agora-sdk/secure-chat-crypto";
 /** A stored message paired with its decrypted text (when a group handle is available). */
 export interface DecryptedSecureMessage {
@@ -9,9 +9,9 @@ export interface DecryptedSecureMessage {
 }
 /** Options for {@link useSecureMessages}. */
 export interface UseSecureMessagesOptions {
-    /** The MLS group handle for this conversation (from the platform persistence layer). */
+    /** Override the MLS group handle. Defaults to the persisted handle via `resolveGroup`. */
     group?: GroupHandle;
-    /** The caller's device row id — required to send (the server verifies it belongs to the caller). */
+    /** Override the sender device row id. Defaults to the persisted device's `.id`. */
     senderDeviceId?: string;
 }
 /** The state and actions returned by {@link useSecureMessages}. */
@@ -28,24 +28,23 @@ export interface UseSecureMessagesValues {
     loadMore: () => Promise<void>;
     /** Reload from the newest message, replacing the current list. */
     refresh: () => Promise<void>;
-    /** Encrypt + send a text message. Requires `group` + `senderDeviceId`. */
+    /** Encrypt + send a text message. Requires a resolvable group + sender device. */
     sendMessage: (text: string) => Promise<void>;
 }
 /**
  * Load, decrypt, send, and live-receive messages in one secure conversation.
  *
- * Decryption runs through the injected `SecureChatCrypto` against the conversation's MLS
- * `GroupHandle`. Without a `group` in `options`, ciphertext is still listed and received (as
- * `plaintext: null`) and sending is disabled — letting the transport work ahead of the crypto
- * wiring. Joins the conversation's socket room to receive `secure:message` events live.
+ * Auto-resolves the MLS group handle (via `resolveGroup`) and the sender device id (from the
+ * persisted device) unless overridden in `options`. Joins the conversation socket room for live
+ * `secure:message` events.
  *
  * @param conversationId - The conversation to read and send within.
- * @param options - {@link UseSecureMessagesOptions} — the MLS `group` handle and `senderDeviceId`.
- * @returns {@link UseSecureMessagesValues} — the message list, paging state, and `sendMessage`.
+ * @param options - {@link UseSecureMessagesOptions}.
+ * @returns {@link UseSecureMessagesValues}.
  *
  * @example
  * ```tsx
- * const { messages, sendMessage } = useSecureMessages(conversationId, { group, senderDeviceId });
+ * const { messages, sendMessage } = useSecureMessages(conversationId);
  * await sendMessage("hello 💜");
  * ```
  */

package/dist/esm/hooks/useSecureMessages.js CHANGED Viewed

@@ -1,39 +1,86 @@
 // useSecureMessages — load, decrypt, send, and live-receive messages in a secure conversation.
 //
-// Encryption/decryption runs through the injected `SecureChatCrypto` against the conversation's MLS
-// `GroupHandle`. Resolving conversationId → GroupHandle is owned by the platform persistence layer
-// (Phase 2: IndexedDB group state via processWelcome/importGroupState), so the caller passes the
-// handle in. Without it, ciphertext is still listed/received but left undecrypted (`plaintext: null`)
-// and sending is disabled — keeping the transport usable ahead of the crypto wiring.
-import { useCallback, useEffect, useState } from "react";
-import { toBase64, fromBase64, utf8ToBytes, bytesToUtf8 } from "../util/base64";
-import { useSecureChat } from "../context/secure-chat-context";
+// Self-sufficient once a store is wired: the MLS GroupHandle is auto-resolved from persistence via
+// resolveGroup, and senderDeviceId is read from the persisted device. Both stay overridable through
+// options for advanced use. Without a resolvable handle, ciphertext is still listed/received
+// (plaintext: null) and sending is disabled.
+import { useCallback, useEffect, useRef, useState } from "react";
+import { toBase64, fromBase64, utf8ToBytes, bytesToUtf8 } from "../util/base64.js";
+import { useSecureChat } from "../context/secure-chat-context.js";
 /**
  * Load, decrypt, send, and live-receive messages in one secure conversation.
  *
- * Decryption runs through the injected `SecureChatCrypto` against the conversation's MLS
- * `GroupHandle`. Without a `group` in `options`, ciphertext is still listed and received (as
- * `plaintext: null`) and sending is disabled — letting the transport work ahead of the crypto
- * wiring. Joins the conversation's socket room to receive `secure:message` events live.
+ * Auto-resolves the MLS group handle (via `resolveGroup`) and the sender device id (from the
+ * persisted device) unless overridden in `options`. Joins the conversation socket room for live
+ * `secure:message` events.
  *
  * @param conversationId - The conversation to read and send within.
- * @param options - {@link UseSecureMessagesOptions} — the MLS `group` handle and `senderDeviceId`.
- * @returns {@link UseSecureMessagesValues} — the message list, paging state, and `sendMessage`.
+ * @param options - {@link UseSecureMessagesOptions}.
+ * @returns {@link UseSecureMessagesValues}.
  *
  * @example
  * ```tsx
- * const { messages, sendMessage } = useSecureMessages(conversationId, { group, senderDeviceId });
+ * const { messages, sendMessage } = useSecureMessages(conversationId);
  * await sendMessage("hello 💜");
  * ```
  */
 export function useSecureMessages(conversationId, options = {}) {
-    const { rest, crypto, socket } = useSecureChat();
-    const { group, senderDeviceId } = options;
+    const { rest, crypto, socket, repo, resolveGroup } = useSecureChat();
     const [messages, setMessages] = useState([]);
     const [before, setBefore] = useState(undefined);
     const [hasMore, setHasMore] = useState(true);
     const [loading, setLoading] = useState(false);
     const [error, setError] = useState(null);
+    const [group, setGroup] = useState(options.group ?? null);
+    const [senderDeviceId, setSenderDeviceId] = useState(options.senderDeviceId);
+    // Latest messages, read by the "decrypt history once the group resolves" effect below without
+    // making `messages` one of its deps (which would loop).
+    const messagesRef = useRef(messages);
+    messagesRef.current = messages;
+    // Resolve the group handle: explicit override, else persisted state.
+    useEffect(() => {
+        if (options.group) {
+            setGroup(options.group);
+            return;
+        }
+        // Clear any stale handle from the previous conversation before re-resolving, so live messages
+        // for the new conversation never decrypt against the old group during the async window.
+        setGroup(null);
+        let alive = true;
+        resolveGroup(conversationId)
+            .then((g) => {
+            if (alive)
+                setGroup(g);
+        })
+            .catch(() => {
+            if (alive)
+                setGroup(null);
+        });
+        return () => {
+            alive = false;
+        };
+    }, [options.group, conversationId, resolveGroup]);
+    // Resolve the sender device id: explicit override, else persisted device row.
+    useEffect(() => {
+        if (options.senderDeviceId) {
+            setSenderDeviceId(options.senderDeviceId);
+            return;
+        }
+        let alive = true;
+        repo
+            .loadDevice()
+            .then((d) => {
+            if (alive)
+                setSenderDeviceId(d?.device?.id ?? undefined);
+        })
+            .catch(() => {
+            if (alive)
+                setSenderDeviceId(undefined);
+        });
+        return () => {
+            alive = false;
+        };
+    }, [options.senderDeviceId, repo]);
     const decrypt = useCallback(async (model) => {
         if (!group)
             return { model, plaintext: null };
@@ -78,6 +125,9 @@ export function useSecureMessages(conversationId, options = {}) {
         await load(false);
     }, [hasMore, loading, load]);
     const sendMessage = useCallback(async (text) => {
+        // Assumes the crypto identity is already hydrated (mount `useSecureDevice` under the same
+        // provider): the crypto layer tags the sender from the restored device identity, so after a
+        // reload the first send must wait for useSecureDevice's importDeviceState to complete.
         if (!group)
             throw new Error("Cannot send: no MLS group handle for this conversation.");
         if (!senderDeviceId)
@@ -95,13 +145,31 @@ export function useSecureMessages(conversationId, options = {}) {
         refresh();
         // eslint-disable-next-line react-hooks/exhaustive-deps
     }, [conversationId]);
+    // Decrypt history that was listed before the group handle resolved. On reload, the first page loads
+    // while resolveGroup is still in flight, so those rows come back `plaintext: null`; once the handle
+    // arrives (decrypt is recreated with it), re-decrypt the still-undecrypted rows in place — no
+    // re-fetch, scroll/pagination preserved.
+    useEffect(() => {
+        if (!group)
+            return;
+        if (!messagesRef.current.some((m) => m.plaintext === null))
+            return;
+        let alive = true;
+        Promise.all(messagesRef.current.map((m) => (m.plaintext === null ? decrypt(m.model) : Promise.resolve(m)))).then((next) => {
+            if (alive)
+                setMessages(next);
+        });
+        return () => {
+            alive = false;
+        };
+    }, [group, decrypt]);
     // Live receive: join the conversation room and decrypt inbound ciphertext.
     useEffect(() => {
         socket.joinConversation(conversationId);
         const off = socket.on("secure:message", (model) => {
             if (model.conversationId !== conversationId)
                 return;
-            decrypt(model).then((m) => setMessages((prev) => prev.some((p) => p.model.id === m.model.id) ? prev : [m, ...prev]));
+            decrypt(model).then((m) => setMessages((prev) => (prev.some((p) => p.model.id === m.model.id) ? prev : [m, ...prev])));
         });
         return off;
     }, [socket, conversationId, decrypt]);