@agora-sdk/secure-chat-core 0.3.0 → 0.5.0

package/dist/cjs/backup/passphrase-strength.d.ts

@@ -0,0 +1,22 @@
+/** The outcome of {@link estimatePassphraseStrength}: a coarse 0–4 score plus display copy. */
+export interface PassphraseStrength {
+    /** 0 (weakest) … 4 (strongest) — for a 5-segment meter. */
+    score: 0 | 1 | 2 | 3 | 4;
+    /** A short human label for the score (e.g. "Weak", "Strong"). */
+    label: string;
+    /** A specific reason the passphrase is weak, when applicable (e.g. a common password). */
+    warning?: string;
+}
+/**
+ * Estimate the strength of a backup passphrase for a strength meter.
+ *
+ * @param passphrase - The candidate passphrase (never logged or sent anywhere).
+ * @returns A {@link PassphraseStrength} with a 0–4 score, a label, and an optional warning.
+ *
+ * @example
+ * ```ts
+ * const { score, label, warning } = estimatePassphraseStrength(input);
+ * // render a 5-segment meter from `score`, show `warning` if present.
+ * ```
+ */
+export declare function estimatePassphraseStrength(passphrase: string): PassphraseStrength;

package/dist/cjs/backup/passphrase-strength.js

@@ -0,0 +1,75 @@
+"use strict";
+// Passphrase-strength estimator for backup UX.
+//
+// Why this exists (CLAUDE.md #1 + spec §16.5): the blind server stores the passphrase-encrypted
+// backup blob, so a weak passphrase is offline-brute-forceable on a DB exfil. The real argon2id KDF
+// raises the cost per guess, but it can't rescue a guessable passphrase — so we nudge the user toward
+// a strong one at entry time. This is a deliberately small, dependency-free heuristic (length +
+// character-class diversity + a common-password penalty), NOT a substitute for zxcvbn-grade entropy
+// estimation. It runs purely client-side and never logs or transmits the passphrase.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.estimatePassphraseStrength = estimatePassphraseStrength;
+const LABELS = ["Very weak", "Weak", "Fair", "Strong", "Very strong"];
+// A tiny set of the most-guessed passwords/substrings. Not exhaustive — a guardrail against the
+// obvious, not a real dictionary check.
+const COMMON = [
+    "password", "passw0rd", "12345", "123456", "qwerty", "letmein", "admin", "welcome",
+    "iloveyou", "abc123", "hunter2", "monkey", "dragon", "trustno1", "secret",
+];
+/**
+ * Estimate the strength of a backup passphrase for a strength meter.
+ *
+ * @param passphrase - The candidate passphrase (never logged or sent anywhere).
+ * @returns A {@link PassphraseStrength} with a 0–4 score, a label, and an optional warning.
+ *
+ * @example
+ * ```ts
+ * const { score, label, warning } = estimatePassphraseStrength(input);
+ * // render a 5-segment meter from `score`, show `warning` if present.
+ * ```
+ */
+function estimatePassphraseStrength(passphrase) {
+    const pw = passphrase ?? "";
+    if (pw.length === 0)
+        return { score: 0, label: LABELS[0] };
+    const lower = pw.toLowerCase();
+    const hitsCommon = COMMON.some((c) => lower.includes(c));
+    // Character-class diversity.
+    let classes = 0;
+    if (/[a-z]/.test(pw))
+        classes++;
+    if (/[A-Z]/.test(pw))
+        classes++;
+    if (/[0-9]/.test(pw))
+        classes++;
+    if (/[^a-zA-Z0-9]/.test(pw))
+        classes++;
+    // Length is the dominant factor (passphrases >> complex-but-short passwords).
+    let score = 0;
+    if (pw.length >= 8)
+        score++;
+    if (pw.length >= 12)
+        score++;
+    if (pw.length >= 16)
+        score++;
+    // Diversity adds at most one step, and only once there's some length.
+    if (classes >= 3 && pw.length >= 8)
+        score++;
+    // A short, single-class passphrase never rates above "weak".
+    if (pw.length < 8 || classes <= 1)
+        score = Math.min(score, 1);
+    // A recognizably common password is capped hard regardless of shape.
+    if (hitsCommon)
+        score = Math.min(score, 1);
+    const clamped = Math.max(0, Math.min(4, score));
+    return {
+        score: clamped,
+        label: LABELS[clamped],
+        warning: hitsCommon
+            ? "This looks like a common password — choose something less guessable."
+            : clamped <= 1
+                ? "Use a longer passphrase (4+ random words) with mixed character types."
+                : undefined,
+    };
+}
+//# sourceMappingURL=passphrase-strength.js.map

package/dist/cjs/backup/passphrase-strength.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"passphrase-strength.js","sourceRoot":"","sources":["../../../src/backup/passphrase-strength.ts"],"names":[],"mappings":";AAAA,+CAA+C;AAC/C,EAAE;AACF,gGAAgG;AAChG,oGAAoG;AACpG,sGAAsG;AACtG,gGAAgG;AAChG,oGAAoG;AACpG,qFAAqF;;AAiCrF,gEAsCC;AA3DD,MAAM,MAAM,GAAG,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,CAAU,CAAC;AAE/E,gGAAgG;AAChG,wCAAwC;AACxC,MAAM,MAAM,GAAG;IACb,UAAU,EAAE,UAAU,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS;IAClF,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ;CAC1E,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,SAAgB,0BAA0B,CAAC,UAAkB;IAC3D,MAAM,EAAE,GAAG,UAAU,IAAI,EAAE,CAAC;IAC5B,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;IAE3D,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC;IAC/B,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IAEzD,6BAA6B;IAC7B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,IAAI,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAAE,OAAO,EAAE,CAAC;IAChC,IAAI,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAAE,OAAO,EAAE,CAAC;IAChC,IAAI,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAAE,OAAO,EAAE,CAAC;IAChC,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;QAAE,OAAO,EAAE,CAAC;IAEvC,8EAA8E;IAC9E,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,EAAE,CAAC,MAAM,IAAI,CAAC;QAAE,KAAK,EAAE,CAAC;IAC5B,IAAI,EAAE,CAAC,MAAM,IAAI,EAAE;QAAE,KAAK,EAAE,CAAC;IAC7B,IAAI,EAAE,CAAC,MAAM,IAAI,EAAE;QAAE,KAAK,EAAE,CAAC;IAC7B,sEAAsE;IACtE,IAAI,OAAO,IAAI,CAAC,IAAI,EAAE,CAAC,MAAM,IAAI,CAAC;QAAE,KAAK,EAAE,CAAC;IAE5C,6DAA6D;IAC7D,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,IAAI,CAAC;QAAE,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IAE9D,qEAAqE;IACrE,IAAI,UAAU;QAAE,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IAE3C,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAgC,CAAC;IAC/E,OAAO;QACL,KAAK,EAAE,OAAO;QACd,KAAK,EAAE,MAAM,CAAC,OAAO,CAAC;QACtB,OAAO,EAAE,UAAU;YACjB,CAAC,CAAC,sEAAsE;YACxE,CAAC,CAAC,OAAO,IAAI,CAAC;gBACZ,CAAC,CAAC,uEAAuE;gBACzE,CAAC,CAAC,SAAS;KAChB,CAAC;AACJ,CAAC"}

package/dist/cjs/context/secure-chat-context.d.ts

@@ -4,6 +4,7 @@ import { SecureChatRestClient } from "../transport/rest.js";
 import { SecureChatSocketClient } from "../transport/socket.js";
 import { SecureChatStore } from "../persistence/store.js";
 import { SecureChatRepository } from "../persistence/repository.js";
+import { PaddingPolicy } from "../util/padding.js";
 /**
  * The value exposed by {@link useSecureChat}: shared transport clients, the injected crypto, the
  * persistence repository, the group-handle resolver, and the active project id.
@@ -31,6 +32,11 @@ export interface SecureChatContextValue {
      * @returns An unsubscribe function.
      */
     subscribeGroupChange: (listener: () => void) => () => void;
+    /**
+     * Outbound message size-bucket padding policy. `useSecureMessages` pads plaintext to this before
+     * encryption so ciphertext size leaks less; defaults to `"ladder"`.
+     */
+    padding: PaddingPolicy;
     /** The Agora project id these clients are scoped to. */
     projectId: string;
 }
@@ -50,6 +56,11 @@ export interface SecureChatProviderProps {
     baseUrl?: string;
     /** Override the socket origin. Defaults to @agora-sdk/core `getSocketUrl()`. */
     socketUrl?: string;
+    /**
+     * Outbound message size-bucket padding policy (metadata hardening). `"ladder"` (default) pads each
+     * message up to a fixed size bucket so ciphertext length leaks less; `"none"` frames without padding.
+     */
+    padding?: PaddingPolicy;
     children: React.ReactNode;
 }
 /**
@@ -66,7 +77,7 @@ export interface SecureChatProviderProps {
  * </SecureChatProvider>
  * ```
  */
-export declare function SecureChatProvider({ crypto, projectId, store, accessToken, getAccessToken, baseUrl, socketUrl, children, }: SecureChatProviderProps): React.JSX.Element;
+export declare function SecureChatProvider({ crypto, projectId, store, accessToken, getAccessToken, baseUrl, socketUrl, padding, children, }: SecureChatProviderProps): React.JSX.Element;
 /**
  * Access the nearest {@link SecureChatContextValue}.
  *

package/dist/cjs/context/secure-chat-context.js

@@ -31,7 +31,7 @@ const SecureChatContext = (0, react_1.createContext)(null);
  * </SecureChatProvider>
  * ```
  */
-function SecureChatProvider({ crypto, projectId, store, accessToken, getAccessToken, baseUrl, socketUrl, children, }) {
+function SecureChatProvider({ crypto, projectId, store, accessToken, getAccessToken, baseUrl, socketUrl, padding = "ladder", children, }) {
     const tokenRef = (0, react_1.useRef)(accessToken);
     tokenRef.current = accessToken;
     const resolveToken = (0, react_1.useMemo)(() => getAccessToken ?? (() => tokenRef.current), [getAccessToken]);
@@ -95,6 +95,7 @@ function SecureChatProvider({ crypto, projectId, store, accessToken, getAccessTo
         rememberGroup,
         getGroupVersion,
         subscribeGroupChange,
+        padding,
         projectId,
     }), [
         rest,
@@ -105,6 +106,7 @@ function SecureChatProvider({ crypto, projectId, store, accessToken, getAccessTo
         rememberGroup,
         getGroupVersion,
         subscribeGroupChange,
+        padding,
         projectId,
     ]);
     return (0, jsx_runtime_1.jsx)(SecureChatContext.Provider, { value: value, children: children });

package/dist/cjs/context/secure-chat-context.js.map

@@ -1 +1 @@
-{"version":3,"file":"secure-chat-context.js","sourceRoot":"","sources":["../../../src/context/secure-chat-context.tsx"],"names":[],"mappings":";;AAoFA,gDAwHC;AAQD,sCAMC;;AA1ND,yFAAyF;AACzF,EAAE;AACF,gGAAgG;AAChG,kGAAkG;AAClG,+FAA+F;AAC/F,mGAAmG;AACnG,gEAAgE;AAEhE,iCAAkG;AAClG,0CAA8D;AAG9D,kDAA4D;AAC5D,sDAAgE;AAEhE,oEAA6D;AAC7D,gEAAoE;AAiCpE,MAAM,iBAAiB,GAAG,IAAA,qBAAa,EAAgC,IAAI,CAAC,CAAC;AAqB7E;;;;;;;;;;;;;GAaG;AACH,SAAgB,kBAAkB,CAAC,EACjC,MAAM,EACN,SAAS,EACT,KAAK,EACL,WAAW,EACX,cAAc,EACd,OAAO,EACP,SAAS,EACT,QAAQ,GACgB;IACxB,MAAM,QAAQ,GAAG,IAAA,cAAM,EAAqB,WAAW,CAAC,CAAC;IACzD,QAAQ,CAAC,OAAO,GAAG,WAAW,CAAC;IAE/B,MAAM,YAAY,GAAG,IAAA,eAAO,EAC1B,GAAG,EAAE,CAAC,cAAc,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,EAChD,CAAC,cAAc,CAAC,CACjB,CAAC;IAEF,MAAM,IAAI,GAAG,IAAA,eAAO,EAClB,GAAG,EAAE,CACH,IAAI,8BAAoB,CAAC;QACvB,SAAS;QACT,cAAc,EAAE,YAAY;QAC5B,UAAU,EAAE,GAAG,EAAE,CAAC,OAAO,IAAI,IAAA,oBAAa,GAAE;KAC7C,CAAC,EACJ,CAAC,SAAS,EAAE,YAAY,EAAE,OAAO,CAAC,CACnC,CAAC;IAEF,MAAM,MAAM,GAAG,IAAA,eAAO,EACpB,GAAG,EAAE,CACH,IAAI,kCAAsB,CAAC;QACzB,SAAS;QACT,cAAc,EAAE,YAAY;QAC5B,YAAY,EAAE,GAAG,EAAE,CAAC,SAAS,IAAI,IAAA,mBAAY,GAAE;KAChD,CAAC,EACJ,CAAC,SAAS,EAAE,YAAY,EAAE,SAAS,CAAC,CACrC,CAAC;IAEF,MAAM,aAAa,GAAG,IAAA,eAAO,EAAC,GAAG,EAAE,CAAC,KAAK,IAAI,IAAI,6BAAW,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;IACzE,MAAM,IAAI,GAAG,IAAA,eAAO,EAAC,GAAG,EAAE,CAAC,IAAI,oCAAoB,CAAC,aAAa,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAErF,yFAAyF;IACzF,6FAA6F;IAC7F,+EAA+E;IAC/E,MAAM,UAAU,GAAG,IAAA,cAAM,EAAC,IAAI,GAAG,EAAuB,CAAC,CAAC;IAE1D,kGAAkG;IAClG,6FAA6F;IAC7F,+FAA+F;IAC/F,mDAAmD;IACnD,MAAM,YAAY,GAAG,IAAA,cAAM,EAAC,IAAI,GAAG,EAAkB,CAAC,CAAC;IACvD,MAAM,cAAc,GAAG,IAAA,cAAM,EAAC,IAAI,GAAG,EAAc,CAAC,CAAC;IAErD,MAAM,YAAY,GAAG,IAAA,mBAAW,EAC9B,KAAK,EAAE,cAAsB,EAA+B,EAAE;QAC5D,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACtD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC;QACxD,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QACxB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;QACpD,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAC/C,OAAO,MAAM,CAAC;IAChB,CAAC,EACD,CAAC,IAAI,EAAE,MAAM,CAAC,CACf,CAAC;IAEF,MAAM,aAAa,GAAG,IAAA,mBAAW,EAC/B,KAAK,EAAE,cAAsB,EAAE,MAAmB,EAAiB,EAAE;QACnE,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAC/C,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;QACpD,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;QACjD,uFAAuF;QACvF,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9F,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;IAC7C,CAAC,EACD,CAAC,IAAI,EAAE,MAAM,CAAC,CACf,CAAC;IAEF,MAAM,eAAe,GAAG,IAAA,mBAAW,EACjC,CAAC,cAAsB,EAAU,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,CAAC,EACjF,EAAE,CACH,CAAC;IAEF,MAAM,oBAAoB,GAAG,IAAA,mBAAW,EAAC,CAAC,QAAoB,EAAgB,EAAE;QAC9E,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACrC,OAAO,GAAG,EAAE;YACV,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1C,CAAC,CAAC;IACJ,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;IACnC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAEb,MAAM,KAAK,GAAG,IAAA,eAAO,EACnB,GAAG,EAAE,CAAC,CAAC;QACL,IAAI;QACJ,MAAM;QACN,MAAM;QACN,IAAI;QACJ,YAAY;QACZ,aAAa;QACb,eAAe;QACf,oBAAoB;QACpB,SAAS;KACV,CAAC,EACF;QACE,IAAI;QACJ,MAAM;QACN,MAAM;QACN,IAAI;QACJ,YAAY;QACZ,aAAa;QACb,eAAe;QACf,oBAAoB;QACpB,SAAS;KACV,CACF,CAAC;IAEF,OAAO,uBAAC,iBAAiB,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,YAAG,QAAQ,GAA8B,CAAC;AAC3F,CAAC;AAED;;;;;GAKG;AACH,SAAgB,aAAa;IAC3B,MAAM,GAAG,GAAG,IAAA,kBAAU,EAAC,iBAAiB,CAAC,CAAC;IAC1C,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;IAC/E,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}
+{"version":3,"file":"secure-chat-context.js","sourceRoot":"","sources":["../../../src/context/secure-chat-context.tsx"],"names":[],"mappings":";;AA+FA,gDA2HC;AAQD,sCAMC;;AAxOD,yFAAyF;AACzF,EAAE;AACF,gGAAgG;AAChG,kGAAkG;AAClG,+FAA+F;AAC/F,mGAAmG;AACnG,gEAAgE;AAEhE,iCAAkG;AAClG,0CAA8D;AAG9D,kDAA4D;AAC5D,sDAAgE;AAEhE,oEAA6D;AAC7D,gEAAoE;AAuCpE,MAAM,iBAAiB,GAAG,IAAA,qBAAa,EAAgC,IAAI,CAAC,CAAC;AA0B7E;;;;;;;;;;;;;GAaG;AACH,SAAgB,kBAAkB,CAAC,EACjC,MAAM,EACN,SAAS,EACT,KAAK,EACL,WAAW,EACX,cAAc,EACd,OAAO,EACP,SAAS,EACT,OAAO,GAAG,QAAQ,EAClB,QAAQ,GACgB;IACxB,MAAM,QAAQ,GAAG,IAAA,cAAM,EAAqB,WAAW,CAAC,CAAC;IACzD,QAAQ,CAAC,OAAO,GAAG,WAAW,CAAC;IAE/B,MAAM,YAAY,GAAG,IAAA,eAAO,EAC1B,GAAG,EAAE,CAAC,cAAc,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,EAChD,CAAC,cAAc,CAAC,CACjB,CAAC;IAEF,MAAM,IAAI,GAAG,IAAA,eAAO,EAClB,GAAG,EAAE,CACH,IAAI,8BAAoB,CAAC;QACvB,SAAS;QACT,cAAc,EAAE,YAAY;QAC5B,UAAU,EAAE,GAAG,EAAE,CAAC,OAAO,IAAI,IAAA,oBAAa,GAAE;KAC7C,CAAC,EACJ,CAAC,SAAS,EAAE,YAAY,EAAE,OAAO,CAAC,CACnC,CAAC;IAEF,MAAM,MAAM,GAAG,IAAA,eAAO,EACpB,GAAG,EAAE,CACH,IAAI,kCAAsB,CAAC;QACzB,SAAS;QACT,cAAc,EAAE,YAAY;QAC5B,YAAY,EAAE,GAAG,EAAE,CAAC,SAAS,IAAI,IAAA,mBAAY,GAAE;KAChD,CAAC,EACJ,CAAC,SAAS,EAAE,YAAY,EAAE,SAAS,CAAC,CACrC,CAAC;IAEF,MAAM,aAAa,GAAG,IAAA,eAAO,EAAC,GAAG,EAAE,CAAC,KAAK,IAAI,IAAI,6BAAW,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;IACzE,MAAM,IAAI,GAAG,IAAA,eAAO,EAAC,GAAG,EAAE,CAAC,IAAI,oCAAoB,CAAC,aAAa,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;IAErF,yFAAyF;IACzF,6FAA6F;IAC7F,+EAA+E;IAC/E,MAAM,UAAU,GAAG,IAAA,cAAM,EAAC,IAAI,GAAG,EAAuB,CAAC,CAAC;IAE1D,kGAAkG;IAClG,6FAA6F;IAC7F,+FAA+F;IAC/F,mDAAmD;IACnD,MAAM,YAAY,GAAG,IAAA,cAAM,EAAC,IAAI,GAAG,EAAkB,CAAC,CAAC;IACvD,MAAM,cAAc,GAAG,IAAA,cAAM,EAAC,IAAI,GAAG,EAAc,CAAC,CAAC;IAErD,MAAM,YAAY,GAAG,IAAA,mBAAW,EAC9B,KAAK,EAAE,cAAsB,EAA+B,EAAE;QAC5D,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACtD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC;QACxD,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QACxB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;QACpD,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAC/C,OAAO,MAAM,CAAC;IAChB,CAAC,EACD,CAAC,IAAI,EAAE,MAAM,CAAC,CACf,CAAC;IAEF,MAAM,aAAa,GAAG,IAAA,mBAAW,EAC/B,KAAK,EAAE,cAAsB,EAAE,MAAmB,EAAiB,EAAE;QACnE,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QAC/C,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;QACpD,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;QACjD,uFAAuF;QACvF,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9F,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;IAC7C,CAAC,EACD,CAAC,IAAI,EAAE,MAAM,CAAC,CACf,CAAC;IAEF,MAAM,eAAe,GAAG,IAAA,mBAAW,EACjC,CAAC,cAAsB,EAAU,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,CAAC,EACjF,EAAE,CACH,CAAC;IAEF,MAAM,oBAAoB,GAAG,IAAA,mBAAW,EAAC,CAAC,QAAoB,EAAgB,EAAE;QAC9E,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACrC,OAAO,GAAG,EAAE;YACV,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1C,CAAC,CAAC;IACJ,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,IAAA,iBAAS,EAAC,GAAG,EAAE;QACb,OAAO,GAAG,EAAE,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;IACnC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;IAEb,MAAM,KAAK,GAAG,IAAA,eAAO,EACnB,GAAG,EAAE,CAAC,CAAC;QACL,IAAI;QACJ,MAAM;QACN,MAAM;QACN,IAAI;QACJ,YAAY;QACZ,aAAa;QACb,eAAe;QACf,oBAAoB;QACpB,OAAO;QACP,SAAS;KACV,CAAC,EACF;QACE,IAAI;QACJ,MAAM;QACN,MAAM;QACN,IAAI;QACJ,YAAY;QACZ,aAAa;QACb,eAAe;QACf,oBAAoB;QACpB,OAAO;QACP,SAAS;KACV,CACF,CAAC;IAEF,OAAO,uBAAC,iBAAiB,CAAC,QAAQ,IAAC,KAAK,EAAE,KAAK,YAAG,QAAQ,GAA8B,CAAC;AAC3F,CAAC;AAED;;;;;GAKG;AACH,SAAgB,aAAa;IAC3B,MAAM,GAAG,GAAG,IAAA,kBAAU,EAAC,iBAAiB,CAAC,CAAC;IAC1C,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;IAC/E,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/cjs/contract/index.d.ts

@@ -1,150 +1,2 @@
-export type SecureConversationType = "dm" | "group" | "channel";
-export type SecureMemberRole = "admin" | "member";
-export type SecureHandshakeKind = "welcome" | "commit" | "proposal";
-/** A Welcome targeted at the ONE device whose claimed KeyPackage was consumed. */
-export interface WelcomeEnvelope {
-    targetDeviceId: string;
-    payload: string;
-    epoch: string;
-}
-/** A Commit/Proposal broadcast to the whole group (no target device). */
-export interface HandshakeBlob {
-    payload: string;
-    epoch: string;
-}
-export interface RegisterDeviceBody {
-    deviceId: string;
-    displayName?: string | null;
-    signaturePublicKey: string;
-    credential: string;
-    ciphersuite: number;
-}
-export interface PublishKeyPackagesBody {
-    keyPackages: {
-        keyPackageRef: string;
-        keyPackage: string;
-        ciphersuite: number;
-        expiresAt?: string | null;
-    }[];
-}
-export interface CreateSecureConversationBody {
-    type: SecureConversationType;
-    mlsGroupId: string;
-    spaceId?: string | null;
-    name?: string | null;
-    memberUserIds?: string[];
-    welcomes?: WelcomeEnvelope[];
-}
-export interface AddSecureMemberBody {
-    userId: string;
-    commit: HandshakeBlob;
-    welcomes: WelcomeEnvelope[];
-}
-export interface RemoveSecureMemberBody {
-    commit: HandshakeBlob;
-}
-export interface SendSecureMessageBody {
-    ciphertext: string;
-    epoch: string;
-    senderDeviceId: string;
-    contentType?: string | null;
-}
-export interface UploadKeyBackupBody {
-    deviceId?: string | null;
-    blob: string;
-    nonce: string;
-    kdf: "argon2id" | "pbkdf2";
-    kdfParams: Record<string, unknown>;
-    cipher: "xchacha20poly1305" | "aes-256-gcm";
-    version: number;
-}
-export interface SecureDeviceModel {
-    id: string;
-    projectId: string;
-    userId: string;
-    deviceId: string;
-    displayName: string | null;
-    signaturePublicKey: string;
-    credential: string;
-    ciphersuite: number;
-    revokedAt: string | null;
-    lastSeenAt: string | null;
-    createdAt: string;
-    updatedAt: string;
-}
-export interface SecureKeyPackageClaim {
-    deviceId: string;
-    keyPackageRef: string;
-    keyPackage: string;
-    ciphersuite: number;
-}
-export interface SecureConversationMemberModel {
-    id: string;
-    projectId: string;
-    conversationId: string;
-    userId: string;
-    role: SecureMemberRole;
-    isActive: boolean;
-    joinedAtEpoch: string | null;
-    lastReadAt: string | null;
-    leftAt: string | null;
-    createdAt: string;
-    updatedAt: string;
-}
-export interface SecureConversationModel {
-    id: string;
-    projectId: string;
-    type: SecureConversationType;
-    mlsGroupId: string;
-    spaceId: string | null;
-    currentEpoch: string;
-    name: string | null;
-    createdById: string | null;
-    lastMessageAt: string | null;
-    memberCount?: number;
-    unreadCount?: number;
-    currentMember?: SecureConversationMemberModel;
-    createdAt: string;
-    updatedAt: string;
-}
-export interface SecureMessageModel {
-    id: string;
-    projectId: string;
-    conversationId: string;
-    senderUserId: string | null;
-    senderDeviceId: string | null;
-    epoch: string;
-    ciphertext: string;
-    contentType: string;
-    createdAt: string;
-}
-export interface SecureHandshakeModel {
-    id: string;
-    seq: string;
-    kind: SecureHandshakeKind;
-    conversationId: string;
-    epoch: string;
-    payload: string;
-    senderDeviceId: string | null;
-    targetDeviceId: string | null;
-}
-export interface SecureKeyBackupModel {
-    id: string;
-    projectId: string;
-    userId: string;
-    deviceId: string | null;
-    blob: string;
-    nonce: string;
-    kdf: string;
-    kdfParams: Record<string, unknown>;
-    cipher: string;
-    version: number;
-    createdAt: string;
-    updatedAt: string;
-}
-/** Standard error envelope: `{ error, code, field? }` with `secure-chat/*` codes. */
-export interface SecureChatErrorBody {
-    error: string;
-    code: string;
-    field?: string;
-}
+export type { SecureDeviceModel, SecureKeyPackageClaim, SecureConversationMemberModel, SecureConversationModel, SecureMessageModel, SecureHandshakeModel, SecureKeyBackupModel, } from "@agora-server/contract";
+export type { RegisterDeviceBody, PublishKeyPackagesBody, CreateSecureConversationBody, AddSecureMemberBody, RemoveSecureMemberBody, SendSecureMessageBody, UploadKeyBackupBody, WelcomeEnvelope, HandshakeBlob, } from "@agora-server/contract";

package/dist/cjs/contract/index.js

@@ -1,16 +1,17 @@
 "use strict";
-// Secure-chat wire contract — stand-in for @agora-server/contract (the Apache-2.0 server contract).
+// Secure-chat wire types — re-exported from the published `@agora-server/contract` (Apache-2.0).
 //
-// Mirrors the response models + request bodies of agora-server's
-// `packages/contract/src/secure-chat.ts`. That package is the source of truth (zod + TS); the
-// client only needs the TypeScript shapes, so this copy is types-only.
+// The dependency arrow is **SDK → contract**: agora-server owns the wire contract, this SDK depends
+// on it. This module used to hold a byte-faithful *copy* of the types (a stand-in until the contract
+// published); now that `@agora-server/contract` is published, it is a thin **type-only re-export** so
+// there is exactly one source of truth and zero drift. The internal import path
+// (`../contract/index.js`) is kept stable so call sites don't churn, and the re-export is scoped to
+// the secure-chat surface (not the contract's reactions/pagination/etc.).
 //
-// ⚠️ Keep this byte-faithful to the server contract. The arrow is SDK → contract: once
-// `@agora-server/contract` is published, DELETE this file and `import type { ... } from "@agora-server/contract"`.
-// Do NOT publish a separate `@agora-sdk/secure-chat-contract` (that would invert the dependency —
-// see STATUS.md). Do not let this copy drift in the meantime.
+// Type-only on purpose: `@agora-server/contract` is ESM-only, but these `export type` re-exports are
+// erased from the emitted JS, so core's dual ESM/CJS build never `require()`s it at runtime.
 //
-// Wire conventions: every binary value is **base64** (the server stores/relays opaque blobs and
-// never parses them); MLS epochs are **decimal strings** (u64 exceeds JS safe-int range).
+// Wire conventions (owned by the contract): every binary value is **base64**; MLS epochs are
+// **decimal strings** (u64 exceeds JS safe-int range).
 Object.defineProperty(exports, "__esModule", { value: true });
 //# sourceMappingURL=index.js.map

package/dist/cjs/contract/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/contract/index.ts"],"names":[],"mappings":";AAAA,oGAAoG;AACpG,EAAE;AACF,iEAAiE;AACjE,8FAA8F;AAC9F,uEAAuE;AACvE,EAAE;AACF,uFAAuF;AACvF,mHAAmH;AACnH,kGAAkG;AAClG,8DAA8D;AAC9D,EAAE;AACF,gGAAgG;AAChG,0FAA0F"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/contract/index.ts"],"names":[],"mappings":";AAAA,iGAAiG;AACjG,EAAE;AACF,oGAAoG;AACpG,qGAAqG;AACrG,sGAAsG;AACtG,gFAAgF;AAChF,oGAAoG;AACpG,0EAA0E;AAC1E,EAAE;AACF,qGAAqG;AACrG,6FAA6F;AAC7F,EAAE;AACF,6FAA6F;AAC7F,uDAAuD"}

package/dist/cjs/hooks/useSecureBackup.d.ts

@@ -0,0 +1,67 @@
+import { type PassphraseStrength } from "../backup/passphrase-strength.js";
+/** State + actions returned by {@link useSecureBackup}. */
+export interface UseSecureBackupValues {
+    /**
+     * Seal all local key material under `passphrase` and upload it to the blind server.
+     * @throws {Error} If export or upload fails.
+     */
+    backup: (passphrase: string) => Promise<void>;
+    /**
+     * Restore local key material on a fresh client from the server's backup, rehydrating the device and
+     * every conversation's group state.
+     * @throws {Error} If no backup exists, the passphrase is wrong, or the backup is corrupt.
+     */
+    restore: (passphrase: string) => Promise<void>;
+    /** True while {@link UseSecureBackupValues.backup} is in flight. */
+    backingUp: boolean;
+    /** True while {@link UseSecureBackupValues.restore} is in flight. */
+    restoring: boolean;
+    /** The last error thrown by backup or restore, or `null`. */
+    error: unknown;
+    /** Server `updatedAt` of the most recent successful upload this session, or `null`. */
+    lastBackupAt: string | null;
+    /** True once a group has advanced since the last backup (membership/epoch change) — prompt a re-backup. */
+    needsBackup: boolean;
+    /**
+     * True when there is NO local key material but a backup exists on the server — i.e. this client was
+     * evicted (Safari ITP / "clear browsing data") or is a fresh browser, and recovery is possible. The
+     * app should route to a passphrase prompt → {@link UseSecureBackupValues.restore} instead of
+     * registering a new device. Indistinguishable cases (evicted vs cleared vs new browser) all resolve
+     * the same way. Cleared after a successful restore.
+     */
+    needsRestore: boolean;
+    /** True while the mount-time eviction check (or {@link UseSecureBackupValues.recheckRestore}) is in flight. */
+    checkingRestore: boolean;
+    /**
+     * Re-run the eviction check on demand (e.g. after catching a storage error mid-session, or after
+     * sign-in). Skips the server entirely when local key material is present.
+     * @returns The new {@link UseSecureBackupValues.needsRestore} value.
+     */
+    recheckRestore: () => Promise<boolean>;
+    /** Coarse client-side passphrase-strength estimate for a meter (see {@link estimatePassphraseStrength}). */
+    estimateStrength: (passphrase: string) => PassphraseStrength;
+}
+/**
+ * Manage passphrase backup + restore of the client's secure-chat key material.
+ *
+ * Backups are explicit (call {@link UseSecureBackupValues.backup}); `needsBackup` flips true when a
+ * group advances so the app can prompt. On mount it also detects an evicted/fresh client
+ * (`needsRestore`) so the app restores rather than registering a fresh, history-less identity.
+ *
+ * @returns Backup/restore actions, the evicted-client `needsRestore` signal, in-flight + error state, a
+ *   stale-backup signal, and a passphrase-strength helper.
+ * @throws {Error} When used outside a `<SecureChatProvider>`.
+ *
+ * @example
+ * ```tsx
+ * const { needsRestore, restore, backup } = useSecureBackup();
+ * const { device, register } = useSecureDevice();
+ * // Route an evicted / fresh client to restore; a true first-run to register.
+ * if (needsRestore) await restore(passphrase);      // prompt for the passphrase first
+ * else if (!device) await register();
+ * await backup(passphrase);                          // later, after a device/chat exists
+ * ```
+ * Restore should complete before the app relies on `useSecureDevice` (which read `device: null` on its
+ * own mount) — gate the chat subtree on a post-restore flag or remount it after restore.
+ */
+export declare function useSecureBackup(): UseSecureBackupValues;

package/dist/cjs/hooks/useSecureBackup.js

@@ -0,0 +1,207 @@
+"use strict";
+// useSecureBackup — passphrase backup + restore of all local key material.
+//
+// Backup: crypto.exportBackup(passphrase) seals the device identity + every group's state under a
+// real argon2id KDF + AEAD; we base64 the blob/nonce at the wire boundary and PUT it to the blind
+// server, which stores the ciphertext verbatim (it never sees the passphrase or plaintext).
+//
+// Restore (fresh browser): GET the blob → crypto.importBackup re-derives the identity + groups in
+// memory → re-assert the device server-side (idempotent) to recover its row → persist the device →
+// rebind each conversation's group state by conversationId from the server's conversation list (the
+// server is the source of truth for membership; the backup itself is conversationId-agnostic). The
+// handshake cursor is intentionally left unset so useSecureHandshakes re-pulls from since=0 and
+// dedupes — no cursor needs to live in the backup.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.useSecureBackup = useSecureBackup;
+const react_1 = require("react");
+const base64_js_1 = require("../util/base64.js");
+const secure_chat_context_js_1 = require("../context/secure-chat-context.js");
+const passphrase_strength_js_1 = require("../backup/passphrase-strength.js");
+/**
+ * Manage passphrase backup + restore of the client's secure-chat key material.
+ *
+ * Backups are explicit (call {@link UseSecureBackupValues.backup}); `needsBackup` flips true when a
+ * group advances so the app can prompt. On mount it also detects an evicted/fresh client
+ * (`needsRestore`) so the app restores rather than registering a fresh, history-less identity.
+ *
+ * @returns Backup/restore actions, the evicted-client `needsRestore` signal, in-flight + error state, a
+ *   stale-backup signal, and a passphrase-strength helper.
+ * @throws {Error} When used outside a `<SecureChatProvider>`.
+ *
+ * @example
+ * ```tsx
+ * const { needsRestore, restore, backup } = useSecureBackup();
+ * const { device, register } = useSecureDevice();
+ * // Route an evicted / fresh client to restore; a true first-run to register.
+ * if (needsRestore) await restore(passphrase);      // prompt for the passphrase first
+ * else if (!device) await register();
+ * await backup(passphrase);                          // later, after a device/chat exists
+ * ```
+ * Restore should complete before the app relies on `useSecureDevice` (which read `device: null` on its
+ * own mount) — gate the chat subtree on a post-restore flag or remount it after restore.
+ */
+function useSecureBackup() {
+    const { crypto, rest, repo, rememberGroup, subscribeGroupChange } = (0, secure_chat_context_js_1.useSecureChat)();
+    const [backingUp, setBackingUp] = (0, react_1.useState)(false);
+    const [restoring, setRestoring] = (0, react_1.useState)(false);
+    const [error, setError] = (0, react_1.useState)(null);
+    const [lastBackupAt, setLastBackupAt] = (0, react_1.useState)(null);
+    const [needsBackup, setNeedsBackup] = (0, react_1.useState)(false);
+    const [needsRestore, setNeedsRestore] = (0, react_1.useState)(false);
+    const [checkingRestore, setCheckingRestore] = (0, react_1.useState)(false);
+    // A group advancing (a join or a processed Commit) means the on-server backup is now stale.
+    // Guard the very first synchronous fire so mount doesn't immediately flag a backup as needed.
+    const armed = (0, react_1.useRef)(false);
+    (0, react_1.useEffect)(() => {
+        armed.current = true;
+        return subscribeGroupChange(() => {
+            if (armed.current)
+                setNeedsBackup(true);
+        });
+    }, [subscribeGroupChange]);
+    // Eviction / fresh-client detection: local key material gone but a server backup exists ⇒ restore is
+    // possible (and preferable to registering a new, history-less identity). Evicted, "cleared browsing
+    // data", and a brand-new browser are indistinguishable here and resolve the same way. We only hit the
+    // server when there's no local device, so the common (healthy) path stays a single IndexedDB read.
+    const recheckRestore = (0, react_1.useCallback)(async () => {
+        setCheckingRestore(true);
+        try {
+            const persisted = await repo.loadDevice();
+            if (persisted) {
+                setNeedsRestore(false);
+                return false;
+            }
+            const model = await rest.getKeyBackup();
+            const possible = model !== null;
+            setNeedsRestore(possible);
+            return possible;
+        }
+        catch (err) {
+            // Fail soft: a network blip must not strand the user as "needs restore". Surface the error only.
+            setError(err);
+            setNeedsRestore(false);
+            return false;
+        }
+        finally {
+            setCheckingRestore(false);
+        }
+    }, [repo, rest]);
+    (0, react_1.useEffect)(() => {
+        let alive = true;
+        repo
+            .loadDevice()
+            .then(async (persisted) => {
+            if (!alive || persisted)
+                return; // have local state → not evicted; skip the server call
+            const model = await rest.getKeyBackup();
+            if (alive)
+                setNeedsRestore(model !== null);
+        })
+            .catch((err) => {
+            if (alive)
+                setError(err); // fail soft
+        });
+        return () => {
+            alive = false;
+        };
+    }, [repo, rest]);
+    const backup = (0, react_1.useCallback)(async (passphrase) => {
+        setBackingUp(true);
+        setError(null);
+        try {
+            const b = await crypto.exportBackup(passphrase);
+            const { updatedAt } = await rest.uploadKeyBackup({
+                // base64 at the wire boundary; KDF params (incl. the hex salt) are non-secret metadata.
+                blob: (0, base64_js_1.toBase64)(b.blob),
+                nonce: (0, base64_js_1.toBase64)(b.nonce),
+                kdf: b.kdf,
+                kdfParams: b.kdfParams,
+                cipher: b.cipher,
+                version: b.version,
+            });
+            setLastBackupAt(updatedAt);
+            setNeedsBackup(false);
+        }
+        catch (err) {
+            setError(err);
+            throw err;
+        }
+        finally {
+            setBackingUp(false);
+        }
+    }, [crypto, rest]);
+    const restore = (0, react_1.useCallback)(async (passphrase) => {
+        setRestoring(true);
+        setError(null);
+        try {
+            const model = await rest.getKeyBackup();
+            if (!model)
+                throw new Error("No key backup found on the server to restore.");
+            // Decrypt + repopulate crypto memory (identity + groups). Returns the restored identity.
+            const id = await crypto.importBackup(passphrase, {
+                blob: (0, base64_js_1.fromBase64)(model.blob),
+                nonce: (0, base64_js_1.fromBase64)(model.nonce),
+                kdf: model.kdf,
+                kdfParams: model.kdfParams,
+                cipher: model.cipher,
+                version: model.version,
+            });
+            // Re-assert the (already-registered) device to recover its server row — idempotent on
+            // (userId, deviceId). The row's id is the senderDeviceId messages need.
+            const device = await rest.registerDevice({
+                deviceId: id.deviceId,
+                signaturePublicKey: (0, base64_js_1.toBase64)(id.signaturePublicKey),
+                credential: (0, base64_js_1.toBase64)(id.credential),
+                ciphersuite: id.ciphersuite,
+            });
+            await repo.saveDevice({
+                deviceId: id.deviceId,
+                deviceState: await crypto.exportDeviceState(),
+                device,
+            });
+            // Rebind conversationId → restored group state from the server's conversation list.
+            let cursor;
+            for (;;) {
+                const page = await rest.listConversations(cursor ? { cursor } : undefined);
+                for (const c of page.conversations) {
+                    try {
+                        await rememberGroup(c.id, {
+                            mlsGroupId: (0, base64_js_1.fromBase64)(c.mlsGroupId),
+                            epoch: BigInt(c.currentEpoch),
+                        });
+                    }
+                    catch {
+                        // The group isn't in this backup (created after it, or we're not a member) — skip it.
+                    }
+                }
+                if (!page.hasMore || page.conversations.length === 0)
+                    break;
+                const last = page.conversations[page.conversations.length - 1];
+                cursor = last.lastMessageAt ?? last.createdAt;
+            }
+            setNeedsBackup(false);
+            setNeedsRestore(false); // we now hold local key material again
+        }
+        catch (err) {
+            setError(err);
+            throw err;
+        }
+        finally {
+            setRestoring(false);
+        }
+    }, [crypto, rest, repo, rememberGroup]);
+    return {
+        backup,
+        restore,
+        backingUp,
+        restoring,
+        error,
+        lastBackupAt,
+        needsBackup,
+        needsRestore,
+        checkingRestore,
+        recheckRestore,
+        estimateStrength: passphrase_strength_js_1.estimatePassphraseStrength,
+    };
+}
+//# sourceMappingURL=useSecureBackup.js.map