@agora-sdk/secure-chat-core 0.3.0 → 0.5.0

package/dist/esm/hooks/useSecureSafetyNumber.js

@@ -0,0 +1,79 @@
+// useSecureSafetyNumber — derive the key-verification safety number for a DM conversation.
+//
+// Where it sits in the blind-server model: the server is untrusted and could swap a peer's KeyPackage
+// (active MITM on a TOFU system). This hook reads the two devices' PUBLIC identity keys from the local
+// MLS roster (crypto.exportGroupIdentities) and computes a symmetric, human-comparable safety number
+// (see util/safety-number) the two users confirm out-of-band. Headless: the styled UI lives in the app
+// / demo. DM-focused — for anything other than a 2-member group it returns null rather than guess.
+import { useCallback, useEffect, useRef, useState } from "react";
+import { computeSafetyNumber } from "../util/safety-number.js";
+import { useSecureChat } from "../context/secure-chat-context.js";
+/**
+ * Compute the out-of-band key-verification safety number for a direct-message conversation.
+ *
+ * Resolves the conversation's MLS group, reads its two members' public signature keys, and derives a
+ * symmetric {@link SafetyNumber}. Recomputes when the conversation's group handle advances (e.g. a
+ * processed Commit changes the roster). Returns `safetyNumber: null` when the group is unresolved or is
+ * not a 2-member DM.
+ *
+ * @param conversationId - The conversation to compute the safety number for.
+ * @returns {@link UseSecureSafetyNumberValues}.
+ *
+ * @example
+ * ```tsx
+ * const { safetyNumber } = useSecureSafetyNumber(conversationId);
+ * // render safetyNumber?.groups for the user to compare with their peer
+ * ```
+ */
+export function useSecureSafetyNumber(conversationId) {
+    const { crypto, repo, resolveGroup, getGroupVersion, subscribeGroupChange } = useSecureChat();
+    const [safetyNumber, setSafetyNumber] = useState(null);
+    const [loading, setLoading] = useState(true);
+    const [error, setError] = useState(null);
+    const [tick, setTick] = useState(0);
+    // Recompute when this conversation's group handle advances (a roster change), without diffing handles.
+    const [groupVersion, setGroupVersion] = useState(0);
+    useEffect(() => {
+        return subscribeGroupChange(() => setGroupVersion(getGroupVersion(conversationId)));
+    }, [subscribeGroupChange, getGroupVersion, conversationId]);
+    const refresh = useCallback(() => setTick((t) => t + 1), []);
+    // Guards the per-run state writes against an out-of-date async resolve (conversation switch / unmount).
+    const runIdRef = useRef(0);
+    useEffect(() => {
+        const runId = ++runIdRef.current;
+        setLoading(true);
+        setError(null);
+        (async () => {
+            const group = await resolveGroup(conversationId);
+            if (!group)
+                return null;
+            const [persisted, members] = await Promise.all([
+                repo.loadDevice(),
+                crypto.exportGroupIdentities(group),
+            ]);
+            // DM only: need exactly the local device + one peer. Anything else → no safety number.
+            if (members.length !== 2 || !persisted)
+                return null;
+            const local = members.find((m) => m.deviceId === persisted.deviceId);
+            const remote = members.find((m) => m.deviceId !== persisted.deviceId);
+            if (!local || !remote)
+                return null;
+            return computeSafetyNumber(local, remote);
+        })()
+            .then((sn) => {
+            if (runIdRef.current === runId) {
+                setSafetyNumber(sn);
+                setLoading(false);
+            }
+        })
+            .catch((err) => {
+            if (runIdRef.current === runId) {
+                setError(err);
+                setSafetyNumber(null);
+                setLoading(false);
+            }
+        });
+    }, [crypto, repo, resolveGroup, conversationId, groupVersion, tick]);
+    return { safetyNumber, loading, error, refresh };
+}
+//# sourceMappingURL=useSecureSafetyNumber.js.map

package/dist/esm/hooks/useSecureSafetyNumber.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useSecureSafetyNumber.js","sourceRoot":"","sources":["../../../src/hooks/useSecureSafetyNumber.tsx"],"names":[],"mappings":"AAAA,2FAA2F;AAC3F,EAAE;AACF,sGAAsG;AACtG,uGAAuG;AACvG,qGAAqG;AACrG,uGAAuG;AACvG,mGAAmG;AAEnG,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACjE,OAAO,EAAE,mBAAmB,EAAqB,MAAM,0BAA0B,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,MAAM,mCAAmC,CAAC;AAclE;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,qBAAqB,CAAC,cAAsB;IAC1D,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,eAAe,EAAE,oBAAoB,EAAE,GAAG,aAAa,EAAE,CAAC;IAE9F,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,QAAQ,CAAsB,IAAI,CAAC,CAAC;IAC5E,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAU,IAAI,CAAC,CAAC;IAClD,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IAEpC,uGAAuG;IACvG,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IACpD,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,oBAAoB,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IACtF,CAAC,EAAE,CAAC,oBAAoB,EAAE,eAAe,EAAE,cAAc,CAAC,CAAC,CAAC;IAE5D,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAE7D,wGAAwG;IACxG,MAAM,QAAQ,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAE3B,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,KAAK,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC;QACjC,UAAU,CAAC,IAAI,CAAC,CAAC;QACjB,QAAQ,CAAC,IAAI,CAAC,CAAC;QACf,CAAC,KAAK,IAAI,EAAE;YACV,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,cAAc,CAAC,CAAC;YACjD,IAAI,CAAC,KAAK;gBAAE,OAAO,IAAI,CAAC;YACxB,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;gBAC7C,IAAI,CAAC,UAAU,EAAE;gBACjB,MAAM,CAAC,qBAAqB,CAAC,KAAK,CAAC;aACpC,CAAC,CAAC;YACH,uFAAuF;YACvF,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,SAAS;gBAAE,OAAO,IAAI,CAAC;YACpD,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,QAAQ,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,QAAQ,CAAC,CAAC;YACtE,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM;gBAAE,OAAO,IAAI,CAAC;YACnC,OAAO,mBAAmB,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC5C,CAAC,CAAC,EAAE;aACD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE;YACX,IAAI,QAAQ,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;gBAC/B,eAAe,CAAC,EAAE,CAAC,CAAC;gBACpB,UAAU,CAAC,KAAK,CAAC,CAAC;YACpB,CAAC;QACH,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACb,IAAI,QAAQ,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;gBAC/B,QAAQ,CAAC,GAAG,CAAC,CAAC;gBACd,eAAe,CAAC,IAAI,CAAC,CAAC;gBACtB,UAAU,CAAC,KAAK,CAAC,CAAC;YACpB,CAAC;QACH,CAAC,CAAC,CAAC;IACP,CAAC,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,cAAc,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC,CAAC;IAErE,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;AACnD,CAAC"}

package/dist/esm/index.d.ts

@@ -8,14 +8,25 @@ export { useSecureMessages } from "./hooks/useSecureMessages.js";
 export type { UseSecureMessagesOptions, UseSecureMessagesValues, DecryptedSecureMessage, } from "./hooks/useSecureMessages.js";
 export { useSecureHandshakes } from "./hooks/useSecureHandshakes.js";
 export type { UseSecureHandshakesOptions, UseSecureHandshakesValues, } from "./hooks/useSecureHandshakes.js";
+export { useSecureBackup } from "./hooks/useSecureBackup.js";
+export type { UseSecureBackupValues } from "./hooks/useSecureBackup.js";
+export { useSecureSafetyNumber } from "./hooks/useSecureSafetyNumber.js";
+export type { UseSecureSafetyNumberValues } from "./hooks/useSecureSafetyNumber.js";
+export { estimatePassphraseStrength } from "./backup/passphrase-strength.js";
+export type { PassphraseStrength } from "./backup/passphrase-strength.js";
 export { SecureChatRestClient } from "./transport/rest.js";
 export type { SecureChatRestConfig } from "./transport/rest.js";
 export { SecureChatSocketClient } from "./transport/socket.js";
 export type { SecureSocket, SecureServerEvents, SecureClientEvents, SecureChatSocketConfig, } from "./transport/socket.js";
-export type { SecureChatCrypto, DeviceIdentity, KeyPackageBundle, GroupHandle, TargetedWelcome, CommitResult, PassphraseBackup, } from "@agora-sdk/secure-chat-crypto";
+export type { SecureChatCrypto, DeviceIdentity, KeyPackageBundle, GroupHandle, GroupMemberIdentity, TargetedWelcome, CommitResult, PassphraseBackup, SecureDecryptFailureReason, } from "@agora-sdk/secure-chat-crypto";
+export { SecureChatDecryptError } from "@agora-sdk/secure-chat-crypto";
 export type * from "./contract/index.js";
 export type { SecureChatStore } from "./persistence/store.js";
 export { MemoryStore } from "./persistence/memory-store.js";
 export { SecureChatRepository } from "./persistence/repository.js";
 export type { PersistedDevice } from "./persistence/repository.js";
 export { toBase64, fromBase64, utf8ToBytes, bytesToUtf8 } from "./util/base64.js";
+export { padPlaintext, unpadPlaintext, nextBucket } from "./util/padding.js";
+export type { PaddingPolicy } from "./util/padding.js";
+export { computeSafetyNumber } from "./util/safety-number.js";
+export type { SafetyNumber } from "./util/safety-number.js";

package/dist/esm/index.js

@@ -10,11 +10,18 @@ export { useSecureDevice } from "./hooks/useSecureDevice.js";
 export { useSecureConversations } from "./hooks/useSecureConversations.js";
 export { useSecureMessages } from "./hooks/useSecureMessages.js";
 export { useSecureHandshakes } from "./hooks/useSecureHandshakes.js";
+export { useSecureBackup } from "./hooks/useSecureBackup.js";
+export { useSecureSafetyNumber } from "./hooks/useSecureSafetyNumber.js";
+// ── backup (passphrase strength meter) ────────────────────────────────────────
+export { estimatePassphraseStrength } from "./backup/passphrase-strength.js";
 // ── transport (for advanced / non-React use) ─────────────────────────────────
 export { SecureChatRestClient } from "./transport/rest.js";
 export { SecureChatSocketClient } from "./transport/socket.js";
+export { SecureChatDecryptError } from "@agora-sdk/secure-chat-crypto";
 export { MemoryStore } from "./persistence/memory-store.js";
 export { SecureChatRepository } from "./persistence/repository.js";
 // ── utils ────────────────────────────────────────────────────────────────────
 export { toBase64, fromBase64, utf8ToBytes, bytesToUtf8 } from "./util/base64.js";
+export { padPlaintext, unpadPlaintext, nextBucket } from "./util/padding.js";
+export { computeSafetyNumber } from "./util/safety-number.js";
 //# sourceMappingURL=index.js.map

package/dist/esm/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,8FAA8F;AAC9F,EAAE;AACF,6FAA6F;AAC7F,+FAA+F;AAC/F,4DAA4D;AAE5D,+EAA+E;AAC/E,OAAO,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,kCAAkC,CAAC;AAMrF,gFAAgF;AAChF,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAE7D,OAAO,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;AAE3E,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AAMjE,OAAO,EAAE,mBAAmB,EAAE,MAAM,gCAAgC,CAAC;AAMrE,gFAAgF;AAChF,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAE3D,OAAO,EAAE,sBAAsB,EAAE,MAAM,uBAAuB,CAAC;AAwB/D,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,6BAA6B,CAAC;AAGnE,gFAAgF;AAChF,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,8FAA8F;AAC9F,EAAE;AACF,6FAA6F;AAC7F,+FAA+F;AAC/F,4DAA4D;AAE5D,+EAA+E;AAC/E,OAAO,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,kCAAkC,CAAC;AAMrF,gFAAgF;AAChF,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAE7D,OAAO,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;AAE3E,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AAMjE,OAAO,EAAE,mBAAmB,EAAE,MAAM,gCAAgC,CAAC;AAKrE,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAE7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,kCAAkC,CAAC;AAGzE,iFAAiF;AACjF,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAG7E,gFAAgF;AAChF,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAE3D,OAAO,EAAE,sBAAsB,EAAE,MAAM,uBAAuB,CAAC;AAoB/D,OAAO,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AAOvE,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,6BAA6B,CAAC;AAGnE,gFAAgF;AAChF,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAClF,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE7E,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC"}

package/dist/esm/transport/socket.d.ts

@@ -26,10 +26,22 @@ export interface SecureServerEvents {
         userId: string;
     }) => void;
 }
-/** Client → server events. */
+/**
+ * Client → server events.
+ *
+ * @remarks
+ * Payloads are **objects**, not bare ids — the server destructures `{ conversationId }` /
+ * `{ deviceId }` off the first argument (agora-server `realtime/secure-socket.ts`). Emitting a bare
+ * string lands as `undefined` after destructuring (and, on a `null` payload, throws server-side), so
+ * the join silently fails. Keep these shapes in lockstep with the server's `SecureClientToServerEvents`.
+ */
 export interface SecureClientEvents {
-    "join:secure-conversation": (conversationId: string) => void;
-    "join:secure-device": (deviceId: string) => void;
+    "join:secure-conversation": (payload: {
+        conversationId: string;
+    }) => void;
+    "join:secure-device": (payload: {
+        deviceId: string;
+    }) => void;
 }
 /** A socket.io `Socket` typed with the secure-chat event maps in both directions. */
 export type SecureSocket = Socket<SecureServerEvents, SecureClientEvents>;

package/dist/esm/transport/socket.js

@@ -43,11 +43,13 @@ export class SecureChatSocketClient {
     }
     /** Join a conversation room (membership-gated server-side) to receive its broadcasts. */
     joinConversation(conversationId) {
-        this.connect().emit("join:secure-conversation", conversationId);
+        // Object payload — the server destructures `{ conversationId }`; a bare string would arrive as
+        // `undefined` and the join would silently no-op (see SecureClientEvents).
+        this.connect().emit("join:secure-conversation", { conversationId });
     }
     /** Explicitly join a device room (ownership-verified). Owned devices auto-join on connect. */
     joinDevice(deviceId) {
-        this.connect().emit("join:secure-device", deviceId);
+        this.connect().emit("join:secure-device", { deviceId });
     }
     /**
      * Subscribe to a server → client event, auto-connecting if needed.

package/dist/esm/transport/socket.js.map

@@ -1 +1 @@
-{"version":3,"file":"socket.js","sourceRoot":"","sources":["../../../src/transport/socket.ts"],"names":[],"mappings":"AAAA,8FAA8F;AAC9F,EAAE;AACF,iGAAiG;AACjG,kGAAkG;AAClG,8FAA8F;AAC9F,kCAAkC;AAElC,OAAO,EAAE,EAAE,EAAU,MAAM,kBAAkB,CAAC;AAqC9C;;;;GAIG;AACH,MAAM,OAAO,sBAAsB;IAGjC,YAA6B,MAA8B;QAA9B,WAAM,GAAN,MAAM,CAAwB;QAFnD,WAAM,GAAwB,IAAI,CAAC;IAEmB,CAAC;IAE/D;;;;OAIG;IACH,OAAO;QACL,IAAI,IAAI,CAAC,MAAM,EAAE,SAAS;YAAE,OAAO,IAAI,CAAC,MAAM,CAAC;QAC/C,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAC7D,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC,GAAG,MAAM,SAAS,EAAE;YACnC,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,EAAE;YAC7C,KAAK,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE;YAC3C,UAAU,EAAE,CAAC,WAAW,CAAC;YACzB,WAAW,EAAE,IAAI;SAClB,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,kGAAkG;IAClG,UAAU;QACR,IAAI,CAAC,MAAM,EAAE,UAAU,EAAE,CAAC;QAC1B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;IACrB,CAAC;IAED,kGAAkG;IAClG,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,yFAAyF;IACzF,gBAAgB,CAAC,cAAsB;QACrC,IAAI,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,0BAA0B,EAAE,cAAc,CAAC,CAAC;IAClE,CAAC;IAED,8FAA8F;IAC9F,UAAU,CAAC,QAAgB;QACzB,IAAI,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,oBAAoB,EAAE,QAAQ,CAAC,CAAC;IACtD,CAAC;IAED;;;;;;OAMG;IACH,EAAE,CAAqC,KAAQ,EAAE,OAA8B;QAC7E,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;QACzB,4FAA4F;QAC5F,CAAC,CAAC,EAAE,CAAC,KAAc,EAAE,OAAgB,CAAC,CAAC;QACvC,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,KAAc,EAAE,OAAgB,CAAC,CAAC;IACvD,CAAC;CACF"}
+{"version":3,"file":"socket.js","sourceRoot":"","sources":["../../../src/transport/socket.ts"],"names":[],"mappings":"AAAA,8FAA8F;AAC9F,EAAE;AACF,iGAAiG;AACjG,kGAAkG;AAClG,8FAA8F;AAC9F,kCAAkC;AAElC,OAAO,EAAE,EAAE,EAAU,MAAM,kBAAkB,CAAC;AA6C9C;;;;GAIG;AACH,MAAM,OAAO,sBAAsB;IAGjC,YAA6B,MAA8B;QAA9B,WAAM,GAAN,MAAM,CAAwB;QAFnD,WAAM,GAAwB,IAAI,CAAC;IAEmB,CAAC;IAE/D;;;;OAIG;IACH,OAAO;QACL,IAAI,IAAI,CAAC,MAAM,EAAE,SAAS;YAAE,OAAO,IAAI,CAAC,MAAM,CAAC;QAC/C,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAC7D,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC,GAAG,MAAM,SAAS,EAAE;YACnC,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,EAAE;YAC7C,KAAK,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE;YAC3C,UAAU,EAAE,CAAC,WAAW,CAAC;YACzB,WAAW,EAAE,IAAI;SAClB,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,kGAAkG;IAClG,UAAU;QACR,IAAI,CAAC,MAAM,EAAE,UAAU,EAAE,CAAC;QAC1B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;IACrB,CAAC;IAED,kGAAkG;IAClG,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,yFAAyF;IACzF,gBAAgB,CAAC,cAAsB;QACrC,+FAA+F;QAC/F,0EAA0E;QAC1E,IAAI,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,0BAA0B,EAAE,EAAE,cAAc,EAAE,CAAC,CAAC;IACtE,CAAC;IAED,8FAA8F;IAC9F,UAAU,CAAC,QAAgB;QACzB,IAAI,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC1D,CAAC;IAED;;;;;;OAMG;IACH,EAAE,CAAqC,KAAQ,EAAE,OAA8B;QAC7E,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;QACzB,4FAA4F;QAC5F,CAAC,CAAC,EAAE,CAAC,KAAc,EAAE,OAAgB,CAAC,CAAC;QACvC,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,KAAc,EAAE,OAAgB,CAAC,CAAC;IACvD,CAAC;CACF"}

package/dist/esm/util/padding.d.ts

@@ -0,0 +1,39 @@
+/**
+ * How aggressively to pad outbound message plaintext.
+ *
+ * - `"ladder"` — round the framed length up to the next size bucket (the default; blunts length
+ *   fingerprinting).
+ * - `"none"` — still frame the message (so unpadding stays uniform across clients) but add no extra
+ *   bytes. Use only when bandwidth matters more than traffic-shape privacy.
+ */
+export type PaddingPolicy = "ladder" | "none";
+/**
+ * Round a framed byte length up to the next size bucket: the smallest ladder rung
+ * (32, 64, … , 8192) that is ≥ `n`, or — above the ladder — the next multiple of 8192.
+ *
+ * @param n - The unpadded framed length (header + content) in bytes.
+ * @returns The bucket size to pad up to (always ≥ 32, always ≥ `n`).
+ */
+export declare function nextBucket(n: number): number;
+/**
+ * Wrap message content in a size-bucket padding frame for encryption. The output is
+ * `[version][contentLen][content][zero pad]`; under `"ladder"` its length is one of the fixed buckets
+ * from {@link nextBucket}. Padding bytes are zeros — they ride inside the MLS ciphertext, so they need
+ * not be random.
+ *
+ * @param content - The plaintext bytes to send (e.g. `utf8ToBytes(text)`).
+ * @param policy - The {@link PaddingPolicy}; defaults to `"ladder"`.
+ * @returns The framed, padded bytes to hand to `crypto.encryptMessage`.
+ */
+export declare function padPlaintext(content: Uint8Array, policy?: PaddingPolicy): Uint8Array;
+/**
+ * Recover the original content from a {@link padPlaintext} frame after decryption. Validates the version
+ * byte and bounds-checks the declared length, then slices off the header and trailing zero padding.
+ *
+ * @param frame - The decrypted frame bytes (from `crypto.decryptMessage`).
+ * @returns The original content bytes.
+ * @throws {Error} On a frame that is too short, carries an unknown version, or declares a length that
+ *   overruns the buffer — a successfully-authenticated MLS message with a bad frame is a real
+ *   framing/version mismatch, so the caller fails closed rather than rendering raw padded bytes.
+ */
+export declare function unpadPlaintext(frame: Uint8Array): Uint8Array;

package/dist/esm/util/padding.js

@@ -0,0 +1,75 @@
+// Message size-bucket padding — a metadata-hardening frame applied to plaintext BEFORE MLS encryption.
+//
+// Where it sits in the blind-server model: the server (and any DB/network observer) is trusted to relay
+// ciphertext but learns *envelope* metadata in the Signal model — including ciphertext SIZE. Raw chat
+// text encrypts to a ciphertext whose length tracks the message length, leaking traffic shape. We wrap
+// the plaintext in a self-describing frame and zero-pad it up to a fixed bucket ladder, so short
+// messages collapse into a few sizes. MLS then encrypts the frame, so the ciphertext inherits the
+// bucketing (modulo a constant MLS framing overhead). This is pure byte-shuffling — NO crypto, no keys
+// — and the frame is symmetric: every client pads on send and unpads on receive identically.
+//
+// Frame layout: [version:1B = 1][contentLen:uint32 BE][content bytes][zero padding → bucket].
+/** The smallest bucket; also the floor for an empty message (a 5-byte header → bucket 32). */
+const LADDER = [32, 64, 128, 256, 512, 1024, 2048, 4096, 8192];
+/** Above the ladder we round up to multiples of this (the largest ladder rung). */
+const STEP = 8192;
+/** Frame header: 1 version byte + a 4-byte big-endian content length. */
+const HEADER = 5;
+/** Frame format version, bound as the first byte so the codec can evolve without ambiguity. */
+const VERSION = 1;
+/**
+ * Round a framed byte length up to the next size bucket: the smallest ladder rung
+ * (32, 64, … , 8192) that is ≥ `n`, or — above the ladder — the next multiple of 8192.
+ *
+ * @param n - The unpadded framed length (header + content) in bytes.
+ * @returns The bucket size to pad up to (always ≥ 32, always ≥ `n`).
+ */
+export function nextBucket(n) {
+    for (const b of LADDER)
+        if (n <= b)
+            return b;
+    return Math.ceil(n / STEP) * STEP;
+}
+/**
+ * Wrap message content in a size-bucket padding frame for encryption. The output is
+ * `[version][contentLen][content][zero pad]`; under `"ladder"` its length is one of the fixed buckets
+ * from {@link nextBucket}. Padding bytes are zeros — they ride inside the MLS ciphertext, so they need
+ * not be random.
+ *
+ * @param content - The plaintext bytes to send (e.g. `utf8ToBytes(text)`).
+ * @param policy - The {@link PaddingPolicy}; defaults to `"ladder"`.
+ * @returns The framed, padded bytes to hand to `crypto.encryptMessage`.
+ */
+export function padPlaintext(content, policy = "ladder") {
+    const framed = HEADER + content.length;
+    const target = policy === "ladder" ? nextBucket(framed) : framed;
+    const out = new Uint8Array(target); // zero-filled → the padding is already in place
+    out[0] = VERSION;
+    out[1] = (content.length >>> 24) & 0xff;
+    out[2] = (content.length >>> 16) & 0xff;
+    out[3] = (content.length >>> 8) & 0xff;
+    out[4] = content.length & 0xff;
+    out.set(content, HEADER);
+    return out;
+}
+/**
+ * Recover the original content from a {@link padPlaintext} frame after decryption. Validates the version
+ * byte and bounds-checks the declared length, then slices off the header and trailing zero padding.
+ *
+ * @param frame - The decrypted frame bytes (from `crypto.decryptMessage`).
+ * @returns The original content bytes.
+ * @throws {Error} On a frame that is too short, carries an unknown version, or declares a length that
+ *   overruns the buffer — a successfully-authenticated MLS message with a bad frame is a real
+ *   framing/version mismatch, so the caller fails closed rather than rendering raw padded bytes.
+ */
+export function unpadPlaintext(frame) {
+    if (frame.length < HEADER)
+        throw new Error("secure-chat: padding frame too short");
+    if (frame[0] !== VERSION)
+        throw new Error(`secure-chat: unsupported padding frame version ${frame[0]}`);
+    const len = (frame[1] << 24) | (frame[2] << 16) | (frame[3] << 8) | frame[4];
+    if (len < 0 || HEADER + len > frame.length)
+        throw new Error("secure-chat: padding frame length out of range");
+    return frame.slice(HEADER, HEADER + len);
+}
+//# sourceMappingURL=padding.js.map

package/dist/esm/util/padding.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"padding.js","sourceRoot":"","sources":["../../../src/util/padding.ts"],"names":[],"mappings":"AAAA,uGAAuG;AACvG,EAAE;AACF,wGAAwG;AACxG,sGAAsG;AACtG,uGAAuG;AACvG,iGAAiG;AACjG,kGAAkG;AAClG,uGAAuG;AACvG,6FAA6F;AAC7F,EAAE;AACF,8FAA8F;AAE9F,8FAA8F;AAC9F,MAAM,MAAM,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAU,CAAC;AACxE,mFAAmF;AACnF,MAAM,IAAI,GAAG,IAAI,CAAC;AAClB,yEAAyE;AACzE,MAAM,MAAM,GAAG,CAAC,CAAC;AACjB,+FAA+F;AAC/F,MAAM,OAAO,GAAG,CAAC,CAAC;AAYlB;;;;;;GAMG;AACH,MAAM,UAAU,UAAU,CAAC,CAAS;IAClC,KAAK,MAAM,CAAC,IAAI,MAAM;QAAE,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO,CAAC,CAAC;IAC7C,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC;AACpC,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,YAAY,CAAC,OAAmB,EAAE,SAAwB,QAAQ;IAChF,MAAM,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IACvC,MAAM,MAAM,GAAG,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACjE,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,gDAAgD;IACpF,GAAG,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC;IACjB,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC;IACxC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC;IACxC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC;IACvC,GAAG,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAC/B,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IACzB,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,cAAc,CAAC,KAAiB;IAC9C,IAAI,KAAK,CAAC,MAAM,GAAG,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IACnF,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,OAAO;QAAE,MAAM,IAAI,KAAK,CAAC,kDAAkD,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACxG,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IAC7E,IAAI,GAAG,GAAG,CAAC,IAAI,MAAM,GAAG,GAAG,GAAG,KAAK,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IAC9G,OAAO,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,GAAG,CAAC,CAAC;AAC3C,CAAC"}

package/dist/esm/util/safety-number.d.ts

@@ -0,0 +1,27 @@
+import type { GroupMemberIdentity } from "@agora-sdk/secure-chat-crypto";
+/** A derived safety number, in the forms a UI needs. */
+export interface SafetyNumber {
+    /** All 60 decimal digits with no separators. */
+    digits: string;
+    /** The 60 digits as 12 groups of 5 (for display / read-aloud). */
+    groups: string[];
+    /** The raw combined fingerprint bytes (sorted-concatenated per-party hashes) — e.g. for a QR code. */
+    fingerprint: Uint8Array;
+}
+/**
+ * Derive the safety number for two parties from their public identities. The result is **symmetric** —
+ * `computeSafetyNumber(a, b)` equals `computeSafetyNumber(b, a)` — because the two per-party
+ * fingerprints are sorted before concatenation. Uses WebCrypto SHA-256 (available in browsers and
+ * Node 18+).
+ *
+ * @param a - One party's `{ deviceId, signaturePublicKey }` (e.g. the local device).
+ * @param b - The other party's identity (e.g. the remote peer).
+ * @returns The {@link SafetyNumber} (60 digits, 12 groups of 5, plus raw fingerprint bytes).
+ *
+ * @example
+ * ```ts
+ * const { groups } = await computeSafetyNumber(localIdentity, peerIdentity);
+ * // groups → ["12345", "67890", … 12 of them]; compare with the peer out-of-band.
+ * ```
+ */
+export declare function computeSafetyNumber(a: GroupMemberIdentity, b: GroupMemberIdentity): Promise<SafetyNumber>;

package/dist/esm/util/safety-number.js

@@ -0,0 +1,81 @@
+// Safety number — a human-comparable fingerprint of two devices' identity keys (key verification).
+//
+// Where it sits in the blind-server model: the server is blind but UNTRUSTED, so it could in principle
+// hand a victim a KeyPackage carrying an attacker's signature key (a classic active MITM on a TOFU
+// system). A safety number lets two users confirm out-of-band (read aloud / compare on screen / scan a
+// QR) that they actually hold each other's real identity keys. It is derived ONLY from public
+// signature keys + device ids — no secrets — and is symmetric: both sides compute the same number.
+//
+// Shape (Signal-style): each party's identity is hashed into a 30-digit number; the two are sorted (so
+// the result is order-independent) and concatenated into 60 decimal digits, shown as 12 groups of 5.
+/** Format/version byte bound into the hash so the derivation can evolve unambiguously. */
+const VERSION = 0;
+/** Hash iterations per party. Public-key fingerprints don't need KDF-grade work; this is a fixed,
+ *  app-wide constant purely so every Agora client derives an identical number (interop, not secrecy). */
+const ITERATIONS = 1024;
+/** Bytes of the final hash consumed: 6 chunks × 5 bytes → 6 × 5 digits = 30 digits per party. */
+const CHUNKS = 6;
+const CHUNK_BYTES = 5;
+const utf8 = (s) => new TextEncoder().encode(s);
+function concat(...parts) {
+    const total = parts.reduce((n, p) => n + p.length, 0);
+    const out = new Uint8Array(total);
+    let off = 0;
+    for (const p of parts) {
+        out.set(p, off);
+        off += p.length;
+    }
+    return out;
+}
+async function sha256(bytes) {
+    // Cast to BufferSource: our Uint8Array is always ArrayBuffer-backed, but the lib type is the wider
+    // Uint8Array<ArrayBufferLike> (which could be SharedArrayBuffer) that digest() won't accept directly.
+    return new Uint8Array(await globalThis.crypto.subtle.digest("SHA-256", bytes));
+}
+/** Encode one 5-byte chunk as a 5-digit decimal string (40-bit big-endian value mod 100000). */
+function chunkToDigits(hash, offset) {
+    // 2**40 < 2**53, so plain Number arithmetic is exact here.
+    let value = 0;
+    for (let i = 0; i < CHUNK_BYTES; i++)
+        value = value * 256 + hash[offset + i];
+    return (value % 100000).toString().padStart(5, "0");
+}
+/** Per-party fingerprint: an iterated hash of (version || pubkey || deviceId), then 30 digits + the
+ *  truncated hash bytes. Signal-shaped (the key is re-mixed in each round). */
+async function partyFingerprint(party) {
+    const key = party.signaturePublicKey;
+    let hash = concat(Uint8Array.of(VERSION), key, utf8(party.deviceId));
+    for (let i = 0; i < ITERATIONS; i++)
+        hash = await sha256(concat(hash, key));
+    let digits = "";
+    for (let c = 0; c < CHUNKS; c++)
+        digits += chunkToDigits(hash, c * CHUNK_BYTES);
+    return { digits, bytes: hash.slice(0, CHUNKS * CHUNK_BYTES) };
+}
+/**
+ * Derive the safety number for two parties from their public identities. The result is **symmetric** —
+ * `computeSafetyNumber(a, b)` equals `computeSafetyNumber(b, a)` — because the two per-party
+ * fingerprints are sorted before concatenation. Uses WebCrypto SHA-256 (available in browsers and
+ * Node 18+).
+ *
+ * @param a - One party's `{ deviceId, signaturePublicKey }` (e.g. the local device).
+ * @param b - The other party's identity (e.g. the remote peer).
+ * @returns The {@link SafetyNumber} (60 digits, 12 groups of 5, plus raw fingerprint bytes).
+ *
+ * @example
+ * ```ts
+ * const { groups } = await computeSafetyNumber(localIdentity, peerIdentity);
+ * // groups → ["12345", "67890", … 12 of them]; compare with the peer out-of-band.
+ * ```
+ */
+export async function computeSafetyNumber(a, b) {
+    const [fpA, fpB] = await Promise.all([partyFingerprint(a), partyFingerprint(b)]);
+    // Sort so the number is the same regardless of who is "a" vs "b".
+    const [first, second] = fpA.digits <= fpB.digits ? [fpA, fpB] : [fpB, fpA];
+    const digits = first.digits + second.digits;
+    const groups = [];
+    for (let i = 0; i < digits.length; i += 5)
+        groups.push(digits.slice(i, i + 5));
+    return { digits, groups, fingerprint: concat(first.bytes, second.bytes) };
+}
+//# sourceMappingURL=safety-number.js.map

package/dist/esm/util/safety-number.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"safety-number.js","sourceRoot":"","sources":["../../../src/util/safety-number.ts"],"names":[],"mappings":"AAAA,mGAAmG;AACnG,EAAE;AACF,uGAAuG;AACvG,mGAAmG;AACnG,uGAAuG;AACvG,8FAA8F;AAC9F,mGAAmG;AACnG,EAAE;AACF,uGAAuG;AACvG,qGAAqG;AAIrG,0FAA0F;AAC1F,MAAM,OAAO,GAAG,CAAC,CAAC;AAClB;yGACyG;AACzG,MAAM,UAAU,GAAG,IAAI,CAAC;AACxB,iGAAiG;AACjG,MAAM,MAAM,GAAG,CAAC,CAAC;AACjB,MAAM,WAAW,GAAG,CAAC,CAAC;AAEtB,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AAYxD,SAAS,MAAM,CAAC,GAAG,KAAmB;IACpC,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAChB,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,KAAK,UAAU,MAAM,CAAC,KAAiB;IACrC,mGAAmG;IACnG,sGAAsG;IACtG,OAAO,IAAI,UAAU,CAAC,MAAM,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,KAAqB,CAAC,CAAC,CAAC;AACjG,CAAC;AAED,gGAAgG;AAChG,SAAS,aAAa,CAAC,IAAgB,EAAE,MAAc;IACrD,2DAA2D;IAC3D,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE;QAAE,KAAK,GAAG,KAAK,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC7E,OAAO,CAAC,KAAK,GAAG,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AACtD,CAAC;AAED;+EAC+E;AAC/E,KAAK,UAAU,gBAAgB,CAAC,KAA0B;IACxD,MAAM,GAAG,GAAG,KAAK,CAAC,kBAAkB,CAAC;IACrC,IAAI,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC;IACrE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE;QAAE,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;IAC5E,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE;QAAE,MAAM,IAAI,aAAa,CAAC,IAAI,EAAE,CAAC,GAAG,WAAW,CAAC,CAAC;IAChF,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,GAAG,WAAW,CAAC,EAAE,CAAC;AAChE,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,CAAsB,EACtB,CAAsB;IAEtB,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACjF,kEAAkE;IAClE,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;IAC5C,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC/E,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;AAC5E,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agora-sdk/secure-chat-core",
-  "version": "0.3.0",
+  "version": "0.5.0",
   "private": false,
   "license": "Apache-2.0",
   "author": "Agora SDK Plus, maintained by Jenova Marie",
@@ -35,9 +35,10 @@
     "dist"
   ],
   "dependencies": {
+    "@agora-server/contract": "^0.9.3",
     "axios": "^1.4.0",
     "socket.io-client": "^4.8.1",
-    "@agora-sdk/secure-chat-crypto": "0.3.0"
+    "@agora-sdk/secure-chat-crypto": "0.5.0"
   },
   "peerDependencies": {
     "@agora-sdk/core": "^1.2.2",