@bandeira-tech/b3nd-web 0.5.1 → 0.5.2

package/dist/blob/mod.d.ts

@@ -0,0 +1,77 @@
+/**
+ * Blob and Link utilities for B3nd content-addressed storage
+ *
+ * @module blob
+ *
+ * @example
+ * ```typescript
+ * import { computeSha256, generateBlobUri, validateLinkValue } from "@bandeira-tech/b3nd-sdk/blob";
+ *
+ * // Compute hash and generate blob URI
+ * const data = { title: "Hello", content: "World" };
+ * const hash = await computeSha256(data);
+ * const blobUri = generateBlobUri(hash);
+ * // blobUri = "blob://open/sha256:2cf24dba..."
+ *
+ * // Validate a link value
+ * const result = validateLinkValue("blob://open/sha256:abc123...");
+ * // result = { valid: true }
+ * ```
+ */
+/**
+ * Compute SHA256 hash of a value
+ * @param value - The value to hash (Uint8Array for binary, otherwise JSON-stringified)
+ * @returns Hex-encoded SHA256 hash (64 characters)
+ */
+declare function computeSha256(value: Uint8Array | unknown): Promise<string>;
+/**
+ * Generate a blob URI from a SHA256 hash
+ * @param hash - Hex-encoded SHA256 hash (64 characters)
+ * @returns Blob URI in format "blob://open/sha256:{hash}"
+ */
+declare function generateBlobUri(hash: string): string;
+/**
+ * Parse a blob URI to extract the hash
+ * @param uri - Blob URI in format "blob://open/sha256:{hash}"
+ * @returns Object with algorithm and hash, or null if invalid
+ */
+declare function parseBlobUri(uri: string): {
+    algorithm: string;
+    hash: string;
+} | null;
+/**
+ * Validate that a value is a valid link (string URI)
+ * @param value - The value to validate
+ * @returns Validation result with valid boolean and optional error
+ */
+declare function validateLinkValue(value: unknown): {
+    valid: boolean;
+    error?: string;
+};
+/**
+ * Generate a link URI for authenticated links
+ * @param pubkey - Public key (hex) of the account
+ * @param path - Path within the account namespace
+ * @returns Link URI in format "link://accounts/{pubkey}/{path}"
+ */
+declare function generateLinkUri(pubkey: string, path: string): string;
+/**
+ * Validate a SHA256 hash format
+ * @param hash - Hash string to validate
+ * @returns true if valid 64-character hex string
+ */
+declare function isValidSha256Hash(hash: string): boolean;
+/**
+ * Verify that content matches its blob URI hash
+ * @param uri - Blob URI containing the expected hash
+ * @param value - Content to verify
+ * @returns Object with valid boolean and computed hash
+ */
+declare function verifyBlobContent(uri: string, value: Uint8Array | unknown): Promise<{
+    valid: boolean;
+    expectedHash?: string;
+    actualHash: string;
+    error?: string;
+}>;
+
+export { computeSha256, generateBlobUri, generateLinkUri, isValidSha256Hash, parseBlobUri, validateLinkValue, verifyBlobContent };

package/dist/blob/mod.js

@@ -0,0 +1,74 @@
+import "../chunk-MLKGABMK.js";
+
+// blob/mod.ts
+async function computeSha256(value) {
+  let data;
+  if (value instanceof Uint8Array) {
+    data = value;
+  } else {
+    const encoder = new TextEncoder();
+    data = encoder.encode(JSON.stringify(value));
+  }
+  const hashBuffer = await crypto.subtle.digest("SHA-256", data);
+  const hashArray = new Uint8Array(hashBuffer);
+  return Array.from(hashArray).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+function generateBlobUri(hash) {
+  return `blob://open/sha256:${hash}`;
+}
+function parseBlobUri(uri) {
+  try {
+    const url = new URL(uri);
+    if (url.protocol !== "blob:") return null;
+    const match = url.pathname.match(/^\/([^:]+):([a-f0-9]+)$/i);
+    if (!match) return null;
+    return { algorithm: match[1], hash: match[2] };
+  } catch {
+    return null;
+  }
+}
+function validateLinkValue(value) {
+  if (typeof value !== "string") {
+    return { valid: false, error: "Link value must be a string URI" };
+  }
+  try {
+    new URL(value);
+  } catch {
+    return { valid: false, error: "Link value must be a valid URI" };
+  }
+  return { valid: true };
+}
+function generateLinkUri(pubkey, path) {
+  return `link://accounts/${pubkey}/${path}`;
+}
+function isValidSha256Hash(hash) {
+  return /^[a-f0-9]{64}$/i.test(hash);
+}
+async function verifyBlobContent(uri, value) {
+  const parsed = parseBlobUri(uri);
+  if (!parsed) {
+    const actualHash2 = await computeSha256(value);
+    return { valid: false, actualHash: actualHash2, error: "Invalid blob URI format" };
+  }
+  if (parsed.algorithm !== "sha256") {
+    const actualHash2 = await computeSha256(value);
+    return { valid: false, actualHash: actualHash2, error: `Unsupported algorithm: ${parsed.algorithm}` };
+  }
+  const actualHash = await computeSha256(value);
+  const valid = actualHash.toLowerCase() === parsed.hash.toLowerCase();
+  return {
+    valid,
+    expectedHash: parsed.hash,
+    actualHash,
+    error: valid ? void 0 : "Content hash mismatch"
+  };
+}
+export {
+  computeSha256,
+  generateBlobUri,
+  generateLinkUri,
+  isValidSha256Hash,
+  parseBlobUri,
+  validateLinkValue,
+  verifyBlobContent
+};

package/dist/{chunk-O53KW746.js → chunk-AOAPDYO2.js}

@@ -39,23 +39,32 @@ var MemoryClient = class {
     this.storage = config.storage || /* @__PURE__ */ new Map();
     this.cleanup();
   }
-  async write(uri, payload) {
+  /**
+   * Receive a transaction - the unified entry point for all state changes
+   * @param tx - Transaction tuple [uri, data]
+   * @returns ReceiveResult indicating acceptance
+   */
+  async receive(tx) {
+    const [uri, data] = tx;
+    if (!uri || typeof uri !== "string") {
+      return { accepted: false, error: "Transaction URI is required" };
+    }
     const result = target(uri, this.schema, this.storage);
     if (!result.success) {
-      return result;
+      return { accepted: false, error: result.error };
     }
     const { program, node, parts } = result;
     const validator = this.schema[program];
-    const validation = await validator({ uri, value: payload, read: this.read.bind(this) });
+    const validation = await validator({ uri, value: data, read: this.read.bind(this) });
     if (!validation.valid) {
       return {
-        success: false,
+        accepted: false,
         error: validation.error || "Validation failed"
       };
     }
     const record = {
       ts: Date.now(),
-      data: payload
+      data
     };
     let prev = node;
     parts.filter(Boolean).forEach((ns) => {
@@ -69,10 +78,7 @@ var MemoryClient = class {
       }
     });
     prev.value = record;
-    return {
-      success: true,
-      record
-    };
+    return { accepted: true };
   }
   read(uri) {
     const result = target(uri, this.schema, this.storage);
@@ -153,10 +159,21 @@ var MemoryClient = class {
         }
       });
     }
-    let items = Array.from(current.children.entries()).map(([key, child]) => ({
-      uri: path.endsWith("/") ? `${program}${path}${key}` : `${program}${path}/${key}`,
-      type: child.value ? "file" : "directory"
-    }));
+    const prefix = path.endsWith("/") ? `${program}${path}` : `${program}${path}/`;
+    let items = [];
+    function collectLeaves(node2, currentUri) {
+      if (node2.value !== void 0) {
+        items.push({ uri: currentUri });
+      }
+      if (node2.children) {
+        for (const [key, child] of node2.children) {
+          collectLeaves(child, `${currentUri}/${key}`);
+        }
+      }
+    }
+    for (const [key, child] of current.children) {
+      collectLeaves(child, `${prefix}${key}`);
+    }
     if (options?.pattern) {
       const regex = new RegExp(options.pattern);
       items = items.filter((item) => regex.test(item.uri));

package/dist/chunk-GRCTNUV3.js

@@ -0,0 +1,43 @@
+// shared/encoding.ts
+function encodeHex(bytes) {
+  return Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+function decodeHex(hex) {
+  if (hex.length % 2 !== 0) {
+    throw new Error("Invalid hex input");
+  }
+  const buffer = new ArrayBuffer(hex.length / 2);
+  const bytes = new Uint8Array(buffer);
+  for (let i = 0; i < hex.length; i += 2) {
+    bytes[i / 2] = parseInt(hex.slice(i, i + 2), 16);
+  }
+  return bytes;
+}
+function encodeBase64(bytes) {
+  const buf = typeof globalThis !== "undefined" && globalThis.Buffer || void 0;
+  if (buf) {
+    return buf.from(bytes).toString("base64");
+  }
+  let binary = "";
+  bytes.forEach((b) => binary += String.fromCharCode(b));
+  return btoa(binary);
+}
+function decodeBase64(b64) {
+  const buf = typeof globalThis !== "undefined" && globalThis.Buffer || void 0;
+  if (buf) {
+    return new Uint8Array(buf.from(b64, "base64"));
+  }
+  const binary = atob(b64);
+  const bytes = new Uint8Array(binary.length);
+  for (let i = 0; i < binary.length; i++) {
+    bytes[i] = binary.charCodeAt(i);
+  }
+  return bytes;
+}
+
+export {
+  encodeHex,
+  decodeHex,
+  encodeBase64,
+  decodeBase64
+};

package/dist/{chunk-3U3TYM34.js → chunk-KX2UV5B6.js}

@@ -1,16 +1,16 @@
 import {
   MemoryClient,
   createTestSchema
-} from "./chunk-O53KW746.js";
+} from "./chunk-AOAPDYO2.js";
 import {
   WalletServerCore
-} from "./chunk-7PZMJECC.js";
+} from "./chunk-USNS3YAB.js";
 import {
   createAuthenticatedMessageWithHex,
   exportPrivateKeyPem,
   generateEncryptionKeyPair,
   generateSigningKeyPair
-} from "./chunk-JN75UL5C.js";
+} from "./chunk-O4U7NQO4.js";
 
 // wallet/client.ts
 var WalletClient = class {
@@ -737,7 +737,7 @@ async function createTestEnvironment(config = {}) {
         privateKeyHex: keypair.privateKeyHex
       };
       const sessionUri = `mutable://accounts/${appKey}/sessions/${sessionKeypair.publicKeyHex}`;
-      await backend.write(sessionUri, 1);
+      await backend.receive([sessionUri, 1]);
       const session = await wallet.signup(appKey, sessionKeypair, { type: "password", username, password });
       wallet.setSession(session);
       const keys = await wallet.getPublicKeys(appKey);
@@ -750,7 +750,7 @@ async function createTestEnvironment(config = {}) {
         privateKeyHex: keypair.privateKeyHex
       };
       const sessionUri = `mutable://accounts/${appKey}/sessions/${sessionKeypair.publicKeyHex}`;
-      await backend.write(sessionUri, 1);
+      await backend.receive([sessionUri, 1]);
       const session = await wallet.login(appKey, sessionKeypair, { type: "password", username, password });
       wallet.setSession(session);
       const keys = await wallet.getPublicKeys(appKey);

package/dist/{chunk-PZFEKQ7F.js → chunk-LW6IWHDJ.js}

@@ -55,29 +55,35 @@ var LocalStorageClient = class {
   deserialize(data) {
     return this.config.serializer.deserialize(data);
   }
-  async write(uri, value) {
+  /**
+   * Receive a transaction - the unified entry point for all state changes
+   * @param tx - Transaction tuple [uri, data]
+   * @returns ReceiveResult indicating acceptance
+   */
+  async receive(tx) {
+    const [uri, data] = tx;
+    if (!uri || typeof uri !== "string") {
+      return { accepted: false, error: "Transaction URI is required" };
+    }
     try {
-      const validation = await this.validateWrite(uri, value);
+      const validation = await this.validateWrite(uri, data);
       if (!validation.valid) {
         return {
-          success: false,
+          accepted: false,
           error: validation.error || "Validation failed"
         };
       }
       const key = this.getKey(uri);
       const record = {
         ts: Date.now(),
-        data: value
+        data
       };
       const serialized = this.serialize(record);
       this.storage.setItem(key, serialized);
-      return {
-        success: true,
-        record
-      };
+      return { accepted: true };
     } catch (error) {
       return {
-        success: false,
+        accepted: false,
         error: error instanceof Error ? error.message : String(error)
       };
     }
@@ -140,10 +146,8 @@ var LocalStorageClient = class {
           if (pattern && !uri2.includes(pattern)) {
             continue;
           }
-          const isDirectory = this.hasChildren(uri2);
           items.push({
-            uri: uri2,
-            type: isDirectory ? "directory" : "file"
+            uri: uri2
           });
         }
       }

package/dist/{chunk-JN75UL5C.js → chunk-O4U7NQO4.js}

@@ -1,3 +1,9 @@
+import {
+  decodeBase64,
+  decodeHex,
+  encodeBase64,
+  encodeHex
+} from "./chunk-GRCTNUV3.js";
 import {
   __export
 } from "./chunk-MLKGABMK.js";
@@ -32,45 +38,6 @@ __export(mod_exports, {
   verifyAndDecryptMessage: () => verifyAndDecryptMessage,
   verifyPayload: () => verifyPayload
 });
-
-// shared/encoding.ts
-function encodeHex(bytes) {
-  return Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
-}
-function decodeHex(hex) {
-  if (hex.length % 2 !== 0) {
-    throw new Error("Invalid hex input");
-  }
-  const buffer = new ArrayBuffer(hex.length / 2);
-  const bytes = new Uint8Array(buffer);
-  for (let i = 0; i < hex.length; i += 2) {
-    bytes[i / 2] = parseInt(hex.slice(i, i + 2), 16);
-  }
-  return bytes;
-}
-function encodeBase64(bytes) {
-  const buf = typeof globalThis !== "undefined" && globalThis.Buffer || void 0;
-  if (buf) {
-    return buf.from(bytes).toString("base64");
-  }
-  let binary = "";
-  bytes.forEach((b) => binary += String.fromCharCode(b));
-  return btoa(binary);
-}
-function decodeBase64(b64) {
-  const buf = typeof globalThis !== "undefined" && globalThis.Buffer || void 0;
-  if (buf) {
-    return new Uint8Array(buf.from(b64, "base64"));
-  }
-  const binary = atob(b64);
-  const bytes = new Uint8Array(binary.length);
-  for (let i = 0; i < binary.length; i++) {
-    bytes[i] = binary.charCodeAt(i);
-  }
-  return bytes;
-}
-
-// encrypt/mod.ts
 var IdentityKey = class _IdentityKey {
   constructor(privateKey, publicKeyHex) {
     this.privateKey = privateKey;
@@ -585,8 +552,6 @@ async function createSignedSymmetricMessage(data, signers, keyHex) {
 }
 
 export {
-  encodeHex,
-  decodeHex,
   IdentityKey,
   PublicEncryptionKey,
   SecretEncryptionKey,

package/dist/{chunk-7PZMJECC.js → chunk-USNS3YAB.js}

@@ -1,15 +1,17 @@
 import {
   createAuthenticatedMessage,
   createSignedEncryptedMessage,
-  decodeHex,
   decrypt,
-  encodeHex,
   encrypt,
   verifyPayload
-} from "./chunk-JN75UL5C.js";
+} from "./chunk-O4U7NQO4.js";
 import {
   HttpClient
-} from "./chunk-32YBATXQ.js";
+} from "./chunk-WTXWILQE.js";
+import {
+  decodeHex,
+  encodeHex
+} from "./chunk-GRCTNUV3.js";
 
 // wallet-server/interfaces.ts
 var defaultLogger = {
@@ -285,10 +287,10 @@ async function generateUserKeys(client, serverPublicKey, username, serverIdentit
         serverIdentityPublicKeyHex,
         serverEncryptionPublicKeyHex
       );
-      await client.write(
+      await client.receive([
         `mutable://accounts/${serverPublicKey}/${path}`,
         signed
-      );
+      ]);
     })(),
     (async () => {
       const path = await deriveObfuscatedPath(
@@ -302,10 +304,10 @@ async function generateUserKeys(client, serverPublicKey, username, serverIdentit
         serverIdentityPublicKeyHex,
         serverEncryptionPublicKeyHex
       );
-      await client.write(
+      await client.receive([
         `mutable://accounts/${serverPublicKey}/${path}`,
         signed
-      );
+      ]);
     })()
   ]);
   return { accountKey, encryptionKey };
@@ -427,8 +429,8 @@ async function proxyWrite(proxyClient, credentialClient, serverPublicKey, userna
     } else {
       signedMessage = await createAuthenticatedMessage(request.data, [signer]);
     }
-    const result = await proxyClient.write(resolvedUri, signedMessage);
-    if (!result.success) {
+    const result = await proxyClient.receive([resolvedUri, signedMessage]);
+    if (!result.accepted) {
       return {
         success: false,
         error: result.error || "Write failed"
@@ -436,8 +438,7 @@ async function proxyWrite(proxyClient, credentialClient, serverPublicKey, userna
     }
     return {
       success: true,
-      resolvedUri,
-      record: result.record
+      resolvedUri
     };
   } catch (error) {
     return {
@@ -657,10 +658,10 @@ async function createUser(client, serverPublicKey, username, password, serverIde
     serverIdentityPublicKeyHex,
     serverEncryptionPublicKeyHex
   );
-  await client.write(
+  await client.receive([
     `mutable://accounts/${serverPublicKey}/${profilePath}`,
     profileSigned
-  );
+  ]);
   const passwordPath = await deriveObfuscatedPath(
     serverPublicKey,
     username,
@@ -674,10 +675,10 @@ async function createUser(client, serverPublicKey, username, password, serverIde
     serverIdentityPublicKeyHex,
     serverEncryptionPublicKeyHex
   );
-  await client.write(
+  await client.receive([
     `mutable://accounts/${serverPublicKey}/${passwordPath}`,
     passwordSigned
-  );
+  ]);
   return { salt, hash };
 }
 async function authenticateUser(client, serverPublicKey, username, password, serverEncryptionPrivateKeyPem, appScope, logger) {
@@ -733,10 +734,10 @@ async function changePassword(client, serverPublicKey, username, oldPassword, ne
     serverIdentityPublicKeyHex,
     serverEncryptionPublicKeyHex
   );
-  await client.write(
+  await client.receive([
     `mutable://accounts/${serverPublicKey}/${passwordPath}`,
     passwordSigned
-  );
+  ]);
 }
 async function createPasswordResetToken(client, serverPublicKey, username, ttlSeconds, serverIdentityPrivateKeyPem, serverIdentityPublicKeyHex, serverEncryptionPublicKeyHex, appScope) {
   if (!await userExists(client, serverPublicKey, username)) {
@@ -764,10 +765,10 @@ async function createPasswordResetToken(client, serverPublicKey, username, ttlSe
     serverIdentityPublicKeyHex,
     serverEncryptionPublicKeyHex
   );
-  await client.write(
+  await client.receive([
     `mutable://accounts/${serverPublicKey}/${tokenPath}`,
     tokenSigned
-  );
+  ]);
   return token;
 }
 async function resetPasswordWithToken(client, serverPublicKey, token, newPassword, serverIdentityPrivateKeyPem, serverIdentityPublicKeyHex, serverEncryptionPublicKeyHex, serverEncryptionPrivateKeyPem, username, appScope, logger) {
@@ -816,10 +817,10 @@ async function resetPasswordWithToken(client, serverPublicKey, token, newPasswor
     serverIdentityPublicKeyHex,
     serverEncryptionPublicKeyHex
   );
-  await client.write(
+  await client.receive([
     `mutable://accounts/${serverPublicKey}/${passwordPath}`,
     passwordSigned
-  );
+  ]);
   await client.delete(`mutable://accounts/${serverPublicKey}/${tokenPath}`);
   return tokenUsername;
 }
@@ -863,10 +864,10 @@ async function createGoogleUser(client, serverPublicKey, username, googlePayload
     serverIdentityPublicKeyHex,
     serverEncryptionPublicKeyHex
   );
-  await client.write(
+  await client.receive([
     `mutable://accounts/${serverPublicKey}/${profilePath}`,
     profileSigned
-  );
+  ]);
   const googleProfilePath = await deriveObfuscatedPath(
     serverPublicKey,
     googlePayload.sub,
@@ -885,10 +886,10 @@ async function createGoogleUser(client, serverPublicKey, username, googlePayload
     serverIdentityPublicKeyHex,
     serverEncryptionPublicKeyHex
   );
-  await client.write(
+  await client.receive([
     `mutable://accounts/${serverPublicKey}/${googleProfilePath}`,
     googleProfileSigned
-  );
+  ]);
   return { username, googleSub: googlePayload.sub };
 }
 async function authenticateGoogleUser(client, serverPublicKey, googleSub, serverEncryptionPrivateKeyPem, appScope, logger) {

package/dist/{chunk-32YBATXQ.js → chunk-WTXWILQE.js}

@@ -1,4 +1,14 @@
+import {
+  encodeBase64
+} from "./chunk-GRCTNUV3.js";
+
 // clients/http/mod.ts
+function serializeTxData(data) {
+  if (data instanceof Uint8Array) {
+    return { __b3nd_binary__: true, encoding: "base64", data: encodeBase64(data) };
+  }
+  return data;
+}
 var HttpClient = class {
   constructor(config) {
     this.baseUrl = config.url.replace(/\/$/, "");
@@ -44,34 +54,38 @@ var HttpClient = class {
       path: url.pathname
     };
   }
-  async write(uri, value) {
+  /**
+   * Receive a transaction (unified Node interface)
+   * POSTs to /api/v1/receive endpoint
+   * @param tx - Transaction tuple [uri, data]
+   * @returns ReceiveResult indicating acceptance
+   */
+  async receive(tx) {
+    const [uri] = tx;
+    if (!uri || typeof uri !== "string") {
+      return { accepted: false, error: "Transaction URI is required" };
+    }
     try {
-      const { protocol, domain, path } = this.parseUri(uri);
-      const requestPath = `/api/v1/write/${protocol}/${domain}${path}`;
-      const isBinary = value instanceof Uint8Array;
-      const body = isBinary ? value : JSON.stringify({ value });
-      const contentType = isBinary ? "application/octet-stream" : "application/json";
-      const response = await this.request(requestPath, {
+      const [uri2, data] = tx;
+      const serializedTx = [uri2, serializeTxData(data)];
+      const response = await this.request("/api/v1/receive", {
         method: "POST",
-        body,
-        headers: {
-          "Content-Type": contentType
-        }
+        body: JSON.stringify({ tx: serializedTx })
       });
       const result = await response.json();
       if (!response.ok) {
         return {
-          success: false,
-          error: `Write failed: ${result.error || response.statusText}`
+          accepted: false,
+          error: result.error || response.statusText
         };
       }
       return {
-        success: true,
-        record: result.record
+        accepted: result.accepted ?? true,
+        error: result.error
       };
     } catch (error) {
       return {
-        success: false,
+        accepted: false,
         error: error instanceof Error ? error.message : String(error)
       };
     }

package/dist/{chunk-UUHVOWVI.js → chunk-ZONW4WJ2.js}

@@ -1,3 +1,35 @@
+// src/binary.ts
+var BINARY_MARKER = "__b3nd_binary__";
+function isEncodedBinary(value) {
+  return typeof value === "object" && value !== null && BINARY_MARKER in value && value[BINARY_MARKER] === true;
+}
+function encodeBinaryForJson(value) {
+  if (value instanceof Uint8Array) {
+    return {
+      [BINARY_MARKER]: true,
+      data: btoa(String.fromCharCode(...value))
+    };
+  }
+  if (value instanceof ArrayBuffer) {
+    return {
+      [BINARY_MARKER]: true,
+      data: btoa(String.fromCharCode(...new Uint8Array(value)))
+    };
+  }
+  return value;
+}
+function decodeBinaryFromJson(value) {
+  if (isEncodedBinary(value)) {
+    const binary = atob(value.data);
+    const bytes = new Uint8Array(binary.length);
+    for (let i = 0; i < binary.length; i++) {
+      bytes[i] = binary.charCodeAt(i);
+    }
+    return bytes;
+  }
+  return value;
+}
+
 // clients/websocket/mod.ts
 var WebSocketClient = class {
   constructor(config) {
@@ -173,13 +205,24 @@ var WebSocketClient = class {
       }
     });
   }
-  async write(uri, value) {
+  /**
+   * Receive a transaction (unified Node interface)
+   * Sends "receive" message type with { tx } payload
+   * @param tx - Transaction tuple [uri, data]
+   * @returns ReceiveResult indicating acceptance
+   */
+  async receive(tx) {
+    const [uri] = tx;
+    if (!uri || typeof uri !== "string") {
+      return { accepted: false, error: "Transaction URI is required" };
+    }
     try {
-      const result = await this.sendRequest("write", { uri, value });
+      const encodedTx = [uri, encodeBinaryForJson(tx[1])];
+      const result = await this.sendRequest("receive", { tx: encodedTx });
       return result;
     } catch (error) {
       return {
-        success: false,
+        accepted: false,
         error: error instanceof Error ? error.message : String(error)
       };
     }
@@ -187,6 +230,9 @@ var WebSocketClient = class {
   async read(uri) {
     try {
       const result = await this.sendRequest("read", { uri });
+      if (result.success && result.record) {
+        result.record.data = decodeBinaryFromJson(result.record.data);
+      }
       return result;
     } catch (error) {
       return {

package/dist/clients/http/mod.d.ts

@@ -1,4 +1,5 @@
-import { N as NodeProtocolInterface, a as HttpClientConfig, g as WriteResult, R as ReadResult, h as ReadMultiResult, b as ListOptions, c as ListResult, D as DeleteResult, H as HealthStatus } from '../../types-uuvn4oKw.js';
+import { N as NodeProtocolInterface, a as HttpClientConfig, R as ReadResult, h as ReadMultiResult, b as ListOptions, c as ListResult, D as DeleteResult, H as HealthStatus } from '../../types-72HsU7WT.js';
+import { N as Node, T as Transaction, R as ReceiveResult } from '../../types-CdHovjru.js';
 
 /**
  * HttpClient - HTTP implementation of NodeProtocolInterface
@@ -7,7 +8,7 @@ import { N as NodeProtocolInterface, a as HttpClientConfig, g as WriteResult, R
  * No schema validation - validation happens server-side.
  */
 
-declare class HttpClient implements NodeProtocolInterface {
+declare class HttpClient implements NodeProtocolInterface, Node {
     private baseUrl;
     private headers;
     private timeout;
@@ -21,7 +22,13 @@ declare class HttpClient implements NodeProtocolInterface {
      * Example: "users://alice/profile" -> { protocol: "users", domain: "alice", path: "/profile" }
      */
     private parseUri;
-    write<T = unknown>(uri: string, value: T): Promise<WriteResult<T>>;
+    /**
+     * Receive a transaction (unified Node interface)
+     * POSTs to /api/v1/receive endpoint
+     * @param tx - Transaction tuple [uri, data]
+     * @returns ReceiveResult indicating acceptance
+     */
+    receive<D = unknown>(tx: Transaction<D>): Promise<ReceiveResult>;
     read<T = unknown>(uri: string): Promise<ReadResult<T>>;
     readMulti<T = unknown>(uris: string[]): Promise<ReadMultiResult<T>>;
     private readMultiFallback;

package/dist/clients/http/mod.js

@@ -1,6 +1,7 @@
 import {
   HttpClient
-} from "../../chunk-32YBATXQ.js";
+} from "../../chunk-WTXWILQE.js";
+import "../../chunk-GRCTNUV3.js";
 import "../../chunk-MLKGABMK.js";
 export {
   HttpClient

package/dist/clients/local-storage/mod.d.ts

@@ -1,4 +1,5 @@
-import { N as NodeProtocolInterface, d as LocalStorageClientConfig, g as WriteResult, R as ReadResult, h as ReadMultiResult, b as ListOptions, c as ListResult, D as DeleteResult, H as HealthStatus } from '../../types-uuvn4oKw.js';
+import { N as NodeProtocolInterface, d as LocalStorageClientConfig, R as ReadResult, h as ReadMultiResult, b as ListOptions, c as ListResult, D as DeleteResult, H as HealthStatus } from '../../types-72HsU7WT.js';
+import { N as Node, T as Transaction, R as ReceiveResult } from '../../types-CdHovjru.js';
 
 /**
  * LocalStorageClient - Browser localStorage implementation of NodeProtocolInterface
@@ -7,7 +8,7 @@ import { N as NodeProtocolInterface, d as LocalStorageClientConfig, g as WriteRe
  * Supports schema validation and custom serialization.
  */
 
-declare class LocalStorageClient implements NodeProtocolInterface {
+declare class LocalStorageClient implements NodeProtocolInterface, Node {
     private config;
     private schema;
     private storage;
@@ -32,7 +33,12 @@ declare class LocalStorageClient implements NodeProtocolInterface {
      * Deserialize data using configured serializer
      */
     private deserialize;
-    write<T = unknown>(uri: string, value: T): Promise<WriteResult<T>>;
+    /**
+     * Receive a transaction - the unified entry point for all state changes
+     * @param tx - Transaction tuple [uri, data]
+     * @returns ReceiveResult indicating acceptance
+     */
+    receive<D = unknown>(tx: Transaction<D>): Promise<ReceiveResult>;
     read<T = unknown>(uri: string): Promise<ReadResult<T>>;
     readMulti<T = unknown>(uris: string[]): Promise<ReadMultiResult<T>>;
     list(uri: string, options?: ListOptions): Promise<ListResult>;

package/dist/clients/local-storage/mod.js

@@ -1,6 +1,6 @@
 import {
   LocalStorageClient
-} from "../../chunk-PZFEKQ7F.js";
+} from "../../chunk-LW6IWHDJ.js";
 import "../../chunk-MLKGABMK.js";
 export {
   LocalStorageClient

package/dist/clients/memory/mod.d.ts

@@ -1,4 +1,5 @@
-import { N as NodeProtocolInterface, S as Schema, g as WriteResult, R as ReadResult, h as ReadMultiResult, b as ListOptions, c as ListResult, H as HealthStatus, D as DeleteResult } from '../../types-uuvn4oKw.js';
+import { N as NodeProtocolInterface, S as Schema, R as ReadResult, h as ReadMultiResult, b as ListOptions, c as ListResult, H as HealthStatus, D as DeleteResult } from '../../types-72HsU7WT.js';
+import { N as Node, T as Transaction, R as ReceiveResult } from '../../types-CdHovjru.js';
 
 type MemoryClientStorageNode<T> = {
     value?: T;
@@ -24,7 +25,7 @@ interface MemoryClientConfig {
     schema: Schema;
     storage?: MemoryClientStorage;
 }
-declare class MemoryClient implements NodeProtocolInterface {
+declare class MemoryClient implements NodeProtocolInterface, Node {
     protected storage: MemoryClientStorage;
     protected schema: Schema;
     /**
@@ -34,7 +35,12 @@ declare class MemoryClient implements NodeProtocolInterface {
      * @throws Error if schema keys are not in "protocol://hostname" format
      */
     constructor(config: MemoryClientConfig);
-    write<T = unknown>(uri: string, payload: T): Promise<WriteResult<T>>;
+    /**
+     * Receive a transaction - the unified entry point for all state changes
+     * @param tx - Transaction tuple [uri, data]
+     * @returns ReceiveResult indicating acceptance
+     */
+    receive<D = unknown>(tx: Transaction<D>): Promise<ReceiveResult>;
     read<T>(uri: string): Promise<ReadResult<T>>;
     readMulti<T = unknown>(uris: string[]): Promise<ReadMultiResult<T>>;
     list(uri: string, options?: ListOptions): Promise<ListResult>;

package/dist/clients/memory/mod.js

@@ -1,7 +1,7 @@
 import {
   MemoryClient,
   createTestSchema
-} from "../../chunk-O53KW746.js";
+} from "../../chunk-AOAPDYO2.js";
 import "../../chunk-MLKGABMK.js";
 export {
   MemoryClient,

package/dist/clients/websocket/mod.d.ts

@@ -1,4 +1,5 @@
-import { N as NodeProtocolInterface, W as WebSocketClientConfig, g as WriteResult, R as ReadResult, h as ReadMultiResult, b as ListOptions, c as ListResult, D as DeleteResult, H as HealthStatus } from '../../types-uuvn4oKw.js';
+import { N as NodeProtocolInterface, W as WebSocketClientConfig, R as ReadResult, h as ReadMultiResult, b as ListOptions, c as ListResult, D as DeleteResult, H as HealthStatus } from '../../types-72HsU7WT.js';
+import { N as Node, T as Transaction, R as ReceiveResult } from '../../types-CdHovjru.js';
 
 /**
  * WebSocketClient - WebSocket implementation of NodeProtocolInterface
@@ -7,7 +8,7 @@ import { N as NodeProtocolInterface, W as WebSocketClientConfig, g as WriteResul
  * Handles reconnection and connection pooling.
  */
 
-declare class WebSocketClient implements NodeProtocolInterface {
+declare class WebSocketClient implements NodeProtocolInterface, Node {
     private config;
     private ws;
     private connected;
@@ -50,7 +51,13 @@ declare class WebSocketClient implements NodeProtocolInterface {
      * Send request and wait for response
      */
     private sendRequest;
-    write<T = unknown>(uri: string, value: T): Promise<WriteResult<T>>;
+    /**
+     * Receive a transaction (unified Node interface)
+     * Sends "receive" message type with { tx } payload
+     * @param tx - Transaction tuple [uri, data]
+     * @returns ReceiveResult indicating acceptance
+     */
+    receive<D = unknown>(tx: Transaction<D>): Promise<ReceiveResult>;
     read<T = unknown>(uri: string): Promise<ReadResult<T>>;
     readMulti<T = unknown>(uris: string[]): Promise<ReadMultiResult<T>>;
     list(uri: string, options?: ListOptions): Promise<ListResult>;

package/dist/clients/websocket/mod.js

@@ -1,6 +1,6 @@
 import {
   WebSocketClient
-} from "../../chunk-UUHVOWVI.js";
+} from "../../chunk-ZONW4WJ2.js";
 import "../../chunk-MLKGABMK.js";
 export {
   WebSocketClient

package/dist/{core-BGUpkKnP.d.ts → core-euL00biT.d.ts}

@@ -1,5 +1,5 @@
 import { Hono } from 'hono';
-import { N as NodeProtocolInterface } from './types-uuvn4oKw.js';
+import { N as NodeProtocolInterface } from './types-72HsU7WT.js';
 
 /**
  * Wallet Server Dependency Injection Interfaces

package/dist/encrypt/mod.js

@@ -25,7 +25,8 @@ import {
   verify,
   verifyAndDecryptMessage,
   verifyPayload
-} from "../chunk-JN75UL5C.js";
+} from "../chunk-O4U7NQO4.js";
+import "../chunk-GRCTNUV3.js";
 import "../chunk-MLKGABMK.js";
 export {
   IdentityKey,

package/dist/src/mod.web.d.ts

@@ -1,7 +1,8 @@
-export { C as ClientError, D as DeleteResult, H as HealthStatus, a as HttpClientConfig, L as ListItem, b as ListOptions, c as ListResult, d as LocalStorageClientConfig, N as NodeProtocolInterface, P as PersistenceRecord, R as ReadResult, S as Schema, V as ValidationFn, W as WebSocketClientConfig, e as WebSocketRequest, f as WebSocketResponse, g as WriteResult } from '../types-uuvn4oKw.js';
+export { C as ClientError, D as DeleteResult, H as HealthStatus, a as HttpClientConfig, L as ListItem, b as ListOptions, c as ListResult, d as LocalStorageClientConfig, N as NodeProtocolInterface, P as PersistenceRecord, R as ReadResult, S as Schema, V as ValidationFn, W as WebSocketClientConfig, e as WebSocketRequest, f as WebSocketResponse, g as WriteResult } from '../types-72HsU7WT.js';
 export { HttpClient } from '../clients/http/mod.js';
 export { WebSocketClient } from '../clients/websocket/mod.js';
 export { LocalStorageClient } from '../clients/local-storage/mod.js';
 export { W as WalletClient } from '../client-DHCiJ9I7.js';
 export { AppsClient } from '../apps/mod.js';
 export { m as encrypt } from '../mod-CII9wqu2.js';
+import '../types-CdHovjru.js';

package/dist/src/mod.web.js

@@ -1,23 +1,24 @@
+import {
+  WebSocketClient
+} from "../chunk-ZONW4WJ2.js";
 import {
   AppsClient
 } from "../chunk-VAZUCGED.js";
 import {
   WalletClient
-} from "../chunk-3U3TYM34.js";
-import "../chunk-O53KW746.js";
-import "../chunk-7PZMJECC.js";
+} from "../chunk-KX2UV5B6.js";
+import "../chunk-AOAPDYO2.js";
+import "../chunk-USNS3YAB.js";
 import {
   mod_exports
-} from "../chunk-JN75UL5C.js";
+} from "../chunk-O4U7NQO4.js";
 import {
   HttpClient
-} from "../chunk-32YBATXQ.js";
+} from "../chunk-WTXWILQE.js";
+import "../chunk-GRCTNUV3.js";
 import {
   LocalStorageClient
-} from "../chunk-PZFEKQ7F.js";
-import {
-  WebSocketClient
-} from "../chunk-UUHVOWVI.js";
+} from "../chunk-LW6IWHDJ.js";
 import "../chunk-MLKGABMK.js";
 export {
   AppsClient,

package/dist/{types-uuvn4oKw.d.ts → types-72HsU7WT.d.ts}

@@ -64,7 +64,6 @@ interface DeleteResult {
  */
 interface ListItem {
     uri: string;
-    type: "file" | "directory";
 }
 /**
  * Options for list operations
@@ -115,6 +114,17 @@ type ValidationFn = (write: {
  * Schema mapping program keys to validation functions
  */
 type Schema = Record<string, ValidationFn>;
+/**
+ * Result of a receive operation
+ */
+interface ReceiveResult {
+    accepted: boolean;
+    error?: string;
+}
+/**
+ * Transaction type (re-exported from node/types.ts)
+ */
+type Transaction<D = unknown> = [uri: string, data: D];
 /**
  * NodeProtocolInterface - The universal interface implemented by all clients
  *
@@ -122,8 +132,8 @@ type Schema = Record<string, ValidationFn>;
  * implement this interface, enabling recursive composition and uniform usage.
  */
 interface NodeProtocolWriteInterface {
-    /** Write data to a URI */
-    write<T = unknown>(uri: string, value: T): Promise<WriteResult<T>>;
+    /** Receive a transaction - the unified entry point for all state changes */
+    receive<D = unknown>(tx: Transaction<D>): Promise<ReceiveResult>;
     /** Delete data at a URI */
     delete(uri: string): Promise<DeleteResult>;
     /** Health status */
@@ -240,7 +250,7 @@ declare class ClientError extends Error {
  */
 interface WebSocketRequest {
     id: string;
-    type: "write" | "read" | "readMulti" | "list" | "delete" | "health" | "getSchema";
+    type: "receive" | "read" | "readMulti" | "list" | "delete" | "health" | "getSchema";
     payload: unknown;
 }
 interface WebSocketResponse {

package/dist/types-CdHovjru.d.ts

@@ -0,0 +1,54 @@
+/**
+ * @module
+ * B3nd Unified Node Type System
+ *
+ * Core types for the unified node architecture where all state changes
+ * flow through a single `receive(tx)` interface.
+ */
+
+/**
+ * Transaction: the minimal primitive
+ *
+ * A tuple of [uri, data]. URIs all the way down.
+ * The URI is the transaction's identity. The data is the transaction's content.
+ *
+ * @example
+ * ```typescript
+ * // A user transaction
+ * const tx: Transaction = ["mutable://users/alice/profile", { name: "Alice" }]
+ *
+ * // A transfer transaction
+ * const tx: Transaction = ["txn://alice/transfer/42", { inputs: [...], outputs: [...] }]
+ * ```
+ */
+type Transaction<D = unknown> = [uri: string, data: D];
+/**
+ * Result of a receive operation
+ */
+interface ReceiveResult {
+    accepted: boolean;
+    error?: string;
+}
+/**
+ * Unified Node interface
+ *
+ * The single entry point for all state changes. Nodes receive transactions
+ * and decide what to do with them based on their configuration.
+ *
+ * @example
+ * ```typescript
+ * const node: Node = createNode({
+ *   read: memoryClient,
+ *   validate: schema(SCHEMA),
+ *   process: store(memoryClient)
+ * })
+ *
+ * const result = await node.receive(["mutable://users/alice", { name: "Alice" }])
+ * ```
+ */
+interface Node {
+    receive<D = unknown>(tx: Transaction<D>): Promise<ReceiveResult>;
+    cleanup(): Promise<void>;
+}
+
+export type { Node as N, ReceiveResult as R, Transaction as T };

package/dist/wallet/mod.d.ts

@@ -1,9 +1,10 @@
 import { A as AuthSession, H as HealthResponse, S as SessionKeypair, U as UserCredentials, P as PasswordResetToken, a as UserPublicKeys, b as ProxyWriteRequest, c as ProxyWriteResponse, d as ProxyReadRequest, e as ProxyReadResponse, f as ProxyReadMultiRequest, g as ProxyReadMultiResponse } from '../client-DHCiJ9I7.js';
 export { l as ApiResponse, C as ChangePasswordResponse, G as GoogleAuthSession, q as GoogleLoginResponse, p as GoogleSignupResponse, L as LoginResponse, k as ProxyReadMultiResultItem, n as PublicKeysResponse, R as RequestPasswordResetResponse, o as ResetPasswordResponse, m as SignupResponse, W as WalletClient, j as WalletClientConfig, i as WalletClientInterface, h as generateSessionKeypair } from '../client-DHCiJ9I7.js';
-import { N as NodeProtocolInterface, S as Schema } from '../types-uuvn4oKw.js';
-import { S as ServerKeys, W as WalletServerCore } from '../core-BGUpkKnP.js';
+import { N as NodeProtocolInterface, S as Schema } from '../types-72HsU7WT.js';
+import { S as ServerKeys, W as WalletServerCore } from '../core-euL00biT.js';
 import { MemoryClient } from '../clients/memory/mod.js';
 import 'hono';
+import '../types-CdHovjru.js';
 
 /**
  * Memory Wallet Client
@@ -59,7 +60,7 @@ interface MemoryWalletClientConfig {
      * const wallet = await MemoryWalletClient.create({ backend });
      *
      * // Both use the same storage
-     * await backend.write("mutable://accounts/...", data);
+     * await backend.receive(["mutable://accounts/...", data]);
      * await wallet.proxyWrite({ uri: "mutable://...", data });
      * ```
      */

package/dist/wallet/mod.js

@@ -4,11 +4,12 @@ import {
   createTestEnvironment,
   generateSessionKeypair,
   generateTestServerKeys
-} from "../chunk-3U3TYM34.js";
-import "../chunk-O53KW746.js";
-import "../chunk-7PZMJECC.js";
-import "../chunk-JN75UL5C.js";
-import "../chunk-32YBATXQ.js";
+} from "../chunk-KX2UV5B6.js";
+import "../chunk-AOAPDYO2.js";
+import "../chunk-USNS3YAB.js";
+import "../chunk-O4U7NQO4.js";
+import "../chunk-WTXWILQE.js";
+import "../chunk-GRCTNUV3.js";
 import "../chunk-MLKGABMK.js";
 export {
   MemoryWalletClient,

package/dist/wallet-server/adapters/browser.d.ts

@@ -1,7 +1,7 @@
-import { F as FileStorage, S as ServerKeys, W as WalletServerCore } from '../../core-BGUpkKnP.js';
-export { C as BrowserEnvironment, M as BrowserMemoryStorage } from '../../core-BGUpkKnP.js';
+import { F as FileStorage, S as ServerKeys, W as WalletServerCore } from '../../core-euL00biT.js';
+export { C as BrowserEnvironment, M as BrowserMemoryStorage } from '../../core-euL00biT.js';
 import 'hono';
-import '../../types-uuvn4oKw.js';
+import '../../types-72HsU7WT.js';
 
 /**
  * Browser Adapter for Wallet Server

package/dist/wallet-server/adapters/browser.js

@@ -2,12 +2,13 @@ import {
   ConfigEnvironment,
   MemoryFileStorage,
   WalletServerCore
-} from "../../chunk-7PZMJECC.js";
-import "../../chunk-JN75UL5C.js";
-import "../../chunk-32YBATXQ.js";
+} from "../../chunk-USNS3YAB.js";
+import "../../chunk-O4U7NQO4.js";
+import "../../chunk-WTXWILQE.js";
+import "../../chunk-GRCTNUV3.js";
 import {
   LocalStorageClient
-} from "../../chunk-PZFEKQ7F.js";
+} from "../../chunk-LW6IWHDJ.js";
 import "../../chunk-MLKGABMK.js";
 
 // wallet-server/adapters/browser.ts

package/dist/wallet-server/mod.d.ts

@@ -1,6 +1,6 @@
-import { P as ProxyWriteRequest, a as ProxyWriteResponse, b as ProxyReadResponse, U as UserKeys, L as Logger, H as HttpFetch } from '../core-BGUpkKnP.js';
-export { A as AppBackendConfig, f as AuthSessionResponse, C as ConfigEnvironment, E as Environment, F as FileStorage, h as HealthResponse, M as MemoryFileStorage, g as PublicKeysResponse, R as ResolvedWalletServerConfig, e as ServerKeyPair, S as ServerKeys, i as ServerKeysResponse, c as WalletServerConfig, W as WalletServerCore, d as WalletServerDeps, j as defaultLogger } from '../core-BGUpkKnP.js';
-import { N as NodeProtocolInterface } from '../types-uuvn4oKw.js';
+import { P as ProxyWriteRequest, a as ProxyWriteResponse, b as ProxyReadResponse, U as UserKeys, L as Logger, H as HttpFetch } from '../core-euL00biT.js';
+export { A as AppBackendConfig, f as AuthSessionResponse, C as ConfigEnvironment, E as Environment, F as FileStorage, h as HealthResponse, M as MemoryFileStorage, g as PublicKeysResponse, R as ResolvedWalletServerConfig, e as ServerKeyPair, S as ServerKeys, i as ServerKeysResponse, c as WalletServerConfig, W as WalletServerCore, d as WalletServerDeps, j as defaultLogger } from '../core-euL00biT.js';
+import { N as NodeProtocolInterface } from '../types-72HsU7WT.js';
 import { S as SignedEncryptedMessage, E as EncryptedPayload } from '../mod-CII9wqu2.js';
 import 'hono';
 

package/dist/wallet-server/mod.js

@@ -34,9 +34,10 @@ import {
   userExists,
   verifyGoogleIdToken,
   verifyJwt
-} from "../chunk-7PZMJECC.js";
-import "../chunk-JN75UL5C.js";
-import "../chunk-32YBATXQ.js";
+} from "../chunk-USNS3YAB.js";
+import "../chunk-O4U7NQO4.js";
+import "../chunk-WTXWILQE.js";
+import "../chunk-GRCTNUV3.js";
 import "../chunk-MLKGABMK.js";
 export {
   ConfigEnvironment,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bandeira-tech/b3nd-web",
-  "version": "0.5.1",
+  "version": "0.5.2",
   "description": "Browser-focused B3nd SDK bundle",
   "type": "module",
   "main": "./dist/src/mod.web.js",
@@ -39,6 +39,10 @@
       "import": "./dist/apps/mod.js",
       "types": "./dist/apps/mod.d.ts"
     },
+    "./blob": {
+      "import": "./dist/blob/mod.js",
+      "types": "./dist/blob/mod.d.ts"
+    },
     "./wallet-server": {
       "import": "./dist/wallet-server/mod.js",
       "types": "./dist/wallet-server/mod.d.ts"
@@ -52,7 +56,7 @@
     "dist"
   ],
   "scripts": {
-    "build": "tsup src/mod.web.ts wallet/mod.ts apps/mod.ts encrypt/mod.ts clients/http/mod.ts clients/local-storage/mod.ts clients/websocket/mod.ts clients/memory/mod.ts wallet-server/mod.ts wallet-server/adapters/browser.ts --dts --format esm --out-dir dist --clean --tsconfig tsconfig.web.json",
+    "build": "tsup src/mod.web.ts wallet/mod.ts apps/mod.ts encrypt/mod.ts blob/mod.ts clients/http/mod.ts clients/local-storage/mod.ts clients/websocket/mod.ts clients/memory/mod.ts wallet-server/mod.ts wallet-server/adapters/browser.ts --dts --format esm --out-dir dist --clean --tsconfig tsconfig.web.json",
     "clean": "rm -rf dist",
     "lint": "deno lint src/",
     "format": "deno fmt src/"