@bsv/message-box-client 1.4.0 → 1.4.2

package/dist/cjs/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bsv/message-box-client",
-  "version": "1.3.0",
+  "version": "1.4.1",
   "publishConfig": {
     "access": "public"
   },
@@ -64,6 +64,6 @@
   },
   "dependencies": {
     "@bsv/authsocket-client": "^1.0.12",
-    "@bsv/sdk": "^1.8.2"
+    "@bsv/sdk": "^1.8.8"
   }
 }

package/dist/cjs/src/MessageBoxClient.js

@@ -903,6 +903,143 @@ class MessageBoxClient {
             throw new Error(`Failed to send message: ${errorMessage}`);
         }
     }
+    /**
+   * Multi-recipient sender. Uses the multi-quote route to:
+   *  - identify blocked recipients
+   *  - compute per-recipient payment
+   * Then sends to the allowed recipients with payment attached.
+   */
+    async sendMesagetoRecepients(params, overrideHost) {
+        var _a, _b, _c;
+        await this.assertInitialized();
+        const { recipients, messageBox, body, skipEncryption } = params;
+        if (!Array.isArray(recipients) || recipients.length === 0) {
+            throw new Error('You must provide at least one recipient!');
+        }
+        if (!messageBox || messageBox.trim() === '') {
+            throw new Error('You must provide a messageBox to send this message into!');
+        }
+        if (body == null || (typeof body === 'string' && body.trim().length === 0)) {
+            throw new Error('Every message must have a body!');
+        }
+        // 1) Multi-quote for all recipients
+        const quoteResponse = await this.getMessageBoxQuote({
+            recipient: recipients,
+            messageBox
+        }, overrideHost);
+        const quotesByRecipient = Array.isArray(quoteResponse === null || quoteResponse === void 0 ? void 0 : quoteResponse.quotesByRecipient)
+            ? quoteResponse.quotesByRecipient : [];
+        const blocked = ((_a = quoteResponse === null || quoteResponse === void 0 ? void 0 : quoteResponse.blockedRecipients) !== null && _a !== void 0 ? _a : []);
+        const totals = quoteResponse === null || quoteResponse === void 0 ? void 0 : quoteResponse.totals;
+        // 2) Filter allowed recipients
+        const allowedRecipients = recipients.filter(r => !blocked.includes(r));
+        if (allowedRecipients.length === 0) {
+            return {
+                status: 'error',
+                description: `All ${recipients.length} recipients are blocked.`,
+                sent: [],
+                blocked,
+                failed: recipients.map(r => ({ recipient: r, error: 'blocked' })),
+                totals
+            };
+        }
+        // 3) Map recipient -> fees
+        const perRecipientQuotes = new Map();
+        for (const q of quotesByRecipient) {
+            perRecipientQuotes.set(q.recipient, { recipientFee: q.recipientFee, deliveryFee: q.deliveryFee });
+        }
+        // 4) One delivery agent only (batch goes to one server)
+        const { deliveryAgentIdentityKeyByHost } = quoteResponse;
+        if (!deliveryAgentIdentityKeyByHost || Object.keys(deliveryAgentIdentityKeyByHost).length === 0) {
+            throw new Error('Missing delivery agent identity keys in quote response.');
+        }
+        if (Object.keys(deliveryAgentIdentityKeyByHost).length > 1 && !overrideHost) {
+            // To keep the single-POST invariant, we require all recipients to share a host
+            throw new Error('Recipients resolve to multiple hosts. Use overrideHost to force a single server or split by host.');
+        }
+        // pick the host to POST to
+        const finalHost = (overrideHost !== null && overrideHost !== void 0 ? overrideHost : await this.resolveHostForRecipient(allowedRecipients[0])).replace(/\/+$/, '');
+        const singleDeliveryKey = (_b = deliveryAgentIdentityKeyByHost[finalHost]) !== null && _b !== void 0 ? _b : Object.values(deliveryAgentIdentityKeyByHost)[0];
+        if (!singleDeliveryKey) {
+            throw new Error('Could not determine server delivery agent identity key.');
+        }
+        // 5) Identity key (sender)
+        if (!this.myIdentityKey) {
+            const keyResult = await this.walletClient.getPublicKey({ identityKey: true }, this.originator);
+            this.myIdentityKey = keyResult.publicKey;
+        }
+        // 6) Build per-recipient messageIds (HMAC), same order as allowedRecipients
+        const messageIds = [];
+        for (const r of allowedRecipients) {
+            const hmac = await this.walletClient.createHmac({
+                data: Array.from(new TextEncoder().encode(JSON.stringify(body))),
+                protocolID: [1, 'messagebox'],
+                keyID: '1',
+                counterparty: r
+            }, this.originator);
+            const mid = Array.from(hmac.hmac).map(b => b.toString(16).padStart(2, '0')).join('');
+            messageIds.push(mid);
+        }
+        // 7) Body: for batch route the server expects a single shared body
+        // NOTE: If you need per-recipient encryption, we must change the server payload shape.
+        let finalBody;
+        if (skipEncryption === true) {
+            finalBody = typeof body === 'string' ? body : JSON.stringify(body);
+        }
+        else {
+            // safest for now: send plaintext; the recipients can decrypt payload fields client-side if needed
+            finalBody = typeof body === 'string' ? body : JSON.stringify(body);
+        }
+        // 8) ONE batch payment with server output at index 0
+        const paymentData = await this.createMessagePaymentBatch(allowedRecipients, perRecipientQuotes, singleDeliveryKey);
+        // 9) Single POST to /sendMessage with recipients[] + messageId[]
+        const requestBody = {
+            message: {
+                recipients: allowedRecipients,
+                messageBox,
+                messageId: messageIds, // aligned by index with recipients
+                body: finalBody
+            },
+            payment: paymentData
+        };
+        Logger.log('[MB CLIENT] Sending HTTP request to:', `${finalHost}/sendMessage`);
+        Logger.log('[MB CLIENT] Request Body (batch):', JSON.stringify({ ...requestBody, payment: { ...paymentData, tx: '<omitted>' } }, null, 2));
+        try {
+            const response = await this.authFetch.fetch(`${finalHost}/sendMessage`, {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify(requestBody)
+            });
+            const parsed = await response.json().catch(() => ({}));
+            if (!response.ok || parsed.status !== 'success') {
+                const msg = !response.ok ? `HTTP ${response.status} - ${response.statusText}` : ((_c = parsed.description) !== null && _c !== void 0 ? _c : 'Unknown server error');
+                throw new Error(msg);
+            }
+            // server returns { results: [{ recipient, messageId }] }
+            const sent = Array.isArray(parsed.results) ? parsed.results : [];
+            const failed = []; // handled server-side now
+            const status = sent.length === allowedRecipients.length ? 'success'
+                : sent.length > 0 ? 'partial'
+                    : 'error';
+            const description = status === 'success'
+                ? `Sent to ${sent.length} recipients.`
+                : status === 'partial'
+                    ? `Sent to ${sent.length} recipients; ${allowedRecipients.length - sent.length} failed; ${blocked.length} blocked.`
+                    : `Failed to send to ${allowedRecipients.length} allowed recipients. ${blocked.length} blocked.`;
+            return { status, description, sent, blocked, failed, totals };
+        }
+        catch (err) {
+            const msg = err instanceof Error ? err.message : 'Unknown error';
+            return {
+                status: 'error',
+                description: `Batch send failed: ${msg}`,
+                sent: [],
+                blocked,
+                failed: allowedRecipients.map(r => ({ recipient: r, error: msg })),
+                totals
+            };
+        }
+    }
     /**
      * @method anointHost
      * @async
@@ -1561,31 +1698,145 @@ class MessageBoxClient {
      */
     async getMessageBoxQuote(params, overrideHost) {
         var _a;
-        const finalHost = overrideHost !== null && overrideHost !== void 0 ? overrideHost : await this.resolveHostForRecipient(params.recipient);
-        const queryParams = new URLSearchParams({
-            recipient: params.recipient,
-            messageBox: params.messageBox
-        });
-        Logger.log('[MB CLIENT] Getting messageBox quote...');
-        const response = await this.authFetch.fetch(`${finalHost}/permissions/quote?${queryParams.toString()}`, {
-            method: 'GET'
-        });
-        if (!response.ok) {
-            const errorData = await response.json().catch(() => ({}));
-            throw new Error(`Failed to get quote: HTTP ${response.status} - ${(_a = String(errorData.description)) !== null && _a !== void 0 ? _a : response.statusText}`);
-        }
-        const { status, description, quote } = await response.json();
-        if (status === 'error') {
-            throw new Error(description !== null && description !== void 0 ? description : 'Failed to get quote');
-        }
-        const deliveryAgentIdentityKey = response.headers.get('x-bsv-auth-identity-key');
-        if (deliveryAgentIdentityKey == null) {
-            throw new Error('Failed to get quote: Delivery agent did not provide their identity key');
+        // ---------- SINGLE RECIPIENT (back-compat) ----------
+        if (!Array.isArray(params.recipient)) {
+            const finalHost = overrideHost !== null && overrideHost !== void 0 ? overrideHost : await this.resolveHostForRecipient(params.recipient);
+            const queryParams = new URLSearchParams({
+                recipient: params.recipient,
+                messageBox: params.messageBox
+            });
+            Logger.log('[MB CLIENT] Getting messageBox quote (single)...');
+            console.log("HELP IM QUOTING", `${finalHost}/permissions/quote?${queryParams.toString()}`);
+            const response = await this.authFetch.fetch(`${finalHost}/permissions/quote?${queryParams.toString()}`, { method: 'GET' });
+            console.log("server response from getquote]", response);
+            if (!response.ok) {
+                const errorData = await response.json().catch(() => ({}));
+                throw new Error(`Failed to get quote: HTTP ${response.status} - ${(_a = String(errorData.description)) !== null && _a !== void 0 ? _a : response.statusText}`);
+            }
+            const { status, description, quote } = await response.json();
+            if (status === 'error') {
+                throw new Error(description !== null && description !== void 0 ? description : 'Failed to get quote');
+            }
+            const deliveryAgentIdentityKey = response.headers.get('x-bsv-auth-identity-key');
+            console.log("deliveryAgentIdentityKey", deliveryAgentIdentityKey);
+            if (deliveryAgentIdentityKey == null) {
+                throw new Error('Failed to get quote: Delivery agent did not provide their identity key');
+            }
+            return {
+                recipientFee: quote.recipientFee,
+                deliveryFee: quote.deliveryFee,
+                deliveryAgentIdentityKey
+            };
         }
+        // ---------- MULTI RECIPIENTS ----------
+        const recipients = params.recipient;
+        if (recipients.length === 0) {
+            throw new Error('At least one recipient is required.');
+        }
+        Logger.log('[MB CLIENT] Getting messageBox quotes (multi)...');
+        console.log("[MB CLIENT] Getting messageBox quotes (multi)...");
+        // Resolve host per recipient (unless caller forces overrideHost)
+        // Group recipients by host so we call each overlay once.
+        const hostGroups = new Map();
+        for (const r of recipients) {
+            const host = overrideHost !== null && overrideHost !== void 0 ? overrideHost : await this.resolveHostForRecipient(r);
+            const list = hostGroups.get(host);
+            if (list)
+                list.push(r);
+            else
+                hostGroups.set(host, [r]);
+        }
+        const deliveryAgentIdentityKeyByHost = {};
+        const quotesByRecipient = [];
+        const blockedRecipients = [];
+        let totalDeliveryFees = 0;
+        let totalRecipientFees = 0;
+        // Helper to fetch one host group
+        const fetchGroup = async (host, groupRecipients) => {
+            var _a;
+            const qp = new URLSearchParams();
+            for (const r of groupRecipients)
+                qp.append('recipient', r);
+            qp.set('messageBox', params.messageBox);
+            const url = `${host}/permissions/quote?${qp.toString()}`;
+            Logger.log('[MB CLIENT] Multi-quote GET:', url);
+            const resp = await this.authFetch.fetch(url, { method: 'GET' });
+            if (!resp.ok) {
+                const errorData = await resp.json().catch(() => ({}));
+                throw new Error(`Failed to get quote (host ${host}): HTTP ${resp.status} - ${(_a = String(errorData.description)) !== null && _a !== void 0 ? _a : resp.statusText}`);
+            }
+            const deliveryAgentKey = resp.headers.get('x-bsv-auth-identity-key');
+            if (!deliveryAgentKey) {
+                throw new Error(`Failed to get quote (host ${host}): missing delivery agent identity key`);
+            }
+            deliveryAgentIdentityKeyByHost[host] = deliveryAgentKey;
+            const payload = await resp.json();
+            // Server supports both shapes. For multi we expect:
+            //  { quotesByRecipient, totals, blockedRecipients }
+            if (Array.isArray(payload === null || payload === void 0 ? void 0 : payload.quotesByRecipient)) {
+                // merge quotes
+                for (const q of payload.quotesByRecipient) {
+                    quotesByRecipient.push({
+                        recipient: q.recipient,
+                        messageBox: q.messageBox,
+                        deliveryFee: q.deliveryFee,
+                        recipientFee: q.recipientFee,
+                        status: q.status
+                    });
+                    // aggregate client-side totals as well (in case we hit multiple hosts)
+                    totalDeliveryFees += q.deliveryFee;
+                    if (q.recipientFee === -1) {
+                        if (!blockedRecipients.includes(q.recipient))
+                            blockedRecipients.push(q.recipient);
+                    }
+                    else {
+                        totalRecipientFees += q.recipientFee;
+                    }
+                }
+                // Also merge server totals if present (they are per-host); we already aggregated above,
+                // so we don’t need to use payload.totals except for sanity/logging.
+                if (Array.isArray(payload === null || payload === void 0 ? void 0 : payload.blockedRecipients)) {
+                    for (const br of payload.blockedRecipients) {
+                        if (!blockedRecipients.includes(br))
+                            blockedRecipients.push(br);
+                    }
+                }
+            }
+            else if (payload === null || payload === void 0 ? void 0 : payload.quote) {
+                // Defensive: if an overlay still returns single-quote shape for multi (shouldn’t),
+                // we map it to each recipient in the group uniformly.
+                for (const r of groupRecipients) {
+                    const { deliveryFee, recipientFee } = payload.quote;
+                    const status = recipientFee === -1 ? 'blocked' : recipientFee === 0 ? 'always_allow' : 'payment_required';
+                    quotesByRecipient.push({
+                        recipient: r,
+                        messageBox: params.messageBox,
+                        deliveryFee,
+                        recipientFee,
+                        status
+                    });
+                    totalDeliveryFees += deliveryFee;
+                    if (recipientFee === -1)
+                        blockedRecipients.push(r);
+                    else
+                        totalRecipientFees += recipientFee;
+                }
+            }
+            else {
+                throw new Error(`Unexpected quote response shape from host ${host}`);
+            }
+        };
+        // Run all host groups (in parallel, but you can limit if needed)
+        await Promise.all(Array.from(hostGroups.entries()).map(([host, group]) => fetchGroup(host, group)));
         return {
-            recipientFee: quote.recipientFee,
-            deliveryFee: quote.deliveryFee,
-            deliveryAgentIdentityKey
+            quotesByRecipient,
+            totals: {
+                deliveryFees: totalDeliveryFees,
+                recipientFees: totalRecipientFees,
+                totalForPayableRecipients: totalDeliveryFees + totalRecipientFees
+            },
+            blockedRecipients,
+            deliveryAgentIdentityKeyByHost
         };
     }
     /**
@@ -1742,13 +1993,20 @@ class MessageBoxClient {
      */
     async sendNotification(recipient, body, overrideHost) {
         await this.assertInitialized();
-        // Use sendMessage with permission checking enabled
-        // This eliminates duplication of quote fetching and payment logic
-        return await this.sendMessage({
-            recipient,
+        // Single recipient → keep original flow
+        if (!Array.isArray(recipient)) {
+            return await this.sendMessage({
+                recipient,
+                messageBox: 'notifications',
+                body,
+                checkPermissions: true
+            }, overrideHost);
+        }
+        // Multiple recipients → new flow
+        return await this.sendMesagetoRecepients({
+            recipients: recipient,
             messageBox: 'notifications',
-            body,
-            checkPermissions: true
+            body
         }, overrideHost);
     }
     /**
@@ -1895,6 +2153,7 @@ class MessageBoxClient {
             const derivationPrefix = sdk_1.Utils.toBase64((0, sdk_1.Random)(32));
             const derivationSuffix = sdk_1.Utils.toBase64((0, sdk_1.Random)(32));
             // Get host's derived public key
+            console.log('delivery agent:', quote.deliveryAgentIdentityKey);
             const { publicKey: derivedKeyResult } = await this.walletClient.getPublicKey({
                 protocolID: [2, '3241645161d8'],
                 keyID: `${derivationPrefix} ${derivationSuffix}`,
@@ -1975,6 +2234,89 @@ class MessageBoxClient {
             // labels
         };
     }
+    async createMessagePaymentBatch(recipients, perRecipientQuotes, 
+    // server (delivery agent) identity key to pay the delivery fee to
+    serverIdentityKey, description = 'MessageBox delivery payment (batch)') {
+        var _a;
+        const outputs = [];
+        const createActionOutputs = [];
+        // figure out the per-request delivery fee (take it from any quoted recipient)
+        const deliveryFeeOnce = (_a = recipients.reduce((acc, r) => {
+            const q = perRecipientQuotes.get(r);
+            return q ? (acc !== null && acc !== void 0 ? acc : q.deliveryFee) : acc;
+        }, undefined)) !== null && _a !== void 0 ? _a : 0;
+        const senderIdentityKey = await this.getIdentityKey();
+        let outputIndex = 0;
+        // index 0: server delivery fee (if any)
+        if (deliveryFeeOnce > 0) {
+            const derivationPrefix = sdk_1.Utils.toBase64((0, sdk_1.Random)(32));
+            const derivationSuffix = sdk_1.Utils.toBase64((0, sdk_1.Random)(32));
+            const { publicKey: agentDerived } = await this.walletClient.getPublicKey({
+                protocolID: [2, '3241645161d8'],
+                keyID: `${derivationPrefix} ${derivationSuffix}`,
+                counterparty: serverIdentityKey
+            }, this.originator);
+            const lockingScript = new sdk_1.P2PKH().lock(sdk_1.PublicKey.fromString(agentDerived).toAddress()).toHex();
+            createActionOutputs.push({
+                satoshis: deliveryFeeOnce,
+                lockingScript,
+                outputDescription: 'MessageBox server delivery fee (batch)',
+                customInstructions: JSON.stringify({
+                    derivationPrefix,
+                    derivationSuffix,
+                    recipientIdentityKey: serverIdentityKey
+                })
+            });
+            outputs.push({
+                outputIndex: outputIndex++,
+                protocol: 'wallet payment',
+                paymentRemittance: { derivationPrefix, derivationSuffix, senderIdentityKey }
+            });
+        }
+        // recipient outputs start at index 1 (or 0 if no delivery fee)
+        const anyoneWallet = new sdk_1.ProtoWallet('anyone');
+        const anyoneIdKey = (await anyoneWallet.getPublicKey({ identityKey: true })).publicKey;
+        for (const r of recipients) {
+            const q = perRecipientQuotes.get(r);
+            if (!q || q.recipientFee <= 0)
+                continue;
+            const derivationPrefix = sdk_1.Utils.toBase64((0, sdk_1.Random)(32));
+            const derivationSuffix = sdk_1.Utils.toBase64((0, sdk_1.Random)(32));
+            const { publicKey: recipientDerived } = await anyoneWallet.getPublicKey({
+                protocolID: [2, '3241645161d8'],
+                keyID: `${derivationPrefix} ${derivationSuffix}`,
+                counterparty: r
+            });
+            const lockingScript = new sdk_1.P2PKH().lock(sdk_1.PublicKey.fromString(recipientDerived).toAddress()).toHex();
+            createActionOutputs.push({
+                satoshis: q.recipientFee,
+                lockingScript,
+                outputDescription: `Recipient message fee (${r.slice(0, 8)}…)`,
+                customInstructions: JSON.stringify({
+                    derivationPrefix,
+                    derivationSuffix,
+                    recipientIdentityKey: r
+                })
+            });
+            outputs.push({
+                outputIndex: outputIndex++,
+                protocol: 'wallet payment',
+                paymentRemittance: {
+                    derivationPrefix,
+                    derivationSuffix,
+                    senderIdentityKey: anyoneIdKey
+                }
+            });
+        }
+        const { tx } = await this.walletClient.createAction({
+            description,
+            outputs: createActionOutputs,
+            options: { randomizeOutputs: false, acceptDelayedBroadcast: false }
+        }, this.originator);
+        if (!tx)
+            throw new Error('Failed to create payment transaction');
+        return { tx, outputs, description };
+    }
 }
 exports.MessageBoxClient = MessageBoxClient;
 //# sourceMappingURL=MessageBoxClient.js.map