@decentnetwork/peer 0.1.8 → 0.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/peer.js +29 -4
- package/package.json +1 -1
package/dist/peer.js
CHANGED
|
@@ -1915,6 +1915,27 @@ export class Peer {
|
|
|
1915
1915
|
.sort((a, b) => this.#nodeScore(`${b.host}:${b.port}`) - this.#nodeScore(`${a.host}:${a.port}`))
|
|
1916
1916
|
.slice(0, MAX_SELF_ANNOUNCE_TARGETS);
|
|
1917
1917
|
const zeroPing = new Uint8Array(32);
|
|
1918
|
+
// Fresh ephemeral keypair for THIS announce sweep. Matches toxcore
|
|
1919
|
+
// onion_client.c::do_announce which uses Onion_Client.temp_*_key
|
|
1920
|
+
// — a per-client ephemeral pair regenerated on each round — as the
|
|
1921
|
+
// announce sender, NOT the real identity key.
|
|
1922
|
+
//
|
|
1923
|
+
// The bug we just hit: before this fix, runSelfAnnounce used
|
|
1924
|
+
// this.#keyPair (real identity) as both senderPublicKey AND
|
|
1925
|
+
// searchPublicKey. Bootstrap nodes reject `isStored=2` when
|
|
1926
|
+
// sender == search because the protocol's slot-allocation assumes
|
|
1927
|
+
// the announcing party can be revoked by knowing the secret of
|
|
1928
|
+
// the sender pubkey; if that's our long-lived identity, every
|
|
1929
|
+
// bootstrap conservatively refuses. Observed in the wild as
|
|
1930
|
+
// selfAnnounceStoredOn=0 across 9 bootstrap nodes on both a
|
|
1931
|
+
// public-IP VPS and a NAT'd Mac — identical zero, not an
|
|
1932
|
+
// environmental issue.
|
|
1933
|
+
//
|
|
1934
|
+
// searchPublicKey stays as our real identity (so peers querying
|
|
1935
|
+
// for our pubkey find this slot). dataPublicKey also stays as
|
|
1936
|
+
// #announceDataKey.publicKey (so peers can encrypt onion-data
|
|
1937
|
+
// requests to us). Only the sender envelope rotates.
|
|
1938
|
+
const announceSender = createEphemeralKeyPair();
|
|
1918
1939
|
const candidates = [];
|
|
1919
1940
|
for (const node of targets) {
|
|
1920
1941
|
if (!node.pk)
|
|
@@ -1954,8 +1975,8 @@ export class Peer {
|
|
|
1954
1975
|
const step1Settled = await Promise.allSettled(wave.map((c) => this.#sendAnnounceAndWait({
|
|
1955
1976
|
node: c.node,
|
|
1956
1977
|
nodePublicKey: c.nodePk,
|
|
1957
|
-
senderPublicKey:
|
|
1958
|
-
senderSecretKey:
|
|
1978
|
+
senderPublicKey: announceSender.publicKey,
|
|
1979
|
+
senderSecretKey: announceSender.secretKey,
|
|
1959
1980
|
pingId: zeroPing,
|
|
1960
1981
|
searchPublicKey: this.#keyPair.publicKey,
|
|
1961
1982
|
dataPublicKey: this.#announceDataKey.publicKey,
|
|
@@ -1978,8 +1999,12 @@ export class Peer {
|
|
|
1978
1999
|
const step2Settled = await Promise.allSettled(step1Hits.map(({ c, resp1 }) => this.#sendAnnounceAndWait({
|
|
1979
2000
|
node: c.node,
|
|
1980
2001
|
nodePublicKey: c.nodePk,
|
|
1981
|
-
|
|
1982
|
-
|
|
2002
|
+
// Step2 MUST be re-encrypted to the bootstrap by the SAME
|
|
2003
|
+
// ephemeral sender that step1 used — bootstrap matches the
|
|
2004
|
+
// ping_id against the sender envelope of the request that
|
|
2005
|
+
// issued it. Use the same announceSender as step1.
|
|
2006
|
+
senderPublicKey: announceSender.publicKey,
|
|
2007
|
+
senderSecretKey: announceSender.secretKey,
|
|
1983
2008
|
pingId: resp1.pingOrDataPublicKey,
|
|
1984
2009
|
searchPublicKey: this.#keyPair.publicKey,
|
|
1985
2010
|
dataPublicKey: this.#announceDataKey.publicKey,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@decentnetwork/peer",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.9",
|
|
4
4
|
"description": "Pure TypeScript port of Elastos Carrier (toxcore-derived) P2P messaging. DHT, onion routing, TCP relay, FlatBuffers app payloads, Express offline relay. Wire-compatible with iOS Beagle and the Carrier C SDK.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|