@decentrl/sdk 0.0.1

package/dist/direct-transport.js

@@ -0,0 +1,450 @@
+import { base64Decode, base64Encode, decryptString, deriveSharedSecret, encryptString, generateEncryptedTag, generateIdentityKeys, } from '@decentrl/crypto';
+import { DecentrlEventStore } from '@decentrl/event-store';
+import { generateDirectAuthenticatedMediatorCommand } from '@decentrl/identity/communication-channels/mediator/direct-authenticated/command/command.service';
+import { createCommunicationContractRequest, decryptContractRequest, generateContractId, signCommunicationContract, } from '@decentrl/identity/communication-contract/communication-contract.service';
+import { createDecentrlDidFromKeys } from '@decentrl/identity/did-decentrl/did-decentrl.service';
+import { resolveDid } from '@decentrl/identity/did-resolver/resolver';
+import { resolveMediatorServiceEndpoint } from '@decentrl/identity/mediator/mediator.resolver';
+import axios from 'axios';
+import { DecentrlSDKError } from './errors.js';
+import { deserializeKeys, serializeIdentity } from './identity-serialization.js';
+const DEFAULT_TIMEOUT_MS = 30_000;
+const MEDIATOR_CONTRACT_LIFETIME_SECONDS = 3600 * 24 * 365; // 1 year
+const DEFAULT_CONTRACT_LIFETIME_SECONDS = 3600 * 24; // 24 hours
+export class DirectTransport {
+    identity = null;
+    eventStore = null;
+    activeContracts = [];
+    httpPost;
+    onEphemeralKeysChanged;
+    pendingEphemeralKeys = new Map();
+    knownRootSecrets = new Map(); // contractId → rootSecret (survives refreshContracts)
+    renewalInFlight = new Set();
+    supersededContracts = new Map(); // contractId → supersededAt
+    confirmedNewContracts = new Set(); // contractIds confirmed by counterparty events
+    // Staging set: filled by processContractCleanup(), drained by refreshContracts().
+    // Must call refreshContracts() after cleanup to apply purges.
+    purgedContractIds = new Set();
+    constructor(options) {
+        this.httpPost =
+            options?.httpPost ??
+                ((url, data, opts) => axios.post(url, data, { timeout: opts?.timeout ?? DEFAULT_TIMEOUT_MS }));
+        this.onEphemeralKeysChanged = options?.onEphemeralKeysChanged;
+    }
+    // --- Identity ---
+    async createIdentity(options) {
+        const { alias, mediatorDid } = options;
+        const keys = generateIdentityKeys();
+        const did = createDecentrlDidFromKeys(alias, keys, mediatorDid);
+        const mediatorEndpoint = await resolveMediatorServiceEndpoint(mediatorDid);
+        const { encryptedPayload, ephemeralKeyPair } = await createCommunicationContractRequest(did, mediatorDid, keys, MEDIATOR_CONTRACT_LIFETIME_SECONDS);
+        const registrationCommand = generateDirectAuthenticatedMediatorCommand(did, `${did}#signing`, mediatorDid, {
+            type: 'REQUEST_COMMUNICATION_CONTRACT',
+            encrypted_contract_request: encryptedPayload,
+            requestor_ephemeral_public_key: base64Encode(ephemeralKeyPair.publicKey),
+        }, keys);
+        const response = await this.httpPost(mediatorEndpoint, registrationCommand);
+        if (response.data.type !== 'SUCCESS' ||
+            response.data.code !== 'MEDIATOR_REGISTRATION_SUCCESS') {
+            throw new Error('Failed to register with mediator');
+        }
+        this.identity = {
+            did,
+            alias,
+            mediatorDid,
+            mediatorEndpoint,
+            keys,
+            mediatorContract: response.data.payload.signed_communication_contract,
+        };
+        this.eventStore = null;
+        return serializeIdentity(this.identity);
+    }
+    getIdentity() {
+        return this.identity ? serializeIdentity(this.identity) : null;
+    }
+    loadIdentity(serialized) {
+        this.identity = {
+            did: serialized.did,
+            alias: serialized.alias,
+            mediatorDid: serialized.mediatorDid,
+            mediatorEndpoint: serialized.mediatorEndpoint,
+            keys: deserializeKeys(serialized),
+            mediatorContract: serialized.mediatorContract,
+        };
+        this.eventStore = null;
+    }
+    loadContracts(contracts) {
+        this.activeContracts = [...contracts];
+        for (const c of contracts) {
+            if (c.rootSecret) {
+                this.knownRootSecrets.set(c.id, c.rootSecret);
+            }
+        }
+        this.eventStore = null;
+    }
+    loadEphemeralKeys(keys) {
+        this.pendingEphemeralKeys = new Map(Object.entries(keys));
+    }
+    getEphemeralKeys() {
+        return Object.fromEntries(this.pendingEphemeralKeys);
+    }
+    // --- Events ---
+    async publishEvent(envelope, options) {
+        const eventStore = this.requireEventStore();
+        await eventStore.publishEvent(envelope, {
+            tags: options.tags,
+            recipient: options.recipient,
+            ephemeral: options.ephemeral,
+        });
+    }
+    async processPendingEvents() {
+        const eventStore = this.requireEventStore();
+        return eventStore.processPendingEvents();
+    }
+    async processPreFetchedPendingEvents(rawEvents) {
+        const eventStore = this.requireEventStore();
+        return eventStore.processPreFetchedPendingEvents(rawEvents);
+    }
+    async queryEvents(options) {
+        const eventStore = this.requireEventStore();
+        return eventStore.queryEvents(options);
+    }
+    async updateEventTags(events) {
+        const identity = this.requireIdentity();
+        const encrypted = events.map((e) => ({
+            eventId: e.eventId,
+            encryptedTags: e.tags.map((tag) => generateEncryptedTag(identity.keys.signing.privateKey, tag)),
+        }));
+        const eventStore = this.requireEventStore();
+        await eventStore.updateEventTags(encrypted);
+    }
+    async queryUnprocessedEvents(pagination) {
+        const eventStore = this.requireEventStore();
+        return eventStore.queryUnprocessedEvents(pagination);
+    }
+    // --- Contracts ---
+    async requestContract(recipientDid, expiresIn = DEFAULT_CONTRACT_LIFETIME_SECONDS) {
+        const identity = this.requireIdentity();
+        const { request, ephemeralKeyPair, encryptedPayload } = await createCommunicationContractRequest(identity.did, recipientDid, identity.keys, expiresIn);
+        const ephemeralKeyKey = `${identity.did}|${recipientDid}|${request.communication_contract.timestamp}`;
+        const encryptedEphemeralKey = encryptString(base64Encode(ephemeralKeyPair.privateKey), identity.keys.storageKey);
+        this.pendingEphemeralKeys.set(ephemeralKeyKey, encryptedEphemeralKey);
+        await this.notifyEphemeralKeysChanged();
+        const command = generateDirectAuthenticatedMediatorCommand(identity.did, `${identity.did}#signing`, recipientDid, {
+            type: 'REQUEST_COMMUNICATION_CONTRACT',
+            encrypted_contract_request: encryptedPayload,
+            requestor_ephemeral_public_key: base64Encode(ephemeralKeyPair.publicKey),
+        }, identity.keys);
+        const response = await this.httpPost(identity.mediatorEndpoint, command);
+        if (response.data.type !== 'SUCCESS') {
+            throw new Error('Failed to request communication contract');
+        }
+    }
+    async getPendingContracts() {
+        const identity = this.requireIdentity();
+        const command = generateDirectAuthenticatedMediatorCommand(identity.did, `${identity.did}#signing`, identity.mediatorDid, {
+            type: 'QUERY_PENDING_COMMUNICATION_CONTRACT_REQUESTS',
+            pagination: { page: 0, page_size: 50 },
+        }, identity.keys);
+        const response = await this.httpPost(identity.mediatorEndpoint, command);
+        if (response.data.type !== 'SUCCESS') {
+            throw new Error('Failed to query pending contract requests');
+        }
+        return response.data.payload.pending_communication_contract_requests.map((req) => ({
+            id: req.id,
+            senderDid: req.sender_did,
+            encryptedPayload: req.encrypted_contract_request,
+            requestorEphemeralPublicKey: req.requestor_ephemeral_public_key,
+        }));
+    }
+    async acceptContract(pendingId, encryptedPayload, requestorEphemeralPublicKey) {
+        const identity = this.requireIdentity();
+        const contractRequest = decryptContractRequest(encryptedPayload, identity.keys.encryption.privateKey, requestorEphemeralPublicKey);
+        const acknowledgeCommand = generateDirectAuthenticatedMediatorCommand(identity.did, `${identity.did}#signing`, identity.mediatorDid, {
+            type: 'ACKNOWLEDGE_PENDING_COMMUNICATION_CONTRACT_REQUESTS',
+            communication_contract_ids: [pendingId],
+        }, identity.keys);
+        await this.httpPost(identity.mediatorEndpoint, acknowledgeCommand);
+        const { signedContract, rootSecret } = await signCommunicationContract(contractRequest, identity.keys);
+        const contractId = generateContractId(signedContract.communication_contract);
+        const saveCommand = generateDirectAuthenticatedMediatorCommand(identity.did, `${identity.did}#signing`, identity.mediatorDid, {
+            type: 'SAVE_COMMUNICATION_CONTRACT',
+            signed_communication_contract: signedContract,
+        }, identity.keys);
+        await this.httpPost(identity.mediatorEndpoint, saveCommand);
+        const responseCommand = generateDirectAuthenticatedMediatorCommand(identity.did, `${identity.did}#signing`, contractRequest.communication_contract.requestor_did, {
+            type: 'COMMUNICATION_CONTRACT_RESPONSE',
+            signed_communication_contract: signedContract,
+        }, identity.keys);
+        await this.httpPost(identity.mediatorEndpoint, responseCommand);
+        const participantDid = contractRequest.communication_contract.requestor_did;
+        const participantDoc = await resolveDid(participantDid);
+        const stored = {
+            id: contractId,
+            participantDid,
+            participantAlias: participantDoc?.alias?.[0],
+            signedCommunicationContract: signedContract,
+            rootSecret: base64Encode(rootSecret),
+            createdAt: Date.now(),
+            status: 'active',
+        };
+        this.knownRootSecrets.set(contractId, stored.rootSecret);
+        this.activeContracts = [...this.activeContracts, stored];
+    }
+    async refreshContracts() {
+        const identity = this.requireIdentity();
+        const command = generateDirectAuthenticatedMediatorCommand(identity.did, `${identity.did}#signing`, identity.mediatorDid, {
+            type: 'QUERY_COMMUNICATION_CONTRACTS',
+            filter: {},
+            pagination: { page: 0, page_size: 100 },
+        }, identity.keys);
+        const response = await this.httpPost(identity.mediatorEndpoint, command);
+        if (response.data.type !== 'SUCCESS') {
+            throw new Error('Failed to query communication contracts');
+        }
+        const contracts = [];
+        for (const contract of response.data.payload.communication_contracts) {
+            const signed = contract.signed_communication_contract;
+            const participantDid = signed.communication_contract.requestor_did === identity.did
+                ? signed.communication_contract.recipient_did
+                : signed.communication_contract.requestor_did;
+            const isExpired = signed.communication_contract.expires_at * 1000 < Date.now();
+            const contractId = generateContractId(signed.communication_contract);
+            let rootSecret = '';
+            const existingContract = this.activeContracts.find((c) => c.id === contractId);
+            const knownSecret = this.knownRootSecrets.get(contractId);
+            if (knownSecret) {
+                rootSecret = knownSecret;
+            }
+            else if (existingContract?.rootSecret) {
+                rootSecret = existingContract.rootSecret;
+            }
+            else {
+                const ephemeralKeyKey = `${identity.did}|${participantDid}|${signed.communication_contract.timestamp}`;
+                const encryptedEphemeralKey = this.pendingEphemeralKeys.get(ephemeralKeyKey);
+                if (encryptedEphemeralKey) {
+                    const ephemeralPrivateKeyB64 = decryptString(encryptedEphemeralKey, identity.keys.storageKey);
+                    const ephemeralPrivateKey = base64Decode(ephemeralPrivateKeyB64);
+                    // DH(requestor_ephemeral_private, recipient_ephemeral_public)
+                    const recipientEphemeralPublicKey = signed.communication_contract.recipient_encryption_public_key;
+                    if (recipientEphemeralPublicKey) {
+                        const secret = deriveSharedSecret(ephemeralPrivateKey, base64Decode(recipientEphemeralPublicKey));
+                        rootSecret = base64Encode(secret);
+                        this.knownRootSecrets.set(contractId, rootSecret);
+                        this.pendingEphemeralKeys.delete(ephemeralKeyKey);
+                        await this.notifyEphemeralKeysChanged();
+                    }
+                }
+            }
+            let participantAlias = existingContract?.participantAlias;
+            if (!participantAlias) {
+                const participantDoc = await resolveDid(participantDid);
+                participantAlias = participantDoc?.alias?.[0];
+            }
+            contracts.push({
+                id: contractId,
+                participantDid,
+                participantAlias,
+                signedCommunicationContract: signed,
+                rootSecret,
+                createdAt: Date.now(),
+                status: isExpired ? 'expired' : 'active',
+            });
+        }
+        this.activeContracts = contracts.filter((c) => c.status === 'active' && !this.purgedContractIds.has(c.id));
+        this.purgedContractIds.clear();
+        return contracts;
+    }
+    getActiveContracts() {
+        return this.activeContracts;
+    }
+    async processAutoRenewals(threshold = 0.2) {
+        await this.initiateRenewals(threshold);
+        await this.autoAcceptRenewals();
+    }
+    async initiateRenewals(threshold) {
+        const identity = this.requireIdentity();
+        const now = Date.now();
+        for (const contract of this.activeContracts) {
+            const cc = contract.signedCommunicationContract.communication_contract;
+            const lifetimeMs = (cc.expires_at - cc.timestamp) * 1000;
+            const elapsedMs = now - cc.timestamp * 1000;
+            if (elapsedMs < lifetimeMs * (1 - threshold)) {
+                continue;
+            }
+            // Deterministic initiator: lower DID always sends the renewal request
+            if (identity.did >= contract.participantDid) {
+                continue;
+            }
+            if (this.renewalInFlight.has(contract.participantDid)) {
+                continue;
+            }
+            this.renewalInFlight.add(contract.participantDid);
+            try {
+                const lifetimeSeconds = cc.expires_at - cc.timestamp;
+                await this.requestContract(contract.participantDid, lifetimeSeconds);
+            }
+            catch (err) {
+                console.error('[Decentrl] Auto-renewal request failed:', err);
+            }
+            finally {
+                this.renewalInFlight.delete(contract.participantDid);
+            }
+        }
+    }
+    async autoAcceptRenewals() {
+        const identity = this.requireIdentity();
+        const activeDids = new Map();
+        for (const contract of this.activeContracts) {
+            const existing = activeDids.get(contract.participantDid);
+            if (!existing ||
+                contract.signedCommunicationContract.communication_contract.expires_at >
+                    existing.signedCommunicationContract.communication_contract.expires_at) {
+                activeDids.set(contract.participantDid, contract);
+            }
+        }
+        let pending;
+        try {
+            pending = await this.getPendingContracts();
+        }
+        catch (err) {
+            console.error('[Decentrl] Auto-renewal: failed to fetch pending contracts:', err);
+            return;
+        }
+        for (const req of pending) {
+            const existingContract = activeDids.get(req.senderDid);
+            if (!existingContract) {
+                continue;
+            }
+            try {
+                const decrypted = decryptContractRequest(req.encryptedPayload, identity.keys.encryption.privateKey, req.requestorEphemeralPublicKey);
+                const existingCc = existingContract.signedCommunicationContract.communication_contract;
+                const existingLifetime = existingCc.expires_at - existingCc.timestamp;
+                const newCc = decrypted.communication_contract;
+                const newLifetime = newCc.expires_at - newCc.timestamp;
+                if (existingLifetime !== newLifetime) {
+                    continue;
+                }
+                await this.acceptContract(req.id, req.encryptedPayload, req.requestorEphemeralPublicKey);
+            }
+            catch (err) {
+                console.error('[Decentrl] Auto-renewal accept failed:', err);
+            }
+        }
+    }
+    async processContractCleanup() {
+        const now = Date.now();
+        const CLEANUP_TIMEOUT_MS = 7 * 24 * 60 * 60 * 1000;
+        // Group active contracts by participantDid
+        const byParticipant = new Map();
+        for (const contract of this.activeContracts) {
+            const list = byParticipant.get(contract.participantDid) ?? [];
+            list.push(contract);
+            byParticipant.set(contract.participantDid, list);
+        }
+        const toArchive = [];
+        for (const [, contracts] of byParticipant) {
+            if (contracts.length < 2) {
+                continue;
+            }
+            contracts.sort((a, b) => b.signedCommunicationContract.communication_contract.expires_at -
+                a.signedCommunicationContract.communication_contract.expires_at);
+            const newestId = contracts[0].id;
+            for (let i = 1; i < contracts.length; i++) {
+                const old = contracts[i];
+                if (!this.supersededContracts.has(old.id)) {
+                    this.supersededContracts.set(old.id, now);
+                }
+                const supersededAt = this.supersededContracts.get(old.id);
+                const isTimedOut = now - supersededAt >= CLEANUP_TIMEOUT_MS;
+                const isCounterpartyConfirmed = this.confirmedNewContracts.has(newestId);
+                if (isTimedOut || isCounterpartyConfirmed) {
+                    this.purgedContractIds.add(old.id);
+                    this.supersededContracts.delete(old.id);
+                    toArchive.push({ contract: old, supersededBy: newestId });
+                }
+            }
+        }
+        // Remove purged contracts immediately so getActiveContracts() reflects the change.
+        // refreshContracts() will also filter them (and clear the staging set).
+        if (this.purgedContractIds.size > 0) {
+            this.activeContracts = this.activeContracts.filter((c) => !this.purgedContractIds.has(c.id));
+        }
+        // Publish archived events (best-effort)
+        if (toArchive.length > 0 && this.identity) {
+            const identity = this.identity;
+            for (const { contract, supersededBy } of toArchive) {
+                try {
+                    const cc = contract.signedCommunicationContract.communication_contract;
+                    await this.requireEventStore().publishEvent({
+                        type: 'decentrl.contract.archived',
+                        data: {
+                            contractId: contract.id,
+                            participantDid: contract.participantDid,
+                            participantAlias: contract.participantAlias,
+                            timestamp: cc.timestamp,
+                            expiresAt: cc.expires_at,
+                            supersededAt: now,
+                            supersededBy,
+                        },
+                        meta: {
+                            senderDid: identity.did,
+                            timestamp: now,
+                            eventId: crypto.randomUUID(),
+                        },
+                    }, { tags: ['decentrl.contract.archived'] });
+                }
+                catch (err) {
+                    console.error('[Decentrl] Failed to archive contract:', err);
+                }
+            }
+        }
+    }
+    async getContractHistory() {
+        const eventStore = this.requireEventStore();
+        const result = await eventStore.queryEvents({
+            tags: ['decentrl.contract.archived'],
+        });
+        return result.data
+            .filter((e) => {
+            const d = e.data;
+            return (d != null &&
+                typeof d === 'object' &&
+                'contractId' in d &&
+                'participantDid' in d &&
+                'supersededBy' in d);
+        })
+            .map((e) => e.data);
+    }
+    dispose() {
+        this.eventStore = null;
+    }
+    // --- Internal helpers ---
+    async notifyEphemeralKeysChanged() {
+        await this.onEphemeralKeysChanged?.(Object.fromEntries(this.pendingEphemeralKeys));
+    }
+    requireIdentity() {
+        if (!this.identity) {
+            throw new DecentrlSDKError('Identity not initialized. Call createIdentity() or loadIdentity() first.', 'IDENTITY_NOT_INITIALIZED');
+        }
+        return this.identity;
+    }
+    requireEventStore() {
+        const identity = this.requireIdentity();
+        if (!this.eventStore) {
+            this.eventStore = new DecentrlEventStore({
+                identity: {
+                    did: identity.did,
+                    keys: identity.keys,
+                    mediatorEndpoint: identity.mediatorEndpoint,
+                    mediatorDid: identity.mediatorDid,
+                },
+                communicationContracts: () => this.activeContracts,
+                onContractUsed: (contractId) => {
+                    this.confirmedNewContracts.add(contractId);
+                },
+            });
+        }
+        return this.eventStore;
+    }
+}

package/dist/errors.d.ts

@@ -0,0 +1,7 @@
+export type DecentrlSDKErrorCode = 'IDENTITY_NOT_INITIALIZED' | 'IDENTITY_ALREADY_EXISTS' | 'CONTRACT_NOT_FOUND' | 'SCHEMA_VALIDATION_FAILED' | 'UNKNOWN_EVENT_TYPE' | 'SYNC_FAILED' | 'PUBLISH_FAILED' | 'QUERY_FAILED' | 'QUERY_NOT_SUPPORTED' | 'MEDIATOR_ERROR' | 'NO_TRANSPORT';
+export declare class DecentrlSDKError extends Error {
+    code: DecentrlSDKErrorCode;
+    details?: unknown | undefined;
+    constructor(message: string, code: DecentrlSDKErrorCode, details?: unknown | undefined);
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,oBAAoB,GAC7B,0BAA0B,GAC1B,yBAAyB,GACzB,oBAAoB,GACpB,0BAA0B,GAC1B,oBAAoB,GACpB,aAAa,GACb,gBAAgB,GAChB,cAAc,GACd,qBAAqB,GACrB,gBAAgB,GAChB,cAAc,CAAC;AAElB,qBAAa,gBAAiB,SAAQ,KAAK;IAGlC,IAAI,EAAE,oBAAoB;IAC1B,OAAO,CAAC,EAAE,OAAO;gBAFxB,OAAO,EAAE,MAAM,EACR,IAAI,EAAE,oBAAoB,EAC1B,OAAO,CAAC,EAAE,OAAO,YAAA;CAKzB"}

package/dist/errors.js

@@ -0,0 +1,10 @@
+export class DecentrlSDKError extends Error {
+    code;
+    details;
+    constructor(message, code, details) {
+        super(message);
+        this.code = code;
+        this.details = details;
+        this.name = 'DecentrlSDKError';
+    }
+}

package/dist/event-processor.d.ts

@@ -0,0 +1,19 @@
+import type { StateStore } from './state-store.js';
+import type { EventDefinitions, EventEnvelope, EventMeta, InferState, StateDefinitions } from './types.js';
+export declare class EventProcessor<TEvents extends EventDefinitions, TState extends StateDefinitions<TEvents>> {
+    private eventDefinitions;
+    private stateDefinitions;
+    private stateStore;
+    private processedEventIds;
+    private eventListeners;
+    constructor(eventDefinitions: TEvents, stateDefinitions: TState, stateStore: StateStore<InferState<TState>>);
+    onEvent(listener: (envelope: EventEnvelope) => void): () => void;
+    validate(eventType: string, data: unknown): void;
+    computeTags(eventType: string, data: unknown): string[];
+    computeTagsSafe(eventType: string, data: unknown): string[];
+    buildEnvelope(eventType: string, data: unknown, meta: EventMeta): EventEnvelope;
+    processEvent(envelope: EventEnvelope): boolean;
+    processBatch(envelopes: EventEnvelope[]): number;
+    reset(): void;
+}
+//# sourceMappingURL=event-processor.d.ts.map

package/dist/event-processor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"event-processor.d.ts","sourceRoot":"","sources":["../src/event-processor.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAEnD,OAAO,KAAK,EACX,gBAAgB,EAChB,aAAa,EACb,SAAS,EACT,UAAU,EACV,gBAAgB,EAChB,MAAM,YAAY,CAAC;AAIpB,qBAAa,cAAc,CAC1B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,gBAAgB,CAAC,OAAO,CAAC;IAMvC,OAAO,CAAC,gBAAgB;IACxB,OAAO,CAAC,gBAAgB;IACxB,OAAO,CAAC,UAAU;IANnB,OAAO,CAAC,iBAAiB,CAAqB;IAC9C,OAAO,CAAC,cAAc,CAAgD;gBAG7D,gBAAgB,EAAE,OAAO,EACzB,gBAAgB,EAAE,MAAM,EACxB,UAAU,EAAE,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAGnD,OAAO,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,aAAa,KAAK,IAAI,GAAG,MAAM,IAAI;IAMhE,QAAQ,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,IAAI;IAoBhD,WAAW,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,MAAM,EAAE;IAYvD,eAAe,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,MAAM,EAAE;IAQ3D,aAAa,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,GAAG,aAAa;IAI/E,YAAY,CAAC,QAAQ,EAAE,aAAa,GAAG,OAAO;IAwC9C,YAAY,CAAC,SAAS,EAAE,aAAa,EAAE,GAAG,MAAM;IAYhD,KAAK,IAAI,IAAI;CAIb"}

package/dist/event-processor.js

@@ -0,0 +1,93 @@
+import { DecentrlSDKError } from './errors.js';
+import { evaluateTagTemplates } from './tag-templates.js';
+const MAX_DEDUP_SIZE = 10_000;
+export class EventProcessor {
+    eventDefinitions;
+    stateDefinitions;
+    stateStore;
+    processedEventIds = new Set();
+    eventListeners = new Set();
+    constructor(eventDefinitions, stateDefinitions, stateStore) {
+        this.eventDefinitions = eventDefinitions;
+        this.stateDefinitions = stateDefinitions;
+        this.stateStore = stateStore;
+    }
+    onEvent(listener) {
+        this.eventListeners.add(listener);
+        return () => this.eventListeners.delete(listener);
+    }
+    validate(eventType, data) {
+        const definition = this.eventDefinitions[eventType];
+        if (!definition) {
+            throw new DecentrlSDKError(`Unknown event type: ${eventType}`, 'UNKNOWN_EVENT_TYPE', {
+                eventType,
+            });
+        }
+        const result = definition.schema.safeParse(data);
+        if (!result.success) {
+            throw new DecentrlSDKError(`Schema validation failed for event type "${eventType}": ${result.error.message}`, 'SCHEMA_VALIDATION_FAILED', { eventType, errors: result.error.issues });
+        }
+    }
+    computeTags(eventType, data) {
+        const definition = this.eventDefinitions[eventType];
+        if (!definition) {
+            throw new DecentrlSDKError(`Unknown event type: ${eventType}`, 'UNKNOWN_EVENT_TYPE', {
+                eventType,
+            });
+        }
+        return evaluateTagTemplates(definition.tags, data);
+    }
+    computeTagsSafe(eventType, data) {
+        try {
+            return this.computeTags(eventType, data);
+        }
+        catch {
+            return [];
+        }
+    }
+    buildEnvelope(eventType, data, meta) {
+        return { type: eventType, data, meta };
+    }
+    processEvent(envelope) {
+        const isEphemeral = envelope.meta.ephemeral === true;
+        if (!isEphemeral) {
+            if (this.processedEventIds.has(envelope.meta.eventId)) {
+                return false;
+            }
+            if (this.processedEventIds.size >= MAX_DEDUP_SIZE) {
+                // Set iterates in insertion order — first value is the oldest
+                const oldest = this.processedEventIds.values().next().value;
+                this.processedEventIds.delete(oldest);
+            }
+            this.processedEventIds.add(envelope.meta.eventId);
+        }
+        const currentState = this.stateStore.getState();
+        for (const sliceKey of Object.keys(this.stateDefinitions)) {
+            const sliceDef = this.stateDefinitions[sliceKey];
+            // Dynamic reducer lookup — TS can't prove type safety for runtime event type dispatch
+            const reducer = sliceDef.reduce[envelope.type];
+            if (reducer) {
+                const currentSlice = currentState[sliceKey];
+                const newSlice = reducer(currentSlice, envelope.data, envelope.meta);
+                this.stateStore.setSlice(sliceKey, newSlice);
+            }
+        }
+        for (const listener of this.eventListeners) {
+            listener(envelope);
+        }
+        return true;
+    }
+    processBatch(envelopes) {
+        let newCount = 0;
+        for (const envelope of envelopes) {
+            if (this.processEvent(envelope)) {
+                newCount++;
+            }
+        }
+        return newCount;
+    }
+    reset() {
+        this.processedEventIds.clear();
+        this.eventListeners.clear();
+    }
+}

package/dist/identity-manager.d.ts

@@ -0,0 +1,22 @@
+import type { DecentrlTransport } from './transport.js';
+import type { IdentityState, SerializedIdentity } from './types.js';
+type IdentityChangeListener = (identity: IdentityState | null) => void;
+export declare class IdentityManager {
+    private identity;
+    private listeners;
+    private transport;
+    setTransport(transport: DecentrlTransport): void;
+    getIdentity(): IdentityState | null;
+    requireIdentity(): IdentityState;
+    create(options: {
+        alias: string;
+        mediatorDid: string;
+    }): Promise<IdentityState>;
+    load(serialized: SerializedIdentity): IdentityState;
+    serialize(): SerializedIdentity;
+    reset(): void;
+    onChange(listener: IdentityChangeListener): () => void;
+    private notify;
+}
+export {};
+//# sourceMappingURL=identity-manager.d.ts.map

package/dist/identity-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"identity-manager.d.ts","sourceRoot":"","sources":["../src/identity-manager.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AACxD,OAAO,KAAK,EAAE,aAAa,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAEpE,KAAK,sBAAsB,GAAG,CAAC,QAAQ,EAAE,aAAa,GAAG,IAAI,KAAK,IAAI,CAAC;AAEvE,qBAAa,eAAe;IAC3B,OAAO,CAAC,QAAQ,CAA8B;IAC9C,OAAO,CAAC,SAAS,CAAqC;IACtD,OAAO,CAAC,SAAS,CAAkC;IAEnD,YAAY,CAAC,SAAS,EAAE,iBAAiB,GAAG,IAAI;IAIhD,WAAW,IAAI,aAAa,GAAG,IAAI;IAInC,eAAe,IAAI,aAAa;IAW1B,MAAM,CAAC,OAAO,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,aAAa,CAAC;IAiBrF,IAAI,CAAC,UAAU,EAAE,kBAAkB,GAAG,aAAa;IAkBnD,SAAS,IAAI,kBAAkB;IAM/B,KAAK,IAAI,IAAI;IAKb,QAAQ,CAAC,QAAQ,EAAE,sBAAsB,GAAG,MAAM,IAAI;IAQtD,OAAO,CAAC,MAAM;CAKd"}