@drakkar.software/starfish-client 3.0.0-alpha.10 → 3.0.0-alpha.12

package/dist/storage/indexeddb.js

@@ -0,0 +1,59 @@
+/**
+ * IndexedDB-based storage adapter for Zustand persistence.
+ * Implements the same interface as Zustand's StateStorage (getItem/setItem/removeItem).
+ * Supports larger data than localStorage (typically 50MB+).
+ */
+function openDB(dbName, storeName) {
+    return new Promise((resolve, reject) => {
+        const request = indexedDB.open(dbName, 1);
+        request.onupgradeneeded = () => {
+            const db = request.result;
+            if (!db.objectStoreNames.contains(storeName)) {
+                db.createObjectStore(storeName);
+            }
+        };
+        request.onsuccess = () => resolve(request.result);
+        request.onerror = () => reject(request.error);
+    });
+}
+function idbRequest(request) {
+    return new Promise((resolve, reject) => {
+        request.onsuccess = () => resolve(request.result);
+        request.onerror = () => reject(request.error);
+    });
+}
+export function createIndexedDBStorage(opts) {
+    const dbName = opts?.dbName ?? "starfish";
+    const storeName = opts?.storeName ?? "state";
+    let dbPromise = null;
+    function getDB() {
+        if (!dbPromise) {
+            dbPromise = openDB(dbName, storeName).catch((err) => {
+                dbPromise = null; // Reset so next call retries
+                throw err;
+            });
+        }
+        return dbPromise;
+    }
+    return {
+        async getItem(name) {
+            const db = await getDB();
+            const tx = db.transaction(storeName, "readonly");
+            const store = tx.objectStore(storeName);
+            const result = await idbRequest(store.get(name));
+            return result ?? null;
+        },
+        async setItem(name, value) {
+            const db = await getDB();
+            const tx = db.transaction(storeName, "readwrite");
+            const store = tx.objectStore(storeName);
+            await idbRequest(store.put(value, name));
+        },
+        async removeItem(name) {
+            const db = await getDB();
+            const tx = db.transaction(storeName, "readwrite");
+            const store = tx.objectStore(storeName);
+            await idbRequest(store.delete(name));
+        },
+    };
+}

package/dist/sync.js

@@ -0,0 +1,181 @@
+import { AUTHOR_PUBKEY_FIELD, AUTHOR_SIGNATURE_FIELD, deepMerge, docAuthorCanonicalInput, getBase64, } from "@drakkar.software/starfish-protocol";
+import { ConflictError } from "./types.js";
+import { stripPushPrefix } from "./client.js";
+import { ValidationError } from "./validate.js";
+export class AbortError extends Error {
+    constructor() {
+        super("SyncManager was aborted");
+        this.name = "AbortError";
+    }
+}
+export class SyncManager {
+    client;
+    pullPath;
+    pushPath;
+    onConflict;
+    maxRetries;
+    encryptor;
+    signer;
+    logger;
+    loggerName;
+    validate;
+    lastHash = null;
+    lastCheckpoint = 0;
+    localData = {};
+    aborted = false;
+    constructor(options) {
+        this.client = options.client;
+        this.pullPath = options.pullPath;
+        this.pushPath = options.pushPath;
+        this.onConflict = options.onConflict ?? deepMerge;
+        this.maxRetries = options.maxRetries ?? 3;
+        this.signer = options.signer;
+        this.logger = options.logger;
+        this.loggerName = options.loggerName ?? options.pullPath.split("/").filter(Boolean).pop() ?? options.pullPath;
+        this.validate = options.validate;
+        this.encryptor = options.encryptor ?? null;
+    }
+    abort() {
+        this.aborted = true;
+    }
+    get isAborted() {
+        return this.aborted;
+    }
+    getData() {
+        return { ...this.localData };
+    }
+    getHash() {
+        return this.lastHash;
+    }
+    /** Set the last-known server hash. Used by persistence layers to restore state across restarts. */
+    setHash(hash) {
+        this.lastHash = hash;
+    }
+    getCheckpoint() {
+        return this.lastCheckpoint;
+    }
+    async pull() {
+        if (this.aborted)
+            throw new AbortError();
+        this.logger?.pullStart(this.loggerName);
+        const start = performance.now();
+        try {
+            // NOTE: `SyncManager.pull` does NOT auto-enable `withKeyring`. Clients
+            // that drive the keyring helpers from `recipients.ts` and want to save
+            // the cold-start round-trip should call `client.pull(path, {withKeyring: true})`
+            // directly. We keep `SyncManager` keyring-agnostic so it stays usable
+            // for collections that don't use delegated encryption.
+            const result = await this.client.pull(this.pullPath, this.lastCheckpoint);
+            if (this.aborted)
+                throw new AbortError();
+            if (this.encryptor) {
+                const decrypted = await this.encryptor.decrypt(result.data);
+                if (this.aborted)
+                    throw new AbortError();
+                this.localData = decrypted;
+                result.data = decrypted;
+            }
+            else if (this.lastCheckpoint > 0) {
+                this.localData = deepMerge(this.localData, result.data);
+                result.data = this.localData;
+            }
+            else {
+                this.localData = result.data;
+            }
+            this.lastHash = result.hash;
+            this.lastCheckpoint = result.timestamp;
+            this.logger?.pullSuccess(this.loggerName, Math.round(performance.now() - start));
+            return result;
+        }
+        catch (err) {
+            this.logger?.pullError(this.loggerName, err instanceof Error ? err.message : String(err));
+            throw err;
+        }
+    }
+    async push(data) {
+        if (this.aborted)
+            throw new AbortError();
+        if (this.validate) {
+            const result = this.validate(data);
+            if (result !== true)
+                throw new ValidationError(result);
+        }
+        this.logger?.pushStart(this.loggerName);
+        const start = performance.now();
+        let attempt = 0;
+        let pendingData = data;
+        while (attempt <= this.maxRetries) {
+            try {
+                const sealed = this.encryptor
+                    ? await this.encryptor.encrypt(pendingData)
+                    : pendingData;
+                if (this.aborted)
+                    throw new AbortError();
+                // v3.0 signer path: sign the document author proof over the doc-author
+                // canonical input (domain-tagged, bound to documentKey) and pass it as
+                // top-level body siblings of `data` (NOT inside `data`), where the server
+                // verifies it and stores the raw author pubkey.
+                let author;
+                if (this.signer) {
+                    const { devEdPubHex, sign } = await this.signer.getSigner();
+                    if (this.aborted)
+                        throw new AbortError();
+                    const documentKey = stripPushPrefix(this.pushPath);
+                    const canonical = docAuthorCanonicalInput(documentKey, sealed);
+                    const sigBytes = await sign(new TextEncoder().encode(canonical));
+                    if (this.aborted)
+                        throw new AbortError();
+                    author = {
+                        [AUTHOR_PUBKEY_FIELD]: devEdPubHex,
+                        [AUTHOR_SIGNATURE_FIELD]: getBase64().encode(sigBytes),
+                    };
+                }
+                const result = await this.client.push(this.pushPath, sealed, this.lastHash, author);
+                if (this.aborted)
+                    throw new AbortError();
+                this.lastHash = result.hash;
+                this.lastCheckpoint = result.timestamp;
+                this.localData = pendingData;
+                this.logger?.pushSuccess(this.loggerName, Math.round(performance.now() - start));
+                return result;
+            }
+            catch (err) {
+                if (err instanceof AbortError)
+                    throw err;
+                if (!(err instanceof ConflictError) || attempt >= this.maxRetries) {
+                    this.logger?.pushError(this.loggerName, err instanceof Error ? err.message : String(err));
+                    throw err;
+                }
+                this.logger?.conflict(this.loggerName, attempt + 1);
+                try {
+                    const remote = await this.client.pull(this.pullPath);
+                    if (this.aborted)
+                        throw new AbortError();
+                    const remoteData = this.encryptor
+                        ? await this.encryptor.decrypt(remote.data)
+                        : remote.data;
+                    if (this.aborted)
+                        throw new AbortError();
+                    this.lastHash = remote.hash;
+                    this.lastCheckpoint = remote.timestamp;
+                    pendingData = this.onConflict(pendingData, remoteData);
+                }
+                catch (resolveErr) {
+                    if (resolveErr instanceof AbortError)
+                        throw resolveErr;
+                    const msg = resolveErr instanceof Error ? resolveErr.message : String(resolveErr);
+                    this.logger?.pushError(this.loggerName, `Conflict resolution failed (attempt ${attempt + 1}): ${msg}`);
+                    throw resolveErr;
+                }
+                await new Promise(resolve => setTimeout(resolve, Math.min(100 * Math.pow(2, attempt), 2000) + Math.random() * 100));
+                attempt++;
+            }
+        }
+        throw new ConflictError();
+    }
+    async update(modifier) {
+        await this.pull();
+        const updated = modifier(this.localData);
+        return this.push(updated);
+    }
+}

package/dist/types.d.ts

@@ -1,4 +1,4 @@
-import type { Alg, CapCert } from "@drakkar.software/starfish-protocol";
+import type { CapCert } from "@drakkar.software/starfish-protocol";
 /** Push conflict error (HTTP 409). */
 export declare class ConflictError extends Error {
     constructor();
@@ -29,19 +29,11 @@ export interface StarfishCapProvider {
      * The client then sends it as `X-Starfish-Pub` so the server can verify the
      * request signature against it and check the cap's `aud` allow-list. Omit
      * `pubHex` for device/member caps (the server uses `cap.sub`).
-     *
-     * `presenterAlg` is the crypto suite of `devEdPrivHex` (the key that signs
-     * the request). It matters only for `audience` caps, where the presenter is
-     * an arbitrary redeemer whose suite is unrelated to the cap's `issAlg`; the
-     * client sends it as `X-Starfish-Alg`. For device/member caps the subject's
-     * suite is taken authoritatively from the verified cert, so this is ignored.
-     * Defaults to `"ed25519"` when omitted.
      */
     getCap(): Promise<{
         cap: CapCert;
         devEdPrivHex: string;
         pubHex?: string;
-        presenterAlg?: Alg;
     }>;
 }
 /** Options for creating a StarfishClient. */

package/dist/types.js

@@ -0,0 +1,18 @@
+/** Push conflict error (HTTP 409). */
+export class ConflictError extends Error {
+    constructor() {
+        super("hash_mismatch");
+        this.name = "ConflictError";
+    }
+}
+/** HTTP error from the Starfish server. */
+export class StarfishHttpError extends Error {
+    status;
+    body;
+    constructor(status, body) {
+        super(`HTTP ${status}: ${body}`);
+        this.status = status;
+        this.body = body;
+        this.name = "StarfishHttpError";
+    }
+}

package/dist/validate.js

@@ -0,0 +1,28 @@
+/** Error thrown when pre-push validation fails. */
+export class ValidationError extends Error {
+    errors;
+    constructor(errors) {
+        super(`Validation failed: ${errors.join("; ")}`);
+        this.errors = errors;
+        this.name = "ValidationError";
+    }
+}
+/**
+ * Creates a validator from a JSON Schema object.
+ * Requires an Ajv-compatible validate function.
+ *
+ * @example
+ * ```ts
+ * import Ajv from "ajv"
+ * const ajv = new Ajv()
+ * const validator = createSchemaValidator(ajv, mySchema)
+ * ```
+ */
+export function createSchemaValidator(ajv, schema) {
+    const validate = ajv.compile(schema);
+    return (data) => {
+        if (validate(data))
+            return true;
+        return [ajv.errorsText(validate.errors)];
+    };
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@drakkar.software/starfish-client",
-  "version": "3.0.0-alpha.10",
+  "version": "3.0.0-alpha.12",
   "repository": {
     "type": "git",
     "url": "https://github.com/Drakkar-Software/starfish.git",
@@ -60,7 +60,7 @@
     }
   },
   "dependencies": {
-    "@drakkar.software/starfish-protocol": "3.0.0-alpha.10"
+    "@drakkar.software/starfish-protocol": "3.0.0-alpha.12"
   },
   "devDependencies": {
     "@legendapp/state": "^2.0.0",