@drakkar.software/starfish-client 3.0.0-alpha.2 → 3.0.0-alpha.5

package/dist/keyring.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Phase-2 transitional shim. The implementation lives in
+ * `@drakkar.software/starfish-keyring`. This file is removed in Phase 3.
+ */
+export { KEYRING_WRAP_SALT, KEYRING_WRAP_INFO, KEYRING_IV_BYTES, wrapForRecipient, unwrapFromEntry, verifyEntrySignature, createKeyring, addRecipient, rotateEpoch, createKeyringEncryptor, } from "@drakkar.software/starfish-keyring";
+export type { WrappedKeyEntry, KeyringEpoch, Keyring, KeyringEncryptor, } from "@drakkar.software/starfish-keyring";

package/dist/keyring.js

@@ -0,0 +1,26 @@
+// src/keyring.ts
+import {
+  KEYRING_WRAP_SALT,
+  KEYRING_WRAP_INFO,
+  KEYRING_IV_BYTES,
+  wrapForRecipient,
+  unwrapFromEntry,
+  verifyEntrySignature,
+  createKeyring,
+  addRecipient,
+  rotateEpoch,
+  createKeyringEncryptor
+} from "@drakkar.software/starfish-keyring";
+export {
+  KEYRING_IV_BYTES,
+  KEYRING_WRAP_INFO,
+  KEYRING_WRAP_SALT,
+  addRecipient,
+  createKeyring,
+  createKeyringEncryptor,
+  rotateEpoch,
+  unwrapFromEntry,
+  verifyEntrySignature,
+  wrapForRecipient
+};
+//# sourceMappingURL=keyring.js.map

package/dist/keyring.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../src/keyring.ts"],
+  "sourcesContent": ["/**\n * Phase-2 transitional shim. The implementation lives in\n * `@drakkar.software/starfish-keyring`. This file is removed in Phase 3.\n */\nexport {\n  KEYRING_WRAP_SALT,\n  KEYRING_WRAP_INFO,\n  KEYRING_IV_BYTES,\n  wrapForRecipient,\n  unwrapFromEntry,\n  verifyEntrySignature,\n  createKeyring,\n  addRecipient,\n  rotateEpoch,\n  createKeyringEncryptor,\n} from \"@drakkar.software/starfish-keyring\"\nexport type {\n  WrappedKeyEntry,\n  KeyringEpoch,\n  Keyring,\n  KeyringEncryptor,\n} from \"@drakkar.software/starfish-keyring\"\n"],
+  "mappings": ";AAIA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;",
+  "names": []
+}

package/dist/pairing.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Phase-2 transitional shim. The implementation lives in
+ * `@drakkar.software/starfish-identities`. Removed in Phase 3.
+ */
+export { bootstrapRootIdentity, buildPairingQr, parsePairingQr, assemblePairingBundle, installPairingBundle, deriveCodeKey, buildPairingRequest, readPairingRequest, buildPairingResponse, readPairingResponse, } from "@drakkar.software/starfish-identities";
+export type { DeviceCredentials, PairingQrPayload, PairingBundle, WrappedCekEntry, InstalledPairingResult, AssemblePairingBundleOpts, PairingRequestEncrypted, PairingResponseEncrypted, } from "@drakkar.software/starfish-identities";

package/dist/pairing.js

@@ -0,0 +1,26 @@
+// src/pairing.ts
+import {
+  bootstrapRootIdentity,
+  buildPairingQr,
+  parsePairingQr,
+  assemblePairingBundle,
+  installPairingBundle,
+  deriveCodeKey,
+  buildPairingRequest,
+  readPairingRequest,
+  buildPairingResponse,
+  readPairingResponse
+} from "@drakkar.software/starfish-identities";
+export {
+  assemblePairingBundle,
+  bootstrapRootIdentity,
+  buildPairingQr,
+  buildPairingRequest,
+  buildPairingResponse,
+  deriveCodeKey,
+  installPairingBundle,
+  parsePairingQr,
+  readPairingRequest,
+  readPairingResponse
+};
+//# sourceMappingURL=pairing.js.map

package/dist/pairing.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../src/pairing.ts"],
+  "sourcesContent": ["/**\n * Phase-2 transitional shim. The implementation lives in\n * `@drakkar.software/starfish-identities`. Removed in Phase 3.\n */\nexport {\n  bootstrapRootIdentity,\n  buildPairingQr,\n  parsePairingQr,\n  assemblePairingBundle,\n  installPairingBundle,\n  deriveCodeKey,\n  buildPairingRequest,\n  readPairingRequest,\n  buildPairingResponse,\n  readPairingResponse,\n} from \"@drakkar.software/starfish-identities\"\nexport type {\n  DeviceCredentials,\n  PairingQrPayload,\n  PairingBundle,\n  WrappedCekEntry,\n  InstalledPairingResult,\n  AssemblePairingBundleOpts,\n  PairingRequestEncrypted,\n  PairingResponseEncrypted,\n} from \"@drakkar.software/starfish-identities\"\n"],
+  "mappings": ";AAIA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;",
+  "names": []
+}

package/dist/recipients.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Phase-2 transitional shim. The implementation lives in
+ * `@drakkar.software/starfish-keyring`. This file is removed in Phase 3.
+ */
+export { keyringPathFor, addCollectionRecipient, removeRecipient, listRecipients, currentEpoch, } from "@drakkar.software/starfish-keyring";
+export type { RecipientRef, AdderKeys, ListedRecipient, } from "@drakkar.software/starfish-keyring";

package/dist/recipients.js

@@ -0,0 +1,16 @@
+// src/recipients.ts
+import {
+  keyringPathFor,
+  addCollectionRecipient,
+  removeRecipient,
+  listRecipients,
+  currentEpoch
+} from "@drakkar.software/starfish-keyring";
+export {
+  addCollectionRecipient,
+  currentEpoch,
+  keyringPathFor,
+  listRecipients,
+  removeRecipient
+};
+//# sourceMappingURL=recipients.js.map

package/dist/recipients.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../src/recipients.ts"],
+  "sourcesContent": ["/**\n * Phase-2 transitional shim. The implementation lives in\n * `@drakkar.software/starfish-keyring`. This file is removed in Phase 3.\n */\nexport {\n  keyringPathFor,\n  addCollectionRecipient,\n  removeRecipient,\n  listRecipients,\n  currentEpoch,\n} from \"@drakkar.software/starfish-keyring\"\nexport type {\n  RecipientRef,\n  AdderKeys,\n  ListedRecipient,\n} from \"@drakkar.software/starfish-keyring\"\n"],
+  "mappings": ";AAIA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;",
+  "names": []
+}

package/dist/types.d.ts

@@ -1,4 +1,4 @@
-import type { CapCert } from "@drakkar.software/starfish-protocol";
+import type { Alg, CapCert } from "@drakkar.software/starfish-protocol";
 /** Push conflict error (HTTP 409). */
 export declare class ConflictError extends Error {
     constructor();
@@ -29,17 +29,44 @@ export interface StarfishCapProvider {
      * The client then sends it as `X-Starfish-Pub` so the server can verify the
      * request signature against it and check the cap's `aud` allow-list. Omit
      * `pubHex` for device/member caps (the server uses `cap.sub`).
+     *
+     * `presenterAlg` is the crypto suite of `devEdPrivHex` (the key that signs
+     * the request). It matters only for `audience` caps, where the presenter is
+     * an arbitrary redeemer whose suite is unrelated to the cap's `issAlg`; the
+     * client sends it as `X-Starfish-Alg`. For device/member caps the subject's
+     * suite is taken authoritatively from the verified cert, so this is ignored.
+     * Defaults to `"ed25519"` when omitted.
      */
     getCap(): Promise<{
         cap: CapCert;
         devEdPrivHex: string;
         pubHex?: string;
+        presenterAlg?: Alg;
     }>;
 }
 /** Options for creating a StarfishClient. */
 export interface StarfishClientOptions {
     /** Base URL of the Starfish server (e.g. "https://api.example.com/v1"). */
     baseUrl: string;
+    /**
+     * Optional namespace for a namespace-mounted server. When set, every request
+     * path `/{action}/…` is rewritten to `/v1/{namespace}/{action}/…` for BOTH the
+     * URL the client hits AND the canonical path it signs, so the signature the
+     * server reconstructs from the namespaced URL verifies (no rewrite layer
+     * needed). Mirrors the Python client's `namespace` parameter.
+     *
+     * Crucially this also rewrites the paths that namespace-unaware SDK helpers
+     * build internally (e.g. `starfish-keyring`'s `addCollectionRecipient`, blob
+     * uploads), so consumers no longer hand-prefix paths or wrap the client to
+     * reach a namespaced deployment. Leave unset (default) for a root-mounted
+     * server — paths pass through unchanged, byte-identical to before.
+     *
+     * Pass the bare namespace name (e.g. `"octochat"`); `baseUrl` then carries only
+     * the origin (and any reverse-proxy mount the proxy strips), not the `/v1`
+     * version segment. Must match `[A-Za-z0-9_-]+` and not be a reserved route name
+     * (`pull`, `push`, `health`, `batch`).
+     */
+    namespace?: string;
     /**
      * Cap-cert provider. When set, requests are signed with Ed25519 and carry
      * `Authorization: Cap <…>`. Omit for unauthenticated public-read collections.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@drakkar.software/starfish-client",
-  "version": "3.0.0-alpha.2",
+  "version": "3.0.0-alpha.5",
   "repository": {
     "type": "git",
     "url": "https://github.com/Drakkar-Software/starfish.git",
@@ -60,7 +60,7 @@
     }
   },
   "dependencies": {
-    "@drakkar.software/starfish-protocol": "3.0.0-alpha.2"
+    "@drakkar.software/starfish-protocol": "3.0.0-alpha.5"
   },
   "devDependencies": {
     "@legendapp/state": "^2.0.0",

package/dist/append.d.ts

@@ -1,50 +0,0 @@
-import type { StarfishClient } from "./client.js";
-import type { PushSuccess } from "@drakkar.software/starfish-protocol";
-/**
- * Appends `item` to an append-only collection.
- *
- * Sends `{ data: item, baseHash: null }` — the server ignores `baseHash` for
- * append-only collections (conflict detection is disabled or delegated to
- * `checkLastItem` on the server side).
- *
- * ```ts
- * await pushAppend(client, "/push/events", { type: "click", ts: Date.now() })
- * ```
- */
-export declare function pushAppend(client: StarfishClient, path: string, item: Record<string, unknown>): Promise<PushSuccess>;
-export interface PullAppendListOptions {
-    /** Array field name. Defaults to `"items"` (server default). */
-    field?: string;
-    /**
-     * Return only items appended after this timestamp (milliseconds since epoch).
-     * Sent as `?checkpoint=<since>`. Omit for a full pull.
-     */
-    since?: number;
-    /**
-     * Return only the last K items. Applied after the `since` filter.
-     * Useful for "latest N entries" queries without a tracked checkpoint.
-     * Sent as `?last=<K>`.
-     */
-    last?: number;
-}
-/**
- * Pulls the stored item array from an append-only collection.
- *
- * Returns `data[field]` filtered to an array; returns `[]` when the document
- * does not exist yet or the field is absent / not an array.
- *
- * Pass `{ since: ts }` for incremental pulls — only items appended after `ts`
- * are returned (requires per-item timestamps on the server, available from 2.0.0).
- *
- * ```ts
- * // Full pull
- * const events = await pullAppendList(client, "/pull/events")
- *
- * // Incremental pull
- * const newEvents = await pullAppendList(client, "/pull/events", { since: lastSyncTs })
- *
- * // Custom field name
- * const logs = await pullAppendList(client, "/pull/audit", { field: "logs" })
- * ```
- */
-export declare function pullAppendList<T = unknown>(client: StarfishClient, path: string, options?: PullAppendListOptions): Promise<T[]>;

package/dist/background-sync.js

@@ -1,29 +0,0 @@
-/**
- * Background Sync API integration for pending changes.
- * Uses the Web Background Sync API to retry failed sync operations
- * when connectivity is restored, even if the app is closed.
- */
-/** Check if the Background Sync API is supported in the current environment. */
-export function isBackgroundSyncSupported() {
-    return (typeof navigator !== "undefined" &&
-        "serviceWorker" in navigator &&
-        "SyncManager" in globalThis);
-}
-/**
- * Register a background sync event with the active service worker.
- * Returns true if registration succeeded, false if not supported or no active SW.
- */
-export async function registerBackgroundSync(opts) {
-    if (!isBackgroundSyncSupported())
-        return false;
-    const tag = opts?.tag ?? "starfish-sync";
-    try {
-        const registration = await navigator.serviceWorker.ready;
-        // @ts-expect-error - SyncManager types may not be available
-        await registration.sync.register(tag);
-        return true;
-    }
-    catch {
-        return false;
-    }
-}

package/dist/bindings/broadcast.d.ts

@@ -1,19 +0,0 @@
-import type { StoreApi } from "zustand/vanilla";
-import type { StarfishStore } from "./zustand.js";
-/**
- * Syncs a Zustand Starfish store across browser tabs using BroadcastChannel.
- * Returns a cleanup function that closes the channel.
- */
-export declare function setupBroadcastSync(store: StoreApi<StarfishStore>, name: string): () => void;
-/**
- * Syncs a Zustand Starfish store across browser tabs using storage events.
- * Fallback for environments without BroadcastChannel.
- * Returns a cleanup function.
- */
-export declare function setupStorageFallback(store: StoreApi<StarfishStore>, name: string): () => void;
-/**
- * Auto-detects the best cross-tab sync mechanism and sets it up.
- * Uses BroadcastChannel when available, falls back to storage events.
- * Returns a cleanup function.
- */
-export declare function setupCrossTabSync(store: StoreApi<StarfishStore>, name: string): () => void;

package/dist/bindings/broadcast.js

@@ -1,65 +0,0 @@
-/**
- * Syncs a Zustand Starfish store across browser tabs using BroadcastChannel.
- * Returns a cleanup function that closes the channel.
- */
-export function setupBroadcastSync(store, name) {
-    const channel = new BroadcastChannel(`starfish-${name}`);
-    let lastReceivedData = null;
-    channel.onmessage = (event) => {
-        lastReceivedData = event.data.data;
-        store.setState({ data: event.data.data, dirty: event.data.dirty });
-    };
-    const unsub = store.subscribe((state, prev) => {
-        if (state.data === lastReceivedData)
-            return;
-        if (state.data !== prev.data || state.dirty !== prev.dirty) {
-            channel.postMessage({ data: state.data, dirty: state.dirty });
-        }
-    });
-    return () => {
-        unsub();
-        channel.close();
-    };
-}
-/**
- * Syncs a Zustand Starfish store across browser tabs using storage events.
- * Fallback for environments without BroadcastChannel.
- * Returns a cleanup function.
- */
-export function setupStorageFallback(store, name) {
-    const storageKey = `starfish-broadcast-${name}`;
-    let lastReceivedData = null;
-    const onStorage = (e) => {
-        if (e.key !== storageKey || !e.newValue)
-            return;
-        const payload = JSON.parse(e.newValue);
-        lastReceivedData = payload.data;
-        store.setState({ data: payload.data, dirty: payload.dirty });
-    };
-    globalThis.addEventListener("storage", onStorage);
-    const unsub = store.subscribe((state, prev) => {
-        if (state.data === lastReceivedData)
-            return;
-        if (state.data !== prev.data || state.dirty !== prev.dirty) {
-            localStorage.setItem(storageKey, JSON.stringify({ data: state.data, dirty: state.dirty }));
-        }
-    });
-    return () => {
-        unsub();
-        globalThis.removeEventListener("storage", onStorage);
-    };
-}
-/**
- * Auto-detects the best cross-tab sync mechanism and sets it up.
- * Uses BroadcastChannel when available, falls back to storage events.
- * Returns a cleanup function.
- */
-export function setupCrossTabSync(store, name) {
-    if (typeof BroadcastChannel !== "undefined") {
-        return setupBroadcastSync(store, name);
-    }
-    if (typeof globalThis.addEventListener === "function" && typeof localStorage !== "undefined") {
-        return setupStorageFallback(store, name);
-    }
-    return () => { };
-}

package/dist/bindings/react.d.ts

@@ -1,12 +0,0 @@
-import type { StoreApi } from "zustand/vanilla";
-import type { StarfishStore, StarfishState } from "./zustand.js";
-/** Derived sync status for UI display. */
-export type SyncStatus = "synced" | "syncing" | "pending" | "error" | "offline";
-/** Derive a single sync status from store state. */
-export declare function deriveSyncStatus(state: StarfishState): SyncStatus;
-/** Use the full Starfish store state and actions. */
-export declare function useStarfish(store: StoreApi<StarfishStore>): StarfishStore;
-/** Use only the synced data, with an optional selector for fine-grained subscriptions. */
-export declare function useStarfishData<T = Record<string, unknown>>(store: StoreApi<StarfishStore>, selector?: (data: Record<string, unknown>) => T): T;
-/** Use the derived sync status (synced | syncing | pending | error | offline). */
-export declare function useSyncStatus(store: StoreApi<StarfishStore>): SyncStatus;

package/dist/bindings/react.js

@@ -1,25 +0,0 @@
-import { useStore } from "zustand";
-/** Derive a single sync status from store state. */
-export function deriveSyncStatus(state) {
-    if (!state.online)
-        return "offline";
-    if (state.error)
-        return "error";
-    if (state.syncing)
-        return "syncing";
-    if (state.dirty)
-        return "pending";
-    return "synced";
-}
-/** Use the full Starfish store state and actions. */
-export function useStarfish(store) {
-    return useStore(store);
-}
-/** Use only the synced data, with an optional selector for fine-grained subscriptions. */
-export function useStarfishData(store, selector) {
-    return useStore(store, (state) => selector ? selector(state.data) : state.data);
-}
-/** Use the derived sync status (synced | syncing | pending | error | offline). */
-export function useSyncStatus(store) {
-    return useStore(store, deriveSyncStatus);
-}

package/dist/bindings/suspense.js

@@ -1,49 +0,0 @@
-/**
- * React Suspense integration for Starfish sync data.
- * Creates resources that throw Promises while loading (Suspense protocol).
- */
-/**
- * Create a Suspense-compatible resource from an async fetcher.
- * The first call to `read()` triggers the fetch. While loading, `read()` throws
- * a Promise (which React Suspense catches to show a fallback). Once resolved,
- * `read()` returns the value synchronously.
- *
- * @example
- * ```tsx
- * const resource = createSuspenseResource(() => syncManager.pull())
- * function MyComponent() {
- *   const data = resource.read() // throws while loading, returns data when ready
- *   return <div>{JSON.stringify(data)}</div>
- * }
- * ```
- */
-export function createSuspenseResource(fetcher) {
-    let status = "pending";
-    let result;
-    let error;
-    let promise = null;
-    function init() {
-        if (promise)
-            return promise;
-        promise = fetcher().then((value) => {
-            status = "resolved";
-            result = value;
-        }, (err) => {
-            status = "rejected";
-            error = err;
-        });
-        return promise;
-    }
-    return {
-        read() {
-            switch (status) {
-                case "pending":
-                    throw init();
-                case "resolved":
-                    return result;
-                case "rejected":
-                    throw error;
-            }
-        },
-    };
-}

package/dist/client.js

@@ -1,112 +0,0 @@
-import { ConflictError, StarfishHttpError } from "./types.js";
-/**
- * Low-level HTTP client for the Starfish sync protocol.
- * Handles auth headers and response parsing.
- */
-export class StarfishClient {
-    baseUrl;
-    auth;
-    fetch;
-    constructor(options) {
-        this.baseUrl = options.baseUrl.replace(/\/$/, "");
-        this.auth = options.auth;
-        this.fetch = options.fetch ?? globalThis.fetch.bind(globalThis);
-    }
-    /**
-     * Pull synced data from the server.
-     * @param path - The pull endpoint path (e.g. "/pull/users/abc/settings")
-     * @param checkpoint - Only return data updated after this timestamp (0 = full pull)
-     */
-    async pull(path, checkpoint) {
-        const url = checkpoint
-            ? `${this.baseUrl}${path}?checkpoint=${checkpoint}`
-            : `${this.baseUrl}${path}`;
-        const authHeaders = this.auth
-            ? await this.auth({ method: "GET", path, body: null })
-            : {};
-        const res = await this.fetch(url, {
-            method: "GET",
-            headers: { Accept: "application/json", ...authHeaders },
-        });
-        if (!res.ok) {
-            throw new StarfishHttpError(res.status, await res.text());
-        }
-        return res.json();
-    }
-    /**
-     * Push synced data to the server.
-     * @param path - The push endpoint path (e.g. "/push/users/abc/settings")
-     * @param data - The full document data to push
-     * @param baseHash - Hash of the document this push is based on (null for first push)
-     * @param authorSignature - Optional author signature for provenance
-     * @throws {ConflictError} if the server detects a hash mismatch (409)
-     */
-    async push(path, data, baseHash, authorSignature) {
-        const body = JSON.stringify({
-            data,
-            baseHash,
-            ...(authorSignature && { authorSignature }),
-        });
-        const authHeaders = this.auth
-            ? await this.auth({ method: "POST", path, body })
-            : {};
-        const res = await this.fetch(`${this.baseUrl}${path}`, {
-            method: "POST",
-            headers: {
-                "Content-Type": "application/json",
-                Accept: "application/json",
-                ...authHeaders,
-            },
-            body,
-        });
-        if (res.status === 409) {
-            throw new ConflictError();
-        }
-        if (!res.ok) {
-            throw new StarfishHttpError(res.status, await res.text());
-        }
-        return res.json();
-    }
-    /**
-     * Pull binary data from a blob collection.
-     * Returns raw bytes with the content hash from the ETag header.
-     */
-    async pullBlob(path) {
-        const authHeaders = this.auth
-            ? await this.auth({ method: "GET", path, body: null })
-            : {};
-        const res = await this.fetch(`${this.baseUrl}${path}`, {
-            method: "GET",
-            headers: { Accept: "*/*", ...authHeaders },
-        });
-        if (!res.ok) {
-            throw new StarfishHttpError(res.status, await res.text());
-        }
-        const etag = res.headers.get("ETag")?.replace(/"/g, "") ?? null;
-        const contentType = res.headers.get("Content-Type") ?? "application/octet-stream";
-        const data = await res.arrayBuffer();
-        return { data, hash: etag, contentType };
-    }
-    /**
-     * Push binary data to a blob collection.
-     * Binary collections use last-write-wins (no conflict detection).
-     */
-    async pushBlob(path, data, contentType) {
-        const authHeaders = this.auth
-            ? await this.auth({ method: "POST", path, body: null })
-            : {};
-        const res = await this.fetch(`${this.baseUrl}${path}`, {
-            method: "POST",
-            headers: {
-                "Content-Type": contentType,
-                Accept: "application/json",
-                ...authHeaders,
-            },
-            body: data,
-        });
-        if (!res.ok) {
-            throw new StarfishHttpError(res.status, await res.text());
-        }
-        return res.json();
-    }
-}

package/dist/config.js

@@ -1,18 +0,0 @@
-/**
- * Fetch the server's collection manifest from GET /config.
- *
- * @param baseUrl - Base URL of the Starfish server (e.g. `"https://api.example.com/v1"`).
- * @param options.headers - Optional request headers (e.g. `Authorization`).
- * @throws {Error} if the server returns a non-2xx response.
- */
-export async function fetchServerConfig(baseUrl, options) {
-    const url = `${baseUrl.replace(/\/$/, "")}/config`;
-    const res = await fetch(url, {
-        method: "GET",
-        headers: options?.headers,
-    });
-    if (!res.ok) {
-        throw new Error(`fetchServerConfig: ${res.status} ${res.statusText}`);
-    }
-    return res.json();
-}

package/dist/crypto.js

@@ -1,49 +0,0 @@
-import { getCrypto, getBase64, IV_BYTES, ENCRYPTED_KEY, deriveKey } from "@drakkar.software/starfish-protocol";
-const ALGO = "AES-GCM";
-export { ENCRYPTED_KEY };
-/**
- * Creates an Encryptor that uses AES-256-GCM with HKDF-derived keys.
- */
-export function createEncryptor(secret, salt, info = "starfish-e2e") {
-    if (!secret)
-        throw new Error("encryptionSecret must not be empty");
-    if (!salt)
-        throw new Error("encryptionSalt must not be empty");
-    const keyPromise = deriveKey(secret, salt, info);
-    return {
-        async encrypt(data) {
-            const key = await keyPromise;
-            const c = getCrypto();
-            const b64 = getBase64();
-            const plaintext = new TextEncoder().encode(JSON.stringify(data));
-            const iv = c.getRandomValues(new Uint8Array(IV_BYTES));
-            const ciphertext = await c.subtle.encrypt({ name: ALGO, iv }, key, plaintext);
-            const combined = new Uint8Array(iv.length + ciphertext.byteLength);
-            combined.set(iv);
-            combined.set(new Uint8Array(ciphertext), iv.length);
-            return { [ENCRYPTED_KEY]: b64.encode(combined) };
-        },
-        async decrypt(wrapper) {
-            const encoded = wrapper[ENCRYPTED_KEY];
-            if (typeof encoded !== "string") {
-                throw new Error("Expected encrypted data but received unencrypted document");
-            }
-            const key = await keyPromise;
-            const c = getCrypto();
-            const b64 = getBase64();
-            const combined = b64.decode(encoded);
-            if (combined.length < IV_BYTES) {
-                throw new Error("Encrypted data is too short");
-            }
-            const iv = combined.slice(0, IV_BYTES);
-            const ciphertext = combined.slice(IV_BYTES);
-            try {
-                const plaintext = await c.subtle.decrypt({ name: ALGO, iv }, key, ciphertext);
-                return JSON.parse(new TextDecoder().decode(plaintext));
-            }
-            catch (err) {
-                throw new Error("Decryption failed: data may be tampered or key is incorrect", { cause: err });
-            }
-        },
-    };
-}