@dxos/echo-db 2.33.2 → 2.33.3-dev.5c4af82a

package/src/halo/halo.ts

@@ -46,6 +46,8 @@ export class HALO {
   private readonly _keyring: Keyring;
   private readonly _identityManager: IdentityManager;
 
+  private _isOpen = false;
+
   constructor ({
     keyring,
     networkManager,
@@ -85,7 +87,7 @@ export class HALO {
    * Whether the current identity manager has been initialized.
    */
   get isInitialized (): boolean {
-    return this._identityManager.initialized;
+    return this._isOpen;
   }
 
   /**
@@ -129,6 +131,7 @@ export class HALO {
    *
    * Loads the saved identity from disk. Is called by client.
    */
+  @synchronized
   async open (onProgressCallback?: ((progress: OpenProgress) => void) | undefined) {
     // TODO(burdon): Replace with events.
     onProgressCallback?.({ haloOpened: false });
@@ -137,12 +140,16 @@ export class HALO {
     await this._identityManager.loadFromStorage();
 
     onProgressCallback?.({ haloOpened: true });
+
+    this._isOpen = true;
   }
 
   /**
    * Closes HALO. Automatically called when client is destroyed.
    */
+  @synchronized
   async close () {
+    this._isOpen = false;
     await this._identityManager.close();
   }
 

package/src/halo/identity-manager.ts

@@ -7,6 +7,7 @@ import debug from 'debug';
 
 import { Event, synchronized, waitForCondition } from '@dxos/async';
 import { Filter, KeyRecord, Keyring, KeyType, SecretProvider } from '@dxos/credentials';
+import { failUndefined } from '@dxos/debug';
 
 import { InvitationDescriptor } from '../invitations';
 import { MetadataStore } from '../pipeline';
@@ -34,25 +35,23 @@ export class IdentityManager {
     return this._identity;
   }
 
-  get initialized (): boolean {
-    return this._identity !== undefined &&
-      !!this._identity.halo &&
-      this._identity.halo.isOpen &&
-      !!this._identity.halo!.memberKeys.length &&
-      !!this._identity.halo!.identityGenesis &&
-      !!this._identity.deviceKeyChain;
-  }
-
   private async _initialize (halo: HaloParty) {
     assert(halo.isOpen, 'HALO must be open.');
 
-    this._identity = new Identity(this._keyring, halo);
-
-    // Wait for the minimum set of keys and messages we need for proper function.
-    await waitForCondition(() => this.initialized);
+    // Wait for the minimum set of keys and messages we need for proper function:
+    //
+    // - KeyAdmit message for the current device so we can build the device KeyChain.
+    // - Identity genesis so it can be copied into newly joined parties.
+    //
+    const deviceKey = this._keyring.findKey(Keyring.signingFilter({ type: KeyType.DEVICE })) ?? failUndefined();
+    await waitForCondition(() =>
+      halo.processor.isMemberKey(deviceKey.publicKey) &&
+      halo.identityGenesis
+    );
 
-    log('HALO initialized.');
+    this._identity = new Identity(this._keyring, halo);
     this.ready.emit();
+    log('HALO initialized.');
   }
 
   async close () {

package/src/halo/identity.ts

@@ -2,12 +2,12 @@
 // Copyright 2021 DXOS.org
 //
 
+import assert from 'assert';
 import debug from 'debug';
 
-import { Filter, KeyChain, KeyRecord, Keyring, KeyType, Signer } from '@dxos/credentials';
-import { raise } from '@dxos/debug';
+import { Filter, KeyChain, KeyRecord, Keyring, KeyType, SignedMessage, Signer } from '@dxos/credentials';
+import { failUndefined } from '@dxos/debug';
 
-import { IdentityNotInitializedError } from '../errors';
 import { CredentialsSigner } from '../protocol/credentials-signer';
 import { ContactManager } from './contact-manager';
 import { HaloParty } from './halo-party';
@@ -21,9 +21,9 @@ const log = debug('dxos:echo-db:identity');
  * Acts as a read-only view into IdentityManager.
  */
 export class Identity {
-  private _identityKey?: KeyRecord;
-  private _deviceKey?: KeyRecord;
-  private _deviceKeyChain?: KeyChain;
+  private readonly _identityKey: KeyRecord;
+  private readonly _deviceKey: KeyRecord;
+  private readonly _deviceKeyChain: KeyChain;
 
   /**
    * @param _halo HALO party. Must be open.
@@ -31,54 +31,51 @@ export class Identity {
   constructor (
     private readonly _keyring: Keyring,
     private readonly _halo: HaloParty
-  ) {}
+  ) {
+    this._identityKey = this._keyring.findKey(Filter.matches({ type: KeyType.IDENTITY, own: true, trusted: true })) ?? failUndefined();
+    this._deviceKey = this._keyring.findKey(Keyring.signingFilter({ type: KeyType.DEVICE })) ?? failUndefined();
+    this._deviceKeyChain = getDeviceKeyChainFromHalo(this._halo, this.deviceKey);
+    assert(this._halo.identityGenesis);
+  }
 
   get signer (): Signer {
     return this._keyring;
   }
 
-  get identityKey (): KeyRecord | undefined {
-    if (!this._identityKey) {
-      this._identityKey = this._keyring.findKey(Filter.matches({ type: KeyType.IDENTITY, own: true, trusted: true }));
-    }
-
+  get identityKey (): KeyRecord {
     return this._identityKey;
   }
 
-  get deviceKey (): KeyRecord | undefined {
-    if (!this._deviceKey) {
-      this._deviceKey = this._keyring.findKey(Keyring.signingFilter({ type: KeyType.DEVICE }));
-    }
-
+  get deviceKey (): KeyRecord {
     return this._deviceKey;
   }
 
-  get deviceKeyChain (): KeyChain | undefined {
-    if (!this._deviceKeyChain) {
-      this._deviceKeyChain = this.deviceKey && this._halo ? getDeviceKeyChainFromHalo(this._halo, this.deviceKey) : undefined;
-    }
-
+  get deviceKeyChain (): KeyChain {
     return this._deviceKeyChain;
   }
 
-  get preferences (): Preferences | undefined {
-    return this._halo?.preferences;
+  get preferences (): Preferences {
+    return this._halo.preferences;
   }
 
-  get contacts (): ContactManager | undefined {
-    return this._halo?.contacts;
+  get contacts (): ContactManager {
+    return this._halo.contacts;
   }
 
   get displayName (): string | undefined {
     return this.identityInfo?.signed.payload.displayName;
   }
 
-  get identityInfo () {
-    return this._halo?.identityInfo;
+  /**
+   * Contains profile username.
+   * Can be missing if the username wasn't provided when profile was created.
+   */
+  get identityInfo (): SignedMessage | undefined {
+    return this._halo.identityInfo;
   }
 
-  get identityGenesis () {
-    return this._halo?.identityGenesis;
+  get identityGenesis (): SignedMessage {
+    return this._halo.identityGenesis ?? failUndefined();
   }
 
   /**
@@ -95,9 +92,9 @@ export class Identity {
   createCredentialsSigner (): CredentialsSigner {
     return new CredentialsSigner(
       this._keyring,
-      () => this.identityKey ?? raise(new IdentityNotInitializedError()),
-      () => this.deviceKey ?? raise(new IdentityNotInitializedError()),
-      () => this.deviceKeyChain ?? this.deviceKey ?? raise(new IdentityNotInitializedError())
+      this.identityKey,
+      this.deviceKey,
+      this.deviceKeyChain
     );
   }
 }
@@ -112,7 +109,7 @@ function getDeviceKeyChainFromHalo (halo: HaloParty, deviceKey: KeyRecord) {
       halo.feedKeys
     );
   } catch (err: any) {
-    log('Unable to locate device KeyChain:', err); // TODO(burdon): ???
-    return undefined;
+    log('Unable to locate device KeyChain:', err);
+    throw err;
   }
 }

package/src/invitations/offline-invitation-claimer.ts

@@ -21,10 +21,9 @@ import {
   codec
 } from '@dxos/credentials';
 import { keyToBuffer, keyToString, PublicKey, randomBytes } from '@dxos/crypto';
-import { raise } from '@dxos/debug';
 import { FullyConnectedTopology, NetworkManager } from '@dxos/network-manager';
 
-import { IdentityNotInitializedError, InvalidInvitationError } from '../errors';
+import { InvalidInvitationError } from '../errors';
 import { Identity } from '../halo';
 import { greetingProtocolProvider } from './greeting-protocol-provider';
 import { GreetingState } from './greeting-responder';
@@ -179,8 +178,8 @@ export class OfflineInvitationClaimer {
         createAuthMessage(
           identity.signer,
           info!.id.value,
-          identity.identityKey ?? raise(new IdentityNotInitializedError()),
-          identity.deviceKeyChain ?? raise(new IdentityNotInitializedError()),
+          identity.identityKey,
+          identity.deviceKeyChain,
           undefined,
           info!.authNonce.value)
       ));

package/src/parties/party-factory.ts

@@ -52,8 +52,6 @@ export class PartyFactory {
   @timed(5_000)
   async createParty (): Promise<DataParty> {
     const identity = this._identityProvider() ?? raise(new IdentityNotInitializedError());
-    assert(identity.identityGenesis, 'HALO not initialized.');
-    assert(identity.deviceKeyChain, 'Device KeyChain not initialized.');
     assert(!this._options.readOnly, 'PartyFactory is read-only.');
 
     const partyKey = await identity.keyring.createKeyRecord({ type: KeyType.PARTY });
@@ -138,7 +136,6 @@ export class PartyFactory {
     );
 
     await party.open();
-    assert(identity.identityKey, 'No identity key.');
     const isHalo = identity.identityKey.publicKey.equals(partyKey);
     const signingKey = isHalo ? identity.deviceKey : identity.deviceKeyChain;
     assert(signingKey, 'No device key or keychain.');
@@ -213,7 +210,7 @@ export class PartyFactory {
       async (partyKey, nonce) => [createDataPartyAdmissionMessages(
         identity.createCredentialsSigner(),
         partyKey,
-        identity.identityGenesis ?? raise(new IdentityNotInitializedError()),
+        identity.identityGenesis,
         nonce
       )]
     );
@@ -223,8 +220,6 @@ export class PartyFactory {
     const party = await this.addParty(partyKey, hints);
     await initiator.destroy();
     if (!haloInvitation) {
-      assert(identity.deviceKeyChain);
-
       // Copy our signed IdentityInfo into the new Party.
       const infoMessage = identity.identityInfo;
       if (infoMessage) {
@@ -244,8 +239,6 @@ export class PartyFactory {
     const identity = this._identityProvider() ?? raise(new IdentityNotInitializedError());
 
     assert(!this._options.readOnly, 'PartyFactory is read-only');
-    assert(identity.identityGenesis, 'IdentityGenesis must exist');
-    assert(identity.deviceKeyChain, 'Device KeyChain must exist');
 
     const partyKey = await identity.keyring.createKeyRecord({ type: KeyType.PARTY });
     const party = await this.constructParty(partyKey.publicKey);

package/src/parties/party-manager.ts

@@ -74,10 +74,11 @@ export class PartyManager {
 
     let partyKeys = this._metadataStore.parties.map(party => party.key).filter(boolGuard);
 
+    // Identity may be undefined, for example, on the first start.
     const identity = this._identityProvider();
 
     // TODO(telackey): Does it make any sense to load other parties if we don't have an HALO?
-    if (identity?.identityKey) {
+    if (identity) {
       partyKeys = partyKeys.filter(partyKey => !partyKey.equals(identity.identityKey!.publicKey));
     }
 

package/src/protocol/credentials-signer.ts

@@ -19,17 +19,17 @@ export class CredentialsSigner {
 
     return new CredentialsSigner(
       keyring,
-      () => identityKey,
-      () => deviceKey,
-      () => deviceKey
+      identityKey,
+      deviceKey,
+      deviceKey
     );
   }
 
   constructor (
     private readonly _signer: Signer,
-    private readonly _getIdentityKey: () => KeyRecord,
-    private readonly _getDeviceKey: () => KeyRecord,
-    private readonly _getDeviceSigningKeys: () => KeyRecord | KeyChain
+    private readonly _identityKey: KeyRecord,
+    private readonly _deviceKey: KeyRecord,
+    private readonly _signingKeys: KeyRecord | KeyChain
   ) {}
 
   get signer (): Signer {
@@ -37,11 +37,11 @@ export class CredentialsSigner {
   }
 
   getIdentityKey (): KeyRecord {
-    return this._getIdentityKey();
+    return this._identityKey;
   }
 
   getDeviceKey (): KeyRecord {
-    return this._getDeviceKey();
+    return this._deviceKey;
   }
 
   /**
@@ -55,6 +55,6 @@ export class CredentialsSigner {
    * Devices need to sign with their keyChain including the device key admission credential in the signature.
    */
   getDeviceSigningKeys (): KeyRecord | KeyChain {
-    return this._getDeviceSigningKeys();
+    return this._signingKeys;
   }
 }