@dxos/echo-db 2.33.3-dev.1cc72521 → 2.33.3-dev.762b75aa

package/src/parties/party-factory.ts

@@ -22,12 +22,12 @@ import { NetworkManager } from '@dxos/network-manager';
 import { ObjectModel } from '@dxos/object-model';
 
 import { IdentityNotInitializedError } from '../errors';
-import { IdentityProvider } from '../halo';
 import {
   createDataPartyAdmissionMessages,
   GreetingInitiator, InvitationDescriptor, InvitationDescriptorType, OfflineInvitationClaimer
 } from '../invitations';
 import { PartyFeedProvider, PartyOptions } from '../pipeline';
+import { IdentityCredentialsProvider } from '../protocol/identity-credentials';
 import { SnapshotStore } from '../snapshots';
 import { DataParty, PARTY_ITEM_TYPE } from './data-party';
 
@@ -38,7 +38,7 @@ const log = debug('dxos:echo-db:party-factory');
  */
 export class PartyFactory {
   constructor (
-    private readonly _identityProvider: IdentityProvider,
+    private readonly _identityProvider: IdentityCredentialsProvider,
     private readonly _networkManager: NetworkManager,
     private readonly _modelFactory: ModelFactory,
     private readonly _snapshotStore: SnapshotStore,
@@ -52,8 +52,6 @@ export class PartyFactory {
   @timed(5_000)
   async createParty (): Promise<DataParty> {
     const identity = this._identityProvider() ?? raise(new IdentityNotInitializedError());
-    assert(identity.identityGenesis, 'HALO not initialized.');
-    assert(identity.deviceKeyChain, 'Device KeyChain not initialized.');
     assert(!this._options.readOnly, 'PartyFactory is read-only.');
 
     const partyKey = await identity.keyring.createKeyRecord({ type: KeyType.PARTY });
@@ -66,7 +64,7 @@ export class PartyFactory {
 
     // PartyGenesis (self-signed by Party).
     await party.processor.writeHaloMessage(createPartyGenesisMessage(
-      identity.signer,
+      identity.keyring,
       partyKey,
       writableFeed.key,
       partyKey)
@@ -74,15 +72,16 @@ export class PartyFactory {
 
     // KeyAdmit (IdentityGenesis in an Envelope signed by Party).
     await party.processor.writeHaloMessage(createEnvelopeMessage(
-      identity.signer,
+      identity.keyring,
       partyKey.publicKey,
       wrapMessage(identity.identityGenesis),
       [partyKey])
     );
 
     // FeedAdmit (signed by the Device KeyChain).
+    // TODO(dmaretskyi): Is this really needed since a feed is already admitted by party genesis message.
     await party.processor.writeHaloMessage(createFeedAdmitMessage(
-      identity.signer,
+      identity.keyring,
       partyKey.publicKey,
       writableFeed.key,
       [identity.deviceKeyChain]
@@ -91,7 +90,7 @@ export class PartyFactory {
     // IdentityInfo in an Envelope signed by the Device KeyChain.
     if (identity.identityInfo) {
       await party.processor.writeHaloMessage(createEnvelopeMessage(
-        identity.signer,
+        identity.keyring,
         partyKey.publicKey,
         wrapMessage(identity.identityInfo),
         [identity.deviceKeyChain]
@@ -138,13 +137,12 @@ export class PartyFactory {
     );
 
     await party.open();
-    assert(identity.identityKey, 'No identity key.');
     const isHalo = identity.identityKey.publicKey.equals(partyKey);
     const signingKey = isHalo ? identity.deviceKey : identity.deviceKeyChain;
     assert(signingKey, 'No device key or keychain.');
     // Write the Feed genesis message.
     await party.processor.writeHaloMessage(createFeedAdmitMessage(
-      identity.signer,
+      identity.keyring,
       partyKey,
       feedKeyPair.publicKey,
       [signingKey]
@@ -213,7 +211,7 @@ export class PartyFactory {
       async (partyKey, nonce) => [createDataPartyAdmissionMessages(
         identity.createCredentialsSigner(),
         partyKey,
-        identity.identityGenesis ?? raise(new IdentityNotInitializedError()),
+        identity.identityGenesis,
         nonce
       )]
     );
@@ -223,13 +221,11 @@ export class PartyFactory {
     const party = await this.addParty(partyKey, hints);
     await initiator.destroy();
     if (!haloInvitation) {
-      assert(identity.deviceKeyChain);
-
       // Copy our signed IdentityInfo into the new Party.
       const infoMessage = identity.identityInfo;
       if (infoMessage) {
         await party.processor.writeHaloMessage(createEnvelopeMessage(
-          identity.signer,
+          identity.keyring,
           partyKey,
           wrapMessage(infoMessage),
           [identity.deviceKeyChain]
@@ -244,8 +240,6 @@ export class PartyFactory {
     const identity = this._identityProvider() ?? raise(new IdentityNotInitializedError());
 
     assert(!this._options.readOnly, 'PartyFactory is read-only');
-    assert(identity.identityGenesis, 'IdentityGenesis must exist');
-    assert(identity.deviceKeyChain, 'Device KeyChain must exist');
 
     const partyKey = await identity.keyring.createKeyRecord({ type: KeyType.PARTY });
     const party = await this.constructParty(partyKey.publicKey);
@@ -257,7 +251,7 @@ export class PartyFactory {
 
     // PartyGenesis (self-signed by Party).
     await party.processor.writeHaloMessage(createPartyGenesisMessage(
-      identity.signer,
+      identity.keyring,
       partyKey,
       writableFeed.key,
       partyKey)
@@ -265,7 +259,7 @@ export class PartyFactory {
 
     // KeyAdmit (IdentityGenesis in an Envelope signed by Party).
     await party.processor.writeHaloMessage(createEnvelopeMessage(
-      identity.signer,
+      identity.keyring,
       partyKey.publicKey,
       wrapMessage(identity.identityGenesis),
       [partyKey]
@@ -273,7 +267,7 @@ export class PartyFactory {
 
     // FeedAdmit (signed by the Device KeyChain).
     await party.processor.writeHaloMessage(createFeedAdmitMessage(
-      identity.signer,
+      identity.keyring,
       partyKey.publicKey,
       writableFeed.key,
       [identity.deviceKeyChain]
@@ -282,7 +276,7 @@ export class PartyFactory {
     // IdentityInfo in an Envelope signed by the Device KeyChain.
     if (identity.identityInfo) {
       await party.processor.writeHaloMessage(createEnvelopeMessage(
-        identity.signer,
+        identity.keyring,
         partyKey.publicKey,
         wrapMessage(identity.identityInfo),
         [identity.deviceKeyChain]

package/src/parties/party-manager.test.ts

@@ -33,9 +33,9 @@ import { createStorage, StorageType } from '@dxos/random-access-multi-storage';
 import { afterTest, testTimeout } from '@dxos/testutils';
 
 import { Item } from '../api';
-import { HaloFactory, Identity, IdentityManager } from '../halo';
 import { defaultInvitationAuthenticator, OfflineInvitationClaimer } from '../invitations';
 import { MetadataStore, PartyFeedProvider } from '../pipeline';
+import { createTestIdentityCredentials } from '../protocol/identity-credentials';
 import { SnapshotStore } from '../snapshots';
 import { messageLogger } from '../testing';
 import { createRamStorage } from '../util';
@@ -58,33 +58,12 @@ const setup = async () => {
   const keyring = new Keyring();
   const metadataStore = new MetadataStore(createRamStorage());
   const feedStore = new FeedStore(createStorage('', StorageType.RAM), { valueEncoding: codec });
-
-  const identityKey = await keyring.createKeyRecord({ type: KeyType.IDENTITY });
-
-  assert(keyring.keys.length === 1);
-
   const snapshotStore = new SnapshotStore(createStorage('', StorageType.RAM));
   const modelFactory = new ModelFactory().registerModel(ObjectModel);
   const networkManager = new NetworkManager();
   const feedProviderFactory = (partyKey: PublicKey) => new PartyFeedProvider(metadataStore, keyring, feedStore, partyKey);
 
-  const haloFactory = new HaloFactory(
-    networkManager,
-    modelFactory,
-    snapshotStore,
-    feedProviderFactory,
-    keyring,
-    {
-      writeLogger: messageLogger('<<<'),
-      readLogger: messageLogger('>>>')
-    }
-  );
-  const haloParty = await haloFactory.createHalo({
-    identityDisplayName: identityKey.publicKey.humanize()
-  });
-  afterTest(() => haloParty.close());
-  const identity = new Identity(keyring, haloParty);
-
+  const identity = await createTestIdentityCredentials(keyring);
   const partyFactory = new PartyFactory(
     () => identity,
     networkManager,
@@ -171,33 +150,22 @@ describe('Party manager', () => {
   test('Create from cold start', async () => {
     const storage = createStorage('', StorageType.RAM);
     const feedStore = new FeedStore(storage, { valueEncoding: codec });
-
     const keyring = new Keyring();
     const metadataStore = new MetadataStore(createRamStorage());
-
-    const identityKey = await keyring.createKeyRecord({ type: KeyType.IDENTITY });
-    await keyring.createKeyRecord({ type: KeyType.DEVICE });
-
     const modelFactory = new ModelFactory().registerModel(ObjectModel);
     const snapshotStore = new SnapshotStore(createStorage('', StorageType.RAM));
     const networkManager = new NetworkManager();
     const feedProviderFactory = (partyKey: PublicKey) => new PartyFeedProvider(metadataStore, keyring, feedStore, partyKey);
+
+    const identity = await createTestIdentityCredentials(keyring);
     const partyFactory = new PartyFactory(
-      () => identityManager.identity,
+      () => identity,
       networkManager,
       modelFactory,
       snapshotStore,
       feedProviderFactory
     );
-    const haloFactory: HaloFactory = new HaloFactory(
-      networkManager,
-      modelFactory,
-      snapshotStore,
-      feedProviderFactory,
-      keyring
-    );
-    const identityManager = new IdentityManager(keyring, haloFactory, metadataStore);
-    const partyManager = new PartyManager(metadataStore, snapshotStore, () => identityManager.identity, partyFactory);
+    const partyManager = new PartyManager(metadataStore, snapshotStore, () => identity, partyFactory);
 
     /* TODO(telackey): Injecting "raw" Parties into the feeds behind the scenes seems fishy to me, as it writes the
      * Party messages in a slightly different way than the code inside PartyFactory does, and so could easily diverge
@@ -221,7 +189,7 @@ describe('Party manager', () => {
       assert(feedKey);
 
       const feedStream = createWritableFeedStream(feed);
-      feedStream.write({ halo: createPartyGenesisMessage(keyring, partyKey, feedKey.publicKey, identityKey) });
+      feedStream.write({ halo: createPartyGenesisMessage(keyring, partyKey, feedKey.publicKey, identity.identityKey) });
       feedStream.write({
         echo: checkType<EchoEnvelope>({
           itemId: 'foo',
@@ -235,8 +203,6 @@ describe('Party manager', () => {
     }
 
     // Open.
-    await identityManager.createHalo();
-    afterTest(() => identityManager.close());
     await partyManager.open();
     expect(partyManager.parties).toHaveLength(numParties);
     await partyManager.close();
@@ -450,7 +416,7 @@ describe('Party manager', () => {
     // Redeem the invitation on B.
     expect(partyManagerB.parties).toHaveLength(0);
     const partyB = await partyManagerB.joinParty(invitationDescriptor,
-      OfflineInvitationClaimer.createSecretProvider(identityB));
+      OfflineInvitationClaimer.createSecretProvider(identityB.createCredentialsSigner()));
     expect(partyB).toBeDefined();
     log(`Joined ${partyB.key.toHex()}`);
 

package/src/parties/party-manager.ts

@@ -13,9 +13,9 @@ import { timed } from '@dxos/debug';
 import { PartyKey, PartySnapshot } from '@dxos/echo-protocol';
 import { ComplexMap, boolGuard } from '@dxos/util';
 
-import { IdentityProvider } from '../halo';
 import { InvitationDescriptor } from '../invitations';
 import { MetadataStore } from '../pipeline';
+import { IdentityCredentialsProvider } from '../protocol/identity-credentials';
 import { SnapshotStore } from '../snapshots';
 import { DataParty, PARTY_ITEM_TYPE, PARTY_TITLE_PROPERTY } from './data-party';
 import { PartyFactory } from './party-factory';
@@ -51,7 +51,7 @@ export class PartyManager {
   constructor (
     private readonly _metadataStore: MetadataStore,
     private readonly _snapshotStore: SnapshotStore,
-    private readonly _identityProvider: IdentityProvider,
+    private readonly _identityProvider: IdentityCredentialsProvider,
     private readonly _partyFactory: PartyFactory
   ) {}
 
@@ -74,10 +74,11 @@ export class PartyManager {
 
     let partyKeys = this._metadataStore.parties.map(party => party.key).filter(boolGuard);
 
+    // Identity may be undefined, for example, on the first start.
     const identity = this._identityProvider();
 
     // TODO(telackey): Does it make any sense to load other parties if we don't have an HALO?
-    if (identity?.identityKey) {
+    if (identity) {
       partyKeys = partyKeys.filter(partyKey => !partyKey.equals(identity.identityKey!.publicKey));
     }
 

package/src/pipeline/party-core.test.ts

@@ -325,12 +325,10 @@ describe('PartyCore', () => {
 
     createTestProtocolPair(
       new ReplicatorProtocolPluginFactory(
-        peer1.partyFeedProvider,
-        peer1.party.processor.getActiveFeedSet()
+        peer1.partyFeedProvider
       ).createPlugins().map(r => r.createExtension()),
       new ReplicatorProtocolPluginFactory(
-        partyFeedProvider,
-        peer1.party.processor.getActiveFeedSet()
+        partyFeedProvider
       ).createPlugins().map(r => r.createExtension())
     );
 

package/src/pipeline/party-processor.ts

@@ -20,11 +20,6 @@ import { jsonReplacer } from '@dxos/util';
 
 const log = debug('dxos:echo-db:party-processor');
 
-export interface FeedSetProvider {
-  get(): FeedKey[]
-  added: Event<FeedKey>
-}
-
 /**
  * TODO(burdon): Wrapper/Bridge between HALO APIs.
  */
@@ -108,14 +103,6 @@ export class PartyProcessor {
     return this._state.getAdmittedBy(feedKey);
   }
 
-  // TODO(burdon): Rename xxxProvider.
-  getActiveFeedSet (): FeedSetProvider {
-    return {
-      get: () => this.feedKeys,
-      added: this.feedAdded
-    };
-  }
-
   getOfflineInvitation (invitationID: Buffer) {
     return this._state.getInvitation(invitationID);
   }

package/src/protocol/credentials-signer.ts

@@ -19,17 +19,17 @@ export class CredentialsSigner {
 
     return new CredentialsSigner(
       keyring,
-      () => identityKey,
-      () => deviceKey,
-      () => deviceKey
+      identityKey,
+      deviceKey,
+      deviceKey
     );
   }
 
   constructor (
     private readonly _signer: Signer,
-    private readonly _getIdentityKey: () => KeyRecord,
-    private readonly _getDeviceKey: () => KeyRecord,
-    private readonly _getDeviceSigningKeys: () => KeyRecord | KeyChain
+    private readonly _identityKey: KeyRecord,
+    private readonly _deviceKey: KeyRecord,
+    private readonly _signingKeys: KeyRecord | KeyChain
   ) {}
 
   get signer (): Signer {
@@ -37,11 +37,11 @@ export class CredentialsSigner {
   }
 
   getIdentityKey (): KeyRecord {
-    return this._getIdentityKey();
+    return this._identityKey;
   }
 
   getDeviceKey (): KeyRecord {
-    return this._getDeviceKey();
+    return this._deviceKey;
   }
 
   /**
@@ -55,6 +55,6 @@ export class CredentialsSigner {
    * Devices need to sign with their keyChain including the device key admission credential in the signature.
    */
   getDeviceSigningKeys (): KeyRecord | KeyChain {
-    return this._getDeviceSigningKeys();
+    return this._signingKeys;
   }
 }

package/src/protocol/identity-credentials.ts

@@ -0,0 +1,78 @@
+//
+// Copyright 2022 DXOS.org
+//
+
+import { createIdentityInfoMessage, createKeyAdmitMessage, createPartyGenesisMessage, KeyChain, KeyRecord, Keyring, KeyType, SignedMessage } from '@dxos/credentials';
+
+import { ContactManager, Preferences } from '../halo';
+import { CredentialsSigner } from './credentials-signer';
+
+/**
+ * Provides access to identity credentials without revealing the underlying mechanism (HALO party).
+ */
+export interface IdentityCredentials {
+  keyring: Keyring
+  identityKey: KeyRecord
+  deviceKey: KeyRecord
+  deviceKeyChain: KeyChain
+  identityGenesis: SignedMessage
+  identityInfo: SignedMessage | undefined
+  displayName: string | undefined
+  createCredentialsSigner(): CredentialsSigner
+  preferences: Preferences | undefined
+  contacts: ContactManager | undefined
+}
+
+export type IdentityCredentialsProvider = () => IdentityCredentials | undefined
+
+export async function createTestIdentityCredentials (keyring: Keyring): Promise<IdentityCredentials> {
+  const identityKey = await keyring.createKeyRecord({ type: KeyType.IDENTITY });
+  const deviceKey = await keyring.createKeyRecord({ type: KeyType.DEVICE });
+  const feedKey = await keyring.createKeyRecord({ type: KeyType.FEED });
+
+  const partyGenesis = createPartyGenesisMessage(keyring, identityKey, feedKey.publicKey, deviceKey);
+  const keyAdmit = createKeyAdmitMessage(keyring, identityKey.publicKey, identityKey);
+
+  const messageMap = new Map();
+  messageMap.set(identityKey.publicKey.toHex(), keyAdmit);
+  messageMap.set(deviceKey.publicKey.toHex(), partyGenesis);
+  const deviceKeyChain = Keyring.buildKeyChain(deviceKey.publicKey, messageMap, [feedKey.publicKey]);
+
+  const displayName = identityKey.publicKey.humanize();
+  const identityInfo = createIdentityInfoMessage(keyring, displayName, identityKey);
+
+  return {
+    keyring,
+    identityKey,
+    deviceKey,
+    deviceKeyChain,
+    identityGenesis: keyAdmit.payload as SignedMessage,
+    identityInfo: identityInfo.payload as SignedMessage,
+    displayName,
+    createCredentialsSigner: () => new CredentialsSigner(keyring, identityKey, deviceKey, deviceKeyChain),
+    preferences: undefined,
+    contacts: undefined
+  };
+}
+
+export async function deriveTestDeviceCredentials (identity: IdentityCredentials): Promise<IdentityCredentials> {
+  const deviceKey = await identity.keyring.createKeyRecord({ type: KeyType.DEVICE });
+  const keyAdmit = createKeyAdmitMessage(identity.keyring, identity.identityKey.publicKey, deviceKey, [identity.identityKey]);
+
+  const messageMap = new Map();
+  messageMap.set(identity.identityKey.publicKey.toHex(), identity.identityGenesis);
+  messageMap.set(deviceKey.publicKey.toHex(), keyAdmit);
+  const deviceKeyChain = Keyring.buildKeyChain(deviceKey.publicKey, messageMap, []);
+
+  return {
+    ...identity,
+    deviceKey,
+    deviceKeyChain,
+    createCredentialsSigner: () => new CredentialsSigner(
+      identity.keyring,
+      identity.identityKey,
+      deviceKey,
+      deviceKeyChain
+    )
+  };
+}

package/src/protocol/party-protocol-factory.ts

@@ -6,7 +6,7 @@ import debug from 'debug';
 
 import { synchronized } from '@dxos/async';
 import { discoveryKey, keyToString, PublicKey } from '@dxos/crypto';
-import { FeedKey, FeedSetProvider, PartyKey } from '@dxos/echo-protocol';
+import { FeedKey, PartyKey } from '@dxos/echo-protocol';
 import type { HypercoreFeed } from '@dxos/feed-store';
 import { Protocol } from '@dxos/mesh-protocol';
 import { MMSTTopology, NetworkManager, Plugin } from '@dxos/network-manager';
@@ -32,12 +32,11 @@ export class PartyProtocolFactory {
     private readonly _networkManager: NetworkManager,
     private readonly _feedProvider: PartyFeedProvider,
     private readonly _peerId: PublicKey,
-    private readonly _credentials: CredentialsProvider,
-    activeFeeds: FeedSetProvider
+    private readonly _credentials: CredentialsProvider
   ) {
     // Replication.
     this._replicatorProtocolPluginFactory =
-      new ReplicatorProtocolPluginFactory(this._feedProvider, activeFeeds);
+      new ReplicatorProtocolPluginFactory(this._feedProvider);
   }
 
   async start (plugins: Plugin[]) {
@@ -125,34 +124,31 @@ export class PartyProtocolFactory {
  */
 export class ReplicatorProtocolPluginFactory {
   constructor (
-    private readonly _feedProvider: PartyFeedProvider,
-    private readonly _activeFeeds: FeedSetProvider
+    private readonly _feedProvider: PartyFeedProvider
   ) {}
 
   createPlugins () {
     return [
       new Replicator({
         load: async () => {
-          const partyFeeds = await Promise.all(this._activeFeeds.get().map(feedKey => this._openFeed(feedKey)));
-          log(`Loading feeds: ${partyFeeds.map(feed => keyToString(feed.key))}`);
-          return partyFeeds.map((feed) => {
-            return { discoveryKey: feed.discoveryKey };
-          });
+          const feeds = this._feedProvider.getFeeds();
+          log(`Loading feeds: ${feeds.map(feed => keyToString(feed.key))}`);
+          return feeds.map((feed) => ({ discoveryKey: feed.feed.discoveryKey }));
         },
 
         subscribe: (addFeedToReplicatedSet: (feed: any) => void) => {
-          return this._activeFeeds.added.on(async (feedKey) => {
-            log(`Adding feed: ${feedKey.toHex()}`);
-            const feed = await this._openFeed(feedKey);
-            addFeedToReplicatedSet({ discoveryKey: feed.discoveryKey });
+          return this._feedProvider.feedOpened.on(async (feed) => {
+            log(`Adding feed: ${feed.key.toHex()}`);
+            addFeedToReplicatedSet({ discoveryKey: feed.feed.discoveryKey });
           });
         },
 
         replicate: async (remoteFeeds, info) => {
           // We can ignore remoteFeeds entirely, since the set of feeds we want to replicate is dictated by the Party.
           // TODO(telackey): Why are we opening feeds? Necessary or belt/braces thinking, or because open party does it?
-          log(`Replicating: peerId=${info.session}; feeds=${this._activeFeeds.get().map(key => key.toHex())}`);
-          return Promise.all(this._activeFeeds.get().map(feedKey => this._openFeed(feedKey)));
+          const feeds = this._feedProvider.getFeeds();
+          log(`Replicating: peerId=${info.session}; feeds=${feeds.map(feed => feed.key.toHex())}`);
+          return feeds.map(feed => feed.feed);
         }
       })
     ];