@dxos/echo-db 2.33.9-dev.d9963f00 → 2.33.9-dev.eb69ac10

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dxos/echo-db",
-  "version": "2.33.9-dev.d9963f00",
+  "version": "2.33.9-dev.eb69ac10",
   "description": "ECHO database.",
   "license": "MIT",
   "main": "dist/src/index.js",
@@ -13,22 +13,22 @@
     "src"
   ],
   "dependencies": {
-    "@dxos/async": "2.33.9-dev.d9963f00",
-    "@dxos/codec-protobuf": "2.33.9-dev.d9963f00",
-    "@dxos/credentials": "2.33.9-dev.d9963f00",
-    "@dxos/crypto": "2.33.9-dev.d9963f00",
-    "@dxos/debug": "2.33.9-dev.d9963f00",
-    "@dxos/echo-protocol": "2.33.9-dev.d9963f00",
-    "@dxos/feed-store": "2.33.9-dev.d9963f00",
-    "@dxos/mesh-protocol": "2.33.9-dev.d9963f00",
-    "@dxos/model-factory": "2.33.9-dev.d9963f00",
-    "@dxos/network-manager": "2.33.9-dev.d9963f00",
-    "@dxos/object-model": "2.33.9-dev.d9963f00",
-    "@dxos/protocol-plugin-presence": "2.33.9-dev.d9963f00",
-    "@dxos/protocol-plugin-replicator": "2.33.9-dev.d9963f00",
-    "@dxos/protocols": "2.33.9-dev.d9963f00",
-    "@dxos/random-access-multi-storage": "2.33.9-dev.d9963f00",
-    "@dxos/util": "2.33.9-dev.d9963f00",
+    "@dxos/async": "2.33.9-dev.eb69ac10",
+    "@dxos/codec-protobuf": "2.33.9-dev.eb69ac10",
+    "@dxos/credentials": "2.33.9-dev.eb69ac10",
+    "@dxos/crypto": "2.33.9-dev.eb69ac10",
+    "@dxos/debug": "2.33.9-dev.eb69ac10",
+    "@dxos/echo-protocol": "2.33.9-dev.eb69ac10",
+    "@dxos/feed-store": "2.33.9-dev.eb69ac10",
+    "@dxos/mesh-protocol": "2.33.9-dev.eb69ac10",
+    "@dxos/model-factory": "2.33.9-dev.eb69ac10",
+    "@dxos/network-manager": "2.33.9-dev.eb69ac10",
+    "@dxos/object-model": "2.33.9-dev.eb69ac10",
+    "@dxos/protocol-plugin-presence": "2.33.9-dev.eb69ac10",
+    "@dxos/protocol-plugin-replicator": "2.33.9-dev.eb69ac10",
+    "@dxos/protocols": "2.33.9-dev.eb69ac10",
+    "@dxos/random-access-multi-storage": "2.33.9-dev.eb69ac10",
+    "@dxos/util": "2.33.9-dev.eb69ac10",
     "assert": "^2.0.0",
     "base-x": "~3.0.9",
     "buffer-json-encoding": "^1.0.2",

package/src/echo.test.ts

@@ -374,7 +374,7 @@ describe('ECHO', () => {
 
   }).timeout(10_000);
 
-  test.skip('3 devices', async () => {
+  test('3 devices', async () => {
     const a = await setup({ createProfile: true });
     const b = await setup();
 

package/src/pipeline/feed-muxer.test.ts

@@ -128,7 +128,8 @@ describe('FeedMuxer', () => {
     await pipeline.outboundEchoStream!.write({
       itemId: '123',
       genesis: {
-        itemType: 'foo'
+        itemType: 'foo',
+        modelType: 'bar'
       }
     });
 
@@ -138,7 +139,8 @@ describe('FeedMuxer', () => {
     expect((echoMessages[0] as any).data).toEqual({
       itemId: '123',
       genesis: {
-        itemType: 'foo'
+        itemType: 'foo',
+        modelType: 'bar'
       }
     });
   });

package/src/pipeline/metadata-store.ts

@@ -25,13 +25,15 @@ export interface AddPartyOptions {
   genesisFeed: PublicKey
 }
 
+const emptyEchoMetadata = (): EchoMetadata => ({
+  version: STORAGE_VERSION,
+  parties: [],
+  created: new Date(),
+  updated: new Date()
+});
+
 export class MetadataStore {
-  private _metadata: EchoMetadata = {
-    version: STORAGE_VERSION,
-    parties: [],
-    created: new Date(),
-    updated: new Date()
-  };
+  private _metadata: EchoMetadata = emptyEchoMetadata();
 
   constructor (
     private readonly _directory: Directory
@@ -56,19 +58,26 @@ export class MetadataStore {
   async load (): Promise<void> {
     const file = this._directory.createOrOpen('EchoMetadata');
     try {
-      const { size } = await file.stat();
-      if (size === 0) {
+      const { size: fileLength } = await file.stat();
+      if (fileLength < 4) {
         return;
       }
+      // Loading file size from first 4 bytes.
+      const dataSize = fromBytesInt32(await file.read(0, 4));
+      log(`Load: data size ${dataSize}`);
+
+      // Sanity check.
+      {
+        if (fileLength < dataSize + 4) {
+          throw new Error('Metadata storage is corrupted');
+        }
+      }
 
-      const data = await file.read(0, size);
+      const data = await file.read(4, dataSize);
       this._metadata = schema.getCodecForType('dxos.echo.metadata.EchoMetadata').decode(data);
     } catch (err: any) {
-      if (err.code === 'ENOENT') {
-        return;
-      } else {
-        throw err;
-      }
+      log(`Error loading metadata: ${err}`);
+      this._metadata = emptyEchoMetadata();
     } finally {
       await file.close();
     }
@@ -87,22 +96,14 @@ export class MetadataStore {
 
     try {
       const encoded = Buffer.from(schema.getCodecForType('dxos.echo.metadata.EchoMetadata').encode(data));
-      await file.write(0, encoded);
 
-      // Truncate the rest of the file.
-      {
-        const { size } = await file.stat();
-        if (size > encoded.length) {
-          await file.truncate(encoded.length, size);
-        }
-      }
+      // Saving file size at first 4 bytes.
+      log(`Save: data size ${encoded.length}`);
+      await file.write(0, toBytesInt32(encoded.length));
+
+      // Saving data.
+      await file.write(4, encoded);
 
-      // Sanity check.
-      const { size } = await file.stat();
-      if (size !== encoded.length) {
-        console.log('SANITY!');
-      }
-      assert(size === encoded.length);
     } finally {
       await file.close();
     }
@@ -196,3 +197,11 @@ export class MetadataStore {
     await this._save();
   }
 }
+
+const toBytesInt32 = (num: number) => {
+  const buf = Buffer.alloc(4);
+  buf.writeInt32LE(num, 0);
+  return buf;
+};
+
+const fromBytesInt32 = (buf: Buffer) => buf.readInt32LE(0);

package/src/protocol/authenticator.test.ts

@@ -5,21 +5,18 @@
 import expect from 'expect';
 import { it as test } from 'mocha';
 
-import { createAuthMessage, createKeyAdmitMessage, createPartyGenesisMessage, Keyring, KeyType } from '@dxos/credentials';
+import { createAuthMessage, createEnvelopeMessage, createFeedAdmitMessage, createKeyAdmitMessage, createPartyGenesisMessage, Keyring, KeyType, wrapMessage } from '@dxos/credentials';
 
 import { PartyProcessor } from '../pipeline';
 import { createAuthenticator } from './authenticator';
-import { CredentialsSigner } from './credentials-signer';
+import { createTestIdentityCredentials } from './identity-credentials';
 
 describe('authenticator', () => {
-  // TODO(dmaretskyi): Figure out how credentials work and if this test makes sense.
-  test.skip('authenticates admitted peer', async () => {
+  test('authenticates party creator', async () => {
     const keyring = new Keyring();
+    const identity = await createTestIdentityCredentials(keyring);
     const partyKey = await keyring.createKeyRecord({ type: KeyType.PARTY });
-    const identityKey = await keyring.createKeyRecord({ type: KeyType.IDENTITY });
-    const deviceKey = await keyring.createKeyRecord({ type: KeyType.DEVICE });
-    const feedKey = await keyring.createKeyRecord({ type: KeyType.FEED });
-    const signer = CredentialsSigner.createDirectDeviceSigner(keyring);
+    const feedKey = await keyring.createKeyRecord({ type: KeyType.PARTY });
 
     const partyProcessor = new PartyProcessor(partyKey.publicKey);
     await partyProcessor.processMessage({
@@ -27,16 +24,106 @@ describe('authenticator', () => {
         keyring,
         partyKey,
         feedKey.publicKey,
-        identityKey
+        partyKey
       ),
       meta: {} as any
     });
+    await partyProcessor.processMessage({
+      data: createEnvelopeMessage(
+        identity.keyring,
+        partyKey.publicKey,
+        wrapMessage(identity.identityGenesis),
+        [partyKey]
+      ),
+      meta: {} as any
+    });
+    await partyProcessor.processMessage({
+      data: createFeedAdmitMessage(
+        keyring,
+        partyKey.publicKey,
+        feedKey.publicKey,
+        [identity.deviceKeyChain]
+      ),
+      meta: {} as any
+    });
+
+    const authenticator = createAuthenticator(partyProcessor, identity.createCredentialsSigner(), null as any);
+
+    //
+    // This test follows the same party creation routing as party factory.
+    // Oddly, it does not admit the device key to the party.
+    // This means that authentication is actually done using the signature created using the feed key.
+    //
+
+    // Does not authenticate without the feed key.
+    {
+      const credential = createAuthMessage(
+        keyring,
+        partyKey.publicKey,
+        identity.identityKey,
+        identity.deviceKey
+      );
+      expect(await authenticator.authenticate(credential.payload)).toEqual(false);
+    }
+
+    // Does authenticate with the feed key.
+    {
+      const credential = createAuthMessage(
+        keyring,
+        partyKey.publicKey,
+        identity.identityKey,
+        identity.deviceKey,
+        feedKey.publicKey
+      );
+      expect(await authenticator.authenticate(credential.payload)).toEqual(true);
+    }
+  });
+
+  test('authenticates another identity', async () => {
+    const keyring = new Keyring();
+    const identity = await createTestIdentityCredentials(keyring);
+    const partyKey = await keyring.createKeyRecord({ type: KeyType.PARTY });
+    const feedKey = await keyring.createKeyRecord({ type: KeyType.PARTY });
+
+    const partyProcessor = new PartyProcessor(partyKey.publicKey);
+    await partyProcessor.processMessage({
+      data: createPartyGenesisMessage(
+        keyring,
+        partyKey,
+        feedKey.publicKey,
+        partyKey
+      ),
+      meta: {} as any
+    });
+    await partyProcessor.processMessage({
+      data: createEnvelopeMessage(
+        identity.keyring,
+        partyKey.publicKey,
+        wrapMessage(identity.identityGenesis),
+        [partyKey]
+      ),
+      meta: {} as any
+    });
+    await partyProcessor.processMessage({
+      data: createFeedAdmitMessage(
+        keyring,
+        partyKey.publicKey,
+        feedKey.publicKey,
+        [identity.deviceKeyChain]
+      ),
+      meta: {} as any
+    });
+
+    const authenticator = createAuthenticator(partyProcessor, identity.createCredentialsSigner(), null as any);
+
+    const identity2 = await createTestIdentityCredentials(keyring);
+
     await partyProcessor.processMessage({
       data: createKeyAdmitMessage(
         keyring,
         partyKey.publicKey,
-        identityKey,
-        [partyKey, identityKey]
+        identity2.identityKey,
+        [identity.deviceKeyChain]
       ),
       meta: {} as any
     });
@@ -44,20 +131,18 @@ describe('authenticator', () => {
       data: createKeyAdmitMessage(
         keyring,
         partyKey.publicKey,
-        deviceKey,
-        [identityKey, deviceKey]
+        identity2.deviceKey,
+        [identity.deviceKeyChain]
       ),
       meta: {} as any
     });
 
-    const authenticator = createAuthenticator(partyProcessor, signer, null as any);
     const credential = createAuthMessage(
       keyring,
       partyKey.publicKey,
-      identityKey,
-      deviceKey
+      identity2.identityKey,
+      identity2.deviceKey
     );
-
     expect(await authenticator.authenticate(credential.payload)).toEqual(true);
   });
 });

package/src/snapshots/snapshot-store.test.ts

@@ -26,10 +26,14 @@ describe('SnapshotStore', () => {
 
     const snapshot: PartySnapshot = {
       partyKey: key1.asBuffer(),
+      halo: {
+        messages: []
+      },
       database: {
         items: [{
           itemId: createId(),
-          itemType: 'example:test'
+          itemType: 'example:test',
+          modelType: 'example:model'
         }],
         links: []
       }