@enbox/agent 0.1.3 → 0.1.5

package/dist/esm/crypto-api.js

@@ -7,13 +7,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
-import { computeJwkThumbprint, CryptoError, CryptoErrorCode, Sha2Algorithm } from '@enbox/crypto';
-import { AesGcmAlgorithm } from './prototyping/crypto/algorithms/aes-gcm.js';
-import { AesKwAlgorithm } from './prototyping/crypto/algorithms/aes-kw.js';
-import { EcdsaAlgorithm } from './prototyping/crypto/algorithms/ecdsa.js';
-import { EdDsaAlgorithm } from './prototyping/crypto/algorithms/eddsa.js';
-import { HkdfAlgorithm } from './prototyping/crypto/algorithms/hkdf.js';
-import { Pbkdf2Algorithm } from './prototyping/crypto/algorithms/pbkdf2.js';
+import { AesGcmAlgorithm, AesKwAlgorithm, computeJwkThumbprint, CryptoError, CryptoErrorCode, EcdsaAlgorithm, EdDsaAlgorithm, HkdfAlgorithm, Pbkdf2Algorithm, Sha2Algorithm, X25519Algorithm, } from '@enbox/crypto';
 /**
  * `supportedAlgorithms` is an object mapping algorithm names to their respective implementations
  * Each entry in this map specifies the algorithm name and its associated properties, including the
@@ -62,6 +56,11 @@ const supportedAlgorithms = {
         implementation: Sha2Algorithm,
         names: ['SHA-256'],
         operations: ['digest'],
+    },
+    'X25519': {
+        implementation: X25519Algorithm,
+        names: ['X25519'],
+        operations: ['bytesToPrivateKey', 'generateKey'],
     }
 };
 export class AgentCryptoApi {
@@ -209,12 +208,6 @@ export class AgentCryptoApi {
             return privateKey;
         });
     }
-    // ! TODO: Remove this once the `Dsa` interface is updated in @enbox/crypto to remove KMS-specific methods.
-    getKeyUri(_params) {
-        return __awaiter(this, void 0, void 0, function* () {
-            throw new Error('Method not implemented.');
-        });
-    }
     getPublicKey(_a) {
         return __awaiter(this, arguments, void 0, function* ({ key }) {
             // Determine the algorithm name based on the JWK's `alg` and `crv` properties.

package/dist/esm/crypto-api.js.map

@@ -1 +1 @@
-{"version":3,"file":"crypto-api.js","sourceRoot":"","sources":["../../src/crypto-api.ts"],"names":[],"mappings":";;;;;;;;;AA0BA,OAAO,EAAE,oBAAoB,EAAE,WAAW,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAOlG,OAAO,EAAE,eAAe,EAAE,MAAM,4CAA4C,CAAC;AAC7E,OAAO,EAAE,cAAc,EAAE,MAAM,2CAA2C,CAAC;AAC3E,OAAO,EAAE,cAAc,EAAE,MAAM,0CAA0C,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,MAAM,0CAA0C,CAAC;AAC1E,OAAO,EAAE,aAAa,EAAE,MAAM,yCAAyC,CAAC;AACxE,OAAO,EAAE,eAAe,EAAE,MAAM,2CAA2C,CAAC;AAuF5E;;;;;;;GAOG;AACH,MAAM,mBAAmB,GAAG;IAC1B,SAAS,EAAE;QACT,cAAc,EAAG,eAAe;QAChC,KAAK,EAAY,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC;QAClD,UAAU,EAAO,CAAC,mBAAmB,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,CAAC;KAC5E;IACD,QAAQ,EAAE;QACR,cAAc,EAAG,cAAc;QAC/B,KAAK,EAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC;QAC/C,UAAU,EAAO,CAAC,mBAAmB,EAAE,aAAa,EAAE,mBAAmB,EAAE,SAAS,EAAE,WAAW,CAAC;KACnG;IACD,SAAS,EAAE;QACT,cAAc,EAAG,cAAc;QAC/B,KAAK,EAAY,CAAC,SAAS,CAAC;QAC5B,UAAU,EAAO,CAAC,mBAAmB,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,CAAC;KAC5F;IACD,MAAM,EAAE;QACN,cAAc,EAAG,aAAa;QAC9B,KAAK,EAAY,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC;QACrD,UAAU,EAAO,CAAC,WAAW,EAAE,gBAAgB,CAAC;KACjD;IACD,QAAQ,EAAE;QACR,cAAc,EAAG,eAAe;QAChC,KAAK,EAAY,CAAC,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,CAAC;QACnF,UAAU,EAAO,CAAC,WAAW,EAAE,gBAAgB,CAAC;KACjD;IACD,WAAW,EAAE;QACX,cAAc,EAAG,cAAc;QAC/B,KAAK,EAAY,CAAC,QAAQ,EAAE,WAAW,CAAC;QACxC,UAAU,EAAO,CAAC,mBAAmB,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,CAAC;KAC5F;IACD,WAAW,EAAE;QACX,cAAc,EAAG,cAAc;QAC/B,KAAK,EAAY,CAAC,OAAO,EAAE,WAAW,CAAC;QACvC,UAAU,EAAO,CAAC,mBAAmB,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,CAAC;KAC5F;IACD,SAAS,EAAE;QACT,cAAc,EAAG,aAAa;QAC9B,KAAK,EAAY,CAAC,SAAS,CAAC;QAC5B,UAAU,EAAO,CAAC,QAAQ,CAAC;KAC5B;CACO,CAAC;AAyDX,MAAM,OAAO,cAAc;IAA3B;QAYE;;;;;WAKG;QACK,wBAAmB,GAAoE,IAAI,GAAG,EAAE,CAAC;IA8V3G,CAAC;IA5Vc,iBAAiB;6DAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,eAAe,EAC9C;YAEhC,wEAAwE;YACxE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;YAE5E,qDAAqD;YACrD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAA4E,CAAC;YAEjI,mCAAmC;YACnC,MAAM,UAAU,GAAG,MAAM,YAAY,CAAC,iBAAiB,CAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,eAAe,EAAE,CAAC,CAAC;YAE7G,OAAO,UAAU,CAAC;QACpB,CAAC;KAAA;IAEY,gBAAgB;6DAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,cAAc,EAC7C;YAE/B,wEAAwE;YACxE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;YAE5E,qDAAqD;YACrD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAoF,CAAC;YAEzI,mCAAmC;YACnC,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,cAAc,EAAE,CAAC,CAAC;YAE1G,OAAO,SAAS,CAAC;QACnB,CAAC;KAAA;IAEY,OAAO,CAAC,MAA6B;;YAChD,kEAAkE;YAClE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;YAE7D,wDAAwD;YACxD,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAuC,CAAC;YAEtF,oBAAoB;YACpB,OAAO,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACtC,CAAC;KAAA;IAEY,SAAS,CACpB,MAAmC;;;YAEnC,wEAAwE;YACxE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YAEzE,+DAA+D;YAC/D,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAsD,CAAC;YAElG,IAAI,mBAA2D,CAAC;YAEhE,QAAQ,MAAM,CAAC,SAAS,EAAE,CAAC;gBACzB,KAAK,UAAU,CAAC;gBAChB,KAAK,UAAU,CAAC;gBAChB,KAAK,UAAU,CAAC,CAAC,CAAC;oBAChB,mBAAmB,GAAG,MAAM,CAAC,mBAA6D,CAAC;oBAC3F,MAAM;gBACR,CAAC;gBAED,KAAK,oBAAoB,CAAC;gBAC1B,KAAK,oBAAoB,CAAC;gBAC1B,KAAK,oBAAoB,CAAC,CAAC,CAAC;oBAC1B,mBAAmB,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAmC,CAAC;oBAC1F,MAAM;gBACR,CAAC;gBAED;oBACE,MAAM,IAAI,WAAW,CAAC,eAAe,CAAC,qBAAqB,EAAE,+CAA+C,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YACpI,CAAC;YAED,4EAA4E;YAC5E,MAAM,MAAM,GAAG,CAAC,CAAC,MAAA,MAAA,mBAAmB,CAAC,KAAK,CAAC,KAAK,CAAC,0CAAG,CAAC,CAAC,mCAAI,CAAC,CAAC,CAAC,CAAC;YAE9D,IAAI,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;gBAClB,MAAM,IAAI,WAAW,CAAC,eAAe,CAAC,qBAAqB,EAAE,gDAAgD,mBAAmB,EAAE,CAAC,CAAC;YACtI,CAAC;YAED,yBAAyB;YACzB,MAAM,eAAe,GAAG,MAAM,GAAG,CAAC,cAAc,iCAAM,MAAM,KAAE,MAAM,IAAG,CAAC;YAExE,OAAO,MAAM,IAAI,CAAC,iBAAiB,CAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,eAAe,EAAE,CAAC,CAAC;QAC3F,CAAC;KAAA;IAEY,cAAc,CACzB,MAAwC;;YAExC,wEAAwE;YACxE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YAEzE,+DAA+D;YAC/D,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAsD,CAAC;YAElG,yBAAyB;YACzB,MAAM,eAAe,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;YAEzD,OAAO,eAAe,CAAC;QACzB,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACU,MAAM;6DAAC,EAAE,SAAS,EAAE,IAAI,EACd;YAErB,qFAAqF;YACrF,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAkC,CAAC;YAEjF,oBAAoB;YACpB,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAEtD,OAAO,IAAI,CAAC;QACd,CAAC;KAAA;IAEY,OAAO,CAAC,MAA6B;;YAChD,QAAQ;YACR,kEAAkE;YAClE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;YAE7D,wDAAwD;YACxD,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAuC,CAAC;YAEtF,8CAA8C;YAC9C,OAAO,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACtC,CAAC;KAAA;IAEY,WAAW,CAAC,MAAkC;;;YACzD,wEAAwE;YACxE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YAEzE,+DAA+D;YAC/D,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAgF,CAAC;YAErI,oBAAoB;YACpB,MAAM,UAAU,GAAG,MAAM,YAAY,CAAC,WAAW,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YAEnF,4DAA4D;YAC5D,MAAA,UAAU,CAAC,GAAG,oCAAd,UAAU,CAAC,GAAG,GAAK,MAAM,oBAAoB,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,EAAC;YAEnE,OAAO,UAAU,CAAC;QACpB,CAAC;KAAA;IAED,2GAA2G;IAC9F,SAAS,CAAC,OAA2B;;YAChD,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;KAAA;IAEY,YAAY;6DAAC,EAAE,GAAG,EACX;YAElB,8EAA8E;YAC9E,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAEjD,qDAAqD;YACrD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAgF,CAAC;YAErI,sDAAsD;YACtD,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,YAAY,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAE3D,OAAO,SAAS,CAAC;QACnB,CAAC;KAAA;IAEY,iBAAiB;6DAAC,EAAE,UAAU,EAAwB;YACjE,kEAAkE;YAClE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,CAAC;YAE7D,qDAAqD;YACrD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAA4E,CAAC;YAEjI,mCAAmC;YACnC,MAAM,eAAe,GAAG,MAAM,YAAY,CAAC,iBAAiB,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC;YAE7E,OAAO,eAAe,CAAC;QACzB,CAAC;KAAA;IAEY,gBAAgB;6DAAC,EAAE,SAAS,EAAuB;YAC9D,kEAAkE;YAClE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC,CAAC;YAE5D,qDAAqD;YACrD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAoF,CAAC;YAEzI,mCAAmC;YACnC,MAAM,cAAc,GAAG,MAAM,YAAY,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;YAE1E,OAAO,cAAc,CAAC;QACxB,CAAC;KAAA;IAEY,IAAI;6DAAC,EAAE,GAAG,EAAE,IAAI,EACjB;YAEV,8EAA8E;YAC9E,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAEjD,2DAA2D;YAC3D,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAqC,CAAC;YAEpF,iBAAiB;YACjB,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;YAE7C,OAAO,SAAS,CAAC;QACnB,CAAC;KAAA;IAEY,SAAS,CAAC,MAAuB;;YAC5C,kEAAkE;YAClE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,aAAa,EAAE,CAAC,CAAC;YAEvE,8DAA8D;YAC9D,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAA+C,CAAC;YAElG,6CAA6C;YAC7C,OAAO,MAAM,UAAU,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC5C,CAAC;KAAA;IAEY,MAAM;6DAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAC5B;YAEZ,8EAA8E;YAC9E,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAEjD,2DAA2D;YAC3D,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAqC,CAAC;YAEpF,wBAAwB;YACxB,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAEjE,OAAO,gBAAgB,CAAC;QAC1B,CAAC;KAAA;IAEY,OAAO,CAAC,MAAqB;;YACxC,kEAAkE;YAClE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,aAAa,EAAE,CAAC,CAAC;YAEvE,8DAA8D;YAC9D,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAA+C,CAAC;YAElG,6CAA6C;YAC7C,OAAO,MAAM,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC1C,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACK,YAAY,CAAC,EAAE,SAAS,EAE/B;;QACC,mCAAmC;QACnC,MAAM,uBAAuB,GAAG,MAAA,mBAAmB,CAAC,SAAS,CAAC,0CAAG,gBAAgB,CAAC,CAAC;QACnF,IAAI,CAAC,uBAAuB,EAAE,CAAC;YAC7B,MAAM,IAAI,WAAW,CAAC,eAAe,CAAC,qBAAqB,EAAE,4BAA4B,SAAS,EAAE,CAAC,CAAC;QACxG,CAAC;QAED,sEAAsE;QACtE,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,uBAAuB,CAAC,EAAE,CAAC;YAC3D,0DAA0D;YAC1D,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,uBAAuB,EAAE,IAAI,uBAAuB,EAAE,CAAC,CAAC;QACvF,CAAC;QAED,6BAA6B;QAC7B,OAAO,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,uBAAuB,CAAE,CAAC;IAChE,CAAC;IA6BO,gBAAgB,CAAC,EAAE,SAAS,EAAE,GAAG,EAGxC;;QACC,MAAM,WAAW,GAAG,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,GAAG,mCAAI,SAAS,CAAC;QAC1C,MAAM,WAAW,GAAG,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,GAAG,CAAC;QAE7B,KAAK,MAAM,mBAAmB,IAAI,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAyB,EAAE,CAAC;YAC3F,MAAM,cAAc,GAAG,mBAAmB,CAAC,mBAAmB,CAAC,CAAC,KAA0B,CAAC;YAC3F,IAAI,WAAW,IAAI,cAAc,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBACxD,OAAO,mBAAmB,CAAC;YAC7B,CAAC;iBAAM,IAAI,WAAW,IAAI,cAAc,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC/D,OAAO,mBAAmB,CAAC;YAC7B,CAAC;QACH,CAAC;QAED,MAAM,IAAI,WAAW,CAAC,eAAe,CAAC,qBAAqB,EACzD,wDAAwD,WAAW,SAAS,WAAW,IAAI;YAC3F,sEAAsE,CACvE,CAAC;IACJ,CAAC;CACF"}
+{"version":3,"file":"crypto-api.js","sourceRoot":"","sources":["../../src/crypto-api.ts"],"names":[],"mappings":";;;;;;;;;AA8BA,OAAO,EACL,eAAe,EACf,cAAc,EACd,oBAAoB,EACpB,WAAW,EACX,eAAe,EACf,cAAc,EACd,cAAc,EACd,aAAa,EACb,eAAe,EACf,aAAa,EACb,eAAe,GAChB,MAAM,eAAe,CAAC;AAuFvB;;;;;;;GAOG;AACH,MAAM,mBAAmB,GAAG;IAC1B,SAAS,EAAE;QACT,cAAc,EAAG,eAAe;QAChC,KAAK,EAAY,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC;QAClD,UAAU,EAAO,CAAC,mBAAmB,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,CAAC;KAC5E;IACD,QAAQ,EAAE;QACR,cAAc,EAAG,cAAc;QAC/B,KAAK,EAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC;QAC/C,UAAU,EAAO,CAAC,mBAAmB,EAAE,aAAa,EAAE,mBAAmB,EAAE,SAAS,EAAE,WAAW,CAAC;KACnG;IACD,SAAS,EAAE;QACT,cAAc,EAAG,cAAc;QAC/B,KAAK,EAAY,CAAC,SAAS,CAAC;QAC5B,UAAU,EAAO,CAAC,mBAAmB,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,CAAC;KAC5F;IACD,MAAM,EAAE;QACN,cAAc,EAAG,aAAa;QAC9B,KAAK,EAAY,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC;QACrD,UAAU,EAAO,CAAC,WAAW,EAAE,gBAAgB,CAAC;KACjD;IACD,QAAQ,EAAE;QACR,cAAc,EAAG,eAAe;QAChC,KAAK,EAAY,CAAC,oBAAoB,EAAE,oBAAoB,EAAE,oBAAoB,CAAC;QACnF,UAAU,EAAO,CAAC,WAAW,EAAE,gBAAgB,CAAC;KACjD;IACD,WAAW,EAAE;QACX,cAAc,EAAG,cAAc;QAC/B,KAAK,EAAY,CAAC,QAAQ,EAAE,WAAW,CAAC;QACxC,UAAU,EAAO,CAAC,mBAAmB,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,CAAC;KAC5F;IACD,WAAW,EAAE;QACX,cAAc,EAAG,cAAc;QAC/B,KAAK,EAAY,CAAC,OAAO,EAAE,WAAW,CAAC;QACvC,UAAU,EAAO,CAAC,mBAAmB,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,CAAC;KAC5F;IACD,SAAS,EAAE;QACT,cAAc,EAAG,aAAa;QAC9B,KAAK,EAAY,CAAC,SAAS,CAAC;QAC5B,UAAU,EAAO,CAAC,QAAQ,CAAC;KAC5B;IACD,QAAQ,EAAE;QACR,cAAc,EAAG,eAAe;QAChC,KAAK,EAAY,CAAC,QAAQ,CAAC;QAC3B,UAAU,EAAO,CAAC,mBAAmB,EAAE,aAAa,CAAC;KACtD;CACO,CAAC;AAyDX,MAAM,OAAO,cAAc;IAA3B;QAYE;;;;;WAKG;QACK,wBAAmB,GAAoE,IAAI,GAAG,EAAE,CAAC;IAyV3G,CAAC;IAvVc,iBAAiB;6DAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,eAAe,EAC9C;YAEhC,wEAAwE;YACxE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;YAE5E,qDAAqD;YACrD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAA4E,CAAC;YAEjI,mCAAmC;YACnC,MAAM,UAAU,GAAG,MAAM,YAAY,CAAC,iBAAiB,CAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,eAAe,EAAE,CAAC,CAAC;YAE7G,OAAO,UAAU,CAAC;QACpB,CAAC;KAAA;IAEY,gBAAgB;6DAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,cAAc,EAC7C;YAE/B,wEAAwE;YACxE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC,CAAC;YAE5E,qDAAqD;YACrD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAoF,CAAC;YAEzI,mCAAmC;YACnC,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,cAAc,EAAE,CAAC,CAAC;YAE1G,OAAO,SAAS,CAAC;QACnB,CAAC;KAAA;IAEY,OAAO,CAAC,MAA6B;;YAChD,kEAAkE;YAClE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;YAE7D,wDAAwD;YACxD,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAuC,CAAC;YAEtF,oBAAoB;YACpB,OAAO,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACtC,CAAC;KAAA;IAEY,SAAS,CACpB,MAAmC;;;YAEnC,wEAAwE;YACxE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YAEzE,+DAA+D;YAC/D,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAsD,CAAC;YAElG,IAAI,mBAA2D,CAAC;YAEhE,QAAQ,MAAM,CAAC,SAAS,EAAE,CAAC;gBACzB,KAAK,UAAU,CAAC;gBAChB,KAAK,UAAU,CAAC;gBAChB,KAAK,UAAU,CAAC,CAAC,CAAC;oBAChB,mBAAmB,GAAG,MAAM,CAAC,mBAA6D,CAAC;oBAC3F,MAAM;gBACR,CAAC;gBAED,KAAK,oBAAoB,CAAC;gBAC1B,KAAK,oBAAoB,CAAC;gBAC1B,KAAK,oBAAoB,CAAC,CAAC,CAAC;oBAC1B,mBAAmB,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAmC,CAAC;oBAC1F,MAAM;gBACR,CAAC;gBAED;oBACE,MAAM,IAAI,WAAW,CAAC,eAAe,CAAC,qBAAqB,EAAE,+CAA+C,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YACpI,CAAC;YAED,4EAA4E;YAC5E,MAAM,MAAM,GAAG,CAAC,CAAC,MAAA,MAAA,mBAAmB,CAAC,KAAK,CAAC,KAAK,CAAC,0CAAG,CAAC,CAAC,mCAAI,CAAC,CAAC,CAAC,CAAC;YAE9D,IAAI,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;gBAClB,MAAM,IAAI,WAAW,CAAC,eAAe,CAAC,qBAAqB,EAAE,gDAAgD,mBAAmB,EAAE,CAAC,CAAC;YACtI,CAAC;YAED,yBAAyB;YACzB,MAAM,eAAe,GAAG,MAAM,GAAG,CAAC,cAAc,iCAAM,MAAM,KAAE,MAAM,IAAG,CAAC;YAExE,OAAO,MAAM,IAAI,CAAC,iBAAiB,CAAC,EAAE,SAAS,EAAE,mBAAmB,EAAE,eAAe,EAAE,CAAC,CAAC;QAC3F,CAAC;KAAA;IAEY,cAAc,CACzB,MAAwC;;YAExC,wEAAwE;YACxE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YAEzE,+DAA+D;YAC/D,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAsD,CAAC;YAElG,yBAAyB;YACzB,MAAM,eAAe,GAAG,MAAM,GAAG,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;YAEzD,OAAO,eAAe,CAAC;QACzB,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACU,MAAM;6DAAC,EAAE,SAAS,EAAE,IAAI,EACd;YAErB,qFAAqF;YACrF,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAkC,CAAC;YAEjF,oBAAoB;YACpB,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAEtD,OAAO,IAAI,CAAC;QACd,CAAC;KAAA;IAEY,OAAO,CAAC,MAA6B;;YAChD,QAAQ;YACR,kEAAkE;YAClE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;YAE7D,wDAAwD;YACxD,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAuC,CAAC;YAEtF,8CAA8C;YAC9C,OAAO,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACtC,CAAC;KAAA;IAEY,WAAW,CAAC,MAAkC;;;YACzD,wEAAwE;YACxE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YAEzE,+DAA+D;YAC/D,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAgF,CAAC;YAErI,oBAAoB;YACpB,MAAM,UAAU,GAAG,MAAM,YAAY,CAAC,WAAW,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YAEnF,4DAA4D;YAC5D,MAAA,UAAU,CAAC,GAAG,oCAAd,UAAU,CAAC,GAAG,GAAK,MAAM,oBAAoB,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,EAAC;YAEnE,OAAO,UAAU,CAAC;QACpB,CAAC;KAAA;IAEY,YAAY;6DAAC,EAAE,GAAG,EACX;YAElB,8EAA8E;YAC9E,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAEjD,qDAAqD;YACrD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAgF,CAAC;YAErI,sDAAsD;YACtD,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,YAAY,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAE3D,OAAO,SAAS,CAAC;QACnB,CAAC;KAAA;IAEY,iBAAiB;6DAAC,EAAE,UAAU,EAAwB;YACjE,kEAAkE;YAClE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,CAAC;YAE7D,qDAAqD;YACrD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAA4E,CAAC;YAEjI,mCAAmC;YACnC,MAAM,eAAe,GAAG,MAAM,YAAY,CAAC,iBAAiB,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC;YAE7E,OAAO,eAAe,CAAC;QACzB,CAAC;KAAA;IAEY,gBAAgB;6DAAC,EAAE,SAAS,EAAuB;YAC9D,kEAAkE;YAClE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC,CAAC;YAE5D,qDAAqD;YACrD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAoF,CAAC;YAEzI,mCAAmC;YACnC,MAAM,cAAc,GAAG,MAAM,YAAY,CAAC,gBAAgB,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;YAE1E,OAAO,cAAc,CAAC;QACxB,CAAC;KAAA;IAEY,IAAI;6DAAC,EAAE,GAAG,EAAE,IAAI,EACjB;YAEV,8EAA8E;YAC9E,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAEjD,2DAA2D;YAC3D,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAqC,CAAC;YAEpF,iBAAiB;YACjB,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;YAE7C,OAAO,SAAS,CAAC;QACnB,CAAC;KAAA;IAEY,SAAS,CAAC,MAAuB;;YAC5C,kEAAkE;YAClE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,aAAa,EAAE,CAAC,CAAC;YAEvE,8DAA8D;YAC9D,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAA+C,CAAC;YAElG,6CAA6C;YAC7C,OAAO,MAAM,UAAU,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC5C,CAAC;KAAA;IAEY,MAAM;6DAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAC5B;YAEZ,8EAA8E;YAC9E,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;YAEjD,2DAA2D;YAC3D,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAAqC,CAAC;YAEpF,wBAAwB;YACxB,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAEjE,OAAO,gBAAgB,CAAC;QAC1B,CAAC;KAAA;IAEY,OAAO,CAAC,MAAqB;;YACxC,kEAAkE;YAClE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,aAAa,EAAE,CAAC,CAAC;YAEvE,8DAA8D;YAC9D,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,SAAS,EAAE,CAA+C,CAAC;YAElG,6CAA6C;YAC7C,OAAO,MAAM,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC1C,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACK,YAAY,CAAC,EAAE,SAAS,EAE/B;;QACC,mCAAmC;QACnC,MAAM,uBAAuB,GAAG,MAAA,mBAAmB,CAAC,SAAS,CAAC,0CAAG,gBAAgB,CAAC,CAAC;QACnF,IAAI,CAAC,uBAAuB,EAAE,CAAC;YAC7B,MAAM,IAAI,WAAW,CAAC,eAAe,CAAC,qBAAqB,EAAE,4BAA4B,SAAS,EAAE,CAAC,CAAC;QACxG,CAAC;QAED,sEAAsE;QACtE,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,uBAAuB,CAAC,EAAE,CAAC;YAC3D,0DAA0D;YAC1D,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,uBAAuB,EAAE,IAAI,uBAAuB,EAAE,CAAC,CAAC;QACvF,CAAC;QAED,6BAA6B;QAC7B,OAAO,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,uBAAuB,CAAE,CAAC;IAChE,CAAC;IA6BO,gBAAgB,CAAC,EAAE,SAAS,EAAE,GAAG,EAGxC;;QACC,MAAM,WAAW,GAAG,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,GAAG,mCAAI,SAAS,CAAC;QAC1C,MAAM,WAAW,GAAG,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,GAAG,CAAC;QAE7B,KAAK,MAAM,mBAAmB,IAAI,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAyB,EAAE,CAAC;YAC3F,MAAM,cAAc,GAAG,mBAAmB,CAAC,mBAAmB,CAAC,CAAC,KAA0B,CAAC;YAC3F,IAAI,WAAW,IAAI,cAAc,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBACxD,OAAO,mBAAmB,CAAC;YAC7B,CAAC;iBAAM,IAAI,WAAW,IAAI,cAAc,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC/D,OAAO,mBAAmB,CAAC;YAC7B,CAAC;QACH,CAAC;QAED,MAAM,IAAI,WAAW,CAAC,eAAe,CAAC,qBAAqB,EACzD,wDAAwD,WAAW,SAAS,WAAW,IAAI;YAC3F,sEAAsE,CACvE,CAAC;IACJ,CAAC;CACF"}

package/dist/esm/dwn-api.js

@@ -7,9 +7,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
-import { CryptoUtils } from '@enbox/crypto';
 import { TtlCache } from '@enbox/common';
-import { Cid, DataStoreLevel, DataStream, Dwn, DwnInterfaceName, DwnMethodName, Encoder, Encryption, EventEmitterStream, Jws, KeyDerivationScheme, Message, MessageStoreLevel, Protocols, Records, ResumableTaskStoreLevel, Secp256k1, StateIndexLevel } from '@enbox/dwn-sdk-js';
+import { Cid, ContentEncryptionAlgorithm, DataStoreLevel, DataStream, Dwn, DwnInterfaceName, DwnMethodName, Encoder, Encryption, EventEmitterStream, Jws, KeyDerivationScheme, Message, MessageStoreLevel, Protocols, Records, ResumableTaskStoreLevel, StateIndexLevel } from '@enbox/dwn-sdk-js';
+import { CryptoUtils, X25519 } from '@enbox/crypto';
 import { DidDht, DidJwk, DidResolverCacheLevel, UniversalResolver } from '@enbox/dids';
 import { KeyDeliveryProtocolDefinition } from './store-data-protocols.js';
 import { DwnInterface, dwnMessageConstructors } from './types/dwn.js';
@@ -148,7 +148,7 @@ export class AgentDwnApi {
                             const recordsWriteMessage = message;
                             // Reactive root-record upgrade (PR E): if this is an externally-authored
                             // root record with only ProtocolPath encryption, the owner upgrades it by
-                            // appending a ProtocolContext keyEncryption entry so that context key
+                            // appending a ProtocolContext recipient entry so that context key
                             // holders (including the external author) can also decrypt.
                             const authorDid = Jws.getSignerDid(recordsWriteMessage.authorization.signature.signatures[0]);
                             const isExternallyAuthored = authorDid !== request.target;
@@ -185,7 +185,7 @@ export class AgentDwnApi {
                                     keyUri,
                                     derivationPath: contextDerivationPath,
                                 });
-                                const contextDerivedPrivateJwk = yield Secp256k1.privateKeyToJwk(contextDerivedPrivateKeyBytes);
+                                const contextDerivedPrivateJwk = yield X25519.bytesToPrivateKey({ privateKeyBytes: contextDerivedPrivateKeyBytes });
                                 const contextKeyPayload = {
                                     rootKeyId: keyId,
                                     derivationScheme: KeyDerivationScheme.ProtocolContext,
@@ -401,7 +401,7 @@ export class AgentDwnApi {
             // For cross-DWN writes (target !== author), the external author cannot
             // derive the target's context key. Root records use the target's ProtocolPath
             // public key. The target's agent reactively upgrades the record to include a
-            // ProtocolContext keyEncryption entry. Non-root records extract the context
+            // ProtocolContext recipient entry. Non-root records extract the context
             // public key (derivedPublicKey) from existing ProtocolContext-encrypted records
             // in the same context on the target's DWN.
             // Tracks deferred context encryption info for root multi-party records.
@@ -463,10 +463,11 @@ export class AgentDwnApi {
                     else {
                         throw new Error('AgentDwnApi: Data must be provided for encrypted records.');
                     }
-                    // 5. Generate random DEK and IV
+                    // 5. Generate random DEK and IV (IV size depends on content encryption algorithm)
+                    const contentEncryptionAlgorithm = ContentEncryptionAlgorithm.A256GCM;
                     const dataEncryptionKey = crypto.getRandomValues(new Uint8Array(32));
-                    const dataEncryptionIV = crypto.getRandomValues(new Uint8Array(16));
-                    // 6. Build EncryptionInput based on the encryption scheme decision
+                    const dataEncryptionIV = crypto.getRandomValues(new Uint8Array(AgentDwnApi.ivLength(contentEncryptionAlgorithm)));
+                    // 6. Build partial EncryptionInput (authenticationTag added after AEAD encryption)
                     let encryptionInput;
                     const buildProtocolPathInput = () => this.buildEncryptionInput(dataEncryptionKey, dataEncryptionIV, ruleSet.$encryption.rootKeyId, ruleSet.$encryption.publicKeyJwk, KeyDerivationScheme.ProtocolPath);
                     if (isCrossDwn && isMultiPartyContext && isRootRecord) {
@@ -474,7 +475,7 @@ export class AgentDwnApi {
                         // External authors cannot derive the target's context key (HKDF requires
                         // the private key). Use the target's ProtocolPath public key from their
                         // protocol definition. The target's agent will reactively upgrade the record
-                        // to include a ProtocolContext keyEncryption entry.
+                        // to include a ProtocolContext recipient entry.
                         encryptionInput = buildProtocolPathInput();
                     }
                     else if (isCrossDwn && isMultiPartyContext && !isRootRecord) {
@@ -524,8 +525,8 @@ export class AgentDwnApi {
                         // --- Local single-party → ProtocolPath key (existing logic) ---
                         encryptionInput = buildProtocolPathInput();
                     }
-                    // 7. Encrypt data with AES-256-CTR and compute CID
-                    const { encryptedBytes, dataCid, dataSize } = yield this.encryptAndComputeCid(plaintextBytes, dataEncryptionKey, dataEncryptionIV);
+                    // 7. Encrypt data with AEAD and compute CID
+                    const { encryptedBytes, dataCid, dataSize, authenticationTag } = yield this.encryptAndComputeCid(plaintextBytes, dataEncryptionKey, dataEncryptionIV, contentEncryptionAlgorithm);
                     // 8. Replace plaintext with encrypted data
                     messageParams.dataCid = dataCid;
                     messageParams.dataSize = dataSize;
@@ -533,11 +534,12 @@ export class AgentDwnApi {
                     readableStream = DataStream.fromBytes(encryptedBytes);
                     request.dataStream = undefined;
                     if (encryptionInput) {
+                        encryptionInput.authenticationTag = authenticationTag;
                         messageParams.encryptionInput = encryptionInput;
                     }
                     else {
                         // Deferred — store info for post-creation encryption
-                        deferredContextEncryption = { dataEncryptionKey, dataEncryptionIV, encryptedBytes };
+                        deferredContextEncryption = { dataEncryptionKey, dataEncryptionIV, encryptedBytes, authenticationTag };
                     }
                     // 9. For cross-DWN writes in multi-party contexts, attach the author's
                     //    key-delivery ProtocolPath public key so the DWN owner can encrypt
@@ -577,7 +579,8 @@ export class AgentDwnApi {
                     const recordsWriteInstance = dwnMessage;
                     const contextId = recordsWriteInstance.message.recordId;
                     const { encryptionInput: contextEncryptionInput, keyId, keyUri, contextDerivationPath } = yield this.deriveContextEncryptionInput(request.author, contextId, deferredContextEncryption.dataEncryptionKey, deferredContextEncryption.dataEncryptionIV);
-                    yield recordsWriteInstance.encryptSymmetricEncryptionKey(contextEncryptionInput);
+                    const fullContextInput = Object.assign(Object.assign({}, contextEncryptionInput), { authenticationTag: deferredContextEncryption.authenticationTag });
+                    yield recordsWriteInstance.encryptSymmetricEncryptionKey(fullContextInput);
                     yield recordsWriteInstance.sign({ signer });
                     // Cache context key info for subsequent writes in this context
                     this._contextKeyCache.set(contextId, { keyId, keyUri, contextDerivationPath });
@@ -657,7 +660,7 @@ export class AgentDwnApi {
      * @param didUri - The DID URI to resolve encryption key info for
      * @returns keyId (fully qualified verification method ID), keyUri (KMS reference),
      *          and publicKeyJwk. No private key material is returned.
-     * @throws If the DID has no keyAgreement verification method or it's not secp256k1.
+     * @throws If the DID has no keyAgreement verification method or it's not X25519.
      */
     getEncryptionKeyInfo(didUri) {
         return __awaiter(this, void 0, void 0, function* () {
@@ -672,7 +675,7 @@ export class AgentDwnApi {
             const keyAgreementRefs = didDocument.keyAgreement;
             if (!keyAgreementRefs || keyAgreementRefs.length === 0) {
                 throw new Error(`AgentDwnApi: DID '${didUri}' does not have a keyAgreement ` +
-                    `verification method. Create the identity with a secp256k1 key ` +
+                    `verification method. Create the identity with an X25519 key ` +
                     `with keyAgreement purpose to use protocol encryption.`);
             }
             // 3. Resolve the verification method (handle both inline and string refs)
@@ -691,11 +694,11 @@ export class AgentDwnApi {
                 throw new Error(`AgentDwnApi: keyAgreement verification method for '${didUri}' ` +
                     `does not contain a public key in JWK format.`);
             }
-            // 4. Verify it's a secp256k1 key
+            // 4. Verify it's an X25519 key
             const publicKeyJwk = verificationMethod.publicKeyJwk;
-            if (publicKeyJwk.crv !== 'secp256k1') {
+            if (publicKeyJwk.crv !== 'X25519') {
                 throw new Error(`AgentDwnApi: keyAgreement key for '${didUri}' uses curve ` +
-                    `'${publicKeyJwk.crv}', but DWN encryption requires 'secp256k1'.`);
+                    `'${publicKeyJwk.crv}', but DWN encryption requires 'X25519'.`);
             }
             // 5. Compute the KMS key URI (does NOT export the key)
             const keyUri = yield this.agent.keyManager.getKeyUri({ key: publicKeyJwk });
@@ -707,10 +710,17 @@ export class AgentDwnApi {
         });
     }
     /**
-     * Builds an EncryptionInput object for a single key-encryption entry.
-     * Consolidates the repeated pattern of assembling DEK, IV, and a single
-     * keyEncryptionInputs entry into one place.
+     * Builds a partial EncryptionInput object for a single key-encryption entry.
+     * The `authenticationTag` is NOT set here — the caller must set it after
+     * AEAD encryption produces the tag.
      */
+    /**
+     * Returns the correct nonce/IV byte length for the given content encryption algorithm.
+     * A256GCM uses 96-bit (12-byte) nonces; XC20P uses 192-bit (24-byte) nonces.
+     */
+    static ivLength(algorithm) {
+        return algorithm === ContentEncryptionAlgorithm.XC20P ? 24 : 12;
+    }
     buildEncryptionInput(dek, iv, publicKeyId, publicKey, derivationScheme) {
         return {
             initializationVector: iv,
@@ -723,18 +733,17 @@ export class AgentDwnApi {
         };
     }
     /**
-     * Encrypts plaintext bytes with AES-256-CTR and computes the CID of the
-     * resulting ciphertext. Returns everything needed to attach the encrypted
-     * data to a DWN message.
+     * Encrypts plaintext bytes with AEAD and computes the CID of the resulting ciphertext.
+     * Returns everything needed to attach the encrypted data to a DWN message, including
+     * the authentication tag.
      */
-    encryptAndComputeCid(plaintextBytes, dek, iv) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const plaintextStream = DataStream.fromBytes(plaintextBytes);
-            const encryptedStream = yield Encryption.aes256CtrEncrypt(dek, iv, plaintextStream);
-            const encryptedBytes = yield DataStream.toBytes(encryptedStream);
+    encryptAndComputeCid(plaintextBytes_1, dek_1, iv_1) {
+        return __awaiter(this, arguments, void 0, function* (plaintextBytes, dek, iv, algorithm = ContentEncryptionAlgorithm.A256GCM) {
+            const { ciphertextStream, tag: authenticationTag } = yield Encryption.aeadEncryptStream(algorithm, dek, iv, DataStream.fromBytes(plaintextBytes));
+            const encryptedBytes = yield DataStream.toBytes(ciphertextStream);
             const cidStream = DataStream.fromBytes(encryptedBytes);
             const dataCid = yield Cid.computeDagPbCidFromStream(cidStream);
-            return { encryptedBytes, dataCid, dataSize: encryptedBytes.length };
+            return { encryptedBytes, dataCid, dataSize: encryptedBytes.length, authenticationTag };
         });
     }
     /**
@@ -756,7 +765,7 @@ export class AgentDwnApi {
         });
     }
     /**
-     * Builds a KMS-backed ECIES decrypt callback. Used for both ProtocolPath
+     * Builds a KMS-backed JWE key unwrap callback. Used for both ProtocolPath
      * and ProtocolContext decryption where the KMS holds the root private key.
      */
     buildKmsDecryptCallback(keyId, keyUri, derivationScheme) {
@@ -764,14 +773,12 @@ export class AgentDwnApi {
         return {
             rootKeyId: keyId,
             derivationScheme,
-            decrypt: (fullDerivationPath, eciesPayload) => __awaiter(this, void 0, void 0, function* () {
-                return keyManager.eciesSecp256k1Decrypt({
+            decrypt: (fullDerivationPath, jwePayload) => __awaiter(this, void 0, void 0, function* () {
+                return keyManager.jweKeyUnwrap({
                     keyUri,
                     derivationPath: fullDerivationPath,
-                    ciphertext: eciesPayload.ciphertext,
-                    ephemeralPublicKey: eciesPayload.ephemeralPublicKey,
-                    initializationVector: eciesPayload.initializationVector,
-                    messageAuthenticationCode: eciesPayload.messageAuthenticationCode,
+                    encryptedKey: jwePayload.encryptedKey,
+                    ephemeralPublicKey: jwePayload.ephemeralPublicKey,
                 });
             }),
         };
@@ -1054,15 +1061,15 @@ export class AgentDwnApi {
             if (queryReply.status.code !== 200 || !((_a = queryReply.entries) === null || _a === void 0 ? void 0 : _a.length)) {
                 return undefined;
             }
-            // Search entries for one with a ProtocolContext keyEncryption entry
+            // Search entries for one with a ProtocolContext recipient entry
             // that includes derivedPublicKey
             for (const entry of queryReply.entries) {
-                if ((_b = entry.encryption) === null || _b === void 0 ? void 0 : _b.keyEncryption) {
-                    const contextEntry = entry.encryption.keyEncryption.find((k) => k.derivationScheme === KeyDerivationScheme.ProtocolContext && k.derivedPublicKey);
-                    if (contextEntry === null || contextEntry === void 0 ? void 0 : contextEntry.derivedPublicKey) {
+                if ((_b = entry.encryption) === null || _b === void 0 ? void 0 : _b.recipients) {
+                    const contextEntry = entry.encryption.recipients.find((r) => r.header.derivationScheme === KeyDerivationScheme.ProtocolContext && r.header.derivedPublicKey);
+                    if (contextEntry === null || contextEntry === void 0 ? void 0 : contextEntry.header.derivedPublicKey) {
                         return {
-                            rootKeyId: contextEntry.rootKeyId,
-                            derivedPublicKey: contextEntry.derivedPublicKey,
+                            rootKeyId: contextEntry.header.kid,
+                            derivedPublicKey: contextEntry.header.derivedPublicKey,
                         };
                     }
                 }
@@ -1072,7 +1079,7 @@ export class AgentDwnApi {
     }
     /**
      * Reactively upgrades an externally-authored root record that has only
-     * ProtocolPath encryption by appending a ProtocolContext keyEncryption entry.
+     * ProtocolPath encryption by appending a ProtocolContext recipient entry.
      *
      * After the upgrade, both the owner (ProtocolPath) and context key holders —
      * including the external author (ProtocolContext) — can decrypt the record.
@@ -1081,7 +1088,7 @@ export class AgentDwnApi {
      *   1. Decrypt the DEK using the owner's ProtocolPath-derived private key
      *   2. Derive the context public key from the owner's #enc key
      *   3. ECIES-encrypt the same DEK to the context public key
-     *   4. Append the ProtocolContext keyEncryption entry (using PR 0b append mode)
+     *   4. Append the ProtocolContext recipient entry (using PR 0b append mode)
      *   5. Re-sign the record as owner
      *
      * The author's signature payload includes an `encryptionCid` that becomes
@@ -1106,32 +1113,32 @@ export class AgentDwnApi {
                 return;
             }
             // Verify: has ProtocolPath but NOT ProtocolContext
-            const hasProtocolPath = encryption.keyEncryption.some((k) => k.derivationScheme === KeyDerivationScheme.ProtocolPath);
-            const hasProtocolContext = encryption.keyEncryption.some((k) => k.derivationScheme === KeyDerivationScheme.ProtocolContext);
+            const hasProtocolPath = encryption.recipients.some((r) => r.header.derivationScheme === KeyDerivationScheme.ProtocolPath);
+            const hasProtocolContext = encryption.recipients.some((r) => r.header.derivationScheme === KeyDerivationScheme.ProtocolContext);
             if (!hasProtocolPath || hasProtocolContext) {
                 return;
             }
             // 1. Decrypt the DEK using the owner's ProtocolPath key
             const keyDecrypter = yield this.getKeyDecrypter(tenantDid);
-            // Find the ProtocolPath keyEncryption entry
-            const pathEntry = encryption.keyEncryption.find((k) => k.derivationScheme === KeyDerivationScheme.ProtocolPath);
+            // Find the ProtocolPath recipient entry
+            const pathRecipient = encryption.recipients.find((r) => r.header.derivationScheme === KeyDerivationScheme.ProtocolPath);
             const fullDerivationPath = Records.constructKeyDerivationPathUsingProtocolPathScheme(recordsWrite.descriptor);
             const dataEncryptionKey = yield keyDecrypter.decrypt(fullDerivationPath, {
-                ciphertext: Encoder.base64UrlToBytes(pathEntry.encryptedKey),
-                ephemeralPublicKey: Secp256k1.publicJwkToBytes(pathEntry.ephemeralPublicKey),
-                initializationVector: Encoder.base64UrlToBytes(pathEntry.initializationVector),
-                messageAuthenticationCode: Encoder.base64UrlToBytes(pathEntry.messageAuthenticationCode),
+                encryptedKey: Encoder.base64UrlToBytes(pathRecipient.encrypted_key),
+                ephemeralPublicKey: pathRecipient.header.epk,
             });
             // 2. Derive the context public key — contextId = recordId for root records
             const contextId = recordsWrite.recordId;
-            const encryptionIV = Encoder.base64UrlToBytes(encryption.initializationVector);
-            // 3 & 4. Append the ProtocolContext keyEncryption entry using append mode.
+            const encryptionIV = Encoder.base64UrlToBytes(encryption.iv);
+            // 3 & 4. Append the ProtocolContext recipient entry using append mode.
             // Append mode preserves the author's identity and authorization so that
             // signAsOwner() can be called in step 5.
             const { encryptionInput: contextEncryptionInput, keyId, keyUri, contextDerivationPath } = yield this.deriveContextEncryptionInput(tenantDid, contextId, dataEncryptionKey, encryptionIV);
+            // Set the authentication tag from the existing JWE encryption property
+            const fullContextInput = Object.assign(Object.assign({}, contextEncryptionInput), { authenticationTag: Encoder.base64UrlToBytes(encryption.tag) });
             // Parse the message to get a RecordsWrite instance we can mutate
             const recordsWriteInstance = yield dwnMessageConstructors[DwnInterface.RecordsWrite].parse(recordsWrite);
-            yield recordsWriteInstance.encryptSymmetricEncryptionKey(contextEncryptionInput, { append: true });
+            yield recordsWriteInstance.encryptSymmetricEncryptionKey(fullContextInput, { append: true });
             // 5. Re-sign as owner — the author's signature is preserved but its
             // encryptionCid is now stale; the owner's signature vouches for the
             // updated encryption property.
@@ -1145,29 +1152,37 @@ export class AgentDwnApi {
             // We must also update the state index and event stream to keep sync and
             // real-time subscribers consistent — without this, the upgraded record
             // would never propagate to remote DWNs or notify subscribers.
-            const dwnInternal = this._dwn;
-            const messageStore = dwnInternal.messageStore;
-            const stateIndex = dwnInternal.stateIndex;
-            const eventStream = dwnInternal.eventStream;
+            const { messageStore, stateIndex, eventStream } = this._dwn.storage;
+            // Validate the upgrade only changed encryption and authorization fields.
+            // The descriptor, recordId, contextId, and data must remain identical.
+            // Note: parse() may produce a new descriptor object, so we compare by value.
+            const upgradedMessage = recordsWriteInstance.message;
+            if (JSON.stringify(upgradedMessage.descriptor) !== JSON.stringify(recordsWrite.descriptor)) {
+                throw new Error('AgentDwnApi: upgradeExternalRootRecord() must not modify the descriptor.');
+            }
+            if (upgradedMessage.recordId !== recordsWrite.recordId) {
+                throw new Error('AgentDwnApi: upgradeExternalRootRecord() must not modify the recordId.');
+            }
             // Fetch the stored original (which carries encodedData for small payloads)
             const originalCid = yield Message.getCid(recordsWrite);
             const storedOriginal = yield messageStore.get(tenantDid, originalCid);
-            // Remove the original message and its state index entry
-            yield messageStore.delete(tenantDid, originalCid);
-            yield stateIndex.delete(tenantDid, [originalCid]);
             // Build indexes for the upgraded message (mark as latest base state)
             const isLatestBaseState = true;
             const upgradedIndexes = yield recordsWriteInstance.constructIndexes(isLatestBaseState);
             // Carry over the encoded data from the stored original (the handler
             // base64url-encodes small payloads into encodedData during processMessage)
-            const upgradedMessage = recordsWriteInstance.message;
             if (storedOriginal === null || storedOriginal === void 0 ? void 0 : storedOriginal.encodedData) {
                 upgradedMessage.encodedData = storedOriginal.encodedData;
             }
-            // Store the upgraded message and insert into state index
-            yield messageStore.put(tenantDid, upgradedMessage, upgradedIndexes);
+            // Use put-before-delete ordering: if a crash occurs after the put but
+            // before the delete, we end up with a duplicate (recoverable via the
+            // isLatestBaseState index) rather than data loss (unrecoverable).
             const upgradedCid = yield Message.getCid(upgradedMessage);
+            yield messageStore.put(tenantDid, upgradedMessage, upgradedIndexes);
             yield stateIndex.insert(tenantDid, upgradedCid, upgradedIndexes);
+            // Now remove the original message and its state index entry.
+            yield messageStore.delete(tenantDid, originalCid);
+            yield stateIndex.delete(tenantDid, [originalCid]);
             // Notify real-time subscribers (mirrors handler behavior)
             if (eventStream !== undefined) {
                 eventStream.emit(tenantDid, { message: upgradedMessage }, upgradedIndexes);
@@ -1188,17 +1203,17 @@ export class AgentDwnApi {
         return __awaiter(this, void 0, void 0, function* () {
             const { encryption } = recordsWrite;
             // Check if the record uses context-derived encryption
-            const hasContextKey = encryption === null || encryption === void 0 ? void 0 : encryption.keyEncryption.some((k) => k.derivationScheme === KeyDerivationScheme.ProtocolContext);
+            const hasContextKey = encryption === null || encryption === void 0 ? void 0 : encryption.recipients.some((r) => r.header.derivationScheme === KeyDerivationScheme.ProtocolContext);
             if (!hasContextKey || !recordsWrite.contextId) {
                 // Single-party protocol-path encryption
                 return this.getKeyDecrypter(authorDid);
             }
             // --- Multi-party context encryption ---
-            const contextKeyEntry = encryption.keyEncryption.find((k) => k.derivationScheme === KeyDerivationScheme.ProtocolContext);
+            const contextKeyEntry = encryption.recipients.find((r) => r.header.derivationScheme === KeyDerivationScheme.ProtocolContext);
             const rootContextId = recordsWrite.contextId.split('/')[0];
             // Case 1: I am the context creator — rootKeyId matches my encryption key
             const { keyId, keyUri } = yield this.getEncryptionKeyInfo(authorDid);
-            if (contextKeyEntry.rootKeyId === keyId) {
+            if (contextKeyEntry.header.kid === keyId) {
                 return this.buildKmsDecryptCallback(keyId, keyUri, KeyDerivationScheme.ProtocolContext);
             }
             // Case 2: I am a participant — fetch my context key from the key-delivery protocol
@@ -1246,15 +1261,10 @@ export class AgentDwnApi {
         return {
             rootKeyId: contextKey.rootKeyId,
             derivationScheme: contextKey.derivationScheme,
-            decrypt: (fullDerivationPath, eciesPayload) => __awaiter(this, void 0, void 0, function* () {
-                const leafPrivateKey = yield Records.derivePrivateKey(contextKey, fullDerivationPath);
-                return Encryption.eciesSecp256k1Decrypt({
-                    privateKey: leafPrivateKey,
-                    ciphertext: eciesPayload.ciphertext,
-                    ephemeralPublicKey: eciesPayload.ephemeralPublicKey,
-                    initializationVector: eciesPayload.initializationVector,
-                    messageAuthenticationCode: eciesPayload.messageAuthenticationCode,
-                });
+            decrypt: (fullDerivationPath, jwePayload) => __awaiter(this, void 0, void 0, function* () {
+                const leafPrivateKeyBytes = yield Records.derivePrivateKey(contextKey, fullDerivationPath);
+                const leafPrivateKeyJwk = yield X25519.bytesToPrivateKey({ privateKeyBytes: leafPrivateKeyBytes });
+                return Encryption.ecdhEsUnwrapKey(leafPrivateKeyJwk, jwePayload.ephemeralPublicKey, jwePayload.encryptedKey);
             }),
         };
     }
@@ -1414,10 +1424,11 @@ export class AgentDwnApi {
                 // --- Encrypt to the recipient's ProtocolPath key (cross-DWN delivery) ---
                 // Manually build encryption input targeting the recipient's key so the
                 // record is decryptable only by the recipient.
+                const algorithm = ContentEncryptionAlgorithm.A256GCM;
                 const dataEncryptionKey = crypto.getRandomValues(new Uint8Array(32));
-                const dataEncryptionIV = crypto.getRandomValues(new Uint8Array(16));
-                const { encryptedBytes, dataCid, dataSize } = yield this.encryptAndComputeCid(plaintextBytes, dataEncryptionKey, dataEncryptionIV);
-                const encryptionInput = this.buildEncryptionInput(dataEncryptionKey, dataEncryptionIV, recipientKeyDeliveryPublicKey.rootKeyId, recipientKeyDeliveryPublicKey.publicKeyJwk, KeyDerivationScheme.ProtocolPath);
+                const dataEncryptionIV = crypto.getRandomValues(new Uint8Array(AgentDwnApi.ivLength(algorithm)));
+                const { encryptedBytes, dataCid, dataSize, authenticationTag } = yield this.encryptAndComputeCid(plaintextBytes, dataEncryptionKey, dataEncryptionIV, algorithm);
+                const encryptionInput = Object.assign(Object.assign({}, this.buildEncryptionInput(dataEncryptionKey, dataEncryptionIV, recipientKeyDeliveryPublicKey.rootKeyId, recipientKeyDeliveryPublicKey.publicKeyJwk, KeyDerivationScheme.ProtocolPath)), { authenticationTag });
                 ({ message, reply: { status } } = yield this.processRequest({
                     author: tenantDid,
                     target: tenantDid,