npm - @enbox/agent - Versions diffs - 0.6.7 → 0.6.8 - Mend

@enbox/agent 0.6.7 → 0.6.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/dist/browser.mjs +9 -9
package/dist/browser.mjs.map +3 -3
package/dist/esm/enbox-connect-protocol.js +82 -65
package/dist/esm/enbox-connect-protocol.js.map +1 -1
package/dist/esm/utils.js +61 -0
package/dist/esm/utils.js.map +1 -1
package/dist/types/enbox-connect-protocol.d.ts.map +1 -1
package/dist/types/utils.d.ts +22 -0
package/dist/types/utils.d.ts.map +1 -1
package/package.json +1 -1
package/src/enbox-connect-protocol.ts +99 -60
package/src/utils.ts +69 -0

package/src/enbox-connect-protocol.ts CHANGED Viewed

@@ -115,12 +115,26 @@ import {
 import { DwnInterfaceName, DwnMethodName, HdKey, KeyDerivationScheme, PermissionsProtocol } from '@enbox/dwn-sdk-js';
 import { AgentPermissionsApi } from './permissions-api.js';
-import { concatenateUrl } from './utils.js';
 import { DwnInterface } from './types/dwn.js';
 import { getEncryptionKeyInfo } from './dwn-encryption.js';
 import { isMultiPartyContext } from './protocol-utils.js';
 import { isRecordPermissionScope } from './dwn-api.js';
 import { KeyDeliveryProtocolDefinition } from './store-data-protocols.js';
+import { concatenateUrl, mapConcurrent, mapConcurrentSettled } from './utils.js';
+// ---------------------------------------------------------------------------
+// Tunables
+// ---------------------------------------------------------------------------
+/**
+ * Maximum number of in-flight DWN-endpoint sends issued by the connect flow
+ * (permission grants + revocation grants). Caps total concurrency across all
+ * `(grant, endpoint)` pairs so that a request with many permissions and/or a
+ * tenant with many DWN endpoints cannot stampede the network. Tuned to be
+ * generous enough to hide endpoint latency while staying well under typical
+ * per-host browser connection limits and server-side rate limits.
+ */
+const CONNECT_FANOUT_CONCURRENCY = 8;
 // ---------------------------------------------------------------------------
 // Types
@@ -690,45 +704,55 @@ async function createPermissionGrants(
   const dwnEndpointUrls = await agent.dwn.getDwnEndpointUrlsForTarget(selectedDid);
   logger.log(`Sending ${permissionGrants.length} permission grants to ${dwnEndpointUrls.length} DWN endpoint(s)...`);
-  const messagePromises = permissionGrants.map(async (grant) => {
+  // Flatten (grant, endpoint) tuples into a single list of sends so that one
+  // global concurrency cap governs total in-flight requests during the
+  // connect flow — important when either dimension grows large.
+  const sendTasks = permissionGrants.flatMap((grant, grantIndex) => {
     const { encodedData, ...rawMessage } = grant.message;
     const data = Convert.base64Url(encodedData).toUint8Array();
+    return dwnEndpointUrls.map((dwnUrl) => ({ grantIndex, dwnUrl, rawMessage, data }));
+  });
-    // The rawMessage is already signed by createGrant(), so we send it
-    // directly to each endpoint without re-constructing.
-    let atLeastOneSuccess = false;
-    for (const dwnUrl of dwnEndpointUrls) {
-      try {
-        const reply = await agent.rpc.sendDwnRequest({
-          dwnUrl,
-          targetDid : selectedDid,
-          message   : rawMessage,
-          data      : new Blob([data as BlobPart]),
-        });
+  const settled = await mapConcurrentSettled(
+    sendTasks,
+    CONNECT_FANOUT_CONCURRENCY,
+    async ({ grantIndex, dwnUrl, rawMessage, data }) => {
+      const reply = await agent.rpc.sendDwnRequest({
+        dwnUrl,
+        targetDid : selectedDid,
+        message   : rawMessage,
+        data      : new Blob([data as BlobPart]),
+      });
+      return { grantIndex, dwnUrl, reply };
+    },
+  );
-        if (reply.status.code === 202 || reply.status.code === 409) {
-          atLeastOneSuccess = true;
-        } else {
-          logger.error(`Grant send to ${dwnUrl} returned ${reply.status.code}: ${reply.status.detail}`);
-        }
-      } catch (error: any) {
-        logger.error(`Grant send to ${dwnUrl} failed: ${error.message}`);
-      }
+  // Aggregate results back per grant: each grant must have at least one
+  // endpoint accept it (status 202 or 409 — already-stored is acceptable).
+  const successPerGrant = new Array<boolean>(permissionGrants.length).fill(false);
+  for (let i = 0; i < settled.length; i++) {
+    const result = settled[i];
+    if (result.status === 'rejected') {
+      const reason = result.reason instanceof Error ? result.reason.message : String(result.reason);
+      logger.error(`Grant send to ${sendTasks[i].dwnUrl} failed: ${reason}`);
+      continue;
+    }
+    const { grantIndex, dwnUrl, reply } = result.value;
+    if (reply.status.code === 202 || reply.status.code === 409) {
+      successPerGrant[grantIndex] = true;
+    } else {
+      logger.error(`Grant send to ${dwnUrl} returned ${reply.status.code}: ${reply.status.detail}`);
     }
+  }
-    if (!atLeastOneSuccess) {
+  for (let g = 0; g < permissionGrants.length; g++) {
+    if (!successPerGrant[g]) {
+      logger.error(`Error during batch-send of permission grants: grant ${g} reached no DWN endpoint.`);
       throw new Error('Could not send permission grant to any DWN endpoint.');
     }
-    return grant.message;
-  });
-  try {
-    return await Promise.all(messagePromises);
-  } catch (error) {
-    logger.error(`Error during batch-send of permission grants: ${error}`);
-    throw error;
   }
+  return permissionGrants.map((g) => g.message);
 }
 // ---------------------------------------------------------------------------
@@ -1243,46 +1267,61 @@ async function submitConnectResponse(
   // Snapshot the current length — revocation grants are appended to delegateGrants
   // below, but we must NOT iterate over them (they are meta-grants, not session grants).
   const sessionGrantCount = delegateGrants.length;
-  for (let i = 0; i < sessionGrantCount; i++) {
-    const grantMessage = delegateGrants[i];
-    const revGrant = await permissionsApi.createGrant({
-      delegated : true,
-      store     : true,
-      grantedTo : delegateBearerDid.uri,
-      scope     : {
-        interface : DwnInterfaceName.Records,
-        method    : DwnMethodName.Write,
-        protocol  : PermissionsProtocol.uri,
-        contextId : grantMessage.recordId,
-      },
-      dateExpires : '2040-06-25T16:09:16.693356Z',
-      author      : selectedDid,
-    });
+  // Phase 1: create all revocation grants locally with bounded concurrency.
+  // createGrant is local-only (storage + signing) so it's cheap, but we still
+  // cap parallelism to avoid head-of-line blocking when sessionGrantCount is
+  // large (e.g. dapp requesting many scopes at once).
+  const revGrantResults = await mapConcurrent(
+    delegateGrants.slice(0, sessionGrantCount),
+    CONNECT_FANOUT_CONCURRENCY,
+    (grantMessage) =>
+      permissionsApi.createGrant({
+        delegated : true,
+        store     : true,
+        grantedTo : delegateBearerDid.uri,
+        scope     : {
+          interface : DwnInterfaceName.Records,
+          method    : DwnMethodName.Write,
+          protocol  : PermissionsProtocol.uri,
+          contextId : grantMessage.recordId,
+        },
+        dateExpires : '2040-06-25T16:09:16.693356Z',
+        author      : selectedDid,
+      }).then((revGrant) => ({ grantMessage, revGrant })),
+  );
+  // Phase 2: fan out every revocation grant to every owner DWN endpoint with
+  // a single global concurrency cap so that (grants × endpoints) cannot blow
+  // up. This is best-effort (sync delivers eventually) so individual failures
+  // are tolerated by `mapConcurrentSettled`.
+  const revSendTasks = revGrantResults.flatMap(({ grantMessage, revGrant }) => {
     sessionRevocations.push({
       grantId           : grantMessage.recordId,
       revocationGrantId : revGrant.message.recordId,
     });
-    // Fan out the revocation grant to all owner DWN endpoints (same
-    // as session grants) so that immediate disconnect can send a
-    // delegated revocation to a remote DWN that recognises the grant.
     const { encodedData: revEncoded, ...revRawMessage } = revGrant.message;
     const revData = Convert.base64Url(revEncoded).toUint8Array();
-    for (const dwnUrl of revGrantEndpoints) {
-      try {
-        await agent.rpc.sendDwnRequest({
+    // Include the revocation grant in the delegate grants for distribution.
+    delegateGrants.push(revGrant.message);
+    return revGrantEndpoints.map((dwnUrl) => ({ revRawMessage, revData, dwnUrl }));
+  });
+  if (revSendTasks.length > 0) {
+    await mapConcurrentSettled(
+      revSendTasks,
+      CONNECT_FANOUT_CONCURRENCY,
+      ({ revRawMessage, revData, dwnUrl }) =>
+        agent.rpc.sendDwnRequest({
           dwnUrl,
           targetDid : selectedDid,
           message   : revRawMessage,
           data      : new Blob([revData as BlobPart]),
-        });
-      } catch {
-        // Best-effort — sync will deliver eventually.
-      }
-    }
-    // Include the revocation grant in the delegate grants for distribution
-    delegateGrants.push(revGrant.message);
+        }),
+    );
   }
   logger.log('Building connect response...');

package/src/utils.ts CHANGED Viewed

@@ -169,3 +169,72 @@ export function concatenateUrl(baseUrl: string, path: string): string {
   return `${baseUrl}/${path}`;
 }
+/**
+ * Map over an array with bounded concurrency, preserving input order in the
+ * output array. Uses a sliding-window pool of workers so the next item is
+ * picked up as soon as any in-flight task settles — strictly better than a
+ * fixed chunked-batch pattern (no stalling on the slowest item per batch).
+ *
+ * Semantics match `Promise.all`: the returned promise rejects on the first
+ * task rejection. Use {@link mapConcurrentSettled} when individual failures
+ * should not abort the whole batch (e.g. best-effort fan-out).
+ *
+ * @param items Input items to map over.
+ * @param concurrency Maximum number of in-flight tasks. Must be >= 1.
+ * @param fn Per-item async function. Receives the item and its index.
+ * @returns An array of results in the same order as `items`.
+ */
+export async function mapConcurrent<T, R>(
+  items: readonly T[],
+  concurrency: number,
+  fn: (item: T, index: number) => Promise<R>,
+): Promise<R[]> {
+  if (!Number.isInteger(concurrency) || concurrency < 1) {
+    throw new Error(`mapConcurrent: concurrency must be a positive integer, got ${concurrency}`);
+  }
+  if (items.length === 0) {
+    return [];
+  }
+  const results = new Array<R>(items.length);
+  let next = 0;
+  const worker = async (): Promise<void> => {
+    while (true) {
+      const i = next++;
+      if (i >= items.length) {
+        return;
+      }
+      results[i] = await fn(items[i], i);
+    }
+  };
+  const workerCount = Math.min(concurrency, items.length);
+  const workers: Promise<void>[] = [];
+  for (let w = 0; w < workerCount; w++) {
+    workers.push(worker());
+  }
+  await Promise.all(workers);
+  return results;
+}
+/**
+ * Settled variant of {@link mapConcurrent}: never rejects — every task's
+ * outcome is captured as a `PromiseSettledResult`. Use this for best-effort
+ * fan-outs where partial success is acceptable.
+ */
+export async function mapConcurrentSettled<T, R>(
+  items: readonly T[],
+  concurrency: number,
+  fn: (item: T, index: number) => Promise<R>,
+): Promise<PromiseSettledResult<R>[]> {
+  return mapConcurrent(items, concurrency, async (item, index) => {
+    try {
+      const value = await fn(item, index);
+      return { status: 'fulfilled', value } as PromiseFulfilledResult<R>;
+    } catch (reason) {
+      return { status: 'rejected', reason } as PromiseRejectedResult;
+    }
+  });
+}