@fairfox/polly 0.69.0 → 0.71.0

package/dist/src/mesh.js

@@ -975,6 +975,30 @@ function base64ToBytes(b64) {
 // src/shared/lib/mesh-client.ts
 import { Repo } from "@automerge/automerge-repo/slim";
 
+// src/shared/lib/mesh-diagnostics.ts
+var listeners = new Set;
+function emitMeshDiagnostic(diagnostic) {
+  const event = { ...diagnostic, timestamp: Date.now() };
+  for (const listener of listeners) {
+    try {
+      listener(event);
+    } catch {}
+  }
+}
+function subscribeToMeshDiagnostics(listener) {
+  listeners.add(listener);
+  return () => {
+    listeners.delete(listener);
+  };
+}
+function recordMeshDiagnostics() {
+  const captured = [];
+  const stop = subscribeToMeshDiagnostics((event) => {
+    captured.push(event);
+  });
+  return { events: captured, stop };
+}
+
 // src/shared/lib/mesh-network-adapter.ts
 init_encryption();
 import {
@@ -1066,11 +1090,17 @@ function decodeSignedEnvelope(bytes) {
 
 // src/shared/lib/mesh-network-adapter.ts
 var DEFAULT_MESH_KEY_ID = "polly-mesh-default";
+var MESH_CONTROL_TYPE = {
+  Sync: 0,
+  Revocation: 1,
+  RevocationSummary: 2
+};
 
 class MeshNetworkAdapter extends NetworkAdapter {
   base;
   keyringSource;
   encryptionEnabled;
+  onControlMessage;
   get keyring() {
     return this.keyringSource();
   }
@@ -1079,6 +1109,7 @@ class MeshNetworkAdapter extends NetworkAdapter {
     this.base = options.base;
     this.keyringSource = options.keyringSource;
     this.encryptionEnabled = options.encryptionEnabled ?? true;
+    this.onControlMessage = options.onControlMessage;
     this.base.on("close", () => this.emit("close"));
     this.base.on("peer-candidate", (payload) => this.emit("peer-candidate", payload));
     this.base.on("peer-disconnected", (payload) => this.emit("peer-disconnected", payload));
@@ -1112,16 +1143,17 @@ class MeshNetworkAdapter extends NetworkAdapter {
   wrap(message) {
     const keyring = this.keyringSource();
     const serialised = serialiseMessage(message);
+    const tagged = prependControlTag(MESH_CONTROL_TYPE.Sync, serialised);
     let payloadToSign;
     if (this.encryptionEnabled) {
       const docKey = keyring.documentKeys.get(DEFAULT_MESH_KEY_ID);
       if (!docKey) {
         throw new Error(`MeshNetworkAdapter: missing document encryption key under id "${DEFAULT_MESH_KEY_ID}". Provision the key in the keyring before sending.`);
       }
-      const encrypted = sealEnvelope(serialised, DEFAULT_MESH_KEY_ID, docKey);
+      const encrypted = sealEnvelope(tagged, DEFAULT_MESH_KEY_ID, docKey);
       payloadToSign = encodeEncryptedEnvelope(encrypted);
     } else {
-      payloadToSign = serialised;
+      payloadToSign = tagged;
     }
     const signed = signEnvelope(payloadToSign, message.senderId, keyring.identity.secretKey);
     const signedBytes = encodeSignedEnvelope(signed);
@@ -1142,45 +1174,157 @@ class MeshNetworkAdapter extends NetworkAdapter {
     let signed;
     try {
       signed = decodeSignedEnvelope(message.data);
-    } catch {
+    } catch (err) {
+      emitMeshDiagnostic({
+        kind: "drop:malformed-signed-envelope",
+        reason: err instanceof Error ? err.message : String(err)
+      });
       return;
     }
     const keyring = this.keyringSource();
     if (keyring.revokedPeers.has(signed.senderId)) {
+      emitMeshDiagnostic({
+        kind: "drop:revoked-peer",
+        senderId: signed.senderId
+      });
       return;
     }
     const senderKey = keyring.knownPeers.get(signed.senderId);
     if (!senderKey) {
+      emitMeshDiagnostic({
+        kind: "drop:unknown-peer",
+        senderId: signed.senderId
+      });
       return;
     }
     let verifiedPayload;
     try {
       verifiedPayload = openEnvelope2(signed, senderKey);
-    } catch {
+    } catch (err) {
+      emitMeshDiagnostic({
+        kind: "drop:bad-signature",
+        senderId: signed.senderId,
+        reason: err instanceof Error ? err.message : String(err)
+      });
       return;
     }
     if (!this.encryptionEnabled) {
-      return deserialiseMessage(verifiedPayload);
+      return this.dispatchTaggedPayload(verifiedPayload, signed.senderId);
     }
     let encrypted;
     try {
       encrypted = decodeEncryptedEnvelope(verifiedPayload);
-    } catch {
+    } catch (err) {
+      emitMeshDiagnostic({
+        kind: "drop:malformed-encrypted-envelope",
+        senderId: signed.senderId,
+        reason: err instanceof Error ? err.message : String(err)
+      });
       return;
     }
     const docKey = keyring.documentKeys.get(encrypted.documentId);
     if (!docKey) {
+      emitMeshDiagnostic({
+        kind: "drop:missing-doc-key",
+        senderId: signed.senderId,
+        documentId: encrypted.documentId
+      });
       return;
     }
     let plaintext;
     try {
       plaintext = openEnvelope(encrypted, docKey);
-    } catch {
+    } catch (err) {
+      emitMeshDiagnostic({
+        kind: "drop:bad-decryption",
+        senderId: signed.senderId,
+        documentId: encrypted.documentId,
+        reason: err instanceof Error ? err.message : String(err)
+      });
       return;
     }
-    return deserialiseMessage(plaintext);
+    return this.dispatchTaggedPayload(plaintext, signed.senderId);
+  }
+  dispatchTaggedPayload(payload, senderId) {
+    if (payload.byteLength < 1) {
+      emitMeshDiagnostic({ kind: "drop:empty-control-payload", senderId });
+      return;
+    }
+    const tag = payload[0];
+    const body = payload.subarray(1);
+    switch (tag) {
+      case MESH_CONTROL_TYPE.Sync:
+        return deserialiseMessage(body);
+      case MESH_CONTROL_TYPE.Revocation:
+        emitMeshDiagnostic({ kind: "ctrl:revocation-received", senderId });
+        this.invokeControlHandler(tag, body, senderId);
+        return;
+      case MESH_CONTROL_TYPE.RevocationSummary:
+        emitMeshDiagnostic({
+          kind: "ctrl:revocation-summary-received",
+          senderId
+        });
+        this.invokeControlHandler(tag, body, senderId);
+        return;
+      default:
+        emitMeshDiagnostic({
+          kind: "drop:unknown-control-type",
+          senderId,
+          tag
+        });
+        return;
+    }
+  }
+  invokeControlHandler(tag, body, senderId) {
+    if (!this.onControlMessage)
+      return;
+    try {
+      this.onControlMessage(tag, body, senderId);
+    } catch (err) {
+      emitMeshDiagnostic({
+        kind: "drop:control-handler-threw",
+        senderId,
+        tag,
+        reason: err instanceof Error ? err.message : String(err)
+      });
+    }
+  }
+  sendControlMessage(tag, body, targetPeerIds) {
+    if (targetPeerIds.length === 0)
+      return;
+    const keyring = this.keyringSource();
+    const tagged = prependControlTag(tag, body);
+    let payloadToSign;
+    if (this.encryptionEnabled) {
+      const docKey = keyring.documentKeys.get(DEFAULT_MESH_KEY_ID);
+      if (!docKey) {
+        throw new Error(`MeshNetworkAdapter.sendControlMessage: missing document encryption key under id "${DEFAULT_MESH_KEY_ID}".`);
+      }
+      const encrypted = sealEnvelope(tagged, DEFAULT_MESH_KEY_ID, docKey);
+      payloadToSign = encodeEncryptedEnvelope(encrypted);
+    } else {
+      payloadToSign = tagged;
+    }
+    const senderId = this.peerId ?? "";
+    const signed = signEnvelope(payloadToSign, senderId, keyring.identity.secretKey);
+    const signedBytes = encodeSignedEnvelope(signed);
+    for (const targetId of targetPeerIds) {
+      const outer = {
+        type: "sync",
+        senderId,
+        targetId,
+        data: signedBytes
+      };
+      this.base.send(outer);
+    }
   }
 }
+function prependControlTag(tag, body) {
+  const out = new Uint8Array(body.byteLength + 1);
+  out[0] = tag;
+  out.set(body, 1);
+  return out;
+}
 function serialiseMessage(message) {
   const headerObj = {
     type: message.type,
@@ -3296,6 +3440,193 @@ class MeshWebRTCAdapter extends NetworkAdapter2 {
   }
 }
 
+// src/shared/lib/revocation.ts
+var REVOCATION_RECORD_VERSION = 1;
+var REVOCATION_MAGIC = new Uint8Array([80, 82, 86, 49]);
+
+class RevocationError extends Error {
+  code;
+  constructor(message, code) {
+    super(message);
+    this.name = "RevocationError";
+    this.code = code;
+  }
+}
+function createRevocation(options) {
+  const now = options.now ? options.now() : Date.now();
+  return {
+    version: REVOCATION_RECORD_VERSION,
+    issuerPeerId: options.issuerPeerId,
+    revokedPeerId: options.revokedPeerId,
+    issuedAt: now,
+    ...options.reason === undefined ? {} : { reason: options.reason }
+  };
+}
+function applyRevocation(record, keyring) {
+  keyring.revokedPeers.add(record.revokedPeerId);
+}
+function revokePeerLocally(peerId, keyring) {
+  keyring.revokedPeers.add(peerId);
+}
+function serialiseRevocationPayload(record) {
+  const issuerBytes = new TextEncoder().encode(record.issuerPeerId);
+  const revokedBytes = new TextEncoder().encode(record.revokedPeerId);
+  const reasonBytes = new TextEncoder().encode(record.reason ?? "");
+  const total = REVOCATION_MAGIC.length + 1 + 4 + issuerBytes.length + 4 + revokedBytes.length + 8 + 4 + reasonBytes.length;
+  const out = new Uint8Array(total);
+  let offset = 0;
+  out.set(REVOCATION_MAGIC, offset);
+  offset += REVOCATION_MAGIC.length;
+  out[offset] = record.version;
+  offset += 1;
+  const view = new DataView(out.buffer);
+  view.setUint32(offset, issuerBytes.length, false);
+  offset += 4;
+  out.set(issuerBytes, offset);
+  offset += issuerBytes.length;
+  view.setUint32(offset, revokedBytes.length, false);
+  offset += 4;
+  out.set(revokedBytes, offset);
+  offset += revokedBytes.length;
+  view.setBigUint64(offset, BigInt(record.issuedAt), false);
+  offset += 8;
+  view.setUint32(offset, reasonBytes.length, false);
+  offset += 4;
+  out.set(reasonBytes, offset);
+  return out;
+}
+function parseRevocationPayload(bytes) {
+  let offset = 0;
+  if (bytes.length < REVOCATION_MAGIC.length) {
+    throw new RevocationError("Revocation record too short for magic.", "truncated");
+  }
+  for (let i = 0;i < REVOCATION_MAGIC.length; i++) {
+    if (bytes[offset + i] !== REVOCATION_MAGIC[i]) {
+      throw new RevocationError("Revocation record magic mismatch.", "wrong-magic");
+    }
+  }
+  offset += REVOCATION_MAGIC.length;
+  if (bytes.length < offset + 1) {
+    throw new RevocationError("Revocation record truncated at version.", "truncated");
+  }
+  const version = bytes[offset];
+  offset += 1;
+  if (version !== REVOCATION_RECORD_VERSION) {
+    throw new RevocationError(`Unknown revocation record version: ${version}.`, "unknown-version");
+  }
+  const view = new DataView(bytes.buffer, bytes.byteOffset, bytes.byteLength);
+  if (bytes.length < offset + 4) {
+    throw new RevocationError("Revocation record truncated at issuer length.", "truncated");
+  }
+  const issuerLen = view.getUint32(offset, false);
+  offset += 4;
+  if (bytes.length < offset + issuerLen) {
+    throw new RevocationError("Revocation record truncated at issuer id.", "truncated");
+  }
+  const issuerPeerId = new TextDecoder().decode(bytes.subarray(offset, offset + issuerLen));
+  offset += issuerLen;
+  if (bytes.length < offset + 4) {
+    throw new RevocationError("Revocation record truncated at revoked id length.", "truncated");
+  }
+  const revokedLen = view.getUint32(offset, false);
+  offset += 4;
+  if (bytes.length < offset + revokedLen) {
+    throw new RevocationError("Revocation record truncated at revoked id.", "truncated");
+  }
+  const revokedPeerId = new TextDecoder().decode(bytes.subarray(offset, offset + revokedLen));
+  offset += revokedLen;
+  if (bytes.length < offset + 8) {
+    throw new RevocationError("Revocation record truncated at issuedAt.", "truncated");
+  }
+  const issuedAt = Number(view.getBigUint64(offset, false));
+  offset += 8;
+  if (bytes.length < offset + 4) {
+    throw new RevocationError("Revocation record truncated at reason length.", "truncated");
+  }
+  const reasonLen = view.getUint32(offset, false);
+  offset += 4;
+  if (bytes.length < offset + reasonLen) {
+    throw new RevocationError("Revocation record truncated at reason.", "truncated");
+  }
+  const reason = new TextDecoder().decode(bytes.subarray(offset, offset + reasonLen));
+  offset += reasonLen;
+  return {
+    version,
+    issuerPeerId,
+    revokedPeerId,
+    issuedAt,
+    ...reason ? { reason } : {}
+  };
+}
+function encodeRevocation(record, issuer) {
+  const payload = serialiseRevocationPayload(record);
+  const envelope = signEnvelope(payload, record.issuerPeerId, issuer.secretKey);
+  return encodeSignedEnvelope(envelope);
+}
+function decodeRevocation(bytes, keyring) {
+  const envelope = decodeSignedEnvelope(bytes);
+  const issuerKey = keyring.knownPeers.get(envelope.senderId);
+  if (!issuerKey) {
+    throw new RevocationError(`Revocation issuer ${envelope.senderId} is not in the local keyring.`, "unknown-issuer");
+  }
+  if (keyring.revocationAuthority !== undefined && keyring.revocationAuthority.size > 0 && !keyring.revocationAuthority.has(envelope.senderId)) {
+    throw new RevocationError(`Revocation issuer ${envelope.senderId} is not in the keyring's revocation authority set.`, "unauthorised-issuer");
+  }
+  let payloadBytes;
+  try {
+    payloadBytes = openEnvelope2(envelope, issuerKey);
+  } catch {
+    throw new RevocationError(`Revocation signature failed verification for issuer ${envelope.senderId}.`, "signature-invalid");
+  }
+  const record = parseRevocationPayload(payloadBytes);
+  if (record.issuerPeerId !== envelope.senderId) {
+    throw new RevocationError(`Revocation payload claims issuer ${record.issuerPeerId} but the envelope was signed by ${envelope.senderId}.`, "not-signed-by-issuer");
+  }
+  return record;
+}
+
+// src/shared/lib/revocation-summary.ts
+function encodeRevocationSummary(entries) {
+  const sorted = [...entries].sort(compareSummaryEntries);
+  const json = JSON.stringify(sorted.map((entry) => ({
+    r: entry.revokedPeerId,
+    i: entry.issuerPeerId,
+    t: entry.issuedAt
+  })));
+  return new TextEncoder().encode(json);
+}
+function decodeRevocationSummary(bytes) {
+  const text = new TextDecoder().decode(bytes);
+  let raw;
+  try {
+    raw = JSON.parse(text);
+  } catch (err) {
+    throw new Error(`decodeRevocationSummary: invalid JSON: ${err instanceof Error ? err.message : String(err)}`);
+  }
+  if (!Array.isArray(raw)) {
+    throw new Error("decodeRevocationSummary: expected an array");
+  }
+  return raw.map((item, index) => {
+    if (!item || typeof item !== "object") {
+      throw new Error(`decodeRevocationSummary: entry ${index} is not an object`);
+    }
+    const e = item;
+    if (typeof e.r !== "string" || typeof e.i !== "string" || typeof e.t !== "number") {
+      throw new Error(`decodeRevocationSummary: entry ${index} has missing or wrong-typed fields`);
+    }
+    return { revokedPeerId: e.r, issuerPeerId: e.i, issuedAt: e.t };
+  });
+}
+function compareSummaryEntries(a, b) {
+  if (a.revokedPeerId !== b.revokedPeerId) {
+    return a.revokedPeerId < b.revokedPeerId ? -1 : 1;
+  }
+  if (a.issuerPeerId !== b.issuerPeerId) {
+    return a.issuerPeerId < b.issuerPeerId ? -1 : 1;
+  }
+  return a.issuedAt - b.issuedAt;
+}
+
 // src/shared/lib/mesh-client.ts
 async function resolveIceServers(rtc) {
   if (rtc?.iceCredentialResolver) {
@@ -3482,10 +3813,107 @@ async function createMeshClient(options) {
   });
   webrtcAdapterOptions.signaling = signaling;
   webrtcAdapter = new MeshWebRTCAdapter(webrtcAdapterOptions);
+  const connectedPeerIds = new Set;
+  let selfRevocation;
+  const localPeerId = options.signaling.peerId;
+  const revocationStore = new Map;
+  function storeRevocation(record, bytes) {
+    const existing = revocationStore.get(record.revokedPeerId);
+    if (existing && existing.entry.issuedAt >= record.issuedAt)
+      return;
+    revocationStore.set(record.revokedPeerId, {
+      bytes,
+      entry: {
+        revokedPeerId: record.revokedPeerId,
+        issuerPeerId: record.issuerPeerId,
+        issuedAt: record.issuedAt
+      }
+    });
+  }
+  const handleRevocationControl = (body, senderId) => {
+    const keyring2 = keyringSource();
+    let record;
+    try {
+      record = decodeRevocation(body, keyring2);
+    } catch (err) {
+      const reason = err instanceof RevocationError ? err.code : err instanceof Error ? err.message : String(err);
+      emitMeshDiagnostic({ kind: "revoke:rejected", senderId, reason });
+      return;
+    }
+    if (record.revokedPeerId === localPeerId) {
+      selfRevocation = record;
+      emitMeshDiagnostic({
+        kind: "revoke:self-targeted",
+        issuerId: record.issuerPeerId,
+        ...record.reason !== undefined && { reason: record.reason },
+        issuedAt: record.issuedAt
+      });
+      return;
+    }
+    if (keyring2.revokedPeers.has(record.revokedPeerId)) {
+      storeRevocation(record, body);
+      emitMeshDiagnostic({
+        kind: "revoke:duplicate",
+        revokedPeerId: record.revokedPeerId,
+        issuerId: record.issuerPeerId
+      });
+      return;
+    }
+    applyRevocation(record, keyring2);
+    storeRevocation(record, body);
+    emitMeshDiagnostic({ kind: "revoke:applied", revokedPeerId: record.revokedPeerId });
+  };
+  const handleRevocationSummary = (body, senderId) => {
+    let summary;
+    try {
+      summary = decodeRevocationSummary(body);
+    } catch (err) {
+      emitMeshDiagnostic({
+        kind: "revoke:rejected",
+        senderId,
+        reason: err instanceof Error ? err.message : String(err)
+      });
+      return;
+    }
+    const remoteKeys = new Set(summary.map((entry) => entry.revokedPeerId));
+    const senderPeerId = senderId;
+    for (const stored of revocationStore.values()) {
+      if (remoteKeys.has(stored.entry.revokedPeerId))
+        continue;
+      networkAdapter.sendControlMessage(MESH_CONTROL_TYPE.Revocation, stored.bytes, [senderPeerId]);
+    }
+  };
   const networkAdapter = new MeshNetworkAdapter({
     base: webrtcAdapter,
     keyringSource,
-    encryptionEnabled
+    encryptionEnabled,
+    onControlMessage: (tag, body, senderId) => {
+      if (tag === MESH_CONTROL_TYPE.Revocation) {
+        handleRevocationControl(body, senderId);
+      } else if (tag === MESH_CONTROL_TYPE.RevocationSummary) {
+        handleRevocationSummary(body, senderId);
+      }
+    }
+  });
+  function sendSummaryTo(peerId) {
+    const entries = [...revocationStore.values()].map((stored) => stored.entry);
+    const body = encodeRevocationSummary(entries);
+    networkAdapter.sendControlMessage(MESH_CONTROL_TYPE.RevocationSummary, body, [peerId]);
+  }
+  networkAdapter.on("peer-candidate", (event) => {
+    connectedPeerIds.add(event.peerId);
+    try {
+      sendSummaryTo(event.peerId);
+    } catch (err) {
+      emitMeshDiagnostic({
+        kind: "revoke:rejected",
+        senderId: event.peerId,
+        reason: `summary-send-failed: ${err instanceof Error ? err.message : String(err)}`
+      });
+    }
+  });
+  networkAdapter.on("peer-disconnected", (event) => {
+    connectedPeerIds.delete(event.peerId);
   });
   const repo = new Repo({
     network: [networkAdapter],
@@ -3552,6 +3980,30 @@ async function createMeshClient(options) {
         return;
       await webrtcAdapter.refreshAllTransportStats();
     },
+    revokePeer: async (targetPeerId, reason) => {
+      const keyring2 = keyringSource();
+      const record = createRevocation({
+        issuer: keyring2.identity,
+        issuerPeerId: localPeerId,
+        revokedPeerId: targetPeerId,
+        ...reason !== undefined && { reason }
+      });
+      const bytes = encodeRevocation(record, keyring2.identity);
+      applyRevocation(record, keyring2);
+      storeRevocation(record, bytes);
+      emitMeshDiagnostic({
+        kind: "revoke:issued",
+        revokedPeerId: targetPeerId,
+        issuerId: localPeerId
+      });
+      const targets = [...connectedPeerIds];
+      if (targets.length > 0) {
+        networkAdapter.sendControlMessage(MESH_CONTROL_TYPE.Revocation, bytes, targets);
+      }
+    },
+    get selfRevocation() {
+      return selfRevocation;
+    },
     close: async () => {
       signaling.close();
       webrtcAdapter?.disconnect();
@@ -3762,150 +4214,6 @@ function randomBytes(n) {
   crypto.getRandomValues(out);
   return out;
 }
-// src/shared/lib/revocation.ts
-var REVOCATION_RECORD_VERSION = 1;
-var REVOCATION_MAGIC = new Uint8Array([80, 82, 86, 49]);
-
-class RevocationError extends Error {
-  code;
-  constructor(message, code) {
-    super(message);
-    this.name = "RevocationError";
-    this.code = code;
-  }
-}
-function createRevocation(options) {
-  const now = options.now ? options.now() : Date.now();
-  return {
-    version: REVOCATION_RECORD_VERSION,
-    issuerPeerId: options.issuerPeerId,
-    revokedPeerId: options.revokedPeerId,
-    issuedAt: now,
-    ...options.reason === undefined ? {} : { reason: options.reason }
-  };
-}
-function applyRevocation(record, keyring) {
-  keyring.revokedPeers.add(record.revokedPeerId);
-}
-function revokePeerLocally(peerId, keyring) {
-  keyring.revokedPeers.add(peerId);
-}
-function serialiseRevocationPayload(record) {
-  const issuerBytes = new TextEncoder().encode(record.issuerPeerId);
-  const revokedBytes = new TextEncoder().encode(record.revokedPeerId);
-  const reasonBytes = new TextEncoder().encode(record.reason ?? "");
-  const total = REVOCATION_MAGIC.length + 1 + 4 + issuerBytes.length + 4 + revokedBytes.length + 8 + 4 + reasonBytes.length;
-  const out = new Uint8Array(total);
-  let offset = 0;
-  out.set(REVOCATION_MAGIC, offset);
-  offset += REVOCATION_MAGIC.length;
-  out[offset] = record.version;
-  offset += 1;
-  const view = new DataView(out.buffer);
-  view.setUint32(offset, issuerBytes.length, false);
-  offset += 4;
-  out.set(issuerBytes, offset);
-  offset += issuerBytes.length;
-  view.setUint32(offset, revokedBytes.length, false);
-  offset += 4;
-  out.set(revokedBytes, offset);
-  offset += revokedBytes.length;
-  view.setBigUint64(offset, BigInt(record.issuedAt), false);
-  offset += 8;
-  view.setUint32(offset, reasonBytes.length, false);
-  offset += 4;
-  out.set(reasonBytes, offset);
-  return out;
-}
-function parseRevocationPayload(bytes) {
-  let offset = 0;
-  if (bytes.length < REVOCATION_MAGIC.length) {
-    throw new RevocationError("Revocation record too short for magic.", "truncated");
-  }
-  for (let i = 0;i < REVOCATION_MAGIC.length; i++) {
-    if (bytes[offset + i] !== REVOCATION_MAGIC[i]) {
-      throw new RevocationError("Revocation record magic mismatch.", "wrong-magic");
-    }
-  }
-  offset += REVOCATION_MAGIC.length;
-  if (bytes.length < offset + 1) {
-    throw new RevocationError("Revocation record truncated at version.", "truncated");
-  }
-  const version = bytes[offset];
-  offset += 1;
-  if (version !== REVOCATION_RECORD_VERSION) {
-    throw new RevocationError(`Unknown revocation record version: ${version}.`, "unknown-version");
-  }
-  const view = new DataView(bytes.buffer, bytes.byteOffset, bytes.byteLength);
-  if (bytes.length < offset + 4) {
-    throw new RevocationError("Revocation record truncated at issuer length.", "truncated");
-  }
-  const issuerLen = view.getUint32(offset, false);
-  offset += 4;
-  if (bytes.length < offset + issuerLen) {
-    throw new RevocationError("Revocation record truncated at issuer id.", "truncated");
-  }
-  const issuerPeerId = new TextDecoder().decode(bytes.subarray(offset, offset + issuerLen));
-  offset += issuerLen;
-  if (bytes.length < offset + 4) {
-    throw new RevocationError("Revocation record truncated at revoked id length.", "truncated");
-  }
-  const revokedLen = view.getUint32(offset, false);
-  offset += 4;
-  if (bytes.length < offset + revokedLen) {
-    throw new RevocationError("Revocation record truncated at revoked id.", "truncated");
-  }
-  const revokedPeerId = new TextDecoder().decode(bytes.subarray(offset, offset + revokedLen));
-  offset += revokedLen;
-  if (bytes.length < offset + 8) {
-    throw new RevocationError("Revocation record truncated at issuedAt.", "truncated");
-  }
-  const issuedAt = Number(view.getBigUint64(offset, false));
-  offset += 8;
-  if (bytes.length < offset + 4) {
-    throw new RevocationError("Revocation record truncated at reason length.", "truncated");
-  }
-  const reasonLen = view.getUint32(offset, false);
-  offset += 4;
-  if (bytes.length < offset + reasonLen) {
-    throw new RevocationError("Revocation record truncated at reason.", "truncated");
-  }
-  const reason = new TextDecoder().decode(bytes.subarray(offset, offset + reasonLen));
-  offset += reasonLen;
-  return {
-    version,
-    issuerPeerId,
-    revokedPeerId,
-    issuedAt,
-    ...reason ? { reason } : {}
-  };
-}
-function encodeRevocation(record, issuer) {
-  const payload = serialiseRevocationPayload(record);
-  const envelope = signEnvelope(payload, record.issuerPeerId, issuer.secretKey);
-  return encodeSignedEnvelope(envelope);
-}
-function decodeRevocation(bytes, keyring) {
-  const envelope = decodeSignedEnvelope(bytes);
-  const issuerKey = keyring.knownPeers.get(envelope.senderId);
-  if (!issuerKey) {
-    throw new RevocationError(`Revocation issuer ${envelope.senderId} is not in the local keyring.`, "unknown-issuer");
-  }
-  if (keyring.revocationAuthority !== undefined && keyring.revocationAuthority.size > 0 && !keyring.revocationAuthority.has(envelope.senderId)) {
-    throw new RevocationError(`Revocation issuer ${envelope.senderId} is not in the keyring's revocation authority set.`, "unauthorised-issuer");
-  }
-  let payloadBytes;
-  try {
-    payloadBytes = openEnvelope2(envelope, issuerKey);
-  } catch {
-    throw new RevocationError(`Revocation signature failed verification for issuer ${envelope.senderId}.`, "signature-invalid");
-  }
-  const record = parseRevocationPayload(payloadBytes);
-  if (record.issuerPeerId !== envelope.senderId) {
-    throw new RevocationError(`Revocation payload claims issuer ${record.issuerPeerId} but the envelope was signed by ${envelope.senderId}.`, "not-signed-by-issuer");
-  }
-  return record;
-}
 export {
   wasMeshStateResolved,
   verify,
@@ -3982,4 +4290,4 @@ export {
   $meshCounter
 };
 
-//# debugId=516309C916BB154F64756E2164756E21
+//# debugId=E57D210FDE704BCC64756E2164756E21