@fairfox/polly 0.69.0 → 0.71.0

package/dist/src/peer.js

@@ -650,6 +650,30 @@ import {
   NetworkAdapter
 } from "@automerge/automerge-repo/slim";
 
+// src/shared/lib/mesh-diagnostics.ts
+var listeners = new Set;
+function emitMeshDiagnostic(diagnostic) {
+  const event = { ...diagnostic, timestamp: Date.now() };
+  for (const listener of listeners) {
+    try {
+      listener(event);
+    } catch {}
+  }
+}
+function subscribeToMeshDiagnostics(listener) {
+  listeners.add(listener);
+  return () => {
+    listeners.delete(listener);
+  };
+}
+function recordMeshDiagnostics() {
+  const captured = [];
+  const stop = subscribeToMeshDiagnostics((event) => {
+    captured.push(event);
+  });
+  return { events: captured, stop };
+}
+
 // src/shared/lib/signing.ts
 import nacl2 from "tweetnacl";
 var PUBLIC_KEY_BYTES = 32;
@@ -735,11 +759,17 @@ function decodeSignedEnvelope(bytes) {
 
 // src/shared/lib/mesh-network-adapter.ts
 var DEFAULT_MESH_KEY_ID = "polly-mesh-default";
+var MESH_CONTROL_TYPE = {
+  Sync: 0,
+  Revocation: 1,
+  RevocationSummary: 2
+};
 
 class MeshNetworkAdapter extends NetworkAdapter {
   base;
   keyringSource;
   encryptionEnabled;
+  onControlMessage;
   get keyring() {
     return this.keyringSource();
   }
@@ -748,6 +778,7 @@ class MeshNetworkAdapter extends NetworkAdapter {
     this.base = options.base;
     this.keyringSource = options.keyringSource;
     this.encryptionEnabled = options.encryptionEnabled ?? true;
+    this.onControlMessage = options.onControlMessage;
     this.base.on("close", () => this.emit("close"));
     this.base.on("peer-candidate", (payload) => this.emit("peer-candidate", payload));
     this.base.on("peer-disconnected", (payload) => this.emit("peer-disconnected", payload));
@@ -781,16 +812,17 @@ class MeshNetworkAdapter extends NetworkAdapter {
   wrap(message) {
     const keyring = this.keyringSource();
     const serialised = serialiseMessage(message);
+    const tagged = prependControlTag(MESH_CONTROL_TYPE.Sync, serialised);
     let payloadToSign;
     if (this.encryptionEnabled) {
       const docKey = keyring.documentKeys.get(DEFAULT_MESH_KEY_ID);
       if (!docKey) {
         throw new Error(`MeshNetworkAdapter: missing document encryption key under id "${DEFAULT_MESH_KEY_ID}". Provision the key in the keyring before sending.`);
       }
-      const encrypted = sealEnvelope(serialised, DEFAULT_MESH_KEY_ID, docKey);
+      const encrypted = sealEnvelope(tagged, DEFAULT_MESH_KEY_ID, docKey);
       payloadToSign = encodeEncryptedEnvelope(encrypted);
     } else {
-      payloadToSign = serialised;
+      payloadToSign = tagged;
     }
     const signed = signEnvelope(payloadToSign, message.senderId, keyring.identity.secretKey);
     const signedBytes = encodeSignedEnvelope(signed);
@@ -811,44 +843,156 @@ class MeshNetworkAdapter extends NetworkAdapter {
     let signed;
     try {
       signed = decodeSignedEnvelope(message.data);
-    } catch {
+    } catch (err) {
+      emitMeshDiagnostic({
+        kind: "drop:malformed-signed-envelope",
+        reason: err instanceof Error ? err.message : String(err)
+      });
       return;
     }
     const keyring = this.keyringSource();
     if (keyring.revokedPeers.has(signed.senderId)) {
+      emitMeshDiagnostic({
+        kind: "drop:revoked-peer",
+        senderId: signed.senderId
+      });
       return;
     }
     const senderKey = keyring.knownPeers.get(signed.senderId);
     if (!senderKey) {
+      emitMeshDiagnostic({
+        kind: "drop:unknown-peer",
+        senderId: signed.senderId
+      });
       return;
     }
     let verifiedPayload;
     try {
       verifiedPayload = openEnvelope2(signed, senderKey);
-    } catch {
+    } catch (err) {
+      emitMeshDiagnostic({
+        kind: "drop:bad-signature",
+        senderId: signed.senderId,
+        reason: err instanceof Error ? err.message : String(err)
+      });
       return;
     }
     if (!this.encryptionEnabled) {
-      return deserialiseMessage(verifiedPayload);
+      return this.dispatchTaggedPayload(verifiedPayload, signed.senderId);
     }
     let encrypted;
     try {
       encrypted = decodeEncryptedEnvelope(verifiedPayload);
-    } catch {
+    } catch (err) {
+      emitMeshDiagnostic({
+        kind: "drop:malformed-encrypted-envelope",
+        senderId: signed.senderId,
+        reason: err instanceof Error ? err.message : String(err)
+      });
       return;
     }
     const docKey = keyring.documentKeys.get(encrypted.documentId);
     if (!docKey) {
+      emitMeshDiagnostic({
+        kind: "drop:missing-doc-key",
+        senderId: signed.senderId,
+        documentId: encrypted.documentId
+      });
       return;
     }
     let plaintext;
     try {
       plaintext = openEnvelope(encrypted, docKey);
-    } catch {
+    } catch (err) {
+      emitMeshDiagnostic({
+        kind: "drop:bad-decryption",
+        senderId: signed.senderId,
+        documentId: encrypted.documentId,
+        reason: err instanceof Error ? err.message : String(err)
+      });
       return;
     }
-    return deserialiseMessage(plaintext);
+    return this.dispatchTaggedPayload(plaintext, signed.senderId);
   }
+  dispatchTaggedPayload(payload, senderId) {
+    if (payload.byteLength < 1) {
+      emitMeshDiagnostic({ kind: "drop:empty-control-payload", senderId });
+      return;
+    }
+    const tag = payload[0];
+    const body = payload.subarray(1);
+    switch (tag) {
+      case MESH_CONTROL_TYPE.Sync:
+        return deserialiseMessage(body);
+      case MESH_CONTROL_TYPE.Revocation:
+        emitMeshDiagnostic({ kind: "ctrl:revocation-received", senderId });
+        this.invokeControlHandler(tag, body, senderId);
+        return;
+      case MESH_CONTROL_TYPE.RevocationSummary:
+        emitMeshDiagnostic({
+          kind: "ctrl:revocation-summary-received",
+          senderId
+        });
+        this.invokeControlHandler(tag, body, senderId);
+        return;
+      default:
+        emitMeshDiagnostic({
+          kind: "drop:unknown-control-type",
+          senderId,
+          tag
+        });
+        return;
+    }
+  }
+  invokeControlHandler(tag, body, senderId) {
+    if (!this.onControlMessage)
+      return;
+    try {
+      this.onControlMessage(tag, body, senderId);
+    } catch (err) {
+      emitMeshDiagnostic({
+        kind: "drop:control-handler-threw",
+        senderId,
+        tag,
+        reason: err instanceof Error ? err.message : String(err)
+      });
+    }
+  }
+  sendControlMessage(tag, body, targetPeerIds) {
+    if (targetPeerIds.length === 0)
+      return;
+    const keyring = this.keyringSource();
+    const tagged = prependControlTag(tag, body);
+    let payloadToSign;
+    if (this.encryptionEnabled) {
+      const docKey = keyring.documentKeys.get(DEFAULT_MESH_KEY_ID);
+      if (!docKey) {
+        throw new Error(`MeshNetworkAdapter.sendControlMessage: missing document encryption key under id "${DEFAULT_MESH_KEY_ID}".`);
+      }
+      const encrypted = sealEnvelope(tagged, DEFAULT_MESH_KEY_ID, docKey);
+      payloadToSign = encodeEncryptedEnvelope(encrypted);
+    } else {
+      payloadToSign = tagged;
+    }
+    const senderId = this.peerId ?? "";
+    const signed = signEnvelope(payloadToSign, senderId, keyring.identity.secretKey);
+    const signedBytes = encodeSignedEnvelope(signed);
+    for (const targetId of targetPeerIds) {
+      const outer = {
+        type: "sync",
+        senderId,
+        targetId,
+        data: signedBytes
+      };
+      this.base.send(outer);
+    }
+  }
+}
+function prependControlTag(tag, body) {
+  const out = new Uint8Array(body.byteLength + 1);
+  out[0] = tag;
+  out.set(body, 1);
+  return out;
 }
 function serialiseMessage(message) {
   const headerObj = {
@@ -1083,4 +1227,4 @@ export {
   $crdtCounter
 };
 
-//# debugId=D4249D328F09D19464756E2164756E21
+//# debugId=C92D0D86B1D86EE064756E2164756E21