@gethashd/bytecave-browser 1.0.49 → 1.0.51

package/dist/{chunk-CVBYHRQD.js → chunk-KU6ZO2QD.js}

@@ -6250,7 +6250,21 @@ var StorageWebTransportClient = class {
         };
       }
       console.log("[WebTransport] Connecting to node:", url);
-      const transport = new WebTransport(url);
+      const certHash = this.extractCertHash(this.nodeMultiaddr);
+      if (!certHash) {
+        return {
+          success: false,
+          error: "No certificate hash in WebTransport multiaddr"
+        };
+      }
+      const sha256Hash = await this.certHashToSHA256(certHash);
+      console.log("[WebTransport] Using certificate hash:", sha256Hash);
+      const transport = new WebTransport(url, {
+        serverCertificateHashes: [{
+          algorithm: "sha-256",
+          value: sha256Hash
+        }]
+      });
       await transport.ready;
       console.log("[WebTransport] Connected, opening bidirectional stream");
       const stream = await transport.createBidirectionalStream();
@@ -6319,6 +6333,40 @@ var StorageWebTransportClient = class {
       return null;
     }
   }
+  /**
+   * Extract certificate hash from multiaddr
+   * Format: /ip4/127.0.0.1/udp/4001/quic-v1/webtransport/certhash/uEi...
+   */
+  extractCertHash(multiaddr2) {
+    try {
+      const parts = multiaddr2.split("/").filter((p) => p);
+      const certhashIndex = parts.indexOf("certhash");
+      if (certhashIndex !== -1 && certhashIndex + 1 < parts.length) {
+        return parts[certhashIndex + 1];
+      }
+      return null;
+    } catch (error) {
+      console.error("[WebTransport] Failed to extract cert hash:", error);
+      return null;
+    }
+  }
+  /**
+   * Convert libp2p multihash cert hash to SHA-256 ArrayBuffer for WebTransport
+   * The certhash in multiaddr format is: uEi<hex-hash>
+   * where 'u' = base32 multibase, 'Ei' = multihash prefix for SHA-256
+   */
+  async certHashToSHA256(multihash) {
+    try {
+      let hexHash = multihash.startsWith("uEi") ? multihash.slice(3) : multihash;
+      const bytes = new Uint8Array(hexHash.match(/.{1,2}/g).map((byte) => parseInt(byte, 16)));
+      console.log("[WebTransport] Decoded certificate hash:", hexHash);
+      console.log("[WebTransport] Hash bytes length:", bytes.length);
+      return bytes.buffer;
+    } catch (error) {
+      console.error("[WebTransport] Failed to convert cert hash:", error);
+      throw new Error("Failed to decode certificate hash");
+    }
+  }
 };
 
 // src/contracts/ContentRegistry.ts

package/dist/index.cjs

@@ -6303,7 +6303,21 @@ var StorageWebTransportClient = class {
         };
       }
       console.log("[WebTransport] Connecting to node:", url);
-      const transport = new WebTransport(url);
+      const certHash = this.extractCertHash(this.nodeMultiaddr);
+      if (!certHash) {
+        return {
+          success: false,
+          error: "No certificate hash in WebTransport multiaddr"
+        };
+      }
+      const sha256Hash = await this.certHashToSHA256(certHash);
+      console.log("[WebTransport] Using certificate hash:", sha256Hash);
+      const transport = new WebTransport(url, {
+        serverCertificateHashes: [{
+          algorithm: "sha-256",
+          value: sha256Hash
+        }]
+      });
       await transport.ready;
       console.log("[WebTransport] Connected, opening bidirectional stream");
       const stream = await transport.createBidirectionalStream();
@@ -6372,6 +6386,40 @@ var StorageWebTransportClient = class {
       return null;
     }
   }
+  /**
+   * Extract certificate hash from multiaddr
+   * Format: /ip4/127.0.0.1/udp/4001/quic-v1/webtransport/certhash/uEi...
+   */
+  extractCertHash(multiaddr2) {
+    try {
+      const parts = multiaddr2.split("/").filter((p) => p);
+      const certhashIndex = parts.indexOf("certhash");
+      if (certhashIndex !== -1 && certhashIndex + 1 < parts.length) {
+        return parts[certhashIndex + 1];
+      }
+      return null;
+    } catch (error) {
+      console.error("[WebTransport] Failed to extract cert hash:", error);
+      return null;
+    }
+  }
+  /**
+   * Convert libp2p multihash cert hash to SHA-256 ArrayBuffer for WebTransport
+   * The certhash in multiaddr format is: uEi<hex-hash>
+   * where 'u' = base32 multibase, 'Ei' = multihash prefix for SHA-256
+   */
+  async certHashToSHA256(multihash) {
+    try {
+      let hexHash = multihash.startsWith("uEi") ? multihash.slice(3) : multihash;
+      const bytes = new Uint8Array(hexHash.match(/.{1,2}/g).map((byte) => parseInt(byte, 16)));
+      console.log("[WebTransport] Decoded certificate hash:", hexHash);
+      console.log("[WebTransport] Hash bytes length:", bytes.length);
+      return bytes.buffer;
+    } catch (error) {
+      console.error("[WebTransport] Failed to convert cert hash:", error);
+      throw new Error("Failed to decode certificate hash");
+    }
+  }
 };
 
 // src/contracts/ContentRegistry.ts

package/dist/index.js

@@ -13,7 +13,7 @@ import {
   useHashdImage,
   useHashdMedia,
   useHashdUrl
-} from "./chunk-CVBYHRQD.js";
+} from "./chunk-KU6ZO2QD.js";
 import {
   clearHashdCache,
   createHashdUrl,

package/dist/react/index.js

@@ -8,7 +8,7 @@ import {
   useHashdImage,
   useHashdMedia,
   useHashdUrl
-} from "../chunk-CVBYHRQD.js";
+} from "../chunk-KU6ZO2QD.js";
 import "../chunk-EEZWRIUI.js";
 export {
   HashdAudio,

package/dist/storage-webtransport.d.ts

@@ -33,4 +33,15 @@ export declare class StorageWebTransportClient {
      * Convert libp2p multiaddr to WebTransport URL
      */
     private multiaddrToWebTransportUrl;
+    /**
+     * Extract certificate hash from multiaddr
+     * Format: /ip4/127.0.0.1/udp/4001/quic-v1/webtransport/certhash/uEi...
+     */
+    private extractCertHash;
+    /**
+     * Convert libp2p multihash cert hash to SHA-256 ArrayBuffer for WebTransport
+     * The certhash in multiaddr format is: uEi<hex-hash>
+     * where 'u' = base32 multibase, 'Ei' = multihash prefix for SHA-256
+     */
+    private certHashToSHA256;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gethashd/bytecave-browser",
-  "version": "1.0.49",
+  "version": "1.0.51",
   "description": "ByteCave browser client for WebRTC P2P connections to storage nodes",
   "main": "dist/index.cjs",
   "module": "dist/index.js",

package/src/storage-webtransport.ts

@@ -59,8 +59,27 @@ export class StorageWebTransportClient {
 
       console.log('[WebTransport] Connecting to node:', url);
 
-      // Create WebTransport connection
-      const transport = new WebTransport(url);
+      // Extract certificate hash from multiaddr for self-signed cert verification
+      const certHash = this.extractCertHash(this.nodeMultiaddr);
+      if (!certHash) {
+        return {
+          success: false,
+          error: 'No certificate hash in WebTransport multiaddr'
+        };
+      }
+
+      // Convert base58 multihash to SHA-256 hash for serverCertificateHashes
+      const sha256Hash = await this.certHashToSHA256(certHash);
+      
+      console.log('[WebTransport] Using certificate hash:', sha256Hash);
+
+      // Create WebTransport connection with self-signed certificate support
+      const transport = new WebTransport(url, {
+        serverCertificateHashes: [{
+          algorithm: 'sha-256',
+          value: sha256Hash
+        }]
+      });
       await transport.ready;
 
       console.log('[WebTransport] Connected, opening bidirectional stream');
@@ -145,7 +164,6 @@ export class StorageWebTransportClient {
       }
 
       // WebTransport URL format: https://ip:port
-      // Note: In production, this needs proper certificate handling
       return `https://${ip}:${port}`;
 
     } catch (error) {
@@ -153,4 +171,46 @@ export class StorageWebTransportClient {
       return null;
     }
   }
+
+  /**
+   * Extract certificate hash from multiaddr
+   * Format: /ip4/127.0.0.1/udp/4001/quic-v1/webtransport/certhash/uEi...
+   */
+  private extractCertHash(multiaddr: string): string | null {
+    try {
+      const parts = multiaddr.split('/').filter(p => p);
+      const certhashIndex = parts.indexOf('certhash');
+      if (certhashIndex !== -1 && certhashIndex + 1 < parts.length) {
+        return parts[certhashIndex + 1];
+      }
+      return null;
+    } catch (error) {
+      console.error('[WebTransport] Failed to extract cert hash:', error);
+      return null;
+    }
+  }
+
+  /**
+   * Convert libp2p multihash cert hash to SHA-256 ArrayBuffer for WebTransport
+   * The certhash in multiaddr format is: uEi<hex-hash>
+   * where 'u' = base32 multibase, 'Ei' = multihash prefix for SHA-256
+   */
+  private async certHashToSHA256(multihash: string): Promise<ArrayBuffer> {
+    try {
+      // Remove 'uEi' prefix to get the raw hex hash
+      // Format: uEi733dc9ebf43a04ad3bc692f104cf6ccc228a062fcd7aa43fc370f9c3c67e3bfc
+      let hexHash = multihash.startsWith('uEi') ? multihash.slice(3) : multihash;
+      
+      // The hash after uEi is already in hex format, just convert to bytes
+      const bytes = new Uint8Array(hexHash.match(/.{1,2}/g)!.map(byte => parseInt(byte, 16)));
+      
+      console.log('[WebTransport] Decoded certificate hash:', hexHash);
+      console.log('[WebTransport] Hash bytes length:', bytes.length);
+      
+      return bytes.buffer;
+    } catch (error) {
+      console.error('[WebTransport] Failed to convert cert hash:', error);
+      throw new Error('Failed to decode certificate hash');
+    }
+  }
 }