@graffiti-garden/implementation-decentralized 0.0.1

package/dist/esm/3-protocol/4-graffiti.js

@@ -0,0 +1,957 @@
+import {
+  GraffitiErrorNotFound,
+  maskGraffitiObject,
+  unpackObjectUrl,
+  compileGraffitiObjectSchema,
+  GraffitiErrorSchemaMismatch,
+  GraffitiErrorForbidden,
+  GraffitiErrorTooLarge,
+  isMediaAcceptable,
+  GraffitiErrorNotAcceptable,
+  GraffitiErrorCursorExpired,
+  GraffitiErrorInvalidSchema
+} from "@graffiti-garden/api";
+import { randomBytes } from "@noble/hashes/utils.js";
+import {
+  encode as dagCborEncode,
+  decode as dagCborDecode
+} from "@ipld/dag-cbor";
+import { DecentralizedIdentifiers } from "../1-services/2-dids";
+import { Authorization } from "../1-services/1-authorization";
+import { StorageBuckets } from "../1-services/3-storage-buckets";
+import {
+  Inboxes,
+  LABELED_MESSAGE_MESSAGE_KEY,
+  MESSAGE_METADATA_KEY,
+  MESSAGE_OBJECT_KEY,
+  MESSAGE_TAGS_KEY
+} from "../1-services/4-inboxes";
+import {
+  StringEncoder,
+  STRING_ENCODER_METHOD_BASE64URL
+} from "../2-primitives/1-string-encoding";
+import { ContentAddresses } from "../2-primitives/2-content-addresses";
+import {
+  CHANNEL_ATTESTATION_METHOD_SHA256_ED25519,
+  ChannelAttestations
+} from "../2-primitives/3-channel-attestations";
+import { AllowedAttestations } from "../2-primitives/4-allowed-attestations";
+import { Handles } from "./2-handles";
+import {
+  Sessions,
+  DID_SERVICE_ID_GRAFFITI_PERSONAL_INBOX,
+  DID_SERVICE_TYPE_GRAFFITI_INBOX,
+  DID_SERVICE_ID_GRAFFITI_STORAGE_BUCKET,
+  DID_SERVICE_TYPE_GRAFFITI_STORAGE_BUCKET
+} from "./1-sessions";
+import {
+  decodeObjectUrl,
+  MAX_OBJECT_SIZE_BYTES,
+  ObjectEncoding
+} from "./3-object-encoding";
+import { GraffitiModal } from "@graffiti-garden/modal";
+import {
+  custom,
+  string,
+  boolean,
+  strictObject,
+  array,
+  int,
+  nonnegative,
+  optional,
+  extend,
+  union,
+  record,
+  url
+} from "zod/mini";
+const Uint8ArraySchema = custom(
+  (v) => v instanceof Uint8Array
+);
+const MESSAGE_DATA_STORAGE_BUCKET_KEY = "k";
+const MESSAGE_DATA_TOMBSTONED_MESSAGE_ID_KEY = "t";
+const MessageMetadataBaseSchema = strictObject({
+  [MESSAGE_DATA_STORAGE_BUCKET_KEY]: string(),
+  [MESSAGE_DATA_TOMBSTONED_MESSAGE_ID_KEY]: optional(string())
+});
+const MESSAGE_DATA_ANNOUNCEMENT_MESSAGE_ID_KEY = "id";
+const MESSAGE_DATA_ANNOUNCEMENT_ENDPOINT_KEY = "e";
+const MESSAGE_DATA_ANNOUNCEMENT_ACTOR_KEY = "a";
+const MessageMetadataAnnouncementsSchema = array(
+  strictObject({
+    [MESSAGE_DATA_ANNOUNCEMENT_MESSAGE_ID_KEY]: string(),
+    [MESSAGE_DATA_ANNOUNCEMENT_ENDPOINT_KEY]: optional(url()),
+    [MESSAGE_DATA_ANNOUNCEMENT_ACTOR_KEY]: optional(url())
+  })
+);
+const MESSAGE_DATA_ALLOWED_TICKETS_KEY = "s";
+const MESSAGE_DATA_ANNOUNCEMENTS_KEY = "n";
+const MessageMetaDataSelfSchema = extend(MessageMetadataBaseSchema, {
+  [MESSAGE_DATA_ALLOWED_TICKETS_KEY]: optional(array(Uint8ArraySchema)),
+  [MESSAGE_DATA_ANNOUNCEMENTS_KEY]: MessageMetadataAnnouncementsSchema
+});
+const MESSAGE_DATA_ALLOWED_TICKET_KEY = "a";
+const MESSAGE_DATA_ALLOWED_TICKET_INDEX_KEY = "i";
+const MessageMetadataPrivateSchema = extend(MessageMetadataBaseSchema, {
+  [MESSAGE_DATA_ALLOWED_TICKET_KEY]: Uint8ArraySchema,
+  [MESSAGE_DATA_ALLOWED_TICKET_INDEX_KEY]: int().check(nonnegative())
+});
+const MessageMetadataSchema = union([
+  MessageMetadataBaseSchema,
+  MessageMetaDataSelfSchema,
+  MessageMetadataPrivateSchema
+]);
+const MESSAGE_LABEL_UNLABELED = 0;
+const MESSAGE_LABEL_VALID = 1;
+const MESSAGE_LABEL_TRASH = 2;
+const MESSAGE_LABEL_INVALID = 3;
+class GraffitiDecentralized {
+  dids = new DecentralizedIdentifiers();
+  authorization = new Authorization();
+  storageBuckets = new StorageBuckets();
+  inboxes = new Inboxes();
+  stringEncoder = new StringEncoder();
+  contentAddresses = new ContentAddresses();
+  channelAttestations = new ChannelAttestations();
+  allowedAttestations = new AllowedAttestations();
+  sessions = new Sessions({
+    dids: this.dids,
+    authorization: this.authorization,
+    storageBuckets: this.storageBuckets,
+    inboxes: this.inboxes
+  });
+  handles = new Handles({ dids: this.dids });
+  objectEncoding = new ObjectEncoding({
+    stringEncoder: this.stringEncoder,
+    contentAddresses: this.contentAddresses,
+    channelAttestations: this.channelAttestations,
+    allowedAttestations: this.allowedAttestations
+  });
+  modal = typeof window === "undefined" ? void 0 : new GraffitiModal({
+    useTemplateHTML: () => import("./login-dialog.html").then(({ template }) => template),
+    onManualClose: () => {
+      const event = new CustomEvent("login", {
+        detail: {
+          error: new Error("User cancelled login"),
+          manual: true
+        }
+      });
+      this.sessionEvents.dispatchEvent(event);
+    }
+  });
+  defaultInboxEndpoints;
+  identityCreatorEndpoint;
+  constructor(options) {
+    this.defaultInboxEndpoints = options?.defaultInboxEndpoints ?? [
+      "https://graffiti.actor/i/shared"
+    ];
+    this.identityCreatorEndpoint = options?.identityCreatorEndpoint ?? "https://graffiti.actor/create";
+    this.sessionEvents.addEventListener("login", async (event) => {
+      if (!(event instanceof CustomEvent)) return;
+      const detail = event.detail;
+      if (detail.error !== void 0 && !("manual" in detail && detail.manual)) {
+        alert("Login failed: " + detail.error.message);
+        const actor = detail.session?.actor;
+        let handle;
+        if (actor) {
+          try {
+            handle = await this.actorToHandle(actor);
+          } catch (error) {
+            console.error("Failed to handle actor:", error);
+          }
+        }
+        this.login_(handle);
+      }
+    });
+  }
+  actorToHandle = this.handles.actorToHandle.bind(this.handles);
+  handleToActor = this.handles.handleToActor.bind(this.handles);
+  sessionEvents = this.sessions.sessionEvents;
+  login = async (actor) => {
+    try {
+      let proposedHandle;
+      try {
+        proposedHandle = actor ? await this.actorToHandle(actor) : void 0;
+      } catch (error) {
+        console.error("Error fetching handle for actor:", error);
+      }
+      await this.login_(proposedHandle);
+    } catch (e) {
+      const loginError = new CustomEvent("login", {
+        detail: {
+          error: e instanceof Error ? e : new Error(String(e))
+        }
+      });
+      this.sessionEvents.dispatchEvent(loginError);
+    }
+  };
+  async login_(proposedHandle) {
+    if (typeof window !== "undefined") {
+      let template;
+      if (proposedHandle !== void 0) {
+        template = await this.modal?.displayTemplate("graffiti-login-handle");
+        const input = template?.querySelector(
+          "#username"
+        );
+        input?.setAttribute("value", proposedHandle);
+        input?.addEventListener("focus", () => input?.select());
+        new Promise((r) => {
+          setTimeout(() => r(), 0);
+        }).then(() => {
+          input?.focus();
+        });
+        template?.querySelector("#graffiti-login-handle-form")?.addEventListener("submit", async (e) => {
+          e.preventDefault();
+          input?.setAttribute("disabled", "true");
+          const submitButton = template?.querySelector(
+            "#graffiti-login-handle-submit"
+          );
+          submitButton?.setAttribute("disabled", "true");
+          submitButton && (submitButton.innerHTML = "Logging in...");
+          if (!input?.value) {
+            alert("No handle provided");
+            this.login_("");
+            return;
+          }
+          let handle = input.value;
+          if (!handle.includes(".") && !handle.startsWith("localhost")) {
+            const defaultHost = new URL(this.identityCreatorEndpoint).host;
+            handle = `${handle}.${defaultHost}`;
+          }
+          let actor;
+          try {
+            actor = await this.handleToActor(handle);
+          } catch (e2) {
+            alert("Could not find an identity associated with that handle.");
+            this.login_(handle);
+            return;
+          }
+          try {
+            await this.sessions.login(actor);
+          } catch (e2) {
+            alert("Error logging in.");
+            console.error(e2);
+            this.login_(handle);
+          }
+        });
+      } else {
+        template = await this.modal?.displayTemplate("graffiti-login-welcome");
+        template?.querySelector("#graffiti-login-existing")?.addEventListener("click", (e) => {
+          e.preventDefault();
+          this.login_("");
+        });
+        new Promise((r) => {
+          setTimeout(() => r(), 0);
+        }).then(() => {
+          template?.querySelector("#graffiti-login-new")?.focus();
+        });
+      }
+      const createUrl = new URL(this.identityCreatorEndpoint);
+      createUrl.searchParams.set(
+        "redirect_uri",
+        encodeURIComponent(window.location.toString())
+      );
+      template?.querySelector("#graffiti-login-new")?.setAttribute("href", createUrl.toString());
+      await this.modal?.open();
+    } else {
+      const readline = await import("readline").catch((e) => {
+        throw new Error(
+          "Unrecognized environment: neither window nor readline"
+        );
+      });
+      console.log(
+        "If you do not already have a Graffiti handle, you can create one here:"
+      );
+      console.log(this.identityCreatorEndpoint);
+      const rl = readline.createInterface({
+        input: process.stdin,
+        output: process.stdout
+      });
+      const handle = await new Promise((resolve) => {
+        rl.question(
+          `Please enter your handle${proposedHandle ? ` (default: ${proposedHandle})` : ""}: `,
+          (input) => {
+            rl.close();
+            resolve(input || proposedHandle);
+          }
+        );
+      });
+      if (!handle) {
+        throw new Error("No handle provided");
+      }
+      const actor = await this.handleToActor(handle);
+      await this.sessions.login(actor);
+    }
+  }
+  logout = async (session) => {
+    await this.sessions.logout(session.actor);
+  };
+  // @ts-ignore
+  post = async (...args) => {
+    const [partialObject, session] = args;
+    const resolvedSession = this.sessions.resolveSession(session);
+    const { object, tags, objectBytes, allowedTickets } = await this.objectEncoding.encode(partialObject, session.actor);
+    const storageBucketKeyBytes = randomBytes();
+    const storageBucketKey = await this.stringEncoder.encode(
+      STRING_ENCODER_METHOD_BASE64URL,
+      storageBucketKeyBytes
+    );
+    await this.storageBuckets.put(
+      resolvedSession.storageBucket.serviceEndpoint,
+      storageBucketKey,
+      objectBytes,
+      resolvedSession.storageBucket.token
+    );
+    await this.announceObject(
+      object,
+      tags,
+      allowedTickets,
+      storageBucketKey,
+      session
+    );
+    return object;
+  };
+  get = async (...args) => {
+    const [url2, schema, session] = args;
+    let services;
+    const validator = await compileGraffitiObjectSchema(schema);
+    if (session) {
+      const resolvedSession = this.sessions.resolveSession(session);
+      services = [
+        resolvedSession.personalInbox,
+        ...resolvedSession.sharedInboxes
+      ];
+    } else {
+      services = this.defaultInboxEndpoints.map((s) => ({
+        serviceEndpoint: s
+      }));
+    }
+    const objectUrl = unpackObjectUrl(url2);
+    const tags = [new TextEncoder().encode(objectUrl)];
+    for (const service of services) {
+      let object = void 0;
+      const iterator = this.querySingleEndpoint(
+        service.serviceEndpoint,
+        {
+          tags,
+          objectSchema: {}
+        },
+        service.token,
+        session?.actor
+      );
+      for await (const result of iterator) {
+        if (result.object.url !== objectUrl) continue;
+        if (result.tombstone) {
+          object = void 0;
+        } else {
+          object = result.object;
+        }
+      }
+      if (object) {
+        if (!validator(object)) {
+          throw new GraffitiErrorSchemaMismatch(
+            "Object exists but does not match the supplied schema"
+          );
+        }
+        return object;
+      }
+    }
+    throw new GraffitiErrorNotFound("Object not found");
+  };
+  delete = async (url2, session) => {
+    const resolvedSession = this.sessions.resolveSession(session);
+    const objectUrl = unpackObjectUrl(url2);
+    const { actor } = decodeObjectUrl(objectUrl);
+    if (actor !== session.actor) {
+      throw new GraffitiErrorForbidden("Cannot delete someone else's actor");
+    }
+    const iterator = this.querySingleEndpoint(
+      resolvedSession.personalInbox.serviceEndpoint,
+      {
+        tags: [new TextEncoder().encode(objectUrl)],
+        objectSchema: {}
+      },
+      resolvedSession.personalInbox.token
+    );
+    let existing;
+    for await (const result of iterator) {
+      if (result.object.url !== objectUrl) continue;
+      if (result.tombstone) {
+        existing = void 0;
+      } else {
+        existing = result;
+      }
+    }
+    if (!existing) {
+      throw new GraffitiErrorNotFound(`Object ${objectUrl} not found`);
+    }
+    const {
+      object,
+      storageBucketKey,
+      tags,
+      allowedTickets,
+      announcements,
+      messageId
+    } = existing;
+    await this.storageBuckets.delete(
+      resolvedSession.storageBucket.serviceEndpoint,
+      storageBucketKey,
+      resolvedSession.storageBucket.token
+    );
+    await this.announceObject(
+      object,
+      tags,
+      allowedTickets,
+      storageBucketKey,
+      session,
+      [
+        ...announcements ?? [],
+        // Make sure we delete from our own inbox too
+        {
+          [MESSAGE_DATA_ANNOUNCEMENT_ACTOR_KEY]: session.actor,
+          [MESSAGE_DATA_ANNOUNCEMENT_MESSAGE_ID_KEY]: messageId
+        }
+      ]
+    );
+    return object;
+  };
+  postMedia = async (...args) => {
+    const [media, session] = args;
+    const type = media.data.type;
+    const resolvedSession = this.sessions.resolveSession(session);
+    const keyBytes = randomBytes();
+    const key = await this.stringEncoder.encode(
+      STRING_ENCODER_METHOD_BASE64URL,
+      keyBytes
+    );
+    await this.storageBuckets.put(
+      resolvedSession.storageBucket.serviceEndpoint,
+      key,
+      new Uint8Array(await media.data.arrayBuffer()),
+      resolvedSession.storageBucket.token
+    );
+    const { url: url2 } = await this.post(
+      {
+        value: {
+          key,
+          type,
+          size: media.data.size
+        },
+        channels: [],
+        allowed: media.allowed
+      },
+      session
+    );
+    return url2;
+  };
+  getMedia = async (...args) => {
+    const [mediaUrl, accept, session] = args;
+    const object = await this.get(
+      mediaUrl,
+      MEDIA_OBJECT_SCHEMA,
+      session
+    );
+    const { key, type, size } = object.value;
+    if (accept?.maxBytes && size > accept.maxBytes) {
+      throw new GraffitiErrorTooLarge("File size exceeds limit");
+    }
+    if (accept?.types) {
+      if (!isMediaAcceptable(type, accept.types)) {
+        throw new GraffitiErrorNotAcceptable(
+          `Unacceptable media type, ${type}`
+        );
+      }
+    }
+    const actorDocument = await this.dids.resolve(object.actor);
+    const storageBucketService = actorDocument?.service?.find(
+      (service) => service.id === DID_SERVICE_ID_GRAFFITI_STORAGE_BUCKET && service.type === DID_SERVICE_TYPE_GRAFFITI_STORAGE_BUCKET
+    );
+    if (!storageBucketService) {
+      throw new GraffitiErrorNotFound(
+        `Actor ${object.actor} has no storage bucket service`
+      );
+    }
+    if (typeof storageBucketService.serviceEndpoint !== "string") {
+      throw new GraffitiErrorNotFound(
+        `Actor ${object.actor} does not have a valid storage bucket endpoint`
+      );
+    }
+    const storageBucketEndpoint = storageBucketService.serviceEndpoint;
+    const data = await this.storageBuckets.get(
+      storageBucketEndpoint,
+      key,
+      size
+    );
+    const blob = new Blob([data.slice()], { type });
+    return {
+      data: blob,
+      actor: object.actor,
+      allowed: object.allowed
+    };
+  };
+  deleteMedia = async (...args) => {
+    const [mediaUrl, session] = args;
+    const resolvedSession = this.sessions.resolveSession(session);
+    const result = await this.delete(mediaUrl, session);
+    if (!("key" in result.value && typeof result.value.key === "string"))
+      throw new Error(
+        "Deleted object was not media: " + JSON.stringify(result, null, 2)
+      );
+    await this.storageBuckets.delete(
+      resolvedSession.storageBucket.serviceEndpoint,
+      result.value.key,
+      resolvedSession.storageBucket.token
+    );
+  };
+  async *discoverMeta(channels, schema, cursors, session) {
+    const tombstones = /* @__PURE__ */ new Map();
+    let allInboxes;
+    if (session) {
+      const resolvedSession = this.sessions.resolveSession(session);
+      allInboxes = [
+        resolvedSession.personalInbox,
+        ...resolvedSession.sharedInboxes
+      ];
+    } else {
+      allInboxes = this.defaultInboxEndpoints.map((e) => ({
+        serviceEndpoint: e
+      }));
+    }
+    for (const endpoint in cursors) {
+      if (!allInboxes.some((i) => i.serviceEndpoint === endpoint)) {
+        throw new GraffitiErrorForbidden(
+          "Cursor does not match actor's inboxes"
+        );
+      }
+    }
+    const tags = await Promise.all(
+      channels.map(
+        (c) => this.channelAttestations.register(
+          CHANNEL_ATTESTATION_METHOD_SHA256_ED25519,
+          c
+        )
+      )
+    );
+    const iterators = allInboxes.map(
+      (i) => {
+        const cursor = cursors[i.serviceEndpoint];
+        return this.querySingleEndpoint(
+          i.serviceEndpoint,
+          cursor ? {
+            cursor
+          } : {
+            tags,
+            objectSchema: schema
+          },
+          i.token,
+          session?.actor
+        );
+      }
+    );
+    let indexedIteratorNexts = iterators.map(async (it, index) => indexedSingleEndpointQueryNext(it, index));
+    let active = indexedIteratorNexts.length;
+    while (active > 0) {
+      const next = await Promise.race(indexedIteratorNexts);
+      if (next.error !== void 0) {
+        indexedIteratorNexts[next.index] = new Promise(() => {
+        });
+        active--;
+        yield {
+          error: next.error,
+          origin: allInboxes[next.index].serviceEndpoint
+        };
+      } else if (next.result.done) {
+        const inbox = allInboxes[next.index];
+        cursors[inbox.serviceEndpoint] = next.result.value;
+        indexedIteratorNexts[next.index] = new Promise(() => {
+        });
+        active--;
+      } else {
+        indexedIteratorNexts[next.index] = indexedSingleEndpointQueryNext(
+          iterators[next.index],
+          next.index
+        );
+        const { object, tombstone, tags: receivedTags } = next.result.value;
+        if (tombstone) {
+          if (tombstones.get(object.url) === true) continue;
+          tombstones.set(object.url, true);
+          yield {
+            tombstone,
+            object: { url: object.url }
+          };
+        } else {
+          if (tombstones.get(object.url) === false) continue;
+          const matchedTagIndices = tags.reduce(
+            (acc, tag, tagIndex) => {
+              for (const receivedTag of receivedTags) {
+                if (tag.length === receivedTag.length && tag.every((b, i) => receivedTag[i] === b)) {
+                  acc.push(tagIndex);
+                  break;
+                }
+              }
+              return acc;
+            },
+            []
+          );
+          const matchedChannels = matchedTagIndices.map(
+            (index) => channels[index]
+          );
+          if (matchedChannels.length === 0) {
+            yield {
+              error: new Error(
+                "Inbox returned object without matching channels"
+              ),
+              origin: allInboxes[next.index].serviceEndpoint
+            };
+          }
+          tombstones.set(object.url, false);
+          yield {
+            object: {
+              ...object,
+              channels: matchedChannels
+            }
+          };
+        }
+      }
+    }
+    return {
+      cursor: JSON.stringify({
+        channels,
+        cursors
+      }),
+      continue: (session2) => this.discoverMeta(channels, schema, cursors, session2)
+    };
+  }
+  discover = (...args) => {
+    const [channels, schema, session] = args;
+    return this.discoverMeta(channels, schema, {}, session);
+  };
+  continueDiscover = (...args) => {
+    const [cursor, session] = args;
+    let channels;
+    let cursors;
+    try {
+      const json = JSON.parse(cursor);
+      const parsed = CursorSchema.parse(json);
+      channels = parsed.channels;
+      cursors = parsed.cursors;
+    } catch (error) {
+      return (async function* () {
+        throw new GraffitiErrorCursorExpired("Invalid cursor");
+      })();
+    }
+    return this.discoverMeta(channels, {}, cursors, session);
+  };
+  async announceObject(object, tags, allowedTickets, storageBucketKey, session, priorAnnouncements) {
+    const resolvedSession = this.sessions.resolveSession(session);
+    const metadataBase = {
+      [MESSAGE_DATA_STORAGE_BUCKET_KEY]: storageBucketKey
+    };
+    const announcements = [];
+    const allowed = object.allowed;
+    if (Array.isArray(allowed)) {
+      if (!allowedTickets || allowedTickets.length !== allowed.length) {
+        throw new Error(
+          "If allowed actors are specified, there must be a corresponding ticket for each allowed actor"
+        );
+      }
+      const results = await Promise.allSettled(
+        allowed.map(async (recipient, recipientIndex) => {
+          const copy = JSON.parse(JSON.stringify(object));
+          const masked = maskGraffitiObject(copy, [], recipient);
+          const actorDocument = await this.dids.resolve(recipient);
+          const personalInbox = actorDocument.service?.find(
+            (service) => service.type === DID_SERVICE_TYPE_GRAFFITI_INBOX && service.id === DID_SERVICE_ID_GRAFFITI_PERSONAL_INBOX
+          );
+          if (!personalInbox) {
+            throw new Error(
+              `Recipient ${recipient} does not have a personal inbox`
+            );
+          }
+          if (typeof personalInbox.serviceEndpoint !== "string") {
+            throw new Error(
+              `Recipient ${recipient} does not have a valid personal inbox endpoint`
+            );
+          }
+          const tombstonedMessageId2 = priorAnnouncements ? priorAnnouncements.find(
+            (a) => a[MESSAGE_DATA_ANNOUNCEMENT_ACTOR_KEY] === recipient
+          )?.[MESSAGE_DATA_ANNOUNCEMENT_MESSAGE_ID_KEY] : void 0;
+          const privateMetadata = {
+            ...metadataBase,
+            ...tombstonedMessageId2 ? {
+              [MESSAGE_DATA_TOMBSTONED_MESSAGE_ID_KEY]: tombstonedMessageId2
+            } : {},
+            [MESSAGE_DATA_ALLOWED_TICKET_KEY]: allowedTickets[recipientIndex],
+            [MESSAGE_DATA_ALLOWED_TICKET_INDEX_KEY]: recipientIndex
+          };
+          const messageId = await this.inboxes.send(
+            personalInbox.serviceEndpoint,
+            {
+              [MESSAGE_TAGS_KEY]: tags,
+              [MESSAGE_OBJECT_KEY]: masked,
+              [MESSAGE_METADATA_KEY]: dagCborEncode(privateMetadata)
+            }
+          );
+          announcements.push({
+            [MESSAGE_DATA_ANNOUNCEMENT_MESSAGE_ID_KEY]: messageId,
+            [MESSAGE_DATA_ANNOUNCEMENT_ACTOR_KEY]: recipient
+          });
+        })
+      );
+      for (const [index, result] of results.entries()) {
+        if (result.status === "rejected") {
+          const recipient = allowed[index];
+          console.error("Error sending to recipient:", recipient);
+          console.error(result.reason);
+        }
+      }
+    } else {
+      const copy = JSON.parse(JSON.stringify(object));
+      const masked = maskGraffitiObject(copy, []);
+      const sharedInboxes = resolvedSession.sharedInboxes;
+      const results = await Promise.allSettled(
+        sharedInboxes.map(async (inbox) => {
+          const tombstonedMessageId2 = priorAnnouncements ? priorAnnouncements.find(
+            (a) => a[MESSAGE_DATA_ANNOUNCEMENT_ENDPOINT_KEY] === inbox.serviceEndpoint
+          )?.[MESSAGE_DATA_ANNOUNCEMENT_MESSAGE_ID_KEY] : void 0;
+          const metadata = {
+            ...metadataBase,
+            ...tombstonedMessageId2 ? {
+              [MESSAGE_DATA_TOMBSTONED_MESSAGE_ID_KEY]: tombstonedMessageId2
+            } : {}
+          };
+          const messageId = await this.inboxes.send(inbox.serviceEndpoint, {
+            ...tombstonedMessageId2 ? {
+              [MESSAGE_DATA_TOMBSTONED_MESSAGE_ID_KEY]: tombstonedMessageId2
+            } : {},
+            [MESSAGE_TAGS_KEY]: tags,
+            [MESSAGE_OBJECT_KEY]: masked,
+            [MESSAGE_METADATA_KEY]: dagCborEncode(metadata)
+          });
+          announcements.push({
+            [MESSAGE_DATA_ANNOUNCEMENT_MESSAGE_ID_KEY]: messageId,
+            [MESSAGE_DATA_ANNOUNCEMENT_ENDPOINT_KEY]: inbox.serviceEndpoint
+          });
+        })
+      );
+      for (const [index, result] of results.entries()) {
+        if (result.status === "rejected") {
+          const inbox = sharedInboxes[index];
+          console.error("Error sending to inbox:", inbox);
+          console.error(result.reason);
+        }
+      }
+    }
+    const tombstonedMessageId = priorAnnouncements ? priorAnnouncements.find(
+      (a) => a[MESSAGE_DATA_ANNOUNCEMENT_ACTOR_KEY] === session.actor
+    )?.[MESSAGE_DATA_ANNOUNCEMENT_MESSAGE_ID_KEY] : void 0;
+    const selfMetadata = {
+      ...metadataBase,
+      ...allowedTickets ? {
+        [MESSAGE_DATA_ALLOWED_TICKETS_KEY]: allowedTickets
+      } : {},
+      ...tombstonedMessageId ? {
+        [MESSAGE_DATA_TOMBSTONED_MESSAGE_ID_KEY]: tombstonedMessageId
+      } : {},
+      [MESSAGE_DATA_ANNOUNCEMENTS_KEY]: announcements
+    };
+    await this.inboxes.send(resolvedSession.personalInbox.serviceEndpoint, {
+      [MESSAGE_TAGS_KEY]: tags,
+      [MESSAGE_OBJECT_KEY]: object,
+      [MESSAGE_METADATA_KEY]: dagCborEncode(selfMetadata)
+    });
+  }
+  async *querySingleEndpoint(inboxEndpoint, queryArguments, inboxToken, recipient) {
+    const iterator = "tags" in queryArguments ? this.inboxes.query(
+      inboxEndpoint,
+      queryArguments.tags,
+      queryArguments.objectSchema,
+      inboxToken
+    ) : this.inboxes.continueQuery(
+      inboxEndpoint,
+      queryArguments.cursor,
+      inboxToken
+    );
+    while (true) {
+      const itResult = await iterator.next();
+      if (itResult.done) return itResult.value;
+      const result = itResult.value;
+      const label = result.l;
+      if (label !== MESSAGE_LABEL_VALID && label !== MESSAGE_LABEL_UNLABELED)
+        continue;
+      const messageId = result.id;
+      const { o: object, m: metadataBytes, t: receivedTags } = result.m;
+      let metadata;
+      try {
+        const metadataRaw = dagCborDecode(metadataBytes);
+        metadata = MessageMetadataSchema.parse(metadataRaw);
+      } catch (e) {
+        this.inboxes.label(
+          inboxEndpoint,
+          messageId,
+          MESSAGE_LABEL_INVALID,
+          inboxToken
+        );
+        continue;
+      }
+      const {
+        [MESSAGE_DATA_STORAGE_BUCKET_KEY]: storageBucketKey,
+        [MESSAGE_DATA_TOMBSTONED_MESSAGE_ID_KEY]: tombstonedMessageId
+      } = metadata;
+      const allowedTickets = MESSAGE_DATA_ALLOWED_TICKETS_KEY in metadata ? metadata[MESSAGE_DATA_ALLOWED_TICKETS_KEY] : void 0;
+      const announcements = MESSAGE_DATA_ANNOUNCEMENTS_KEY in metadata ? metadata[MESSAGE_DATA_ANNOUNCEMENTS_KEY] : void 0;
+      if (label === MESSAGE_LABEL_VALID) {
+        yield {
+          messageId,
+          object,
+          storageBucketKey,
+          allowedTickets,
+          tags: receivedTags,
+          announcements
+        };
+        continue;
+      }
+      let validationError = void 0;
+      try {
+        const actor = object.actor;
+        const actorDocument = await this.dids.resolve(actor);
+        const storageBucketService = actorDocument?.service?.find(
+          (service) => service.id === DID_SERVICE_ID_GRAFFITI_STORAGE_BUCKET && service.type === DID_SERVICE_TYPE_GRAFFITI_STORAGE_BUCKET
+        );
+        if (!storageBucketService) {
+          throw new GraffitiErrorNotFound(
+            `Actor ${actor} has no storage bucket service`
+          );
+        }
+        if (typeof storageBucketService.serviceEndpoint !== "string") {
+          throw new GraffitiErrorNotFound(
+            `Actor ${actor} does not have a valid storage bucket endpoint`
+          );
+        }
+        const storageBucketEndpoint = storageBucketService.serviceEndpoint;
+        const objectBytes = await this.storageBuckets.get(
+          storageBucketEndpoint,
+          storageBucketKey,
+          MAX_OBJECT_SIZE_BYTES
+        );
+        if (MESSAGE_DATA_ALLOWED_TICKET_KEY in metadata && !recipient) {
+          throw new GraffitiErrorForbidden(
+            `Recipient is required when allowed ticket is present`
+          );
+        }
+        const privateObjectInfo = allowedTickets ? { allowedTickets } : MESSAGE_DATA_ALLOWED_TICKET_KEY in metadata ? {
+          recipient: recipient ?? "null",
+          allowedTicket: metadata[MESSAGE_DATA_ALLOWED_TICKET_KEY],
+          allowedIndex: metadata[MESSAGE_DATA_ALLOWED_TICKET_INDEX_KEY]
+        } : void 0;
+        await this.objectEncoding.validate(
+          object,
+          receivedTags,
+          objectBytes,
+          privateObjectInfo
+        );
+      } catch (e) {
+        validationError = e;
+      }
+      if (tombstonedMessageId) {
+        if (validationError instanceof GraffitiErrorNotFound) {
+          this.inboxes.get(inboxEndpoint, tombstonedMessageId, inboxToken).then((result2) => {
+            if (result2 && result2[LABELED_MESSAGE_MESSAGE_KEY][MESSAGE_OBJECT_KEY].url === object.url) {
+              this.inboxes.label(
+                inboxEndpoint,
+                tombstonedMessageId,
+                MESSAGE_LABEL_TRASH,
+                inboxToken
+              );
+            }
+            this.inboxes.label(
+              inboxEndpoint,
+              messageId,
+              MESSAGE_LABEL_TRASH,
+              inboxToken
+            );
+          });
+          yield {
+            messageId,
+            tombstone: true,
+            object,
+            storageBucketKey,
+            allowedTickets,
+            tags: receivedTags,
+            announcements
+          };
+        } else {
+          console.error("Recieved an incorrect object");
+          console.error(validationError);
+          this.inboxes.label(
+            inboxEndpoint,
+            messageId,
+            MESSAGE_LABEL_INVALID,
+            inboxToken
+          );
+        }
+      } else {
+        if (validationError === void 0) {
+          this.inboxes.label(
+            inboxEndpoint,
+            messageId,
+            MESSAGE_LABEL_VALID,
+            inboxToken
+          );
+          yield {
+            messageId,
+            object,
+            storageBucketKey,
+            tags: receivedTags,
+            allowedTickets,
+            announcements
+          };
+        } else {
+          console.error("Recieved an incorrect object");
+          console.error(validationError);
+          this.inboxes.label(
+            inboxEndpoint,
+            messageId,
+            MESSAGE_LABEL_INVALID,
+            inboxToken
+          );
+        }
+      }
+    }
+  }
+}
+const MEDIA_OBJECT_SCHEMA = {
+  properties: {
+    value: {
+      properties: {
+        type: { type: "string" },
+        size: { type: "number" },
+        key: { type: "string" }
+      },
+      required: ["type", "size", "key"]
+    }
+  }
+};
+const CursorSchema = strictObject({
+  cursors: record(url(), string()),
+  channels: array(string())
+});
+async function indexedSingleEndpointQueryNext(it, index) {
+  try {
+    return {
+      index,
+      result: await it.next()
+    };
+  } catch (e) {
+    if (e instanceof GraffitiErrorCursorExpired || e instanceof GraffitiErrorInvalidSchema) {
+      throw e;
+    }
+    return {
+      index,
+      error: e instanceof Error ? e : new Error(String(e))
+    };
+  }
+}
+export {
+  GraffitiDecentralized
+};
+//# sourceMappingURL=4-graffiti.js.map