@haex-space/vault-sdk 2.5.105 → 2.5.107

package/dist/index.mjs

@@ -12,7 +12,7 @@ function installLocalStoragePolyfill() {
     localStorage.setItem(testKey, testKey);
     localStorage.removeItem(testKey);
     localStorageWorks = true;
-  } catch (e) {
+  } catch {
     console.warn("[HaexSpace] localStorage blocked \u2013 using in-memory fallback");
   }
   if (!localStorageWorks) {
@@ -43,7 +43,7 @@ function installLocalStoragePolyfill() {
         writable: true,
         configurable: true
       });
-    } catch (e) {
+    } catch {
       window.localStorage = localStoragePoly;
     }
     console.log("[HaexSpace] localStorage replaced with in-memory polyfill");
@@ -76,7 +76,7 @@ function installSessionStoragePolyfill() {
       writable: true,
       configurable: true
     });
-  } catch (e) {
+  } catch {
     window.sessionStorage = {
       getItem: () => null,
       setItem: () => {
@@ -103,7 +103,7 @@ function installCookiePolyfill() {
   try {
     document.cookie = "__cookie_test__=1";
     cookiesWork = document.cookie.indexOf("__cookie_test__") !== -1;
-  } catch (e) {
+  } catch {
     console.warn("[HaexSpace] Cookies blocked \u2013 using in-memory fallback");
   }
   if (!cookiesWork) {
@@ -361,7 +361,6 @@ function installPolyfills() {
   installSessionStoragePolyfill();
   installCookiePolyfill();
   installHistoryPolyfill();
-  console.log("[HaexSpace] All polyfills loaded successfully");
   installDebugDiagnostics();
 }
 if (typeof window !== "undefined") {
@@ -1827,15 +1826,14 @@ async function initNativeMode(ctx, log, onEvent, onContextChange) {
 }
 async function setupTauriEventListeners(ctx, log, onEvent, onContextChange) {
   const { listen } = getTauriEvent();
-  console.log("[HaexVault SDK] Setting up Tauri event listener for:", HAEXTENSION_EVENTS.CONTEXT_CHANGED);
+  log("Setting up Tauri event listener for:", HAEXTENSION_EVENTS.CONTEXT_CHANGED);
   try {
     await listen(HAEXTENSION_EVENTS.CONTEXT_CHANGED, (event) => {
-      console.log("[HaexVault SDK] Received Tauri event:", HAEXTENSION_EVENTS.CONTEXT_CHANGED, event);
-      log("Received context change event:", event);
+      log("Received Tauri event:", HAEXTENSION_EVENTS.CONTEXT_CHANGED, event);
       const payload = event.payload;
       if (payload?.context) {
         ctx.state.context = payload.context;
-        console.log("[HaexVault SDK] Updated context to:", ctx.state.context);
+        log("Updated context to:", ctx.state.context);
         onContextChange(payload.context);
         onEvent({
           type: HAEXTENSION_EVENTS.CONTEXT_CHANGED,
@@ -1843,19 +1841,17 @@ async function setupTauriEventListeners(ctx, log, onEvent, onContextChange) {
           timestamp: Date.now()
         });
       } else {
-        console.warn("[HaexVault SDK] Event received but no context in payload:", event);
+        log("Event received but no context in payload:", event);
       }
     });
-    console.log("[HaexVault SDK] Context change listener registered successfully");
+    log("Context change listener registered successfully");
   } catch (error) {
-    console.error("[HaexVault SDK] Failed to setup context change listener:", error);
     log("Failed to setup context change listener:", error);
   }
   try {
     await listen(EXTERNAL_EVENTS.REQUEST, (event) => {
-      console.log("[HaexVault SDK] ====== EXTERNAL REQUEST RECEIVED ======");
-      console.log("[HaexVault SDK] Event payload:", JSON.stringify(event.payload, null, 2));
-      log("Received external request event:", event);
+      log("====== EXTERNAL REQUEST RECEIVED ======");
+      log("Event payload:", JSON.stringify(event.payload, null, 2));
       if (event.payload) {
         onEvent({
           type: EXTERNAL_EVENTS.REQUEST,
@@ -1863,19 +1859,17 @@ async function setupTauriEventListeners(ctx, log, onEvent, onContextChange) {
           timestamp: Date.now()
         });
       } else {
-        console.warn("[HaexVault SDK] External request event has no payload!");
+        log("External request event has no payload!");
       }
     });
-    console.log("[HaexVault SDK] External request listener registered successfully");
+    log("External request listener registered successfully");
   } catch (error) {
-    console.error("[HaexVault SDK] Failed to setup external request listener:", error);
     log("Failed to setup external request listener:", error);
   }
-  console.log("[HaexVault SDK] About to register file change listener for:", HAEXTENSION_EVENTS.FILE_CHANGED);
+  log("Registering file change listener for:", HAEXTENSION_EVENTS.FILE_CHANGED);
   try {
     await listen(HAEXTENSION_EVENTS.FILE_CHANGED, (event) => {
-      console.log("[HaexVault SDK] File change event received:", event.payload);
-      log("Received file change event:", event);
+      log("File change event received:", event.payload);
       if (event.payload) {
         const payload = event.payload;
         onEvent({
@@ -1887,16 +1881,14 @@ async function setupTauriEventListeners(ctx, log, onEvent, onContextChange) {
         });
       }
     });
-    console.log("[HaexVault SDK] File change listener registered successfully");
+    log("File change listener registered successfully");
   } catch (error) {
-    console.error("[HaexVault SDK] Failed to setup file change listener:", error);
     log("Failed to setup file change listener:", error);
   }
-  console.log("[HaexVault SDK] About to register sync tables updated listener for:", HAEXTENSION_EVENTS.SYNC_TABLES_UPDATED);
+  log("Registering sync tables updated listener for:", HAEXTENSION_EVENTS.SYNC_TABLES_UPDATED);
   try {
     await listen(HAEXTENSION_EVENTS.SYNC_TABLES_UPDATED, (event) => {
-      console.log("[HaexVault SDK] Sync tables updated event received:", event.payload);
-      log("Received sync tables updated event:", event);
+      log("Sync tables updated event received:", event.payload);
       if (event.payload) {
         const payload = event.payload;
         onEvent({
@@ -1906,25 +1898,23 @@ async function setupTauriEventListeners(ctx, log, onEvent, onContextChange) {
         });
       }
     });
-    console.log("[HaexVault SDK] Sync tables updated listener registered successfully");
+    log("Sync tables updated listener registered successfully");
   } catch (error) {
-    console.error("[HaexVault SDK] Failed to setup sync tables updated listener:", error);
     log("Failed to setup sync tables updated listener:", error);
   }
-  console.log("[HaexVault SDK] About to setup LocalSend event listeners");
+  log("Setting up LocalSend event listeners");
   try {
     await setupLocalSendEventListeners(log, onEvent);
-    console.log("[HaexVault SDK] LocalSend event listeners setup complete");
+    log("LocalSend event listeners setup complete");
   } catch (error) {
-    console.error("[HaexVault SDK] Failed to setup LocalSend event listeners:", error);
+    log("Failed to setup LocalSend event listeners:", error);
   }
 }
 async function setupLocalSendEventListeners(log, onEvent) {
   const { listen } = getTauriEvent();
   try {
     await listen(LOCALSEND_EVENTS.deviceDiscovered, (event) => {
-      console.log("[HaexVault SDK] LocalSend device discovered:", event.payload);
-      log("Received LocalSend device discovered event:", event);
+      log("LocalSend device discovered:", event.payload);
       if (event.payload) {
         onEvent({
           type: LOCALSEND_EVENTS.deviceDiscovered,
@@ -1933,14 +1923,13 @@ async function setupLocalSendEventListeners(log, onEvent) {
         });
       }
     });
-    console.log("[HaexVault SDK] LocalSend device discovered listener registered");
+    log("LocalSend device discovered listener registered");
   } catch (error) {
-    console.error("[HaexVault SDK] Failed to setup LocalSend device discovered listener:", error);
+    log("Failed to setup LocalSend device discovered listener:", error);
   }
   try {
     await listen(LOCALSEND_EVENTS.deviceLost, (event) => {
-      console.log("[HaexVault SDK] LocalSend device lost:", event.payload);
-      log("Received LocalSend device lost event:", event);
+      log("LocalSend device lost:", event.payload);
       if (event.payload) {
         onEvent({
           type: LOCALSEND_EVENTS.deviceLost,
@@ -1949,14 +1938,13 @@ async function setupLocalSendEventListeners(log, onEvent) {
         });
       }
     });
-    console.log("[HaexVault SDK] LocalSend device lost listener registered");
+    log("LocalSend device lost listener registered");
   } catch (error) {
-    console.error("[HaexVault SDK] Failed to setup LocalSend device lost listener:", error);
+    log("Failed to setup LocalSend device lost listener:", error);
   }
   try {
     await listen(LOCALSEND_EVENTS.transferRequest, (event) => {
-      console.log("[HaexVault SDK] LocalSend transfer request:", event.payload);
-      log("Received LocalSend transfer request event:", event);
+      log("LocalSend transfer request:", event.payload);
       if (event.payload) {
         onEvent({
           type: LOCALSEND_EVENTS.transferRequest,
@@ -1965,13 +1953,13 @@ async function setupLocalSendEventListeners(log, onEvent) {
         });
       }
     });
-    console.log("[HaexVault SDK] LocalSend transfer request listener registered");
+    log("LocalSend transfer request listener registered");
   } catch (error) {
-    console.error("[HaexVault SDK] Failed to setup LocalSend transfer request listener:", error);
+    log("Failed to setup LocalSend transfer request listener:", error);
   }
   try {
     await listen(LOCALSEND_EVENTS.transferProgress, (event) => {
-      log("Received LocalSend transfer progress event:", event);
+      log("LocalSend transfer progress event:", event);
       if (event.payload) {
         onEvent({
           type: LOCALSEND_EVENTS.transferProgress,
@@ -1980,14 +1968,13 @@ async function setupLocalSendEventListeners(log, onEvent) {
         });
       }
     });
-    console.log("[HaexVault SDK] LocalSend transfer progress listener registered");
+    log("LocalSend transfer progress listener registered");
   } catch (error) {
-    console.error("[HaexVault SDK] Failed to setup LocalSend transfer progress listener:", error);
+    log("Failed to setup LocalSend transfer progress listener:", error);
   }
   try {
     await listen(LOCALSEND_EVENTS.transferComplete, (event) => {
-      console.log("[HaexVault SDK] LocalSend transfer complete:", event.payload);
-      log("Received LocalSend transfer complete event:", event);
+      log("LocalSend transfer complete:", event.payload);
       if (event.payload) {
         onEvent({
           type: LOCALSEND_EVENTS.transferComplete,
@@ -1996,14 +1983,13 @@ async function setupLocalSendEventListeners(log, onEvent) {
         });
       }
     });
-    console.log("[HaexVault SDK] LocalSend transfer complete listener registered");
+    log("LocalSend transfer complete listener registered");
   } catch (error) {
-    console.error("[HaexVault SDK] Failed to setup LocalSend transfer complete listener:", error);
+    log("Failed to setup LocalSend transfer complete listener:", error);
   }
   try {
     await listen(LOCALSEND_EVENTS.transferFailed, (event) => {
-      console.log("[HaexVault SDK] LocalSend transfer failed:", event.payload);
-      log("Received LocalSend transfer failed event:", event);
+      log("LocalSend transfer failed:", event.payload);
       if (event.payload) {
         onEvent({
           type: LOCALSEND_EVENTS.transferFailed,
@@ -2012,9 +1998,9 @@ async function setupLocalSendEventListeners(log, onEvent) {
         });
       }
     });
-    console.log("[HaexVault SDK] LocalSend transfer failed listener registered");
+    log("LocalSend transfer failed listener registered");
   } catch (error) {
-    console.error("[HaexVault SDK] Failed to setup LocalSend transfer failed listener:", error);
+    log("Failed to setup LocalSend transfer failed listener:", error);
   }
 }
 async function initIframeMode(ctx, log, messageHandler, request) {
@@ -2232,7 +2218,7 @@ function createDrizzleInstance(schema, extensionInfo, request, log) {
           if (result2.rows && Array.isArray(result2.rows) && result2.rows.length > 0) {
             return { rows: result2.rows };
           }
-          return result2;
+          return { rows: [] };
         }
         const result = await request(DATABASE_COMMANDS.query, {
           sql,
@@ -2240,7 +2226,7 @@ function createDrizzleInstance(schema, extensionInfo, request, log) {
         });
         const rows = result.rows;
         if (method === "get") {
-          return { rows: rows.length > 0 ? rows.at(0) : void 0 };
+          return { rows: rows.length > 0 ? [rows[0]] : [] };
         }
         return { rows };
       } catch (error) {
@@ -2756,6 +2742,148 @@ async function verifyExtensionSignature(files, manifest) {
   }
 }
 
+// src/crypto/userKeypair.ts
+var SIGNING_ALGO = { name: "ECDSA", namedCurve: "P-256" };
+var KEY_AGREEMENT_ALGO = { name: "ECDH", namedCurve: "P-256" };
+async function generateUserKeypairAsync() {
+  const keypair = await crypto.subtle.generateKey(SIGNING_ALGO, true, ["sign", "verify"]);
+  return { publicKey: keypair.publicKey, privateKey: keypair.privateKey };
+}
+async function exportUserKeypairAsync(keypair) {
+  const pub = await crypto.subtle.exportKey("spki", keypair.publicKey);
+  const priv = await crypto.subtle.exportKey("pkcs8", keypair.privateKey);
+  return { publicKey: arrayBufferToBase64(pub), privateKey: arrayBufferToBase64(priv) };
+}
+async function importUserPublicKeyAsync(base64) {
+  return crypto.subtle.importKey("spki", base64ToArrayBuffer(base64), SIGNING_ALGO, true, ["verify"]);
+}
+async function importUserPrivateKeyAsync(base64) {
+  return crypto.subtle.importKey("pkcs8", base64ToArrayBuffer(base64), SIGNING_ALGO, true, ["sign"]);
+}
+async function importPublicKeyForKeyAgreementAsync(base64) {
+  return crypto.subtle.importKey("spki", base64ToArrayBuffer(base64), KEY_AGREEMENT_ALGO, true, []);
+}
+async function importPrivateKeyForKeyAgreementAsync(base64) {
+  return crypto.subtle.importKey("pkcs8", base64ToArrayBuffer(base64), KEY_AGREEMENT_ALGO, true, ["deriveBits"]);
+}
+async function encryptPrivateKeyAsync(privateKeyBase64, password) {
+  const salt = crypto.getRandomValues(new Uint8Array(32));
+  const derivedKey = await deriveKeyFromPassword(password, salt);
+  const nonce = crypto.getRandomValues(new Uint8Array(12));
+  const encrypted = await crypto.subtle.encrypt(
+    { name: "AES-GCM", iv: nonce },
+    derivedKey,
+    new TextEncoder().encode(privateKeyBase64)
+  );
+  return {
+    encryptedPrivateKey: arrayBufferToBase64(encrypted),
+    nonce: arrayBufferToBase64(nonce),
+    salt: arrayBufferToBase64(salt)
+  };
+}
+async function decryptPrivateKeyAsync(encryptedPrivateKey, nonce, salt, password) {
+  const derivedKey = await deriveKeyFromPassword(password, base64ToArrayBuffer(salt));
+  const decrypted = await crypto.subtle.decrypt(
+    { name: "AES-GCM", iv: base64ToArrayBuffer(nonce) },
+    derivedKey,
+    base64ToArrayBuffer(encryptedPrivateKey)
+  );
+  return new TextDecoder().decode(decrypted);
+}
+
+// src/crypto/spaceKey.ts
+function generateSpaceKey() {
+  return generateVaultKey();
+}
+async function encryptSpaceKeyForRecipientAsync(spaceKey, recipientPublicKeyBase64) {
+  const ephemeral = await crypto.subtle.generateKey(KEY_AGREEMENT_ALGO, true, ["deriveBits"]);
+  const recipientKey = await importPublicKeyForKeyAgreementAsync(recipientPublicKeyBase64);
+  const sharedBits = await crypto.subtle.deriveBits(
+    { name: "ECDH", public: recipientKey },
+    ephemeral.privateKey,
+    256
+  );
+  const aesKey = await crypto.subtle.deriveKey(
+    {
+      name: "HKDF",
+      hash: "SHA-256",
+      salt: new Uint8Array(0),
+      info: new TextEncoder().encode("haex-space-key")
+    },
+    await crypto.subtle.importKey("raw", sharedBits, "HKDF", false, ["deriveKey"]),
+    { name: "AES-GCM", length: 256 },
+    false,
+    ["encrypt"]
+  );
+  const nonce = crypto.getRandomValues(new Uint8Array(12));
+  const encrypted = await crypto.subtle.encrypt({ name: "AES-GCM", iv: nonce }, aesKey, spaceKey);
+  const ephPub = await crypto.subtle.exportKey("spki", ephemeral.publicKey);
+  return {
+    encryptedSpaceKey: arrayBufferToBase64(encrypted),
+    keyNonce: arrayBufferToBase64(nonce),
+    ephemeralPublicKey: arrayBufferToBase64(ephPub)
+  };
+}
+async function decryptSpaceKeyAsync(encrypted, ownPrivateKeyBase64) {
+  const ephPubKey = await crypto.subtle.importKey(
+    "spki",
+    base64ToArrayBuffer(encrypted.ephemeralPublicKey),
+    KEY_AGREEMENT_ALGO,
+    true,
+    []
+  );
+  const ownPrivKey = await importPrivateKeyForKeyAgreementAsync(ownPrivateKeyBase64);
+  const sharedBits = await crypto.subtle.deriveBits(
+    { name: "ECDH", public: ephPubKey },
+    ownPrivKey,
+    256
+  );
+  const aesKey = await crypto.subtle.deriveKey(
+    {
+      name: "HKDF",
+      hash: "SHA-256",
+      salt: new Uint8Array(0),
+      info: new TextEncoder().encode("haex-space-key")
+    },
+    await crypto.subtle.importKey("raw", sharedBits, "HKDF", false, ["deriveKey"]),
+    { name: "AES-GCM", length: 256 },
+    false,
+    ["decrypt"]
+  );
+  const decrypted = await crypto.subtle.decrypt(
+    { name: "AES-GCM", iv: base64ToArrayBuffer(encrypted.keyNonce) },
+    aesKey,
+    base64ToArrayBuffer(encrypted.encryptedSpaceKey)
+  );
+  return new Uint8Array(decrypted);
+}
+
+// src/crypto/recordSigning.ts
+function canonicalize(record) {
+  const parts = [
+    record.tableName,
+    record.rowPks,
+    record.columnName === null ? "
NULL" : record.columnName,
+    record.encryptedValue === null ? "
NULL" : record.encryptedValue,
+    record.hlcTimestamp
+  ].join("\0");
+  return new TextEncoder().encode(parts);
+}
+async function signRecordAsync(record, privateKeyBase64) {
+  const key = await importUserPrivateKeyAsync(privateKeyBase64);
+  const sig = await crypto.subtle.sign({ name: "ECDSA", hash: "SHA-256" }, key, canonicalize(record));
+  return arrayBufferToBase64(sig);
+}
+async function verifyRecordSignatureAsync(record, signatureBase64, publicKeyBase64) {
+  const key = await importUserPublicKeyAsync(publicKeyBase64);
+  return crypto.subtle.verify(
+    { name: "ECDSA", hash: "SHA-256" },
+    key,
+    base64ToArrayBuffer(signatureBase64),
+    canonicalize(record)
+  );
+}
+
 // src/crypto/passkey.ts
 function toArrayBuffer(data) {
   if (data instanceof ArrayBuffer) {
@@ -2926,6 +3054,6 @@ function createHaexVaultSdk(config = {}) {
   return new HaexVaultSdk(config);
 }
 
-export { COSE_ALGORITHM, DEFAULT_TIMEOUT, DatabaseAPI, EXTERNAL_EVENTS, ErrorCode, ExternalConnectionErrorCode, ExternalConnectionState, FilesystemAPI, HAEXSPACE_MESSAGE_TYPES, HAEXTENSION_EVENTS, HaexVaultSdk, HaexVaultSdkError, LOCALSEND_EVENTS, LocalSendAPI, PermissionErrorCode, PermissionStatus, PermissionsAPI, RemoteStorageAPI, TABLE_SEPARATOR, TAURI_COMMANDS, WebAPI, arrayBufferToBase64, base64ToArrayBuffer, canExternalClientSendRequests, createHaexVaultSdk, decryptCrdtData, decryptString, decryptVaultKey, decryptVaultName, deriveKeyFromPassword, encryptCrdtData, encryptString, encryptVaultKey, exportKeyPairAsync, exportPrivateKeyAsync, exportPublicKeyAsync, exportPublicKeyCoseAsync, generateCredentialId, generatePasskeyPairAsync, generateVaultKey, getTableName, hexToBytes, importPrivateKeyAsync, importPublicKeyAsync, installBaseTag, installCookiePolyfill, installHistoryPolyfill, installLocalStoragePolyfill, installPolyfills, installSessionStoragePolyfill, isExternalClientConnected, isPermissionDeniedError, isPermissionError, isPermissionPromptError, signWithPasskeyAsync, sortObjectKeysRecursively, unwrapKey, verifyExtensionSignature, verifyWithPasskeyAsync, wrapKey };
+export { COSE_ALGORITHM, DEFAULT_TIMEOUT, DatabaseAPI, EXTERNAL_EVENTS, ErrorCode, ExternalConnectionErrorCode, ExternalConnectionState, FilesystemAPI, HAEXSPACE_MESSAGE_TYPES, HAEXTENSION_EVENTS, HaexVaultSdk, HaexVaultSdkError, KEY_AGREEMENT_ALGO, LOCALSEND_EVENTS, LocalSendAPI, PermissionErrorCode, PermissionStatus, PermissionsAPI, RemoteStorageAPI, SIGNING_ALGO, TABLE_SEPARATOR, TAURI_COMMANDS, WebAPI, arrayBufferToBase64, base64ToArrayBuffer, canExternalClientSendRequests, createHaexVaultSdk, decryptCrdtData, decryptPrivateKeyAsync, decryptSpaceKeyAsync, decryptString, decryptVaultKey, decryptVaultName, deriveKeyFromPassword, encryptCrdtData, encryptPrivateKeyAsync, encryptSpaceKeyForRecipientAsync, encryptString, encryptVaultKey, exportKeyPairAsync, exportPrivateKeyAsync, exportPublicKeyAsync, exportPublicKeyCoseAsync, exportUserKeypairAsync, generateCredentialId, generatePasskeyPairAsync, generateSpaceKey, generateUserKeypairAsync, generateVaultKey, getTableName, hexToBytes, importPrivateKeyAsync, importPrivateKeyForKeyAgreementAsync, importPublicKeyAsync, importPublicKeyForKeyAgreementAsync, importUserPrivateKeyAsync, importUserPublicKeyAsync, installBaseTag, installCookiePolyfill, installHistoryPolyfill, installLocalStoragePolyfill, installPolyfills, installSessionStoragePolyfill, isExternalClientConnected, isPermissionDeniedError, isPermissionError, isPermissionPromptError, signRecordAsync, signWithPasskeyAsync, sortObjectKeysRecursively, unwrapKey, verifyExtensionSignature, verifyRecordSignatureAsync, verifyWithPasskeyAsync, wrapKey };
 //# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map