@haex-space/vault-sdk 2.5.117 → 2.5.119

package/dist/index.mjs

@@ -1,61 +1,362 @@
 import { drizzle } from 'drizzle-orm/sqlite-proxy';
 
-// src/polyfills/localStorage.ts
-function installLocalStoragePolyfill() {
-  if (typeof window === "undefined") {
-    return;
-  }
-  console.log("[HaexSpace] Storage Polyfill loading immediately");
-  let localStorageWorks = false;
-  try {
-    const testKey = "__ls_test__";
-    localStorage.setItem(testKey, testKey);
-    localStorage.removeItem(testKey);
-    localStorageWorks = true;
-  } catch {
-    console.warn("[HaexSpace] localStorage blocked \u2013 using in-memory fallback");
+var __defProp = Object.defineProperty;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+
+// src/crypto/vaultKey.ts
+async function deriveKeyFromPassword(password, salt) {
+  const encoder = new TextEncoder();
+  const passwordBuffer = encoder.encode(password);
+  const saltBuffer = new Uint8Array(salt);
+  const keyMaterial = await crypto.subtle.importKey(
+    "raw",
+    passwordBuffer,
+    "PBKDF2",
+    false,
+    ["deriveKey"]
+  );
+  return await crypto.subtle.deriveKey(
+    {
+      name: "PBKDF2",
+      salt: saltBuffer,
+      iterations: PBKDF2_ITERATIONS,
+      hash: "SHA-256"
+    },
+    keyMaterial,
+    { name: ALGORITHM, length: KEY_LENGTH },
+    false,
+    // not extractable
+    ["encrypt", "decrypt"]
+  );
+}
+function generateVaultKey() {
+  return crypto.getRandomValues(new Uint8Array(32));
+}
+async function encryptString(data, derivedKey) {
+  const nonce = crypto.getRandomValues(new Uint8Array(12));
+  const encoder = new TextEncoder();
+  const dataBuffer = encoder.encode(data);
+  const encryptedBuffer = await crypto.subtle.encrypt(
+    {
+      name: ALGORITHM,
+      iv: nonce
+    },
+    derivedKey,
+    dataBuffer
+  );
+  return {
+    encryptedData: arrayBufferToBase64(encryptedBuffer),
+    nonce: arrayBufferToBase64(nonce)
+  };
+}
+async function decryptString(encryptedData, nonce, derivedKey) {
+  const encryptedBuffer = base64ToArrayBuffer(encryptedData);
+  const nonceBuffer = base64ToArrayBuffer(nonce);
+  const encryptedDataBuffer = new Uint8Array(encryptedBuffer);
+  const iv = new Uint8Array(nonceBuffer);
+  const decryptedBuffer = await crypto.subtle.decrypt(
+    {
+      name: ALGORITHM,
+      iv
+    },
+    derivedKey,
+    encryptedDataBuffer
+  );
+  const decoder = new TextDecoder();
+  return decoder.decode(decryptedBuffer);
+}
+async function encryptVaultKey(vaultKey, password) {
+  const salt = crypto.getRandomValues(new Uint8Array(32));
+  const derivedKey = await deriveKeyFromPassword(password, salt);
+  const nonce = crypto.getRandomValues(new Uint8Array(12));
+  const vaultKeyBuffer = new Uint8Array(vaultKey);
+  const encryptedBuffer = await crypto.subtle.encrypt(
+    {
+      name: ALGORITHM,
+      iv: nonce
+    },
+    derivedKey,
+    vaultKeyBuffer
+  );
+  return {
+    encryptedVaultKey: arrayBufferToBase64(encryptedBuffer),
+    salt: arrayBufferToBase64(salt),
+    vaultKeyNonce: arrayBufferToBase64(nonce)
+  };
+}
+async function decryptVaultKey(encryptedVaultKey, salt, vaultKeyNonce, password) {
+  const encryptedBuffer = base64ToArrayBuffer(encryptedVaultKey);
+  const saltBuffer = base64ToArrayBuffer(salt);
+  const nonceBuffer = base64ToArrayBuffer(vaultKeyNonce);
+  const derivedKey = await deriveKeyFromPassword(password, saltBuffer);
+  const encryptedData = new Uint8Array(encryptedBuffer);
+  const iv = new Uint8Array(nonceBuffer);
+  const decryptedBuffer = await crypto.subtle.decrypt(
+    {
+      name: ALGORITHM,
+      iv
+    },
+    derivedKey,
+    encryptedData
+  );
+  return new Uint8Array(decryptedBuffer);
+}
+async function decryptVaultName(encryptedVaultName, vaultNameNonce, vaultNameSalt, password) {
+  const saltBuffer = base64ToArrayBuffer(vaultNameSalt);
+  const derivedKey = await deriveKeyFromPassword(password, saltBuffer);
+  return decryptString(encryptedVaultName, vaultNameNonce, derivedKey);
+}
+async function encryptCrdtData(data, vaultKey) {
+  const vaultKeyBuffer = new Uint8Array(vaultKey);
+  const cryptoKey = await crypto.subtle.importKey(
+    "raw",
+    vaultKeyBuffer,
+    { name: ALGORITHM },
+    false,
+    ["encrypt"]
+  );
+  const nonce = crypto.getRandomValues(new Uint8Array(12));
+  const encoder = new TextEncoder();
+  const dataBuffer = encoder.encode(JSON.stringify(data));
+  const encryptedBuffer = await crypto.subtle.encrypt(
+    {
+      name: ALGORITHM,
+      iv: nonce
+    },
+    cryptoKey,
+    dataBuffer
+  );
+  return {
+    encryptedData: arrayBufferToBase64(encryptedBuffer),
+    nonce: arrayBufferToBase64(nonce)
+  };
+}
+async function wrapKey(keyToWrap, wrappingKey) {
+  const cryptoKey = await crypto.subtle.importKey(
+    "raw",
+    new Uint8Array(wrappingKey),
+    { name: ALGORITHM },
+    false,
+    ["encrypt"]
+  );
+  const nonce = crypto.getRandomValues(new Uint8Array(12));
+  const ciphertext = await crypto.subtle.encrypt(
+    { name: ALGORITHM, iv: nonce },
+    cryptoKey,
+    new Uint8Array(keyToWrap)
+  );
+  const result = new Uint8Array(12 + ciphertext.byteLength);
+  result.set(nonce, 0);
+  result.set(new Uint8Array(ciphertext), 12);
+  return result;
+}
+async function unwrapKey(wrappedKey, wrappingKey) {
+  const cryptoKey = await crypto.subtle.importKey(
+    "raw",
+    new Uint8Array(wrappingKey),
+    { name: ALGORITHM },
+    false,
+    ["decrypt"]
+  );
+  const nonce = wrappedKey.slice(0, 12);
+  const ciphertext = wrappedKey.slice(12);
+  const plaintext = await crypto.subtle.decrypt(
+    { name: ALGORITHM, iv: nonce },
+    cryptoKey,
+    ciphertext
+  );
+  return new Uint8Array(plaintext);
+}
+async function decryptCrdtData(encryptedData, nonce, vaultKey) {
+  const vaultKeyBuffer = new Uint8Array(vaultKey);
+  const cryptoKey = await crypto.subtle.importKey(
+    "raw",
+    vaultKeyBuffer,
+    { name: ALGORITHM },
+    false,
+    ["decrypt"]
+  );
+  const encryptedBuffer = base64ToArrayBuffer(encryptedData);
+  const nonceBuffer = base64ToArrayBuffer(nonce);
+  const encryptedDataBuffer = new Uint8Array(encryptedBuffer);
+  const iv = new Uint8Array(nonceBuffer);
+  const decryptedBuffer = await crypto.subtle.decrypt(
+    {
+      name: ALGORITHM,
+      iv
+    },
+    cryptoKey,
+    encryptedDataBuffer
+  );
+  const decoder = new TextDecoder();
+  const jsonString = decoder.decode(decryptedBuffer);
+  return JSON.parse(jsonString);
+}
+function arrayBufferToBase64(buffer) {
+  const bytes = buffer instanceof Uint8Array ? buffer : new Uint8Array(buffer);
+  if (typeof Buffer !== "undefined") {
+    return Buffer.from(bytes).toString("base64");
   }
-  if (!localStorageWorks) {
-    const lsStorage = /* @__PURE__ */ new Map();
-    const localStoragePoly = {
-      getItem(key) {
-        return lsStorage.get(key) || null;
-      },
-      setItem(key, value) {
-        lsStorage.set(key, String(value));
-      },
-      removeItem(key) {
-        lsStorage.delete(key);
-      },
-      clear() {
-        lsStorage.clear();
-      },
-      get length() {
-        return lsStorage.size;
-      },
-      key(index) {
-        return Array.from(lsStorage.keys())[index] || null;
-      }
-    };
-    try {
-      Object.defineProperty(window, "localStorage", {
-        value: localStoragePoly,
-        writable: true,
-        configurable: true
-      });
-    } catch {
-      window.localStorage = localStoragePoly;
+  let binary = "";
+  for (let i = 0; i < bytes.length; i++) {
+    const byte = bytes[i];
+    if (byte !== void 0) {
+      binary += String.fromCharCode(byte);
     }
-    console.log("[HaexSpace] localStorage replaced with in-memory polyfill");
   }
+  return btoa(binary);
 }
-function installSessionStoragePolyfill() {
-  if (typeof window === "undefined") {
-    return;
+function base64ToArrayBuffer(base64) {
+  if (typeof Buffer !== "undefined") {
+    return new Uint8Array(Buffer.from(base64, "base64"));
   }
-  try {
-    const sessionStoragePoly = {
-      getItem() {
+  const binary = atob(base64);
+  const bytes = new Uint8Array(binary.length);
+  for (let i = 0; i < binary.length; i++) {
+    bytes[i] = binary.charCodeAt(i);
+  }
+  return bytes;
+}
+var PBKDF2_ITERATIONS, KEY_LENGTH, ALGORITHM;
+var init_vaultKey = __esm({
+  "src/crypto/vaultKey.ts"() {
+    PBKDF2_ITERATIONS = 6e5;
+    KEY_LENGTH = 256;
+    ALGORITHM = "AES-GCM";
+  }
+});
+
+// src/crypto/userKeypair.ts
+var userKeypair_exports = {};
+__export(userKeypair_exports, {
+  KEY_AGREEMENT_ALGO: () => KEY_AGREEMENT_ALGO,
+  SIGNING_ALGO: () => SIGNING_ALGO,
+  decryptPrivateKeyAsync: () => decryptPrivateKeyAsync,
+  encryptPrivateKeyAsync: () => encryptPrivateKeyAsync,
+  exportUserKeypairAsync: () => exportUserKeypairAsync,
+  generateUserKeypairAsync: () => generateUserKeypairAsync,
+  importPrivateKeyForKeyAgreementAsync: () => importPrivateKeyForKeyAgreementAsync,
+  importPublicKeyForKeyAgreementAsync: () => importPublicKeyForKeyAgreementAsync,
+  importUserPrivateKeyAsync: () => importUserPrivateKeyAsync,
+  importUserPublicKeyAsync: () => importUserPublicKeyAsync
+});
+async function generateUserKeypairAsync() {
+  const keypair = await crypto.subtle.generateKey(SIGNING_ALGO, true, ["sign", "verify"]);
+  return { publicKey: keypair.publicKey, privateKey: keypair.privateKey };
+}
+async function exportUserKeypairAsync(keypair) {
+  const pub = await crypto.subtle.exportKey("spki", keypair.publicKey);
+  const priv = await crypto.subtle.exportKey("pkcs8", keypair.privateKey);
+  return { publicKey: arrayBufferToBase64(pub), privateKey: arrayBufferToBase64(priv) };
+}
+async function importUserPublicKeyAsync(base64) {
+  return crypto.subtle.importKey("spki", base64ToArrayBuffer(base64), SIGNING_ALGO, true, ["verify"]);
+}
+async function importUserPrivateKeyAsync(base64) {
+  return crypto.subtle.importKey("pkcs8", base64ToArrayBuffer(base64), SIGNING_ALGO, true, ["sign"]);
+}
+async function importPublicKeyForKeyAgreementAsync(base64) {
+  return crypto.subtle.importKey("spki", base64ToArrayBuffer(base64), KEY_AGREEMENT_ALGO, true, []);
+}
+async function importPrivateKeyForKeyAgreementAsync(base64) {
+  return crypto.subtle.importKey("pkcs8", base64ToArrayBuffer(base64), KEY_AGREEMENT_ALGO, true, ["deriveBits"]);
+}
+async function encryptPrivateKeyAsync(privateKeyBase64, password) {
+  const salt = crypto.getRandomValues(new Uint8Array(32));
+  const derivedKey = await deriveKeyFromPassword(password, salt);
+  const nonce = crypto.getRandomValues(new Uint8Array(12));
+  const encrypted = await crypto.subtle.encrypt(
+    { name: "AES-GCM", iv: nonce },
+    derivedKey,
+    new TextEncoder().encode(privateKeyBase64)
+  );
+  return {
+    encryptedPrivateKey: arrayBufferToBase64(encrypted),
+    nonce: arrayBufferToBase64(nonce),
+    salt: arrayBufferToBase64(salt)
+  };
+}
+async function decryptPrivateKeyAsync(encryptedPrivateKey, nonce, salt, password) {
+  const derivedKey = await deriveKeyFromPassword(password, base64ToArrayBuffer(salt));
+  const decrypted = await crypto.subtle.decrypt(
+    { name: "AES-GCM", iv: base64ToArrayBuffer(nonce) },
+    derivedKey,
+    base64ToArrayBuffer(encryptedPrivateKey)
+  );
+  return new TextDecoder().decode(decrypted);
+}
+var SIGNING_ALGO, KEY_AGREEMENT_ALGO;
+var init_userKeypair = __esm({
+  "src/crypto/userKeypair.ts"() {
+    init_vaultKey();
+    SIGNING_ALGO = { name: "ECDSA", namedCurve: "P-256" };
+    KEY_AGREEMENT_ALGO = { name: "ECDH", namedCurve: "P-256" };
+  }
+});
+
+// src/polyfills/localStorage.ts
+function installLocalStoragePolyfill() {
+  if (typeof window === "undefined") {
+    return;
+  }
+  console.log("[HaexSpace] Storage Polyfill loading immediately");
+  let localStorageWorks = false;
+  try {
+    const testKey = "__ls_test__";
+    localStorage.setItem(testKey, testKey);
+    localStorage.removeItem(testKey);
+    localStorageWorks = true;
+  } catch {
+    console.warn("[HaexSpace] localStorage blocked \u2013 using in-memory fallback");
+  }
+  if (!localStorageWorks) {
+    const lsStorage = /* @__PURE__ */ new Map();
+    const localStoragePoly = {
+      getItem(key) {
+        return lsStorage.get(key) || null;
+      },
+      setItem(key, value) {
+        lsStorage.set(key, String(value));
+      },
+      removeItem(key) {
+        lsStorage.delete(key);
+      },
+      clear() {
+        lsStorage.clear();
+      },
+      get length() {
+        return lsStorage.size;
+      },
+      key(index) {
+        return Array.from(lsStorage.keys())[index] || null;
+      }
+    };
+    try {
+      Object.defineProperty(window, "localStorage", {
+        value: localStoragePoly,
+        writable: true,
+        configurable: true
+      });
+    } catch {
+      window.localStorage = localStoragePoly;
+    }
+    console.log("[HaexSpace] localStorage replaced with in-memory polyfill");
+  }
+}
+function installSessionStoragePolyfill() {
+  if (typeof window === "undefined") {
+    return;
+  }
+  try {
+    const sessionStoragePoly = {
+      getItem() {
         return null;
       },
       setItem() {
@@ -646,399 +947,182 @@ var LOCALSEND_COMMANDS = {
   /** Start device discovery via multicast UDP */
   startDiscovery: "localsend_start_discovery",
   /** Stop device discovery */
-  stopDiscovery: "localsend_stop_discovery",
-  /** Get list of discovered devices */
-  getDevices: "localsend_get_devices",
-  // Network scan (mobile only)
-  /** Scan network for devices via HTTP */
-  scanNetwork: "localsend_scan_network",
-  // Server (receiving files)
-  /** Start the HTTPS server for receiving files */
-  startServer: "localsend_start_server",
-  /** Stop the HTTPS server */
-  stopServer: "localsend_stop_server",
-  /** Get server status */
-  getServerStatus: "localsend_get_server_status",
-  /** Get pending incoming transfer requests */
-  getPendingTransfers: "localsend_get_pending_transfers",
-  /** Accept an incoming transfer */
-  acceptTransfer: "localsend_accept_transfer",
-  /** Reject an incoming transfer */
-  rejectTransfer: "localsend_reject_transfer",
-  // Client (sending files)
-  /** Prepare files for sending - collect metadata */
-  prepareFiles: "localsend_prepare_files",
-  /** Send files to a device */
-  sendFiles: "localsend_send_files",
-  /** Cancel an outgoing transfer */
-  cancelSend: "localsend_cancel_send"
-};
-
-// src/commands/spaces.ts
-var SPACE_COMMANDS = {
-  /** Bulk assign rows to spaces */
-  assign: "extension_space_assign",
-  /** Bulk unassign rows from spaces */
-  unassign: "extension_space_unassign",
-  /** Get space assignments for a table */
-  getAssignments: "extension_space_get_assignments",
-  /** List all spaces the user is a member of (with decrypted names) */
-  list: "extension_space_list",
-  /** Create a new shared space */
-  create: "extension_space_create",
-  /** List available sync backends */
-  listBackends: "extension_space_list_backends"
-};
-
-// src/commands/index.ts
-var TAURI_COMMANDS = {
-  database: DATABASE_COMMANDS,
-  permissions: PERMISSIONS_COMMANDS,
-  web: WEB_COMMANDS,
-  webStorage: WEB_STORAGE_COMMANDS,
-  filesystem: FILESYSTEM_COMMANDS,
-  externalBridge: EXTERNAL_BRIDGE_COMMANDS,
-  extension: EXTENSION_COMMANDS,
-  remoteStorage: REMOTE_STORAGE_COMMANDS,
-  localsend: LOCALSEND_COMMANDS,
-  spaces: SPACE_COMMANDS
-};
-
-// src/api/storage.ts
-var StorageAPI = class {
-  constructor(client) {
-    this.client = client;
-  }
-  async getItem(key) {
-    return this.client.request(WEB_STORAGE_COMMANDS.getItem, { key });
-  }
-  async setItem(key, value) {
-    await this.client.request(WEB_STORAGE_COMMANDS.setItem, { key, value });
-  }
-  async removeItem(key) {
-    await this.client.request(WEB_STORAGE_COMMANDS.removeItem, { key });
-  }
-  async clear() {
-    await this.client.request(WEB_STORAGE_COMMANDS.clear);
-  }
-  async keys() {
-    return this.client.request(WEB_STORAGE_COMMANDS.keys);
-  }
-};
-
-// src/api/database.ts
-var DatabaseAPI = class {
-  constructor(client) {
-    this.client = client;
-  }
-  async query(query, params) {
-    const result = await this.client.request(
-      DATABASE_COMMANDS.query,
-      {
-        query,
-        params: params || []
-      }
-    );
-    return result.rows;
-  }
-  async queryOne(query, params) {
-    const rows = await this.query(query, params);
-    return rows.length > 0 ? rows[0] ?? null : null;
-  }
-  async execute(query, params) {
-    return this.client.request(DATABASE_COMMANDS.execute, {
-      query,
-      params: params || []
-    });
-  }
-  async transaction(statements) {
-    await this.client.request(DATABASE_COMMANDS.transaction, {
-      statements
-    });
-  }
-  async createTable(tableName, columns) {
-    const query = `CREATE TABLE IF NOT EXISTS ${tableName} (${columns})`;
-    await this.execute(query);
-  }
-  async dropTable(tableName) {
-    const query = `DROP TABLE IF EXISTS ${tableName}`;
-    await this.execute(query);
-  }
-  /**
-   * Registers and applies extension migrations with HaexVault
-   *
-   * HaexVault will:
-   * 1. Validate all SQL statements (ensure only extension's own tables are accessed)
-   * 2. Store migrations with applied_at = NULL
-   * 3. Query pending migrations sorted by name
-   * 4. Apply pending migrations and set up CRDT triggers
-   * 5. Mark successful migrations with applied_at timestamp
-   *
-   * @param extensionVersion - The version of the extension
-   * @param migrations - Array of migration objects with name and SQL content
-   * @returns Promise with migration result (applied count, already applied count, applied migration names)
-   */
-  async registerMigrationsAsync(extensionVersion, migrations) {
-    return this.client.request(
-      DATABASE_COMMANDS.registerMigrations,
-      {
-        extensionVersion,
-        migrations
-      }
-    );
-  }
-  async insert(tableName, data) {
-    const keys = Object.keys(data);
-    const values = Object.values(data);
-    const placeholders = keys.map(() => "?").join(", ");
-    const query = `INSERT INTO ${tableName} (${keys.join(
-      ", "
-    )}) VALUES (${placeholders})`;
-    const result = await this.execute(query, values);
-    return result.lastInsertId ?? -1;
-  }
-  async update(tableName, data, where, whereParams) {
-    const keys = Object.keys(data);
-    const values = Object.values(data);
-    const setClause = keys.map((key) => `${key} = ?`).join(", ");
-    const query = `UPDATE ${tableName} SET ${setClause} WHERE ${where}`;
-    const result = await this.execute(query, [
-      ...values,
-      ...whereParams || []
-    ]);
-    return result.rowsAffected;
-  }
-  async delete(tableName, where, whereParams) {
-    const query = `DELETE FROM ${tableName} WHERE ${where}`;
-    const result = await this.execute(query, whereParams);
-    return result.rowsAffected;
-  }
-  async count(tableName, where, whereParams) {
-    const query = where ? `SELECT COUNT(*) as count FROM ${tableName} WHERE ${where}` : `SELECT COUNT(*) as count FROM ${tableName}`;
-    const result = await this.queryOne(query, whereParams);
-    return result?.count ?? 0;
-  }
-};
-
-// src/crypto/vaultKey.ts
-var PBKDF2_ITERATIONS = 6e5;
-var KEY_LENGTH = 256;
-var ALGORITHM = "AES-GCM";
-async function deriveKeyFromPassword(password, salt) {
-  const encoder = new TextEncoder();
-  const passwordBuffer = encoder.encode(password);
-  const saltBuffer = new Uint8Array(salt);
-  const keyMaterial = await crypto.subtle.importKey(
-    "raw",
-    passwordBuffer,
-    "PBKDF2",
-    false,
-    ["deriveKey"]
-  );
-  return await crypto.subtle.deriveKey(
-    {
-      name: "PBKDF2",
-      salt: saltBuffer,
-      iterations: PBKDF2_ITERATIONS,
-      hash: "SHA-256"
-    },
-    keyMaterial,
-    { name: ALGORITHM, length: KEY_LENGTH },
-    false,
-    // not extractable
-    ["encrypt", "decrypt"]
-  );
-}
-function generateVaultKey() {
-  return crypto.getRandomValues(new Uint8Array(32));
-}
-async function encryptString(data, derivedKey) {
-  const nonce = crypto.getRandomValues(new Uint8Array(12));
-  const encoder = new TextEncoder();
-  const dataBuffer = encoder.encode(data);
-  const encryptedBuffer = await crypto.subtle.encrypt(
-    {
-      name: ALGORITHM,
-      iv: nonce
-    },
-    derivedKey,
-    dataBuffer
-  );
-  return {
-    encryptedData: arrayBufferToBase64(encryptedBuffer),
-    nonce: arrayBufferToBase64(nonce)
-  };
-}
-async function decryptString(encryptedData, nonce, derivedKey) {
-  const encryptedBuffer = base64ToArrayBuffer(encryptedData);
-  const nonceBuffer = base64ToArrayBuffer(nonce);
-  const encryptedDataBuffer = new Uint8Array(encryptedBuffer);
-  const iv = new Uint8Array(nonceBuffer);
-  const decryptedBuffer = await crypto.subtle.decrypt(
-    {
-      name: ALGORITHM,
-      iv
-    },
-    derivedKey,
-    encryptedDataBuffer
-  );
-  const decoder = new TextDecoder();
-  return decoder.decode(decryptedBuffer);
-}
-async function encryptVaultKey(vaultKey, password) {
-  const salt = crypto.getRandomValues(new Uint8Array(32));
-  const derivedKey = await deriveKeyFromPassword(password, salt);
-  const nonce = crypto.getRandomValues(new Uint8Array(12));
-  const vaultKeyBuffer = new Uint8Array(vaultKey);
-  const encryptedBuffer = await crypto.subtle.encrypt(
-    {
-      name: ALGORITHM,
-      iv: nonce
-    },
-    derivedKey,
-    vaultKeyBuffer
-  );
-  return {
-    encryptedVaultKey: arrayBufferToBase64(encryptedBuffer),
-    salt: arrayBufferToBase64(salt),
-    vaultKeyNonce: arrayBufferToBase64(nonce)
-  };
-}
-async function decryptVaultKey(encryptedVaultKey, salt, vaultKeyNonce, password) {
-  const encryptedBuffer = base64ToArrayBuffer(encryptedVaultKey);
-  const saltBuffer = base64ToArrayBuffer(salt);
-  const nonceBuffer = base64ToArrayBuffer(vaultKeyNonce);
-  const derivedKey = await deriveKeyFromPassword(password, saltBuffer);
-  const encryptedData = new Uint8Array(encryptedBuffer);
-  const iv = new Uint8Array(nonceBuffer);
-  const decryptedBuffer = await crypto.subtle.decrypt(
-    {
-      name: ALGORITHM,
-      iv
-    },
-    derivedKey,
-    encryptedData
-  );
-  return new Uint8Array(decryptedBuffer);
-}
-async function decryptVaultName(encryptedVaultName, vaultNameNonce, vaultNameSalt, password) {
-  const saltBuffer = base64ToArrayBuffer(vaultNameSalt);
-  const derivedKey = await deriveKeyFromPassword(password, saltBuffer);
-  return decryptString(encryptedVaultName, vaultNameNonce, derivedKey);
-}
-async function encryptCrdtData(data, vaultKey) {
-  const vaultKeyBuffer = new Uint8Array(vaultKey);
-  const cryptoKey = await crypto.subtle.importKey(
-    "raw",
-    vaultKeyBuffer,
-    { name: ALGORITHM },
-    false,
-    ["encrypt"]
-  );
-  const nonce = crypto.getRandomValues(new Uint8Array(12));
-  const encoder = new TextEncoder();
-  const dataBuffer = encoder.encode(JSON.stringify(data));
-  const encryptedBuffer = await crypto.subtle.encrypt(
-    {
-      name: ALGORITHM,
-      iv: nonce
-    },
-    cryptoKey,
-    dataBuffer
-  );
-  return {
-    encryptedData: arrayBufferToBase64(encryptedBuffer),
-    nonce: arrayBufferToBase64(nonce)
-  };
-}
-async function wrapKey(keyToWrap, wrappingKey) {
-  const cryptoKey = await crypto.subtle.importKey(
-    "raw",
-    new Uint8Array(wrappingKey),
-    { name: ALGORITHM },
-    false,
-    ["encrypt"]
-  );
-  const nonce = crypto.getRandomValues(new Uint8Array(12));
-  const ciphertext = await crypto.subtle.encrypt(
-    { name: ALGORITHM, iv: nonce },
-    cryptoKey,
-    new Uint8Array(keyToWrap)
-  );
-  const result = new Uint8Array(12 + ciphertext.byteLength);
-  result.set(nonce, 0);
-  result.set(new Uint8Array(ciphertext), 12);
-  return result;
-}
-async function unwrapKey(wrappedKey, wrappingKey) {
-  const cryptoKey = await crypto.subtle.importKey(
-    "raw",
-    new Uint8Array(wrappingKey),
-    { name: ALGORITHM },
-    false,
-    ["decrypt"]
-  );
-  const nonce = wrappedKey.slice(0, 12);
-  const ciphertext = wrappedKey.slice(12);
-  const plaintext = await crypto.subtle.decrypt(
-    { name: ALGORITHM, iv: nonce },
-    cryptoKey,
-    ciphertext
-  );
-  return new Uint8Array(plaintext);
-}
-async function decryptCrdtData(encryptedData, nonce, vaultKey) {
-  const vaultKeyBuffer = new Uint8Array(vaultKey);
-  const cryptoKey = await crypto.subtle.importKey(
-    "raw",
-    vaultKeyBuffer,
-    { name: ALGORITHM },
-    false,
-    ["decrypt"]
-  );
-  const encryptedBuffer = base64ToArrayBuffer(encryptedData);
-  const nonceBuffer = base64ToArrayBuffer(nonce);
-  const encryptedDataBuffer = new Uint8Array(encryptedBuffer);
-  const iv = new Uint8Array(nonceBuffer);
-  const decryptedBuffer = await crypto.subtle.decrypt(
-    {
-      name: ALGORITHM,
-      iv
-    },
-    cryptoKey,
-    encryptedDataBuffer
-  );
-  const decoder = new TextDecoder();
-  const jsonString = decoder.decode(decryptedBuffer);
-  return JSON.parse(jsonString);
-}
-function arrayBufferToBase64(buffer) {
-  const bytes = buffer instanceof Uint8Array ? buffer : new Uint8Array(buffer);
-  if (typeof Buffer !== "undefined") {
-    return Buffer.from(bytes).toString("base64");
+  stopDiscovery: "localsend_stop_discovery",
+  /** Get list of discovered devices */
+  getDevices: "localsend_get_devices",
+  // Network scan (mobile only)
+  /** Scan network for devices via HTTP */
+  scanNetwork: "localsend_scan_network",
+  // Server (receiving files)
+  /** Start the HTTPS server for receiving files */
+  startServer: "localsend_start_server",
+  /** Stop the HTTPS server */
+  stopServer: "localsend_stop_server",
+  /** Get server status */
+  getServerStatus: "localsend_get_server_status",
+  /** Get pending incoming transfer requests */
+  getPendingTransfers: "localsend_get_pending_transfers",
+  /** Accept an incoming transfer */
+  acceptTransfer: "localsend_accept_transfer",
+  /** Reject an incoming transfer */
+  rejectTransfer: "localsend_reject_transfer",
+  // Client (sending files)
+  /** Prepare files for sending - collect metadata */
+  prepareFiles: "localsend_prepare_files",
+  /** Send files to a device */
+  sendFiles: "localsend_send_files",
+  /** Cancel an outgoing transfer */
+  cancelSend: "localsend_cancel_send"
+};
+
+// src/commands/spaces.ts
+var SPACE_COMMANDS = {
+  /** Bulk assign rows to spaces */
+  assign: "extension_space_assign",
+  /** Bulk unassign rows from spaces */
+  unassign: "extension_space_unassign",
+  /** Get space assignments for a table */
+  getAssignments: "extension_space_get_assignments",
+  /** List all spaces the user is a member of (with decrypted names) */
+  list: "extension_space_list",
+  /** Create a new shared space */
+  create: "extension_space_create",
+  /** List available sync backends */
+  listBackends: "extension_space_list_backends"
+};
+
+// src/commands/index.ts
+var TAURI_COMMANDS = {
+  database: DATABASE_COMMANDS,
+  permissions: PERMISSIONS_COMMANDS,
+  web: WEB_COMMANDS,
+  webStorage: WEB_STORAGE_COMMANDS,
+  filesystem: FILESYSTEM_COMMANDS,
+  externalBridge: EXTERNAL_BRIDGE_COMMANDS,
+  extension: EXTENSION_COMMANDS,
+  remoteStorage: REMOTE_STORAGE_COMMANDS,
+  localsend: LOCALSEND_COMMANDS,
+  spaces: SPACE_COMMANDS
+};
+
+// src/api/storage.ts
+var StorageAPI = class {
+  constructor(client) {
+    this.client = client;
   }
-  let binary = "";
-  for (let i = 0; i < bytes.length; i++) {
-    const byte = bytes[i];
-    if (byte !== void 0) {
-      binary += String.fromCharCode(byte);
-    }
+  async getItem(key) {
+    return this.client.request(WEB_STORAGE_COMMANDS.getItem, { key });
   }
-  return btoa(binary);
-}
-function base64ToArrayBuffer(base64) {
-  if (typeof Buffer !== "undefined") {
-    return new Uint8Array(Buffer.from(base64, "base64"));
+  async setItem(key, value) {
+    await this.client.request(WEB_STORAGE_COMMANDS.setItem, { key, value });
   }
-  const binary = atob(base64);
-  const bytes = new Uint8Array(binary.length);
-  for (let i = 0; i < binary.length; i++) {
-    bytes[i] = binary.charCodeAt(i);
+  async removeItem(key) {
+    await this.client.request(WEB_STORAGE_COMMANDS.removeItem, { key });
   }
-  return bytes;
-}
+  async clear() {
+    await this.client.request(WEB_STORAGE_COMMANDS.clear);
+  }
+  async keys() {
+    return this.client.request(WEB_STORAGE_COMMANDS.keys);
+  }
+};
+
+// src/api/database.ts
+var DatabaseAPI = class {
+  constructor(client) {
+    this.client = client;
+  }
+  async query(query, params) {
+    const result = await this.client.request(
+      DATABASE_COMMANDS.query,
+      {
+        query,
+        params: params || []
+      }
+    );
+    return result.rows;
+  }
+  async queryOne(query, params) {
+    const rows = await this.query(query, params);
+    return rows.length > 0 ? rows[0] ?? null : null;
+  }
+  async execute(query, params) {
+    return this.client.request(DATABASE_COMMANDS.execute, {
+      query,
+      params: params || []
+    });
+  }
+  async transaction(statements) {
+    await this.client.request(DATABASE_COMMANDS.transaction, {
+      statements
+    });
+  }
+  async createTable(tableName, columns) {
+    const query = `CREATE TABLE IF NOT EXISTS ${tableName} (${columns})`;
+    await this.execute(query);
+  }
+  async dropTable(tableName) {
+    const query = `DROP TABLE IF EXISTS ${tableName}`;
+    await this.execute(query);
+  }
+  /**
+   * Registers and applies extension migrations with HaexVault
+   *
+   * HaexVault will:
+   * 1. Validate all SQL statements (ensure only extension's own tables are accessed)
+   * 2. Store migrations with applied_at = NULL
+   * 3. Query pending migrations sorted by name
+   * 4. Apply pending migrations and set up CRDT triggers
+   * 5. Mark successful migrations with applied_at timestamp
+   *
+   * @param extensionVersion - The version of the extension
+   * @param migrations - Array of migration objects with name and SQL content
+   * @returns Promise with migration result (applied count, already applied count, applied migration names)
+   */
+  async registerMigrationsAsync(extensionVersion, migrations) {
+    return this.client.request(
+      DATABASE_COMMANDS.registerMigrations,
+      {
+        extensionVersion,
+        migrations
+      }
+    );
+  }
+  async insert(tableName, data) {
+    const keys = Object.keys(data);
+    const values = Object.values(data);
+    const placeholders = keys.map(() => "?").join(", ");
+    const query = `INSERT INTO ${tableName} (${keys.join(
+      ", "
+    )}) VALUES (${placeholders})`;
+    const result = await this.execute(query, values);
+    return result.lastInsertId ?? -1;
+  }
+  async update(tableName, data, where, whereParams) {
+    const keys = Object.keys(data);
+    const values = Object.values(data);
+    const setClause = keys.map((key) => `${key} = ?`).join(", ");
+    const query = `UPDATE ${tableName} SET ${setClause} WHERE ${where}`;
+    const result = await this.execute(query, [
+      ...values,
+      ...whereParams || []
+    ]);
+    return result.rowsAffected;
+  }
+  async delete(tableName, where, whereParams) {
+    const query = `DELETE FROM ${tableName} WHERE ${where}`;
+    const result = await this.execute(query, whereParams);
+    return result.rowsAffected;
+  }
+  async count(tableName, where, whereParams) {
+    const query = where ? `SELECT COUNT(*) as count FROM ${tableName} WHERE ${where}` : `SELECT COUNT(*) as count FROM ${tableName}`;
+    const result = await this.queryOne(query, whereParams);
+    return result?.count ?? 0;
+  }
+};
 
 // src/api/filesystem.ts
+init_vaultKey();
 var FilesystemAPI = class {
   constructor(client) {
     this.client = client;
@@ -1424,6 +1508,7 @@ var PermissionsAPI = class {
 };
 
 // src/api/remoteStorage.ts
+init_vaultKey();
 var RemoteStorageAPI = class {
   constructor(client) {
     this.client = client;
@@ -2846,56 +2931,169 @@ async function verifyExtensionSignature(files, manifest) {
   }
 }
 
-// src/crypto/userKeypair.ts
-var SIGNING_ALGO = { name: "ECDSA", namedCurve: "P-256" };
-var KEY_AGREEMENT_ALGO = { name: "ECDH", namedCurve: "P-256" };
-async function generateUserKeypairAsync() {
-  const keypair = await crypto.subtle.generateKey(SIGNING_ALGO, true, ["sign", "verify"]);
-  return { publicKey: keypair.publicKey, privateKey: keypair.privateKey };
-}
-async function exportUserKeypairAsync(keypair) {
-  const pub = await crypto.subtle.exportKey("spki", keypair.publicKey);
-  const priv = await crypto.subtle.exportKey("pkcs8", keypair.privateKey);
-  return { publicKey: arrayBufferToBase64(pub), privateKey: arrayBufferToBase64(priv) };
-}
-async function importUserPublicKeyAsync(base64) {
-  return crypto.subtle.importKey("spki", base64ToArrayBuffer(base64), SIGNING_ALGO, true, ["verify"]);
+// src/index.ts
+init_vaultKey();
+init_userKeypair();
+
+// src/crypto/didKey.ts
+init_userKeypair();
+init_vaultKey();
+var BASE58_ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+function base58btcEncode(bytes) {
+  let zeros = 0;
+  for (const b of bytes) {
+    if (b !== 0) break;
+    zeros++;
+  }
+  const digits = [];
+  for (const b of bytes) {
+    let carry = b;
+    for (let j = 0; j < digits.length; j++) {
+      carry += digits[j] << 8;
+      digits[j] = carry % 58;
+      carry = carry / 58 | 0;
+    }
+    while (carry > 0) {
+      digits.push(carry % 58);
+      carry = carry / 58 | 0;
+    }
+  }
+  return "1".repeat(zeros) + digits.reverse().map((d) => BASE58_ALPHABET[d]).join("");
+}
+function base58btcDecode(str) {
+  let zeros = 0;
+  for (const c of str) {
+    if (c !== "1") break;
+    zeros++;
+  }
+  const bytes = [];
+  for (const c of str) {
+    const value = BASE58_ALPHABET.indexOf(c);
+    if (value === -1) throw new Error(`Invalid base58 character: ${c}`);
+    let carry = value;
+    for (let j = 0; j < bytes.length; j++) {
+      carry += bytes[j] * 58;
+      bytes[j] = carry & 255;
+      carry >>= 8;
+    }
+    while (carry > 0) {
+      bytes.push(carry & 255);
+      carry >>= 8;
+    }
+  }
+  const result = new Uint8Array(zeros + bytes.length);
+  for (let i = 0; i < bytes.length; i++) {
+    result[zeros + i] = bytes[bytes.length - 1 - i];
+  }
+  return result;
 }
-async function importUserPrivateKeyAsync(base64) {
-  return crypto.subtle.importKey("pkcs8", base64ToArrayBuffer(base64), SIGNING_ALGO, true, ["sign"]);
+function compressP256Point(uncompressed) {
+  if (uncompressed.length !== 65 || uncompressed[0] !== 4) {
+    throw new Error("Expected 65-byte uncompressed P-256 point (0x04 prefix)");
+  }
+  const x = uncompressed.slice(1, 33);
+  const yLastByte = uncompressed[64];
+  const prefix = (yLastByte & 1) === 0 ? 2 : 3;
+  const compressed = new Uint8Array(33);
+  compressed[0] = prefix;
+  compressed.set(x, 1);
+  return compressed;
+}
+function decompressP256Point(compressed) {
+  if (compressed.length !== 33 || compressed[0] !== 2 && compressed[0] !== 3) {
+    throw new Error("Expected 33-byte compressed P-256 point");
+  }
+  const isOdd = compressed[0] === 3;
+  const x = bytesToBigInt(compressed.slice(1));
+  const p = BigInt("0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff");
+  const b = BigInt("0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b");
+  const a = p - 3n;
+  const ySquared = (modPow(x, 3n, p) + a * x + b) % p;
+  let y = modSqrt(ySquared, p);
+  const yIsOdd = (y & 1n) === 1n;
+  if (isOdd !== yIsOdd) {
+    y = p - y;
+  }
+  const uncompressed = new Uint8Array(65);
+  uncompressed[0] = 4;
+  uncompressed.set(bigIntToBytes(x, 32), 1);
+  uncompressed.set(bigIntToBytes(y, 32), 33);
+  return uncompressed;
+}
+function bytesToBigInt(bytes) {
+  let result = 0n;
+  for (const b of bytes) {
+    result = result << 8n | BigInt(b);
+  }
+  return result;
 }
-async function importPublicKeyForKeyAgreementAsync(base64) {
-  return crypto.subtle.importKey("spki", base64ToArrayBuffer(base64), KEY_AGREEMENT_ALGO, true, []);
+function bigIntToBytes(n, length) {
+  const bytes = new Uint8Array(length);
+  let val = n;
+  for (let i = length - 1; i >= 0; i--) {
+    bytes[i] = Number(val & 0xffn);
+    val >>= 8n;
+  }
+  return bytes;
 }
-async function importPrivateKeyForKeyAgreementAsync(base64) {
-  return crypto.subtle.importKey("pkcs8", base64ToArrayBuffer(base64), KEY_AGREEMENT_ALGO, true, ["deriveBits"]);
+function modPow(base, exp, mod) {
+  let result = 1n;
+  base = base % mod;
+  while (exp > 0n) {
+    if (exp & 1n) result = result * base % mod;
+    exp >>= 1n;
+    base = base * base % mod;
+  }
+  return result;
 }
-async function encryptPrivateKeyAsync(privateKeyBase64, password) {
-  const salt = crypto.getRandomValues(new Uint8Array(32));
-  const derivedKey = await deriveKeyFromPassword(password, salt);
-  const nonce = crypto.getRandomValues(new Uint8Array(12));
-  const encrypted = await crypto.subtle.encrypt(
-    { name: "AES-GCM", iv: nonce },
-    derivedKey,
-    new TextEncoder().encode(privateKeyBase64)
+function modSqrt(a, p) {
+  return modPow(a, (p + 1n) / 4n, p);
+}
+var P256_MULTICODEC_PREFIX = new Uint8Array([128, 36]);
+async function publicKeyToDidKeyAsync(publicKeyBase64) {
+  const cryptoKey = await importUserPublicKeyAsync(publicKeyBase64);
+  const rawBytes = new Uint8Array(await crypto.subtle.exportKey("raw", cryptoKey));
+  const compressed = compressP256Point(rawBytes);
+  const multicodecBytes = new Uint8Array(P256_MULTICODEC_PREFIX.length + compressed.length);
+  multicodecBytes.set(P256_MULTICODEC_PREFIX);
+  multicodecBytes.set(compressed, P256_MULTICODEC_PREFIX.length);
+  return `did:key:z${base58btcEncode(multicodecBytes)}`;
+}
+async function didKeyToPublicKeyAsync(did) {
+  if (!did.startsWith("did:key:z")) {
+    throw new Error("Only did:key with base58-btc multibase (z prefix) is supported");
+  }
+  const multicodecBytes = base58btcDecode(did.slice("did:key:z".length));
+  if (multicodecBytes[0] !== P256_MULTICODEC_PREFIX[0] || multicodecBytes[1] !== P256_MULTICODEC_PREFIX[1]) {
+    throw new Error("Unsupported key type in did:key (expected P-256)");
+  }
+  const compressed = multicodecBytes.slice(P256_MULTICODEC_PREFIX.length);
+  const uncompressed = decompressP256Point(compressed);
+  const cryptoKey = await crypto.subtle.importKey(
+    "raw",
+    uncompressed.buffer,
+    { name: "ECDSA", namedCurve: "P-256" },
+    true,
+    ["verify"]
   );
+  const spki = await crypto.subtle.exportKey("spki", cryptoKey);
+  return arrayBufferToBase64(spki);
+}
+async function generateIdentityAsync() {
+  const { generateUserKeypairAsync: generateUserKeypairAsync2, exportUserKeypairAsync: exportUserKeypairAsync2 } = await Promise.resolve().then(() => (init_userKeypair(), userKeypair_exports));
+  const keypair = await generateUserKeypairAsync2();
+  const exported = await exportUserKeypairAsync2(keypair);
+  const did = await publicKeyToDidKeyAsync(exported.publicKey);
   return {
-    encryptedPrivateKey: arrayBufferToBase64(encrypted),
-    nonce: arrayBufferToBase64(nonce),
-    salt: arrayBufferToBase64(salt)
+    did,
+    publicKeyBase64: exported.publicKey,
+    privateKeyBase64: exported.privateKey
   };
 }
-async function decryptPrivateKeyAsync(encryptedPrivateKey, nonce, salt, password) {
-  const derivedKey = await deriveKeyFromPassword(password, base64ToArrayBuffer(salt));
-  const decrypted = await crypto.subtle.decrypt(
-    { name: "AES-GCM", iv: base64ToArrayBuffer(nonce) },
-    derivedKey,
-    base64ToArrayBuffer(encryptedPrivateKey)
-  );
-  return new TextDecoder().decode(decrypted);
-}
 
 // src/crypto/spaceKey.ts
+init_userKeypair();
+init_vaultKey();
 function generateSpaceKey() {
   return generateVaultKey();
 }
@@ -2983,7 +3181,45 @@ async function decryptSpaceNameAsync(spaceKey, encryptedName, nameNonce) {
   return decryptString(encryptedName, nameNonce, cryptoKey);
 }
 
+// src/crypto/claims.ts
+init_userKeypair();
+async function signClaimPresentationAsync(did, publicKeyBase64, claims, privateKeyBase64) {
+  const timestamp = (/* @__PURE__ */ new Date()).toISOString();
+  const sortedEntries = Object.entries(claims).sort(([a], [b]) => a.localeCompare(b));
+  const canonical = [did, timestamp, ...sortedEntries.map(([k, v]) => `${k}=${v}`)].join("\0");
+  const privateKey = await importUserPrivateKeyAsync(privateKeyBase64);
+  const data = new TextEncoder().encode(canonical);
+  const sig = await crypto.subtle.sign(
+    { name: "ECDSA", hash: "SHA-256" },
+    privateKey,
+    data
+  );
+  return {
+    did,
+    publicKey: publicKeyBase64,
+    claims,
+    timestamp,
+    signature: btoa(String.fromCharCode(...new Uint8Array(sig)))
+  };
+}
+async function verifyClaimPresentationAsync(presentation) {
+  const { did, publicKey, claims, timestamp, signature } = presentation;
+  const sortedEntries = Object.entries(claims).sort(([a], [b]) => a.localeCompare(b));
+  const canonical = [did, timestamp, ...sortedEntries.map(([k, v]) => `${k}=${v}`)].join("\0");
+  const pubKey = await importUserPublicKeyAsync(publicKey);
+  const data = new TextEncoder().encode(canonical);
+  const sigBytes = Uint8Array.from(atob(signature), (c) => c.charCodeAt(0));
+  return crypto.subtle.verify(
+    { name: "ECDSA", hash: "SHA-256" },
+    pubKey,
+    sigBytes,
+    data
+  );
+}
+
 // src/crypto/recordSigning.ts
+init_userKeypair();
+init_vaultKey();
 function canonicalize(record) {
   const parts = [
     record.tableName,
@@ -3046,6 +3282,7 @@ async function verifySpaceChallengeAsync(spaceId, timestamp, signatureBase64, pu
 }
 
 // src/crypto/passkey.ts
+init_vaultKey();
 function toArrayBuffer(data) {
   if (data instanceof ArrayBuffer) {
     return data;
@@ -3215,6 +3452,6 @@ function createHaexVaultSdk(config = {}) {
   return new HaexVaultSdk(config);
 }
 
-export { COSE_ALGORITHM, DEFAULT_TIMEOUT, DatabaseAPI, EXTERNAL_EVENTS, ErrorCode, ExternalConnectionErrorCode, ExternalConnectionState, FilesystemAPI, HAEXSPACE_MESSAGE_TYPES, HAEXTENSION_EVENTS, HaexVaultSdk, HaexVaultSdkError, KEY_AGREEMENT_ALGO, LOCALSEND_EVENTS, LocalSendAPI, PermissionErrorCode, PermissionStatus, PermissionsAPI, RemoteStorageAPI, SIGNING_ALGO, SPACE_COMMANDS, SpacesAPI, TABLE_SEPARATOR, TAURI_COMMANDS, WebAPI, arrayBufferToBase64, base64ToArrayBuffer, canExternalClientSendRequests, createHaexVaultSdk, decryptCrdtData, decryptPrivateKeyAsync, decryptSpaceKeyAsync, decryptSpaceNameAsync, decryptString, decryptVaultKey, decryptVaultName, deriveKeyFromPassword, encryptCrdtData, encryptPrivateKeyAsync, encryptSpaceKeyForRecipientAsync, encryptSpaceNameAsync, encryptString, encryptVaultKey, exportKeyPairAsync, exportPrivateKeyAsync, exportPublicKeyAsync, exportPublicKeyCoseAsync, exportUserKeypairAsync, generateCredentialId, generatePasskeyPairAsync, generateSpaceKey, generateUserKeypairAsync, generateVaultKey, getTableName, hexToBytes, importPrivateKeyAsync, importPrivateKeyForKeyAgreementAsync, importPublicKeyAsync, importPublicKeyForKeyAgreementAsync, importUserPrivateKeyAsync, importUserPublicKeyAsync, installBaseTag, installCookiePolyfill, installHistoryPolyfill, installLocalStoragePolyfill, installPolyfills, installSessionStoragePolyfill, isExternalClientConnected, isPermissionDeniedError, isPermissionError, isPermissionPromptError, signRecordAsync, signSpaceChallengeAsync, signWithPasskeyAsync, sortObjectKeysRecursively, unwrapKey, verifyExtensionSignature, verifyRecordSignatureAsync, verifySpaceChallengeAsync, verifyWithPasskeyAsync, wrapKey };
+export { COSE_ALGORITHM, DEFAULT_TIMEOUT, DatabaseAPI, EXTERNAL_EVENTS, ErrorCode, ExternalConnectionErrorCode, ExternalConnectionState, FilesystemAPI, HAEXSPACE_MESSAGE_TYPES, HAEXTENSION_EVENTS, HaexVaultSdk, HaexVaultSdkError, KEY_AGREEMENT_ALGO, LOCALSEND_EVENTS, LocalSendAPI, PermissionErrorCode, PermissionStatus, PermissionsAPI, RemoteStorageAPI, SIGNING_ALGO, SPACE_COMMANDS, SpacesAPI, TABLE_SEPARATOR, TAURI_COMMANDS, WebAPI, arrayBufferToBase64, base64ToArrayBuffer, canExternalClientSendRequests, createHaexVaultSdk, decryptCrdtData, decryptPrivateKeyAsync, decryptSpaceKeyAsync, decryptSpaceNameAsync, decryptString, decryptVaultKey, decryptVaultName, deriveKeyFromPassword, didKeyToPublicKeyAsync, encryptCrdtData, encryptPrivateKeyAsync, encryptSpaceKeyForRecipientAsync, encryptSpaceNameAsync, encryptString, encryptVaultKey, exportKeyPairAsync, exportPrivateKeyAsync, exportPublicKeyAsync, exportPublicKeyCoseAsync, exportUserKeypairAsync, generateCredentialId, generateIdentityAsync, generatePasskeyPairAsync, generateSpaceKey, generateUserKeypairAsync, generateVaultKey, getTableName, hexToBytes, importPrivateKeyAsync, importPrivateKeyForKeyAgreementAsync, importPublicKeyAsync, importPublicKeyForKeyAgreementAsync, importUserPrivateKeyAsync, importUserPublicKeyAsync, installBaseTag, installCookiePolyfill, installHistoryPolyfill, installLocalStoragePolyfill, installPolyfills, installSessionStoragePolyfill, isExternalClientConnected, isPermissionDeniedError, isPermissionError, isPermissionPromptError, publicKeyToDidKeyAsync, signClaimPresentationAsync, signRecordAsync, signSpaceChallengeAsync, signWithPasskeyAsync, sortObjectKeysRecursively, unwrapKey, verifyClaimPresentationAsync, verifyExtensionSignature, verifyRecordSignatureAsync, verifySpaceChallengeAsync, verifyWithPasskeyAsync, wrapKey };
 //# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map