@hashgraphonline/standards-sdk 0.1.180 → 0.1.182
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser/services/registry-broker/client/base-client.d.ts +8 -2
- package/dist/browser/services/registry-broker/client/base-client.d.ts.map +1 -1
- package/dist/browser/services/registry-broker/client/chat.d.ts +9 -3
- package/dist/browser/services/registry-broker/client/chat.d.ts.map +1 -1
- package/dist/browser/services/registry-broker/client/guard.d.ts.map +1 -1
- package/dist/browser/services/registry-broker/schemas.d.ts +471 -108
- package/dist/browser/services/registry-broker/schemas.d.ts.map +1 -1
- package/dist/browser/services/registry-broker/types.d.ts +25 -1
- package/dist/browser/services/registry-broker/types.d.ts.map +1 -1
- package/dist/browser/standards-sdk.browser.js +141 -3
- package/dist/browser/standards-sdk.browser.js.map +1 -1
- package/dist/browser-root/services/registry-broker/client/base-client.d.ts +8 -2
- package/dist/browser-root/services/registry-broker/client/base-client.d.ts.map +1 -1
- package/dist/browser-root/services/registry-broker/client/chat.d.ts +9 -3
- package/dist/browser-root/services/registry-broker/client/chat.d.ts.map +1 -1
- package/dist/browser-root/services/registry-broker/client/guard.d.ts.map +1 -1
- package/dist/browser-root/services/registry-broker/schemas.d.ts +471 -108
- package/dist/browser-root/services/registry-broker/schemas.d.ts.map +1 -1
- package/dist/browser-root/services/registry-broker/types.d.ts +25 -1
- package/dist/browser-root/services/registry-broker/types.d.ts.map +1 -1
- package/dist/browser-root/standards-sdk.root-browser.js +653 -110
- package/dist/browser-root/standards-sdk.root-browser.js.map +1 -1
- package/dist/cjs/services/registry-broker/client/base-client.d.ts +8 -2
- package/dist/cjs/services/registry-broker/client/base-client.d.ts.map +1 -1
- package/dist/cjs/services/registry-broker/client/chat.d.ts +9 -3
- package/dist/cjs/services/registry-broker/client/chat.d.ts.map +1 -1
- package/dist/cjs/services/registry-broker/client/guard.d.ts.map +1 -1
- package/dist/cjs/services/registry-broker/schemas.d.ts +587 -224
- package/dist/cjs/services/registry-broker/schemas.d.ts.map +1 -1
- package/dist/cjs/services/registry-broker/types.d.ts +25 -1
- package/dist/cjs/services/registry-broker/types.d.ts.map +1 -1
- package/dist/cjs/standards-sdk.cjs +1 -1
- package/dist/cjs/standards-sdk.cjs.map +1 -1
- package/dist/es/services/registry-broker/client/base-client.d.ts +8 -2
- package/dist/es/services/registry-broker/client/base-client.d.ts.map +1 -1
- package/dist/es/services/registry-broker/client/chat.d.ts +9 -3
- package/dist/es/services/registry-broker/client/chat.d.ts.map +1 -1
- package/dist/es/services/registry-broker/client/guard.d.ts.map +1 -1
- package/dist/es/services/registry-broker/schemas.d.ts +587 -224
- package/dist/es/services/registry-broker/schemas.d.ts.map +1 -1
- package/dist/es/services/registry-broker/types.d.ts +25 -1
- package/dist/es/services/registry-broker/types.d.ts.map +1 -1
- package/dist/es/standards-sdk.es.js +10 -7
- package/dist/es/standards-sdk.es.js.map +1 -1
- package/dist/es/standards-sdk.es104.js +1 -1
- package/dist/es/standards-sdk.es106.js +1 -1
- package/dist/es/standards-sdk.es108.js +1 -1
- package/dist/es/standards-sdk.es11.js +1 -1
- package/dist/es/standards-sdk.es110.js +1 -1
- package/dist/es/standards-sdk.es116.js +2 -2
- package/dist/es/standards-sdk.es12.js +1 -1
- package/dist/es/standards-sdk.es121.js +1 -1
- package/dist/es/standards-sdk.es127.js +2 -2
- package/dist/es/standards-sdk.es128.js +5 -5
- package/dist/es/standards-sdk.es138.js +1 -1
- package/dist/es/standards-sdk.es139.js +1 -1
- package/dist/es/standards-sdk.es140.js +5 -5
- package/dist/es/standards-sdk.es142.js +3 -3
- package/dist/es/standards-sdk.es143.js +1 -1
- package/dist/es/standards-sdk.es145.js +53 -15
- package/dist/es/standards-sdk.es145.js.map +1 -1
- package/dist/es/standards-sdk.es147.js +3 -3
- package/dist/es/standards-sdk.es148.js +4 -81
- package/dist/es/standards-sdk.es148.js.map +1 -1
- package/dist/es/standards-sdk.es149.js +71 -77
- package/dist/es/standards-sdk.es149.js.map +1 -1
- package/dist/es/standards-sdk.es150.js +80 -53
- package/dist/es/standards-sdk.es150.js.map +1 -1
- package/dist/es/standards-sdk.es151.js +53 -152
- package/dist/es/standards-sdk.es151.js.map +1 -1
- package/dist/es/standards-sdk.es152.js +159 -7
- package/dist/es/standards-sdk.es152.js.map +1 -1
- package/dist/es/standards-sdk.es153.js +7 -86
- package/dist/es/standards-sdk.es153.js.map +1 -1
- package/dist/es/standards-sdk.es154.js +64 -43
- package/dist/es/standards-sdk.es154.js.map +1 -1
- package/dist/es/standards-sdk.es155.js +65 -30
- package/dist/es/standards-sdk.es155.js.map +1 -1
- package/dist/es/standards-sdk.es156.js +30 -34
- package/dist/es/standards-sdk.es156.js.map +1 -1
- package/dist/es/standards-sdk.es157.js +34 -48
- package/dist/es/standards-sdk.es157.js.map +1 -1
- package/dist/es/standards-sdk.es158.js +48 -138
- package/dist/es/standards-sdk.es158.js.map +1 -1
- package/dist/es/standards-sdk.es159.js +133 -37
- package/dist/es/standards-sdk.es159.js.map +1 -1
- package/dist/es/standards-sdk.es16.js +2 -2
- package/dist/es/standards-sdk.es160.js +42 -2352
- package/dist/es/standards-sdk.es160.js.map +1 -1
- package/dist/es/standards-sdk.es161.js +2488 -12476
- package/dist/es/standards-sdk.es161.js.map +1 -1
- package/dist/es/standards-sdk.es162.js +12425 -615
- package/dist/es/standards-sdk.es162.js.map +1 -1
- package/dist/es/standards-sdk.es163.js +15 -54
- package/dist/es/standards-sdk.es163.js.map +1 -1
- package/dist/es/standards-sdk.es164.js +47 -102
- package/dist/es/standards-sdk.es164.js.map +1 -1
- package/dist/es/standards-sdk.es165.js +94 -64
- package/dist/es/standards-sdk.es165.js.map +1 -1
- package/dist/es/standards-sdk.es166.js +61 -180
- package/dist/es/standards-sdk.es166.js.map +1 -1
- package/dist/es/standards-sdk.es167.js +197 -14
- package/dist/es/standards-sdk.es167.js.map +1 -1
- package/dist/es/standards-sdk.es168.js +165 -66
- package/dist/es/standards-sdk.es168.js.map +1 -1
- package/dist/es/standards-sdk.es169.js +289 -139
- package/dist/es/standards-sdk.es169.js.map +1 -1
- package/dist/es/standards-sdk.es170.js +298 -274
- package/dist/es/standards-sdk.es170.js.map +1 -1
- package/dist/es/standards-sdk.es171.js +369 -262
- package/dist/es/standards-sdk.es171.js.map +1 -1
- package/dist/es/standards-sdk.es172.js +194 -316
- package/dist/es/standards-sdk.es172.js.map +1 -1
- package/dist/es/standards-sdk.es173.js +64 -319
- package/dist/es/standards-sdk.es173.js.map +1 -1
- package/dist/es/standards-sdk.es174.js +664 -68
- package/dist/es/standards-sdk.es174.js.map +1 -1
- package/dist/es/standards-sdk.es175.js +60 -126
- package/dist/es/standards-sdk.es175.js.map +1 -1
- package/dist/es/standards-sdk.es176.js +111 -303
- package/dist/es/standards-sdk.es176.js.map +1 -1
- package/dist/es/standards-sdk.es177.js +457 -222
- package/dist/es/standards-sdk.es177.js.map +1 -1
- package/dist/es/standards-sdk.es178.js +239 -176
- package/dist/es/standards-sdk.es178.js.map +1 -1
- package/dist/es/standards-sdk.es179.js +178 -101
- package/dist/es/standards-sdk.es179.js.map +1 -1
- package/dist/es/standards-sdk.es18.js +5 -5
- package/dist/es/standards-sdk.es180.js +75 -108
- package/dist/es/standards-sdk.es180.js.map +1 -1
- package/dist/es/standards-sdk.es181.js +116 -148
- package/dist/es/standards-sdk.es181.js.map +1 -1
- package/dist/es/standards-sdk.es182.js +143 -439
- package/dist/es/standards-sdk.es182.js.map +1 -1
- package/dist/es/standards-sdk.es183.js +661 -162
- package/dist/es/standards-sdk.es183.js.map +1 -1
- package/dist/es/standards-sdk.es184.js +156 -206
- package/dist/es/standards-sdk.es184.js.map +1 -1
- package/dist/es/standards-sdk.es185.js +219 -223
- package/dist/es/standards-sdk.es185.js.map +1 -1
- package/dist/es/standards-sdk.es186.js +242 -0
- package/dist/es/standards-sdk.es186.js.map +1 -0
- package/dist/es/standards-sdk.es19.js +3 -3
- package/dist/es/standards-sdk.es22.js +1 -1
- package/dist/es/standards-sdk.es27.js +5 -5
- package/dist/es/standards-sdk.es30.js +1 -1
- package/dist/es/standards-sdk.es31.js +1 -1
- package/dist/es/standards-sdk.es35.js +2 -2
- package/dist/es/standards-sdk.es36.js +3 -3
- package/dist/es/standards-sdk.es37.js +1 -1
- package/dist/es/standards-sdk.es4.js +1 -1
- package/dist/es/standards-sdk.es53.js +1 -1
- package/dist/es/standards-sdk.es56.js +1 -1
- package/dist/es/standards-sdk.es59.js +1 -1
- package/dist/es/standards-sdk.es60.js +1 -1
- package/dist/es/standards-sdk.es62.js +1 -1
- package/dist/es/standards-sdk.es63.js +2 -2
- package/dist/es/standards-sdk.es64.js +1 -1
- package/dist/es/standards-sdk.es65.js +1 -1
- package/dist/es/standards-sdk.es66.js +1 -1
- package/dist/es/standards-sdk.es67.js +3 -3
- package/dist/es/standards-sdk.es69.js +1 -1
- package/dist/es/standards-sdk.es7.js +1 -1
- package/dist/es/standards-sdk.es71.js +1 -1
- package/dist/es/standards-sdk.es72.js +2 -2
- package/dist/es/standards-sdk.es75.js +3 -3
- package/dist/es/standards-sdk.es76.js +1 -1
- package/dist/es/standards-sdk.es78.js +1 -1
- package/dist/es/standards-sdk.es83.js +1 -1
- package/dist/es/standards-sdk.es84.js +2 -2
- package/dist/es/standards-sdk.es85.js +1 -1
- package/dist/es/standards-sdk.es88.js +1 -1
- package/dist/es/standards-sdk.es90.js +1 -1
- package/dist/es/standards-sdk.es94.js +3 -3
- package/dist/es/standards-sdk.es98.js +1 -1
- package/dist/es/standards-sdk.es99.js +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"standards-sdk.es177.js","sources":["../../src/services/registry-broker/client/encrypted-chat-manager.ts"],"sourcesContent":["import type {\n AcceptEncryptedChatSessionOptions,\n ChatHistoryEntry,\n ChatHistoryFetchOptions,\n CipherEnvelopeRecipient,\n DecryptedHistoryEntry,\n EncryptedChatSessionHandle,\n EncryptionHandshakeRecord,\n RecipientIdentity,\n SessionEncryptionSummary,\n SharedSecretInput,\n StartEncryptedChatSessionOptions,\n} from '../types';\nimport type { RegistryBrokerClient } from './base-client';\n\ninterface EncryptedSessionContext {\n sessionId: string;\n sharedSecret: Uint8Array;\n summary: SessionEncryptionSummary;\n recipients: RecipientIdentity[];\n identity?: RecipientIdentity;\n}\n\ninterface ConversationContextInput {\n sessionId: string;\n sharedSecret: Uint8Array | Buffer;\n identity?: RecipientIdentity;\n}\n\nexport class EncryptionUnavailableError extends Error {\n constructor(\n readonly sessionId: string,\n readonly summary?: SessionEncryptionSummary | null,\n ) {\n super('Encryption is not enabled for this session');\n }\n}\n\nexport class EncryptedChatManager {\n constructor(private readonly client: RegistryBrokerClient) {}\n\n registerConversationContext(context: ConversationContextInput): void {\n this.client.registerConversationContextForEncryption(context);\n }\n\n async startSession(\n options: StartEncryptedChatSessionOptions,\n ): Promise<EncryptedChatSessionHandle> {\n await this.client.encryptionReady();\n const session = await this.client.chat.createSession({\n uaid: options.uaid,\n senderUaid: options.senderUaid,\n encryptionRequested: true,\n historyTtlSeconds: options.historyTtlSeconds,\n auth: options.auth,\n });\n options.onSessionCreated?.(session.sessionId);\n const summary = session.encryption;\n if (!summary?.enabled) {\n throw new EncryptionUnavailableError(\n session.sessionId,\n session.encryption ?? null,\n );\n }\n const handle = await this.establishRequesterContext({\n sessionId: session.sessionId,\n summary,\n senderUaid: options.senderUaid,\n handshakeTimeoutMs: options.handshakeTimeoutMs,\n pollIntervalMs: options.pollIntervalMs,\n });\n return handle;\n }\n\n async acceptSession(\n options: AcceptEncryptedChatSessionOptions,\n ): Promise<EncryptedChatSessionHandle> {\n await this.client.encryptionReady();\n const summary = await this.waitForEncryptionSummary(\n options.sessionId,\n options.handshakeTimeoutMs,\n options.pollIntervalMs,\n );\n const handle = await this.establishResponderContext({\n sessionId: options.sessionId,\n summary,\n responderUaid: options.responderUaid,\n handshakeTimeoutMs: options.handshakeTimeoutMs,\n pollIntervalMs: options.pollIntervalMs,\n });\n return handle;\n }\n\n private async establishRequesterContext(params: {\n sessionId: string;\n summary: SessionEncryptionSummary;\n senderUaid?: string;\n handshakeTimeoutMs?: number;\n pollIntervalMs?: number;\n }): Promise<EncryptedChatSessionHandle> {\n const keyPair = this.client.encryption.generateEphemeralKeyPair();\n await this.client.chat.submitEncryptionHandshake(params.sessionId, {\n role: 'requester',\n keyType: 'secp256k1',\n ephemeralPublicKey: keyPair.publicKey,\n uaid: params.senderUaid ?? params.summary.requester?.uaid ?? undefined,\n });\n const { summary, record } = await this.waitForHandshakeCompletion(\n params.sessionId,\n params.handshakeTimeoutMs,\n params.pollIntervalMs,\n );\n const responderKey = record.responder?.ephemeralPublicKey;\n if (!responderKey) {\n throw new Error('Responder handshake was not completed in time');\n }\n const sharedSecret = this.client.encryption\n .deriveSharedSecret({\n privateKey: keyPair.privateKey,\n peerPublicKey: responderKey,\n })\n .subarray();\n const recipients = this.buildRecipients(summary);\n return this.createHandle({\n sessionId: params.sessionId,\n sharedSecret,\n summary,\n recipients,\n identity: summary.requester ?? undefined,\n });\n }\n\n private async establishResponderContext(params: {\n sessionId: string;\n summary: SessionEncryptionSummary;\n responderUaid?: string;\n handshakeTimeoutMs?: number;\n pollIntervalMs?: number;\n }): Promise<EncryptedChatSessionHandle> {\n const keyPair = this.client.encryption.generateEphemeralKeyPair();\n await this.client.chat.submitEncryptionHandshake(params.sessionId, {\n role: 'responder',\n keyType: 'secp256k1',\n ephemeralPublicKey: keyPair.publicKey,\n uaid: params.responderUaid ?? params.summary.responder?.uaid ?? undefined,\n });\n const { summary, record } = await this.waitForHandshakeCompletion(\n params.sessionId,\n params.handshakeTimeoutMs,\n params.pollIntervalMs,\n );\n const requesterKey = record.requester?.ephemeralPublicKey;\n if (!requesterKey) {\n throw new Error('Requester handshake was not detected in time');\n }\n const sharedSecret = this.client.encryption\n .deriveSharedSecret({\n privateKey: keyPair.privateKey,\n peerPublicKey: requesterKey,\n })\n .subarray();\n const recipients = this.buildRecipients(summary);\n return this.createHandle({\n sessionId: params.sessionId,\n sharedSecret,\n summary,\n recipients,\n identity: summary.responder ?? undefined,\n });\n }\n\n private async waitForHandshakeCompletion(\n sessionId: string,\n timeoutMs = 30_000,\n pollIntervalMs = 1_000,\n ): Promise<{\n summary: SessionEncryptionSummary;\n record: EncryptionHandshakeRecord;\n }> {\n const deadline = Date.now() + timeoutMs;\n while (true) {\n const status = await this.client.chat.getEncryptionStatus(sessionId);\n const summary = status.encryption;\n const record = summary?.handshake;\n if (summary && record && record.status === 'complete') {\n return { summary, record };\n }\n if (Date.now() >= deadline) {\n throw new Error('Timed out waiting for encrypted handshake completion');\n }\n await this.delay(pollIntervalMs);\n }\n }\n\n private async waitForEncryptionSummary(\n sessionId: string,\n _timeoutMs = 30_000,\n _pollIntervalMs = 1_000,\n ): Promise<SessionEncryptionSummary> {\n const status = await this.client.chat.getEncryptionStatus(sessionId);\n if (!status.encryption?.enabled) {\n throw new EncryptionUnavailableError(\n sessionId,\n status.encryption ?? null,\n );\n }\n return status.encryption;\n }\n\n private buildRecipients(\n summary: SessionEncryptionSummary,\n ): RecipientIdentity[] {\n const candidates = [summary.requester, summary.responder].filter(Boolean);\n const normalized = candidates\n .map(candidate => {\n if (!candidate) {\n return null;\n }\n const recipient: RecipientIdentity = {};\n if (candidate.uaid) {\n recipient.uaid = candidate.uaid;\n }\n if (candidate.ledgerAccountId) {\n recipient.ledgerAccountId = candidate.ledgerAccountId;\n }\n if (candidate.userId) {\n recipient.userId = candidate.userId;\n }\n if (candidate.email) {\n recipient.email = candidate.email;\n }\n return recipient;\n })\n .filter((entry): entry is RecipientIdentity =>\n Boolean(\n entry?.uaid ||\n entry?.ledgerAccountId ||\n entry?.userId ||\n entry?.email,\n ),\n );\n if (normalized.length > 0) {\n return normalized;\n }\n if (summary.responder?.uaid) {\n return [{ uaid: summary.responder.uaid }];\n }\n return [];\n }\n\n private createHandle(\n context: EncryptedSessionContext,\n ): EncryptedChatSessionHandle {\n const sharedSecret = context.sharedSecret;\n const uaid =\n context.summary.requester?.uaid ??\n context.summary.responder?.uaid ??\n context.identity?.uaid;\n const decryptHistoryEntry = (entry: ChatHistoryEntry): string | null =>\n this.decryptEntry(entry, context.identity, sharedSecret);\n const fetchHistory = async (\n options?: ChatHistoryFetchOptions,\n ): Promise<DecryptedHistoryEntry[]> => {\n const snapshot = await this.client.fetchHistorySnapshot(\n context.sessionId,\n options,\n );\n if (snapshot.decryptedHistory) {\n return snapshot.decryptedHistory;\n }\n return snapshot.history.map(entry => ({\n entry,\n plaintext: decryptHistoryEntry(entry),\n }));\n };\n const handle: EncryptedChatSessionHandle = {\n sessionId: context.sessionId,\n mode: 'encrypted',\n summary: context.summary,\n send: async options => {\n const recipients = options.recipients ?? context.recipients;\n return this.client.chat.sendMessage({\n sessionId: context.sessionId,\n message: options.message ?? '[ciphertext omitted]',\n streaming: options.streaming,\n auth: options.auth,\n uaid,\n encryption: {\n plaintext: options.plaintext,\n sharedSecret: Buffer.from(sharedSecret),\n recipients,\n },\n });\n },\n decryptHistoryEntry,\n fetchHistory,\n };\n this.registerConversationContext({\n sessionId: context.sessionId,\n sharedSecret,\n identity: context.identity,\n });\n return handle;\n }\n\n private decryptEntry(\n entry: ChatHistoryEntry,\n identity: RecipientIdentity | undefined,\n fallbackSecret: Uint8Array,\n ): string | null {\n const envelope = entry.cipherEnvelope;\n if (!envelope) {\n return null;\n }\n const secret: SharedSecretInput = Buffer.from(fallbackSecret);\n try {\n return this.client.encryption.decryptCipherEnvelope({\n envelope,\n sharedSecret: secret,\n });\n } catch (_error) {\n return null;\n }\n }\n\n private recipientMatches(\n candidate: CipherEnvelopeRecipient,\n target: RecipientIdentity,\n ): boolean {\n if (\n target.uaid &&\n candidate.uaid?.toLowerCase() === target.uaid.toLowerCase()\n ) {\n return true;\n }\n if (\n target.ledgerAccountId &&\n candidate.ledgerAccountId?.toLowerCase() ===\n target.ledgerAccountId.toLowerCase()\n ) {\n return true;\n }\n if (target.userId && candidate.userId === target.userId) {\n return true;\n }\n if (\n target.email &&\n candidate.email?.toLowerCase() === target.email.toLowerCase()\n ) {\n return true;\n }\n return false;\n }\n\n private async delay(ms: number): Promise<void> {\n if (ms <= 0) {\n return;\n }\n await new Promise(resolve => setTimeout(resolve, ms));\n }\n}\n"],"names":[],"mappings":"AA6BO,MAAM,mCAAmC,MAAM;AAAA,EACpD,YACW,WACA,SACT;AACA,UAAM,4CAA4C;AAHzC,SAAA,YAAA;AACA,SAAA,UAAA;AAAA,EAGX;AACF;AAEO,MAAM,qBAAqB;AAAA,EAChC,YAA6B,QAA8B;AAA9B,SAAA,SAAA;AAAA,EAA+B;AAAA,EAE5D,4BAA4B,SAAyC;AACnE,SAAK,OAAO,yCAAyC,OAAO;AAAA,EAC9D;AAAA,EAEA,MAAM,aACJ,SACqC;AACrC,UAAM,KAAK,OAAO,gBAAA;AAClB,UAAM,UAAU,MAAM,KAAK,OAAO,KAAK,cAAc;AAAA,MACnD,MAAM,QAAQ;AAAA,MACd,YAAY,QAAQ;AAAA,MACpB,qBAAqB;AAAA,MACrB,mBAAmB,QAAQ;AAAA,MAC3B,MAAM,QAAQ;AAAA,IAAA,CACf;AACD,YAAQ,mBAAmB,QAAQ,SAAS;AAC5C,UAAM,UAAU,QAAQ;AACxB,QAAI,CAAC,SAAS,SAAS;AACrB,YAAM,IAAI;AAAA,QACR,QAAQ;AAAA,QACR,QAAQ,cAAc;AAAA,MAAA;AAAA,IAE1B;AACA,UAAM,SAAS,MAAM,KAAK,0BAA0B;AAAA,MAClD,WAAW,QAAQ;AAAA,MACnB;AAAA,MACA,YAAY,QAAQ;AAAA,MACpB,oBAAoB,QAAQ;AAAA,MAC5B,gBAAgB,QAAQ;AAAA,IAAA,CACzB;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,cACJ,SACqC;AACrC,UAAM,KAAK,OAAO,gBAAA;AAClB,UAAM,UAAU,MAAM,KAAK;AAAA,MACzB,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR,QAAQ;AAAA,IAAA;AAEV,UAAM,SAAS,MAAM,KAAK,0BAA0B;AAAA,MAClD,WAAW,QAAQ;AAAA,MACnB;AAAA,MACA,eAAe,QAAQ;AAAA,MACvB,oBAAoB,QAAQ;AAAA,MAC5B,gBAAgB,QAAQ;AAAA,IAAA,CACzB;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,0BAA0B,QAMA;AACtC,UAAM,UAAU,KAAK,OAAO,WAAW,yBAAA;AACvC,UAAM,KAAK,OAAO,KAAK,0BAA0B,OAAO,WAAW;AAAA,MACjE,MAAM;AAAA,MACN,SAAS;AAAA,MACT,oBAAoB,QAAQ;AAAA,MAC5B,MAAM,OAAO,cAAc,OAAO,QAAQ,WAAW,QAAQ;AAAA,IAAA,CAC9D;AACD,UAAM,EAAE,SAAS,WAAW,MAAM,KAAK;AAAA,MACrC,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,UAAM,eAAe,OAAO,WAAW;AACvC,QAAI,CAAC,cAAc;AACjB,YAAM,IAAI,MAAM,+CAA+C;AAAA,IACjE;AACA,UAAM,eAAe,KAAK,OAAO,WAC9B,mBAAmB;AAAA,MAClB,YAAY,QAAQ;AAAA,MACpB,eAAe;AAAA,IAAA,CAChB,EACA,SAAA;AACH,UAAM,aAAa,KAAK,gBAAgB,OAAO;AAC/C,WAAO,KAAK,aAAa;AAAA,MACvB,WAAW,OAAO;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA,MACA,UAAU,QAAQ,aAAa;AAAA,IAAA,CAChC;AAAA,EACH;AAAA,EAEA,MAAc,0BAA0B,QAMA;AACtC,UAAM,UAAU,KAAK,OAAO,WAAW,yBAAA;AACvC,UAAM,KAAK,OAAO,KAAK,0BAA0B,OAAO,WAAW;AAAA,MACjE,MAAM;AAAA,MACN,SAAS;AAAA,MACT,oBAAoB,QAAQ;AAAA,MAC5B,MAAM,OAAO,iBAAiB,OAAO,QAAQ,WAAW,QAAQ;AAAA,IAAA,CACjE;AACD,UAAM,EAAE,SAAS,WAAW,MAAM,KAAK;AAAA,MACrC,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,UAAM,eAAe,OAAO,WAAW;AACvC,QAAI,CAAC,cAAc;AACjB,YAAM,IAAI,MAAM,8CAA8C;AAAA,IAChE;AACA,UAAM,eAAe,KAAK,OAAO,WAC9B,mBAAmB;AAAA,MAClB,YAAY,QAAQ;AAAA,MACpB,eAAe;AAAA,IAAA,CAChB,EACA,SAAA;AACH,UAAM,aAAa,KAAK,gBAAgB,OAAO;AAC/C,WAAO,KAAK,aAAa;AAAA,MACvB,WAAW,OAAO;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA,MACA,UAAU,QAAQ,aAAa;AAAA,IAAA,CAChC;AAAA,EACH;AAAA,EAEA,MAAc,2BACZ,WACA,YAAY,KACZ,iBAAiB,KAIhB;AACD,UAAM,WAAW,KAAK,IAAA,IAAQ;AAC9B,WAAO,MAAM;AACX,YAAM,SAAS,MAAM,KAAK,OAAO,KAAK,oBAAoB,SAAS;AACnE,YAAM,UAAU,OAAO;AACvB,YAAM,SAAS,SAAS;AACxB,UAAI,WAAW,UAAU,OAAO,WAAW,YAAY;AACrD,eAAO,EAAE,SAAS,OAAA;AAAA,MACpB;AACA,UAAI,KAAK,IAAA,KAAS,UAAU;AAC1B,cAAM,IAAI,MAAM,sDAAsD;AAAA,MACxE;AACA,YAAM,KAAK,MAAM,cAAc;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,MAAc,yBACZ,WACA,aAAa,KACb,kBAAkB,KACiB;AACnC,UAAM,SAAS,MAAM,KAAK,OAAO,KAAK,oBAAoB,SAAS;AACnE,QAAI,CAAC,OAAO,YAAY,SAAS;AAC/B,YAAM,IAAI;AAAA,QACR;AAAA,QACA,OAAO,cAAc;AAAA,MAAA;AAAA,IAEzB;AACA,WAAO,OAAO;AAAA,EAChB;AAAA,EAEQ,gBACN,SACqB;AACrB,UAAM,aAAa,CAAC,QAAQ,WAAW,QAAQ,SAAS,EAAE,OAAO,OAAO;AACxE,UAAM,aAAa,WAChB,IAAI,CAAA,cAAa;AAChB,UAAI,CAAC,WAAW;AACd,eAAO;AAAA,MACT;AACA,YAAM,YAA+B,CAAA;AACrC,UAAI,UAAU,MAAM;AAClB,kBAAU,OAAO,UAAU;AAAA,MAC7B;AACA,UAAI,UAAU,iBAAiB;AAC7B,kBAAU,kBAAkB,UAAU;AAAA,MACxC;AACA,UAAI,UAAU,QAAQ;AACpB,kBAAU,SAAS,UAAU;AAAA,MAC/B;AACA,UAAI,UAAU,OAAO;AACnB,kBAAU,QAAQ,UAAU;AAAA,MAC9B;AACA,aAAO;AAAA,IACT,CAAC,EACA;AAAA,MAAO,CAAC,UACP;AAAA,QACE,OAAO,QACL,OAAO,mBACP,OAAO,UACP,OAAO;AAAA,MAAA;AAAA,IACX;AAEJ,QAAI,WAAW,SAAS,GAAG;AACzB,aAAO;AAAA,IACT;AACA,QAAI,QAAQ,WAAW,MAAM;AAC3B,aAAO,CAAC,EAAE,MAAM,QAAQ,UAAU,MAAM;AAAA,IAC1C;AACA,WAAO,CAAA;AAAA,EACT;AAAA,EAEQ,aACN,SAC4B;AAC5B,UAAM,eAAe,QAAQ;AAC7B,UAAM,OACJ,QAAQ,QAAQ,WAAW,QAC3B,QAAQ,QAAQ,WAAW,QAC3B,QAAQ,UAAU;AACpB,UAAM,sBAAsB,CAAC,UAC3B,KAAK,aAAa,OAAO,QAAQ,UAAU,YAAY;AACzD,UAAM,eAAe,OACnB,YACqC;AACrC,YAAM,WAAW,MAAM,KAAK,OAAO;AAAA,QACjC,QAAQ;AAAA,QACR;AAAA,MAAA;AAEF,UAAI,SAAS,kBAAkB;AAC7B,eAAO,SAAS;AAAA,MAClB;AACA,aAAO,SAAS,QAAQ,IAAI,CAAA,WAAU;AAAA,QACpC;AAAA,QACA,WAAW,oBAAoB,KAAK;AAAA,MAAA,EACpC;AAAA,IACJ;AACA,UAAM,SAAqC;AAAA,MACzC,WAAW,QAAQ;AAAA,MACnB,MAAM;AAAA,MACN,SAAS,QAAQ;AAAA,MACjB,MAAM,OAAM,YAAW;AACrB,cAAM,aAAa,QAAQ,cAAc,QAAQ;AACjD,eAAO,KAAK,OAAO,KAAK,YAAY;AAAA,UAClC,WAAW,QAAQ;AAAA,UACnB,SAAS,QAAQ,WAAW;AAAA,UAC5B,WAAW,QAAQ;AAAA,UACnB,MAAM,QAAQ;AAAA,UACd;AAAA,UACA,YAAY;AAAA,YACV,WAAW,QAAQ;AAAA,YACnB,cAAc,OAAO,KAAK,YAAY;AAAA,YACtC;AAAA,UAAA;AAAA,QACF,CACD;AAAA,MACH;AAAA,MACA;AAAA,MACA;AAAA,IAAA;AAEF,SAAK,4BAA4B;AAAA,MAC/B,WAAW,QAAQ;AAAA,MACnB;AAAA,MACA,UAAU,QAAQ;AAAA,IAAA,CACnB;AACD,WAAO;AAAA,EACT;AAAA,EAEQ,aACN,OACA,UACA,gBACe;AACf,UAAM,WAAW,MAAM;AACvB,QAAI,CAAC,UAAU;AACb,aAAO;AAAA,IACT;AACA,UAAM,SAA4B,OAAO,KAAK,cAAc;AAC5D,QAAI;AACF,aAAO,KAAK,OAAO,WAAW,sBAAsB;AAAA,QAClD;AAAA,QACA,cAAc;AAAA,MAAA,CACf;AAAA,IACH,SAAS,QAAQ;AACf,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEQ,iBACN,WACA,QACS;AACT,QACE,OAAO,QACP,UAAU,MAAM,kBAAkB,OAAO,KAAK,eAC9C;AACA,aAAO;AAAA,IACT;AACA,QACE,OAAO,mBACP,UAAU,iBAAiB,kBACzB,OAAO,gBAAgB,eACzB;AACA,aAAO;AAAA,IACT;AACA,QAAI,OAAO,UAAU,UAAU,WAAW,OAAO,QAAQ;AACvD,aAAO;AAAA,IACT;AACA,QACE,OAAO,SACP,UAAU,OAAO,kBAAkB,OAAO,MAAM,eAChD;AACA,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,MAAM,IAA2B;AAC7C,QAAI,MAAM,GAAG;AACX;AAAA,IACF;AACA,UAAM,IAAI,QAAQ,CAAA,YAAW,WAAW,SAAS,EAAE,CAAC;AAAA,EACtD;AACF;"}
|
|
1
|
+
{"version":3,"file":"standards-sdk.es177.js","sources":["../../src/services/registry-broker/client/chat.ts"],"sourcesContent":["import type {\n AcceptConversationOptions,\n AcceptEncryptedChatSessionOptions,\n AgentAuthConfig,\n ChatConversationHandle,\n DecryptedHistoryEntry,\n ChatHistoryCompactionResponse,\n ChatHistoryFetchOptions,\n ChatHistorySnapshotWithDecryptedEntries,\n ChatReadinessRequestPayload,\n ChatReadinessResponse,\n ChatRetryRequestPayload,\n ChatRetryResponse,\n ChatSessionEndResponse,\n CompactHistoryRequestPayload,\n CreateSessionRequestPayload,\n CreateSessionResponse,\n EncryptionHandshakeRecord,\n EncryptionHandshakeSubmissionPayload,\n EncryptedChatSessionHandle,\n JsonObject,\n JsonValue,\n SendMessageRequestPayload,\n SendMessageResponse,\n SessionEncryptionStatusResponse,\n SessionEncryptionSummary,\n StartChatOptions,\n StartConversationOptions,\n StartEncryptedChatSessionOptions,\n} from '../types';\nimport {\n chatHistoryCompactionResponseSchema,\n chatReadinessResponseSchema,\n chatSessionEndResponseSchema,\n createSessionResponseSchema,\n encryptionHandshakeResponseSchema,\n sendMessageResponseSchema,\n sessionEncryptionStatusResponseSchema,\n} from '../schemas';\nimport type { RegistryBrokerClient } from './base-client';\nimport { serialiseAuthConfig, toJsonObject } from './utils';\nimport {\n EncryptedChatManager,\n EncryptionUnavailableError,\n} from './encrypted-chat-manager';\n\nexport interface RegistryBrokerChatApi {\n start: (options: StartChatOptions) => Promise<ChatConversationHandle>;\n readiness: (\n payload: ChatReadinessRequestPayload,\n ) => Promise<ChatReadinessResponse>;\n createSession: (\n payload: CreateSessionRequestPayload,\n ) => Promise<CreateSessionResponse>;\n sendMessage: (\n payload: SendMessageRequestPayload,\n ) => Promise<SendMessageResponse>;\n retryMessage: (\n messageId: string,\n payload: ChatRetryRequestPayload,\n ) => Promise<ChatRetryResponse>;\n cancelSession: (sessionId: string) => Promise<ChatSessionEndResponse>;\n endSession: (sessionId: string) => Promise<ChatSessionEndResponse>;\n getHistory: (\n sessionId: string,\n options?: ChatHistoryFetchOptions,\n ) => Promise<ChatHistorySnapshotWithDecryptedEntries>;\n compactHistory: (\n payload: CompactHistoryRequestPayload,\n ) => Promise<ChatHistoryCompactionResponse>;\n getEncryptionStatus: (\n sessionId: string,\n ) => Promise<SessionEncryptionStatusResponse>;\n submitEncryptionHandshake: (\n sessionId: string,\n payload: EncryptionHandshakeSubmissionPayload,\n ) => Promise<EncryptionHandshakeRecord>;\n createEncryptedSession: (\n options: StartEncryptedChatSessionOptions,\n ) => Promise<EncryptedChatSessionHandle>;\n acceptEncryptedSession: (\n options: AcceptEncryptedChatSessionOptions,\n ) => Promise<EncryptedChatSessionHandle>;\n startConversation: (\n options: StartConversationOptions,\n ) => Promise<ChatConversationHandle>;\n acceptConversation: (\n options: AcceptConversationOptions,\n ) => Promise<ChatConversationHandle>;\n}\n\nexport function createChatApi(\n client: RegistryBrokerClient,\n encryptedManager: EncryptedChatManager,\n): RegistryBrokerChatApi {\n return {\n start: (options: StartChatOptions) => client.startChat(options),\n readiness: (payload: ChatReadinessRequestPayload) =>\n client.checkChatReadiness(payload),\n createSession: (payload: CreateSessionRequestPayload) =>\n client.createSession(payload),\n sendMessage: (payload: SendMessageRequestPayload) =>\n client.sendMessage(payload),\n retryMessage: (messageId: string, payload: ChatRetryRequestPayload) =>\n client.retryMessage(messageId, payload),\n cancelSession: (sessionId: string) => client.cancelSession(sessionId),\n endSession: (sessionId: string) => client.endSession(sessionId),\n getHistory: (sessionId: string, options?: ChatHistoryFetchOptions) =>\n client.fetchHistorySnapshot(sessionId, options),\n compactHistory: (payload: CompactHistoryRequestPayload) =>\n client.compactHistory(payload),\n getEncryptionStatus: (sessionId: string) =>\n client.fetchEncryptionStatus(sessionId),\n submitEncryptionHandshake: (\n sessionId: string,\n payload: EncryptionHandshakeSubmissionPayload,\n ) => client.postEncryptionHandshake(sessionId, payload),\n startConversation: (options: StartConversationOptions) =>\n client.startConversation(options),\n acceptConversation: (options: AcceptConversationOptions) =>\n client.acceptConversation(options),\n createEncryptedSession: (options: StartEncryptedChatSessionOptions) =>\n encryptedManager.startSession(options),\n acceptEncryptedSession: (options: AcceptEncryptedChatSessionOptions) =>\n encryptedManager.acceptSession(options),\n };\n}\n\nexport async function checkChatReadiness(\n client: RegistryBrokerClient,\n payload: ChatReadinessRequestPayload,\n): Promise<ChatReadinessResponse> {\n const body: JsonObject = {};\n const uaid = 'uaid' in payload ? payload.uaid?.trim() : undefined;\n const agentUrl = 'agentUrl' in payload ? payload.agentUrl?.trim() : undefined;\n if (!uaid && !agentUrl) {\n throw new Error('uaid or agentUrl is required to check chat readiness');\n }\n if (uaid) {\n body.uaid = uaid;\n }\n if (agentUrl) {\n body.agentUrl = agentUrl;\n }\n const raw = await client.requestJson<JsonValue>('/chat/readiness', {\n method: 'POST',\n body,\n headers: { 'content-type': 'application/json' },\n });\n return client.parseWithSchema(\n raw,\n chatReadinessResponseSchema,\n 'chat readiness response',\n );\n}\n\nexport async function createSession(\n client: RegistryBrokerClient,\n payload: CreateSessionRequestPayload,\n allowHistoryAutoTopUp = true,\n): Promise<CreateSessionResponse> {\n const body: JsonObject = {};\n if ('uaid' in payload && payload.uaid) {\n body.uaid = payload.uaid;\n }\n if ('agentUrl' in payload && payload.agentUrl) {\n body.agentUrl = payload.agentUrl;\n }\n if (payload.auth) {\n body.auth = serialiseAuthConfig(payload.auth);\n }\n if (payload.historyTtlSeconds !== undefined) {\n body.historyTtlSeconds = payload.historyTtlSeconds;\n }\n if (payload.encryptionRequested !== undefined) {\n body.encryptionRequested = payload.encryptionRequested;\n }\n if (payload.senderUaid) {\n body.senderUaid = payload.senderUaid;\n }\n if (payload.visibility) {\n body.visibility = payload.visibility;\n }\n try {\n const raw = await client.requestJson<JsonValue>('/chat/session', {\n method: 'POST',\n body,\n headers: { 'content-type': 'application/json' },\n });\n return client.parseWithSchema(\n raw,\n createSessionResponseSchema,\n 'chat session response',\n );\n } catch (error) {\n const maybeError = error instanceof Error ? error : null;\n if (\n allowHistoryAutoTopUp &&\n client.shouldAutoTopUpHistory(payload, maybeError)\n ) {\n await client.executeHistoryAutoTopUp('chat.session');\n return createSession(client, payload, false);\n }\n throw error;\n }\n}\n\nexport async function startChat(\n client: RegistryBrokerClient,\n encryptedManager: EncryptedChatManager,\n options: StartChatOptions,\n): Promise<ChatConversationHandle> {\n if ('uaid' in options && options.uaid) {\n return startConversation(client, encryptedManager, {\n uaid: options.uaid,\n senderUaid: options.senderUaid,\n historyTtlSeconds: options.historyTtlSeconds,\n auth: options.auth,\n encryption: options.encryption,\n onSessionCreated: options.onSessionCreated,\n });\n }\n if ('agentUrl' in options && options.agentUrl) {\n const session = await createSession(client, {\n agentUrl: options.agentUrl,\n auth: options.auth,\n historyTtlSeconds: options.historyTtlSeconds,\n senderUaid: options.senderUaid,\n });\n options.onSessionCreated?.(session.sessionId);\n return createPlaintextConversationHandle(\n client,\n session.sessionId,\n session.encryption ?? null,\n options.auth,\n { agentUrl: options.agentUrl, uaid: options.uaid },\n );\n }\n throw new Error('startChat requires either uaid or agentUrl');\n}\n\nexport async function startConversation(\n client: RegistryBrokerClient,\n encryptedManager: EncryptedChatManager,\n options: StartConversationOptions,\n): Promise<ChatConversationHandle> {\n const preference = options.encryption?.preference ?? 'preferred';\n const requestEncryption = preference !== 'disabled';\n if (!requestEncryption) {\n const session = await createSession(client, {\n uaid: options.uaid,\n auth: options.auth,\n historyTtlSeconds: options.historyTtlSeconds,\n senderUaid: options.senderUaid,\n encryptionRequested: false,\n });\n options.onSessionCreated?.(session.sessionId);\n return createPlaintextConversationHandle(\n client,\n session.sessionId,\n session.encryption ?? null,\n options.auth,\n { uaid: options.uaid },\n );\n }\n try {\n const handle = await encryptedManager.startSession({\n uaid: options.uaid,\n senderUaid: options.senderUaid,\n historyTtlSeconds: options.historyTtlSeconds,\n handshakeTimeoutMs: options.encryption?.handshakeTimeoutMs,\n pollIntervalMs: options.encryption?.pollIntervalMs,\n onSessionCreated: sessionId => {\n options.onSessionCreated?.(sessionId);\n },\n auth: options.auth,\n });\n return handle;\n } catch (error) {\n if (error instanceof EncryptionUnavailableError) {\n if (preference === 'required') {\n throw error;\n }\n return createPlaintextConversationHandle(\n client,\n error.sessionId,\n error.summary ?? null,\n options.auth,\n { uaid: options.uaid },\n );\n }\n throw error;\n }\n}\n\nexport async function acceptConversation(\n client: RegistryBrokerClient,\n encryptedManager: EncryptedChatManager,\n options: AcceptConversationOptions,\n): Promise<ChatConversationHandle> {\n const preference = options.encryption?.preference ?? 'preferred';\n if (preference === 'disabled') {\n return createPlaintextConversationHandle(client, options.sessionId, null);\n }\n try {\n const handle = await encryptedManager.acceptSession({\n sessionId: options.sessionId,\n responderUaid: options.responderUaid,\n handshakeTimeoutMs: options.encryption?.handshakeTimeoutMs,\n pollIntervalMs: options.encryption?.pollIntervalMs,\n });\n return handle;\n } catch (error) {\n if (\n error instanceof EncryptionUnavailableError &&\n preference !== 'required'\n ) {\n return createPlaintextConversationHandle(\n client,\n options.sessionId,\n null,\n undefined,\n { uaid: options.responderUaid },\n );\n }\n throw error;\n }\n}\n\nexport function createPlaintextConversationHandle(\n client: RegistryBrokerClient,\n sessionId: string,\n summary: SessionEncryptionSummary | null,\n defaultAuth?: AgentAuthConfig,\n context?: { uaid?: string; agentUrl?: string },\n): ChatConversationHandle {\n const uaid = context?.uaid?.trim();\n const agentUrl = context?.agentUrl?.trim();\n const fetchHistory = async (\n options?: ChatHistoryFetchOptions,\n ): Promise<DecryptedHistoryEntry[]> => {\n const snapshot = await client.fetchHistorySnapshot(sessionId, options);\n if (snapshot.decryptedHistory) {\n return snapshot.decryptedHistory;\n }\n return snapshot.history.map(entry => ({\n entry,\n plaintext: entry.content,\n }));\n };\n return {\n sessionId,\n mode: 'plaintext',\n summary: summary ?? null,\n send: async options => {\n const plaintext = options.plaintext;\n if (!plaintext || plaintext.trim().length === 0) {\n throw new Error('plaintext is required for chat messages');\n }\n const message = options.message ?? plaintext;\n return sendMessage(client, {\n sessionId,\n message,\n streaming: options.streaming,\n auth: options.auth ?? defaultAuth,\n uaid,\n agentUrl,\n });\n },\n decryptHistoryEntry: entry => entry.content,\n fetchHistory,\n };\n}\n\nexport async function compactHistory(\n client: RegistryBrokerClient,\n payload: CompactHistoryRequestPayload,\n): Promise<ChatHistoryCompactionResponse> {\n if (!payload.sessionId || payload.sessionId.trim().length === 0) {\n throw new Error('sessionId is required to compact chat history');\n }\n const body: JsonObject = {};\n if (\n typeof payload.preserveEntries === 'number' &&\n Number.isFinite(payload.preserveEntries) &&\n payload.preserveEntries >= 0\n ) {\n body.preserveEntries = Math.floor(payload.preserveEntries);\n }\n const raw = await client.requestJson<JsonValue>(\n `/chat/session/${encodeURIComponent(payload.sessionId)}/compact`,\n {\n method: 'POST',\n headers: { 'content-type': 'application/json' },\n body,\n },\n );\n return client.parseWithSchema(\n raw,\n chatHistoryCompactionResponseSchema,\n 'chat history compaction response',\n );\n}\n\nexport async function fetchEncryptionStatus(\n client: RegistryBrokerClient,\n sessionId: string,\n): Promise<SessionEncryptionStatusResponse> {\n if (!sessionId || sessionId.trim().length === 0) {\n throw new Error('sessionId is required for encryption status');\n }\n const raw = await client.requestJson<JsonValue>(\n `/chat/session/${encodeURIComponent(sessionId)}/encryption`,\n {\n method: 'GET',\n },\n );\n return client.parseWithSchema(\n raw,\n sessionEncryptionStatusResponseSchema,\n 'session encryption status response',\n );\n}\n\nexport async function postEncryptionHandshake(\n client: RegistryBrokerClient,\n sessionId: string,\n payload: EncryptionHandshakeSubmissionPayload,\n): Promise<EncryptionHandshakeRecord> {\n if (!sessionId || sessionId.trim().length === 0) {\n throw new Error('sessionId is required for encryption handshake');\n }\n const raw = await client.requestJson<JsonValue>(\n `/chat/session/${encodeURIComponent(sessionId)}/encryption-handshake`,\n {\n method: 'POST',\n headers: { 'content-type': 'application/json' },\n body: {\n role: payload.role,\n keyType: payload.keyType,\n ephemeralPublicKey: payload.ephemeralPublicKey,\n longTermPublicKey: payload.longTermPublicKey,\n signature: payload.signature,\n uaid: payload.uaid,\n userId: payload.userId,\n ledgerAccountId: payload.ledgerAccountId,\n metadata: payload.metadata,\n },\n },\n );\n const response = client.parseWithSchema(\n raw,\n encryptionHandshakeResponseSchema,\n 'encryption handshake response',\n );\n return response.handshake;\n}\n\nexport async function sendMessage(\n client: RegistryBrokerClient,\n payload: SendMessageRequestPayload,\n): Promise<SendMessageResponse> {\n const body: JsonObject = {\n message: payload.message,\n };\n if (payload.streaming !== undefined) {\n body.streaming = payload.streaming;\n }\n if (payload.idempotencyKey) {\n body.idempotencyKey = payload.idempotencyKey;\n }\n if (payload.senderUaid) {\n body.senderUaid = payload.senderUaid;\n }\n if (payload.transport) {\n body.transport = payload.transport;\n }\n if (payload.auth) {\n body.auth = serialiseAuthConfig(payload.auth);\n }\n if ('uaid' in payload) {\n body.uaid = payload.uaid;\n }\n if ('sessionId' in payload && payload.sessionId) {\n body.sessionId = payload.sessionId;\n }\n if ('agentUrl' in payload && payload.agentUrl) {\n body.agentUrl = payload.agentUrl;\n }\n let cipherEnvelope = payload.cipherEnvelope ?? null;\n if (payload.encryption) {\n const sessionIdForEncryption =\n payload.encryption.sessionId ??\n (typeof body.sessionId === 'string' ? body.sessionId : undefined);\n if (!sessionIdForEncryption) {\n throw new Error(\n 'sessionId is required when using encrypted chat payloads',\n );\n }\n if (!payload.encryption.recipients?.length) {\n throw new Error('recipients are required for encrypted chat payloads');\n }\n cipherEnvelope = client.encryption.encryptCipherEnvelope({\n ...payload.encryption,\n sessionId: sessionIdForEncryption,\n });\n }\n if (cipherEnvelope) {\n body.cipherEnvelope = toJsonObject(cipherEnvelope);\n }\n const raw = await client.requestJson<JsonValue>('/chat/message', {\n method: 'POST',\n body,\n headers: { 'content-type': 'application/json' },\n });\n return client.parseWithSchema(\n raw,\n sendMessageResponseSchema,\n 'chat message response',\n );\n}\n\nexport async function endSession(\n client: RegistryBrokerClient,\n sessionId: string,\n): Promise<ChatSessionEndResponse> {\n const normalizedSessionId = sessionId?.trim();\n if (!normalizedSessionId) {\n throw new Error('sessionId is required to end a chat session');\n }\n const response = await client.request(\n `/chat/session/${encodeURIComponent(normalizedSessionId)}`,\n { method: 'DELETE' },\n );\n if (response.status === 204) {\n return {\n message: 'Session ended',\n sessionId: normalizedSessionId,\n state: 'ended',\n };\n }\n const contentType = response.headers?.get('content-type') ?? '';\n if (!contentType.toLowerCase().includes('json')) {\n await response.text();\n return {\n message: 'Session ended',\n sessionId: normalizedSessionId,\n state: 'ended',\n };\n }\n const responseBody = await response.text();\n if (responseBody.trim().length === 0) {\n return {\n message: 'Session ended',\n sessionId: normalizedSessionId,\n state: 'ended',\n };\n }\n const raw = JSON.parse(responseBody) as JsonValue;\n return client.parseWithSchema(\n raw,\n chatSessionEndResponseSchema,\n 'chat session end response',\n );\n}\n\nexport async function cancelSession(\n client: RegistryBrokerClient,\n sessionId: string,\n): Promise<ChatSessionEndResponse> {\n const normalizedSessionId = sessionId?.trim();\n if (!normalizedSessionId) {\n throw new Error('sessionId is required to cancel a chat session');\n }\n const raw = await client.requestJson<JsonValue>(\n `/chat/session/${encodeURIComponent(normalizedSessionId)}/cancel`,\n {\n method: 'POST',\n },\n );\n return client.parseWithSchema(\n raw,\n chatSessionEndResponseSchema,\n 'chat session cancel response',\n );\n}\n\nexport async function retryMessage(\n client: RegistryBrokerClient,\n messageId: string,\n payload: ChatRetryRequestPayload,\n): Promise<ChatRetryResponse> {\n const normalizedMessageId = messageId?.trim();\n const normalizedSessionId = payload.sessionId?.trim();\n const normalizedMessage = payload.message?.trim();\n if (!normalizedMessageId) {\n throw new Error('messageId is required to retry a message');\n }\n if (!normalizedSessionId) {\n throw new Error('sessionId is required to retry a message');\n }\n if (!normalizedMessage) {\n throw new Error('message is required to retry a message');\n }\n const body: JsonObject = {\n sessionId: normalizedSessionId,\n message: payload.message,\n };\n if (payload.streaming !== undefined) {\n body.streaming = payload.streaming;\n }\n if (payload.transport) {\n body.transport = payload.transport;\n }\n const uaid = payload.uaid?.trim();\n const agentUrl = payload.agentUrl?.trim();\n const idempotencyKey = payload.idempotencyKey?.trim();\n const senderUaid = payload.senderUaid?.trim();\n if (uaid) {\n body.uaid = uaid;\n }\n if (agentUrl) {\n body.agentUrl = agentUrl;\n }\n if (idempotencyKey) {\n body.idempotencyKey = idempotencyKey;\n }\n if (senderUaid) {\n body.senderUaid = senderUaid;\n }\n if (payload.auth) {\n body.auth = serialiseAuthConfig(payload.auth);\n }\n let cipherEnvelope = payload.cipherEnvelope ?? null;\n if (payload.encryption) {\n if (!payload.encryption.recipients?.length) {\n throw new Error('recipients are required for encrypted chat payloads');\n }\n cipherEnvelope = client.encryption.encryptCipherEnvelope({\n ...payload.encryption,\n sessionId: payload.encryption.sessionId ?? normalizedSessionId,\n });\n }\n if (cipherEnvelope) {\n body.cipherEnvelope = toJsonObject(cipherEnvelope);\n }\n const raw = await client.requestJson<JsonValue>(\n `/chat/message/${encodeURIComponent(normalizedMessageId)}/retry`,\n {\n method: 'POST',\n body,\n headers: { 'content-type': 'application/json' },\n },\n );\n return client.parseWithSchema(\n raw,\n sendMessageResponseSchema,\n 'chat retry response',\n );\n}\n"],"names":[],"mappings":";;;AA2FO,SAAS,cACd,QACA,kBACuB;AACvB,SAAO;AAAA,IACL,OAAO,CAAC,YAA8B,OAAO,UAAU,OAAO;AAAA,IAC9D,WAAW,CAAC,YACV,OAAO,mBAAmB,OAAO;AAAA,IACnC,eAAe,CAAC,YACd,OAAO,cAAc,OAAO;AAAA,IAC9B,aAAa,CAAC,YACZ,OAAO,YAAY,OAAO;AAAA,IAC5B,cAAc,CAAC,WAAmB,YAChC,OAAO,aAAa,WAAW,OAAO;AAAA,IACxC,eAAe,CAAC,cAAsB,OAAO,cAAc,SAAS;AAAA,IACpE,YAAY,CAAC,cAAsB,OAAO,WAAW,SAAS;AAAA,IAC9D,YAAY,CAAC,WAAmB,YAC9B,OAAO,qBAAqB,WAAW,OAAO;AAAA,IAChD,gBAAgB,CAAC,YACf,OAAO,eAAe,OAAO;AAAA,IAC/B,qBAAqB,CAAC,cACpB,OAAO,sBAAsB,SAAS;AAAA,IACxC,2BAA2B,CACzB,WACA,YACG,OAAO,wBAAwB,WAAW,OAAO;AAAA,IACtD,mBAAmB,CAAC,YAClB,OAAO,kBAAkB,OAAO;AAAA,IAClC,oBAAoB,CAAC,YACnB,OAAO,mBAAmB,OAAO;AAAA,IACnC,wBAAwB,CAAC,YACvB,iBAAiB,aAAa,OAAO;AAAA,IACvC,wBAAwB,CAAC,YACvB,iBAAiB,cAAc,OAAO;AAAA,EAAA;AAE5C;AAEA,eAAsB,mBACpB,QACA,SACgC;AAChC,QAAM,OAAmB,CAAA;AACzB,QAAM,OAAO,UAAU,UAAU,QAAQ,MAAM,SAAS;AACxD,QAAM,WAAW,cAAc,UAAU,QAAQ,UAAU,SAAS;AACpE,MAAI,CAAC,QAAQ,CAAC,UAAU;AACtB,UAAM,IAAI,MAAM,sDAAsD;AAAA,EACxE;AACA,MAAI,MAAM;AACR,SAAK,OAAO;AAAA,EACd;AACA,MAAI,UAAU;AACZ,SAAK,WAAW;AAAA,EAClB;AACA,QAAM,MAAM,MAAM,OAAO,YAAuB,mBAAmB;AAAA,IACjE,QAAQ;AAAA,IACR;AAAA,IACA,SAAS,EAAE,gBAAgB,mBAAA;AAAA,EAAmB,CAC/C;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,cACpB,QACA,SACA,wBAAwB,MACQ;AAChC,QAAM,OAAmB,CAAA;AACzB,MAAI,UAAU,WAAW,QAAQ,MAAM;AACrC,SAAK,OAAO,QAAQ;AAAA,EACtB;AACA,MAAI,cAAc,WAAW,QAAQ,UAAU;AAC7C,SAAK,WAAW,QAAQ;AAAA,EAC1B;AACA,MAAI,QAAQ,MAAM;AAChB,SAAK,OAAO,oBAAoB,QAAQ,IAAI;AAAA,EAC9C;AACA,MAAI,QAAQ,sBAAsB,QAAW;AAC3C,SAAK,oBAAoB,QAAQ;AAAA,EACnC;AACA,MAAI,QAAQ,wBAAwB,QAAW;AAC7C,SAAK,sBAAsB,QAAQ;AAAA,EACrC;AACA,MAAI,QAAQ,YAAY;AACtB,SAAK,aAAa,QAAQ;AAAA,EAC5B;AACA,MAAI,QAAQ,YAAY;AACtB,SAAK,aAAa,QAAQ;AAAA,EAC5B;AACA,MAAI;AACF,UAAM,MAAM,MAAM,OAAO,YAAuB,iBAAiB;AAAA,MAC/D,QAAQ;AAAA,MACR;AAAA,MACA,SAAS,EAAE,gBAAgB,mBAAA;AAAA,IAAmB,CAC/C;AACD,WAAO,OAAO;AAAA,MACZ;AAAA,MACA;AAAA,MACA;AAAA,IAAA;AAAA,EAEJ,SAAS,OAAO;AACd,UAAM,aAAa,iBAAiB,QAAQ,QAAQ;AACpD,QACE,yBACA,OAAO,uBAAuB,SAAS,UAAU,GACjD;AACA,YAAM,OAAO,wBAAwB,cAAc;AACnD,aAAO,cAAc,QAAQ,SAAS,KAAK;AAAA,IAC7C;AACA,UAAM;AAAA,EACR;AACF;AAEA,eAAsB,UACpB,QACA,kBACA,SACiC;AACjC,MAAI,UAAU,WAAW,QAAQ,MAAM;AACrC,WAAO,kBAAkB,QAAQ,kBAAkB;AAAA,MACjD,MAAM,QAAQ;AAAA,MACd,YAAY,QAAQ;AAAA,MACpB,mBAAmB,QAAQ;AAAA,MAC3B,MAAM,QAAQ;AAAA,MACd,YAAY,QAAQ;AAAA,MACpB,kBAAkB,QAAQ;AAAA,IAAA,CAC3B;AAAA,EACH;AACA,MAAI,cAAc,WAAW,QAAQ,UAAU;AAC7C,UAAM,UAAU,MAAM,cAAc,QAAQ;AAAA,MAC1C,UAAU,QAAQ;AAAA,MAClB,MAAM,QAAQ;AAAA,MACd,mBAAmB,QAAQ;AAAA,MAC3B,YAAY,QAAQ;AAAA,IAAA,CACrB;AACD,YAAQ,mBAAmB,QAAQ,SAAS;AAC5C,WAAO;AAAA,MACL;AAAA,MACA,QAAQ;AAAA,MACR,QAAQ,cAAc;AAAA,MACtB,QAAQ;AAAA,MACR,EAAE,UAAU,QAAQ,UAAU,MAAM,QAAQ,KAAA;AAAA,IAAK;AAAA,EAErD;AACA,QAAM,IAAI,MAAM,4CAA4C;AAC9D;AAEA,eAAsB,kBACpB,QACA,kBACA,SACiC;AACjC,QAAM,aAAa,QAAQ,YAAY,cAAc;AACrD,QAAM,oBAAoB,eAAe;AACzC,MAAI,CAAC,mBAAmB;AACtB,UAAM,UAAU,MAAM,cAAc,QAAQ;AAAA,MAC1C,MAAM,QAAQ;AAAA,MACd,MAAM,QAAQ;AAAA,MACd,mBAAmB,QAAQ;AAAA,MAC3B,YAAY,QAAQ;AAAA,MACpB,qBAAqB;AAAA,IAAA,CACtB;AACD,YAAQ,mBAAmB,QAAQ,SAAS;AAC5C,WAAO;AAAA,MACL;AAAA,MACA,QAAQ;AAAA,MACR,QAAQ,cAAc;AAAA,MACtB,QAAQ;AAAA,MACR,EAAE,MAAM,QAAQ,KAAA;AAAA,IAAK;AAAA,EAEzB;AACA,MAAI;AACF,UAAM,SAAS,MAAM,iBAAiB,aAAa;AAAA,MACjD,MAAM,QAAQ;AAAA,MACd,YAAY,QAAQ;AAAA,MACpB,mBAAmB,QAAQ;AAAA,MAC3B,oBAAoB,QAAQ,YAAY;AAAA,MACxC,gBAAgB,QAAQ,YAAY;AAAA,MACpC,kBAAkB,CAAA,cAAa;AAC7B,gBAAQ,mBAAmB,SAAS;AAAA,MACtC;AAAA,MACA,MAAM,QAAQ;AAAA,IAAA,CACf;AACD,WAAO;AAAA,EACT,SAAS,OAAO;AACd,QAAI,iBAAiB,4BAA4B;AAC/C,UAAI,eAAe,YAAY;AAC7B,cAAM;AAAA,MACR;AACA,aAAO;AAAA,QACL;AAAA,QACA,MAAM;AAAA,QACN,MAAM,WAAW;AAAA,QACjB,QAAQ;AAAA,QACR,EAAE,MAAM,QAAQ,KAAA;AAAA,MAAK;AAAA,IAEzB;AACA,UAAM;AAAA,EACR;AACF;AAEA,eAAsB,mBACpB,QACA,kBACA,SACiC;AACjC,QAAM,aAAa,QAAQ,YAAY,cAAc;AACrD,MAAI,eAAe,YAAY;AAC7B,WAAO,kCAAkC,QAAQ,QAAQ,WAAW,IAAI;AAAA,EAC1E;AACA,MAAI;AACF,UAAM,SAAS,MAAM,iBAAiB,cAAc;AAAA,MAClD,WAAW,QAAQ;AAAA,MACnB,eAAe,QAAQ;AAAA,MACvB,oBAAoB,QAAQ,YAAY;AAAA,MACxC,gBAAgB,QAAQ,YAAY;AAAA,IAAA,CACrC;AACD,WAAO;AAAA,EACT,SAAS,OAAO;AACd,QACE,iBAAiB,8BACjB,eAAe,YACf;AACA,aAAO;AAAA,QACL;AAAA,QACA,QAAQ;AAAA,QACR;AAAA,QACA;AAAA,QACA,EAAE,MAAM,QAAQ,cAAA;AAAA,MAAc;AAAA,IAElC;AACA,UAAM;AAAA,EACR;AACF;AAEO,SAAS,kCACd,QACA,WACA,SACA,aACA,SACwB;AACxB,QAAM,OAAO,SAAS,MAAM,KAAA;AAC5B,QAAM,WAAW,SAAS,UAAU,KAAA;AACpC,QAAM,eAAe,OACnB,YACqC;AACrC,UAAM,WAAW,MAAM,OAAO,qBAAqB,WAAW,OAAO;AACrE,QAAI,SAAS,kBAAkB;AAC7B,aAAO,SAAS;AAAA,IAClB;AACA,WAAO,SAAS,QAAQ,IAAI,CAAA,WAAU;AAAA,MACpC;AAAA,MACA,WAAW,MAAM;AAAA,IAAA,EACjB;AAAA,EACJ;AACA,SAAO;AAAA,IACL;AAAA,IACA,MAAM;AAAA,IACN,SAAS,WAAW;AAAA,IACpB,MAAM,OAAM,YAAW;AACrB,YAAM,YAAY,QAAQ;AAC1B,UAAI,CAAC,aAAa,UAAU,KAAA,EAAO,WAAW,GAAG;AAC/C,cAAM,IAAI,MAAM,yCAAyC;AAAA,MAC3D;AACA,YAAM,UAAU,QAAQ,WAAW;AACnC,aAAO,YAAY,QAAQ;AAAA,QACzB;AAAA,QACA;AAAA,QACA,WAAW,QAAQ;AAAA,QACnB,MAAM,QAAQ,QAAQ;AAAA,QACtB;AAAA,QACA;AAAA,MAAA,CACD;AAAA,IACH;AAAA,IACA,qBAAqB,WAAS,MAAM;AAAA,IACpC;AAAA,EAAA;AAEJ;AAEA,eAAsB,eACpB,QACA,SACwC;AACxC,MAAI,CAAC,QAAQ,aAAa,QAAQ,UAAU,KAAA,EAAO,WAAW,GAAG;AAC/D,UAAM,IAAI,MAAM,+CAA+C;AAAA,EACjE;AACA,QAAM,OAAmB,CAAA;AACzB,MACE,OAAO,QAAQ,oBAAoB,YACnC,OAAO,SAAS,QAAQ,eAAe,KACvC,QAAQ,mBAAmB,GAC3B;AACA,SAAK,kBAAkB,KAAK,MAAM,QAAQ,eAAe;AAAA,EAC3D;AACA,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB,iBAAiB,mBAAmB,QAAQ,SAAS,CAAC;AAAA,IACtD;AAAA,MACE,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAA;AAAA,MAC3B;AAAA,IAAA;AAAA,EACF;AAEF,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,sBACpB,QACA,WAC0C;AAC1C,MAAI,CAAC,aAAa,UAAU,KAAA,EAAO,WAAW,GAAG;AAC/C,UAAM,IAAI,MAAM,6CAA6C;AAAA,EAC/D;AACA,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB,iBAAiB,mBAAmB,SAAS,CAAC;AAAA,IAC9C;AAAA,MACE,QAAQ;AAAA,IAAA;AAAA,EACV;AAEF,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,wBACpB,QACA,WACA,SACoC;AACpC,MAAI,CAAC,aAAa,UAAU,KAAA,EAAO,WAAW,GAAG;AAC/C,UAAM,IAAI,MAAM,gDAAgD;AAAA,EAClE;AACA,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB,iBAAiB,mBAAmB,SAAS,CAAC;AAAA,IAC9C;AAAA,MACE,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAA;AAAA,MAC3B,MAAM;AAAA,QACJ,MAAM,QAAQ;AAAA,QACd,SAAS,QAAQ;AAAA,QACjB,oBAAoB,QAAQ;AAAA,QAC5B,mBAAmB,QAAQ;AAAA,QAC3B,WAAW,QAAQ;AAAA,QACnB,MAAM,QAAQ;AAAA,QACd,QAAQ,QAAQ;AAAA,QAChB,iBAAiB,QAAQ;AAAA,QACzB,UAAU,QAAQ;AAAA,MAAA;AAAA,IACpB;AAAA,EACF;AAEF,QAAM,WAAW,OAAO;AAAA,IACtB;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEF,SAAO,SAAS;AAClB;AAEA,eAAsB,YACpB,QACA,SAC8B;AAC9B,QAAM,OAAmB;AAAA,IACvB,SAAS,QAAQ;AAAA,EAAA;AAEnB,MAAI,QAAQ,cAAc,QAAW;AACnC,SAAK,YAAY,QAAQ;AAAA,EAC3B;AACA,MAAI,QAAQ,gBAAgB;AAC1B,SAAK,iBAAiB,QAAQ;AAAA,EAChC;AACA,MAAI,QAAQ,YAAY;AACtB,SAAK,aAAa,QAAQ;AAAA,EAC5B;AACA,MAAI,QAAQ,WAAW;AACrB,SAAK,YAAY,QAAQ;AAAA,EAC3B;AACA,MAAI,QAAQ,MAAM;AAChB,SAAK,OAAO,oBAAoB,QAAQ,IAAI;AAAA,EAC9C;AACA,MAAI,UAAU,SAAS;AACrB,SAAK,OAAO,QAAQ;AAAA,EACtB;AACA,MAAI,eAAe,WAAW,QAAQ,WAAW;AAC/C,SAAK,YAAY,QAAQ;AAAA,EAC3B;AACA,MAAI,cAAc,WAAW,QAAQ,UAAU;AAC7C,SAAK,WAAW,QAAQ;AAAA,EAC1B;AACA,MAAI,iBAAiB,QAAQ,kBAAkB;AAC/C,MAAI,QAAQ,YAAY;AACtB,UAAM,yBACJ,QAAQ,WAAW,cAClB,OAAO,KAAK,cAAc,WAAW,KAAK,YAAY;AACzD,QAAI,CAAC,wBAAwB;AAC3B,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AACA,QAAI,CAAC,QAAQ,WAAW,YAAY,QAAQ;AAC1C,YAAM,IAAI,MAAM,qDAAqD;AAAA,IACvE;AACA,qBAAiB,OAAO,WAAW,sBAAsB;AAAA,MACvD,GAAG,QAAQ;AAAA,MACX,WAAW;AAAA,IAAA,CACZ;AAAA,EACH;AACA,MAAI,gBAAgB;AAClB,SAAK,iBAAiB,aAAa,cAAc;AAAA,EACnD;AACA,QAAM,MAAM,MAAM,OAAO,YAAuB,iBAAiB;AAAA,IAC/D,QAAQ;AAAA,IACR;AAAA,IACA,SAAS,EAAE,gBAAgB,mBAAA;AAAA,EAAmB,CAC/C;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,WACpB,QACA,WACiC;AACjC,QAAM,sBAAsB,WAAW,KAAA;AACvC,MAAI,CAAC,qBAAqB;AACxB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EAC/D;AACA,QAAM,WAAW,MAAM,OAAO;AAAA,IAC5B,iBAAiB,mBAAmB,mBAAmB,CAAC;AAAA,IACxD,EAAE,QAAQ,SAAA;AAAA,EAAS;AAErB,MAAI,SAAS,WAAW,KAAK;AAC3B,WAAO;AAAA,MACL,SAAS;AAAA,MACT,WAAW;AAAA,MACX,OAAO;AAAA,IAAA;AAAA,EAEX;AACA,QAAM,cAAc,SAAS,SAAS,IAAI,cAAc,KAAK;AAC7D,MAAI,CAAC,YAAY,YAAA,EAAc,SAAS,MAAM,GAAG;AAC/C,UAAM,SAAS,KAAA;AACf,WAAO;AAAA,MACL,SAAS;AAAA,MACT,WAAW;AAAA,MACX,OAAO;AAAA,IAAA;AAAA,EAEX;AACA,QAAM,eAAe,MAAM,SAAS,KAAA;AACpC,MAAI,aAAa,OAAO,WAAW,GAAG;AACpC,WAAO;AAAA,MACL,SAAS;AAAA,MACT,WAAW;AAAA,MACX,OAAO;AAAA,IAAA;AAAA,EAEX;AACA,QAAM,MAAM,KAAK,MAAM,YAAY;AACnC,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,cACpB,QACA,WACiC;AACjC,QAAM,sBAAsB,WAAW,KAAA;AACvC,MAAI,CAAC,qBAAqB;AACxB,UAAM,IAAI,MAAM,gDAAgD;AAAA,EAClE;AACA,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB,iBAAiB,mBAAmB,mBAAmB,CAAC;AAAA,IACxD;AAAA,MACE,QAAQ;AAAA,IAAA;AAAA,EACV;AAEF,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,eAAsB,aACpB,QACA,WACA,SAC4B;AAC5B,QAAM,sBAAsB,WAAW,KAAA;AACvC,QAAM,sBAAsB,QAAQ,WAAW,KAAA;AAC/C,QAAM,oBAAoB,QAAQ,SAAS,KAAA;AAC3C,MAAI,CAAC,qBAAqB;AACxB,UAAM,IAAI,MAAM,0CAA0C;AAAA,EAC5D;AACA,MAAI,CAAC,qBAAqB;AACxB,UAAM,IAAI,MAAM,0CAA0C;AAAA,EAC5D;AACA,MAAI,CAAC,mBAAmB;AACtB,UAAM,IAAI,MAAM,wCAAwC;AAAA,EAC1D;AACA,QAAM,OAAmB;AAAA,IACvB,WAAW;AAAA,IACX,SAAS,QAAQ;AAAA,EAAA;AAEnB,MAAI,QAAQ,cAAc,QAAW;AACnC,SAAK,YAAY,QAAQ;AAAA,EAC3B;AACA,MAAI,QAAQ,WAAW;AACrB,SAAK,YAAY,QAAQ;AAAA,EAC3B;AACA,QAAM,OAAO,QAAQ,MAAM,KAAA;AAC3B,QAAM,WAAW,QAAQ,UAAU,KAAA;AACnC,QAAM,iBAAiB,QAAQ,gBAAgB,KAAA;AAC/C,QAAM,aAAa,QAAQ,YAAY,KAAA;AACvC,MAAI,MAAM;AACR,SAAK,OAAO;AAAA,EACd;AACA,MAAI,UAAU;AACZ,SAAK,WAAW;AAAA,EAClB;AACA,MAAI,gBAAgB;AAClB,SAAK,iBAAiB;AAAA,EACxB;AACA,MAAI,YAAY;AACd,SAAK,aAAa;AAAA,EACpB;AACA,MAAI,QAAQ,MAAM;AAChB,SAAK,OAAO,oBAAoB,QAAQ,IAAI;AAAA,EAC9C;AACA,MAAI,iBAAiB,QAAQ,kBAAkB;AAC/C,MAAI,QAAQ,YAAY;AACtB,QAAI,CAAC,QAAQ,WAAW,YAAY,QAAQ;AAC1C,YAAM,IAAI,MAAM,qDAAqD;AAAA,IACvE;AACA,qBAAiB,OAAO,WAAW,sBAAsB;AAAA,MACvD,GAAG,QAAQ;AAAA,MACX,WAAW,QAAQ,WAAW,aAAa;AAAA,IAAA,CAC5C;AAAA,EACH;AACA,MAAI,gBAAgB;AAClB,SAAK,iBAAiB,aAAa,cAAc;AAAA,EACnD;AACA,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB,iBAAiB,mBAAmB,mBAAmB,CAAC;AAAA,IACxD;AAAA,MACE,QAAQ;AAAA,MACR;AAAA,MACA,SAAS,EAAE,gBAAgB,mBAAA;AAAA,IAAmB;AAAA,EAChD;AAEF,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;"}
|
|
@@ -1,199 +1,262 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
const fsModule = await optionalImport("node:fs") ?? await optionalImport("fs");
|
|
7
|
-
if (fsModule && typeof fsModule.existsSync === "function" && typeof fsModule.readFileSync === "function" && typeof fsModule.writeFileSync === "function" && typeof fsModule.appendFileSync === "function") {
|
|
8
|
-
return fsModule;
|
|
1
|
+
class EncryptionUnavailableError extends Error {
|
|
2
|
+
constructor(sessionId, summary) {
|
|
3
|
+
super("Encryption is not enabled for this session");
|
|
4
|
+
this.sessionId = sessionId;
|
|
5
|
+
this.summary = summary;
|
|
9
6
|
}
|
|
10
|
-
return null;
|
|
11
|
-
};
|
|
12
|
-
const getNodePath = async () => {
|
|
13
|
-
const pathModule = await optionalImport("node:path") ?? await optionalImport("path");
|
|
14
|
-
if (pathModule && typeof pathModule.resolve === "function") {
|
|
15
|
-
return pathModule;
|
|
16
|
-
}
|
|
17
|
-
return null;
|
|
18
|
-
};
|
|
19
|
-
const getNodeCrypto = async () => {
|
|
20
|
-
const cryptoModule = await optionalImport("node:crypto") ?? await optionalImport("crypto");
|
|
21
|
-
if (cryptoModule && typeof cryptoModule.randomBytes === "function") {
|
|
22
|
-
return cryptoModule;
|
|
23
|
-
}
|
|
24
|
-
return null;
|
|
25
|
-
};
|
|
26
|
-
async function registerEncryptionKey(client, payload) {
|
|
27
|
-
const raw = await client.requestJson("/encryption/keys", {
|
|
28
|
-
method: "POST",
|
|
29
|
-
headers: { "content-type": "application/json" },
|
|
30
|
-
body: payload
|
|
31
|
-
});
|
|
32
|
-
return client.parseWithSchema(
|
|
33
|
-
raw,
|
|
34
|
-
registerEncryptionKeyResponseSchema,
|
|
35
|
-
"register encryption key response"
|
|
36
|
-
);
|
|
37
|
-
}
|
|
38
|
-
function normalizeAutoRegisterIdentity(config) {
|
|
39
|
-
const identity = {};
|
|
40
|
-
if (config.uaid) {
|
|
41
|
-
identity.uaid = config.uaid;
|
|
42
|
-
}
|
|
43
|
-
if (config.ledgerAccountId) {
|
|
44
|
-
identity.ledgerAccountId = config.ledgerAccountId;
|
|
45
|
-
if (config.ledgerNetwork) {
|
|
46
|
-
identity.ledgerNetwork = config.ledgerNetwork;
|
|
47
|
-
}
|
|
48
|
-
}
|
|
49
|
-
if (config.email) {
|
|
50
|
-
identity.email = config.email;
|
|
51
|
-
}
|
|
52
|
-
if (identity.uaid || identity.ledgerAccountId || identity.email) {
|
|
53
|
-
return identity;
|
|
54
|
-
}
|
|
55
|
-
return null;
|
|
56
7
|
}
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
return Buffer.from(publicKey).toString("hex");
|
|
61
|
-
}
|
|
62
|
-
async function resolveAutoRegisterKeyMaterial(client, config) {
|
|
63
|
-
if (config.publicKey?.trim()) {
|
|
64
|
-
return { publicKey: config.publicKey.trim() };
|
|
8
|
+
class EncryptedChatManager {
|
|
9
|
+
constructor(client) {
|
|
10
|
+
this.client = client;
|
|
65
11
|
}
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
if (!privateKey && envVar && process?.env?.[envVar]?.trim()) {
|
|
69
|
-
privateKey = process.env[envVar]?.trim();
|
|
12
|
+
registerConversationContext(context) {
|
|
13
|
+
this.client.registerConversationContextForEncryption(context);
|
|
70
14
|
}
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
15
|
+
async startSession(options) {
|
|
16
|
+
await this.client.encryptionReady();
|
|
17
|
+
const session = await this.client.chat.createSession({
|
|
18
|
+
uaid: options.uaid,
|
|
19
|
+
senderUaid: options.senderUaid,
|
|
20
|
+
encryptionRequested: true,
|
|
21
|
+
historyTtlSeconds: options.historyTtlSeconds,
|
|
22
|
+
auth: options.auth
|
|
77
23
|
});
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
24
|
+
options.onSessionCreated?.(session.sessionId);
|
|
25
|
+
const summary = session.encryption;
|
|
26
|
+
if (!summary?.enabled) {
|
|
27
|
+
throw new EncryptionUnavailableError(
|
|
28
|
+
session.sessionId,
|
|
29
|
+
session.encryption ?? null
|
|
30
|
+
);
|
|
31
|
+
}
|
|
32
|
+
const handle = await this.establishRequesterContext({
|
|
33
|
+
sessionId: session.sessionId,
|
|
34
|
+
summary,
|
|
35
|
+
senderUaid: options.senderUaid,
|
|
36
|
+
handshakeTimeoutMs: options.handshakeTimeoutMs,
|
|
37
|
+
pollIntervalMs: options.pollIntervalMs
|
|
38
|
+
});
|
|
39
|
+
return handle;
|
|
83
40
|
}
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
"Auto-registration requires uaid, ledgerAccountId, or email"
|
|
41
|
+
async acceptSession(options) {
|
|
42
|
+
await this.client.encryptionReady();
|
|
43
|
+
const summary = await this.waitForEncryptionSummary(
|
|
44
|
+
options.sessionId,
|
|
45
|
+
options.handshakeTimeoutMs,
|
|
46
|
+
options.pollIntervalMs
|
|
91
47
|
);
|
|
48
|
+
const handle = await this.establishResponderContext({
|
|
49
|
+
sessionId: options.sessionId,
|
|
50
|
+
summary,
|
|
51
|
+
responderUaid: options.responderUaid,
|
|
52
|
+
handshakeTimeoutMs: options.handshakeTimeoutMs,
|
|
53
|
+
pollIntervalMs: options.pollIntervalMs
|
|
54
|
+
});
|
|
55
|
+
return handle;
|
|
92
56
|
}
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
57
|
+
async establishRequesterContext(params) {
|
|
58
|
+
const keyPair = this.client.encryption.generateEphemeralKeyPair();
|
|
59
|
+
await this.client.chat.submitEncryptionHandshake(params.sessionId, {
|
|
60
|
+
role: "requester",
|
|
61
|
+
keyType: "secp256k1",
|
|
62
|
+
ephemeralPublicKey: keyPair.publicKey,
|
|
63
|
+
uaid: params.senderUaid ?? params.summary.requester?.uaid ?? void 0
|
|
64
|
+
});
|
|
65
|
+
const { summary, record } = await this.waitForHandshakeCompletion(
|
|
66
|
+
params.sessionId,
|
|
67
|
+
params.handshakeTimeoutMs,
|
|
68
|
+
params.pollIntervalMs
|
|
97
69
|
);
|
|
70
|
+
const responderKey = record.responder?.ephemeralPublicKey;
|
|
71
|
+
if (!responderKey) {
|
|
72
|
+
throw new Error("Responder handshake was not completed in time");
|
|
73
|
+
}
|
|
74
|
+
const sharedSecret = this.client.encryption.deriveSharedSecret({
|
|
75
|
+
privateKey: keyPair.privateKey,
|
|
76
|
+
peerPublicKey: responderKey
|
|
77
|
+
}).subarray();
|
|
78
|
+
const recipients = this.buildRecipients(summary);
|
|
79
|
+
return this.createHandle({
|
|
80
|
+
sessionId: params.sessionId,
|
|
81
|
+
sharedSecret,
|
|
82
|
+
summary,
|
|
83
|
+
recipients,
|
|
84
|
+
identity: summary.requester ?? void 0
|
|
85
|
+
});
|
|
98
86
|
}
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
87
|
+
async establishResponderContext(params) {
|
|
88
|
+
const keyPair = this.client.encryption.generateEphemeralKeyPair();
|
|
89
|
+
await this.client.chat.submitEncryptionHandshake(params.sessionId, {
|
|
90
|
+
role: "responder",
|
|
91
|
+
keyType: "secp256k1",
|
|
92
|
+
ephemeralPublicKey: keyPair.publicKey,
|
|
93
|
+
uaid: params.responderUaid ?? params.summary.responder?.uaid ?? void 0
|
|
94
|
+
});
|
|
95
|
+
const { summary, record } = await this.waitForHandshakeCompletion(
|
|
96
|
+
params.sessionId,
|
|
97
|
+
params.handshakeTimeoutMs,
|
|
98
|
+
params.pollIntervalMs
|
|
99
|
+
);
|
|
100
|
+
const requesterKey = record.requester?.ephemeralPublicKey;
|
|
101
|
+
if (!requesterKey) {
|
|
102
|
+
throw new Error("Requester handshake was not detected in time");
|
|
103
|
+
}
|
|
104
|
+
const sharedSecret = this.client.encryption.deriveSharedSecret({
|
|
105
|
+
privateKey: keyPair.privateKey,
|
|
106
|
+
peerPublicKey: requesterKey
|
|
107
|
+
}).subarray();
|
|
108
|
+
const recipients = this.buildRecipients(summary);
|
|
109
|
+
return this.createHandle({
|
|
110
|
+
sessionId: params.sessionId,
|
|
111
|
+
sharedSecret,
|
|
112
|
+
summary,
|
|
113
|
+
recipients,
|
|
114
|
+
identity: summary.responder ?? void 0
|
|
115
|
+
});
|
|
125
116
|
}
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
117
|
+
async waitForHandshakeCompletion(sessionId, timeoutMs = 3e4, pollIntervalMs = 1e3) {
|
|
118
|
+
const deadline = Date.now() + timeoutMs;
|
|
119
|
+
while (true) {
|
|
120
|
+
const status = await this.client.chat.getEncryptionStatus(sessionId);
|
|
121
|
+
const summary = status.encryption;
|
|
122
|
+
const record = summary?.handshake;
|
|
123
|
+
if (summary && record && record.status === "complete") {
|
|
124
|
+
return { summary, record };
|
|
125
|
+
}
|
|
126
|
+
if (Date.now() >= deadline) {
|
|
127
|
+
throw new Error("Timed out waiting for encrypted handshake completion");
|
|
128
|
+
}
|
|
129
|
+
await this.delay(pollIntervalMs);
|
|
130
|
+
}
|
|
133
131
|
}
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
132
|
+
async waitForEncryptionSummary(sessionId, _timeoutMs = 3e4, _pollIntervalMs = 1e3) {
|
|
133
|
+
const status = await this.client.chat.getEncryptionStatus(sessionId);
|
|
134
|
+
if (!status.encryption?.enabled) {
|
|
135
|
+
throw new EncryptionUnavailableError(
|
|
136
|
+
sessionId,
|
|
137
|
+
status.encryption ?? null
|
|
138
|
+
);
|
|
139
|
+
}
|
|
140
|
+
return status.encryption;
|
|
139
141
|
}
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
142
|
+
buildRecipients(summary) {
|
|
143
|
+
const candidates = [summary.requester, summary.responder].filter(Boolean);
|
|
144
|
+
const normalized = candidates.map((candidate) => {
|
|
145
|
+
if (!candidate) {
|
|
146
|
+
return null;
|
|
147
|
+
}
|
|
148
|
+
const recipient = {};
|
|
149
|
+
if (candidate.uaid) {
|
|
150
|
+
recipient.uaid = candidate.uaid;
|
|
151
|
+
}
|
|
152
|
+
if (candidate.ledgerAccountId) {
|
|
153
|
+
recipient.ledgerAccountId = candidate.ledgerAccountId;
|
|
154
|
+
}
|
|
155
|
+
if (candidate.userId) {
|
|
156
|
+
recipient.userId = candidate.userId;
|
|
157
|
+
}
|
|
158
|
+
if (candidate.email) {
|
|
159
|
+
recipient.email = candidate.email;
|
|
160
|
+
}
|
|
161
|
+
return recipient;
|
|
162
|
+
}).filter(
|
|
163
|
+
(entry) => Boolean(
|
|
164
|
+
entry?.uaid || entry?.ledgerAccountId || entry?.userId || entry?.email
|
|
165
|
+
)
|
|
150
166
|
);
|
|
167
|
+
if (normalized.length > 0) {
|
|
168
|
+
return normalized;
|
|
169
|
+
}
|
|
170
|
+
if (summary.responder?.uaid) {
|
|
171
|
+
return [{ uaid: summary.responder.uaid }];
|
|
172
|
+
}
|
|
173
|
+
return [];
|
|
151
174
|
}
|
|
152
|
-
|
|
153
|
-
const
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
175
|
+
createHandle(context) {
|
|
176
|
+
const sharedSecret = context.sharedSecret;
|
|
177
|
+
const uaid = context.summary.requester?.uaid ?? context.summary.responder?.uaid ?? context.identity?.uaid;
|
|
178
|
+
const decryptHistoryEntry = (entry) => this.decryptEntry(entry, context.identity, sharedSecret);
|
|
179
|
+
const fetchHistory = async (options) => {
|
|
180
|
+
const snapshot = await this.client.fetchHistorySnapshot(
|
|
181
|
+
context.sessionId,
|
|
182
|
+
options
|
|
157
183
|
);
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
if (fsModule.existsSync(resolvedPath)) {
|
|
161
|
-
const content = fsModule.readFileSync(resolvedPath, "utf-8");
|
|
162
|
-
const lineRegex = new RegExp(`^${envVar}=.*$`, "m");
|
|
163
|
-
if (lineRegex.test(content)) {
|
|
164
|
-
if (!options.overwrite) {
|
|
165
|
-
throw new Error(
|
|
166
|
-
`${envVar} already exists in ${resolvedPath}; set overwrite=true to replace it`
|
|
167
|
-
);
|
|
168
|
-
}
|
|
169
|
-
const updated = content.replace(lineRegex, envLine);
|
|
170
|
-
fsModule.writeFileSync(resolvedPath, updated);
|
|
171
|
-
} else {
|
|
172
|
-
const needsNewline = !content.endsWith("\n");
|
|
173
|
-
fsModule.appendFileSync(
|
|
174
|
-
resolvedPath,
|
|
175
|
-
`${needsNewline ? "\n" : ""}${envLine}
|
|
176
|
-
`
|
|
177
|
-
);
|
|
184
|
+
if (snapshot.decryptedHistory) {
|
|
185
|
+
return snapshot.decryptedHistory;
|
|
178
186
|
}
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
187
|
+
return snapshot.history.map((entry) => ({
|
|
188
|
+
entry,
|
|
189
|
+
plaintext: decryptHistoryEntry(entry)
|
|
190
|
+
}));
|
|
191
|
+
};
|
|
192
|
+
const handle = {
|
|
193
|
+
sessionId: context.sessionId,
|
|
194
|
+
mode: "encrypted",
|
|
195
|
+
summary: context.summary,
|
|
196
|
+
send: async (options) => {
|
|
197
|
+
const recipients = options.recipients ?? context.recipients;
|
|
198
|
+
return this.client.chat.sendMessage({
|
|
199
|
+
sessionId: context.sessionId,
|
|
200
|
+
message: options.message ?? "[ciphertext omitted]",
|
|
201
|
+
streaming: options.streaming,
|
|
202
|
+
auth: options.auth,
|
|
203
|
+
uaid,
|
|
204
|
+
encryption: {
|
|
205
|
+
plaintext: options.plaintext,
|
|
206
|
+
sharedSecret: Buffer.from(sharedSecret),
|
|
207
|
+
recipients
|
|
208
|
+
}
|
|
209
|
+
});
|
|
210
|
+
},
|
|
211
|
+
decryptHistoryEntry,
|
|
212
|
+
fetchHistory
|
|
213
|
+
};
|
|
214
|
+
this.registerConversationContext({
|
|
215
|
+
sessionId: context.sessionId,
|
|
216
|
+
sharedSecret,
|
|
217
|
+
identity: context.identity
|
|
218
|
+
});
|
|
219
|
+
return handle;
|
|
220
|
+
}
|
|
221
|
+
decryptEntry(entry, identity, fallbackSecret) {
|
|
222
|
+
const envelope = entry.cipherEnvelope;
|
|
223
|
+
if (!envelope) {
|
|
224
|
+
return null;
|
|
225
|
+
}
|
|
226
|
+
const secret = Buffer.from(fallbackSecret);
|
|
227
|
+
try {
|
|
228
|
+
return this.client.encryption.decryptCipherEnvelope({
|
|
229
|
+
envelope,
|
|
230
|
+
sharedSecret: secret
|
|
231
|
+
});
|
|
232
|
+
} catch (_error) {
|
|
233
|
+
return null;
|
|
234
|
+
}
|
|
235
|
+
}
|
|
236
|
+
recipientMatches(candidate, target) {
|
|
237
|
+
if (target.uaid && candidate.uaid?.toLowerCase() === target.uaid.toLowerCase()) {
|
|
238
|
+
return true;
|
|
239
|
+
}
|
|
240
|
+
if (target.ledgerAccountId && candidate.ledgerAccountId?.toLowerCase() === target.ledgerAccountId.toLowerCase()) {
|
|
241
|
+
return true;
|
|
242
|
+
}
|
|
243
|
+
if (target.userId && candidate.userId === target.userId) {
|
|
244
|
+
return true;
|
|
245
|
+
}
|
|
246
|
+
if (target.email && candidate.email?.toLowerCase() === target.email.toLowerCase()) {
|
|
247
|
+
return true;
|
|
248
|
+
}
|
|
249
|
+
return false;
|
|
250
|
+
}
|
|
251
|
+
async delay(ms) {
|
|
252
|
+
if (ms <= 0) {
|
|
253
|
+
return;
|
|
182
254
|
}
|
|
255
|
+
await new Promise((resolve) => setTimeout(resolve, ms));
|
|
183
256
|
}
|
|
184
|
-
return {
|
|
185
|
-
privateKey,
|
|
186
|
-
publicKey,
|
|
187
|
-
envPath: resolvedPath,
|
|
188
|
-
envVar
|
|
189
|
-
};
|
|
190
257
|
}
|
|
191
258
|
export {
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
createEncryptionApi,
|
|
195
|
-
ensureAgentEncryptionKey,
|
|
196
|
-
generateEncryptionKeyPair,
|
|
197
|
-
registerEncryptionKey
|
|
259
|
+
EncryptedChatManager,
|
|
260
|
+
EncryptionUnavailableError
|
|
198
261
|
};
|
|
199
262
|
//# sourceMappingURL=standards-sdk.es178.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"standards-sdk.es178.js","sources":["../../src/services/registry-broker/client/encryption.ts"],"sourcesContent":["import { Buffer } from 'buffer';\nimport { secp256k1 } from '@noble/curves/secp256k1.js';\nimport type {\n AutoRegisterEncryptionKeyOptions,\n CipherEnvelope,\n ClientEncryptionOptions,\n DecryptCipherEnvelopeOptions,\n DeriveSharedSecretOptions,\n EncryptCipherEnvelopeOptions,\n EphemeralKeyPair,\n EnsureAgentKeyOptions,\n RegisterEncryptionKeyPayload,\n RegisterEncryptionKeyResponse,\n SharedSecretInput,\n} from '../types';\nimport { registerEncryptionKeyResponseSchema } from '../schemas';\nimport { optionalImport } from '../../../utils/dynamic-import';\nimport type {\n RegistryBrokerClient,\n GenerateEncryptionKeyPairOptions,\n} from './base-client';\n\ntype FsModule = {\n existsSync: (path: string) => boolean;\n readFileSync: (path: string, encoding: BufferEncoding) => string;\n writeFileSync: (path: string, data: string) => void;\n appendFileSync: (path: string, data: string) => void;\n};\n\ntype NodePathModule = {\n resolve: (...segments: string[]) => string;\n};\n\ntype NodeCryptoModule = {\n randomBytes: (size: number) => Buffer;\n};\n\nconst getFs = async (): Promise<FsModule | null> => {\n const fsModule =\n (await optionalImport<Partial<FsModule>>('node:fs')) ??\n (await optionalImport<Partial<FsModule>>('fs'));\n\n if (\n fsModule &&\n typeof fsModule.existsSync === 'function' &&\n typeof fsModule.readFileSync === 'function' &&\n typeof fsModule.writeFileSync === 'function' &&\n typeof fsModule.appendFileSync === 'function'\n ) {\n return fsModule as FsModule;\n }\n\n return null;\n};\n\nconst getNodePath = async (): Promise<NodePathModule | null> => {\n const pathModule =\n (await optionalImport<Partial<NodePathModule>>('node:path')) ??\n (await optionalImport<Partial<NodePathModule>>('path'));\n if (pathModule && typeof pathModule.resolve === 'function') {\n return pathModule as NodePathModule;\n }\n return null;\n};\n\nconst getNodeCrypto = async (): Promise<NodeCryptoModule | null> => {\n const cryptoModule =\n (await optionalImport<Partial<NodeCryptoModule>>('node:crypto')) ??\n (await optionalImport<Partial<NodeCryptoModule>>('crypto'));\n if (cryptoModule && typeof cryptoModule.randomBytes === 'function') {\n return cryptoModule as NodeCryptoModule;\n }\n return null;\n};\n\nexport interface RegistryBrokerEncryptionApi {\n registerKey: (\n payload: RegisterEncryptionKeyPayload,\n ) => Promise<RegisterEncryptionKeyResponse>;\n generateEphemeralKeyPair: () => EphemeralKeyPair;\n deriveSharedSecret: (options: DeriveSharedSecretOptions) => Buffer;\n encryptCipherEnvelope: (\n options: EncryptCipherEnvelopeOptions,\n ) => CipherEnvelope;\n decryptCipherEnvelope: (options: DecryptCipherEnvelopeOptions) => string;\n ensureAgentKey: (\n options: EnsureAgentKeyOptions,\n ) => Promise<{ publicKey: string; privateKey?: string }>;\n}\n\nexport async function registerEncryptionKey(\n client: RegistryBrokerClient,\n payload: RegisterEncryptionKeyPayload,\n): Promise<RegisterEncryptionKeyResponse> {\n const raw = await client.requestJson('/encryption/keys', {\n method: 'POST',\n headers: { 'content-type': 'application/json' },\n body: payload,\n });\n return client.parseWithSchema(\n raw,\n registerEncryptionKeyResponseSchema,\n 'register encryption key response',\n );\n}\n\nfunction normalizeAutoRegisterIdentity(\n config: AutoRegisterEncryptionKeyOptions,\n): Pick<\n RegisterEncryptionKeyPayload,\n 'uaid' | 'ledgerAccountId' | 'ledgerNetwork' | 'email'\n> | null {\n const identity: Pick<\n RegisterEncryptionKeyPayload,\n 'uaid' | 'ledgerAccountId' | 'ledgerNetwork' | 'email'\n > = {};\n if (config.uaid) {\n identity.uaid = config.uaid;\n }\n if (config.ledgerAccountId) {\n identity.ledgerAccountId = config.ledgerAccountId;\n if (config.ledgerNetwork) {\n identity.ledgerNetwork = config.ledgerNetwork;\n }\n }\n if (config.email) {\n identity.email = config.email;\n }\n if (identity.uaid || identity.ledgerAccountId || identity.email) {\n return identity;\n }\n return null;\n}\n\nfunction derivePublicKeyFromPrivateKey(\n client: RegistryBrokerClient,\n privateKey: string,\n): string {\n const normalized = client.hexToBuffer(privateKey);\n const publicKey = secp256k1.getPublicKey(normalized, true);\n return Buffer.from(publicKey).toString('hex');\n}\n\nasync function resolveAutoRegisterKeyMaterial(\n client: RegistryBrokerClient,\n config: AutoRegisterEncryptionKeyOptions,\n): Promise<{ publicKey: string; privateKey?: string } | null> {\n if (config.publicKey?.trim()) {\n return { publicKey: config.publicKey.trim() };\n }\n let privateKey = config.privateKey?.trim();\n const envVar = config.envVar ?? 'RB_ENCRYPTION_PRIVATE_KEY';\n if (!privateKey && envVar && process?.env?.[envVar]?.trim()) {\n privateKey = process.env[envVar]?.trim();\n }\n if (!privateKey && config.generateIfMissing) {\n const pair = await client.generateEncryptionKeyPair({\n keyType: config.keyType ?? 'secp256k1',\n envVar,\n envPath: config.envPath,\n overwrite: config.overwriteEnv,\n });\n return { publicKey: pair.publicKey, privateKey: pair.privateKey };\n }\n if (privateKey) {\n const publicKey = derivePublicKeyFromPrivateKey(client, privateKey);\n return { publicKey, privateKey };\n }\n return null;\n}\n\nexport async function autoRegisterEncryptionKey(\n client: RegistryBrokerClient,\n config: AutoRegisterEncryptionKeyOptions,\n): Promise<{ publicKey: string; privateKey?: string }> {\n const identity = normalizeAutoRegisterIdentity(config);\n if (!identity) {\n throw new Error(\n 'Auto-registration requires uaid, ledgerAccountId, or email',\n );\n }\n const material = await resolveAutoRegisterKeyMaterial(client, config);\n if (!material) {\n throw new Error(\n 'Unable to resolve encryption public key for auto-registration',\n );\n }\n await registerEncryptionKey(client, {\n keyType: config.keyType ?? 'secp256k1',\n publicKey: material.publicKey,\n ...identity,\n });\n return material;\n}\n\nexport async function ensureAgentEncryptionKey(\n client: RegistryBrokerClient,\n options: EnsureAgentKeyOptions,\n): Promise<{ publicKey: string; privateKey?: string }> {\n return autoRegisterEncryptionKey(client, {\n ...options,\n uaid: options.uaid,\n enabled: true,\n });\n}\n\nexport function createEncryptionApi(\n client: RegistryBrokerClient,\n): RegistryBrokerEncryptionApi {\n return {\n registerKey: (payload: RegisterEncryptionKeyPayload) =>\n registerEncryptionKey(client, payload),\n generateEphemeralKeyPair: () => client.createEphemeralKeyPair(),\n deriveSharedSecret: (options: DeriveSharedSecretOptions) =>\n client.deriveSharedSecret(options),\n encryptCipherEnvelope: (options: EncryptCipherEnvelopeOptions) =>\n client.buildCipherEnvelope(options),\n decryptCipherEnvelope: (options: DecryptCipherEnvelopeOptions) =>\n client.openCipherEnvelope(options),\n ensureAgentKey: (options: EnsureAgentKeyOptions) =>\n ensureAgentEncryptionKey(client, options),\n };\n}\n\nexport async function bootstrapEncryptionOptions(\n client: RegistryBrokerClient,\n options?: ClientEncryptionOptions,\n): Promise<{ publicKey: string; privateKey?: string } | null> {\n if (!options?.autoRegister || options.autoRegister.enabled === false) {\n return null;\n }\n return autoRegisterEncryptionKey(client, options.autoRegister);\n}\n\nexport async function generateEncryptionKeyPair(\n client: RegistryBrokerClient,\n options: GenerateEncryptionKeyPairOptions = {},\n): Promise<{\n privateKey: string;\n publicKey: string;\n envPath?: string;\n envVar: string;\n}> {\n client.assertNodeRuntime('generateEncryptionKeyPair');\n\n const keyType = options.keyType ?? 'secp256k1';\n if (keyType !== 'secp256k1') {\n throw new Error('Only secp256k1 key generation is supported currently');\n }\n\n const cryptoModule = await getNodeCrypto();\n if (!cryptoModule) {\n throw new Error(\n 'Node.js crypto module is not available; cannot generate encryption key pair',\n );\n }\n const privateKeyBytes = cryptoModule.randomBytes(32);\n const privateKey = Buffer.from(privateKeyBytes).toString('hex');\n const publicKeyBytes = secp256k1.getPublicKey(privateKeyBytes, true);\n const publicKey = Buffer.from(publicKeyBytes).toString('hex');\n\n const envVar = options.envVar ?? 'RB_ENCRYPTION_PRIVATE_KEY';\n const pathModule = options.envPath ? await getNodePath() : null;\n const resolvedPath =\n options.envPath && pathModule\n ? pathModule.resolve(options.envPath)\n : undefined;\n\n if (options.envPath && !resolvedPath) {\n throw new Error(\n 'Node.js path module is not available; cannot resolve encryption key env path',\n );\n }\n\n if (resolvedPath) {\n const fsModule = await getFs();\n\n if (!fsModule) {\n throw new Error(\n 'File system module is not available; cannot write encryption key env file',\n );\n }\n\n const envLine = `${envVar}=${privateKey}`;\n if (fsModule.existsSync(resolvedPath)) {\n const content = fsModule.readFileSync(resolvedPath, 'utf-8');\n const lineRegex = new RegExp(`^${envVar}=.*$`, 'm');\n if (lineRegex.test(content)) {\n if (!options.overwrite) {\n throw new Error(\n `${envVar} already exists in ${resolvedPath}; set overwrite=true to replace it`,\n );\n }\n const updated = content.replace(lineRegex, envLine);\n fsModule.writeFileSync(resolvedPath, updated);\n } else {\n const needsNewline = !content.endsWith('\\n');\n fsModule.appendFileSync(\n resolvedPath,\n `${needsNewline ? '\\n' : ''}${envLine}\\n`,\n );\n }\n } else {\n fsModule.writeFileSync(resolvedPath, `${envLine}\\n`);\n }\n }\n\n return {\n privateKey,\n publicKey,\n envPath: resolvedPath,\n envVar,\n };\n}\n"],"names":[],"mappings":";;;;AAqCA,MAAM,QAAQ,YAAsC;AAClD,QAAM,WACH,MAAM,eAAkC,SAAS,KACjD,MAAM,eAAkC,IAAI;AAE/C,MACE,YACA,OAAO,SAAS,eAAe,cAC/B,OAAO,SAAS,iBAAiB,cACjC,OAAO,SAAS,kBAAkB,cAClC,OAAO,SAAS,mBAAmB,YACnC;AACA,WAAO;AAAA,EACT;AAEA,SAAO;AACT;AAEA,MAAM,cAAc,YAA4C;AAC9D,QAAM,aACH,MAAM,eAAwC,WAAW,KACzD,MAAM,eAAwC,MAAM;AACvD,MAAI,cAAc,OAAO,WAAW,YAAY,YAAY;AAC1D,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAEA,MAAM,gBAAgB,YAA8C;AAClE,QAAM,eACH,MAAM,eAA0C,aAAa,KAC7D,MAAM,eAA0C,QAAQ;AAC3D,MAAI,gBAAgB,OAAO,aAAa,gBAAgB,YAAY;AAClE,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAiBA,eAAsB,sBACpB,QACA,SACwC;AACxC,QAAM,MAAM,MAAM,OAAO,YAAY,oBAAoB;AAAA,IACvD,QAAQ;AAAA,IACR,SAAS,EAAE,gBAAgB,mBAAA;AAAA,IAC3B,MAAM;AAAA,EAAA,CACP;AACD,SAAO,OAAO;AAAA,IACZ;AAAA,IACA;AAAA,IACA;AAAA,EAAA;AAEJ;AAEA,SAAS,8BACP,QAIO;AACP,QAAM,WAGF,CAAA;AACJ,MAAI,OAAO,MAAM;AACf,aAAS,OAAO,OAAO;AAAA,EACzB;AACA,MAAI,OAAO,iBAAiB;AAC1B,aAAS,kBAAkB,OAAO;AAClC,QAAI,OAAO,eAAe;AACxB,eAAS,gBAAgB,OAAO;AAAA,IAClC;AAAA,EACF;AACA,MAAI,OAAO,OAAO;AAChB,aAAS,QAAQ,OAAO;AAAA,EAC1B;AACA,MAAI,SAAS,QAAQ,SAAS,mBAAmB,SAAS,OAAO;AAC/D,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAEA,SAAS,8BACP,QACA,YACQ;AACR,QAAM,aAAa,OAAO,YAAY,UAAU;AAChD,QAAM,YAAY,UAAU,aAAa,YAAY,IAAI;AACzD,SAAO,OAAO,KAAK,SAAS,EAAE,SAAS,KAAK;AAC9C;AAEA,eAAe,+BACb,QACA,QAC4D;AAC5D,MAAI,OAAO,WAAW,QAAQ;AAC5B,WAAO,EAAE,WAAW,OAAO,UAAU,OAAK;AAAA,EAC5C;AACA,MAAI,aAAa,OAAO,YAAY,KAAA;AACpC,QAAM,SAAS,OAAO,UAAU;AAChC,MAAI,CAAC,cAAc,UAAU,SAAS,MAAM,MAAM,GAAG,QAAQ;AAC3D,iBAAa,QAAQ,IAAI,MAAM,GAAG,KAAA;AAAA,EACpC;AACA,MAAI,CAAC,cAAc,OAAO,mBAAmB;AAC3C,UAAM,OAAO,MAAM,OAAO,0BAA0B;AAAA,MAClD,SAAS,OAAO,WAAW;AAAA,MAC3B;AAAA,MACA,SAAS,OAAO;AAAA,MAChB,WAAW,OAAO;AAAA,IAAA,CACnB;AACD,WAAO,EAAE,WAAW,KAAK,WAAW,YAAY,KAAK,WAAA;AAAA,EACvD;AACA,MAAI,YAAY;AACd,UAAM,YAAY,8BAA8B,QAAQ,UAAU;AAClE,WAAO,EAAE,WAAW,WAAA;AAAA,EACtB;AACA,SAAO;AACT;AAEA,eAAsB,0BACpB,QACA,QACqD;AACrD,QAAM,WAAW,8BAA8B,MAAM;AACrD,MAAI,CAAC,UAAU;AACb,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAAA,EAEJ;AACA,QAAM,WAAW,MAAM,+BAA+B,QAAQ,MAAM;AACpE,MAAI,CAAC,UAAU;AACb,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAAA,EAEJ;AACA,QAAM,sBAAsB,QAAQ;AAAA,IAClC,SAAS,OAAO,WAAW;AAAA,IAC3B,WAAW,SAAS;AAAA,IACpB,GAAG;AAAA,EAAA,CACJ;AACD,SAAO;AACT;AAEA,eAAsB,yBACpB,QACA,SACqD;AACrD,SAAO,0BAA0B,QAAQ;AAAA,IACvC,GAAG;AAAA,IACH,MAAM,QAAQ;AAAA,EAEhB,CAAC;AACH;AAEO,SAAS,oBACd,QAC6B;AAC7B,SAAO;AAAA,IACL,aAAa,CAAC,YACZ,sBAAsB,QAAQ,OAAO;AAAA,IACvC,0BAA0B,MAAM,OAAO,uBAAA;AAAA,IACvC,oBAAoB,CAAC,YACnB,OAAO,mBAAmB,OAAO;AAAA,IACnC,uBAAuB,CAAC,YACtB,OAAO,oBAAoB,OAAO;AAAA,IACpC,uBAAuB,CAAC,YACtB,OAAO,mBAAmB,OAAO;AAAA,IACnC,gBAAgB,CAAC,YACf,yBAAyB,QAAQ,OAAO;AAAA,EAAA;AAE9C;AAEA,eAAsB,2BACpB,QACA,SAC4D;AAC5D,MAAI,CAAC,SAAS,gBAAgB,QAAQ,aAAa,YAAY,OAAO;AACpE,WAAO;AAAA,EACT;AACA,SAAO,0BAA0B,QAAQ,QAAQ,YAAY;AAC/D;AAEA,eAAsB,0BACpB,QACA,UAA4C,IAM3C;AACD,SAAO,kBAAkB,2BAA2B;AAEpD,QAAM,UAAU,QAAQ,WAAW;AACnC,MAAI,YAAY,aAAa;AAC3B,UAAM,IAAI,MAAM,sDAAsD;AAAA,EACxE;AAEA,QAAM,eAAe,MAAM,cAAA;AAC3B,MAAI,CAAC,cAAc;AACjB,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAAA,EAEJ;AACA,QAAM,kBAAkB,aAAa,YAAY,EAAE;AACnD,QAAM,aAAa,OAAO,KAAK,eAAe,EAAE,SAAS,KAAK;AAC9D,QAAM,iBAAiB,UAAU,aAAa,iBAAiB,IAAI;AACnE,QAAM,YAAY,OAAO,KAAK,cAAc,EAAE,SAAS,KAAK;AAE5D,QAAM,SAAS,QAAQ,UAAU;AACjC,QAAM,aAAa,QAAQ,UAAU,MAAM,gBAAgB;AAC3D,QAAM,eACJ,QAAQ,WAAW,aACf,WAAW,QAAQ,QAAQ,OAAO,IAClC;AAEN,MAAI,QAAQ,WAAW,CAAC,cAAc;AACpC,UAAM,IAAI;AAAA,MACR;AAAA,IAAA;AAAA,EAEJ;AAEA,MAAI,cAAc;AAChB,UAAM,WAAW,MAAM,MAAA;AAEvB,QAAI,CAAC,UAAU;AACb,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,UAAM,UAAU,GAAG,MAAM,IAAI,UAAU;AACvC,QAAI,SAAS,WAAW,YAAY,GAAG;AACrC,YAAM,UAAU,SAAS,aAAa,cAAc,OAAO;AAC3D,YAAM,YAAY,IAAI,OAAO,IAAI,MAAM,QAAQ,GAAG;AAClD,UAAI,UAAU,KAAK,OAAO,GAAG;AAC3B,YAAI,CAAC,QAAQ,WAAW;AACtB,gBAAM,IAAI;AAAA,YACR,GAAG,MAAM,sBAAsB,YAAY;AAAA,UAAA;AAAA,QAE/C;AACA,cAAM,UAAU,QAAQ,QAAQ,WAAW,OAAO;AAClD,iBAAS,cAAc,cAAc,OAAO;AAAA,MAC9C,OAAO;AACL,cAAM,eAAe,CAAC,QAAQ,SAAS,IAAI;AAC3C,iBAAS;AAAA,UACP;AAAA,UACA,GAAG,eAAe,OAAO,EAAE,GAAG,OAAO;AAAA;AAAA,QAAA;AAAA,MAEzC;AAAA,IACF,OAAO;AACL,eAAS,cAAc,cAAc,GAAG,OAAO;AAAA,CAAI;AAAA,IACrD;AAAA,EACF;AAEA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA,SAAS;AAAA,IACT;AAAA,EAAA;AAEJ;"}
|
|
1
|
+
{"version":3,"file":"standards-sdk.es178.js","sources":["../../src/services/registry-broker/client/encrypted-chat-manager.ts"],"sourcesContent":["import type {\n AcceptEncryptedChatSessionOptions,\n ChatHistoryEntry,\n ChatHistoryFetchOptions,\n CipherEnvelopeRecipient,\n DecryptedHistoryEntry,\n EncryptedChatSessionHandle,\n EncryptionHandshakeRecord,\n RecipientIdentity,\n SessionEncryptionSummary,\n SharedSecretInput,\n StartEncryptedChatSessionOptions,\n} from '../types';\nimport type { RegistryBrokerClient } from './base-client';\n\ninterface EncryptedSessionContext {\n sessionId: string;\n sharedSecret: Uint8Array;\n summary: SessionEncryptionSummary;\n recipients: RecipientIdentity[];\n identity?: RecipientIdentity;\n}\n\ninterface ConversationContextInput {\n sessionId: string;\n sharedSecret: Uint8Array | Buffer;\n identity?: RecipientIdentity;\n}\n\nexport class EncryptionUnavailableError extends Error {\n constructor(\n readonly sessionId: string,\n readonly summary?: SessionEncryptionSummary | null,\n ) {\n super('Encryption is not enabled for this session');\n }\n}\n\nexport class EncryptedChatManager {\n constructor(private readonly client: RegistryBrokerClient) {}\n\n registerConversationContext(context: ConversationContextInput): void {\n this.client.registerConversationContextForEncryption(context);\n }\n\n async startSession(\n options: StartEncryptedChatSessionOptions,\n ): Promise<EncryptedChatSessionHandle> {\n await this.client.encryptionReady();\n const session = await this.client.chat.createSession({\n uaid: options.uaid,\n senderUaid: options.senderUaid,\n encryptionRequested: true,\n historyTtlSeconds: options.historyTtlSeconds,\n auth: options.auth,\n });\n options.onSessionCreated?.(session.sessionId);\n const summary = session.encryption;\n if (!summary?.enabled) {\n throw new EncryptionUnavailableError(\n session.sessionId,\n session.encryption ?? null,\n );\n }\n const handle = await this.establishRequesterContext({\n sessionId: session.sessionId,\n summary,\n senderUaid: options.senderUaid,\n handshakeTimeoutMs: options.handshakeTimeoutMs,\n pollIntervalMs: options.pollIntervalMs,\n });\n return handle;\n }\n\n async acceptSession(\n options: AcceptEncryptedChatSessionOptions,\n ): Promise<EncryptedChatSessionHandle> {\n await this.client.encryptionReady();\n const summary = await this.waitForEncryptionSummary(\n options.sessionId,\n options.handshakeTimeoutMs,\n options.pollIntervalMs,\n );\n const handle = await this.establishResponderContext({\n sessionId: options.sessionId,\n summary,\n responderUaid: options.responderUaid,\n handshakeTimeoutMs: options.handshakeTimeoutMs,\n pollIntervalMs: options.pollIntervalMs,\n });\n return handle;\n }\n\n private async establishRequesterContext(params: {\n sessionId: string;\n summary: SessionEncryptionSummary;\n senderUaid?: string;\n handshakeTimeoutMs?: number;\n pollIntervalMs?: number;\n }): Promise<EncryptedChatSessionHandle> {\n const keyPair = this.client.encryption.generateEphemeralKeyPair();\n await this.client.chat.submitEncryptionHandshake(params.sessionId, {\n role: 'requester',\n keyType: 'secp256k1',\n ephemeralPublicKey: keyPair.publicKey,\n uaid: params.senderUaid ?? params.summary.requester?.uaid ?? undefined,\n });\n const { summary, record } = await this.waitForHandshakeCompletion(\n params.sessionId,\n params.handshakeTimeoutMs,\n params.pollIntervalMs,\n );\n const responderKey = record.responder?.ephemeralPublicKey;\n if (!responderKey) {\n throw new Error('Responder handshake was not completed in time');\n }\n const sharedSecret = this.client.encryption\n .deriveSharedSecret({\n privateKey: keyPair.privateKey,\n peerPublicKey: responderKey,\n })\n .subarray();\n const recipients = this.buildRecipients(summary);\n return this.createHandle({\n sessionId: params.sessionId,\n sharedSecret,\n summary,\n recipients,\n identity: summary.requester ?? undefined,\n });\n }\n\n private async establishResponderContext(params: {\n sessionId: string;\n summary: SessionEncryptionSummary;\n responderUaid?: string;\n handshakeTimeoutMs?: number;\n pollIntervalMs?: number;\n }): Promise<EncryptedChatSessionHandle> {\n const keyPair = this.client.encryption.generateEphemeralKeyPair();\n await this.client.chat.submitEncryptionHandshake(params.sessionId, {\n role: 'responder',\n keyType: 'secp256k1',\n ephemeralPublicKey: keyPair.publicKey,\n uaid: params.responderUaid ?? params.summary.responder?.uaid ?? undefined,\n });\n const { summary, record } = await this.waitForHandshakeCompletion(\n params.sessionId,\n params.handshakeTimeoutMs,\n params.pollIntervalMs,\n );\n const requesterKey = record.requester?.ephemeralPublicKey;\n if (!requesterKey) {\n throw new Error('Requester handshake was not detected in time');\n }\n const sharedSecret = this.client.encryption\n .deriveSharedSecret({\n privateKey: keyPair.privateKey,\n peerPublicKey: requesterKey,\n })\n .subarray();\n const recipients = this.buildRecipients(summary);\n return this.createHandle({\n sessionId: params.sessionId,\n sharedSecret,\n summary,\n recipients,\n identity: summary.responder ?? undefined,\n });\n }\n\n private async waitForHandshakeCompletion(\n sessionId: string,\n timeoutMs = 30_000,\n pollIntervalMs = 1_000,\n ): Promise<{\n summary: SessionEncryptionSummary;\n record: EncryptionHandshakeRecord;\n }> {\n const deadline = Date.now() + timeoutMs;\n while (true) {\n const status = await this.client.chat.getEncryptionStatus(sessionId);\n const summary = status.encryption;\n const record = summary?.handshake;\n if (summary && record && record.status === 'complete') {\n return { summary, record };\n }\n if (Date.now() >= deadline) {\n throw new Error('Timed out waiting for encrypted handshake completion');\n }\n await this.delay(pollIntervalMs);\n }\n }\n\n private async waitForEncryptionSummary(\n sessionId: string,\n _timeoutMs = 30_000,\n _pollIntervalMs = 1_000,\n ): Promise<SessionEncryptionSummary> {\n const status = await this.client.chat.getEncryptionStatus(sessionId);\n if (!status.encryption?.enabled) {\n throw new EncryptionUnavailableError(\n sessionId,\n status.encryption ?? null,\n );\n }\n return status.encryption;\n }\n\n private buildRecipients(\n summary: SessionEncryptionSummary,\n ): RecipientIdentity[] {\n const candidates = [summary.requester, summary.responder].filter(Boolean);\n const normalized = candidates\n .map(candidate => {\n if (!candidate) {\n return null;\n }\n const recipient: RecipientIdentity = {};\n if (candidate.uaid) {\n recipient.uaid = candidate.uaid;\n }\n if (candidate.ledgerAccountId) {\n recipient.ledgerAccountId = candidate.ledgerAccountId;\n }\n if (candidate.userId) {\n recipient.userId = candidate.userId;\n }\n if (candidate.email) {\n recipient.email = candidate.email;\n }\n return recipient;\n })\n .filter((entry): entry is RecipientIdentity =>\n Boolean(\n entry?.uaid ||\n entry?.ledgerAccountId ||\n entry?.userId ||\n entry?.email,\n ),\n );\n if (normalized.length > 0) {\n return normalized;\n }\n if (summary.responder?.uaid) {\n return [{ uaid: summary.responder.uaid }];\n }\n return [];\n }\n\n private createHandle(\n context: EncryptedSessionContext,\n ): EncryptedChatSessionHandle {\n const sharedSecret = context.sharedSecret;\n const uaid =\n context.summary.requester?.uaid ??\n context.summary.responder?.uaid ??\n context.identity?.uaid;\n const decryptHistoryEntry = (entry: ChatHistoryEntry): string | null =>\n this.decryptEntry(entry, context.identity, sharedSecret);\n const fetchHistory = async (\n options?: ChatHistoryFetchOptions,\n ): Promise<DecryptedHistoryEntry[]> => {\n const snapshot = await this.client.fetchHistorySnapshot(\n context.sessionId,\n options,\n );\n if (snapshot.decryptedHistory) {\n return snapshot.decryptedHistory;\n }\n return snapshot.history.map(entry => ({\n entry,\n plaintext: decryptHistoryEntry(entry),\n }));\n };\n const handle: EncryptedChatSessionHandle = {\n sessionId: context.sessionId,\n mode: 'encrypted',\n summary: context.summary,\n send: async options => {\n const recipients = options.recipients ?? context.recipients;\n return this.client.chat.sendMessage({\n sessionId: context.sessionId,\n message: options.message ?? '[ciphertext omitted]',\n streaming: options.streaming,\n auth: options.auth,\n uaid,\n encryption: {\n plaintext: options.plaintext,\n sharedSecret: Buffer.from(sharedSecret),\n recipients,\n },\n });\n },\n decryptHistoryEntry,\n fetchHistory,\n };\n this.registerConversationContext({\n sessionId: context.sessionId,\n sharedSecret,\n identity: context.identity,\n });\n return handle;\n }\n\n private decryptEntry(\n entry: ChatHistoryEntry,\n identity: RecipientIdentity | undefined,\n fallbackSecret: Uint8Array,\n ): string | null {\n const envelope = entry.cipherEnvelope;\n if (!envelope) {\n return null;\n }\n const secret: SharedSecretInput = Buffer.from(fallbackSecret);\n try {\n return this.client.encryption.decryptCipherEnvelope({\n envelope,\n sharedSecret: secret,\n });\n } catch (_error) {\n return null;\n }\n }\n\n private recipientMatches(\n candidate: CipherEnvelopeRecipient,\n target: RecipientIdentity,\n ): boolean {\n if (\n target.uaid &&\n candidate.uaid?.toLowerCase() === target.uaid.toLowerCase()\n ) {\n return true;\n }\n if (\n target.ledgerAccountId &&\n candidate.ledgerAccountId?.toLowerCase() ===\n target.ledgerAccountId.toLowerCase()\n ) {\n return true;\n }\n if (target.userId && candidate.userId === target.userId) {\n return true;\n }\n if (\n target.email &&\n candidate.email?.toLowerCase() === target.email.toLowerCase()\n ) {\n return true;\n }\n return false;\n }\n\n private async delay(ms: number): Promise<void> {\n if (ms <= 0) {\n return;\n }\n await new Promise(resolve => setTimeout(resolve, ms));\n }\n}\n"],"names":[],"mappings":"AA6BO,MAAM,mCAAmC,MAAM;AAAA,EACpD,YACW,WACA,SACT;AACA,UAAM,4CAA4C;AAHzC,SAAA,YAAA;AACA,SAAA,UAAA;AAAA,EAGX;AACF;AAEO,MAAM,qBAAqB;AAAA,EAChC,YAA6B,QAA8B;AAA9B,SAAA,SAAA;AAAA,EAA+B;AAAA,EAE5D,4BAA4B,SAAyC;AACnE,SAAK,OAAO,yCAAyC,OAAO;AAAA,EAC9D;AAAA,EAEA,MAAM,aACJ,SACqC;AACrC,UAAM,KAAK,OAAO,gBAAA;AAClB,UAAM,UAAU,MAAM,KAAK,OAAO,KAAK,cAAc;AAAA,MACnD,MAAM,QAAQ;AAAA,MACd,YAAY,QAAQ;AAAA,MACpB,qBAAqB;AAAA,MACrB,mBAAmB,QAAQ;AAAA,MAC3B,MAAM,QAAQ;AAAA,IAAA,CACf;AACD,YAAQ,mBAAmB,QAAQ,SAAS;AAC5C,UAAM,UAAU,QAAQ;AACxB,QAAI,CAAC,SAAS,SAAS;AACrB,YAAM,IAAI;AAAA,QACR,QAAQ;AAAA,QACR,QAAQ,cAAc;AAAA,MAAA;AAAA,IAE1B;AACA,UAAM,SAAS,MAAM,KAAK,0BAA0B;AAAA,MAClD,WAAW,QAAQ;AAAA,MACnB;AAAA,MACA,YAAY,QAAQ;AAAA,MACpB,oBAAoB,QAAQ;AAAA,MAC5B,gBAAgB,QAAQ;AAAA,IAAA,CACzB;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,cACJ,SACqC;AACrC,UAAM,KAAK,OAAO,gBAAA;AAClB,UAAM,UAAU,MAAM,KAAK;AAAA,MACzB,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR,QAAQ;AAAA,IAAA;AAEV,UAAM,SAAS,MAAM,KAAK,0BAA0B;AAAA,MAClD,WAAW,QAAQ;AAAA,MACnB;AAAA,MACA,eAAe,QAAQ;AAAA,MACvB,oBAAoB,QAAQ;AAAA,MAC5B,gBAAgB,QAAQ;AAAA,IAAA,CACzB;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,0BAA0B,QAMA;AACtC,UAAM,UAAU,KAAK,OAAO,WAAW,yBAAA;AACvC,UAAM,KAAK,OAAO,KAAK,0BAA0B,OAAO,WAAW;AAAA,MACjE,MAAM;AAAA,MACN,SAAS;AAAA,MACT,oBAAoB,QAAQ;AAAA,MAC5B,MAAM,OAAO,cAAc,OAAO,QAAQ,WAAW,QAAQ;AAAA,IAAA,CAC9D;AACD,UAAM,EAAE,SAAS,WAAW,MAAM,KAAK;AAAA,MACrC,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,UAAM,eAAe,OAAO,WAAW;AACvC,QAAI,CAAC,cAAc;AACjB,YAAM,IAAI,MAAM,+CAA+C;AAAA,IACjE;AACA,UAAM,eAAe,KAAK,OAAO,WAC9B,mBAAmB;AAAA,MAClB,YAAY,QAAQ;AAAA,MACpB,eAAe;AAAA,IAAA,CAChB,EACA,SAAA;AACH,UAAM,aAAa,KAAK,gBAAgB,OAAO;AAC/C,WAAO,KAAK,aAAa;AAAA,MACvB,WAAW,OAAO;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA,MACA,UAAU,QAAQ,aAAa;AAAA,IAAA,CAChC;AAAA,EACH;AAAA,EAEA,MAAc,0BAA0B,QAMA;AACtC,UAAM,UAAU,KAAK,OAAO,WAAW,yBAAA;AACvC,UAAM,KAAK,OAAO,KAAK,0BAA0B,OAAO,WAAW;AAAA,MACjE,MAAM;AAAA,MACN,SAAS;AAAA,MACT,oBAAoB,QAAQ;AAAA,MAC5B,MAAM,OAAO,iBAAiB,OAAO,QAAQ,WAAW,QAAQ;AAAA,IAAA,CACjE;AACD,UAAM,EAAE,SAAS,WAAW,MAAM,KAAK;AAAA,MACrC,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,UAAM,eAAe,OAAO,WAAW;AACvC,QAAI,CAAC,cAAc;AACjB,YAAM,IAAI,MAAM,8CAA8C;AAAA,IAChE;AACA,UAAM,eAAe,KAAK,OAAO,WAC9B,mBAAmB;AAAA,MAClB,YAAY,QAAQ;AAAA,MACpB,eAAe;AAAA,IAAA,CAChB,EACA,SAAA;AACH,UAAM,aAAa,KAAK,gBAAgB,OAAO;AAC/C,WAAO,KAAK,aAAa;AAAA,MACvB,WAAW,OAAO;AAAA,MAClB;AAAA,MACA;AAAA,MACA;AAAA,MACA,UAAU,QAAQ,aAAa;AAAA,IAAA,CAChC;AAAA,EACH;AAAA,EAEA,MAAc,2BACZ,WACA,YAAY,KACZ,iBAAiB,KAIhB;AACD,UAAM,WAAW,KAAK,IAAA,IAAQ;AAC9B,WAAO,MAAM;AACX,YAAM,SAAS,MAAM,KAAK,OAAO,KAAK,oBAAoB,SAAS;AACnE,YAAM,UAAU,OAAO;AACvB,YAAM,SAAS,SAAS;AACxB,UAAI,WAAW,UAAU,OAAO,WAAW,YAAY;AACrD,eAAO,EAAE,SAAS,OAAA;AAAA,MACpB;AACA,UAAI,KAAK,IAAA,KAAS,UAAU;AAC1B,cAAM,IAAI,MAAM,sDAAsD;AAAA,MACxE;AACA,YAAM,KAAK,MAAM,cAAc;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,MAAc,yBACZ,WACA,aAAa,KACb,kBAAkB,KACiB;AACnC,UAAM,SAAS,MAAM,KAAK,OAAO,KAAK,oBAAoB,SAAS;AACnE,QAAI,CAAC,OAAO,YAAY,SAAS;AAC/B,YAAM,IAAI;AAAA,QACR;AAAA,QACA,OAAO,cAAc;AAAA,MAAA;AAAA,IAEzB;AACA,WAAO,OAAO;AAAA,EAChB;AAAA,EAEQ,gBACN,SACqB;AACrB,UAAM,aAAa,CAAC,QAAQ,WAAW,QAAQ,SAAS,EAAE,OAAO,OAAO;AACxE,UAAM,aAAa,WAChB,IAAI,CAAA,cAAa;AAChB,UAAI,CAAC,WAAW;AACd,eAAO;AAAA,MACT;AACA,YAAM,YAA+B,CAAA;AACrC,UAAI,UAAU,MAAM;AAClB,kBAAU,OAAO,UAAU;AAAA,MAC7B;AACA,UAAI,UAAU,iBAAiB;AAC7B,kBAAU,kBAAkB,UAAU;AAAA,MACxC;AACA,UAAI,UAAU,QAAQ;AACpB,kBAAU,SAAS,UAAU;AAAA,MAC/B;AACA,UAAI,UAAU,OAAO;AACnB,kBAAU,QAAQ,UAAU;AAAA,MAC9B;AACA,aAAO;AAAA,IACT,CAAC,EACA;AAAA,MAAO,CAAC,UACP;AAAA,QACE,OAAO,QACL,OAAO,mBACP,OAAO,UACP,OAAO;AAAA,MAAA;AAAA,IACX;AAEJ,QAAI,WAAW,SAAS,GAAG;AACzB,aAAO;AAAA,IACT;AACA,QAAI,QAAQ,WAAW,MAAM;AAC3B,aAAO,CAAC,EAAE,MAAM,QAAQ,UAAU,MAAM;AAAA,IAC1C;AACA,WAAO,CAAA;AAAA,EACT;AAAA,EAEQ,aACN,SAC4B;AAC5B,UAAM,eAAe,QAAQ;AAC7B,UAAM,OACJ,QAAQ,QAAQ,WAAW,QAC3B,QAAQ,QAAQ,WAAW,QAC3B,QAAQ,UAAU;AACpB,UAAM,sBAAsB,CAAC,UAC3B,KAAK,aAAa,OAAO,QAAQ,UAAU,YAAY;AACzD,UAAM,eAAe,OACnB,YACqC;AACrC,YAAM,WAAW,MAAM,KAAK,OAAO;AAAA,QACjC,QAAQ;AAAA,QACR;AAAA,MAAA;AAEF,UAAI,SAAS,kBAAkB;AAC7B,eAAO,SAAS;AAAA,MAClB;AACA,aAAO,SAAS,QAAQ,IAAI,CAAA,WAAU;AAAA,QACpC;AAAA,QACA,WAAW,oBAAoB,KAAK;AAAA,MAAA,EACpC;AAAA,IACJ;AACA,UAAM,SAAqC;AAAA,MACzC,WAAW,QAAQ;AAAA,MACnB,MAAM;AAAA,MACN,SAAS,QAAQ;AAAA,MACjB,MAAM,OAAM,YAAW;AACrB,cAAM,aAAa,QAAQ,cAAc,QAAQ;AACjD,eAAO,KAAK,OAAO,KAAK,YAAY;AAAA,UAClC,WAAW,QAAQ;AAAA,UACnB,SAAS,QAAQ,WAAW;AAAA,UAC5B,WAAW,QAAQ;AAAA,UACnB,MAAM,QAAQ;AAAA,UACd;AAAA,UACA,YAAY;AAAA,YACV,WAAW,QAAQ;AAAA,YACnB,cAAc,OAAO,KAAK,YAAY;AAAA,YACtC;AAAA,UAAA;AAAA,QACF,CACD;AAAA,MACH;AAAA,MACA;AAAA,MACA;AAAA,IAAA;AAEF,SAAK,4BAA4B;AAAA,MAC/B,WAAW,QAAQ;AAAA,MACnB;AAAA,MACA,UAAU,QAAQ;AAAA,IAAA,CACnB;AACD,WAAO;AAAA,EACT;AAAA,EAEQ,aACN,OACA,UACA,gBACe;AACf,UAAM,WAAW,MAAM;AACvB,QAAI,CAAC,UAAU;AACb,aAAO;AAAA,IACT;AACA,UAAM,SAA4B,OAAO,KAAK,cAAc;AAC5D,QAAI;AACF,aAAO,KAAK,OAAO,WAAW,sBAAsB;AAAA,QAClD;AAAA,QACA,cAAc;AAAA,MAAA,CACf;AAAA,IACH,SAAS,QAAQ;AACf,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEQ,iBACN,WACA,QACS;AACT,QACE,OAAO,QACP,UAAU,MAAM,kBAAkB,OAAO,KAAK,eAC9C;AACA,aAAO;AAAA,IACT;AACA,QACE,OAAO,mBACP,UAAU,iBAAiB,kBACzB,OAAO,gBAAgB,eACzB;AACA,aAAO;AAAA,IACT;AACA,QAAI,OAAO,UAAU,UAAU,WAAW,OAAO,QAAQ;AACvD,aAAO;AAAA,IACT;AACA,QACE,OAAO,SACP,UAAU,OAAO,kBAAkB,OAAO,MAAM,eAChD;AACA,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,MAAM,IAA2B;AAC7C,QAAI,MAAM,GAAG;AACX;AAAA,IACF;AACA,UAAM,IAAI,QAAQ,CAAA,YAAW,WAAW,SAAS,EAAE,CAAC;AAAA,EACtD;AACF;"}
|