@holochain/client 0.15.1 → 0.16.0

package/README.md

@@ -13,14 +13,11 @@ A JavaScript client for the Holochain Conductor API (works with browsers as well
 
 [Complete API reference](./docs/client.md)
 
-## Compatibility
+## Installation
 
 **JS client v0.12.x** is compatible with **Holochain v0.1.x**.  
 
-**JS client v0.14.x** is compatible with **Holochain v0.2.x**.
-*As target, ES2020 or higher is required when bundling for production*.
-
-## Installation
+**JS client v0.16.x** are compatible with **Holochain v0.2.x**.
 
 To install from NPM, run
 ```bash
@@ -157,13 +154,6 @@ setSigningCredentials(cell_id, signingCredentials);
 localStorage.setItem(cellIdB64, JSON.stringify(signingCredentials));
 ```
 
-# Holochain Compatibility
-
-See [default.nix](./default.nix) for the Holochain version this package is compatible with.
-
-If updating the Holochain version included in holonix, please use `niv update` as explained in the
-[Holochain Installation Guide](https://developer.holochain.org/install-advanced/#upgrading-the-holochain-version).
-
 ## Running tests
 
 You need a version (`stable` toolchain) of Rust available.

package/lib/api/admin/websocket.js

@@ -134,7 +134,7 @@ export class AdminWebsocket {
      * @returns The cap secret of the created capability.
      */
     grantSigningKey = async (cellId, functions, signingKey) => {
-        const capSecret = randomCapSecret();
+        const capSecret = await randomCapSecret();
         await this.grantZomeCallCapability({
             cell_id: cellId,
             cap_grant: {

package/lib/api/app/websocket.js

@@ -1,6 +1,6 @@
 import { hashZomeCall } from "@holochain/serialization";
 import { decode, encode } from "@msgpack/msgpack";
-import * as ed25519 from "@noble/ed25519";
+import _sodium from "libsodium-wrappers";
 import Emittery from "emittery";
 import { getLauncherEnvironment, isLauncher, signZomeCallTauri, } from "../../environments/launcher.js";
 import { encodeHashToBase64 } from "../../utils/base64.js";
@@ -23,8 +23,9 @@ export class AppWebsocket extends Emittery {
         // Please retain until the upstream is fixed https://github.com/sindresorhus/emittery/issues/86.
         Object.getOwnPropertyNames(Emittery.prototype).forEach((name) => {
             const to_bind = this[name];
-            if (typeof to_bind === 'function') {
-                this[name] = to_bind.bind(this);
+            if (typeof to_bind === "function") {
+                this[name] =
+                    to_bind.bind(this);
             }
         });
         this.client = client;
@@ -130,11 +131,15 @@ export const signZomeCall = async (request) => {
         fn_name: request.fn_name,
         provenance: signingCredentialsForCell.signingKey,
         payload: encode(request.payload),
-        nonce: randomNonce(),
+        nonce: await randomNonce(),
         expires_at: getNonceExpiration(),
     };
     const hashedZomeCall = await hashZomeCall(unsignedZomeCallPayload);
-    const signature = await ed25519.signAsync(hashedZomeCall, signingCredentialsForCell.keyPair.privateKey);
+    await _sodium.ready;
+    const sodium = _sodium;
+    const signature = sodium
+        .crypto_sign(hashedZomeCall, signingCredentialsForCell.keyPair.privateKey)
+        .subarray(0, sodium.crypto_sign_BYTES);
     const signedZomeCall = {
         ...unsignedZomeCallPayload,
         signature,

package/lib/api/zome-call-signing.d.ts

@@ -1,16 +1,10 @@
-import { CapSecret } from "../hdk/capabilities.js";
-import { AgentPubKey, CellId } from "../types.js";
+import { type KeyPair } from "libsodium-wrappers";
+import type { CapSecret } from "../hdk/capabilities.js";
+import type { AgentPubKey, CellId } from "../types.js";
 /**
  * @public
  */
 export type Nonce256Bit = Uint8Array;
-/**
- * @public
- */
-export interface KeyPair {
-    privateKey: Uint8Array;
-    publicKey: Uint8Array;
-}
 /**
  * @public
  */
@@ -39,26 +33,25 @@ export declare const setSigningCredentials: (cellId: CellId, credentials: Signin
 /**
  * Generates a key pair for signing zome calls.
  *
+ * @param agentPubKey - The agent pub key to take 4 last bytes (= DHT location)
+ * from (optional).
  * @returns The signing key pair and an agent pub key based on the public key.
  *
  * @public
  */
-export declare const generateSigningKeyPair: () => Promise<[
-    KeyPair,
-    AgentPubKey
-]>;
+export declare const generateSigningKeyPair: (agentPubKey?: AgentPubKey) => Promise<[KeyPair, AgentPubKey]>;
 /**
  * @public
  */
-export declare const randomCapSecret: () => CapSecret;
+export declare const randomCapSecret: () => Promise<CapSecret>;
 /**
  * @public
  */
-export declare const randomNonce: () => Nonce256Bit;
+export declare const randomNonce: () => Promise<Nonce256Bit>;
 /**
  * @public
  */
-export declare const randomByteArray: (length: number) => Uint8Array;
+export declare const randomByteArray: (length: number) => Promise<Uint8Array>;
 /**
  * @public
  */

package/lib/api/zome-call-signing.js

@@ -1,8 +1,5 @@
-import * as ed25519 from "@noble/ed25519";
+import _sodium from "libsodium-wrappers";
 import { encodeHashToBase64 } from "../utils/base64.js";
-if (!globalThis.crypto) {
-    import("node:crypto").then((webcrypto) => (globalThis.crypto = webcrypto));
-}
 const signingCredentials = new Map();
 /**
  * Get credentials for signing zome calls.
@@ -30,29 +27,39 @@ export const setSigningCredentials = (cellId, credentials) => {
 /**
  * Generates a key pair for signing zome calls.
  *
+ * @param agentPubKey - The agent pub key to take 4 last bytes (= DHT location)
+ * from (optional).
  * @returns The signing key pair and an agent pub key based on the public key.
  *
  * @public
  */
-export const generateSigningKeyPair = async () => {
-    const privateKey = ed25519.utils.randomPrivateKey();
-    const publicKey = await ed25519.getPublicKeyAsync(privateKey);
-    const keyPair = { privateKey, publicKey };
-    const signingKey = new Uint8Array([132, 32, 36].concat(...publicKey).concat(...[0, 0, 0, 0]));
+export const generateSigningKeyPair = async (agentPubKey) => {
+    await _sodium.ready;
+    const sodium = _sodium;
+    const keyPair = sodium.crypto_sign_keypair();
+    const locationBytes = agentPubKey ? agentPubKey.subarray(35) : [0, 0, 0, 0];
+    const signingKey = new Uint8Array([132, 32, 36].concat(...keyPair.publicKey).concat(...locationBytes));
     return [keyPair, signingKey];
 };
 /**
  * @public
  */
-export const randomCapSecret = () => randomByteArray(64);
+export const randomCapSecret = async () => randomByteArray(64);
 /**
  * @public
  */
-export const randomNonce = () => randomByteArray(32);
+export const randomNonce = async () => randomByteArray(32);
 /**
  * @public
  */
-export const randomByteArray = (length) => globalThis.crypto.getRandomValues(new Uint8Array(length));
+export const randomByteArray = async (length) => {
+    if (globalThis.crypto && "getRandomValues" in globalThis.crypto) {
+        return globalThis.crypto.getRandomValues(new Uint8Array(length));
+    }
+    await _sodium.ready;
+    const sodium = _sodium;
+    return sodium.randombytes_buf(length);
+};
 /**
  * @public
  */

package/lib/environments/launcher.js

@@ -11,7 +11,7 @@ export const signZomeCallTauri = async (request) => {
         zome_name: request.zome_name,
         fn_name: request.fn_name,
         payload: Array.from(encode(request.payload)),
-        nonce: Array.from(randomNonce()),
+        nonce: Array.from(await randomNonce()),
         expires_at: getNonceExpiration(),
     };
     const signedZomeCallTauri = await invoke("sign_zome_call", { zomeCallUnsigned });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@holochain/client",
-  "version": "0.15.1",
+  "version": "0.16.0",
   "description": "A JavaScript client for the Holochain Conductor API",
   "author": "Holochain Foundation <info@holochain.org> (http://holochain.org)",
   "license": "CAL-1.0",
@@ -46,6 +46,7 @@
     "emittery": "^1.0.1",
     "isomorphic-ws": "^5.0.0",
     "js-base64": "^3.7.3",
+    "libsodium-wrappers": "^0.7.11",
     "lodash-es": "^4.17.21",
     "ws": "^8.13.0"
   },
@@ -53,17 +54,18 @@
     "@microsoft/api-documenter": "^7.21.7",
     "@microsoft/api-extractor": "^7.34.4",
     "@types/js-yaml": "^3.12.7",
+    "@types/libsodium-wrappers": "^0.7.10",
     "@types/lodash-es": "^4.17.6",
     "@types/tape": "^4.13.2",
     "@types/ws": "^8.5.3",
-    "@typescript-eslint/eslint-plugin": "^5.27.0",
-    "@typescript-eslint/parser": "^5.27.0",
-    "eslint": "^8.16.0",
-    "eslint-config-prettier": "^8.5.0",
-    "eslint-plugin-prettier": "^4.0.0",
-    "eslint-plugin-tsdoc": "^0.2.16",
+    "@typescript-eslint/eslint-plugin": "^5.62.0",
+    "@typescript-eslint/parser": "^5.62.0",
+    "eslint": "^8.46.0",
+    "eslint-config-prettier": "^8.10.0",
+    "eslint-plugin-prettier": "^4.2.1",
+    "eslint-plugin-tsdoc": "^0.2.17",
     "js-yaml": "^3.14.1",
-    "prettier": "^2.6.2",
+    "prettier": "^2.8.8",
     "rimraf": "^3.0.2",
     "tape": "^5.5.3",
     "ts-node": "^10.9.1",