@hybrd/xmtp 1.2.7 → 1.3.0

package/.turbo/turbo-build.log

@@ -1,6 +1,6 @@
 
 
-> @hybrd/xmtp@1.2.7 build /Users/ian/Projects/01/hybrid/packages/xmtp
+> @hybrd/xmtp@1.3.0 build /Users/ian/Projects/01/hybrid/packages/xmtp
 > tsup
 
 CLI Building entry: {"index":"src/index.ts"}
@@ -12,7 +12,7 @@
 CJS Build start
 ESM Build start
 
-[12:35:22 PM]  WARN  ▲ [WARNING] "import.meta" is not available with the "cjs" output format and will be empty [empty-import-meta]
+[1:37:26 PM]  WARN  ▲ [WARNING] "import.meta" is not available with the "cjs" output format and will be empty [empty-import-meta]
 
     scripts/revoke-installations.ts:89:4:
       89 │ if (import.meta.url === file://${process.argv[1]}) {
@@ -23,7 +23,7 @@
 
 
 
-[12:35:22 PM]  WARN  ▲ [WARNING] "import.meta" is not available with the "cjs" output format and will be empty [empty-import-meta]
+[1:37:26 PM]  WARN  ▲ [WARNING] "import.meta" is not available with the "cjs" output format and will be empty [empty-import-meta]
 
     src/client.ts:21:33:
       21 │ const __filename = fileURLToPath(import.meta.url)
@@ -33,13 +33,13 @@
 
 
 
-ESM dist/index.js     104.11 KB
-ESM dist/index.js.map 194.82 KB
-ESM ⚡️ Build success in 60ms
-CJS dist/index.cjs     109.24 KB
-CJS dist/index.cjs.map 195.29 KB
-CJS ⚡️ Build success in 61ms
+CJS dist/index.cjs     119.81 KB
+CJS dist/index.cjs.map 219.24 KB
+CJS ⚡️ Build success in 37ms
+ESM dist/index.js     114.50 KB
+ESM dist/index.js.map 218.73 KB
+ESM ⚡️ Build success in 38ms
 DTS Build start
-DTS ⚡️ Build success in 3475ms
-DTS dist/index.d.cts 27.42 KB
-DTS dist/index.d.ts  27.42 KB
+DTS ⚡️ Build success in 3824ms
+DTS dist/index.d.cts 29.23 KB
+DTS dist/index.d.ts  29.23 KB

package/.turbo/turbo-lint$colon$fix.log

@@ -1,6 +1,6 @@
 
 
-> @hybrd/xmtp@1.2.3 lint:fix /Users/ian/Projects/01/hybrid/packages/xmtp
+> @hybrd/xmtp@1.2.8 lint:fix /Users/ian/Projects/01/hybrid/packages/xmtp
 > biome lint --write --unsafe
 
-Checked 24 files in 26ms. No fixes applied.
+Checked 27 files in 18ms. No fixes applied.

package/.turbo/turbo-typecheck.log

@@ -0,0 +1,5 @@
+
+
+> @hybrd/xmtp@1.2.8 typecheck /Users/ian/Projects/01/hybrid/packages/xmtp
+> tsc --noEmit
+

package/dist/index.cjs

@@ -36,11 +36,11 @@ __export(src_exports, {
   BasenameTextRecordKeys: () => BasenameTextRecordKeys,
   Client: () => import_node_sdk2.Client,
   ContentTypeGroupUpdated: () => import_content_type_group_updated.ContentTypeGroupUpdated,
-  ContentTypeReaction: () => import_content_type_reaction2.ContentTypeReaction,
-  ContentTypeReply: () => import_content_type_reply2.ContentTypeReply,
-  ContentTypeText: () => import_content_type_text.ContentTypeText,
+  ContentTypeReaction: () => import_content_type_reaction3.ContentTypeReaction,
+  ContentTypeReply: () => import_content_type_reply3.ContentTypeReply,
+  ContentTypeText: () => import_content_type_text2.ContentTypeText,
   ContentTypeTransactionReference: () => import_content_type_transaction_reference2.ContentTypeTransactionReference,
-  ContentTypeWalletSendCalls: () => import_content_type_wallet_send_calls2.ContentTypeWalletSendCalls,
+  ContentTypeWalletSendCalls: () => import_content_type_wallet_send_calls3.ContentTypeWalletSendCalls,
   DEFAULT_AMOUNT: () => DEFAULT_AMOUNT,
   DEFAULT_OPTIONS: () => DEFAULT_OPTIONS,
   ENSResolver: () => ENSResolver,
@@ -48,9 +48,10 @@ __export(src_exports, {
   IdentifierKind: () => import_node_sdk2.IdentifierKind,
   MAX_USDC_AMOUNT: () => MAX_USDC_AMOUNT,
   MessageListener: () => MessageListener,
-  ReplyCodec: () => import_content_type_reply2.ReplyCodec,
+  ReplyCodec: () => import_content_type_reply3.ReplyCodec,
   Resolver: () => Resolver,
   XMTPConnectionManager: () => XMTPConnectionManager,
+  XMTPPlugin: () => XMTPPlugin,
   XmtpResolver: () => XmtpResolver,
   XmtpServiceClient: () => XmtpServiceClient,
   backupDbToPersistentStorage: () => backupDbToPersistentStorage,
@@ -67,6 +68,7 @@ __export(src_exports, {
   extractMentionedNames: () => extractMentionedNames,
   extractSubjects: () => extractSubjects,
   generateEncryptionKeyHex: () => generateEncryptionKeyHex,
+  generateXMTPToolsToken: () => generateXMTPToolsToken,
   getDbPath: () => getDbPath,
   getEncryptionKeyFromHex: () => getEncryptionKeyFromHex,
   getXMTPToolsUrl: () => getXMTPToolsUrl,
@@ -3326,14 +3328,349 @@ function getXMTPToolsUrl(baseUrl, action, token) {
   return `${baseUrl}/xmtp-tools/${action}?token=${token}`;
 }
 
+// src/endpoints.ts
+var import_content_type_reaction2 = require("@xmtp/content-type-reaction");
+var import_content_type_reply2 = require("@xmtp/content-type-reply");
+var import_content_type_text = require("@xmtp/content-type-text");
+var import_content_type_wallet_send_calls2 = require("@xmtp/content-type-wallet-send-calls");
+var import_hono = require("hono");
+
+// src/lib/jwt.ts
+var import_jsonwebtoken = __toESM(require("jsonwebtoken"), 1);
+function getValidatedPayload(c) {
+  const authHeader = c.req.header("Authorization");
+  if (authHeader?.startsWith("Bearer ")) {
+    const token2 = authHeader.substring(7);
+    return validateXMTPToolsToken(token2);
+  }
+  const token = c.req.query("token");
+  if (!token) {
+    return null;
+  }
+  return validateXMTPToolsToken(token);
+}
+var JWT_SECRET = (() => {
+  const secret = process.env.XMTP_JWT_SECRET;
+  const nodeEnv = process.env.NODE_ENV || "development";
+  if (nodeEnv === "production" && !secret) {
+    throw new Error(
+      "XMTP_JWT_SECRET environment variable is required in production. Generate a secure random secret for JWT token signing."
+    );
+  }
+  if (!secret) {
+    console.warn(
+      "\u26A0\uFE0F  [SECURITY] Using fallback JWT secret for development. Set XMTP_JWT_SECRET environment variable for production."
+    );
+    return "fallback-secret-for-dev-only";
+  }
+  return secret;
+})();
+var API_KEY = (() => {
+  const apiKey = process.env.XMTP_API_KEY;
+  const nodeEnv = process.env.NODE_ENV || "development";
+  if (nodeEnv === "production" && !apiKey) {
+    throw new Error(
+      "XMTP_API_KEY environment variable is required in production. Generate a secure random API key for authentication."
+    );
+  }
+  if (!apiKey) {
+    console.warn(
+      "\u26A0\uFE0F  [SECURITY] Using fallback API key for development. Set XMTP_API_KEY environment variable for production."
+    );
+    return "fallback-api-key-for-dev-only";
+  }
+  return apiKey;
+})();
+var JWT_EXPIRY = 5 * 60;
+function generateXMTPToolsToken(payload) {
+  const now = Math.floor(Date.now() / 1e3);
+  const fullPayload = {
+    ...payload,
+    issued: now,
+    expires: now + JWT_EXPIRY
+  };
+  return import_jsonwebtoken.default.sign(fullPayload, JWT_SECRET, {
+    expiresIn: JWT_EXPIRY
+  });
+}
+function validateXMTPToolsToken(token) {
+  if (token === API_KEY) {
+    console.log("\u{1F511} [Auth] Using API key authentication");
+    const now = Math.floor(Date.now() / 1e3);
+    return {
+      action: "send",
+      // Default action
+      conversationId: "",
+      // Will be filled by endpoint
+      issued: now,
+      expires: now + 3600
+      // API keys are valid for 1 hour
+    };
+  }
+  try {
+    const decoded = import_jsonwebtoken.default.verify(token, JWT_SECRET);
+    console.log("\u{1F511} [Auth] Using JWT token authentication");
+    const now = Math.floor(Date.now() / 1e3);
+    if (decoded.expires < now) {
+      console.warn("\u{1F512} XMTP tools token has expired");
+      return null;
+    }
+    return decoded;
+  } catch (error) {
+    console.error(
+      "\u{1F512} Invalid XMTP tools token and not matching API key:",
+      error
+    );
+    return null;
+  }
+}
+
+// src/endpoints.ts
+var app = new import_hono.Hono();
+app.get("/messages/:messageId", async (c) => {
+  const xmtpClient = c.get("xmtpClient");
+  if (!xmtpClient) {
+    return c.json({ error: "XMTP client not initialized" }, 500);
+  }
+  const token = c.req.query("token");
+  if (!token) {
+    return c.json({ error: "Token required" }, 401);
+  }
+  const payload = validateXMTPToolsToken(token);
+  if (!payload) {
+    return c.json({ error: "Invalid or expired token" }, 401);
+  }
+  const messageId = c.req.param("messageId");
+  try {
+    const message = await xmtpClient.conversations.getMessageById(messageId);
+    if (!message) {
+      return c.json({ error: "Message not found" }, 404);
+    }
+    console.log(`\u2705 Retrieved message ${messageId}`);
+    const transformedMessage = {
+      id: message.id,
+      senderInboxId: message.senderInboxId,
+      sentAt: message.sentAt.toISOString(),
+      content: typeof message.content === "object" ? JSON.stringify(message.content) : message.content,
+      contentType: message.contentType?.typeId || "text",
+      conversationId: message.conversationId,
+      parameters: message.contentType?.parameters || {}
+    };
+    return c.json(transformedMessage);
+  } catch (error) {
+    console.error("\u274C Error fetching message:", error);
+    return c.json({ error: "Failed to fetch message" }, 500);
+  }
+});
+app.post("/send", async (c) => {
+  const xmtpClient = c.get("xmtpClient");
+  if (!xmtpClient) {
+    return c.json({ error: "XMTP client not initialized" }, 500);
+  }
+  const payload = getValidatedPayload(c);
+  if (!payload) {
+    return c.json({ error: "Invalid or expired token" }, 401);
+  }
+  const body = await c.req.json();
+  const content = body.content || payload.content;
+  if (!content) {
+    return c.json({ error: "Content required for send action" }, 400);
+  }
+  const conversationId = payload.conversationId;
+  if (!conversationId) {
+    return c.json({ error: "Conversation ID required" }, 400);
+  }
+  try {
+    const conversation = await xmtpClient.conversations.getConversationById(conversationId);
+    if (!conversation) {
+      return c.json({ error: "Conversation not found" }, 404);
+    }
+    await conversation.send(content);
+    console.log(`\u27A1 Sent message to conversation ${conversationId}`);
+    return c.json({
+      success: true,
+      action: "send",
+      conversationId: payload.conversationId
+    });
+  } catch (error) {
+    console.error("\u274C Error sending message:", error);
+    return c.json({ error: "Failed to send message" }, 500);
+  }
+});
+app.post("/reply", async (c) => {
+  const xmtpClient = c.get("xmtpClient");
+  if (!xmtpClient) {
+    return c.json({ error: "XMTP client not initialized" }, 500);
+  }
+  const payload = getValidatedPayload(c);
+  if (!payload) {
+    return c.json({ error: "Invalid or expired token" }, 401);
+  }
+  const body = await c.req.json();
+  const content = body.content || payload.content;
+  if (!content) {
+    return c.json({ error: "Content required for reply action" }, 400);
+  }
+  const messageId = body.messageId;
+  if (!messageId) {
+    return c.json(
+      { error: "Reference message ID required for reply action" },
+      400
+    );
+  }
+  try {
+    const conversation = await xmtpClient.conversations.getConversationById(
+      payload.conversationId
+    );
+    if (!conversation) {
+      return c.json({ error: "Conversation not found" }, 404);
+    }
+    const reply = {
+      reference: messageId,
+      contentType: import_content_type_text.ContentTypeText,
+      content
+    };
+    await conversation.send(reply, import_content_type_reply2.ContentTypeReply);
+    console.log(
+      `\u27A1 Sent reply "${content}" to conversation ${payload.conversationId}`
+    );
+    return c.json({
+      success: true,
+      action: "reply",
+      conversationId: payload.conversationId
+    });
+  } catch (error) {
+    console.error("\u274C Error sending reply:", error);
+    return c.json({ error: "Failed to send reply" }, 500);
+  }
+});
+app.post("/react", async (c) => {
+  const xmtpClient = c.get("xmtpClient");
+  if (!xmtpClient) {
+    return c.json({ error: "XMTP client not initialized" }, 500);
+  }
+  const payload = getValidatedPayload(c);
+  if (!payload) {
+    return c.json({ error: "Invalid or expired token" }, 401);
+  }
+  const body = await c.req.json();
+  if (!body.emoji) {
+    return c.json({ error: "Emoji required for react action" }, 400);
+  }
+  try {
+    const conversation = await xmtpClient.conversations.getConversationById(
+      payload.conversationId
+    );
+    if (!conversation) {
+      return c.json({ error: "Conversation not found" }, 404);
+    }
+    const reaction = {
+      schema: "unicode",
+      reference: body.messageId,
+      action: body.action,
+      contentType: import_content_type_reaction2.ContentTypeReaction,
+      content: body.emoji
+    };
+    await conversation.send(reaction, import_content_type_reaction2.ContentTypeReaction);
+    console.log(
+      `\u27A1 Sent reaction ${body.emoji} to message ${body.messageId} in conversation ${payload.conversationId}`
+    );
+    return c.json({
+      success: true,
+      action: "react",
+      conversationId: payload.conversationId
+    });
+  } catch (error) {
+    console.error("\u274C Error sending reaction:", error);
+    return c.json({ error: "Failed to send reaction" }, 500);
+  }
+});
+app.post("/transaction", async (c) => {
+  const xmtpClient = c.get("xmtpClient");
+  if (!xmtpClient) {
+    return c.json({ error: "XMTP client not initialized" }, 500);
+  }
+  const payload = getValidatedPayload(c);
+  if (!payload) {
+    return c.json({ error: "Invalid or expired token" }, 401);
+  }
+  let body = {};
+  try {
+    body = await c.req.json();
+  } catch (error) {
+    body = {};
+  }
+  const fromAddress = payload.fromAddress || body.fromAddress;
+  const chainId = payload.chainId || body.chainId;
+  const calls = payload.calls || body.calls;
+  if (!calls || !fromAddress || !chainId) {
+    return c.json(
+      { error: "Transaction data required for transaction action" },
+      400
+    );
+  }
+  calls.forEach((call, index) => {
+    if (call.data && typeof call.data === "string") {
+      const actualStart = call.data.substring(0, 10);
+      if (actualStart === "0x010f2e2e") {
+        console.error("\u{1F6A8} CRITICAL: Transaction data truncation detected!");
+        console.error("   Function selector corrupted - transaction will fail");
+        console.error(
+          "   This indicates a bug in wallet software or XMTP transmission"
+        );
+      }
+    }
+  });
+  try {
+    const conversation = await xmtpClient.conversations.getConversationById(
+      payload.conversationId
+    );
+    if (!conversation) {
+      return c.json({ error: "Conversation not found" }, 404);
+    }
+    const params = {
+      version: "1",
+      chainId,
+      from: fromAddress,
+      calls
+    };
+    await conversation.send(params, import_content_type_wallet_send_calls2.ContentTypeWalletSendCalls);
+    console.log(
+      `\u2705 Sent transaction request to conversation ${payload.conversationId}`
+    );
+    return c.json({
+      success: true,
+      action: "transaction",
+      conversationId: payload.conversationId
+    });
+  } catch (error) {
+    console.error("\u274C Error sending transaction:", error);
+    return c.json({ error: "Failed to send transaction" }, 500);
+  }
+});
+var endpoints_default = app;
+
+// src/plugin.ts
+function XMTPPlugin({
+  filter
+} = {}) {
+  return {
+    name: "xmtp",
+    description: "Provides XMTP messaging functionality",
+    apply: (app2, context) => {
+      app2.route("/xmtp-tools", endpoints_default);
+    }
+  };
+}
+
 // src/index.ts
 var import_node_sdk2 = require("@xmtp/node-sdk");
 var import_content_type_transaction_reference2 = require("@xmtp/content-type-transaction-reference");
-var import_content_type_text = require("@xmtp/content-type-text");
-var import_content_type_reaction2 = require("@xmtp/content-type-reaction");
-var import_content_type_reply2 = require("@xmtp/content-type-reply");
+var import_content_type_text2 = require("@xmtp/content-type-text");
+var import_content_type_reaction3 = require("@xmtp/content-type-reaction");
+var import_content_type_reply3 = require("@xmtp/content-type-reply");
 var import_content_type_group_updated = require("@xmtp/content-type-group-updated");
-var import_content_type_wallet_send_calls2 = require("@xmtp/content-type-wallet-send-calls");
+var import_content_type_wallet_send_calls3 = require("@xmtp/content-type-wallet-send-calls");
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   BasenameResolver,
@@ -3355,6 +3692,7 @@ var import_content_type_wallet_send_calls2 = require("@xmtp/content-type-wallet-
   ReplyCodec,
   Resolver,
   XMTPConnectionManager,
+  XMTPPlugin,
   XmtpResolver,
   XmtpServiceClient,
   backupDbToPersistentStorage,
@@ -3371,6 +3709,7 @@ var import_content_type_wallet_send_calls2 = require("@xmtp/content-type-wallet-
   extractMentionedNames,
   extractSubjects,
   generateEncryptionKeyHex,
+  generateXMTPToolsToken,
   getDbPath,
   getEncryptionKeyFromHex,
   getXMTPToolsUrl,