@ibgib/core-gib 0.1.43 → 0.1.45
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/keystone/kdf/kdf-constants.d.mts +25 -0
- package/dist/keystone/kdf/kdf-constants.d.mts.map +1 -0
- package/dist/keystone/kdf/kdf-constants.mjs +28 -0
- package/dist/keystone/kdf/kdf-constants.mjs.map +1 -0
- package/dist/keystone/kdf/kdf-helpers.d.mts +45 -0
- package/dist/keystone/kdf/kdf-helpers.d.mts.map +1 -0
- package/dist/keystone/kdf/kdf-helpers.mjs +94 -0
- package/dist/keystone/kdf/kdf-helpers.mjs.map +1 -0
- package/dist/keystone/kdf/kdf-types.d.mts +49 -0
- package/dist/keystone/kdf/kdf-types.d.mts.map +1 -0
- package/dist/keystone/kdf/kdf-types.mjs +2 -0
- package/dist/keystone/kdf/kdf-types.mjs.map +1 -0
- package/dist/keystone/keystone-config-builder.d.mts +65 -12
- package/dist/keystone/keystone-config-builder.d.mts.map +1 -1
- package/dist/keystone/keystone-config-builder.mjs +138 -46
- package/dist/keystone/keystone-config-builder.mjs.map +1 -1
- package/dist/keystone/keystone-config-builder.respec.mjs +21 -13
- package/dist/keystone/keystone-config-builder.respec.mjs.map +1 -1
- package/dist/keystone/keystone-constants.d.mts +15 -0
- package/dist/keystone/keystone-constants.d.mts.map +1 -1
- package/dist/keystone/keystone-constants.mjs +16 -0
- package/dist/keystone/keystone-constants.mjs.map +1 -1
- package/dist/keystone/keystone-helpers.d.mts +8 -4
- package/dist/keystone/keystone-helpers.d.mts.map +1 -1
- package/dist/keystone/keystone-helpers.mjs +76 -6
- package/dist/keystone/keystone-helpers.mjs.map +1 -1
- package/dist/keystone/keystone-service-v1.d.mts +1 -1
- package/dist/keystone/keystone-service-v1.d.mts.map +1 -1
- package/dist/keystone/keystone-service-v1.mjs +6 -5
- package/dist/keystone/keystone-service-v1.mjs.map +1 -1
- package/dist/keystone/keystone-service-v1.respec.mjs +72 -45
- package/dist/keystone/keystone-service-v1.respec.mjs.map +1 -1
- package/dist/keystone/keystone-types.d.mts +28 -18
- package/dist/keystone/keystone-types.d.mts.map +1 -1
- package/dist/keystone/keystone-types.mjs +26 -15
- package/dist/keystone/keystone-types.mjs.map +1 -1
- package/dist/keystone/strategy/hash-reveal-v1/hash-reveal-v1.d.mts.map +1 -1
- package/dist/keystone/strategy/hash-reveal-v1/hash-reveal-v1.mjs +7 -10
- package/dist/keystone/strategy/hash-reveal-v1/hash-reveal-v1.mjs.map +1 -1
- package/dist/sync/sync-constants.d.mts +9 -0
- package/dist/sync/sync-constants.d.mts.map +1 -1
- package/dist/sync/sync-constants.mjs +10 -0
- package/dist/sync/sync-constants.mjs.map +1 -1
- package/dist/sync/sync-innerspace-dest-ahead-withid.respec.mjs +49 -19
- package/dist/sync/sync-innerspace-dest-ahead-withid.respec.mjs.map +1 -1
- package/dist/sync/sync-peer/sync-peer-v1.mjs +3 -3
- package/dist/sync/sync-peer/sync-peer-v1.mjs.map +1 -1
- package/dist/sync/sync-saga-context/sync-saga-context-helpers.d.mts +0 -38
- package/dist/sync/sync-saga-context/sync-saga-context-helpers.d.mts.map +1 -1
- package/dist/sync/sync-saga-context/sync-saga-context-helpers.mjs +1 -83
- package/dist/sync/sync-saga-context/sync-saga-context-helpers.mjs.map +1 -1
- package/dist/sync/sync-saga-context/sync-saga-context-types.d.mts +24 -4
- package/dist/sync/sync-saga-context/sync-saga-context-types.d.mts.map +1 -1
- package/dist/sync/sync-saga-coordinator.d.mts +36 -13
- package/dist/sync/sync-saga-coordinator.d.mts.map +1 -1
- package/dist/sync/sync-saga-coordinator.mjs +246 -38
- package/dist/sync/sync-saga-coordinator.mjs.map +1 -1
- package/dist/sync/sync-saga-message/sync-saga-message-types.d.mts +1 -7
- package/dist/sync/sync-saga-message/sync-saga-message-types.d.mts.map +1 -1
- package/dist/sync/sync-types.d.mts +11 -0
- package/dist/sync/sync-types.d.mts.map +1 -1
- package/dist/sync/sync-types.mjs.map +1 -1
- package/package.json +1 -1
- package/src/keystone/README.md +4 -3
- package/src/keystone/docs/architecture.md +3 -1
- package/src/keystone/kdf/kdf-constants.mts +34 -0
- package/src/keystone/kdf/kdf-helpers.mts +105 -0
- package/src/keystone/kdf/kdf-types.mts +58 -0
- package/src/keystone/keystone-config-builder.mts +170 -47
- package/src/keystone/keystone-config-builder.respec.mts +21 -14
- package/src/keystone/keystone-constants.mts +21 -2
- package/src/keystone/keystone-helpers.mts +100 -14
- package/src/keystone/keystone-service-v1.mts +23 -22
- package/src/keystone/keystone-service-v1.respec.mts +71 -44
- package/src/keystone/keystone-types.mts +37 -23
- package/src/keystone/strategy/hash-reveal-v1/hash-reveal-v1.mts +9 -13
- package/src/sync/sync-constants.mts +12 -0
- package/src/sync/sync-innerspace-dest-ahead-withid.respec.mts +53 -20
- package/src/sync/sync-peer/sync-peer-v1.mts +3 -3
- package/src/sync/sync-saga-context/sync-saga-context-helpers.mts +3 -107
- package/src/sync/sync-saga-context/sync-saga-context-types.mts +25 -4
- package/src/sync/sync-saga-coordinator.mts +313 -40
- package/src/sync/sync-saga-message/sync-saga-message-types.mts +1 -7
- package/src/sync/sync-types.mts +12 -0
- package/tmp.md +0 -274
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sync-saga-context-helpers.mjs","sourceRoot":"","sources":["../../../src/sync/sync-saga-context/sync-saga-context-helpers.mts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,
|
|
1
|
+
{"version":3,"file":"sync-saga-context-helpers.mjs","sourceRoot":"","sources":["../../../src/sync/sync-saga-context/sync-saga-context-helpers.mts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,EAAgB,MAAM,iDAAiD,CAAC;AAKhG,OAAO,EAAE,0BAA0B,EAAE,MAAM,2CAA2C,CAAC;AAEvF,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;AAS3E,OAAO,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAK5D,MAAM,OAAO,GAAG,gBAAgB,CAAC;AAEjC;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,EACvC,IAAI,GAGP;IACG,MAAM,EAAE,GAAG,IAAI,oBAAoB,CAAC,IAAI,GAAG,CAAC;IAC5C,IAAI,CAAC;QACD,IAAI,CAAC,IAAI,EAAE,CAAC;YAAC,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;QAAC,CAAC;QAEtF,MAAM,YAAY,GAAG,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAE1F,MAAM,EAAE,GAAG;YACP,sBAAsB;YACtB,IAAI,CAAC,KAAK;YACV,YAAY;SACf,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEZ,OAAO,EAAE,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACjD,MAAM,KAAK,CAAC;IAChB,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,EACzC,EAAE,GAGL;IACG,MAAM,EAAE,GAAG,IAAI,sBAAsB,CAAC,IAAI,GAAG,CAAC;IAC9C,IAAI,CAAC;QACD,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,qFAAqF,KAAK,CAAC,MAAM,yCAAyC,CAAC,CAAC;QAChK,CAAC;QACD,MAAM,CACF,IAAI,EACJ,QAAQ,EACR,eAAe,EAClB,GAAG,KAAK,CAAC;QAEV,IAAI,IAAI,KAAK,sBAAsB,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,2BAA2B,sBAAsB,SAAS,IAAI,yCAAyC,CAAC,CAAC;QAC7H,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YAAC,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAC;QAAC,CAAC;QAClI,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACjC,IAAI,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;QACvF,CAAC;QAED,IAAI,CAAC,eAAe,EAAE,CAAC;YAAC,MAAM,IAAI,KAAK,CAAC,oGAAoG,CAAC,CAAC;QAAC,CAAC;QAChJ,MAAM,YAAY,GAAG,QAAQ,CAAC,eAAe,CAAC,CAAC;QAC/C,IAAI,KAAK,CAAC,YAAY,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;QAC9F,CAAC;QAED,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC;IACzC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACjD,MAAM,KAAK,CAAC;IAChB,CAAC;AACL,CAAC;AAGD;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAAC,EAAE,OAAO,EAAwC;IAC/F,MAAM,EAAE,GAAG,IAAI,2BAA2B,CAAC,IAAI,GAAG,CAAC;IACnD,IAAI,CAAC;QACD,IAAI,OAAO,EAAE,CAAC;YAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,oDAAoD,CAAC,CAAC;QAAC,CAAC;QAExF,MAAM,MAAM,GAAa,EAAE,CAAC;QAE5B,kEAAkE;QAClE,MAAM,eAAe,GAAG,MAAM,0BAA0B,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;QAC7E,IAAI,eAAe,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChD,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAC7C,OAAO,MAAM,CAAC,CAAC,wBAAwB;QAC3C,CAAC;QAED,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,eAAe,GACjB,MAAM,qBAAqB,CAAC,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;YAClE,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,CAAC;aAAM,CAAC;YACJ,MAAM,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;QACrF,CAAC;QAED,kGAAkG;QAClG,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAAC,OAAO,MAAM,CAAC,CAAC,wBAAwB;QAAC,CAAC;QAElE,0KAA0K;QAE1K,oEAAoE;QACpE,+DAA+D;QAC/D,4DAA4D;QAC5D,2CAA2C;QAE3C,4EAA4E;QAE5E,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,8FAA8F,CAAC,CAAC;QACnH,OAAO,EAAE,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACjD,MAAM,KAAK,CAAC;IAChB,CAAC;YAAS,CAAC;QACP,IAAI,OAAO,EAAE,CAAC;YAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;QAAC,CAAC;IACpD,CAAC;AACL,CAAC;AAGD;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,kCAAkC,CAAC,EAAE,OAAO,EAAwC;IACtG,MAAM,EAAE,GAAG,IAAI,kCAAkC,CAAC,IAAI,GAAG,CAAC;IAC1D,IAAI,CAAC;QACD,IAAI,OAAO,EAAE,CAAC;YAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,oDAAoD,CAAC,CAAC;QAAC,CAAC;QACxF,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,kFAAkF,CAAC,CAAA;QACtG,OAAO,EAAE,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACjD,MAAM,KAAK,CAAC;IAChB,CAAC;YAAS,CAAC;QACP,IAAI,OAAO,EAAE,CAAC;YAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;QAAC,CAAC;IACpD,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,EAAE,OAAO,EAAwC;IACvF,MAAM,EAAE,GAAG,IAAI,mBAAmB,CAAC,IAAI,GAAG,CAAC;IAC3C,IAAI,CAAC;QACD,IAAI,OAAO,EAAE,CAAC;YAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,oDAAoD,CAAC,CAAC;QAAC,CAAC;QAExF,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,oKAAoK,CAAC,CAAC;QAEzL,OAAO,EAAE,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACjD,MAAM,KAAK,CAAC;IAChB,CAAC;YAAS,CAAC;QACP,IAAI,OAAO,EAAE,CAAC;YAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;QAAC,CAAC;IACpD,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,EAAE,OAAO,EAAwC;IACpF,MAAM,EAAE,GAAG,IAAI,gBAAgB,CAAC,IAAI,GAAG,CAAC;IACxC,IAAI,CAAC;QACD,IAAI,OAAO,EAAE,CAAC;YAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,oDAAoD,CAAC,CAAC;QAAC,CAAC;QAExF,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,iLAAiL,CAAC,CAAC;QAEtM,OAAO,EAAE,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACjD,MAAM,KAAK,CAAC;IAChB,CAAC;YAAS,CAAC;QACP,IAAI,OAAO,EAAE,CAAC;YAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;QAAC,CAAC;IACpD,CAAC;AACL,CAAC"}
|
|
@@ -6,6 +6,7 @@ import { IbGibData_V1, IbGibRel8ns_V1, IbGib_V1 } from '@ibgib/ts-gib/dist/V1/ty
|
|
|
6
6
|
import { SYNC_SAGA_PAYLOAD_ADDRS_DOMAIN } from '../sync-constants.mjs';
|
|
7
7
|
import { SyncIbGib_V1 } from '../sync-types.mjs';
|
|
8
8
|
import { SYNC_SAGA_CONTEXT_ATOM } from './sync-saga-context-constants.mjs';
|
|
9
|
+
import { KeystoneIbGib_V1 } from '../../keystone/keystone-types.mjs';
|
|
9
10
|
export interface SyncSagaContextIb_V1 {
|
|
10
11
|
atom: typeof SYNC_SAGA_CONTEXT_ATOM;
|
|
11
12
|
/**
|
|
@@ -43,13 +44,21 @@ export interface SyncSagaContextRel8ns_V1 extends IbGibRel8ns_V1 {
|
|
|
43
44
|
*/
|
|
44
45
|
sagaFrame: IbGibAddr[];
|
|
45
46
|
/**
|
|
46
|
-
* The Ephemeral Session Keystone Identity used for this saga.
|
|
47
|
-
*
|
|
47
|
+
* The Ephemeral Session Keystone Identity used for this saga. Required for
|
|
48
|
+
* validating the saga frame and this context.
|
|
49
|
+
*
|
|
50
|
+
* WARNING!!!: THIS DOES NOT POINT TO THE CURRENT SESSION KEYSTONE IN
|
|
51
|
+
* {@link SyncSagaContextIbGib_V1.signedSessionKeystone}. This points to the
|
|
52
|
+
* PREVIOUS FRAME (immediate past) of that frame. That session keystone
|
|
53
|
+
* signs with THIS context's frame as its target, so it is logically
|
|
54
|
+
* impossible because the hash would be different.
|
|
48
55
|
*
|
|
49
56
|
* ## notes
|
|
50
57
|
*
|
|
51
|
-
*
|
|
52
|
-
*
|
|
58
|
+
* ATOW (02/18/2026), this is a single address that will have a primary pool
|
|
59
|
+
* for the sender and a delegated pool for the receiver.
|
|
60
|
+
*
|
|
61
|
+
* @see {@link SyncSagaContextIbGib_V1.signedSessionKeystone}
|
|
53
62
|
*/
|
|
54
63
|
sessionKeystone?: IbGibAddr[];
|
|
55
64
|
}
|
|
@@ -71,5 +80,16 @@ export interface SyncSagaContextIbGib_V1 extends IbGib_V1<SyncSagaContextData_V1
|
|
|
71
80
|
* This frame's addr should be {@link SyncSagaContextRel8ns_V1.sagaFrame}.
|
|
72
81
|
*/
|
|
73
82
|
sagaFrame: SyncIbGib_V1;
|
|
83
|
+
/**
|
|
84
|
+
* If session keystone is in play, then this will be populated with that
|
|
85
|
+
* keystone. This session keystone will point to the this context ibgib,
|
|
86
|
+
* BUT, this context ibgib will point to the **PREVIOUS** frame of the
|
|
87
|
+
* keystone.
|
|
88
|
+
*
|
|
89
|
+
* So in order to verify this context ibgib, we must verify the keystone
|
|
90
|
+
* points to this context ibgib AND that this context ibgib points to the
|
|
91
|
+
* previous frame of the keystone.
|
|
92
|
+
*/
|
|
93
|
+
signedSessionKeystone?: KeystoneIbGib_V1;
|
|
74
94
|
}
|
|
75
95
|
//# sourceMappingURL=sync-saga-context-types.d.mts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sync-saga-context-types.d.mts","sourceRoot":"","sources":["../../../src/sync/sync-saga-context/sync-saga-context-types.mts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,8BAA8B,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,iCAAiC,CAAC;AAEzF,OAAO,EAAE,8BAA8B,EAAE,MAAM,uBAAuB,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;
|
|
1
|
+
{"version":3,"file":"sync-saga-context-types.d.mts","sourceRoot":"","sources":["../../../src/sync/sync-saga-context/sync-saga-context-types.mts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,8BAA8B,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,iCAAiC,CAAC;AAEzF,OAAO,EAAE,8BAA8B,EAAE,MAAM,uBAAuB,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;AAC3E,OAAO,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AAErE,MAAM,WAAW,oBAAoB;IACjC,IAAI,EAAE,OAAO,sBAAsB,CAAC;IACpC;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC;IACd;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,sBAAuB,SAAQ,YAAY;IACxD;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC;IACd;;;OAGG;IACH,CAAC,8BAA8B,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC;CAClD;AAED;;;GAGG;AACH,MAAM,WAAW,wBAAyB,SAAQ,cAAc;IAC5D;;;;OAIG;IACH,SAAS,EAAE,SAAS,EAAE,CAAC;IAEvB;;;;;;;;;;;;;;;;OAgBG;IACH,eAAe,CAAC,EAAE,SAAS,EAAE,CAAC;CACjC;AAED;;;GAGG;AACH,MAAM,WAAW,uBAAwB,SAAQ,QAAQ,CAAC,sBAAsB,EAAE,wBAAwB,CAAC;IACvG;;;;;OAKG;IACH,mBAAmB,CAAC,EAAE,QAAQ,EAAE,CAAC;IAEjC;;;;OAIG;IACH,SAAS,EAAE,YAAY,CAAC;IAExB;;;;;;;;;OASG;IACH,qBAAqB,CAAC,EAAE,gBAAgB,CAAC;CAC5C"}
|
|
@@ -21,23 +21,17 @@ import { SyncSagaContextIbGib_V1 } from "./sync-saga-context/sync-saga-context-t
|
|
|
21
21
|
* to a specific Saga session, not fixed node identities.
|
|
22
22
|
*/
|
|
23
23
|
export declare class SyncSagaCoordinator {
|
|
24
|
-
private
|
|
24
|
+
private keystoneSvc;
|
|
25
25
|
private lc;
|
|
26
|
-
constructor(
|
|
26
|
+
constructor(keystoneSvc: KeystoneService_V1);
|
|
27
27
|
/**
|
|
28
28
|
* Executes a synchronization saga using the Symmetric Sync Protocol.
|
|
29
29
|
*
|
|
30
30
|
* @remarks
|
|
31
31
|
* **Execution Context**: **Sender (Local)**.
|
|
32
32
|
* This method is the entry point for starting a sync session.
|
|
33
|
-
*
|
|
34
|
-
* @param opts.peer - The remote peer witness to communicate with.
|
|
35
|
-
* @param opts.localSpace - The local space that will be read from and written to.
|
|
36
|
-
* @param opts.metaspace - Service for creating temp spaces and managing ibgibs.
|
|
37
|
-
* @param opts.domainIbGibs - The root ibgibs defining the scope of the sync.
|
|
38
|
-
* @param opts.useSessionIdentity - (Optional) Whether to create an ephemeral session identity. Default: true.
|
|
39
33
|
*/
|
|
40
|
-
sync({ peer, domainIbGibs, conflictStrategy, useSessionIdentity, metaspace, localSpace, }: {
|
|
34
|
+
sync({ peer, domainIbGibs, conflictStrategy, useSessionIdentity, identity, identitySecret, metaspace, localSpace, }: {
|
|
41
35
|
/**
|
|
42
36
|
* The peer we are syncing with.
|
|
43
37
|
*/
|
|
@@ -50,7 +44,8 @@ export declare class SyncSagaCoordinator {
|
|
|
50
44
|
*/
|
|
51
45
|
domainIbGibs: IbGib_V1[];
|
|
52
46
|
/**
|
|
53
|
-
* The space containing the {@link domainIbGibs} we want to sync.
|
|
47
|
+
* The space containing the {@link domainIbGibs} we want to sync. If
|
|
48
|
+
* sync is successful, any updates to timelines will be stored here.
|
|
54
49
|
*/
|
|
55
50
|
localSpace: IbGibSpaceAny;
|
|
56
51
|
/**
|
|
@@ -58,11 +53,17 @@ export declare class SyncSagaCoordinator {
|
|
|
58
53
|
*/
|
|
59
54
|
metaspace: MetaspaceService;
|
|
60
55
|
/**
|
|
61
|
-
* The identity authorizing this sync.
|
|
56
|
+
* The primary (i.e. non-session) identity authorizing this sync.
|
|
57
|
+
*
|
|
58
|
+
* If this is truthy, then {@link identitySecret} must also be provided.
|
|
62
59
|
*/
|
|
63
60
|
identity?: KeystoneIbGib_V1;
|
|
64
61
|
/**
|
|
65
62
|
* The secret for the identity (to sign the commit).
|
|
63
|
+
*
|
|
64
|
+
* If provided, this will drive both signing {@link identity} keystone
|
|
65
|
+
* (if provided) AND session keystone (if {@link useSessionIdentity} is
|
|
66
|
+
* true).
|
|
66
67
|
*/
|
|
67
68
|
identitySecret?: string;
|
|
68
69
|
/**
|
|
@@ -73,8 +74,10 @@ export declare class SyncSagaCoordinator {
|
|
|
73
74
|
*/
|
|
74
75
|
conflictStrategy?: SyncConflictStrategy;
|
|
75
76
|
/**
|
|
76
|
-
* If true, creates an ephemeral session identity for the sync process
|
|
77
|
-
* secure the sync transaction itself.
|
|
77
|
+
* If true, creates an ephemeral session identity for the sync process
|
|
78
|
+
* to secure the sync transaction itself.
|
|
79
|
+
*
|
|
80
|
+
* If this is true, {@link identitySecret} must also be provided.
|
|
78
81
|
*
|
|
79
82
|
* @default true
|
|
80
83
|
*/
|
|
@@ -101,10 +104,18 @@ export declare class SyncSagaCoordinator {
|
|
|
101
104
|
* Local temp space relative to the execution context's POV
|
|
102
105
|
*/
|
|
103
106
|
myTempSpace: IbGibSpaceAny;
|
|
107
|
+
/**
|
|
108
|
+
* @see {@link sync} `identity` param.
|
|
109
|
+
*/
|
|
104
110
|
identity?: KeystoneIbGib_V1;
|
|
111
|
+
/**
|
|
112
|
+
* @see {@link sync} `identitySecret` param.
|
|
113
|
+
*/
|
|
105
114
|
identitySecret?: string;
|
|
106
115
|
metaspace: MetaspaceService;
|
|
107
116
|
}): Promise<SyncSagaContextIbGib_V1 | null>;
|
|
117
|
+
private getSessionSecret;
|
|
118
|
+
private getInitialWeakDelegateSessionSecret;
|
|
108
119
|
private getSessionIdentity;
|
|
109
120
|
/**
|
|
110
121
|
* Drives the FSM loop of the Saga.
|
|
@@ -122,6 +133,18 @@ export declare class SyncSagaCoordinator {
|
|
|
122
133
|
* When the Peer responds with data (in the response context), it is resolved and put into `tempSpace`.
|
|
123
134
|
*/
|
|
124
135
|
private executeSagaLoop;
|
|
136
|
+
/**
|
|
137
|
+
* Creates new SyncSagaContext stone. Puts/registers in {@link localSpace}
|
|
138
|
+
* immediately after creation.
|
|
139
|
+
*
|
|
140
|
+
* @returns The context ibGib.
|
|
141
|
+
*
|
|
142
|
+
* ## notes
|
|
143
|
+
*
|
|
144
|
+
* the other ibgibs that are related to this context stone should already be
|
|
145
|
+
* put/registered in {@link localSpace}.
|
|
146
|
+
*/
|
|
147
|
+
private createSyncSagaContext;
|
|
125
148
|
/**
|
|
126
149
|
* Helper to get Knowledge Map for specific domain ibGibs or TJPs.
|
|
127
150
|
* Useful for testing and external validation.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sync-saga-coordinator.d.mts","sourceRoot":"","sources":["../../src/sync/sync-saga-coordinator.mts"],"names":[],"mappings":"AAYA,OAAO,EAAE,QAAQ,EAAG,MAAM,iCAAiC,CAAC;AAI5D,OAAO,EAAE,aAAa,EAAE,MAAM,oCAAoC,CAAC;AAEnE,OAAO,EAAE,gBAAgB,
|
|
1
|
+
{"version":3,"file":"sync-saga-coordinator.d.mts","sourceRoot":"","sources":["../../src/sync/sync-saga-coordinator.mts"],"names":[],"mappings":"AAYA,OAAO,EAAE,QAAQ,EAAG,MAAM,iCAAiC,CAAC;AAI5D,OAAO,EAAE,aAAa,EAAE,MAAM,oCAAoC,CAAC;AAEnE,OAAO,EAAE,gBAAgB,EAA6B,MAAM,gCAAgC,CAAC;AAC7F,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AAGzE,OAAO,EAAE,gBAAgB,EAAE,MAAM,gDAAgD,CAAC;AAClF,OAAO,EAEH,oBAAoB,EAGvB,MAAM,sBAAsB,CAAC;AAqB9B,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAEhD,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EAA0B,uBAAuB,EAA6B,MAAM,iDAAiD,CAAC;AAsB7I;;;;;;;;;;;;GAYG;AACH,qBAAa,mBAAmB;IAIxB,OAAO,CAAC,WAAW;IAHvB,OAAO,CAAC,EAAE,CAA2C;gBAGzC,WAAW,EAAE,kBAAkB;IAK3C;;;;;;OAMG;IACU,IAAI,CAAC,EACd,IAAI,EACJ,YAAY,EACZ,gBAA6C,EAC7C,kBAAyB,EACzB,QAAQ,EACR,cAAc,EACd,SAAS,EACT,UAAU,GACb,EAAE;QACC;;WAEG;QACH,IAAI,EAAE,eAAe,CAAC;QACtB;;;;;WAKG;QACH,YAAY,EAAE,QAAQ,EAAE,CAAC;QACzB;;;WAGG;QACH,UAAU,EAAE,aAAa,CAAC;QAC1B;;WAEG;QACH,SAAS,EAAE,gBAAgB,CAAC;QAC5B;;;;WAIG;QACH,QAAQ,CAAC,EAAE,gBAAgB,CAAC;QAC5B;;;;;;WAMG;QACH,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB;;;;;WAKG;QACH,gBAAgB,CAAC,EAAE,oBAAoB,CAAC;QACxC;;;;;;;WAOG;QACH,kBAAkB,CAAC,EAAE,OAAO,CAAC;KAChC,GAAG,OAAO,CAAC,YAAY,CAAC;IAgGzB;;;;;;;;;;OAUG;IACU,YAAY,CAAC,EACtB,WAAW,EACX,OAAO,EACP,WAAW,EACX,QAAQ,EACR,cAAc,EACd,SAAS,GACZ,EAAE;QACC,WAAW,EAAE,uBAAuB,CAAC;QACrC;;WAEG;QACH,OAAO,EAAE,aAAa,CAAC;QACvB;;WAEG;QACH,WAAW,EAAE,aAAa,CAAC;QAC3B;;WAEG;QACH,QAAQ,CAAC,EAAE,gBAAgB,CAAC;QAC5B;;WAEG;QACH,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,SAAS,EAAE,gBAAgB,CAAC;KAC/B,GAAG,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC;YAwD7B,gBAAgB;YA+BhB,mCAAmC;YA6BnC,kBAAkB;IA6EhC;;;;;;;;;;;;;;OAcG;YACW,eAAe;IAsN7B;;;;;;;;;;OAUG;YACW,qBAAqB;IAgInC;;;OAGG;IACU,eAAe,CAAC,EACzB,KAAK,EACL,SAAS,EACT,YAAY,EACZ,QAAQ,GACX,EAAE;QACC,KAAK,EAAE,aAAa,CAAC;QACrB,SAAS,EAAE,gBAAgB,CAAC;QAC5B,YAAY,CAAC,EAAE,QAAQ,EAAE,CAAC;QAC1B,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;KACvB,GAAG,OAAO,CAAC;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAA;KAAE,CAAC;YAoD/B,mBAAmB;IAqCjC;;;;;;;;OAQG;YACW,eAAe;IA6E7B;;;;;OAKG;YACW,qBAAqB;IAgEnC;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;YACW,yBAAyB;IAmGvC;;;;;;;;;;;OAWG;YACW,eAAe;IA0V7B;;;;;;;;;;;;;;OAcG;YACW,cAAc;IAuR5B;;;;;;;;;;;;OAYG;YACW,gBAAgB;IAsX9B;;OAEG;YACW,kBAAkB;YAkQlB,iBAAiB;YAwDjB,iBAAiB;YAuFjB,kBAAkB;YAmClB,4BAA4B;IAiE1C;;OAEG;YACW,mBAAmB;YAgInB,2BAA2B;IAoCzC,OAAO,CAAC,0BAA0B;CA+DrC"}
|
|
@@ -1,10 +1,13 @@
|
|
|
1
|
-
import { extractErrorMsg, getUUID, // so our
|
|
1
|
+
import { extractErrorMsg, getUUID, // so our uuid's are uniform across all ibgib code
|
|
2
|
+
getTimestamp, // so our timestamp in ticks as a string are uniform
|
|
2
3
|
pretty, clone, delay, } from "@ibgib/helper-gib/dist/helpers/utils-helper.mjs";
|
|
3
4
|
import { getIbGibAddr } from "@ibgib/ts-gib/dist/helper.mjs";
|
|
4
5
|
import { Factory_V1 } from "@ibgib/ts-gib/dist/V1/factory.mjs";
|
|
5
6
|
import { GLOBAL_LOG_A_LOT } from "../core-constants.mjs";
|
|
6
7
|
import { putInSpace, getLatestAddrs, getFromSpace, registerNewIbGib } from "../witness/space/space-helper.mjs";
|
|
7
|
-
import {
|
|
8
|
+
import { deriveKey } from "../keystone/kdf/kdf-helpers.mjs";
|
|
9
|
+
import { KdfStrategy } from "../keystone/kdf/kdf-constants.mjs";
|
|
10
|
+
import { SyncStage, SYNC_ATOM, SYNC_MSG_REL8N_NAME, SYNC_SAGA_PAYLOAD_ADDRS_DOMAIN, SyncConflictStrategy, SYNC_CONFLICT_STRATEGY_VALID_VALUES, DEFAULT_SESSION_IDENTITY_INITIAL_DELEGATE_SECRET, } from "./sync-constants.mjs";
|
|
8
11
|
import { appendToTimeline, createTimeline, getHistory, getHistoryAddrs } from "../timeline/timeline-api.mjs";
|
|
9
12
|
import { SyncMode, } from "./sync-types.mjs";
|
|
10
13
|
import { getSyncSagaFrameOrigin, getFullSyncSagaHistory, getSyncIb, getTempSpaceName, isPastFrame, putInSpace_dnasThenNonDnas, validateFullSyncSagaHistory, getAllOrphanedAddresses, getFinalConflictsInfo } from "./sync-helpers.mjs";
|
|
@@ -12,13 +15,16 @@ import { getDeltaDependencyGraph, getDependencyGraph } from "../common/other/gra
|
|
|
12
15
|
import { getSyncSagaMessageIb } from "./sync-saga-message/sync-saga-message-helpers.mjs";
|
|
13
16
|
import { SYNC_SAGA_MSG_ATOM } from "./sync-saga-message/sync-saga-message-constants.mjs";
|
|
14
17
|
import { splitPerTjpAndOrDna, getTimelinesGroupedByTjp, isIbGib, getIbGibsFromCache_fallbackToSpaces } from "../common/other/ibgib-helper.mjs";
|
|
15
|
-
import {
|
|
18
|
+
import { getSyncSagaContextIb, validateContextAndSagaFrame } from "./sync-saga-context/sync-saga-context-helpers.mjs";
|
|
16
19
|
import { newupSubject, } from "../common/pubsub/subject/subject-helper.mjs";
|
|
17
20
|
import { getSyncSagaMessageFromFrame } from "./sync-saga-message/sync-saga-message-helpers.mjs";
|
|
18
21
|
import { fnObs } from "../common/pubsub/observer/observer-helper.mjs";
|
|
19
22
|
import { graftTimelines, } from "./graft-info/graft-info-helpers.mjs";
|
|
20
23
|
import { GRAFT_INFO_REL8N_NAME } from "./graft-info/graft-info-constants.mjs";
|
|
21
24
|
import { validateIbGibIntrinsically } from "@ibgib/ts-gib/dist/V1/validate-helper.mjs";
|
|
25
|
+
import { KEYSTONE_VERB_MANAGE } from "../keystone/keystone-constants.mjs";
|
|
26
|
+
import { validateKeystoneGraph } from "../keystone/keystone-helpers.mjs";
|
|
27
|
+
import { SYNC_SAGA_CONTEXT_ATOM } from "./sync-saga-context/sync-saga-context-constants.mjs";
|
|
22
28
|
const logalot = GLOBAL_LOG_A_LOT;
|
|
23
29
|
const logalotControlDomain = false;
|
|
24
30
|
const lcControlDomain = '[ControlDomain]';
|
|
@@ -36,10 +42,10 @@ const lcControlDomain = '[ControlDomain]';
|
|
|
36
42
|
* to a specific Saga session, not fixed node identities.
|
|
37
43
|
*/
|
|
38
44
|
export class SyncSagaCoordinator {
|
|
39
|
-
|
|
45
|
+
keystoneSvc;
|
|
40
46
|
lc = `[${SyncSagaCoordinator.name}]`;
|
|
41
|
-
constructor(
|
|
42
|
-
this.
|
|
47
|
+
constructor(keystoneSvc) {
|
|
48
|
+
this.keystoneSvc = keystoneSvc;
|
|
43
49
|
}
|
|
44
50
|
/**
|
|
45
51
|
* Executes a synchronization saga using the Symmetric Sync Protocol.
|
|
@@ -47,14 +53,8 @@ export class SyncSagaCoordinator {
|
|
|
47
53
|
* @remarks
|
|
48
54
|
* **Execution Context**: **Sender (Local)**.
|
|
49
55
|
* This method is the entry point for starting a sync session.
|
|
50
|
-
*
|
|
51
|
-
* @param opts.peer - The remote peer witness to communicate with.
|
|
52
|
-
* @param opts.localSpace - The local space that will be read from and written to.
|
|
53
|
-
* @param opts.metaspace - Service for creating temp spaces and managing ibgibs.
|
|
54
|
-
* @param opts.domainIbGibs - The root ibgibs defining the scope of the sync.
|
|
55
|
-
* @param opts.useSessionIdentity - (Optional) Whether to create an ephemeral session identity. Default: true.
|
|
56
56
|
*/
|
|
57
|
-
async sync({ peer, domainIbGibs, conflictStrategy = SyncConflictStrategy.abort, useSessionIdentity = true, metaspace, localSpace, }) {
|
|
57
|
+
async sync({ peer, domainIbGibs, conflictStrategy = SyncConflictStrategy.abort, useSessionIdentity = true, identity, identitySecret, metaspace, localSpace, }) {
|
|
58
58
|
const lc = `${this.lc}[${this.sync.name}]`;
|
|
59
59
|
if (logalot) {
|
|
60
60
|
console.log(`${lc} starting...`);
|
|
@@ -99,9 +99,16 @@ export class SyncSagaCoordinator {
|
|
|
99
99
|
(async () => {
|
|
100
100
|
try {
|
|
101
101
|
// BOOTSTRAP IDENTITY (Session Keystone)
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
102
|
+
let sessionIdentity = undefined;
|
|
103
|
+
if (useSessionIdentity) {
|
|
104
|
+
if (!identitySecret) {
|
|
105
|
+
throw new Error(`useSessionIdentity is true, but identitySecret is falsy. Must provide a secret if you want to use a session identity. (E: 81915860c4dd3ea4dfd81825fa74c126)`);
|
|
106
|
+
}
|
|
107
|
+
// creates the initial session identity (keystone). the flow
|
|
108
|
+
// (i think) will go: evolve saga frame, then sign keystone,
|
|
109
|
+
// then create/send context.
|
|
110
|
+
sessionIdentity = await this.getSessionIdentity({ sagaId, identitySecret, metaspace, localSpace });
|
|
111
|
+
}
|
|
105
112
|
// if (logalot) { console.log(`${lc} sessionIdentity: ${sessionIdentity ? pretty(sessionIdentity) : 'undefined'} (I: abc01872800b3a66b819a05898bba826)`); }
|
|
106
113
|
// CREATE INITIAL FRAME (Stage.init)
|
|
107
114
|
const { initFrame, initDomainGraph } = await this.createInitFrame({
|
|
@@ -115,6 +122,7 @@ export class SyncSagaCoordinator {
|
|
|
115
122
|
await this.executeSagaLoop({
|
|
116
123
|
initFrame, initDomainGraph,
|
|
117
124
|
peer,
|
|
125
|
+
identitySecret,
|
|
118
126
|
sessionIdentity,
|
|
119
127
|
updates$,
|
|
120
128
|
localSpace,
|
|
@@ -163,7 +171,6 @@ export class SyncSagaCoordinator {
|
|
|
163
171
|
mySpace,
|
|
164
172
|
myTempSpace,
|
|
165
173
|
identity,
|
|
166
|
-
identitySecret,
|
|
167
174
|
metaspace,
|
|
168
175
|
});
|
|
169
176
|
if (!contextResult) {
|
|
@@ -187,12 +194,13 @@ export class SyncSagaCoordinator {
|
|
|
187
194
|
// #endregion error conditions throw
|
|
188
195
|
// create the return context
|
|
189
196
|
const { frame, payloadIbGibsDomain } = contextResult.nextFrameInfo;
|
|
190
|
-
const responseCtx = await createSyncSagaContext({
|
|
197
|
+
const responseCtx = await this.createSyncSagaContext({
|
|
191
198
|
sagaFrame: frame,
|
|
192
199
|
localSpace: mySpace,
|
|
193
200
|
payloadIbGibsDomain,
|
|
194
|
-
|
|
195
|
-
|
|
201
|
+
sessionKeystone: identity,
|
|
202
|
+
sessionSecret: identitySecret,
|
|
203
|
+
metaspace,
|
|
196
204
|
});
|
|
197
205
|
const immediateValidationErrors = await validateContextAndSagaFrame({
|
|
198
206
|
context: responseCtx,
|
|
@@ -212,25 +220,115 @@ export class SyncSagaCoordinator {
|
|
|
212
220
|
}
|
|
213
221
|
}
|
|
214
222
|
}
|
|
215
|
-
async
|
|
223
|
+
async getSessionSecret({ sagaId, identitySecret, }) {
|
|
224
|
+
const lc = `${this.lc}[${this.getSessionSecret.name}]`;
|
|
225
|
+
try {
|
|
226
|
+
if (logalot) {
|
|
227
|
+
console.log(`${lc} starting... (I: 0de03f8dcd3e32f1fca244e8f2a8a826)`);
|
|
228
|
+
}
|
|
229
|
+
// Derive session-specific secret using KDF
|
|
230
|
+
const sessionSecret = await deriveKey({
|
|
231
|
+
masterSecret: identitySecret,
|
|
232
|
+
kdfOpts: {
|
|
233
|
+
strategy: KdfStrategy.recursive_salt_wrap,
|
|
234
|
+
salt: sagaId,
|
|
235
|
+
rounds: 10000,
|
|
236
|
+
algorithm: 'SHA-256'
|
|
237
|
+
}
|
|
238
|
+
});
|
|
239
|
+
return sessionSecret;
|
|
240
|
+
}
|
|
241
|
+
catch (error) {
|
|
242
|
+
console.error(`${lc} ${extractErrorMsg(error)}`);
|
|
243
|
+
throw error;
|
|
244
|
+
}
|
|
245
|
+
finally {
|
|
246
|
+
if (logalot) {
|
|
247
|
+
console.log(`${lc} complete.`);
|
|
248
|
+
}
|
|
249
|
+
}
|
|
250
|
+
}
|
|
251
|
+
async getInitialWeakDelegateSessionSecret({ sagaId, }) {
|
|
252
|
+
const lc = `${this.lc}[${this.getInitialWeakDelegateSessionSecret.name}]`;
|
|
253
|
+
try {
|
|
254
|
+
if (logalot) {
|
|
255
|
+
console.log(`${lc} starting... (I: 872ab81a78827b9f2822b78459203226)`);
|
|
256
|
+
}
|
|
257
|
+
// Create delegate pool bootstrap secret (publicly derivable)
|
|
258
|
+
const initialDelegateSecret = await deriveKey({
|
|
259
|
+
masterSecret: DEFAULT_SESSION_IDENTITY_INITIAL_DELEGATE_SECRET, // Weak, publicly derivable secret
|
|
260
|
+
kdfOpts: {
|
|
261
|
+
strategy: KdfStrategy.recursive_salt_wrap,
|
|
262
|
+
salt: sagaId,
|
|
263
|
+
rounds: 1, // Minimal rounds - this is meant to be weak
|
|
264
|
+
algorithm: 'SHA-256'
|
|
265
|
+
}
|
|
266
|
+
});
|
|
267
|
+
return initialDelegateSecret;
|
|
268
|
+
}
|
|
269
|
+
catch (error) {
|
|
270
|
+
console.error(`${lc} ${extractErrorMsg(error)}`);
|
|
271
|
+
throw error;
|
|
272
|
+
}
|
|
273
|
+
finally {
|
|
274
|
+
if (logalot) {
|
|
275
|
+
console.log(`${lc} complete.`);
|
|
276
|
+
}
|
|
277
|
+
}
|
|
278
|
+
}
|
|
279
|
+
async getSessionIdentity({ sagaId, identitySecret, metaspace, localSpace, }) {
|
|
216
280
|
const lc = `${this.lc}[${this.getSessionIdentity.name}]`;
|
|
217
281
|
try {
|
|
218
282
|
if (logalot) {
|
|
219
283
|
console.log(`${lc} starting... (I: 428392a4ee636b7bd8f7d5d89a87e826)`);
|
|
220
284
|
}
|
|
221
|
-
|
|
222
|
-
|
|
285
|
+
if (!identitySecret) {
|
|
286
|
+
throw new Error(`(UNEXPECTED) identitySecret falsy? This is expected to be truthy by this point. (E: 8ce053fe59825a6678713128953b9d26)`);
|
|
287
|
+
}
|
|
288
|
+
const sessionSecret = await this.getSessionSecret({ sagaId, identitySecret });
|
|
289
|
+
const init = await this.getInitialWeakDelegateSessionSecret({ sagaId });
|
|
290
|
+
// Create TWO pool configs: Primary (strong) + Delegate (weak bootstrap)
|
|
291
|
+
const primaryPoolConfig = {
|
|
292
|
+
allowedVerbs: [KEYSTONE_VERB_MANAGE],
|
|
293
|
+
id: 'primary',
|
|
294
|
+
type: 'hash-reveal-v1',
|
|
295
|
+
salt: sagaId,
|
|
296
|
+
behavior: {
|
|
297
|
+
size: 100, // Large pool for many signatures
|
|
298
|
+
replenish: 'top-up',
|
|
299
|
+
selectSequentially: 2,
|
|
300
|
+
selectRandomly: 2,
|
|
301
|
+
targetBindingChars: 10
|
|
302
|
+
},
|
|
303
|
+
algo: 'SHA-256',
|
|
304
|
+
rounds: 1
|
|
305
|
+
};
|
|
306
|
+
const delegatePoolConfig = {
|
|
307
|
+
id: 'delegate',
|
|
223
308
|
type: 'hash-reveal-v1',
|
|
224
309
|
salt: sagaId,
|
|
225
|
-
behavior: {
|
|
226
|
-
|
|
310
|
+
behavior: {
|
|
311
|
+
size: 10, // Small pool - only for initial handshake
|
|
312
|
+
replenish: 'top-up',
|
|
313
|
+
selectSequentially: 1,
|
|
314
|
+
selectRandomly: 1,
|
|
315
|
+
targetBindingChars: 0
|
|
316
|
+
},
|
|
317
|
+
algo: 'SHA-256',
|
|
318
|
+
rounds: 1
|
|
227
319
|
};
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
320
|
+
// Generate keystone with DUAL pools. We have to first genesis with
|
|
321
|
+
// one and then add the other, because we have two distinct
|
|
322
|
+
// secrets.
|
|
323
|
+
const sessionIdentity = await this.keystoneSvc.genesis({
|
|
324
|
+
masterSecret: sessionSecret,
|
|
325
|
+
configs: [primaryPoolConfig],
|
|
231
326
|
metaspace,
|
|
232
|
-
space: localSpace
|
|
327
|
+
space: localSpace
|
|
233
328
|
});
|
|
329
|
+
// TODO: Store delegate pool separate challenges derived from bootstrap secret
|
|
330
|
+
// This allows receiver to verify/evolve the delegate pool
|
|
331
|
+
// For now, the keystone genesis with multiple configs handles this
|
|
234
332
|
return sessionIdentity;
|
|
235
333
|
}
|
|
236
334
|
catch (error) {
|
|
@@ -258,7 +356,7 @@ export class SyncSagaCoordinator {
|
|
|
258
356
|
* the NEXT request context.
|
|
259
357
|
* When the Peer responds with data (in the response context), it is resolved and put into `tempSpace`.
|
|
260
358
|
*/
|
|
261
|
-
async executeSagaLoop({ initFrame, initDomainGraph, peer, sessionIdentity, updates$, localSpace, tempSpace, metaspace }) {
|
|
359
|
+
async executeSagaLoop({ initFrame, initDomainGraph, peer, sessionIdentity, identitySecret, updates$, localSpace, tempSpace, metaspace }) {
|
|
262
360
|
const lc = `${this.lc}[${this.executeSagaLoop.name}]`;
|
|
263
361
|
/** The current frame we just generated (e.g., Init or Delta Request) */
|
|
264
362
|
let currentFrame = initFrame;
|
|
@@ -305,9 +403,10 @@ export class SyncSagaCoordinator {
|
|
|
305
403
|
}));
|
|
306
404
|
// #endregion set up peer observable for any domainPayloadsMap
|
|
307
405
|
// ...create/compose the Request Context itself...
|
|
308
|
-
const requestCtx = await createSyncSagaContext({
|
|
406
|
+
const requestCtx = await this.createSyncSagaContext({
|
|
309
407
|
sagaFrame: currentFrame,
|
|
310
|
-
|
|
408
|
+
sessionKeystone: sessionIdentity,
|
|
409
|
+
sessionSecret: identitySecret,
|
|
311
410
|
/**
|
|
312
411
|
* init frame: empty
|
|
313
412
|
* ack frame: possible push offers
|
|
@@ -316,6 +415,7 @@ export class SyncSagaCoordinator {
|
|
|
316
415
|
*/
|
|
317
416
|
payloadIbGibsDomain: nextDomainIbGibs,
|
|
318
417
|
localSpace,
|
|
418
|
+
metaspace,
|
|
319
419
|
});
|
|
320
420
|
// #region Log what we're sending
|
|
321
421
|
if (logalotControlDomain) {
|
|
@@ -439,6 +539,112 @@ export class SyncSagaCoordinator {
|
|
|
439
539
|
// #endregion Log handler output for next iteration
|
|
440
540
|
}
|
|
441
541
|
}
|
|
542
|
+
/**
|
|
543
|
+
* Creates new SyncSagaContext stone. Puts/registers in {@link localSpace}
|
|
544
|
+
* immediately after creation.
|
|
545
|
+
*
|
|
546
|
+
* @returns The context ibGib.
|
|
547
|
+
*
|
|
548
|
+
* ## notes
|
|
549
|
+
*
|
|
550
|
+
* the other ibgibs that are related to this context stone should already be
|
|
551
|
+
* put/registered in {@link localSpace}.
|
|
552
|
+
*/
|
|
553
|
+
async createSyncSagaContext({ sagaFrame, sessionKeystone, sessionSecret, payloadIbGibsDomain, metaspace, localSpace, }) {
|
|
554
|
+
const lc = `[${this.createSyncSagaContext.name}]`;
|
|
555
|
+
try {
|
|
556
|
+
if (logalot) {
|
|
557
|
+
console.log(`${lc} starting... (I: 6b87bee313e811d1d2fc90e87fbec826)`);
|
|
558
|
+
}
|
|
559
|
+
// #region sanity/validation
|
|
560
|
+
if (!sagaFrame.data) {
|
|
561
|
+
throw new Error(`(UNEXPECTED) sagaFrame.data falsy? (E: 04c49b4cccba6842a8b52e4c6f570726)`);
|
|
562
|
+
}
|
|
563
|
+
if (!sagaFrame.data.n && sagaFrame.data.n !== 0) {
|
|
564
|
+
throw new Error(`(UNEXPECTED) sagaFrame.data.n falsy and not 0? (E: 45b508da64a8b28428b11765d684b826)`);
|
|
565
|
+
}
|
|
566
|
+
if (sessionKeystone && !sessionSecret) {
|
|
567
|
+
throw new Error(`(UNEXPECTED) sessionKeystone truthy but sessionSecret falsy? (E: 705ecc25038b12df0e94c90c5561e426)`);
|
|
568
|
+
}
|
|
569
|
+
// #endregion sanity/validation
|
|
570
|
+
const date = new Date();
|
|
571
|
+
const timestamp = getTimestamp(date);
|
|
572
|
+
const timestampMs = date.getMilliseconds();
|
|
573
|
+
const data = {
|
|
574
|
+
timestamp,
|
|
575
|
+
timestampMs,
|
|
576
|
+
sagaN: sagaFrame.data.n,
|
|
577
|
+
};
|
|
578
|
+
// Domain Payloads
|
|
579
|
+
const payloadAddrsDomain = payloadIbGibsDomain ?
|
|
580
|
+
payloadIbGibsDomain?.map(x => getIbGibAddr({ ibGib: x })) :
|
|
581
|
+
undefined;
|
|
582
|
+
if (payloadAddrsDomain && payloadAddrsDomain.length > 0) {
|
|
583
|
+
data[SYNC_SAGA_PAYLOAD_ADDRS_DOMAIN] = payloadAddrsDomain;
|
|
584
|
+
}
|
|
585
|
+
// rel8ns should always have saga frame, sometimes have keystone
|
|
586
|
+
const rel8ns = {
|
|
587
|
+
sagaFrame: [getIbGibAddr({ ibGib: sagaFrame })],
|
|
588
|
+
};
|
|
589
|
+
if (sessionKeystone) {
|
|
590
|
+
const keystoneErrors = await validateKeystoneGraph({
|
|
591
|
+
keystoneIbGib: sessionKeystone,
|
|
592
|
+
space: localSpace
|
|
593
|
+
});
|
|
594
|
+
if (keystoneErrors.length > 0) {
|
|
595
|
+
throw new Error(`invalid sessionKeystone. errors: ${keystoneErrors} (E: 3881b8caf2d803767a331e1141e84826)`);
|
|
596
|
+
}
|
|
597
|
+
// this addr is BEFORE we sign. So each context ibgib itself will
|
|
598
|
+
// point to the frame of the keystone just before that keystone
|
|
599
|
+
// signs with this context as its target.
|
|
600
|
+
rel8ns.sessionKeystone = [getIbGibAddr({ ibGib: sessionKeystone })];
|
|
601
|
+
}
|
|
602
|
+
// Generate standard ib
|
|
603
|
+
const ib = await getSyncSagaContextIb({ data });
|
|
604
|
+
const contextIbGib = await Factory_V1.stone({
|
|
605
|
+
parentPrimitiveIb: SYNC_SAGA_CONTEXT_ATOM,
|
|
606
|
+
ib,
|
|
607
|
+
data,
|
|
608
|
+
rel8ns,
|
|
609
|
+
});
|
|
610
|
+
// put/register immediately. Note that contextIbGib at this point is
|
|
611
|
+
// pure DTO, i.e., only ib, gib, data, rel8ns props.
|
|
612
|
+
await putInSpace({ ibGib: contextIbGib, space: localSpace, });
|
|
613
|
+
await registerNewIbGib({
|
|
614
|
+
ibGib: contextIbGib,
|
|
615
|
+
space: localSpace,
|
|
616
|
+
fnBroadcast: undefined,
|
|
617
|
+
});
|
|
618
|
+
// Attach actual ibgibs for transport (not pure DTO now)
|
|
619
|
+
contextIbGib.sagaFrame = sagaFrame;
|
|
620
|
+
if (payloadIbGibsDomain && payloadIbGibsDomain.length > 0) {
|
|
621
|
+
contextIbGib.payloadIbGibsDomain = payloadIbGibsDomain;
|
|
622
|
+
}
|
|
623
|
+
if (sessionKeystone) {
|
|
624
|
+
if (!sessionSecret) {
|
|
625
|
+
throw new Error(`(UNEXPECTED) sessionKeystone truthy but sessionSecret falsy? we should have thrown before now (E: a2b0517a37b559543968b888f2067826)`);
|
|
626
|
+
}
|
|
627
|
+
const contextAddr = getIbGibAddr({ ibGib: contextIbGib });
|
|
628
|
+
contextIbGib.signedSessionKeystone = await this.keystoneSvc.sign({
|
|
629
|
+
latestKeystone: sessionKeystone,
|
|
630
|
+
claim: { target: contextAddr, }, // verb?
|
|
631
|
+
space: localSpace,
|
|
632
|
+
masterSecret: sessionSecret,
|
|
633
|
+
metaspace,
|
|
634
|
+
});
|
|
635
|
+
}
|
|
636
|
+
return contextIbGib;
|
|
637
|
+
}
|
|
638
|
+
catch (error) {
|
|
639
|
+
console.error(`${lc} ${extractErrorMsg(error)}`);
|
|
640
|
+
throw error;
|
|
641
|
+
}
|
|
642
|
+
finally {
|
|
643
|
+
if (logalot) {
|
|
644
|
+
console.log(`${lc} complete.`);
|
|
645
|
+
}
|
|
646
|
+
}
|
|
647
|
+
}
|
|
442
648
|
/**
|
|
443
649
|
* Helper to get Knowledge Map for specific domain ibGibs or TJPs.
|
|
444
650
|
* Useful for testing and external validation.
|
|
@@ -566,7 +772,7 @@ export class SyncSagaCoordinator {
|
|
|
566
772
|
const sagaFrame = await this.evolveSyncSagaIbGib({
|
|
567
773
|
msgStones: [initStone],
|
|
568
774
|
conflictStrategy,
|
|
569
|
-
sessionIdentity
|
|
775
|
+
sessionIdentity,
|
|
570
776
|
metaspace,
|
|
571
777
|
localSpace,
|
|
572
778
|
});
|
|
@@ -669,7 +875,7 @@ export class SyncSagaCoordinator {
|
|
|
669
875
|
* receiver, since the sender's {@link executeSagaLoop} is what actually
|
|
670
876
|
* drives the ping-pong process.
|
|
671
877
|
*/
|
|
672
|
-
async handleResponseSagaContext({ sagaContext, initDomainGraph, mySpace, myTempSpace, identity,
|
|
878
|
+
async handleResponseSagaContext({ sagaContext, initDomainGraph, mySpace, myTempSpace, identity, metaspace, }) {
|
|
673
879
|
const lc = `${this.lc}[${this.handleResponseSagaContext.name}]`;
|
|
674
880
|
try {
|
|
675
881
|
if (logalot) {
|
|
@@ -694,7 +900,7 @@ export class SyncSagaCoordinator {
|
|
|
694
900
|
sagaIbGib,
|
|
695
901
|
messageData: messageData,
|
|
696
902
|
metaspace, mySpace, myTempSpace,
|
|
697
|
-
identity,
|
|
903
|
+
identity,
|
|
698
904
|
});
|
|
699
905
|
break;
|
|
700
906
|
case SyncStage.ack:
|
|
@@ -759,9 +965,7 @@ export class SyncSagaCoordinator {
|
|
|
759
965
|
* 3. Identifies what Receiver needs (`deltaRequestAddrInfos`).
|
|
760
966
|
* 4. Returns an `Ack` frame containing these lists.
|
|
761
967
|
*/
|
|
762
|
-
async handleInitFrame({ sagaIbGib, messageData, mySpace, myTempSpace, metaspace, identity,
|
|
763
|
-
// identitySecret,
|
|
764
|
-
}) {
|
|
968
|
+
async handleInitFrame({ sagaIbGib, messageData, mySpace, myTempSpace, metaspace, identity, }) {
|
|
765
969
|
const lc = `${this.lc}[${this.handleInitFrame.name}]`;
|
|
766
970
|
try {
|
|
767
971
|
if (logalot) {
|
|
@@ -2284,6 +2488,10 @@ export class SyncSagaCoordinator {
|
|
|
2284
2488
|
if (identityAddr) {
|
|
2285
2489
|
rel8ns.identity = [identityAddr];
|
|
2286
2490
|
}
|
|
2491
|
+
// Attach session keystone to saga frame via hard rel8n
|
|
2492
|
+
if (sessionIdentity) {
|
|
2493
|
+
rel8ns.sessionKeystones = [getIbGibAddr({ ibGib: sessionIdentity })];
|
|
2494
|
+
}
|
|
2287
2495
|
const resNew = await createTimeline({
|
|
2288
2496
|
space: localSpace,
|
|
2289
2497
|
metaspace,
|