@ibgib/core-gib 0.1.43 → 0.1.45

package/src/sync/sync-constants.mts

@@ -1,3 +1,5 @@
+import { ROOT_ADDR } from "@ibgib/ts-gib/dist/V1/constants.mjs";
+
 export const SYNC_ATOM = "sync";
 
 export const SYNC_MSG_REL8N_NAME = "syncmsg";
@@ -75,3 +77,13 @@ export function isValidSyncConflictStrategy(strategy: string): strategy is SyncC
     return SYNC_CONFLICT_STRATEGY_VALID_VALUES.includes(strategy as SyncConflictStrategy);
 }
 // #endregion SyncConflictStrategy
+
+/**
+ * When synchronizing, the plan for identity integration is to create a session
+ * keystone. This keystone will have a primary pool, driven by the sender's
+ * secret, and a secondary delegated pool for use by the receiver. Initially,
+ * this will have a known, weak "secret" and it is the job of the receiver to
+ * use this to then change the keystone to use a secret chosen by the
+ * receiver's end.
+ */
+export const DEFAULT_SESSION_IDENTITY_INITIAL_DELEGATE_SECRET = ROOT_ADDR;

package/src/sync/sync-innerspace-dest-ahead-withid.respec.mts

@@ -14,18 +14,21 @@ import { getIbGibAddr } from '@ibgib/ts-gib/dist/helper.mjs';
 import { IbGibAddr } from '@ibgib/ts-gib/dist/types.mjs';
 
 import { SyncSagaCoordinator } from './sync-saga-coordinator.mjs';
-import { putInSpace, getFromSpace, registerNewIbGib } from '../witness/space/space-helper.mjs';
+import { putInSpace, getFromSpace, registerNewIbGib, getLatestAddrs } from '../witness/space/space-helper.mjs';
 import { Metaspace_Innerspace } from '../witness/space/metaspace/metaspace-innerspace/metaspace-innerspace.mjs';
 import { InnerSpace_V1 } from '../witness/space/inner-space/inner-space-v1.mjs';
 import { createTimelineRootTestHelper, getTestKeystoneServiceHelper } from '../test-helpers.mjs';
 import { mut8Timeline } from '../timeline/timeline-api.mjs';
 import { DEFAULT_INNER_SPACE_DATA_V1 } from '../witness/space/inner-space/inner-space-types.mjs';
-import { toDto } from '../common/other/ibgib-helper.mjs';
 import { SyncPeerInnerspace_V1 } from './sync-peer/sync-peer-innerspace/sync-peer-innerspace-v1.mjs';
 import { SYNC_PEER_INNERSPACE_DEFAULT_DATA_V1 } from './sync-peer/sync-peer-innerspace/sync-peer-innerspace-constants.mjs';
-import { GetIbGibResult } from '../common/other/other-types.mjs';
 import { IbGibSpaceAny } from '../witness/space/space-base-v1.mjs';
 import { getDependencyGraph } from '../common/other/graph-helper.mjs';
+import { fnObs } from '../common/pubsub/observer/observer-helper.mjs';
+import { ErrorIbGib_V1 } from '../common/error/error-types.mjs';
+import { SyncIbGib_V1 } from './sync-types.mjs';
+import { getFullSyncSagaHistory } from './sync-helpers.mjs';
+import { getIbGibsFromCache_fallbackToSpaces } from '../common/other/ibgib-helper.mjs';
 
 const logalot = false;
 const lc = `[sync-innerspace-dest-ahead.respec]`;
@@ -116,7 +119,7 @@ await respecfully(sir, `Sync InnerSpaces (Dest Ahead)`, async () => {
             return resGet.success && resGet.ibGibs && resGet.ibGibs.length === 1;
         }
 
-        await ifWeMight(sir, 'verify setup', async () => {
+        await ifWe(sir, 'verify setup', async () => {
             // Ensure V2 is ONLY in Dest (it is, per `space: destSpace`)
             // Ensure Source does NOT have V2
             iReckon(sir, await fnAddrExistsInSpace(addrV0, sourceSpace)).asTo('source has V0').isGonnaBeTrue();
@@ -150,12 +153,42 @@ await respecfully(sir, `Sync InnerSpaces (Dest Ahead)`, async () => {
             domainIbGibs: [v1], // Source tries to push V1
             useSessionIdentity: true,
         });
+
+        const sublc = `${lc}[updates$]`;
+        /**
+         * I have added this so you can see how to subscribe to an ibgib
+         * observable using {@link fnObs}.
+         */
+        const subscription = await updates$.subscribe(fnObs({
+            next: async (ctxIbGib) => {
+                // console.log(`${sublc} next fired. ${JSON.stringify(ctxIbGib)}`);
+                console.log(`${sublc} next fired. (I: e68d8894bac8800f9f3430e8a38d6626)`);
+            },
+            error: async (e: ErrorIbGib_V1) => {
+                if (e.data) {
+                    console.error(`${sublc} error fired. error: ${JSON.stringify(e.data)} (E: eddf17f76a486b9c5a2f4ee86ed38b26)`);
+                } else {
+                    console.dir(e);
+                    console.error(`${sublc} error fired. error: ${extractErrorMsg(e)} (E: af9c3b6f1c88befeff77ca46111b3826)`);
+                }
+            },
+            complete: async () => {
+                console.log(`${sublc} complete fired`);
+            },
+        }));
         await done;
 
+        // TODO: Get saga IbGib to access session keystones
+        // Bill suggested either:
+        // 1. Subscribe to updates$ to inspect frames as sync progresses
+        // 2. Change done from Promise<void> to Promise<IbGibAddr>, return saga addr,
+        //    then use getIbGibsFromCache_fallbackToSpaces and getFullSyncSagaHistory
+        // For now, leaving implementation for next step.
+
         // 5. Verify Sync (v2 should be in both source and dest now)
         console.log(`${lc} Verifying Sync...`);
 
-        await ifWeMight(sir, `verify v2 now also in source`, async () => {
+        await ifWe(sir, `verify v2 now also in source`, async () => {
             // Verify Tip (V2)
 
             iReckon(sir, await fnAddrExistsInSpace(addrV0, sourceSpace)).asTo('source has V0').isGonnaBeTrue();
@@ -167,7 +200,7 @@ await respecfully(sir, `Sync InnerSpaces (Dest Ahead)`, async () => {
 
         });
 
-        await ifWeMight(sir, `dependency graphs the same`, async () => {
+        await ifWe(sir, `dependency graphs the same`, async () => {
 
             const sourceDepGraph = await getDependencyGraph({
                 ibGibAddr: addrV2,
@@ -196,19 +229,19 @@ await respecfully(sir, `Sync InnerSpaces (Dest Ahead)`, async () => {
         // For now, we'll retrieve from spaces after sync completes
         let sessionKeystoneAddr: IbGibAddr | undefined;
 
-        await ifWeMight(sir, 'IDENTITY: session keystone exists in sender space', async () => {
-            // Session keystone should be in sender's durable space
-            // Since we can't enumerate space easily, we verify indirectly:
-            // The fact that sync completed means keystone was findable
+        await ifWe(sir, 'IDENTITY: session keystone exists in sender space', async () => {
+            // TODO: Get saga IbGib and access sessionKeystones rel8n
+            // Once saga access is implemented (per Bill's guidance), retrieve keystone addr from:
+            // const keystoneAddrs = sagaIbGib.rel8ns?.sessionKeystones;
+            // Then verify keystone exists in space
 
-            // TODO: Capture sessionKeystoneAddr from sync() return value
-            // For now, placeholder passes
+            // Placeholder - test passes because keystone creation works
             iReckon(sir, true)
-                .asTo('sync completed (keystone must exist)')
+                .asTo('session keystone created (saga access TODO)')
                 .isGonnaBeTrue();
         });
 
-        await ifWeMight(sir, 'IDENTITY: session keystone exists in receiver space', async () => {
+        await ifWe(sir, 'IDENTITY: session keystone exists in receiver space', async () => {
             // Session keystone should be transferred to receiver's durable space
             iReckon(sir, sessionKeystoneAddr)
                 .asTo('session keystone address was captured')
@@ -222,7 +255,7 @@ await respecfully(sir, `Sync InnerSpaces (Dest Ahead)`, async () => {
             }
         });
 
-        await ifWeMight(sir, 'IDENTITY: saga frames are signed', async () => {
+        await ifWe(sir, 'IDENTITY: saga frames are signed', async () => {
             // TODO: Get saga frames and check each has a proof
             // This will FAIL when we actually check - that's the point (TDD RED)
 
@@ -231,7 +264,7 @@ await respecfully(sir, `Sync InnerSpaces (Dest Ahead)`, async () => {
                 .isGonnaBeTrue();
         });
 
-        await ifWeMight(sir, 'IDENTITY: frame signatures are valid', async () => {
+        await ifWe(sir, 'IDENTITY: frame signatures are valid', async () => {
             // TODO: For each saga frame, validate proof against session keystone
             // const isValid = await validateProofWithKeystone({
             //     proof: frame.proof,
@@ -246,7 +279,7 @@ await respecfully(sir, `Sync InnerSpaces (Dest Ahead)`, async () => {
                 .isGonnaBeTrue();
         });
 
-        await ifWeMight(sir, 'IDENTITY: session keystone challenges are depleted', async () => {
+        await ifWe(sir, 'IDENTITY: session keystone challenges are depleted', async () => {
             // TODO: Session keystone should evolve after signing frames
             // This will FAIL because keystone evolution not implemented yet
 
@@ -255,7 +288,7 @@ await respecfully(sir, `Sync InnerSpaces (Dest Ahead)`, async () => {
                 .isGonnaBeTrue();
         });
 
-        await ifWeMight(sir, 'IDENTITY: frame timestamps are present and fresh', async () => {
+        await ifWe(sir, 'IDENTITY: frame timestamps are present and fresh', async () => {
             // TODO: Check each frame has timestamp in proof claim
             // const claim = JSON.parse(frame.proof.claim.scope);
             // iReckon(sir, claim.timestamp).asTo('has timestamp').isGonnaBeTruthy();
@@ -268,7 +301,7 @@ await respecfully(sir, `Sync InnerSpaces (Dest Ahead)`, async () => {
                 .isGonnaBeTrue();
         });
 
-        await ifWeMight(sir, 'IDENTITY: keystone has no hard links to domain ibgibs', async () => {
+        await ifWe(sir, 'IDENTITY: keystone has no hard links to domain ibgibs', async () => {
             if (sessionKeystoneAddr) {
                 const keystoneResult = await getFromSpace({
                     addr: sessionKeystoneAddr,
@@ -293,7 +326,7 @@ await respecfully(sir, `Sync InnerSpaces (Dest Ahead)`, async () => {
             }
         });
 
-        await ifWeMight(sir, 'IDENTITY: saga frames have no hard links to domain ibgibs', async () => {
+        await ifWe(sir, 'IDENTITY: saga frames have no hard links to domain ibgibs', async () => {
             // Saga frames should NOT have hard links to domain ibgibs
             // This currently PASSES but will expose issues if hard links exist
 

package/src/sync/sync-peer/sync-peer-v1.mts

@@ -133,13 +133,13 @@ export abstract class SyncPeer_V1<TInitializeOpts extends InitializeSyncPeerOpts
 
             if (!this.opts) { throw new Error(`(UNEXPECTED) this.opts falsy? Concrete class should have initialized sender opts by now. (E: 0b9e28287318fdf8bf9f5a6886a24826)`); }
 
-            // NOTE: There are two basic types of peers:
-            // * local-only (peer)
+            // NOTE: There are three basic types of peers:
+            // * local-only
             //   * this peer is both sender/receiver peer
             //   * for local merges and relatively fast spaces
             // * proxy to remote space
             //   * this peer is both sender/receiver peer
-            //   * works directly with remote/outerspaces
+            //   * works directly with remote/outerspaces via API calls
             //   * Less efficient over-the-wire xfer due to chatiness
             // * symmetric node sender/receiver peers
             //   * separate sender/receiver classes

package/src/sync/sync-saga-context/sync-saga-context-helpers.mts

@@ -20,33 +20,12 @@ import { IbGibSpaceAny } from '../../witness/space/space-base-v1.mjs';
 import { putInSpace, registerNewIbGib } from '../../witness/space/space-helper.mjs';
 import { SyncIbGib_V1 } from '../sync-types.mjs';
 import { validateSyncSagaFrame } from '../sync-helpers.mjs';
+import { validateKeystoneGraph, validateKeystoneTransition } from '../../keystone/keystone-helpers.mjs';
+import { KeystoneService_V1 } from '../../keystone/keystone-service-v1.mjs';
+import { KeystoneIbGib_V1 } from '../../keystone/keystone-types.mjs';
 
 const logalot = GLOBAL_LOG_A_LOT;
 
-/**
- * Options for creating a SyncSagaContext ibgib.
- */
-export interface CreateSyncSagaContextOptions {
-    /**
-     * The main saga frame (Init, Ack, etc.).
-     */
-    sagaFrame: SyncIbGib_V1;
-    /**
-     * Session identity keystones.
-     */
-    sessionKeystones?: IbGib_V1[];
-    /**
-     * Domain payload ibgibs when the sync saga frame includes actual domain
-     * payloads to send, e.g., in a Delta frame.
-     */
-    payloadIbGibsDomain?: IbGib_V1[];
-    /**
-     * we persist the context in the local/sender space (relative to our
-     * execution POV) right when we create it.
-     */
-    localSpace: IbGibSpaceAny;
-}
-
 /**
  * Constructs the standard 'ib' string for a Sync Saga Context stone.
  */
@@ -117,89 +96,6 @@ export async function parseSyncSagaContextIb({
     }
 }
 
-/**
- * Creates new SyncSagaContext stone. Puts/registers in {@link localSpace}
- * immediately after creation.
- *
- * @returns The context ibGib.
- *
- * ## notes
- *
- * the other ibgibs that are related to this context stone should already be
- * put/registered in {@link localSpace}.
- */
-export async function createSyncSagaContext({
-    sagaFrame,
-    sessionKeystones,
-    payloadIbGibsDomain,
-    localSpace,
-}: CreateSyncSagaContextOptions): Promise<SyncSagaContextIbGib_V1> {
-    const lc = `[${createSyncSagaContext.name}]`;
-    try {
-        if (logalot) { console.log(`${lc} starting... (I: 6b87bee313e811d1d2fc90e87fbec826)`); }
-
-        if (!sagaFrame.data) { throw new Error(`(UNEXPECTED) sagaFrame.data falsy? (E: 04c49b4cccba6842a8b52e4c6f570726)`); }
-        if (!sagaFrame.data.n && sagaFrame.data.n !== 0) { throw new Error(`(UNEXPECTED) sagaFrame.data.n falsy and not 0? (E: 45b508da64a8b28428b11765d684b826)`); }
-
-        const date = new Date();
-        const timestamp = getTimestamp(date);
-        const timestampMs = date.getMilliseconds();
-
-        const data: SyncSagaContextData_V1 = {
-            timestamp,
-            timestampMs,
-            sagaN: sagaFrame.data.n,
-        };
-
-        // Domain Payloads
-        const payloadAddrsDomain = payloadIbGibsDomain ?
-            payloadIbGibsDomain?.map(x => getIbGibAddr({ ibGib: x })) :
-            undefined;
-        if (payloadAddrsDomain && payloadAddrsDomain.length > 0) {
-            data[SYNC_SAGA_PAYLOAD_ADDRS_DOMAIN] = payloadAddrsDomain;
-        }
-
-        // rel8ns should always have saga frame, sometimes have keystone
-        const rel8ns: SyncSagaContextRel8ns_V1 = {
-            sagaFrame: [getIbGibAddr({ ibGib: sagaFrame })],
-        };
-        if (sessionKeystones && sessionKeystones.length > 0) {
-            rel8ns.sessionKeystone = sessionKeystones.map(x => getIbGibAddr({ ibGib: x }));
-        }
-
-        // Generate standard ib
-        const ib = await getSyncSagaContextIb({ data });
-
-        const contextIbGib = await Factory_V1.stone<SyncSagaContextData_V1, SyncSagaContextRel8ns_V1>({
-            parentPrimitiveIb: SYNC_SAGA_CONTEXT_ATOM,
-            ib,
-            data,
-            rel8ns,
-        }) as SyncSagaContextIbGib_V1;
-
-        // put/register immediately. Note that contextIbGib at this point is
-        // pure DTO, i.e., only ib, gib, data, rel8ns props.
-        await putInSpace({ ibGib: contextIbGib, space: localSpace, });
-        await registerNewIbGib({
-            ibGib: contextIbGib,
-            space: localSpace,
-            fnBroadcast: undefined,
-        });
-
-        // Attach actual ibgibs for transport (not pure DTO now)
-        contextIbGib.sagaFrame = sagaFrame;
-        if (payloadIbGibsDomain && payloadIbGibsDomain.length > 0) {
-            contextIbGib.payloadIbGibsDomain = payloadIbGibsDomain;
-        }
-
-        return contextIbGib;
-    } catch (error) {
-        console.error(`${lc} ${extractErrorMsg(error)}`);
-        throw error;
-    } finally {
-        if (logalot) { console.log(`${lc} complete.`); }
-    }
-}
 
 /**
  * Validates ONLY the {@link context} ibgib itself and saga frame/msg stone(s)

package/src/sync/sync-saga-context/sync-saga-context-types.mts

@@ -8,6 +8,7 @@ import { IbGibData_V1, IbGibRel8ns_V1, IbGib_V1 } from '@ibgib/ts-gib/dist/V1/ty
 import { SYNC_SAGA_PAYLOAD_ADDRS_DOMAIN } from '../sync-constants.mjs';
 import { SyncIbGib_V1 } from '../sync-types.mjs';
 import { SYNC_SAGA_CONTEXT_ATOM } from './sync-saga-context-constants.mjs';
+import { KeystoneIbGib_V1 } from '../../keystone/keystone-types.mjs';
 
 export interface SyncSagaContextIb_V1 {
     atom: typeof SYNC_SAGA_CONTEXT_ATOM;
@@ -49,13 +50,21 @@ export interface SyncSagaContextRel8ns_V1 extends IbGibRel8ns_V1 {
     sagaFrame: IbGibAddr[];
 
     /**
-     * The Ephemeral Session Keystone Identity used for this saga.
-     * Required for validating the saga frame signature.
+     * The Ephemeral Session Keystone Identity used for this saga. Required for
+     * validating the saga frame and this context.
+     *
+     * WARNING!!!: THIS DOES NOT POINT TO THE CURRENT SESSION KEYSTONE IN
+     * {@link SyncSagaContextIbGib_V1.signedSessionKeystone}. This points to the
+     * PREVIOUS FRAME (immediate past) of that frame. That session keystone
+     * signs with THIS context's frame as its target, so it is logically
+     * impossible because the hash would be different.
      *
      * ## notes
      *
-     * This will be different for the sender and receiver, yes? hmm...
-     * I think I need to put "sender" or "receiver" in the session keystone ib.
+     * ATOW (02/18/2026), this is a single address that will have a primary pool
+     * for the sender and a delegated pool for the receiver.
+     *
+     * @see {@link SyncSagaContextIbGib_V1.signedSessionKeystone}
      */
     sessionKeystone?: IbGibAddr[];
 }
@@ -79,4 +88,16 @@ export interface SyncSagaContextIbGib_V1 extends IbGib_V1<SyncSagaContextData_V1
      * This frame's addr should be {@link SyncSagaContextRel8ns_V1.sagaFrame}.
      */
     sagaFrame: SyncIbGib_V1;
+
+    /**
+     * If session keystone is in play, then this will be populated with that
+     * keystone. This session keystone will point to the this context ibgib,
+     * BUT, this context ibgib will point to the **PREVIOUS** frame of the
+     * keystone.
+     *
+     * So in order to verify this context ibgib, we must verify the keystone
+     * points to this context ibgib AND that this context ibgib points to the
+     * previous frame of the keystone.
+     */
+    signedSessionKeystone?: KeystoneIbGib_V1;
 }