npm - @majikah/majik-message - Versions diffs - 0.2.13 → 0.2.15 - Mend

@majikah/majik-message 0.2.13 → 0.2.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/majik-message.d.ts CHANGED Viewed

@@ -8,7 +8,7 @@ import { MajikMessageChat } from "./core/database/chat/majik-message-chat";
 import { MajikMessageIdentity } from "./core/database/system/identity";
 import { MajikKey } from "@majikah/majik-key";
 import { MajikFile, MajikFileJSON } from "@majikah/majik-file";
-import { MajikSignature, type MajikSignatureJSON, type MajikSignerPublicKeys, type VerificationResult } from "@majikah/majik-signature";
+import { EnvelopeInfo, ExpectedSigner, MajikSignature, SealInfo, SealVerificationResult, type MajikSignatureJSON, type MajikSignerPublicKeys, type VerificationResult } from "@majikah/majik-signature";
 type MajikMessageEvents = "message" | "envelope" | "untrusted" | "error" | "new-account" | "new-contact" | "removed-account" | "removed-contact" | "active-account-change";
 interface MajikMessageStatic<T extends MajikMessage> {
     new (config: MajikMessageConfig, id?: string): T;
@@ -595,6 +595,7 @@ export declare class MajikMessage {
         timestamp?: string;
         mimeType?: string;
         accountId?: string;
+        expectedSigners?: ExpectedSigner[];
     }): Promise<{
         blob: Blob;
         signature: MajikSignature;
@@ -818,6 +819,72 @@ export declare class MajikMessage {
     getFileSignatureInfo(file: Blob, options?: {
         mimeType?: string;
     }): Promise<MajikSignature[]>;
+    /**
+     * Return a complete summary of the envelope state in one file read.
+     * Covers: isMultiSig, isSealed, issuer, all signatories, allowlist, seal info.
+     * Useful for rendering a signing status UI without multiple separate calls.
+     *
+     * Returns null if the file has no envelope.
+     *
+     * @example
+     *   const info = await majik.getEnvelopeInfo(file);
+     *   if (info?.isSealed) console.log("Sealed by", info.sealInfo?.sealedBy);
+     *   console.log(`${info?.signatories?.signed.length} of ${info?.signatories?.all.length} signed`);
+     */
+    getEnvelopeInfo(file: Blob, options?: {
+        mimeType?: string;
+    }): Promise<EnvelopeInfo | null>;
+    /**
+     * Seal a restricted multi-sig file, preventing any further signatures.
+     *
+     * Only the issuer (the signer who established the allowlist) may seal.
+     * Resolves the signing key from the keystore — the account must be loaded
+     * but does NOT need to be unlocked (sealing does not use private keys).
+     *
+     * @example
+     *   const { blob, sealInfo } = await majik.seal(signedFile);
+     *   console.log("Sealed at", sealInfo.sealTimestamp);
+     */
+    seal(file: Blob, options?: {
+        mimeType?: string;
+        timestamp?: string;
+        accountId?: string;
+    }): Promise<{
+        blob: Blob;
+        sealInfo: SealInfo;
+        handler: string;
+        mimeType: string;
+    }>;
+    /**
+     * Verify the seal hash against the current signatories and seal timestamp.
+     * Returns invalid if the envelope is not sealed.
+     * Does NOT verify individual cryptographic signatures — call verifyFile() for that.
+     *
+     * @example
+     *   const result = await majik.verifySeal(file);
+     *   if (result.valid) console.log("Sealed by", result.sealedBy, "at", result.sealTimestamp);
+     */
+    verifySeal(file: Blob, options?: {
+        mimeType?: string;
+    }): Promise<SealVerificationResult>;
+    /**
+     * Get seal metadata without verifying.
+     * Returns null if the file is not sealed or has no envelope.
+     *
+     * @example
+     *   const info = await majik.getSealInfo(file);
+     *   if (info) console.log("Sealed by", majik.resolveSignerLabel(info.sealedBy));
+     */
+    getSealInfo(file: Blob, options?: {
+        mimeType?: string;
+    }): Promise<SealInfo | null>;
+    /**
+     * Returns true if the file has a sealed envelope (structural check, no crypto).
+     * Use verifySeal() to confirm the seal hash is intact.
+     */
+    isSealed(file: Blob, options?: {
+        mimeType?: string;
+    }): Promise<boolean>;
     /**
      * Resolve MajikSignerPublicKeys from whichever signer hint was provided.
      * Returns null if no hint was given (caller should fall back to self-reported keys).

package/dist/majik-message.js CHANGED Viewed

@@ -1416,6 +1416,7 @@ export class MajikMessage {
                 contentType: options?.contentType,
                 timestamp: options?.timestamp,
                 mimeType: options?.mimeType,
+                expectedSigners: options?.expectedSigners,
             });
         }
         catch (err) {
@@ -1785,6 +1786,105 @@ export class MajikMessage {
             throw err;
         }
     }
+    /**
+     * Return a complete summary of the envelope state in one file read.
+     * Covers: isMultiSig, isSealed, issuer, all signatories, allowlist, seal info.
+     * Useful for rendering a signing status UI without multiple separate calls.
+     *
+     * Returns null if the file has no envelope.
+     *
+     * @example
+     *   const info = await majik.getEnvelopeInfo(file);
+     *   if (info?.isSealed) console.log("Sealed by", info.sealInfo?.sealedBy);
+     *   console.log(`${info?.signatories?.signed.length} of ${info?.signatories?.all.length} signed`);
+     */
+    async getEnvelopeInfo(file, options) {
+        try {
+            return MajikSignature.getEnvelopeInfo(file, options);
+        }
+        catch (err) {
+            this.emit("error", err, { context: "getEnvelopeInfo" });
+            throw err;
+        }
+    }
+    // ── Seal ──────────────────────────────────────────────────────────────────
+    /**
+     * Seal a restricted multi-sig file, preventing any further signatures.
+     *
+     * Only the issuer (the signer who established the allowlist) may seal.
+     * Resolves the signing key from the keystore — the account must be loaded
+     * but does NOT need to be unlocked (sealing does not use private keys).
+     *
+     * @example
+     *   const { blob, sealInfo } = await majik.seal(signedFile);
+     *   console.log("Sealed at", sealInfo.sealTimestamp);
+     */
+    async seal(file, options) {
+        const id = options?.accountId ?? this.getActiveAccount()?.id;
+        if (!id)
+            throw new Error("No active account — call setActiveAccount() first");
+        try {
+            const key = MajikKeyStore.get(id);
+            if (!key)
+                throw new Error(`Account not found in keystore: "${id}"`);
+            return MajikSignature.seal(file, key, {
+                mimeType: options?.mimeType,
+                timestamp: options?.timestamp,
+            });
+        }
+        catch (err) {
+            this.emit("error", err, { context: "seal" });
+            throw err;
+        }
+    }
+    /**
+     * Verify the seal hash against the current signatories and seal timestamp.
+     * Returns invalid if the envelope is not sealed.
+     * Does NOT verify individual cryptographic signatures — call verifyFile() for that.
+     *
+     * @example
+     *   const result = await majik.verifySeal(file);
+     *   if (result.valid) console.log("Sealed by", result.sealedBy, "at", result.sealTimestamp);
+     */
+    async verifySeal(file, options) {
+        try {
+            return MajikSignature.verifySeal(file, options);
+        }
+        catch (err) {
+            this.emit("error", err, { context: "verifySeal" });
+            throw err;
+        }
+    }
+    /**
+     * Get seal metadata without verifying.
+     * Returns null if the file is not sealed or has no envelope.
+     *
+     * @example
+     *   const info = await majik.getSealInfo(file);
+     *   if (info) console.log("Sealed by", majik.resolveSignerLabel(info.sealedBy));
+     */
+    async getSealInfo(file, options) {
+        try {
+            return MajikSignature.getSealInfo(file, options);
+        }
+        catch (err) {
+            this.emit("error", err, { context: "getSealInfo" });
+            throw err;
+        }
+    }
+    /**
+     * Returns true if the file has a sealed envelope (structural check, no crypto).
+     * Use verifySeal() to confirm the seal hash is intact.
+     */
+    async isSealed(file, options) {
+        try {
+            return MajikSignature.isSealed(file, options);
+        }
+        catch (err) {
+            this.emit("error", err, { context: "isSealed" });
+            throw err;
+        }
+    }
     // ── Private: Signer resolution ────────────────────────────────────────────
     /**
      * Resolve MajikSignerPublicKeys from whichever signer hint was provided.

package/package.json CHANGED Viewed

@@ -2,7 +2,7 @@
   "name": "@majikah/majik-message",
   "type": "module",
   "description": "Post-quantum end-to-end encryption with ML-KEM-768. Seed phrase–based accounts. Auto-expiring messages. Offline-ready. Exportable encrypted messages. Tamper-proof threads with blockchain-like integrity. Quantum-resistant messaging.",
-  "version": "0.2.13",
+  "version": "0.2.15",
   "license": "Apache-2.0",
   "author": "Zelijah",
   "main": "./dist/index.js",