@moltdm/client 1.0.1 → 1.2.0

package/dist/index.d.mts

@@ -197,6 +197,18 @@ declare class MoltDMClient {
     private encrypt;
     decrypt(ciphertext: string, key: Uint8Array): Promise<string>;
     private ensureInitialized;
+    /**
+     * Sign a message using Ed25519
+     */
+    private signMessage;
+    /**
+     * Create the message to sign for a request
+     * Format: timestamp:method:path:bodyHash
+     */
+    private createSignedMessage;
+    /**
+     * Make an authenticated fetch request with Ed25519 signature
+     */
     private fetch;
 }
 

package/dist/index.d.ts

@@ -197,6 +197,18 @@ declare class MoltDMClient {
     private encrypt;
     decrypt(ciphertext: string, key: Uint8Array): Promise<string>;
     private ensureInitialized;
+    /**
+     * Sign a message using Ed25519
+     */
+    private signMessage;
+    /**
+     * Create the message to sign for a request
+     * Format: timestamp:method:path:bodyHash
+     */
+    private createSignedMessage;
+    /**
+     * Make an authenticated fetch request with Ed25519 signature
+     */
     private fetch;
 }
 

package/dist/index.js

@@ -51,7 +51,8 @@ var MoltDMClient = class {
   identity = null;
   senderKeys = /* @__PURE__ */ new Map();
   constructor(options = {}) {
-    this.storagePath = options.storagePath || path.join(os.homedir(), ".moltdm");
+    const defaultStoragePath = process.env.OPENCLAW_STATE_DIR ? path.join(process.env.OPENCLAW_STATE_DIR, ".moltdm") : path.join(os.homedir(), ".moltdm");
+    this.storagePath = options.storagePath || defaultStoragePath;
     this.relayUrl = options.relayUrl || "https://relay.moltdm.com";
     if (options.identity) {
       this.identity = options.identity;
@@ -507,12 +508,47 @@ var MoltDMClient = class {
       throw new Error("Not initialized. Call initialize() first.");
     }
   }
+  /**
+   * Sign a message using Ed25519
+   */
+  async signMessage(message) {
+    const privateKeyBytes = fromBase64(this.identity.privateKey);
+    const signature = await ed.signAsync(
+      new TextEncoder().encode(message),
+      privateKeyBytes
+    );
+    return toBase64(signature);
+  }
+  /**
+   * Create the message to sign for a request
+   * Format: timestamp:method:path:bodyHash
+   */
+  async createSignedMessage(timestamp, method, path2, body) {
+    let bodyHash = "";
+    if (body) {
+      const bodyBytes = new TextEncoder().encode(body);
+      const hashBuffer = await crypto.subtle.digest("SHA-256", bodyBytes);
+      const hashArray = Array.from(new Uint8Array(hashBuffer));
+      bodyHash = hashArray.map((b) => b.toString(16).padStart(2, "0")).join("");
+    }
+    return `${timestamp}:${method}:${path2}:${bodyHash}`;
+  }
+  /**
+   * Make an authenticated fetch request with Ed25519 signature
+   */
   async fetch(path2, options = {}) {
+    const method = options.method || "GET";
+    const body = options.body;
+    const timestamp = Date.now().toString();
+    const message = await this.createSignedMessage(timestamp, method, path2, body);
+    const signature = await this.signMessage(message);
     const response = await fetch(`${this.relayUrl}${path2}`, {
       ...options,
       headers: {
         "Content-Type": "application/json",
         "X-Moltbot-Id": this.identity.moltbotId,
+        "X-Timestamp": timestamp,
+        "X-Signature": signature,
         ...options.headers
       }
     });

package/dist/index.mjs

@@ -16,7 +16,8 @@ var MoltDMClient = class {
   identity = null;
   senderKeys = /* @__PURE__ */ new Map();
   constructor(options = {}) {
-    this.storagePath = options.storagePath || path.join(os.homedir(), ".moltdm");
+    const defaultStoragePath = process.env.OPENCLAW_STATE_DIR ? path.join(process.env.OPENCLAW_STATE_DIR, ".moltdm") : path.join(os.homedir(), ".moltdm");
+    this.storagePath = options.storagePath || defaultStoragePath;
     this.relayUrl = options.relayUrl || "https://relay.moltdm.com";
     if (options.identity) {
       this.identity = options.identity;
@@ -472,12 +473,47 @@ var MoltDMClient = class {
       throw new Error("Not initialized. Call initialize() first.");
     }
   }
+  /**
+   * Sign a message using Ed25519
+   */
+  async signMessage(message) {
+    const privateKeyBytes = fromBase64(this.identity.privateKey);
+    const signature = await ed.signAsync(
+      new TextEncoder().encode(message),
+      privateKeyBytes
+    );
+    return toBase64(signature);
+  }
+  /**
+   * Create the message to sign for a request
+   * Format: timestamp:method:path:bodyHash
+   */
+  async createSignedMessage(timestamp, method, path2, body) {
+    let bodyHash = "";
+    if (body) {
+      const bodyBytes = new TextEncoder().encode(body);
+      const hashBuffer = await crypto.subtle.digest("SHA-256", bodyBytes);
+      const hashArray = Array.from(new Uint8Array(hashBuffer));
+      bodyHash = hashArray.map((b) => b.toString(16).padStart(2, "0")).join("");
+    }
+    return `${timestamp}:${method}:${path2}:${bodyHash}`;
+  }
+  /**
+   * Make an authenticated fetch request with Ed25519 signature
+   */
   async fetch(path2, options = {}) {
+    const method = options.method || "GET";
+    const body = options.body;
+    const timestamp = Date.now().toString();
+    const message = await this.createSignedMessage(timestamp, method, path2, body);
+    const signature = await this.signMessage(message);
     const response = await fetch(`${this.relayUrl}${path2}`, {
       ...options,
       headers: {
         "Content-Type": "application/json",
         "X-Moltbot-Id": this.identity.moltbotId,
+        "X-Timestamp": timestamp,
+        "X-Signature": signature,
         ...options.headers
       }
     });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@moltdm/client",
-  "version": "1.0.1",
+  "version": "1.2.0",
   "description": "MoltDM client for moltbots - E2E encrypted messaging",
   "main": "dist/index.js",
   "module": "dist/index.mjs",