@mt-tl/server 0.1.0

package/src/session/inbound-tracker.ts

@@ -0,0 +1,221 @@
+/**
+ * Per-connection inbound-message guard and state tracker.
+ *
+ * Implements the client→server half of the MTProto message-id / sequence-number
+ * rules (https://core.telegram.org/mtproto/description) and backs the
+ * `msgs_state_req` / `msgs_state_info` service messages
+ * (https://core.telegram.org/mtproto/service_messages_about_messages).
+ *
+ * A connection carries a single session's message stream, so one tracker per
+ * connection is sufficient. The tracker is purely in-memory: replay protection
+ * is per-connection-process, while the time-window check (codes 16/17) bounds
+ * cross-process replay since stale msg_ids are rejected everywhere.
+ *
+ * Sequence-number parity (34/35) and ordering (32) are enforced when `checkSeqNo`
+ * / `checkOrder` are set (gated by the `disableSeqNoCheck` config). Code 33 (seqno
+ * too high) is unreachable under serial in-order processing; code 64 (invalid
+ * container) is raised by the dispatcher. The outer envelope and each
+ * container-inner message both run through {@link InboundTracker.accept}. See
+ * docs/internals/protocol-compliance.md.
+ */
+
+/** `bad_msg_notification` error codes. 16–35 come from {@link InboundTracker.accept};
+ *  64 (invalid container) is raised by the dispatcher. */
+export type BadMsgCode = 16 | 17 | 18 | 19 | 20 | 32 | 33 | 34 | 35 | 64
+
+/** The cached answer (`rpc_result`) to a request, for `msg_detailed_info`. */
+export interface CachedAnswer {
+    answerMsgId: bigint
+    bytes: number
+}
+
+export type AcceptResult =
+    | { ok: true }
+    /** Reject and reply `bad_msg_notification` with this code. */
+    | { ok: false; code: BadMsgCode }
+    /** Duplicate of an already-answered request — reply `msg_detailed_info`. */
+    | { ok: false; detailed: CachedAnswer }
+    /** Benign duplicate with no cached answer — drop silently, send no reply. */
+    | { ok: false; drop: true }
+
+/** Classification of an inbound message, derived from its constructor id. */
+export interface AcceptOptions {
+    /** The payload is a `msg_container` (a duplicate of one is a protocol error → 19). */
+    isContainer?: boolean
+    /** The message requires acknowledgment (RPC queries); odd seqno expected. */
+    contentRelated?: boolean
+    /** Enforce seqno parity (codes 34/35). */
+    checkSeqNo?: boolean
+    /** Enforce content-seqno ordering (code 32). Only the top-level stream — inner
+     *  container messages are skipped, since a resend container carries old seqnos. */
+    checkOrder?: boolean
+}
+
+interface InboundMsg {
+    seqNo: number
+    /** Odd seqno ⇒ content-related (an RPC query), even ⇒ pure service message. */
+    contentRelated: boolean
+    /** The reply we generated, once sent — lets a later duplicate get `msg_detailed_info`. */
+    answer?: CachedAnswer
+}
+
+// Constructor ids of client→server messages that do NOT require acknowledgment
+// (carry an even seqno). Everything else is content-related (odd seqno).
+const ID_MSG_CONTAINER = 0x73f1f8dc
+const NON_CONTENT_IDS = new Set<number>([
+    ID_MSG_CONTAINER, // msg_container
+    0x62d6b459, // msgs_ack
+    0x7abe77ec, // ping
+    0xf3427b8c, // ping_delay_disconnect
+    0x9299359f, // http_wait
+    0x8cc0d131, // msgs_all_info
+])
+
+/** Classify a raw payload by its leading constructor id (used to drive `accept`). */
+export function messageClass(payload: Buffer): { isContainer: boolean; contentRelated: boolean } {
+    if (payload.length < 4) return { isContainer: false, contentRelated: true }
+    const id = payload.readUInt32LE(0)
+    return { isContainer: id === ID_MSG_CONTAINER, contentRelated: !NON_CONTENT_IDS.has(id) }
+}
+
+export interface InboundTrackerOptions {
+    /** Clock in milliseconds (default `Date.now`); injectable for tests. */
+    nowMs?: () => number
+    /** Reject msg_ids whose timestamp is more than this far in the future. */
+    futureToleranceSec?: number
+    /** Reject msg_ids whose timestamp is more than this far in the past. */
+    pastToleranceSec?: number
+    /** Size of the recent-msg_id window kept for dedup/state (FIFO eviction). */
+    maxTracked?: number
+}
+
+// Spec tolerances: a client msg_id encodes unix time in its high 32 bits and must
+// be divisible by 4. Telegram ignores ids more than 30s ahead or 300s behind.
+const FUTURE_TOLERANCE_SEC = 30
+const PAST_TOLERANCE_SEC = 300
+const MAX_TRACKED = 1024
+
+export class InboundTracker {
+    private readonly received = new Map<bigint, InboundMsg>()
+    /** Insertion order, for FIFO eviction once the window is full. */
+    private readonly order: bigint[] = []
+    /** Highest msg_id evicted from the window — anything ≤ this is "too old to verify". */
+    private evictedHigh = 0n
+    /** Highest msg_id ever accepted (distinguishes "in range" from "too high"). */
+    private maxReceived = 0n
+    /** Highest odd seqno of a content-related message seen (for ordering code 32). */
+    private lastContentSeqNo = -1
+
+    private readonly now: () => number
+    private readonly futureTolerance: number
+    private readonly pastTolerance: number
+    private readonly maxTracked: number
+
+    constructor(opts: InboundTrackerOptions = {}) {
+        this.now = opts.nowMs ?? (() => Date.now())
+        this.futureTolerance = opts.futureToleranceSec ?? FUTURE_TOLERANCE_SEC
+        this.pastTolerance = opts.pastToleranceSec ?? PAST_TOLERANCE_SEC
+        this.maxTracked = Math.max(1, opts.maxTracked ?? MAX_TRACKED)
+    }
+
+    /**
+     * Validate and record an inbound message. Returns the `bad_msg_notification`
+     * error code if the message must be rejected, `{ drop: true }` for a benign
+     * duplicate to ignore silently, or `{ ok: true }` if it should be processed. A
+     * rejected message is NOT recorded, so the client may correct and resend it
+     * (e.g. after a `bad_server_salt`, which re-uses the same msg_id).
+     */
+    accept(msgId: bigint, seqNo: number, opts: AcceptOptions = {}): AcceptResult {
+        const { isContainer = false, contentRelated = true, checkSeqNo = false, checkOrder = false } = opts
+
+        // 18: the two low bits of a client msg_id must be 0 (divisible by 4).
+        if ((msgId & 3n) !== 0n) return { ok: false, code: 18 }
+
+        const nowSec = Math.floor(this.now() / 1000)
+        const msgSec = Number(msgId >> 32n)
+        // 16 / 17: client clock skew beyond tolerance.
+        if (msgSec < nowSec - this.pastTolerance) return { ok: false, code: 16 }
+        if (msgSec > nowSec + this.futureTolerance) return { ok: false, code: 17 }
+
+        const dup = this.received.get(msgId)
+        if (dup) {
+            // A duplicate container msg_id is a protocol error (19). For a duplicate
+            // regular message: reply `msg_detailed_info` if its answer is still cached,
+            // else drop silently — re-processing is unsafe and a bad_msg reply would
+            // wrongly make the client resync its clock/salt.
+            if (isContainer) return { ok: false, code: 19 }
+            return dup.answer ? { ok: false, detailed: dup.answer } : { ok: false, drop: true }
+        }
+        // 20: older than anything we still remember — can't verify it's not a replay.
+        if (msgId <= this.evictedHigh) return { ok: false, code: 20 }
+
+        if (checkSeqNo) {
+            const odd = seqNo % 2 === 1
+            // 34/35: content-related messages carry an odd seqno, pure service ones even.
+            if (contentRelated && !odd) return { ok: false, code: 35 }
+            if (!contentRelated && odd) return { ok: false, code: 34 }
+        }
+        if (checkOrder && contentRelated) {
+            // 32: a content-related seqno must exceed every earlier one (they arrive in
+            // msg_id order). Code 33 (too high) can't occur under serial processing.
+            if (seqNo <= this.lastContentSeqNo) return { ok: false, code: 32 }
+            this.lastContentSeqNo = seqNo
+        }
+
+        this.note(msgId, seqNo)
+        return { ok: true }
+    }
+
+    /**
+     * Record the reply (`rpc_result`) generated for a request, so a later duplicate
+     * of that request can be answered with `msg_detailed_info` instead of dropped.
+     * No-op if the request id is no longer tracked.
+     */
+    recordAnswer(reqMsgId: bigint, answerMsgId: bigint, bytes: number): void {
+        const e = this.received.get(reqMsgId)
+        if (e) e.answer = { answerMsgId, bytes }
+    }
+
+    /**
+     * Record a received msg_id without validation. Used for messages observed
+     * inside a container (their ids are not individually validated), so that
+     * `msgs_state_req` can still report them as received.
+     */
+    note(msgId: bigint, seqNo: number): void {
+        if (this.received.has(msgId)) return
+        this.received.set(msgId, { seqNo, contentRelated: seqNo % 2 === 1 })
+        this.order.push(msgId)
+        if (msgId > this.maxReceived) this.maxReceived = msgId
+        while (this.order.length > this.maxTracked) {
+            const evicted = this.order.shift()!
+            this.received.delete(evicted)
+            if (evicted > this.evictedHigh) this.evictedHigh = evicted
+        }
+    }
+
+    /**
+     * Per-id status bytes for `msgs_state_info.info` — one byte per requested id
+     * (see the spec's status-byte table). Reports received messages as state 4
+     * with the appropriate high bits, and unseen ids as 1/2/3 by position relative
+     * to the tracking window.
+     */
+    stateOf(ids: bigint[]): Buffer {
+        const nowSec = Math.floor(this.now() / 1000)
+        return Buffer.from(ids.map(id => this.stateByte(id, nowSec)))
+    }
+
+    private stateByte(id: bigint, nowSec: number): number {
+        const e = this.received.get(id)
+        if (e) {
+            // 4 = received. Pure service messages don't require an ack (+16);
+            // content-related queries are processed and answered (+32 +64).
+            return e.contentRelated ? 4 + 32 + 64 : 4 + 16
+        }
+        const msgSec = Number(id >> 32n)
+        // 1 = nothing known (too old / already forgotten); 3 = too high (not yet
+        // received); 2 = within the known range but not received.
+        if (msgSec < nowSec - this.pastTolerance || id <= this.evictedHigh) return 1
+        if (id > this.maxReceived) return 3
+        return 2
+    }
+}

package/src/session/message-id.ts

@@ -0,0 +1,43 @@
+import { randomBytes } from 'node:crypto'
+
+/**
+ * MTProto message-id and sequence-number generation, ported from the existing
+ * server (`mtproto-tools.generateId` + `generateMessageId`/`generateMessageSeqNo`).
+ *
+ * A message id encodes a unix timestamp in its high bits; the low 2 bits encode
+ * direction/intent: server responses end in 1, notifications in 3. Ids are kept
+ * strictly increasing per connection.
+ */
+export interface MsgIdState {
+    lastMessageId: bigint | null
+    messageSeqNo: number
+}
+
+function generateId(): bigint {
+    const ticks = Date.now()
+    const timeSec = Math.floor(ticks / 1000)
+    const timeMSec = ticks % 1000
+    const random = randomBytes(2).readUInt16LE(0)
+    return (BigInt(timeSec) << 32n) | BigInt((timeMSec << 21) | (random << 3) | 4)
+}
+
+export function nextMessageId(state: MsgIdState, isNotification = false): bigint {
+    let id = generateId()
+    if (state.lastMessageId !== null && id <= state.lastMessageId) {
+        id = state.lastMessageId + 1n
+    }
+    const target = isNotification ? 3n : 1n
+    while (id % 4n !== target) id++
+    state.lastMessageId = id
+    return id
+}
+
+/**
+ * Sequence number for an outgoing message. Content-related messages (rpc_result,
+ * updates) consume a slot and get an odd seqno; pure service messages do not.
+ */
+export function nextSeqNo(state: MsgIdState, contentRelated = true): number {
+    const seq = state.messageSeqNo
+    if (contentRelated) state.messageSeqNo++
+    return seq * 2 + (contentRelated ? 1 : 0)
+}

package/src/session/salts.ts

@@ -0,0 +1,162 @@
+import { randomBytes } from 'node:crypto'
+import { toBigIntLE } from '../util/bytes.js'
+import type { SaltRepo, SaltScheduleEntry } from '../storage/types.js'
+
+/**
+ * Server-salt scheduler — the spec-faithful core of the salt subsystem
+ * (https://core.telegram.org/mtproto/service_messages).
+ *
+ * Each auth key gets a rolling schedule of 64-bit salts, each valid for a bounded
+ * window (~30 min) with overlap: a new salt is minted before the previous expires,
+ * so there is always a current salt and a ready successor.
+ *
+ * Windows lie on a deterministic grid anchored at the first (handshake-derived)
+ * salt's `validSince`: window `k` is `[t0 + k·step, t0 + k·step + window)`. Because
+ * the anchor is persisted and `step`/`window` are constants, every gateway node
+ * derives the same window boundaries and (via the repo's insert-if-absent
+ * semantics) converges on one salt per window — so any node validates any salt.
+ */
+
+const DEFAULT_WINDOW_SEC = 30 * 60
+const DEFAULT_STEP_SEC = 15 * 60
+
+export interface SaltServiceOptions {
+    /** Validity length of each salt, seconds (default 1800 = 30 min). */
+    windowSec?: number
+    /** Spacing between consecutive window starts, seconds. Must be `<= windowSec`
+     *  for overlap (default 900 = 15 min, giving two concurrently-valid salts). */
+    stepSec?: number
+    /** Windows to keep minted ahead of the current one (default 1). */
+    prefetch?: number
+    /** Injectable clock returning unix seconds (default `Date.now()/1000`). */
+    nowSec?: () => number
+}
+
+/** Result of {@link SaltService.resolve}: the salt to advertise + whether the
+ *  salt the client used is currently valid. */
+export interface SaltCheck {
+    current: bigint
+    valid: boolean
+}
+
+export class SaltService {
+    private readonly window: number
+    private readonly step: number
+    private readonly prefetch: number
+    private readonly now: () => number
+
+    constructor(
+        private readonly repo: SaltRepo,
+        opts: SaltServiceOptions = {},
+    ) {
+        this.window = opts.windowSec ?? DEFAULT_WINDOW_SEC
+        this.step = opts.stepSec ?? DEFAULT_STEP_SEC
+        this.prefetch = Math.max(0, opts.prefetch ?? 1)
+        this.now = opts.nowSec ?? (() => Math.floor(Date.now() / 1000))
+        if (this.step <= 0 || this.step > this.window) {
+            throw new Error('SaltService: require 0 < stepSec <= windowSec for overlapping windows')
+        }
+    }
+
+    /**
+     * Seed the schedule's first window from the handshake-derived salt. Idempotent
+     * (a no-op if a schedule already exists), and wire-compatible: the first salt
+     * keeps its `xor(newNonce, serverNonce)` value.
+     */
+    async seed(authKeyId: bigint, firstSalt: bigint): Promise<void> {
+        if ((await this.repo.list(authKeyId)).length) return
+        const since = this.now()
+        await this.repo.append(authKeyId, [
+            { salt: firstSalt, validSince: since, validUntil: since + this.window },
+        ])
+    }
+
+    /**
+     * Advertise the current salt and report whether `clientSalt` is valid right
+     * now. Mints the current window (and `prefetch` successors) on demand. The
+     * decrypt path uses this to drive `bad_server_salt`.
+     */
+    async resolve(authKeyId: bigint, clientSalt: bigint): Promise<SaltCheck> {
+        const now = this.now()
+        const list = await this.ensure(authKeyId, now, this.prefetch)
+        return {
+            current: pickCurrent(list, now).salt,
+            valid: list.some(e => covers(e, now) && e.salt === clientSalt),
+        }
+    }
+
+    /**
+     * The next `num` scheduled salts starting from the current window, minting
+     * more if the schedule is short. Backs `get_future_salts(num)`.
+     */
+    async future(authKeyId: bigint, num: number): Promise<SaltScheduleEntry[]> {
+        const n = Math.max(1, num)
+        const now = this.now()
+        const list = await this.ensure(authKeyId, now, n - 1)
+        const { t0, kNow } = grid(list, now, this.step)
+        const out: SaltScheduleEntry[] = []
+        for (let k = kNow; k < kNow + n; k++) {
+            const since = t0 + k * this.step
+            const e = list.find(x => x.validSince === since)
+            if (e) out.push(e)
+        }
+        return out
+    }
+
+    /**
+     * Ensure the schedule contains the window covering `now` plus `ahead` further
+     * grid windows; return the refreshed, ascending schedule. Opportunistically
+     * prunes windows that expired more than one window ago.
+     */
+    private async ensure(authKeyId: bigint, now: number, ahead: number): Promise<SaltScheduleEntry[]> {
+        let list = await this.repo.list(authKeyId)
+        if (!list.length) {
+            // Defensive: no handshake seed (e.g. get_future_salts on a key with no
+            // persisted schedule). Anchor a fresh grid at now.
+            await this.repo.append(authKeyId, [this.windowAt(now, randomSalt())])
+            list = await this.repo.list(authKeyId)
+        }
+
+        const { t0, kNow } = grid(list, now, this.step)
+        const missing: SaltScheduleEntry[] = []
+        for (let k = kNow; k <= kNow + ahead; k++) {
+            const since = t0 + k * this.step
+            if (!list.some(e => e.validSince === since)) missing.push(this.windowAt(since, randomSalt()))
+        }
+        if (missing.length) {
+            await this.repo.append(authKeyId, missing)
+            list = await this.repo.list(authKeyId)
+        }
+
+        // Keep one window of expired history (covers messages still in flight).
+        await this.repo.prune(authKeyId, now - this.window).catch(() => {})
+        return list
+    }
+
+    private windowAt(since: number, salt: bigint): SaltScheduleEntry {
+        return { salt, validSince: since, validUntil: since + this.window }
+    }
+}
+
+function covers(e: SaltScheduleEntry, now: number): boolean {
+    return e.validSince <= now && now < e.validUntil
+}
+
+/** The grid anchor `t0` (first window start) and the index `kNow` of the window
+ *  covering `now`. All windows sit on `t0 + k·step`, so any surviving entry is a
+ *  valid anchor — pruning the first one keeps the grid aligned. */
+function grid(list: SaltScheduleEntry[], now: number, step: number): { t0: number; kNow: number } {
+    const t0 = list[0]!.validSince
+    return { t0, kNow: Math.max(0, Math.floor((now - t0) / step)) }
+}
+
+/** Newest window covering `now`; falls back to the latest entry if a gap. */
+function pickCurrent(list: SaltScheduleEntry[], now: number): SaltScheduleEntry {
+    let best: SaltScheduleEntry | undefined
+    for (const e of list) if (covers(e, now) && (!best || e.validSince > best.validSince)) best = e
+    return best ?? list[list.length - 1]!
+}
+
+function randomSalt(): bigint {
+    return toBigIntLE(randomBytes(8))
+}

package/src/session/session-manager.ts

@@ -0,0 +1,66 @@
+import { noopLogger, type Logger } from '@mt-tl/tl'
+import type { Connection } from '../transport/connection.js'
+import type { Storage } from '../storage/index.js'
+import type { Responder } from '../dispatch/types.js'
+import { randomBigInt } from '../crypto/hashes.js'
+
+export interface SessionInfo {
+    sessionId: bigint
+    authKeyId: bigint
+    firstMsgId: bigint
+    subject?: string
+}
+
+/**
+ * Ensures a persisted session exists for the connection. On the first message
+ * of a new session, persists it and emits `new_session_created`. Ported from
+ * the existing `handleSessionMessage`, but the session is durable (storage),
+ * not an in-memory-only Map.
+ */
+export async function ensureSession(
+    storage: Storage,
+    responder: Responder,
+    conn: Connection,
+    info: SessionInfo,
+    log: Logger = noopLogger,
+): Promise<void> {
+    const existing = await storage.sessions.get(info.sessionId)
+
+    if (existing && existing.authKeyId === info.authKeyId) {
+        await storage.sessions.touch(info.sessionId)
+        conn.ctx.uniqueId = existing.uniqueId
+        conn.ctx.apiLayer = existing.apiLayer
+        conn.ctx.subject = existing.subject
+        return
+    }
+    if (existing) await storage.sessions.delete(info.sessionId)
+
+    const uniqueId = randomBigInt(64)
+    conn.ctx.uniqueId = uniqueId
+    conn.ctx.subject = info.subject
+
+    await storage.sessions.save({
+        sessionId: info.sessionId,
+        authKeyId: info.authKeyId,
+        uniqueId,
+        apiLayer: conn.ctx.apiLayer,
+        subject: info.subject,
+        lastActivity: Date.now(),
+    })
+    log.info('session.new', {
+        sessionId: info.sessionId,
+        authKeyId: info.authKeyId,
+        subject: info.subject,
+    })
+
+    responder.sendEncrypted(
+        conn,
+        {
+            _: 'new_session_created',
+            first_msg_id: info.firstMsgId,
+            unique_id: uniqueId,
+            server_salt: conn.ctx.serverSalt ?? 0n,
+        },
+        { isNotification: true, contentRelated: false },
+    )
+}

package/src/storage/index.ts

@@ -0,0 +1,26 @@
+import type { Storage } from './types.js'
+import { createMemoryStorage } from './memory.js'
+
+export type { Storage } from './types.js'
+export type StorageBackend = 'memory' | 'mongo'
+
+export interface StorageConfig {
+    backend: StorageBackend
+    mongoUrl?: string
+    mongoDb?: string
+}
+
+/**
+ * Builds the configured storage backend. `memory` (default) needs no external
+ * services; `mongo` lazily imports the driver so memory mode stays dependency-free.
+ */
+export async function createStorage(config: StorageConfig): Promise<Storage> {
+    if (config.backend === 'mongo') {
+        if (!config.mongoUrl || !config.mongoDb) {
+            throw new Error('STORAGE_BACKEND=mongo requires MONGO_URL and MONGO_DB')
+        }
+        const { createMongoStorage } = await import('./mongo.js')
+        return createMongoStorage(config.mongoUrl, config.mongoDb)
+    }
+    return createMemoryStorage()
+}

package/src/storage/memory.ts

@@ -0,0 +1,101 @@
+import type {
+    AuthKeyMeta,
+    AuthKeyRecord,
+    AuthKeyRepo,
+    SaltRepo,
+    SaltScheduleEntry,
+    SessionRecord,
+    SessionRepo,
+    Storage,
+} from './types.js'
+
+/**
+ * In-memory storage. The default backend so the gateway runs with no external
+ * services (dev, tests). Auth keys/sessions do not survive a restart — use the
+ * Mongo backend for that.
+ */
+class MemoryAuthKeyRepo implements AuthKeyRepo {
+    private map = new Map<string, AuthKeyRecord>()
+
+    async create(rec: AuthKeyRecord): Promise<void> {
+        this.map.set(rec.id.toString(), { ...rec })
+    }
+    async getById(id: bigint): Promise<AuthKeyRecord | null> {
+        return this.map.get(id.toString()) ?? null
+    }
+    async setBlocked(id: bigint, blocked: boolean): Promise<void> {
+        const rec = this.map.get(id.toString())
+        if (rec) rec.isBlocked = blocked
+    }
+    async bindUser(id: bigint, subject: string | null): Promise<void> {
+        const rec = this.map.get(id.toString())
+        if (rec) rec.subject = subject
+    }
+    async updateMeta(id: bigint, patch: AuthKeyMeta): Promise<void> {
+        const rec = this.map.get(id.toString())
+        if (!rec) return
+        const meta = (rec.meta ??= {})
+        for (const [k, v] of Object.entries(patch)) {
+            if (v !== undefined) (meta as Record<string, unknown>)[k] = v
+        }
+    }
+}
+
+class MemorySaltRepo implements SaltRepo {
+    private map = new Map<string, SaltScheduleEntry[]>()
+    async append(authKeyId: bigint, entries: SaltScheduleEntry[]): Promise<void> {
+        const k = authKeyId.toString()
+        const list = this.map.get(k) ?? []
+        for (const e of entries) {
+            // Insert-if-absent by window start; never overwrite an existing salt.
+            if (!list.some(x => x.validSince === e.validSince)) list.push({ ...e })
+        }
+        list.sort((a, b) => a.validSince - b.validSince)
+        this.map.set(k, list)
+    }
+    async list(authKeyId: bigint): Promise<SaltScheduleEntry[]> {
+        return (this.map.get(authKeyId.toString()) ?? []).map(e => ({ ...e }))
+    }
+    async prune(authKeyId: bigint, before: number): Promise<void> {
+        const k = authKeyId.toString()
+        const list = this.map.get(k)
+        if (list)
+            this.map.set(
+                k,
+                list.filter(e => e.validUntil > before),
+            )
+    }
+}
+
+class MemorySessionRepo implements SessionRepo {
+    private map = new Map<string, SessionRecord>()
+    async get(sessionId: bigint): Promise<SessionRecord | null> {
+        const r = this.map.get(sessionId.toString())
+        return r ? { ...r } : null
+    }
+    async save(rec: SessionRecord): Promise<void> {
+        this.map.set(rec.sessionId.toString(), { ...rec })
+    }
+    async update(sessionId: bigint, patch: Partial<SessionRecord>): Promise<void> {
+        const r = this.map.get(sessionId.toString())
+        if (r) this.map.set(sessionId.toString(), { ...r, ...patch })
+    }
+    async delete(sessionId: bigint): Promise<void> {
+        this.map.delete(sessionId.toString())
+    }
+    async touch(sessionId: bigint): Promise<boolean> {
+        const r = this.map.get(sessionId.toString())
+        if (!r) return false
+        r.lastActivity = Date.now()
+        return true
+    }
+}
+
+export function createMemoryStorage(): Storage {
+    return {
+        authKeys: new MemoryAuthKeyRepo(),
+        salts: new MemorySaltRepo(),
+        sessions: new MemorySessionRepo(),
+        async close() {},
+    }
+}