@noy-db/on-password 0.1.0-pre.5

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 vLannaAi
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/index.cjs

@@ -0,0 +1,154 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  PASSWORD_DEFAULT_MIN_LENGTH: () => PASSWORD_DEFAULT_MIN_LENGTH,
+  PASSWORD_PBKDF2_ITERATIONS: () => PASSWORD_PBKDF2_ITERATIONS,
+  PasswordInvalidError: () => PasswordInvalidError,
+  PasswordTooWeakError: () => PasswordTooWeakError,
+  enrollPasswordAuthenticator: () => enrollPasswordAuthenticator,
+  unwrapKekWithPassword: () => unwrapKekWithPassword,
+  verifyPasswordSlot: () => verifyPasswordSlot
+});
+module.exports = __toCommonJS(index_exports);
+var PASSWORD_PBKDF2_ITERATIONS = 6e5;
+var PASSWORD_DEFAULT_MIN_LENGTH = 12;
+var SALT_BYTES = 32;
+var subtle = globalThis.crypto.subtle;
+var PasswordTooWeakError = class extends Error {
+  code = "PASSWORD_TOO_WEAK";
+  minLength;
+  constructor(minLength, message) {
+    super(
+      message ?? `Password must be at least ${String(minLength)} characters. For accounts with a separate tier-1 phrase, prefer a longer password or pair with TOTP/email-OTP via @noy-db/on-totp or @noy-db/on-email-otp.`
+    );
+    this.name = "PasswordTooWeakError";
+    this.minLength = minLength;
+  }
+};
+var PasswordInvalidError = class extends Error {
+  code = "PASSWORD_INVALID";
+  constructor(message = "Password does not unlock this slot.") {
+    super(message);
+    this.name = "PasswordInvalidError";
+  }
+};
+async function enrollPasswordAuthenticator(keyring, options) {
+  const minLength = options.minLength ?? PASSWORD_DEFAULT_MIN_LENGTH;
+  if (options.password.length < minLength) {
+    throw new PasswordTooWeakError(minLength);
+  }
+  if (options.pattern && !options.pattern.test(options.password)) {
+    throw new PasswordTooWeakError(
+      minLength,
+      `Password does not match the configured pattern: ${options.pattern.toString()}.`
+    );
+  }
+  if (!keyring.kek) {
+    throw new Error(
+      "enrollPasswordAuthenticator: the supplied keyring has no KEK in memory. Tier-3 quick-resume keyrings cannot enrol new tier-2 slots; re-authenticate at tier 1 first."
+    );
+  }
+  const salt = crypto.getRandomValues(new Uint8Array(SALT_BYTES));
+  const wrappingKey = await derivePasswordWrappingKey(options.password, salt);
+  const wrapped = await subtle.wrapKey("raw", keyring.kek, wrappingKey, "AES-KW");
+  return {
+    id: options.id ?? "password-daily",
+    method: "password",
+    wrapped_kek: bytesToBase64(new Uint8Array(wrapped)),
+    meta: {
+      salt: bytesToBase64(salt),
+      minLength,
+      ...options.pattern !== void 0 ? { pattern: options.pattern.source } : {}
+    },
+    enrolled_via_tier: options.enrolledViaTier ?? 1
+  };
+}
+async function unwrapKekWithPassword(slot, password) {
+  const meta = slot.meta;
+  if (typeof meta.salt !== "string") {
+    throw new PasswordInvalidError(
+      "Password slot is missing the per-slot salt \u2014 keyring may be corrupted."
+    );
+  }
+  const salt = base64ToBytes(meta.salt);
+  const wrappingKey = await derivePasswordWrappingKey(password, salt);
+  try {
+    return await subtle.unwrapKey(
+      "raw",
+      base64ToBytes(slot.wrapped_kek),
+      wrappingKey,
+      "AES-KW",
+      { name: "AES-KW", length: 256 },
+      false,
+      ["wrapKey", "unwrapKey"]
+    );
+  } catch {
+    throw new PasswordInvalidError();
+  }
+}
+async function verifyPasswordSlot(slot, password, options) {
+  const kek = await unwrapKekWithPassword(slot, password);
+  return options.materialize(kek);
+}
+async function derivePasswordWrappingKey(password, salt) {
+  const ikm = await subtle.importKey(
+    "raw",
+    new TextEncoder().encode(password),
+    "PBKDF2",
+    false,
+    ["deriveKey"]
+  );
+  return subtle.deriveKey(
+    {
+      name: "PBKDF2",
+      salt,
+      iterations: PASSWORD_PBKDF2_ITERATIONS,
+      hash: "SHA-256"
+    },
+    ikm,
+    { name: "AES-KW", length: 256 },
+    false,
+    ["wrapKey", "unwrapKey"]
+  );
+}
+function bytesToBase64(bytes) {
+  let s = "";
+  for (const b of bytes) s += String.fromCharCode(b);
+  return btoa(s);
+}
+function base64ToBytes(b64) {
+  const s = atob(b64);
+  const out = new Uint8Array(s.length);
+  for (let i = 0; i < s.length; i++) out[i] = s.charCodeAt(i);
+  return out;
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  PASSWORD_DEFAULT_MIN_LENGTH,
+  PASSWORD_PBKDF2_ITERATIONS,
+  PasswordInvalidError,
+  PasswordTooWeakError,
+  enrollPasswordAuthenticator,
+  unwrapKekWithPassword,
+  verifyPasswordSlot
+});
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts"],"sourcesContent":["/**\n * **@noy-db/on-password** — tier-2 daily-password authenticator slot.\n *\n * The user's tier-1 *phrase* is the rarely-typed master that derives\n * the KEK. This package adds a SEPARATE secret — a daily-typed\n * password — as a tier-2 slot in the multi-slot keyring. The two\n * credentials have:\n *\n * - **Different lifecycles** — the phrase rotates yearly; the password\n *   rotates per the developer's policy.\n * - **Different strength rules** — the phrase is validated against the\n *   phrase format (issue #7); the password is validated against a\n *   length / regex rule the developer chooses.\n * - **Different storage** — the phrase derives the KEK; the password\n *   derives a wrapping key that wraps the SAME KEK in its own\n *   keyring slot (LUKS pattern).\n *\n * The slot is added to the keyring via `db.enrollAuthenticator`; the\n * KEK is recovered via `db.unlockViaAuthenticator` — both routes hit\n * the policy gate engine (issue #9).\n *\n * @see docs/subsystems/session-tiers.md → Tier 2 — `on-password`\n *\n * @packageDocumentation\n */\nimport type {\n  EnrollAuthenticatorOptions,\n  KeyringAuthenticator,\n  UnlockedKeyring,\n} from '@noy-db/hub'\n\n/** PBKDF2 iteration count — matches the tier-1 phrase derivation. */\nexport const PASSWORD_PBKDF2_ITERATIONS = 600_000\n\n/** Default minimum password length. Override per-app via `enrollPasswordAuthenticator`. */\nexport const PASSWORD_DEFAULT_MIN_LENGTH = 12\n\n/** Per-slot salt size. */\nconst SALT_BYTES = 32\n\nconst subtle = globalThis.crypto.subtle\n\n// ─── Errors ────────────────────────────────────────────────────────────\n\nexport class PasswordTooWeakError extends Error {\n  readonly code = 'PASSWORD_TOO_WEAK' as const\n  readonly minLength: number\n  constructor(minLength: number, message?: string) {\n    super(\n      message ??\n        `Password must be at least ${String(minLength)} characters. ` +\n          'For accounts with a separate tier-1 phrase, prefer a longer password ' +\n          'or pair with TOTP/email-OTP via @noy-db/on-totp or @noy-db/on-email-otp.',\n    )\n    this.name = 'PasswordTooWeakError'\n    this.minLength = minLength\n  }\n}\n\nexport class PasswordInvalidError extends Error {\n  readonly code = 'PASSWORD_INVALID' as const\n  constructor(message = 'Password does not unlock this slot.') {\n    super(message)\n    this.name = 'PasswordInvalidError'\n  }\n}\n\n// ─── Public API ────────────────────────────────────────────────────────\n\n/** Options for {@link enrollPasswordAuthenticator}. */\nexport interface EnrollPasswordOptions {\n  /** Slot id. Default: `'password-daily'`. */\n  readonly id?: string\n  /** Daily password the user will type. Distinct from the tier-1 phrase. */\n  readonly password: string\n  /** Minimum length. Default 12. */\n  readonly minLength?: number\n  /** Optional regex the password must satisfy in addition to length. */\n  readonly pattern?: RegExp\n  /** Tier the active session held when enrolling. Default 1. */\n  readonly enrolledViaTier?: 1 | 2\n}\n\n/**\n * Build the keyring slot for a tier-2 password authenticator. Returns\n * an `EnrollAuthenticatorOptions` value the caller hands to\n * `db.enrollAuthenticator(vault, slot)` — separating the cryptographic\n * step (this function) from the persistence step (the hub) keeps the\n * package small and lets the hub's policy gate run between the two.\n *\n * Usage:\n *\n * ```ts\n * import { enrollPasswordAuthenticator } from '@noy-db/on-password'\n *\n * const slot = await enrollPasswordAuthenticator(unlocked, {\n *   password: 'daily-password-2026',\n *   minLength: 14,\n * })\n * await db.enrollAuthenticator('acme', slot, {\n *   factors: [{ kind: 'totp' }],\n * })\n * ```\n */\nexport async function enrollPasswordAuthenticator(\n  keyring: UnlockedKeyring,\n  options: EnrollPasswordOptions,\n): Promise<EnrollAuthenticatorOptions> {\n  const minLength = options.minLength ?? PASSWORD_DEFAULT_MIN_LENGTH\n  if (options.password.length < minLength) {\n    throw new PasswordTooWeakError(minLength)\n  }\n  if (options.pattern && !options.pattern.test(options.password)) {\n    throw new PasswordTooWeakError(\n      minLength,\n      `Password does not match the configured pattern: ${options.pattern.toString()}.`,\n    )\n  }\n\n  if (!keyring.kek) {\n    throw new Error(\n      'enrollPasswordAuthenticator: the supplied keyring has no KEK in memory. ' +\n        'Tier-3 quick-resume keyrings cannot enrol new tier-2 slots; re-authenticate at tier 1 first.',\n    )\n  }\n\n  const salt = crypto.getRandomValues(new Uint8Array(SALT_BYTES))\n  const wrappingKey = await derivePasswordWrappingKey(options.password, salt)\n  const wrapped = await subtle.wrapKey('raw', keyring.kek, wrappingKey, 'AES-KW')\n\n  return {\n    id: options.id ?? 'password-daily',\n    method: 'password',\n    wrapped_kek: bytesToBase64(new Uint8Array(wrapped)),\n    meta: {\n      salt: bytesToBase64(salt),\n      minLength,\n      ...(options.pattern !== undefined ? { pattern: options.pattern.source } : {}),\n    },\n    enrolled_via_tier: options.enrolledViaTier ?? 1,\n  }\n}\n\n/**\n * Recover the KEK from a password slot's `wrapped_kek` ciphertext.\n * Returns the unwrapped KEK as a non-extractable `CryptoKey` ready for\n * AES-KW unwrap of DEKs. Used inside the verify callback passed to\n * `db.unlockViaAuthenticator`.\n *\n * @throws {@link PasswordInvalidError} when the password is wrong.\n */\nexport async function unwrapKekWithPassword(\n  slot: KeyringAuthenticator,\n  password: string,\n): Promise<CryptoKey> {\n  const meta = slot.meta as { salt?: unknown }\n  if (typeof meta.salt !== 'string') {\n    throw new PasswordInvalidError(\n      'Password slot is missing the per-slot salt — keyring may be corrupted.',\n    )\n  }\n  const salt = base64ToBytes(meta.salt)\n  const wrappingKey = await derivePasswordWrappingKey(password, salt)\n  try {\n    return await subtle.unwrapKey(\n      'raw',\n      base64ToBytes(slot.wrapped_kek) as BufferSource,\n      wrappingKey,\n      'AES-KW',\n      { name: 'AES-KW', length: 256 },\n      false,\n      ['wrapKey', 'unwrapKey'],\n    )\n  } catch {\n    throw new PasswordInvalidError()\n  }\n}\n\n/**\n * Hub-friendly verify callback. Pass to `db.unlockViaAuthenticator`:\n *\n * ```ts\n * const unlocked = await db.unlockViaAuthenticator('acme', 'password-daily',\n *   (slot) => verifyPasswordSlot(slot, 'daily-password-2026', { adapter: store, vault: 'acme', userId: 'alice' }),\n * )\n * ```\n *\n * The callback re-loads the keyring file via the supplied adapter,\n * unwraps every DEK with the recovered KEK, and returns the\n * `UnlockedKeyring` the hub installs in its keyring cache.\n *\n * @throws {@link PasswordInvalidError} when the password is wrong.\n */\nexport async function verifyPasswordSlot(\n  slot: KeyringAuthenticator,\n  password: string,\n  options: VerifyPasswordSlotOptions,\n): Promise<UnlockedKeyring> {\n  const kek = await unwrapKekWithPassword(slot, password)\n  return options.materialize(kek)\n}\n\n/** Adapter shape required by {@link verifyPasswordSlot}. */\nexport interface VerifyPasswordSlotOptions {\n  /**\n   * Caller-supplied \"given the recovered KEK, build the\n   * `UnlockedKeyring`\" routine. The hub provides the standard\n   * implementation in {@link buildUnlockedKeyringFromKek}; consumers\n   * with non-standard storage (e.g. encrypted browser-extension\n   * stores) can pass their own.\n   */\n  readonly materialize: (kek: CryptoKey) => Promise<UnlockedKeyring>\n}\n\n// ─── Helpers ───────────────────────────────────────────────────────────\n\nasync function derivePasswordWrappingKey(\n  password: string,\n  salt: Uint8Array,\n): Promise<CryptoKey> {\n  const ikm = await subtle.importKey(\n    'raw',\n    new TextEncoder().encode(password),\n    'PBKDF2',\n    false,\n    ['deriveKey'],\n  )\n  return subtle.deriveKey(\n    {\n      name: 'PBKDF2',\n      salt: salt as BufferSource,\n      iterations: PASSWORD_PBKDF2_ITERATIONS,\n      hash: 'SHA-256',\n    },\n    ikm,\n    { name: 'AES-KW', length: 256 },\n    false,\n    ['wrapKey', 'unwrapKey'],\n  )\n}\n\nfunction bytesToBase64(bytes: Uint8Array): string {\n  let s = ''\n  for (const b of bytes) s += String.fromCharCode(b)\n  return btoa(s)\n}\n\nfunction base64ToBytes(b64: string): Uint8Array {\n  const s = atob(b64)\n  const out = new Uint8Array(s.length)\n  for (let i = 0; i < s.length; i++) out[i] = s.charCodeAt(i)\n  return out\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAgCO,IAAM,6BAA6B;AAGnC,IAAM,8BAA8B;AAG3C,IAAM,aAAa;AAEnB,IAAM,SAAS,WAAW,OAAO;AAI1B,IAAM,uBAAN,cAAmC,MAAM;AAAA,EACrC,OAAO;AAAA,EACP;AAAA,EACT,YAAY,WAAmB,SAAkB;AAC/C;AAAA,MACE,WACE,6BAA6B,OAAO,SAAS,CAAC;AAAA,IAGlD;AACA,SAAK,OAAO;AACZ,SAAK,YAAY;AAAA,EACnB;AACF;AAEO,IAAM,uBAAN,cAAmC,MAAM;AAAA,EACrC,OAAO;AAAA,EAChB,YAAY,UAAU,uCAAuC;AAC3D,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAuCA,eAAsB,4BACpB,SACA,SACqC;AACrC,QAAM,YAAY,QAAQ,aAAa;AACvC,MAAI,QAAQ,SAAS,SAAS,WAAW;AACvC,UAAM,IAAI,qBAAqB,SAAS;AAAA,EAC1C;AACA,MAAI,QAAQ,WAAW,CAAC,QAAQ,QAAQ,KAAK,QAAQ,QAAQ,GAAG;AAC9D,UAAM,IAAI;AAAA,MACR;AAAA,MACA,mDAAmD,QAAQ,QAAQ,SAAS,CAAC;AAAA,IAC/E;AAAA,EACF;AAEA,MAAI,CAAC,QAAQ,KAAK;AAChB,UAAM,IAAI;AAAA,MACR;AAAA,IAEF;AAAA,EACF;AAEA,QAAM,OAAO,OAAO,gBAAgB,IAAI,WAAW,UAAU,CAAC;AAC9D,QAAM,cAAc,MAAM,0BAA0B,QAAQ,UAAU,IAAI;AAC1E,QAAM,UAAU,MAAM,OAAO,QAAQ,OAAO,QAAQ,KAAK,aAAa,QAAQ;AAE9E,SAAO;AAAA,IACL,IAAI,QAAQ,MAAM;AAAA,IAClB,QAAQ;AAAA,IACR,aAAa,cAAc,IAAI,WAAW,OAAO,CAAC;AAAA,IAClD,MAAM;AAAA,MACJ,MAAM,cAAc,IAAI;AAAA,MACxB;AAAA,MACA,GAAI,QAAQ,YAAY,SAAY,EAAE,SAAS,QAAQ,QAAQ,OAAO,IAAI,CAAC;AAAA,IAC7E;AAAA,IACA,mBAAmB,QAAQ,mBAAmB;AAAA,EAChD;AACF;AAUA,eAAsB,sBACpB,MACA,UACoB;AACpB,QAAM,OAAO,KAAK;AAClB,MAAI,OAAO,KAAK,SAAS,UAAU;AACjC,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,QAAM,OAAO,cAAc,KAAK,IAAI;AACpC,QAAM,cAAc,MAAM,0BAA0B,UAAU,IAAI;AAClE,MAAI;AACF,WAAO,MAAM,OAAO;AAAA,MAClB;AAAA,MACA,cAAc,KAAK,WAAW;AAAA,MAC9B;AAAA,MACA;AAAA,MACA,EAAE,MAAM,UAAU,QAAQ,IAAI;AAAA,MAC9B;AAAA,MACA,CAAC,WAAW,WAAW;AAAA,IACzB;AAAA,EACF,QAAQ;AACN,UAAM,IAAI,qBAAqB;AAAA,EACjC;AACF;AAiBA,eAAsB,mBACpB,MACA,UACA,SAC0B;AAC1B,QAAM,MAAM,MAAM,sBAAsB,MAAM,QAAQ;AACtD,SAAO,QAAQ,YAAY,GAAG;AAChC;AAgBA,eAAe,0BACb,UACA,MACoB;AACpB,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB;AAAA,IACA,IAAI,YAAY,EAAE,OAAO,QAAQ;AAAA,IACjC;AAAA,IACA;AAAA,IACA,CAAC,WAAW;AAAA,EACd;AACA,SAAO,OAAO;AAAA,IACZ;AAAA,MACE,MAAM;AAAA,MACN;AAAA,MACA,YAAY;AAAA,MACZ,MAAM;AAAA,IACR;AAAA,IACA;AAAA,IACA,EAAE,MAAM,UAAU,QAAQ,IAAI;AAAA,IAC9B;AAAA,IACA,CAAC,WAAW,WAAW;AAAA,EACzB;AACF;AAEA,SAAS,cAAc,OAA2B;AAChD,MAAI,IAAI;AACR,aAAW,KAAK,MAAO,MAAK,OAAO,aAAa,CAAC;AACjD,SAAO,KAAK,CAAC;AACf;AAEA,SAAS,cAAc,KAAyB;AAC9C,QAAM,IAAI,KAAK,GAAG;AAClB,QAAM,MAAM,IAAI,WAAW,EAAE,MAAM;AACnC,WAAS,IAAI,GAAG,IAAI,EAAE,QAAQ,IAAK,KAAI,CAAC,IAAI,EAAE,WAAW,CAAC;AAC1D,SAAO;AACT;","names":[]}

package/dist/index.d.cts

@@ -0,0 +1,114 @@
+import { UnlockedKeyring, EnrollAuthenticatorOptions, KeyringAuthenticator } from '@noy-db/hub';
+
+/**
+ * **@noy-db/on-password** — tier-2 daily-password authenticator slot.
+ *
+ * The user's tier-1 *phrase* is the rarely-typed master that derives
+ * the KEK. This package adds a SEPARATE secret — a daily-typed
+ * password — as a tier-2 slot in the multi-slot keyring. The two
+ * credentials have:
+ *
+ * - **Different lifecycles** — the phrase rotates yearly; the password
+ *   rotates per the developer's policy.
+ * - **Different strength rules** — the phrase is validated against the
+ *   phrase format (issue #7); the password is validated against a
+ *   length / regex rule the developer chooses.
+ * - **Different storage** — the phrase derives the KEK; the password
+ *   derives a wrapping key that wraps the SAME KEK in its own
+ *   keyring slot (LUKS pattern).
+ *
+ * The slot is added to the keyring via `db.enrollAuthenticator`; the
+ * KEK is recovered via `db.unlockViaAuthenticator` — both routes hit
+ * the policy gate engine (issue #9).
+ *
+ * @see docs/subsystems/session-tiers.md → Tier 2 — `on-password`
+ *
+ * @packageDocumentation
+ */
+
+/** PBKDF2 iteration count — matches the tier-1 phrase derivation. */
+declare const PASSWORD_PBKDF2_ITERATIONS = 600000;
+/** Default minimum password length. Override per-app via `enrollPasswordAuthenticator`. */
+declare const PASSWORD_DEFAULT_MIN_LENGTH = 12;
+declare class PasswordTooWeakError extends Error {
+    readonly code: "PASSWORD_TOO_WEAK";
+    readonly minLength: number;
+    constructor(minLength: number, message?: string);
+}
+declare class PasswordInvalidError extends Error {
+    readonly code: "PASSWORD_INVALID";
+    constructor(message?: string);
+}
+/** Options for {@link enrollPasswordAuthenticator}. */
+interface EnrollPasswordOptions {
+    /** Slot id. Default: `'password-daily'`. */
+    readonly id?: string;
+    /** Daily password the user will type. Distinct from the tier-1 phrase. */
+    readonly password: string;
+    /** Minimum length. Default 12. */
+    readonly minLength?: number;
+    /** Optional regex the password must satisfy in addition to length. */
+    readonly pattern?: RegExp;
+    /** Tier the active session held when enrolling. Default 1. */
+    readonly enrolledViaTier?: 1 | 2;
+}
+/**
+ * Build the keyring slot for a tier-2 password authenticator. Returns
+ * an `EnrollAuthenticatorOptions` value the caller hands to
+ * `db.enrollAuthenticator(vault, slot)` — separating the cryptographic
+ * step (this function) from the persistence step (the hub) keeps the
+ * package small and lets the hub's policy gate run between the two.
+ *
+ * Usage:
+ *
+ * ```ts
+ * import { enrollPasswordAuthenticator } from '@noy-db/on-password'
+ *
+ * const slot = await enrollPasswordAuthenticator(unlocked, {
+ *   password: 'daily-password-2026',
+ *   minLength: 14,
+ * })
+ * await db.enrollAuthenticator('acme', slot, {
+ *   factors: [{ kind: 'totp' }],
+ * })
+ * ```
+ */
+declare function enrollPasswordAuthenticator(keyring: UnlockedKeyring, options: EnrollPasswordOptions): Promise<EnrollAuthenticatorOptions>;
+/**
+ * Recover the KEK from a password slot's `wrapped_kek` ciphertext.
+ * Returns the unwrapped KEK as a non-extractable `CryptoKey` ready for
+ * AES-KW unwrap of DEKs. Used inside the verify callback passed to
+ * `db.unlockViaAuthenticator`.
+ *
+ * @throws {@link PasswordInvalidError} when the password is wrong.
+ */
+declare function unwrapKekWithPassword(slot: KeyringAuthenticator, password: string): Promise<CryptoKey>;
+/**
+ * Hub-friendly verify callback. Pass to `db.unlockViaAuthenticator`:
+ *
+ * ```ts
+ * const unlocked = await db.unlockViaAuthenticator('acme', 'password-daily',
+ *   (slot) => verifyPasswordSlot(slot, 'daily-password-2026', { adapter: store, vault: 'acme', userId: 'alice' }),
+ * )
+ * ```
+ *
+ * The callback re-loads the keyring file via the supplied adapter,
+ * unwraps every DEK with the recovered KEK, and returns the
+ * `UnlockedKeyring` the hub installs in its keyring cache.
+ *
+ * @throws {@link PasswordInvalidError} when the password is wrong.
+ */
+declare function verifyPasswordSlot(slot: KeyringAuthenticator, password: string, options: VerifyPasswordSlotOptions): Promise<UnlockedKeyring>;
+/** Adapter shape required by {@link verifyPasswordSlot}. */
+interface VerifyPasswordSlotOptions {
+    /**
+     * Caller-supplied "given the recovered KEK, build the
+     * `UnlockedKeyring`" routine. The hub provides the standard
+     * implementation in {@link buildUnlockedKeyringFromKek}; consumers
+     * with non-standard storage (e.g. encrypted browser-extension
+     * stores) can pass their own.
+     */
+    readonly materialize: (kek: CryptoKey) => Promise<UnlockedKeyring>;
+}
+
+export { type EnrollPasswordOptions, PASSWORD_DEFAULT_MIN_LENGTH, PASSWORD_PBKDF2_ITERATIONS, PasswordInvalidError, PasswordTooWeakError, type VerifyPasswordSlotOptions, enrollPasswordAuthenticator, unwrapKekWithPassword, verifyPasswordSlot };

package/dist/index.d.ts

@@ -0,0 +1,114 @@
+import { UnlockedKeyring, EnrollAuthenticatorOptions, KeyringAuthenticator } from '@noy-db/hub';
+
+/**
+ * **@noy-db/on-password** — tier-2 daily-password authenticator slot.
+ *
+ * The user's tier-1 *phrase* is the rarely-typed master that derives
+ * the KEK. This package adds a SEPARATE secret — a daily-typed
+ * password — as a tier-2 slot in the multi-slot keyring. The two
+ * credentials have:
+ *
+ * - **Different lifecycles** — the phrase rotates yearly; the password
+ *   rotates per the developer's policy.
+ * - **Different strength rules** — the phrase is validated against the
+ *   phrase format (issue #7); the password is validated against a
+ *   length / regex rule the developer chooses.
+ * - **Different storage** — the phrase derives the KEK; the password
+ *   derives a wrapping key that wraps the SAME KEK in its own
+ *   keyring slot (LUKS pattern).
+ *
+ * The slot is added to the keyring via `db.enrollAuthenticator`; the
+ * KEK is recovered via `db.unlockViaAuthenticator` — both routes hit
+ * the policy gate engine (issue #9).
+ *
+ * @see docs/subsystems/session-tiers.md → Tier 2 — `on-password`
+ *
+ * @packageDocumentation
+ */
+
+/** PBKDF2 iteration count — matches the tier-1 phrase derivation. */
+declare const PASSWORD_PBKDF2_ITERATIONS = 600000;
+/** Default minimum password length. Override per-app via `enrollPasswordAuthenticator`. */
+declare const PASSWORD_DEFAULT_MIN_LENGTH = 12;
+declare class PasswordTooWeakError extends Error {
+    readonly code: "PASSWORD_TOO_WEAK";
+    readonly minLength: number;
+    constructor(minLength: number, message?: string);
+}
+declare class PasswordInvalidError extends Error {
+    readonly code: "PASSWORD_INVALID";
+    constructor(message?: string);
+}
+/** Options for {@link enrollPasswordAuthenticator}. */
+interface EnrollPasswordOptions {
+    /** Slot id. Default: `'password-daily'`. */
+    readonly id?: string;
+    /** Daily password the user will type. Distinct from the tier-1 phrase. */
+    readonly password: string;
+    /** Minimum length. Default 12. */
+    readonly minLength?: number;
+    /** Optional regex the password must satisfy in addition to length. */
+    readonly pattern?: RegExp;
+    /** Tier the active session held when enrolling. Default 1. */
+    readonly enrolledViaTier?: 1 | 2;
+}
+/**
+ * Build the keyring slot for a tier-2 password authenticator. Returns
+ * an `EnrollAuthenticatorOptions` value the caller hands to
+ * `db.enrollAuthenticator(vault, slot)` — separating the cryptographic
+ * step (this function) from the persistence step (the hub) keeps the
+ * package small and lets the hub's policy gate run between the two.
+ *
+ * Usage:
+ *
+ * ```ts
+ * import { enrollPasswordAuthenticator } from '@noy-db/on-password'
+ *
+ * const slot = await enrollPasswordAuthenticator(unlocked, {
+ *   password: 'daily-password-2026',
+ *   minLength: 14,
+ * })
+ * await db.enrollAuthenticator('acme', slot, {
+ *   factors: [{ kind: 'totp' }],
+ * })
+ * ```
+ */
+declare function enrollPasswordAuthenticator(keyring: UnlockedKeyring, options: EnrollPasswordOptions): Promise<EnrollAuthenticatorOptions>;
+/**
+ * Recover the KEK from a password slot's `wrapped_kek` ciphertext.
+ * Returns the unwrapped KEK as a non-extractable `CryptoKey` ready for
+ * AES-KW unwrap of DEKs. Used inside the verify callback passed to
+ * `db.unlockViaAuthenticator`.
+ *
+ * @throws {@link PasswordInvalidError} when the password is wrong.
+ */
+declare function unwrapKekWithPassword(slot: KeyringAuthenticator, password: string): Promise<CryptoKey>;
+/**
+ * Hub-friendly verify callback. Pass to `db.unlockViaAuthenticator`:
+ *
+ * ```ts
+ * const unlocked = await db.unlockViaAuthenticator('acme', 'password-daily',
+ *   (slot) => verifyPasswordSlot(slot, 'daily-password-2026', { adapter: store, vault: 'acme', userId: 'alice' }),
+ * )
+ * ```
+ *
+ * The callback re-loads the keyring file via the supplied adapter,
+ * unwraps every DEK with the recovered KEK, and returns the
+ * `UnlockedKeyring` the hub installs in its keyring cache.
+ *
+ * @throws {@link PasswordInvalidError} when the password is wrong.
+ */
+declare function verifyPasswordSlot(slot: KeyringAuthenticator, password: string, options: VerifyPasswordSlotOptions): Promise<UnlockedKeyring>;
+/** Adapter shape required by {@link verifyPasswordSlot}. */
+interface VerifyPasswordSlotOptions {
+    /**
+     * Caller-supplied "given the recovered KEK, build the
+     * `UnlockedKeyring`" routine. The hub provides the standard
+     * implementation in {@link buildUnlockedKeyringFromKek}; consumers
+     * with non-standard storage (e.g. encrypted browser-extension
+     * stores) can pass their own.
+     */
+    readonly materialize: (kek: CryptoKey) => Promise<UnlockedKeyring>;
+}
+
+export { type EnrollPasswordOptions, PASSWORD_DEFAULT_MIN_LENGTH, PASSWORD_PBKDF2_ITERATIONS, PasswordInvalidError, PasswordTooWeakError, type VerifyPasswordSlotOptions, enrollPasswordAuthenticator, unwrapKekWithPassword, verifyPasswordSlot };

package/dist/index.js

@@ -0,0 +1,123 @@
+// src/index.ts
+var PASSWORD_PBKDF2_ITERATIONS = 6e5;
+var PASSWORD_DEFAULT_MIN_LENGTH = 12;
+var SALT_BYTES = 32;
+var subtle = globalThis.crypto.subtle;
+var PasswordTooWeakError = class extends Error {
+  code = "PASSWORD_TOO_WEAK";
+  minLength;
+  constructor(minLength, message) {
+    super(
+      message ?? `Password must be at least ${String(minLength)} characters. For accounts with a separate tier-1 phrase, prefer a longer password or pair with TOTP/email-OTP via @noy-db/on-totp or @noy-db/on-email-otp.`
+    );
+    this.name = "PasswordTooWeakError";
+    this.minLength = minLength;
+  }
+};
+var PasswordInvalidError = class extends Error {
+  code = "PASSWORD_INVALID";
+  constructor(message = "Password does not unlock this slot.") {
+    super(message);
+    this.name = "PasswordInvalidError";
+  }
+};
+async function enrollPasswordAuthenticator(keyring, options) {
+  const minLength = options.minLength ?? PASSWORD_DEFAULT_MIN_LENGTH;
+  if (options.password.length < minLength) {
+    throw new PasswordTooWeakError(minLength);
+  }
+  if (options.pattern && !options.pattern.test(options.password)) {
+    throw new PasswordTooWeakError(
+      minLength,
+      `Password does not match the configured pattern: ${options.pattern.toString()}.`
+    );
+  }
+  if (!keyring.kek) {
+    throw new Error(
+      "enrollPasswordAuthenticator: the supplied keyring has no KEK in memory. Tier-3 quick-resume keyrings cannot enrol new tier-2 slots; re-authenticate at tier 1 first."
+    );
+  }
+  const salt = crypto.getRandomValues(new Uint8Array(SALT_BYTES));
+  const wrappingKey = await derivePasswordWrappingKey(options.password, salt);
+  const wrapped = await subtle.wrapKey("raw", keyring.kek, wrappingKey, "AES-KW");
+  return {
+    id: options.id ?? "password-daily",
+    method: "password",
+    wrapped_kek: bytesToBase64(new Uint8Array(wrapped)),
+    meta: {
+      salt: bytesToBase64(salt),
+      minLength,
+      ...options.pattern !== void 0 ? { pattern: options.pattern.source } : {}
+    },
+    enrolled_via_tier: options.enrolledViaTier ?? 1
+  };
+}
+async function unwrapKekWithPassword(slot, password) {
+  const meta = slot.meta;
+  if (typeof meta.salt !== "string") {
+    throw new PasswordInvalidError(
+      "Password slot is missing the per-slot salt \u2014 keyring may be corrupted."
+    );
+  }
+  const salt = base64ToBytes(meta.salt);
+  const wrappingKey = await derivePasswordWrappingKey(password, salt);
+  try {
+    return await subtle.unwrapKey(
+      "raw",
+      base64ToBytes(slot.wrapped_kek),
+      wrappingKey,
+      "AES-KW",
+      { name: "AES-KW", length: 256 },
+      false,
+      ["wrapKey", "unwrapKey"]
+    );
+  } catch {
+    throw new PasswordInvalidError();
+  }
+}
+async function verifyPasswordSlot(slot, password, options) {
+  const kek = await unwrapKekWithPassword(slot, password);
+  return options.materialize(kek);
+}
+async function derivePasswordWrappingKey(password, salt) {
+  const ikm = await subtle.importKey(
+    "raw",
+    new TextEncoder().encode(password),
+    "PBKDF2",
+    false,
+    ["deriveKey"]
+  );
+  return subtle.deriveKey(
+    {
+      name: "PBKDF2",
+      salt,
+      iterations: PASSWORD_PBKDF2_ITERATIONS,
+      hash: "SHA-256"
+    },
+    ikm,
+    { name: "AES-KW", length: 256 },
+    false,
+    ["wrapKey", "unwrapKey"]
+  );
+}
+function bytesToBase64(bytes) {
+  let s = "";
+  for (const b of bytes) s += String.fromCharCode(b);
+  return btoa(s);
+}
+function base64ToBytes(b64) {
+  const s = atob(b64);
+  const out = new Uint8Array(s.length);
+  for (let i = 0; i < s.length; i++) out[i] = s.charCodeAt(i);
+  return out;
+}
+export {
+  PASSWORD_DEFAULT_MIN_LENGTH,
+  PASSWORD_PBKDF2_ITERATIONS,
+  PasswordInvalidError,
+  PasswordTooWeakError,
+  enrollPasswordAuthenticator,
+  unwrapKekWithPassword,
+  verifyPasswordSlot
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts"],"sourcesContent":["/**\n * **@noy-db/on-password** — tier-2 daily-password authenticator slot.\n *\n * The user's tier-1 *phrase* is the rarely-typed master that derives\n * the KEK. This package adds a SEPARATE secret — a daily-typed\n * password — as a tier-2 slot in the multi-slot keyring. The two\n * credentials have:\n *\n * - **Different lifecycles** — the phrase rotates yearly; the password\n *   rotates per the developer's policy.\n * - **Different strength rules** — the phrase is validated against the\n *   phrase format (issue #7); the password is validated against a\n *   length / regex rule the developer chooses.\n * - **Different storage** — the phrase derives the KEK; the password\n *   derives a wrapping key that wraps the SAME KEK in its own\n *   keyring slot (LUKS pattern).\n *\n * The slot is added to the keyring via `db.enrollAuthenticator`; the\n * KEK is recovered via `db.unlockViaAuthenticator` — both routes hit\n * the policy gate engine (issue #9).\n *\n * @see docs/subsystems/session-tiers.md → Tier 2 — `on-password`\n *\n * @packageDocumentation\n */\nimport type {\n  EnrollAuthenticatorOptions,\n  KeyringAuthenticator,\n  UnlockedKeyring,\n} from '@noy-db/hub'\n\n/** PBKDF2 iteration count — matches the tier-1 phrase derivation. */\nexport const PASSWORD_PBKDF2_ITERATIONS = 600_000\n\n/** Default minimum password length. Override per-app via `enrollPasswordAuthenticator`. */\nexport const PASSWORD_DEFAULT_MIN_LENGTH = 12\n\n/** Per-slot salt size. */\nconst SALT_BYTES = 32\n\nconst subtle = globalThis.crypto.subtle\n\n// ─── Errors ────────────────────────────────────────────────────────────\n\nexport class PasswordTooWeakError extends Error {\n  readonly code = 'PASSWORD_TOO_WEAK' as const\n  readonly minLength: number\n  constructor(minLength: number, message?: string) {\n    super(\n      message ??\n        `Password must be at least ${String(minLength)} characters. ` +\n          'For accounts with a separate tier-1 phrase, prefer a longer password ' +\n          'or pair with TOTP/email-OTP via @noy-db/on-totp or @noy-db/on-email-otp.',\n    )\n    this.name = 'PasswordTooWeakError'\n    this.minLength = minLength\n  }\n}\n\nexport class PasswordInvalidError extends Error {\n  readonly code = 'PASSWORD_INVALID' as const\n  constructor(message = 'Password does not unlock this slot.') {\n    super(message)\n    this.name = 'PasswordInvalidError'\n  }\n}\n\n// ─── Public API ────────────────────────────────────────────────────────\n\n/** Options for {@link enrollPasswordAuthenticator}. */\nexport interface EnrollPasswordOptions {\n  /** Slot id. Default: `'password-daily'`. */\n  readonly id?: string\n  /** Daily password the user will type. Distinct from the tier-1 phrase. */\n  readonly password: string\n  /** Minimum length. Default 12. */\n  readonly minLength?: number\n  /** Optional regex the password must satisfy in addition to length. */\n  readonly pattern?: RegExp\n  /** Tier the active session held when enrolling. Default 1. */\n  readonly enrolledViaTier?: 1 | 2\n}\n\n/**\n * Build the keyring slot for a tier-2 password authenticator. Returns\n * an `EnrollAuthenticatorOptions` value the caller hands to\n * `db.enrollAuthenticator(vault, slot)` — separating the cryptographic\n * step (this function) from the persistence step (the hub) keeps the\n * package small and lets the hub's policy gate run between the two.\n *\n * Usage:\n *\n * ```ts\n * import { enrollPasswordAuthenticator } from '@noy-db/on-password'\n *\n * const slot = await enrollPasswordAuthenticator(unlocked, {\n *   password: 'daily-password-2026',\n *   minLength: 14,\n * })\n * await db.enrollAuthenticator('acme', slot, {\n *   factors: [{ kind: 'totp' }],\n * })\n * ```\n */\nexport async function enrollPasswordAuthenticator(\n  keyring: UnlockedKeyring,\n  options: EnrollPasswordOptions,\n): Promise<EnrollAuthenticatorOptions> {\n  const minLength = options.minLength ?? PASSWORD_DEFAULT_MIN_LENGTH\n  if (options.password.length < minLength) {\n    throw new PasswordTooWeakError(minLength)\n  }\n  if (options.pattern && !options.pattern.test(options.password)) {\n    throw new PasswordTooWeakError(\n      minLength,\n      `Password does not match the configured pattern: ${options.pattern.toString()}.`,\n    )\n  }\n\n  if (!keyring.kek) {\n    throw new Error(\n      'enrollPasswordAuthenticator: the supplied keyring has no KEK in memory. ' +\n        'Tier-3 quick-resume keyrings cannot enrol new tier-2 slots; re-authenticate at tier 1 first.',\n    )\n  }\n\n  const salt = crypto.getRandomValues(new Uint8Array(SALT_BYTES))\n  const wrappingKey = await derivePasswordWrappingKey(options.password, salt)\n  const wrapped = await subtle.wrapKey('raw', keyring.kek, wrappingKey, 'AES-KW')\n\n  return {\n    id: options.id ?? 'password-daily',\n    method: 'password',\n    wrapped_kek: bytesToBase64(new Uint8Array(wrapped)),\n    meta: {\n      salt: bytesToBase64(salt),\n      minLength,\n      ...(options.pattern !== undefined ? { pattern: options.pattern.source } : {}),\n    },\n    enrolled_via_tier: options.enrolledViaTier ?? 1,\n  }\n}\n\n/**\n * Recover the KEK from a password slot's `wrapped_kek` ciphertext.\n * Returns the unwrapped KEK as a non-extractable `CryptoKey` ready for\n * AES-KW unwrap of DEKs. Used inside the verify callback passed to\n * `db.unlockViaAuthenticator`.\n *\n * @throws {@link PasswordInvalidError} when the password is wrong.\n */\nexport async function unwrapKekWithPassword(\n  slot: KeyringAuthenticator,\n  password: string,\n): Promise<CryptoKey> {\n  const meta = slot.meta as { salt?: unknown }\n  if (typeof meta.salt !== 'string') {\n    throw new PasswordInvalidError(\n      'Password slot is missing the per-slot salt — keyring may be corrupted.',\n    )\n  }\n  const salt = base64ToBytes(meta.salt)\n  const wrappingKey = await derivePasswordWrappingKey(password, salt)\n  try {\n    return await subtle.unwrapKey(\n      'raw',\n      base64ToBytes(slot.wrapped_kek) as BufferSource,\n      wrappingKey,\n      'AES-KW',\n      { name: 'AES-KW', length: 256 },\n      false,\n      ['wrapKey', 'unwrapKey'],\n    )\n  } catch {\n    throw new PasswordInvalidError()\n  }\n}\n\n/**\n * Hub-friendly verify callback. Pass to `db.unlockViaAuthenticator`:\n *\n * ```ts\n * const unlocked = await db.unlockViaAuthenticator('acme', 'password-daily',\n *   (slot) => verifyPasswordSlot(slot, 'daily-password-2026', { adapter: store, vault: 'acme', userId: 'alice' }),\n * )\n * ```\n *\n * The callback re-loads the keyring file via the supplied adapter,\n * unwraps every DEK with the recovered KEK, and returns the\n * `UnlockedKeyring` the hub installs in its keyring cache.\n *\n * @throws {@link PasswordInvalidError} when the password is wrong.\n */\nexport async function verifyPasswordSlot(\n  slot: KeyringAuthenticator,\n  password: string,\n  options: VerifyPasswordSlotOptions,\n): Promise<UnlockedKeyring> {\n  const kek = await unwrapKekWithPassword(slot, password)\n  return options.materialize(kek)\n}\n\n/** Adapter shape required by {@link verifyPasswordSlot}. */\nexport interface VerifyPasswordSlotOptions {\n  /**\n   * Caller-supplied \"given the recovered KEK, build the\n   * `UnlockedKeyring`\" routine. The hub provides the standard\n   * implementation in {@link buildUnlockedKeyringFromKek}; consumers\n   * with non-standard storage (e.g. encrypted browser-extension\n   * stores) can pass their own.\n   */\n  readonly materialize: (kek: CryptoKey) => Promise<UnlockedKeyring>\n}\n\n// ─── Helpers ───────────────────────────────────────────────────────────\n\nasync function derivePasswordWrappingKey(\n  password: string,\n  salt: Uint8Array,\n): Promise<CryptoKey> {\n  const ikm = await subtle.importKey(\n    'raw',\n    new TextEncoder().encode(password),\n    'PBKDF2',\n    false,\n    ['deriveKey'],\n  )\n  return subtle.deriveKey(\n    {\n      name: 'PBKDF2',\n      salt: salt as BufferSource,\n      iterations: PASSWORD_PBKDF2_ITERATIONS,\n      hash: 'SHA-256',\n    },\n    ikm,\n    { name: 'AES-KW', length: 256 },\n    false,\n    ['wrapKey', 'unwrapKey'],\n  )\n}\n\nfunction bytesToBase64(bytes: Uint8Array): string {\n  let s = ''\n  for (const b of bytes) s += String.fromCharCode(b)\n  return btoa(s)\n}\n\nfunction base64ToBytes(b64: string): Uint8Array {\n  const s = atob(b64)\n  const out = new Uint8Array(s.length)\n  for (let i = 0; i < s.length; i++) out[i] = s.charCodeAt(i)\n  return out\n}\n"],"mappings":";AAgCO,IAAM,6BAA6B;AAGnC,IAAM,8BAA8B;AAG3C,IAAM,aAAa;AAEnB,IAAM,SAAS,WAAW,OAAO;AAI1B,IAAM,uBAAN,cAAmC,MAAM;AAAA,EACrC,OAAO;AAAA,EACP;AAAA,EACT,YAAY,WAAmB,SAAkB;AAC/C;AAAA,MACE,WACE,6BAA6B,OAAO,SAAS,CAAC;AAAA,IAGlD;AACA,SAAK,OAAO;AACZ,SAAK,YAAY;AAAA,EACnB;AACF;AAEO,IAAM,uBAAN,cAAmC,MAAM;AAAA,EACrC,OAAO;AAAA,EAChB,YAAY,UAAU,uCAAuC;AAC3D,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAuCA,eAAsB,4BACpB,SACA,SACqC;AACrC,QAAM,YAAY,QAAQ,aAAa;AACvC,MAAI,QAAQ,SAAS,SAAS,WAAW;AACvC,UAAM,IAAI,qBAAqB,SAAS;AAAA,EAC1C;AACA,MAAI,QAAQ,WAAW,CAAC,QAAQ,QAAQ,KAAK,QAAQ,QAAQ,GAAG;AAC9D,UAAM,IAAI;AAAA,MACR;AAAA,MACA,mDAAmD,QAAQ,QAAQ,SAAS,CAAC;AAAA,IAC/E;AAAA,EACF;AAEA,MAAI,CAAC,QAAQ,KAAK;AAChB,UAAM,IAAI;AAAA,MACR;AAAA,IAEF;AAAA,EACF;AAEA,QAAM,OAAO,OAAO,gBAAgB,IAAI,WAAW,UAAU,CAAC;AAC9D,QAAM,cAAc,MAAM,0BAA0B,QAAQ,UAAU,IAAI;AAC1E,QAAM,UAAU,MAAM,OAAO,QAAQ,OAAO,QAAQ,KAAK,aAAa,QAAQ;AAE9E,SAAO;AAAA,IACL,IAAI,QAAQ,MAAM;AAAA,IAClB,QAAQ;AAAA,IACR,aAAa,cAAc,IAAI,WAAW,OAAO,CAAC;AAAA,IAClD,MAAM;AAAA,MACJ,MAAM,cAAc,IAAI;AAAA,MACxB;AAAA,MACA,GAAI,QAAQ,YAAY,SAAY,EAAE,SAAS,QAAQ,QAAQ,OAAO,IAAI,CAAC;AAAA,IAC7E;AAAA,IACA,mBAAmB,QAAQ,mBAAmB;AAAA,EAChD;AACF;AAUA,eAAsB,sBACpB,MACA,UACoB;AACpB,QAAM,OAAO,KAAK;AAClB,MAAI,OAAO,KAAK,SAAS,UAAU;AACjC,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,QAAM,OAAO,cAAc,KAAK,IAAI;AACpC,QAAM,cAAc,MAAM,0BAA0B,UAAU,IAAI;AAClE,MAAI;AACF,WAAO,MAAM,OAAO;AAAA,MAClB;AAAA,MACA,cAAc,KAAK,WAAW;AAAA,MAC9B;AAAA,MACA;AAAA,MACA,EAAE,MAAM,UAAU,QAAQ,IAAI;AAAA,MAC9B;AAAA,MACA,CAAC,WAAW,WAAW;AAAA,IACzB;AAAA,EACF,QAAQ;AACN,UAAM,IAAI,qBAAqB;AAAA,EACjC;AACF;AAiBA,eAAsB,mBACpB,MACA,UACA,SAC0B;AAC1B,QAAM,MAAM,MAAM,sBAAsB,MAAM,QAAQ;AACtD,SAAO,QAAQ,YAAY,GAAG;AAChC;AAgBA,eAAe,0BACb,UACA,MACoB;AACpB,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB;AAAA,IACA,IAAI,YAAY,EAAE,OAAO,QAAQ;AAAA,IACjC;AAAA,IACA;AAAA,IACA,CAAC,WAAW;AAAA,EACd;AACA,SAAO,OAAO;AAAA,IACZ;AAAA,MACE,MAAM;AAAA,MACN;AAAA,MACA,YAAY;AAAA,MACZ,MAAM;AAAA,IACR;AAAA,IACA;AAAA,IACA,EAAE,MAAM,UAAU,QAAQ,IAAI;AAAA,IAC9B;AAAA,IACA,CAAC,WAAW,WAAW;AAAA,EACzB;AACF;AAEA,SAAS,cAAc,OAA2B;AAChD,MAAI,IAAI;AACR,aAAW,KAAK,MAAO,MAAK,OAAO,aAAa,CAAC;AACjD,SAAO,KAAK,CAAC;AACf;AAEA,SAAS,cAAc,KAAyB;AAC9C,QAAM,IAAI,KAAK,GAAG;AAClB,QAAM,MAAM,IAAI,WAAW,EAAE,MAAM;AACnC,WAAS,IAAI,GAAG,IAAI,EAAE,QAAQ,IAAK,KAAI,CAAC,IAAI,EAAE,WAAW,CAAC;AAC1D,SAAO;AACT;","names":[]}

package/package.json

@@ -0,0 +1,67 @@
+{
+  "name": "@noy-db/on-password",
+  "version": "0.1.0-pre.5",
+  "description": "Tier-2 daily-password authenticator slot for noy-db. PBKDF2-SHA256 600K wraps the KEK in its own keyring slot, distinct from the rarely-typed tier-1 phrase. Pair with @noy-db/on-email-otp or @noy-db/on-totp for the SaaS UX.",
+  "license": "MIT",
+  "author": "vLannaAi <vicio@lanna.ai>",
+  "homepage": "https://github.com/vLannaAi/noy-db/tree/main/packages/on-password#readme",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/vLannaAi/noy-db.git",
+    "directory": "packages/on-password"
+  },
+  "bugs": {
+    "url": "https://github.com/vLannaAi/noy-db/issues"
+  },
+  "type": "module",
+  "sideEffects": false,
+  "exports": {
+    ".": {
+      "import": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
+      }
+    }
+  },
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "peerDependencies": {
+    "@noy-db/hub": "0.1.0-pre.5"
+  },
+  "devDependencies": {
+    "@noy-db/hub": "0.1.0-pre.5"
+  },
+  "keywords": [
+    "noy-db",
+    "auth",
+    "on-password",
+    "tier-2",
+    "password",
+    "pbkdf2",
+    "keyring-slot",
+    "zero-knowledge"
+  ],
+  "publishConfig": {
+    "access": "public",
+    "tag": "latest"
+  },
+  "scripts": {
+    "build": "tsup",
+    "test": "vitest run",
+    "lint": "eslint src/",
+    "typecheck": "tsc --noEmit"
+  }
+}