@periskope/baileys 6.7.18-17-7 → 6.7.18-17-9

package/lib/Signal/Group/group_cipher.d.ts

@@ -8,7 +8,6 @@ export declare class GroupCipher {
     private readonly senderKeyStore;
     private readonly senderKeyName;
     constructor(senderKeyStore: SenderKeyStore, senderKeyName: SenderKeyName);
-    private queueJob;
     encrypt(paddedPlaintext: Uint8Array | string): Promise<Uint8Array>;
     decrypt(senderKeyMessageBytes: Uint8Array): Promise<Uint8Array>;
     private getSenderKey;

package/lib/Signal/Group/group_cipher.js

@@ -1,55 +1,45 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GroupCipher = void 0;
+/* @ts-ignore */
 const crypto_1 = require("libsignal/src/crypto");
-const queue_job_1 = __importDefault(require("./queue-job"));
 const sender_key_message_1 = require("./sender-key-message");
 class GroupCipher {
     constructor(senderKeyStore, senderKeyName) {
         this.senderKeyStore = senderKeyStore;
         this.senderKeyName = senderKeyName;
     }
-    queueJob(awaitable) {
-        return (0, queue_job_1.default)(this.senderKeyName.toString(), awaitable);
-    }
     async encrypt(paddedPlaintext) {
-        return await this.queueJob(async () => {
-            const record = await this.senderKeyStore.loadSenderKey(this.senderKeyName);
-            if (!record) {
-                throw new Error('No SenderKeyRecord found for encryption');
-            }
-            const senderKeyState = record.getSenderKeyState();
-            if (!senderKeyState) {
-                throw new Error('No session to encrypt message');
-            }
-            const iteration = senderKeyState.getSenderChainKey().getIteration();
-            const senderKey = this.getSenderKey(senderKeyState, iteration === 0 ? 0 : iteration + 1);
-            const ciphertext = await this.getCipherText(senderKey.getIv(), senderKey.getCipherKey(), paddedPlaintext);
-            const senderKeyMessage = new sender_key_message_1.SenderKeyMessage(senderKeyState.getKeyId(), senderKey.getIteration(), ciphertext, senderKeyState.getSigningKeyPrivate());
-            await this.senderKeyStore.storeSenderKey(this.senderKeyName, record);
-            return senderKeyMessage.serialize();
-        });
+        const record = await this.senderKeyStore.loadSenderKey(this.senderKeyName);
+        if (!record) {
+            throw new Error('No SenderKeyRecord found for encryption');
+        }
+        const senderKeyState = record.getSenderKeyState();
+        if (!senderKeyState) {
+            throw new Error('No session to encrypt message');
+        }
+        const iteration = senderKeyState.getSenderChainKey().getIteration();
+        const senderKey = this.getSenderKey(senderKeyState, iteration === 0 ? 0 : iteration + 1);
+        const ciphertext = await this.getCipherText(senderKey.getIv(), senderKey.getCipherKey(), paddedPlaintext);
+        const senderKeyMessage = new sender_key_message_1.SenderKeyMessage(senderKeyState.getKeyId(), senderKey.getIteration(), ciphertext, senderKeyState.getSigningKeyPrivate());
+        await this.senderKeyStore.storeSenderKey(this.senderKeyName, record);
+        return senderKeyMessage.serialize();
     }
     async decrypt(senderKeyMessageBytes) {
-        return await this.queueJob(async () => {
-            const record = await this.senderKeyStore.loadSenderKey(this.senderKeyName);
-            if (!record) {
-                throw new Error('No SenderKeyRecord found for decryption');
-            }
-            const senderKeyMessage = new sender_key_message_1.SenderKeyMessage(null, null, null, null, senderKeyMessageBytes);
-            const senderKeyState = record.getSenderKeyState(senderKeyMessage.getKeyId());
-            if (!senderKeyState) {
-                throw new Error('No session found to decrypt message');
-            }
-            senderKeyMessage.verifySignature(senderKeyState.getSigningKeyPublic());
-            const senderKey = this.getSenderKey(senderKeyState, senderKeyMessage.getIteration());
-            const plaintext = await this.getPlainText(senderKey.getIv(), senderKey.getCipherKey(), senderKeyMessage.getCipherText());
-            await this.senderKeyStore.storeSenderKey(this.senderKeyName, record);
-            return plaintext;
-        });
+        const record = await this.senderKeyStore.loadSenderKey(this.senderKeyName);
+        if (!record) {
+            throw new Error('No SenderKeyRecord found for decryption');
+        }
+        const senderKeyMessage = new sender_key_message_1.SenderKeyMessage(null, null, null, null, senderKeyMessageBytes);
+        const senderKeyState = record.getSenderKeyState(senderKeyMessage.getKeyId());
+        if (!senderKeyState) {
+            throw new Error('No session found to decrypt message');
+        }
+        senderKeyMessage.verifySignature(senderKeyState.getSigningKeyPublic());
+        const senderKey = this.getSenderKey(senderKeyState, senderKeyMessage.getIteration());
+        const plaintext = await this.getPlainText(senderKey.getIv(), senderKey.getCipherKey(), senderKeyMessage.getCipherText());
+        await this.senderKeyStore.storeSenderKey(this.senderKeyName, record);
+        return plaintext;
     }
     getSenderKey(senderKeyState, iteration) {
         let senderChainKey = senderKeyState.getSenderChainKey();

package/lib/Signal/libsignal.js

@@ -51,11 +51,26 @@ function makeLibSignalRepository(auth) {
         max: 500,
         ttl: 5 * 60 * 1000
     });
+    const parsedKeys = auth.keys;
+    function isLikelySyncMessage(addr) {
+        const key = addr.toString();
+        // Only bypass for WhatsApp system addresses, not regular user contacts
+        // Be very specific about sync service patterns
+        return (key.includes('@lid.whatsapp.net') || // WhatsApp system messages
+            key.includes('@broadcast') || // Broadcast messages
+            key.includes('@newsletter') || // Newsletter messages
+            key === 'status@broadcast' || // Status updates
+            key.includes('@g.us.history') || // Group history sync
+            key.includes('.whatsapp.net.history'));
+    }
     const repository = {
         decryptGroupMessage({ group, authorJid, msg }) {
             const senderName = jidToSignalSenderKeyName(group, authorJid);
             const cipher = new Group_1.GroupCipher(storage, senderName);
-            return cipher.decrypt(msg);
+            // Use transaction to ensure atomicity
+            return parsedKeys.transaction(async () => {
+                return cipher.decrypt(msg);
+            }, group);
         },
         async processSenderKeyDistributionMessage({ item, authorJid }) {
             const builder = new Group_1.GroupSessionBuilder(storage);
@@ -69,23 +84,39 @@ function makeLibSignalRepository(auth) {
             if (!senderKey) {
                 await storage.storeSenderKey(senderName, new sender_key_record_1.SenderKeyRecord());
             }
-            await builder.process(senderName, senderMsg);
+            return parsedKeys.transaction(async () => {
+                const { [senderNameStr]: senderKey } = await auth.keys.get('sender-key', [senderNameStr]);
+                if (!senderKey) {
+                    await storage.storeSenderKey(senderName, new sender_key_record_1.SenderKeyRecord());
+                }
+                await builder.process(senderName, senderMsg);
+            }, item.groupId);
         },
         async decryptMessage({ jid, type, ciphertext }) {
             const addr = jidToSignalProtocolAddress(jid);
             const session = new libsignal.SessionCipher(storage, addr);
-            let result;
-            switch (type) {
-                case 'pkmsg':
-                    result = await session.decryptPreKeyWhisperMessage(ciphertext);
-                    break;
-                case 'msg':
-                    result = await session.decryptWhisperMessage(ciphertext);
-                    break;
-                default:
-                    throw new Error(`Unknown message type: ${type}`);
+            async function doDecrypt() {
+                let result;
+                switch (type) {
+                    case 'pkmsg':
+                        result = await session.decryptPreKeyWhisperMessage(ciphertext);
+                        break;
+                    case 'msg':
+                        result = await session.decryptWhisperMessage(ciphertext);
+                        break;
+                }
+                return result;
+            }
+            if (isLikelySyncMessage(addr)) {
+                // If it's a sync message, we can skip the transaction
+                // as it is likely to be a system message that doesn't require strict atomicity
+                return await doDecrypt();
             }
-            return result;
+            // If it's not a sync message, we need to ensure atomicity
+            // For regular messages, we use a transaction to ensure atomicity
+            return parsedKeys.transaction(async () => {
+                return await doDecrypt();
+            }, jid);
         },
         async encryptMessage({ jid, data }) {
             // LID SINGLE SOURCE OF TRUTH: Always prefer LID when available
@@ -114,29 +145,36 @@ function makeLibSignalRepository(auth) {
             }
             const addr = jidToSignalProtocolAddress(encryptionJid);
             const cipher = new libsignal.SessionCipher(storage, addr);
-            const { type: sigType, body } = await cipher.encrypt(data);
-            const type = sigType === 3 ? 'pkmsg' : 'msg';
-            return { type, ciphertext: Buffer.from(body, 'binary') };
+            // Use transaction to ensure atomicity
+            return parsedKeys.transaction(async () => {
+                const { type: sigType, body } = await cipher.encrypt(data);
+                const type = sigType === 3 ? 'pkmsg' : 'msg';
+                return { type, ciphertext: Buffer.from(body, 'binary') };
+            }, jid);
         },
         async encryptGroupMessage({ group, meId, data }) {
             const senderName = jidToSignalSenderKeyName(group, meId);
             const builder = new Group_1.GroupSessionBuilder(storage);
             const senderNameStr = senderName.toString();
-            const { [senderNameStr]: senderKey } = await auth.keys.get('sender-key', [senderNameStr]);
-            if (!senderKey) {
-                await storage.storeSenderKey(senderName, new sender_key_record_1.SenderKeyRecord());
-            }
-            const senderKeyDistributionMessage = await builder.create(senderName);
-            const session = new Group_1.GroupCipher(storage, senderName);
-            const ciphertext = await session.encrypt(data);
-            return {
-                ciphertext,
-                senderKeyDistributionMessage: senderKeyDistributionMessage.serialize()
-            };
+            return parsedKeys.transaction(async () => {
+                const { [senderNameStr]: senderKey } = await auth.keys.get('sender-key', [senderNameStr]);
+                if (!senderKey) {
+                    await storage.storeSenderKey(senderName, new sender_key_record_1.SenderKeyRecord());
+                }
+                const senderKeyDistributionMessage = await builder.create(senderName);
+                const session = new Group_1.GroupCipher(storage, senderName);
+                const ciphertext = await session.encrypt(data);
+                return {
+                    ciphertext,
+                    senderKeyDistributionMessage: senderKeyDistributionMessage.serialize()
+                };
+            }, group);
         },
         async injectE2ESession({ jid, session }) {
             const cipher = new libsignal.SessionBuilder(storage, jidToSignalProtocolAddress(jid));
-            await cipher.initOutgoing(session);
+            return parsedKeys.transaction(async () => {
+                await cipher.initOutgoing(session);
+            }, jid);
         },
         jidToSignalProtocolAddress(jid) {
             return jidToSignalProtocolAddress(jid).toString();
@@ -165,9 +203,9 @@ function makeLibSignalRepository(auth) {
         },
         async deleteSession(jid) {
             const addr = jidToSignalProtocolAddress(jid);
-            return auth.keys.transaction(async () => {
+            return parsedKeys.transaction(async () => {
                 await auth.keys.set({ session: { [addr.toString()]: null } });
-            });
+            }, jid);
         },
         async migrateSession(fromJid, toJid) {
             // Only migrate PN → LID
@@ -191,7 +229,7 @@ function makeLibSignalRepository(auth) {
                 recentMigrations.set(migrationKey, true);
                 return;
             }
-            return auth.keys.transaction(async () => {
+            return parsedKeys.transaction(async () => {
                 // Store mapping
                 await lidMapping.storeLIDPNMapping(toJid, fromJid);
                 // Load and copy session
@@ -207,7 +245,7 @@ function makeLibSignalRepository(auth) {
                     await auth.keys.set({ session: { [fromAddr.toString()]: null } });
                 }
                 recentMigrations.set(migrationKey, true);
-            });
+            }, fromJid);
         },
         async encryptMessageWithWire({ encryptionJid, wireJid, data }) {
             const result = await repository.encryptMessage({ jid: encryptionJid, data });

package/lib/Signal/lid-mapping.js

@@ -36,7 +36,7 @@ class LIDMappingStore {
                     [`${lidUser}_reverse`]: pnUser // "102765716062358_reverse" -> "554396160286"
                 }
             });
-        });
+        }, pnJid);
         logger_1.default.trace(`USER LID mapping stored: PN ${pnUser} → LID ${lidUser}`);
     }
     /**

package/lib/Socket/chats.js

@@ -356,6 +356,7 @@ const makeChatsSocket = (config) => {
         };
     };
     const resyncAppState = ev.createBufferedFunction(async (collections, isInitialSync) => {
+        var _a, _b;
         // we use this to determine which events to fire
         // otherwise when we resync from scratch -- all notifications will fire
         const initialVersionMap = {};
@@ -455,7 +456,7 @@ const makeChatsSocket = (config) => {
                     }
                 }
             }
-        });
+        }, ((_b = (_a = authState === null || authState === void 0 ? void 0 : authState.creds) === null || _a === void 0 ? void 0 : _a.me) === null || _b === void 0 ? void 0 : _b.id) || 'resync-app-state');
         const { onMutation } = newAppStateChunkHandler(isInitialSync);
         for (const key in globalMutationMap) {
             onMutation(globalMutationMap[key]);
@@ -578,6 +579,7 @@ const makeChatsSocket = (config) => {
         let initial;
         let encodeResult;
         await processingMutex.mutex(async () => {
+            var _a, _b;
             await authState.keys.transaction(async () => {
                 logger.debug({ patch: patchCreate }, 'applying app patch');
                 await resyncAppState([name], false);
@@ -618,7 +620,7 @@ const makeChatsSocket = (config) => {
                 };
                 await query(node);
                 await authState.keys.set({ 'app-state-sync-version': { [name]: state } });
-            });
+            }, ((_b = (_a = authState === null || authState === void 0 ? void 0 : authState.creds) === null || _a === void 0 ? void 0 : _a.me) === null || _b === void 0 ? void 0 : _b.id) || 'app-patch');
         });
         if (config.emitOwnEvents) {
             const { onMutation } = newAppStateChunkHandler(false);

package/lib/Socket/messages-recv.js

@@ -110,6 +110,7 @@ const makeMessagesRecvSocket = (config) => {
         await query(stanza);
     };
     const sendRetryRequest = async (node, forceIncludeKeys = false) => {
+        var _a, _b;
         const { fullMessage } = (0, Utils_1.decodeMessageNode)(node, authState.creds.me.id, authState.creds.me.lid || '');
         const { key: msgKey } = fullMessage;
         const msgId = msgKey.id;
@@ -123,7 +124,7 @@ const makeMessagesRecvSocket = (config) => {
         retryCount += 1;
         msgRetryCache.set(key, retryCount);
         const { account, signedPreKey, signedIdentityKey: identityKey } = authState.creds;
-        if (retryCount === 1) {
+        if (retryCount <= 2) {
             //request a resend via phone
             const msgId = await requestPlaceholderResend(msgKey);
             logger.debug(`sendRetryRequest: requested placeholder resend for message ${msgId}`);
@@ -180,7 +181,7 @@ const makeMessagesRecvSocket = (config) => {
             }
             await sendNode(receipt);
             logger.info({ msgAttrs: node.attrs, retryCount }, 'sent retry receipt');
-        });
+        }, ((_b = (_a = authState === null || authState === void 0 ? void 0 : authState.creds) === null || _a === void 0 ? void 0 : _a.me) === null || _b === void 0 ? void 0 : _b.id) || 'sendRetryRequest');
     };
     const handleEncryptNotification = async (node) => {
         const from = node.attrs.from;

package/lib/Socket/messages-send.js

@@ -872,7 +872,7 @@ const makeMessagesSocket = (config) => {
             }
             logger.debug({ msgId }, `sending message to ${participants.length} devices`);
             await sendNode(stanza);
-        });
+        }, meId);
         return msgId;
     };
     const getMessageType = (message) => {

package/lib/Socket/socket.js

@@ -192,13 +192,14 @@ const makeSocket = (config) => {
     };
     /** generates and uploads a set of pre-keys to the server */
     const uploadPreKeys = async (count = Defaults_1.INITIAL_PREKEY_COUNT) => {
+        var _a, _b;
         await keys.transaction(async () => {
             logger.info({ count }, 'uploading pre-keys');
             const { update, node } = await (0, Utils_1.getNextPreKeysNode)({ creds, keys }, count);
             await query(node);
             ev.emit('creds.update', update);
             logger.info({ count }, 'uploaded pre-keys');
-        });
+        }, ((_b = (_a = authState === null || authState === void 0 ? void 0 : authState.creds) === null || _a === void 0 ? void 0 : _a.me) === null || _b === void 0 ? void 0 : _b.id) || 'pre-keys');
     };
     const uploadPreKeysToServerIfRequired = async () => {
         const preKeyCount = await getAvailablePreKeysOnServer();

package/lib/Types/Auth.d.ts

@@ -87,7 +87,7 @@ export type SignalKeyStore = {
 };
 export type SignalKeyStoreWithTransaction = SignalKeyStore & {
     isInTransaction: () => boolean;
-    transaction<T>(exec: () => Promise<T>): Promise<T>;
+    transaction<T>(exec: () => Promise<T>, key: string): Promise<T>;
 };
 export type TransactionCapabilityOptions = {
     maxCommitRetries: number;

package/lib/Utils/auth-utils.d.ts

@@ -1,5 +1,5 @@
 import type { AuthenticationCreds, CacheStore, SignalKeyStore, SignalKeyStoreWithTransaction, TransactionCapabilityOptions } from '../Types';
-import { ILogger } from './logger';
+import type { ILogger } from './logger';
 /**
  * Adds caching capability to a SignalKeyStore
  * @param store the store to add caching to

package/lib/Utils/auth-utils.js

@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.initAuthCreds = exports.addTransactionCapability = void 0;
 exports.makeCacheableSignalKeyStore = makeCacheableSignalKeyStore;
 const node_cache_1 = __importDefault(require("@cacheable/node-cache"));
+const async_mutex_1 = require("async-mutex");
 const crypto_1 = require("crypto");
 const Defaults_1 = require("../Defaults");
 const crypto_2 = require("./crypto");
@@ -23,45 +24,51 @@ function makeCacheableSignalKeyStore(store, logger, _cache) {
             useClones: false,
             deleteOnExpire: true
         });
+    // Mutex for protecting cache operations
+    const cacheMutex = new async_mutex_1.Mutex();
     function getUniqueId(type, id) {
         return `${type}.${id}`;
     }
     return {
         async get(type, ids) {
-            const data = {};
-            const idsToFetch = [];
-            for (const id of ids) {
-                const item = cache.get(getUniqueId(type, id));
-                if (typeof item !== 'undefined') {
-                    data[id] = item;
-                }
-                else {
-                    idsToFetch.push(id);
-                }
-            }
-            if (idsToFetch.length) {
-                logger === null || logger === void 0 ? void 0 : logger.trace({ items: idsToFetch.length }, 'loading from store');
-                const fetched = await store.get(type, idsToFetch);
-                for (const id of idsToFetch) {
-                    const item = fetched[id];
-                    if (item) {
+            return cacheMutex.runExclusive(async () => {
+                const data = {};
+                const idsToFetch = [];
+                for (const id of ids) {
+                    const item = cache.get(getUniqueId(type, id));
+                    if (typeof item !== 'undefined') {
                         data[id] = item;
-                        cache.set(getUniqueId(type, id), item);
+                    }
+                    else {
+                        idsToFetch.push(id);
                     }
                 }
-            }
-            return data;
+                if (idsToFetch.length) {
+                    logger === null || logger === void 0 ? void 0 : logger.trace({ items: idsToFetch.length }, 'loading from store');
+                    const fetched = await store.get(type, idsToFetch);
+                    for (const id of idsToFetch) {
+                        const item = fetched[id];
+                        if (item) {
+                            data[id] = item;
+                            cache.set(getUniqueId(type, id), item);
+                        }
+                    }
+                }
+                return data;
+            });
         },
         async set(data) {
-            let keys = 0;
-            for (const type in data) {
-                for (const id in data[type]) {
-                    cache.set(getUniqueId(type, id), data[type][id]);
-                    keys += 1;
+            return cacheMutex.runExclusive(async () => {
+                let keys = 0;
+                for (const type in data) {
+                    for (const id in data[type]) {
+                        cache.set(getUniqueId(type, id), data[type][id]);
+                        keys += 1;
+                    }
                 }
-            }
-            logger === null || logger === void 0 ? void 0 : logger.trace({ keys }, 'updated cache');
-            await store.set(data);
+                logger === null || logger === void 0 ? void 0 : logger.trace({ keys }, 'updated cache');
+                await store.set(data);
+            });
         },
         async clear() {
             var _a;
@@ -70,6 +77,145 @@ function makeCacheableSignalKeyStore(store, logger, _cache) {
         }
     };
 }
+// Module-level specialized mutexes for pre-key operations
+const preKeyMutex = new async_mutex_1.Mutex();
+const signedPreKeyMutex = new async_mutex_1.Mutex();
+/**
+ * Get the appropriate mutex for the key type
+ */
+const getPreKeyMutex = (keyType) => {
+    return keyType === 'signed-pre-key' ? signedPreKeyMutex : preKeyMutex;
+};
+/**
+ * Handles pre-key operations with mutex protection
+ */
+async function handlePreKeyOperations(data, keyType, transactionCache, mutations, logger, isInTransaction, state) {
+    const mutex = getPreKeyMutex(keyType);
+    await mutex.runExclusive(async () => {
+        const keyData = data[keyType];
+        if (!keyData)
+            return;
+        // Ensure structures exist
+        transactionCache[keyType] = transactionCache[keyType] || {};
+        mutations[keyType] = mutations[keyType] || {};
+        // Separate deletions from updates for batch processing
+        const deletionKeys = [];
+        const updateKeys = [];
+        for (const keyId in keyData) {
+            if (keyData[keyId] === null) {
+                deletionKeys.push(keyId);
+            }
+            else {
+                updateKeys.push(keyId);
+            }
+        }
+        // Process updates first (no validation needed)
+        for (const keyId of updateKeys) {
+            if (transactionCache[keyType]) {
+                transactionCache[keyType][keyId] = keyData[keyId];
+            }
+            if (mutations[keyType]) {
+                mutations[keyType][keyId] = keyData[keyId];
+            }
+        }
+        // Process deletions with validation
+        if (deletionKeys.length === 0)
+            return;
+        if (isInTransaction) {
+            // In transaction, only allow deletion if key exists in cache
+            for (const keyId of deletionKeys) {
+                if (transactionCache[keyType]) {
+                    transactionCache[keyType][keyId] = null;
+                    if (mutations[keyType]) {
+                        // Mark for deletion in mutations
+                        mutations[keyType][keyId] = null;
+                    }
+                }
+                else {
+                    logger.warn(`Skipping deletion of non-existent ${keyType} in transaction: ${keyId}`);
+                }
+            }
+            return;
+        }
+        // Outside transaction, batch validate all deletions
+        if (!state)
+            return;
+        const existingKeys = await state.get(keyType, deletionKeys);
+        for (const keyId of deletionKeys) {
+            if (existingKeys[keyId]) {
+                if (transactionCache[keyType])
+                    transactionCache[keyType][keyId] = null;
+                if (mutations[keyType])
+                    mutations[keyType][keyId] = null;
+            }
+            else {
+                logger.warn(`Skipping deletion of non-existent ${keyType}: ${keyId}`);
+            }
+        }
+    });
+}
+/**
+ * Handles normal key operations for transactions
+ */
+function handleNormalKeyOperations(data, key, transactionCache, mutations) {
+    Object.assign(transactionCache[key], data[key]);
+    mutations[key] = mutations[key] || {};
+    Object.assign(mutations[key], data[key]);
+}
+/**
+ * Process pre-key deletions with validation
+ */
+async function processPreKeyDeletions(data, keyType, state, logger) {
+    const mutex = getPreKeyMutex(keyType);
+    await mutex.runExclusive(async () => {
+        const keyData = data[keyType];
+        if (!keyData)
+            return;
+        // Validate deletions
+        for (const keyId in keyData) {
+            if (keyData[keyId] === null) {
+                const existingKeys = await state.get(keyType, [keyId]);
+                if (!existingKeys[keyId]) {
+                    logger.warn(`Skipping deletion of non-existent ${keyType}: ${keyId}`);
+                    if (data[keyType])
+                        delete data[keyType][keyId];
+                }
+            }
+        }
+    });
+}
+/**
+ * Executes a function with mutexes acquired for given key types
+ * Uses async-mutex's runExclusive with efficient batching
+ */
+async function withMutexes(keyTypes, getKeyTypeMutex, fn) {
+    if (keyTypes.length === 0) {
+        return fn();
+    }
+    if (keyTypes.length === 1) {
+        return getKeyTypeMutex(keyTypes[0]).runExclusive(fn);
+    }
+    // For multiple mutexes, sort by key type to prevent deadlocks
+    // Then acquire all mutexes in order using Promise.all for better efficiency
+    const sortedKeyTypes = [...keyTypes].sort();
+    const mutexes = sortedKeyTypes.map(getKeyTypeMutex);
+    // Acquire all mutexes in order to prevent deadlocks
+    const releases = [];
+    try {
+        for (const mutex of mutexes) {
+            releases.push(await mutex.acquire());
+        }
+        return await fn();
+    }
+    finally {
+        // Release in reverse order
+        while (releases.length > 0) {
+            const release = releases.pop();
+            if (release)
+                release();
+        }
+    }
+}
 /**
  * Adds DB like transaction capability (https://en.wikipedia.org/wiki/Database_transaction) to the SignalKeyStore,
  * this allows batch read & write operations & improves the performance of the lib
@@ -83,7 +229,119 @@ const addTransactionCapability = (state, logger, { maxCommitRetries, delayBetwee
     let dbQueriesInTransaction = 0;
     let transactionCache = {};
     let mutations = {};
+    // Map to hold mutexes for different key types
+    const mutexMap = new Map();
+    // Track last usage time for sender key mutexes (for cleanup)
+    const mutexLastUsed = new Map();
+    // Mutex expiration time: 1 hour in milliseconds
+    const SENDER_KEY_MUTEX_EXPIRY_MS = 60 * 60 * 1000;
+    // Cleanup interval: every 30 minutes
+    const CLEANUP_INTERVAL_MS = 30 * 60 * 1000;
+    // Cleanup timer
+    let cleanupTimer = null;
+    // Start cleanup timer if not already running
+    function startCleanupTimer() {
+        if (!cleanupTimer) {
+            cleanupTimer = setInterval(() => {
+                cleanupExpiredMutexes();
+            }, CLEANUP_INTERVAL_MS);
+        }
+    }
+    startCleanupTimer();
+    // Clean up expired mutexes
+    function cleanupExpiredMutexes() {
+        const now = Date.now();
+        const expiredKeys = [];
+        for (const [key, lastUsed] of mutexLastUsed.entries()) {
+            if (now - lastUsed > SENDER_KEY_MUTEX_EXPIRY_MS) {
+                const mutex = mutexMap.get(key);
+                if (mutex && !mutex.isLocked()) {
+                    expiredKeys.push(key);
+                }
+            }
+        }
+        if (expiredKeys.length > 0) {
+            for (const key of expiredKeys) {
+                mutexMap.delete(key);
+                mutexLastUsed.delete(key);
+            }
+            logger.info({ expiredKeys: expiredKeys.length }, 'cleaned up expired mutexes');
+        }
+    }
     let transactionsInProgress = 0;
+    function getKeyTypeMutex(type) {
+        return getMutex(`keytype:${type}`);
+    }
+    function getSenderKeyMutex(senderKeyName) {
+        return getMutex(`senderkey:${senderKeyName}`);
+    }
+    function getTransactionMutex(key) {
+        return getMutex(`transaction:${key}`);
+    }
+    // Get or create a mutex for a specific key name
+    function getMutex(key) {
+        let mutex = mutexMap.get(key);
+        if (!mutex) {
+            mutex = new async_mutex_1.Mutex();
+            mutexMap.set(key, mutex);
+            if (mutexMap.size === 1) {
+                startCleanupTimer();
+            }
+            logger.info({ key }, 'created new mutex');
+        }
+        // Atualizar último uso para cleanup
+        mutexLastUsed.set(key, Date.now());
+        return mutex;
+    }
+    // Sender key operations with proper mutex sequencing
+    function queueSenderKeyOperation(senderKeyName, operation) {
+        return getSenderKeyMutex(senderKeyName).runExclusive(operation);
+    }
+    // Check if we are currently in a transaction
+    function isInTransaction() {
+        return transactionsInProgress > 0;
+    }
+    // Helper function to handle transaction commit with retries
+    async function commitTransaction() {
+        if (!Object.keys(mutations).length) {
+            logger.trace('no mutations in transaction');
+            return;
+        }
+        logger.trace('committing transaction');
+        let tries = maxCommitRetries;
+        while (tries > 0) {
+            tries -= 1;
+            try {
+                await state.set(mutations);
+                logger.trace({ dbQueriesInTransaction }, 'committed transaction');
+                return;
+            }
+            catch (error) {
+                logger.warn(`failed to commit ${Object.keys(mutations).length} mutations, tries left=${tries}`);
+                if (tries > 0) {
+                    await (0, generics_1.delay)(delayBetweenTriesMs);
+                }
+            }
+        }
+    }
+    // Helper function to clean up transaction state
+    function cleanupTransactionState() {
+        transactionsInProgress -= 1;
+        if (transactionsInProgress === 0) {
+            transactionCache = {};
+            mutations = {};
+            dbQueriesInTransaction = 0;
+        }
+    }
+    // Helper function to execute work within transaction
+    async function executeTransactionWork(work) {
+        const result = await work();
+        // commit if this is the outermost transaction
+        if (transactionsInProgress === 1) {
+            await commitTransaction();
+        }
+        return result;
+    }
     return {
         get: async (type, ids) => {
             if (isInTransaction()) {
@@ -92,9 +350,30 @@ const addTransactionCapability = (state, logger, { maxCommitRetries, delayBetwee
                 // only fetch if there are any items to fetch
                 if (idsRequiringFetch.length) {
                     dbQueriesInTransaction += 1;
-                    const result = await state.get(type, idsRequiringFetch);
-                    transactionCache[type] || (transactionCache[type] = {});
-                    Object.assign(transactionCache[type], result);
+                    // Use per-sender-key queue for sender-key operations when possible
+                    if (type === 'sender-key') {
+                        logger.info({ idsRequiringFetch }, 'processing sender keys in transaction');
+                        // For sender keys, process each one with queued operations to maintain serialization
+                        for (const senderKeyName of idsRequiringFetch) {
+                            await queueSenderKeyOperation(senderKeyName, async () => {
+                                logger.info({ senderKeyName }, 'fetching sender key in transaction');
+                                const result = await state.get(type, [senderKeyName]);
+                                // Update transaction cache
+                                transactionCache[type] || (transactionCache[type] = {});
+                                Object.assign(transactionCache[type], result);
+                                logger.info({ senderKeyName, hasResult: !!result[senderKeyName] }, 'sender key fetch complete');
+                            });
+                        }
+                    }
+                    else {
+                        // Use runExclusive for cleaner mutex handling
+                        await getKeyTypeMutex(type).runExclusive(async () => {
+                            const result = await state.get(type, idsRequiringFetch);
+                            // Update transaction cache
+                            transactionCache[type] || (transactionCache[type] = {});
+                            Object.assign(transactionCache[type], result);
+                        });
+                    }
                 }
                 return ids.reduce((dict, id) => {
                     var _a;
@@ -106,10 +385,22 @@ const addTransactionCapability = (state, logger, { maxCommitRetries, delayBetwee
                 }, {});
             }
             else {
-                return state.get(type, ids);
+                // Not in transaction, fetch directly with queue protection
+                if (type === 'sender-key') {
+                    // For sender keys, use individual queues to maintain per-key serialization
+                    const results = {};
+                    for (const senderKeyName of ids) {
+                        const result = await queueSenderKeyOperation(senderKeyName, async () => await state.get(type, [senderKeyName]));
+                        Object.assign(results, result);
+                    }
+                    return results;
+                }
+                else {
+                    return await getKeyTypeMutex(type).runExclusive(() => state.get(type, ids));
+                }
             }
         },
-        set: data => {
+        set: async (data) => {
             if (isInTransaction()) {
                 logger.trace({ types: Object.keys(data) }, 'caching in transaction');
                 for (const key in data) {
@@ -120,58 +411,83 @@ const addTransactionCapability = (state, logger, { maxCommitRetries, delayBetwee
                 }
             }
             else {
-                return state.set(data);
+                // Not in transaction, apply directly with mutex protection
+                const hasSenderKeys = 'sender-key' in data;
+                const senderKeyNames = hasSenderKeys ? Object.keys(data['sender-key'] || {}) : [];
+                if (hasSenderKeys) {
+                    logger.info({ senderKeyNames }, 'processing sender key set operations');
+                    // Handle sender key operations with per-key queues
+                    for (const senderKeyName of senderKeyNames) {
+                        await queueSenderKeyOperation(senderKeyName, async () => {
+                            // Create data subset for this specific sender key
+                            const senderKeyData = {
+                                'sender-key': {
+                                    [senderKeyName]: data['sender-key'][senderKeyName]
+                                }
+                            };
+                            logger.trace({ senderKeyName }, 'storing sender key');
+                            // Apply changes to the store
+                            await state.set(senderKeyData);
+                            logger.trace({ senderKeyName }, 'sender key stored');
+                        });
+                    }
+                    // Handle any non-sender-key data with regular mutexes
+                    const nonSenderKeyData = { ...data };
+                    delete nonSenderKeyData['sender-key'];
+                    if (Object.keys(nonSenderKeyData).length > 0) {
+                        await withMutexes(Object.keys(nonSenderKeyData), getKeyTypeMutex, async () => {
+                            // Process pre-keys and signed-pre-keys separately with specialized mutexes
+                            for (const key_ in nonSenderKeyData) {
+                                const keyType = key_;
+                                if (keyType === 'pre-key') {
+                                    await processPreKeyDeletions(nonSenderKeyData, keyType, state, logger);
+                                }
+                            }
+                            // Apply changes to the store
+                            await state.set(nonSenderKeyData);
+                        });
+                    }
+                }
+                else {
+                    // No sender keys - use original logic
+                    await withMutexes(Object.keys(data), getKeyTypeMutex, async () => {
+                        // Process pre-keys and signed-pre-keys separately with specialized mutexes
+                        for (const key_ in data) {
+                            const keyType = key_;
+                            if (keyType === 'pre-key') {
+                                await processPreKeyDeletions(data, keyType, state, logger);
+                            }
+                        }
+                        // Apply changes to the store
+                        await state.set(data);
+                    });
+                }
             }
         },
         isInTransaction,
-        async transaction(work) {
-            let result;
-            transactionsInProgress += 1;
-            if (transactionsInProgress === 1) {
-                logger.trace('entering transaction');
-            }
+        async transaction(work, key) {
+            const releaseTxMutex = await getTransactionMutex(key).acquire();
             try {
-                result = await work();
-                // commit if this is the outermost transaction
+                transactionsInProgress += 1;
                 if (transactionsInProgress === 1) {
-                    if (Object.keys(mutations).length) {
-                        logger.trace('committing transaction');
-                        // retry mechanism to ensure we've some recovery
-                        // in case a transaction fails in the first attempt
-                        let tries = maxCommitRetries;
-                        while (tries) {
-                            tries -= 1;
-                            //eslint-disable-next-line max-depth
-                            try {
-                                await state.set(mutations);
-                                logger.trace({ dbQueriesInTransaction }, 'committed transaction');
-                                break;
-                            }
-                            catch (error) {
-                                logger.warn(`failed to commit ${Object.keys(mutations).length} mutations, tries left=${tries}`);
-                                await (0, generics_1.delay)(delayBetweenTriesMs);
-                            }
-                        }
-                    }
-                    else {
-                        logger.trace('no mutations in transaction');
-                    }
+                    logger.trace('entering transaction');
                 }
-            }
-            finally {
-                transactionsInProgress -= 1;
-                if (transactionsInProgress === 0) {
-                    transactionCache = {};
-                    mutations = {};
-                    dbQueriesInTransaction = 0;
+                // Release the transaction mutex now that we've updated the counter
+                // This allows other transactions to start preparing
+                releaseTxMutex();
+                try {
+                    return await executeTransactionWork(work);
+                }
+                finally {
+                    cleanupTransactionState();
                 }
             }
-            return result;
+            catch (error) {
+                releaseTxMutex();
+                throw error;
+            }
         }
     };
-    function isInTransaction() {
-        return transactionsInProgress > 0;
-    }
 };
 exports.addTransactionCapability = addTransactionCapability;
 const initAuthCreds = () => {

package/lib/Utils/decode-wa-message.d.ts

@@ -3,6 +3,11 @@ import { BinaryNode } from '../WABinary';
 import { ILogger } from './logger';
 export declare const NO_MESSAGE_FOUND_ERROR_TEXT = "Message absent from node";
 export declare const MISSING_KEYS_ERROR_TEXT = "Key used already or never filled";
+export declare const DECRYPTION_RETRY_CONFIG: {
+    maxRetries: number;
+    baseDelayMs: number;
+    sessionRecordErrors: string[];
+};
 export declare const NACK_REASONS: {
     ParsingError: number;
     UnrecognizedStanza: number;

package/lib/Utils/decode-wa-message.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.decryptMessageNode = exports.extractAddressingContext = exports.NACK_REASONS = exports.MISSING_KEYS_ERROR_TEXT = exports.NO_MESSAGE_FOUND_ERROR_TEXT = void 0;
+exports.decryptMessageNode = exports.extractAddressingContext = exports.NACK_REASONS = exports.DECRYPTION_RETRY_CONFIG = exports.MISSING_KEYS_ERROR_TEXT = exports.NO_MESSAGE_FOUND_ERROR_TEXT = void 0;
 exports.decodeMessageNode = decodeMessageNode;
 const boom_1 = require("@hapi/boom");
 const WAProto_1 = require("../../WAProto");
@@ -34,6 +34,12 @@ const storeMappingFromEnvelope = async (stanza, sender, decryptionJid, repositor
 };
 exports.NO_MESSAGE_FOUND_ERROR_TEXT = 'Message absent from node';
 exports.MISSING_KEYS_ERROR_TEXT = 'Key used already or never filled';
+// Retry configuration for failed decryption
+exports.DECRYPTION_RETRY_CONFIG = {
+    maxRetries: 3,
+    baseDelayMs: 100,
+    sessionRecordErrors: ['No session record', 'SessionError: No session record']
+};
 exports.NACK_REASONS = {
     ParsingError: 487,
     UnrecognizedStanza: 488,
@@ -186,30 +192,30 @@ const decryptMessageNode = (stanza, meId, meLid, repository, logger) => {
                     let msgBuffer;
                     try {
                         const e2eType = tag === 'plaintext' ? 'plaintext' : attrs.type;
-                        switch (e2eType) {
-                            case 'skmsg':
-                                msgBuffer = await repository.decryptGroupMessage({
-                                    group: sender,
-                                    authorJid: author,
-                                    msg: content
-                                });
-                                break;
-                            case 'pkmsg':
-                            case 'msg':
-                                const user = (0, WABinary_1.isJidUser)(sender) ? sender : author;
-                                const decryptionJid = await getDecryptionJid(user, repository);
-                                msgBuffer = await repository.decryptMessage({
-                                    jid: decryptionJid,
-                                    type: e2eType,
-                                    ciphertext: content
-                                });
-                                await storeMappingFromEnvelope(stanza, user, decryptionJid, repository, logger);
-                                break;
-                            case 'plaintext':
-                                msgBuffer = content;
-                                break;
-                            default:
-                                throw new Error(`Unknown e2e type: ${e2eType}`);
+                        if (e2eType !== 'plaintext') {
+                            msgBuffer = await decryptWithRetry(async () => {
+                                switch (e2eType) {
+                                    case 'skmsg':
+                                        return await repository.decryptGroupMessage({
+                                            group: sender,
+                                            authorJid: author,
+                                            msg: content
+                                        });
+                                    case 'pkmsg':
+                                    case 'msg':
+                                        const user = (0, WABinary_1.isJidUser)(sender) ? sender : author;
+                                        return await repository.decryptMessage({
+                                            jid: user,
+                                            type: e2eType,
+                                            ciphertext: content
+                                        });
+                                    default:
+                                        throw new Error(`Unknown e2e type: ${e2eType}`);
+                                }
+                            }, logger, fullMessage.key, e2eType);
+                        }
+                        else {
+                            msgBuffer = content;
                         }
                         let msg = WAProto_1.proto.Message.decode(e2eType !== 'plaintext' ? (0, generics_1.unpadRandomMax16)(msgBuffer) : msgBuffer);
                         msg = ((_a = msg.deviceSentMessage) === null || _a === void 0 ? void 0 : _a.message) || msg;
@@ -222,7 +228,7 @@ const decryptMessageNode = (stanza, meId, meLid, repository, logger) => {
                                 });
                             }
                             catch (err) {
-                                logger.error({ key: fullMessage.key, err }, 'failed to decrypt message');
+                                logger.error({ key: fullMessage.key, err }, 'failed to process sender key distribution message');
                             }
                         }
                         if (fullMessage.message) {
@@ -233,7 +239,15 @@ const decryptMessageNode = (stanza, meId, meLid, repository, logger) => {
                         }
                     }
                     catch (err) {
-                        logger.error({ key: fullMessage.key, err }, 'failed to decrypt message');
+                        const errorContext = {
+                            key: fullMessage.key,
+                            err,
+                            messageType: tag === 'plaintext' ? 'plaintext' : attrs.type,
+                            sender,
+                            author,
+                            isSessionRecordError: isSessionRecordError(err)
+                        };
+                        logger.error(errorContext, 'failed to decrypt message');
                         fullMessage.messageStubType = WAProto_1.proto.WebMessageInfo.StubType.CIPHERTEXT;
                         fullMessage.messageStubParameters = [err.message];
                     }
@@ -248,3 +262,51 @@ const decryptMessageNode = (stanza, meId, meLid, repository, logger) => {
     };
 };
 exports.decryptMessageNode = decryptMessageNode;
+/**
+ * Utility function to check if an error is related to missing session record
+ */
+function isSessionRecordError(error) {
+    const errorMessage = (error === null || error === void 0 ? void 0 : error.message) || (error === null || error === void 0 ? void 0 : error.toString()) || '';
+    return exports.DECRYPTION_RETRY_CONFIG.sessionRecordErrors.some(errorPattern => errorMessage.includes(errorPattern));
+}
+/**
+ * Sleep utility for retry delays
+ */
+function sleep(ms) {
+    return new Promise(resolve => setTimeout(resolve, ms));
+}
+/**
+ * Decrypt a single message with retry logic for session record errors
+ */
+async function decryptWithRetry(decryptFn, logger, messageKey, messageType) {
+    let lastError;
+    for (let attempt = 0; attempt <= exports.DECRYPTION_RETRY_CONFIG.maxRetries; attempt++) {
+        try {
+            return await decryptFn();
+        }
+        catch (error) {
+            lastError = error;
+            // Only retry for session record errors
+            if (!isSessionRecordError(error)) {
+                throw error;
+            }
+            // Don't retry on the last attempt
+            if (attempt === exports.DECRYPTION_RETRY_CONFIG.maxRetries) {
+                break;
+            }
+            // Calculate delay with exponential backoff
+            const delay = exports.DECRYPTION_RETRY_CONFIG.baseDelayMs * Math.pow(2, attempt);
+            logger.warn({
+                key: messageKey,
+                attempt: attempt + 1,
+                maxRetries: exports.DECRYPTION_RETRY_CONFIG.maxRetries + 1,
+                error: error.message,
+                messageType,
+                delayMs: delay
+            }, 'Session record error detected, retrying decryption');
+            await sleep(delay);
+        }
+    }
+    // If all retries failed, throw the last error
+    throw lastError;
+}

package/lib/Utils/process-message.js

@@ -165,7 +165,7 @@ const processMessage = async (message, { shouldProcessHistoryMsg, placeholderRes
                             newAppStateSyncKeyId = strKeyId;
                         }
                         logger === null || logger === void 0 ? void 0 : logger.info({ newAppStateSyncKeyId, newKeys }, 'injecting new app state sync keys');
-                    });
+                    }, meId);
                     ev.emit('creds.update', { myAppStateKeyId: newAppStateSyncKeyId });
                 }
                 else {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@periskope/baileys",
-  "version": "6.7.18-17-7",
+  "version": "6.7.18-17-9",
   "description": "WhatsApp API",
   "keywords": [
     "periskope",