npm - @private.me/xbind - Versions diffs - 1.2.0 - Mend

@private.me/xbind 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (295) hide show

package/AGENTS.md +778 -0
package/LICENSE.md +27 -0
package/README.md +400 -0
package/dist-standalone/_deps/crypto/base64.d.ts +29 -0
package/dist-standalone/_deps/crypto/base64.js +97 -0
package/dist-standalone/_deps/crypto/cjs/base64.js +103 -0
package/dist-standalone/_deps/crypto/cjs/errors.js +119 -0
package/dist-standalone/_deps/crypto/cjs/hmac.js +71 -0
package/dist-standalone/_deps/crypto/cjs/index.js +86 -0
package/dist-standalone/_deps/crypto/cjs/padding.js +57 -0
package/dist-standalone/_deps/crypto/cjs/share-header.js +68 -0
package/dist-standalone/_deps/crypto/cjs/shares.js +152 -0
package/dist-standalone/_deps/crypto/cjs/tlv.js +199 -0
package/dist-standalone/_deps/crypto/cjs/uuid.js +61 -0
package/dist-standalone/_deps/crypto/cjs/verify.js +24 -0
package/dist-standalone/_deps/crypto/cjs/xorida.js +221 -0
package/dist-standalone/_deps/crypto/errors.d.ts +51 -0
package/dist-standalone/_deps/crypto/errors.js +109 -0
package/dist-standalone/_deps/crypto/hmac.d.ts +39 -0
package/dist-standalone/_deps/crypto/hmac.js +66 -0
package/dist-standalone/_deps/crypto/index.d.ts +20 -0
package/dist-standalone/_deps/crypto/index.js +45 -0
package/dist-standalone/_deps/crypto/padding.d.ts +19 -0
package/dist-standalone/_deps/crypto/padding.js +53 -0
package/dist-standalone/_deps/crypto/share-header.d.ts +44 -0
package/dist-standalone/_deps/crypto/share-header.js +63 -0
package/dist-standalone/_deps/crypto/shares.d.ts +27 -0
package/dist-standalone/_deps/crypto/shares.js +148 -0
package/dist-standalone/_deps/crypto/tlv.d.ts +26 -0
package/dist-standalone/_deps/crypto/tlv.js +195 -0
package/dist-standalone/_deps/crypto/uuid.d.ts +22 -0
package/dist-standalone/_deps/crypto/uuid.js +56 -0
package/dist-standalone/_deps/crypto/verify.d.ts +15 -0
package/dist-standalone/_deps/crypto/verify.js +15 -0
package/dist-standalone/_deps/crypto/xorida.d.ts +44 -0
package/dist-standalone/_deps/crypto/xorida.js +215 -0
package/dist-standalone/_deps/mldsa-wasm/LICENSE +24 -0
package/dist-standalone/_deps/mldsa-wasm/dist/mldsa.js +1920 -0
package/dist-standalone/_deps/mldsa-wasm/package.json +46 -0
package/dist-standalone/_deps/mldsa-wasm/types/mldsa.d.ts +30 -0
package/dist-standalone/_deps/shared/cjs/errors.js +582 -0
package/dist-standalone/_deps/shared/cjs/index.js +492 -0
package/dist-standalone/_deps/shared/cjs/package.json +1 -0
package/dist-standalone/_deps/shared/cjs/types.js +403 -0
package/dist-standalone/_deps/shared/errors.d.ts +48 -0
package/dist-standalone/_deps/shared/errors.d.ts.map +1 -0
package/dist-standalone/_deps/shared/errors.js +192 -0
package/dist-standalone/_deps/shared/errors.js.map +1 -0
package/dist-standalone/_deps/shared/index.d.ts +4 -0
package/dist-standalone/_deps/shared/index.d.ts.map +1 -0
package/dist-standalone/_deps/shared/index.js +78 -0
package/dist-standalone/_deps/shared/index.js.map +1 -0
package/dist-standalone/_deps/shared/types.d.ts +1097 -0
package/dist-standalone/_deps/shared/types.d.ts.map +1 -0
package/dist-standalone/_deps/shared/types.js +89 -0
package/dist-standalone/_deps/shared/types.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/errors.d.ts +115 -0
package/dist-standalone/_deps/ux-helpers/cjs/errors.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/errors.js +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/errors.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/index.d.ts +13 -0
package/dist-standalone/_deps/ux-helpers/cjs/index.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/index.js +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/index.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/package.json +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/pagination.d.ts +39 -0
package/dist-standalone/_deps/ux-helpers/cjs/pagination.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js +83 -0
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/progress.d.ts +99 -0
package/dist-standalone/_deps/ux-helpers/cjs/progress.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/progress.js +143 -0
package/dist-standalone/_deps/ux-helpers/cjs/progress.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/search.d.ts +32 -0
package/dist-standalone/_deps/ux-helpers/cjs/search.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/search.js +119 -0
package/dist-standalone/_deps/ux-helpers/cjs/search.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/types.d.ts +109 -0
package/dist-standalone/_deps/ux-helpers/cjs/types.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/cjs/types.js +8 -0
package/dist-standalone/_deps/ux-helpers/cjs/types.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/errors.d.ts +115 -0
package/dist-standalone/_deps/ux-helpers/errors.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/errors.js +253 -0
package/dist-standalone/_deps/ux-helpers/errors.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/index.d.ts +13 -0
package/dist-standalone/_deps/ux-helpers/index.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/index.js +16 -0
package/dist-standalone/_deps/ux-helpers/index.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/pagination.d.ts +39 -0
package/dist-standalone/_deps/ux-helpers/pagination.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/pagination.js +79 -0
package/dist-standalone/_deps/ux-helpers/pagination.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/progress.d.ts +99 -0
package/dist-standalone/_deps/ux-helpers/progress.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/progress.js +138 -0
package/dist-standalone/_deps/ux-helpers/progress.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/search.d.ts +32 -0
package/dist-standalone/_deps/ux-helpers/search.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/search.js +116 -0
package/dist-standalone/_deps/ux-helpers/search.js.map +1 -0
package/dist-standalone/_deps/ux-helpers/types.d.ts +109 -0
package/dist-standalone/_deps/ux-helpers/types.d.ts.map +1 -0
package/dist-standalone/_deps/ux-helpers/types.js +7 -0
package/dist-standalone/_deps/ux-helpers/types.js.map +1 -0
package/dist-standalone/_deps/xchange/auto-accept.d.ts +127 -0
package/dist-standalone/_deps/xchange/auto-accept.js +1 -0
package/dist-standalone/_deps/xchange/cjs/auto-accept.js +1 -0
package/dist-standalone/_deps/xchange/cjs/errors.js +1 -0
package/dist-standalone/_deps/xchange/cjs/index.js +1 -0
package/dist-standalone/_deps/xchange/cjs/invite-client.js +1 -0
package/dist-standalone/_deps/xchange/cjs/lazy-init.js +1 -0
package/dist-standalone/_deps/xchange/cjs/package.json +1 -0
package/dist-standalone/_deps/xchange/cjs/trust-integration.js +1 -0
package/dist-standalone/_deps/xchange/cjs/xchange.js +1 -0
package/dist-standalone/_deps/xchange/errors.d.ts +69 -0
package/dist-standalone/_deps/xchange/errors.js +1 -0
package/dist-standalone/_deps/xchange/index.d.ts +15 -0
package/dist-standalone/_deps/xchange/index.js +1 -0
package/dist-standalone/_deps/xchange/invite-client.d.ts +178 -0
package/dist-standalone/_deps/xchange/invite-client.js +1 -0
package/dist-standalone/_deps/xchange/lazy-init.d.ts +176 -0
package/dist-standalone/_deps/xchange/lazy-init.js +1 -0
package/dist-standalone/_deps/xchange/trust-integration.d.ts +102 -0
package/dist-standalone/_deps/xchange/trust-integration.js +1 -0
package/dist-standalone/_deps/xchange/xchange.d.ts +60 -0
package/dist-standalone/_deps/xchange/xchange.js +1 -0
package/dist-standalone/_deps/xregistry/cjs/discovery.js +1 -0
package/dist-standalone/_deps/xregistry/cjs/errors.js +1 -0
package/dist-standalone/_deps/xregistry/cjs/index.js +1 -0
package/dist-standalone/_deps/xregistry/cjs/package.json +1 -0
package/dist-standalone/_deps/xregistry/cjs/registry.js +1 -0
package/dist-standalone/_deps/xregistry/cjs/schema.js +1 -0
package/dist-standalone/_deps/xregistry/cjs/types.js +1 -0
package/dist-standalone/_deps/xregistry/discovery.d.ts +126 -0
package/dist-standalone/_deps/xregistry/discovery.d.ts.map +1 -0
package/dist-standalone/_deps/xregistry/discovery.js +1 -0
package/dist-standalone/_deps/xregistry/discovery.js.map +1 -0
package/dist-standalone/_deps/xregistry/errors.d.ts +41 -0
package/dist-standalone/_deps/xregistry/errors.d.ts.map +1 -0
package/dist-standalone/_deps/xregistry/errors.js +1 -0
package/dist-standalone/_deps/xregistry/errors.js.map +1 -0
package/dist-standalone/_deps/xregistry/index.d.ts +8 -0
package/dist-standalone/_deps/xregistry/index.d.ts.map +1 -0
package/dist-standalone/_deps/xregistry/index.js +1 -0
package/dist-standalone/_deps/xregistry/index.js.map +1 -0
package/dist-standalone/_deps/xregistry/registry.d.ts +85 -0
package/dist-standalone/_deps/xregistry/registry.d.ts.map +1 -0
package/dist-standalone/_deps/xregistry/registry.js +1 -0
package/dist-standalone/_deps/xregistry/registry.js.map +1 -0
package/dist-standalone/_deps/xregistry/schema.d.ts +81 -0
package/dist-standalone/_deps/xregistry/schema.d.ts.map +1 -0
package/dist-standalone/_deps/xregistry/schema.js +1 -0
package/dist-standalone/_deps/xregistry/schema.js.map +1 -0
package/dist-standalone/_deps/xregistry/types.d.ts +95 -0
package/dist-standalone/_deps/xregistry/types.d.ts.map +1 -0
package/dist-standalone/_deps/xregistry/types.js +1 -0
package/dist-standalone/_deps/xregistry/types.js.map +1 -0
package/dist-standalone/agent-call.d.ts +286 -0
package/dist-standalone/agent-call.js +642 -0
package/dist-standalone/agent-sdk.d.ts +207 -0
package/dist-standalone/agent-sdk.js +328 -0
package/dist-standalone/agent.d.ts +670 -0
package/dist-standalone/agent.js +1529 -0
package/dist-standalone/approval.d.ts +145 -0
package/dist-standalone/approval.js +193 -0
package/dist-standalone/auth.d.ts +75 -0
package/dist-standalone/auth.js +219 -0
package/dist-standalone/auto-accept.d.ts +102 -0
package/dist-standalone/auto-accept.js +229 -0
package/dist-standalone/backup-config.d.ts +150 -0
package/dist-standalone/backup-config.js +201 -0
package/dist-standalone/checkpoint.d.ts +125 -0
package/dist-standalone/checkpoint.js +186 -0
package/dist-standalone/cjs/agent-call.js +651 -0
package/dist-standalone/cjs/agent-sdk.js +332 -0
package/dist-standalone/cjs/agent.js +1566 -0
package/dist-standalone/cjs/approval.js +199 -0
package/dist-standalone/cjs/auth.js +225 -0
package/dist-standalone/cjs/auto-accept.js +233 -0
package/dist-standalone/cjs/backup-config.js +207 -0
package/dist-standalone/cjs/checkpoint.js +193 -0
package/dist-standalone/cjs/cli/init.js +487 -0
package/dist-standalone/cjs/connect.js +312 -0
package/dist-standalone/cjs/did-document.js +101 -0
package/dist-standalone/cjs/did-privateme.js +130 -0
package/dist-standalone/cjs/did-web.js +201 -0
package/dist-standalone/cjs/discovery.js +462 -0
package/dist-standalone/cjs/dual-mode.js +251 -0
package/dist-standalone/cjs/email-templates.js +313 -0
package/dist-standalone/cjs/email-transport.js +239 -0
package/dist-standalone/cjs/envelope.js +510 -0
package/dist-standalone/cjs/errors.js +562 -0
package/dist-standalone/cjs/gateway-state.js +55 -0
package/dist-standalone/cjs/gateway-transport.js +120 -0
package/dist-standalone/cjs/guardrails.js +223 -0
package/dist-standalone/cjs/http-compat.js +272 -0
package/dist-standalone/cjs/identity.js +541 -0
package/dist-standalone/cjs/index.js +224 -0
package/dist-standalone/cjs/invitation.js +421 -0
package/dist-standalone/cjs/invite.js +328 -0
package/dist-standalone/cjs/key-agreement.js +246 -0
package/dist-standalone/cjs/lazy-init.js +300 -0
package/dist-standalone/cjs/mdns-discovery.js +202 -0
package/dist-standalone/cjs/nonce-store.js +66 -0
package/dist-standalone/cjs/package.json +3 -0
package/dist-standalone/cjs/pairing-manager.js +223 -0
package/dist-standalone/cjs/policy.js +320 -0
package/dist-standalone/cjs/redis-nonce-store.js +76 -0
package/dist-standalone/cjs/registry-middleware.js +50 -0
package/dist-standalone/cjs/retry-transport.js +102 -0
package/dist-standalone/cjs/security-policy.js +204 -0
package/dist-standalone/cjs/split-channel.js +177 -0
package/dist-standalone/cjs/subscription-proof.js +230 -0
package/dist-standalone/cjs/succession.js +148 -0
package/dist-standalone/cjs/transport.js +63 -0
package/dist-standalone/cjs/trust-registry.js +742 -0
package/dist-standalone/cjs/verify.js +25 -0
package/dist-standalone/cjs/xfetch.js +252 -0
package/dist-standalone/cli/init.d.ts +63 -0
package/dist-standalone/cli/init.js +450 -0
package/dist-standalone/connect.d.ts +143 -0
package/dist-standalone/connect.js +274 -0
package/dist-standalone/did-document.d.ts +65 -0
package/dist-standalone/did-document.js +96 -0
package/dist-standalone/did-privateme.d.ts +70 -0
package/dist-standalone/did-privateme.js +121 -0
package/dist-standalone/did-web.d.ts +73 -0
package/dist-standalone/did-web.js +196 -0
package/dist-standalone/discovery.d.ts +176 -0
package/dist-standalone/discovery.js +458 -0
package/dist-standalone/dual-mode.d.ts +145 -0
package/dist-standalone/dual-mode.js +247 -0
package/dist-standalone/email-templates.d.ts +41 -0
package/dist-standalone/email-templates.js +309 -0
package/dist-standalone/email-transport.d.ts +139 -0
package/dist-standalone/email-transport.js +232 -0
package/dist-standalone/envelope.d.ts +288 -0
package/dist-standalone/envelope.js +497 -0
package/dist-standalone/errors.d.ts +74 -0
package/dist-standalone/errors.js +548 -0
package/dist-standalone/gateway-state.d.ts +32 -0
package/dist-standalone/gateway-state.js +51 -0
package/dist-standalone/gateway-transport.d.ts +59 -0
package/dist-standalone/gateway-transport.js +116 -0
package/dist-standalone/guardrails.d.ts +136 -0
package/dist-standalone/guardrails.js +216 -0
package/dist-standalone/http-compat.d.ts +150 -0
package/dist-standalone/http-compat.js +267 -0
package/dist-standalone/identity.d.ts +176 -0
package/dist-standalone/identity.js +516 -0
package/dist-standalone/index.d.ts +83 -0
package/dist-standalone/index.js +51 -0
package/dist-standalone/invitation.d.ts +211 -0
package/dist-standalone/invitation.js +415 -0
package/dist-standalone/invite.d.ts +192 -0
package/dist-standalone/invite.js +324 -0
package/dist-standalone/key-agreement.d.ts +122 -0
package/dist-standalone/key-agreement.js +236 -0
package/dist-standalone/lazy-init.d.ts +167 -0
package/dist-standalone/lazy-init.js +295 -0
package/dist-standalone/mdns-discovery.d.ts +117 -0
package/dist-standalone/mdns-discovery.js +195 -0
package/dist-standalone/nonce-store.d.ts +39 -0
package/dist-standalone/nonce-store.js +62 -0
package/dist-standalone/package.json +11 -0
package/dist-standalone/pairing-manager.d.ts +147 -0
package/dist-standalone/pairing-manager.js +219 -0
package/dist-standalone/policy.d.ts +150 -0
package/dist-standalone/policy.js +315 -0
package/dist-standalone/redis-nonce-store.d.ts +93 -0
package/dist-standalone/redis-nonce-store.js +72 -0
package/dist-standalone/registry-middleware.d.ts +38 -0
package/dist-standalone/registry-middleware.js +47 -0
package/dist-standalone/retry-transport.d.ts +76 -0
package/dist-standalone/retry-transport.js +98 -0
package/dist-standalone/security-policy.d.ts +146 -0
package/dist-standalone/security-policy.js +198 -0
package/dist-standalone/split-channel.d.ts +69 -0
package/dist-standalone/split-channel.js +171 -0
package/dist-standalone/subscription-proof.d.ts +103 -0
package/dist-standalone/subscription-proof.js +224 -0
package/dist-standalone/succession.d.ts +57 -0
package/dist-standalone/succession.js +142 -0
package/dist-standalone/transport.d.ts +50 -0
package/dist-standalone/transport.js +59 -0
package/dist-standalone/trust-registry.d.ts +286 -0
package/dist-standalone/trust-registry.js +702 -0
package/dist-standalone/verify.d.ts +16 -0
package/dist-standalone/verify.js +16 -0
package/dist-standalone/xfetch.d.ts +129 -0
package/dist-standalone/xfetch.js +247 -0
package/llms.txt +800 -0
package/package.json +79 -0
package/share1.dat +0 -0

package/dist-standalone/cjs/backup-config.js ADDED Viewed

@@ -0,0 +1,207 @@
+"use strict";
+/**
+ * XorIDA Backup Configuration for Key Splitting
+ *
+ * Provides default backup configuration (k=2, n=3) and utilities for
+ * splitting cryptographic keys across multiple shares using information-
+ * theoretic threshold secret sharing.
+ *
+ * @module backup-config
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_BACKUP_CONFIG = void 0;
+exports.validateBackupConfig = validateBackupConfig;
+exports.splitKeyWithBackup = splitKeyWithBackup;
+exports.reconstructKeyFromBackup = reconstructKeyFromBackup;
+const shared_1 = require("../_deps/shared/index.js");
+const crypto_1 = require("../_deps/crypto/index.js");
+/* ── Constants ── */
+/**
+ * Default backup configuration: 2-of-3 threshold sharing.
+ *
+ * - 3 shares generated
+ * - Any 2 shares can reconstruct the key
+ * - Lose 1 share and still recover (fault tolerance)
+ * - Information-theoretic security (each share reveals zero information)
+ */
+exports.DEFAULT_BACKUP_CONFIG = {
+    threshold: 2,
+    totalShares: 3,
+};
+/* ── Validation ── */
+/**
+ * Validate backup configuration parameters.
+ *
+ * Rules:
+ * - threshold must be >= 2 (single share = no threshold)
+ * - totalShares must be >= threshold
+ * - totalShares must be <= 255 (XorIDA limit)
+ *
+ * @param config - Backup configuration to validate.
+ * @returns Ok if valid, error otherwise.
+ */
+function validateBackupConfig(config) {
+    if (config.threshold < 2) {
+        return (0, shared_1.err)('INVALID_CONFIG');
+    }
+    if (config.totalShares < config.threshold) {
+        return (0, shared_1.err)('INVALID_CONFIG');
+    }
+    if (config.totalShares > 255) {
+        return (0, shared_1.err)('INVALID_CONFIG');
+    }
+    return (0, shared_1.ok)(undefined);
+}
+/* ── Key Splitting ── */
+/**
+ * Split a cryptographic key into backup shares using XorIDA.
+ *
+ * The key is padded, split via information-theoretic threshold sharing,
+ * and returned as BackupShare objects with HMAC integrity protection.
+ *
+ * Any `threshold` shares can reconstruct the original key. Each share
+ * reveals zero information about the key (information-theoretic security).
+ *
+ * @param key - The key to split (32 or 64 bytes typical).
+ * @param config - Backup configuration (defaults to 2-of-3).
+ * @returns Array of backup shares or error.
+ *
+ * @example
+ * ```typescript
+ * import { splitKeyWithBackup, DEFAULT_BACKUP_CONFIG } from '@private.me/xbind';
+ *
+ * const key = crypto.getRandomValues(new Uint8Array(32));
+ *
+ * // Use defaults (2-of-3)
+ * const shares = await splitKeyWithBackup(key);
+ *
+ * // Custom config (3-of-5)
+ * const shares2 = await splitKeyWithBackup(key, {
+ *   threshold: 3,
+ *   totalShares: 5
+ * });
+ *
+ * if (shares.ok) {
+ *   // Store shares in separate locations
+ *   shares.value.forEach((share, i) => {
+ *     storeShare(`backup-${i}.json`, JSON.stringify(share));
+ *   });
+ * }
+ * ```
+ */
+async function splitKeyWithBackup(key, config = exports.DEFAULT_BACKUP_CONFIG) {
+    const validation = validateBackupConfig(config);
+    if (!validation.ok)
+        return validation;
+    if (key.length === 0) {
+        return (0, shared_1.err)('INVALID_KEY_LENGTH');
+    }
+    const n = config.totalShares;
+    const k = config.threshold;
+    const p = (0, crypto_1.nextOddPrime)(n);
+    const blockSize = p - 1;
+    // Pad to block size
+    const padded = (0, crypto_1.pkcs7Pad)(key, blockSize);
+    // Generate HMAC for integrity verification
+    const { key: hmacKey, signature: hmacSig } = await (0, crypto_1.generateHMAC)(padded);
+    const hmacKeyB64 = (0, crypto_1.toBase64)(hmacKey);
+    const hmacSigB64 = (0, crypto_1.toBase64)(hmacSig);
+    // Split via XorIDA
+    let shareArrays;
+    try {
+        shareArrays = (0, crypto_1.splitXorIDA)(padded, n, k);
+    }
+    catch {
+        return (0, shared_1.err)('SPLIT_FAILED');
+    }
+    // Package as BackupShare objects
+    const shares = shareArrays.map((data, index) => ({
+        index,
+        data: (0, crypto_1.toBase64)(data),
+        total: n,
+        threshold: k,
+        hmacKey: hmacKeyB64,
+        hmacSig: hmacSigB64,
+    }));
+    return (0, shared_1.ok)(shares);
+}
+/* ── Key Reconstruction ── */
+/**
+ * Reconstruct a cryptographic key from backup shares.
+ *
+ * Requires at least `threshold` shares. Verifies HMAC before returning
+ * the reconstructed key to prevent tampering.
+ *
+ * @param shares - Backup shares (must be >= threshold).
+ * @returns Reconstructed key or error.
+ *
+ * @example
+ * ```typescript
+ * import { reconstructKeyFromBackup } from '@private.me/xbind';
+ *
+ * // Load shares from storage
+ * const share0 = JSON.parse(loadShare('backup-0.json'));
+ * const share1 = JSON.parse(loadShare('backup-1.json'));
+ *
+ * // Reconstruct from any 2 shares (threshold=2)
+ * const key = await reconstructKeyFromBackup([share0, share1]);
+ *
+ * if (key.ok) {
+ *   // Use reconstructed key
+ *   const agent = await Agent.fromSeed(key.value, opts);
+ * } else {
+ *   console.error('Reconstruction failed:', key.error);
+ * }
+ * ```
+ */
+async function reconstructKeyFromBackup(shares) {
+    if (shares.length === 0) {
+        return (0, shared_1.err)('INSUFFICIENT_SHARES');
+    }
+    const threshold = shares[0].threshold;
+    const total = shares[0].total;
+    if (shares.length < threshold) {
+        return (0, shared_1.err)('INSUFFICIENT_SHARES');
+    }
+    // Use first `threshold` shares
+    const usedShares = shares.slice(0, threshold);
+    // Decode share data
+    let shareData;
+    try {
+        shareData = usedShares.map((s) => (0, crypto_1.fromBase64)(s.data));
+    }
+    catch {
+        return (0, shared_1.err)('INVALID_SHARE_DATA');
+    }
+    const indices = usedShares.map((s) => s.index);
+    // Reconstruct padded key
+    let padded;
+    try {
+        padded = (0, crypto_1.reconstructXorIDA)(shareData, indices, total, threshold);
+    }
+    catch {
+        return (0, shared_1.err)('RECONSTRUCT_FAILED');
+    }
+    // Verify HMAC
+    let hmacKey;
+    let hmacSig;
+    try {
+        hmacKey = (0, crypto_1.fromBase64)(usedShares[0].hmacKey);
+        hmacSig = (0, crypto_1.fromBase64)(usedShares[0].hmacSig);
+    }
+    catch {
+        return (0, shared_1.err)('INVALID_SHARE_DATA');
+    }
+    const hmacValid = await (0, crypto_1.verifyHMAC)(hmacKey, padded, hmacSig);
+    if (!hmacValid) {
+        return (0, shared_1.err)('HMAC_VERIFICATION_FAILED');
+    }
+    // Unpad to recover original key
+    const p = (0, crypto_1.nextOddPrime)(total);
+    const blockSize = p - 1;
+    const unpadResult = (0, crypto_1.pkcs7Unpad)(padded, blockSize);
+    if (!unpadResult.ok) {
+        return (0, shared_1.err)('RECONSTRUCT_FAILED');
+    }
+    return (0, shared_1.ok)(unpadResult.value);
+}

package/dist-standalone/cjs/checkpoint.js ADDED Viewed

@@ -0,0 +1,193 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createCheckpoint = createCheckpoint;
+exports.verifyCheckpoint = verifyCheckpoint;
+exports.isCacheStale = isCacheStale;
+exports.encodeCheckpoint = encodeCheckpoint;
+exports.decodeCheckpoint = decodeCheckpoint;
+const shared_1 = require("../_deps/shared/index.js");
+const identity_js_1 = require("./identity.js");
+/* ── Checkpoint Creation (Gateway-side) ── */
+/**
+ * Create a signed checkpoint for a DID (gateway-side operation).
+ *
+ * Gateway signs the DID state snapshot using its ML-DSA-65 private key.
+ * Clients verify this signature using the gateway's published public key.
+ *
+ * @param subject - DID being checkpointed
+ * @param publicKey - Current public key bytes
+ * @param revoked - Current revocation status
+ * @param rotationSequence - Current rotation sequence counter
+ * @param gatewayPrivateKey - Gateway's ML-DSA-65 secret key (32-byte seed or 4032-byte expanded)
+ * @returns Signed checkpoint or error
+ *
+ * @example
+ * ```typescript
+ * const checkpoint = await createCheckpoint(
+ *   'did:key:z6Mk...',
+ *   publicKeyBytes,
+ *   false,
+ *   5,
+ *   gatewaySecretKey
+ * );
+ * if (checkpoint.ok) {
+ *   // Send checkpoint to client for staleness detection
+ *   sendToClient(checkpoint.value);
+ * }
+ * ```
+ */
+async function createCheckpoint(subject, publicKey, revoked, rotationSequence, gatewayPrivateKey) {
+    const timestamp = Date.now();
+    // Construct canonical message to sign
+    const publicKeyB64 = Buffer.from(publicKey).toString('base64');
+    const message = `DIDStateCheckpoint||1.0||${subject}||${publicKeyB64}||${revoked}||${rotationSequence}||${timestamp}`;
+    const messageBytes = new TextEncoder().encode(message);
+    // Sign using gateway's ML-DSA-65 key
+    const sigResult = await (0, identity_js_1.signMlDsa65)(gatewayPrivateKey, messageBytes);
+    if (!sigResult.ok) {
+        return (0, shared_1.err)('SIGN_FAILED');
+    }
+    return (0, shared_1.ok)({
+        type: 'DIDStateCheckpoint',
+        version: '1.0',
+        subject,
+        current_public_key: publicKeyB64,
+        revoked,
+        rotation_sequence: rotationSequence,
+        timestamp,
+        checkpoint_signature_algorithm: 'ML-DSA-65',
+        checkpoint_signature: Buffer.from(sigResult.value).toString('base64')
+    });
+}
+/* ── Checkpoint Verification (Client-side) ── */
+/**
+ * Verify a checkpoint signature (client-side operation).
+ *
+ * Clients MUST verify checkpoint signatures before trusting the state.
+ * Uses gateway's published ML-DSA-65 public key to verify signature.
+ *
+ * @param checkpoint - Checkpoint to verify
+ * @param gatewayPublicKey - Gateway's ML-DSA-65 public key (1952 bytes)
+ * @returns true if signature valid, false if invalid, error if verification fails
+ *
+ * @example
+ * ```typescript
+ * const valid = await verifyCheckpoint(checkpoint, gatewayPubKey);
+ * if (valid.ok && valid.value) {
+ *   // Checkpoint is authentic - safe to use for staleness detection
+ *   if (isCacheStale(localCache, checkpoint)) {
+ *     // Refresh local cache
+ *   }
+ * }
+ * ```
+ */
+async function verifyCheckpoint(checkpoint, gatewayPublicKey) {
+    // Validate checkpoint format
+    if (checkpoint.type !== 'DIDStateCheckpoint') {
+        return (0, shared_1.err)('INVALID_FORMAT');
+    }
+    if (checkpoint.version !== '1.0') {
+        return (0, shared_1.err)('INVALID_FORMAT');
+    }
+    if (!checkpoint.subject || !checkpoint.current_public_key) {
+        return (0, shared_1.err)('INVALID_FORMAT');
+    }
+    if (typeof checkpoint.rotation_sequence !== 'number' || checkpoint.rotation_sequence < 0) {
+        return (0, shared_1.err)('INVALID_FORMAT');
+    }
+    if (typeof checkpoint.timestamp !== 'number' || checkpoint.timestamp <= 0) {
+        return (0, shared_1.err)('INVALID_TIMESTAMP');
+    }
+    if (checkpoint.checkpoint_signature_algorithm !== 'ML-DSA-65') {
+        return (0, shared_1.err)('INVALID_FORMAT');
+    }
+    // Reconstruct canonical message
+    const message = `DIDStateCheckpoint||1.0||${checkpoint.subject}||${checkpoint.current_public_key}||${checkpoint.revoked}||${checkpoint.rotation_sequence}||${checkpoint.timestamp}`;
+    const messageBytes = new TextEncoder().encode(message);
+    // Decode signature
+    let signature;
+    try {
+        signature = Buffer.from(checkpoint.checkpoint_signature, 'base64');
+    }
+    catch {
+        return (0, shared_1.err)('INVALID_SIGNATURE');
+    }
+    // Verify signature using gateway public key
+    const verifyResult = await (0, identity_js_1.verifyMlDsa65)(gatewayPublicKey, signature, messageBytes);
+    if (!verifyResult.ok) {
+        return (0, shared_1.err)('VERIFY_FAILED');
+    }
+    return (0, shared_1.ok)(verifyResult.value);
+}
+/* ── Staleness Detection ── */
+/**
+ * Detect if local cache is stale compared to gateway checkpoint.
+ *
+ * Cache is stale if:
+ * 1. Checkpoint rotation_sequence > local rotationSequence (key rotated)
+ * 2. Checkpoint revoked !== local revoked (revocation status changed)
+ * 3. Checkpoint public key !== local publicKey (state drift)
+ *
+ * @param localCache - Local cache entry for DID
+ * @param checkpoint - Verified checkpoint from gateway
+ * @returns true if cache needs refresh, false if cache is current
+ *
+ * @example
+ * ```typescript
+ * if (isCacheStale(localCache, checkpoint)) {
+ *   // Local cache is outdated - fetch fresh state from gateway
+ *   const freshState = await registry.getEntry(did);
+ * }
+ * ```
+ */
+function isCacheStale(localCache, checkpoint) {
+    // Sequence number mismatch indicates key rotation
+    if (checkpoint.rotation_sequence > localCache.rotationSequence) {
+        return true;
+    }
+    // Revocation status changed
+    if (checkpoint.revoked !== localCache.revoked) {
+        return true;
+    }
+    // Public key mismatch indicates state drift
+    const checkpointPubKey = Buffer.from(checkpoint.current_public_key, 'base64');
+    if (!Buffer.from(localCache.publicKey).equals(checkpointPubKey)) {
+        return true;
+    }
+    return false;
+}
+/* ── Encoding/Decoding ── */
+/**
+ * Encode checkpoint to JSON string for wire transport.
+ *
+ * @param checkpoint - Checkpoint to encode
+ * @returns JSON string
+ */
+function encodeCheckpoint(checkpoint) {
+    return JSON.stringify(checkpoint);
+}
+/**
+ * Decode checkpoint from JSON string.
+ *
+ * @param encoded - JSON string
+ * @returns Parsed checkpoint or error
+ */
+function decodeCheckpoint(encoded) {
+    try {
+        const parsed = JSON.parse(encoded);
+        // Basic validation
+        if (parsed.type !== 'DIDStateCheckpoint') {
+            return (0, shared_1.err)('INVALID_FORMAT');
+        }
+        if (parsed.version !== '1.0') {
+            return (0, shared_1.err)('INVALID_FORMAT');
+        }
+        if (!parsed.subject || !parsed.current_public_key || !parsed.checkpoint_signature) {
+            return (0, shared_1.err)('INVALID_FORMAT');
+        }
+        return (0, shared_1.ok)(parsed);
+    }
+    catch {
+        return (0, shared_1.err)('INVALID_FORMAT');
+    }
+}