npm - @private.me/xbind - Versions diffs - 3.0.2 → 3.0.4 - Mend

@private.me/xbind 3.0.2 → 3.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (222) hide show

package/README.md +2366 -204
package/dist-standalone/_deps/mldsa-wasm/dist/mldsa.js +1 -1920
package/dist-standalone/_deps/shared/cjs/errors.js +1 -729
package/dist-standalone/_deps/shared/cjs/index.js +1 -463
package/dist-standalone/_deps/shared/cjs/types.js +1 -315
package/dist-standalone/_deps/shared/errors.js +1 -244
package/dist-standalone/_deps/shared/index.js +1 -72
package/dist-standalone/_deps/shared/types.js +1 -86
package/dist-standalone/_deps/ux-helpers/cjs/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/search.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/types.js +1 -1
package/dist-standalone/_deps/ux-helpers/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/search.js +1 -1
package/dist-standalone/_deps/xchange/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/errors.js +1 -1
package/dist-standalone/_deps/xchange/cjs/index.js +1 -1
package/dist-standalone/_deps/xchange/cjs/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/cjs/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/cjs/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/cjs/xchange.js +1 -1
package/dist-standalone/_deps/xchange/errors.js +1 -1
package/dist-standalone/_deps/xchange/index.js +1 -1
package/dist-standalone/_deps/xchange/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/xchange.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/errors.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/index.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/registry.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/schema.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/types.js +1 -1
package/dist-standalone/_deps/xregistry/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/errors.js +1 -1
package/dist-standalone/_deps/xregistry/index.js +1 -1
package/dist-standalone/_deps/xregistry/registry.js +1 -1
package/dist-standalone/_deps/xregistry/schema.js +1 -1
package/dist-standalone/_deps/xregistry/types.js +1 -1
package/dist-standalone/agent-call.d.ts +2 -2
package/dist-standalone/agent-call.js +1 -659
package/dist-standalone/agent-sdk.js +1 -328
package/dist-standalone/agent.d.ts +2 -0
package/dist-standalone/agent.js +1 -1800
package/dist-standalone/approval.js +1 -193
package/dist-standalone/async-iterators.d.ts +3 -3
package/dist-standalone/async-iterators.js +1 -382
package/dist-standalone/auth.js +1 -219
package/dist-standalone/auto-accept.js +1 -229
package/dist-standalone/backup-config.js +1 -201
package/dist-standalone/backup.js +1 -326
package/dist-standalone/batch-operations.js +1 -388
package/dist-standalone/cancellation.js +1 -477
package/dist-standalone/checkpoint.js +1 -186
package/dist-standalone/circuit-breaker.js +1 -468
package/dist-standalone/cjs/agent-call.js +1 -701
package/dist-standalone/cjs/agent-sdk.js +1 -332
package/dist-standalone/cjs/agent.js +1 -1837
package/dist-standalone/cjs/approval.js +1 -199
package/dist-standalone/cjs/async-iterators.js +1 -392
package/dist-standalone/cjs/auth.js +1 -225
package/dist-standalone/cjs/auto-accept.js +1 -233
package/dist-standalone/cjs/backup-config.js +1 -207
package/dist-standalone/cjs/backup.js +1 -330
package/dist-standalone/cjs/batch-operations.js +1 -397
package/dist-standalone/cjs/cancellation.js +1 -490
package/dist-standalone/cjs/checkpoint.js +1 -193
package/dist-standalone/cjs/circuit-breaker.js +1 -476
package/dist-standalone/cjs/cli/init.js +1 -492
package/dist-standalone/cjs/config-validation.js +1 -522
package/dist-standalone/cjs/connect.js +1 -312
package/dist-standalone/cjs/connection-pool.js +1 -506
package/dist-standalone/cjs/correlation-id.js +1 -339
package/dist-standalone/cjs/crypto-utils.js +1 -176
package/dist-standalone/cjs/debug-mode.js +1 -534
package/dist-standalone/cjs/did-document.js +1 -101
package/dist-standalone/cjs/did-privateme.js +1 -130
package/dist-standalone/cjs/did-web.js +1 -201
package/dist-standalone/cjs/discovery.js +1 -462
package/dist-standalone/cjs/dual-mode.js +1 -251
package/dist-standalone/cjs/email-templates.js +1 -313
package/dist-standalone/cjs/email-transport.js +1 -239
package/dist-standalone/cjs/envelope.js +1 -538
package/dist-standalone/cjs/errors.js +1 -913
package/dist-standalone/cjs/event-emitter.js +1 -461
package/dist-standalone/cjs/gateway-state.js +1 -55
package/dist-standalone/cjs/gateway-transport.js +1 -120
package/dist-standalone/cjs/graceful-degradation.js +1 -403
package/dist-standalone/cjs/guardrails.js +1 -223
package/dist-standalone/cjs/health-check.js +1 -336
package/dist-standalone/cjs/http-compat.js +1 -272
package/dist-standalone/cjs/http-status-map.js +1 -571
package/dist-standalone/cjs/identity.js +1 -645
package/dist-standalone/cjs/index.js +1 -406
package/dist-standalone/cjs/invitation.js +1 -421
package/dist-standalone/cjs/invite.js +1 -328
package/dist-standalone/cjs/key-agreement.js +1 -335
package/dist-standalone/cjs/lazy-init.js +1 -300
package/dist-standalone/cjs/logger.js +1 -291
package/dist-standalone/cjs/loopback-transport.js +1 -0
package/dist-standalone/cjs/mdns-discovery.js +1 -202
package/dist-standalone/cjs/nonce-store.js +1 -80
package/dist-standalone/cjs/pairing-manager.js +1 -223
package/dist-standalone/cjs/plugin-system.js +1 -264
package/dist-standalone/cjs/plugins/logging.js +1 -168
package/dist-standalone/cjs/plugins/metrics.js +1 -181
package/dist-standalone/cjs/plugins/validation.js +1 -302
package/dist-standalone/cjs/policy.js +1 -320
package/dist-standalone/cjs/progress-callbacks.js +1 -583
package/dist-standalone/cjs/redis-nonce-store.js +1 -76
package/dist-standalone/cjs/registry-middleware.js +1 -50
package/dist-standalone/cjs/retry-strategies.js +1 -544
package/dist-standalone/cjs/retry-transport.js +1 -102
package/dist-standalone/cjs/runtime/browser.js +1 -533
package/dist-standalone/cjs/runtime/edge.js +1 -526
package/dist-standalone/cjs/runtime/react-native.js +1 -394
package/dist-standalone/cjs/security-policy.js +1 -245
package/dist-standalone/cjs/serialization.js +1 -1040
package/dist-standalone/cjs/split-channel.js +1 -225
package/dist-standalone/cjs/subscription-proof.js +1 -230
package/dist-standalone/cjs/succession.js +1 -148
package/dist-standalone/cjs/timeouts.js +1 -412
package/dist-standalone/cjs/trace-context.js +1 -424
package/dist-standalone/cjs/trace-spans.js +1 -495
package/dist-standalone/cjs/transport.js +1 -63
package/dist-standalone/cjs/trust-registry.js +1 -991
package/dist-standalone/cjs/types/error-response.js +1 -56
package/dist-standalone/cjs/vault-auth.js +1 -178
package/dist-standalone/cjs/vault-store-loader.js +1 -194
package/dist-standalone/cjs/verify.js +1 -25
package/dist-standalone/cjs/version-info.js +1 -543
package/dist-standalone/cjs/xfetch.js +1 -340
package/dist-standalone/cli/init.js +1 -455
package/dist-standalone/cli/setup.js +1 -514
package/dist-standalone/cli/types.js +1 -27
package/dist-standalone/cli/xbind.js +1 -148
package/dist-standalone/config-validation.js +1 -513
package/dist-standalone/connect.js +1 -274
package/dist-standalone/connection-pool.js +1 -500
package/dist-standalone/correlation-id.js +1 -326
package/dist-standalone/crypto-utils.d.ts +2 -7
package/dist-standalone/crypto-utils.js +1 -157
package/dist-standalone/debug-mode.js +1 -510
package/dist-standalone/did-document.js +1 -96
package/dist-standalone/did-privateme.js +1 -121
package/dist-standalone/did-web.js +1 -196
package/dist-standalone/discovery.js +1 -458
package/dist-standalone/dual-mode.js +1 -247
package/dist-standalone/email-templates.js +1 -309
package/dist-standalone/email-transport.d.ts +2 -2
package/dist-standalone/email-transport.js +1 -232
package/dist-standalone/envelope.js +1 -525
package/dist-standalone/errors.d.ts +13 -3
package/dist-standalone/errors.js +1 -896
package/dist-standalone/event-emitter.js +1 -456
package/dist-standalone/gateway-state.d.ts +1 -1
package/dist-standalone/gateway-state.js +1 -51
package/dist-standalone/gateway-transport.js +1 -116
package/dist-standalone/graceful-degradation.js +1 -396
package/dist-standalone/guardrails.js +1 -216
package/dist-standalone/health-check.d.ts +5 -1
package/dist-standalone/health-check.js +1 -332
package/dist-standalone/http-compat.d.ts +1 -1
package/dist-standalone/http-compat.js +1 -267
package/dist-standalone/http-status-map.js +1 -561
package/dist-standalone/identity.js +1 -619
package/dist-standalone/index.d.ts +15 -4
package/dist-standalone/index.js +1 -78
package/dist-standalone/invitation.js +1 -415
package/dist-standalone/invite.js +1 -324
package/dist-standalone/key-agreement.js +1 -325
package/dist-standalone/lazy-init.d.ts +11 -6
package/dist-standalone/lazy-init.js +1 -295
package/dist-standalone/logger.js +1 -285
package/dist-standalone/loopback-transport.d.ts +87 -0
package/dist-standalone/loopback-transport.js +1 -0
package/dist-standalone/mdns-discovery.js +1 -195
package/dist-standalone/nonce-store.js +1 -76
package/dist-standalone/pairing-manager.js +1 -219
package/dist-standalone/plugin-system.js +1 -257
package/dist-standalone/plugins/logging.js +1 -163
package/dist-standalone/plugins/metrics.d.ts +4 -4
package/dist-standalone/plugins/metrics.js +1 -176
package/dist-standalone/plugins/validation.js +1 -297
package/dist-standalone/policy.js +1 -315
package/dist-standalone/progress-callbacks.js +1 -576
package/dist-standalone/redis-nonce-store.js +1 -72
package/dist-standalone/registry-middleware.js +1 -47
package/dist-standalone/retry-strategies.js +1 -534
package/dist-standalone/retry-transport.js +1 -98
package/dist-standalone/runtime/browser.js +1 -516
package/dist-standalone/runtime/edge.js +1 -511
package/dist-standalone/runtime/react-native.d.ts +1 -1
package/dist-standalone/runtime/react-native.js +1 -383
package/dist-standalone/security-policy.js +1 -239
package/dist-standalone/serialization.js +1 -1031
package/dist-standalone/split-channel.d.ts +1 -1
package/dist-standalone/split-channel.js +1 -219
package/dist-standalone/subscription-proof.js +1 -224
package/dist-standalone/succession.js +1 -142
package/dist-standalone/timeouts.js +1 -398
package/dist-standalone/trace-context.js +1 -414
package/dist-standalone/trace-spans.js +1 -488
package/dist-standalone/transport.d.ts +1 -1
package/dist-standalone/transport.js +1 -59
package/dist-standalone/trust-registry.d.ts +3 -3
package/dist-standalone/trust-registry.js +1 -950
package/dist-standalone/types/error-response.js +1 -52
package/dist-standalone/vault-auth.js +1 -174
package/dist-standalone/vault-store-loader.d.ts +9 -0
package/dist-standalone/vault-store-loader.js +1 -187
package/dist-standalone/verify.js +1 -16
package/dist-standalone/version-info.js +1 -530
package/dist-standalone/xfetch.js +1 -335
package/package.json +1 -1
package/share1.dat +0 -0

package/dist-standalone/backup.js CHANGED Viewed

@@ -1,326 +1 @@
-/**
- * Encrypted Backup and Restore (RCV-3)
- *
- * Exports and imports encrypted identity and cryptographic state.
- * Uses PBKDF2 (NIST SP 800-132) for key derivation and AES-256-GCM
- * for authenticated encryption.
- *
- * @module backup
- */
-import { ok, err } from"./_deps/shared/index.js";
-import { toBase64, fromBase64 } from './crypto-utils.js';
-import { exportPKCS8, exportX25519PKCS8, importIdentity, exportMlKemSecretKey, exportMlKemPublicKey, exportMlDsaSecretKey, exportMlDsaPublicKey, } from './identity.js';
-/* ── Constants ── */
-/** PBKDF2 iterations for key derivation (NIST SP 800-132 minimum: 100,000). */
-const PBKDF2_ITERATIONS = 310_000;
-/** PBKDF2 salt length in bytes. */
-const SALT_LENGTH = 16;
-/** AES-256-GCM IV length in bytes. */
-const IV_LENGTH = 12;
-/** AES-256-GCM key length in bytes. */
-const KEY_LENGTH = 32;
-/* ── Utility Functions ── */
-/**
- * Copy Uint8Array to fresh ArrayBuffer (avoids SharedArrayBuffer type issues).
- */
-function toArrayBuffer(data) {
-    const buf = new ArrayBuffer(data.byteLength);
-    new Uint8Array(buf).set(data);
-    return buf;
-}
-/**
- * Derive a 256-bit AES key from password using PBKDF2-SHA256.
- *
- * Uses NIST SP 800-132 recommended parameters:
- * - 310,000 iterations (as of 2025, recommended for 100ms delay on modern hardware)
- * - SHA-256 as PRF
- * - 16-byte salt
- *
- * @param password - User password (UTF-8 string).
- * @param salt - 16-byte random salt.
- * @returns AES-256 key or error.
- */
-async function deriveKey(password, salt) {
-    try {
-        if (salt.length !== SALT_LENGTH) {
-            return err('INVALID_BACKUP');
-        }
-        // Import password as PBKDF2 base key
-        const baseKey = await crypto.subtle.importKey('raw', new TextEncoder().encode(password), 'PBKDF2', false, ['deriveBits']);
-        // Derive 256 bits (32 bytes) for AES-256
-        const derivedBits = new Uint8Array(await crypto.subtle.deriveBits({
-            name: 'PBKDF2',
-            hash: 'SHA-256',
-            salt: toArrayBuffer(salt),
-            iterations: PBKDF2_ITERATIONS,
-        }, baseKey, 256));
-        // Import derived key as AES-GCM key
-        const aesKey = await crypto.subtle.importKey('raw', toArrayBuffer(derivedBits), { name: 'AES-GCM' }, false, ['encrypt', 'decrypt']);
-        return ok(aesKey);
-    }
-    catch {
-        return err('PBKDF2_FAILED');
-    }
-}
-/**
- * Serialize an AgentIdentity to a plaintext backup payload.
- * (The payload is then encrypted before storage.)
- */
-async function serializeIdentity(identity) {
-    try {
-        // Export Ed25519 and X25519 private keys as PKCS8
-        const ed25519PkResult = await exportPKCS8(identity.privateKey);
-        if (!ed25519PkResult.ok)
-            return err('EXPORT_FAILED');
-        const x25519PkResult = await exportX25519PKCS8(identity.x25519PrivateKey);
-        if (!x25519PkResult.ok)
-            return err('EXPORT_FAILED');
-        // Collect ML-KEM and ML-DSA keys if present
-        const mlKemSecretKey = exportMlKemSecretKey(identity);
-        const mlKemPublicKey = exportMlKemPublicKey(identity);
-        const mlDsaSecretKey = exportMlDsaSecretKey(identity);
-        const mlDsaPublicKey = exportMlDsaPublicKey(identity);
-        // Serialize rotated keys
-        const rotatedKeys = identity.rotatedKeys
-            ? await Promise.all(identity.rotatedKeys.map(async (rotated) => {
-                const x25519Pk = await exportX25519PKCS8(rotated.x25519PrivateKey);
-                if (!x25519Pk.ok)
-                    throw new Error('Failed to export rotated X25519 key');
-                return {
-                    rotatedAt: rotated.rotatedAt,
-                    x25519Pkcs8: toBase64(x25519Pk.value),
-                    ...(rotated.mlKemSecretKey ? { mlKemSecretKey: toBase64(rotated.mlKemSecretKey) } : {}),
-                };
-            }))
-            : undefined;
-        return ok({
-            did: identity.did,
-            rawPublicKey: toBase64(identity.rawPublicKey),
-            ed25519Pkcs8: toBase64(ed25519PkResult.value),
-            x25519Pkcs8: toBase64(x25519PkResult.value),
-            ...(mlKemSecretKey ? { mlKemSecretKey: toBase64(mlKemSecretKey) } : {}),
-            ...(mlKemPublicKey ? { mlKemPublicKey: toBase64(mlKemPublicKey) } : {}),
-            ...(mlDsaSecretKey ? { mlDsaSecretKey: toBase64(mlDsaSecretKey) } : {}),
-            ...(mlDsaPublicKey ? { mlDsaPublicKey: toBase64(mlDsaPublicKey) } : {}),
-            ...(rotatedKeys ? { rotatedKeys } : {}),
-            exportedAt: Date.now(),
-        });
-    }
-    catch {
-        return err('EXPORT_FAILED');
-    }
-}
-/* ── Export: Encrypt Identity to Backup ── */
-/**
- * Export an identity as an encrypted backup blob.
- *
- * Encrypts the complete identity (Ed25519, X25519, ML-KEM, ML-DSA keys,
- * rotated keys) with a password using PBKDF2 + AES-256-GCM.
- *
- * The backup can be stored safely in cloud storage, version control, or
- * transmitted over untrusted channels. Only the password holder can decrypt.
- *
- * Security:
- * - PBKDF2-SHA256 with 310,000 iterations (≈100ms on modern hardware)
- * - AES-256-GCM for authenticated encryption
- * - Random salt + IV for each backup (no two backups are identical)
- * - 16-byte GCM tag prevents tampering
- *
- * @param identity - Agent identity to backup.
- * @param password - User password (plaintext). Will be PBKDF2 derived.
- * @returns Encrypted backup blob or error.
- *
- * @example
- * ```typescript
- * import { generateIdentity } from '@private.me/xbind';
- * import { exportBackup } from '@private.me/xbind';
- *
- * const identity = await generateIdentity();
- * if (!identity.ok) throw identity.error;
- *
- * const backup = await exportBackup(identity.value, 'user-password');
- * if (!backup.ok) throw backup.error;
- *
- * // Store backup securely
- * const json = JSON.stringify(backup.value);
- * localStorage.setItem('backup', json);
- * ```
- */
-export async function exportBackup(identity, password) {
-    try {
-        // Serialize identity to plaintext payload
-        const payloadResult = await serializeIdentity(identity);
-        if (!payloadResult.ok)
-            return payloadResult;
-        // Generate random salt and IV
-        const salt = crypto.getRandomValues(new Uint8Array(SALT_LENGTH));
-        const iv = crypto.getRandomValues(new Uint8Array(IV_LENGTH));
-        // Derive AES key from password
-        const keyResult = await deriveKey(password, salt);
-        if (!keyResult.ok)
-            return keyResult;
-        // Encrypt payload as JSON
-        const payloadJson = JSON.stringify(payloadResult.value);
-        const plaintext = new TextEncoder().encode(payloadJson);
-        // Encrypt with AES-256-GCM
-        const encryptResult = await crypto.subtle.encrypt({ name: 'AES-GCM', iv: toArrayBuffer(iv) }, keyResult.value, plaintext);
-        const ciphertext = new Uint8Array(encryptResult);
-        // GCM includes authentication tag in the ciphertext.
-        // Split: ciphertext is everything except last 16 bytes, tag is last 16 bytes.
-        // (Web Crypto API appends the tag to the ciphertext)
-        if (ciphertext.length < 16) {
-            return err('ENCRYPTION_FAILED');
-        }
-        const ctLen = ciphertext.length - 16;
-        const ct = ciphertext.slice(0, ctLen);
-        const tag = ciphertext.slice(ctLen);
-        return ok({
-            version: 1,
-            salt: toBase64(salt),
-            iv: toBase64(iv),
-            ciphertext: toBase64(ct),
-            tag: toBase64(tag),
-        });
-    }
-    catch {
-        return err('ENCRYPTION_FAILED');
-    }
-}
-/* ── Import: Decrypt Backup to Identity ── */
-/**
- * Restore an identity from an encrypted backup blob.
- *
- * Decrypts the backup using PBKDF2-derived AES key. Verifies authenticity
- * with GCM tag before returning plaintext keys.
- *
- * @param backup - Encrypted backup blob.
- * @param password - User password (plaintext). Will be PBKDF2 derived.
- * @returns Restored AgentIdentity or error.
- *
- * @example
- * ```typescript
- * import { importBackup } from '@private.me/xbind';
- *
- * const json = localStorage.getItem('backup');
- * const backup = JSON.parse(json);
- *
- * const identity = await importBackup(backup, 'user-password');
- * if (!identity.ok) {
- *   if (identity.error === 'INVALID_PASSWORD') {
- *     console.error('Wrong password!');
- *   } else {
- *     throw identity.error;
- *   }
- * }
- *
- * // Now use restored identity
- * const agent = new Agent(identity.value);
- * ```
- */
-export async function importBackup(backup, password) {
-    try {
-        // Validate version
-        if (backup.version !== 1) {
-            return err('INVALID_BACKUP');
-        }
-        // Decode base64 fields
-        let salt;
-        let iv;
-        let ciphertext;
-        let tag;
-        try {
-            salt = fromBase64(backup.salt);
-            iv = fromBase64(backup.iv);
-            ciphertext = fromBase64(backup.ciphertext);
-            tag = fromBase64(backup.tag);
-        }
-        catch {
-            return err('INVALID_BACKUP');
-        }
-        // Validate lengths
-        if (salt.length !== SALT_LENGTH || iv.length !== IV_LENGTH || tag.length !== 16) {
-            return err('INVALID_BACKUP');
-        }
-        // Derive AES key from password
-        const keyResult = await deriveKey(password, salt);
-        if (!keyResult.ok)
-            return keyResult;
-        // Reconstruct full GCM input (ciphertext + tag)
-        const gcmInput = new Uint8Array(ciphertext.length + tag.length);
-        gcmInput.set(ciphertext);
-        gcmInput.set(tag, ciphertext.length);
-        // Decrypt with AES-256-GCM
-        let plaintext;
-        try {
-            plaintext = await crypto.subtle.decrypt({ name: 'AES-GCM', iv: toArrayBuffer(iv) }, keyResult.value, toArrayBuffer(gcmInput));
-        }
-        catch (decryptErr) {
-            // GCM authentication failure (wrong password or tampered backup)
-            console.warn('[xBind] GCM verification failed:', decryptErr);
-            return err('INVALID_PASSWORD');
-        }
-        // Parse JSON payload
-        let payload;
-        try {
-            const jsonStr = new TextDecoder().decode(plaintext);
-            payload = JSON.parse(jsonStr);
-        }
-        catch {
-            return err('INVALID_BACKUP');
-        }
-        // Validate payload structure
-        if (!payload.did || !payload.ed25519Pkcs8 || !payload.x25519Pkcs8) {
-            return err('INVALID_BACKUP');
-        }
-        // Decode base64 keys
-        let ed25519Pkcs8;
-        let x25519Pkcs8;
-        let mlKemSecretKey;
-        let mlKemPublicKey;
-        let mlDsaSecretKey;
-        let mlDsaPublicKey;
-        try {
-            ed25519Pkcs8 = fromBase64(payload.ed25519Pkcs8);
-            x25519Pkcs8 = fromBase64(payload.x25519Pkcs8);
-            if (payload.mlKemSecretKey)
-                mlKemSecretKey = fromBase64(payload.mlKemSecretKey);
-            if (payload.mlKemPublicKey)
-                mlKemPublicKey = fromBase64(payload.mlKemPublicKey);
-            if (payload.mlDsaSecretKey)
-                mlDsaSecretKey = fromBase64(payload.mlDsaSecretKey);
-            if (payload.mlDsaPublicKey)
-                mlDsaPublicKey = fromBase64(payload.mlDsaPublicKey);
-        }
-        catch {
-            return err('INVALID_BACKUP');
-        }
-        // Import identity from decoded keys
-        const identity = await importIdentity(ed25519Pkcs8, x25519Pkcs8, mlKemSecretKey, mlKemPublicKey, mlDsaSecretKey, mlDsaPublicKey);
-        if (!identity.ok)
-            return err('IMPORT_FAILED');
-        // Restore rotated keys if present
-        if (payload.rotatedKeys && payload.rotatedKeys.length > 0) {
-            const restored = identity.value;
-            const rotatedKeys = await Promise.all(payload.rotatedKeys.map(async (rk) => {
-                const x25519Pk = fromBase64(rk.x25519Pkcs8);
-                const x25519PrivateKey = await crypto.subtle.importKey('pkcs8', toArrayBuffer(x25519Pk), { name: 'X25519' }, true, ['deriveBits']);
-                const mlKemSecretKeyRk = rk.mlKemSecretKey ? fromBase64(rk.mlKemSecretKey) : undefined;
-                return {
-                    rotatedAt: rk.rotatedAt,
-                    x25519PrivateKey,
-                    ...(mlKemSecretKeyRk ? { mlKemSecretKey: mlKemSecretKeyRk } : {}),
-                };
-            }));
-            // Return identity with restored rotated keys
-            return ok({
-                ...restored,
-                rotatedKeys: rotatedKeys,
-            });
-        }
-        return identity;
-    }
-    catch (importErr) {
-        console.warn('[xBind] Import backup failed:', importErr);
-        return err('DECRYPTION_FAILED');
-    }
-}
+import{ok,err}from"./_deps/shared/index.js";import{toBase64,fromBase64}from"./crypto-utils.js";import{exportPKCS8,exportX25519PKCS8,importIdentity,exportMlKemSecretKey,exportMlKemPublicKey,exportMlDsaSecretKey,exportMlDsaPublicKey}from"./identity.js";const PBKDF2_ITERATIONS=31e4,SALT_LENGTH=16,IV_LENGTH=12;function toArrayBuffer(e){const t=new ArrayBuffer(e.byteLength);return new Uint8Array(t).set(e),t}async function deriveKey(e,t){try{if(16!==t.length)return err("INVALID_BACKUP");const r=await crypto.subtle.importKey("raw",(new TextEncoder).encode(e),"PBKDF2",!1,["deriveBits"]),a=new Uint8Array(await crypto.subtle.deriveBits({name:"PBKDF2",hash:"SHA-256",salt:toArrayBuffer(t),iterations:31e4},r,256)),o=await crypto.subtle.importKey("raw",toArrayBuffer(a),{name:"AES-GCM"},!1,["encrypt","decrypt"]);return ok(o)}catch{return err("PBKDF2_FAILED")}}async function serializeIdentity(e){try{const t=await exportPKCS8(e.privateKey);if(!t.ok)return err("EXPORT_FAILED");const r=await exportX25519PKCS8(e.x25519PrivateKey);if(!r.ok)return err("EXPORT_FAILED");const a=exportMlKemSecretKey(e),o=exportMlKemPublicKey(e),n=exportMlDsaSecretKey(e),s=exportMlDsaPublicKey(e),i=e.rotatedKeys?await Promise.all(e.rotatedKeys.map(async e=>{const t=await exportX25519PKCS8(e.x25519PrivateKey);if(!t.ok)throw new Error("Failed to export rotated X25519 key");return{rotatedAt:e.rotatedAt,x25519Pkcs8:toBase64(t.value),...e.mlKemSecretKey?{mlKemSecretKey:toBase64(e.mlKemSecretKey)}:{}}})):void 0;return ok({did:e.did,rawPublicKey:toBase64(e.rawPublicKey),ed25519Pkcs8:toBase64(t.value),x25519Pkcs8:toBase64(r.value),...a?{mlKemSecretKey:toBase64(a)}:{},...o?{mlKemPublicKey:toBase64(o)}:{},...n?{mlDsaSecretKey:toBase64(n)}:{},...s?{mlDsaPublicKey:toBase64(s)}:{},...i?{rotatedKeys:i}:{},exportedAt:Date.now()})}catch{return err("EXPORT_FAILED")}}export async function exportBackup(e,t){try{const r=await serializeIdentity(e);if(!r.ok)return r;const a=crypto.getRandomValues(new Uint8Array(16)),o=crypto.getRandomValues(new Uint8Array(12)),n=await deriveKey(t,a);if(!n.ok)return n;const s=JSON.stringify(r.value),i=(new TextEncoder).encode(s),c=await crypto.subtle.encrypt({name:"AES-GCM",iv:toArrayBuffer(o)},n.value,i),y=new Uint8Array(c);if(y.length<16)return err("ENCRYPTION_FAILED");const l=y.length-16,K=y.slice(0,l),m=y.slice(l);return ok({version:1,salt:toBase64(a),iv:toBase64(o),ciphertext:toBase64(K),tag:toBase64(m)})}catch{return err("ENCRYPTION_FAILED")}}export async function importBackup(e,t){try{if(1!==e.version)return err("INVALID_BACKUP");let r,a,o,n;try{r=fromBase64(e.salt),a=fromBase64(e.iv),o=fromBase64(e.ciphertext),n=fromBase64(e.tag)}catch{return err("INVALID_BACKUP")}if(16!==r.length||12!==a.length||16!==n.length)return err("INVALID_BACKUP");const s=await deriveKey(t,r);if(!s.ok)return s;const i=new Uint8Array(o.length+n.length);let c,y,l,K,m,u,f,B;i.set(o),i.set(n,o.length);try{c=await crypto.subtle.decrypt({name:"AES-GCM",iv:toArrayBuffer(a)},s.value,toArrayBuffer(i))}catch{return err("INVALID_PASSWORD")}try{const e=(new TextDecoder).decode(c);y=JSON.parse(e)}catch{return err("INVALID_BACKUP")}if(!y.did||!y.ed25519Pkcs8||!y.x25519Pkcs8)return err("INVALID_BACKUP");try{l=fromBase64(y.ed25519Pkcs8),K=fromBase64(y.x25519Pkcs8),y.mlKemSecretKey&&(m=fromBase64(y.mlKemSecretKey)),y.mlKemPublicKey&&(u=fromBase64(y.mlKemPublicKey)),y.mlDsaSecretKey&&(f=fromBase64(y.mlDsaSecretKey)),y.mlDsaPublicKey&&(B=fromBase64(y.mlDsaPublicKey))}catch{return err("INVALID_BACKUP")}const d=await importIdentity(l,K,m,u,f,B);if(!d.ok)return err("IMPORT_FAILED");if(y.rotatedKeys&&y.rotatedKeys.length>0){const e=d.value,t=await Promise.all(y.rotatedKeys.map(async e=>{const t=fromBase64(e.x25519Pkcs8),r=await crypto.subtle.importKey("pkcs8",toArrayBuffer(t),{name:"X25519"},!0,["deriveBits"]),a=e.mlKemSecretKey?fromBase64(e.mlKemSecretKey):void 0;return{rotatedAt:e.rotatedAt,x25519PrivateKey:r,...a?{mlKemSecretKey:a}:{}}}));return ok({...e,rotatedKeys:t})}return d}catch{return err("DECRYPTION_FAILED")}}