npm - @private.me/xbind - Versions diffs - 3.0.2 → 3.0.4 - Mend

@private.me/xbind 3.0.2 → 3.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (222) hide show

package/README.md +2366 -204
package/dist-standalone/_deps/mldsa-wasm/dist/mldsa.js +1 -1920
package/dist-standalone/_deps/shared/cjs/errors.js +1 -729
package/dist-standalone/_deps/shared/cjs/index.js +1 -463
package/dist-standalone/_deps/shared/cjs/types.js +1 -315
package/dist-standalone/_deps/shared/errors.js +1 -244
package/dist-standalone/_deps/shared/index.js +1 -72
package/dist-standalone/_deps/shared/types.js +1 -86
package/dist-standalone/_deps/ux-helpers/cjs/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/search.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/types.js +1 -1
package/dist-standalone/_deps/ux-helpers/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/search.js +1 -1
package/dist-standalone/_deps/xchange/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/errors.js +1 -1
package/dist-standalone/_deps/xchange/cjs/index.js +1 -1
package/dist-standalone/_deps/xchange/cjs/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/cjs/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/cjs/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/cjs/xchange.js +1 -1
package/dist-standalone/_deps/xchange/errors.js +1 -1
package/dist-standalone/_deps/xchange/index.js +1 -1
package/dist-standalone/_deps/xchange/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/xchange.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/errors.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/index.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/registry.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/schema.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/types.js +1 -1
package/dist-standalone/_deps/xregistry/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/errors.js +1 -1
package/dist-standalone/_deps/xregistry/index.js +1 -1
package/dist-standalone/_deps/xregistry/registry.js +1 -1
package/dist-standalone/_deps/xregistry/schema.js +1 -1
package/dist-standalone/_deps/xregistry/types.js +1 -1
package/dist-standalone/agent-call.d.ts +2 -2
package/dist-standalone/agent-call.js +1 -659
package/dist-standalone/agent-sdk.js +1 -328
package/dist-standalone/agent.d.ts +2 -0
package/dist-standalone/agent.js +1 -1800
package/dist-standalone/approval.js +1 -193
package/dist-standalone/async-iterators.d.ts +3 -3
package/dist-standalone/async-iterators.js +1 -382
package/dist-standalone/auth.js +1 -219
package/dist-standalone/auto-accept.js +1 -229
package/dist-standalone/backup-config.js +1 -201
package/dist-standalone/backup.js +1 -326
package/dist-standalone/batch-operations.js +1 -388
package/dist-standalone/cancellation.js +1 -477
package/dist-standalone/checkpoint.js +1 -186
package/dist-standalone/circuit-breaker.js +1 -468
package/dist-standalone/cjs/agent-call.js +1 -701
package/dist-standalone/cjs/agent-sdk.js +1 -332
package/dist-standalone/cjs/agent.js +1 -1837
package/dist-standalone/cjs/approval.js +1 -199
package/dist-standalone/cjs/async-iterators.js +1 -392
package/dist-standalone/cjs/auth.js +1 -225
package/dist-standalone/cjs/auto-accept.js +1 -233
package/dist-standalone/cjs/backup-config.js +1 -207
package/dist-standalone/cjs/backup.js +1 -330
package/dist-standalone/cjs/batch-operations.js +1 -397
package/dist-standalone/cjs/cancellation.js +1 -490
package/dist-standalone/cjs/checkpoint.js +1 -193
package/dist-standalone/cjs/circuit-breaker.js +1 -476
package/dist-standalone/cjs/cli/init.js +1 -492
package/dist-standalone/cjs/config-validation.js +1 -522
package/dist-standalone/cjs/connect.js +1 -312
package/dist-standalone/cjs/connection-pool.js +1 -506
package/dist-standalone/cjs/correlation-id.js +1 -339
package/dist-standalone/cjs/crypto-utils.js +1 -176
package/dist-standalone/cjs/debug-mode.js +1 -534
package/dist-standalone/cjs/did-document.js +1 -101
package/dist-standalone/cjs/did-privateme.js +1 -130
package/dist-standalone/cjs/did-web.js +1 -201
package/dist-standalone/cjs/discovery.js +1 -462
package/dist-standalone/cjs/dual-mode.js +1 -251
package/dist-standalone/cjs/email-templates.js +1 -313
package/dist-standalone/cjs/email-transport.js +1 -239
package/dist-standalone/cjs/envelope.js +1 -538
package/dist-standalone/cjs/errors.js +1 -913
package/dist-standalone/cjs/event-emitter.js +1 -461
package/dist-standalone/cjs/gateway-state.js +1 -55
package/dist-standalone/cjs/gateway-transport.js +1 -120
package/dist-standalone/cjs/graceful-degradation.js +1 -403
package/dist-standalone/cjs/guardrails.js +1 -223
package/dist-standalone/cjs/health-check.js +1 -336
package/dist-standalone/cjs/http-compat.js +1 -272
package/dist-standalone/cjs/http-status-map.js +1 -571
package/dist-standalone/cjs/identity.js +1 -645
package/dist-standalone/cjs/index.js +1 -406
package/dist-standalone/cjs/invitation.js +1 -421
package/dist-standalone/cjs/invite.js +1 -328
package/dist-standalone/cjs/key-agreement.js +1 -335
package/dist-standalone/cjs/lazy-init.js +1 -300
package/dist-standalone/cjs/logger.js +1 -291
package/dist-standalone/cjs/loopback-transport.js +1 -0
package/dist-standalone/cjs/mdns-discovery.js +1 -202
package/dist-standalone/cjs/nonce-store.js +1 -80
package/dist-standalone/cjs/pairing-manager.js +1 -223
package/dist-standalone/cjs/plugin-system.js +1 -264
package/dist-standalone/cjs/plugins/logging.js +1 -168
package/dist-standalone/cjs/plugins/metrics.js +1 -181
package/dist-standalone/cjs/plugins/validation.js +1 -302
package/dist-standalone/cjs/policy.js +1 -320
package/dist-standalone/cjs/progress-callbacks.js +1 -583
package/dist-standalone/cjs/redis-nonce-store.js +1 -76
package/dist-standalone/cjs/registry-middleware.js +1 -50
package/dist-standalone/cjs/retry-strategies.js +1 -544
package/dist-standalone/cjs/retry-transport.js +1 -102
package/dist-standalone/cjs/runtime/browser.js +1 -533
package/dist-standalone/cjs/runtime/edge.js +1 -526
package/dist-standalone/cjs/runtime/react-native.js +1 -394
package/dist-standalone/cjs/security-policy.js +1 -245
package/dist-standalone/cjs/serialization.js +1 -1040
package/dist-standalone/cjs/split-channel.js +1 -225
package/dist-standalone/cjs/subscription-proof.js +1 -230
package/dist-standalone/cjs/succession.js +1 -148
package/dist-standalone/cjs/timeouts.js +1 -412
package/dist-standalone/cjs/trace-context.js +1 -424
package/dist-standalone/cjs/trace-spans.js +1 -495
package/dist-standalone/cjs/transport.js +1 -63
package/dist-standalone/cjs/trust-registry.js +1 -991
package/dist-standalone/cjs/types/error-response.js +1 -56
package/dist-standalone/cjs/vault-auth.js +1 -178
package/dist-standalone/cjs/vault-store-loader.js +1 -194
package/dist-standalone/cjs/verify.js +1 -25
package/dist-standalone/cjs/version-info.js +1 -543
package/dist-standalone/cjs/xfetch.js +1 -340
package/dist-standalone/cli/init.js +1 -455
package/dist-standalone/cli/setup.js +1 -514
package/dist-standalone/cli/types.js +1 -27
package/dist-standalone/cli/xbind.js +1 -148
package/dist-standalone/config-validation.js +1 -513
package/dist-standalone/connect.js +1 -274
package/dist-standalone/connection-pool.js +1 -500
package/dist-standalone/correlation-id.js +1 -326
package/dist-standalone/crypto-utils.d.ts +2 -7
package/dist-standalone/crypto-utils.js +1 -157
package/dist-standalone/debug-mode.js +1 -510
package/dist-standalone/did-document.js +1 -96
package/dist-standalone/did-privateme.js +1 -121
package/dist-standalone/did-web.js +1 -196
package/dist-standalone/discovery.js +1 -458
package/dist-standalone/dual-mode.js +1 -247
package/dist-standalone/email-templates.js +1 -309
package/dist-standalone/email-transport.d.ts +2 -2
package/dist-standalone/email-transport.js +1 -232
package/dist-standalone/envelope.js +1 -525
package/dist-standalone/errors.d.ts +13 -3
package/dist-standalone/errors.js +1 -896
package/dist-standalone/event-emitter.js +1 -456
package/dist-standalone/gateway-state.d.ts +1 -1
package/dist-standalone/gateway-state.js +1 -51
package/dist-standalone/gateway-transport.js +1 -116
package/dist-standalone/graceful-degradation.js +1 -396
package/dist-standalone/guardrails.js +1 -216
package/dist-standalone/health-check.d.ts +5 -1
package/dist-standalone/health-check.js +1 -332
package/dist-standalone/http-compat.d.ts +1 -1
package/dist-standalone/http-compat.js +1 -267
package/dist-standalone/http-status-map.js +1 -561
package/dist-standalone/identity.js +1 -619
package/dist-standalone/index.d.ts +15 -4
package/dist-standalone/index.js +1 -78
package/dist-standalone/invitation.js +1 -415
package/dist-standalone/invite.js +1 -324
package/dist-standalone/key-agreement.js +1 -325
package/dist-standalone/lazy-init.d.ts +11 -6
package/dist-standalone/lazy-init.js +1 -295
package/dist-standalone/logger.js +1 -285
package/dist-standalone/loopback-transport.d.ts +87 -0
package/dist-standalone/loopback-transport.js +1 -0
package/dist-standalone/mdns-discovery.js +1 -195
package/dist-standalone/nonce-store.js +1 -76
package/dist-standalone/pairing-manager.js +1 -219
package/dist-standalone/plugin-system.js +1 -257
package/dist-standalone/plugins/logging.js +1 -163
package/dist-standalone/plugins/metrics.d.ts +4 -4
package/dist-standalone/plugins/metrics.js +1 -176
package/dist-standalone/plugins/validation.js +1 -297
package/dist-standalone/policy.js +1 -315
package/dist-standalone/progress-callbacks.js +1 -576
package/dist-standalone/redis-nonce-store.js +1 -72
package/dist-standalone/registry-middleware.js +1 -47
package/dist-standalone/retry-strategies.js +1 -534
package/dist-standalone/retry-transport.js +1 -98
package/dist-standalone/runtime/browser.js +1 -516
package/dist-standalone/runtime/edge.js +1 -511
package/dist-standalone/runtime/react-native.d.ts +1 -1
package/dist-standalone/runtime/react-native.js +1 -383
package/dist-standalone/security-policy.js +1 -239
package/dist-standalone/serialization.js +1 -1031
package/dist-standalone/split-channel.d.ts +1 -1
package/dist-standalone/split-channel.js +1 -219
package/dist-standalone/subscription-proof.js +1 -224
package/dist-standalone/succession.js +1 -142
package/dist-standalone/timeouts.js +1 -398
package/dist-standalone/trace-context.js +1 -414
package/dist-standalone/trace-spans.js +1 -488
package/dist-standalone/transport.d.ts +1 -1
package/dist-standalone/transport.js +1 -59
package/dist-standalone/trust-registry.d.ts +3 -3
package/dist-standalone/trust-registry.js +1 -950
package/dist-standalone/types/error-response.js +1 -52
package/dist-standalone/vault-auth.js +1 -174
package/dist-standalone/vault-store-loader.d.ts +9 -0
package/dist-standalone/vault-store-loader.js +1 -187
package/dist-standalone/verify.js +1 -16
package/dist-standalone/version-info.js +1 -530
package/dist-standalone/xfetch.js +1 -335
package/package.json +1 -1
package/share1.dat +0 -0

package/dist-standalone/cjs/backup.js CHANGED Viewed

@@ -1,330 +1 @@
-"use strict";
-/**
- * Encrypted Backup and Restore (RCV-3)
- *
- * Exports and imports encrypted identity and cryptographic state.
- * Uses PBKDF2 (NIST SP 800-132) for key derivation and AES-256-GCM
- * for authenticated encryption.
- *
- * @module backup
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.exportBackup = exportBackup;
-exports.importBackup = importBackup;
-const shared_1 = require("../_deps/shared/index.js");
-const crypto_utils_js_1 = require("./crypto-utils.js");
-const identity_js_1 = require("./identity.js");
-/* ── Constants ── */
-/** PBKDF2 iterations for key derivation (NIST SP 800-132 minimum: 100,000). */
-const PBKDF2_ITERATIONS = 310_000;
-/** PBKDF2 salt length in bytes. */
-const SALT_LENGTH = 16;
-/** AES-256-GCM IV length in bytes. */
-const IV_LENGTH = 12;
-/** AES-256-GCM key length in bytes. */
-const KEY_LENGTH = 32;
-/* ── Utility Functions ── */
-/**
- * Copy Uint8Array to fresh ArrayBuffer (avoids SharedArrayBuffer type issues).
- */
-function toArrayBuffer(data) {
-    const buf = new ArrayBuffer(data.byteLength);
-    new Uint8Array(buf).set(data);
-    return buf;
-}
-/**
- * Derive a 256-bit AES key from password using PBKDF2-SHA256.
- *
- * Uses NIST SP 800-132 recommended parameters:
- * - 310,000 iterations (as of 2025, recommended for 100ms delay on modern hardware)
- * - SHA-256 as PRF
- * - 16-byte salt
- *
- * @param password - User password (UTF-8 string).
- * @param salt - 16-byte random salt.
- * @returns AES-256 key or error.
- */
-async function deriveKey(password, salt) {
-    try {
-        if (salt.length !== SALT_LENGTH) {
-            return (0, shared_1.err)('INVALID_BACKUP');
-        }
-        // Import password as PBKDF2 base key
-        const baseKey = await crypto.subtle.importKey('raw', new TextEncoder().encode(password), 'PBKDF2', false, ['deriveBits']);
-        // Derive 256 bits (32 bytes) for AES-256
-        const derivedBits = new Uint8Array(await crypto.subtle.deriveBits({
-            name: 'PBKDF2',
-            hash: 'SHA-256',
-            salt: toArrayBuffer(salt),
-            iterations: PBKDF2_ITERATIONS,
-        }, baseKey, 256));
-        // Import derived key as AES-GCM key
-        const aesKey = await crypto.subtle.importKey('raw', toArrayBuffer(derivedBits), { name: 'AES-GCM' }, false, ['encrypt', 'decrypt']);
-        return (0, shared_1.ok)(aesKey);
-    }
-    catch {
-        return (0, shared_1.err)('PBKDF2_FAILED');
-    }
-}
-/**
- * Serialize an AgentIdentity to a plaintext backup payload.
- * (The payload is then encrypted before storage.)
- */
-async function serializeIdentity(identity) {
-    try {
-        // Export Ed25519 and X25519 private keys as PKCS8
-        const ed25519PkResult = await (0, identity_js_1.exportPKCS8)(identity.privateKey);
-        if (!ed25519PkResult.ok)
-            return (0, shared_1.err)('EXPORT_FAILED');
-        const x25519PkResult = await (0, identity_js_1.exportX25519PKCS8)(identity.x25519PrivateKey);
-        if (!x25519PkResult.ok)
-            return (0, shared_1.err)('EXPORT_FAILED');
-        // Collect ML-KEM and ML-DSA keys if present
-        const mlKemSecretKey = (0, identity_js_1.exportMlKemSecretKey)(identity);
-        const mlKemPublicKey = (0, identity_js_1.exportMlKemPublicKey)(identity);
-        const mlDsaSecretKey = (0, identity_js_1.exportMlDsaSecretKey)(identity);
-        const mlDsaPublicKey = (0, identity_js_1.exportMlDsaPublicKey)(identity);
-        // Serialize rotated keys
-        const rotatedKeys = identity.rotatedKeys
-            ? await Promise.all(identity.rotatedKeys.map(async (rotated) => {
-                const x25519Pk = await (0, identity_js_1.exportX25519PKCS8)(rotated.x25519PrivateKey);
-                if (!x25519Pk.ok)
-                    throw new Error('Failed to export rotated X25519 key');
-                return {
-                    rotatedAt: rotated.rotatedAt,
-                    x25519Pkcs8: (0, crypto_utils_js_1.toBase64)(x25519Pk.value),
-                    ...(rotated.mlKemSecretKey ? { mlKemSecretKey: (0, crypto_utils_js_1.toBase64)(rotated.mlKemSecretKey) } : {}),
-                };
-            }))
-            : undefined;
-        return (0, shared_1.ok)({
-            did: identity.did,
-            rawPublicKey: (0, crypto_utils_js_1.toBase64)(identity.rawPublicKey),
-            ed25519Pkcs8: (0, crypto_utils_js_1.toBase64)(ed25519PkResult.value),
-            x25519Pkcs8: (0, crypto_utils_js_1.toBase64)(x25519PkResult.value),
-            ...(mlKemSecretKey ? { mlKemSecretKey: (0, crypto_utils_js_1.toBase64)(mlKemSecretKey) } : {}),
-            ...(mlKemPublicKey ? { mlKemPublicKey: (0, crypto_utils_js_1.toBase64)(mlKemPublicKey) } : {}),
-            ...(mlDsaSecretKey ? { mlDsaSecretKey: (0, crypto_utils_js_1.toBase64)(mlDsaSecretKey) } : {}),
-            ...(mlDsaPublicKey ? { mlDsaPublicKey: (0, crypto_utils_js_1.toBase64)(mlDsaPublicKey) } : {}),
-            ...(rotatedKeys ? { rotatedKeys } : {}),
-            exportedAt: Date.now(),
-        });
-    }
-    catch {
-        return (0, shared_1.err)('EXPORT_FAILED');
-    }
-}
-/* ── Export: Encrypt Identity to Backup ── */
-/**
- * Export an identity as an encrypted backup blob.
- *
- * Encrypts the complete identity (Ed25519, X25519, ML-KEM, ML-DSA keys,
- * rotated keys) with a password using PBKDF2 + AES-256-GCM.
- *
- * The backup can be stored safely in cloud storage, version control, or
- * transmitted over untrusted channels. Only the password holder can decrypt.
- *
- * Security:
- * - PBKDF2-SHA256 with 310,000 iterations (≈100ms on modern hardware)
- * - AES-256-GCM for authenticated encryption
- * - Random salt + IV for each backup (no two backups are identical)
- * - 16-byte GCM tag prevents tampering
- *
- * @param identity - Agent identity to backup.
- * @param password - User password (plaintext). Will be PBKDF2 derived.
- * @returns Encrypted backup blob or error.
- *
- * @example
- * ```typescript
- * import { generateIdentity } from '@private.me/xbind';
- * import { exportBackup } from '@private.me/xbind';
- *
- * const identity = await generateIdentity();
- * if (!identity.ok) throw identity.error;
- *
- * const backup = await exportBackup(identity.value, 'user-password');
- * if (!backup.ok) throw backup.error;
- *
- * // Store backup securely
- * const json = JSON.stringify(backup.value);
- * localStorage.setItem('backup', json);
- * ```
- */
-async function exportBackup(identity, password) {
-    try {
-        // Serialize identity to plaintext payload
-        const payloadResult = await serializeIdentity(identity);
-        if (!payloadResult.ok)
-            return payloadResult;
-        // Generate random salt and IV
-        const salt = crypto.getRandomValues(new Uint8Array(SALT_LENGTH));
-        const iv = crypto.getRandomValues(new Uint8Array(IV_LENGTH));
-        // Derive AES key from password
-        const keyResult = await deriveKey(password, salt);
-        if (!keyResult.ok)
-            return keyResult;
-        // Encrypt payload as JSON
-        const payloadJson = JSON.stringify(payloadResult.value);
-        const plaintext = new TextEncoder().encode(payloadJson);
-        // Encrypt with AES-256-GCM
-        const encryptResult = await crypto.subtle.encrypt({ name: 'AES-GCM', iv: toArrayBuffer(iv) }, keyResult.value, plaintext);
-        const ciphertext = new Uint8Array(encryptResult);
-        // GCM includes authentication tag in the ciphertext.
-        // Split: ciphertext is everything except last 16 bytes, tag is last 16 bytes.
-        // (Web Crypto API appends the tag to the ciphertext)
-        if (ciphertext.length < 16) {
-            return (0, shared_1.err)('ENCRYPTION_FAILED');
-        }
-        const ctLen = ciphertext.length - 16;
-        const ct = ciphertext.slice(0, ctLen);
-        const tag = ciphertext.slice(ctLen);
-        return (0, shared_1.ok)({
-            version: 1,
-            salt: (0, crypto_utils_js_1.toBase64)(salt),
-            iv: (0, crypto_utils_js_1.toBase64)(iv),
-            ciphertext: (0, crypto_utils_js_1.toBase64)(ct),
-            tag: (0, crypto_utils_js_1.toBase64)(tag),
-        });
-    }
-    catch {
-        return (0, shared_1.err)('ENCRYPTION_FAILED');
-    }
-}
-/* ── Import: Decrypt Backup to Identity ── */
-/**
- * Restore an identity from an encrypted backup blob.
- *
- * Decrypts the backup using PBKDF2-derived AES key. Verifies authenticity
- * with GCM tag before returning plaintext keys.
- *
- * @param backup - Encrypted backup blob.
- * @param password - User password (plaintext). Will be PBKDF2 derived.
- * @returns Restored AgentIdentity or error.
- *
- * @example
- * ```typescript
- * import { importBackup } from '@private.me/xbind';
- *
- * const json = localStorage.getItem('backup');
- * const backup = JSON.parse(json);
- *
- * const identity = await importBackup(backup, 'user-password');
- * if (!identity.ok) {
- *   if (identity.error === 'INVALID_PASSWORD') {
- *     console.error('Wrong password!');
- *   } else {
- *     throw identity.error;
- *   }
- * }
- *
- * // Now use restored identity
- * const agent = new Agent(identity.value);
- * ```
- */
-async function importBackup(backup, password) {
-    try {
-        // Validate version
-        if (backup.version !== 1) {
-            return (0, shared_1.err)('INVALID_BACKUP');
-        }
-        // Decode base64 fields
-        let salt;
-        let iv;
-        let ciphertext;
-        let tag;
-        try {
-            salt = (0, crypto_utils_js_1.fromBase64)(backup.salt);
-            iv = (0, crypto_utils_js_1.fromBase64)(backup.iv);
-            ciphertext = (0, crypto_utils_js_1.fromBase64)(backup.ciphertext);
-            tag = (0, crypto_utils_js_1.fromBase64)(backup.tag);
-        }
-        catch {
-            return (0, shared_1.err)('INVALID_BACKUP');
-        }
-        // Validate lengths
-        if (salt.length !== SALT_LENGTH || iv.length !== IV_LENGTH || tag.length !== 16) {
-            return (0, shared_1.err)('INVALID_BACKUP');
-        }
-        // Derive AES key from password
-        const keyResult = await deriveKey(password, salt);
-        if (!keyResult.ok)
-            return keyResult;
-        // Reconstruct full GCM input (ciphertext + tag)
-        const gcmInput = new Uint8Array(ciphertext.length + tag.length);
-        gcmInput.set(ciphertext);
-        gcmInput.set(tag, ciphertext.length);
-        // Decrypt with AES-256-GCM
-        let plaintext;
-        try {
-            plaintext = await crypto.subtle.decrypt({ name: 'AES-GCM', iv: toArrayBuffer(iv) }, keyResult.value, toArrayBuffer(gcmInput));
-        }
-        catch (decryptErr) {
-            // GCM authentication failure (wrong password or tampered backup)
-            console.warn('[xBind] GCM verification failed:', decryptErr);
-            return (0, shared_1.err)('INVALID_PASSWORD');
-        }
-        // Parse JSON payload
-        let payload;
-        try {
-            const jsonStr = new TextDecoder().decode(plaintext);
-            payload = JSON.parse(jsonStr);
-        }
-        catch {
-            return (0, shared_1.err)('INVALID_BACKUP');
-        }
-        // Validate payload structure
-        if (!payload.did || !payload.ed25519Pkcs8 || !payload.x25519Pkcs8) {
-            return (0, shared_1.err)('INVALID_BACKUP');
-        }
-        // Decode base64 keys
-        let ed25519Pkcs8;
-        let x25519Pkcs8;
-        let mlKemSecretKey;
-        let mlKemPublicKey;
-        let mlDsaSecretKey;
-        let mlDsaPublicKey;
-        try {
-            ed25519Pkcs8 = (0, crypto_utils_js_1.fromBase64)(payload.ed25519Pkcs8);
-            x25519Pkcs8 = (0, crypto_utils_js_1.fromBase64)(payload.x25519Pkcs8);
-            if (payload.mlKemSecretKey)
-                mlKemSecretKey = (0, crypto_utils_js_1.fromBase64)(payload.mlKemSecretKey);
-            if (payload.mlKemPublicKey)
-                mlKemPublicKey = (0, crypto_utils_js_1.fromBase64)(payload.mlKemPublicKey);
-            if (payload.mlDsaSecretKey)
-                mlDsaSecretKey = (0, crypto_utils_js_1.fromBase64)(payload.mlDsaSecretKey);
-            if (payload.mlDsaPublicKey)
-                mlDsaPublicKey = (0, crypto_utils_js_1.fromBase64)(payload.mlDsaPublicKey);
-        }
-        catch {
-            return (0, shared_1.err)('INVALID_BACKUP');
-        }
-        // Import identity from decoded keys
-        const identity = await (0, identity_js_1.importIdentity)(ed25519Pkcs8, x25519Pkcs8, mlKemSecretKey, mlKemPublicKey, mlDsaSecretKey, mlDsaPublicKey);
-        if (!identity.ok)
-            return (0, shared_1.err)('IMPORT_FAILED');
-        // Restore rotated keys if present
-        if (payload.rotatedKeys && payload.rotatedKeys.length > 0) {
-            const restored = identity.value;
-            const rotatedKeys = await Promise.all(payload.rotatedKeys.map(async (rk) => {
-                const x25519Pk = (0, crypto_utils_js_1.fromBase64)(rk.x25519Pkcs8);
-                const x25519PrivateKey = await crypto.subtle.importKey('pkcs8', toArrayBuffer(x25519Pk), { name: 'X25519' }, true, ['deriveBits']);
-                const mlKemSecretKeyRk = rk.mlKemSecretKey ? (0, crypto_utils_js_1.fromBase64)(rk.mlKemSecretKey) : undefined;
-                return {
-                    rotatedAt: rk.rotatedAt,
-                    x25519PrivateKey,
-                    ...(mlKemSecretKeyRk ? { mlKemSecretKey: mlKemSecretKeyRk } : {}),
-                };
-            }));
-            // Return identity with restored rotated keys
-            return (0, shared_1.ok)({
-                ...restored,
-                rotatedKeys: rotatedKeys,
-            });
-        }
-        return identity;
-    }
-    catch (importErr) {
-        console.warn('[xBind] Import backup failed:', importErr);
-        return (0, shared_1.err)('DECRYPTION_FAILED');
-    }
-}
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.exportBackup=exportBackup,exports.importBackup=importBackup;const shared_1=require("../_deps/shared/index.js"),crypto_utils_js_1=require("./crypto-utils.js"),identity_js_1=require("./identity.js"),PBKDF2_ITERATIONS=31e4,SALT_LENGTH=16,IV_LENGTH=12;function toArrayBuffer(e){const t=new ArrayBuffer(e.byteLength);return new Uint8Array(t).set(e),t}async function deriveKey(e,t){try{if(t.length!==SALT_LENGTH)return(0,shared_1.err)("INVALID_BACKUP");const r=await crypto.subtle.importKey("raw",(new TextEncoder).encode(e),"PBKDF2",!1,["deriveBits"]),s=new Uint8Array(await crypto.subtle.deriveBits({name:"PBKDF2",hash:"SHA-256",salt:toArrayBuffer(t),iterations:31e4},r,256)),a=await crypto.subtle.importKey("raw",toArrayBuffer(s),{name:"AES-GCM"},!1,["encrypt","decrypt"]);return(0,shared_1.ok)(a)}catch{return(0,shared_1.err)("PBKDF2_FAILED")}}async function serializeIdentity(e){try{const t=await(0,identity_js_1.exportPKCS8)(e.privateKey);if(!t.ok)return(0,shared_1.err)("EXPORT_FAILED");const r=await(0,identity_js_1.exportX25519PKCS8)(e.x25519PrivateKey);if(!r.ok)return(0,shared_1.err)("EXPORT_FAILED");const s=(0,identity_js_1.exportMlKemSecretKey)(e),a=(0,identity_js_1.exportMlKemPublicKey)(e),o=(0,identity_js_1.exportMlDsaSecretKey)(e),i=(0,identity_js_1.exportMlDsaPublicKey)(e),_=e.rotatedKeys?await Promise.all(e.rotatedKeys.map(async e=>{const t=await(0,identity_js_1.exportX25519PKCS8)(e.x25519PrivateKey);if(!t.ok)throw new Error("Failed to export rotated X25519 key");return{rotatedAt:e.rotatedAt,x25519Pkcs8:(0,crypto_utils_js_1.toBase64)(t.value),...e.mlKemSecretKey?{mlKemSecretKey:(0,crypto_utils_js_1.toBase64)(e.mlKemSecretKey)}:{}}})):void 0;return(0,shared_1.ok)({did:e.did,rawPublicKey:(0,crypto_utils_js_1.toBase64)(e.rawPublicKey),ed25519Pkcs8:(0,crypto_utils_js_1.toBase64)(t.value),x25519Pkcs8:(0,crypto_utils_js_1.toBase64)(r.value),...s?{mlKemSecretKey:(0,crypto_utils_js_1.toBase64)(s)}:{},...a?{mlKemPublicKey:(0,crypto_utils_js_1.toBase64)(a)}:{},...o?{mlDsaSecretKey:(0,crypto_utils_js_1.toBase64)(o)}:{},...i?{mlDsaPublicKey:(0,crypto_utils_js_1.toBase64)(i)}:{},..._?{rotatedKeys:_}:{},exportedAt:Date.now()})}catch{return(0,shared_1.err)("EXPORT_FAILED")}}async function exportBackup(e,t){try{const r=await serializeIdentity(e);if(!r.ok)return r;const s=crypto.getRandomValues(new Uint8Array(SALT_LENGTH)),a=crypto.getRandomValues(new Uint8Array(IV_LENGTH)),o=await deriveKey(t,s);if(!o.ok)return o;const i=JSON.stringify(r.value),_=(new TextEncoder).encode(i),c=await crypto.subtle.encrypt({name:"AES-GCM",iv:toArrayBuffer(a)},o.value,_),y=new Uint8Array(c);if(y.length<16)return(0,shared_1.err)("ENCRYPTION_FAILED");const n=y.length-16,u=y.slice(0,n),l=y.slice(n);return(0,shared_1.ok)({version:1,salt:(0,crypto_utils_js_1.toBase64)(s),iv:(0,crypto_utils_js_1.toBase64)(a),ciphertext:(0,crypto_utils_js_1.toBase64)(u),tag:(0,crypto_utils_js_1.toBase64)(l)})}catch{return(0,shared_1.err)("ENCRYPTION_FAILED")}}async function importBackup(e,t){try{if(1!==e.version)return(0,shared_1.err)("INVALID_BACKUP");let r,s,a,o;try{r=(0,crypto_utils_js_1.fromBase64)(e.salt),s=(0,crypto_utils_js_1.fromBase64)(e.iv),a=(0,crypto_utils_js_1.fromBase64)(e.ciphertext),o=(0,crypto_utils_js_1.fromBase64)(e.tag)}catch{return(0,shared_1.err)("INVALID_BACKUP")}if(r.length!==SALT_LENGTH||s.length!==IV_LENGTH||16!==o.length)return(0,shared_1.err)("INVALID_BACKUP");const i=await deriveKey(t,r);if(!i.ok)return i;const _=new Uint8Array(a.length+o.length);let c,y,n,u,l,d,p,K;_.set(a),_.set(o,a.length);try{c=await crypto.subtle.decrypt({name:"AES-GCM",iv:toArrayBuffer(s)},i.value,toArrayBuffer(_))}catch{return(0,shared_1.err)("INVALID_PASSWORD")}try{const e=(new TextDecoder).decode(c);y=JSON.parse(e)}catch{return(0,shared_1.err)("INVALID_BACKUP")}if(!y.did||!y.ed25519Pkcs8||!y.x25519Pkcs8)return(0,shared_1.err)("INVALID_BACKUP");try{n=(0,crypto_utils_js_1.fromBase64)(y.ed25519Pkcs8),u=(0,crypto_utils_js_1.fromBase64)(y.x25519Pkcs8),y.mlKemSecretKey&&(l=(0,crypto_utils_js_1.fromBase64)(y.mlKemSecretKey)),y.mlKemPublicKey&&(d=(0,crypto_utils_js_1.fromBase64)(y.mlKemPublicKey)),y.mlDsaSecretKey&&(p=(0,crypto_utils_js_1.fromBase64)(y.mlDsaSecretKey)),y.mlDsaPublicKey&&(K=(0,crypto_utils_js_1.fromBase64)(y.mlDsaPublicKey))}catch{return(0,shared_1.err)("INVALID_BACKUP")}const m=await(0,identity_js_1.importIdentity)(n,u,l,d,p,K);if(!m.ok)return(0,shared_1.err)("IMPORT_FAILED");if(y.rotatedKeys&&y.rotatedKeys.length>0){const e=m.value,t=await Promise.all(y.rotatedKeys.map(async e=>{const t=(0,crypto_utils_js_1.fromBase64)(e.x25519Pkcs8),r=await crypto.subtle.importKey("pkcs8",toArrayBuffer(t),{name:"X25519"},!0,["deriveBits"]),s=e.mlKemSecretKey?(0,crypto_utils_js_1.fromBase64)(e.mlKemSecretKey):void 0;return{rotatedAt:e.rotatedAt,x25519PrivateKey:r,...s?{mlKemSecretKey:s}:{}}}));return(0,shared_1.ok)({...e,rotatedKeys:t})}return m}catch{return(0,shared_1.err)("DECRYPTION_FAILED")}}