@protontech/drive-sdk 0.10.0 → 0.12.0

package/src/crypto/openPGPCrypto.ts

@@ -8,10 +8,18 @@ import { uint8ArrayToBase64String } from './utils';
  * clients/packages/crypto/lib/proxy/proxy.ts.
  */
 export interface OpenPGPCryptoProxy {
-    generateKey: (options: { userIDs: { name: string }[]; type: 'ecc'; curve: 'ed25519Legacy' }) => Promise<PrivateKey>;
+    generateKey: (options: {
+        userIDs: { name: string }[];
+        type: 'ecc';
+        curve: 'ed25519Legacy';
+        config?: { aeadProtect: boolean };
+    }) => Promise<PrivateKey>;
     exportPrivateKey: (options: { privateKey: PrivateKey; passphrase: string | null }) => Promise<string>;
     importPrivateKey: (options: { armoredKey: string; passphrase: string | null }) => Promise<PrivateKey>;
-    generateSessionKey: (options: { recipientKeys: PublicKey[] }) => Promise<SessionKey>;
+    generateSessionKey: (options: {
+        recipientKeys: PublicKey[];
+        config?: { ignoreSEIPDv2FeatureFlag: boolean };
+    }) => Promise<SessionKey>;
     encryptSessionKey: (
         options: SessionKey & {
             format: 'binary';
@@ -32,6 +40,7 @@ export interface OpenPGPCryptoProxy {
         signingKeys?: PrivateKey;
         detached?: Detached;
         compress?: boolean;
+        config?: { ignoreSEIPDv2FeatureFlag: boolean };
     }) => Promise<
         Detached extends true
             ? {
@@ -93,8 +102,15 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
         return uint8ArrayToBase64String(value);
     }
 
-    async generateSessionKey(encryptionKeys: PublicKey[]) {
-        return this.cryptoProxy.generateSessionKey({ recipientKeys: encryptionKeys });
+    async generateSessionKey(encryptionKeys: PublicKey[], options: { enableAeadWithEncryptionKeys: boolean }) {
+        return this.cryptoProxy.generateSessionKey({
+            recipientKeys: encryptionKeys,
+            // `ignoreSEIPDv2FeatureFlag` means that the key preferences are
+            // ignored. If set to `true`, the session key will be generated
+            // the standard non-AEAD algorithm. If set to `false`, the session
+            // key will always follow the encryption key preferences.
+            config: { ignoreSEIPDv2FeatureFlag: !options.enableAeadWithEncryptionKeys },
+        });
     }
 
     async encryptSessionKey(sessionKey: SessionKey, encryptionKeys: PublicKey | PublicKey[]) {
@@ -119,11 +135,12 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
         };
     }
 
-    async generateKey(passphrase: string) {
+    async generateKey(passphrase: string, options: { enableAead: boolean }) {
         const privateKey = await this.cryptoProxy.generateKey({
             userIDs: [{ name: 'Drive key' }],
             type: 'ecc',
             curve: 'ed25519Legacy',
+            config: { aeadProtect: options.enableAead },
         });
 
         const armoredKey = await this.cryptoProxy.exportPrivateKey({
@@ -137,11 +154,21 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
         };
     }
 
-    async encryptArmored(data: Uint8Array<ArrayBuffer>, encryptionKeys: PublicKey[], sessionKey?: SessionKey) {
+    async encryptArmored(
+        data: Uint8Array<ArrayBuffer>,
+        encryptionKeys: PublicKey[],
+        sessionKey: SessionKey | undefined,
+        options: { enableAeadWithEncryptionKeys: boolean },
+    ) {
         const { message: armoredData } = await this.cryptoProxy.encryptMessage({
             binaryData: data,
             sessionKey,
             encryptionKeys,
+            // `ignoreSEIPDv2FeatureFlag` means that the key preferences are
+            // ignored. If set to `true`, the encrypted data will be generated
+            // the standard non-AEAD algorithm. If set to `false`, the session
+            // key will always follow the encryption key preferences.
+            config: { ignoreSEIPDv2FeatureFlag: !options.enableAeadWithEncryptionKeys },
         });
         return {
             armoredData: armoredData,
@@ -153,6 +180,7 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
         sessionKey: SessionKey,
         encryptionKeys: PublicKey[],
         signingKey: PrivateKey,
+        options: { compress?: boolean; enableAeadWithEncryptionKeys: boolean },
     ) {
         const { message: encryptedData } = await this.cryptoProxy.encryptMessage({
             binaryData: data,
@@ -161,6 +189,11 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
             encryptionKeys,
             format: 'binary',
             detached: false,
+            // `ignoreSEIPDv2FeatureFlag` means that the key preferences are
+            // ignored. If set to `true`, the encrypted data will be generated
+            // the standard non-AEAD algorithm. If set to `false`, the session
+            // key will always follow the encryption key preferences.
+            config: { ignoreSEIPDv2FeatureFlag: !options.enableAeadWithEncryptionKeys },
         });
         return {
             encryptedData: encryptedData,
@@ -172,7 +205,7 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
         sessionKey: SessionKey | undefined,
         encryptionKeys: PublicKey[],
         signingKey: PrivateKey,
-        options: { compress?: boolean } = {},
+        options: { compress?: boolean; enableAeadWithEncryptionKeys: boolean },
     ) {
         const { message: armoredData } = await this.cryptoProxy.encryptMessage({
             binaryData: data,
@@ -181,6 +214,11 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
             signingKeys: signingKey,
             detached: false,
             compress: options.compress || false,
+            // `ignoreSEIPDv2FeatureFlag` means that the key preferences are
+            // ignored. If set to `true`, the encrypted data will be generated
+            // the standard non-AEAD algorithm. If set to `false`, the session
+            // key will always follow the encryption key preferences.
+            config: { ignoreSEIPDv2FeatureFlag: !options.enableAeadWithEncryptionKeys },
         });
         return {
             armoredData: armoredData,
@@ -192,6 +230,7 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
         sessionKey: SessionKey,
         encryptionKeys: PublicKey[],
         signingKey: PrivateKey,
+        options: { enableAeadWithEncryptionKeys: boolean },
     ) {
         const { message: encryptedData, signature } = await this.cryptoProxy.encryptMessage({
             binaryData: data,
@@ -200,6 +239,11 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
             encryptionKeys,
             format: 'binary',
             detached: true,
+            // `ignoreSEIPDv2FeatureFlag` means that the key preferences are
+            // ignored. If set to `true`, the encrypted data will be generated
+            // the standard non-AEAD algorithm. If set to `false`, the session
+            // key will always follow the encryption key preferences.
+            config: { ignoreSEIPDv2FeatureFlag: !options.enableAeadWithEncryptionKeys },
         });
         return {
             encryptedData: encryptedData,
@@ -212,6 +256,7 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
         sessionKey: SessionKey,
         encryptionKeys: PublicKey[],
         signingKey: PrivateKey,
+        options: { enableAeadWithEncryptionKeys: boolean },
     ) {
         const { message: armoredData, signature: armoredSignature } = await this.cryptoProxy.encryptMessage({
             binaryData: data,
@@ -219,6 +264,11 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
             signingKeys: signingKey,
             encryptionKeys,
             detached: true,
+            // `ignoreSEIPDv2FeatureFlag` means that the key preferences are
+            // ignored. If set to `true`, the encrypted data will be generated
+            // the standard non-AEAD algorithm. If set to `false`, the session
+            // key will always follow the encryption key preferences.
+            config: { ignoreSEIPDv2FeatureFlag: !options.enableAeadWithEncryptionKeys },
         });
         return {
             armoredData: armoredData,
@@ -251,7 +301,11 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
         };
     }
 
-    async verify(data: Uint8Array<ArrayBuffer>, signature: Uint8Array<ArrayBuffer>, verificationKeys: PublicKey | PublicKey[]) {
+    async verify(
+        data: Uint8Array<ArrayBuffer>,
+        signature: Uint8Array<ArrayBuffer>,
+        verificationKeys: PublicKey | PublicKey[],
+    ) {
         const { verificationStatus, errors } = await this.cryptoProxy.verifyMessage({
             binaryData: data,
             binarySignature: signature,
@@ -292,6 +346,12 @@ export class OpenPGPCryptoWithCryptoProxy implements OpenPGPCrypto {
             throw new Error('Could not decrypt session key');
         }
 
+        // Encrypted OpenPGP v6 session keys used for AEAD do not store algorithm information, so we hardcode it
+        if (sessionKey.algorithm === null) {
+            sessionKey.algorithm = 'aes256';
+            sessionKey.aeadAlgorithm = 'gcm';
+        }
+
         return sessionKey;
     }
 

package/src/diagnostic/telemetry.ts

@@ -27,6 +27,9 @@ export class DiagnosticTelemetry extends EventsGenerator {
         if (event.eventName === 'volumeEventsSubscriptionsChanged') {
             return;
         }
+        if (event.eventName === 'performance') {
+            return;
+        }
 
         this.enqueueEvent({
             type: 'metric',

package/src/interface/featureFlags.ts

@@ -3,5 +3,9 @@
  * Applications must supply their own implementation.
  */
 export interface FeatureFlagProvider {
-    isEnabled(flagName: string, signal?: AbortSignal): Promise<boolean>;
+    isEnabled(flagName: FeatureFlags, signal?: AbortSignal): Promise<boolean>;
+}
+
+export enum FeatureFlags {
+    DriveCryptoEncryptBlocksWithPgpAead = 'DriveCryptoEncryptBlocksWithPgpAead',
 }

package/src/interface/index.ts

@@ -14,6 +14,7 @@ export type { Author, UnverifiedAuthorError, AnonymousUser } from './author';
 export type { ProtonDriveConfig } from './config';
 export type { Device, DeviceOrUid } from './devices';
 export type { FeatureFlagProvider } from './featureFlags';
+export { FeatureFlags } from './featureFlags';
 export { DeviceType } from './devices';
 export type { FileDownloader, DownloadController, SeekableReadableStream } from './download';
 export type {
@@ -56,6 +57,7 @@ export type {
     PhotoAttributes,
     AlbumAttributes,
 } from './photos';
+export { PhotoTag } from './photos';
 export type {
     ProtonInvitation,
     ProtonInvitationWithNode,

package/src/interface/photos.ts

@@ -65,7 +65,20 @@ export type PhotoAttributes = {
     /**
      * List of tags assigned to the photo.
      */
-    tags: number[]; // TODO: enum
+    tags: PhotoTag[];
+};
+
+export enum PhotoTag {
+    Favorites = 0,
+    Screenshots = 1,
+    Videos = 2,
+    LivePhotos = 3,
+    MotionPhotos = 4,
+    Selfies = 5,
+    Portraits = 6,
+    Bursts = 7,
+    Panoramas = 8,
+    Raw = 9,
 }
 
 /**

package/src/interface/telemetry.ts

@@ -18,7 +18,8 @@ export type MetricEvent =
     | MetricDecryptionErrorEvent
     | MetricVerificationErrorEvent
     | MetricBlockVerificationErrorEvent
-    | MetricVolumeEventsSubscriptionsChangedEvent;
+    | MetricVolumeEventsSubscriptionsChangedEvent
+    | MetricPerformanceEvent;
 
 export interface MetricAPIRetrySucceededEvent {
     eventName: 'apiRetrySucceeded';
@@ -118,3 +119,15 @@ export enum MetricVolumeType {
     Shared = 'shared',
     SharedPublic = 'shared_public',
 }
+
+/**
+ * Experimental metrics to track performance of encryption and decryption
+ * operations of the file content.
+ */
+export interface MetricPerformanceEvent {
+    eventName: 'performance';
+    type: 'content_encryption' | 'content_decryption';
+    cryptoModel: 'v1' | 'v1.5';
+    bytesProcessed: number;
+    milliseconds: number;
+}

package/src/internal/apiService/apiService.ts

@@ -137,8 +137,12 @@ export class DriveAPIService {
         return this.makeRequest(url, 'PUT', data, signal);
     }
 
-    async delete<Response>(url: string, signal?: AbortSignal): Promise<Response> {
-        return this.makeRequest(url, 'DELETE', undefined, signal);
+    async delete<RequestPayload, ResponsePayload>(
+        url: string,
+        data?: RequestPayload,
+        signal?: AbortSignal,
+    ): Promise<ResponsePayload> {
+        return this.makeRequest(url, 'DELETE', data, signal);
     }
 
     protected async makeRequest<RequestPayload, ResponsePayload>(

package/src/internal/nodes/apiService.ts

@@ -440,7 +440,7 @@ export abstract class NodeAPIServiceBase<
     }
 
     async emptyTrash(volumeId: string): Promise<void> {
-        await this.apiService.delete<EmptyTrashResponse>(`drive/volumes/${volumeId}/trash`);
+        await this.apiService.delete<undefined, EmptyTrashResponse>(`drive/volumes/${volumeId}/trash`);
     }
 
     async *restoreNodes(nodeUids: string[], signal?: AbortSignal): AsyncGenerator<NodeResult> {
@@ -561,7 +561,7 @@ export abstract class NodeAPIServiceBase<
     async deleteRevision(nodeRevisionUid: string): Promise<void> {
         const { volumeId, nodeId, revisionId } = splitNodeRevisionUid(nodeRevisionUid);
 
-        await this.apiService.delete<DeleteRevisionResponse>(
+        await this.apiService.delete<undefined, DeleteRevisionResponse>(
             `drive/v2/volumes/${volumeId}/files/${nodeId}/revisions/${revisionId}`,
         );
     }

package/src/internal/nodes/nodesAccess.ts

@@ -412,7 +412,7 @@ export abstract class NodesAccessBase<
         }
         // This is bug that should not happen.
         // API cannot provide node without parent or share.
-        throw new Error('Node has neither parent node nor share');
+        throw new Error(`Node has neither parent node nor share: ${node.uid}`);
     }
 
     async getNodeKeys(nodeUid: string): Promise<DecryptedNodeKeys> {

package/src/internal/photos/addToAlbum.ts

@@ -1,13 +1,12 @@
 import { c } from 'ttag';
 
-import { ValidationError } from '../../errors';
 import { Logger, NodeResultWithError } from '../../interface';
 import { DecryptedNodeKeys, NodeSigningKeys } from '../nodes/interface';
 import { splitNodeUid } from '../uids';
 import { AlbumsCryptoService } from './albumsCrypto';
 import { PhotosAPIService } from './apiService';
 import { MissingRelatedPhotosError } from './errors';
-import { AddToAlbumEncryptedPhotoPayload, DecryptedPhotoNode } from './interface';
+import { PhotoTransferPayloadBuilder, TransferEncryptedPhotoPayload } from './photosTransferPayloadBuilder';
 import { PhotosNodesAccess } from './nodes';
 
 /**
@@ -47,18 +46,20 @@ type PhotoQueueItem = {
 export class AddToAlbumProcess {
     private readonly albumVolumeId: string;
     private readonly retriedPhotoUids = new Set<string>();
+    private readonly payloadBuilder: PhotoTransferPayloadBuilder;
 
     constructor(
         private readonly albumNodeUid: string,
         private readonly albumKeys: DecryptedNodeKeys,
         private readonly signingKeys: NodeSigningKeys,
         private readonly apiService: PhotosAPIService,
-        private readonly cryptoService: AlbumsCryptoService,
+        cryptoService: AlbumsCryptoService,
         private readonly nodesService: PhotosNodesAccess,
         private readonly logger: Logger,
         private readonly signal?: AbortSignal,
     ) {
         this.albumVolumeId = splitNodeUid(albumNodeUid).volumeId;
+        this.payloadBuilder = new PhotoTransferPayloadBuilder(cryptoService, nodesService);
     }
 
     async *execute(photoNodeUids: string[]): AsyncGenerator<NodeResultWithError> {
@@ -71,7 +72,13 @@ export class AddToAlbumProcess {
     private async *processSameVolumeQueue(queue: PhotoQueueItem[]): AsyncGenerator<NodeResultWithError> {
         while (queue.length > 0) {
             const items = queue.splice(0, BATCH_LOADING_SIZE);
-            const { payloads, errors } = await this.preparePhotoPayloads(items);
+            const { payloads, errors } = await this.payloadBuilder.preparePhotoPayloads(
+                items,
+                this.albumNodeUid,
+                this.albumKeys,
+                this.signingKeys,
+                this.signal,
+            );
 
             for (const [uid, error] of errors) {
                 yield { uid, ok: false, error };
@@ -97,7 +104,13 @@ export class AddToAlbumProcess {
     private async *processDifferentVolumeQueue(queue: PhotoQueueItem[]): AsyncGenerator<NodeResultWithError> {
         while (queue.length > 0) {
             const items = queue.splice(0, BATCH_LOADING_SIZE);
-            const { payloads, errors } = await this.preparePhotoPayloads(items);
+            const { payloads, errors } = await this.payloadBuilder.preparePhotoPayloads(
+                items,
+                this.albumNodeUid,
+                this.albumKeys,
+                this.signingKeys,
+                this.signal,
+            );
 
             for (const [uid, error] of errors) {
                 yield { uid, ok: false, error };
@@ -105,7 +118,11 @@ export class AddToAlbumProcess {
 
             for (const payload of payloads) {
                 try {
-                    const newPhotoNodeUid = await this.apiService.copyPhotoToAlbum(this.albumNodeUid, payload, this.signal);
+                    const newPhotoNodeUid = await this.apiService.copyPhotoToAlbum(
+                        this.albumNodeUid,
+                        payload,
+                        this.signal,
+                    );
                     await this.nodesService.notifyChildCreated(newPhotoNodeUid);
                     yield { uid: payload.nodeUid, ok: true };
                 } catch (error) {
@@ -119,131 +136,14 @@ export class AddToAlbumProcess {
                     yield {
                         uid: payload.nodeUid,
                         ok: false,
-                        error: error instanceof Error ? error : new Error(c('Error').t`Unknown error`, { cause: error }),
+                        error:
+                            error instanceof Error ? error : new Error(c('Error').t`Unknown error`, { cause: error }),
                     };
                 }
             }
         }
     }
 
-    private async preparePhotoPayloads(items: PhotoQueueItem[]): Promise<{
-        payloads: AddToAlbumEncryptedPhotoPayload[];
-        errors: Map<string, Error>;
-    }> {
-        const payloads: AddToAlbumEncryptedPhotoPayload[] = [];
-        const errors = new Map<string, Error>();
-
-        const additionalRelatedMap = new Map(
-            items.map((item) => [item.photoNodeUid, item.additionalRelatedPhotoNodeUids]),
-        );
-
-        const nodeUids = items.map((item) => item.photoNodeUid);
-        for await (const photoNode of this.nodesService.iterateNodes(nodeUids, this.signal)) {
-            if ('missingUid' in photoNode) {
-                errors.set(photoNode.missingUid, new ValidationError(c('Error').t`Photo not found`));
-                continue;
-            }
-
-            try {
-                const additionalRelated = additionalRelatedMap.get(photoNode.uid) || [];
-                const payload = await this.preparePhotoPayload(photoNode, additionalRelated);
-                payloads.push(payload);
-            } catch (error) {
-                errors.set(
-                    photoNode.uid,
-                    error instanceof Error ? error : new Error(c('Error').t`Unknown error`, { cause: error }),
-                );
-            }
-        }
-
-        return { payloads, errors };
-    }
-
-    private async preparePhotoPayload(
-        photoNode: DecryptedPhotoNode,
-        additionalRelatedPhotoNodeUids: string[],
-    ): Promise<AddToAlbumEncryptedPhotoPayload> {
-        const photoData = await this.encryptPhotoForAlbum(photoNode);
-
-        const relatedNodeUids = [...new Set([
-            ...(photoNode.photo?.relatedPhotoNodeUids || []),
-            ...additionalRelatedPhotoNodeUids,
-        ])];
-
-        const relatedPhotos =
-            relatedNodeUids.length > 0 ? await this.prepareRelatedPhotoPayloads(relatedNodeUids) : [];
-
-        return {
-            ...photoData,
-            relatedPhotos,
-        };
-    }
-
-    private async prepareRelatedPhotoPayloads(
-        nodeUids: string[],
-    ): Promise<Omit<AddToAlbumEncryptedPhotoPayload, 'relatedPhotos'>[]> {
-        const payloads: Omit<AddToAlbumEncryptedPhotoPayload, 'relatedPhotos'>[] = [];
-
-        for await (const photoNode of this.nodesService.iterateNodes(nodeUids, this.signal)) {
-            // Missing related photos means that the related photo was deleted
-            // since the loading of the metadata. It can happen and should be
-            // ignored. The backend controls all the related photos are part
-            // of the request, thus the request will fail and be retried if
-            // there is any other race condition.
-            if ('missingUid' in photoNode) {
-                continue;
-            }
-            const payload = await this.encryptPhotoForAlbum(photoNode);
-            payloads.push(payload);
-        }
-
-        return payloads;
-    }
-
-    private async encryptPhotoForAlbum(
-        photoNode: DecryptedPhotoNode,
-    ): Promise<AddToAlbumEncryptedPhotoPayload> {
-        const nodeKeys = await this.nodesService.getNodePrivateAndSessionKeys(photoNode.uid);
-
-        const contentSha1 = photoNode.activeRevision?.ok
-            ? photoNode.activeRevision.value.claimedDigests?.sha1
-            : undefined;
-
-        if (!contentSha1) {
-            throw new Error('Cannot add photo to album without a content hash');
-        }
-
-        const encryptedCrypto = await this.cryptoService.encryptPhotoForAlbum(
-            photoNode.name,
-            contentSha1,
-            nodeKeys,
-            { key: this.albumKeys.key, hashKey: this.albumKeys.hashKey! },
-            this.signingKeys,
-        );
-
-        // Node could be uploaded or renamed by anonymous user and thus have
-        // missing signatures that must be added to the request.
-        // Node passphrase and signature email must be passed if and only if
-        // the signatures are missing (key author is null).
-        const anonymousKey = photoNode.keyAuthor.ok && photoNode.keyAuthor.value === null;
-        const keySignatureProperties = !anonymousKey
-            ? {}
-            : {
-                  signatureEmail: encryptedCrypto.signatureEmail,
-                  nodePassphraseSignature: encryptedCrypto.armoredNodePassphraseSignature,
-              };
-
-        return {
-            nodeUid: photoNode.uid,
-            contentHash: encryptedCrypto.contentHash,
-            nameHash: encryptedCrypto.hash,
-            encryptedName: encryptedCrypto.encryptedName,
-            nameSignatureEmail: encryptedCrypto.nameSignatureEmail,
-            nodePassphrase: encryptedCrypto.armoredNodePassphrase,
-            ...keySignatureProperties,
-        };
-    }
-
     /**
      * If the result indicates a MissingRelatedPhotosError that hasn't
      * been retried, returns a retry queue item. Otherwise returns undefined.
@@ -260,19 +160,14 @@ export class AddToAlbumProcess {
      * Returns undefined if the photo has already been retried, preventing
      * infinite retry loops.
      */
-    private createRetryQueueItem(
-        photoNodeUid: string,
-        error: MissingRelatedPhotosError,
-    ): PhotoQueueItem | undefined {
+    private createRetryQueueItem(photoNodeUid: string, error: MissingRelatedPhotosError): PhotoQueueItem | undefined {
         if (this.retriedPhotoUids.has(photoNodeUid)) {
             this.logger.warn(`Missing related photos for ${photoNodeUid}, already retried`);
             return undefined;
         }
 
         this.retriedPhotoUids.add(photoNodeUid);
-        this.logger.info(
-            `Missing related photos for ${photoNodeUid}, re-queuing: ${error.missingNodeUids.join(', ')}`,
-        );
+        this.logger.info(`Missing related photos for ${photoNodeUid}, re-queuing: ${error.missingNodeUids.join(', ')}`);
 
         return {
             photoNodeUid,
@@ -316,10 +211,8 @@ function splitByVolume(
  * Groups payloads into batches respecting the API limit.
  * Each payload's size counts itself plus its related photos.
  */
-function* createBatches(
-    payloads: AddToAlbumEncryptedPhotoPayload[],
-): Generator<AddToAlbumEncryptedPhotoPayload[]> {
-    let batch: AddToAlbumEncryptedPhotoPayload[] = [];
+function* createBatches(payloads: TransferEncryptedPhotoPayload[]): Generator<TransferEncryptedPhotoPayload[]> {
+    let batch: TransferEncryptedPhotoPayload[] = [];
     let batchSize = 0;
 
     for (const payload of payloads) {

package/src/internal/photos/{albums.test.ts → albumsManager.test.ts}

@@ -1,7 +1,7 @@
 import { NodeType } from '../../interface';
 import { ValidationError } from '../../errors';
 import { getMockTelemetry } from '../../tests/telemetry';
-import { Albums } from './albums';
+import { AlbumsManager } from './albumsManager';
 import { AlbumsCryptoService } from './albumsCrypto';
 import { PhotosAPIService } from './apiService';
 import { DecryptedPhotoNode } from './interface';
@@ -13,7 +13,7 @@ describe('Albums', () => {
     let cryptoService: AlbumsCryptoService;
     let photoShares: PhotoSharesManager;
     let nodesService: PhotosNodesAccess;
-    let albums: Albums;
+    let albums: AlbumsManager;
 
     let nodes: { [uid: string]: DecryptedPhotoNode };
 
@@ -97,7 +97,7 @@ describe('Albums', () => {
             notifyChildCreated: jest.fn(),
         };
 
-        albums = new Albums(getMockTelemetry(), apiService, cryptoService, photoShares, nodesService);
+        albums = new AlbumsManager(getMockTelemetry(), apiService, cryptoService, photoShares, nodesService);
     });
 
     describe('createAlbum', () => {

package/src/internal/photos/{albums.ts → albumsManager.ts}

@@ -16,7 +16,7 @@ const BATCH_LOADING_SIZE = 10;
 /**
  * Provides access and high-level actions for managing albums.
  */
-export class Albums {
+export class AlbumsManager {
     private logger: Logger;
 
     constructor(