@protontech/drive-sdk 0.6.2 → 0.7.1

package/src/internal/nodes/cryptoService.ts

@@ -24,6 +24,7 @@ import {
     DecryptedNodeKeys,
     EncryptedRevision,
     DecryptedUnparsedRevision,
+    NodeSigningKeys,
 } from './interface';
 
 export interface NodesCryptoReporter {
@@ -33,7 +34,7 @@ export interface NodesCryptoReporter {
         signatureType: string,
         verified: VERIFICATION_STATUS,
         verificationErrors?: Error[],
-        claimedAuthor?: string,
+        claimedAuthor?: string | AnonymousUser,
         notAvailableVerificationKeys?: boolean,
     ): Promise<Author>;
     reportDecryptionError(node: NodesCryptoReporterNode, field: MetricsDecryptionErrorField, error: unknown): void;
@@ -336,11 +337,19 @@ export class NodesCryptoService {
         const nameSignatureEmail = node.encryptedCrypto.nameSignatureEmail;
 
         try {
-            const { name, verified, verificationErrors } = await this.driveCrypto.decryptNodeName(
-                node.encryptedName,
-                parentKey,
-                verificationKeys,
-            );
+            const {
+                name,
+                verified: verificationStatus,
+                verificationErrors,
+            } = await this.driveCrypto.decryptNodeName(node.encryptedName, parentKey, verificationKeys);
+
+            let verified = verificationStatus;
+            // The name was not signed until Drive web Beta 3.
+            // It is decided to ignore this and consider it signed.
+            // The problem will be gone with migration to new crypto model.
+            if (verificationStatus === VERIFICATION_STATUS.NOT_SIGNED && node.creationTime < new Date(2021, 0, 1)) {
+                verified = VERIFICATION_STATUS.SIGNED_AND_VALID;
+            }
 
             return {
                 name: resultOk(name),
@@ -438,11 +447,19 @@ export class NodesCryptoService {
             throw new Error('Node is not a folder');
         }
 
-        const { hashKey, verified, verificationErrors } = await this.driveCrypto.decryptNodeHashKey(
-            node.encryptedCrypto.folder.armoredHashKey,
-            nodeKey,
-            addressKeys,
-        );
+        const {
+            hashKey,
+            verified: verificationStatus,
+            verificationErrors,
+        } = await this.driveCrypto.decryptNodeHashKey(node.encryptedCrypto.folder.armoredHashKey, nodeKey, addressKeys);
+
+        let verified = verificationStatus;
+        // The hash was not signed until Drive web Beta 17.
+        // It is decided to ignore this and consider it signed.
+        // The problem will be gone with migration to new crypto model.
+        if (verificationStatus === VERIFICATION_STATUS.NOT_SIGNED && node.creationTime < new Date(2021, 7, 1)) {
+            verified = VERIFICATION_STATUS.SIGNED_AND_VALID;
+        }
 
         return {
             hashKey,
@@ -490,7 +507,7 @@ export class NodesCryptoService {
         encryptedExtendedAttributes: string | undefined,
         nodeKey: PrivateKey,
         addressKeys: PublicKey[],
-        signatureEmail?: string,
+        signatureEmail?: string | AnonymousUser,
     ): Promise<{
         extendedAttributes?: string;
         author: Author;
@@ -522,31 +539,44 @@ export class NodesCryptoService {
 
     async createFolder(
         parentKeys: { key: PrivateKey; hashKey: Uint8Array },
-        address: { email: string; addressKey: PrivateKey },
+        signingKeys: NodeSigningKeys,
         name: string,
         extendedAttributes?: string,
     ): Promise<{
-        encryptedCrypto: EncryptedNodeFolderCrypto & {
+        encryptedCrypto: Omit<EncryptedNodeFolderCrypto, 'signatureEmail' | 'nameSignatureEmail'> & {
+            signatureEmail: string | AnonymousUser;
+            nameSignatureEmail: string | AnonymousUser;
             armoredNodePassphraseSignature: string;
-            // signatureEmail and nameSignatureEmail are not optional.
-            signatureEmail: string;
-            nameSignatureEmail: string;
             encryptedName: string;
             hash: string;
         };
         keys: DecryptedNodeKeys;
     }> {
-        const { email, addressKey } = address;
+        const email = signingKeys.type === 'userAddress' ? signingKeys.email : null;
+        const nameAndPassprhaseSigningKey =
+            signingKeys.type === 'userAddress' ? signingKeys.key : signingKeys.parentNodeKey;
+        if (!nameAndPassprhaseSigningKey) {
+            // This is a bug within the SDK.
+            throw new Error('Cannot create new node without a name and passphrase signing key');
+        }
+
         const [nodeKeys, { armoredNodeName }, hash] = await Promise.all([
-            this.driveCrypto.generateKey([parentKeys.key], addressKey),
-            this.driveCrypto.encryptNodeName(name, undefined, parentKeys.key, addressKey),
+            this.driveCrypto.generateKey([parentKeys.key], nameAndPassprhaseSigningKey),
+            this.driveCrypto.encryptNodeName(name, undefined, parentKeys.key, nameAndPassprhaseSigningKey),
             this.driveCrypto.generateLookupHash(name, parentKeys.hashKey),
         ]);
 
         const { armoredHashKey, hashKey } = await this.driveCrypto.generateHashKey(nodeKeys.decrypted.key);
 
+        const extendedAttributesSigningKey =
+            signingKeys.type === 'userAddress' ? signingKeys.key : signingKeys.nodeKey || nodeKeys.decrypted.key;
+
         const { armoredExtendedAttributes } = extendedAttributes
-            ? await this.driveCrypto.encryptExtendedAttributes(extendedAttributes, nodeKeys.decrypted.key, addressKey)
+            ? await this.driveCrypto.encryptExtendedAttributes(
+                  extendedAttributes,
+                  nodeKeys.decrypted.key,
+                  extendedAttributesSigningKey,
+              )
             : { armoredExtendedAttributes: undefined };
 
         return {
@@ -575,20 +605,25 @@ export class NodesCryptoService {
     async encryptNewName(
         parentKeys: { key: PrivateKey; hashKey?: Uint8Array },
         nodeNameSessionKey: SessionKey,
-        address: { email: string; addressKey: PrivateKey },
+        signingKeys: NodeSigningKeys,
         newName: string,
     ): Promise<{
-        signatureEmail: string;
+        signatureEmail: string | AnonymousUser;
         armoredNodeName: string;
         hash?: string;
     }> {
-        const { email, addressKey } = address;
+        const email = signingKeys.type === 'userAddress' ? signingKeys.email : null;
+        const nameSigningKey = signingKeys.type === 'userAddress' ? signingKeys.key : signingKeys.parentNodeKey;
+        if (!nameSigningKey) {
+            // This is a bug within the SDK.
+            throw new Error('Cannot encrypt new node name without a name signing key');
+        }
 
         const { armoredNodeName } = await this.driveCrypto.encryptNodeName(
             newName,
             nodeNameSessionKey,
             parentKeys.key,
-            addressKey,
+            nameSigningKey,
         );
 
         const hash = parentKeys.hashKey
@@ -602,38 +637,44 @@ export class NodesCryptoService {
     }
 
     async encryptNodeWithNewParent(
-        node: Pick<DecryptedNode, 'name'>,
+        nodeName: DecryptedNode['name'],
         keys: { passphrase: string; passphraseSessionKey: SessionKey; nameSessionKey: SessionKey },
         parentKeys: { key: PrivateKey; hashKey: Uint8Array },
-        address: { email: string; addressKey: PrivateKey },
+        signingKeys: NodeSigningKeys,
     ): Promise<{
         encryptedName: string;
         hash: string;
         armoredNodePassphrase: string;
         armoredNodePassphraseSignature: string;
-        signatureEmail: string;
-        nameSignatureEmail: string;
+        signatureEmail: string | AnonymousUser;
+        nameSignatureEmail: string | AnonymousUser;
     }> {
         if (!parentKeys.hashKey) {
             throw new ValidationError('Moving item to a non-folder is not allowed');
         }
-        if (!node.name.ok) {
+        if (!nodeName.ok) {
             throw new ValidationError('Cannot move item without a valid name, please rename the item first');
         }
 
-        const { email, addressKey } = address;
+        const email = signingKeys.type === 'userAddress' ? signingKeys.email : null;
+        const nameAndPassprhaseSigningKey = signingKeys.type === 'userAddress' ? signingKeys.key : signingKeys.nodeKey;
+        if (!nameAndPassprhaseSigningKey) {
+            // This is a bug within the SDK.
+            throw new Error('Cannot re-encrypt node without a name and passphrase signing key');
+        }
+
         const { armoredNodeName } = await this.driveCrypto.encryptNodeName(
-            node.name.value,
+            nodeName.value,
             keys.nameSessionKey,
             parentKeys.key,
-            addressKey,
+            nameAndPassprhaseSigningKey,
         );
-        const hash = await this.driveCrypto.generateLookupHash(node.name.value, parentKeys.hashKey);
+        const hash = await this.driveCrypto.generateLookupHash(nodeName.value, parentKeys.hashKey);
         const { armoredPassphrase, armoredPassphraseSignature } = await this.driveCrypto.encryptPassphrase(
             keys.passphrase,
             keys.passphraseSessionKey,
             [parentKeys.key],
-            addressKey,
+            nameAndPassprhaseSigningKey,
         );
 
         return {
@@ -657,7 +698,7 @@ export class NodesCryptoService {
 }
 
 function getClaimedAuthor(
-    claimedAuthor?: string,
+    claimedAuthor?: string | AnonymousUser,
     notAvailableVerificationKeys = false,
 ): string | AnonymousUser | undefined {
     if (!claimedAuthor && notAvailableVerificationKeys) {

package/src/internal/nodes/events.ts

@@ -1,6 +1,6 @@
 import { Logger } from '../../interface';
 import { DriveEvent, DriveEventType } from '../events';
-import { NodesCache } from './cache';
+import { NodesCacheBase } from './cache';
 
 /**
  * Provides internal event handling.
@@ -11,7 +11,7 @@ import { NodesCache } from './cache';
 export class NodesEventsHandler {
     constructor(
         private logger: Logger,
-        private cache: NodesCache,
+        private cache: NodesCacheBase,
     ) {}
 
     async updateNodesCacheOnEvent(event: DriveEvent): Promise<void> {

package/src/internal/nodes/index.test.ts

@@ -26,6 +26,7 @@ function generateNode(uid: string, parentUid = 'volumeId~root', params: Partial<
         isShared: false,
         isSharedPublicly: false,
         creationTime: new Date(),
+        modificationTime: new Date(),
         trashTime: undefined,
         isStale: false,
         ...params,

package/src/internal/nodes/interface.ts

@@ -10,6 +10,7 @@ import {
     MetricVolumeType,
     Revision,
     RevisionState,
+    AnonymousUser,
 } from '../../interface';
 
 export type FilterOptions = {
@@ -32,6 +33,7 @@ interface BaseNode {
     type: NodeType;
     mediaType?: string;
     creationTime: Date; // created on the server
+    modificationTime: Date; // modified on server
     trashTime?: Date;
     totalStorageSize?: number;
 
@@ -57,8 +59,8 @@ export interface EncryptedNode extends BaseNode {
 }
 
 export interface EncryptedNodeCrypto {
-    signatureEmail?: string;
-    nameSignatureEmail?: string;
+    signatureEmail?: string | AnonymousUser;
+    nameSignatureEmail?: string | AnonymousUser;
     armoredKey: string;
     armoredNodePassphrase: string;
     armoredNodePassphraseSignature?: string;
@@ -88,6 +90,19 @@ export interface EncryptedNodeFolderCrypto extends EncryptedNodeCrypto {
 // eslint-disable-next-line @typescript-eslint/no-empty-object-type
 export interface EncryptedNodeAlbumCrypto extends EncryptedNodeCrypto {}
 
+export type NodeSigningKeys =
+    | {
+          type: 'userAddress';
+          email: string;
+          addressId: string;
+          key: PrivateKey;
+      }
+    | {
+          type: 'nodeKey';
+          nodeKey?: PrivateKey;
+          parentNodeKey?: PrivateKey;
+      };
+
 /**
  * Interface used only internally in the nodes module.
  *

package/src/internal/nodes/nodesAccess.ts

@@ -16,8 +16,8 @@ import { asyncIteratorMap } from '../asyncIteratorMap';
 import { getErrorMessage } from '../errors';
 import { BatchLoading } from '../batchLoading';
 import { makeNodeUid, splitNodeUid } from '../uids';
-import { NodeAPIService } from './apiService';
-import { NodesCache } from './cache';
+import { NodeAPIServiceBase } from './apiService';
+import { NodesCacheBase } from './cache';
 import { NodesCryptoCache } from './cryptoCache';
 import { NodesCryptoService } from './cryptoService';
 import { NodesDebouncer } from './debouncer';
@@ -29,6 +29,7 @@ import {
     DecryptedNode,
     DecryptedNodeKeys,
     FilterOptions,
+    NodeSigningKeys,
 } from './interface';
 import { validateNodeName } from './validations';
 import { isProtonDocument, isProtonSheet } from './mediaTypes';
@@ -49,17 +50,21 @@ const DECRYPTION_CONCURRENCY = 30;
  * The node access module is responsible for fetching, decrypting and caching
  * nodes metadata.
  */
-export class NodesAccess {
-    private logger: Logger;
-    private debouncer: NodesDebouncer;
+export abstract class NodesAccessBase<
+    TEncryptedNode extends EncryptedNode = EncryptedNode,
+    TDecryptedNode extends DecryptedNode = DecryptedNode,
+    TCryptoService extends NodesCryptoService = NodesCryptoService,
+> {
+    protected logger: Logger;
+    protected debouncer: NodesDebouncer;
 
     constructor(
-        private telemetry: ProtonDriveTelemetry,
-        private apiService: NodeAPIService,
-        private cache: NodesCache,
-        private cryptoCache: NodesCryptoCache,
-        private cryptoService: NodesCryptoService,
-        private shareService: Pick<
+        protected telemetry: ProtonDriveTelemetry,
+        protected apiService: NodeAPIServiceBase<TEncryptedNode>,
+        protected cache: NodesCacheBase<TDecryptedNode>,
+        protected cryptoCache: NodesCryptoCache,
+        protected cryptoService: TCryptoService,
+        protected shareService: Pick<
             SharesService,
             'getRootIDs' | 'getSharePrivateKey' | 'getContextShareMemberEmailKey'
         >,
@@ -79,7 +84,7 @@ export class NodesAccess {
         return this.getNode(nodeUid);
     }
 
-    async getNode(nodeUid: string): Promise<DecryptedNode> {
+    async getNode(nodeUid: string): Promise<TDecryptedNode> {
         let cachedNode;
         try {
             await this.debouncer.waitForLoadingNode(nodeUid);
@@ -100,11 +105,11 @@ export class NodesAccess {
         parentNodeUid: string,
         filterOptions?: FilterOptions,
         signal?: AbortSignal,
-    ): AsyncGenerator<DecryptedNode> {
+    ): AsyncGenerator<TDecryptedNode> {
         // Ensure the parent is loaded and up-to-date.
         const parentNode = await this.getNode(parentNodeUid);
 
-        const batchLoading = new BatchLoading<string, DecryptedNode>({
+        const batchLoading = new BatchLoading<string, TDecryptedNode>({
             iterateItems: (nodeUids) => this.loadNodes(nodeUids, filterOptions, signal),
             batchSize: BATCH_LOADING_SIZE,
         });
@@ -153,9 +158,9 @@ export class NodesAccess {
     }
 
     // Improvement requested: keep status of loaded trash and leverage cache.
-    async *iterateTrashedNodes(signal?: AbortSignal): AsyncGenerator<DecryptedNode> {
+    async *iterateTrashedNodes(signal?: AbortSignal): AsyncGenerator<TDecryptedNode> {
         const { volumeId } = await this.shareService.getRootIDs();
-        const batchLoading = new BatchLoading<string, DecryptedNode>({
+        const batchLoading = new BatchLoading<string, TDecryptedNode>({
             iterateItems: (nodeUids) => this.loadNodes(nodeUids, undefined, signal),
             batchSize: BATCH_LOADING_SIZE,
         });
@@ -176,8 +181,8 @@ export class NodesAccess {
         yield* batchLoading.loadRest();
     }
 
-    async *iterateNodes(nodeUids: string[], signal?: AbortSignal): AsyncGenerator<DecryptedNode | MissingNode> {
-        const batchLoading = new BatchLoading<string, DecryptedNode | MissingNode>({
+    async *iterateNodes(nodeUids: string[], signal?: AbortSignal): AsyncGenerator<TDecryptedNode | MissingNode> {
+        const batchLoading = new BatchLoading<string, TDecryptedNode | MissingNode>({
             iterateItems: (nodeUids) => this.loadNodesWithMissingReport(nodeUids, undefined, signal),
             batchSize: BATCH_LOADING_SIZE,
         });
@@ -227,7 +232,7 @@ export class NodesAccess {
         await this.cache.removeNodes([nodeUid]);
     }
 
-    private async loadNode(nodeUid: string): Promise<{ node: DecryptedNode; keys?: DecryptedNodeKeys }> {
+    private async loadNode(nodeUid: string): Promise<{ node: TDecryptedNode; keys?: DecryptedNodeKeys }> {
         this.debouncer.loadingNode(nodeUid);
         try {
             const { volumeId: ownVolumeId } = await this.shareService.getRootIDs();
@@ -242,7 +247,7 @@ export class NodesAccess {
         nodeUids: string[],
         filterOptions?: FilterOptions,
         signal?: AbortSignal,
-    ): AsyncGenerator<DecryptedNode> {
+    ): AsyncGenerator<TDecryptedNode> {
         for await (const result of this.loadNodesWithMissingReport(nodeUids, filterOptions, signal)) {
             if ('missingUid' in result) {
                 continue;
@@ -255,7 +260,7 @@ export class NodesAccess {
         nodeUids: string[],
         filterOptions?: FilterOptions,
         signal?: AbortSignal,
-    ): AsyncGenerator<DecryptedNode | MissingNode> {
+    ): AsyncGenerator<TDecryptedNode | MissingNode> {
         const returnedNodeUids: string[] = [];
         const errors = [];
 
@@ -263,13 +268,13 @@ export class NodesAccess {
 
         const apiNodesIterator = this.apiService.iterateNodes(nodeUids, ownVolumeId, filterOptions, signal);
 
-        const debouncedNodeMapper = async (encryptedNode: EncryptedNode): Promise<EncryptedNode> => {
+        const debouncedNodeMapper = async (encryptedNode: TEncryptedNode): Promise<TEncryptedNode> => {
             this.debouncer.loadingNode(encryptedNode.uid);
             return encryptedNode;
         };
         const encryptedNodesIterator = asyncIteratorMap(apiNodesIterator, debouncedNodeMapper, 1);
 
-        const decryptNodeMapper = async (encryptedNode: EncryptedNode): Promise<Result<DecryptedNode, unknown>> => {
+        const decryptNodeMapper = async (encryptedNode: TEncryptedNode): Promise<Result<TDecryptedNode, unknown>> => {
             returnedNodeUids.push(encryptedNode.uid);
             try {
                 const { node } = await this.decryptNode(encryptedNode);
@@ -309,8 +314,8 @@ export class NodesAccess {
     }
 
     private async decryptNode(
-        encryptedNode: EncryptedNode,
-    ): Promise<{ node: DecryptedNode; keys?: DecryptedNodeKeys }> {
+        encryptedNode: TEncryptedNode,
+    ): Promise<{ node: TDecryptedNode; keys?: DecryptedNodeKeys }> {
         let parentKey;
         try {
             const parentKeys = await this.getParentKeys(encryptedNode);
@@ -318,38 +323,14 @@ export class NodesAccess {
         } catch (error: unknown) {
             if (error instanceof DecryptionError) {
                 return {
-                    node: {
-                        ...encryptedNode,
-                        isStale: false,
-                        name: resultError(error),
-                        keyAuthor: resultError({
-                            claimedAuthor: encryptedNode.encryptedCrypto.signatureEmail,
-                            error: getErrorMessage(error),
-                        }),
-                        nameAuthor: resultError({
-                            claimedAuthor: encryptedNode.encryptedCrypto.nameSignatureEmail,
-                            error: getErrorMessage(error),
-                        }),
-                        membership: encryptedNode.membership
-                            ? {
-                                  role: encryptedNode.membership.role,
-                                  inviteTime: encryptedNode.membership.inviteTime,
-                                  sharedBy: resultError({
-                                      claimedAuthor: encryptedNode.encryptedCrypto.membership?.inviterEmail,
-                                      error: getErrorMessage(error),
-                                  }),
-                              }
-                            : undefined,
-                        errors: [error],
-                        treeEventScopeId: splitNodeUid(encryptedNode.uid).volumeId,
-                    },
+                    node: this.getDegradedUndecryptableNode(encryptedNode, error),
                 };
             }
             throw error;
         }
 
         const { node: unparsedNode, keys } = await this.cryptoService.decryptNode(encryptedNode, parentKey);
-        const node = await parseNode(this.logger, unparsedNode);
+        const node = this.parseNode(unparsedNode);
         try {
             await this.cache.setNode(node);
         } catch (error: unknown) {
@@ -366,8 +347,45 @@ export class NodesAccess {
         return { node, keys };
     }
 
+    protected abstract getDegradedUndecryptableNode(
+        encryptedNode: TEncryptedNode,
+        error: DecryptionError,
+    ): TDecryptedNode;
+
+    protected getDegradedUndecryptableNodeBase(encryptedNode: EncryptedNode, error: DecryptionError): DecryptedNode {
+        return {
+            ...encryptedNode,
+            isStale: false,
+            name: resultError(error),
+            keyAuthor: resultError({
+                claimedAuthor: encryptedNode.encryptedCrypto.signatureEmail,
+                error: getErrorMessage(error),
+            }),
+            nameAuthor: resultError({
+                claimedAuthor: encryptedNode.encryptedCrypto.nameSignatureEmail,
+                error: getErrorMessage(error),
+            }),
+            membership: encryptedNode.membership
+                ? {
+                      role: encryptedNode.membership.role,
+                      inviteTime: encryptedNode.membership.inviteTime,
+                      sharedBy: resultError({
+                          claimedAuthor: encryptedNode.encryptedCrypto.membership?.inviterEmail,
+                          error: getErrorMessage(error),
+                      }),
+                  }
+                : undefined,
+            errors: [error],
+            treeEventScopeId: splitNodeUid(encryptedNode.uid).volumeId,
+        };
+    }
+
+    protected abstract parseNode(
+        unparsedNode: Awaited<ReturnType<TCryptoService['decryptNode']>>['node'],
+    ): TDecryptedNode;
+
     async getParentKeys(
-        node: Pick<DecryptedNode, 'uid' | 'parentUid' | 'shareId'>,
+        node: Pick<TDecryptedNode, 'uid' | 'parentUid' | 'shareId'>,
     ): Promise<Pick<DecryptedNodeKeys, 'key' | 'hashKey'>> {
         if (node.parentUid) {
             try {
@@ -425,6 +443,22 @@ export class NodesAccess {
         };
     }
 
+    async getNodeSigningKeys(
+        uids: { nodeUid: string; parentNodeUid?: string } | { nodeUid?: string; parentNodeUid: string },
+    ): Promise<NodeSigningKeys> {
+        const contextNodeUid = uids.nodeUid || uids.parentNodeUid;
+        if (!contextNodeUid) {
+            throw new Error('Context node UID is required for signing keys');
+        }
+        const address = await this.getRootNodeEmailKey(contextNodeUid);
+        return {
+            type: 'userAddress',
+            email: address.email,
+            addressId: address.addressId,
+            key: address.addressKey,
+        };
+    }
+
     async getRootNodeEmailKey(nodeUid: string): Promise<{
         email: string;
         addressId: string;
@@ -456,13 +490,23 @@ export class NodesAccess {
         return `https://drive.proton.me/${rootNode.shareId}/${type}/${nodeId}`;
     }
 
-    private async getRootNode(nodeUid: string): Promise<DecryptedNode> {
+    private async getRootNode(nodeUid: string): Promise<TDecryptedNode> {
         const node = await this.getNode(nodeUid);
         return node.parentUid ? this.getRootNode(node.parentUid) : node;
     }
 }
 
-export async function parseNode(logger: Logger, unparsedNode: DecryptedUnparsedNode): Promise<DecryptedNode> {
+export class NodesAccess extends NodesAccessBase {
+    protected getDegradedUndecryptableNode(encryptedNode: EncryptedNode, error: DecryptionError): DecryptedNode {
+        return this.getDegradedUndecryptableNodeBase(encryptedNode, error);
+    }
+
+    protected parseNode(unparsedNode: DecryptedUnparsedNode): DecryptedNode {
+        return parseNode(this.logger, unparsedNode);
+    }
+}
+
+export function parseNode(logger: Logger, unparsedNode: DecryptedUnparsedNode): DecryptedNode {
     let nodeName: Result<string, Error | InvalidNameError> = unparsedNode.name;
     if (unparsedNode.name.ok) {
         try {
@@ -509,6 +553,7 @@ export async function parseNode(logger: Logger, unparsedNode: DecryptedUnparsedN
     const extendedAttributes = unparsedNode.folder?.extendedAttributes
         ? parseFolderExtendedAttributes(logger, unparsedNode.folder.extendedAttributes)
         : undefined;
+
     return {
         ...unparsedNode,
         name: nodeName,