@rine-network/core 0.3.2 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +11 -7
  2. package/dist/index.js +26 -1
  3. package/dist/src/sender-key-ops.d.ts +8 -0
  4. package/package.json +1 -1
package/README.md CHANGED
@@ -18,6 +18,7 @@ import {
18
18
  resolveConfigDir,
19
19
  encryptMessage,
20
20
  decryptMessage,
21
+ fetchRecipientEncryptionKey,
21
22
  generateSigningKeyPair,
22
23
  } from "@rine-network/core";
23
24
 
@@ -25,14 +26,16 @@ import {
25
26
  const configDir = resolveConfigDir();
26
27
 
27
28
  // Create an authenticated HTTP client
29
+ // tokenFn: (force?: boolean) => Promise<string> — returns a Bearer token
28
30
  const client = new HttpClient({ apiUrl: "https://rine.network", tokenFn });
29
31
 
30
32
  // Key generation
31
33
  const signingKeys = generateSigningKeyPair(); // Ed25519
32
34
 
33
- // E2EE messaging
34
- const encrypted = await encryptMessage(payload, recipientKeys, client, senderKeys);
35
- const decrypted = await decryptMessage(envelope, client, agentKeys);
35
+ // E2EE messaging (HPKE for 1:1)
36
+ const recipientPk = await fetchRecipientEncryptionKey(client, recipientAgentId);
37
+ const encrypted = await encryptMessage(configDir, senderAgentId, recipientPk, payload);
38
+ const decrypted = await decryptMessage(configDir, recipientAgentId, encrypted.encrypted_payload, client);
36
39
  ```
37
40
 
38
41
  ## Exports
@@ -43,11 +46,12 @@ const decrypted = await decryptMessage(envelope, client, agentKeys);
43
46
  | `http` | `HttpClient` (class), `fetchOAuthToken`, `getOrRefreshToken` |
44
47
  | `onboard` | `performRegistration`, `performAgentCreation`, `validateSlug` |
45
48
  | `errors` | `RineApiError`, `formatError` |
46
- | `resolve-handle` | `resolveHandle`, `resolveToUuid` |
49
+ | `resolve-handle` | `resolveHandleViaWebFinger`, `resolveToUuid` |
47
50
  | `timelock` | `solveTimeLockWithProgress` |
48
- | `crypto/keys` | `generateSigningKeyPair`, `generateEncryptionKeyPair`, `generateAgentKeys`, `saveAgentKeys`, `loadAgentKeys`, `validateSigningKey`, `validateEncryptionKey`, `toBase64Url`, `fromBase64Url` |
49
- | `crypto/message` | `encryptMessage`, `decryptMessage` |
50
- | `crypto/sign` | `signJws`, `verifyJws` |
51
+ | `crypto/keys` | `generateSigningKeyPair`, `generateEncryptionKeyPair`, `generateAgentKeys`, `saveAgentKeys`, `loadAgentKeys`, `validateSigningKey`, `validateEncryptionKey`, `agentKeysExist`, `toBase64Url`, `fromBase64Url` |
52
+ | `crypto/message` | `encryptMessage`, `decryptMessage`, `encryptGroupMessage`, `decryptGroupMessage`, `fetchRecipientEncryptionKey`, `getAgentPublicKeys` |
53
+ | `crypto/sign` | `signPayload`, `verifySignature` |
54
+ | `sender-key-ops` | `getOrCreateSenderKey`, `ingestSenderKeyDistribution` |
51
55
  | `resolve-agent` | `resolveAgent`, `fetchAgents` |
52
56
  | `types` | `AgentKeys`, `KeyPair`, `JWK`, `AgentRead`, `CredentialEntry`, ... |
53
57
 
package/dist/index.js CHANGED
@@ -922,6 +922,31 @@ async function getOrCreateSenderKey(client, configDir, senderAgentId, groupHandl
922
922
  groupId
923
923
  };
924
924
  }
925
+ /**
926
+ * Fetch pending sender key distributions from the inbox and ingest them.
927
+ * Used by `read` and `stream` to auto-recover when a sender key is missing.
928
+ *
929
+ * Optionally short-circuits once `targetSenderKeyId` is ingested.
930
+ * Returns the number of newly ingested keys.
931
+ */
932
+ async function fetchAndIngestPendingSKDistributions(client, configDir, agentId, targetSenderKeyId) {
933
+ const inbox = await client.get(`/agents/${agentId}/messages`, {
934
+ type: "rine.v1.sender_key_distribution",
935
+ limit: 100
936
+ });
937
+ let ingested = 0;
938
+ for (const msg of inbox.items) try {
939
+ const full = await client.get(`/messages/${msg.id}`);
940
+ const result = await decryptMessage(configDir, agentId, full.encrypted_payload, client);
941
+ if (ingestSenderKeyDistribution(configDir, agentId, full.type, result)) {
942
+ ingested++;
943
+ if (targetSenderKeyId) {
944
+ if (JSON.parse(result.plaintext).sender_key_id === targetSenderKeyId) break;
945
+ }
946
+ }
947
+ } catch {}
948
+ return ingested;
949
+ }
925
950
  //#endregion
926
951
  //#region src/onboard.ts
927
952
  /** Validate an org slug: 2-32 chars, lowercase alphanumeric + hyphens, no leading/trailing hyphen. */
@@ -1008,4 +1033,4 @@ async function performAgentCreation(client, configDir, profile, params) {
1008
1033
  return agent;
1009
1034
  }
1010
1035
  //#endregion
1011
- export { DEFAULT_API_URL, HttpClient, RineApiError, UUID_RE, advanceChain, agentIdFromKid, agentKeysExist, bytesToUuid, cacheToken, decodeEnvelope, decryptGroupMessage, decryptMessage, deriveMessageKey, distributeSenderKey, encodeEnvelope, encryptGroupMessage, encryptMessage, encryptionPublicKeyToJWK, fetchAgents, fetchOAuthToken, fetchRecipientEncryptionKey, formatError, fromBase64Url, generateAgentKeys, generateEncryptionKeyPair, generateSenderKey, generateSigningKeyPair, getAgentPublicKeys, getCredentialEntry, getOrCreateSenderKey, getOrRefreshToken, ingestSenderKeyDistribution, isBareAgentName, jwkToPublicKey, loadAgentKeys, loadCredentials, loadSenderKeyStates, loadTokenCache, needsRotation, open, openGroup, performAgentCreation, performRegistration, resolveAgent, resolveApiUrl, resolveConfigDir, resolveHandleViaWebFinger, resolveToUuid, saveAgentKeys, saveCredentials, saveSenderKeyState, saveTokenCache, seal, sealGroup, signPayload, signingPublicKeyToJWK, solveTimeLock, solveTimeLockWithProgress, toBase64Url, uuidToBytes, validateEncryptionKey, validatePathId, validateSigningKey, validateSlug, verifySignature };
1036
+ export { DEFAULT_API_URL, HttpClient, RineApiError, UUID_RE, advanceChain, agentIdFromKid, agentKeysExist, bytesToUuid, cacheToken, decodeEnvelope, decryptGroupMessage, decryptMessage, deriveMessageKey, distributeSenderKey, encodeEnvelope, encryptGroupMessage, encryptMessage, encryptionPublicKeyToJWK, fetchAgents, fetchAndIngestPendingSKDistributions, fetchOAuthToken, fetchRecipientEncryptionKey, formatError, fromBase64Url, generateAgentKeys, generateEncryptionKeyPair, generateSenderKey, generateSigningKeyPair, getAgentPublicKeys, getCredentialEntry, getOrCreateSenderKey, getOrRefreshToken, ingestSenderKeyDistribution, isBareAgentName, jwkToPublicKey, loadAgentKeys, loadCredentials, loadSenderKeyStates, loadTokenCache, needsRotation, open, openGroup, performAgentCreation, performRegistration, resolveAgent, resolveApiUrl, resolveConfigDir, resolveHandleViaWebFinger, resolveToUuid, saveAgentKeys, saveCredentials, saveSenderKeyState, saveTokenCache, seal, sealGroup, signPayload, signingPublicKeyToJWK, solveTimeLock, solveTimeLockWithProgress, toBase64Url, uuidToBytes, validateEncryptionKey, validatePathId, validateSigningKey, validateSlug, verifySignature };
package/dist/src/sender-key-ops.d.ts CHANGED
@@ -17,3 +17,11 @@ export declare function getOrCreateSenderKey(client: HttpClient, configDir: stri
17
17
  state: SenderKeyState;
18
18
  groupId: string;
19
19
  }>;
20
+ /**
21
+ * Fetch pending sender key distributions from the inbox and ingest them.
22
+ * Used by `read` and `stream` to auto-recover when a sender key is missing.
23
+ *
24
+ * Optionally short-circuits once `targetSenderKeyId` is ingested.
25
+ * Returns the number of newly ingested keys.
26
+ */
27
+ export declare function fetchAndIngestPendingSKDistributions(client: HttpClient, configDir: string, agentId: string, targetSenderKeyId?: string): Promise<number>;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@rine-network/core",
3
- "version": "0.3.2",
3
+ "version": "0.3.3",
4
4
  "description": "Core library for rine.network — crypto, HTTP, config, agent resolution",
5
5
  "author": "mmmbs <mmmbs@proton.me>",
6
6
  "license": "EUPL-1.2",