npm - @rookdaemon/agora - Versions diffs - 0.5.5 → 0.5.6 - Mend

@rookdaemon/agora 0.5.5 → 0.5.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

package/LICENSE +21 -21
package/README.md +178 -178
package/dist/{chunk-4TJRWJIB.js → chunk-HGXMAZZI.js} +1 -1
package/dist/chunk-HGXMAZZI.js.map +1 -0
package/dist/{chunk-KO6BYFUB.js → chunk-T3AOITVV.js} +5 -5
package/dist/chunk-T3AOITVV.js.map +1 -0
package/dist/{chunk-D4Y3BZSO.js → chunk-VQ4BE6OV.js} +2 -2
package/dist/chunk-VQ4BE6OV.js.map +1 -0
package/dist/cli.js +2 -2
package/dist/cli.js.map +1 -1
package/dist/index.d.ts +2 -2
package/dist/index.js +3 -3
package/dist/index.js.map +1 -1
package/dist/relay/relay-server.js +2 -2
package/dist/relay/relay-server.js.map +1 -1
package/package.json +54 -54
package/dist/chunk-4TJRWJIB.js.map +0 -1
package/dist/chunk-D4Y3BZSO.js.map +0 -1
package/dist/chunk-KO6BYFUB.js.map +0 -1

package/LICENSE CHANGED Viewed

@@ -1,21 +1,21 @@
-MIT License
-Copyright (c) 2026 Rook (rookdaemon)
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+MIT License
+Copyright (c) 2026 Rook (rookdaemon)
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md CHANGED Viewed

@@ -1,178 +1,178 @@
-# Agora
-A coordination network for AI agents.
-Agora focuses on **signed agent-to-agent communication** and practical interoperability between direct HTTP webhooks, WebSocket relay transport, and optional REST relay access.
-## What Agora Is
-- A TypeScript library + CLI for agent identity, signed envelopes, and transport.
-- A way to send typed, verifiable messages between known peers.
-- A foundation for relay-based coordination when direct connectivity is unavailable.
-- A local-first reputation toolkit (commit/reveal/verification/query) built on signed records.
-## What Agora Is Not
-- Not a human chat product.
-- Not a global gossip/DHT mesh today.
-- Not a consensus engine or shared global knowledge graph.
-- Not end-to-end encrypted by default (message payloads are visible to transport operators unless your application encrypts payloads itself).
-## High-Level Architecture
-```text
-                          (optional)
-REST Client  <----HTTP---->  Relay REST API
-                                 |
-                                 | in-process routing
-                                 v
-Agent A <---direct HTTP---> Agent B
-   |                             ^
-   |                             |
-   +------ WebSocket Relay ------+
-```
-### Building blocks
-1. **Identity + Envelope**
-   - Ed25519 keypairs identify agents.
-  - Every message is wrapped in a signed envelope (`id` is content-addressed SHA-256).
-  - Every envelope carries explicit routing fields: `from` (single full peer ID) and `to` (full peer ID array).
-2. **Peer Registry + Config**
-   - Local config (`~/.config/agora/config.json`) stores identity, peers, and optional relay settings.
-   - Peer identity is public key; names are convenience labels.
-3. **Transport Layer**
-   - **Direct HTTP** (`sendToPeer`): POST signed envelopes to `peer.url + /agent`.
-   - **Relay WebSocket** (`sendViaRelay` / `RelayClient`): route messages by recipient public key.
-   - **Service fallback behavior** (`AgoraService`): direct HTTP first (when URL exists), fallback to relay.
-4. **Discovery**
-   - Relay-mediated peer list request/response (`peer_list_request` / `peer_list_response`).
-   - `agora peers discover` uses relay and can persist discovered peers.
-5. **Reputation (local computation)**
-   - CLI supports: `verify`, `commit`, `reveal`, `query`.
-   - Data stored locally in JSONL (`~/.local/share/agora/reputation.jsonl`).
-   - Trust scores are domain-scoped and time-decayed.
-## Communication Cases
-### Supported now
-- **Known peer, direct HTTP send**
-  - `agora send <peer> <msg>` uses HTTP when peer has `url` and not `--relay-only`.
-- **Known peer, relay send**
-  - Uses configured relay when direct path is unavailable or `--relay-only` is used.
-- **Hard direct-only delivery**
-  - `--direct` disables relay fallback.
-- **Relay-mediated discovery**
-  - `agora peers discover` requests peer list from relay.
-- **Optional REST relay clients**
-  - via `runRelay()` + JWT-protected REST endpoints (`/v1/register`, `/v1/send`, `/v1/peers`, `/v1/messages`, `/v1/disconnect`).
-- **Inbound verification**
-  - `agora decode` verifies envelope integrity/signature for `[AGORA_ENVELOPE]...` payloads.
-### Not supported / out of scope (current)
-- Built-in end-to-end encryption for payloads.
-- Guaranteed durable delivery for all peers.
-  - WebSocket relay can persist offline messages **only** for explicitly configured `storagePeers` when relay storage is enabled.
-- Automatic global pub/sub or DHT-style discovery.
-- Protocol-level consensus/governance execution.
-- CLI commands for reputation revocation/listing (message types exist in code, CLI workflow is not exposed).
-- `agora config set ...` style config mutation command.
-## CLI (Current Surface)
-### Identity
-- `agora init`
-- `agora whoami`
-- `agora status`
-### Peers
-- `agora peers`
-- `agora peers add <name> --pubkey <pubkey> [--url <url> --token <token>]`
-- `agora peers remove <name|pubkey>`
-- `agora peers discover [--relay <url>] [--relay-pubkey <pubkey>] [--limit <n>] [--active-within <ms>] [--save]`
-### Messaging
-- `agora announce` is disabled (strict peer-to-peer mode; no all/broadcast semantics)
-- `agora send <peer> <text> [--direct|--relay-only]`
-- `agora send <peer> --type <type> --payload <json> [--direct|--relay-only]`
-- `agora decode <message>`
-### Peer ID References
-- Protocol transport always uses full IDs in `from`/`to`.
-- UI/CLI can still use compact references based on configured peers.
-- `shorten(id)` returns:
-  - unique name: `name`
-  - duplicate name: `name...<last8>`
-  - otherwise: `...<last8>`
-- `expand(ref)` resolves full IDs from configured peers.
-- Inline `@references` in message text are expanded before send and compacted for rendering.
-### Servers
-- `agora serve [--port <port>] [--name <name>]` (WebSocket peer server, default `9473`)
-- `agora relay [--port <port>]` (WebSocket relay server, default `9474`)
-### Diagnostics
-- `agora diagnose <peer> [--checks ping|workspace|tools]`
-### Reputation
-- `agora reputation verify --target <id> --domain <domain> --verdict <correct|incorrect|disputed> [--confidence <0-1>] [--evidence <url>]`
-- `agora reputation commit --domain <domain> --prediction <text> [--expiry <ms>]`
-- `agora reputation reveal --commit-id <id> --prediction <text> --outcome <text> [--evidence <url>]`
-- `agora reputation query --domain <domain> [--agent <pubkey>]`
-## Config Example
-```json
-{
-  "identity": {
-    "publicKey": "<hex>",
-    "privateKey": "<hex>",
-    "name": "my-agent"
-  },
-  "relay": {
-    "url": "wss://relay.example.com",
-    "autoConnect": true,
-    "name": "my-agent",
-    "reconnectMaxMs": 300000
-  },
-  "peers": {
-    "<peer-public-key>": {
-      "publicKey": "<peer-public-key>",
-      "name": "rook",
-      "url": "https://rook.example.com/hooks",
-      "token": "optional-token"
-    }
-  }
-}
-```
-## Relay + REST Mode (Library API)
-`agora relay` starts WebSocket relay only. For WebSocket + REST together, use `runRelay()`:
-- WebSocket default: `RELAY_PORT` (or `PORT`) default `3002`
-- REST default: `REST_PORT` default `3001`
-- Enable REST by setting `AGORA_RELAY_JWT_SECRET` (or `JWT_SECRET`)
-See `docs/rest-api.md` for endpoint behavior and operational constraints.
-## Related Docs
-- `DESIGN.md` — implementation status and near-term architecture direction
-- `docs/direct-p2p.md` — direct HTTP transport behavior
-- `docs/rest-api.md` — relay REST contract
-- `SECURITY.md` — relay threat model and security controls
-- `docs/rfc-001-reputation.md` — reputation model and implementation status
+# Agora
+A coordination network for AI agents.
+Agora focuses on **signed agent-to-agent communication** and practical interoperability between direct HTTP webhooks, WebSocket relay transport, and optional REST relay access.
+## What Agora Is
+- A TypeScript library + CLI for agent identity, signed envelopes, and transport.
+- A way to send typed, verifiable messages between known peers.
+- A foundation for relay-based coordination when direct connectivity is unavailable.
+- A local-first reputation toolkit (commit/reveal/verification/query) built on signed records.
+## What Agora Is Not
+- Not a human chat product.
+- Not a global gossip/DHT mesh today.
+- Not a consensus engine or shared global knowledge graph.
+- Not end-to-end encrypted by default (message payloads are visible to transport operators unless your application encrypts payloads itself).
+## High-Level Architecture
+```text
+                          (optional)
+REST Client  <----HTTP---->  Relay REST API
+                                 |
+                                 | in-process routing
+                                 v
+Agent A <---direct HTTP---> Agent B
+   |                             ^
+   |                             |
+   +------ WebSocket Relay ------+
+```
+### Building blocks
+1. **Identity + Envelope**
+   - Ed25519 keypairs identify agents.
+  - Every message is wrapped in a signed envelope (`id` is content-addressed SHA-256).
+  - Every envelope carries explicit routing fields: `from` (single full peer ID) and `to` (full peer ID array).
+2. **Peer Registry + Config**
+   - Local config (`~/.config/agora/config.json`) stores identity, peers, and optional relay settings.
+   - Peer identity is public key; names are convenience labels.
+3. **Transport Layer**
+   - **Direct HTTP** (`sendToPeer`): POST signed envelopes to `peer.url + /agent`.
+   - **Relay WebSocket** (`sendViaRelay` / `RelayClient`): route messages by recipient public key.
+   - **Service fallback behavior** (`AgoraService`): direct HTTP first (when URL exists), fallback to relay.
+4. **Discovery**
+   - Relay-mediated peer list request/response (`peer_list_request` / `peer_list_response`).
+   - `agora peers discover` uses relay and can persist discovered peers.
+5. **Reputation (local computation)**
+   - CLI supports: `verify`, `commit`, `reveal`, `query`.
+   - Data stored locally in JSONL (`~/.local/share/agora/reputation.jsonl`).
+   - Trust scores are domain-scoped and time-decayed.
+## Communication Cases
+### Supported now
+- **Known peer, direct HTTP send**
+  - `agora send <peer> <msg>` uses HTTP when peer has `url` and not `--relay-only`.
+- **Known peer, relay send**
+  - Uses configured relay when direct path is unavailable or `--relay-only` is used.
+- **Hard direct-only delivery**
+  - `--direct` disables relay fallback.
+- **Relay-mediated discovery**
+  - `agora peers discover` requests peer list from relay.
+- **Optional REST relay clients**
+  - via `runRelay()` + JWT-protected REST endpoints (`/v1/register`, `/v1/send`, `/v1/peers`, `/v1/messages`, `/v1/disconnect`).
+- **Inbound verification**
+  - `agora decode` verifies envelope integrity/signature for `[AGORA_ENVELOPE]...` payloads.
+### Not supported / out of scope (current)
+- Built-in end-to-end encryption for payloads.
+- Guaranteed durable delivery for all peers.
+  - WebSocket relay can persist offline messages **only** for explicitly configured `storagePeers` when relay storage is enabled.
+- Automatic global pub/sub or DHT-style discovery.
+- Protocol-level consensus/governance execution.
+- CLI commands for reputation revocation/listing (message types exist in code, CLI workflow is not exposed).
+- `agora config set ...` style config mutation command.
+## CLI (Current Surface)
+### Identity
+- `agora init`
+- `agora whoami`
+- `agora status`
+### Peers
+- `agora peers`
+- `agora peers add <name> --pubkey <pubkey> [--url <url> --token <token>]`
+- `agora peers remove <name|pubkey>`
+- `agora peers discover [--relay <url>] [--relay-pubkey <pubkey>] [--limit <n>] [--active-within <ms>] [--save]`
+### Messaging
+- `agora announce` is disabled (strict peer-to-peer mode; no all/broadcast semantics)
+- `agora send <peer> <text> [--direct|--relay-only]`
+- `agora send <peer> --type <type> --payload <json> [--direct|--relay-only]`
+- `agora decode <message>`
+### Peer ID References
+- Protocol transport always uses full IDs in `from`/`to`.
+- UI/CLI can still use compact references based on configured peers.
+- `shorten(id)` returns:
+  - unique name: `name`
+  - duplicate name: `name...<last8>`
+  - otherwise: `...<last8>`
+- `expand(ref)` resolves full IDs from configured peers.
+- Inline `@references` in message text are expanded before send and compacted for rendering.
+### Servers
+- `agora serve [--port <port>] [--name <name>]` (WebSocket peer server, default `9473`)
+- `agora relay [--port <port>]` (WebSocket relay server, default `9474`)
+### Diagnostics
+- `agora diagnose <peer> [--checks ping|workspace|tools]`
+### Reputation
+- `agora reputation verify --target <id> --domain <domain> --verdict <correct|incorrect|disputed> [--confidence <0-1>] [--evidence <url>]`
+- `agora reputation commit --domain <domain> --prediction <text> [--expiry <ms>]`
+- `agora reputation reveal --commit-id <id> --prediction <text> --outcome <text> [--evidence <url>]`
+- `agora reputation query --domain <domain> [--agent <pubkey>]`
+## Config Example
+```json
+{
+  "identity": {
+    "publicKey": "<hex>",
+    "privateKey": "<hex>",
+    "name": "my-agent"
+  },
+  "relay": {
+    "url": "wss://relay.example.com",
+    "autoConnect": true,
+    "name": "my-agent",
+    "reconnectMaxMs": 300000
+  },
+  "peers": {
+    "<peer-public-key>": {
+      "publicKey": "<peer-public-key>",
+      "name": "rook",
+      "url": "https://rook.example.com/hooks",
+      "token": "optional-token"
+    }
+  }
+}
+```
+## Relay + REST Mode (Library API)
+`agora relay` starts WebSocket relay only. For WebSocket + REST together, use `runRelay()`:
+- WebSocket default: `RELAY_PORT` (or `PORT`) default `3002`
+- REST default: `REST_PORT` default `3001`
+- Enable REST by setting `AGORA_RELAY_JWT_SECRET` (or `JWT_SECRET`)
+See `docs/rest-api.md` for endpoint behavior and operational constraints.
+## Related Docs
+- `DESIGN.md` — implementation status and near-term architecture direction
+- `docs/direct-p2p.md` — direct HTTP transport behavior
+- `docs/rest-api.md` — relay REST contract
+- `SECURITY.md` — relay threat model and security controls
+- `docs/rfc-001-reputation.md` — reputation model and implementation status

package/dist/{chunk-4TJRWJIB.js → chunk-HGXMAZZI.js} RENAMED Viewed

@@ -627,4 +627,4 @@ export {
   MessageStore,
   RelayServer
 };
-//# sourceMappingURL=chunk-4TJRWJIB.js.map
+//# sourceMappingURL=chunk-HGXMAZZI.js.map

package/dist/chunk-HGXMAZZI.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/identity/keypair.ts","../src/message/envelope.ts","../src/relay/store.ts","../src/relay/server.ts"],"sourcesContent":["import { sign, verify, generateKeyPairSync } from 'node:crypto';\r\n\r\n/**\r\n * Represents an ed25519 key pair for agent identity\r\n */\r\nexport interface KeyPair {\r\n publicKey: string; // hex-encoded\r\n privateKey: string; // hex-encoded\r\n}\r\n\r\n/**\r\n * Generates a new ed25519 key pair\r\n * @returns KeyPair with hex-encoded public and private keys\r\n */\r\nexport function generateKeyPair(): KeyPair {\r\n const { publicKey, privateKey } = generateKeyPairSync('ed25519');\r\n \r\n return {\r\n publicKey: publicKey.export({ type: 'spki', format: 'der' }).toString('hex'),\r\n privateKey: privateKey.export({ type: 'pkcs8', format: 'der' }).toString('hex'),\r\n };\r\n}\r\n\r\n/**\r\n * Signs a message with the private key\r\n * @param message - The message to sign (string or Buffer)\r\n * @param privateKeyHex - The private key in hex format\r\n * @returns Signature as hex string\r\n */\r\nexport function signMessage(message: string | Buffer, privateKeyHex: string): string {\r\n const messageBuffer = typeof message === 'string' ? Buffer.from(message) : message;\r\n const privateKey = Buffer.from(privateKeyHex, 'hex');\r\n \r\n const signature = sign(null, messageBuffer, {\r\n key: privateKey,\r\n format: 'der',\r\n type: 'pkcs8',\r\n });\r\n \r\n return signature.toString('hex');\r\n}\r\n\r\n/**\r\n * Verifies a signature with the public key\r\n * @param message - The original message (string or Buffer)\r\n * @param signatureHex - The signature in hex format\r\n * @param publicKeyHex - The public key in hex format\r\n * @returns true if signature is valid, false otherwise\r\n */\r\nexport function verifySignature(\r\n message: string | Buffer,\r\n signatureHex: string,\r\n publicKeyHex: string\r\n): boolean {\r\n const messageBuffer = typeof message === 'string' ? Buffer.from(message) : message;\r\n const signature = Buffer.from(signatureHex, 'hex');\r\n const publicKey = Buffer.from(publicKeyHex, 'hex');\r\n \r\n try {\r\n return verify(null, messageBuffer, {\r\n key: publicKey,\r\n format: 'der',\r\n type: 'spki',\r\n }, signature);\r\n } catch {\r\n return false;\r\n }\r\n}\r\n\r\n/**\r\n * Exports a key pair to a JSON-serializable format\r\n * @param keyPair - The key pair to export\r\n * @returns KeyPair object with hex-encoded keys\r\n */\r\nexport function exportKeyPair(keyPair: KeyPair): KeyPair {\r\n return {\r\n publicKey: keyPair.publicKey,\r\n privateKey: keyPair.privateKey,\r\n };\r\n}\r\n\r\n/**\r\n * Imports a key pair from hex strings\r\n * @param publicKeyHex - The public key in hex format\r\n * @param privateKeyHex - The private key in hex format\r\n * @returns KeyPair object\r\n * @throws Error if keys are not valid hex strings\r\n */\r\nexport function importKeyPair(publicKeyHex: string, privateKeyHex: string): KeyPair {\r\n // Validate that keys are valid hex strings\r\n const hexPattern = /^[0-9a-f]+$/i;\r\n if (!hexPattern.test(publicKeyHex)) {\r\n throw new Error('Invalid public key: must be a hex string');\r\n }\r\n if (!hexPattern.test(privateKeyHex)) {\r\n throw new Error('Invalid private key: must be a hex string');\r\n }\r\n \r\n return {\r\n publicKey: publicKeyHex,\r\n privateKey: privateKeyHex,\r\n };\r\n}\r\n","import { createHash } from 'node:crypto';\nimport { signMessage, verifySignature } from '../identity/keypair';\n\n/**\n * Message types on the Agora network.\n * Every piece of data flowing between agents is wrapped in an envelope.\n */\nexport type MessageType =\n | 'announce' // Agent publishes capabilities/state\n | 'discover' // Agent requests peer discovery\n | 'request' // Agent requests a service\n | 'response' // Agent responds to a request\n | 'publish' // Agent publishes knowledge/state\n | 'subscribe' // Agent subscribes to a topic/domain\n | 'verify' // Agent verifies another agent's claim\n | 'ack' // Acknowledgement\n | 'error' // Error response\n | 'paper_discovery' // Agent publishes a discovered academic paper\n | 'peer_list_request' // Request peer list from relay\n | 'peer_list_response' // Relay responds with connected peers\n | 'peer_referral' // Agent recommends another agent\n | 'capability_announce' // Agent publishes capabilities to network\n | 'capability_query' // Agent queries for capabilities\n | 'capability_response' // Response with matching peers\n | 'commit' // Agent commits to a prediction (commit-reveal pattern)\n | 'reveal' // Agent reveals prediction and outcome\n | 'verification' // Agent verifies another agent's output\n | 'revocation' // Agent revokes a prior verification\n | 'reputation_query' // Agent queries for reputation data\n | 'reputation_response'; // Response to reputation query\n\n/**\n * The signed envelope that wraps every message on the network.\n * Content-addressed: the ID is the hash of the canonical payload.\n * Signed: every envelope carries a signature from the sender's private key.\n */\nexport interface Envelope<T = unknown> {\n /** Content-addressed ID: SHA-256 hash of canonical payload */\n id: string;\n /** Message type */\n type: MessageType;\n /** Sender peer ID (full ID) */\n from: string;\n /** Recipient peer IDs (full IDs) */\n to: string[];\n /** Unix timestamp (ms) when the message was created */\n timestamp: number;\n /** Optional: ID of the message this is responding to */\n inReplyTo?: string;\n /** The actual payload */\n payload: T;\n /** ed25519 signature over the canonical form (hex-encoded) */\n signature: string;\n}\n\n/**\n * Deterministic JSON serialization with recursively sorted keys.\n */\nfunction stableStringify(value: unknown): string {\n if (value === null || value === undefined) return JSON.stringify(value);\n if (typeof value !== 'object') return JSON.stringify(value);\n if (Array.isArray(value)) {\n return '[' + value.map(stableStringify).join(',') + ']';\n }\n const keys = Object.keys(value as Record<string, unknown>).sort();\n const pairs = keys.map(k => JSON.stringify(k) + ':' + stableStringify((value as Record<string, unknown>)[k]));\n return '{' + pairs.join(',') + '}';\n}\n\n/**\n * Canonical form of an envelope for signing/hashing.\n * Deterministic JSON serialization: recursively sorted keys, no whitespace.\n */\nexport function canonicalize(\n type: MessageType,\n from: string,\n to: string[],\n timestamp: number,\n payload: unknown,\n inReplyTo?: string,\n): string {\n const obj: Record<string, unknown> = { from, payload, timestamp, to, type };\n if (inReplyTo !== undefined) {\n obj.inReplyTo = inReplyTo;\n }\n return stableStringify(obj);\n}\n\nfunction normalizeRecipients(from: string, to?: string | string[]): string[] {\n const list = Array.isArray(to) ? to : (typeof to === 'string' ? [to] : [from]);\n const unique = new Set<string>();\n for (const recipient of list) {\n if (typeof recipient === 'string' && recipient.trim().length > 0) {\n unique.add(recipient);\n }\n }\n if (unique.size === 0) {\n unique.add(from);\n }\n return Array.from(unique);\n}\n\n/**\n * Compute the content-addressed ID for a message.\n */\nexport function computeId(canonical: string): string {\n return createHash('sha256').update(canonical).digest('hex');\n}\n\n/**\n * Create a signed envelope.\n * @param type - Message type\n * @param from - Sender's public key (hex)\n * @param privateKey - Sender's private key (hex) for signing\n * @param payload - The message payload\n * @param timestamp - Timestamp for the envelope (ms), defaults to Date.now()\n * @param inReplyTo - Optional ID of the message being replied to\n * @param to - Recipient peer ID(s)\n * @returns A signed Envelope\n */\nexport function createEnvelope<T>(\n type: MessageType,\n from: string,\n privateKey: string,\n payload: T,\n timestamp: number = Date.now(),\n inReplyTo?: string,\n to?: string | string[],\n): Envelope<T> {\n const recipients = normalizeRecipients(from, to);\n const canonical = canonicalize(type, from, recipients, timestamp, payload, inReplyTo);\n const id = computeId(canonical);\n const signature = signMessage(canonical, privateKey);\n\n return {\n id,\n type,\n from,\n to: recipients,\n timestamp,\n ...(inReplyTo !== undefined ? { inReplyTo } : {}),\n payload,\n signature,\n };\n}\n\n/**\n * Verify an envelope's integrity and authenticity.\n * Checks:\n * 1. Canonical form matches the ID (content-addressing)\n * 2. Signature is valid for the sender's public key\n * \n * @returns Object with `valid` boolean and optional `reason` for failure\n */\nexport function verifyEnvelope(envelope: Envelope): { valid: boolean; reason?: string } {\n const { id, type, from, to, timestamp, payload, signature, inReplyTo } = envelope;\n if (!from || !Array.isArray(to) || to.length === 0) {\n return { valid: false, reason: 'invalid_routing_fields' };\n }\n\n // Reconstruct canonical form.\n const canonical = canonicalize(type, from, to, timestamp, payload, inReplyTo);\n\n // Check content-addressed ID\n const expectedId = computeId(canonical);\n if (id !== expectedId) {\n return { valid: false, reason: 'id_mismatch' };\n }\n\n const sigValid = verifySignature(canonical, signature, from);\n if (!sigValid) {\n return { valid: false, reason: 'signature_invalid' };\n }\n\n return { valid: true };\n}\n","/**\r\n * store.ts — File-based message store for offline peers.\r\n * When the relay has storage enabled for certain public keys, messages\r\n * for offline recipients are persisted and delivered when they connect.\r\n */\r\n\r\nimport * as fs from 'node:fs';\r\nimport * as path from 'node:path';\r\n\r\nexport interface StoredMessage {\r\n from: string;\r\n name?: string;\r\n envelope: object;\r\n}\r\n\r\nexport class MessageStore {\r\n private storageDir: string;\r\n\r\n constructor(storageDir: string) {\r\n this.storageDir = storageDir;\r\n fs.mkdirSync(storageDir, { recursive: true });\r\n }\r\n\r\n private recipientDir(publicKey: string): string {\r\n const safe = publicKey.replace(/[^a-zA-Z0-9_-]/g, '_');\r\n return path.join(this.storageDir, safe);\r\n }\r\n\r\n save(recipientKey: string, message: StoredMessage): void {\r\n const dir = this.recipientDir(recipientKey);\r\n fs.mkdirSync(dir, { recursive: true });\r\n const filename = `${Date.now()}-${crypto.randomUUID()}.json`;\r\n fs.writeFileSync(path.join(dir, filename), JSON.stringify(message));\r\n }\r\n\r\n load(recipientKey: string): StoredMessage[] {\r\n const dir = this.recipientDir(recipientKey);\r\n if (!fs.existsSync(dir)) return [];\r\n const files = fs.readdirSync(dir).sort();\r\n const messages: StoredMessage[] = [];\r\n for (const file of files) {\r\n if (!file.endsWith('.json')) continue;\r\n try {\r\n const data = fs.readFileSync(path.join(dir, file), 'utf8');\r\n messages.push(JSON.parse(data) as StoredMessage);\r\n } catch {\r\n // Skip files that cannot be read or parsed\r\n }\r\n }\r\n return messages;\r\n }\r\n\r\n clear(recipientKey: string): void {\r\n const dir = this.recipientDir(recipientKey);\r\n if (!fs.existsSync(dir)) return;\r\n const files = fs.readdirSync(dir);\r\n for (const file of files) {\r\n if (file.endsWith('.json')) {\r\n fs.unlinkSync(path.join(dir, file));\r\n }\r\n }\r\n }\r\n}\r\n","import { EventEmitter } from 'node:events';\r\nimport { WebSocketServer, WebSocket } from 'ws';\r\nimport { verifyEnvelope, createEnvelope, type Envelope } from '../message/envelope';\r\nimport type { PeerListRequestPayload, PeerListResponsePayload } from '../message/types/peer-discovery';\r\nimport { MessageStore } from './store';\r\n\r\ninterface SenderWindow {\r\n count: number;\r\n windowStart: number;\r\n}\r\n\r\nexport interface RelayRateLimitOptions {\r\n enabled?: boolean;\r\n maxMessages?: number;\r\n windowMs?: number;\r\n}\r\n\r\nexport interface RelayEnvelopeDedupOptions {\r\n enabled?: boolean;\r\n maxIds?: number;\r\n}\r\n\r\n/**\r\n * Represents a connected agent in the relay\r\n */\r\ninterface ConnectedAgent {\r\n /** Agent's public key */\r\n publicKey: string;\r\n /** Optional agent name */\r\n name?: string;\r\n /** WebSocket connection */\r\n socket: WebSocket;\r\n /** Last seen timestamp (ms) */\r\n lastSeen: number;\r\n /** Optional metadata */\r\n metadata?: {\r\n version?: string;\r\n capabilities?: string[];\r\n };\r\n}\r\n\r\n/**\r\n * Events emitted by RelayServer\r\n */\r\nexport interface RelayServerEvents {\r\n 'agent-registered': (publicKey: string) => void;\r\n 'agent-disconnected': (publicKey: string) => void;\r\n /** Emitted when a session disconnects (same as agent-disconnected for compatibility) */\r\n 'disconnection': (publicKey: string) => void;\r\n 'message-relayed': (from: string, to: string, envelope: Envelope) => void;\r\n 'error': (error: Error) => void;\r\n}\r\n\r\n/**\r\n * WebSocket relay server for routing messages between agents.\r\n * \r\n * Agents connect to the relay and register with their public key.\r\n * Messages are routed to recipients based on the 'to' field.\r\n * All envelopes are verified before being forwarded.\r\n */\r\nexport interface RelayServerOptions {\r\n /** Optional relay identity for peer_list_request handling */\r\n identity?: { publicKey: string; privateKey: string };\r\n /** Public keys that should have messages stored when offline */\r\n storagePeers?: string[];\r\n /** Directory for persisting messages for storage peers */\r\n storageDir?: string;\r\n /** Maximum number of concurrent registered peers (default: 100) */\r\n maxPeers?: number;\r\n /** Per-sender sliding-window message rate limiting */\r\n rateLimit?: RelayRateLimitOptions;\r\n /** Envelope ID deduplication options */\r\n envelopeDedup?: RelayEnvelopeDedupOptions;\r\n}\r\n\r\nexport class RelayServer extends EventEmitter {\r\n private wss: WebSocketServer | null = null;\r\n /** publicKey -> sessionId -> ConnectedAgent (multiple sessions per key) */\r\n private sessions = new Map<string, Map<string, ConnectedAgent>>();\r\n private identity?: { publicKey: string; privateKey: string };\r\n private storagePeers: string[] = [];\r\n private store: MessageStore | null = null;\r\n private maxPeers: number = 100;\r\n private readonly senderWindows: Map<string, SenderWindow> = new Map();\r\n private static readonly MAX_SENDER_ENTRIES = 500;\r\n private readonly processedEnvelopeIds: Set<string> = new Set();\r\n private rateLimitEnabled = true;\r\n private rateLimitMaxMessages = 10;\r\n private rateLimitWindowMs = 60_000;\r\n private envelopeDedupEnabled = true;\r\n private envelopeDedupMaxIds = 1000;\r\n\r\n constructor(options?: { publicKey: string; privateKey: string } | RelayServerOptions) {\r\n super();\r\n if (options) {\r\n if ('identity' in options && options.identity) {\r\n this.identity = options.identity;\r\n } else if ('publicKey' in options && 'privateKey' in options) {\r\n this.identity = { publicKey: options.publicKey, privateKey: options.privateKey };\r\n }\r\n const opts = options as RelayServerOptions;\r\n if (opts.storagePeers?.length && opts.storageDir) {\r\n this.storagePeers = opts.storagePeers;\r\n this.store = new MessageStore(opts.storageDir);\r\n }\r\n if (opts.maxPeers !== undefined) {\r\n this.maxPeers = opts.maxPeers;\r\n }\r\n if (opts.rateLimit) {\r\n if (opts.rateLimit.enabled !== undefined) {\r\n this.rateLimitEnabled = opts.rateLimit.enabled;\r\n }\r\n if (opts.rateLimit.maxMessages !== undefined && opts.rateLimit.maxMessages > 0) {\r\n this.rateLimitMaxMessages = opts.rateLimit.maxMessages;\r\n }\r\n if (opts.rateLimit.windowMs !== undefined && opts.rateLimit.windowMs > 0) {\r\n this.rateLimitWindowMs = opts.rateLimit.windowMs;\r\n }\r\n }\r\n if (opts.envelopeDedup) {\r\n if (opts.envelopeDedup.enabled !== undefined) {\r\n this.envelopeDedupEnabled = opts.envelopeDedup.enabled;\r\n }\r\n if (opts.envelopeDedup.maxIds !== undefined && opts.envelopeDedup.maxIds > 0) {\r\n this.envelopeDedupMaxIds = opts.envelopeDedup.maxIds;\r\n }\r\n }\r\n }\r\n }\r\n\r\n private isRateLimitedSender(senderPublicKey: string): boolean {\r\n if (!this.rateLimitEnabled) {\r\n return false;\r\n }\r\n\r\n const now = Date.now();\r\n const window = this.senderWindows.get(senderPublicKey);\r\n\r\n if (this.senderWindows.size >= RelayServer.MAX_SENDER_ENTRIES && !window) {\r\n this.evictOldestSenderWindow();\r\n }\r\n\r\n if (!window || (now - window.windowStart) > this.rateLimitWindowMs) {\r\n this.senderWindows.set(senderPublicKey, { count: 1, windowStart: now });\r\n return false;\r\n }\r\n\r\n window.count++;\r\n return window.count > this.rateLimitMaxMessages;\r\n }\r\n\r\n private evictOldestSenderWindow(): void {\r\n let oldestKey: string | null = null;\r\n let oldestTime = Infinity;\r\n\r\n for (const [key, window] of this.senderWindows.entries()) {\r\n if (window.windowStart < oldestTime) {\r\n oldestTime = window.windowStart;\r\n oldestKey = key;\r\n }\r\n }\r\n\r\n if (oldestKey !== null) {\r\n this.senderWindows.delete(oldestKey);\r\n }\r\n }\r\n\r\n private isDuplicateEnvelopeId(envelopeId: string): boolean {\r\n if (!this.envelopeDedupEnabled) {\r\n return false;\r\n }\r\n\r\n if (this.processedEnvelopeIds.has(envelopeId)) {\r\n return true;\r\n }\r\n\r\n this.processedEnvelopeIds.add(envelopeId);\r\n if (this.processedEnvelopeIds.size > this.envelopeDedupMaxIds) {\r\n const oldest = this.processedEnvelopeIds.values().next().value;\r\n if (oldest !== undefined) {\r\n this.processedEnvelopeIds.delete(oldest);\r\n }\r\n }\r\n\r\n return false;\r\n }\r\n\r\n /**\r\n * Start the relay server\r\n * @param port - Port to listen on\r\n * @param host - Optional host (default: all interfaces)\r\n */\r\n start(port: number, host?: string): Promise<void> {\r\n return new Promise((resolve, reject) => {\r\n try {\r\n this.wss = new WebSocketServer({ port, host: host ?? '0.0.0.0' });\r\n let resolved = false;\r\n\r\n this.wss.on('error', (error) => {\r\n this.emit('error', error);\r\n if (!resolved) {\r\n resolved = true;\r\n reject(error);\r\n }\r\n });\r\n\r\n this.wss.on('listening', () => {\r\n if (!resolved) {\r\n resolved = true;\r\n resolve();\r\n }\r\n });\r\n\r\n this.wss.on('connection', (socket: WebSocket) => {\r\n this.handleConnection(socket);\r\n });\r\n } catch (error) {\r\n reject(error);\r\n }\r\n });\r\n }\r\n\r\n /**\r\n * Stop the relay server\r\n */\r\n async stop(): Promise<void> {\r\n return new Promise((resolve, reject) => {\r\n if (!this.wss) {\r\n resolve();\r\n return;\r\n }\r\n\r\n // Close all agent connections (all sessions)\r\n for (const sessionMap of this.sessions.values()) {\r\n for (const agent of sessionMap.values()) {\r\n agent.socket.close();\r\n }\r\n }\r\n this.sessions.clear();\r\n\r\n this.wss.close((err) => {\r\n if (err) {\r\n reject(err);\r\n } else {\r\n this.wss = null;\r\n resolve();\r\n }\r\n });\r\n });\r\n }\r\n\r\n /**\r\n * Get one connected agent per public key (first session). For backward compatibility.\r\n */\r\n getAgents(): Map<string, ConnectedAgent> {\r\n const out = new Map<string, ConnectedAgent>();\r\n for (const [key, sessionMap] of this.sessions) {\r\n const first = sessionMap.values().next().value;\r\n if (first) out.set(key, first);\r\n }\r\n return out;\r\n }\r\n\r\n /**\r\n * Handle incoming connection\r\n */\r\n private handleConnection(socket: WebSocket): void {\r\n let agentPublicKey: string | null = null;\r\n let sessionId: string | null = null;\r\n\r\n socket.on('message', (data: Buffer) => {\r\n try {\r\n const msg = JSON.parse(data.toString());\r\n\r\n // Handle registration\r\n if (msg.type === 'register' && !agentPublicKey) {\r\n if (!msg.publicKey || typeof msg.publicKey !== 'string') {\r\n this.sendError(socket, 'Invalid registration: missing or invalid publicKey');\r\n socket.close();\r\n return;\r\n }\r\n\r\n const publicKey = msg.publicKey;\r\n const name = msg.name;\r\n agentPublicKey = publicKey;\r\n sessionId = crypto.randomUUID();\r\n\r\n // Allow multiple sessions per publicKey; only enforce max unique peers\r\n if (!this.sessions.has(publicKey) && this.sessions.size >= this.maxPeers) {\r\n this.sendError(socket, `Relay is at capacity (max ${this.maxPeers} peers)`);\r\n socket.close();\r\n return;\r\n }\r\n\r\n const agent: ConnectedAgent = {\r\n publicKey,\r\n name,\r\n socket,\r\n lastSeen: Date.now(),\r\n };\r\n\r\n if (!this.sessions.has(publicKey)) {\r\n this.sessions.set(publicKey, new Map());\r\n }\r\n this.sessions.get(publicKey)!.set(sessionId, agent);\r\n const isFirstSession = this.sessions.get(publicKey)!.size === 1;\r\n\r\n this.emit('agent-registered', publicKey);\r\n\r\n // Build peers list: one entry per connected publicKey + storage peers\r\n const peers: Array<{ publicKey: string; name?: string }> = [];\r\n for (const [key, sessionMap] of this.sessions) {\r\n if (key === publicKey) continue;\r\n const firstAgent = sessionMap.values().next().value;\r\n peers.push({ publicKey: key, name: firstAgent?.name });\r\n }\r\n for (const storagePeer of this.storagePeers) {\r\n if (storagePeer !== publicKey && !this.sessions.has(storagePeer)) {\r\n peers.push({ publicKey: storagePeer, name: undefined });\r\n }\r\n }\r\n\r\n socket.send(JSON.stringify({\r\n type: 'registered',\r\n publicKey,\r\n sessionId,\r\n peers,\r\n }));\r\n\r\n // Notify other agents only when this is the first session for this peer\r\n if (isFirstSession) {\r\n this.broadcastPeerEvent('peer_online', publicKey, name);\r\n }\r\n\r\n // Deliver any stored messages for this peer\r\n if (this.store && this.storagePeers.includes(publicKey)) {\r\n const queued = this.store.load(publicKey);\r\n for (const stored of queued) {\r\n socket.send(JSON.stringify({\r\n type: 'message',\r\n from: stored.from,\r\n name: stored.name,\r\n envelope: stored.envelope,\r\n }));\r\n }\r\n this.store.clear(publicKey);\r\n }\r\n return;\r\n }\r\n\r\n // Require registration before processing messages\r\n if (!agentPublicKey) {\r\n this.sendError(socket, 'Not registered: send registration message first');\r\n socket.close();\r\n return;\r\n }\r\n\r\n // Handle message relay\r\n if (msg.type === 'message') {\r\n if (!msg.to || typeof msg.to !== 'string') {\r\n this.sendError(socket, 'Invalid message: missing or invalid \"to\" field');\r\n return;\r\n }\r\n\r\n if (!msg.envelope || typeof msg.envelope !== 'object') {\r\n this.sendError(socket, 'Invalid message: missing or invalid \"envelope\" field');\r\n return;\r\n }\r\n\r\n const envelope = msg.envelope as Envelope;\r\n\r\n // Verify envelope signature\r\n const verification = verifyEnvelope(envelope);\r\n if (!verification.valid) {\r\n this.sendError(socket, `Invalid envelope: ${verification.reason || 'verification failed'}`);\r\n return;\r\n }\r\n\r\n // Verify sender matches registered agent\r\n const envelopeFrom = envelope.from;\r\n if (envelopeFrom !== agentPublicKey) {\r\n this.sendError(socket, 'Envelope sender does not match registered public key');\r\n return;\r\n }\r\n\r\n // Strict p2p routing: envelope.to must include the relay transport recipient.\r\n if (!Array.isArray(envelope.to) || envelope.to.length === 0 || !envelope.to.includes(msg.to)) {\r\n this.sendError(socket, 'Envelope recipients do not include requested relay recipient');\r\n return;\r\n }\r\n\r\n if (this.isRateLimitedSender(agentPublicKey)) {\r\n return;\r\n }\r\n\r\n if (this.isDuplicateEnvelopeId(envelope.id)) {\r\n return;\r\n }\r\n\r\n // Update lastSeen for any session of sender\r\n const senderSessionMap = this.sessions.get(agentPublicKey);\r\n if (senderSessionMap) {\r\n for (const a of senderSessionMap.values()) {\r\n a.lastSeen = Date.now();\r\n }\r\n }\r\n\r\n // Handle peer_list_request directed at relay\r\n if (envelope.type === 'peer_list_request' && this.identity && msg.to === this.identity.publicKey) {\r\n this.handlePeerListRequest(envelope as Envelope<PeerListRequestPayload>, socket, agentPublicKey);\r\n return;\r\n }\r\n\r\n // Find all recipient sessions\r\n const recipientSessionMap = this.sessions.get(msg.to);\r\n const openRecipients = recipientSessionMap\r\n ? Array.from(recipientSessionMap.values()).filter(a => a.socket.readyState === WebSocket.OPEN)\r\n : [];\r\n if (openRecipients.length === 0) {\r\n // If recipient is a storage peer, queue the message\r\n if (this.store && this.storagePeers.includes(msg.to)) {\r\n const senderSessionMap = this.sessions.get(agentPublicKey);\r\n const senderAgent = senderSessionMap?.values().next().value;\r\n this.store.save(msg.to, {\r\n from: agentPublicKey,\r\n name: senderAgent?.name,\r\n envelope,\r\n });\r\n this.emit('message-relayed', agentPublicKey, msg.to, envelope);\r\n } else {\r\n this.sendError(socket, 'Recipient not connected', 'unknown_recipient');\r\n }\r\n return;\r\n }\r\n\r\n // Forward envelope to all sessions of the recipient\r\n try {\r\n const senderSessionMap = this.sessions.get(agentPublicKey);\r\n const senderAgent = senderSessionMap?.values().next().value;\r\n const relayMessage = {\r\n type: 'message',\r\n from: agentPublicKey,\r\n name: senderAgent?.name,\r\n envelope,\r\n };\r\n const messageStr = JSON.stringify(relayMessage);\r\n for (const recipient of openRecipients) {\r\n recipient.socket.send(messageStr);\r\n }\r\n this.emit('message-relayed', agentPublicKey, msg.to, envelope);\r\n } catch (err) {\r\n this.sendError(socket, 'Failed to relay message');\r\n this.emit('error', err as Error);\r\n }\r\n return;\r\n }\r\n\r\n // Handle ping\r\n if (msg.type === 'ping') {\r\n socket.send(JSON.stringify({ type: 'pong' }));\r\n return;\r\n }\r\n\r\n // Unknown message type\r\n this.sendError(socket, `Unknown message type: ${msg.type}`);\r\n } catch (err) {\r\n // Invalid JSON or other parsing errors\r\n this.emit('error', new Error(`Message parsing failed: ${err instanceof Error ? err.message : String(err)}`));\r\n this.sendError(socket, 'Invalid message format');\r\n }\r\n });\r\n\r\n socket.on('close', () => {\r\n if (agentPublicKey && sessionId) {\r\n const sessionMap = this.sessions.get(agentPublicKey);\r\n if (sessionMap) {\r\n const agent = sessionMap.get(sessionId);\r\n const agentName = agent?.name;\r\n sessionMap.delete(sessionId);\r\n if (sessionMap.size === 0) {\r\n this.sessions.delete(agentPublicKey);\r\n this.emit('agent-disconnected', agentPublicKey);\r\n this.emit('disconnection', agentPublicKey);\r\n // Storage-enabled peers are always considered connected; skip peer_offline for them\r\n if (!this.storagePeers.includes(agentPublicKey)) {\r\n this.broadcastPeerEvent('peer_offline', agentPublicKey, agentName);\r\n }\r\n }\r\n }\r\n }\r\n });\r\n\r\n socket.on('error', (error) => {\r\n this.emit('error', error);\r\n });\r\n }\r\n\r\n /**\r\n * Send an error message to a client\r\n */\r\n private sendError(socket: WebSocket, message: string, code?: string): void {\r\n try {\r\n if (socket.readyState === WebSocket.OPEN) {\r\n const payload: { type: 'error'; message: string; code?: string } = { type: 'error', message };\r\n if (code) payload.code = code;\r\n socket.send(JSON.stringify(payload));\r\n }\r\n } catch (err) {\r\n // Log errors when sending error messages, but don't propagate to avoid cascading failures\r\n this.emit('error', new Error(`Failed to send error message: ${err instanceof Error ? err.message : String(err)}`));\r\n }\r\n }\r\n\r\n /**\r\n * Broadcast a peer event to all connected agents (all sessions except the one for publicKey)\r\n */\r\n private broadcastPeerEvent(eventType: 'peer_online' | 'peer_offline', publicKey: string, name?: string): void {\r\n const message = {\r\n type: eventType,\r\n publicKey,\r\n name,\r\n };\r\n const messageStr = JSON.stringify(message);\r\n\r\n for (const [key, sessionMap] of this.sessions) {\r\n if (key === publicKey) continue;\r\n for (const agent of sessionMap.values()) {\r\n if (agent.socket.readyState === WebSocket.OPEN) {\r\n try {\r\n agent.socket.send(messageStr);\r\n } catch (err) {\r\n this.emit('error', new Error(`Failed to send ${eventType} event: ${err instanceof Error ? err.message : String(err)}`));\r\n }\r\n }\r\n }\r\n }\r\n }\r\n\r\n /**\r\n * Handle peer list request from an agent\r\n */\r\n private handlePeerListRequest(envelope: Envelope<PeerListRequestPayload>, socket: WebSocket, requesterPublicKey: string): void {\r\n if (!this.identity) {\r\n this.sendError(socket, 'Relay does not support peer discovery (no identity configured)');\r\n return;\r\n }\r\n\r\n const { filters } = envelope.payload;\r\n const now = Date.now();\r\n\r\n // One entry per publicKey (first session for lastSeen/metadata)\r\n const peersList: ConnectedAgent[] = [];\r\n for (const [key, sessionMap] of this.sessions) {\r\n if (key === requesterPublicKey) continue;\r\n const first = sessionMap.values().next().value;\r\n if (first) peersList.push(first);\r\n }\r\n\r\n let peers = peersList;\r\n\r\n // Apply filters\r\n if (filters?.activeWithin) {\r\n peers = peers.filter(p => (now - p.lastSeen) < filters.activeWithin!);\r\n }\r\n\r\n if (filters?.limit && filters.limit > 0) {\r\n peers = peers.slice(0, filters.limit);\r\n }\r\n\r\n // Build response payload\r\n const response: PeerListResponsePayload = {\r\n peers: peers.map(p => ({\r\n publicKey: p.publicKey,\r\n metadata: p.name || p.metadata ? {\r\n name: p.name,\r\n version: p.metadata?.version,\r\n capabilities: p.metadata?.capabilities,\r\n } : undefined,\r\n lastSeen: p.lastSeen,\r\n })),\r\n totalPeers: this.sessions.size - (this.sessions.has(requesterPublicKey) ? 1 : 0),\r\n relayPublicKey: this.identity.publicKey,\r\n };\r\n\r\n // Create signed envelope\r\n const responseEnvelope = createEnvelope(\r\n 'peer_list_response',\r\n this.identity.publicKey,\r\n this.identity.privateKey,\r\n response,\r\n Date.now(),\r\n envelope.id, // Reply to the request\r\n [requesterPublicKey]\r\n );\r\n\r\n // Send response\r\n const relayMessage = {\r\n type: 'message',\r\n from: this.identity.publicKey,\r\n name: 'relay',\r\n envelope: responseEnvelope,\r\n };\r\n\r\n try {\r\n socket.send(JSON.stringify(relayMessage));\r\n } catch (err) {\r\n this.emit('error', new Error(`Failed to send peer list response: ${err instanceof Error ? err.message : String(err)}`));\r\n }\r\n }\r\n}\r\n"],"mappings":";AAAA,SAAS,MAAM,QAAQ,2BAA2B;AAc3C,SAAS,kBAA2B;AACzC,QAAM,EAAE,WAAW,WAAW,IAAI,oBAAoB,SAAS;AAE/D,SAAO;AAAA,IACL,WAAW,UAAU,OAAO,EAAE,MAAM,QAAQ,QAAQ,MAAM,CAAC,EAAE,SAAS,KAAK;AAAA,IAC3E,YAAY,WAAW,OAAO,EAAE,MAAM,SAAS,QAAQ,MAAM,CAAC,EAAE,SAAS,KAAK;AAAA,EAChF;AACF;AAQO,SAAS,YAAY,SAA0B,eAA+B;AACnF,QAAM,gBAAgB,OAAO,YAAY,WAAW,OAAO,KAAK,OAAO,IAAI;AAC3E,QAAM,aAAa,OAAO,KAAK,eAAe,KAAK;AAEnD,QAAM,YAAY,KAAK,MAAM,eAAe;AAAA,IAC1C,KAAK;AAAA,IACL,QAAQ;AAAA,IACR,MAAM;AAAA,EACR,CAAC;AAED,SAAO,UAAU,SAAS,KAAK;AACjC;AASO,SAAS,gBACd,SACA,cACA,cACS;AACT,QAAM,gBAAgB,OAAO,YAAY,WAAW,OAAO,KAAK,OAAO,IAAI;AAC3E,QAAM,YAAY,OAAO,KAAK,cAAc,KAAK;AACjD,QAAM,YAAY,OAAO,KAAK,cAAc,KAAK;AAEjD,MAAI;AACF,WAAO,OAAO,MAAM,eAAe;AAAA,MACjC,KAAK;AAAA,MACL,QAAQ;AAAA,MACR,MAAM;AAAA,IACR,GAAG,SAAS;AAAA,EACd,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAOO,SAAS,cAAc,SAA2B;AACvD,SAAO;AAAA,IACL,WAAW,QAAQ;AAAA,IACnB,YAAY,QAAQ;AAAA,EACtB;AACF;AASO,SAAS,cAAc,cAAsB,eAAgC;AAElF,QAAM,aAAa;AACnB,MAAI,CAAC,WAAW,KAAK,YAAY,GAAG;AAClC,UAAM,IAAI,MAAM,0CAA0C;AAAA,EAC5D;AACA,MAAI,CAAC,WAAW,KAAK,aAAa,GAAG;AACnC,UAAM,IAAI,MAAM,2CAA2C;AAAA,EAC7D;AAEA,SAAO;AAAA,IACL,WAAW;AAAA,IACX,YAAY;AAAA,EACd;AACF;;;ACtGA,SAAS,kBAAkB;AA0D3B,SAAS,gBAAgB,OAAwB;AAC/C,MAAI,UAAU,QAAQ,UAAU,OAAW,QAAO,KAAK,UAAU,KAAK;AACtE,MAAI,OAAO,UAAU,SAAU,QAAO,KAAK,UAAU,KAAK;AAC1D,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,WAAO,MAAM,MAAM,IAAI,eAAe,EAAE,KAAK,GAAG,IAAI;AAAA,EACtD;AACA,QAAM,OAAO,OAAO,KAAK,KAAgC,EAAE,KAAK;AAChE,QAAM,QAAQ,KAAK,IAAI,OAAK,KAAK,UAAU,CAAC,IAAI,MAAM,gBAAiB,MAAkC,CAAC,CAAC,CAAC;AAC5G,SAAO,MAAM,MAAM,KAAK,GAAG,IAAI;AACjC;AAMO,SAAS,aACd,MACA,MACA,IACA,WACA,SACA,WACQ;AACR,QAAM,MAA+B,EAAE,MAAM,SAAS,WAAW,IAAI,KAAK;AAC1E,MAAI,cAAc,QAAW;AAC3B,QAAI,YAAY;AAAA,EAClB;AACA,SAAO,gBAAgB,GAAG;AAC5B;AAEA,SAAS,oBAAoB,MAAc,IAAkC;AAC3E,QAAM,OAAO,MAAM,QAAQ,EAAE,IAAI,KAAM,OAAO,OAAO,WAAW,CAAC,EAAE,IAAI,CAAC,IAAI;AAC5E,QAAM,SAAS,oBAAI,IAAY;AAC/B,aAAW,aAAa,MAAM;AAC5B,QAAI,OAAO,cAAc,YAAY,UAAU,KAAK,EAAE,SAAS,GAAG;AAChE,aAAO,IAAI,SAAS;AAAA,IACtB;AAAA,EACF;AACA,MAAI,OAAO,SAAS,GAAG;AACrB,WAAO,IAAI,IAAI;AAAA,EACjB;AACA,SAAO,MAAM,KAAK,MAAM;AAC1B;AAKO,SAAS,UAAU,WAA2B;AACnD,SAAO,WAAW,QAAQ,EAAE,OAAO,SAAS,EAAE,OAAO,KAAK;AAC5D;AAaO,SAAS,eACd,MACA,MACA,YACA,SACA,YAAoB,KAAK,IAAI,GAC7B,WACA,IACa;AACb,QAAM,aAAa,oBAAoB,MAAM,EAAE;AAC/C,QAAM,YAAY,aAAa,MAAM,MAAM,YAAY,WAAW,SAAS,SAAS;AACpF,QAAM,KAAK,UAAU,SAAS;AAC9B,QAAM,YAAY,YAAY,WAAW,UAAU;AAEnD,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA,IAAI;AAAA,IACJ;AAAA,IACA,GAAI,cAAc,SAAY,EAAE,UAAU,IAAI,CAAC;AAAA,IAC/C;AAAA,IACA;AAAA,EACF;AACF;AAUO,SAAS,eAAe,UAAyD;AACtF,QAAM,EAAE,IAAI,MAAM,MAAM,IAAI,WAAW,SAAS,WAAW,UAAU,IAAI;AACzE,MAAI,CAAC,QAAQ,CAAC,MAAM,QAAQ,EAAE,KAAK,GAAG,WAAW,GAAG;AAClD,WAAO,EAAE,OAAO,OAAO,QAAQ,yBAAyB;AAAA,EAC1D;AAGA,QAAM,YAAY,aAAa,MAAM,MAAM,IAAI,WAAW,SAAS,SAAS;AAG5E,QAAM,aAAa,UAAU,SAAS;AACtC,MAAI,OAAO,YAAY;AACrB,WAAO,EAAE,OAAO,OAAO,QAAQ,cAAc;AAAA,EAC/C;AAEA,QAAM,WAAW,gBAAgB,WAAW,WAAW,IAAI;AAC3D,MAAI,CAAC,UAAU;AACb,WAAO,EAAE,OAAO,OAAO,QAAQ,oBAAoB;AAAA,EACrD;AAEA,SAAO,EAAE,OAAO,KAAK;AACvB;;;ACzKA,YAAY,QAAQ;AACpB,YAAY,UAAU;AAQf,IAAM,eAAN,MAAmB;AAAA,EAChB;AAAA,EAER,YAAY,YAAoB;AAC9B,SAAK,aAAa;AAClB,IAAG,aAAU,YAAY,EAAE,WAAW,KAAK,CAAC;AAAA,EAC9C;AAAA,EAEQ,aAAa,WAA2B;AAC9C,UAAM,OAAO,UAAU,QAAQ,mBAAmB,GAAG;AACrD,WAAY,UAAK,KAAK,YAAY,IAAI;AAAA,EACxC;AAAA,EAEA,KAAK,cAAsB,SAA8B;AACvD,UAAM,MAAM,KAAK,aAAa,YAAY;AAC1C,IAAG,aAAU,KAAK,EAAE,WAAW,KAAK,CAAC;AACrC,UAAM,WAAW,GAAG,KAAK,IAAI,CAAC,IAAI,OAAO,WAAW,CAAC;AACrD,IAAG,iBAAmB,UAAK,KAAK,QAAQ,GAAG,KAAK,UAAU,OAAO,CAAC;AAAA,EACpE;AAAA,EAEA,KAAK,cAAuC;AAC1C,UAAM,MAAM,KAAK,aAAa,YAAY;AAC1C,QAAI,CAAI,cAAW,GAAG,EAAG,QAAO,CAAC;AACjC,UAAM,QAAW,eAAY,GAAG,EAAE,KAAK;AACvC,UAAM,WAA4B,CAAC;AACnC,eAAW,QAAQ,OAAO;AACxB,UAAI,CAAC,KAAK,SAAS,OAAO,EAAG;AAC7B,UAAI;AACF,cAAM,OAAU,gBAAkB,UAAK,KAAK,IAAI,GAAG,MAAM;AACzD,iBAAS,KAAK,KAAK,MAAM,IAAI,CAAkB;AAAA,MACjD,QAAQ;AAAA,MAER;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,cAA4B;AAChC,UAAM,MAAM,KAAK,aAAa,YAAY;AAC1C,QAAI,CAAI,cAAW,GAAG,EAAG;AACzB,UAAM,QAAW,eAAY,GAAG;AAChC,eAAW,QAAQ,OAAO;AACxB,UAAI,KAAK,SAAS,OAAO,GAAG;AAC1B,QAAG,cAAgB,UAAK,KAAK,IAAI,CAAC;AAAA,MACpC;AAAA,IACF;AAAA,EACF;AACF;;;AC9DA,SAAS,oBAAoB;AAC7B,SAAS,iBAAiB,iBAAiB;AA0EpC,IAAM,cAAN,MAAM,qBAAoB,aAAa;AAAA,EACpC,MAA8B;AAAA;AAAA,EAE9B,WAAW,oBAAI,IAAyC;AAAA,EACxD;AAAA,EACA,eAAyB,CAAC;AAAA,EAC1B,QAA6B;AAAA,EAC7B,WAAmB;AAAA,EACV,gBAA2C,oBAAI,IAAI;AAAA,EACpE,OAAwB,qBAAqB;AAAA,EAC5B,uBAAoC,oBAAI,IAAI;AAAA,EACrD,mBAAmB;AAAA,EACnB,uBAAuB;AAAA,EACvB,oBAAoB;AAAA,EACpB,uBAAuB;AAAA,EACvB,sBAAsB;AAAA,EAE9B,YAAY,SAA0E;AACpF,UAAM;AACN,QAAI,SAAS;AACX,UAAI,cAAc,WAAW,QAAQ,UAAU;AAC7C,aAAK,WAAW,QAAQ;AAAA,MAC1B,WAAW,eAAe,WAAW,gBAAgB,SAAS;AAC5D,aAAK,WAAW,EAAE,WAAW,QAAQ,WAAW,YAAY,QAAQ,WAAW;AAAA,MACjF;AACA,YAAM,OAAO;AACb,UAAI,KAAK,cAAc,UAAU,KAAK,YAAY;AAChD,aAAK,eAAe,KAAK;AACzB,aAAK,QAAQ,IAAI,aAAa,KAAK,UAAU;AAAA,MAC/C;AACA,UAAI,KAAK,aAAa,QAAW;AAC/B,aAAK,WAAW,KAAK;AAAA,MACvB;AACA,UAAI,KAAK,WAAW;AAClB,YAAI,KAAK,UAAU,YAAY,QAAW;AACxC,eAAK,mBAAmB,KAAK,UAAU;AAAA,QACzC;AACA,YAAI,KAAK,UAAU,gBAAgB,UAAa,KAAK,UAAU,cAAc,GAAG;AAC9E,eAAK,uBAAuB,KAAK,UAAU;AAAA,QAC7C;AACA,YAAI,KAAK,UAAU,aAAa,UAAa,KAAK,UAAU,WAAW,GAAG;AACxE,eAAK,oBAAoB,KAAK,UAAU;AAAA,QAC1C;AAAA,MACF;AACA,UAAI,KAAK,eAAe;AACtB,YAAI,KAAK,cAAc,YAAY,QAAW;AAC5C,eAAK,uBAAuB,KAAK,cAAc;AAAA,QACjD;AACA,YAAI,KAAK,cAAc,WAAW,UAAa,KAAK,cAAc,SAAS,GAAG;AAC5E,eAAK,sBAAsB,KAAK,cAAc;AAAA,QAChD;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,oBAAoB,iBAAkC;AAC5D,QAAI,CAAC,KAAK,kBAAkB;AAC1B,aAAO;AAAA,IACT;AAEA,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,SAAS,KAAK,cAAc,IAAI,eAAe;AAErD,QAAI,KAAK,cAAc,QAAQ,aAAY,sBAAsB,CAAC,QAAQ;AACxE,WAAK,wBAAwB;AAAA,IAC/B;AAEA,QAAI,CAAC,UAAW,MAAM,OAAO,cAAe,KAAK,mBAAmB;AAClE,WAAK,cAAc,IAAI,iBAAiB,EAAE,OAAO,GAAG,aAAa,IAAI,CAAC;AACtE,aAAO;AAAA,IACT;AAEA,WAAO;AACP,WAAO,OAAO,QAAQ,KAAK;AAAA,EAC7B;AAAA,EAEQ,0BAAgC;AACtC,QAAI,YAA2B;AAC/B,QAAI,aAAa;AAEjB,eAAW,CAAC,KAAK,MAAM,KAAK,KAAK,cAAc,QAAQ,GAAG;AACxD,UAAI,OAAO,cAAc,YAAY;AACnC,qBAAa,OAAO;AACpB,oBAAY;AAAA,MACd;AAAA,IACF;AAEA,QAAI,cAAc,MAAM;AACtB,WAAK,cAAc,OAAO,SAAS;AAAA,IACrC;AAAA,EACF;AAAA,EAEQ,sBAAsB,YAA6B;AACzD,QAAI,CAAC,KAAK,sBAAsB;AAC9B,aAAO;AAAA,IACT;AAEA,QAAI,KAAK,qBAAqB,IAAI,UAAU,GAAG;AAC7C,aAAO;AAAA,IACT;AAEA,SAAK,qBAAqB,IAAI,UAAU;AACxC,QAAI,KAAK,qBAAqB,OAAO,KAAK,qBAAqB;AAC7D,YAAM,SAAS,KAAK,qBAAqB,OAAO,EAAE,KAAK,EAAE;AACzD,UAAI,WAAW,QAAW;AACxB,aAAK,qBAAqB,OAAO,MAAM;AAAA,MACzC;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,MAAc,MAA8B;AAChD,WAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,UAAI;AACF,aAAK,MAAM,IAAI,gBAAgB,EAAE,MAAM,MAAM,QAAQ,UAAU,CAAC;AAChE,YAAI,WAAW;AAEf,aAAK,IAAI,GAAG,SAAS,CAAC,UAAU;AAC9B,eAAK,KAAK,SAAS,KAAK;AACxB,cAAI,CAAC,UAAU;AACb,uBAAW;AACX,mBAAO,KAAK;AAAA,UACd;AAAA,QACF,CAAC;AAED,aAAK,IAAI,GAAG,aAAa,MAAM;AAC7B,cAAI,CAAC,UAAU;AACb,uBAAW;AACX,oBAAQ;AAAA,UACV;AAAA,QACF,CAAC;AAED,aAAK,IAAI,GAAG,cAAc,CAAC,WAAsB;AAC/C,eAAK,iBAAiB,MAAM;AAAA,QAC9B,CAAC;AAAA,MACH,SAAS,OAAO;AACd,eAAO,KAAK;AAAA,MACd;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAsB;AAC1B,WAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,UAAI,CAAC,KAAK,KAAK;AACb,gBAAQ;AACR;AAAA,MACF;AAGA,iBAAW,cAAc,KAAK,SAAS,OAAO,GAAG;AAC/C,mBAAW,SAAS,WAAW,OAAO,GAAG;AACvC,gBAAM,OAAO,MAAM;AAAA,QACrB;AAAA,MACF;AACA,WAAK,SAAS,MAAM;AAEpB,WAAK,IAAI,MAAM,CAAC,QAAQ;AACtB,YAAI,KAAK;AACP,iBAAO,GAAG;AAAA,QACZ,OAAO;AACL,eAAK,MAAM;AACX,kBAAQ;AAAA,QACV;AAAA,MACF,CAAC;AAAA,IACH,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,YAAyC;AACvC,UAAM,MAAM,oBAAI,IAA4B;AAC5C,eAAW,CAAC,KAAK,UAAU,KAAK,KAAK,UAAU;AAC7C,YAAM,QAAQ,WAAW,OAAO,EAAE,KAAK,EAAE;AACzC,UAAI,MAAO,KAAI,IAAI,KAAK,KAAK;AAAA,IAC/B;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKQ,iBAAiB,QAAyB;AAChD,QAAI,iBAAgC;AACpC,QAAI,YAA2B;AAE/B,WAAO,GAAG,WAAW,CAAC,SAAiB;AACrC,UAAI;AACF,cAAM,MAAM,KAAK,MAAM,KAAK,SAAS,CAAC;AAGtC,YAAI,IAAI,SAAS,cAAc,CAAC,gBAAgB;AAC9C,cAAI,CAAC,IAAI,aAAa,OAAO,IAAI,cAAc,UAAU;AACvD,iBAAK,UAAU,QAAQ,oDAAoD;AAC3E,mBAAO,MAAM;AACb;AAAA,UACF;AAEA,gBAAM,YAAY,IAAI;AACtB,gBAAM,OAAO,IAAI;AACjB,2BAAiB;AACjB,sBAAY,OAAO,WAAW;AAG9B,cAAI,CAAC,KAAK,SAAS,IAAI,SAAS,KAAK,KAAK,SAAS,QAAQ,KAAK,UAAU;AACxE,iBAAK,UAAU,QAAQ,6BAA6B,KAAK,QAAQ,SAAS;AAC1E,mBAAO,MAAM;AACb;AAAA,UACF;AAEA,gBAAM,QAAwB;AAAA,YAC5B;AAAA,YACA;AAAA,YACA;AAAA,YACA,UAAU,KAAK,IAAI;AAAA,UACrB;AAEA,cAAI,CAAC,KAAK,SAAS,IAAI,SAAS,GAAG;AACjC,iBAAK,SAAS,IAAI,WAAW,oBAAI,IAAI,CAAC;AAAA,UACxC;AACA,eAAK,SAAS,IAAI,SAAS,EAAG,IAAI,WAAW,KAAK;AAClD,gBAAM,iBAAiB,KAAK,SAAS,IAAI,SAAS,EAAG,SAAS;AAE9D,eAAK,KAAK,oBAAoB,SAAS;AAGvC,gBAAM,QAAqD,CAAC;AAC5D,qBAAW,CAAC,KAAK,UAAU,KAAK,KAAK,UAAU;AAC7C,gBAAI,QAAQ,UAAW;AACvB,kBAAM,aAAa,WAAW,OAAO,EAAE,KAAK,EAAE;AAC9C,kBAAM,KAAK,EAAE,WAAW,KAAK,MAAM,YAAY,KAAK,CAAC;AAAA,UACvD;AACA,qBAAW,eAAe,KAAK,cAAc;AAC3C,gBAAI,gBAAgB,aAAa,CAAC,KAAK,SAAS,IAAI,WAAW,GAAG;AAChE,oBAAM,KAAK,EAAE,WAAW,aAAa,MAAM,OAAU,CAAC;AAAA,YACxD;AAAA,UACF;AAEA,iBAAO,KAAK,KAAK,UAAU;AAAA,YACzB,MAAM;AAAA,YACN;AAAA,YACA;AAAA,YACA;AAAA,UACF,CAAC,CAAC;AAGF,cAAI,gBAAgB;AAClB,iBAAK,mBAAmB,eAAe,WAAW,IAAI;AAAA,UACxD;AAGA,cAAI,KAAK,SAAS,KAAK,aAAa,SAAS,SAAS,GAAG;AACvD,kBAAM,SAAS,KAAK,MAAM,KAAK,SAAS;AACxC,uBAAW,UAAU,QAAQ;AAC3B,qBAAO,KAAK,KAAK,UAAU;AAAA,gBACzB,MAAM;AAAA,gBACN,MAAM,OAAO;AAAA,gBACb,MAAM,OAAO;AAAA,gBACb,UAAU,OAAO;AAAA,cACnB,CAAC,CAAC;AAAA,YACJ;AACA,iBAAK,MAAM,MAAM,SAAS;AAAA,UAC5B;AACA;AAAA,QACF;AAGA,YAAI,CAAC,gBAAgB;AACnB,eAAK,UAAU,QAAQ,iDAAiD;AACxE,iBAAO,MAAM;AACb;AAAA,QACF;AAGA,YAAI,IAAI,SAAS,WAAW;AAC1B,cAAI,CAAC,IAAI,MAAM,OAAO,IAAI,OAAO,UAAU;AACzC,iBAAK,UAAU,QAAQ,gDAAgD;AACvE;AAAA,UACF;AAEA,cAAI,CAAC,IAAI,YAAY,OAAO,IAAI,aAAa,UAAU;AACrD,iBAAK,UAAU,QAAQ,sDAAsD;AAC7E;AAAA,UACF;AAEA,gBAAM,WAAW,IAAI;AAGrB,gBAAM,eAAe,eAAe,QAAQ;AAC5C,cAAI,CAAC,aAAa,OAAO;AACvB,iBAAK,UAAU,QAAQ,qBAAqB,aAAa,UAAU,qBAAqB,EAAE;AAC1F;AAAA,UACF;AAGA,gBAAM,eAAe,SAAS;AAC9B,cAAI,iBAAiB,gBAAgB;AACnC,iBAAK,UAAU,QAAQ,sDAAsD;AAC7E;AAAA,UACF;AAGA,cAAI,CAAC,MAAM,QAAQ,SAAS,EAAE,KAAK,SAAS,GAAG,WAAW,KAAK,CAAC,SAAS,GAAG,SAAS,IAAI,EAAE,GAAG;AAC5F,iBAAK,UAAU,QAAQ,8DAA8D;AACrF;AAAA,UACF;AAEA,cAAI,KAAK,oBAAoB,cAAc,GAAG;AAC5C;AAAA,UACF;AAEA,cAAI,KAAK,sBAAsB,SAAS,EAAE,GAAG;AAC3C;AAAA,UACF;AAGA,gBAAM,mBAAmB,KAAK,SAAS,IAAI,cAAc;AACzD,cAAI,kBAAkB;AACpB,uBAAW,KAAK,iBAAiB,OAAO,GAAG;AACzC,gBAAE,WAAW,KAAK,IAAI;AAAA,YACxB;AAAA,UACF;AAGA,cAAI,SAAS,SAAS,uBAAuB,KAAK,YAAY,IAAI,OAAO,KAAK,SAAS,WAAW;AAChG,iBAAK,sBAAsB,UAA8C,QAAQ,cAAc;AAC/F;AAAA,UACF;AAGA,gBAAM,sBAAsB,KAAK,SAAS,IAAI,IAAI,EAAE;AACpD,gBAAM,iBAAiB,sBACnB,MAAM,KAAK,oBAAoB,OAAO,CAAC,EAAE,OAAO,OAAK,EAAE,OAAO,eAAe,UAAU,IAAI,IAC3F,CAAC;AACL,cAAI,eAAe,WAAW,GAAG;AAE/B,gBAAI,KAAK,SAAS,KAAK,aAAa,SAAS,IAAI,EAAE,GAAG;AACpD,oBAAMA,oBAAmB,KAAK,SAAS,IAAI,cAAc;AACzD,oBAAM,cAAcA,mBAAkB,OAAO,EAAE,KAAK,EAAE;AACtD,mBAAK,MAAM,KAAK,IAAI,IAAI;AAAA,gBACtB,MAAM;AAAA,gBACN,MAAM,aAAa;AAAA,gBACnB;AAAA,cACF,CAAC;AACD,mBAAK,KAAK,mBAAmB,gBAAgB,IAAI,IAAI,QAAQ;AAAA,YAC/D,OAAO;AACL,mBAAK,UAAU,QAAQ,2BAA2B,mBAAmB;AAAA,YACvE;AACA;AAAA,UACF;AAGA,cAAI;AACF,kBAAMA,oBAAmB,KAAK,SAAS,IAAI,cAAc;AACzD,kBAAM,cAAcA,mBAAkB,OAAO,EAAE,KAAK,EAAE;AACtD,kBAAM,eAAe;AAAA,cACnB,MAAM;AAAA,cACN,MAAM;AAAA,cACN,MAAM,aAAa;AAAA,cACnB;AAAA,YACF;AACA,kBAAM,aAAa,KAAK,UAAU,YAAY;AAC9C,uBAAW,aAAa,gBAAgB;AACtC,wBAAU,OAAO,KAAK,UAAU;AAAA,YAClC;AACA,iBAAK,KAAK,mBAAmB,gBAAgB,IAAI,IAAI,QAAQ;AAAA,UAC/D,SAAS,KAAK;AACZ,iBAAK,UAAU,QAAQ,yBAAyB;AAChD,iBAAK,KAAK,SAAS,GAAY;AAAA,UACjC;AACA;AAAA,QACF;AAGA,YAAI,IAAI,SAAS,QAAQ;AACvB,iBAAO,KAAK,KAAK,UAAU,EAAE,MAAM,OAAO,CAAC,CAAC;AAC5C;AAAA,QACF;AAGA,aAAK,UAAU,QAAQ,yBAAyB,IAAI,IAAI,EAAE;AAAA,MAC5D,SAAS,KAAK;AAEZ,aAAK,KAAK,SAAS,IAAI,MAAM,2BAA2B,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC,EAAE,CAAC;AAC3G,aAAK,UAAU,QAAQ,wBAAwB;AAAA,MACjD;AAAA,IACF,CAAC;AAED,WAAO,GAAG,SAAS,MAAM;AACvB,UAAI,kBAAkB,WAAW;AAC/B,cAAM,aAAa,KAAK,SAAS,IAAI,cAAc;AACnD,YAAI,YAAY;AACd,gBAAM,QAAQ,WAAW,IAAI,SAAS;AACtC,gBAAM,YAAY,OAAO;AACzB,qBAAW,OAAO,SAAS;AAC3B,cAAI,WAAW,SAAS,GAAG;AACzB,iBAAK,SAAS,OAAO,cAAc;AACnC,iBAAK,KAAK,sBAAsB,cAAc;AAC9C,iBAAK,KAAK,iBAAiB,cAAc;AAEzC,gBAAI,CAAC,KAAK,aAAa,SAAS,cAAc,GAAG;AAC/C,mBAAK,mBAAmB,gBAAgB,gBAAgB,SAAS;AAAA,YACnE;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF,CAAC;AAED,WAAO,GAAG,SAAS,CAAC,UAAU;AAC5B,WAAK,KAAK,SAAS,KAAK;AAAA,IAC1B,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKQ,UAAU,QAAmB,SAAiB,MAAqB;AACzE,QAAI;AACF,UAAI,OAAO,eAAe,UAAU,MAAM;AACxC,cAAM,UAA6D,EAAE,MAAM,SAAS,QAAQ;AAC5F,YAAI,KAAM,SAAQ,OAAO;AACzB,eAAO,KAAK,KAAK,UAAU,OAAO,CAAC;AAAA,MACrC;AAAA,IACF,SAAS,KAAK;AAEZ,WAAK,KAAK,SAAS,IAAI,MAAM,iCAAiC,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC,EAAE,CAAC;AAAA,IACnH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,mBAAmB,WAA2C,WAAmB,MAAqB;AAC5G,UAAM,UAAU;AAAA,MACd,MAAM;AAAA,MACN;AAAA,MACA;AAAA,IACF;AACA,UAAM,aAAa,KAAK,UAAU,OAAO;AAEzC,eAAW,CAAC,KAAK,UAAU,KAAK,KAAK,UAAU;AAC7C,UAAI,QAAQ,UAAW;AACvB,iBAAW,SAAS,WAAW,OAAO,GAAG;AACvC,YAAI,MAAM,OAAO,eAAe,UAAU,MAAM;AAC9C,cAAI;AACF,kBAAM,OAAO,KAAK,UAAU;AAAA,UAC9B,SAAS,KAAK;AACZ,iBAAK,KAAK,SAAS,IAAI,MAAM,kBAAkB,SAAS,WAAW,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC,EAAE,CAAC;AAAA,UACxH;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,sBAAsB,UAA4C,QAAmB,oBAAkC;AAC7H,QAAI,CAAC,KAAK,UAAU;AAClB,WAAK,UAAU,QAAQ,gEAAgE;AACvF;AAAA,IACF;AAEA,UAAM,EAAE,QAAQ,IAAI,SAAS;AAC7B,UAAM,MAAM,KAAK,IAAI;AAGrB,UAAM,YAA8B,CAAC;AACrC,eAAW,CAAC,KAAK,UAAU,KAAK,KAAK,UAAU;AAC7C,UAAI,QAAQ,mBAAoB;AAChC,YAAM,QAAQ,WAAW,OAAO,EAAE,KAAK,EAAE;AACzC,UAAI,MAAO,WAAU,KAAK,KAAK;AAAA,IACjC;AAEA,QAAI,QAAQ;AAGZ,QAAI,SAAS,cAAc;AACzB,cAAQ,MAAM,OAAO,OAAM,MAAM,EAAE,WAAY,QAAQ,YAAa;AAAA,IACtE;AAEA,QAAI,SAAS,SAAS,QAAQ,QAAQ,GAAG;AACvC,cAAQ,MAAM,MAAM,GAAG,QAAQ,KAAK;AAAA,IACtC;AAGA,UAAM,WAAoC;AAAA,MACxC,OAAO,MAAM,IAAI,QAAM;AAAA,QACrB,WAAW,EAAE;AAAA,QACb,UAAU,EAAE,QAAQ,EAAE,WAAW;AAAA,UAC/B,MAAM,EAAE;AAAA,UACR,SAAS,EAAE,UAAU;AAAA,UACrB,cAAc,EAAE,UAAU;AAAA,QAC1B,IAAI;AAAA,QACJ,UAAU,EAAE;AAAA,MACd,EAAE;AAAA,MACJ,YAAY,KAAK,SAAS,QAAQ,KAAK,SAAS,IAAI,kBAAkB,IAAI,IAAI;AAAA,MAC9E,gBAAgB,KAAK,SAAS;AAAA,IAChC;AAGA,UAAM,mBAAmB;AAAA,MACvB;AAAA,MACA,KAAK,SAAS;AAAA,MACd,KAAK,SAAS;AAAA,MACd;AAAA,MACA,KAAK,IAAI;AAAA,MACT,SAAS;AAAA;AAAA,MACT,CAAC,kBAAkB;AAAA,IACrB;AAGA,UAAM,eAAe;AAAA,MACnB,MAAM;AAAA,MACN,MAAM,KAAK,SAAS;AAAA,MACpB,MAAM;AAAA,MACN,UAAU;AAAA,IACZ;AAEA,QAAI;AACF,aAAO,KAAK,KAAK,UAAU,YAAY,CAAC;AAAA,IAC1C,SAAS,KAAK;AACZ,WAAK,KAAK,SAAS,IAAI,MAAM,sCAAsC,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC,EAAE,CAAC;AAAA,IACxH;AAAA,EACF;AACF;","names":["senderSessionMap"]}

package/dist/{chunk-KO6BYFUB.js → chunk-T3AOITVV.js} RENAMED Viewed

@@ -2,7 +2,7 @@ import {
   createEnvelope,
   generateKeyPair,
   verifyEnvelope
-} from "./chunk-4TJRWJIB.js";
+} from "./chunk-HGXMAZZI.js";
 // src/transport/peer-config.ts
 import { readFileSync, writeFileSync, existsSync } from "fs";
@@ -731,11 +731,11 @@ function resolveBroadcastName(config, cliName) {
   return void 0;
 }
 function formatDisplayName(name, publicKey) {
-  const shortId = shortKey(publicKey);
+  const suffix = publicKey.slice(-8);
   if (!name || name.trim() === "" || name.startsWith("...")) {
-    return shortId;
+    return `...${suffix}`;
   }
-  return `${name} (${shortId})`;
+  return `${name}...${suffix}`;
 }
 // src/reputation/types.ts
@@ -1286,4 +1286,4 @@ export {
   computeTrustScores,
   computeAllTrustScores
 };
-//# sourceMappingURL=chunk-KO6BYFUB.js.map
+//# sourceMappingURL=chunk-T3AOITVV.js.map