@ryuu-reinzz/baileys 3.5.0 → 5.0.0

package/lib/Socket/socket.js

@@ -3,14 +3,15 @@ import { randomBytes } from 'crypto';
 import { URL } from 'url';
 import { promisify } from 'util';
 import { proto } from '../../WAProto/index.js';
-import { DEF_CALLBACK_PREFIX, DEF_TAG_PREFIX, INITIAL_PREKEY_COUNT, MIN_PREKEY_COUNT, MIN_UPLOAD_INTERVAL, NOISE_WA_HEADER, PROCESSABLE_HISTORY_TYPES, TimeMs, UPLOAD_TIMEOUT } from '../Defaults/index.js';
-import { DisconnectReason } from '../Types/index.js';
-import { addTransactionCapability, aesEncryptCTR, bindWaitForConnectionUpdate, bytesToCrockford, configureSuccessfulPairing, Curve, derivePairingCodeKey, generateLoginNode, generateMdTagPrefix, generateRegistrationNode, getCodeFromWSError, getErrorCodeFromStreamError, getNextPreKeysNode, makeEventBuffer, makeNoiseHandler, promiseTimeout, signedKeyPair, xmppSignedPreKey } from '../Utils/index.js';
-import { getPlatformId } from '../Utils/browser-utils.js';
+import { DEF_CALLBACK_PREFIX, DEF_TAG_PREFIX, INITIAL_PREKEY_COUNT, MIN_PREKEY_COUNT, NOISE_WA_HEADER, PROCESSABLE_HISTORY_TYPES, TimeMs, UPLOAD_TIMEOUT } from '../Defaults/index.js';
+import { QueryIds, ReachoutTimelockEnforcementType } from '../Types/index.js';
+import { DisconnectReason, XWAPaths } from '../Types/index.js';
+import { addTransactionCapability, aesEncryptCTR, bindWaitForConnectionUpdate, buildPairingQRData, bytesToCrockford, configureSuccessfulPairing, Curve, derivePairingCodeKey, generateLoginNode, generateMdTagPrefix, generateRegistrationNode, getCodeFromWSError, getCompanionPlatformId, getErrorCodeFromStreamError, getNextPreKeysNode, makeEventBuffer, makeNoiseHandler, promiseTimeout, signedKeyPair, xmppSignedPreKey } from '../Utils/index.js';
 import { assertNodeErrorFree, binaryNodeToString, encodeBinaryNode, getAllBinaryNodeChildren, getBinaryNodeChild, getBinaryNodeChildren, isLidUser, jidDecode, jidEncode, S_WHATSAPP_NET } from '../WABinary/index.js';
 import { BinaryInfo } from '../WAM/BinaryInfo.js';
 import { USyncQuery, USyncUser } from '../WAUSync/index.js';
 import { WebSocketClient } from './Client/index.js';
+import { executeWMexQuery } from './mex.js';
 /**
  * Connects to WA servers and performs:
  * - simple queries (no retry mechanism, wait for connection establishment)
@@ -270,6 +271,7 @@ export const makeSocket = (config) => {
     let keepAliveReq;
     let qrTimer;
     let closed = false;
+    const socketEndHandlers = [];
     /** log & process any unexpected errors */
     const onUnexpectedError = (err, msg) => {
         logger.error({ err }, `unexpected error in '${msg}'`);
@@ -344,25 +346,16 @@ export const makeSocket = (config) => {
         const countChild = getBinaryNodeChild(result, 'count');
         return +countChild.attrs.value;
     };
-    // Pre-key upload state management
+    // WAWeb has no time throttle here; the server drives uploads via PreKeyLow notifications.
     let uploadPreKeysPromise = null;
-    let lastUploadTime = 0;
     /** generates and uploads a set of pre-keys to the server */
-    const uploadPreKeys = async (count = MIN_PREKEY_COUNT, retryCount = 0) => {
-        // Check minimum interval (except for retries)
-        if (retryCount === 0) {
-            const timeSinceLastUpload = Date.now() - lastUploadTime;
-            if (timeSinceLastUpload < MIN_UPLOAD_INTERVAL) {
-                logger.debug(`Skipping upload, only ${timeSinceLastUpload}ms since last upload`);
-                return;
-            }
-        }
-        // Prevent multiple concurrent uploads
+    const uploadPreKeys = async (count = MIN_PREKEY_COUNT) => {
         if (uploadPreKeysPromise) {
             logger.debug('Pre-key upload already in progress, waiting for completion');
             await uploadPreKeysPromise;
+            return;
         }
-        const uploadLogic = async () => {
+        const uploadLogic = async (retryCount) => {
             logger.info({ count, retryCount }, 'uploading pre-keys');
             // Generate and save pre-keys atomically (prevents ID collisions on retry)
             const node = await keys.transaction(async () => {
@@ -370,29 +363,28 @@ export const makeSocket = (config) => {
                 const { update, node } = await getNextPreKeysNode({ creds, keys }, count);
                 // Update credentials immediately to prevent duplicate IDs on retry
                 ev.emit('creds.update', update);
-                return node; // Only return node since update is already used
+                return node;
             }, creds?.me?.id || 'upload-pre-keys');
             // Upload to server (outside transaction, can fail without affecting local keys)
             try {
                 await query(node);
                 logger.info({ count }, 'uploaded pre-keys successfully');
-                lastUploadTime = Date.now();
             }
             catch (uploadError) {
                 logger.error({ uploadError: uploadError.toString(), count }, 'Failed to upload pre-keys to server');
-                // Exponential backoff retry (max 3 retries)
+                // Recurse into uploadLogic; calling uploadPreKeys would await its own in-flight promise.
                 if (retryCount < 3) {
                     const backoffDelay = Math.min(1000 * Math.pow(2, retryCount), 10000);
                     logger.info(`Retrying pre-key upload in ${backoffDelay}ms`);
                     await new Promise(resolve => setTimeout(resolve, backoffDelay));
-                    return uploadPreKeys(count, retryCount + 1);
+                    return uploadLogic(retryCount + 1);
                 }
                 throw uploadError;
             }
         };
         // Add timeout protection
         uploadPreKeysPromise = Promise.race([
-            uploadLogic(),
+            uploadLogic(0),
             new Promise((_, reject) => setTimeout(() => reject(new Boom('Pre-key upload timeout', { statusCode: 408 })), UPLOAD_TIMEOUT))
         ]);
         try {
@@ -486,12 +478,21 @@ export const makeSocket = (config) => {
         ws.removeAllListeners('close');
         ws.removeAllListeners('open');
         ws.removeAllListeners('message');
+        signalRepository.close?.();
         if (!ws.isClosed && !ws.isClosing) {
             try {
                 await ws.close();
             }
             catch { }
         }
+        for (const handler of socketEndHandlers) {
+            try {
+                await handler(error);
+            }
+            catch (err) {
+                logger.error({ err }, 'error in socket end handler');
+            }
+        }
         ev.emit('connection.update', {
             connection: 'close',
             lastDisconnect: {
@@ -500,6 +501,7 @@ export const makeSocket = (config) => {
             }
         });
         ev.removeAllListeners('connection.update');
+        ev.destroy();
     };
     const waitForSocketOpen = async () => {
         if (ws.isOpen) {
@@ -629,7 +631,7 @@ export const makeSocket = (config) => {
                         {
                             tag: 'companion_platform_id',
                             attrs: {},
-                            content: getPlatformId(browser[1])
+                            content: getCompanionPlatformId(browser)
                         },
                         {
                             tag: 'companion_platform_display',
@@ -712,7 +714,7 @@ export const makeSocket = (config) => {
                 return;
             }
             const ref = refNode.content.toString('utf-8');
-            const qr = [ref, noiseKeyB64, identityKeyB64, advB64].join(',');
+            const qr = buildPairingQRData(ref, noiseKeyB64, identityKeyB64, advB64, browser);
             ev.emit('connection.update', { qr });
             qrTimer = setTimeout(genPairQR, qrMs);
             qrMs = qrTimeout || 20000; // shorter subsequent qrs
@@ -891,6 +893,32 @@ export const makeSocket = (config) => {
             logger.debug({ error }, 'failed to send unified_session telemetry');
         }
     };
+    const registerSocketEndHandler = (handler) => {
+        socketEndHandlers.push(handler);
+    };
+    /**
+     * Fetches your account's standing when it comes to restrictions.
+     * @returns Returns the state of the restrictions.
+     */
+    const fetchAccountReachoutTimelock = async () => {
+        const queryResult = await executeWMexQuery({}, QueryIds.REACHOUT_TIMELOCK, XWAPaths.xwa2_fetch_account_reachout_timelock, query, generateMessageTag);
+        const result = {
+            isActive: !!queryResult?.is_active,
+            timeEnforcementEnds: queryResult?.time_enforcement_ends && queryResult?.time_enforcement_ends !== '0'
+                ? new Date(parseInt(queryResult.time_enforcement_ends, 10) * 1000)
+                : undefined,
+            enforcementType: queryResult?.enforcement_type ?? ReachoutTimelockEnforcementType.DEFAULT
+        };
+        ev.emit('connection.update', { reachoutTimeLock: result });
+        return result;
+    };
+    /**
+     * Fetches your account's new chat limits.
+     * @returns Returns the quota and the usage.
+     */
+    const fetchNewChatMessageCap = async () => {
+        return executeWMexQuery({ input: { type: 'INDIVIDUAL_NEW_CHAT_MSG' } }, QueryIds.MESSAGE_CAPPING_INFO, XWAPaths.xwa2_message_capping_info, query, generateMessageTag);
+    };
     return {
         type: 'md',
         ws,
@@ -908,6 +936,7 @@ export const makeSocket = (config) => {
         sendNode,
         logout,
         end,
+        registerSocketEndHandler,
         onUnexpectedError,
         uploadPreKeys,
         uploadPreKeysToServerIfRequired,
@@ -921,7 +950,9 @@ export const makeSocket = (config) => {
         waitForConnectionUpdate: bindWaitForConnectionUpdate(ev),
         sendWAMBuffer,
         executeUSyncQuery,
-        onWhatsApp
+        onWhatsApp,
+        fetchAccountReachoutTimelock,
+        fetchNewChatMessageCap
     };
 };
 /**

package/lib/Types/{Newsletter.js → Mex.js}

@@ -9,9 +9,13 @@ export var XWAPaths;
     XWAPaths["xwa2_newsletter_unmute_v2"] = "xwa2_newsletter_unmute_v2";
     XWAPaths["xwa2_newsletter_follow"] = "xwa2_newsletter_follow";
     XWAPaths["xwa2_newsletter_unfollow"] = "xwa2_newsletter_unfollow";
+    XWAPaths["xwa2_newsletter_join_v2"] = "xwa2_newsletter_join_v2";
+    XWAPaths["xwa2_newsletter_leave_v2"] = "xwa2_newsletter_leave_v2";
     XWAPaths["xwa2_newsletter_change_owner"] = "xwa2_newsletter_change_owner";
     XWAPaths["xwa2_newsletter_demote"] = "xwa2_newsletter_demote";
     XWAPaths["xwa2_newsletter_delete_v2"] = "xwa2_newsletter_delete_v2";
+    XWAPaths["xwa2_fetch_account_reachout_timelock"] = "xwa2_fetch_account_reachout_timelock";
+    XWAPaths["xwa2_message_capping_info"] = "xwa2_message_capping_info";
 })(XWAPaths || (XWAPaths = {}));
 export var QueryIds;
 (function (QueryIds) {
@@ -19,13 +23,15 @@ export var QueryIds;
     QueryIds["UPDATE_METADATA"] = "24250201037901610";
     QueryIds["METADATA"] = "6563316087068696";
     QueryIds["SUBSCRIBERS"] = "9783111038412085";
-    QueryIds["FOLLOW"] = "7871414976211147";
-    QueryIds["UNFOLLOW"] = "7238632346214362";
+    QueryIds["FOLLOW"] = "24404358912487870";
+    QueryIds["UNFOLLOW"] = "9767147403369991";
     QueryIds["MUTE"] = "29766401636284406";
     QueryIds["UNMUTE"] = "9864994326891137";
     QueryIds["ADMIN_COUNT"] = "7130823597031706";
     QueryIds["CHANGE_OWNER"] = "7341777602580933";
     QueryIds["DEMOTE"] = "6551828931592903";
     QueryIds["DELETE"] = "30062808666639665";
+    QueryIds["REACHOUT_TIMELOCK"] = "23983697327930364";
+    QueryIds["MESSAGE_CAPPING_INFO"] = "24503548349331633";
 })(QueryIds || (QueryIds = {}));
-//# sourceMappingURL=Newsletter.js.map
+//# sourceMappingURL=Mex.js.map

package/lib/Types/State.js

@@ -10,4 +10,47 @@ export var SyncState;
     /** Initial sync is complete, or was skipped. The socket is fully operational and events are processed in real-time. */
     SyncState[SyncState["Online"] = 3] = "Online";
 })(SyncState || (SyncState = {}));
+export var ReachoutTimelockEnforcementType;
+(function (ReachoutTimelockEnforcementType) {
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_ALCOHOL"] = "BIZ_COMMERCE_VIOLATION_ALCOHOL";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_ADULT"] = "BIZ_COMMERCE_VIOLATION_ADULT";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_ANIMALS"] = "BIZ_COMMERCE_VIOLATION_ANIMALS";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_BODY_PARTS_FLUIDS"] = "BIZ_COMMERCE_VIOLATION_BODY_PARTS_FLUIDS";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_DATING"] = "BIZ_COMMERCE_VIOLATION_DATING";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_DIGITAL_SERVICES_PRODUCTS"] = "BIZ_COMMERCE_VIOLATION_DIGITAL_SERVICES_PRODUCTS";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_DRUGS"] = "BIZ_COMMERCE_VIOLATION_DRUGS";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_DRUGS_ONLY_OTC"] = "BIZ_COMMERCE_VIOLATION_DRUGS_ONLY_OTC";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_GAMBLING"] = "BIZ_COMMERCE_VIOLATION_GAMBLING";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_HEALTHCARE"] = "BIZ_COMMERCE_VIOLATION_HEALTHCARE";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_REAL_FAKE_CURRENCY"] = "BIZ_COMMERCE_VIOLATION_REAL_FAKE_CURRENCY";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_SUPPLEMENTS"] = "BIZ_COMMERCE_VIOLATION_SUPPLEMENTS";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_TOBACCO"] = "BIZ_COMMERCE_VIOLATION_TOBACCO";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_VIOLENT_CONTENT"] = "BIZ_COMMERCE_VIOLATION_VIOLENT_CONTENT";
+    ReachoutTimelockEnforcementType["BIZ_COMMERCE_VIOLATION_WEAPONS"] = "BIZ_COMMERCE_VIOLATION_WEAPONS";
+    ReachoutTimelockEnforcementType["BIZ_QUALITY"] = "BIZ_QUALITY";
+    /** This means there is no restriction */
+    ReachoutTimelockEnforcementType["DEFAULT"] = "DEFAULT";
+    ReachoutTimelockEnforcementType["WEB_COMPANION_ONLY"] = "WEB_COMPANION_ONLY";
+})(ReachoutTimelockEnforcementType || (ReachoutTimelockEnforcementType = {}));
+export var NewChatMessageCappingStatusType;
+(function (NewChatMessageCappingStatusType) {
+    NewChatMessageCappingStatusType["NONE"] = "NONE";
+    NewChatMessageCappingStatusType["FIRST_WARNING"] = "FIRST_WARNING";
+    NewChatMessageCappingStatusType["SECOND_WARNING"] = "SECOND_WARNING";
+    NewChatMessageCappingStatusType["CAPPED"] = "CAPPED";
+})(NewChatMessageCappingStatusType || (NewChatMessageCappingStatusType = {}));
+export var NewChatMessageCappingMVStatusType;
+(function (NewChatMessageCappingMVStatusType) {
+    NewChatMessageCappingMVStatusType["NOT_ELIGIBLE"] = "NOT_ELIGIBLE";
+    NewChatMessageCappingMVStatusType["NOT_ACTIVE"] = "NOT_ACTIVE";
+    NewChatMessageCappingMVStatusType["ACTIVE"] = "ACTIVE";
+    NewChatMessageCappingMVStatusType["ACTIVE_UPGRADE_AVAILABLE"] = "ACTIVE_UPGRADE_AVAILABLE";
+})(NewChatMessageCappingMVStatusType || (NewChatMessageCappingMVStatusType = {}));
+export var NewChatMessageCappingOTEStatusType;
+(function (NewChatMessageCappingOTEStatusType) {
+    NewChatMessageCappingOTEStatusType["NOT_ELIGIBLE"] = "NOT_ELIGIBLE";
+    NewChatMessageCappingOTEStatusType["ELIGIBLE"] = "ELIGIBLE";
+    NewChatMessageCappingOTEStatusType["ACTIVE_IN_CURRENT_CYCLE"] = "ACTIVE_IN_CURRENT_CYCLE";
+    NewChatMessageCappingOTEStatusType["EXHAUSTED"] = "EXHAUSTED";
+})(NewChatMessageCappingOTEStatusType || (NewChatMessageCappingOTEStatusType = {}));
 //# sourceMappingURL=State.js.map

package/lib/Types/index.js

@@ -9,7 +9,7 @@ export * from './Events.js';
 export * from './Product.js';
 export * from './Call.js';
 export * from './Signal.js';
-export * from './Newsletter.js';
+export * from './Mex.js';
 export var DisconnectReason;
 (function (DisconnectReason) {
     DisconnectReason[DisconnectReason["connectionClosed"] = 428] = "connectionClosed";

package/lib/Utils/auth-utils.js

@@ -1,4 +1,5 @@
 import NodeCache from '@cacheable/node-cache';
+import { Boom } from '@hapi/boom';
 import { AsyncLocalStorage } from 'async_hooks';
 import { Mutex } from 'async-mutex';
 import { randomBytes } from 'crypto';
@@ -264,6 +265,17 @@ export const addTransactionCapability = (state, logger, { maxCommitRetries, dela
         }
     };
 };
+/**
+ * Returns the authenticated user's JID, or throws a Boom-401 if creds are not yet authenticated.
+ * Use this anywhere we'd otherwise reach for `creds.me!.id` to fail fast with a descriptive error.
+ */
+export const assertMeId = (creds) => {
+    const id = creds.me?.id;
+    if (!id) {
+        throw new Boom('Cannot proceed: socket is not authenticated yet (creds.me.id is missing)', { statusCode: 401 });
+    }
+    return id;
+};
 export const initAuthCreds = () => {
     const identityKey = Curve.generateKeyPair();
     return {

package/lib/Utils/chat-utils.js

@@ -38,7 +38,7 @@ const to64BitNetworkOrder = (e) => {
     buff.writeUint32BE(e, 4);
     return buff;
 };
-const makeLtHashGenerator = ({ indexValueMap, hash }) => {
+export const makeLtHashGenerator = ({ indexValueMap, hash }) => {
     indexValueMap = { ...indexValueMap };
     const addBuffs = [];
     const subBuffs = [];
@@ -48,7 +48,10 @@ const makeLtHashGenerator = ({ indexValueMap, hash }) => {
             const prevOp = indexValueMap[indexMacBase64];
             if (operation === proto.SyncdMutation.SyncdOperation.REMOVE) {
                 if (!prevOp) {
-                    throw new Boom('tried remove, but no previous op', { data: { indexMac, valueMac } });
+                    // WA Web does not throw here — it logs a warning and skips the subtract.
+                    // The missing REMOVE will cause an LTHash mismatch, which is handled
+                    // by the MAC validation layer (snapshot recovery or retry).
+                    return;
                 }
                 // remove from index value mac, since this mutation is erased
                 delete indexValueMap[indexMacBase64];
@@ -80,10 +83,33 @@ const generatePatchMac = (snapshotMac, valueMacs, version, type, key) => {
     return hmacSign(total, key);
 };
 export const newLTHashState = () => ({ version: 0, hash: Buffer.alloc(128), indexValueMap: {} });
+export const ensureLTHashStateVersion = (state) => {
+    if (typeof state.version !== 'number' || isNaN(state.version)) {
+        state.version = 0;
+    }
+    return state;
+};
+export const MAX_SYNC_ATTEMPTS = 2;
+/**
+ * Check if an error is a missing app state sync key.
+ * WA Web treats these as "Blocked" (waits for key arrival), not fatal.
+ * In Baileys we retry with a snapshot which may use a different key.
+ */
+export const isMissingKeyError = (error) => {
+    return error?.data?.isMissingKey === true;
+};
+/**
+ * Determines if an app state sync error is unrecoverable.
+ * TypeError indicates a WASM crash; otherwise we give up after MAX_SYNC_ATTEMPTS.
+ * Missing keys are NOT checked here — they are handled separately as "Blocked".
+ */
+export const isAppStateSyncIrrecoverable = (error, attempts) => {
+    return attempts >= MAX_SYNC_ATTEMPTS || error?.name === 'TypeError';
+};
 export const encodeSyncdPatch = async ({ type, index, syncAction, apiVersion, operation }, myAppStateKeyId, state, getAppStateSyncKey) => {
     const key = !!myAppStateKeyId ? await getAppStateSyncKey(myAppStateKeyId) : undefined;
     if (!key) {
-        throw new Boom(`myAppStateKey ("${myAppStateKeyId}") not present`, { statusCode: 404 });
+        throw new Boom(`myAppStateKey ("${myAppStateKeyId}") not present`, { data: { isMissingKey: true } });
     }
     const encKeyId = Buffer.from(myAppStateKeyId, 'base64');
     state = { ...state, indexValueMap: { ...state.indexValueMap } };
@@ -139,17 +165,36 @@ export const decodeSyncdMutations = async (msgMutations, initialState, getAppSta
         // otherwise, if it's only a record -- it'll be a SET mutation
         const operation = 'operation' in msgMutation ? msgMutation.operation : proto.SyncdMutation.SyncdOperation.SET;
         const record = 'record' in msgMutation && !!msgMutation.record ? msgMutation.record : msgMutation;
-        const key = await getKey(record.keyId.id);
+        let key;
+        try {
+            key = await getKey(record.keyId.id);
+        }
+        catch (err) {
+            // Missing-key errors must propagate so the orchestrator can park the
+            // collection (Blocked) and retry when APP_STATE_SYNC_KEY_SHARE arrives.
+            // Other errors → individual record corruption, skip and keep going.
+            if (isMissingKeyError(err))
+                throw err;
+            continue;
+        }
         const content = record.value.blob;
         const encContent = content.subarray(0, -32);
         const ogValueMac = content.subarray(-32);
         if (validateMacs) {
             const contentHmac = generateMac(operation, encContent, record.keyId.id, key.valueMacKey);
             if (Buffer.compare(contentHmac, ogValueMac) !== 0) {
-                throw new Boom('HMAC content verification failed');
+                // HMAC verification failed — skip this record
+                continue;
             }
         }
-        const result = aesDecrypt(encContent, key.valueEncryptionKey);
+        let result;
+        try {
+            result = aesDecrypt(encContent, key.valueEncryptionKey);
+        }
+        catch {
+            // decrypt failed — skip this record instead of aborting
+            continue;
+        }
         const syncAction = proto.SyncActionData.decode(result);
         if (validateMacs) {
             const hmac = hmacSign(syncAction.index, key.indexKey);
@@ -175,8 +220,7 @@ export const decodeSyncdMutations = async (msgMutations, initialState, getAppSta
         const keyEnc = await getAppStateSyncKey(base64Key);
         if (!keyEnc) {
             throw new Boom(`failed to find key "${base64Key}" to decode mutation`, {
-                statusCode: 404,
-                data: { msgMutations }
+                data: { isMissingKey: true, msgMutations }
             });
         }
         const keys = mutationKeys(keyEnc.keyData);
@@ -189,7 +233,7 @@ export const decodeSyncdPatch = async (msg, name, initialState, getAppStateSyncK
         const base64Key = Buffer.from(msg.keyId.id).toString('base64');
         const mainKeyObj = await getAppStateSyncKey(base64Key);
         if (!mainKeyObj) {
-            throw new Boom(`failed to find key "${base64Key}" to decode patch`, { statusCode: 404, data: { msg } });
+            throw new Boom(`failed to find key "${base64Key}" to decode patch`, { data: { isMissingKey: true, msg } });
         }
         const mainKey = mutationKeys(mainKeyObj.keyData);
         const mutationmacs = msg.mutations.map(mutation => mutation.record.value.blob.slice(-32));
@@ -250,7 +294,7 @@ export const downloadExternalPatch = async (blob, options) => {
     const syncData = proto.SyncdMutations.decode(buffer);
     return syncData;
 };
-export const decodeSyncdSnapshot = async (name, snapshot, getAppStateSyncKey, minimumVersionNumber, validateMacs = true) => {
+export const decodeSyncdSnapshot = async (name, snapshot, getAppStateSyncKey, minimumVersionNumber, validateMacs = true, logger) => {
     const newState = newLTHashState();
     newState.version = toNumber(snapshot.version.version);
     const mutationMap = {};
@@ -267,12 +311,17 @@ export const decodeSyncdSnapshot = async (name, snapshot, getAppStateSyncKey, mi
         const base64Key = Buffer.from(snapshot.keyId.id).toString('base64');
         const keyEnc = await getAppStateSyncKey(base64Key);
         if (!keyEnc) {
-            throw new Boom(`failed to find key "${base64Key}" to decode mutation`);
+            throw new Boom(`failed to find key "${base64Key}" to decode mutation`, { data: { isMissingKey: true } });
         }
         const result = mutationKeys(keyEnc.keyData);
         const computedSnapshotMac = generateSnapshotMac(newState.hash, newState.version, name, result.snapshotMacKey);
         if (Buffer.compare(snapshot.mac, computedSnapshotMac) !== 0) {
-            throw new Boom(`failed to verify LTHash at ${newState.version} of ${name} from snapshot`);
+            // LTHash verification may fail when decodeSyncdMutations skipped undecryptable
+            // records (poisoned server-side snapshot); the aggregate client hash diverges
+            // from the server-computed mac. Fall through with a warning so the session stays
+            // alive with partial state, symmetric to how decodePatches handles its own
+            // LTHash mismatch a few lines below.
+            logger?.warn({ name, version: newState.version }, 'LTHash verification failed on snapshot, continuing with partial state');
         }
     }
     return {
@@ -297,24 +346,34 @@ export const decodePatches = async (name, syncds, initial, getAppStateSyncKey, o
         const patchVersion = toNumber(version.version);
         newState.version = patchVersion;
         const shouldMutate = typeof minimumVersionNumber === 'undefined' || patchVersion > minimumVersionNumber;
-        const decodeResult = await decodeSyncdPatch(syncd, name, newState, getAppStateSyncKey, shouldMutate
-            ? mutation => {
-                const index = mutation.syncAction.index?.toString();
-                mutationMap[index] = mutation;
-            }
-            : () => { }, true);
+        let decodeResult;
+        try {
+            decodeResult = await decodeSyncdPatch(syncd, name, newState, getAppStateSyncKey, shouldMutate
+                ? mutation => {
+                    const index = mutation.syncAction.index?.toString();
+                    mutationMap[index] = mutation;
+                }
+                : () => { }, validateMacs);
+        }
+        catch (err) {
+            if (isMissingKeyError(err))
+                throw err;
+            logger?.warn({ name, version: patchVersion, error: err.message }, 'failed to decode patch, skipping');
+            continue;
+        }
         newState.hash = decodeResult.hash;
         newState.indexValueMap = decodeResult.indexValueMap;
         if (validateMacs) {
             const base64Key = Buffer.from(keyId.id).toString('base64');
             const keyEnc = await getAppStateSyncKey(base64Key);
             if (!keyEnc) {
-                throw new Boom(`failed to find key "${base64Key}" to decode mutation`);
+                throw new Boom(`failed to find key "${base64Key}" to decode mutation`, { data: { isMissingKey: true } });
             }
             const result = mutationKeys(keyEnc.keyData);
             const computedSnapshotMac = generateSnapshotMac(newState.hash, newState.version, name, result.snapshotMacKey);
             if (Buffer.compare(snapshotMac, computedSnapshotMac) !== 0) {
-                throw new Boom(`failed to verify LTHash at ${newState.version} of ${name}`);
+                logger?.warn({ name, version: newState.version }, 'LTHash verification failed, skipping remaining patches');
+                break;
             }
         }
         // clear memory used up by the mutations
@@ -779,6 +838,7 @@ export const processSyncAction = (syncAction, ev, me, initialSyncOpts, logger) =
                     action.lidContactAction.firstName ||
                     action.lidContactAction.username ||
                     undefined,
+                username: action.lidContactAction.username || undefined,
                 lid: id,
                 phoneNumber: undefined
             }

package/lib/Utils/companion-reg-client-utils.js

@@ -0,0 +1,35 @@
+export var CompanionWebClientType;
+(function (CompanionWebClientType) {
+    CompanionWebClientType[CompanionWebClientType["UNKNOWN"] = 0] = "UNKNOWN";
+    CompanionWebClientType[CompanionWebClientType["CHROME"] = 1] = "CHROME";
+    CompanionWebClientType[CompanionWebClientType["EDGE"] = 2] = "EDGE";
+    CompanionWebClientType[CompanionWebClientType["FIREFOX"] = 3] = "FIREFOX";
+    CompanionWebClientType[CompanionWebClientType["IE"] = 4] = "IE";
+    CompanionWebClientType[CompanionWebClientType["OPERA"] = 5] = "OPERA";
+    CompanionWebClientType[CompanionWebClientType["SAFARI"] = 6] = "SAFARI";
+    CompanionWebClientType[CompanionWebClientType["ELECTRON"] = 7] = "ELECTRON";
+    CompanionWebClientType[CompanionWebClientType["UWP"] = 8] = "UWP";
+    CompanionWebClientType[CompanionWebClientType["OTHER_WEB_CLIENT"] = 9] = "OTHER_WEB_CLIENT";
+})(CompanionWebClientType || (CompanionWebClientType = {}));
+const BROWSER_TO_COMPANION_WEB_CLIENT = {
+    Chrome: CompanionWebClientType.CHROME,
+    Edge: CompanionWebClientType.EDGE,
+    Firefox: CompanionWebClientType.FIREFOX,
+    IE: CompanionWebClientType.IE,
+    Opera: CompanionWebClientType.OPERA,
+    Safari: CompanionWebClientType.SAFARI
+};
+export const getCompanionWebClientType = ([os, browserName]) => {
+    if (browserName === 'Desktop') {
+        return os === 'Windows' ? CompanionWebClientType.UWP : CompanionWebClientType.ELECTRON;
+    }
+    return BROWSER_TO_COMPANION_WEB_CLIENT[browserName] || CompanionWebClientType.OTHER_WEB_CLIENT;
+};
+export const getCompanionPlatformId = (browser) => {
+    return getCompanionWebClientType(browser).toString();
+};
+export const buildPairingQRData = (ref, noiseKeyB64, identityKeyB64, advB64, browser) => {
+    return ('https://wa.me/settings/linked_devices#' +
+        [ref, noiseKeyB64, identityKeyB64, advB64, getCompanionPlatformId(browser)].join(','));
+};
+//# sourceMappingURL=companion-reg-client-utils.js.map

package/lib/Utils/decode-wa-message.js

@@ -27,13 +27,16 @@ const storeMappingFromEnvelope = async (stanza, sender, repository, decryptionJi
 };
 export const NO_MESSAGE_FOUND_ERROR_TEXT = 'Message absent from node';
 export const MISSING_KEYS_ERROR_TEXT = 'Key used already or never filled';
+export const ACCOUNT_RESTRICTED_TEXT = 'Your account has been restricted';
 // Retry configuration for failed decryption
 export const DECRYPTION_RETRY_CONFIG = {
     maxRetries: 3,
     baseDelayMs: 100,
     sessionRecordErrors: ['No session record', 'SessionError: No session record']
 };
+/** NACK reason codes we send to the server (client → server) */
 export const NACK_REASONS = {
+    SenderReachoutTimelocked: 463,
     ParsingError: 487,
     UnrecognizedStanza: 488,
     UnrecognizedStanzaClass: 489,
@@ -48,6 +51,21 @@ export const NACK_REASONS = {
     UnsupportedLIDGroup: 551,
     DBOperationFailed: 552
 };
+/**
+ * Server-side error codes returned in ack stanzas (server → client) that we
+ * currently have dedicated handlers for. Extend as more handlers are added.
+ * Distinct from the client-side NackReason enum (WAWebCreateNackFromStanza).
+ */
+export const SERVER_ERROR_CODES = {
+    /**
+     * 1:1 message missing privacy token (tctoken). Usually means the account is
+     * restricted: WhatsApp blocks starting new chats but preserves existing ones,
+     * since established chats already carry a tctoken.
+     */
+    MessageAccountRestriction: '463',
+    /** Stanza validation failure (SMAX_INVALID) — likely stale device session */
+    SmaxInvalid: '479'
+};
 export const extractAddressingContext = (stanza) => {
     let senderAlt;
     let recipientAlt;
@@ -88,6 +106,12 @@ export function decodeMessageNode(stanza, meId, meLid) {
     const from = stanza.attrs.from;
     const participant = stanza.attrs.participant;
     const recipient = stanza.attrs.recipient;
+    if (!msgId) {
+        throw new Boom('Invalid message stanza: missing id attribute', { data: stanza });
+    }
+    if (!from) {
+        throw new Boom('Invalid message stanza: missing from attribute', { data: stanza });
+    }
     const addressingContext = extractAddressingContext(stanza);
     const isMe = (jid) => areJidsSameUser(jid, meId);
     const isMeLid = (jid) => areJidsSameUser(jid, meLid);
@@ -102,6 +126,12 @@ export function decodeMessageNode(stanza, meId, meLid) {
             chatId = recipient;
         }
         else {
+            // Peer-routed self stanzas (history sync, app-state sync, etc.) arrive
+            // with `from` set to our own device but no `recipient` attribute —
+            // still mark as fromMe so self-only protocolMessage handlers run.
+            if (isMe(from) || isMeLid(from)) {
+                fromMe = true;
+            }
             chatId = from;
         }
         msgType = 'chat';
@@ -148,10 +178,14 @@ export function decodeMessageNode(stanza, meId, meLid) {
     const key = {
         remoteJid: chatId,
         remoteJidAlt: !isJidGroup(chatId) ? addressingContext.senderAlt : undefined,
+        remoteJidUsername: !isJidGroup(chatId)
+            ? stanza.attrs.peer_recipient_username || stanza.attrs.recipient_username
+            : undefined,
         fromMe,
         id: msgId,
         participant,
         participantAlt: isJidGroup(chatId) ? addressingContext.senderAlt : undefined,
+        participantUsername: stanza.attrs.participant ? stanza.attrs.participant_username : undefined,
         addressingMode: addressingContext.addressingMode,
         ...(msgType === 'newsletter' && stanza.attrs.server_id ? { server_id: stanza.attrs.server_id } : {})
     };