npm - @sideband/secure-relay - Versions diffs - 0.0.1 → 0.1.0 - Mend

@sideband/secure-relay 0.0.1 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

package/dist/handshake.js DELETED Viewed

@@ -1,83 +0,0 @@
-// SPDX-FileCopyrightText: 2025-present Sideband
-// SPDX-License-Identifier: AGPL-3.0-or-later
-/**
- * E2EE handshake protocol for Sideband Relay Protocol (SBRP).
- *
- * Implements the authenticated key exchange between browser and daemon,
- * with Ed25519 signatures for MITM protection.
- */
-import { computeSharedSecret, createSignaturePayload, createTranscriptHash, deriveTrafficKeys, generateEphemeralKeyPair, signPayload, verifySignature, zeroize, } from "./crypto.js";
-import { SbrpError, SbrpErrorCode } from "./types.js";
-/**
- * Create a handshake init message (browser side).
- *
- * Generates an ephemeral X25519 keypair for this session.
- */
-export function createHandshakeInit() {
-    const ephemeralKeyPair = generateEphemeralKeyPair();
-    return {
-        message: {
-            type: "handshake.init",
-            browserPublicKey: ephemeralKeyPair.publicKey,
-        },
-        ephemeralKeyPair,
-    };
-}
-/**
- * Process handshake init and create accept message (daemon side).
- *
- * 1. Generate ephemeral X25519 keypair
- * 2. Sign ephemeral public key with identity key (context-bound)
- * 3. Derive traffic keys
- */
-export function processHandshakeInit(init, daemonId, identityKeyPair) {
-    const ephemeralKeyPair = generateEphemeralKeyPair();
-    // Sign ephemeral key with context binding
-    const signaturePayload = createSignaturePayload(daemonId, init.browserPublicKey, ephemeralKeyPair.publicKey);
-    const signature = signPayload(signaturePayload, identityKeyPair.privateKey);
-    // Derive traffic keys
-    const sharedSecret = computeSharedSecret(ephemeralKeyPair.privateKey, init.browserPublicKey);
-    const transcriptHash = createTranscriptHash(daemonId, init.browserPublicKey, ephemeralKeyPair.publicKey, signature);
-    const trafficKeys = deriveTrafficKeys(sharedSecret, transcriptHash);
-    // Best-effort zeroize shared secret
-    zeroize(sharedSecret);
-    return {
-        message: {
-            type: "handshake.accept",
-            daemonPublicKey: ephemeralKeyPair.publicKey,
-            signature,
-        },
-        result: {
-            trafficKeys,
-            ephemeralKeyPair,
-            signature,
-        },
-    };
-}
-/**
- * Process handshake accept message (client side).
- *
- * 1. Verify signature using PINNED identity key (TOFU)
- * 2. Derive traffic keys using same transcript hash as daemon
- *
- * @throws {SbrpError} with code HandshakeFailed if signature verification fails
- */
-export function processHandshakeAccept(accept, daemonId, pinnedIdentityPublicKey, ephemeralKeyPair) {
-    // Verify daemon signature using PINNED key (not relay-provided!)
-    const signaturePayload = createSignaturePayload(daemonId, ephemeralKeyPair.publicKey, accept.daemonPublicKey);
-    const valid = verifySignature(signaturePayload, accept.signature, pinnedIdentityPublicKey);
-    if (!valid) {
-        throw new SbrpError(SbrpErrorCode.HandshakeFailed, "Signature verification failed");
-    }
-    // Derive traffic keys using same transcript hash as daemon
-    const sharedSecret = computeSharedSecret(ephemeralKeyPair.privateKey, accept.daemonPublicKey);
-    const transcriptHash = createTranscriptHash(daemonId, ephemeralKeyPair.publicKey, accept.daemonPublicKey, accept.signature);
-    const trafficKeys = deriveTrafficKeys(sharedSecret, transcriptHash);
-    // Best-effort zeroize shared secret
-    zeroize(sharedSecret);
-    return {
-        trafficKeys,
-        ephemeralKeyPair,
-    };
-}
-//# sourceMappingURL=handshake.js.map

package/dist/handshake.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"handshake.js","sourceRoot":"","sources":["../src/handshake.ts"],"names":[],"mappings":"AAAA,gDAAgD;AAChD,6CAA6C;AAE7C;;;;;GAKG;AAEH,OAAO,EACL,mBAAmB,EACnB,sBAAsB,EACtB,oBAAoB,EACpB,iBAAiB,EACjB,wBAAwB,EACxB,WAAW,EACX,eAAe,EACf,OAAO,GACR,MAAM,aAAa,CAAC;AASrB,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAetD;;;;GAIG;AACH,MAAM,UAAU,mBAAmB;IAIjC,MAAM,gBAAgB,GAAG,wBAAwB,EAAE,CAAC;IACpD,OAAO;QACL,OAAO,EAAE;YACP,IAAI,EAAE,gBAAgB;YACtB,gBAAgB,EAAE,gBAAgB,CAAC,SAAS;SAC7C;QACD,gBAAgB;KACjB,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAClC,IAAmB,EACnB,QAAkB,EAClB,eAAgC;IAEhC,MAAM,gBAAgB,GAAG,wBAAwB,EAAE,CAAC;IAEpD,0CAA0C;IAC1C,MAAM,gBAAgB,GAAG,sBAAsB,CAC7C,QAAQ,EACR,IAAI,CAAC,gBAAgB,EACrB,gBAAgB,CAAC,SAAS,CAC3B,CAAC;IACF,MAAM,SAAS,GAAG,WAAW,CAAC,gBAAgB,EAAE,eAAe,CAAC,UAAU,CAAC,CAAC;IAE5E,sBAAsB;IACtB,MAAM,YAAY,GAAG,mBAAmB,CACtC,gBAAgB,CAAC,UAAU,EAC3B,IAAI,CAAC,gBAAgB,CACtB,CAAC;IACF,MAAM,cAAc,GAAG,oBAAoB,CACzC,QAAQ,EACR,IAAI,CAAC,gBAAgB,EACrB,gBAAgB,CAAC,SAAS,EAC1B,SAAS,CACV,CAAC;IACF,MAAM,WAAW,GAAG,iBAAiB,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAEpE,oCAAoC;IACpC,OAAO,CAAC,YAAY,CAAC,CAAC;IAEtB,OAAO;QACL,OAAO,EAAE;YACP,IAAI,EAAE,kBAAkB;YACxB,eAAe,EAAE,gBAAgB,CAAC,SAAS;YAC3C,SAAS;SACV;QACD,MAAM,EAAE;YACN,WAAW;YACX,gBAAgB;YAChB,SAAS;SACV;KACF,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,sBAAsB,CACpC,MAAuB,EACvB,QAAkB,EAClB,uBAAmC,EACnC,gBAAkC;IAElC,iEAAiE;IACjE,MAAM,gBAAgB,GAAG,sBAAsB,CAC7C,QAAQ,EACR,gBAAgB,CAAC,SAAS,EAC1B,MAAM,CAAC,eAAe,CACvB,CAAC;IAEF,MAAM,KAAK,GAAG,eAAe,CAC3B,gBAAgB,EAChB,MAAM,CAAC,SAAS,EAChB,uBAAuB,CACxB,CAAC;IAEF,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,SAAS,CACjB,aAAa,CAAC,eAAe,EAC7B,+BAA+B,CAChC,CAAC;IACJ,CAAC;IAED,2DAA2D;IAC3D,MAAM,YAAY,GAAG,mBAAmB,CACtC,gBAAgB,CAAC,UAAU,EAC3B,MAAM,CAAC,eAAe,CACvB,CAAC;IACF,MAAM,cAAc,GAAG,oBAAoB,CACzC,QAAQ,EACR,gBAAgB,CAAC,SAAS,EAC1B,MAAM,CAAC,eAAe,EACtB,MAAM,CAAC,SAAS,CACjB,CAAC;IACF,MAAM,WAAW,GAAG,iBAAiB,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAEpE,oCAAoC;IACpC,OAAO,CAAC,YAAY,CAAC,CAAC;IAEtB,OAAO;QACL,WAAW;QACX,gBAAgB;KACjB,CAAC;AACJ,CAAC"}

package/dist/index.d.ts DELETED Viewed

@@ -1,45 +0,0 @@
-/**
- * @sideband/secure-relay
- *
- * Sideband Relay Protocol (SBRP) implementation for E2EE communication
- * between daemons and clients via a relay server.
- *
- * Features:
- * - Ed25519 identity signatures for MITM protection
- * - X25519 ephemeral key exchange for forward secrecy
- * - ChaCha20-Poly1305 authenticated encryption
- * - TOFU (Trust On First Use) identity pinning
- * - Bitmap-based replay protection
- *
- * @example
- * ```typescript
- * // Daemon side: generate identity keypair on first run
- * const identity = generateIdentityKeyPair();
- *
- * // Client side: create handshake init
- * const { message: init, ephemeralKeyPair } = createHandshakeInit();
- *
- * // Daemon side: process init and create accept
- * const { message: accept, result } = processHandshakeInit(init, daemonId, identity);
- * const clientSession = createClientSession(clientId, result.trafficKeys);
- *
- * // Client side: process accept (with TOFU-pinned identity)
- * const { trafficKeys } = processHandshakeAccept(accept, daemonId, pinnedKey, ephemeralKeyPair);
- * const daemonConn = createDaemonConnection(trafficKeys);
- *
- * // Encrypt/decrypt messages
- * const encrypted = encryptClientToDaemon(daemonConn, plaintext);
- * const decrypted = decryptClientToDaemon(clientSession, encrypted);
- * ```
- */
-export type { ClientId, DaemonId, EncryptedMessage, EphemeralKeyPair, HandshakeAccept, HandshakeInit, IdentityKeyPair, PinnedIdentity, TrafficKeys, } from "./types.js";
-export { asClientId, asDaemonId, Direction, SbrpError, SbrpErrorCode } from "./types.js";
-export { AUTH_TAG_LENGTH, DEFAULT_REPLAY_WINDOW_SIZE, DIRECTION_CLIENT_TO_DAEMON, DIRECTION_DAEMON_TO_CLIENT, ED25519_PRIVATE_KEY_LENGTH, ED25519_PUBLIC_KEY_LENGTH, ED25519_SIGNATURE_LENGTH, NONCE_LENGTH, SBRP_HANDSHAKE_CONTEXT, SBRP_SESSION_KEYS_INFO, SBRP_TRANSCRIPT_CONTEXT, SESSION_KEYS_LENGTH, SYMMETRIC_KEY_LENGTH, X25519_PRIVATE_KEY_LENGTH, X25519_PUBLIC_KEY_LENGTH, } from "./constants.js";
-export { computeFingerprint, computeSharedSecret, constructNonce, createSignaturePayload, createTranscriptHash, decrypt, deriveTrafficKeys, encrypt, extractSequence, generateEphemeralKeyPair, generateIdentityKeyPair, randomBytes, signPayload, verifySignature, zeroize, } from "./crypto.js";
-export type { ClientHandshakeResult, DaemonHandshakeResult, } from "./handshake.js";
-export { createHandshakeInit, processHandshakeAccept, processHandshakeInit, } from "./handshake.js";
-export type { ReplayWindow } from "./replay.js";
-export { checkAndUpdateReplay, createReplayWindow, isValidSequence, resetReplayWindow, } from "./replay.js";
-export type { ClientSession, DaemonConnection } from "./session.js";
-export { clearClientSession, clearDaemonConnection, createClientSession, createDaemonConnection, decryptClientToDaemon, decryptDaemonToClient, encryptClientToDaemon, encryptDaemonToClient, } from "./session.js";
-//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AAGH,YAAY,EACV,QAAQ,EACR,QAAQ,EACR,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EACf,aAAa,EACb,eAAe,EACf,cAAc,EACd,WAAW,GACZ,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAGzF,OAAO,EACL,eAAe,EACf,0BAA0B,EAC1B,0BAA0B,EAC1B,0BAA0B,EAC1B,0BAA0B,EAC1B,yBAAyB,EACzB,wBAAwB,EACxB,YAAY,EACZ,sBAAsB,EACtB,sBAAsB,EACtB,uBAAuB,EACvB,mBAAmB,EACnB,oBAAoB,EACpB,yBAAyB,EACzB,wBAAwB,GACzB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EACL,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,EACd,sBAAsB,EACtB,oBAAoB,EACpB,OAAO,EACP,iBAAiB,EACjB,OAAO,EACP,eAAe,EACf,wBAAwB,EACxB,uBAAuB,EACvB,WAAW,EACX,WAAW,EACX,eAAe,EACf,OAAO,GACR,MAAM,aAAa,CAAC;AAGrB,YAAY,EACV,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EACL,mBAAmB,EACnB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,gBAAgB,CAAC;AAGxB,YAAY,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAEhD,OAAO,EACL,oBAAoB,EACpB,kBAAkB,EAClB,eAAe,EACf,iBAAiB,GAClB,MAAM,aAAa,CAAC;AAGrB,YAAY,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAEpE,OAAO,EACL,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,sBAAsB,EACtB,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,cAAc,CAAC"}

package/dist/index.js DELETED Viewed

@@ -1,11 +0,0 @@
-// SPDX-FileCopyrightText: 2025-present Sideband
-// SPDX-License-Identifier: AGPL-3.0-or-later
-export { asClientId, asDaemonId, Direction, SbrpError, SbrpErrorCode } from "./types.js";
-// Constants
-export { AUTH_TAG_LENGTH, DEFAULT_REPLAY_WINDOW_SIZE, DIRECTION_CLIENT_TO_DAEMON, DIRECTION_DAEMON_TO_CLIENT, ED25519_PRIVATE_KEY_LENGTH, ED25519_PUBLIC_KEY_LENGTH, ED25519_SIGNATURE_LENGTH, NONCE_LENGTH, SBRP_HANDSHAKE_CONTEXT, SBRP_SESSION_KEYS_INFO, SBRP_TRANSCRIPT_CONTEXT, SESSION_KEYS_LENGTH, SYMMETRIC_KEY_LENGTH, X25519_PRIVATE_KEY_LENGTH, X25519_PUBLIC_KEY_LENGTH, } from "./constants.js";
-// Crypto primitives
-export { computeFingerprint, computeSharedSecret, constructNonce, createSignaturePayload, createTranscriptHash, decrypt, deriveTrafficKeys, encrypt, extractSequence, generateEphemeralKeyPair, generateIdentityKeyPair, randomBytes, signPayload, verifySignature, zeroize, } from "./crypto.js";
-export { createHandshakeInit, processHandshakeAccept, processHandshakeInit, } from "./handshake.js";
-export { checkAndUpdateReplay, createReplayWindow, isValidSequence, resetReplayWindow, } from "./replay.js";
-export { clearClientSession, clearDaemonConnection, createClientSession, createDaemonConnection, decryptClientToDaemon, decryptDaemonToClient, encryptClientToDaemon, encryptDaemonToClient, } from "./session.js";
-//# sourceMappingURL=index.js.map

package/dist/index.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,gDAAgD;AAChD,6CAA6C;AAkD7C,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAEzF,YAAY;AACZ,OAAO,EACL,eAAe,EACf,0BAA0B,EAC1B,0BAA0B,EAC1B,0BAA0B,EAC1B,0BAA0B,EAC1B,yBAAyB,EACzB,wBAAwB,EACxB,YAAY,EACZ,sBAAsB,EACtB,sBAAsB,EACtB,uBAAuB,EACvB,mBAAmB,EACnB,oBAAoB,EACpB,yBAAyB,EACzB,wBAAwB,GACzB,MAAM,gBAAgB,CAAC;AAExB,oBAAoB;AACpB,OAAO,EACL,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,EACd,sBAAsB,EACtB,oBAAoB,EACpB,OAAO,EACP,iBAAiB,EACjB,OAAO,EACP,eAAe,EACf,wBAAwB,EACxB,uBAAuB,EACvB,WAAW,EACX,WAAW,EACX,eAAe,EACf,OAAO,GACR,MAAM,aAAa,CAAC;AAQrB,OAAO,EACL,mBAAmB,EACnB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,gBAAgB,CAAC;AAKxB,OAAO,EACL,oBAAoB,EACpB,kBAAkB,EAClB,eAAe,EACf,iBAAiB,GAClB,MAAM,aAAa,CAAC;AAKrB,OAAO,EACL,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,sBAAsB,EACtB,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,cAAc,CAAC"}

package/dist/replay.d.ts DELETED Viewed

@@ -1,32 +0,0 @@
-/** Replay window state */
-export interface ReplayWindow {
-    /** Highest accepted sequence number */
-    maxSeen: bigint;
-    /** Bitmap: bit i set = sequence (maxSeen - i) was seen */
-    bitmap: bigint;
-    /** Window size in bits */
-    windowSize: bigint;
-}
-/**
- * Create a new replay window.
- *
- * @param windowSize - Window size in bits (default: 64)
- */
-export declare function createReplayWindow(windowSize?: bigint): ReplayWindow;
-/**
- * Check if a sequence number is valid (not a replay) and update the window.
- *
- * @returns true if the sequence is valid and accepted, false if it's a replay
- */
-export declare function checkAndUpdateReplay(seq: bigint, window: ReplayWindow): boolean;
-/**
- * Check if a sequence number would be valid without updating the window.
- *
- * Useful for pre-validation before decryption.
- */
-export declare function isValidSequence(seq: bigint, window: ReplayWindow): boolean;
-/**
- * Reset the replay window to initial state.
- */
-export declare function resetReplayWindow(window: ReplayWindow): void;
-//# sourceMappingURL=replay.d.ts.map

package/dist/replay.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"replay.d.ts","sourceRoot":"","sources":["../src/replay.ts"],"names":[],"mappings":"AAaA,0BAA0B;AAC1B,MAAM,WAAW,YAAY;IAC3B,uCAAuC;IACvC,OAAO,EAAE,MAAM,CAAC;IAChB,0DAA0D;IAC1D,MAAM,EAAE,MAAM,CAAC;IACf,0BAA0B;IAC1B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAChC,UAAU,GAAE,MAAmC,GAC9C,YAAY,CAMd;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAClC,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,YAAY,GACnB,OAAO,CAqCT;AAED;;;;GAIG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,YAAY,GAAG,OAAO,CAgB1E;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,YAAY,GAAG,IAAI,CAG5D"}

package/dist/replay.js DELETED Viewed

@@ -1,89 +0,0 @@
-// SPDX-FileCopyrightText: 2025-present Sideband
-// SPDX-License-Identifier: AGPL-3.0-or-later
-/**
- * Bitmap-based replay protection for Sideband Relay Protocol (SBRP).
- *
- * Uses a sliding window to track seen sequence numbers and prevent
- * replay attacks while avoiding memory exhaustion from attacker-controlled
- * sequence numbers.
- */
-import { DEFAULT_REPLAY_WINDOW_SIZE } from "./constants.js";
-/**
- * Create a new replay window.
- *
- * @param windowSize - Window size in bits (default: 64)
- */
-export function createReplayWindow(windowSize = DEFAULT_REPLAY_WINDOW_SIZE) {
-    return {
-        maxSeen: -1n, // No messages seen yet
-        bitmap: 0n,
-        windowSize,
-    };
-}
-/**
- * Check if a sequence number is valid (not a replay) and update the window.
- *
- * @returns true if the sequence is valid and accepted, false if it's a replay
- */
-export function checkAndUpdateReplay(seq, window) {
-    // First message ever
-    if (window.maxSeen === -1n) {
-        window.maxSeen = seq;
-        window.bitmap = 1n;
-        return true;
-    }
-    if (seq > window.maxSeen) {
-        // New high sequence - shift window
-        const shift = seq - window.maxSeen;
-        if (shift >= window.windowSize) {
-            // Sequence is far ahead, reset bitmap
-            window.bitmap = 1n;
-        }
-        else {
-            window.bitmap = (window.bitmap << shift) | 1n;
-        }
-        window.maxSeen = seq;
-        return true;
-    }
-    // Sequence is within or before the window
-    const diff = window.maxSeen - seq;
-    if (diff >= window.windowSize) {
-        // Too old, outside window
-        return false;
-    }
-    const mask = 1n << diff;
-    if (window.bitmap & mask) {
-        // Already seen (replay)
-        return false;
-    }
-    // Mark as seen
-    window.bitmap |= mask;
-    return true;
-}
-/**
- * Check if a sequence number would be valid without updating the window.
- *
- * Useful for pre-validation before decryption.
- */
-export function isValidSequence(seq, window) {
-    if (window.maxSeen === -1n) {
-        return true;
-    }
-    if (seq > window.maxSeen) {
-        return true;
-    }
-    const diff = window.maxSeen - seq;
-    if (diff >= window.windowSize) {
-        return false;
-    }
-    const mask = 1n << diff;
-    return (window.bitmap & mask) === 0n;
-}
-/**
- * Reset the replay window to initial state.
- */
-export function resetReplayWindow(window) {
-    window.maxSeen = -1n;
-    window.bitmap = 0n;
-}
-//# sourceMappingURL=replay.js.map

package/dist/replay.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"replay.js","sourceRoot":"","sources":["../src/replay.ts"],"names":[],"mappings":"AAAA,gDAAgD;AAChD,6CAA6C;AAE7C;;;;;;GAMG;AAEH,OAAO,EAAE,0BAA0B,EAAE,MAAM,gBAAgB,CAAC;AAY5D;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAChC,aAAqB,0BAA0B;IAE/C,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,EAAE,uBAAuB;QACrC,MAAM,EAAE,EAAE;QACV,UAAU;KACX,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAClC,GAAW,EACX,MAAoB;IAEpB,qBAAqB;IACrB,IAAI,MAAM,CAAC,OAAO,KAAK,CAAC,EAAE,EAAE,CAAC;QAC3B,MAAM,CAAC,OAAO,GAAG,GAAG,CAAC;QACrB,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC;QACnB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,GAAG,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QACzB,mCAAmC;QACnC,MAAM,KAAK,GAAG,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC;QACnC,IAAI,KAAK,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;YAC/B,sCAAsC;YACtC,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC;QACrB,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,KAAK,CAAC,GAAG,EAAE,CAAC;QAChD,CAAC;QACD,MAAM,CAAC,OAAO,GAAG,GAAG,CAAC;QACrB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,0CAA0C;IAC1C,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,GAAG,GAAG,CAAC;IAClC,IAAI,IAAI,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QAC9B,0BAA0B;QAC1B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,IAAI,GAAG,EAAE,IAAI,IAAI,CAAC;IACxB,IAAI,MAAM,CAAC,MAAM,GAAG,IAAI,EAAE,CAAC;QACzB,wBAAwB;QACxB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,eAAe;IACf,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC;IACtB,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAAC,GAAW,EAAE,MAAoB;IAC/D,IAAI,MAAM,CAAC,OAAO,KAAK,CAAC,EAAE,EAAE,CAAC;QAC3B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,GAAG,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QACzB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,GAAG,GAAG,CAAC;IAClC,IAAI,IAAI,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QAC9B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,IAAI,GAAG,EAAE,IAAI,IAAI,CAAC;IACxB,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;AACvC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAoB;IACpD,MAAM,CAAC,OAAO,GAAG,CAAC,EAAE,CAAC;IACrB,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC;AACrB,CAAC"}

package/dist/session.d.ts DELETED Viewed

@@ -1,67 +0,0 @@
-import { type ReplayWindow } from "./replay.js";
-import type { ClientId, EncryptedMessage, TrafficKeys } from "./types.js";
-/** Crypto state for one direction of communication (traffic key, counters, replay) */
-interface ChannelState {
-    trafficKey: Uint8Array;
-    sendSeq: bigint;
-    recvWindow: ReplayWindow;
-}
-/** Client session (daemon-side state for each connected client) */
-export interface ClientSession {
-    clientId: ClientId;
-    clientToDaemon: ChannelState;
-    daemonToClient: ChannelState;
-}
-/** Daemon connection (client-side state for communicating with daemon) */
-export interface DaemonConnection {
-    clientToDaemon: ChannelState;
-    daemonToClient: ChannelState;
-}
-/**
- * Create a client session (daemon side).
- *
- * Used by daemon to manage state for each connected client.
- */
-export declare function createClientSession(clientId: ClientId, trafficKeys: TrafficKeys): ClientSession;
-/**
- * Create a daemon connection (client side).
- *
- * Used by client to communicate with daemon.
- */
-export declare function createDaemonConnection(trafficKeys: TrafficKeys): DaemonConnection;
-/**
- * Encrypt a message from client to daemon.
- */
-export declare function encryptClientToDaemon(conn: DaemonConnection, plaintext: Uint8Array): EncryptedMessage;
-/**
- * Encrypt a message from daemon to client.
- */
-export declare function encryptDaemonToClient(session: ClientSession, plaintext: Uint8Array): EncryptedMessage;
-/**
- * Decrypt a message received by daemon from client.
- *
- * @throws {SbrpError} with code SequenceError if replay detected
- * @throws {SbrpError} with code DecryptFailed if decryption fails
- */
-export declare function decryptClientToDaemon(session: ClientSession, message: EncryptedMessage): Uint8Array;
-/**
- * Decrypt a message received by client from daemon.
- *
- * @throws {SbrpError} with code SequenceError if replay detected
- * @throws {SbrpError} with code DecryptFailed if decryption fails
- */
-export declare function decryptDaemonToClient(conn: DaemonConnection, message: EncryptedMessage): Uint8Array;
-/**
- * Clear all key material from a client session.
- *
- * Best-effort zeroization (JS/GC limitations apply).
- */
-export declare function clearClientSession(session: ClientSession): void;
-/**
- * Clear all key material from a daemon connection.
- *
- * Best-effort zeroization (JS/GC limitations apply).
- */
-export declare function clearDaemonConnection(conn: DaemonConnection): void;
-export {};
-//# sourceMappingURL=session.d.ts.map

package/dist/session.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../src/session.ts"],"names":[],"mappings":"AAWA,OAAO,EAGL,KAAK,YAAY,EAClB,MAAM,aAAa,CAAC;AACrB,OAAO,KAAK,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAG1E,sFAAsF;AACtF,UAAU,YAAY;IACpB,UAAU,EAAE,UAAU,CAAC;IACvB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,YAAY,CAAC;CAC1B;AAED,mEAAmE;AACnE,MAAM,WAAW,aAAa;IAC5B,QAAQ,EAAE,QAAQ,CAAC;IACnB,cAAc,EAAE,YAAY,CAAC;IAC7B,cAAc,EAAE,YAAY,CAAC;CAC9B;AAED,0EAA0E;AAC1E,MAAM,WAAW,gBAAgB;IAC/B,cAAc,EAAE,YAAY,CAAC;IAC7B,cAAc,EAAE,YAAY,CAAC;CAC9B;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,QAAQ,EAClB,WAAW,EAAE,WAAW,GACvB,aAAa,CAcf;AAED;;;;GAIG;AACH,wBAAgB,sBAAsB,CACpC,WAAW,EAAE,WAAW,GACvB,gBAAgB,CAalB;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CACnC,IAAI,EAAE,gBAAgB,EACtB,SAAS,EAAE,UAAU,GACpB,gBAAgB,CAUlB;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,aAAa,EACtB,SAAS,EAAE,UAAU,GACpB,gBAAgB,CAUlB;AAED;;;;;GAKG;AACH,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,aAAa,EACtB,OAAO,EAAE,gBAAgB,GACxB,UAAU,CAeZ;AAED;;;;;GAKG;AACH,wBAAgB,qBAAqB,CACnC,IAAI,EAAE,gBAAgB,EACtB,OAAO,EAAE,gBAAgB,GACxB,UAAU,CAeZ;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,aAAa,GAAG,IAAI,CAG/D;AAED;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,gBAAgB,GAAG,IAAI,CAGlE"}

package/dist/session.js DELETED Viewed

@@ -1,123 +0,0 @@
-// SPDX-FileCopyrightText: 2025-present Sideband
-// SPDX-License-Identifier: AGPL-3.0-or-later
-/**
- * Session management for Sideband Relay Protocol (SBRP).
- *
- * Handles encrypted message sending/receiving with proper key selection,
- * sequence number tracking, and replay protection.
- */
-import { decrypt, encrypt, extractSequence, zeroize } from "./crypto.js";
-import { checkAndUpdateReplay, createReplayWindow, } from "./replay.js";
-import { Direction, SbrpError, SbrpErrorCode } from "./types.js";
-/**
- * Create a client session (daemon side).
- *
- * Used by daemon to manage state for each connected client.
- */
-export function createClientSession(clientId, trafficKeys) {
-    return {
-        clientId,
-        clientToDaemon: {
-            trafficKey: trafficKeys.clientToDaemon,
-            sendSeq: 0n,
-            recvWindow: createReplayWindow(),
-        },
-        daemonToClient: {
-            trafficKey: trafficKeys.daemonToClient,
-            sendSeq: 0n,
-            recvWindow: createReplayWindow(),
-        },
-    };
-}
-/**
- * Create a daemon connection (client side).
- *
- * Used by client to communicate with daemon.
- */
-export function createDaemonConnection(trafficKeys) {
-    return {
-        clientToDaemon: {
-            trafficKey: trafficKeys.clientToDaemon,
-            sendSeq: 0n,
-            recvWindow: createReplayWindow(),
-        },
-        daemonToClient: {
-            trafficKey: trafficKeys.daemonToClient,
-            sendSeq: 0n,
-            recvWindow: createReplayWindow(),
-        },
-    };
-}
-/**
- * Encrypt a message from client to daemon.
- */
-export function encryptClientToDaemon(conn, plaintext) {
-    const seq = conn.clientToDaemon.sendSeq++;
-    const data = encrypt(conn.clientToDaemon.trafficKey, Direction.ClientToDaemon, seq, plaintext);
-    return { type: "encrypted", seq, data };
-}
-/**
- * Encrypt a message from daemon to client.
- */
-export function encryptDaemonToClient(session, plaintext) {
-    const seq = session.daemonToClient.sendSeq++;
-    const data = encrypt(session.daemonToClient.trafficKey, Direction.DaemonToClient, seq, plaintext);
-    return { type: "encrypted", seq, data };
-}
-/**
- * Decrypt a message received by daemon from client.
- *
- * @throws {SbrpError} with code SequenceError if replay detected
- * @throws {SbrpError} with code DecryptFailed if decryption fails
- */
-export function decryptClientToDaemon(session, message) {
-    // Check replay protection
-    const seq = extractSequence(message.data);
-    if (!checkAndUpdateReplay(seq, session.clientToDaemon.recvWindow)) {
-        throw new SbrpError(SbrpErrorCode.SequenceError, "Sequence number outside valid window or replay detected");
-    }
-    try {
-        return decrypt(session.clientToDaemon.trafficKey, message.data);
-    }
-    catch {
-        throw new SbrpError(SbrpErrorCode.DecryptFailed, "Message decryption failed");
-    }
-}
-/**
- * Decrypt a message received by client from daemon.
- *
- * @throws {SbrpError} with code SequenceError if replay detected
- * @throws {SbrpError} with code DecryptFailed if decryption fails
- */
-export function decryptDaemonToClient(conn, message) {
-    // Check replay protection
-    const seq = extractSequence(message.data);
-    if (!checkAndUpdateReplay(seq, conn.daemonToClient.recvWindow)) {
-        throw new SbrpError(SbrpErrorCode.SequenceError, "Sequence number outside valid window or replay detected");
-    }
-    try {
-        return decrypt(conn.daemonToClient.trafficKey, message.data);
-    }
-    catch {
-        throw new SbrpError(SbrpErrorCode.DecryptFailed, "Message decryption failed");
-    }
-}
-/**
- * Clear all key material from a client session.
- *
- * Best-effort zeroization (JS/GC limitations apply).
- */
-export function clearClientSession(session) {
-    zeroize(session.clientToDaemon.trafficKey);
-    zeroize(session.daemonToClient.trafficKey);
-}
-/**
- * Clear all key material from a daemon connection.
- *
- * Best-effort zeroization (JS/GC limitations apply).
- */
-export function clearDaemonConnection(conn) {
-    zeroize(conn.clientToDaemon.trafficKey);
-    zeroize(conn.daemonToClient.trafficKey);
-}
-//# sourceMappingURL=session.js.map

package/dist/session.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"session.js","sourceRoot":"","sources":["../src/session.ts"],"names":[],"mappings":"AAAA,gDAAgD;AAChD,6CAA6C;AAE7C;;;;;GAKG;AAEH,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACzE,OAAO,EACL,oBAAoB,EACpB,kBAAkB,GAEnB,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAsBjE;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CACjC,QAAkB,EAClB,WAAwB;IAExB,OAAO;QACL,QAAQ;QACR,cAAc,EAAE;YACd,UAAU,EAAE,WAAW,CAAC,cAAc;YACtC,OAAO,EAAE,EAAE;YACX,UAAU,EAAE,kBAAkB,EAAE;SACjC;QACD,cAAc,EAAE;YACd,UAAU,EAAE,WAAW,CAAC,cAAc;YACtC,OAAO,EAAE,EAAE;YACX,UAAU,EAAE,kBAAkB,EAAE;SACjC;KACF,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,sBAAsB,CACpC,WAAwB;IAExB,OAAO;QACL,cAAc,EAAE;YACd,UAAU,EAAE,WAAW,CAAC,cAAc;YACtC,OAAO,EAAE,EAAE;YACX,UAAU,EAAE,kBAAkB,EAAE;SACjC;QACD,cAAc,EAAE;YACd,UAAU,EAAE,WAAW,CAAC,cAAc;YACtC,OAAO,EAAE,EAAE;YACX,UAAU,EAAE,kBAAkB,EAAE;SACjC;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CACnC,IAAsB,EACtB,SAAqB;IAErB,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;IAC1C,MAAM,IAAI,GAAG,OAAO,CAClB,IAAI,CAAC,cAAc,CAAC,UAAU,EAC9B,SAAS,CAAC,cAAc,EACxB,GAAG,EACH,SAAS,CACV,CAAC;IAEF,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CACnC,OAAsB,EACtB,SAAqB;IAErB,MAAM,GAAG,GAAG,OAAO,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;IAC7C,MAAM,IAAI,GAAG,OAAO,CAClB,OAAO,CAAC,cAAc,CAAC,UAAU,EACjC,SAAS,CAAC,cAAc,EACxB,GAAG,EACH,SAAS,CACV,CAAC;IAEF,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;AAC1C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,qBAAqB,CACnC,OAAsB,EACtB,OAAyB;IAEzB,0BAA0B;IAC1B,MAAM,GAAG,GAAG,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1C,IAAI,CAAC,oBAAoB,CAAC,GAAG,EAAE,OAAO,CAAC,cAAc,CAAC,UAAU,CAAC,EAAE,CAAC;QAClE,MAAM,IAAI,SAAS,CACjB,aAAa,CAAC,aAAa,EAC3B,yDAAyD,CAC1D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,OAAO,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;IAClE,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,SAAS,CAAC,aAAa,CAAC,aAAa,EAAE,2BAA2B,CAAC,CAAC;IAChF,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,qBAAqB,CACnC,IAAsB,EACtB,OAAyB;IAEzB,0BAA0B;IAC1B,MAAM,GAAG,GAAG,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1C,IAAI,CAAC,oBAAoB,CAAC,GAAG,EAAE,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/D,MAAM,IAAI,SAAS,CACjB,aAAa,CAAC,aAAa,EAC3B,yDAAyD,CAC1D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,OAAO,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/D,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,SAAS,CAAC,aAAa,CAAC,aAAa,EAAE,2BAA2B,CAAC,CAAC;IAChF,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAsB;IACvD,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;IAC3C,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;AAC7C,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CAAC,IAAsB;IAC1D,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;IACxC,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;AAC1C,CAAC"}

package/dist/types.d.ts DELETED Viewed

@@ -1,79 +0,0 @@
-/**
- * Type definitions for Sideband Relay Protocol (SBRP).
- */
-/** Branded type for daemon identifiers */
-export type DaemonId = string & {
-    readonly __brand: "DaemonId";
-};
-/** Branded type for client session identifiers (relay-assigned) */
-export type ClientId = string & {
-    readonly __brand: "ClientId";
-};
-/** Ed25519 identity keypair for daemon authentication */
-export interface IdentityKeyPair {
-    publicKey: Uint8Array;
-    privateKey: Uint8Array;
-}
-/** X25519 ephemeral keypair for key exchange */
-export interface EphemeralKeyPair {
-    publicKey: Uint8Array;
-    privateKey: Uint8Array;
-}
-/** Pinned identity for TOFU verification (browser-side storage) */
-export interface PinnedIdentity {
-    daemonId: DaemonId;
-    identityPublicKey: Uint8Array;
-    firstSeen: Date;
-    lastSeen: Date;
-}
-/** Traffic keys derived from handshake (directional symmetric keys) */
-export interface TrafficKeys {
-    /** Key for encrypting client→daemon messages */
-    clientToDaemon: Uint8Array;
-    /** Key for encrypting daemon→client messages */
-    daemonToClient: Uint8Array;
-}
-/** Handshake init message (browser → daemon) */
-export interface HandshakeInit {
-    type: "handshake.init";
-    browserPublicKey: Uint8Array;
-}
-/** Handshake accept message (daemon → browser) */
-export interface HandshakeAccept {
-    type: "handshake.accept";
-    daemonPublicKey: Uint8Array;
-    signature: Uint8Array;
-}
-/** Encrypted message envelope */
-export interface EncryptedMessage {
-    type: "encrypted";
-    seq: bigint;
-    data: Uint8Array;
-}
-/** Direction of message flow (used in nonce construction) */
-export declare const enum Direction {
-    ClientToDaemon = 1,
-    DaemonToClient = 2
-}
-/** SBRP error codes */
-export declare const enum SbrpErrorCode {
-    Unauthorized = "unauthorized",
-    DaemonNotFound = "daemon_not_found",
-    DaemonOffline = "daemon_offline",
-    DaemonNotOwned = "daemon_not_owned",
-    IdentityKeyChanged = "identity_key_changed",
-    HandshakeFailed = "handshake_failed",
-    DecryptFailed = "decrypt_failed",
-    SequenceError = "sequence_error",
-    RateLimited = "rate_limited"
-}
-/** SBRP-specific error */
-export declare class SbrpError extends Error {
-    readonly code: SbrpErrorCode;
-    constructor(code: SbrpErrorCode, message: string);
-}
-/** Type guard for DaemonId */
-export declare function asDaemonId(value: string): DaemonId;
-/** Type guard for ClientId */
-export declare function asClientId(value: string): ClientId;
-//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAGA;;GAEG;AAEH,0CAA0C;AAC1C,MAAM,MAAM,QAAQ,GAAG,MAAM,GAAG;IAAE,QAAQ,CAAC,OAAO,EAAE,UAAU,CAAA;CAAE,CAAC;AAEjE,mEAAmE;AACnE,MAAM,MAAM,QAAQ,GAAG,MAAM,GAAG;IAAE,QAAQ,CAAC,OAAO,EAAE,UAAU,CAAA;CAAE,CAAC;AAEjE,yDAAyD;AACzD,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,UAAU,CAAC;IACtB,UAAU,EAAE,UAAU,CAAC;CACxB;AAED,gDAAgD;AAChD,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,UAAU,CAAC;IACtB,UAAU,EAAE,UAAU,CAAC;CACxB;AAED,mEAAmE;AACnE,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,QAAQ,CAAC;IACnB,iBAAiB,EAAE,UAAU,CAAC;IAC9B,SAAS,EAAE,IAAI,CAAC;IAChB,QAAQ,EAAE,IAAI,CAAC;CAChB;AAED,uEAAuE;AACvE,MAAM,WAAW,WAAW;IAC1B,gDAAgD;IAChD,cAAc,EAAE,UAAU,CAAC;IAC3B,gDAAgD;IAChD,cAAc,EAAE,UAAU,CAAC;CAC5B;AAED,gDAAgD;AAChD,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,gBAAgB,CAAC;IACvB,gBAAgB,EAAE,UAAU,CAAC;CAC9B;AAED,kDAAkD;AAClD,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,kBAAkB,CAAC;IACzB,eAAe,EAAE,UAAU,CAAC;IAC5B,SAAS,EAAE,UAAU,CAAC;CACvB;AAED,iCAAiC;AACjC,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,WAAW,CAAC;IAClB,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,UAAU,CAAC;CAClB;AAED,6DAA6D;AAC7D,0BAAkB,SAAS;IACzB,cAAc,IAAI;IAClB,cAAc,IAAI;CACnB;AAED,uBAAuB;AACvB,0BAAkB,aAAa;IAC7B,YAAY,iBAAiB;IAC7B,cAAc,qBAAqB;IACnC,aAAa,mBAAmB;IAChC,cAAc,qBAAqB;IACnC,kBAAkB,yBAAyB;IAC3C,eAAe,qBAAqB;IACpC,aAAa,mBAAmB;IAChC,aAAa,mBAAmB;IAChC,WAAW,iBAAiB;CAC7B;AAED,0BAA0B;AAC1B,qBAAa,SAAU,SAAQ,KAAK;aAEhB,IAAI,EAAE,aAAa;gBAAnB,IAAI,EAAE,aAAa,EACnC,OAAO,EAAE,MAAM;CAKlB;AAED,8BAA8B;AAC9B,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,QAAQ,CAElD;AAED,8BAA8B;AAC9B,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,QAAQ,CAElD"}

package/dist/types.js DELETED Viewed

@@ -1,39 +0,0 @@
-// SPDX-FileCopyrightText: 2025-present Sideband
-// SPDX-License-Identifier: AGPL-3.0-or-later
-/** Direction of message flow (used in nonce construction) */
-export var Direction;
-(function (Direction) {
-    Direction[Direction["ClientToDaemon"] = 1] = "ClientToDaemon";
-    Direction[Direction["DaemonToClient"] = 2] = "DaemonToClient";
-})(Direction || (Direction = {}));
-/** SBRP error codes */
-export var SbrpErrorCode;
-(function (SbrpErrorCode) {
-    SbrpErrorCode["Unauthorized"] = "unauthorized";
-    SbrpErrorCode["DaemonNotFound"] = "daemon_not_found";
-    SbrpErrorCode["DaemonOffline"] = "daemon_offline";
-    SbrpErrorCode["DaemonNotOwned"] = "daemon_not_owned";
-    SbrpErrorCode["IdentityKeyChanged"] = "identity_key_changed";
-    SbrpErrorCode["HandshakeFailed"] = "handshake_failed";
-    SbrpErrorCode["DecryptFailed"] = "decrypt_failed";
-    SbrpErrorCode["SequenceError"] = "sequence_error";
-    SbrpErrorCode["RateLimited"] = "rate_limited";
-})(SbrpErrorCode || (SbrpErrorCode = {}));
-/** SBRP-specific error */
-export class SbrpError extends Error {
-    code;
-    constructor(code, message) {
-        super(message);
-        this.code = code;
-        this.name = "SbrpError";
-    }
-}
-/** Type guard for DaemonId */
-export function asDaemonId(value) {
-    return value;
-}
-/** Type guard for ClientId */
-export function asClientId(value) {
-    return value;
-}
-//# sourceMappingURL=types.js.map

package/dist/types.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,gDAAgD;AAChD,6CAA6C;AA4D7C,6DAA6D;AAC7D,MAAM,CAAN,IAAkB,SAGjB;AAHD,WAAkB,SAAS;IACzB,6DAAkB,CAAA;IAClB,6DAAkB,CAAA;AACpB,CAAC,EAHiB,SAAS,KAAT,SAAS,QAG1B;AAED,uBAAuB;AACvB,MAAM,CAAN,IAAkB,aAUjB;AAVD,WAAkB,aAAa;IAC7B,8CAA6B,CAAA;IAC7B,oDAAmC,CAAA;IACnC,iDAAgC,CAAA;IAChC,oDAAmC,CAAA;IACnC,4DAA2C,CAAA;IAC3C,qDAAoC,CAAA;IACpC,iDAAgC,CAAA;IAChC,iDAAgC,CAAA;IAChC,6CAA4B,CAAA;AAC9B,CAAC,EAViB,aAAa,KAAb,aAAa,QAU9B;AAED,0BAA0B;AAC1B,MAAM,OAAO,SAAU,SAAQ,KAAK;IAEhB;IADlB,YACkB,IAAmB,EACnC,OAAe;QAEf,KAAK,CAAC,OAAO,CAAC,CAAC;QAHC,SAAI,GAAJ,IAAI,CAAe;QAInC,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;IAC1B,CAAC;CACF;AAED,8BAA8B;AAC9B,MAAM,UAAU,UAAU,CAAC,KAAa;IACtC,OAAO,KAAiB,CAAC;AAC3B,CAAC;AAED,8BAA8B;AAC9B,MAAM,UAAU,UAAU,CAAC,KAAa;IACtC,OAAO,KAAiB,CAAC;AAC3B,CAAC"}